lesson 2 - encryption
DESCRIPTION
Lesson 2 - Encryption. ITD2323. Lecture by: IZWAN SUHADAK ISHAK Assistant Lecturer Universiti Industri Selangor. Things to learn about. Concepts of encryption Cryptanalysis Symmetric encryption Assymmetric encryption Protocols and certificates Digital signatures - PowerPoint PPT PresentationTRANSCRIPT
Lesson 2 - EncryptionLesson 2 - Encryption
ITD2323ITD2323
Lecture by:IZWAN SUHADAK ISHAKAssistant LecturerUniversiti Industri Selangor
Things to learn aboutThings to learn about
Concepts of encryptionConcepts of encryption CryptanalysisCryptanalysis Symmetric encryptionSymmetric encryption Assymmetric encryptionAssymmetric encryption Protocols and certificatesProtocols and certificates Digital signaturesDigital signatures Types of encryption algorithmsTypes of encryption algorithms
CryptographyCryptography
Secret writing – strongest tool to Secret writing – strongest tool to control against many kinds of control against many kinds of security threatssecurity threats
Users of cryptography usually do not Users of cryptography usually do not create their encryption techniques – create their encryption techniques – just use what’s availablejust use what’s available
TerminologyTerminology
Imagine S (sender) sending a message to Imagine S (sender) sending a message to R (recipient) through T (transmission R (recipient) through T (transmission medium)medium)
However there’s an intruder or interceptor However there’s an intruder or interceptor (O) who tries to access the message in any (O) who tries to access the message in any of these:of these:– Block it – affects the availabilityBlock it – affects the availability– Intercept it – affecting the confidentialityIntercept it – affecting the confidentiality– Modify it – affecting the integrityModify it – affecting the integrity– Fabricate it – affecting the integrity as wellFabricate it – affecting the integrity as well
……continuedcontinued
Encryption – the process of encoding a Encryption – the process of encoding a message (scrambling)message (scrambling)
Decryption – the process to reverse, Decryption – the process to reverse, transforming encrypted message back to transforming encrypted message back to original formoriginal form
Encode, decode, encipher, decipher are Encode, decode, encipher, decipher are terms used in lieu of encrypt or decryptterms used in lieu of encrypt or decrypt
Encode could mean translating entire word Encode could mean translating entire word or phrases into something newor phrases into something new
Encipher could mean translating letters or Encipher could mean translating letters or symbols individuallysymbols individually
……continuedcontinued
Cryptosystem – a system for Cryptosystem – a system for encryption and decryptionencryption and decryption
Plaintext, cleartext – original formPlaintext, cleartext – original form Ciphertext – encrypted (scrambled) Ciphertext – encrypted (scrambled)
formform
Encryption DecryptionPlaintext Ciphertext OriginalPlaintext
Encryption AlgorithmsEncryption Algorithms
Set of rules for how to encrypt Set of rules for how to encrypt plaintext and how to decrypt plaintext and how to decrypt ciphertextciphertext
Often use a device called ‘key’ (K)Often use a device called ‘key’ (K) When C=E(K,P), it means E acts as When C=E(K,P), it means E acts as
an encryption algorithm, and K is the an encryption algorithm, and K is the key. C is ciphertext; P is plaintextkey. C is ciphertext; P is plaintext
……continuedcontinued
When P=D(K, E(K,P)), it shows that When P=D(K, E(K,P)), it shows that both encryption and decryption keys both encryption and decryption keys are the sameare the same– This form is called ‘symmetric’ This form is called ‘symmetric’
encryptionencryption When P=D(KWhen P=D(KDD, E(K, E(KEE,P)), it shows that ,P)), it shows that
encryption and decryption keys are encryption and decryption keys are NOT the sameNOT the same– This form is called ‘asymmetric’ This form is called ‘asymmetric’
encryptionencryption
……continuedcontinued
Encryption DecryptionPlaintext Ciphertext OriginalPlaintext
KEY
Encryption DecryptionPlaintext Ciphertext OriginalPlaintext
KKEE KKDD
Encryption Key Decryption Key
SYMMETRIC ENCRYPTION
ASYMMETRIC ENCRYPTION
……continuedcontinued
A key gives flexibility in using an A key gives flexibility in using an encryption schemeencryption scheme
Can create different encryptions by Can create different encryptions by just changing the keyjust changing the key
Provides additional securityProvides additional security Any encryption scheme that does not Any encryption scheme that does not
require a key = keyless cipherrequire a key = keyless cipher
Some interesting terms…Some interesting terms…
Cryptography – hidden writing, Cryptography – hidden writing, practice of using encryption to practice of using encryption to conceal textconceal text
