Systems and Networks Security

0405702

3- Basics of Cryptography

Dr. Jamal Bani Salameh

1
Cryptography
 kryptos (hidden) + graphein (to write) = secret writing
 Cryptography: Process of changing the original form of data to
unreadable one.
 Cryptography: Methods that turn ordinary text (plaintext) into
unreadable ciphertext. Only unreadable as long as an adversary
cannot invert (recover) the information

 It is used for:
– Conceal messages from unauthorized persons (secrecy +
privacy)
– Verify correctness of message (authentication)
– Authenticate to other party
 It form the basis to many security communication concerns
2
Basic Cryptography Terminology
 plaintext - the original message
 ciphertext - the coded message
 cipher - algorithm for transforming plaintext to ciphertext
 key - info used in cipher known only to sender/receiver
 encipher (encrypt) - converting plaintext to ciphertext
 decipher (decrypt) - recovering ciphertext from plaintext
 cryptography - study of encryption principles/methods
 cryptanalysis (codebreaking) - the study of principles/
methods of deciphering ciphertext without knowing key
 cryptology - the field of both cryptography and
cryptanalysis 3
 Cryptography
 Can be characterize by:
– Type of encryption operations used
• substitution / transposition / product
– Number of keys used
• single-key or private / two-key or public
– Way in which plaintext is processed
• block / stream

4
 Classical Cryptography

 The classical algorithms use

– Substitution: Letters/words are substituted by
another letters/words
– Transposition: Letters are arranged in different
order
 The substitution or transposition may be
– Monoalphabetic: one substitution/transposition
– Polyalphabetic: multiple substitution/transposition
5
 Classical Substitution Ciphers
 where letters of plaintext are replaced by other
letters or by numbers or symbols
 or if plaintext is viewed as a sequence of bits, then
substitution involves replacing plaintext bit patterns
with ciphertext bit patterns
 Advantages:
– Simple
– Easy to encrypt
 Disadvantages:
– Easy to break!!!

6
Caesar Cipher

 earliest known substitution cipher

 by Julius Caesar
 first confirmed use in military affairs
 replaces each letter by 3rd letter to the right
 example:
meet me after the toga party
PHHW PH DIWHU WKH WRJD SDUWB
7
 Caesar Cipher
 can define transformation as:
a b c d e f g h i j k l m n o p q r s t u v w x y z
D E F G H I J K L M N O P Q R S T U V W X Y Z A B C

 mathematically give each letter a number

a b c d e f g h i j k l m n o p q r s t
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19
u v w x y z
20 21 22 23 24 25

 then have Caesar cipher as:

C = E(p) = (p + k) mod (26)
p = D(C) = (C – k) mod (26)

8
Cryptanalysis of Caesar Cipher
 only have 26 possible ciphers
– A maps to A,B,..,Z
 could simply try each in turn
 a brute force search
 given ciphertext, just try all shifts of letters
 do need to recognize when have plaintext
 e.g. break ciphertext "GCUA VQ DTGCM"

9
Playfair Cipher

 not even the large number of keys in a

monoalphabetic cipher provides security
 one approach to improving security was to
encrypt multiple letters
 the Playfair Cipher is an example
 invented by Charles Wheatstone in 1854,
but named after his friend Baron Playfair
10
Playfair Key Matrix

 a 5x5 matrix of letters based on a keyword

 fill in letters of keyword (without duplicates)
 fill rest of matrix with remaining letters of the alphabet
 do not distinguish I and J
to have only 25 letters M O N A R
 e.g. using the keyword C H Y B D
MONARCHY:
E F G I K
L P Q S T
U V W X Z

11
 MON A R
Encrypting and Decrypting CHY B D
E F GI K
plaintext encrypted two letters at a time: L P QS T
1. if a pair is a repeated letter, insert a filler like 'X', U V WX Z
e.g. "balloon" encrypts as "ba lx lo on“
2. if both letters fall in the same row, replace each with letter
to right (wrapping back to start from end e.g. “ar"
encrypts as "RM"
3. if both letters fall in the same column, replace each with
the letter below it (again wrapping to top from bottom),
eg. “mu" encrypts to "CM"
4. otherwise each letter is replaced by the one in its row in
the column of the other letter of the pair, e.g. “hs"
encrypts to "BP", and “ea" to "IM" or "JM" (as desired)
12
Security of the Playfair Cipher
 security much improved over monoalphabetic
 since have 26 x 26 = 676 digrams
 would need a 676 entry frequency table to analyse
(verses 26 for a monoalphabetic)
 and correspondingly more ciphertext
 was widely used for many years (e.g. US &
British military in WW1)
 it can be broken, given a few hundred letters
 since still has much of plaintext structure
13
Vigenère Cipher
 A method of encrypting text by using a series of different
caesar ciphers
 simplest polyalphabetic substitution cipher
 1’st described in 1553
 effectively multiple caesar ciphers
 key is multiple letters long K = k 1 k2 … kd
 ith letter specifies ith alphabet to use
 use each alphabet in turn
 repeat from start after d letters in message
 decryption simply works in reverse

