Encryption PDF

Encrypti on Internet Security - A way to Cybersecurity Main Outlines 01 02 What is Internet Encryption Security Introductio n In our digital world, almost all things we do are changing to be in digital form. For example, messaging, shopping, and business. All the world is interconnected using a global network called the Internet Evolution in Communicating Techniques Need for Network Security In case of transmission of senstive data (e.g., payroll records) that is to be protected. Some users who are not authorized to read this data can monitor the transmission and get a copy of the data In an organization, a network manager transmits a message to a computer to update an authorization file to include identities of some new users. Some intruder can intercept the message and alter its content to add or delete entries Intruder accesses some websites using your credentials performing some unwanted operations A message is sent from a customer with instructions for various Threats and Attacks A threat is a potential for violation of security, which exists when ther is a capability, situtaion, or action that could break security and cause harm It is a possible danger that migh exploit a vulnerability An attack is an intelligent act which is a delibrate attempt to violate and get away from Types of Attacks Passive Attacks Active Attacks Attempt to learn or make use Attempt to alter system of information resources or affect their Don’t affect system resources operation Eavesdropping on Types: transmissions Masquerade: one entity Types: pretend to be a different Release of message one contents: E-mail, file Modification of information messages: message is Traffic Analysis: altered or reordered to determine location, produce unauthorized identity of hosts, and effect patterns even if masking Denial of Service (DoS): the content prevents normal use of a 01 What is Internet Security Protection in the global network Internet Security It refers to security designed to protect systems and the activities of users while connected to the internet, web browsers, online banking and shopping, E-mails, chatting applications. To reduce threats facing users It consists of measures to prevent, detect, and recover. Security Services Confidential ity no one should see it other than the sender and Data Common services receiver Integrity no loss in data; to protect system resources what has been sent = what is received Availabilit y The system should understand if it is an attack and deal with it while being open to receive requests for its Security Mechanisms Mechanis Description m Use of mathematical algorithms to transform data Encipherment into a form that is not readily intelligible. Data appended to a data unit that allows a recipient of Digital the data unit to prove the source and integrity of Signature the data unit Authentication A mechanism intended to ensure the identity of an Exchange entity by means of information exchange Insertion of bits into gaps in a data stream to frustrate Traffic Padding traffic analysis attempts 02 Encryption Mask content Some Encipherment Terminologies Plaintext: An original message is known Ciphertext: the coded, not readable message Enciphering (or encryption): is the process of converting from plaintext to ciphertext Deciphering (or decryption): is the process of restoring the plaintext from ciphertext Secret key: is a secret value independent of plaintext used by the algorithm Cryptography: The study of the different schemes and techniques used for secure communication Cryptoanalysis: The art of deciphering a message without any knowledge of enciphering details Cryptology: Cryptography + Cryptoanalysis Cryptography It is the way of transforming intelligible (or ordinary) message into one that is unintelligible (or unreadable), and then retransforming that message back into its original form. In which only authorized parties can decode. It is based on mathematical algorithms in addition to a key which is a secret value used to encrypt and decrypt the message. It is usually a string of characters. It should be a reversible process (that is Deck(Enck(m)) = m holds) Its goal is to prevent intruder from intercepting messages Model of Conventional Cryptosystem Categorization