itec345 © material from slides derived from pfleeger or neil daswani. next: cryptogrpahy....

ITEC345 © Material from slides derived from Pfleeger or Neil Daswani.

Next: Cryptogrpahy.

Corresponds with Chapter 2 of textbook.

When not stated explicitly, the slide is based on material or has been provided by the textbook (Security in Computing by Pfleeger and Pfleeger. ISBN-10: 0132390779 ISBN-13: 978-0132390774


Summary

• So far we looked at various threats, exploits and vulnerabilities to:– Application programs (buffer overflows, race

conditions)– Applications on web (SQL injection, XSS and

Hidden Parameter manipulation)– Physical security – Personnel security

• NEXT: Securing computing infrastructures.


Remember: Security is holistic.

• “Holistic” because it requires:

– Technological security – security achieved using technological means.

– Physical security, and,– Administrative security.

• The next 7-8 weeks we will study various aspects of technological security.


Security is holistic. (2)

• The next 7-8 weeks we will study various aspects of technological security.

• Given that there are several technological security mechanisms our goals is to cover a wide-variety of those without going too much into depth.– Later courses: 445 and 455 will go

into depth in some of those topics.


Overview of our coverage of technological security.

• Cryptography• Application program security.• OS security• Network security.

• Next: cryptography.


Encoding vs Encrypting

- Encoding: represent information as data (in some specific format). - zip code, area code, ISBN, … - ASCII code, unicode, …

- error codes … - class java.util.Date; program design

Not about secrecy/security.

- Encryption: secure data from attackers.


Why study cryptography?

• Forms the foundation of many security mechanism.

• Clearly the basis for network security and OS security.


Cryptography

“ Many savages at the present day regard their names as vital parts of themselves, and therefore take great pains to conceal their real names, lest these should give to evil-disposed persons a handle by which to injure their owners.” —The Golden Bough, Sir James George Frazer

(Quote obtained from: Cryptography and Network Security Slides by Dr. Lawrie Brown. Slides at:http://www.box.net/shared/h164at4gsc).

http://www.box.net/shared/h164at4gsc



Cryptography

• Cryptography is not just encryption/decryption!.

• Aspects of cryptography (we will study):– Two types of cryptography:

• Symmetric key (also called private key or secret key)• Asymmetric key (also called public key cryptography)

– In addition cryptography also includes another interesting mechanism:

• Secure hash functions (also called message digests) – used for creating digital signatures and for assuring integrity of data.

• These three types are used for achieving various things:

• Encryption and decryption of messages.• Exchanging passwords or other secret information. • Creating digital signatures.


Cryptography and mathematics.

• Cryptography is a course (or multiple courses) by itself! – Involves a lot of mathematics.– Cannot be covered as a one single topic easily.

• Our focus and plan:– First: Encryption/Decryption using symmetric key

cryptography– Next: Flavor of asymmetric key cryptography and its

difference from symmetric key and– Then: secure hash functions and– Finally: using all of them for various tasks:

confidentiality, integrity, authentication and non-repudiation.

• Mathematics will be covered in ITEC 455 (network security).

• Alternatively, read Chapter 12.


Encryption/Decryption.

• What is encryption?• Decryption?

In 5th grade, teacher placed me and my best friend on opposite side of room. We pass notes… but teacher could intercept!

Solution: Captain Justice's Decoder Pencil.


Three parts to cryptography• Most cryptographic algorithms are used

for: – Encryption: encoding a message so that its

meaning is not obvious.– Decryption: reverse process

• Crypt analysis: this is the key vulnerability and deals with breaking the encryption.

Figure 2-1Notes based on © William Stallings, Cryptography and Network Security. Slides by © Dr. Lawrie Brown, Australian Defence Institute (http://www.box.net/shared/h164at4gsc)




Next:

• Symmetric key cryptography: – This is what most layperson’s call as

cryptographic algorithms.– Primarily used for

encryption/decryption.– Also called: secret-key cryptography

or private-key cryptography.

Notes based on © William Stallings, Cryptography and Network Security. Slides by © Dr. Lawrie Brown, Australian Defence Institute(http://www.box.net/shared/h164at4gsc)



Notations we will use in discussing symmetric cryptography

• Notations used to discuss symmetric cryptography:

• M = message (plaintext)• C = cipher text (the encrypted text)• E = encryption function• D = decryption function• K = key (secret key, usually a number)

E.g., C = E(M, K) (read this in English as: cipher text is

generated by applying the encryption function on the message “M” and key “K”.




What is symmetric cryptography?

• In symmetric key cryptography:

–The same secret key is used for both encryption and decryption.

