Cryptography, Cryptology, Encryption and types

CSC3121- Information Security Spring 2023 1

Today’s Lecture Cryptography Cryptosystem Time Required For Decryption Strength of the Cryptosystem

Cryptography When data is stored on a computer, it is usually protected by logical and physical access controls When this same sensitive information is sent over a network, it can no longer take these controls for granted, and the information is in a much more vulnerable state 3

I n t r o du c t i o n A very important tool for security is cryptography Cryptography is the (art and) science of keeping information secure This is usually done by encoding it Cryptanalysis is the (art and) science of breaking a code Cryptology is the branch of math needed for cryptography and cryptanalysis

Cryptography Advantages Cryptography can help in providing: Confidentiality: only authorized persons are allowed to decode a message. Authentication: receiver of a message (e.g. a password) should be able to ascertain its origin. Integrity: receiver of a message should be able to verify that it hasn’t been modified. Non-repudiation: a sender shouldn’t be able to falsely deny that they sent a message. We’re talking about messages here, but the principles can be applied to any information.

Basic Terminology Plaintext - the original message Cipher text - the coded message C ipher - algorithm for transforming plaintext to ciphertext key - info used in cipher known only to sender/receiver Encipher (encrypt) - converting plaintext to ciphertext Decipher (decrypt) - recovering ciphertext from plaintext Cryptography - study of encryption principles/methods Cryptanalysis (codebreaking) - the study of principles/ methods of deciphering ciphertext without knowing key Cryptology - the field of both cryptography and cryptanalysis

Basic Definitions The original message is plaintext (sometimes also called cleartext Disguising the content of a message is called encryption This results in ciphertext , the encrypted message Turning ciphertext back into plaintext is called decryption Plaintext Encryption Decryption Plaintext Ciphertext

Basic Definitions (2) Plaintext is denoted by P or M (for message) It’s a stream of bits, intended for transmission or storage, e.g. a textfile a bitmap digitized audio data , digital video data Ciphertext is denoted by C and is also binary data Can be the same size as M Can be larger Can be smaller (if combining encryption with compression)

Basic Definitions (3) The E ncryption function E operates on M to produce C : E ( M ) = C The D ecryption function D operates on C to produce M : D ( C ) = M As the whole point encrypting and then decrypting is to recover the original message, the following has to be true: D ( E ( M )) = M

Without the right key, the captured message is useless to an attacker. Sender Receiver 10

A system or product that provides encryption and decryption is referred to as a cryptosystem and can be created through hardware components or program code in an application The cryptosystem uses an encryption algorithm Most algorithms are complex mathematical formulas that are applied in a specific sequence to the plaintext 11 Basic Definitions (4)

Most encryption methods use a secret value called a key (usually a long string of bits), which works with the algorithm to encrypt and decrypt the text The algorithm , the set of rules also known as the cipher, dictates how enciphering and deciphering takes place Many of the mathematical algorithms used in computer systems today are publicly known and are not the secret part of the encryption process 12 Basic Definitions (5)

If the internal mechanisms of the algorithm are not a secret, then something must be The secret piece of using a well-known encryption algorithm is the key 13

Kerckhoffs ’ Principle Auguste Kerckhoffs published a paper in 1883 stating that the only secrecy involved with a cryptography system should be the key . He claimed that the algorithm should be publicly known. He asserted that if security were based on too many secrets, there would be more vulnerabilities to possibly exploit 14

History of Cryptography As civilizations evolved, human beings got organized in tribes, groups, and kingdoms. This led to the emergence of ideas such as power, battles, supremacy, and politics. These ideas further fueled the natural need of people to communicate secretly with selective recipient which in turn ensured the continuous evolution of cryptography as well. The roots of cryptography are found in Roman and Egyptian civilizations.

History of Cryptography Hieroglyph The first known evidence of cryptography can be traced to the use of ‘hieroglyph’. Some 4000 years ago, the Egyptians used to communicate by messages written in hieroglyph. .

History of Cryptography Caesar Shift Cipher Caesar Shift Cipher, relies on shifting the letters of a message by an agreed number (three was a common choice), the recipient of this message would then shift the letters back by the same number and obtain the original message. The Caesar cipher is named after Julius Caesar , who used it with a shift of three to protect messages of military significance.

