Cryptography

Nicholas GibbsChulwoo JunYu-Kung KeEmeka Okonkwo

What is Cryptography?

The art of secret writing Needed for confidentiality

Terminology and Concepts

Plaintext Ciphertext Encryption Decryption Cryptosystem

Encryption DecryptionPlaintext Ciphertext Original Plaintext

Symmetric & Asymmetric Cryptosystems

PlaintextEncryption Decryption

Ciphertext

OriginalPlaintext

PlaintextEncryption Decryption

Ciphertext

OriginalPlaintext

Key

Encryption Key Ke

Decryption Key Kd

a) Symmetric Cryptosystem

b) Asymmetric Cryptosystem

Stream and Block Ciphers

PlaintextCiphertext

ISSOPMIY

wdhuw…

XNOITP

baqckdem

Figure 3. Stream Cipher Encryption

Figure 4. Block Cipher Encryption

Substitution (Stream Cipher)

Monoalphabetic Substitution Caesar Cipher

Shift 3 places: A D, Z C (hello khoos) Keyed

plaintext: ABCDEFGHIJKLMNOPQRSTUVWXYZ ciphertext: keywordabcfghijlmnpqrstuvz

Mod Function plaintext: ABCDEFGHIJKLMNOPQRSTUVWXYZ ciphertext: adgjmpsvybehknqtwzcfilorux π(λ) = (3 * λ) mod 26

Substitution (Stream Cipher)

Polyalphabetic Reduce recognition of letter frequency Vigenère Tableau

26 alphabets, all comb. of the plaintext alphabet

Perfect Substitution One Time Pad (OTP)

Random string XOR plaintext 1:N, plaintext:ciphertext

Transposition (Block Cipher)

c1

c6

c11

c2

c7

c12

c3

c8

c13

c4

c9

c14

c5

c10

c15

c1 c6 c11 c2 c7 c12 c3 c8

c13 c4 c9 c14 c5 c10 c15 ...

Source: [2]

COLUMNAR TRANSPOSITION

ciphertext

A N E X

A M P L

E M E S

S A G E

AN EXAMPLE MESSAGE AAES NMMA EPEG XLSE(plaintext) (ciphertext)

RC4 - Private Key Encryption

Ron Rivest – 1987 Leaked in 1994 - ARC4/FOUR OTP Cipher Key Size: <= 256 bits Used in OpenSSL and WEP1 Security concerns

Non-randomness of first few ciphertext bytes

Re-use of keys

CipherSaber Exercise

http://ciphersaber.gurus.com/ Encrypts/Decrypts files using ARC4

10 byte Initialization Vector (IV) 246 byte user-defined key (max)

54 byte <= recommended

Shared Passphrase

Advanced Encryption Standard (AES)

A private key encryption scheme. An US Federal Information Processing Standard

(FIPS) PUB 197. http://csrc.nist.gov/publications/fips/fips197/fips-

197.pdf) AES has a fixed block size of 128 bits and a key size

of 128, 192 or 256 bits. Each block passes through certain number of

rounds of operations, depending on the key length. Each round contains four transformations, SubBytes,

ShiftRows, MixColumns, AddRoundKey

1. http://csrc.nist.gov/publications/fips/fips197/fips-197.pdf

AES

AES States Transition of input (message) bytes1

S-box was derived from the calculations of binary Polynomials based on some mathmetical theories

1. http://csrc.nist.gov/publications/fips/fips197/fips-197.pdf

AES

SubBytes Transformation1

1. http://csrc.nist.gov/publications/fips/fips197/fips-197.pdf

AES

ShiftRows Transformation1

MixColumns Transformation1

A lookup table, derived from the calculations of binary polynomials based on some mathmetical theories, is available.

1. http://csrc.nist.gov/publications/fips/fips197/fips-197.pdf

AES

AddRoundKey Transformation1

Kl is a subkey originated from a key seed viaa deterministic key expansion algorithm

1. http://csrc.nist.gov/publications/fips/fips197/fips-197.pdf

AES

AES

AES Decryption: Each transformation is invertible,

decryption can be done by performing the inverse of each operation in the opposite order from that for encryption, and using inverse S-Box and MixColunms and round keys in the reverse order.

Message Digests

H(Message) = Message Digest Given an output MD, hard to find an input message,

which would results in the given MD. Hard to find two messages that hash to an identical

MD. In a sense, H is a one-way function. Fingerprint of documents; maintaining the

integrity. e.g., the MD of Cisco PIX configuration file.

History of message digest MD~MD4 are outdated. MD5 (IETF RFC1321), SHA1(secure hash algorithm)

developed by NIST.

MD5

Fixed length of 128-bit message digest represented as four 32-bit words (e.g., A, B, C, D).

A message is divided into 512-bit message blocks with the possible padding in the last block.