– The word “symmetric” comes from the above fact – same key for both functions.

• E.g.,: If secret key is “K”, then:– C = E (M, K) and – M = D (C, K) (message is decryption of cipher text with

the same key “K”.

• E.g., (simple example) Caeser substitution cipher (next slide).Notes based on © William Stallings, Cryptography and Network Security. Slides by © Dr.

Lawrie Brown, Australian Defence Institute


Example of a symmetric encryption:Caeser Substitution Cipher

• Consider the following: • M = MEET ME AT CENTRAL PARK (plaintext)• C = PHHW PH DW FHQWUDO SDUN (ciphertext)• Secret key:

– Plain: ABCDEFGHIJKLMNOPQRSTUVWXYZ– Cipher:DEFGHIJKLMNOPQRSTUVWXYZABC

• i.e., we replace each alphabet with another alphabet. E.g., character ‘A’ replaced by ‘D’, ‘B’ by ‘E’ etc..

• So what is the key? – The key is simply something like: “shift 3”, i.e., shift the alphabets to

the right by 3 positions.




Caeser cipher.

• Is the Caeser cipher secure?

• If not, why not? – How easy is it to break Caeser cipher? – What process did you use?

• E.g., what does this message mean? LWHF LV FRRO

In particular, the security of a cryptographic algorithm is tested using: cryptanalysis.

Notes based on © William Stallings, Cryptography and Network Security. Slides by © Dr. Lawrie Brown, Australian Defence Institute. (http://www.box.net/shared/h164at4gsc)



Cryptanalysis

• Used to test cryptographic techniques (e.g, how do we know how secure an encryption is?). – Two techniques are used: cryptanalysis and

brute-force.

• Cryptanalysis: Based on understanding the “nature” of the cryptographic algorithm.– Exploits characteristics of the algorithm to:

• Attempt to deduce plaintext (OR)• Deduce the key being used.

– Deducing key is more dangerous!

• Brute-force: Try out all possible keys. Notes based on © William Stallings, Cryptography and Network Security. Slides by © Dr. Lawrie Brown, Australian Defence Institute. (http://www.box.net/shared/h164at4gsc)



Cryptanalysis of Caesar Cipher

• In Caeser ciphper: • There are only 26 possible secret keys:

– E.g., Shift right by 1, shift right by 2 etc.., – Attacker can easily try each key in turn

• a brute force search • given ciphertext, just try all shifts of

letters.

• Hence, it is easy to break.

© Dr. Lawrie Brown, Australian Defence InstituteNotes based on © William Stallings, Cryptography and Network Security. Slides by © Dr. Lawrie Brown, Australian Defence Institute. (http://www.box.net/shared/h164at4gsc)



Classical Substitution Ciphers

• Caeser cipher is a classic example of “substitution ciphers”

• where letters of plaintext are replaced by other letters or by numbers or symbols

• or if plaintext is viewed as a sequence of bits, then substitution involves replacing plaintext bit patterns with ciphertext bit patterns




Classical Substitution Ciphers

• Caeser cipher is an example of “substitution ciphers”

• where letters of plaintext are replaced by other letters or by numbers or symbols

• or if plaintext is viewed as a sequence of bits, then substitution involves replacing plaintext bit patterns with ciphertext bit patterns

• In general, such substitution ciphers are not very secure. We will see why.




• We know Caeser cipher is not very secure because there are only 26 possible keys.

• Alternative: a substitution cipher with several possible keys.

– E.g., instead of using a single key “3”, use multiple keys “3”, “4”, “5”, where first character substituted by the third character, 2nd by the 4th and so on…

• 1William Stallings, Cryptography and Network Security

© William Stallings, Cryptography and Network Security. Slides by © Dr. Lawrie Brown, Australian Defence Institute

Why substitution cipher is not secure (1)

Notes based on © William Stallings, Cryptography and Network Security. Slides by © Dr. Lawrie Brown, Australian Defence Institute


• instead of using a single key (e.g. 3), • use multiple keys. (For example: “3”, “4”, “5”, where first

character is substituted by the third character, 2nd by the 4th and so on…)– E.g.,

• ‘A’ is substituted by ‘B’ (i.e., a character 1 place away),

• ‘B’ is substituted by ‘D’ (i.e., a character 2 places away)

• ‘C’ is substituted by ‘G’ (i.e., a character 5 places away).

• How secure are such ciphers/mathematically? In other words, how many keys must you try before you break this cipher?

• 1William Stallings, Cryptography and Network Security

Why substitution cipher is not secure (2).How secure is this?

Notes based on © William Stallings, Cryptography and Network Security. Slides by © Dr. Lawrie Brown, Australian Defence Institute


Why substitution cipher is not secure (3).

