SUBMITTED BY: PARUL MEHRA NRO0192077

THE INSTITUTE OF CHARTERED ACCOUNTANTS OF INDIA

INFORMATION TECHNOLOGY TRAININGSUBMITTED TO:MR. ROHIT SHARMAMR. SATISH KUMARITT CENTRE AMRITSAR

A PROJECT REPORT ON A PROJECT REPORT ON CRYPTOGRAPHYCRYPTOGRAPHY

What is What is Cryptography?Cryptography?

““hidden writing”hidden writing” Until recently: military toolUntil recently: military tool Like any military technology: methods change over timeLike any military technology: methods change over time Two sides: designing codesTwo sides: designing codes breaking codes (cryptanalysis) breaking codes (cryptanalysis) Computers have changed bothComputers have changed both

Brief History of Brief History of CryptographyCryptography

What is Cryptography?What is Cryptography?Science of writing secret codeScience of writing secret code

The first use of cryptography in 1900 B.C.The first use of cryptography in 1900 B.C.Used by Egyptian scribeUsed by Egyptian scribeSome experts say it appeared right after writing Some experts say it appeared right after writing

was inventedwas invented

Crypto TermsCrypto Terms

Cryptography – art/science relating to encrypting, decrypting Cryptography – art/science relating to encrypting, decrypting informationinformation

Cryptanalysis – art/science relating to converting cipher text to Cryptanalysis – art/science relating to converting cipher text to plaintext without the (secret) keyplaintext without the (secret) key

Link encryption – the individual application of encryption to Link encryption – the individual application of encryption to data on each link of networkdata on each link of network

End to end encryption – the encryption of data from source End to end encryption – the encryption of data from source system to end systemsystem to end system

Cryptography Broken DownCryptography Broken Down

Two kinds of cryptosystems:Two kinds of cryptosystems:

SymmetricSymmetric

Uses the same key (the secret key) to encrypt and decrypt a message.Uses the same key (the secret key) to encrypt and decrypt a message.

AsymmetricAsymmetric

Uses one key (the public key) to encrypt a message and a different key Uses one key (the public key) to encrypt a message and a different key (the private key) to decrypt the message.(the private key) to decrypt the message.

Symmetric CryptosystemSymmetric Cryptosystem The message:The message:

The sender and receiver know and use the same secret key.The sender and receiver know and use the same secret key.

The sender uses the secret key to encrypt the message.The sender uses the secret key to encrypt the message.

The receiver uses the same secret key to decrypt the message. The receiver uses the same secret key to decrypt the message.

Symmetric CryptosystemSymmetric Cryptosystem

Symmetric ChallengeSymmetric Challenge

Main challenge:Main challenge:Agreeing on the key while maintaining secrecy.Agreeing on the key while maintaining secrecy.

Trusting a phone system or some transmission medium.Trusting a phone system or some transmission medium.

The interceptor can read, modify, and forge all messages The interceptor can read, modify, and forge all messages

Key ManagementKey Management

The generation, transmission, and storage of a key.The generation, transmission, and storage of a key. All cryptosystems must deal with key management All cryptosystems must deal with key management

issuesissues Because all keys must remain secret there is often Because all keys must remain secret there is often

difficulty providing secure key management.difficulty providing secure key management.

Introduction of the Public KeyIntroduction of the Public Key Created to solve key management problems.Created to solve key management problems. Created by Whitfield Diffie and Martin Hellman in 1976.Created by Whitfield Diffie and Martin Hellman in 1976. Also called asymmetric system.Also called asymmetric system. Encryption key: public keyEncryption key: public key Decryption key: private keyDecryption key: private key

Public Key InfrastructurePublic Key Infrastructure

Idea behind Public KeyIdea behind Public Key

B publishes design specs for a padlockB publishes design specs for a padlock A wants to send B a boxA wants to send B a box A builds a B padlock, locks the boxA builds a B padlock, locks the box B unlocks box using his keyB unlocks box using his key E intercepts box, knows design specsE intercepts box, knows design specs Goal: E still can’t build a keyGoal: E still can’t build a key Padlock = trapdoor one-way functionPadlock = trapdoor one-way function

Public Key CryptographyPublic Key Cryptography

A wants to talk to B: computes key A wants to talk to B: computes key XX A sends B A sends B ffB B ((XX) (B’s function)) (B’s function) B computes B computes ffBB

-1-1 ( (ffB B ((XX)) = )) = XX Both A and B know Both A and B know XX, use as key for symmetric encryption, use as key for symmetric encryption E knows E knows ffB B ((XX); can’t compute ); can’t compute XX AsymmetricAsymmetric encryption encryption Whitfield Diffie, 1975Whitfield Diffie, 1975

Cryptanalysis TermsCryptanalysis Terms

Clipertext – only attack – attacter-Clipertext – only attack – attacter-attempts to decrypt cliphertext.attempts to decrypt cliphertext.

