Introduction
Nandika Kasun
UCSC All rights reserved. No part of this material may be reproduced and sold.
1
kasun@cmb.ac.lk
Introduction
UCSC All rights reserved. No part of this material may be reproduced and sold.
2
kasun@cmb.ac.lk
Learning Outcome:
1. Introduction
Classical Encryption techniques, Cipher Principles ,Block Ciphers,
Stream Ciphers, Cipher Design Principle
2. Symmetric Encryption
Data Encryption Standard, Block Cipher Design Principles and
Modes of Operation, Triple DES, AES Cipher
4. Message Authentication
Message Authentication Codes, Hash Functions, Security of Hash Functions and
MACs , MD5, Secure Hash Algorithm, HMAC, Digital Signatures
UCSC All rights reserved. No part of this material may be reproduced and sold.
4
kasun@cmb.ac.lk
Outline of the Syllabus
5. Key Management
Diffie-Hellman key Exchange, Public Key Infrastructure (PKI), Quantum Cryptography
6. Authentication Protocols
Authentication principles,X.509 Authentication Service, Kerberos,
.NET Passport protocol, Multi-party authentication
UCSC All rights reserved. No part of this material may be reproduced and sold.
7
kasun@cmb.ac.lk
Requirement
Help
UCSC All rights reserved. No part of this material may be reproduced and sold.
8
kasun@cmb.ac.lk
Basic Concept
Cipher Algorithm
Cipher Algorithm
Encrypted Data
UCSC All rights reserved. No part of this material may be reproduced and sold.
9
kasun@cmb.ac.lk
The Caesar Cipher
Ci = E(Pi)= Pi+3
UCSC All rights reserved. No part of this material may be reproduced and sold.
10
kasun@cmb.ac.lk
Monoalphabetic Substitutions
Letter Frequency
ABCDEFGHIJKLMNOPQRSTUVWXYZ
UCSC All rights reserved. No part of this material may be reproduced and sold.
11
kasun@cmb.ac.lk
Polyalalphabetic Substitutions
UCSC All rights reserved. No part of this material may be reproduced and sold.
12
kasun@cmb.ac.lk
The Perfect Substitution Cipher
UCSC All rights reserved. No part of this material may be reproduced and sold.
13
kasun@cmb.ac.lk
The Vernam Cipher
Plain Text :V E R NA M C I P H E R
Numeric Equivalent : 21 4 17 13 0 12 2 8 15 7 4 17
+Random Number : 76 48 16 82 44 3 58 11 60 5 48 88
= Sum : 97 52 33 95 44 15 60 19 75 12 52 105
=Mod 26 : 19 0 7 17 18 15 8 19 23 12 0 1
Cipher text : t a h r s p I t x m a b
R1 = (a * R0+b) mod n
R2 = (a * R1+b) mod n
R3 = (a * R2+b) mod n
UCSC All rights reserved. No part of this material may be reproduced and sold.
16
kasun@cmb.ac.lk
Transpositions (Permutation)
Columnar Transposition
c1 c2 c3 c4 c5
c6 c7 c8 c9 c10
c11 c12 etc.
c1 c2 c3 c4 c5
c6 c7 c8 c9 c10
c11 c12 etc.
UCSC All rights reserved. No part of this material may be reproduced and sold.
17
kasun@cmb.ac.lk
Block vs Stream Ciphers
UCSC All rights reserved. No part of this material may be reproduced and sold.
18
kasun@cmb.ac.lk
Stream Cipher
Key (Optional)
ISSOPMI WEHTUA..
Y
Plain text Cipher text
Cipher
Advantage
Disadvantage
•Low diffusion
•Susceptibility to malicious insertion and modifications
UCSC All rights reserved. No part of this material may be reproduced and sold.
19
kasun@cmb.ac.lk
Block Cipher
XN
OI BA
TP QC
Key (Optional) KD
YR
CN EM
ES MC
Y
Plain text Cipher text
Disadvantage
Cipher
•Slowness of encryption
•Error propagation
Cipher text(FRWSU)
Advantage
Plain text
(AKEDF)
•Diffusion
•Immunity to insertion
UCSC All rights reserved. No part of this material may be reproduced and sold.
20
kasun@cmb.ac.lk
Characteristic of “Good” Cipher
•The set of keys and the encryption algorithm should be free from complexity
UCSC All rights reserved. No part of this material may be reproduced and sold.
21
kasun@cmb.ac.lk
Kerckhoff’s Principle
Reasons:
•Algorithms are difficult to change
•Cannot design an algorithm for every pair of users
•Expert review
•No security through obscurity!
UCSC All rights reserved. No part of this material may be reproduced and sold.
22
kasun@cmb.ac.lk
Confusion and Diffusion
UCSC All rights reserved. No part of this material may be reproduced and sold.
23
kasun@cmb.ac.lk
Confusion
Confusion
The interceptor should not be able to predict
what changing one character in the plaintext
will do to the ciphertext
Plaintext
Ciphertext
UCSC All rights reserved. No part of this material may be reproduced and sold.
24
kasun@cmb.ac.lk
Diffusion
Diffusion
The characteristics of distributing the
information from single plaintext letter over
the entire ciphertext
Plaintext
KASUN
ANHYJ
Ciphertext
UCSC All rights reserved. No part of this material may be reproduced and sold.
25
kasun@cmb.ac.lk
Information Theoretic Tests
Prob(h(C)=P)<z
Meaningless messages P1
C1
P2
Meaningful message P3
P4
P5
UCSC All rights reserved. No part of this material may be reproduced and sold.
27
kasun@cmb.ac.lk
What the Cryptanalyst Has to Work With
•Ciphertext only
•Full or partial plaintext
•Ciphertext of any plain text
•Algorithm of ciphertext
UCSC All rights reserved. No part of this material may be reproduced and sold.
28
kasun@cmb.ac.lk
Types of Cryptanalytic Attacks
Ciphertext only
only knows encryption algorithm and ciphertext, goal is to
identify plaintext
Known plaintext
know encryption algorithm and one or more plaintext &
ciphertext pairs formed with the secret key
Chosen plaintext
know encryption algorithm and can select plaintext and obtain
ciphertext to attack cipher
UCSC All rights reserved. No part of this material may be reproduced and sold.
29
kasun@cmb.ac.lk
Types of Cryptanalytic Attacks
Chosen ciphertext
know encryption algorithm and can select ciphertext and obtain
plaintext to attack cipher
Chosen text
know encryption algorithm and can select either plaintext or
ciphertext to en/decrypt to attack cipher
UCSC All rights reserved. No part of this material may be reproduced and sold.
30
kasun@cmb.ac.lk
Brute Force Search
•Always possible to simply try every key
•Most basic attack, proportional to key size
•Assume either know/recognize plaintext
UCSC All rights reserved. No part of this material may be reproduced and sold.
31
kasun@cmb.ac.lk
Unconditional/Computational Security
Unconditional security
no matter how much computer power is
available, the cipher cannot be broken since the
ciphertext provides insufficient information to
uniquely determine the corresponding plaintext
Computational security
given limited computing resources (e.g. time
needed for calculations is greater than age of
universe), the cipher cannot be broken
UCSC All rights reserved. No part of this material may be reproduced and sold.
32
kasun@cmb.ac.lk
Discussion
UCSC All rights reserved. No part of this material may be reproduced and sold.
33
kasun@cmb.ac.lk