lesson 2 - encryption itd2323 lecture by: izwan suhadak ishak assistant lecturer universiti industri...

Lesson 2 - EncryptionLesson 2 - Encryption

ITD2323ITD2323

Lecture by:IZWAN SUHADAK ISHAKAssistant LecturerUniversiti Industri Selangor

Things to learn aboutThings to learn about

Concepts of encryptionConcepts of encryption CryptanalysisCryptanalysis Symmetric encryptionSymmetric encryption Assymmetric encryptionAssymmetric encryption Protocols and certificatesProtocols and certificates Digital signaturesDigital signatures Types of encryption algorithmsTypes of encryption algorithms

CryptographyCryptography

Secret writing – strongest tool to Secret writing – strongest tool to control against many kinds of control against many kinds of security threatssecurity threats

Users of cryptography usually do not Users of cryptography usually do not create their encryption techniques – create their encryption techniques – just use what’s availablejust use what’s available

TerminologyTerminology

Imagine S (sender) sending a message to Imagine S (sender) sending a message to R (recipient) through T (transmission R (recipient) through T (transmission medium)medium)

However there’s an intruder or interceptor However there’s an intruder or interceptor (O) who tries to access the message in any (O) who tries to access the message in any of these:of these:– Block it – affects the availabilityBlock it – affects the availability– Intercept it – affecting the confidentialityIntercept it – affecting the confidentiality– Modify it – affecting the integrityModify it – affecting the integrity– Fabricate it – affecting the integrity as wellFabricate it – affecting the integrity as well

……continuedcontinued

Encryption – the process of encoding a Encryption – the process of encoding a message (scrambling)message (scrambling)

Decryption – the process to reverse, Decryption – the process to reverse, transforming encrypted message back to transforming encrypted message back to original formoriginal form

Encode, decode, encipher, decipher are Encode, decode, encipher, decipher are terms used in lieu of encrypt or decryptterms used in lieu of encrypt or decrypt

Encode could mean translating entire word Encode could mean translating entire word or phrases into something newor phrases into something new

Encipher could mean translating letters or Encipher could mean translating letters or symbols individuallysymbols individually


Cryptosystem – a system for Cryptosystem – a system for encryption and decryptionencryption and decryption

Plaintext, cleartext – original formPlaintext, cleartext – original form Ciphertext – encrypted (scrambled) Ciphertext – encrypted (scrambled)

formform

Encryption DecryptionPlaintext Ciphertext OriginalPlaintext

Encryption AlgorithmsEncryption Algorithms

Set of rules for how to encrypt Set of rules for how to encrypt plaintext and how to decrypt plaintext and how to decrypt ciphertextciphertext

Often use a device called ‘key’ (K)Often use a device called ‘key’ (K) When C=E(K,P), it means E acts as When C=E(K,P), it means E acts as

an encryption algorithm, and K is the an encryption algorithm, and K is the key. C is ciphertext; P is plaintextkey. C is ciphertext; P is plaintext


When P=D(K, E(K,P)), it shows that When P=D(K, E(K,P)), it shows that both encryption and decryption keys both encryption and decryption keys are the sameare the same– This form is called ‘symmetric’ This form is called ‘symmetric’

encryptionencryption When P=D(KWhen P=D(KDD, E(K, E(KEE,P)), it shows that ,P)), it shows that

encryption and decryption keys are encryption and decryption keys are NOT the sameNOT the same– This form is called ‘asymmetric’ This form is called ‘asymmetric’

encryptionencryption



KEY


KKEE KKDD

Encryption Key Decryption Key

SYMMETRIC ENCRYPTION

ASYMMETRIC ENCRYPTION


A key gives flexibility in using an A key gives flexibility in using an encryption schemeencryption scheme

Can create different encryptions by Can create different encryptions by just changing the keyjust changing the key

Provides additional securityProvides additional security Any encryption scheme that does not Any encryption scheme that does not

require a key = keyless cipherrequire a key = keyless cipher

Some interesting terms…Some interesting terms…

Cryptography – hidden writing, Cryptography – hidden writing, practice of using encryption to practice of using encryption to conceal textconceal text

Cryptanalyst – studies encryption Cryptanalyst – studies encryption and encrypted messages, hoping to and encrypted messages, hoping to find hidden messagesfind hidden messages

Cryptographer (& cryptanalyst) Cryptographer (& cryptanalyst) attempt to translate coded material attempt to translate coded material to plaintextto plaintext


Cryptographer works on behalf of a Cryptographer works on behalf of a legitimate sender/receiverlegitimate sender/receiver

Cryptanalyst works on behalf of an Cryptanalyst works on behalf of an unauthorized interceptorunauthorized interceptor

Cryptology – research into and study Cryptology – research into and study of encryption and decryptionof encryption and decryption

