cryptography. what is cryptography? kryptos – “hidden” grafo – “write” keeping messages...
Post on 19-Dec-2015
230 views
TRANSCRIPT
Cryptography
What is cryptography?
kryptos – “hidden” grafo – “write”
Keeping messages secretUsually by making the message unintelligible
to anyone that intercepts it
The Problem
Bob Alice
Eve
Private Message
Eavesdropping
The Solution
Bob Alice
Eve
Scrambled Message
Eavesdropping
Encryption Decryption
Private Message Private Message
What do we need?
Bob and Alice want to be able to encrypt/decrypt easily
But no one else should be able to decrypt How do we do this?
Keys!
Using Keys
Plaintext
Ciphertext DecryptionEncryption
Plaintext
Nonsense
The Shift Cipher
We “shift” each letter over by a certain amount
ILYH UHG EDOORRQV
five red balloons
f + 3 = Ii + 3 = Lv + 3 = Y
…
Plaintext
Ciphertext
EncryptionKey = 3
The Shift Cipher cont.
To decrypt, we just subtract the key
five red balloons
I - 3 = fL - 3 = iY - 3 = v
…
Plaintext
DecryptionKey = 3
ILYH UHG EDOORRQV Ciphertext
What’s wrong with the shift cipher?
Not enough keys! If we shift a letter 26 times, we get the
same letter backA shift of 27 is the same as a shift of 1, etc.So we only have 25 keys (1 to 25)
Eve just tries every key until she finds the right one
The Substitution Cipher
Rather than having a fixed shift, change every plaintext letter to an arbitrary ciphertext letter
a G
b X
c N
d S
e D
… …
z Q
Plaintext Ciphertext
The Substitution Cipher cont.
a G
b X
c N
d S
e D
f A
g F
h V
i L
j M
k C
l O
m EALRD HDS XGOOYYBW
five red balloons
f = Ai = Lv = R
…
Plaintext
Ciphertext
Encryption
Key =
n B
o Y
p Z
q P
r H
s W
t I
u J
v R
w U
x K
y T
z Q
The Substitution Cipher cont.
To decrypt we just look up the ciphertext letter in the table and then write down the matching plaintext letter
How many keys do we have now? A key is just a permutation of the letters of the
alphabet There are 26! permutations
403291461126605635584000000
Frequency Analysis
In English (or any language) certain letters are used more often than others
If we look at a ciphertext, certain ciphertext letters are going to appear more often than others
It would be a good guess that the letters that occur most often in the ciphertext are actually the most common English letters
Letter Frequency
This is the letter frequency for English
The most common letter is ‘e’ by a large margin, followed by ‘t’, ‘a’, and ‘o’
‘J’, ‘q’, ‘x’, and ‘z’ hardly occur at all
Frequency Analysis in Practice
Suppose this is our ciphertext dq lqwurgxfwlrq wr frpsxwlqj surylglqj d eurdg vxuyhb
ri wkh glvflsolqh dqg dq lqwurgxfwlrq wr surjudpplqj. vxuyhb wrslfv zloo eh fkrvhq iurp: ruljlqv ri frpsxwhuv, gdwd uhsuhvhqwdwlrq dqg vwrudjh, errohdq dojheud, gljlwdo orjlf jdwhv, frpsxwhu dufklwhfwxuh, dvvhpeohuv dqg frpslohuv, rshudwlqj vbvwhpv, qhwzrunv dqg wkh lqwhuqhw, wkhrulhv ri frpsxwdwlrq, dqg duwlilfldo lqwhooljhqfh.
0
0.02
0.04
0.06
0.08
0.1
0.12
a b c d e f g h i j k l m n o p q r s t u v w x y z
Letter
Rel
ativ
e F
req
uen
cy
Ciphertext distribution English distribution
In our ciphertext we have one letter that occurs more often than any other (h), and 6 that occur a good deal more than any others (d, l, q, r, u, and w)
There is a good chance that h corresponds to e, and d, l, q, r, u, and w correspond to the 6 next most common English letters
Frequency Analysis cont.
If we replace ‘e’ with ‘h’ and the 6 next most common letters with their matches, the ciphertext becomes an intro???tion to ?o?p?tin? pro?i?in? a ?roa? ??r?e? o?
t?e ?i??ip?ine an? an intro???tion to pro?ra??in?. ??r?e? topi?? ?i?? ?e ??o?en ?ro?: ori?in? o? ?o?p?ter?, ?ata repre?entation an? ?tora?e, ?oo?ean a??e?ra, ?i?ita? ?o?i? ?ate?, ?o?p?ter ar??ite?t?re, a??e???er? an? ?o?pi?er?, operatin? ???te??, net?or?? an? t?e internet, t?eorie? o? ?o?p?tation, an? arti?i?ia? inte??i?en?e.
