Cryptographic Building

Blocks

Computer Security | Lecture Two

Recommended Text (Major)

▪ Computer Security and the Internet

Paul C. van Oorschot
 Lecture Outline
▪ Introduction Decryption
▪ Generic Concepts ▪ Stream Ciphers
▪ Block Ciphers
▪ Encryption and Decryption
▪ Public Key Encryption and
▪ Plaintext and Cyphertext
Decryption
▪ Encryption Notation
▪ Key Distribution
▪ Exhaustive Key Search
▪ Hybrid Encryption
▪ Cipher Attack Models
▪ Digital Signatures Using Public Keys
▪ Encryption and Decryption
▪ Cryptographic Hash Functions
▪ Symmetric-Key Encryption and
▪ Public Key Certificates

3
 Learning Objectives

▪ This lecture introduces basic cryptographic mechanisms

▪ They are foundational building blocks for computer
security:
▪ Symmetric-key and Public-key encryption,
▪ Public-key digital Signatures,
▪ Hash Functions

4
 Lecture Outline | Progress
▪ Introduction Decryption
▪ Generic Concepts ▪ Stream Ciphers
▪ Block Ciphers
▪ Encryption and Decryption
▪ Public Key Encryption and
▪ Plaintext and Cyphertext
Decryption
▪ Encryption Notation
▪ Key Distribution
▪ Exhaustive Key Search
▪ Hybrid Encryption
▪ Cipher Attack Models
▪ Digital Signatures Using Public Keys
▪ Encryption and Decryption
▪ Cryptographic Hash Functions
▪ Symmetric-Key Encryption and
▪ Public Key Certificates

5
 Introduction

▪ If computer security were house- ▪ To help students, as software

building, Cryptography might be developers, to identify and Use
the Electrical Wiring and Power Cryptographic toolkits
Supply. ▪ Expound basic Rule of thumb
▪ The framers, Roofers, Plumbers, ▪ E.g. do not design your own
and masons must know enough to cryptographic protocols or
not electrocute themselves, algorithms.
▪ But need not understand the finer ▪ Plugging in your own desk lamp is
details of wiring the main fine, but leave it to a master
panelboard, nor all the electrical electrician to upgrade the electrical
footnotes in the building code. panel

6
 Lecture Outline | Progress
▪ Introduction Decryption
▪ Generic Concepts ▪ Stream Ciphers
▪ Block Ciphers
▪ Encryption and Decryption
▪ Public Key Encryption and
▪ Plaintext and Cyphertext
Decryption
▪ Encryption Notation
▪ Key Distribution
▪ Exhaustive Key Search
▪ Hybrid Encryption
▪ Cipher Attack Models
▪ Digital Signatures Using Public Keys
▪ Encryption and Decryption
▪ Cryptographic Hash Functions
▪ Symmetric-Key Encryption and
▪ Public Key Certificates

7
 Generic Concepts
Encryption and Decryption
▪ Recall: An algorithm is a series of steps, often implemented in
software programs or hardware.
▪ Encryption (and Decryption) algorithms are a fundamental
means for providing Data Confidentiality,
▪ Especially in Distributed Communications Systems (e.g. Internet)
▪ They are parameterized by a Cryptographic Key;
▪ Conceptualize a key as a binary string representing a large secret
number

8
 Lecture Outline | Progress
▪ Introduction Decryption
▪ Generic Concepts ▪ Stream Ciphers
▪ Block Ciphers
▪ Encryption and Decryption
▪ Public Key Encryption and
▪ Plaintext and Cyphertext
Decryption
▪ Encryption Notation
▪ Key Distribution
▪ Exhaustive Key Search
▪ Hybrid Encryption
▪ Cipher Attack Models
▪ Digital Signatures Using Public Keys
▪ Encryption and Decryption
▪ Cryptographic Hash Functions
▪ Symmetric-Key Encryption and
▪ Public Key Certificates

9
 Generic Concepts
Plaintext and Ciphertext
▪ Encryption transforms data ▪ Only authorized parties are
given access to this key.
(Plaintext) into an unintelligible
form (Ciphertext). ▪ Sensitive Information should
be Encrypted before:
▪ The process is Reversible:
▪ Transmission
▪ Decryption Key allows recovery
of plaintext, using a ▪ If data is subject to
eavesdropping
corresponding Decryption
Algorithm ▪ Saving to Storage Media
▪ Access to the Decryption Key ▪ If concerned about access
controls access to the
Plaintext;