Known-plaintext attack – attacter-Known-plaintext attack – attacter-attempts to decrypt cliphertext attempts to decrypt cliphertext knowledge of some plaintext.knowledge of some plaintext.

Chosen-plaintext attack – attacter-Chosen-plaintext attack – attacter-attempts obtains cliphertext attempts obtains cliphertext corresponding to selected plaintextcorresponding to selected plaintext..

Crypto System PropertiesCrypto System Properties

Encryption/decryption transformations Encryption/decryption transformations must be efficient for all keys.must be efficient for all keys.

System must be easy to use.System must be easy to use. The security of the system should depend The security of the system should depend

ONLY on the secrecy of the keys and not ONLY on the secrecy of the keys and not on the secrecy of the on the secrecy of the encryption/decryption transformation.encryption/decryption transformation.

Secrecy RequirementsSecrecy Requirements

If cipher text and plaintext are known, it should be If cipher text and plaintext are known, it should be computationally infeasible to determine the deciphering computationally infeasible to determine the deciphering algorithm.algorithm.

It should be computationally infeasible to systematically It should be computationally infeasible to systematically determine plaintext from intercepted cipher text.determine plaintext from intercepted cipher text.

AuthenticityAuthenticity RequirementsRequirements If cipher text and plaintext are known, it should be If cipher text and plaintext are known, it should be

computationally infeasible to determine the deciphering computationally infeasible to determine the deciphering algorithm.algorithm.

It should be computationally infeasible to find valid It should be computationally infeasible to find valid cipher textcipher text..

Digital Encryption Digital Encryption Standard(DES)Standard(DES)

Developed by IBM in 1972.Developed by IBM in 1972. Never approved for national security applicationsNever approved for national security applications 64-bit plain & cipher text block size.64-bit plain & cipher text block size. 56-bit true key plus 8 parity bits.56-bit true key plus 8 parity bits. Single chip implementation.Single chip implementation. 16 rounds transpositions & substitutions.16 rounds transpositions & substitutions. Symmetric , private key.Symmetric , private key.

Applications of DESApplications of DES

Double DESDouble DESEffective key length of 112 bits.Effective key length of 112 bits.Work factor about the same as Work factor about the same as

single DES.single DES. Triple DESTriple DES

encrypt with first key. encrypt with first key. decrypt with second key.decrypt with second key.encrypt with first key.encrypt with first key.very secure.very secure.

How do We Encrypt?How do We Encrypt?

Protocol, or scheme: method of encryptionProtocol, or scheme: method of encryptionCryptovariable, or key: secret informationCryptovariable, or key: secret information

Symmetric encryption: decryption is the same

cryptovariableciphertext

plaintext protocol

How could we break this?How could we break this?

Case I: we don’t know the protocolCase I: we don’t know the protocol Hard problem in cryptanalysisHard problem in cryptanalysis ““Clark Kent” effectClark Kent” effect

Case II: we know the protocolCase II: we know the protocol Need to guess the cryptovariableNeed to guess the cryptovariable Only 26 possibilitiesOnly 26 possibilities

Substitution CipherSubstitution Cipher

Allow any permutation of the alphabetAllow any permutation of the alphabet Key = permutation; 26! possibilitiesKey = permutation; 26! possibilities 26! = 403,291,461,126,605,635,584,000,00026! = 403,291,461,126,605,635,584,000,000 Roughly 2Roughly 28888: checking 1 billion per second, would take 12 billion years: checking 1 billion per second, would take 12 billion years Is there a better way?Is there a better way? Al-Kindi, ninth century: Al-Kindi, ninth century: frequency analysisfrequency analysis

The Perfect The Perfect CryptosystemCryptosystem

One-time pad: encrypt each letter with its own keyOne-time pad: encrypt each letter with its own key-Example: Caesar shift each letter separately-Example: Caesar shift each letter separately

CCi i = P= Pii + K + Kii (mod 26) (mod 26) To encrypt To encrypt nn bits, use bits, use nn bits of key bits of key This uses up lots of key bits; need to prearrangeThis uses up lots of key bits; need to prearrange How do you generate key bits?How do you generate key bits?

Enigma Machine Enigma Machine

German cryptosystem in World War IIGerman cryptosystem in World War II Same idea: modify lettersSame idea: modify letters Scrambler disks implement permutationScrambler disks implement permutation Rotate after each letter, so many different permutations usedRotate after each letter, so many different permutations used Additional permutation provided by plugboardAdditional permutation provided by plugboard

Enigma KeyEnigma Key Key changed dailyKey changed daily 3 scramblers in one of 6 orders3 scramblers in one of 6 orders

-In 1938: 3 of 5, so 60 arrangements-In 1938: 3 of 5, so 60 arrangements 262633 = 17,576 settings for scramblers = 17,576 settings for scramblers Billions of plug board settingsBillions of plug board settings Alan Turing: bypassed plug boardAlan Turing: bypassed plug board Used known plaintext, exhausted over spaceUsed known plaintext, exhausted over space British were able to read trafficBritish were able to read traffic

