Download - Cryptography Basics ( ch 2)
![Page 1: Cryptography Basics ( ch 2)](https://reader036.vdocuments.net/reader036/viewer/2022062310/5681635c550346895dd4243f/html5/thumbnails/1.jpg)
1
Cryptography Basics
IT443 – Network Security AdministrationInstructor: Bo Sheng
![Page 2: Cryptography Basics ( ch 2)](https://reader036.vdocuments.net/reader036/viewer/2022062310/5681635c550346895dd4243f/html5/thumbnails/2.jpg)
2
Outline• Basic concepts in cryptography system• Secret key cryptography• Public key cryptography• Hash functions
![Page 3: Cryptography Basics ( ch 2)](https://reader036.vdocuments.net/reader036/viewer/2022062310/5681635c550346895dd4243f/html5/thumbnails/3.jpg)
3
Encryption/Decryption
• Plaintext: a message in its original form• Ciphertext: a message in the transformed, unrecognized form• Encryption: the process that transforms a plaintext into a ciphertext• Decryption: the process that transforms a ciphertext to the
corresponding plaintext• Key: the value used to control encryption/decryption.
plaintextencryption
ciphertextdecryption
plaintext
key key
![Page 4: Cryptography Basics ( ch 2)](https://reader036.vdocuments.net/reader036/viewer/2022062310/5681635c550346895dd4243f/html5/thumbnails/4.jpg)
4
Cryptanalysis• “code breaking”, “attacking the cipher”
• Difficulty depends on– sophistication of the cipher– amount of information available to the code
breaker
• Any cipher can be broken by exhaustive trials, but rarely practical
![Page 5: Cryptography Basics ( ch 2)](https://reader036.vdocuments.net/reader036/viewer/2022062310/5681635c550346895dd4243f/html5/thumbnails/5.jpg)
5
Caesar Cipher• Replace each letter with the one 3 letters
later in the alphabet– ex.: plaintext CAT ciphertext FDW
A B C D E F G H I J K …
A B C D E F G H I J K …
plaintextalphabet
ciphertextalphabet
Trivial to break
![Page 6: Cryptography Basics ( ch 2)](https://reader036.vdocuments.net/reader036/viewer/2022062310/5681635c550346895dd4243f/html5/thumbnails/6.jpg)
6
Mono-Alphabetic Ciphers• Generalized substitution cipher: an arbitrary (but
fixed) mapping of one letter to another– 26! ( 4.0*1026 288) possibilities
A B C D E F G H I J K …
A B C D E F G H I J K …plaintextalphabet
ciphertextalphabet
![Page 7: Cryptography Basics ( ch 2)](https://reader036.vdocuments.net/reader036/viewer/2022062310/5681635c550346895dd4243f/html5/thumbnails/7.jpg)
7
Attacking Mono-Alphabetic Ciphers• Broken by statistical analysis of letter, word, and phrase
frequencies of the language• Frequency of single letters in English language, taken
from a large corpus of text:
![Page 8: Cryptography Basics ( ch 2)](https://reader036.vdocuments.net/reader036/viewer/2022062310/5681635c550346895dd4243f/html5/thumbnails/8.jpg)
8
Ciphertext Only Attacks• Ex.: attacker can intercept encrypted
communications, nothing else
• Breaking the cipher: analyze patterns in the ciphertext– provides clues about the encryption
method/key
![Page 9: Cryptography Basics ( ch 2)](https://reader036.vdocuments.net/reader036/viewer/2022062310/5681635c550346895dd4243f/html5/thumbnails/9.jpg)
9
Known Plaintext Attacks• Ex.: attacker intercepts encrypted text, but
also has access to some of the corresponding plaintext (definite advantage)
• Makes some codes (e.g., mono-alphabetic ciphers) very easy to break
![Page 10: Cryptography Basics ( ch 2)](https://reader036.vdocuments.net/reader036/viewer/2022062310/5681635c550346895dd4243f/html5/thumbnails/10.jpg)
10
Chosen Plaintext Attacks• Ex.: attacker can choose any plaintext
desired, and intercept the corresponding ciphertext
• Allows targeted code breaking (choose exactly the messages that will reveal the most about the cipher)
![Page 11: Cryptography Basics ( ch 2)](https://reader036.vdocuments.net/reader036/viewer/2022062310/5681635c550346895dd4243f/html5/thumbnails/11.jpg)
11
The “Weakest Link” in Security• Cryptography is rarely the weakest link• Weaker links
– Implementation of cipher– Distribution or protection of keys– … …
![Page 12: Cryptography Basics ( ch 2)](https://reader036.vdocuments.net/reader036/viewer/2022062310/5681635c550346895dd4243f/html5/thumbnails/12.jpg)
12
Secret Keys vs Secret Algorithms• Security by obscurity
– We can achieve better security if we keep the algorithms secret
– Hard to keep secret if used widely– Reverse engineering, social engineering
• Publish the algorithms– Security of the algorithms depends on the secrecy of the
keys– Less unknown vulnerability if all the smart (good) people
in the world are examine the algorithms
![Page 13: Cryptography Basics ( ch 2)](https://reader036.vdocuments.net/reader036/viewer/2022062310/5681635c550346895dd4243f/html5/thumbnails/13.jpg)
