ece454 /cs594 computer and network security
DESCRIPTION
ECE454 /CS594 Computer and Network Security. Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2011. Introduction to Cryptography. What is cryptography? Types of cryptography Attacks on cryptosystem SKC, PKC, Hash - PowerPoint PPT PresentationTRANSCRIPT
![Page 1: ECE454 /CS594 Computer and Network Security](https://reader036.vdocument.in/reader036/viewer/2022062222/568164a6550346895dd698a8/html5/thumbnails/1.jpg)
1
ECE454/CS594 Computer and Network Security
Dr. Jinyuan (Stella) SunDept. of Electrical Engineering and Computer ScienceUniversity of Tennessee Fall 2011
![Page 2: ECE454 /CS594 Computer and Network Security](https://reader036.vdocument.in/reader036/viewer/2022062222/568164a6550346895dd698a8/html5/thumbnails/2.jpg)
2
Introduction to Cryptography• What is cryptography?• Types of cryptography• Attacks on cryptosystem• SKC, PKC, Hash• Security notions• Early ciphers
![Page 3: ECE454 /CS594 Computer and Network Security](https://reader036.vdocument.in/reader036/viewer/2022062222/568164a6550346895dd698a8/html5/thumbnails/3.jpg)
3
What Is Cryptography?• Cryptography is the art of secret writing• Traditional use: encryption• Cryptographic systems: algorithm+secret• Cryptology: cryptography+cryptanalysis
![Page 4: ECE454 /CS594 Computer and Network Security](https://reader036.vdocument.in/reader036/viewer/2022062222/568164a6550346895dd698a8/html5/thumbnails/4.jpg)
4
Types of Cryptography• Operations used to transform plaintext to ciphertext: - Substitution: each element in plaintext is mapped into another element - Transposition: elements in plaintext are rearranged• Number of keys used: - Single-key: secret-key cryptography - Two-key: public-key cryptography - Zero-key: hash functions • The way plaintext is processed: - Block cipher: input & output in blocks - Stream cipher: input & output in bits
![Page 5: ECE454 /CS594 Computer and Network Security](https://reader036.vdocument.in/reader036/viewer/2022062222/568164a6550346895dd698a8/html5/thumbnails/5.jpg)
5
Conventional Cryptography: Symmetric Encryption
• Plaintext: original message• Encryption algorithm:
substitutions/transpositions• Secret key: independent of plaintext and
algorithm• Ciphertext: depends on plaintext and key,
appears random• Decryption algorithm: reverse of encryption
![Page 6: ECE454 /CS594 Computer and Network Security](https://reader036.vdocument.in/reader036/viewer/2022062222/568164a6550346895dd698a8/html5/thumbnails/6.jpg)
6
Attacking Cryptosystems• Cryptanalysis: attempts to deduce the plaintext and/or the key being used, with knowledge of the nature of the algorithm + general characteristics of plaintext + some sample plaintext-ciphertext pairs
• Brute-force attack: attacker tries every possible key on a piece of ciphertext until an intelligible translation into plaintext is obtained. On average, half of all possible keys must be tried to achieve success.
![Page 7: ECE454 /CS594 Computer and Network Security](https://reader036.vdocument.in/reader036/viewer/2022062222/568164a6550346895dd698a8/html5/thumbnails/7.jpg)
7
Types of Cryptanalytic Attacks
![Page 8: ECE454 /CS594 Computer and Network Security](https://reader036.vdocument.in/reader036/viewer/2022062222/568164a6550346895dd698a8/html5/thumbnails/8.jpg)
8
Brute-force Attacks
Average Time Required for Exhaustive Key Search
![Page 9: ECE454 /CS594 Computer and Network Security](https://reader036.vdocument.in/reader036/viewer/2022062222/568164a6550346895dd698a8/html5/thumbnails/9.jpg)
9
Secret Key Cryptography (SKC)Aka: conventional cryptography, symmetric
cryptographyUse a single keyCiphertext about the same length as plaintextExamples: Captain Midnight code,
monoalphabetic cipher, DES, AES, RC4
Alice
plaintext
ciphertext
encryption
ciphertext
plaintextdecryptio
n
shared secret key Bob
![Page 10: ECE454 /CS594 Computer and Network Security](https://reader036.vdocument.in/reader036/viewer/2022062222/568164a6550346895dd698a8/html5/thumbnails/10.jpg)
10
SKC ApplicationsTransmitting over an insecure channelSecure storage on insecure mediaAuthentication:
Integrity check: message authentication code (MAC), aka, message integrity check (MIC)
![Page 11: ECE454 /CS594 Computer and Network Security](https://reader036.vdocument.in/reader036/viewer/2022062222/568164a6550346895dd698a8/html5/thumbnails/11.jpg)
11
Public Key Cryptography (PKC)Aka: asymmetric cryptography, invented in
