Rachana Y. Patil

1

– Freedom from risk or danger; safety.

- Freedom from doubt, anxiety, or fear;

confidence.

– Something that gives or assures safety, etc…..

2

• Protect vital information while still allowing access to those who need it– Trade secrets, medical records, etc.

• Provide authentication and access control for resources

• Guarantee availability of resources

3

Integrity

Confidentiality

Avalaibility

Secure

4

Alice Bob

Goal: Keep the contents of communication or data on storage secret

Example: Alice and Bob want their communications to be secret from Eve

5

Changes need to be done only by authorized entities and through authorized mechanisms

6

• The information created and stored by an organization needs to be available to authorized entities

7

8

9

In general, two types of attack threaten the confidentiality of information:

Snooping :- refers to unauthorized access to or interception of data.

Traffic analysis :- refers to obtaining some other type of information by monitoring online traffic.

Modification : the attacker intercepts the message and changes it.

Masquerading or spoofing happens when the attacker impersonates somebody else.Replaying : the attacker obtains a copy of  a message sent by a user and later tries to replay it.

Repudiation : the sender of the message might later deny that she has sent the message;

the receiver of the message might later deny that he has received the message.

10

Denial of service (DoS) attacks may slow down or totally interrupt the service of a system.

The attacker can use several strategies to achieve this. They might make the system so busy that it collapses,

or

They might intercept messages sent in one direction and make the sending system believe that one of the parties involved in the communication or message has lost the message and that it should be resent

11

12

Standards have been defined for security services to achieve security goals and prevent security attacks.

13

14

The actual implementation of security goals needs some help from mathematics. Two techniques are prevalent today: one is very general—cryptography—and one is specific—steganography.

Cryptography

Some security services can be implemented using cryptography. Cryptography, a word with Greek origins, means “secret writing”.

SteganographyThe word steganography, with its origin in Greek, means “covered writing”, in contrast to cryptography, which means“secret writing”.

Imagine two people wanting to communicate with each other secretly .

Alice want to send a message to bob that no body else can read

Alice

Bob

Meet meAt

noon

Alice must somehow transform her message called plaintextso that an adversary can not read it 15

BobAlice

EncryptMeet me At noon

Alice uses an encryption algorithm to transform her plaintext Message into cipher text.

Cipher text is a scramble form of her original message that hopefully prevents an adversary from eavesdropping.

16

BobAlice

EncryptMeet me At noon

Key

Phhw ph dw qrrq

In order to encrypt the message, the encryption algorithmTakes as input both the plaintext of the original message, plus a key that tells the algorithm how to “scramble” the plaintext into cipher text

17

BobAlice

EncryptMeet me At noon

Key

Phhw ph dw qrrq

There is just one problem .the message has been encrypted to prevent adversaries from evesdroping,but now bob can’t read the message. what we need is a way to retrieve the original plaintext message from the cipher text

18

Bob Alice

Encrypt

Meet me At noon

Key

Phhw ph dw qrrq Decryp

t

Meet me At noon

Key

Both Alice and Bob use the same algorithm to encrypt and decrypt. They both use a key, that must be kept secrate,to transform their communication.

If any one else discovers the key, their communications would be compromised.

19

• Cryptography – The art or science encompassing the principles and methods of

transforming message an intelligible into one that is unintelligible, and then retransforming that message back to its original form

• Plaintext

– The original intelligible message

• Ciphertext – The transformed message

• Cipher – An algorithm for transforming an intelligible message into one

that is unintelligible by transposition and/or substitution methods

• Key – Some critical information used by the cipher, known only to the

sender & receiver

20

• Encipher (encode) – Process of converting plaintext to ciphertext using a cipher

and a key

• Decipher (decode) – The process of converting ciphertext back into plaintext using

a cipher and a key

• Cryptanalysis (code breaking) – The study of principles and methods of transforming an

unintelligible message back into an intelligible message without knowledge of the key.

• Cryptology – The field encompassing both cryptography and cryptanalysis

21

• Encryption– The mathematical function mapping plaintext to

ciphertext using the specified key:Y = EK(X) or E(K, X)

• Decryption– The mathematical function mapping ciphertext to

plaintext using the specified key:X = DK(Y) or D(K, X) = EK

-1(Y)

22

General idea of symmetric-key cipher

Symmetric Key Cipher

Continued

If P is the plaintext, C is the ciphertext, and K is the key, If P is the plaintext, C is the ciphertext, and K is the key,

We assume that Bob creates PWe assume that Bob creates P11; we prove that P; we prove that P11 = P: = P:

Locking and unlocking with the same key

Continued

Kerckhoff’s Principle

Based on Kerckhoff’s principle, one should always assume that the adversary, Eve, knows the encryption/decryption algorithm. The resistance of the cipher to attack must be based only on the secrecy of the key.