Cryptanalyst – studies encryption Cryptanalyst – studies encryption and encrypted messages, hoping to and encrypted messages, hoping to find hidden messagesfind hidden messages
Cryptographer (& cryptanalyst) Cryptographer (& cryptanalyst) attempt to translate coded material attempt to translate coded material to plaintextto plaintext
……continuedcontinued
Cryptographer works on behalf of a Cryptographer works on behalf of a legitimate sender/receiverlegitimate sender/receiver
Cryptanalyst works on behalf of an Cryptanalyst works on behalf of an unauthorized interceptorunauthorized interceptor
Cryptology – research into and study Cryptology – research into and study of encryption and decryptionof encryption and decryption
Two simples typesTwo simples types
SubstitutionSubstitution– One letter is exchanged for anotherOne letter is exchanged for another– Some call it monoalphabetic cipher or Some call it monoalphabetic cipher or
simple substitutionsimple substitution TranspositionTransposition
– Order of the letters rearrangedOrder of the letters rearranged
Caesar CipherCaesar CipherA B C D E F G H I J K L M N O P Q R S T U V W X Y Z
d e f g h i j k l m n o p q r s t u v w x y z a b c
Plaintext
Ciphertext
• In this example:• Shift of 3• ci = E(pi) = pi + 3
• What would the ciphertext for UNISEL?• Answer: xqlvho
• TREATY IMPOSSIBLE?• Answer: wuhdwb lpsrvvleoh
PermutationPermutation
Almost like Caesar CipherAlmost like Caesar Cipher Uses a word as the keyUses a word as the key E.g. if ‘word’ is the key:E.g. if ‘word’ is the key:
If ‘professional’ as the key:If ‘professional’ as the key:
If the word has several similar alphabets, If the word has several similar alphabets, only ONE of it should be usedonly ONE of it should be used
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
w o r d a b c e f g h i j k l m n p q s t u v x y z
Plaintext
Ciphertext
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
p r o f e s i n a l b c d g h j k m q t u v w x y z
Tmepty adjhqqarce
……continuedcontinued
Encrypt “TREATY IMPOSSIBLE” using Encrypt “TREATY IMPOSSIBLE” using both permutation algorithmsboth permutation algorithms– Answer: Answer: spawsy fjmlqqfola– Answer: tmepty adjhqqarce
……continuedcontinued
Both types of permutation algorithms Both types of permutation algorithms may invoke easy access by may invoke easy access by cryptanalyst, therefore it is more cryptanalyst, therefore it is more desirable to have less regular desirable to have less regular rearrangement of lettersrearrangement of letters
A possibility is to count by three (or A possibility is to count by three (or 5, or 7, or 9) and rearrange in that 5, or 7, or 9) and rearrange in that orderorder
……continuedcontinued
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
a d g j m p s v y b e h k n q t w z c f i l o r u x
In this case, a+3=d, d+3=g, g+3=jIn this case, a+3=d, d+3=g, g+3=j Encrypt “TREATY IMPOSSIBLE”Encrypt “TREATY IMPOSSIBLE”
– Answer: fzmafu yktqccydhm
Vernam CipherVernam Cipher
Involves an arbitrarily long Involves an arbitrarily long nonrepeating sequence of numbers nonrepeating sequence of numbers combined with the plaintextcombined with the plaintext
Equate each alphabet with Equate each alphabet with corresponding number, add to its corresponding number, add to its random 2-digit, find the mod of its random 2-digit, find the mod of its sum with 26 to get the ciphertextsum with 26 to get the ciphertext
……continuedcontinued
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
0 1 2 3 4 5 6 7 8 910
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
V E R N A M C I P H E R
76
48
16
82
44
03
58
11
60
05
48
88
21 4
17
13 0
12 2 8
15 7 4
17
97
52
33
95
44
15
60
19
75
12
52
105
19 0 7
17
18
15 8
19
23
12 0 1
t a h r s p I t x m a b
VigenVigenère Cipher ère Cipher
Uses a table called “Vigenère Tableau”Uses a table called “Vigenère Tableau” Table is a series of alphabets from A to ZTable is a series of alphabets from A to Z
Encryption is done from top to bottom, Encryption is done from top to bottom, following the key which follows the following the key which follows the ‘Permutation’ style key‘Permutation’ style key
a b c d e f g h i j k l m n o p q r s t u v w x y z
A a b c d e f g h i j k l m n o p q r s t u v w x y z
B b c d e f g h i j k l m n o p q r s t u v w x y z a
C c d e f g h i j k l m n o p q r s t u v w x y z a b
X x y z a b c d e f g h i j k l m n o p q r s t u v w
Y y z a b c d e f g h i j k l m n o p q r s t u v w x
Z z a b c d e f g h i j k l m n o p q r s t u v w x y
TranspositionTransposition
Goal is confusionGoal is confusion Encryption in which the letters of the Encryption in which the letters of the
message are rearranged; breaking message are rearranged; breaking established patternsestablished patterns
Columnar TranspositionColumnar Transposition
Rearranging characters of plaintext into Rearranging characters of plaintext into columnscolumns
