cryptography - guceee.guc.edu.eg/courses/communications/comm1003... · cryptography – the idea of...
TRANSCRIPT
Cryptography
Spring 2017
Dr. Fatma
Newagy
Cryptography General Concepts
Spring 2016 - COMM 1003 3
General Idea
Cryptography –
the idea of storing and
transmitting data in a form that only the
authorized parties can interpret.
Spring 2017 - COMM 1003 4
What services cryptosystems provide
Cryptosystems provide the following services
• Confidentiality - secret
• Integrity – ensure things do not change
• Authentication – message comes from who you say it does
• Authorization – upon authentication, a user can be provided with a password to access a resource
• Non repudiation – ensure that no one can deny someone sent a message.
Spring 2017 - COMM 1003 5
Definitions and Concepts
• Cryptography - a method of storing and transmitting data in a form only intended for authorized parties to read or process.
• Cryptanalysis - science of studying, breaking, and reverse engineering algorithms and keys.
• Cryptology - the study of secret codes or ciphers and the devices used to create and decipher them
(includes both terms above)
Spring 2017 - COMM 1003 6
Cryptography Definitions
• Cryptosystem – A system or product that provides encryption and decryption
• Encryption – the method of transforming data (plaintext) into an unreadable format.
• Plaintext – the format (usually readable) of data before being encrypted
• Cipher text – the “Scrambled” format of data after being encrypted.
Spring 2017 - COMM 1003 7
Cryptography Definitions – cont.
• Decryption – the method of turning cipher text back into plaintext.
• Encryption algorithm – a set or rules or procedures that dictates how to encrypt and decrypt data.
• Key – (crypto variable) a values used in the encryption process to encrypt and decrypt.
Spring 2017 - COMM 1003 8
Cryptosystem Definitions
• Key space – the range of possible values used to construct keys
• Key Clustering – Instance when two different keys generate the same cipher text from the same plaintext
• Work factor – estimated time and resources to break a cryptosystem
Spring 2017 - COMM 1003 9
Basic Process
Spring 2017 - COMM 1003 10
Types of Encryption Ciphers
Substitution
– Replaces one letter with another
Transposition
-
Move letters around
Spring 2017 - COMM 1003 11
Kerckhoffs Principal • The only secrecy involved with a cryptosystem should
be the key.
• Key Protection is CRITICAL.
• Key management:
– Key lengths should be long enough to provide the necessary level of protection
– Keys should be stored and transported in a secure means
– Keys should be extremely random and use the full spectrum of the key space
– Keys lifetime should correspond with the sensitivity of the data to be protected
– The more the key is used the shorter it’s lifetime should be.
Spring 2017 - COMM 1003 12
Cryptography history
Historical encryption algorithms
– Caesar cipher –
just shift a few characters.
– Simple substitution cipher –
It is an improvement
to the Caesar Cipher. This scheme uses some
permutation of the letters in alphabet.
Spring 2017 - COMM 1003 13
Cryptography history -
cont.
– Vigenere Cipher –
This scheme of cipher uses a
text string (say, a word) as a key, which is then
used for doing a number of shifts on the plaintext.
• For example, let’s assume the key is ‘point’. Each alphabet of the key is converted to its respective numeric value: In this case,
• p - > 16 , o - >
15 , i - > 9 , n - >
14 , and t - > 20 .
• Thus, the key is: 16 15 9 14 20 .
Spring 2017 - COMM 1003 14
Cryptography history - cont.
• Transposition Cipher – the order of the alphabets
in the plaintext is rearranged to create the cipher text.
The actual plaintext alphabets are not replaced.
– ‘simple columnar transposition’ cipher where the plaintext is written
horizontally with a certain alphabet width. Then the cipher text is read
vertically as shown.
– For example, the plaintext is “golden statue is in eleventh cave” and
the secret random key chosen is “five”.
Spring 2017 - COMM 1003 15
Methods of Encryption
There are multiple “methods” of encryption
• Symmetric
• Asymmetric
• Hashes
Symmetric Encryption
Spring 2016 - COMM 1003 17
Symmetric Encryption
Idea same key is used to BOTH encrypt and decrypt data!
Spring 2016 - COMM 1003 18
Symmetric Pros
• Fast
• Hard to break if using a large key size
• Provides Confidentiality
Spring 2016 - COMM 1003 19
Symmetric Cons
• Keys must be shared
– This is difficult to really do.