13
Outline• Basic concepts in cryptography system• Secret key cryptography• Public key cryptography• Hash functions
![Page 14: Cryptography Basics ( ch 2)](https://reader036.vdocuments.net/reader036/viewer/2022062310/5681635c550346895dd4243f/html5/thumbnails/14.jpg)
14
Secret Key Cryptography
• Same key is used for encryption and decryption• Also known as
– Symmetric cryptography– Conventional cryptography
plaintextencryption
ciphertextdecryption
plaintext
key keySame key
![Page 15: Cryptography Basics ( ch 2)](https://reader036.vdocuments.net/reader036/viewer/2022062310/5681635c550346895dd4243f/html5/thumbnails/15.jpg)
15
Secret Key Cryptography• Stream cipher• Block cipher
– Converts one input plaintext block of fixed size k bits to an output ciphertext block of k bits
– DES, IDEA, AES, …– AES
• Selected from an open competition, organized by NSA• Joan Daemen and Vincent Rijmen (Belgium)• Block size=128 bits, Key Size= 128/192/256 bits
![Page 16: Cryptography Basics ( ch 2)](https://reader036.vdocuments.net/reader036/viewer/2022062310/5681635c550346895dd4243f/html5/thumbnails/16.jpg)
16
Key Size• Keys should be selected from a large potential
set, to prevent brute force attacks• Secret key sizes
– 40 bits were considered adequate in 70’s– 56 bits used by DES were adequate in the 80’s– 128 bits are adequate for now
• If computers increase in power by 40% per year, need roughly 5 more key bits per decade to stay “sufficiently” hard to break
![Page 17: Cryptography Basics ( ch 2)](https://reader036.vdocuments.net/reader036/viewer/2022062310/5681635c550346895dd4243f/html5/thumbnails/17.jpg)
17
Public Key Cryptography
• A public/private key pair is used– Public key can be publicly known– Private key is kept secret by the owner of the key
• Much slower than secret key cryptography• Also known as asymmetric cryptography• Another mode: digital signature
plaintextencryption
ciphertextdecryption
plaintext
Public key Private key
![Page 18: Cryptography Basics ( ch 2)](https://reader036.vdocuments.net/reader036/viewer/2022062310/5681635c550346895dd4243f/html5/thumbnails/18.jpg)
18
Public Key Cryptography
• Digital signature– Only the party with the private key can create a digital signature.– The digital signature is verifiable by anyone who knows the public key.– The signer cannot deny that he/she has done so.
plaintextSign
ciphertextVerify
plaintext
Private key Public key
![Page 19: Cryptography Basics ( ch 2)](https://reader036.vdocuments.net/reader036/viewer/2022062310/5681635c550346895dd4243f/html5/thumbnails/19.jpg)
19
Public Key Cryptography• It must be computationally
– easy to generate a public / private key pair– hard to determine the private key, given the public key
• It must be computationally – easy to encrypt using the public key– easy to decrypt using the private key– hard to recover the plaintext message from just the
ciphertext and the public key
![Page 20: Cryptography Basics ( ch 2)](https://reader036.vdocuments.net/reader036/viewer/2022062310/5681635c550346895dd4243f/html5/thumbnails/20.jpg)
20
Symmetric vs Asymmetric • Symmetric algorithms are much faster
– In the order of a 1000 times faster
• Symmetric algorithms require a shared secret– Impractical if the communicating entities don’t have another
secure channel
• Both algorithms are combined to provide practical and efficient secure communication– E.g., establish a secret session key using asymmetric crypto and
use symmetric crypto for encrypting the traffic
![Page 21: Cryptography Basics ( ch 2)](https://reader036.vdocuments.net/reader036/viewer/2022062310/5681635c550346895dd4243f/html5/thumbnails/21.jpg)
21
Outline• Basic concepts in cryptography system• Secret key cryptography• Public key cryptography• Hash functions
![Page 22: Cryptography Basics ( ch 2)](https://reader036.vdocuments.net/reader036/viewer/2022062310/5681635c550346895dd4243f/html5/thumbnails/22.jpg)
22
Hash Function
• Also known as– Message digest– One-way transformation– One-way function– Hash
• Length of H(m) much shorter than length of m• Usually fixed lengths: 128 or 160 bits
Message of arbitrary length
Hash A fixed-length short message
![Page 23: Cryptography Basics ( ch 2)](https://reader036.vdocuments.net/reader036/viewer/2022062310/5681635c550346895dd4243f/html5/thumbnails/23.jpg)
23
Properties of Hash• Consider a hash function H
– Performance: Easy to compute H(m)
– One-way property: Given H(m) but not m, it’s computationally infeasible to find m
– Weak collision resistance (free): Given H(m), it’s computationally infeasible to find m’ such that H(m’) = H(m).
