Encryption and Security by tae66661

VIEWS: 100 PAGES: 33

									Encryption and Security
                  Outline
• Overview of encryption
  – Terminology
  – History
  – Common issues
• Secret-key encryption
  – Block and stream ciphers
  – DES
  – RC5
                 Overview
• Intro, history and terminology
• Symmetric-key encryption
  – Techniques
  – DES, RC5
• Public-key encryption
  – RSA, hash functions, digital signatures
• Key exchange, certificates, PKI
               Overview
• Types of attacks and countermeasures
• Application layers
  – S-HTTP, SSL
• Steganography and digital watermarking
• Security and trust
              Terminology
• Code
  – Replacement based on words or semantic
    structures


• Cipher
  – Replacement based on symbols
               Terminology
• Cryptography
  – The science of encrypting or hiding secrets.
• Cryptanalysis
  – The science of decrypting messages or breaking
    codes and ciphers.
• Cryptology
  – The combination of the two.
              Terminology
• Plaintext – an unencrypted message
• Cyphertext – an encrypted message
• Security: a combination of
  – Authentication
  – Access control
      Three eras of cryptology
• Pre-WWII
  – Cryptography as a craft
  – Widely used, but few provable techniques
• 1940s-1970
  – Secret key encryption introduced
  – Information theory used to characterize security
• 1970-present
  – Public key systems introduced
            Early cryptography
• Caesar cipher
   – Replace each letter l with l +3 mod 26
   – “Attack at dawn” becomes
   – Dwwdfn dw gdzq
• Two components:
   – Algorithm: Shift characters by a fixed amount
   – Key: the fixed amount.
• Note: Knowing the algorithm (but not the key)
  makes this cipher much easier to crack
   – 26 possibilities vs 26!
Weaknesses of the Caesar Cipher
• Word structure is preserved.
   – Break message into equal-length blocks.
      • dww dfn dwg dzq
• Letter frequency is a big clue
   – e,t,a,o most common English letters.
   – Using a single key preserves frequency.
• Solution: use multiple keys
   – E.g. shift by (3,5,7)
      • “Attack at dawn” becomes dya dhr dyk dbu
      • Better, but frequency information still present.
      • An attacker that knows the block size can separate out
        characters encoded with different keys.
              Caesar Cipher
• The Caesar cipher is still useful as a way to
  prevent people from unintentionally reading
  something.
  – ROT-13
  – By decrypting, the user agrees that they want to
    view the content.
• Fundamental problem: key length is shorter
  than the message.
             Vernam Cipher
• 1920‟s: introduction of the one-time pad.
• Randomly generated key
  – Same length as message
  – XORed with message
• Theoretically unbreakable
  – Attacker can do no better than guessing
  – Ciphertext gives no information about plaintext.
               Vernam Cipher
• Example: winning lottery number is 117
   – 1110101 (7 bits)
   – Randomly generated key: 0110101
   – XOR: 1000000
• No two bits are encoded with the same mapping –
  an attacker has no frequency information to help
  guess the key.
• Problem: keys are very large.
   – How to distribute this key?
   – Shared source of randomness?
    Symmetric Key Encryption
• The Caesar Cipher and the one-time pad are
  examples of symmetric-key (secret-key)
  encryption.
• Single key shared by all users.
• Fast
• How to distribute keys?
                 Keyspace
• The keyspace is the set of all possible keys.
  – Caesar cipher: keyspace = {0,1,2,…,25}
  – Vernam cipher: |keyspace| = 2n –1

• Size of the keyspace helps us estimate
  security.
  – Assumption: exhaustive search is the only way
    to find a key.
             Substitution Ciphers
• Symbols are replaced by other symbols according
  to a key.
   – Caesar cipher is a substitution cipher.
• To escape frequency analysis, we can use a
  homophonic substitution cipher
   –   Map symbols to multiple symbols.
   –   e.g 0 -> {01, 10}, 1->{00,11}
   –   011010010 becomes: 011100101101011110
   –   Advantage: frequencies hidden
   –   Disadvantage: message and key are longer
   –   Substitution is said to add confusion
        • Measure of the relationship between plaintext and ciphertext
        Transposition Ciphers
• A transposition cipher is one that permutes
  the symbols of the message according to a
  preset pattern.
  – “Attack at dawn” becomes “cda tka wan tat”
  – Helps avoid detection of symbols based on
    correspondence.
     • „q‟ followed by „u‟.
  – Said to increase diffusion
     • Reduce redundancies in plaintext.
             Product ciphers
• By themselves, substitution and
  transposition ciphers are relatively insecure.
• By combining these operations, we can
  produce a secure cipher.
  – This is how DES works.
• M -> Sub(M) -> Trans(Sub(M)).
  – Might go through multiple rounds.
             Block Ciphers
• The ciphers we have seen so far are known
  as block ciphers.
• Plaintext is broken into blocks of size k.
• Each block is encrypted separately.
• Advantages: random access, potentially
  high security
• Disadvantages: larger block size needed,
  patterns retained throughout messages.
                 Stream Ciphers
• A stream cipher encodes a symbol based on both
  the key and the encoding of previous symbols.
   – Ci = Mi XOR Ki XOR Mi-1
• Advantages:
   – can work on smaller block sizes – little
     memory/processing/buffering needed.
• Disadvantages:
   – Random access difficult, hard to use large keys.
   – Sender and receiver must be synchronized
      • Inserted bits can lead to errors.
                   Combinations
 • Many ciphers combine stream and block
   properties.
     – Work on multiple symbols, but contain a
       feedback loop.
 • Electronic Code Book (ECB)
     – Pure block cipher, no feedback