– Requires secure mechanism to deliver keys
– Number of keys becomes needed becomes crazy
large as number of people involved increases
– Does Not provide Authenticity or Non - repudiation
Spring 2016 - COMM 1003 20
Types of Symmetric Ciphers
• Block –
break down message into fixed sized
blocks, equal to the size of the key.
• Stream –
do not break into blocks, instead
take one character of the message at a time.
Spring 2016 - COMM 1003 21
Block
• Encrypt each block with the key.
• For example, the schemes DES ( Data Encryption
Standard)
and AES ( Advanced Encryption Standard)
have block sizes of 64
and 128 , respectively.
Spring 2016 - COMM 1003 22
FEISTEL BLOCK CIPHER
• Feistel Cipher is
not a
specific
scheme of
block cipher .
It is
a
design model from
which many
different block
ciphers are
derived .
DES is
just one
example of
it . A
cryptographic system
based on
it
structure uses
the same
algorithm
for both
encryption and
decryption .
• The number
of rounds
used
depends on
desired security
from
the system .
More number
of rounds
provide more
secure system
but
slow processes .
Spring 2016 - COMM 1003 23
Block Cipher MODES OF OPERATION
• These are procedural rules for a generic block
cipher.
• Interestingly, the different modes result in
different properties being achieved which add
to the security of the underlying block cipher.
Spring 2016 - COMM 1003 24
Electronic Code Book (ECB) Mode
• This mode is a most straightforward way of
processing a series of sequentially listed
message blocks.
Spring 2016 - COMM 1003 25
Cipher Block Chaining (CBC) Mode
• CBC mode of operation provides message
dependence for generating cipher text and
makes the system non - deterministic.
Spring 2016 - COMM 1003 26
Cipher Feedback (CFB) Mode
• In this mode, each ciphertext block gets ‘fed
back’ into the encryption process in order to
encrypt the next plaintext block.
Spring 2016 - COMM 1003 27
Output Feedback (OFB) Mode
• It involves
feeding the
successive output
blocks from
the underlying
block
cipher back
to it .
These feedback
blocks provide
string of
bits to
feed the
encryption algorithm
which act
as the
key - stream generator
as in
case of
CFB mode .
• The key
stream generated
is XOR - ed
with the
plaintext blocks .
The OFB
mode requires
an IV
as the
initial random
n - bit input
block .
Spring 2016 - COMM 1003 28
Stream
• The
“key”
is
used
with
a
“key
stream
generator”
to
create
a
stream
of
bits .
• These
bits
are
XORed
with
the
plaintext
to
create
cipher
text .
Keystream
Generator
Plaintext XOR Cyphertext
Spring 2016 - COMM 1003 29
Stream Cipher considerations
• Stream ciphers
are
hard
work,
better
done
in
hardware .
• “key
stream
generator”
should
not
generate
repeating
patterns .
• “key
stream
generator”
should
not
product
predictable
output
• “key
stream
generator”
should
not
produce
a
key
stream
related to
the
key
• The number
of
0 ’s
and
1 s
in
the
key
stream
should
be
about
equal .
Asymmetric Encryption
Spring 2017 - COMM 1003 31
Asymmetric Encryption
Rather than use the same key for encryption and decryption, you use a different key for encryption and decryption
• These keys are mathematically related to each other
These keys are called
– Public Key – given to everyone
– Private Key – stays secret
Spring 2017 - COMM 1003 32
Asymmetric Encryption -
Public Key Cryptography
Spring 2017 - COMM 1003 33
Asymmetric Encryption
Private and Public keys can actually do the
reverse, you can use the private key to encrypt
plaintext then the resultant cipher text can
only be decrypted by the corresponding
“public key”
Spring 2017 - COMM 1003 34
Asymmetric Encryption (signing)
Spring 2017 - COMM 1003 35
Signing
This process of using a private key to encrypt
something that can only be decrypted with
your public key is call “signing” and is used for
authentication and non - repudiation
• If someone can read something you signed it
proves that your private key was used.
Spring 2017 - COMM 1003 36
One way function
An important concept in asymmetric encryption is a “One way function”
A one way function is an operation that is faster to complete in one direction than the other.
Example: if you drop a glass it breaks instantly to “undo” this would take much more time.
Asymmetric algorithms use this concept.
Spring 2017 - COMM 1003 37
One way functions
• With Asymmetric encryption, a message is encoded with a one way function. This function supplies a trapdoor (knowledge of how to undo the one way function faster). The private key can be used to retrieve this “trapdoor” and then use the trapdoor to put things back in order.
• Asymmetric algorithms use mathematical operations that are easier to do in one direction, than the other.