10
 Generic Concepts
Plaintext and Ciphertext

▪ It is generally assumed that the algorithms for Encryption

and Decryption are known
▪ This follows the Open-Design Principle
▪ Recall the Open-Design Principle: Do not rely on secret designs,
attacker ignorance, or security by obscurity;
▪ However, Only authorized parties have the Secret Key

11
 Lecture Outline | Progress
▪ Introduction Decryption
▪ Generic Concepts ▪ Stream Ciphers
▪ Block Ciphers
▪ Encryption and Decryption
▪ Public Key Encryption and
▪ Plaintext and Cyphertext
Decryption
▪ Encryption Notation
▪ Key Distribution
▪ Exhaustive Key Search
▪ Hybrid Encryption
▪ Cipher Attack Models
▪ Digital Signatures Using Public Keys
▪ Encryption and Decryption
▪ Cryptographic Hash Functions
▪ Symmetric-Key Encryption and
▪ Public Key Certificates

12
 Generic Concepts
Generic Encryption Notation
▪ Let
▪ m = Plaintext message
▪ c = the Ciphertext
▪ Ek, Dk’ = the Encryption, Decryption algorithms Respectively
▪ k, k’ = Parameterized Symmetric Keys for Encryption and Decryption
Respectively.
▪ Encryption and Decryption is denoted as follows
c = Ek(m) m = Dk’(c)
13
14
 Generic Encryption Notation

▪ Mathematically, an encryption-decryption system (aka

Cryptosystem) is defined to consist of:
▪ A set P of possible Plaintexts,
▪ A set C of possible Ciphertexts,
▪ A set K of Keys,
▪ An Encryption Mapping E: (P × K ) → C
▪ A corresponding Decryption Mapping D: (C × K ) → P

15
 Example | Caesar Cipher
▪ Caesar’s famous Cipher was rather simple.
▪ The encryption algorithm simply substituted each alphabetic
plaintext character by that occurring three letters later in the
alphabet.
▪ Watch the Video
▪ Exercise
▪ Mathematically Describe the algorithms of the Caesar cipher.
▪ What is the Cryptographic Key?
▪ How many other keys could be Chosen?

16
 Lecture Outline | Progress
▪ Introduction ▪ Stream Ciphers
▪ Block Ciphers
▪ Generic Concepts
▪ Public Key Encryption and
▪ Encryption and Decryption
Decryption
▪ Plaintext and Cyphertext
▪ Key Distribution
▪ Encryption Notation
▪ Hybrid Encryption
▪ Exhaustive Key Search
▪ Digital Signatures Using Public Keys
▪ Cipher Attack Models
▪ Cryptographic Hash Functions
▪ Encryption and Decryption
▪ Symmetric-Key Encryption and
Decryption ▪ Public Key Certificates

17
 Generic Concepts
Exhaustive Key Search
▪ Cryptographers should provide “good” algorithms for Encryption
and Decryption.
▪ A critical Property is that it be infeasible to recover Plaintext from
Ciphertext without knowledge of the key.
▪ When a Ciphertext is intercepted, the best an adversary can do, is
▪ Go through all keys k from the key space K,
▪ Parameterizing D with each k sequentially,
▪ Computing each Dk(c) and looking for some meaningful result
▪ This process is called an Exhaustive Key Search.

18
 Generic Concepts
Exhaustive Key Search

▪ If there are no algorithmic weaknesses, then no algorithmic

“shortcut” attacks exist, and the whole key space must be
tried.
▪ More precisely, an attacker of average luck is expected to come
across the Correct Key after trying half the key space;
▪ If the keys are strings of 128 bits, then there are 2128 keys, with success
expected after 2127 trials = 1.7014118e+38
▪ This number is so large that is infeasible to find the correct key

19
 Example | DES Key Space

▪ The first Cipher widely used in industry was Data Encryption

Standard (DES),
▪ Standardized by the U.S. government in 1977.
▪ Its key length of 56 bits yields 256 possible keys.
▪ DES is no longer used, as modern processors make exhaustive key
search of spaces of this size too easy!