of Cryptography Techniques Type (or Way of Type of operations number) of proceeding used keys plaintext Substitution Symmetric Block Cipher Replacement of Cryptography Process one letters by other Same key used by block of letters or symbols encryption and elements at a decryption algorithms. time; an output Transposition Examples: RC4, DES, AES block for each Changes in letters’ input block positions Asymmetric Cryptography Stream Cipher Different key for Operate input encryption process than elements that for decryption continuously Cryptoanalysis Typically, the goal of the attacker is to identify the key used in encryption rather than recovering the current plaintext Two general approaches to attack a conventional encryption scheme ○ Cryptanalysis It relies on nature of algorithm and might be some knowledge of general characteristics of the plaintext or even some sample plaintext-ciphertext pairs ○ Brute-force attack (or exhaustive search) The attacker tries every possible key on some ciphertext until an intelligible form of plaintext is obtained. That is the plaintext makes sense Types of Cryptanalytic Attacks Type of Attack Known to Cryptanalyst Comment Based on information known to the Ciphertext only Encryption algorithm Most difficult to defend cryptanalyst Ciphertext but the easiest one to happen Known Plaintext Encryption algorithm Aim is to determine PT They are ordered Ciphertext that was encrypted to based on their One or more PT-CT pairs give some other new CT severity Chosen Plaintext Encryption algorithm Inserting a message and (CPA) Ciphertext get its cipher and identify PT chosen by cryptanalyst the patterns to reveal the The first two are with generated CT structure of the key passive in which the Chosen Ciphertext Encryption algorithm The attacker can obtain (CCA) Ciphertext the decryption of any CT attacker receives CT chosen by cryptanalyst some ciphertexts with its decrypted PT Last two are active in which the attacker can ask for encryption or decryption of its Encryption Schemes’ Requirements An encryption scheme can be viewed as consisting of a way for (1) generating keys, (2) obtaining alogrithm for encrypting, and (3) obtaining algorithm for decrypting A scheme can be more secure, but not necessarily a sufficient way, by making the key larger Any algorithm should be: ○ Computationally secure Attacker taking too long time to break the cipher; that is (1) the cost of breaking the cipher exceeds the value of the encrypted information, and (2) the time required by the attacker to break the ciphertext exceeds the of the encrypted information ○ Unconditionally secure It cannot be broken even with infinitely computational power and resources and time; a ciphertext generated by the scheme doesn’t contain enough Symmetric VS Asymmetric Symmetric Asymmetric Known as private key cryptography; Known as public key cryptography. Each cannot be globally shared, only sender and entity has a public and private key receiver know Receiver’s public key is used in encryption Sender’s key is used in both encryption and Receiver’s private key used in and decryption decryption Ciphertext expands in size that it can be a Ciphertext is same size as plaintext double or triple of plaintext sent Ideal for bulk data Ideal for limited size data Strong encryption algorithm needed and Classical Encryption Techniques Substitution Technique A E ○ Letters are replaced by other letters or symbols B Q ○ For example, we use the following substitution C N that is considered the key thus we get the ciphertext ○ Ciphertext for the following message “cab” is … ?? Transposition Plaintext: bag ○ No new letters just changing the position Chiphertext: bga, abg, agb, gba, or gab Examples of classical techniques Substitution Transposition Caesar Cipher Rail Fence Monoalphabetic Cipher Row Column Transposition Playfair Cipher Hill Cipher Polyalphabetic Cipher One-time Pad Caesar Cipher It is a classical substitution technique Algorithm is as follows: A B C D ○ Replace each letter of the alphabet in the plaintext with the letter standing three places further down the alphabet (shift forward) ○ As a mathematical description, assign letters a->z numbers a ? 