# Network Security CHAPTER 3

Document Sample

```					Network Security

CHAPTER 3

INTRODUCTION TO
CRYPTOGRAPHY
Objectives

   Know what is cryptography means
   Understand how cryptography works
   Able to know terminology that used in
Cryptography
   Able to identify several algorithm that used in
cryptography
TOC
•   What is Cryptography
•   Plain Text and Cipher Text
•   Substitution Techniques
•   Transposition Techniques
   Encryption and Decryption
   Symmetric and Asymmetric Key Cryptography
   Steganography
   Possible Type of Attacks
What is Cryptography
   Comes from Greek word – art of secret
writing
   Service provided:
 Send  information between participants - prevents
 Integrity checking
 Authentication

   An encryption scheme has five ingredients:
What is Cryptography… Cont…

   Cryptographic system tend to involve
 Algorithm
 Secret   value – key
   Why use key?
 Difficult
to keep devising new algorithm
 Perfect key – doesn’t matter if anyone know the
algorithm.
   Concept of key – analogous to the
combination for a combination lock
   Not easy to break without knowing the
combination.
Definition
   Cryptography is the art of achieving
security by encoding messages to make
Plain Text and Cipher Text
   Plain text / clear text – word that can be
understand by the sender, the recipient, and
also by anyone
 Eg:
   I Love You
   Cipher text – plain text message is codified
using any suitable scheme
 Eg:                                       Fig. 3.1

Fig. 3.2
Plain Text and Cipher Text… Cont

2 primary ways – plain text codified into cipher
text
   Substitution
   Transposition
 When      2 approaches used together – product
cipher

Fig. 3.3
Substitution Techniques
   Caesar Cipher
 Scheme    illustrated in fig. 3.1 – proposed
by Julius Caesar – Caesar Cipher
 Substitution Cipher Techniques – char
plain text are replaced by other char,
number or symbols
 Caesar cipher is a very weak scheme –
reverse the Caesar Cipher process
Substitution Techniques … Caesar Cipher… Cont..

 Fig.3.3 show summarized of simple
algorithm to break Caesar Cipher

Fig. 3.4

Algorithm to break Caesar cipher

Fig. 3.5
Example of Breaking Caesar Cipher
Substitution Techniques.. Modified Caesar Cipher

   Modified Version of Caesar Cipher
 Good in theory but not in practice
 How to make an attacker’s life difficult
   All alphabet in plain text can be place with any
valid alphabet
   All the replacement alphabet is constant –
once the a alphabet replace to alphabet in
plain text – cannot used to another.
   Cannot replace with itself – (A with A)
   There 25 possibilities of replacement
   Fig. 3.6 : algorithm to break this version of
Caesar cipher
Substitution Techniques.. Modified Caesar Cipher…
Cont

Fig. 3.6

 Use  cipher text message produced by the
modified Caesar Cipher and break use above
algorithm. Table 3.1 show the result.
Substitution Techniques.. Modified Caesar Cipher…
Cont

Table: 3.1
Substitution Techniques.. Modified Caesar Cipher…
Cont

   Few term used in cryptography
 Brute-force attack – attack on cipher text –
use all possible permutations and
combinations
 Cryptanalyst – person who attempts to
break a cipher text – process as
cryptanalysis
Substitution Techniques.. Mono-alphabetic

   Mono-alphabetic cipher
 Major  weakness of the Caesar Cipher –
predictability
 Mono-alphabetic cipher – use random substitution
( A can replace with B through Z) and so on
 Mathematically – permutation or combination of
the 26 alphabet (26x25x24x23x…2) or 4 x 1026 –
hard to crack
 But it useless, if the cipher text – short.
Substitution Techniques.. Homophonic

   Homophonic Substitution Cipher
 Similar  to Mono-alphabetic Cipher.
 But, in HSC, one plain text alphabet can
map more than one cipher text alphabet
 Eg: A can replaced by D, H, P, R and B by
E, I, Q, S
Substitution Techniques.. Polygram

   Polygram Substitution Cipher
 Replace  a block plain text with a block of
cipher text
 For instant HELLO can be replaced by
YUQQW

Fig. 3.7
Substitution Techniques.. Polyalphabetic

   Polyalphabetic Substitution Cipher
 Use  multiple one-character keys – each
encrypts one plain text.