Modern Symmetric Modern Symmetric CryptographyCryptography

Assume the protocol is known to the enemyAssume the protocol is known to the enemy Only the key is secretOnly the key is secret Encryption, cryptanalysis use computersEncryption, cryptanalysis use computers Operate on bits, rather than lettersOperate on bits, rather than letters DES, AESDES, AES Open standards; let everyone try to break itOpen standards; let everyone try to break it Closed design often fails (cell phones)Closed design often fails (cell phones)

KeyKey DistributionDistribution

Secure communication requires a keySecure communication requires a key How do you exchange keys securely?How do you exchange keys securely? Military: codebooks in field could fall into enemy handsMilitary: codebooks in field could fall into enemy hands Commerce: might not meet face-to-faceCommerce: might not meet face-to-face Seems to be a Catch-22Seems to be a Catch-22

Paradigm ShiftParadigm Shift

A wants to mail B a letter securelyA wants to mail B a letter securely If they share a “key”, A locks, B unlocksIf they share a “key”, A locks, B unlocks If not: A puts on padlock, sends box to BIf not: A puts on padlock, sends box to B B adds his padlock, sends box back to AB adds his padlock, sends box back to A A removes her padlock, sends box to BA removes her padlock, sends box to B B unlocks box, reads letterB unlocks box, reads letter Problem: how to translate this to Problem: how to translate this to

mathematicsmathematics

A, B agree on information Y

A computes A(Y)Mails it to B

B computes B(Y)Mails it to A

Alcomputes A(B(Y)) B computes B(A(Y))

A(B(Y)) = B(A(Y)) = secret key

“E” knows Y, A(Y), B(Y), but can’t compute key

Problem: how do you make A(B(Y)) = B(A(Y))?

Diffie-Hellman-Merkle Diffie-Hellman-Merkle (1976)(1976)

Modular ArithmeticModular Arithmetic Choose Choose YY, modulus , modulus pp A’s function is A’s function is YYAA (mod (mod pp)) B’s function is B’s function is YYBB (mod (mod pp)) Key is Key is YYABAB Y YBABA (mod (mod pp)) E can’t compute E can’t compute YYABAB from from YY, , YYAA, , YYBB

We think (no one can prove it)We think (no one can prove it) One problem: must communicate to get keyOne problem: must communicate to get key

One-way FunctionsOne-way Functions

Easy to compute, hard to reverseEasy to compute, hard to reverse Example: Example: f f ((AA) = ) = YYAA (mod (mod pp)) f f -1-1((YYAA) is called “discrete log”) is called “discrete log” Hard to compute (we think)Hard to compute (we think) Could always do exhaustive searchCould always do exhaustive search Here, there are Here, there are pp-1 choices-1 choices

Cryptographic PrimitivesCryptographic Primitives

Building blocks for algorithmsBuilding blocks for algorithms-Example: one-way functions-Example: one-way functions

Protocols built out of primitivesProtocols built out of primitives-Example: Diffie-Hellman-Merkle-Example: Diffie-Hellman-Merkle

Protocols built out of other protocolsProtocols built out of other protocols-Example: -Example: Use Diffie-Hellman to exchange keyUse Diffie-Hellman to exchange key

Trapdoor One-Way FunctionsTrapdoor One-Way Functions

Another useful primitiveAnother useful primitive f f ((XX) is easy to compute) is easy to compute f f -1-1((YY) is hard for most people to compute) is hard for most people to compute But: easy to compute if you know a secretBut: easy to compute if you know a secret There are trapdoor one-way functionsThere are trapdoor one-way functions Found by Rivest-Shamir-Adleman, 1977Found by Rivest-Shamir-Adleman, 1977 Rely on difficulty of factoring large integersRely on difficulty of factoring large integers

Digital Signature SchemeDigital Signature Scheme

A wants to send B a message, sign itA wants to send B a message, sign it A sends B A sends B XX and and SS = = ffAA

-1-1 ( (XX)) B checks that B checks that ffA A ((SS) = X) = X Therefore B knows that Therefore B knows that SS = = ffAA

-1-1 ( (XX)) Only A can compute Only A can compute ffAA

-1-1 ( (XX) easily, so A must have ) easily, so A must have sent the messagesent the message

Same primitive, new protocolSame primitive, new protocol

Digital Signature ProcessDigital Signature Process

RevolutionRevolution

New ideas made cryptography an option for commerceNew ideas made cryptography an option for commerce

PCs gave everyone computing powerPCs gave everyone computing power

Zimmerman’s PGP: gave everyone accessZimmerman’s PGP: gave everyone access

SSL in web browsersSSL in web browsers

Quantum ComputationQuantum Computation

Computers revolutionized Computers revolutionized cryptographic design and cryptanalysiscryptographic design and cryptanalysis

Quantum computers may one day do Quantum computers may one day do the samethe same

Quantum key exchange: Quantum key exchange: guaranteedguaranteed securesecure

A quantum computer could factor large A quantum computer could factor large integers in polynomial timeintegers in polynomial time