20
Example | The Enigma Machine
▪ The Enigma machine is a Cipher device developed
and used in the early- to mid-20th century to protect
Commercial, Diplomatic, and Military Communication.
▪ It was employed extensively by Nazi Germany during
World War II.
▪ The Enigma machine was considered so secure that it
was used to encipher the most top-secret messages
▪ Poland cracked the machine prior to the war,
▪ This enabled the Allies to exploit Enigma-enciphered
messages as a major source of intelligence

21
 Lecture Outline | Progress
▪ Introduction Decryption
▪ Generic Concepts ▪ Stream Ciphers
▪ Block Ciphers
▪ Encryption and Decryption
▪ Public Key Encryption and
▪ Plaintext and Cyphertext
Decryption
▪ Encryption Notation
▪ Key Distribution
▪ Exhaustive Key Search
▪ Hybrid Encryption
▪ Cipher Attack Models
▪ Digital Signatures Using Public Keys
▪ Encryption and Decryption
▪ Cryptographic Hash Functions
▪ Symmetric-Key Encryption and
▪ Public Key Certificates

22
 Cipher Attack Models

▪ Cipher attack models include:

▪ Ciphertext-Only Attack
▪ Known-Plaintext Attack
▪ Chosen-Plaintext Attack
▪ Chosen-Ciphertext Attack
▪ An ideal encryption algorithm resists all these attack
models, ruling out algorithmic “shortcuts”, leaving only
Exhaustive Search
23
 Cipher Attack Models
▪ Ciphertext-Only Attack
▪ An adversary tries to recover
Plaintext (or the key), given access
to Ciphertext alone.
▪ Known-Plaintext Attack
▪ Given some Ciphertext and its
corresponding Plaintext,
adversaries try to recover unknown
Plaintext (or the key) from further
Ciphertext.
▪ Chosen-Plaintext Attack
▪ Allows adversaries to choose some
amount of Plaintext and see the
resulting Ciphertext.
▪ Chosen-Ciphertext Attack
▪ Here for a fixed key, attackers can
provide Ciphertext of their
choosing, and receive back the
corresponding Plaintext;
▪ The goal is to deduce the Secret
Key, or other information sufficient
to decrypt new Ciphertext.
24
 Summary of Attack Types

Attack Type What the Attacker Has Goal

Ciphertext-Only Ciphertext only Guess plaintext or key
Ciphertext + some
Known-Plaintext Decrypt new messages
known plaintext
Ability to encrypt Learn key or predict
Chosen-Plaintext
plaintexts of choice future ciphertext
Ability to decrypt Learn key or decrypt
Chosen-Ciphertext
ciphertexts of choice target messages

25
 Cipher Attack
Passive Vs Active Adversary
▪ A Passive Adversary observes ▪ An Active Adversary interacts
and records but does not alter with ongoing transmissions, by
information. ▪ Injecting data
▪ For example: ▪ Altering data
▪ Ciphertext-only Attacks ▪ Starts new interactions with
▪ Known-Plaintext attacks legitimate parties.
▪ For example
▪ Chosen-Plaintext Attacks
▪ Chosen-ciphertext Attacks

26
 Lecture Outline | Progress
▪ Introduction Decryption
▪ Generic Concepts ▪ Stream Ciphers
▪ Block Ciphers
▪ Encryption and Decryption
▪ Public Key Encryption and
▪ Plaintext and Cyphertext
Decryption
▪ Encryption Notation
▪ Key Distribution
▪ Exhaustive Key Search
▪ Hybrid Encryption
▪ Cipher Attack Models
▪ Digital Signatures Using Public Keys
▪ Encryption and Decryption
▪ Cryptographic Hash Functions
▪ Symmetric-Key Encryption and
▪ Public Key Certificates

27
 Types of Encryption and Decryption

▪ There are Two categories of E and D algorithms:

▪ Symmetric-key or Symmetric Encryption
▪ Also called Secret-key
▪ In symmetric-key encryption, the encryption and decryption keys are the
same, i.e., k = k’
▪ Asymmetric Encryption
▪ Also called Public-key
▪ In public-key systems they differ (Watch Video)

