Module Administration

CO3099/7099
Part I: Cryptography (Stanley Fung, weeks 1-5)
Cryptography and Internet


 Part II: Internet Security (Emilio Tuosto, weeks 6-10)

Security  Resources (Part I)
 Book: Knudsen, Java Cryptography (Chapters 1 – 7)
 Java API:
 http://java.sun.com/reference/api/index.html

 http://java.sun.com/products/jce/

 Assessment:
 40% coursework (4)
 60% final exam
Stanley Fung
University of Leicester

Module Part I
Objectives:
Chapter 1

 Concepts: goals of cryptography (confidentiality,
authentication, integrity) and the mechanisms to achieve
them Basic Concepts
 Practice: writing real Java programs for cryptography
 Topics:
 Basic concepts in cryptography
 Secret and public key systems
 Classical ciphers
 Message digests and MAC
 Digital signatures and certificates
 Modern encryption and decryption Once upon a time, there were
 Applications of Cryptography two people, Alice and Bob…

3
 Security vs. Cryptography Three Main Security Issues
 What is security?  Confidentiality: keeping information secret
 Protect systems against inappropriate use. Examples:  Example: prevent people reading data on your disk, or
intercept messages transmitted over the network
 Withdraw money from someone else’s account

 Alter your exam marks on the university database

 Integrity: ensure information is intact (not modified)
 Example: a program you download is not modified to include
 A broad subject; physical, platform, network, … malware
 What is cryptography?  Authentication: check people are really who they claim
 The science of secret writing to be
 Cryptography security; cryptography is only one way of  Example: someone sends hostile email to professors in your
ensuring certain aspects of security name
 Every system can be broken  We will first consider providing confidentiality using
 (given enough resources) cryptography; integrity and authentication are
 Security cost should be proportional to value being protected
addressed later

5 6

Some Terminologies Basic Idea of Encryption/Decryption

 Cryptography: the science of secret writing  A very simple encryption scheme: Rot13
 Cryptanalysis: the science of code-breaking  Replace every letter with the letter 13 places down the
alphabet
 Cryptology = Cryptography + Cryptanalysis  Example: hello world uryyb jbeyq
 A cipher is an algorithm that turns readable messages  How to decrypt “qrpelcg”?
(plaintext) into unreadable messages (ciphertext).
 Rot13 is not a good cipher
This process is called encryption. The reverse process
 If an attacker knows Rot13 is being used, the message can
is called decryption. easily be decoded

network  What about Rot-n? (shift n positions)

Alice Bob  Better
plaintext encryption
ciphertext
decryption plaintext  Still easy to decode (try all 26 values of n)
 In fact, even if the attacker does not know Rot-n is being
used, it can still be decoded (how?)
7 8
 Algorithms and Keys
 Encryption algorithms usually use keys
 A secret value
 One algorithm, many different keys
 Encrypting the same plaintext using different keys (but the
same algorithm) gives different ciphertexts
 Ciphertext can only be decrypted using the correct key (using
an incorrect key decrypts into a mess)
 Only the key need to be kept secret (algorithm can be publicly
known; see next slide)
 Example: in Rot-n, the value of n is the key
Security of Cipher Algorithms
 Two types of “security” of a cipher
 Unconditionally secure: the ciphertext does not contain
enough information to determine uniquely the plaintext
(impossible to break)
 Computationally secure: cost of breaking > value of
encrypted info, or time to break > useful lifetime of encrypted
info (takes a lot of money/time to break)
 Kerckhoff’s Principle: everything (algorithms) are
publicly known, only keys are secret
 Security does not depend on the secrecy of the algorithm
 Everyone can implement the algorithm
Everyone can study potential weaknesses of the algorithm


 We can make sure there is no “hidden backdoor”

 26 different possible keys

9 10

Secret Key Cryptography Secret Key Cryptography

 Also called symmetric cryptography  Examples: Rot-n, DES (Data Encryption Standard)
 Since ancient times  Drawbacks:
 Same key for encryption and decryption (to be kept  How to distribute the key secretly?
secret)  Keys are usually shorter than the message, and can be re-

used. Still, it is difficult to distribute keys securely

Alice Secret key network Secret key Bob  Solutions: key agreement protocols; public key

plaintext encryption decryption plaintext cryptography

ciphertext
 In a system with many components:
 Using one key for everything: risk the whole system
 Analogy: locked box
collapsing upon a security breach
 To send a secret letter, Alice locks it in a box and sends the
 Use a (different) key for each pair: distribution headache
locked box to Bob. Only Alice and Bob have the key to open
the box

