Cryptography for Cybersecurity PDF
Document Details
Uploaded by Deleted User
ENSA de Tanger
2024
S. LAZAAR
Tags
Summary
This document contains lecture notes for a Cybersecurity course, covering various cryptographic concepts such as Message Authentication Codes (MAC), asymmetric encryption algorithms like RSA, and the Diffie-Hellman key exchange protocol. The document's content provides crucial information necessary for comprehending fundamental cryptographic principles and their practical applications in cybersecurity.
Full Transcript
03/11/2024 Cryptography for Cybersecurity...
03/11/2024 Cryptography for Cybersecurity Engineering program Cybersecurity – Semester 3 ENSA of Tangier 2024-2025 Prof. Saiida LAZAAR S. LAZAAR 1 1 Message Authentication Codes (MAC) Alice and Bob can also use a Message Authentication Code (MAC) to ensure the integrity and authenticity of their messages. This involves generating a MAC using their shared secret key. Even if Oscar intercepts the message, he won’t be able to modify it without the correct key. S. LAZAAR 2 2 Asymmetric Encryption: Algorithm RSA Rivest Shamir Adleman 1. Key Generation (Public and Private Key) RSA relies on a pair of keys. The steps to generate these keys are as follows: a. Choose Two Large Prime Numbers Select two distinct large prime numbers, p and q. These primes should be chosen randomly and be sufficiently large (e.g., 2048-bit or 4096-bit) to ensure security. b. Compute n (Modulus) Compute the product n = p × q. The number n is part of both the public and private keys and will be used in the encryption and decryption process. It is difficult to factor n back into p and q, which is the basis of RSA's security. c. Compute Euler's Function φ(n) For RSA, this is calculated as: φ(n) = (p - 1) × (q - 1). S. LAZAAR 3 3 1 03/11/2024 d. Choose the Public Exponent e Select a public exponent e such that 1 < e < φ(n) and gcd(e, φ(n)) = 1 meaning e and φ(n) are coprime. A common choice for e is 65537 because it gives a good balance between security and performance. e. Compute the Private Key d Compute the private exponent d, which is the modular multiplicative inverse of e modulo φ(n): d ≡ e^(-1) (mod φ(n)). This means that d satisfies the equation e × d ≡ 1 (mod φ(n)). Public key: (n, e) Private key: (n, d) S. LAZAAR 4 4 Encryption Process To encrypt a message, the sender uses the recipient’s public key (n, e). a. Convert the Message to a Number Convert the plaintext message M (the data to be encrypted) into an integer m such that 0 ≤ m < n. This is typically done using a standard encoding scheme. b. Encrypt the Message The ciphertext c is computed using the formula: c ≡ m^e (mod n) Decryption Process To decrypt the ciphertext, the recipient uses their private key (n, d). The original message m is recovered using the formula: m ≡ c^d (mod n) After obtaining m, it is converted back into the plaintext message M. S. LAZAAR 5 5 Diffie–Hellman protocol The Diffie–Hellman (DH) Algorithm is a key-exchange protocol that enables two parties communicating over public channel to establish a mutual secret without it being transmitted over the Internet. It was one of the first public-key protocols, proposed by Whitfield Diffie and Martin Hellman in 1976. Both parties use the other’s public key and their own private key to compute the shared secret key. S. LAZAAR 6 6 2 03/11/2024 Diffie–Hellman protocol 1. Parameter Generation: Alice and Bob agree on a large prime number p and a primitive root g modulo p. These values do not need to be kept secret and can be shared openly. The choice of p and g is critical. p should be large enough to resist attacks typically at least 2048bits in modern implementations. Reminder: S. LAZAAR 7 7 S. LAZAAR 8 8 S. LAZAAR 9 9 3 03/11/2024 Diffie–Hellman protocol S. LAZAAR 10 10 Security considerations The security of the Diffie-Hellman protocol relies on the computational difficulty of solving the discrete logarithm problem. Key aspects that contribute to its security: Man-in-the-Middle Attack (MitM): One potential vulnerability of the Diffie-Hellman protocol is the man-in- the-middle attack, where an attacker intercepts and Discrete Logarithm Problem (DLP): replaces the public keys exchanged between Alice and Bob. The DLP is considered hard, meaning that for sufficiently large values of p and g, it is To mitigate this, the protocol can be combined with computationally infeasible for