1970sUse two keys: a public key known to
everyone, a private key kept secret to the owner
Encryption/decryption: encryption can be done by everyone using the recipient’s public key, decryption can be done only by the recipient with his/her private key
Alice
plaintext
ciphertext
encryption
ciphertext
plaintextdecryption
( , )A Apub pri ( , )B Bpub priBpub
Bpri
![Page 12: ECE454 /CS594 Computer and Network Security](https://reader036.vdocument.in/reader036/viewer/2022062222/568164a6550346895dd698a8/html5/thumbnails/12.jpg)
12
PKC ApplicationsEverything that SKC does can be done
by PKCTransmitting over an insecure channelSecure storage over insecure mediaAuthentication
Key exchange: establish a shared session key with PKC
![Page 13: ECE454 /CS594 Computer and Network Security](https://reader036.vdocument.in/reader036/viewer/2022062222/568164a6550346895dd698a8/html5/thumbnails/13.jpg)
13
PKC Applications (Cont’d)Digital signature: non-repudiation
Alice
plaintext
Signed message
sign
Signed message
True or falseverify
( , )A Apub pri ( , )B Bpub priApubApri
![Page 14: ECE454 /CS594 Computer and Network Security](https://reader036.vdocument.in/reader036/viewer/2022062222/568164a6550346895dd698a8/html5/thumbnails/14.jpg)
14
Hash FunctionsAka: message digests, one-way transformationsTake a message m of arbitrary length
(transformed into a string of bits) and computes from it a fixed-length (short) number h(m)
Properties:- easy-to-compute: for any message m, it is relatively easy to compute h(m)- non-reversible: given h(m), there is no way to find an m that hashes to h(m) except trying all possibilities of m- computationally infeasible to find m and m’ such that h(m)=h(m’) and m!=m’
![Page 15: ECE454 /CS594 Computer and Network Security](https://reader036.vdocument.in/reader036/viewer/2022062222/568164a6550346895dd698a8/html5/thumbnails/15.jpg)
15
Applications of Hash FunctionsPassword hashingMessage integrity: keyed hash
File fingerprintDownline load securityDigital signature efficiency
![Page 16: ECE454 /CS594 Computer and Network Security](https://reader036.vdocument.in/reader036/viewer/2022062222/568164a6550346895dd698a8/html5/thumbnails/16.jpg)
16
Security NotionsUnconditionally secure: ciphertext generated by the
scheme does not contain enough information to determine uniquely the corresponding plaintext, no matter how much ciphertext is available. Perfectly secure, unlimited power of adversary
Provably secure: under the assumption of well-known hard mathematical problem, e.g., factoring large numbers, discrete logarithm problem
Computationally secure: if cost of breaking the cipher exceeds the value of the encrypted information, or time required to break the cipher exceeds the useful lifetime of the information, practical security
![Page 17: ECE454 /CS594 Computer and Network Security](https://reader036.vdocument.in/reader036/viewer/2022062222/568164a6550346895dd698a8/html5/thumbnails/17.jpg)
17
Early Ciphers: Substitution• Substitution: letters of plaintext are replaced by other letters or by numbers or symbols, involves replacing plaintext bit patterns with ciphertext bit patterns • Caesar cipher• Captain Midnight Secret Decoder Rings• Monoalphabetic cipher• Hill cipher• Polyalphabetic cipher (Vigenere)• One-time pad
![Page 18: ECE454 /CS594 Computer and Network Security](https://reader036.vdocument.in/reader036/viewer/2022062222/568164a6550346895dd698a8/html5/thumbnails/18.jpg)
18
Caesar Cipher• Replacing each letter of the alphabet with the letter three places further down the alphabet, e.g.,
• Captain Midnight Secret Decoder Ring (slightly enhanced): If a numerical value is assigned to each letter, for each plaintext letter p, the ciphertext letter C=E(k, p)=(p+k) mod 26 where k takes on the value in [1,25]:
• Subject to brute-force attack: simply try all 25 possible k
![Page 19: ECE454 /CS594 Computer and Network Security](https://reader036.vdocument.in/reader036/viewer/2022062222/568164a6550346895dd698a8/html5/thumbnails/19.jpg)
19
Monoalphabetic Cipher• The "cipher" line can be any permutation of the 26 alphabetic characters, 26! or around 4x1026 possible keys:
• Is it secure enough to resist cryptanalysis? Consider:
• By exploiting the regularities of the language and counting letter frequencies:
• The following can be recovered:
![Page 20: ECE454 /CS594 Computer and Network Security](https://reader036.vdocument.in/reader036/viewer/2022062222/568164a6550346895dd698a8/html5/thumbnails/20.jpg)
