Presentation is loading. Please wait.

Presentation is loading. Please wait.

DIG 3563 – Information Management Cryptography Lecture 12 Based in part on a lecture by Sarah Adams (Olin College) and Gordon Prichett (Babson College)

Published byRaymond Boyd Modified over 8 years ago

Similar presentations

Presentation on theme: "DIG 3563 – Information Management Cryptography Lecture 12 Based in part on a lecture by Sarah Adams (Olin College) and Gordon Prichett (Babson College)"— Presentation transcript:

1 DIG 3563 – Information Management Cryptography Lecture 12 Based in part on a lecture by Sarah Adams (Olin College) and Gordon Prichett (Babson College)

2 What will you be responsible for? Specific SKILLS will be called out and Marked with !! During the lecture notes.

3 Communication System SourceDestination Source Encoding Source Decoding EncryptionDecryption Error Control Encoding Error Control Decoding ModulationChannelDemodulation

4 Cryptology Cryptography  Inventing cipher systems; protecting communications and storage Cryptanalysis  Breaking cipher systems

5 Cryptography

6 Cryptanalysis

7 What is used in Cryptology? Cryptography:  Linear algebra, abstract algebra, number theory – efficient hiding of information Cryptanalysis:  Probability, statistics, combinatorics, computing – ways to find information

8 Caesar Cipher ABCDEFGHIJKLMNOPQRSTUVWXYZ Key = 3 DEFGHIJKLMNOPQRSTUVWXYZABC Example  Plaintext: OLINCOLLEGE  Encryption: Shift by KEY = 3  Ciphertext: ROLQFROOHJH  Decryption: Shift backwards by KEY = 3

9 Caesar Cipher !! Use a +4 letter offset Caesar Cipher to encrypt (or decrypt) a message. Example: Attack Gaul tomorrow at dawn. step 0: Table: ABCDE FGHIJ KLMNO PQRST UVWXY Z DEFGH IJKLM NOPQR STUVW XYZAB C step 1: ATTACKGAULTOMORROWATDAWN step 2: A-> D, T-> W, etc. step 3: Break into 5 letter code groups Answer: DWWDF NJDXO WRPRU URZDW GDZQ

10 Cryptanalysis of Caesar Try all 26 possible shifts Frequency analysis Most frequent English Letters are e t a o i n s h r d l u, etc….

11 Frequency Analysis You need a good-sized body of cyphertext + knowledge (or guess) about which language it's in. Find most frequent letters in cyphertext Line up with most freq letters in language See if they match. (Short cyphertexts … bad news …) (Look for "e" in Caesar's message on Gaul.)

12 Substitution Cipher(Slightly stronger than Caesar Cypher) Permute A-Z randomly: A B C D E F G H I J K L M N O P… becomes H Q A W I N F T E B X S F O P C… Substitute H for A, Q for B, etc. Example  Plaintext: OLINCOLLEGE  Key: PSEOAPSSIFI

13 Cryptanalysis of Substitution Ciphers Try all 26! permutations – TOO MANY! Bigger than Avogadro's Number! Frequency analysis Crib analysis

14 What's a crib? A piece of known plaintext. Example: If we know that every morning's encrypted weather report begins with 'Weather Report", we can immediately crack w e a t h r p o from a substitution cypher, and detect if it's a Caesar cypher.

15 !! Use a crib to crack a code Assume that the phrase "Heil Hitler" is encrypted in the following text. Determine if (a) it's a substitution or Caesar cypher. (b) If Caesar, what's the offset? GDHKG HSKDQ

16 !! How to do it? GDHKG HSKDQ HE I L H I T LE R We see H->G and E->D and I->H and L->K So it's a Caesar Cypher with offset -1

17 If crib is not at beginning? You would have to try lots of combinations. You might even invent a COMPUTER to help you do it.

