Upload
others
View
13
Download
0
Embed Size (px)
Citation preview
Data Security
Chapter 3 Classical Encryption Techniques
Data Security
What is cryptography?
• The American Heritage Dictionary:“The art or process of
writing in or deciphering secret code”
• Webster:“The science or study the techniques
of secret writing”
• More generally, “A science which studies how to provide communication channels with secrecy and/or authenticity properties.”
• Communication channel: Network, Hard drive, CD-ROM, etc.
Data Security
Roadmap of Cryptography
• classical cryptography (--- 1920s)– secret writing required only pen and paper– Mostly: transposition, substitution ciphers– Easily broken by statistics analysis (e.g., frequency)
• mechanical devices invented for encryption– Rotor machines (e.g. Enigma cipher) 1930s-1950s– featured in films, such as in the James Bond adventure From Russia
with Love• James Bond tried to acquire a Russian cypher machine known as
Lektor• specification of DES and the invention of RSA (1970s)
--- modern ciphers– Public key system, most notably
• Quantum Cryptography (future?)
Data Security
History
• Ancient ciphers– Have a history of at least 4000 years – Ancient Egyptians enciphered some of their hieroglyphic
writing on monuments – Ancient Hebrews enciphered certain words in the scriptures – 2000 years ago Julius Caesar used a simple substitution
cipher, now known as the Caesar cipher – Roger bacon described several methods in 1200s– Geoffrey Chaucer included several ciphers in his works – Leon Alberti devised a cipher wheel, and described the
principles of frequency analysis in the 1460s – Blaise de Vigenère published a book on cryptology in 1585,
& described the polyalphabetic substitution cipher – Increasing use, esp in diplomacy & war over centuries
Data Security
Early Cryptosystems
• The Spartans were the first to use cryptography in the military
• They developed a device called a skytale– it consists of a staff of wood around which a strip of papyrus
or parchment is wrapped– the secret message is written on the parchment down the
length of the staff– when the parchment is unwrapped it appears to contain a
series of disconnected letters
Data Security
Skytale Example
• Given the message: THIS IS FUNNY
S T F H U I N S N I Y
T
H
I
S
I
S
F
U
N
N
Y
Data Security
Classical Cryptographic Techniques
• Two basic components of classical ciphers:– Substitution: letters are replaced by other letters – Transposition: letters are arranged in a different order
• These ciphers may be: – Monoalphabetic: only one substitution/ transposition is
used, or – Polyalphabetic:where several substitutions/ transpositions
are used • Product cipher:
– several ciphers concatenated together
Data Security
q Symmetric Cipher Modelq Substitution Techniques
q Transposition Techniques
q Rotor Machines
q Steganography
Outline
Data Security
Outline
q Symmetric Cipher Modelq Substitution Techniques
q Transposition Techniques
q Rotor Machines
q Steganography
Data Security
Symmetric Ciphers
• also: conventional / private-key / single-key• sender and recipient share common key• all classical encryption algorithms are private-key• was only type prior to invention of public-key in 1970’s
Data Security
Codes vs. Ciphers
Codes– turn semantic units such as words, numbers or phrases into
codewords– require a codebook that lists the substitutions--> see for example Navajo code talkers during WWII
Ciphers– transform units of fixed length such as letters, bits, blocks thereof– use a mathematical function and a secret key– does not consider word boundaries or semantic units--> this is what we will talk about in this course
Data Security
Cryptography vs. Steganography
--> both are considered “Secret Writing”
Cryptography– “hidden writing”– concealing the meaning (contents) of a message but not the
message itself
Steganography– greek: “steganos”, covered– hide the message (so existence is not know)– invisible ink, microdots, messages hidden in pictures, sounds,...
Data Security
Basic Terminology
• plaintext - the original message
• ciphertext - the encrypted message, “jabberwocky”
• cipher - algorithm for transforming plaintext to ciphertext
• key - info used in cipher known only to sender/receiver
• encipher (encrypt) - converting plaintext to ciphertext
• decipher (decrypt) - recovering ciphertext from plaintext
Data Security
Symmetric Cipher Model
Data Security
Requirements
1. Need strong encryption algorithm• always assume that eavesdropper (“Eve” or “Trudy”) knows the
details of the used algorithm (Kerkhoffs’ law)• Eve and Trudy might acquire some plaintext/ciphertext pairs• still, it should be (practically) impossible to determine the key (or
to determine the plaintext for a given cipher text)• however: it is sufficient if algorithm is computationally secure (as
opposed to unconditionally secure)
2. Sender and receiver must have same secret key• key must be distributed in a secure fashion
Y = EK(X)X = DK(Y)
• if someone discovers the key, all communication is readable
Data Security
Conventional Cryptosystem
X=[X1,X2,...,XN]
K=[K1,K2,...,KJ]
Y=E(K, X)
X=D(K,Y)
letters fromfinite alphabet
Data Security
Open Discussion
• Published algorithm vs. unpublished algorithm
• Unpublished algorithm1. Cryptanalysis must include recovering the algorithm2. Smaller number of users, smaller motivation to break3. Unavailable for other countries
• Published algorithm1. The only reliable way of assessing cipher security2. Prevents backdoors hidden by designers3. Large number of implementations = low cost + high performance4. No need for anti-reverse-engineering protection5. Software implementations6. Domestic and international standardization
Data Security
Attacks on Ciphers
• Brute-force– try all possible keys until solved
• Cryptanalytic attacks– use
• nature of algorithms• knowledge about general characteristics of plaintext• some sample plaintext-ciphertext pairs
– aim• learn a specific plaintext• learn the key (that makes all past and future communication vulnerable)
Data Security
Types of Cryptanalytic Attacks
Data Security
A Good Algorithm…
• Resists ciphertext-only and known-plaintext attacks• Actually, no algorithm, but one is proven to be
unconditionally secure– only one-time pad
Data Security
Unconditionally Secure Encryption Scheme
• No matter – how much ciphertext is available to opponent– how much time and computing power that opponent has
• It is impossible for the opponent to decrypt the ciphertext– because there is no statistical relationship between the ciphertext and
plaintext• Only one-time pad is unconditionally secure
Data Security
A Practical Encryption Scheme
• Should be computationally secure– the cost of breaking the cipher exceeds the value of encrypted
information– the time required to break the cipher exceeds the useful
lifetime of the information– assumes the processing powers are limited and estimated
breaking time is impractically long (millions of years!)