• For the problem on previous slide, there are 26! possible keys. Why? – First character ‘A’ can be substituted with any of the

26 characters.– Second character ‘B’ will now only have 25 other

characters to substitute it (the one used for A cannot be used again – that was our intention).

– Third character ‘C’ will now have only 24 other characters to substituted it.

• Hence, we have: 26 * 25 * 24 *…. * 1 = 26! Possible secret keys.




How big is big?

• Is 262 big? Is 26! big?• Current computers run at _____,

which means _____ ops per sec.• 10 9 ops requires ~ ____ sec.• 1012 ops requires ~ ____ ____s.• 1015 ops requires ~ ____ ____s.• 1018 ops requires ~ ____ ____s.Age of universe?#particles in univ.?


How easy is it to break a substitution cipher?

• So, brute-force means checking 26! ≈ 4 x 1026 keys

• with so many keys, we might think it is secure

• but would be WRONG! • Why? problem is language

characteristics© William Stallings, Cryptography and Network Security. Slides by © Dr. Lawrie Brown, Australian Defence Institute(http://www.box.net/shared/h164at4gsc)





Why substitution cipher is not secure (3).Language Redundancy and Cryptanalysis

• human languages are redundant• E.g., can you decipher this quote?

“Fr lds to ngr. ngr lds to ht. Ht lds to sffrng.” • In English,

– letters are not equally commonly used – in English e is by far the most common letter – then T,A,O,I,N,S,R (mnemonic: "creations")– other letters are remarkably rare e.g. Z,J,K,Q,X

- Some letters disproportionally common at word-start; some words disproportionally common at document-start - After 'q', ____ • This makes text easier to guess! © William Stallings, Cryptography and

Network Security. Slides by © Dr. Lawrie Brown, Australian Defence InstituteNotes based on © William Stallings, Cryptography and Network Security. Slides by © Dr.

Lawrie Brown, Australian Defence Institute. (http://www.box.net/shared/h164at4gsc)



English Letter Frequencies – shows that ‘e’ is most commonly used. Every use of ‘e’ in the text can

easily be identified by the cryptanalyst.

© William Stallings, Cryptography and Network Security. Slides by © Dr. Lawrie Brown, Australian Defence Institute




Using language characteristics tobreak substitution cipher

• Example of using English characteristics: Consider the cipher text:wklv phvvdjh lv qrw wrr kdug wr euhdn

____ _______ __ ___ ___ ____ __ _____

Look for words such as “too” , “am” try to guess what each word may map in cipher text.

This message has been enciphered with a 27-symbol alphabet: A – Z + blank character.© William Stallings, Cryptography and

Network Security. Slides by © Dr. Lawrie Brown, Australian Defence Institute




So how useful is substitution ciphers?

• We have seen that substitution ciphers are not “by themselves” very secure.

• So do they have any use at all?




So how useful are substitution ciphers?

• Not in practice. But conceptually:• Principle of timeliness in

security: a security measure must be strong enough to keep out the attacker only for the life of the data.

• E.g., if Corp.HQ e-mails quarterly earnings to a branch office 5min before the public shareholder announcment,a cipher that takes longer than 5 minutes to break is sufficient!




What can make a substitution cipher better?

• So, our next goal is to make substitution ciphers more secure?

• How? Any ideas?


Making substitution cipher more effective

• Some ideas:

- shift each letter… but change the shift-amount at each step!

– One – time pad.

– Using transposition (permutations).


One time pad

• What if each letter in the message were encrypted with a different key?

• E.g. shift by 4, then by 5, then by 6, …: E("aaa",4) = "efg"

• Instead of adding one to the shift, add 7?

• Or, multiply-by-5-then-add-7?• Or, have the next shift depend on the

current shift and the letter just enciphered! (Enigma)




One time pad

• The "5k+7 (mod 26)" sequence is a simple pseudo-random-number generator: 1, 12, 15, 4, …

• What if we had a truly random sequence, as our key?

• Advantage: cannot possibly break it any part of it, so long as key is truly random.

• This is the idea behind a One-Time Pad• Unbreakable … if you never re-use the

pad!Notes based on © William Stallings, Cryptography and Network Security. Slides by © Dr. Lawrie Brown, Australian Defence Institute. (http://www.box.net/shared/h164at4gsc)



Other substitution ciphers…

• Several others including:

– Book ciphers.

• Next: an alternative to substitution: transposition ciphers.


Transposition cipher …

• Based on what you learnt so far, What is the biggest weakness of a substitution cipher – in other words what makes it easy to break?


