IS 302: Information Security and Trust Week 2: Encryption Basics 2012

IS 302: Information Security and TrustWeek 2: Encryption Basics

2012

© Yingjiu Li 2007 2

Treasure Hunter’s Parchment

• “53‡‡†305))6*;4826)4‡);806*;48†8 ¶60))85;I‡(;:‡*8†83(88)5*†;46(;88*96 *?;8)*‡(;485);5*†2:*‡(;4956*2(5*-4)8 ¶8*;4069285);)6†8)4‡‡;I(‡9;48081;8:8‡ I;48†85;4)485†528806*81(‡9;48;(88;4 (‡?34;48)4‡;161;:188;‡?;”


Confidentiality• How to protect message from adversary?

Bob Alice

Mallory

The secret is…

plaintext


Cryptography• Use a language that only Alice and Bob can

understand

Bob Alice

Mallory

Nz dsfejr dbse ovncds jt…

ciphertext


Concepts• Cryptography – hidden writing

• Encryption – encode or encipher• Decryption – decode or decipher

• Cryptosystem – a system for encryption and decryption

• Cryptographer – anyone who invents encryption algorithms• Cryptanalyst – anyone who attempts to break encryption

algorithms

• Cryptology – research of encryption and decryption, including both cryptography and cryptanalysis


Cryptosystem

• Algorithms with a parameter – key K

Encryption Algorithm E

Decryption Algorithm D

Plaintext Ciphertext Plaintext

P PC

© Yingjiu Li 2007 7Jeff Moser: http://www.moserware.com/2009/09/stick-figure-guide-to-advanced.html


Encryption• Encryption

– Input: plaintext and key

– Output: ciphertext

EncryptionFunction

Plaintext


Decryption• Decryption

– Input: ciphertext and a key

– Output: original plaintext

DecryptionFunction

Plaintext


Symmetric Cryptosystem

• C=E(P,K)• P=D(C,K)

Encryption Algorithm E

Decryption Algorithm D

Plaintext Ciphertext Plaintext

P PC

K KSecret channel


Cryptanalysis (Attacks)• Cryptanalyst (Mallory)

– E and D are public

– Given ciphertext, find plaintext

– What else Mallory knows?

Ciphertext only Mallory knows ciphertext only

Known plaintext

Mallory happens to know some plaintext-ciphertext pairs

Chosen plaintext

Mallory knows some plaintext-ciphertext pairs for selected plaintext

Chosen ciphertext

Mallory knows some plaintext-ciphertext pairs for selected ciphertext


Classical Ciphers

• Caesar cipher

• Vigenére cipher

• Zimmerman cipher

• Vernam cipher


Caesar Cipher– Shifting alphabet – How many possible keys?


Discussion• Follow me with CrypTool• Observation:

– The break between two words is preserved

– Repeated letters are mapped to repeated letters

• Decrypt the following Caesar cipher– Wklv phvvdjh lv qrw wrr kdug wr euhdn

– Hints: Observe the following patterns• Wrr, wr

• Wklv, lv


“Unbreakable” cipher: Vigenére Tableau

– Same letters are not mapped to the same letters– Encrypt

• Keyword: hothot (repeat: row)

• Plaintext: attack (column)

• ciphertext: hhmhqd

– Decrypt• Keyword: hothot (repeat: column)

• Ciphertext: hhmhqd (from that column find c letter)

• Plaintext: attack (the index of row)



Discussion– Follow me with CrypTool– How “unbreakable” is Vigenére cipher?


Codebook/Zimmermann Cipher

• A codebook is literally a dictionary-like book containing words and their corresponding codewords.

