CIS 551

Feb 7, 2005

Cryptography

- It comes from the Greek words Kryptos and graphica which mean ‘secret writing’.

- It has the following properties

o Confidentiality : obscure a message from eaves dropping

o Integrity : no alteration to the message

o Authentication : verify the identity of the source

o Non repudiation : convince a new person that message conveyed is correct

Establish Terminology

- Encryption and decryption should be inverse of each other, under right circumstances.

- Cryptographer: invents cryptosystems and algorithms

- Cryptanalyst: Breaks the cryptosystems

- Cryptology: study of cryptosystems

- Cipher: encrypted text using algorithms

- Code: semantic translation

Kinds of Cryptographic analysis

- The goal is to get the key and algorithm

But normally for computer system the algorithm is known e.g. standardized protocols

- Ciphertext only attack: hardest as no information is available

- Known plain text attack: plain text for some message is known hence comparatively easier to find the key

- Chosen plaintext attack: which plaintext has been encrypted is known

- Algorithm and cipher attack: algorithm and the cipher text is known

Caesar Cipher: Easiest forms of encryption

- Advantage: simple

- Disadvantage: algorithm is itself the key, easier to break

- Example: the key to the algorithm = 3 (Shift the existing character by 3 position, A would be replaced by D, B by E and so on)

Plain text c r y p t o g r a p h y

Caesar Cipher text f u b s w r j u d s k b

Monoalphabetic cipher also known as substitution cipher

- Separation of algorithm and key

- General Monoalphabetic cipher is arbitrary permutation of the alphabets where key is the permutation.

- Example: a b c d e f g h I j k l

- key: z d a n c e w I b f g h

Here the key is “zdancewic” but notice that there are 2 c’s in the key and we don’t use the second key so as to have unique replaced value for c

The characters that follow the key are remaining alphabets that are not included in the key

- Brute force attack can break this cipher but will take many years to crack it

n!
possible combinations are there, hence it would take 26!= 4 x 10_{}^26
possible keys this would take many trillion years even if time required is 1
microsecond per key

- Mono alphabetic cipher is easy to solve using frequency distribution of common letters

- Steps to break: count the occurrences of each letter, match it against the statistics of English, e.g. e is the most frequent letter.

- Order and frequency of single letters: refer the slides

- Longer the cipher text easier is the work of cryptanalyst

- Variance can be calculated to measure the roughness of distribution. The cipher is best when the variance is approximately equal to zero. It is a measure of robustness.

Polyalphabetic substitution

- K different substitution cipher are picked

- This helps smoothing out the frequency distribution.

- Example: Pick 4 substitution ciphers, Encrypt the message by rotating through the k substitutions

- π_{1}(m)=q π_{2}(m)=s …..

π_{1}(e)=c π_{2}(e)=a π_{3}(e)=v
…..

π_{1}(s)=d π_{2}(s)=aeπ_{3}(s)=x π_{4}(s)=o

…….

m e s s a g e

π_{1}(m) π_{2}(e) π_{3}(s) π_{4}(s) π_{1}(a) π_{2}(g) π_{3}(e)

q a x o a u v

Since the same letter is‘s’ is mapped to different ciphertext ‘x’ and ‘o’ the frequency distribution becomes smooth

Perfect Substitution cipher

Choose a string of random bits of the same length as the plain text, XOR them to obtain the cipher text

- Perfect secrecy

- One time pad is the other name for perfect substitution cipher.

- Not practical for computer security

- Problem with perfect substitution cipher

o key is of the same length, hence to safely communicating the key between the two users becomes as critical as the message itself

o need to be able to generate truly random numbers, as the pseudorandom numbers generated are not good for long messages as the probability of guessing that number increases

o cant reuse the key

- Perfect Substitution ciphers are unconditionally secure

Example: Suppose an 8 bit key is intercepted: cipher text. It is known that it is either one of the ASCII character ‘S’ or ‘A’ encrypted with one time pad. But the 8-bit one time pad key is not known. Now if the cryptanalysts try all 256 8-bit(brute force) one time pads there will be one 8 bit key that decrypts the cipher text to ‘S’ and other that decrypts it to ‘A’ and the cryptanalyst still does not know which one is the actual plain text.

- Computationally secure: Given enough power the attacker could crack the cipher but attacker with only bounded resources is extremely unlikely to crack it

Kinds of industrial strength crypto aiming for computational security

- shared key cryptography

- Public key cryptography

- Cryptographic hashes

Shared key cryptography

- Sender and receiver use the same key

- Key must be private

- Often called as block cipher

- E.g. DES, Triple DES, AES

Notations:

- Encryption algorithm

E: key x plaintext -> ciphertext

Notation K {msg} = E (K, msg)

- Decryption

D: key x cipher text - > plaintext

D (K, E (K, msg)) =msg

K -> shared key

k -> private key

Data Encryption Standard (DES)

- The key for DES contains 64 bits of which 56 bits are randomly generated and used in the algorithm; the remaining 8 bits are parity used for error detection. The error detecting bits are set to make the parity of each 8 bit byte of the key odd i.e. there is an odd number of 1’s in each 8-bit byte.

- There are 16 rounds of permutations and substitutions

- At each round the left half and the right half of the bits are exchanged

- The new left half is same as the old right half but the new right half is the old left half XORed with f(Old right half, Permuted choice of key)

This function f expands 32 bit right half to 48 bits, XORs it with 48 bits key and finally there is a substitution table replacing 6 bits of input by 4 bits of output which gives 32 bit output. After another round of permutation we get 32 bits which is the new right half for the next round.

- Decryption process is same as encryption except that the key has to be fed in the reverse order.

- Problems:

o Key length is too short

o Broken under 24hrs by www.distributed.net

o Bit-wise complement of key produces bit-wise complement of the cipher text

o Not all keys are good (like series of 0’s and 1’s)

AES

- uses Rijndael Algorithm