an adversary to authentication methods such as digital signatures or determine the private keys from the public public key infrastructure (PKI) to verify the identities of the keys. communicating parties. S. LAZAAR 11 11 Block ciphers According to the National Institute of Standards and Technology (NIST), a block cipher is a cryptographic algorithm that operates on fixed-size groups of bits, called blocks, with an unvarying transformation. It takes a block of plaintext as input and transforms it into a block of ciphertext, using a secret key. The same key is used in the reverse process to convert the ciphertext back into plaintext. Block ciphers can encrypt data in various modes of operation (ECB, CBC, CFB, OFB) to ensure secure transmission of data. 12 S. LAZAAR 12 4 03/11/2024 Modes ECB, CBC, CFB, OFB Concise definitions of the mode operations: Remark: These modes differ in how they process and chain blocks of data during encryption. ECB (Electronic Codebook): Each block is encrypted independently, making it vulnerable to pattern attacks (modéliser). CBC (Cipher Block Chaining): Each block is XORed with the previous ciphertext block before encryption, adding security through chaining. CFB (Cipher Feedback): Converts a block cipher into a self-synchronizing stream cipher, using previous ciphertext to encrypt the next block. OFB (Output Feedback): Turns a block cipher into a stream cipher, feeding (alimenter) the output of the encryption back into the block cipher for the next block. S. LAZAAR 13 13 Block cipher scheme Canonical examples: DES 3DES AES S. LAZAAR 14 14 Block ciphers built by iterations S. LAZAAR 15 15 5 03/11/2024 Feistel cipher In cryptography, a Feistel cipher (also known as Luby–Rackoff block cipher) is a symmetric structure used in the construction of block ciphers named after the German-born physicist and cryptographer Horst Feistel, who did pioneering research while working for IBM. It is also commonly known as a Feistel network. A large number of block ciphers use the scheme. In a Feistel cipher, encryption and decryption are very similar operations, and both consist of iteratively running a function called a "round function" a fixed number of times. S. LAZAAR 16 16 Fiestal Construction S. LAZAAR 17 17 Kerckhoffs' principle Kerckhoffs' principle is a fundamental concept in cryptography. It states that the security of a cryptographic system shouldn't rely on the secrecy of the algorithm. Instead, it should be based on the secrecy of the cryptographic key. A good cryptographic system should remain secure even if the algorithm used is known. S. LAZAAR 18 18 6 03/11/2024 Shannon Principles A cipher must provide confusion and diffusion, that is to say: Confusion: There is no simple algebraic relationship between the plaintext and the ciphertext. In particular, knowing a certain number of plaintext-ciphertext pairs does not allow us to interpolate the cipher function for other messages. Diffusion: Changing a letter of the plaintext must change the entire ciphertext. We cannot break the ciphertext piece by piece. S. LAZAAR 19 19 Data Encryption Standard - DES The Data Encryption Standard (DES) is a symmetric-key block cipher that was once a widely used method for encrypting sensitive data. It was developed in the early 1970s by IBM and adopted by the U.S. National Institute of Standards and Technology (NIST) as a federal standard in 1977. Key features of DES: 1.Block size: DES encrypts data in 64-bit blocks. Each block of plaintext is processed and converted into a 64-bit block of ciphertext. 1.Key size: DES uses a 56-bit key (out of a 64-bit key, with 8 bits used for parity). Remark: The short key length makes DES vulnerable to brute-force attacks today. S. LAZAAR 20 20 DES = 16 round Fiestel Network S. LAZAAR 21 21 7 03/11/2024 Encryption process DES uses a series of 16 rounds of substitutions and permutations Confusion and Diffusion Each round involves: Expansion of the data block Key mixing Substitution using S-boxes Permutation S. LAZAAR 22 22 DES = Fiestel Network S. LAZAAR 23 23 Initial Permutation 58ème bit du bloc de texte de 64 bits se 58 50 42 34 26 18 10 2 retrouve en première position 60 52 44 36 28 20 12 4 62 54 46 38 30 22 14 6 64 56 48 40 32 24 16 8 57 49 41 33 25 17 9 1 59 51 43 35 27 19 11 3 61 53 45 37 29 21 13 5 63 55 47 39 31 23 15 7 S. LAZAAR 24 24 8 03/11/2024 Final Permutation 40 8 48 16 56 24 64 32 39 7 47 15 