CH 8
CH 8
Fundamentals
Chuck Easttom
Presented by:
Dr. Adnan Almutawkkil
[email protected]
Chapter 8 Encryption
Introduction
Encryption
Scrambling information.
One critical part to the security puzzle.
Without it, all security measures are inadequate.
Cryptography
The art of writing or deciphering secret code
Cryptography ("secret writing"): Making secret
messages
2
Cryptography VS Encryption
Item Cryptography Encryption
3
Cryptography
4
Cryptography Basics
6
Symmetric Encryption Techniques
7
Ciphers
8
Classical Ciphers
Substitution Ciphers
Substitute one letter (or bit) for another in each place
Transposition Ciphers
Transposition ciphers do not change individual letters
or bits, but they change their order
Most real ciphers use both substitution and
transposition
History of Encryption
10
History of Encryption (cont.)
Caesar Cipher
Frequency distribution
cracks this simple cipher.
Substitution alphabet.
Substitutes one letter in
the alphabet for another.
Caesar is a mono-
alphabetic cipher.
11
Plaintext Key Ciphertext
n 4 r
o 8 w
w 15 l
Multi-alphabetic …
i 16 …
Substitution Ciphers
s 23 …
t 16 …
+4 h 3 …
e 9 …
n o p q r
t 12 …
This is a very weak cipher.
i 20 …
Real ciphers use complex m 6 …
math. e 25 …
Binary Operations
Binary Operations
AND, OR, XOR
13
Binary Operations
XOR only reversible binary operation (XOR
allows you to easily encrypt and decrypt a string)
Convert plain text to ASCII
0100 0001, 0100 0100, 0100 1111, 0100 0111 Plain text
1111 0111, 1111 0111, 1111 0111, 1111 0111 Key
1011 0110, 1011 0011, 1011 1000, 1011 0000 Cipher text
15
Cryptography Terms
16
Modern Methods
Single key (symmetric) encryption
Same key to encrypt and decrypt
Blowfish
Symmetric block cipher
Works on “blocks” of letters
Uses variable length key (32–448 bits)
Freeware
17
Decipher the following:
18
Cryptographic System Stages
Cryptographic Systems
1. Two parties first agree upon a particular
cryptographic system to use
2. Each cryptographic system dialogue begins with three
brief handshaking stages
3. The two parties then engage in cryptographically
protected communication
This ongoing communication stage usually constitutes nearly all
of the dialogue
Modern Methods (cont.)
Data Encryption Standard (DES)
256
56-bit 11111111 11111111 11111111 72,000,000,000,000,000 134 Year
11111111 11111111 11111111 11111111
21
Major Symmetric Key Encryption Ciphers
RC4 DES 3DES AES
Key Length 40 bits or 56 112 or 168 128, 192, or
(bits) more 256
Key Strength Very weak Weak Strong Strong
at 40 bits
Processing Low Moderate High Low
Requirements
RAM Low Moderate Moderate Low
Requirements
Remarks Can use keys Created in Applies DES Today’s gold
of variable the 1970s three times standard for
length with two or symmetric
three key
different encryption
DES keys
An attempt at
deciphering the text
using a lowercase,
and incorrect key
Modern Methods (cont.)
24
Modern Methods (cont.)
25
Modern Methods (cont.)
Public key (asymmetric) encryption
Depends on large prime numbers, factoring, and
number theory.
Public key encryption is most widely used.
Pretty Good Privacy (PGP):
The first popular implementation of public-key cryptography.
Its primary use is to protect the contents of email messages
Freeware
Quite secure
Phil Zimmerman – 2004
26
RSA (Rivest Shamir Adleman)
27
Properties of RSA
One hundred times slower than
DES in hardware
One thousand times slower than
DES in software
Used to protect small amounts of
data
Ensures confidentiality of data
thru encryption
Generates digital signatures for
authentication and nonrepudiation
of data
Modern Methods (cont.)
29
Modern Methods (cont.)
Public key (asymmetric) encryption
RSA
Now select another number; call this number e. Pick e so that it is
co-prime to m.
Choose a small number e, co-prime to m.
Youare almost done generating a key. Now you just find a number d
that when multiplied by e and modulo m would yield a 1. (Note:
Modulo means to divide two numbers and return the remainder. For
example 8 modulo 3 would be 2.).
Find d, such that de % m = 1.
Now publish e and n as the public key. Keep d and n as the secret
key. To encrypt, simply take your message raised to the e power and
modulo n.
30
The RSA signature Scheme
31
Modern Methods (cont.)
32
Avoid ‘bad’ crypto
Unbreakable
Unhackable
Secret algorithm
Kerchoff’s principle
33
Digital Signatures
A digital signature is not used to ensure the confidentiality of a message, but
rather to guarantee who sent the message.
This is referred to as nonrepudiation. Essentially, it proves who the sender is.
Digital signatures are actually rather simple, but clever. They simply reverse
the asymmetric encryption process.
Recall that in asymmetric encryption the public key (which anyone can have
access to) is used to encrypt a message to the recipient, and the private key
(which is kept secure and private) can decrypt it. With a digital signature, the
sender encrypts something with his private key.
If the recipient can decrypt that with the sender's public key, then it must have
been sent by the person purported to have sent the message.
34
How a Digital Signature Works
Hash
Hashing is a type of cryptographic algorithm that has some
specific characteristics.
1. It is one way. That means you cannot "unhash" something.
2. You get a fixed-length output no matter what input is given.
3. It should have few or no collisions. A collision is when two
different inputs provide the same output.
36
Hashing
A hashing algorithm is applied to a bit string of any length
The result of the calculation is called the hash
For a given hashing algorithm, all hashes are the same short
length
Routers use hashing with secret keys
Ipsec gateways and clients use hashing algorithms
Software images downloaded from the website have checksums
Sessions can be encrypted
Hashing versus Encryption
Characteristic Encryption Hashing
39
Message Digest (one way hash)
40
Message Digest Function: MD5
41
Secure Hashing Algorithm (SHA)
42
4
3
VERY Simple Illustration of Rainbow
Tables
List of pre-computed password hashes
Password MD5 Hash (in Hex) Password MD5 Hash (in Hex)
45
46
Steganography
47
Historical Steganography
The ancient Chinese wrapped notes in wax
and swallowed them for transport.
In ancient Greece a messenger’s head might
be shaved, a message written on his head,
then his hair was allowed to grow back.
In 1518 Johannes Trithmeus wrote a book
on cryptography and described a technique
where a message was hidden by having each
letter taken as a word from a specific
column.
Historical Steganography – Cont.
During WW II the French Resistance sent messages written on the backs of couriers
using invisible ink
Microdots are images/undeveloped film the size of a typewriter period, embedded
on an innocuous documents. These were said to be used by spy's during the Cold
War.
Steganography general model
50
Types of Steganography
51
5
2
Cryptanalysis
algorithm;
to deduce the key;