Example of one operation within a round1 1. http://en.wikipedia.org/wiki/Md5

MD5

Each round contains sixteen operations. A message block is further divided into sixteen 32-bit

words (e.g., M1 ~ M16); 512 = 16 * 32. F is a round-dependent function. Ki (indexed from 1 ~ 64)

is a constant.

MD5 Exercise

MD5(The Phantom of the Opera) 015696972454b3c760fdac5ef28657b4

MD5(The Phantom of the Oprah)e237627a09bd4f62b3b15ef9b9129587

From Opera to Oprah in the message, we have a completely different message digest.

AES and MD5 Exercise

RH 8.0, 7.2 and WinXP machines Use Ethereal on RH 8.0 to monitor traffic Transfer plaintext message from WinXP

machine to RH 7.2 machine Transfer ciphertext message (AES + MD5)

from WinXP to RH 7.2 machine Observe decryption with wrong key Observe modification of ciphertext message

Public Key Encryption

RSA Key length usually 512 bits Plaintext size < key length Ciphertext size = key length Usually used to encrypt a secret key

which is then used to encrypt message Based on Modular Arithmetic

Modular Arithmetic

Modular Addition Example using mod 10 addition.

3 + 5 = 8 5 + 5 = 0 3 + 9 = 2

additive inverse of x is the number you add to x to get 0

additive inverse of 2 is 8 since in mod 10 arithmetic, 2+8 = 0

If the secret key were 2, then to encrypt, we add 2 (mod 10) and to decrypt we’d add 8 (mod 10)

Modular Arithmetic

Modular Multiplication Example using mod 10 multiplication

1,3,7,9 considered good ciphers perform 1-to-1 substitution of digits

5 is not e.g. 5*2 = 5*4 = 0 mod 10 In normal math, multiplicative inverse of x

is 1/x In mod math, it is the number by which you

would multiply x to get 1 1,3,7,9 have multiplicative inverses (3-7,

1-1, 9-9) Can be used as a cipher

Modular Arithmetic

Modular Multiplication Euclid’s Algorithm

can be used to efficiently find inverses mod n

given x & n, finds y s.t. x * y mod n = 1 (if such a y exists)

x relatively prime to n no common factors with n other than 1 e.g.

1,3,7,9 (mod 10) relatively prime => multiplicative inverse

Modular Arithmetic

Modular Multiplication Totient function Φ

Φ(n) = n-1, if n is prime Φ(n) = (p-1)(q-1) if n = p*q (p,q primes)

Modular Exponentiation Using mod 10

56 mod 10 = 5 (56 = 15625) xy mod n is equal to x(y mod Φ(n))

If y = 1 mod Φ(n), then xy = x mod n

RSA Algorithm

Two large prime numbers p and q (256 bits long) Multiply to get n. Factors p & q kept secret

To generate public key Choose a number relatively prime to Φ(n) Recall Φ(n) = (p-1)(q-1).

Public key = <e, n> To generate private key

Find a number d, which is multiplicative inverse of e mod Φ(n)

Private key = <d, n>

RSA Algorithm

To encrypt message m (< n): Ciphertext c = me mod n //done by someone

using your public key To decrypt

Plaintext m = cd mod n //only done by you Signing:

Signature s = md mod n //done by you Verifying

Plaintext m = se mod n. //done by someone using your public key

Diffie-Hellman

Oldest public key scheme still in use today

Does not do encryption or signing Used to agree on a shared secret by

exchanging messages in public Two numbers p and g

p is a large prime number g < p Both p and g could be publicly known

Diffie-Hellman Algorithm

Alice picks SA at random. Bob picks SB at random (512 bit, secret)

Alice computes TA = gSA mod p. Bob computes TB = gSB mod p.

They exchange Ts. TA TB. Alice computes TB

SA mod p. Bob computes TA

SB mod p Both come up with the same number

because TB

SA = (gSB)SA = gSBSA = gSASB = (gSA)SB = TASB

mod p

PGP Exercise – Secure eMail Transfer

PGP (pretty good privacy) is secure email protocol, which employs both private and public encryption schemes.

http://www.pgp.com/downloads/freeware/index.htmlfor individual use only.

PGP Encryption1

1. http://www.pgpi.org/doc/pgpintro/#p10

1. http://www.pgpi.org/doc/pgpintro/#p10

PGP Exercise

PGP Decryption1

References

Kaufman, Charlie, Radia Perlman, and Mike Speciner. Network Security -PRIVATE communication in a PUBLIC world. Upper Saddle River, NJ: PrenticeHall PTR, 2002.

Pfleeger, Shari L., and Charles P. Pfleeger. Security in Computing. UpperSaddle River, NJ: Prentice HALL PTR, 2003.

Original 1994 USENET post of alleged RC4 source: http://groups.google.com/groups?

selm=sternCvKL4B.Hyy%40netcom.com