55 23 63 31 38 6 46 14 54 22 62 30 37 5 45 13 53 21 61 29 36 4 44 12 52 20 60 28 35 3 43 11 51 19 59 27 34 2 42 10 50 18 58 26 33 1 41 9 49 17 57 25 S. LAZAAR 25 25 Phase d’expansion du bloc: Les 32 bits du bloc D0 sont étendus à 48 bits grâce à une table (matrice) appelée table d'expansion (notée E), dans laquelle les 48 bits sont mélangés et 16 d'entre eux sont dupliqués : La matrice résultante de 48 bits est E[D0]. L'algorithme DES procède ensuite à un OU exclusif entre la première clé K1 et E[D0]. Le résultat de ce OU exclusif est une matrice de 48 bits S. LAZAAR 26 26 Expansion from 32 to 48 32 1 2 3 4 5 4 5 6 7 8 9 8 9 10 11 12 13 12 13 14 14 15 16 17 16 17 18 19 20 21 20 21 22 23 24 25 24 25 26 27 28 29 28 29 30 31 32 1 The bit 21 of the output comes from bit 14 of the input S. LAZAAR 27 27 9 03/11/2024 S-box Après l’expansion, on scinde en 8 blocs de 6 bits. Chacun de ces blocs passe par des fonctions de sélection (boîtes de substitution ou S-Box), notées Si. Fonctionnement: Les premiers et derniers bits de chaque détermine (en binaire) la ligne de la fonction de sélection, les autres bits déterminent la colonne. Les 6 premiers bits passent par la boite S1 pour former 4 bits en sorties, les 6 suivants passent par S2, … Les 32 bits en sorties de S subissent une nouvelle permutation; le résultat est additionné (mod 2) à Gi-1 S. LAZAAR 28 28 S. LAZAAR 29 29 Functioning of of the first S-BOX: S1 Suppose we have 6 bits in input: 110101 The first and the last bit 11 indicate the number of the row (3) because 11 in binary is 3 in decimal The four bits 1010 (10 in decimal) indicate the number of the column At the intersection (see table S1), we find 3 corresponding to 0011 (4bits in output) S. LAZAAR 30 30 10 03/11/2024 Table de la fonction S-Box S1 S. LAZAAR 31 31 S. LAZAAR 32 32 Decryption process ** Inversion is basically the same circuit. ** The round functions are applied in the reverse order. S. LAZAAR 33 33 11 03/11/2024 Key schedule Initially, 56 bits of the key are selected from the initial 64 by Permuted Choice 1 (PC-1)—the remaining eight bits are either discarded or used as parity check bits. The 56 bits are then divided into two 28-bit halves; each half is thereafter treated separately. In successive rounds, both halves are rotated left by one or two bits (specified for each round), and then 48 subkey bits are selected by Permuted Choice 2 (PC-2)—24 bits from the left half, and 24 from the right. The rotations mean that a different set of bits is used in each subkey; each bit is used in approximately 14 out of the 16 subkeys. The key schedule for decryption is similar—the subkeys are in reverse order compared to encryption S. LAZAAR 34 34 Triple DES Triple DES (3DES) is actually the DES algorithm applied 3 times to the data. It was designed by Whitfield Diffie, Martin Hellman, and Walt Tuchmann in 1978. The algorithm uses a key size between 128 bits and 192 bits. The block size is 8 bytes (64 bits). TripleDES has been approved by FIPS (Federal Information Processing Standards) and can be used by government organizations. S. LAZAAR 35 35 HASH function Definition: A hash function is a mathematical algorithm that transforms an input into a fixed-size string of bytes. The output is typically a "hash code" or "digest," which is unique to each unique input. Hash functions are widely used in computer science and cryptography for various purposes. Common Hash Functions MD5: Produces a 128-bit hash value; it's fast but not collision-resistant, making it less secure for cryptographic purposes. SHA-1: Produces a 160-bit hash value; has vulnerabilities but still used in some applications. SHA-256: Part of the SHA-2 family, producing a 256-bit hash; widely used in security applications. S. LAZAAR 36 36 12 03/11/2024 Characteristics of hash functions S. LAZAAR 37 37 Properties S. LAZAAR 38 38 Applications Data Integrity: Hash functions can verify that data has not been altered by comparing hash values before and after transmission. Password Storage: Instead of storing passwords directly, systems often store hashed versions, making it harder for attackers to recover the original passwords. Digital Signatures: Hash functions are used in conjunction with encryption to create a unique representation of a message that can be signed and verified. Cryptography: They play a crucial role in various cryptographic protocols and algorithms. S. LAZAAR 39 39 13