In a 5-column transposition, plaintext In a 5-column transposition, plaintext characters are written in rows of five and characters are written in rows of five and arranged one row after another:arranged one row after another:
Ciphertext is written from column to Ciphertext is written from column to columncolumn
CC11 CC22 CC33 CC44 CC55
CC66 CC77 CC88 CC99 CC1010
CC1111 CC1212 CC1313 CC1212 CCnnplaintext
cipherte
xt
……continuedcontinued
THISITHISISAMESSAMESSAGETSAGETOSHOWOSHOWHOWACHOWACOLUMNOLUMNARTRAARTRANSPOSNSPOSITIONITIONWORKSWORKS
tssoh oaniw haaso lrsto imghw tssoh oaniw haaso lrsto imghw utpir seeoa mrook istwc nasnsutpir seeoa mrook istwc nasns
PUTAN PUTAN XIFWOXIFWORDSDORDSDONOTFINOTFILLALLLLALLCOLUMCOLUMNSXXXNSXXX
pxrnl cnuid olostpxrnl cnuid olostFstal xawdf luxnoFstal xawdf luxnooilmxoilmx
Public Key EncryptionPublic Key Encryption
Each user has a key that does not Each user has a key that does not have to be kept secrethave to be kept secret
Secret is the decryption technique, Secret is the decryption technique, not the key itselfnot the key itself
Public key cryptosystem accomplish Public key cryptosystem accomplish this goal by using two keys; one to this goal by using two keys; one to encrypt and one to decryptencrypt and one to decrypt
Each user has two keys: a public key Each user has two keys: a public key and a private keyand a private key
……continuedcontinued
P = D(kP = D(kPRIVPRIV, E(k, E(kPUBPUB, P)), P)) Some public key encryption Some public key encryption
algorithms have this relationship: algorithms have this relationship: P=D(kP=D(kPUBPUB, E(k, E(kPRIVPRIV, P)), P))
……continuedcontinued
Let’s say there’s 3 users, B, C and DLet’s say there’s 3 users, B, C and D All three have to send a message to A and All three have to send a message to A and
each othereach other Each distinct pair of users needs a key, Each distinct pair of users needs a key,
each user would need 3 different keys; A each user would need 3 different keys; A would need a key for B, C and D each.would need a key for B, C and D each.
With public key, each B, C and D can use With public key, each B, C and D can use A’ s public key to send the message, but A’ s public key to send the message, but A’s private key remains private, so C A’s private key remains private, so C cannot decrypt message sent by B to Acannot decrypt message sent by B to A
ComparisonComparisonSecret key (Symmetric)Secret key (Symmetric) Public Key (Asymmetric)Public Key (Asymmetric)
Number of KeysNumber of Keys 11 22
Protection of keyProtection of key Must be kept secretMust be kept secret One key must be kept One key must be kept secret, the other can be secret, the other can be freely exposedfreely exposed
Best usesBest uses Cryptographic workhorse; Cryptographic workhorse; secrecy and integrity of secrecy and integrity of data – single characters to data – single characters to blocks of data, messages, blocks of data, messages, filesfiles
Key exchange, Key exchange, authenticationauthentication
Key distributionKey distribution Must be out-of-handMust be out-of-hand Public key can be used to Public key can be used to distribute other keysdistribute other keys
SpeedSpeed FastFast Slow; typically, 10,000 Slow; typically, 10,000 times slower than secret times slower than secret keykey
Rivest-Shamir-Adelman (RSA) Rivest-Shamir-Adelman (RSA) EncryptionEncryption
A public key systemA public key system Introduced in 1978 and remains secure Introduced in 1978 and remains secure
until nowuntil now Combines results from number theory with Combines results from number theory with
degree of difficulty in determining the degree of difficulty in determining the prime factors of a given numberprime factors of a given number
Uses two keys, d & e for decryption and Uses two keys, d & e for decryption and encryption – either private or public key encryption – either private or public key can be used in the encryptioncan be used in the encryption
P=E(D(P))=D(E(P))P=E(D(P))=D(E(P))
……continuedcontinued
C=PC=Pee mod n mod n
P=CP=Cdd mod n mod n
P=CP=Cdd mod n = (P mod n = (Pee
))dd mod n = (P mod n = (Pdd
))ee mod n mod n
Key choice:Key choice:– Consists of pair of integer (e,n) for encryption Consists of pair of integer (e,n) for encryption
and integer (d,n) for decryptionand integer (d,n) for decryption– Start point to find value of nStart point to find value of n
n should be quite large (a product of two prime n should be quite large (a product of two prime numbers p and q)numbers p and q)
p and q are usually 100 digits eachp and q are usually 100 digits each e is relatively prime to (p-1)*(q-1) e is relatively prime to (p-1)*(q-1) e has no factors e has no factors
in common with (p-1)*(q-1) where e>(p-1) and e>(q-in common with (p-1)*(q-1) where e>(p-1) and e>(q-1)1)
……continuedcontinued
e * d = 1 mod (p-1)*(q-1)e * d = 1 mod (p-1)*(q-1) Usually n is made public and d is Usually n is made public and d is
kept secretkept secret