– Strong collision resistance (free): Computationally infeasible to find m1, m2 such that H(m1) = H(m2)
![Page 24: Cryptography Basics ( ch 2)](https://reader036.vdocuments.net/reader036/viewer/2022062310/5681635c550346895dd4243f/html5/thumbnails/24.jpg)
24
Hash Applications• File / Message integrity
– Check if a downloaded file is corrupted– Detect if a file has been changed by someone
after it was stored– Compute a hash H(F) of file F
– openssl dgst -md5 filename
![Page 25: Cryptography Basics ( ch 2)](https://reader036.vdocuments.net/reader036/viewer/2022062310/5681635c550346895dd4243f/html5/thumbnails/25.jpg)
25
Hash Applications• Password verification
– Password cannot be stored in plaintext– In a hashed format– Linux: /etc/passwd, /etc/shadow
– cat /etc/shadow
![Page 26: Cryptography Basics ( ch 2)](https://reader036.vdocuments.net/reader036/viewer/2022062310/5681635c550346895dd4243f/html5/thumbnails/26.jpg)
26
Hash Applications• User authentication
– Alice wants to authenticate herself to Bob– Assuming they already share a secret key K
Alice Bob
time
“I’m Alice”
RcomputesY=H(R|K)
Yverifies thatY=H(R|K)
![Page 27: Cryptography Basics ( ch 2)](https://reader036.vdocuments.net/reader036/viewer/2022062310/5681635c550346895dd4243f/html5/thumbnails/27.jpg)
27
Modern Hash Functions• MD5 (128 bits)
– Previous versions (i.e., MD2, MD4) have weaknesses.– Broken; collisions published in August 2004– Too weak to be used for serious applications
• SHA (Secure Hash Algorithm)– Weaknesses were found
• SHA-1 (160 bits)– Broken, but not yet cracked – Collisions in 269 hash operations, much less than the brute-force attack
of 280 operations– Results were circulated in February 2005, and published in CRYPTO
’05 in August 2005• SHA-256, SHA-384, …
![Page 28: Cryptography Basics ( ch 2)](https://reader036.vdocuments.net/reader036/viewer/2022062310/5681635c550346895dd4243f/html5/thumbnails/28.jpg)
28
Birthday Attack• What is the smallest group size k such that
– The probability that at least two people in the group have the same birthday is greater than 0.5?
– 23• Implication for hash function H of length m
– With probability at least 0.5– If we hash about 2m/2 random inputs, – Two messages will have the same hash image– m=64, 1ns per hash
• Brute force (264): 1013 seconds over 300 thousand years• Birthday attack (232): 4 seconds
![Page 29: Cryptography Basics ( ch 2)](https://reader036.vdocuments.net/reader036/viewer/2022062310/5681635c550346895dd4243f/html5/thumbnails/29.jpg)
29
Lab 1• Sample codes
– eecs.mit.edu’s IP is 18.62.1.6– Assume their subnetwork use 28-bit prefix
18. 62. 1. 00000110
– Scan 18.62.1.0 ~ 18.62.1.15– dig -x 18.62.1.0 +short– /home/shengbo/it443/scanip.sh– /home/shengbo/it443/scanip.pl
![Page 30: Cryptography Basics ( ch 2)](https://reader036.vdocuments.net/reader036/viewer/2022062310/5681635c550346895dd4243f/html5/thumbnails/30.jpg)
30
Electronic Code Book (ECB)
E E E EKey
128
M1 M2 M3 M4
128 46 + padding
128
Plaintext
C1 C2 C3 C4
128 128 128128
Ciphertext
![Page 31: Cryptography Basics ( ch 2)](https://reader036.vdocuments.net/reader036/viewer/2022062310/5681635c550346895dd4243f/html5/thumbnails/31.jpg)
31
Cipher Block Chaining (CBC)
InitializationVector
E E E EKey
C1 C2 C3 C4
128 128 128128
M1 M2 M3 M4
128 128 46 + padding
128