school of computer science & information technology · pdf fileschool of computer science...
TRANSCRIPT
School of Computer Science & Information Technology
Presentation On
Elementary Cryptography
Presented by:
Anshul Jain (NM)
Sumit Lole (CS)
M.Tech. II sem
Guided by:
Dr. D.S. Bhilare
Agenda } Introduction
} Basic Terminologies
} Techniques of Cryptography } Need of Cryptography } Encryption Algorithm
} Symmetric } Asymmetric
} Uses of Encryption } Digital Signature
} What is Elementary Cryptography? } “Hidden Writing” } Increasingly used to protect Information.
} Goal of Cryptography } Ensure security of communication over insecure medium
} Privacy (secrecy, confidentiality) } Integrity
} Communicate even with possibility of adversaries
Introduction
Basic Terminologies
} Encryption } Encryption is the process of encoding a message so that its
meaning is not obvious
} Decryption } Decryption is the reverse process, transforming an encrypted
message back into its normal, original form
} Cryptosystem } A system for encryption and decryption is called a
cryptosystem.
Cont. } Plaintext
} Plaintext is the contents of an ordinary sequential file readable as textual material
} Ciphertext } Ciphertext is the result of encryption performed on plaintext using
an algorithm, called a cipher.
} Cipher } Cipher is is an algorithm for performing encryption or
decryption.
Cont… } Key –
} key refers to a sequence of symbols or a numerical value used by an algorithm to alter information & making that information secure
} Encryption algorithm } The cryptosystem involves a set of rules for how to encrypt
the plaintext and how to decrypt the ciphertext.
} Cryptanalysis } Cryptanalysis is an attempt to break the ciphertext.
Cont. } Cryptography is the science of secret writing.
} A cipher is a secret method of writing, where by plaintext (cleartext) is transformed into a ciphertext.
} The process of transforming plaintext into ciphertext is called encipherment or encryption.
} The reverse process of transforming ciphertext into plaintext is called decipherment or decryption.
} Encryption and decryption are controlled by cryptographic keys.
} Substitution Technique } Caesar Cipher } Monoalphabetic Cipher } Homophonic Cipher } Polygram substitution cipher } Polyalphabetic Cipher
} Vigenère
} Transposition Technique } Rail Fence Technique. } Vernam Cipher(One -time Pads)
} Randomly generated Pad } Running Key Cipher. } Playfair Cipher. } Hill Cipher.
Techniques of Cryptography
Caesar } One of the simplest examples of a substitution cipher is
the Caesar cipher, which is said to have been used by Julius Caesar to communicate with his army.
} Caesar is considered to be one of the first persons to have ever employed encryption for the sake of securing messages.
} Caesar decided that shifting each letter in the message would be his standard algorithm, and so he informed all of his generals of his decision, and was then able to send them secured messages.
Caesar Cipher
Monoalphabetic Cipher } Start by creating a key that maps each letter of the
alphabet to a (possibly the same) letter of the alphabet. A sample key might be:
} Plaintext letter a b c d e f g h i j k l m n o p q r s t u v w x y z
} Ciphertext letter y n l k x b s h m i w d p j r o q v f e a u g t z c
Homophonic Cipher } The Homophonic Substitution Cipher involves replacing each letter with a
variety of substitutes, the number of potential substitutes being proportional to the frequency of the letter.
} For example, the letter 'a' accounts for roughly 8% of all letters in English, so we assign 8 symbols to represent it. Each time an 'a' appears in the plaintext it is replaced by one of the 8 symbols chosen at random, and so by the end of the encipherment each symbol constitutes roughly 1% of the ciphertext.
} The letter 'b' accounts for 2% of all letters and so we assign 2 symbols to represent it. Each time 'b' appears in the plaintext either of the two symbols can be chosen, so each symbol will also constitute roughly 1% of the ciphertext.
} This process continues throughout the alphabet, until we get to 'z', which is so rare that is has only one substitute. In the example below, the substitutes happen to be 2-digit numbers, there are between 1 and 12 substitutes for each letter, depending on the letter's relative abundance.