• Zimmerman Telegram Februar 13605

fest 13732

finanzielle 13850

folgender 13918

Frieden 17142

Friedenschluss 17149

• What is the key? • Compare it with Vigenére cipher w.r.t key size

• How secure is Zimmermann cipher?

http://library.thinkquest.org/28005/flashed/timemachine/courseofhistory/zimmerman.shtml?tqskip1=1&tqtime=1029


Zimmerman Telegram Decrypted


Perfect Cipher


Vernam Cipher• The only unbreakable stream cipher

– K: a long, non-repeating sequence of random numbers

Exclusive OR Exclusive ORPlaintext Ciphertext Plaintext

P PC

K KSecret channel

1 0 =1; 0 1=1

0 0 =0; 1 1=0


Vernam Cipher

• An example of Vernam Cipher– Alice:

– Bob:

1 0 =1; 0 1=1

0 0 =0; 1 1=0

P: 100 010 111 011 110 001…

K: 010 011 101 101 010 111…

C: 110 001 010 110 100 110…

P: 100 010 111 011 110 001…

K: 010 011 101 101 010 111…

C: 110 001 010 110 100 110…


Discussion

• Follow me with CrypTool

• Why is Vernam cipher perfectly secure?


Modern Ciphers

• Basic ideas: confusion and diffusion

• Combinations

• Evaluation



Confusion

• Permutation operations1. First remove spaces

• A legitimate receiver can breakmostmessagesintowordsfairlyeasily

2. Then break messages arbitrarily into blocks of a uniform size (e.g., every five letters)

3. Map each plaintext letter to a unique ciphertext letter (usually in the same alphabet)

• How many keys for permuting 26 English letters?


Caveat

• All permutation ciphers are subject to – ciphertext only attack

– not to mention known plaintext attack, chosen plaintext and chosen ciphertext attacks


Frequency Attack

source: http://knight.cis.temple.edu/~jfiore/2006/fall/386/handouts/ch2/ch2_part2_4ups.pdf


Diffusion– Spread out the message by re-arranging letters


Product Cipher

Combinations of confusion and diffusion operations in many rounds– DES (56 bits) 16 rounds– AES (128, 192, 256) 9, 11, 13 rounds

• Deterministic vs non-deterministic


Evaluation

• Shannon’s characteristics of good ciphers– Amount of secrecy (key size) determines

amount of labor– Set of keys and enciphering algorithm are

simple– Implementation is simple– Errors do not propagate– Size of ciphertext is no larger than original

message


How Secure is Secure

It takes your computer at least

1000 years to break my cipher!!

No matter how powerful your computer is, you

don’t have enough information to defeat the

system !!

Computational securityComputational security

Unconditional security

Unconditional security


However…


Hands-On Exercise

• Installation:– Download LabPrep.doc and follow its

instructions to install • OpenSSL (Win32openSSL-0_9_8d.exe)

• HHD HexEditor (http://www.asciitable.com/)• JCE (jdk-1_5_0_08-windows-i586-p.exe)

– Mac computers have already these tools pre-installed

http://www.asciitable.com/


Hands-On Exercise

• Testing:– Download LabTest.doc– Follow its instructions in section 2.1 to test

openSSL– Follow its instructions in section 2.2 to test JCE


Introduction to OpenSSL

• OpenSSL is an open source toolkit to ensure secure communication.– Symmetric key (secret key) encryption – Asymmetric key (public key) encryption – Message Digests and digital signatures – Certificates


Example 1: Keys Generationopenssl genrsa -des3 -out privkey.pem 2048

• genrsa – Generates RSA Key

• des3 – Password protects the key using triple DES encryption

• out <filename>– Save the key in a file. In this example, its privkey.pem

• <key size> -Size of the key generated. In this example, its 2048 bits


Example 2: Certificate Request

openssl req -new -key privkey.pem -out cert.csr• req - Generate certificate request.

• new –New certificate request.

• key <file name> - Specify the file to read the private key from. In this example, its privkey.pem

• out <file name> - Save the request in a file. In this example, its cert.csr


Example 3: Encryptionopenssl des3 -salt -in file.txt -out file.des3

• des3 – Encrypt using the TripleDES algorithm

• salt - Use a salt in the key derivation routines

• in <file name> - Input file with the clear message

• out <file name> - Output file with the encrypted message

– Users will be prompted to enter a password to complete the encryption


Example 4: Decryptionopenssl des3 -d -salt -in file.des3 -out file.txt

• des3 – Use the TripleDES algorithm

• d – decrypt the file

• salt - Use a salt in the key derivation routines

• in <file name> - Input file with the encrypted message

• out <file name> - Output file with the decrypted message

– Users will be prompted to enter a password to complete the decryption


Introduction to JCA and JCE

• Java Cryptography Architecture (JCA) is part of Java 2 run-time environment. java.security.*

• Java Cryptography Extension (JCE) is an extension to JCA and is integrated into Java 2 SDK since the 1.4

release. javax.crypto.*


JCE Core Classes

– Cipher Class• Provide the functionality of encryption and decryption

– KeyGenerator Class • Generate secret keys for encryption and decryption

– The SealedObject Class• Create an object and protect its confidentiality

– The Mac Class • Provide integrity protection with Message Authentication

Code (MAC).