20
Hill Cipher• Takes m successive plaintext letters and substitutes for them m ciphertext letters• The substitution is determined by m linear equations in which each character is assigned a numerical value (a = 0, b = 1 ... z = 25)• For example: m = 3
for plaintext “paymoremoney” and encryption key
we have ciphertext: LNSHDLEWMTRW
![Page 21: ECE454 /CS594 Computer and Network Security](https://reader036.vdocument.in/reader036/viewer/2022062222/568164a6550346895dd698a8/html5/thumbnails/21.jpg)
21
Polyalphabetic Cipher• Use different monoalphabetic substitutions as one proceeds through the plaintext message• Vigenere cipher: best known polyalphabetic cipher. The set of related monoalphabetic substitution rules consists of the 26 Caesar ciphers, with shifts of 0 through 25.• For keyword “deceptive” and plaintext “we are discovered save yourself”, the encryption works as:
• Vulnerable to cryptanalysis: the key and plaintext share the same language regularities and frequency distribution of letters. Solutions?
![Page 22: ECE454 /CS594 Computer and Network Security](https://reader036.vdocument.in/reader036/viewer/2022062222/568164a6550346895dd698a8/html5/thumbnails/22.jpg)
22
One-time Pad• Use a random key that is as long as the message so that the key need not be repeated• The key is used to encrypt and decrypt a single message, and then is discarded• Perfectly secure: unbreakable because it producesrandom output (from the random key) that bears no statistical relationship to the plaintext
• Drawbacks: large quantities of random keys needed, key distribution and protection (both sender and receiver)
![Page 23: ECE454 /CS594 Computer and Network Security](https://reader036.vdocument.in/reader036/viewer/2022062222/568164a6550346895dd698a8/html5/thumbnails/23.jpg)
23
Early Ciphers: Transposition
• Different from substituting a ciphertext symbol for a plaintext symbol• Transposition cipher: performs some sort of permutation/rearrangement on plaintext letters• Cryptanalysis is straightforward: a transposition cipher has the same letter frequency as plaintext• Can be made more secure by performing more than one stage of transposition (result is not easily reconstructed)
![Page 24: ECE454 /CS594 Computer and Network Security](https://reader036.vdocument.in/reader036/viewer/2022062222/568164a6550346895dd698a8/html5/thumbnails/24.jpg)
24
Rail Fence Cipher• Simplest transposition cipher• Plaintext is written down as a sequence of diagonals and then read off as a sequence of rows
• Trivial to attack
Plaintext:
Ciphertext:
![Page 25: ECE454 /CS594 Computer and Network Security](https://reader036.vdocument.in/reader036/viewer/2022062222/568164a6550346895dd698a8/html5/thumbnails/25.jpg)
25
Double Transposition• A more complex scheme: permute the order of the columns with a key
• Double transposition: more than one permutation, number the above plaintext letters 1-28 and after the first permutationwe have
• After the 2nd permutation?
![Page 26: ECE454 /CS594 Computer and Network Security](https://reader036.vdocument.in/reader036/viewer/2022062222/568164a6550346895dd698a8/html5/thumbnails/26.jpg)
26
Cryptography vs. Steganography• Cryptography conceals the context of message• Steganography conceals the existence of message, useful when the fact of secret communication should be concealed - an arrangement of words/letters of the overall message spells out the hidden message - character marking: selected letters overwritten in pencil, not visible unless the paper is held at an angle to bright light - invisible ink: substances used for writing but leave no visible trace until heat or some chemical is applied to the paper - pin punctures: small pin punctures on selected letters are not visible unless the paper is held up in front of a light
• Drawbacks of steganography: high overhead to hide a relatively few bits of information, becomes worthless once the system is discovered (can make insertion depend on key)
![Page 27: ECE454 /CS594 Computer and Network Security](https://reader036.vdocument.in/reader036/viewer/2022062222/568164a6550346895dd698a8/html5/thumbnails/27.jpg)
27
Steganography
![Page 28: ECE454 /CS594 Computer and Network Security](https://reader036.vdocument.in/reader036/viewer/2022062222/568164a6550346895dd698a8/html5/thumbnails/28.jpg)
28
Reading Assignments
[Kaufman] Chapter 2