Data Security
Brute Force Attack (Exhaustive Search)
• always possible to simply try every key alternative• have to check half of all alternatives in average • most basic form of attack, depends on key size • must be able to recognize plaintext (compression increases
the difficulty)
Data Security
Characterization of Cryptographic Systems
• Type of encryption operations-> transposition, substitution, product systems
• Number of keys used-> sender and receiver use same key: symmetric encryption-> different keys are used: asymmetric or public-key encryption
• way in which plaintext is processed-> block cipher: one block input at a time --> one block output-> stream cipher: process input elements continuously
Data Security
Cipher Classification
Ciphers
Public Key SymmetricKey Unkeyed
IDSignaturePublicKey HashOneWayRandom
SymmetricMACSignatureRandom
BlockStreamClassical
Transposition Substitution
Data Security
Short History of Ciphers
• early codes found in ancient Egyptian tombs
• ancient Hebrews-> pair each letter of the alphabet with another letter-> replace the letters of plaintext with their corresponding letter-> substitution cipher
• early Greeks-> shave head, tattoo message on head, let hair grow-> steganography
• Spartans used encryption for military messages-> skytale: rod of fixed dimensions-> wrap piece of cloth around skytale and write message-> unwind cloth, letters are in wrong order-> transposition cipher
Data Security
Outline
q Symmetric Cipher Modelq Substitution Techniques
q Transposition Techniques
q Rotor Machines
q Steganography
Data Security
Classical Substitution Ciphers
• letters of plaintext are replaced by other letters or by numbers or symbols
• if plaintext is viewed as a sequence of bits, then substitution involves replacing plaintext bit patterns with ciphertext bit patterns
Data Security
Caesar Cipher
• earliest known substitution cipher• by Julius Caesar (100 – 44 B.C.)• first attested use in military affairs• replaces each letter by 3rd letter on• example:
meet me after the toga partyPHHW PH DIWHU WKH WRJD SDUWB
Data Security
Caesar Cipher
• can define transformation as:a b c d e f g h i j k l m n o p q r s t u v w x y zD E F G H I J K L M N O P Q R S T U V W X Y Z A B C
• mathematically give each letter a numbera b c d e f g h i j k l m0 1 2 3 4 5 6 7 8 9 10 11 12n o p q r s t u v w x y Z13 14 15 16 17 18 19 20 21 22 23 24 25
• then have Caesar cipher as:C = E(p) = (p + k) mod (26)p = D(C) = (C – k) mod (26)with k = 3
• in general: k = 1, 2, ..., 25
Data Security
Cryptanalysis of Caesar Cipher
• only have 26 possible ciphers (A maps to A, B,..., or Z)
• given ciphertext, just try all shifts of letters
• exhaustive search, brute force
• however: we need to recognize when we have plaintext
• what if plaintext is a binary file? a compressed file?
--> break ciphertext ” GCUA VQ DTGCM "
Data Security
Security Strength of Caesar Cipher
• Only have 26 possible shifts• Brute-force Attack : simply try each possible shift in turn
- a.k.a. exhaustive key search• Example:
Ciphertext – mjaiamwlxsvitpegipixxivw
Trial 1 lizhzlvkwruhsodfhohwwhuv (shift backward by 1)Trial 2 khygykujvotgrncegngvvgtu (shift backward by 2)Trial 3 jgxfxjtiupsfombdfmfuufst (shift backward by 3)Plaintext - ifwewishtoreplaceletters (shift backward by 4)Hence K=4.
• The major problem of shift ciphers:
“the key space is too small against brute-force attack”
• The complexity of brute-force attack is O(n).
Data Security
Monoalphabetic Cipher
• rather than just shifting the alphabet
• could shuffle (jumble) the letters arbitrarily
• each plaintext letter maps to a different random ciphertext letter
• hence key is 26 letters long
Plain: abcdefghijklmnopqrstuvwxyz Cipher: DKVQFIBJWPESCXHTMYAUOLRGZN
Plaintext: ifwewishtoreplacelettersCiphertext: WIRFRWAJUHYFTSDVFSFUUFYA
Data Security
Monoalphabetic Cipher Security
• now have a total of 26! ≈ 4 x 1026 keys(this is 403,291,461,126,605,635,584,000,000)
• it is also easy to use-> just use a keyphrase as a way to construct a certain letter permutation, which then serves as the key
• with so many keys, this has to be secure
• at least that’s what many people thought throughout the first millennium A.D., “an unbreakable cipher”