Two simples typesTwo simples types

SubstitutionSubstitution– One letter is exchanged for anotherOne letter is exchanged for another– Some call it monoalphabetic cipher or Some call it monoalphabetic cipher or

simple substitutionsimple substitution TranspositionTransposition

– Order of the letters rearrangedOrder of the letters rearranged

Caesar CipherCaesar CipherA B C D E F G H I J K L M N O P Q R S T U V W X Y Z

d e f g h i j k l m n o p q r s t u v w x y z a b c

Plaintext

Ciphertext

• In this example:• Shift of 3• ci = E(pi) = pi + 3

• What would the ciphertext for UNISEL?• Answer: xqlvho

• TREATY IMPOSSIBLE?• Answer: wuhdwb lpsrvvleoh

PermutationPermutation

Almost like Caesar CipherAlmost like Caesar Cipher Uses a word as the keyUses a word as the key E.g. if ‘word’ is the key:E.g. if ‘word’ is the key:

If ‘professional’ as the key:If ‘professional’ as the key:

If the word has several similar alphabets, If the word has several similar alphabets, only ONE of it should be usedonly ONE of it should be used

A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

w o r d a b c e f g h i j k l m n p q s t u v x y z

Plaintext

Ciphertext


p r o f e s i n a l b c d g h j k m q t u v w x y z

Tmepty adjhqqarce


Encrypt “TREATY IMPOSSIBLE” using Encrypt “TREATY IMPOSSIBLE” using both permutation algorithmsboth permutation algorithms– Answer: Answer: spawsy fjmlqqfola– Answer: tmepty adjhqqarce


Both types of permutation algorithms Both types of permutation algorithms may invoke easy access by may invoke easy access by cryptanalyst, therefore it is more cryptanalyst, therefore it is more desirable to have less regular desirable to have less regular rearrangement of lettersrearrangement of letters

A possibility is to count by three (or A possibility is to count by three (or 5, or 7, or 9) and rearrange in that 5, or 7, or 9) and rearrange in that orderorder



a d g j m p s v y b e h k n q t w z c f i l o r u x

In this case, a+3=d, d+3=g, g+3=jIn this case, a+3=d, d+3=g, g+3=j Encrypt “TREATY IMPOSSIBLE”Encrypt “TREATY IMPOSSIBLE”

– Answer: fzmafu yktqccydhm

Vernam CipherVernam Cipher

Involves an arbitrarily long Involves an arbitrarily long nonrepeating sequence of numbers nonrepeating sequence of numbers combined with the plaintextcombined with the plaintext

Equate each alphabet with Equate each alphabet with corresponding number, add to its corresponding number, add to its random 2-digit, find the mod of its random 2-digit, find the mod of its sum with 26 to get the ciphertextsum with 26 to get the ciphertext



0 1 2 3 4 5 6 7 8 910

11

12

13

14

15

16

17

18

19

20

21

22

23

24

25

V E R N A M C I P H E R

76

48

16

82

44

03

58

11

60

05

48

88

21 4

17

13 0

12 2 8

15 7 4

17

97

52

33

95

44

15

60

19

75

12

52

105

19 0 7

17

18

15 8

19

23

12 0 1

t a h r s p I t x m a b

VigenVigenère Cipher ère Cipher

Uses a table called “Vigenère Tableau”Uses a table called “Vigenère Tableau” Table is a series of alphabets from A to ZTable is a series of alphabets from A to Z

Encryption is done from top to bottom, Encryption is done from top to bottom, following the key which follows the following the key which follows the ‘Permutation’ style key‘Permutation’ style key

a b c d e f g h i j k l m n o p q r s t u v w x y z

A a b c d e f g h i j k l m n o p q r s t u v w x y z

B b c d e f g h i j k l m n o p q r s t u v w x y z a

C c d e f g h i j k l m n o p q r s t u v w x y z a b

X x y z a b c d e f g h i j k l m n o p q r s t u v w

Y y z a b c d e f g h i j k l m n o p q r s t u v w x

Z z a b c d e f g h i j k l m n o p q r s t u v w x y

TranspositionTransposition

Goal is confusionGoal is confusion Encryption in which the letters of the Encryption in which the letters of the

message are rearranged; breaking message are rearranged; breaking established patternsestablished patterns

Columnar TranspositionColumnar Transposition

Rearranging characters of plaintext into Rearranging characters of plaintext into columnscolumns

In a 5-column transposition, plaintext In a 5-column transposition, plaintext characters are written in rows of five and characters are written in rows of five and arranged one row after another:arranged one row after another:

Ciphertext is written from column to Ciphertext is written from column to columncolumn