28
 Lecture Outline | Progress
▪ Introduction Decryption
▪ Generic Concepts ▪ Stream Ciphers
▪ Block Ciphers
▪ Encryption and Decryption
▪ Public Key Encryption and
▪ Plaintext and Cyphertext
Decryption
▪ Encryption Notation
▪ Key Distribution
▪ Exhaustive Key Search
▪ Hybrid Encryption
▪ Cipher Attack Models
▪ Digital Signatures Using Public Keys
▪ Encryption and Decryption
▪ Cryptographic Hash Functions
▪ Symmetric-Key Encryption and
▪ Public Key Certificates

29
 Symmetric-key Encryption and Decryption

▪ Symmetric-key or Symmetric Encryption

▪ Recall:
▪ Also called Secret-key
▪ In symmetric-key encryption, the encryption and decryption keys are the
same, i.e., k = k’
▪ Classes of Symmetric-Key Encryption and Decryption
▪ Stream Ciphers
▪ Block Ciphers

30
 Lecture Outline | Progress
▪ Introduction Decryption
▪ Generic Concepts ▪ Stream Ciphers
▪ Block Ciphers
▪ Encryption and Decryption
▪ Public Key Encryption and
▪ Plaintext and Cyphertext
Decryption
▪ Encryption Notation
▪ Key Distribution
▪ Exhaustive Key Search
▪ Hybrid Encryption
▪ Cipher Attack Models
▪ Digital Signatures Using Public Keys
▪ Encryption and Decryption
▪ Cryptographic Hash Functions
▪ Symmetric-Key Encryption and
▪ Public Key Certificates

31
 Classes of Symmetric-Key Encryption and Decryption
Stream Ciphers
▪ Each Plaintext digit is encrypted one at a time with the
corresponding digit of the keystream, to give a digit of the
Ciphertext stream.
▪ Usage example: e.g., User-typed characters sent to a remote site in
real time.
▪ It needs a Key with the same length as the Plaintext
▪ In practice, a digit is typically a bit and the combining operation is an
exclusive-or (XOR).
32
 Classes of Symmetric-Key Encryption and Decryption
Stream Ciphers

▪ Stream Ciphers turn a fixed-size secret (symmetric key)

into an arbitrary-length secret keystream unpredictable to
adversaries.
▪ The mapping of the next Plaintext bit to Ciphertext is a position-
varying transformation dependent on the input key
▪ Example: The Vernam Cipher
▪ Study and Implement using Python

33
 Stream Ciphers | Example

▪ Plaintext "HELLOWORLD"
▪ Stream of key bits "1011010101".

34
 Stream Ciphers | Example
Step 1: Plaintext and Key Bit Stream

▪ Plaintext: H E L L O W O R L D
▪ Key Bit Stream: 1 0 1 1 0 1 0 1 0 1

35
 Stream Ciphers | Example
Step 2: Converting Plaintext to Binary

▪ Convert each character in the plaintext to its corresponding

ASCII value, and then convert the ASCII values to binary
representation.
▪ Plaintext (ASCII): 72 69 76 76 79 87 79 82 76 68
▪ Plaintext (Binary): 01001000 01000101 01001100 01001100
01001111 01010111 01001111 01010010 01001100 01000100

36
 Stream Ciphers | Example
Step 3: XOR Operation with Key Bit Stream
▪ We perform an XOR operation between each bit of the
plaintext (in binary form) and the corresponding key bit
from the key bit stream.
▪ Plaintext (Binary): 01001000 01000101 01001100 01001100
01001111 01010111 01001111 01010010 01001100 01000100
▪ Key Bit Stream: 1 0 1 1 0 1 0 1 0 1
▪ XOR Result: 11111101 11110000 11111001 11111001 11111010
11100010 11111010 11100111 11111001 11110001

37
 Stream Ciphers | Example
Step 4: Converting Binary to ASCII

▪ Convert the XOR result (in binary form) back to ASCII

values.
▪ XOR Result (Binary): 11111101 11110000 11111001 11111001
11111010 11100010 11111010 11100111 11111001 11110001
XOR Result (ASCII): 253 240 249 249 250 226 250 231 249 241

38
 Stream Ciphers | Example
Step 5: Converting ASCII to Ciphertext
▪ Finally, convert the ASCII values obtained from the XOR
operation to their corresponding characters to get the
Ciphertext.
▪ Ciphertext: ýðùùúâúçùñ
▪ Given key bit stream "1011010101", the plaintext "HELLOWORLD" is
encrypted to " ýðùùúâúçùñ"
▪ Note: Same KEY bit stream must be used for both encryption and
decryption in a Stream Cipher to obtain the original plaintext.