Cryptanalysis

As cryptography is the science and art of creating secret codes, cryptanalysis is the science and art of breaking those codes.

Cryptanalysis attacks

Continued

Ciphertext-only attack

Ciphertext-Only Attack

16.29

Ciphertext-Only Attack

Brute force

Statistical attack

Pattern attack

16.30

16.31

By letter By frequency

Letter Frequency Letter Frequency

a 0.08167 e 0.12702

b 0.01492 t 0.09056

c 0.02782 a 0.08167

d 0.04253 o 0.07507

e 0.12702 i 0.06966

f 0.02228 n 0.06749

g 0.02015 s 0.06327

h 0.06094 h 0.06094

i 0.06966 r 0.05987

j 0.00153 d 0.04253

k 0.00772 l 0.04025

l 0.04025 c 0.02782

m 0.02406 u 0.02758

n 0.06749 m 0.02406

o 0.07507 w 0.02360

p 0.01929 f 0.02228

q 0.00095 g 0.02015

r 0.05987 y 0.01974

s 0.06327 p 0.01929

t 0.09056 b 0.01492

u 0.02758 v 0.00978

v 0.00978 k 0.00772

w 0.02360 j 0.00153

x 0.00150 x 0.00150

y 0.01974 q 0.00095

z 0.00074 z 0.00074

3.32

Continued

Known-plaintext attack

Known-Plaintext Attack

3.33

Continued

Chosen-plaintext attack

Chosen-Plaintext Attack

3.34

Continued

Chosen-ciphertext attack

Chosen-Ciphertext Attack

• Substitution Cipher– Replace one symbol with another

• Transposition Cipher– Reorders Symbols

35

• Mono-alphabetic Substitution– The relationship between symbols in plain text to

a symbols In cipher text is always one to one

• Poly-alphabetic substitution cipher– Each occurrence of a character may have

different substitution

– The relationship between symbols in plain text to a symbols In cipher text is always one to many

36

• Additive Cipher• Multiplicative Cipher• Affine Cipher• Monoaplhabetic Substitution Cipher

37

Bob Alice

C=(P+K) mod

26

PlaintextP

Key k

Cipher text C

P=(C-K) mod 26

PlaintextP

Key K

a b c d e f g h i j k l m n o p q r s t u v w x y z

A B C D E F G H I J K L M N O P Q R S T U V W X Y Z0 1 2 3 4 5 6 7 8 9 1

011

12

13

14

15

16

17

18

19

20

21

22

23

24

25

Encryption Decryption

38

o EXAMPLE

Plaintext = apple Key = 5Ciphertext=?

Plaintext a 00 Encryption(00+05) mod 26 Ciphertext: 05 FPlaintext p 15 Encryption(15+05) mod 26 Ciphertext: 20

UPlaintext p 15 Encryption(15+05) mod 26 Ciphertext: 20

UPlaintext l 11 Encryption(11+05) mod 26 Ciphertext: 15 PPlaintext e 04 Encryption(04+05) mod 26 Ciphertext: 09 J

Ciphertext = FUUPJ 39

o EXAMPLE

Ciphertext = FUUPJKey = 5Plaintext=?

o EXAMPLE

Plaintext = helloKey = 15Ciphertext=?

40

Bob Alice

C=(P*K) mod 26

PlaintextP

Key k

Cipher text C

P=(C*K-

1) mod 26

PlaintextP

Key K

Encryption Decryption

41

Bob

Alice

C=(P*K1) mod

26

PlaintextP

Key k1

T P=(C+K2) mod

26Ciphertext

C

Key K2

Encryption

Decryption

C=(P*K-1) mod 26

P=(C-K2)

mod 26

Key k1

Key K2

PlaintextP

42

o EXAMPLE

plaintext = helloKey pair = (7,2)Ciphertext=?

43

• The shift pattern could be random assignment of characters for each alphabet

EX.

• This would also give 26! possibilities

44

• AutoKey Cipher

• Playfair Cipher

• Vigenere Cipher

45

• In this cipher the key is a stream of subkeys,in which each sub key is use to encrypt the corresponding character in the plaintext

• The first sub key is predetermined value secretly agreed upon by Alice and Bob.

• The second sub key is the value of first plaintext character

P=P1P2p3……. C=C1C2C3…….. K=(K1,P1,P2,…..)