Transposition (or permutation) cipher …

• Based on what you learnt so far, What is the biggest weakness of a substitution cipher – in other words what makes it easy to break?

Substitution ciphers might preserve (language) patterns in the input.

Transposition ciphers aim to break the patterns.


Two terms: confusion and diffusion.

• Substitution ciphers create confusion: characters in the cipher text are not what they are.

• Transposition ciphers: create diffusion – they spread the characters around breaking patterns. In other words they create “jumbles”.




Transposition cipher example: columnar cipher

• In columnar transposition, words are basically being jumbled.

Figure 2-4 Columnar Transposition.


Transposition cipher: columnar cipher

• Example: To encrypt: This is ITEC, we

can use the following transposition:

T h i s I s I T E CRead down the columns to get cipher text: TssTh EiIIC


Summary so far …

• We have seen substitution and transposition ciphers.

• These are trivial – though they illustrate the concepts.

• Next: we will see how a mixture of these ciphers are used in commercial encryption/decryption algorithms: DES and AES.


DES encryption.

• Data Encryption Standard.• Selected by the National Bureau of

Standards in 1976.• Symmetric encryption – used 56

bit keys.

• Uses a mix of substitution and transposition (permutation)


High level view of DES

• This is one round in DES.(16 such rounds are used for encrypting.)

Called S-boxes

Called PermuteBoxes.

This is also calledFeistal network

Slides image © Neil Daswani et al, , Foundations of Security: What every programmer needs to know. ISBN-13: 978-1590597842


Parts of DES: S-box (Substitution Box)

• n bits input; m bits output (n x m S-box)

• output is functionally determined by input

• Ex: If input = 011001, and (say) output = 1001

• 2n possible inputs• 2m possible outputs• Exercise: how many possible distinct

substitution boxes could you build?• In DES: S-boxes fixed.

S-box

n bits

m bits

© Neil Daswani

Slide © Neil Daswani et al, , Foundations of Security: What every programmer needs to know. ISBN-13: 978-1590597842


Parts of a DES: Permute Functions

• Permutation Functions: changes order of bits– Example: P(b0b1b2)=b1b2b0

– P(101)=011• Expansion Permutation:

changes order, and re-uses bits more than once– Example:

P’(b0b1b2)=b1b2b1b0b2

– P’(101)=01011

0 1 2

0 1 2

© Neil Daswani

Slides image © Neil Daswani et al, , Foundations of Security: What every programmer needs to know. ISBN-13: 978-1590597842


DES

• The "sub"keys used in each of the 16 rounds are derived from the original key.

• To de-crypt: Just apply the subkeys in opposite order

• This is important practically: same hardware can be used.


Key Strength

• Just search every possibility to break the key?• 256 is possible to brute-force, though 57bits is

twice as hard; 58bits is 4x harder; 264 is 256x bigger than 256.

• What about with 128-bit keys? 2128 possible

keys – too many to brute-force!

• But I still have my hardware for 56-bit key DES.Idea: encrypt twice, with k1 then k2:this is equivalent to using a 2x56 = 128 bit key.

© Neil Daswani



3DES: Triple DES

• Do DES 3 times with 3 different keys

• E = f( f-1( f( M ,k1) ,k2) ,k3)where f = DES

• Keying options (best to worst): choose– k1 ≠ k2 ≠ k3: 168-bit (192-bit)– k1 = k3: 112-bit (128-bit)– k1 = k2 = k3: 56-bit (64-bit)

© Neil Daswani



Some things to note

• Security depends on keys… algorithms are public!

• Every additional bit adds twice as many possibilities to have to search.– Why? All previous keys: prepend 0; prepend

1.• For 128-bit key, need to “attack”

mathematical properties of encryption algorithm

• Hint: when encrypting: don’t invent your own encryption algorithm!Use existing, vetted ones.

© Neil Daswani



AES (Rijndael)

• AES: Advanced Encryption Standard: Rijndael ("Rein doll")

• Invented by 2 cryptographers from Belgium• Selected by NIST from 15 competitors• Selection Criteria: Security, Cost (speed,

memory), Implementation Considerations (hw,sw)

• Key size / Block size: 128, 192, or 256 bits • 10, 12, or 14 rounds depending upon key/block

size• Has S-Boxes and XORs, but no Feistel network

© William Stallings, Cryptography and Network Security

© Neil Daswani et al, Foundations of Security: What every programmer needs to know. ISBN-13: 978-1590597842


Next:

• Asymmetric ciphers.

itec345 © material from slides derived from pfleeger or neil daswani. next: cryptogrpahy....

Documents

network security slides

os security network

textbook security

cryptography cryptography

administrative security

itec345 material

neil daswani

study cryptography