39
 Lecture Outline | Progress
▪ Introduction ▪ Stream Ciphers
▪ Block Ciphers
▪ Generic Concepts
▪ Public Key Encryption and
▪ Encryption and Decryption
Decryption
▪ Plaintext and Cyphertext
▪ Key Distribution
▪ Encryption Notation
▪ Hybrid Encryption
▪ Exhaustive Key Search
▪ Digital Signatures Using Public Keys
▪ Cipher Attack Models
▪ Cryptographic Hash Functions
▪ Encryption and Decryption
▪ Symmetric-Key Encryption and
Decryption ▪ Public Key Certificates

40
 Classes of Symmetric-Key Encryption and Decryption
Block Ciphers
▪ Processes Plaintext in fixed-
length Chunks or Blocks
▪ Each block is encrypted with a
fixed transformation dependent
on the Key.
▪ From an input-output perspective,
a Block Cipher’s main properties
are
▪ Block-length: Block size in bits
▪ Key-length: Key size in bits
▪ If the last Plaintext block has
fewer bits than the block-length, it
is Padded with “filler” characters.
▪ A common non-ambiguous
Padding Rule is to always append
a 1-bit, followed by zero or more
0-bits as necessary to fill out the
blockchunks or blocks
41
 Block Ciphers | Example

▪ Plaintext: "HELLOWORLD"
▪ Block size of 4 characters
▪ with a key "KEY1".

42
 Block Ciphers | Example
Step 1: Plaintext and Key

▪ Plaintext: H E L L O W O R L D
▪ Block Size: 4 characters
▪ Key: KEY1

43
 Block Ciphers | Example
Step 2: Padding

▪ Since the plaintext "HELLOWORLD" has 10 characters,

▪ Which is not a multiple of the block size (4)
▪ We need to add padding to make it fit into complete blocks.
▪ Let's add padding using the character ‘X':
▪ Plaintext (Padded): H E L L O W O R L D X X

44
 Block Ciphers | Example
Step 3: Converting Plaintext and Key to ASCII

▪ We convert each character in the plaintext (including the

padding) and the key to their corresponding ASCII values.
▪ Plaintext (ASCII): 72 69 76 76 79 87 79 82 76 68 35 35
▪ Key (ASCII): 75 69 89 49

45
 Block Ciphers | Example
Step 4: Applying Block Cipher Algorithm
▪ Block cipher Algorithm, involves ▪ Produce Ciphertext (ASCII): 3 0 21
operations such as Substitution, 125
Permutation, and Mixing, to each ▪ Block 2:
block of plaintext and the key. ▪ Plaintext (ASCII): 79 87 79 82 XOR
▪ Specific algorithm depends on the Key (ASCII): 75 69 89 49
block cipher used (e.g., AES, DES, ▪ Produce Ciphertext (ASCII): 4 18 22
etc.), 99
▪ For this example, we’ll use a basic ▪ Block 3:
XOR operation.
▪ Plaintext (ASCII): 76 68 88 88 XOR
▪ Block 1: Key (ASCII): 75 69 89 49
▪ Plaintext (ASCII): 72 69 76 76 XOR ▪ Produce Ciphertext (ASCII): 7 1 1 105
Key (ASCII): 75 69 89 49

46
 Block Ciphers | Example
Step 5: Converting ASCII to Ciphertext

▪ Convert the ASCII values obtained from the block cipher

algorithm back to characters to get the ciphertext.
▪ Ciphertext: }c I
▪ Given key "KEY1" and a Block size of 4 characters, Plaintext
"HELLOWORLD" is encrypted to "}c I"
▪ Note: Same key "KEY1" must be used for both encryption and
decryption in a block cipher to obtain the original plaintext.