18 One-Time Pads Assign a number to each letter A B … M N … T U … Z 0 1 … 13 14 … 20 21 … 25 Plaintext: MATHISUSEFULANDFUN Key: NGUJKAMOCTLNYBCIAZ Encryption: “Add” key to message mod 26 Ciphertext: BGO….. Decryption: “Subtract” key from ciphertext mod 26

19 Modular Arithmetic What does "modular addition" mean? If the modulus is 10, then numbers go like this: In:0 1 2 3 4 5 6 7 8 9 10 11 12 13 Out: 0 1 2 3 4 5 6 7 8 9 0 1 2 3 (start over at 0) So, 3 mod 10 = 3. 13 mod 10=3. 33 mod 10 = 3. For modulus 10, it's easy. Just keep last digit.

20 Modular Arithmetic If modulus is 4? In:0 1 2 3 4 5 6 7 8 9 10 11 12 13.. Out: 0 1 2 3 0 1 2 3 0 1 2 3 0 1.. So, 3 mod 4 = 3. 5 mod 4 = 1 For n modulus 4, Divide & keep remainder. 5/4 = ¼ + 4/4so throw away the 4/4.

21 !! Modular Arithmetic Compute 15 mod 7

22 !! Modular Arithmetic Compute 15 mod 7 Answer: divide 15 by 7. Throw away the result, keep the remainder. 2 7 15 14 1

23 One-Time Pads They used actual printed 'pads' of paper Unconditionally secure (if pad is random) Problem: Exchanging the pads ("key") There are some clever ways to exchange the key

24 For instance … New York Telephone Directory (must agree on which edition!) Start on page 42, take every 8 th numeral and use it as the next offset. Or: Take "Hamlet" by Shakespeare From page 3, every 3 rd letter.

25 BUT: Neither the phone book nor Shakespeare are truly random. Good statistical analysis (and cribs) will eventually detect ANY regularity in such a code.

26 History's most famous cryptanalysis: Enigma Germans believed it to be uncrackable. Press a key, a letter lights up. Each "rotor" contained wires implementing a Substitution cypher. Five rotors – each shifts after every letter So you need to know: (a) Rotor wiring, (b) Initial setting on a given day.

27 Cracking Enigma Polish mathematicians developed ideas, Based on a weakness (A->R and also R->A). (!!It's really a complex substitution cypher.!!) British captured an Enigma from a sinking sub off Scotland Alan Turing's team at Bletchley Park developed the "Bombe" computers to seek the daily settings, based on cribs.

28 The replica (working!) Bombe at Bletchley Park, north of London

29 Enigma and ULTRA Over 200 Bombes were operating Churchill, Roosevelt could read Nazi traffic The tragedy of Coventry Oneexwidow.blogspot.com

30 Enigma and ULTRA Over 200 Bombes were operating Churchill, Roosevelt could read Nazi traffic The tragedy of Coventry * The triumph: Battle of the Atlantic

31 Modern Cryptology First principle: Assume that your SYSTEM is known The only security is in protecting the KEYS "Security by obscurity" does not work! (which leads to the Second Principle: Human beings are almost always the weak link.)

32 !! Security through Obscurity "My URL is not linked from anywhere." "They'll never think to look HERE for the key to my apartment! "Nobody would think of me spelling my pet's name BACKWARDS for a password!" Key attribute of the STO fallacy: Assuming That other people are as stupid as you are….

33 Public-Key Cryptography Diffie & Hellman (1976) Uses one-way (asymmetric) functions, public keys, and private keys

34 Public Key Algorithms Based on hard mathematical problems –Factoring large integers

35 35 The RSA Public Key Encryption System: Key idea: "Trapdoor function": Easy in, difficult out. Encryption and SSL: Key Concepts Data Encryption Anybody can Encrypt and send A message to Bob Bob’s Mailbox

36 36 The RSA Public Key Encryption System: Key idea 1: "Trapdoor function": Easy in, difficult out. Encryption and SSL: Key Concepts Data Encryption Decryption Bob’s Mailbox Only Bob has the Key to his mailbox.

