CRYPTOGRAPHY

Netprog: Cryptgraphy 1
 Secret Key Cryptography
• Single key used to encrypt and
decrypt.
• Key must be known by both parties.
• Assuming we live in a hostile
environment (otherwise - why the
need for cryptography?), it may be
hard to share a secret key.

Netprog: Cryptgraphy 2
 Public Key Cryptography
(a.k.a. asymmetric cryptography)

• Relatively new field - 1975 (as far as

we know, the NSA is not talking).

• Each entity has 2 keys:

– private key (a secret)
– public key (well known).

Netprog: Cryptgraphy 3
 Using Keys
• Private keys are used for decrypting.
• Public keys are used for encrypting.

encryption
plaintext ciphertext
public key

decryption
Ciphertext plain text
private key

Netprog: Cryptgraphy 4
 Digital Signature
• Public key cryptography is also used
to provide digital signatures.

signing
plaintext signed message
private key

verification
signed message plaintext
public key

Netprog: Cryptgraphy 5
Example (S. Singh, The Code Book, 1999)
 Ciphertext
 PCQ VMJYPD LBYK LYSO KBXBJXWXV BXV ZCJPO EYPD
KBXBJYUXJ LBJOO KCPK. CP LBO LBCMKXPV XPV IYJKL PYDBL,
QBOP KBO BXV OPVOV LBO LXRO CI SX'XJMI, KBO JCKO XPV
EYKKOV LBO DJCMPV ZOICJO BYS, KXUYPD: 'DJOXL EYPD, ICJ
X LBCMKXPV XPV CPO PYDBLK Y BXNO ZOOP JOACMPLYPD LC
UCM LBO IXZROK CI FXKL XDOK XPV LBO RODOPVK CI XPAYOPL
EYPDK. SXU Y SXEO KC ZCRV XK LC AJXNO X IXNCMJ CI UCMJ
SXGOKLU?'
OFYRCDMO, LXROK IJCS LBO LBCMKXPV XPV CPO PYDBLK

Any Guesses???

Netprog: Cryptgraphy 6
 Frequency Analysis
 Identyfying comon letters, digrams and trigrams...
 PCQ VMJYPD LBYK LYSO KBXBJXWXV BXV ZCJPO EYPD KBXBJYUXJ
LBJOO KCPK. CP LBO LBCMKXPV XPV IYJKL PYDBL, QBOP KBO BXV
OPVOV LBO LXRO CI SX'XJMI, KBO JCKO XPV EYKKOV LBO DJCMPV
ZOICJO BYS, KXUYPD: 'DJOXL EYPD, X LBCMKXPV XPV CPO PYDBLK
Y BXNO ZOOP JOACMPLYPD LC UCM LBO IXZROK CI FXKL XDOK
XPV LBO RODOPVK CI XPAYOPL EYPDK. SXU Y SXEO KC ZCRV XK LC
AJXNO X IXNCMJ CI UCMJ SXGOKLU?'
OFYRCDMO, LXROK IJCS LBO LBCMKXPV XPV CPO PYDBLK
 First guess: LBO is THE

7
 Frequency Analysis
 Assuming LBO represents THE we replace L with T, B with
H, and O with E and get
 PCQ VMJYPD THYK TYSE KHXHJXWXV HXV ZCJPE EYPD
KHXHJYUXJ THJEE KCPK. CP THE THCMKXPV XPV IYJKT PYDHT,
QHEP KHO HXV EPVEV THE LXRE CI SX'XJMI, KHE JCKE XPV
EYKKOV THE DJCMPV ZEICJE HYS, KXUYPD: 'DJEXT EYPD, ICJ X
LHCMKXPV XPV CPE PYDHLK Y HXNE ZEEP JEACMPTYPD TC UCM
THE
IXZREK CI FXKL XDEK XPV THE REDEPVK CI XPAYEPT EYPDK. SXU Y
SXEE KC ZCRV XK TC AJXNE X IXNCMJ CI UCMJ SXGEKTU?'
EFYRCDME, TXREK IJCS THE LHCMKXPV XPV CPE PYDBTK
 More guesses…?