47
 Assignment | Read on the Atalla Key Block

▪ Invented by Mohamed Atalla, the Atalla key block is the root of all
key blocks.
▪ In 1972, Atalla filed U.S. Patent 3,938,091 for a remote PIN verification
system, which utilized encryption techniques to assure telephone link
security while entering personal ID information, which would be
transmitted as encrypted data over telecommunications networks to a
remote location for verification
▪ All over the globe, hundreds of millions of financial transactions
are secured daily using Hardware Security Modules (HSMs) and
the Atalla key block…Read More

48
 Example | AES Block Cipher
▪ Today’s most widely used Block
Cipher is AES,
▪ It was specified by the Advanced
Encryption Standard.
▪ Created by researchers at Flemish
university KU Leuven with the
Original algorithm named Rijndael
▪ It was selected after an open, multi-
year competition run by NIST
▪ AES has been adopted by the U.S.
government.
▪ It supersedes the Data Encryption
Standard (DES)
▪ AES is included in the ISO/IEC
18033-3 standard.
▪ a U.S. federal government standard
in 2002
▪ The first (and only) publicly
accessible cipher approved by the
NSA for top secret information
49
 Lecture Outline | Progress
▪ Introduction Decryption
▪ Generic Concepts ▪ Stream Ciphers
▪ Block Ciphers
▪ Encryption and Decryption
▪ Public Key Encryption and
▪ Plaintext and Cyphertext
Decryption
▪ Encryption Notation
▪ Key Distribution
▪ Exhaustive Key Search
▪ Hybrid Encryption
▪ Cipher Attack Models
▪ Digital Signatures Using Public Keys
▪ Encryption and Decryption
▪ Cryptographic Hash Functions
▪ Symmetric-Key Encryption and
▪ Public Key Certificates

50
 Public-key Encryption and Decryption
▪ Recall: For symmetric-key encryption, k denoted a key shared
between two parties.
▪ For public-key encryption, keys are labelled with a subscript
denoting the single party they belong to
▪ For example: Each party has a key pair (eB,dB) for Bob,
▪ An Encryption public key eB, which can be publicized as belonging to
Bob,
▪ A Decryption private key dB, which Bob should keep secret and share
with no one.

51
 Public-key Encryption and Decryption
▪ To Public-key encrypt a
message m for Bob,
▪ Alice obtains Bob’s public key
eB,
▪ Uses it to parameterize the
associated public-key
encryption algorithm
▪ Encrypts m to ciphertext c
▪ Sends c to Bob
▪ At Bob’s side
▪ Bob recovers m using the
corresponding known public-
key decryption algorithm D,
parameterized by his private
key dB.
52
 Integrity of Public Key Is Important

▪ A Public Key can be published, for example like a phone

number in an old-style phonebook.
▪ It need not be kept secret.
▪ But its Integrity (and authenticity) is critical—
▪ For example, if Charlene could replace Bob’s public key by her own, then
someone who thought they were encrypting something under a public
key for Bob’s eyes only, would instead be making the Plaintext
recoverable by Charlene

53
 Lecture Outline | Progress
▪ Introduction Decryption
▪ Generic Concepts ▪ Stream Ciphers
▪ Block Ciphers
▪ Encryption and Decryption
▪ Public Key Encryption and
▪ Plaintext and Cyphertext
Decryption
▪ Encryption Notation
▪ Key Distribution
▪ Exhaustive Key Search
▪ Hybrid Encryption
▪ Cipher Attack Models
▪ Digital Signatures Using Public Keys
▪ Encryption and Decryption
▪ Cryptographic Hash Functions
▪ Symmetric-Key Encryption and
▪ Public Key Certificates

54
 Key Distribution | Symmetric Vs Public key

▪ A group of n users that wish to ▪ For n = 100; it means 4950 keys

use Symmetric Encryption for
pairwise confidential
communications,
▪ Each pair should use (shared
between the pair) a different
symmetric key.
𝑛 (𝑛−1)
▪ This requires 2 = 𝑛 2 keys,
i.e., O(n2) keys
▪ For n=4 ; it means 6 keys
▪ As n grows the keys
management become complex
▪ For Public-key Encryption,
▪ Each party needs only one set of
(public, private) keys in order to
allow all other parties to encrypt
for them
▪ Thus requiring only n key pairs
in total.

55
 Lecture Outline | Progress
▪ Introduction ▪ Stream Ciphers
▪ Block Ciphers
▪ Generic Concepts
▪ Public Key Encryption and
▪ Encryption and Decryption
Decryption
▪ Plaintext and Cyphertext
▪ Key Distribution
▪ Encryption Notation
▪ Hybrid Encryption
▪ Exhaustive Key Search
▪ Digital Signatures Using Public Keys
▪ Cipher Attack Models
▪ Cryptographic Hash Functions
▪ Encryption and Decryption
▪ Symmetric-Key Encryption and
Decryption ▪ Public Key Certificates

56
 Hybrid Encryption

▪ Symmetric-key are typically faster than Public-key algorithms.