11 12
 A Puzzle A Possible Solution
 Bob wants to send a diamond ring to Alice  Bob puts the diamond ring inside the box, locks and
 Only way of communication is postal mail sends it
 However, postal mail is not secure: anything in the mail will Bob
be stolen, if not locked
 They each have some locks (and matching keys), but do not  Alice receives the box, puts another lock on it and
have keys that match the other person’s locks sends the double-locked box back to Bob
 Solutions? Alice
 Bob locks the ring inside a box and sends it. But Alice does
not have the key…  Bob removes his lock and sends the (still locked) box
 Bob sends the key. But it will be stolen… to Alice
 Bob sends the key inside another locked box. But Alice does Bob
not have the key to this other box…
 Is there even a solution?  Alice opens her lock and gets the ring
Alice

13 14

Public Key Cryptography Public Key Cryptography

 Also called asymmetric cryptography  Suppose Alice wants to send Bob a message
Bob generated his keypair beforehand
 Appeared in 1970s 

 Alice encrypts the message using Bob’s public key

 Depends on computationally-difficult mathematical  Bob decrypts the message using his own private key
problems  Only Bob can decrypt the message since only he has his own
 A public key and a private key for each party private key
 Public key: freely available Bob’s Bob’s
Bob
Alice public key private key
 Private key: secret (keep to oneself) ciphertext
plaintext encryption decryption plaintext
 Public and private keys always come in pairs (Keypairs); they
are mathematically related network
Successful decryption requires using the matching key

 No need for distributing a secret key
 Example: RSA  Drawback: slow

15 16
 Properties of Public and Private Keys
 We need the following mathematical properties:
Easy to generate a pair of public/private keys

Easy to encrypt knowing the public key

 Easy to decrypt knowing the private key
 Computationally difficult to get the private key from the public
key
 Computationally difficult to decrypt without knowing the
private key
 (preferably) can encrypt with private key and decrypt with
public key (i.e. key roles exchanged)
 Is there really such a nice thing?
 Some mathematical problems are believed to have these
properties
17
Concepts of Cipher Attacks
 “Breaking” a cipher: decrypt without the key
 It is important that the plaintext has some “meaning”
for attacks to be possible
 e.g. English sentences, excel file, exe program, …
Otherwise, no way to distinguish correct or incorrect

decryption
 Two types of attacks on ciphers:
 Brute-force
 Cryptanalysis
 Note: breaking a cipher is not the only way of
compromising the cryptosystem
19
Hybrid Systems
 Combines symmetric and asymmetric ciphers
 First, the two parties use an asymmetric cipher to
negotiate a session key (a secret key for this
conversation)
 Then, encrypt the conversation using the session key
as a secret key of a symmetric cipher
 Combines virtues of both kinds of ciphers:
 Use the slow asymmetric cipher to exchange a small amount
of data only
 The conversation can then be encrypted using a fast
symmetric cipher
18
Attacks on Ciphers
 Brute-force: try all possible keys
 Strength of cipher can be increased by using longer keys
 E.g. Rot-n having only 26 possible keys is too small
 An n-bit key length gives 2n different possible keys
 Cryptanalysis: exploit the mathematical properties of
the algorithm
 Strength of cipher depends on design of algorithm
 Secret key ciphers: cryptanalysis is possible if structure
(statistical properties) of plaintext remains in ciphertext
Public key ciphers: cryptanalysis usually focuses on the

mathematical relationships between public and private keys
20
 Types of Cryptanalysis Attacks Summary
 Ciphertext-only: only have (a large amount of)  Confidentiality, integrity, authentication
encrypted data  Two types of cryptography:
 Example: Sgd pthbj aqnvm enw itlor nudq sgd kzyx cnf =?
Secret key cryptography Public key cryptography
 Known plaintext: in addition, some plaintext-ciphertext Keys One per pair of user Two per user (public and
pairs are known (secret key) private)
 Example: Sgd = The, cnf = dog, pthbj aqnvm enw = ? En/decryption Use same key Use different keys
 Email headers, guessed keywords in message, etc Advantages Fast Avoid secret information
distribution
 Chosen plaintext: attacker can choose to encrypt a
few plaintext
 Example: Encrypt “Example”? => Dwzlokd

Increasingly easy to attack / difficult to defend

(attacker has more information)
21 22