Classical to Modern Cryptography
Classical cryptographyEverything up until around WWIIEncryption/decryption done by hand
Modern cryptographyComputers to encrypt and decryptSame principles, but automation allows
ciphers to become much more complex
The Enigma Machine
German encryption and decryption machine used in WWII
Essentially a complex, automated substitution cipher
How did Enigma work?
Rotors have different wiring connecting input to output
Rotors move after each keypress
The key is the initial position of the three rotors
Breaking the Enigma
Britain set up its cryptanalysis team in Bletchley Park
They consistently broke German codes throughout the war
Provided the intelligence codenamed ULTRA
Important location in the history of computing Alan Turing COLOSSUS
Cryptography in the Computer Age
Working with binary instead of letters
We can do things many, many times Think of an Enigma machine that has 2128 pairs of
symbols on each rotor, and 20 rotors
Other than that, the basic principles are the same as classical cryptography
Modern Ciphers
We design one relatively simple scrambling method (called a round) and repeat it many times Think of each round as a rotor on the Enigma One round may be easy to break, but when you put them all
together it becomes very hard
Almost all ciphers follow one of two structures SPN (Substitution Permutation Network) Feistel Network These describe the basic structure of a round
Modern Ciphers in Practice
Follow SPN/Feistel structure in general, but with added twists for security
There are two important ciphers in the history of modern cryptographyDES (Data Encryption Standard)AES (Advanced Encryption Standard)
DES
U.S. Government recognized the need to have a standardized cipher for secret documents
DES was developed by IBM in 1976
Analysis of DES was the beginning of modern cryptographic research
Controversy Surrounding DES
Development process was hidden from publicSuspicions that the government had put in a
“backdoor”
Government attempted to shut down research in cryptography
Breaking DES
The key length of DES was too short If a key is 56 bits long, that means there are
256 possible keys“DES Cracker” machines were designed to
simply try all possible keys
Breaking DES cont.
DES was further weakened by the discovery of differential cryptanalysis Biham and Shamir in 1990 The most significant advance in cryptanalysis since frequency analysis
Ideally a ciphertext should be completely random, there should be no connection to its matching plaintext Differential analysis exploits the fact that this is never actually the case Uses patterns between plaintext and ciphertext to discover the key
There is evidence that IBM knew about differential cryptanalysis back when they were designing DES in 1976
Developing the AES
With DES effectively broken, a new standard was needed
U.S. Government made it an open application/review process this time, and received many submissions
In 2001, after five years, the Rijndael cipher was selected to become the Advanced Encryption Standard
The Problem of Symmetric Key Cryptography Up until now we’ve been talking about symmetric
key cryptography Alice and Bob are using the same key to
encrypt/decrypt
Problem: How does Bob get the key to Alice when Eve is eavesdropping?
Up until 1976 the only solution was to physically give Alice the key in a secure environment
Public Key Cryptography
Diffie and Hellman published a paper in 1976 providing a solution
We use one key for encryption (the public key), and a different key for decryption (the private key)
Everyone knows Alice’s public key, so they can encrypt messages and send them to her But only Alice has the key to decrypt those messages
No one can figure out Alice’s private key even if they know her public key
Using Public Keys
Plaintext
Ciphertext DecryptionEncryption
Plaintext
Nonsense
Public Key Cryptography in Practice The problem is that public key algorithms are too
slow to encrypt large messages Instead Bob uses a public key algorithm to send Alice
the symmetric key, and then uses a symmetric key algorithm to send the message
The best of both worlds! Security of public key cryptography Speed of symmetric key cryptography
Sending a Message What’s your public key?
Bob picks a symmetric key and encrypts it using Alice’s public key
Alice decrypts the symmetric key using her private key
Bob encrypts his message using the symmetric key
Then sends the key to Alice
Then sends the message to Alice
Alice decrypts the message using the symmetric key
hi
The RSA Public Key Cipher
The most popular public key cipher is RSA, developed in 1977 Named after its creators: Rivest, Shamir, and Adleman
Uses the idea that it is really hard to factor large numbers Create public and private keys using two large prime numbers Then forget about the prime numbers and just tell people their
product Anyone can encrypt using the product, but they can’t decrypt
unless they know the factors If Eve could factor the large number efficiently she could get the
private key, but there is no known way to do this
Are we all secure now?
Unfortunately not, there are still many problems that need to be dealt with How does Bob know that he’s really talking to Alice? How does Alice know that the message she receives
hasn’t been tampered with? How does Alice know the message was sent by Bob?
These are questions addressed by other areas of cryptography
The End