Spring 2017 - COMM 1003 38
Asymmetric Pros/Cons
Pros
• Key distribution is easy
• Scalable due to that
• Can provide authentication and non
repudiation
Cons
• Very mathematically intense
• Slow due to that
Spring 2017 - COMM 1003 39
Asymmetric RSA Cryptosystem
• This cryptosystem
is
one
the
initial
system .
It
remains
most
employed cryptosystem
even
today .
The
system
was
invented
by three
scholars
Ron
Rivest ,
Adi
Shamir ,
and
Len
Adleman
and hence,
it
is
termed
as
RSA
cryptosystem .
• We
will
see
two
aspects
of
the
RSA
cryptosystem,
firstly
generation
of
key
pair
and
secondly
encryption - decryption
algorithms .
Spring 2017 - COMM 1003 40
Generation of RSA Key Pair • Each person or a party who desires to participate in
communication using encryption needs to generate a pair of keys, namely public key and private key. The process followed in the generation of keys is described below:
Generate the RSA modulus (n)
- Select two large primes, p and q.
- Calculate n=p*q. For strong unbreakable encryption, let n be a large number, typically a minimum of 512 bits.
Find Derived Number (e)
- Number e must be greater than 1 and less than (p − 1)(q − 1).
- There must be no common factor for e and (p − 1)(q − 1) except for 1. In other words two numbers e and (p – 1)(q – 1) are co-prime.
Spring 2017 - COMM 1003 41
Generation of RSA Key Pair –
cont.
Form the public key
- The pair of numbers (n, e) form the RSA public key and is made public.
- Interestingly, though n is part of the public key, difficulty in factorizing a large prime number
ensures that attacker cannot find in finite time the two primes (p & q) used to obtain n. This is strength of RSA.
Generate the private key
- Private Key d is calculated from p, q, and e. For given n and e, there is unique number d.
- Number d is the inverse of e modulo (p − 1 )( q – 1 ) . This means that d is the number less than (p − 1 q − )( 1 ) such that when multiplied by e, it is equal to 1 modulo (p − 1 )( q − 1 ) .
- This relationship is written mathematically as follows:
ed = 1 mod (p − 1 )( q − 1 )
• The Extended Euclidean Algorithm takes p, q, and e as input and gives d as output.
Spring 2017 - COMM 1003 42
• An example
of
generating
RSA
Key
pair
is
given
below .
( For
ease of
understanding,
the
primes
p
&
q
taken
here
are
small
values . Practically,
these
values
are
very
high) .
Spring 2017 - COMM 1003 43
RAS -
Encryption and Decryption
• Once
the
key
pair
has
been
generated,
the
process
of
encryption and
decryption
are
relatively
straightforward
and
computationally easy .
• Interestingly, RSA
does
not
directly
operate
on
strings
of
bits
as
in
case
of
symmetric
key
encryption .
It
operates
on
numbers modulo
n .
Hence,
it
is
necessary
to
represent
the
plaintext as
a
series
of
numbers
less
than
n .
Spring 2017 - COMM 1003 44
Hashes
Spring 2016 - COMM 1003 2
• Hash functions are extremely useful and appear in almost all information
security applications.
• A hash function is a mathematical function that converts a numerical input
value into another compressed numerical value. The input to the hash
function is of arbitrary length but output is always of fixed length.
• Values returned by a hash function are called message digest or simply
hash values.
Spring 2016 - COMM 1003 4
Features of Hash Functions • Fixed Length Output (Hash Value) o Hash function coverts data of
arbitrary length to a fixed length. This process is often referred to as hashing
the data.
o In general, the hash is much smaller than the input data, hence hash
functions are sometimes called compression functions and digest.
• Efficiency of Operation
o Generally for any hash function h with input x, computation of h(x) is a
fast operation. They are much faster than a symmetric encryption.
Spring 2016 - COMM 1003 5
Properties of Hash Functions
• Pre-Image Resistance o This property means that it should be
computationally hard to reverse a hash function. If a hash function h
produced a hash value z, then it should be a difficult process to find any input
value x that hashes to z.
o This property protects against an attacker who only has a hash value and
is trying to find the input.
Properties of Hash Functions – cont.
• Second Pre-Image Resistance o This property means given an input and
its hash, it should be hard to find a different input with the
Spring 2016 - COMM 1003 6
same hash. If a hash function h for an input x produces hash value h(x), then it
should be difficult to find any other input value y such that h(y) = h(x).
o This property of hash function protects against an attacker who has an
input value and its hash, and wants to substitute different value in place
of original input value.