8
 Code
XZAVOIDBYGERSPCFHJKLMNQTUW
ABCDEFGHIJKLMNOPQRSTUVWXYZ

 Plaintext Now during this time Shahrazad had borne

King Shahriyar three sons. On the thousand and first
night, when she had ended the tale of Ma'aruf, she rose
and kissed the ground before him, saying: 'Great King,
for a thousand and one nights I have been recounting to
you the fables of past ages and the legends of ancient
kings. May I make so bold as to crave a favour of your
majesty?’ Epilogue, Tales from the Thousand and One Nights
9
 Transmitting over an insecure
channel.
Alice wants to send Bob a private
message.

Apublic is Alice’s public key.

Aprivate is Alice’s private key.
Bpublic is Bob’s public key.
Bprivate is Bob’s private key.

Netprog: Cryptgraphy 10
 Hello Bob,
Wanna get together?

Alice Bob

encrypt using Bpublic decrypt using Bprivate

Netprog: Cryptgraphy 11
 OK Alice,
Your place or mine?

Alice Bob

decrypt using Aprivate encrypt using Apublic

Netprog: Cryptgraphy 12
 Bob’s Dilemma
• Nobody can read the message from
Alice, but anyone could produce it.
• How does Bob know that the message
was really sent from Alice?

• Bob may be comforted to know that

only Alice can read his reply.

Netprog: Cryptgraphy 13
 Alice can sign her message!
• Alice can create a digital signature
and prove she sent the message (or
someone with knowledge of her
private key).
• The signature can be a message
digest encrypted with Aprivate.

Netprog: Cryptgraphy 14
 Message Digest
• Also known as “hash function” or
“one-way transformation”.
• Transforms a message of any length
and computes a fixed length string.
• We want it to be hard to guess what
the message was given only the
digest.
– Guessing is always possible.

Netprog: Cryptgraphy 15
 Alice’s Signature
• Alice feeds her original message through a
hash function and encrypts the message
digest with Aprivate.
• Bob can decrypt the message digest using
Apublic.
• Bob can compute the message digest
himself.
• If the 2 message digests are identical, Bob
knows Alice sent the message.

Netprog: Cryptgraphy 16
 Revised Scheme

Alice Bob

Sign with Aprivate check signature using Apublic

encrypt using Bpublic decrypt using Bprivate

Netprog: Cryptgraphy 17
 Why the digest?
• Alice could just encrypt her name,
and then Bob could decrypt it with
Apublic.

• Why wouldn’t this be sufficient?

Netprog: Cryptgraphy 18
 Implications
• Suppose Alice denies she sent the
message?

• Bob can prove that only someone with

Alice’s key could have produced the
message.

Netprog: Cryptgraphy 19
 Another possible problem
• Suppose Bill receives a message from Alice
including a digital signature.
“its Alice here ”

• Bill sends the same message to Joe so that

it looks like the message came from Alice.
• Bill includes the digital signature from the
message Alice sent to him.
• Joe is convinced Alice sent the message!

Netprog: Cryptgraphy 20
 Solution?
• Always start your messages with:
– Dear Bill,

• Create a digest from the encrypted

message and sign that digest.

• There are many other schemes as

well.

Netprog: Cryptgraphy 21
 Speed
• Secret key encryption/decryption
algorithms are much faster than
public key algorithms.
• Many times a combination is used:
– use public key cryptography to share a
secret key.
– use the secret key to encrypt the bulk
of the communication.

Netprog: Cryptgraphy 22
 Secure Protocols
• There are a growing number of
applications for secure protocols:
– email
– electronic commerce
– electronic voting
– homework submission

Netprog: Cryptgraphy 23
 Secure Protocols
• Many application protocols include the
use of cryptography as part of the
application level protocol.
– The cryptographic scheme employed is
part of the protocol.
– If stronger cryptographic tools become
available we need to change the protocol.

Netprog: Cryptgraphy 24
 Internet Security

 Recall that validating a signature requires knowledge of the

other party’s public key
 How do we know other people’s public keys?
 Certification Authorities provide certificates that bind
identities to public keys
 A certificate is a pair (id, key) signed by the CA
 A user needs to know only the public key of the CA

25
 Thanx …..
Any
questions???????

Surabhi Singhal
Netprog: Cryptgraphy 26