Reference: http://java.sun.com/j2se/1.5.0/docs/guide/security/jce/JCERefGuide.html


Class: java.crypto.KeyGenerator

Methods:– getInstance(String algorithm)

• Creates an instance of KeyGenerator for a specific algorithm such as

• “AES”,“DES”,”HMACSHA1”

– generateKey()• Generate a key for the algorithm specified in the KeyGenerator

instance


Example: Key Generation• The following example generate a SecretKey

object using AES.

//Create an instance of KeyGenerator with algorithm AES

KeyGenerator kg = KeyGenerator.getInstance(“AES");

//Generate the secret key

SecretKey mykey = kg.generateKey();


Secure Key Storage

• JCA provides an extensible architecture to

manage keys through KeyStore.

• A KeyStore object maintains an in-memory table

of key and certificate entries, indexed by alias

strings, allowing retrieval, insertion and deletion

of entries.

• Keystore files are usually password protected.


Class: java.security.KeyStore

Methods: – getInstance (String type)

• Create an instance of KeyStore of the specified type.– load(InputStream stream, char[] password))

• Open keystore with password and load keys from keystore file to memory

– getKey(String alias, char[] password)• Access the keystore with password and get the key based on a given

key alias– setEntry(String alias, KeyStore.Entry entry,

KeyStore.ProtectionParameter protParam)• Set a new key entry in the keystore

– store(OutputStream stream, char[] password)• Store this keystore to the given output stream, and protect its integrity

with the given password.


Example:Create a null KeyStore object

• The following sample creates null KeyStore object with password protection.

//Create an instance of KeyStore of type “JCEKS”.

//JCEKS refers the KeyStore implementation from SunJCE provider ks = KeyStore.getInstance("JCEKS");

//Load the null Keystore and set the password to “changeme” ks.load(null, "changeme".toCharArray());


Example:Set Key Entry• The following sample sets the generated key “mykey” in

the KeyStore. //Create an instance of KeyStore.SecretKeyEntry using “mykey”KeyStore.SecretKeyEntry skEntry = new KeyStore.SecretKeyEntry(mykey);

//Get key alias name from user input. String alias=args[0];

//Create KeyStore PasswordKeyStore.PasswordProtection password;password = new KeyStore.PasswordProtection("changeme".toCharArray());

//Set the key entry in the key store with an alias.ks.setEntry(alias, skEntry, password);


Example:Store KeyStore object in file

• The following sample writes the KeyStore object into a file for storage.

//Create a new file to store the KeyStore objectjava.io.FileOutputStream fos = new java.io.FileOutputStream("keystorefile.jce");

//Write the KeyStore into the fileks.store(fos, "changeme".toCharArray());

//Close the file streamfos.close();


Example:Retrieving Keys from KeyStore

• The following sample retrieves keys from a KeyStore file.

//Open the KeyStore fileFileInputStream fis = new FileInputStream("keystorefile.jce");

//Create an instance of KeyStore of type “JCEKS”ks = KeyStore.getInstance("JCEKS");

//Load the key entries from the file into the KeyStore object. ks.load(fis, "changeme".toCharArray());fis.close();

//Get the key with the given alias. String alias=args[0];Key k = ks.getKey(alias, "changeme".toCharArray());


A Quick Review

• Which of the following is subject to frequency attack?

1. Caesar cipher 2. Vigenére 3. Vernam

• A perfect cipher is?1. Combination of confusion and diffusion

2. Combination of substitution and transposition

3. Unconditionally secure

Documents

IS 302: Information Security and Trust Week 2: Encryption Basics 2012