14
 Vigenère Cipher
 To encrypt ; a table of alphabets can be used “ a
tabula recta ” or “Vigenere square” or “
Vigenere table”.
 This table consists of the alphabet written out 26-
times in different rows
 Each alphabet is shifted cyclically to the left
compared to the previous alphabet, corresponding
to the 26 possible caeser ciphers.
 At different points in the encryption process; the
cipher uses a different alphabet from one of the
rows, the alphabet used at each point depends on a
repeating keyword. 15
Tabula Recta

16
 Encryption / Decryption

 To encrypt: the first letter of the PT is encrypted using the

alphabet in the corresponding row of the key.
 To Decrypt: going to the row in the table corresponding to
the key, finding the position of the cipher text letter in this
row and then using the column’s label as the cipher.

17
 Example
 write the plaintext out
 write the keyword repeated above it
 use each key letter as a caeser cipher key
 encrypt the corresponding plaintext letter
 e.g. using keyword deceptive
 To encrypt: the first letter of the PT is encrypted using the alphabet in
row d

key: deceptivedeceptivedeceptive
plaintext: wearediscoveredsaveyourself
ciphertext:ZICVTWQNGRZGVTWAVZHCQYGLMGJ

18
One-Time Pad
 It is nothing more than a large non-repeating set of truly random
keys letters written on a sheet of papers and glued together in a
pad.
 Originally it was made for teletypewriters
 The sender uses each key letter on the pad to encrypt exactly on
plaintext character.
 Each key letter is used exactly once for only one message
 The sender encrypt the message and then destroyes the used
pages of the pad.
 The receiver has an identical pad and uses each key on the pad
then destroys it
 The length of the key sequence must be equal to the message
length (new message means new key letters )
 The key letters are generated randomely 19
One-Time Pad
 Perfect Secrecy!
 Used in 1917
 Large, non-repeating set of keys
 can only use the key once
 have problem of safe distribution of key
 if a truly random key as long as the message is used, the
cipher will be secure
 is unbreakable since ciphertext bears no statistical
relationship to the plaintext
 since for any plaintext & any ciphertext there exists a key
mapping one to other
20
 One-Time Pad

 Advantages: immune to most attacks

 Disadvantages:
– Need total synchronization
– Need very long, non-repeating key
– Key cannot be reused
– Key management: printing, storing

21
 Encryption / Decryption

 Ct = (pt-cha + key- cha) mod26

 Pt = [(ct-cha +26) – key-cha] mod26

22
 Example

key: TBFRGFARFM
plaintext: O N E T I M E P A D
ciphertext: I P K L P S F H G Q

a b c d e f g h i j k l m n o p q r s t
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19
u v w x y z
20 21 22 23 24 25

 Ct = (pt-cha + key- cha) mod26

 Pt = [(ct-cha +26) – key-cha] mod26

23
Transposition Ciphers
 now consider classical transposition or
permutation ciphers
 Here, the plaintext remains the same, but
the order of characters is shuffled around.
 these hide the message by rearranging the
letter order
 without altering the actual letters used
 can recognise these since have the same
frequency distribution as the original text 24
Transposition Cipher
 In a simple columnar transposition cipher: the plaintext is written
horizontally onto a piece of graph of paper of a fixed width and the cipher
text is read off vertically
 Letters of the message are rearranged
 Break patterns, e.g., columnar transposition
Plaintext: this is a test
this
isat tiehssiatst!
est!
 Advantages: easy to implement
 Disadvantages:
 Trivially broken for known plaintext attack
 Easily broken for cipher only attack

25
Double Transposition
 Two columnar transposition with different
number of columns
– First transposition: breaks up adjacent letters
– Second transposition.: breaks up short patterns

