lecture 5.pdf
Document Details
Uploaded by StylishSpessartine
University of Science and Technology
Tags
Related
Full Transcript
1 University of Science and Technology Faculty of Computer Science and Information Technology Department of Information and Communication Technology Lecture (5) Instructor: Mashair Omer 2 Cryptography & Network Security: Cryptography is probably the most important aspect of communications s...
1 University of Science and Technology Faculty of Computer Science and Information Technology Department of Information and Communication Technology Lecture (5) Instructor: Mashair Omer 2 Cryptography & Network Security: Cryptography is probably the most important aspect of communications security and is becoming increasingly important as a basic building block for computer security. The increased use of computer and communications systems by industry has increased the risk of theft of proprietary information. Although these threats may require a variety of countermeasures, encryption is a primary method of protecting valuable electronic information. Two forms of encryption are in common use: conventional, or symmetric, encryption and public-key, or asymmetric, encryption. Basic Terminologies: 3 plaintext - the original message Cipher text - the coded message cipher - algorithm for transforming plaintext to ciphertext key - info used in cipher known only to sender/receiver encipher (encrypt) - converting plaintext to ciphertext decipher (decrypt) - recovering ciphertext from plaintext cryptography - study of encryption principles/methods. is the process of making and using codes to secure the transmission of information. cryptanalysis (code breaking) - the study of principles/ methods of deciphering cipher text without knowing key cryptology - the field of both cryptography and cryptanalysis Steganography: The hiding of messages—for example, within the digital encoding of a picture or graphic 4 Cryptographic systems: Cryptographic systems are characterized along three independent dimensions: 1. The type of operations used for transforming plaintext to ciphertext All encryption algorithms are based on two general principles: * Substitution, in which each element in the plaintext (bit, letter, group of bits or letters) is mapped into another element. * Transposition, in which elements in the plaintext are rearranged. * The fundamental requirement is that no information be lost (that is, that all operations are reversible). Most systems, referred to as product systems, involve multiple stages of substitutions and transpositions. 5 Cont: 2- The number of keys used If both sender and receiver use the same key, the system is referred to as symmetric, single-key, secret-key, or conventional encryption. If the sender and receiver use different keys, the system is referred to as asymmetric, two-key, or public-key encryption. 3- The way in which the plaintext is processed A block cipher processes the input one block of elements at a time, producing an output block for each input block. A stream cipher processes the input elements continuously, producing output one element at a time, as it goes along. 6 Ciphers Symmetric cipher: same key used for encryption and decryption Asymmetric cipher: different keys used for encryption and decryption 7 Symmetric Encryption or conventional / secret-key / single-key sender and recipient share a common key all classical encryption algorithms are symmetric The only type of ciphers prior to the invention of asymmetric-key ciphers in 1970’s Mathematically: Y = EK(X) or Y = E(K, X) X = DK(Y) or X = D(K, Y) X = plaintext Y = cipher text K = secret key E = encryption algorithm D = decryption algorithm Both E and D are known to public 8 Symmetric Cipher Model 9 A symmetric encryption scheme has five ingredients: 1- Plaintext: This is the original intelligible message or data that is fed into the algorithm as input. 2- Encryption algorithm: The encryption algorithm performs various substitutions and transformations on the plaintext. 3- Secret key: The secret key is also input to the encryption algorithm. The key is a value independent of the plaintext and of the algorithm. 4- Cipher text: This is the scrambled message produced as output. It depends on the plaintext and the secret key. 5- Decryption algorithm: This is essentially the encryption algorithm run in reverse. It takes the cipher text and the secret key and produces the original plaintext. 10 The requirements for secure use of conventional encryption: There are two requirements for secure use of conventional encryption: a strong encryption algorithm a secret key known only to sender / receiver C = E K( M ) P = DK(C) assume encryption algorithm is known implies a secure channel to distribute key Two more definitions are worthy of note. 11 An encryption scheme is unconditionally secure if the cipher text generated by the scheme does not contain enough information to determine uniquely the corresponding plaintext. *The cost of breaking the cipher exceeds the value of the encrypted information. *The time required to break the cipher exceeds the useful lifetime of the information. An encryption scheme is said to be computationally secure if either of the foregoing two criteria are met. The rub is that it is very difficult to estimate the amount of effort required to crypt analyze cipher text successfully. 12 general approaches to attacking a conventional encryption scheme: Typically, the objective of attacking an encryption system is to recover the key in use rather than simply to recover the plaintext of a single ciphertext. There are two general approaches to attacking a conventional encryption scheme: 1- Cryptanalysis: Cryptanalytic attacks rely on the nature of the algorithm plus perhaps some knowledge of the general characteristics of the plaintext or even some sample plaintext-ciphertext pairs. This type of attack exploits the characteristics of the algorithm to attempt to deduce a specific plaintext or to deduce the key being used. 13 2- Brute-force attack: The attacker tries every possible key on a piece of cipher text until an intelligible translation into plaintext is obtained. On average, half of all possible keys must be tried to achieve success. If either type of attack succeeds in deducing the key, the effect is catastrophic: All future and past messages encrypted with that key are compromised. 14 Classical Ciphers Plaintext is viewed as a sequence of elements (e.g., bits or characters) Substitution cipher: replacing each element of the plaintext with another element. Transposition (or permutation) cipher: rearranging the order of the elements of the plaintext. Substitution Ciphers 15 A substitution technique is one in which the letters of plaintext are replaced by other letters or by numbers or symbols. If the plaintext is viewed as a sequence of bits, then substitution involves replacing plaintext bit patterns with cipher text bit patterns. 1. Caesar Cipher The earliest known use of a substitution cipher, and the simplest, was by Julius Caesar. The Caesar cipher involves replacing each letter of the alphabet with the letter standing three places further down the alphabet. For example, plain: meet me after the toga party cipher: PHHW PH DIWHU WKH WRJD SDUWB Note that the alphabet is wrapped around, so that the letter following Z is A. Cont: 16 We can define the transformation by listing all possibilities, as follows: plain: a b c d e f g h i j k l m n o p q r s t u v w x y z cipher: D E F G H I J K L M N O P Q R S T U V W X Y Z A B C the algorithm can be expressed as follows. For each plaintext letter p, substitute the cipher text letter C: C = E(3, p) = (p + 3) mod 26 A shift may be of any amount, so that the general Caesar algorithm is C = E(k, p) = (p + k) mod 26 where k takes on a value in the range 1 to 25. The decryption algorithm is simply p = D(k, C) = (C- k) mod 26 17 Cont: Three important characteristics of this problem enabled us to use a brute-force cryptanalysis: 1. The encryption and decryption algorithms are known. 2. There are only 25 keys to try. 3. The language of the plaintext is known and easily recognizable.