 After all key are used – recycle
 All key (identified) used – period of cipher.
Transposition
Techniques
   Not like substitution techniques – not simply to
replace one alphabet with another
   perform some permutation over the plain text
alphabets
   There are several techniques in Transposition:
   Rail Fence Technique
   Simple Columnar Transposition Technique
   Vernam Cipher
   Book Cipher / Running Key Cipher
Transposition Techniques… Rail Fence Technique

   Rail Fence Technique
 Uses  simple algorithm as shown in fig 3.8
 Involve writing plain text as sequence of diagonals
and reading it row-by-row to produce cipher text

Fig. 3.8
Transposition Techniques… Rail Fence Technique…
Cont

 Eg: Come home tomorrow : How to transform to
cipher text?

Fig. 3.9

– RFT quite simple to cryptanalyst to break into.
Transposition Techniques… Simple Columnar
Transposition Technique

   Simple Columnar Transposition
technique
 Simplyarrange the plain text as a
sequence of rows of a rectangle – read in
columns randomly
 Can be look as 2 techniques
   Basic Technique
   Simple Columnar Transposition Technique with
Multiple Rounds
Transposition Techniques… Simple Columnar
Transposition Technique… Cont

   Basic Techniques
 The   algorithm shown in fig. 3.10

Fig. 3.10

– Eg: Come home tomorrow : How to transform to
cipher text? This is illustrated in fig. 3.11
Transposition Techniques… Simple Columnar
Transposition Technique… Cont

Fig. 3.11
Transposition Techniques… Simple Columnar
Transposition Technique… Cont

• Simple Columnar Transposition Technique
with Multiple Rounds
• To introduce more complexity of SCTT
• Extend one step from SCTT basic. This shown in
fig. 3.12
• Cipher text – much more complex to crack

Fig. 3.12
Transposition Techniques… Simple Columnar
Transposition Technique… Cont

   Multiple round – by result from SCTT basic .
Explanation in fig. 3.13

Fig. 3.13
Transposition Techniques… Vernam Cipher

   Vernam Cipher
   Also called One-Time-Pad – implement using a random set
of non-repeating characters as the input cipher text
   Once use never use again
   The length of the input cipher text = plain text
   Algorithm described in Fig. 3.14

Fig. 3.14
Transposition Techniques… Vernam Cipher… Cont

 Apply the Vernam Cipher algorithm to plain
text message HOW ARE YOU using one time-
 The steps shown in fig. 3.15
used) and suitable for small plain text
message but not practical for large.
 Implemented at AT&T – help of a device –
Vernam Machine

Cik Noorhuzaimi @ Karimah bt Mohd Noor
Transposition Techniques… Vernam Cipher… Cont

Fig. 3.15
Transposition Techniques… Book Cipher

• Book Cipher
• Also called as Running Key Cipher
• Similar in principle of Vernam Cipher
• Use portion of text from a book – serve of one-
• Each character used - cannot same with others
• Those characters added to the input plain text –
Encryption and
Decryption
   As we know the process to transform
plain text to cipher text or vise versus –
encryption and decryption

Fig. 3.16

Fig. 3.17
Encryption and Decryption… Cont

   In computer communication – sender send the
encrypt message trough the network.
plain text.
   To encrypt and decrypt the message – encryption
and decryption algorithm
   Usage both must be same each other – otherwise
the decryption cannot success
   Others method using key = one time pad in Vernam
Technique
   Algorithm – know to everyone– to made the
message secure – use the key.
Encryption and Decryption… Cont

Fig. 3.18
Encryption and Decryption… Cont

   There are 2 cryptography mechanism
 Symmetric   key Cryptography = use same
key to encrypt and decrypt the message
 Asymmetric key Cryptography – use
different key in encrypt and decrypt the
message

Fig. 3.19
Symmetric and Asymmetric
Key Cryptography
   Symmetric Key Cryptography and the
problem key problem

Fig. 3.19
Symmetric Key Cryptography and key distribution
problem… Cont

   Problem in transmission. Create the same problem
   By courier may improve the situation – same problem
happened
   Another option by hand-delivery mechanism
   Others idea – put the envelope in box and locked it –
difficult to receiver to opened it – Another KEY?