37 37 The RSA Public Key Encryption System: Key idea 2: "Symmetry": two keys are created: Key 1, Key 2. If you ENCRYPT with Key 1, you can DECRYPT with K2 If you ENCRYPT with Key 2, you can DECRYPT with K1 How does it work? You don't want to know the math.. It involves prime numbers and factorization. Encryption and SSL: Key Concepts

38 38 Bob wants private data from Alice. Bob creates a Key pair (two big, special numbers) Bob posts one (the public key) on his website Bob keeps the private key in a secret place (Private Key) Public Key Encryption and SSL: Key Concepts Alice in Atlanta Bob in Boston

39 39 Bob wants private data from Alice. Bob creates a Key pair (two big, special numbers) Bob posts one (the public key) on his website Bob keeps the private key in a secret place (Private Key) Alice grabs a copy of the Public Key public key Public Key Encryption and SSL: Key Concepts Alice in Atlanta Bob in Boston

40 40 Alice uses the public key, encrypts data ('plaintext'), sends it to Bob. Chris the Criminal grabs a copy as it goes by. key plaintext ---> Encrypted public key ---> message public key attempt to Chris gets decipher ?? garbage Encryption and SSL: Key Concepts Alice in Atlanta Bob in Boston Chris the crook

41 41 Bob uses the private key to recover Alice's plaintext. private key plaintext ---> Encryptedde- public key ---> messagecypher plaintext Encryption and SSL: Key Concepts Alice in Atlanta Bob in Boston Chris the Crook

42 42 Another essential usage: Proving who you are. Alice reads bob.com, wants to do business. But she's worried to send ccard information. So she sends him a test-text: "ertfqgjmnit43ff...." and says: encrypt this with your private key. I already know your public key. If your reply decrypts properly by the public key, then I know you had the private key! Digital Signatures

43 43 Alice sends test message Bob encrypts and returns Alice decrypts and believes Digital Signatures

44 44 Alice sends test message Bob encrypts and returns Alice decrypts and believes Like the Dutch Resistance in World War 2 You're Dutch? Then say "Schevenengen" German cannot pronounce it, even if he tries Dutch person hangs up phone Digital Signatures

45 SSL and the Internet Uses a public key encryption technique to exchange keys with your browser. (PKE is too slow for all of the traffic.) Relies on a "Chain of Authority" to verify That security certificates (public keys) Actually belong to who they say.

46 Chain of Authority How it works? My business has a security certificate. You don't trust it, so you check with its issuing authority (Thawte, Inc.) * Who is Thawte? Check with THEIR issuing authority … back to a trusted source. Your browser has a list of trusted authorities. (The police-verification story.)

47 Are we there yet? Is PKE encryption (with big keys) ultimately secure? Don't bet on it! Quantum computers (if they can be made to work) can explore ALL POSSIBILITIES AT ONCE (for a given key size) … so the game is still afoot (as Sherlock Holmes said.)

Download ppt "DIG 3563 – Information Management Cryptography Lecture 12 Based in part on a lecture by Sarah Adams (Olin College) and Gordon Prichett (Babson College)"

Similar presentations

Cryptology Making & Breaking Codes & Ciphers. AJ 1152 Cryptology Cryptography –Science of creating codes or ciphers Cryptanalysis –Science of breaking.

Cryptology Making & Breaking Codes & Ciphers. AJ 1152 Cryptology Cryptography –Science of creating codes or ciphers Cryptanalysis –Science of breaking.
Computer Science CSC 474By Dr. Peng Ning1 CSC 474 Information Systems Security Topic 2.1 Introduction to Cryptography.

Computer Science CSC 474By Dr. Peng Ning1 CSC 474 Information Systems Security Topic 2.1 Introduction to Cryptography.
CS 6262 Spring 02 - Lecture #7 (Tuesday, 1/29/2002) Introduction to Cryptography.

CS 6262 Spring 02 - Lecture #7 (Tuesday, 1/29/2002) Introduction to Cryptography.
Cryptology  Terminology  plaintext - text that is not encrypted.  ciphertext - the output of the encryption process.  key - the information required.