0->25 ○ C = E(k, p) where k is the key value used, p is the plaintext letter ○ Use [(p + 3) mod 26] to ensure getting third letter after ‘p’ ○ p = D(k, C): decryption is made backward It is a special case of a shift cipher in which key value is 3. In which, a key can get a number in the set {0, …, 25} Advantage ○ Easy to implement Caesar Cipher - Example Encrypt the following message “hello to codezilla” a b c d e f g h i j k l m n o p q r s t u v w x y z 0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 Monoalphabetic Cipher It is a classical substitution technique The idea here is to map each plaintext character to a different ciphertext character in an arbitrary manner (not fixed as in shift ciphers) Algorithm is as follows: ○ Use key sequence that replaces each letter with arbitrary letter that is any permutation of the 26 alphabetic characters ○ A single cipher alphabet mapping is used per message The mapping is one-to-one, the key space thus consists of all permutations of the alphabet, thus the key space is 26! (approx. 2 88) It is easy to break because they reflect the frequency data of the original alphabet An example of a key, Relative Frequency of English Utilizing statistical patterns of Letters the English language to attack a cipher The following is for a unigram; in which it examines single letters. Same applies for most common two-letter words (bigram) and three-letter words (trigram) Cryptoanalysis using known- plain text Usually, cryptographers do not give word length and punctuation Messages were usually sent in blocks Traditionally the blocks consisted of four or five letters. THEMO STFAM OUSOF FICTI ONALD ETECT IVESS HERLO CKHOL MESEN COUNT EREDC … The beginning and ending of words is hidden by the five- letter blocks, when searching for an encrypted the, we must check every three consecutive letters Cryptoanalysis using known- plain text FGWFM FRXNS PTAKN WXYBT WPJIF XFHWD UYTQT LNXYB NYMYM JBFWI JUFWY RJSY FGW GWF WFM FMF MFR FRX RXN XNS NSP SPT PTA TAK AKN KNW NWX WXY XYB YBT BTW TWP WPJ PJI JIF IFX FXF XFH FHW HWD WDU DUY UYT YTQ TQT QTL TLN LNX NXY XYB YBN BNY NYM MYM YMJ MJB JBF BFW FWI WIJ IJU JUF UFW FWY WYR YRJ RJS JSY Polyalphabetic Cipher It is a substitution technique in which the same plaintext letter is mapped to different ciphertext letter Algorithm ○ encrypts each letter with a different alphabet ○ Each plaintext letters in an odd position we encrypt using the first ciphertext alphabet, whilst the plaintext letters in even positions we encrypt using the second alphabet Plaintext: HELLO Ciphertext: SHLJV Solve the problem with the Caesar cipher and the mono- alphabetic cipher was that each plaintext letter always Vigenère Cipher It is a variant of the polyalphabetic substitution cipher It applies multiple shift ciphers in sequence in which a short word is chosen as the secret key The key is now can be easily remembered In this scheme ○ We use certain key value and replace each letter in the plaintext with the help of the corresponding letter in the key ○ Use each key letter as a Caesar cipher key To encrypt a message, a key size that is as long as the message is needed. Vigenère Cipher - Example Question: Encrypt the message “helloy” with keyword bag Answer: a b c d e f g h i j k l m n o p q r s t u v w x y z key: bagbag 0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 Plaintext: helloy Key b a g b a g 1 0 6 1 0 6 Plaintext h e l l o y 7 4 11 11 14 24 Cipher 8 4 17 12 14 4 (k+p) mod 26 Ciphertext i e r m o e Ciphertext: iermoe Question a b c d e f g h i j k l m n o p q r s t u v w x y z 0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 Using the Vigenère cipher, encrypt the word "explanation" using the key leg Vernam Cipher (One-Time Pad) Choose key that results in no statistical relationship between plaintext and ciphertext Algorithm to encrypt ○ We use the plaintext in its binary string representation ○ Performing bitwise XOR of each bit with each bit of the key; Ciphertext = To decrypt a message ○ Since XORing variable with itself result in 0 and XORing a variable with 0, keeps the variable as it is, we use One-Time Pad Strength To explain why not to use same key twice, consider that the attacker (Eve, or E) has chosen-plaintext attack. Assume that A (Alice) always uses the same key to encrypt a message to B (Bob). If E wishes to determine this key, they tries to generate m and asks A to encrypt it. Now, E has ciphertext and plaintext and can easily computes k = We know that if the key is different for every message and the key is as long as the message, then such a system can be shown to be perfectly secure, namely we have the one-time pad. Note , that is for each plaintext-ciphertext pair will be a different key. It is perfectly secret because given a ciphertext, there is no way an attacker can know which plaintext it originated from. However, the one-time pad is not practical in many situations. Block Cipher The previous encryption scheme is referred to as a stream cipher in which encryption is carried out be first generating a stream of random bits (as a key), and then encrypting by XORing this stream with the plaintext. Another example of a stream cipher is the RC4 Block cipher’s main property is to behave like a random permutation In an encryption/decryption scheme in which a block cipher is used, a block of plaintext is treated as a whole Block Cipher Principal Operations The idea is to break the input up into small parts and then feed these parts through different small random functions. The outputs of these random functions are then mixed together, and the process is repeated again for a given number Each application of random functions followed by mixing is called a round of the network Small random functions introduce “confusion” into the construction (that is lack of structure). However, in order to spread the confusion throughout, the results are mixed together, achieving “diffusion” The repeated use of confusion and diffusion ensures that any small changes in the input will be mixed throughout and so Block Cipher Principal Operations (Cont’d) A substitution-permutation network is a direct implementation of the previous paradigm The “substitution” portion refers to small random functions (much like the mono-alphabetic substitution that is random 1-1) “permutation” refers to the mixing of the outputs of the random functions (that is reordering of the output bits) The small substitution functions are called S-boxes The process of defining the specifications on how the S-boxes and mixing permutations should be chosen is referred to as design principles for such construction Block Cipher – Secret Key One possibility is to have the key specify the S-boxes and mixing permutations. Another possibility is to mix the key into the computation in between each round of substitution-permutation. Often by using XOR operation. Focusing on the second approach, the key to the block cipher is referred to as a master key, and subkeys for each round are derived from it; this derivation procedure is known as the key schedule Feistel Structure A way of constructing a block cipher Most symmetric block encryption algorithms are based on the structure of the Feistel block cipher The figure shows the encryption and decryption processes The input to a Feistel network is separated into two halves, L and R Feistel Structure – One Round This figure is a one stage (or round, ) of the Feistel structure Typically, the function F receives a subkey and contains components like S-boxes and mixing permutations; thus, obtaining confusion and diffusion properties of a cipher Function F works on half a block a time This round is repeated many times with the difference being that each round has its scheduled key Feistel Cipher Design Feature The following parameters differ from one cipher to another: Block size: how many bits can be encrypted/decrypted at a time; for example, the block size is 64 for DES and 128 for AES Key size: for each round we use a key for it that is originated from the main key; greater security require greater key size, however an increase in key size would result in slowing the process Number of rounds: we need many rounds to not be easily broken; higher means greater security Subkey generation algorithm: we will not be using a multiple new keys Data Encryption Standard (DES) It is a symmetric block cipher. It is also called Data Encryption Algorithm (DEA) Replaced by AES in 2001 It is a 16-round Feistel network with a block size of 64 bits Key length is 56 bits (originally, it is 64 bits but reserving 8 bits