   Send key by another way
   No solution completely acceptable – either not fully proof or
not practically possible – called key distribution problem /
key exchange problem
   Same key to encrypt and decrypt – asymmetric key
operation
Symmetric Key Cryptography and key distribution
problem… Cont

 Letsay A want to send different message
to 2 person B and C. so need 2 different
pair of key

Fig. 3.20
Symmetric Key Cryptography and key distribution
problem… Cont

 How   about involve more than 5 person?
   10 pairs of key and locked needed
 So   we can write in Mathematic
   Person involve (PI)
 PI   * (PI – 1) / 2
   Let say 1000 person involve
 1000    * (1000 – 1) / 2 = 499,500 lock and key pairs
 Remember  that locked and key pair must
be maintained by somebody
Diffie-Hellman Key Exchange / Agreement Algorithm

   Diffie-Hellman Key Exchange /
Agreement Algorithm
 Introduction
   Solution to the problem of key agreement or
key exchange
   Both parties can agree on a symmetric key –
used in encryption / decryption
   Based on mathematical principle – describe
the step in algorithm, illustrate by example and
discuss mathematic basic
Diffie-Hellman Key Exchange / Agreement Algorithm…
Cont

 Description     of the algorithm
   Let say Alice and Bob agree upon a key that used in
encrypt/ decrypt. The step by using Diffie-Helman
algorithm shown in fig. 3.21.
   Base on the step involve, actually the keys is similar;
K1=K2=K
Fig. 3.21
Diffie-Hellman Key Exchange / Agreement Algorithm…
Cont

 Example      of the algorithm
   Let take small exam to prove the Difie-Helman
Key Exchange. This have been shown in Fig.
3.2
Diffie-Hellman Key Exchange / Agreement Algorithm…
Cont

Fig. 3.22

Cik Noorhuzaimi @ Karimah bt Mohd Noor
Diffie-Hellman Key Exchange / Agreement Algorithm…
Cont

 Mathematical          Theory behind the algorithm
   1st lets look at technical description of the complexity of
the algorithm
   What is actually means
 Take    a look what Alice does in step 6. Here the compute
   K1 = Bx mod n
   What is B? from step 4.
   B = gy mod n
   There for, subtitute this value of B in step 6 we have
following equation
   K1 = (gy)x mod n = gyx mod n
Diffie-Hellman Key Exchange / Agreement Algorithm…
Cont

 What   Bob does in step 7. Here Bob compute;
   K2 = Ay mod n
   What is A? from step 2 we have;
   A = gx mod n
   There for, substitute this value of A in step 7 we have
following equation
   K2 = (gx)y mod n = gxy mod n
 Now    basic mathematic say
   Kyx=Kxy
 So we get K1=k2=k. Hence the Proof
 Obviously question, if Alice and Bob can generate key
separately – so can attacker.
 Solution: exchange n,g,A,B; base on x and y that cannot
easily be calculated – mathematically
Diffie-Hellman Key Exchange / Agreement Algorithm…
Cont

 Problem       with algorithm
   Diffie Helman Key Exchange – not solve all the problem
associated with key exchange
   Can fall pray to the man-in-the-middle attack that also
   This happened has follow
 As usual Alice send n and g to Bob, let say n=11 and g=7
(those code is basic in calculate the key K1=K2=K)
 She not realize that the hacker (Tom) listening for their
conversation. Tom copy all the value.

Fig. 3.23
Diffie-Hellman Key Exchange / Agreement Algorithm…
Cont

 Lets  say all select random value for x and y as
shown in fig.3.24
 All the three person calculate A and B with x and y
that have been selected. Note that Alice calculate
for A and Bob calculate for B but Tom calculate
both, A and B. this can be look at fig. 3.25

Fig. 3.24

Fig. 3.25
Diffie-Hellman Key Exchange / Agreement Algorithm…
Cont

 The   real Drama:
   Alice send A(e.i: 2) to Bob, Tom intercept it and
send his A (e.i: 9)to Bob. Bob not realized it.
   Bob send his B (e.i: 8) to Alice, Tom intercept it
and send his B (e.i: 4) Alice. Alice accept it and
   At this juncture, Alice, Bob, and Tom have a
value A and B as shown in 3.27
Diffie-Hellman Key Exchange / Agreement Algorithm…
Cont

Fig. 3.26
Diffie-Hellman Key Exchange / Agreement Algorithm…
Cont

Fig. 3.27

   Base the key, those three person generate the
key as shown in 3.28
   Why Tom generate 2 keys?

