Upload
nvbond
View
214
Download
1
Embed Size (px)
Citation preview
Making “Good” Encryption Making “Good” Encryption AlgorithmsAlgorithms
Substitution algorithms “hide” the Substitution algorithms “hide” the plaintext and dissipate high letter plaintext and dissipate high letter frequenciesfrequencies
Transposition algorithms scramble Transposition algorithms scramble texttext
Many “good” algorithms combine Many “good” algorithms combine both techniquesboth techniques
Shannon’s Characteristics of Shannon’s Characteristics of “Good” Ciphers“Good” Ciphers
Amount of secrecy needed should Amount of secrecy needed should determine the amount of labor appropriate determine the amount of labor appropriate for encryption/decryption.for encryption/decryption.
Set of keys and enciphering algorithm Set of keys and enciphering algorithm should be free from complexity.should be free from complexity.
Implementation should be simpleImplementation should be simple Errors in ciphering should not propogate.Errors in ciphering should not propogate. Size of ciphertext should be no larger than Size of ciphertext should be no larger than
the size of the plaintextthe size of the plaintext
Properties of “Trustworthy” Properties of “Trustworthy” Encryption SystemsEncryption Systems
Based on sound mathematicsBased on sound mathematics Been analyzed by competent experts Been analyzed by competent experts
and found to be soundand found to be sound Stood the “test of time”Stood the “test of time”
Three Examples:Three Examples:• DES (data encryption standard)DES (data encryption standard)• RSA (Rivest-Shamir-Adelman)RSA (Rivest-Shamir-Adelman)• AES (Advanced Encryption Standard)AES (Advanced Encryption Standard)
Symmetric and Asymmetric Symmetric and Asymmetric Encryption SystemsEncryption Systems
Symmetric requires one “secret” key that Symmetric requires one “secret” key that is used for encryption AND decryption (e.g. is used for encryption AND decryption (e.g. Caesar cipher might use a “key” of 3 to Caesar cipher might use a “key” of 3 to indicate shift by 3)indicate shift by 3)
As long as key remains secret, As long as key remains secret, authenticationauthentication is provided is provided
Problem is key distribution; if there are n Problem is key distribution; if there are n users, we need n * (n-1)/2 unique keysusers, we need n * (n-1)/2 unique keys
Symmetric and Asymmetric Symmetric and Asymmetric Encryption SystemsEncryption Systems
Asymmetric requires two keys one of Asymmetric requires two keys one of which is a “public key”which is a “public key”
The public key is used for encryption The public key is used for encryption and the “private” key is used for and the “private” key is used for decryptiondecryption
If there are n users, there are n If there are n users, there are n public keys that everyone knows and public keys that everyone knows and n private keys known only to the usern private keys known only to the user
Stream and Block CiphersStream and Block Ciphers Stream ciphers – convert one symbol Stream ciphers – convert one symbol
of plaintext immediately into a of plaintext immediately into a symbol of ciphertextsymbol of ciphertext
Transformation depends on the Transformation depends on the plaintext symbol, the key, and the plaintext symbol, the key, and the algorithmalgorithm
Error can affect all text after the Error can affect all text after the errorerror
Stream and Block CiphersStream and Block Ciphers Block cipher encrypts a Block cipher encrypts a groupgroup of plaintext of plaintext
symbols as symbols as oneone block (e.g. columnar block (e.g. columnar transposition)transposition)
StreamStream BlockBlock
AdvantagesAdvantages Speed of Speed of transformationtransformationLow error propagationLow error propagation
High diffusionHigh diffusionImmunity to insertation Immunity to insertation of symbolsof symbols
disadvantagesdisadvantages Low diffusionLow diffusionSusceptibility to Susceptibility to malicious insertations malicious insertations and modificationsand modifications
Slowness of encryptionSlowness of encryptionError propagationError propagation
Confusion and DiffusionConfusion and Diffusion ConfusionConfusion – interceptor cannot – interceptor cannot
predict what will happen to the predict what will happen to the ciphertext by changing one character ciphertext by changing one character in the plaintextin the plaintext
DiffusionDiffusion – information from single – information from single plaintext is distributed over the plaintext is distributed over the entire ciphertextentire ciphertext
CryptanalysisCryptanalysis Ciphertext OnlyCiphertext Only – requires analysis using – requires analysis using
probabilities, distributions, and probabilities, distributions, and characteristics of the available ciphertext, characteristics of the available ciphertext, plus any publicly known informationplus any publicly known information
Full or Partial PlaintextFull or Partial Plaintext – knows some – knows some plaintext and ciphertext (C & P in C = E(P) ); plaintext and ciphertext (C & P in C = E(P) ); only needs to determine the algorithm; can only needs to determine the algorithm; can use use probable plaintextprobable plaintext analysis analysis
Ciphertext of Any PlaintextCiphertext of Any Plaintext – analyst can – analyst can insert data into plaintext to be encryptedinsert data into plaintext to be encrypted
CryptanalysisCryptanalysis Algorithm and Ciphertext Algorithm and Ciphertext – analyst runs – analyst runs
the algorithm on massive amounts of the algorithm on massive amounts of plaintext to try and match one with the plaintext to try and match one with the ciphertext and deduce the sender’s ciphertext and deduce the sender’s encryption keyencryption key
Ciphertext and PlaintextCiphertext and Plaintext – try and – try and determine the encryption keydetermine the encryption key
WeaknessesWeaknesses – cryptanalysis often – cryptanalysis often succeeds because of human error and/or succeeds because of human error and/or carelessnesscarelessness
Elementary Tips for Frequency AnalysisElementary Tips for Frequency Analysis Count frequenciesCount frequencies
• j,k,q,x,z have frequency less than 1%j,k,q,x,z have frequency less than 1%• e should have frequency greater than 10% (19% in German)e should have frequency greater than 10% (19% in German)• Italian has 3 letters with frequency > 10% and 9 letters with Italian has 3 letters with frequency > 10% and 9 letters with
frequency < 1%frequency < 1% In English, look for repeated letters (ss, ee, tt, ff, ll, mm, oo)In English, look for repeated letters (ss, ee, tt, ff, ll, mm, oo) If ciphertext contains spaces, look for one, two, three letter If ciphertext contains spaces, look for one, two, three letter
words (a, I, of, to, in, it, is, be, as, at, so, we, he, by, or, on, words (a, I, of, to, in, it, is, be, as, at, so, we, he, by, or, on, do, if, me, my, up, an, go, no, us, am, the, and)do, if, me, my, up, an, go, no, us, am, the, and)
Tailor table of frequencies to message you are trying to Tailor table of frequencies to message you are trying to decipher (e.g. military messages omit pronouns and decipher (e.g. military messages omit pronouns and articles)articles)
Be willing to guess and use experienceBe willing to guess and use experience If the frequency of the ciphertext matches frequency table, If the frequency of the ciphertext matches frequency table,
the cipher is transpositonthe cipher is transpositon
Taken from Appendix B of Taken from Appendix B of The Code BookThe Code Book by Simon Singh, by Simon Singh, Doubleday, 1999.Doubleday, 1999.