for parity check). Round key (subkey) is 48 bits The use of IP and IP-1 is to slow DES - One Round Simplified DES (S-DES) Not for practical use; just for algorithm illustration It uses key size of 10 bits Block size is 8 bits It has two rounds Its scheme as shown in figure: Key creation is made by permuting it then do shifting process then perform permutation resulting in a narrow down of bits For encryption, we perform IP on plaintext then apply a Simplified DES - Example Let plaintext be the string 0010 1000; Key is 11 0001 1110 ciphertext = IP-1 fK2 SW fK1((((IP(plaintext))))) K1 = P8(Shift(P10(key))); K2 = P8(Shift(Shift(P10(key)))) Step 1 and 2 focus on key creation Step 1. a Bit number 1 2 3 4 5 6 7 8 9 10 Step 1. b Key (K) 1 1 0 0 0 1 1 1 1 0 Step 1. c P10(K) 0 0 1 1 0 0 1 1 1 1 Step 1. d Shift(P10(K)) 0 1 1 0 0 1 1 1 1 0 Step 1. e P8(Shift(P10(K))) 1 1 1 0 1 0 0 1 This is K1 Step 2. a Shift_2(Shift(P10(K))) 1 0 0 0 1 1 1 0 1 1 From d, perform 2 bit shift Step 2. b P8(Shift_2(Shift(P10(K)))) 1 0 1 0 0 1 1 1 This is K2 S-DES – Example – Message Encryption Round 1 plaintext is 0010 1000; Key is 11 0001 1110 Let P = (L, R), fk (L, R) = (L XOR F(R, ciphertext = IP-1 fK2 SW SK), R) Step 3. a Bit number 1 2 3 4 5 6 7 8 fK1((((IP(plaintext))))) S0 box (substitution) is for the Left Step 3. b Plaintext (P) 0 0 1 0 part in which we take B1B4: 11 = K1 = 1110 10011 0 0 0 Step 3. c IP(P) => (L, R) 0 0 1 0 0 0 1 0 (3)10 Step 3. d L, EP(R) 0 0 1 0 0 0 0 1 0 1 0 0 Fk B2B3: 11 = (3)10 Step 3. e L, EP(R) XOR K1 0 0 1 0 1 1 1 1 1 1 0 1 F(L, thus replace with what value in …) row 3 column 3 that is 2 which is Step 3. f L, Sbox(EP(R) XOR K1) 0 0 1 0 1 0 0 0 (10)2 Step 3. g L, P4(Sbox(EP(R) XOR 0 0 1 0 0 0 0 1 This is K1)) K2 Step 3. h L XOR (P4(Sbox(EP(R) 0 0 1 1 0 0 1 0 Output XOR K1))), R of F Step 3. i Swap 0 0 1 0 0 0 1 1 0 1 2 3 0 1 2 3 S-DES – Example – Message Encryption Round 2 plaintext is 0010 1000; Key is 11 0001 1110 Let P = (L, R), fk (L, R) = (L XOR F(R, ciphertext = IP-1 fK2 SW SK), R) Step 4. a Bit number fK1((((IP(plaintext))))) 1 2 3 4 5 6 7 8 S0 box (substitution) is for the Left part in which we take B1B4: 01 = Step 4. b Swap input (L, R) K1 = 1110 0 0 1 1001 0 0 0 1 1 (1)10 Step 4. d L, EP(R) 0 0 1 0 1 0 0 1 0 1 1 0 Fk B2B3: 01 = (1)10 Step 4. e L, EP(R) XOR K2 0 0 1 0 0 0 1 1 0 0 0 1 F(L, …) thus replace with what value in row 3 column 3 that is 2 which is Step 4. f L, Sbox(EP(R) XOR K2) 0 0 1 0 1 0 1 0 (10)2 Step 4. g L, P4(Sbox(EP(R) XOR 0 0 1 0 0 0 1 1 This is K2 K2)) Step 4. h L XOR P4(Sbox(EP(R) 0 0 0 1 0 0 1 1 Output of F XOR K2)), R Step 4. i IP-1 1 0 0 0 1 0 1 0 This is the cipher text 0 1 2 3 0 1 2 3 Discussions Why not secure the encryption/decryption algorithm from attackers ○ “The cipher method must not be required to be secret, and it must be able to fall into the hands of the enemy without inconvenience.” by Kerckhoffs. ○ This helps community investigate and revel any threats in an algorithm that might be not recognized until a cipher is broken in real application ○ Thus, security rely solely on the secrecy of the key Problem with Caeser cipher is that it is fixed; that is encryption is always done the same way. Thus, f it was known by attacker, all messages would be effortlessly decrypted. There is no secret key then For the monoalphabetic cipher, a brute-force attack on the key space for this cipher takes much longer than a lifetime, however, this does not necessarily mean that the cipher is secure Use a random number generator that is designed for cryptographic use, rather than a “general-purpose” random number generator which may be fine for some applications but not cryptographic ones like random() in C language Cryptanalysis of DES DES has 4 weak keys (64-bit) ○ 01010101 01010101 ○ FEFEFEFE FEFEFEFE ○ E0E0E0E0 F1F1F1F1 ○ 1F1F1F1F 0E0E0E0E Using weak keys, the outcome of the Permuted Choice 1 (PC1) in the DES key schedule leads to round keys (K1---K16) being either all zeros, all ones, or alternating zero-one patterns. By using brute force attack: Try all 256 possible keys (including 4 weak and 12 semi-weak keys) DES challenges: a series of brute force attack contests References Thanks ! Presented by: Rowan Omar

Document Details

Tags

Related

Summary

Full Transcript