History of Cryptography Caesar Shift Cipher -Example Encryption Plaintext: internet society Cipher-text: Lqwhuqhw vrflhwb Note: Number of shifts called Key

History of Cryptography Caesar Shift Cipher -Example Decryption Cipher-text: Lqwhuqhw vrflhwb Plaintext: internet society

History of Cryptography Caesar Shift Cipher -Practice Encryption Plaintext: Computer Science Cipher-text: Key = 5 A B C D E F G H F G H I J K L M

History of Cryptography Caesar Shift Cipher Math behind this: Can be represented using modular arithmetic Assume that : A = 0, B = 1, C = 2, …, Y = 24, Z = 25 Encryption process can be represented as: E( p) = (p + k) mod (26)

History of Cryptography Caesar Shift Cipher Disadvantages: Considerably easy to break. Brute force attack works pretty well, due to relatively small keys (only allows 26 different keys). Also known as mono-alphabetic cipher, which the same plaintext letters are always replaced by the same cipher-text letters.

Vigenère Cipher simplest poly-alphabetic substitution cipher is the Vigenère Cipher effectively multiple caesar ciphers key is multiple letters long K = k1 k2 ... Kd ith letter specifies ith alphabet to use use each alphabet in turn repeat from start after d letters in message decryption simply works in reverse

Vigenère Cipher – Sustitution Table

Vigenère Cipher -Example write the plaintext out write the keyword repeated above it use each key letter as a caesar cipher key encrypt the corresponding plaintext letter: We are discovered save yourself e.g. using keyword deceptive key: DECEPTIVEDECEPTIVEDECEPTIVE plaintext: WEAREDISCOVEREDSAVEYOURSELF ciphertext : ZICVTWQNGRZGVTWAVZHCQYGLMGJ

Vigenère Cipher -Disadvantages ideally want a key as long as the message The primary weakness of the Vigenère cipher is the repeating nature of its key. If a cryptanalyst correctly guesses the length of the key, then the ciphertext can be treated as interwoven Caesar ciphers, which, individually, can be easily broken.

One-time Pad A one-time pad is a perfect encryption scheme because it is considered unbreakable if implemented properly It was invented by Gilbert Vernam in 1917 , so sometimes it is referred to as the Vernam cipher This cipher does not use shift alphabets, as do the Caesar and Vigenere ciphers discussed earlier, but instead uses a pad made up of random values

One-time Pad -Example Plain Text Key (one-time pad) Add ( PT+Key ) Subtract (if num is >=26) Cipher-text C O M P U T E R 2 14 12 15 20 19 4 14 A S D F G H J K 18 3 5 6 7 9 10 2 32 15 20 26 26 13 24 2 6 15 20 13 24 C G P U A A N Y

Advantages of One-Time Pad Easy to compute Encryption and decryption are the same operation As secure as theoretically possible Given a ciphertext , all plaintexts are equally likely, regardless of attacker’s computational resources … if and only if the key sequence is truly random True randomness is expensive to obtain in large quantities … if and only if each key is as long as the plaintext But how do the sender and the receiver communicate the key to each other? Where do they store the key?

Problems with One-Time Pad Key must be as long as the plaintext Impractical in most realistic scenarios Still used for diplomatic and intelligence traffic Does not guarantee integrity One-time pad only guarantees confidentiality Attacker cannot recover plaintext, but can easily change it to something else Insecure if keys are reused

Summary Cryptography Cryptosystem Time Required For Decryption Strength of the Cryptosystem Services of Cryptosystems

Q & A 32

Cryptography, Cryptology, Encryption and types

About This Presentation

Slide Content

Tags

Categories

Download

Quick Actions

Statistics

Related Slideshows

Cryptography, Cryptology, Encryption and types

About This Presentation

Slide Content

Slide 1

Slide 2

Slide 3

Slide 4

Slide 5

Slide 6

Slide 7

Slide 8

Slide 9

Slide 10

Slide 11

Slide 12

Slide 13

Slide 14

Slide 15

Slide 16

Slide 17

Slide 18

Slide 19

Slide 20

Slide 21

Slide 22

Slide 23

Slide 24

Slide 25

Slide 26

Slide 27

Slide 28

Slide 29

Slide 30

Slide 31

Slide 32

Tags

Categories

Download

Quick Actions

Statistics

Related Slideshows

Pray For The Peace Of Jerusalem and You Will Prosper

Don_t_Waste_Your_Life_God.....powerpoint

VILLASUR_FACTORS_TO_CONSIDER_IN_PLATING_SALAD_10-13.pdf

Fertility awareness methods for women in the society

Chapter 5 Arithmetic Functions Computer Organisation and Architecture

syakira bhasa inggris (1) (1).pptx.......