Properties of Hash Functions – cont.
• Collision Resistance
o This property means it should be hard to find two different inputs of any
length that result in the same hash. This property is also referred to as
collision free hash function. For a hash function h, it is hard to find any
two different inputs x and y such that h(x) = h(y).
Spring 2016 - COMM 1003 7
o Since, hash function is compressing function with fixed hash length, it is
impossible for a hash function not to have collisions. This property of
collision free only confirms that these collisions should be hard to find.
o This property makes it very difficult for an attacker to find two input
values with the same hash. Also, if a hash function is collisionresistant
then it is second pre-image resistant.
Design of Hashing Algorithms
Spring 2016 - COMM 1003 8
• Hashing algorithm involves rounds of above hash function like a block
cipher. Each round takes an input of a fixed size, typically a combination of
the most recent message block and the output of the last round.
Applications of Hash Functions
• Password Storage
Spring 2016 - COMM 1003 9
Hash functions provide protection to
password storage.
– Instead of storing password in
clear, mostly all logon processes
store the hash values
of passwords in the file.
– The Password file consists of a
table of pairs which are in the
form (user id, h(P)).
• Data Integrity Check
Spring 2016 - COMM 1003 10
It is used to generate the checksums on data files. This application provides
assurance to the user about correctness of the data.
MESSAGE AUTHENTICATION
• Message Authentication Code MAC algorithm is a symmetric key
cryptographic technique to provide message
Spring 2016 - COMM 1003 11
authentication. For establishing MAC process, the sender and receiver share
a symmetric key
K.
• Essentially, a MAC is an encrypted checksum generated on the underlying
message that is sent along with a message to ensure message
authentication.
Spring 2016 - COMM 1003 12
Spring 2016 - COMM 1003 13
Digital Signatures
• Digital signatures are the public-key primitives of message authentication.
In the physical world, it is common to use handwritten signatures on
handwritten or typed messages. They are used to bind signatory to the
message.
• Similarly, a digital signature is a technique that binds a person/entity to the
digital data. This binding can be independently verified by receiver as well
as any third party.
• Digital signature is a cryptographic value that is calculated from the data and
a secret key known only by the signer.
Digital Signature
Spring 2016 - COMM 1003 14
Spring 2016 - COMM 1003 15
PKI Generic Idea
• Public Key Infrastructure (PKI) is a series of programs, data formats,
procedures, protocols, policies and public key (asymmetric) encryption. In
order to provide secure communications for an organization.
• Provides
– Authentication
– confidentiality
– No repudiation
– Integrity
Spring 2016 - COMM 1003 16
PKI • Key management refers to the secure administration of cryptographic keys. Key
management deals with entire key lifecycle as
Spring 2016 - COMM 1003 17
PKI components • Each person has a digital “certificate*” which has information about a person,
including a persons “public” key.
• The certificates are signed by a Certificate Authority*. By signing the
Certificate the Certificate authority “vouches” for this persons certificate.
• A registration authority (RA) – establishes and confirms the identification of
an individual. Once registered, the CA actually assignees, holds and
distributes the Certificates.
• Certificate Authority signs certificates, and also provides a “Certificate
Revocation List”.
Spring 2016 - COMM 1003 18
PKI steps
1. User makes a request to RA
2. RA requests certain info from the user (like drivers license, address etc)
3. RA verifies user is who he says he is, and sends a request to create a cert
to the CA.
4. CA creates a cert with users public key and identity information.
5. Now when someone requests users info, the CA sends the certificate
6. The requesting user can extract the public key and knows that the
information is valid as the CA also has signed the certificate.
Spring 2016 - COMM 1003 19
PKI pros/cons
• PKIs can provide the whole package of authentication, confidentiality,
integrity and non-repudiation.
• They are complex and hard to setup
Future of Cryptography
• Quantum computation is the new phenomenon. While modern computers
store data using a binary format called a "bit" in which a "1" or a "0" can be
stored; a quantum computer stores data using a quantum superposition of
multiple states. These multiple valued states are stored in
Spring 2016 - COMM 1003 20
"quantum bits" or “qubits". This allows the computation of numbers to be
several orders of magnitude faster than traditional processors.
• Consider RSA-640, a number with 193 digits, which can be factored by eighty
2.2GHz computers over the span of 5 months, one quantum computer
would factor in less than 17 seconds. Numbers that would typically take
billions of years to compute could only take hours or even minutes with a
fully developed quantum computer.