26
 Row Transposition Ciphers
 a more complex scheme
 write letters of message out in rows over a specified number
of columns
 then reorder the columns according to some key before
reading off the columns
Key: 3 4 2 1 5 6 7
Plaintext: a t t a c k p
o s t p o n e
d u n t i l t
w o a m x y z
Ciphertext: TTNAAPTMTSUOAODWCOIXKNLYPETZ

27
 Product Ciphers
 ciphers using substitutions or transpositions are
not secure because of language characteristics
 hence consider using several ciphers in succession
to make harder, but:
– two substitutions make a more complex
substitution
– two transpositions make more complex
transposition
– but a substitution followed by a transposition
makes a new much harder cipher
 this is bridge from classical to modern ciphers 28
Encryption Systems Categories:

 Symmetric encryption.

 Asymmetric encryption.

29
 Symmetric Encryption
In a symmetric encryption system, both the sender and receiver must
possess the same key value. The sender encrypts the plaintext message
using the key and the receiver decrypts the cipher-text message using the
same secret key.
The word “symmetric" here means that the same key is used for
encryption and decryption.

Symmetric algorithms
Encryption and decryption is performed using a unique key
Both Tx. and Rx. agree to use the same secret key
The key may have an expiration date for containment of damage.
Key agreement/distribution is a problem
30
Symmetric Encryption

31
 Conventional (Secret Key) Cryptosystem

Plaintext Ciphertext Plaintext

Encryption Decryption
Sender Recipient

K
C=E(K,M) K needs
M=D(K,C) secure channel

32
Symmetric Cryptosystem: Encryption/Decryption function

plaintext encryption ciphertext decryption plaintext

key k key k
 Symmetric Keys

 Main Properties
– Given plaintext and a key, it is computationally efficient to compute the
ciphertext.
– Given ciphertext and a key, it is computationally efficient to compute the
plaintext.
– But, given ciphertext, it is computationally infeasible to compute the plaintext.
– Keys are secret, but algorithms are public
• Any algorithm is hard to keep secret if used widely
– Reverse engineering
• Public examination helps to find flaws
• Military keeps algorithms secret is to avoid giving enemy good ideas 33
Requirements
 two requirements for secure use of symmetric
encryption:
– a strong encryption algorithm
– a secret key known only to sender / receiver
Y = EK(X) and X = DK(Y)
– X = DK(EK(X))
 assume encryption algorithm is known
 need secure channel to distribute key
34
Symmetric Encryption

The weaknesses:
How you securely distribute the key to the needed
parties

Symmetric key systems can be unmanageable for

more than small groups of communicants.

35
Inherent Weaknesses of Symmetric Cryptography

 Key distribution must be done secretly (difficult when

parties are geographically distant, or don't know each
other)
 Need a key for each pair of users
n users need n*(n-1)/2 keys
 If the secret key (and cryptosystem) is compromised,
the adversary will be able to decrypt all traffic and
produce fake messages

36
 Symmetric Encryption
Two classes of symmetric-key encryption algorithms:

 Block - operates on plaintext input in blocks (usually

64 bits at a time) of bits to produce the ciphertext
output; uses the key value to determine how the
transformation algorithm is applied.
 Stream - operates on plaintext input one bit at a time,
often using a keystream generator to produce a series
of bits which are XOR'd with the plaintext input.

37
Steam Ciphers
 Convert one symbol of plain text into a symbol of
ciphertext based on the symbol (plain), key, and algorithm
 Advantages:
– Speed of transformation
– Low error propagation
 Disadvantages:
– Low diffusion
– Vulnerable to malicious insertion and modification

38
Block Ciphers
 Encrypt a group of plaintext as one block
and produces a block of ciphertext
 Advantages:
– Diffusion
– Immunity to insertions
 Disadvantages:
– Slowness of encryption
– Error propagation
39
Examples of Symmetric Encryption Algorithms

 Examples of Block:
– DES is a block cipher with a 64 bit block size.
– AES is a block cipher with a 128 bit block size.
– RSA and Diffie-Hellman are block ciphers with variable block
sizes.

 Examples of Stream:
– A5, the algorithm used to encrypt GSM communications, is a
stream cipher.
– The RC4 cipher and the one-time pad are also stream ciphers.