Cont… } Stream-based Ciphers
} One at a time, please } Mixes plaintext with key stream } Good for real-time services
} Block Ciphers } Amusement Park Ride } Substitution and transposition
} Confusion } Ciphertext has no clue about Plaintext
} Diffusion } Spreading plain text across rows and columns
} http://www.simonsingh.net/The_Black_Chamber
Need of Encryption
} Confidentiality } Integrity } Authenticity } Nonrepudiation } Access Control
Encryption Algorithm
} Symmetric } Same key for encryption and decryption } Key distribution problem
} Asymmetric } Mathematically related key pairs for encryption and decryption } Public and private keys
} Hybrid } Combines strengths of both methods } Asymmetric distributes symmetric key
} Also known as a session key } Symmetric provides bulk encryption
Symmetric Algorithm
} It is also called as Secret Key Cryptography } Single key used for both encrypt & decrypt } Key must be known to both the parties
Encryption Decryption
Key
Plaintext Ciphertext Original Plaintext
Symmetric Cryptosystem
Asymmetric Algorithm
} Private keys are used for decrypting. } Public keys are used for encrypting
encryption plaintext ciphertext
public key
decryption ciphertext plaintext
private key
Cont… } It is also called as public key cryptography
Encryption Decryption Plaintext Ciphertext
Original Plaintext
Asymmetric Cryptosystem
Decryption Key Kd
Encryption Key Ke
Comparison
Secret Key (Symmetric) Public Key (Asymmetric)
Number of Key 1 2
Protection of Key Must be kept secret One key must be kept secret 7 other can be freely exposed
Best Uses Cryptographic workhorse; secrecy and integrity of data, single characters to blocks of data, messages, files
Key exchange, authentication
Key Distribution Must be out-of-band
Public key can be used to distribute other keys
Speed Fast
Slow; typically, 10,000 times slower than secret key
Symmetric Algorithm
} Data Encryption Standard (DES) } Double DES } Triple DES
} Advance Encryption Standard (AES) } Blowfish } IDEA
Data Encryption Standard } The data encryption algorithm developed
by IBM was based on Lucifer, and it is known as the Data Encryption Standard
} It is also known as Data Encryption Algorithm
} The DES algorithm is a careful and complex combination of two fundamental building blocks of encryption: } Substitution and
} Transposition
} DES uses only standard arithmetic and logical operations on numbers up to 64 bits long
Cont…
} 1st 64 bit plain text is handed over to initial permutation function.
} IP is performed over the plain text. } IP produces two halves of the permuted blocks left
plain text (LPT) & right plain text (RPT). } Now LPT & RPT goes 16 rounds of encryption
process, each with its own key. } Now LPT & RPT are rejoined and FINAL
PERMUTATION (FP) is performed on the combined block.
} The result is 64 bit cipher text.
Advance Encryption Standard } Developed by NIST in January1997 } Algorithm had several restriction:
} unclassified } publicly disclosed } available royalty-free for use worldwide } symmetric block cipher algorithms, for blocks of 128 bits } usable with key sizes of 128, 192, and 256 bits
} It was adopted by US government in December 2001
Cont…
} AES primarily uses: } Substitution } Transposition } Shift } Exclusive OR } Addition
} Each cycle consist of four step } Byte substitution } Shift row } Mix column } Add sub key
Comparison between DES & AES
DES AES
Date 1976 1997
Block Size 64 bits 128 bits
Key Length 56 bits(effective length) 128, 192, 256 ( possibly more) bits
Encryption Primitive Substitution, permutation Substitution, shift, bit mixing
Cryptographic Primitive Open Open
Design Close Open
Selection Process Secret Secret, but accepted open public comment
Asymmetric Algorithm
} Rivest Shamir Adleman (RSA) Encryption } Diffie-Hellman } Elliptic Curve Cryptography (ECC)
RSA
} It is named after its three inventors Rivest Shamir and Adleman
} This algorithm was introduced in 1978 and to date remains secure.
} RSA has been the subject of extensive cryptanalysis, and no serious flaws have yet been found.
} The encryption algorithm is based on the underlying problem of factoring large numbers.
Cont…
} The two keys used in RSA, d and e, are used for decryption and encryption
} Keys are actually interchangeable: Either can be chosen as the public
} Let encryption key e and the decryption key d. } P = E(D(P)) = D(E(P)) } Any plaintext block P is encrypted as Pe mod n. } The decrypting key d is carefully chosen so that (Pe)d mod n = P
Cont… } Choose any two prime numbers p=17 & q=11 } Calculate n = p x q n = 187 } Calculate n’ = (p-1) x (q-1 ) n’ = 160 } Select e as relative prime to n’ and less than n’ e=7 } Calculate d such that d x e = 1 mod n’ d = 23 } Public {7,187} } Private {23,187}
Diffie- Hellman
} It is a cryptographic protocol that allows two parties that have no prior knowledge of each other to jointly establish a shared secret key over an insecure communications channel. This key can then be used to encrypt subsequent communications using a symmetric key cipher.
Cont…
Uses of Encryption } Cryptographic Hash Function } Key Exchange } Digital Signature } Public Key Protocol } Certificate
Cryptographic Hash Function } Cryptography can be used to seal a file, encasing it so that
any change becomes apparent. One technique for providing the seal is to compute a cryptographic function, sometimes called a hash or checksum or message digest of the file.
Digital Signature
A digital signature is a protocol that produces the same effect as a real signature: It is a mark that only the sender can make, but other people can easily recognize as belonging to the sender. Just like a real signature, a digital signature is used to confirm agreement to a message.
Properties of Digital Signature
A digital signature must meet two primary conditions: } It must be unforgeable. If person P signs message M with
signature S(P,M), it is impossible for anyone else to produce the pair [M, S(P,M)].
} It must be authentic. If a person R receives the pair [M, S(P,M)] purportedly from P, R can check that the signature is really from P. Only P could have created this signature, and the signature is firmly attached to M.
} It is not alterable. After being transmitted, M cannot be changed by S, R, or an interceptor.
} It is not reusable. A previous message presented again will be instantly detected by R.
Thank You