▪ Public-key methods are convenient for establishing shared secret
keys between endpoints.
▪ Therefore, to send encrypted messages,
▪ Public-key methods are used to establish a shared Symmetric Key k
(session key) between communication endpoints,
▪ k is then used in a Symmetric-key algorithm for efficient “bulk
encryption” of a payload message m.

57
 Lecture Outline | Progress
▪ Introduction ▪ Stream Ciphers
▪ Block Ciphers
▪ Generic Concepts
▪ Public Key Encryption and
▪ Encryption and Decryption
Decryption
▪ Plaintext and Cyphertext
▪ Key Distribution
▪ Encryption Notation
▪ Hybrid Encryption
▪ Exhaustive Key Search
▪ Digital Signatures Using Public
▪ Cipher Attack Models Keys
▪ Encryption and Decryption ▪ Cryptographic Hash Functions
▪ Symmetric-Key Encryption and
▪ Public Key Certificates
Decryption

58
 Digital Signatures and Verification using
Public Keys

▪ Digital Signatures, typically computed using public-key algorithms, are

tags (bitstrings) that accompany messages
▪ Each tag is a mathematical function of a message (its exact bitstring) and a
unique-per-sender Private Key.
▪ A corresponding public key, uniquely associated with the sender, allows
automated verification that the message originated from that individual, since
only that individual knows the private key needed to create the tag.
▪ The name originates from the idea of a replacement (for digital
documents) for Handwritten signatures, with stronger assurances.

59
 Properties of Digital Signatures
▪ Data Origin Authentication
▪ Assurance of who originated (signed) a message or file.
▪ Data Integrity
▪ Assurance that received content is the same as that originally
signed.
▪ Non-Repudiation biometrics a good example

▪ Strong evidence of unique origination, making it hard for a party to

digitally sign data and later successfully deny having done so.
60
 Details Of Public-key Signatures

▪ Like encryption-decryption, Public-key methods can be

used to implement Digital Signatures
▪ Subtle differences
▪ The Public and Private parts are used in Reverse Order
▪ The originator uses the Private Key now,
▪ The key used for signing is that of the message originator, not the
recipient

61
62
 Lecture Outline | Progress
▪ Introduction Decryption
▪ Generic Concepts ▪ Stream Ciphers
▪ Block Ciphers
▪ Encryption and Decryption
▪ Public Key Encryption and
▪ Plaintext and Cyphertext
Decryption
▪ Encryption Notation
▪ Key Distribution
▪ Exhaustive Key Search
▪ Hybrid Encryption
▪ Cipher Attack Models
▪ Digital Signatures Using Public Keys
▪ Encryption and Decryption
▪ Cryptographic Hash Functions
▪ Symmetric-Key Encryption and
▪ Public Key Certificates

63
 Cryptographic Hash Functions

▪ Cryptographic Hash Functions help solve many problems in

security.
▪ They take as input any binary string (e.g., message or file)
and produce a fixed-length output called
▪ Hash Value | Hash | Message digest | Digital fingerprint
▪ They typically map longer strings into shorter strings
▪ as do other (non-crypto) hash functions in computer science but they
have have special properties.

64
65
 Cryptographic Hash Functions | a Hash Value

▪ A Hash Value is ideally an efficiently computable and compact

representation intended to be associated with a unique input:
▪ For a good hash function, changing a single binary digit (bit) of input
results in entirely unpredictable output changes
▪ 50% of output bits change on average
▪ Hashes are often used as a type of secure checksum whose mappings
are too complex to predict or manipulate—and thus hard to exploit.
▪ Checksum: Used to verify data integrity; derived from block of digital data

66
 Cryptographic Hash Functions | Properties

▪ Given We use H is a hash function algorithm.