Cryptology  Terminology  plaintext - text that is not encrypted.  ciphertext - the output of the encryption process.  key - the information required.
Fubswrjudskb Frxuvh qxpehu:4003-482 / 4005-705 Lqvwuxfwru:Lyrqd Ehcdnryd Wrgdb’v Wrslfv: 1.Orjlvwlfv: -Fodvv olvw -Vboodexv 2. Wkh Pdwk 3. Zkdw lv Fubswrjudskb.

Fubswrjudskb Frxuvh qxpehu: / Lqvwuxfwru:Lyrqd Ehcdnryd Wrgdb’v Wrslfv: 1.Orjlvwlfv: -Fodvv olvw -Vboodexv 2. Wkh Pdwk 3. Zkdw lv Fubswrjudskb.
1 Introduction CSE 5351: Introduction to cryptography Reading assignment: Chapter 1 of Katz & Lindell.

1 Introduction CSE 5351: Introduction to cryptography Reading assignment: Chapter 1 of Katz & Lindell.
Digital Signatures. Anononymity and the Internet.

Digital Signatures. Anononymity and the Internet.
251959084756578934940271832400483985714 292821262040320277771378360436620207075 955562640185258807844069182906412495150 821892985591491761845028084891200728449.

Section 3.8: More Modular Arithmetic and Public-Key Cryptography

Section 3.8: More Modular Arithmetic and Public-Key Cryptography
 Caesar used to encrypt his messages using a very simple algorithm, which could be easily decrypted if you know the key.  He would take each letter.

 Caesar used to encrypt his messages using a very simple algorithm, which could be easily decrypted if you know the key.  He would take each letter.
Modern Cryptography.

Modern Cryptography.
Cryptography in World War II Jefferson Institute for Lifelong Learning at UVa Spring 2006 David Evans Class 4: Modern Cryptography

Cryptography in World War II Jefferson Institute for Lifelong Learning at UVa Spring 2006 David Evans Class 4: Modern Cryptography
Creating Secret Messages. 2 Why do we need to keep things secret? Historically, secret messages were used in wars and battles For example, the Enigma.

Creating Secret Messages. 2 Why do we need to keep things secret? Historically, secret messages were used in wars and battles For example, the Enigma.
Public-key Cryptography Montclair State University CMPT 109 J.W. Benham Spring, 1998.

Public-key Cryptography Montclair State University CMPT 109 J.W. Benham Spring, 1998.
CC3.12 Erdal KOSE Privacy & Digital Security Encryption.

CC3.12 Erdal KOSE Privacy & Digital Security Encryption.
20-751 ECOMMERCE TECHNOLOGY SUMMER 2002 COPYRIGHT © 2002 MICHAEL I. SHAMOS Cryptographic Security.

ECOMMERCE TECHNOLOGY SUMMER 2002 COPYRIGHT © 2002 MICHAEL I. SHAMOS Cryptographic Security.
20-751 ECOMMERCE TECHNOLOGY FALL 2003 COPYRIGHT © 2003 MICHAEL I. SHAMOS Cryptography.

ECOMMERCE TECHNOLOGY FALL 2003 COPYRIGHT © 2003 MICHAEL I. SHAMOS Cryptography.
1 Lecture #10 Public Key Algorithms HAIT Summer 2005 Shimrit Tzur-David.

1 Lecture #10 Public Key Algorithms HAIT Summer 2005 Shimrit Tzur-David.
Cryptography CS-103 Chapter 8. History Humans have been devising systems to encode information for at least 4000 years.Humans have been devising systems.

Cryptography CS-103 Chapter 8. History Humans have been devising systems to encode information for at least 4000 years.Humans have been devising systems.
McGraw-Hill©The McGraw-Hill Companies, Inc., 2004 1 Security PART VII.

McGraw-Hill©The McGraw-Hill Companies, Inc., Security PART VII.

Similar presentations

Ads by Google