Fig. 3.28
Case Study
   Algorithm Types
 Stream Ciphers
 Block Ciphers
   Algorithm Modes – combination of a
series of the basic algorithms steps on
block cipher
   Four Important algorithm modes
 ElectronicCode Book (ECB)
 Cipher Block Chaining (CBC)
 Cipher Feedback (CFB)
 Output Feedback (OFB)
Stream Cipher
   Plaintext is encrypted one bit at a time
   Suppose message is “Pay 101” in ASCII
   In binary it can be a series of 1 and 0;
7   bit times 7 characters
   Every bit will be applied with a
encryption algorithms
   Let Say binary data is 10010101
 Apply XOR with a key operation will get a
cipher text
Block Ciphers
   A block of bits is encrypted at one go
   Suppose a plaint text is
FOUR_AND_FOUR
   It can be encrypted in blocks of “FOUR”,
“_AND_”, and “FOUR”
Overview of Symmetric Key
Cryptography
   Reffered by various name
 Secret Key Cryptography
 Private Key Cryptograpgy
   Only one Key is used; encrypt and
decrypted
   Several Algorithm used
 Data  Encryption Standard (DES), Double
DES, Triple DES
 International Data Encryption Algorithm
(IDEA)
Asymmetric Key Operation

   Asymmetric Key Operation
 Have   2 keys ; encrypt and decrypt the message.
 Let say A want to send a message to B, so B will
send K1 to A to be used in encrypting the
message
 B will open / decrypt the message by using K2
 K1 != K2
 K1 everyone know… but not K2; only B knows.
 K1 known as public Key and K2 as private key
Asymmetric Key Operation

Fig. 3.29
Asymmetric Key Operation

 What   if B want to received a message from C; C
may use the same key (K1) to encrypt the
message and B can use K2 (same as used to
decrypt message A)
 Only a pair of key is needed to execute
cryptography process (if B want to receive from
1000 person)
 But if they want to communicate with each other
they will need 1000 lock, 1000 K1, 1000 K2 – not
as symmetric (499, 500)
Steganography
   Technique that hiding the message inside
other message
   Historically, the sender use invisible ink, tiny
pin puncher on specific character, etc
   Of late – hiding behind the picture

Fig. 3.30
Key Range and Key Size
   The cryptanalyst is armed with the following
information
 The encryption/ decryption algorithm
 The encrypted message
 Knowledge about the key size
   Keys – challenge for the attackers
   Attackers can develop programming to solve
the keys – depend to size of key
Key Range and Key Size… Cont

Fig. 3.31
Key Range and Key Size… Cont

   How attackers determine either the
message that he/she decrypt is the
plain text or the right keys?
   How to prevent?
 Size   of the keys (40, 56, 120 etc)
 Inbit
 Bigger the key size; long time to crack
Key Range and Key Size… Cont

Fig. 3.32

Table 3.2
Key Range and Key Size… Cont

 Can also represent the possible values in the key
 Complexity to the attackers
 The keys size chasing by the technology
   today- 56 bit not safe;
   Tomorrow – 128bit may not safe
   Another day – 256-
 But   impossible to 512 bit; why?
   Suppose that every atom in the universe is actually a
computer
   In the world – 2300; if each computer can check 2300
keys in one second (which cannot happen)
   2162 millennia to search 1% of 512 bit key;
Key Range and Key Size… Cont

Fig. 3.33
Possible Types of
Attacks
   3 possibility Attacks can be occurs
 Cipher     Text only Attack
   The attacker doesn’t know about the plain text. Has
some and all the cipher text. Guess the meaning of the
message
 Know     Plain Text Attack
   Know some pair of plain text and corresponding the
cipher text – tries to find other pairs of plain text
 Chosen      Plain Text Attack
   Chosen the plain text block – try to look for encryption of
the same in cipher text
Reference

   Cryptography And Network Security by
Atul Kahate; Mc Graw Hill

```
DOCUMENT INFO
Shared By:
Categories:
Stats:
 views: 630 posted: 1/19/2010 language: English pages: 65
How are you planning on using Docstoc?