CC11 CC22 CC33 CC44 CC55

CC66 CC77 CC88 CC99 CC1010

CC1111 CC1212 CC1313 CC1212 CCnnplaintext

cipherte

xt


THISITHISISAMESSAMESSAGETSAGETOSHOWOSHOWHOWACHOWACOLUMNOLUMNARTRAARTRANSPOSNSPOSITIONITIONWORKSWORKS

tssoh oaniw haaso lrsto imghw tssoh oaniw haaso lrsto imghw utpir seeoa mrook istwc nasnsutpir seeoa mrook istwc nasns

PUTAN PUTAN XIFWOXIFWORDSDORDSDONOTFINOTFILLALLLLALLCOLUMCOLUMNSXXXNSXXX

pxrnl cnuid olostpxrnl cnuid olostFstal xawdf luxnoFstal xawdf luxnooilmxoilmx

Public Key EncryptionPublic Key Encryption

Each user has a key that does not Each user has a key that does not have to be kept secrethave to be kept secret

Secret is the decryption technique, Secret is the decryption technique, not the key itselfnot the key itself

Public key cryptosystem accomplish Public key cryptosystem accomplish this goal by using two keys; one to this goal by using two keys; one to encrypt and one to decryptencrypt and one to decrypt

Each user has two keys: a public key Each user has two keys: a public key and a private keyand a private key


P = D(kP = D(kPRIVPRIV, E(k, E(kPUBPUB, P)), P)) Some public key encryption Some public key encryption

algorithms have this relationship: algorithms have this relationship: P=D(kP=D(kPUBPUB, E(k, E(kPRIVPRIV, P)), P))


Let’s say there’s 3 users, B, C and DLet’s say there’s 3 users, B, C and D All three have to send a message to A and All three have to send a message to A and

each othereach other Each distinct pair of users needs a key, Each distinct pair of users needs a key,

each user would need 3 different keys; A each user would need 3 different keys; A would need a key for B, C and D each.would need a key for B, C and D each.

With public key, each B, C and D can use With public key, each B, C and D can use A’ s public key to send the message, but A’ s public key to send the message, but A’s private key remains private, so C A’s private key remains private, so C cannot decrypt message sent by B to Acannot decrypt message sent by B to A

ComparisonComparisonSecret key (Symmetric)Secret key (Symmetric) Public Key (Asymmetric)Public Key (Asymmetric)

Number of KeysNumber of Keys 11 22

Protection of keyProtection of key Must be kept secretMust be kept secret One key must be kept One key must be kept secret, the other can be secret, the other can be freely exposedfreely exposed

Best usesBest uses Cryptographic workhorse; Cryptographic workhorse; secrecy and integrity of secrecy and integrity of data – single characters to data – single characters to blocks of data, messages, blocks of data, messages, filesfiles

Key exchange, Key exchange, authenticationauthentication

Key distributionKey distribution Must be out-of-handMust be out-of-hand Public key can be used to Public key can be used to distribute other keysdistribute other keys

SpeedSpeed FastFast Slow; typically, 10,000 Slow; typically, 10,000 times slower than secret times slower than secret keykey

Rivest-Shamir-Adelman (RSA) Rivest-Shamir-Adelman (RSA) EncryptionEncryption

A public key systemA public key system Introduced in 1978 and remains secure Introduced in 1978 and remains secure

until nowuntil now Combines results from number theory with Combines results from number theory with

degree of difficulty in determining the degree of difficulty in determining the prime factors of a given numberprime factors of a given number

Uses two keys, d & e for decryption and Uses two keys, d & e for decryption and encryption – either private or public key encryption – either private or public key can be used in the encryptioncan be used in the encryption

P=E(D(P))=D(E(P))P=E(D(P))=D(E(P))


C=PC=Pee mod n mod n

P=CP=Cdd mod n mod n

P=CP=Cdd mod n = (P mod n = (Pee

))dd mod n = (P mod n = (Pdd

))ee mod n mod n

Key choice:Key choice:– Consists of pair of integer (e,n) for encryption Consists of pair of integer (e,n) for encryption

and integer (d,n) for decryptionand integer (d,n) for decryption– Start point to find value of nStart point to find value of n

n should be quite large (a product of two prime n should be quite large (a product of two prime numbers p and q)numbers p and q)

p and q are usually 100 digits eachp and q are usually 100 digits each e is relatively prime to (p-1)*(q-1) e is relatively prime to (p-1)*(q-1) e has no factors e has no factors

in common with (p-1)*(q-1) where e>(p-1) and e>(q-in common with (p-1)*(q-1) where e>(p-1) and e>(q-1)1)


e * d = 1 mod (p-1)*(q-1)e * d = 1 mod (p-1)*(q-1) Usually n is made public and d is Usually n is made public and d is

kept secretkept secret

lesson 2 - encryption itd2323 lecture by: izwan suhadak ishak assistant lecturer universiti industri...

Documents