▪ A desirable H is such that given any input m, the computational cost
to compute H(m) is relatively small.
▪ Three hash function security properties are often needed in
practice are:
▪ One-way Property (or preimage resistance):
▪ Second-Preimage Resistance
▪ Collision Resistance
67
 Cryptographic Hash Functions | Properties
▪ (H1) One-way Property (or Preimage
Resistance):
▪ Given h it should be infeasible to find
▪ (H3) Collision Resistance
any m such that H(m) = h.
▪ Required for password hash chains,
storing password hashes, digital
signatures
▪ (H2) Second-Preimage Resistance
▪ Given any first input m1, it should be
infeasible to find any distinct second
input m2 such that H(m1) = H(m2).
▪ H2 suffices if an attacker cannot
choose a message for others to sign
▪ It should be infeasible to find any pair
of distinct inputs m1, m2 such that
H(m1) = H(m2).
▪ When two distinct inputs hash to the
same output value, we call it a
Collision.
▪ H3 is required if an attacker can
choose the message to be signed by
others
68
 One-way Hash Functions

▪ Applications in which “one- – the hash value is derived from

the combination of both the
wayness” is critical require
password and the key
property H1.
▪ However, in practice, Hash
▪ e.g., Password Hashing
Functions with H1 often also
▪ A hashed password has been
turned into a scrambled
provide H2.
representation of itself. ▪ Traditionally functions providing
▪ A user's password is taken and both H1 and H2 are called One-
– using a key known to the site way Hash Functions.

69
 Using ONE-WAY Functions in Password
Verification
▪ One-way hash functions H are often used in password
authentication as follows.
▪ A user-id + password p entered on a client device are sent to a Server.
▪ The Server hashes the p received to H(p) and uses the user-id to index
a data record containing the (known-correct) password hash.
▪ If the values match, login succeeds.
▪ This is done to avoid storing Plaintext passwords at the server,
▪ Which might be directly available to anyone with access to backup
storage, or via server database break-ins

70
 Lecture Outline | Progress
▪ Introduction Decryption
▪ Generic Concepts ▪ Stream Ciphers
▪ Block Ciphers
▪ Encryption and Decryption
▪ Public Key Encryption and
▪ Plaintext and Cyphertext
Decryption
▪ Encryption Notation
▪ Key Distribution
▪ Exhaustive Key Search
▪ Hybrid Encryption
▪ Cipher Attack Models
▪ Digital Signatures Using Public Keys
▪ Encryption and Decryption
▪ Cryptographic Hash Functions
▪ Symmetric-Key Encryption and
▪ Public Key Certificates

71
 Public-Key Certificates
▪ A Public-key Certificate is a
data structure whose
primary fields are
▪ A Subject Name
▪ A Public Key asserted to
belong to that subject
▪ A Digital Signature (over these
and other fields) by a third
party called a Certification
Authority (CA).
▪ The signature means the CA
has verified that the named
subject is legitimate
▪ Parties that rely on the
certificate require an
authentic copy of the CA’s
verification public key to verify
the CA’s signature,
▪ Hence, the certificate’s
integrity
72
 Certification Authorities

▪ The CA’s role is critical for trustworthy Certificates.

▪ CA should perform due diligence before signing a certificate, to
confirm the named subject, and their association with the public
key.
▪ Digital Certificates allow relying parties to gain trust in the public
keys of many other parties, through pre-existing trust in the public
key of a signing CA.
▪ Trust in one key thus translates into trust in many

73
 Certificate Revocation
▪ Certificates also include: validity, which by default continues
until the expiry date
▪ A Serial number to uniquely identify
▪ To be terminated earlier (e.g., if
the certificate there is a compromise).
▪ An Expiry date
▪ The Revocation Information
▪ Identity information for the CA
indicates how relying parties can
▪ Algorithm identifiers get further details, e.g.,
▪ For the embedded public key, and
the CA’s signature
▪ a signed list of revoked certificates,
▪ Revocation information ▪ the URL of a trusted site to contact
for a real-time status check of a
▪ The latter allows a certificate’s
certificate’s validity

74
 Lecture Outline | End
▪ Introduction Decryption
▪ Generic Concepts ▪ Stream Ciphers
▪ Block Ciphers
▪ Encryption and Decryption
▪ Public Key Encryption and
▪ Plaintext and Cyphertext
Decryption
▪ Encryption Notation
▪ Key Distribution
▪ Exhaustive Key Search
▪ Hybrid Encryption
▪ Cipher Attack Models
▪ Digital Signatures Using Public Keys
▪ Encryption and Decryption
▪ Cryptographic Hash Functions
▪ Symmetric-Key Encryption and
▪ Public Key Certificates

75