Encryption : Ci = (Pi+Ki) mod 26 Decryption : Pi = (Ci-Ki)mod 26

46

• Best-known multiple-letter substitution cipher

• Digram cipher (digram to digram, i.e., E(pipi+1) = cici+1 through keyword-based 5x5 transformation table)

• Great advance over simple monoalphabetic cipher (26 letters 26x26=676 digrams)

47

• Before encryption ,if two letters in the pair are same, a bogus letter is inserted to separate them

• After inserting a bogus letter if the number of character in the plaintext is odd, one extra bogus character is added at the end of the string

• The cipher uses three rules for encryption

If the two letter in the pair are located in same row of the key, then The corresponding encrypted character for each letter is the next letter to the right in the same row

48

If two letter in the pair are in the same column of the key ,the corresponding encrypted character for each letter is the letter beneathIf two letter in the pair are are not in the same row or column of the key ,the corresponding encrypted character for each letter is the letter that is in it’s own row but in the same column as the other letter.

49

o EXAMPLE

plaintext = helloCipher text=?

Key=

Plaintext : helloAdd bogus character

helxlo

he lx lo

he EC

lx QZ

lo BX

Ciphertext : ECQZBX 50

• The key stream is a repetition of an initial secret key stream of length m.

• Initially the secret key should be agreed by Alice and Bob

P=P1P2p3……. C=C1C2C3……..

K=((K1,K2...,Km),(K1,K2,…,Km),….)

Encryption : Ci = (Pi+Ki) Decryption : Pi = (Ci-Ki)

Vigenere key stream does not depend on the plaintext characters

51

o EXAMPLE

plaintext = she is listeningCipher text=?Key= PASCAL

s h e i s l i s t e n i n g

18 07 04 08 18 11 08 18 19 04 13 08 13 06

P A S C A L P A S C A L P A

15 00 18 02 00 11 15 00 18 02 00 11 15 00

07 07 22 10 18 22 23 18 11 6 13 19 02 06

H H W K S W X S L G N T C G

Plaintext

P’s Value

Key

Key’s value

C’s value

ciphertextCiphertext : HHWKSWXSLGNTCG

52

Vigenere cipher can be seen as combinations of m additive ciphers.

Example

16.53

• Keyless Transposition Cipher

• Keyed Transposition Cipher

• Combination of two

54

Keyless Transposition Ciphers

Simple transposition ciphers, which were used in the past, are keyless.

A good example of a keyless cipher using the first method is the rail fence cipher. The ciphertext is created reading the pattern row by row. For example, to send the message “Meet me at the park” to Bob, Alice writes

Example

She then creates the ciphertext “MEMATEAKETETHPR”.16.55

Rearrange letters in plaintext to produce ciphertext (also called permutation)

Example (Rail-Fence Cipher)

16.56

Transposition Technique

• Rail fence• Example-

• Come home tomorrow– C m h m t m r o– o e o e o o r w

• Cmhmtmrooeoeoorw

57

Figure:   Columnar Transposition.

58

• Ex- come home tomorrow

C O M E H O

M E T O M O

R R O w - -

1 2 3 4 5 6

Order 4,6,1,2,5,3

Eowoo-cmroerhm-mto59

• The keyless ciphers permute the characters by using writing plaintext in one way and reading it in another way

• The permutation is done on the whole plaintext to create the whole ciphertext.

• Another method is to divide the plaintext into groups of predetermined size, called blocks, and then use a key to permute the characters in each block separately.

60

Alice needs to send the message “Enemy attacks tonight” to Bob..

Example

The key used for encryption and decryption is a permutation key, which shows how the character are permuted.

The permutation yields

Example

62

Encryption/decryption keys in transpositional ciphers

ContinuedKeys

In previous Example, a single key was used in two directions for the column exchange: downward for encryption, upward for decryption. It is customary to create two keys.

63

64

The literature divides the symmetric ciphers into two broad The literature divides the symmetric ciphers into two broad categories: stream ciphers and block ciphers. Although the categories: stream ciphers and block ciphers. Although the definitions are normally applied to modern ciphers, this definitions are normally applied to modern ciphers, this categorization also applies to traditional cipherscategorization also applies to traditional ciphers..

1. Stream Ciphers2. Block Ciphers3. Combination

65

Call the plaintext stream P, the ciphertext stream C, and the key stream K.

Stream cipher

66

Additive ciphers can be categorized as stream ciphers in which the key stream is the repeated value of the key. In other words, the key stream is considered as a predetermined as a stream of keys K = (k, k, …, k).

The monoalphabetic substitution ciphers discussed previously are also stream ciphers. However, each value of the key stream in this case is the mapping of the current plaintext character to the corresponding ciphertext character in the mapping table.

Example of stream cipher

67

In a block cipher, a group of plaintext symbols of size m (m > 1) are encrypted together creating a group of ciphertext of the same size. A single key is used to encrypt the whole block even if the key is made of multiple values.

68