plaintext     E        ciphertext       E-1      plaintext

             key                        key
            Cipher-block Chaining
• XOR previous block
  – Chaining dependency – order matters.
  – Some error propagation

plaintext      XOR

                                       plaintext
    key         E            key


             ciphertext       E-1          XOR
       Cipher-Block Chaining
• Also incorporated into block ciphers.
• Makes tampering easier to detect.
  – Helps prevent substitution and impersonation
    attacks.
• Secret key can also be used to construct a
  running-key generator.
  – Longer sequence of pseudo-random numbers.
  – Can be used to build a one-time pad.
        Modifications to CBC
• Cipher feedback
  – Shift register is used to store data.
  – r-bit are shifted into mask of size m.
  – Allows a small number of bits to be
    immediately sent.
• Output feedback
  – Like cipher feedback, but uses output of
    encryption function.
  – Eliminates error propagation.
                     DES
• Data Encryption Standard
  – DEA is actually the algorithm.
• First commercial-grade algorithm with open
  implementation details.
• Uses a 64-bit key with 8 parity bits, for an
  effective key of 56 bits.
  – Keyspace = 256 = 1017
                      DES
• Is a combination of a product cipher and a
  Feistel cipher.
  – Product cipher: transposition and substitution.
  – Feistel cipher: Iterates through a number of
    rounds of a product cipher mapping (L,R) to
    (R‟, L‟)
• 16 rounds
• Block size=48
  – In each round, a different 48-bit subkey is
    selected from the 56-bit key.
            Security of DES
• Keyspace is approximately 1017
• Thought to be secure in 70‟s.
• Recently, 56-bit DES broken in under 1
  day.
  – Combination of distributed.net & EFF‟s
    DeepCrack.
• Able to search several billion keys per
  second.
          Extensions to DES
• 3DES
  – Message is run through DES 3 times
  – C = k3 (k2 (k1(M)))
  – Backwards-compatible with DES if all three
    keys are the same.
  – Keyspace is 1042
  – Drawback: bit-oriented operations are slow to
    implement in software
                   RC5
• Symmetric encryption algorithm
• Word-oriented block cipher.
• Can vary word length, number of rounds,
  and key length.
• Goals: fast, easy to understand and
  implement, flexible, low memory
  requirements, secure.
• Uses stream techniques to modify data
                      RC5
• Uses three mathematical operations:
  – Two‟s complement addition
  – XOR
  – Left cyclic rotation by variable amounts.
• These are all fast operations that are directly
  supported by most modern processors.
                   RC5 Algorithm
• Parameters: K (key), w (word length), r (number of
  rounds)
• Input: a 2w length plaintext in registers A and B.
• Output: a 2w length ciphertext.
• 1. Expand K into a table S[2(r+1)] keys.
• To encrypt:
   – A =A + S[0]; B = B + S[1]
   – For i = 1 to r do
      • A = ((A xor B) << B) + S[2 * i]
      • B = ((B xor A) << A) + S[2*i + 1]
• Decryption is the same thing in reverse.
                           RC5
• Simple algorithm – key is the data-dependent
  rotations.
• Keys are accessed sequentially, allowing for small
  caches.
• Security still unclear, but looks good.
   – 56-bit key: 250 days by distributed.net
   – 64-bit key: 1747 days by distributed.net
      • 1.02x10^11 keys/sec, 1.5 x10^19 keyspace
   – 72-bit key in progress.
      • 4.8x10^10 keys/sec, 4x10^21 keyspace
      • 100% in 788,747 days = 2160 years
                     Summary
• Secret-key algorithms (DES, RC5) have been
  widely studied.
   – Fast
   – Potentially highly secure
   – Well-understood.
   – Excellent for repeated communication.
   – Hard to use in open environments, one-shot
     communications
   – Works for hiding secrets; what about signing things?
• Public-key encryption evolved as an answer to this
  problem.

								
To top