40
Stream Ciphers
C = P  K, where  is XOR Operation.

C  K = (P  K)  K = P ( K  K) = P  0 = P

 0 1
0 0 1
1 1 0

41
Stream Ciphers
C = P  K, where  is XOR Operation.

C  K = (P  K)  K = P ( K  K) = P  0 = P

Plaintext 1 0 1 1 0 1 1 0 0
        

Key 1 1 0 1 0 0 0 1 1
Cipher 0 1 1 0 0 1 1 1 1

42
 Asymmetric Encryption
Known as "public key" encryption, each entity participating in the
communication uses mathematical algorithms implemented in a software
program to generate a "public key" and a "private key" which are related via
the mathematical formulae. The private key must be kept secret and is never
disclosed; this is a requirement for the security system to function. The public
key, however, is intended to be freely distributed.
Public-key algorithm
The encryption key is different of the decryption key.
A private (secret) key is used either for encryption or decryption, but not
both.
A public key is used for the opposite operation.
Alison still has to deliver her public key to Bob, which has to deliver his
public key to Alison!
43
Asymmetric Encryption:

44
 Public Key Cryptosystem

Recipient’s public Recipient’s private

Key (Kpub) Key (Kpriv)

Plaintext Ciphertext Plaintext

Encryption Decryption
Sender
Recipient

C=E(Kpub,M) Kpub needs

M=D(Kpriv,C) reliable channel
45
Public key cryptography characteristics

 Something encrypted with the public key

can only be decrypted with the private key.

 Something encrypted with the private key

can only be decrypted with the public key.

46
 Symmetric-key
vs.
Public-key cryptography

47
Advantages of symmetric-key
 Have high rates of data throughput .
 Keys for symmetric-key ciphers are
relatively short.
 Symmetric-key ciphers can be composed to
produce stronger ciphers.

48
Disadvantages of symmetric-key

 In a two-party communication, the key must

remain secret at both ends.
 In a large network, there are many key pairs
to be managed.
 Digital signature mechanisms arising from
symmetric-key encryption.

49
Advantages of Public-key
 Only the private key must be kept secret.
 Depending on the mode of usage, a private
key/public key pair may remain unchanged for
considerable periods of time.
 Many public-key schemes yield relatively
efficient digital signature mechanisms.

50
Disadvantages of Public-key
 Slower than the best known symmetric-key
schemes.
 Key sizes are typically much larger.
 No public-key scheme has been proven to be
secure.

51
What makes a good cryptosystem?

 A good cryptosystem is one whose security

does not depend upon the secrecy of the
algorithm.
 From Bruce Schneier:
 “Good cryptographers rely on peer review
to separate the good algorithms from the
bad.''

52
Basic Encryption Techniques

 Substitution (confusion)
 Permutation (diffusion)
 Combinations and iterations of these

53
Confusion & Diffusion
 Pixels confusion: means re-arranging the original image pixels
locations; this step has the aim of reducing the high degree of
correlation between the neighboring pixels
 Diffusion: refers to changing the values of pixels of the image
by performing some transformations on the pixels values due to
the fact that sole confusion will not be enough and any inverse
process that will return the pixels to their original locations will
declare the original image, therefore, giving the pixels new
values will strengthen the encryption operation and cancel the
correlation between pixel resulting in an encrypted image with a
uniform histogram.

54
 Brute Force Search
 Always possible to simply try every key
 Most basic attack, proportional to key size
 Assume either know / recognise plaintext
Key Size Number of Time required at 1 Time required at 106
(bits) Alternative Keys decryption/µs decryptions/µs
32 232 = 4.3  109 231 µs = 35.8 2.15 milliseconds
minutes
56 256 = 7.2  1016 255 µs = 1142 years 10.01 hours
128 2128 = 3.4  1038 2127 µs = 5.4  1024 5.4  1018 years
years
168 2168 = 3.7  1050 2167 µs = 5.9  1036 5.9  1030 years
years
26 characters 26! = 4  1026 2  1026 µs = 6.4  1012 6.4  106 years
55
(permutation) years
 Block Ciphers: DES
 Block Cipher: divide a message into blocks, each block is then en/decrypted
– DES
– AES
 DES (Data Encryption Standard): published by NIST (IBM) in 1977
– Block size: 64 bits
– Key size: 56 bits
• 56 bits is ok in 1977, 64 bits is ok in 1995, 128 bits is ok until 2123
– Fast in hardware, slow in software (9 Mbps on Pentium II)
– Has been proven to be insecure in 1998
• EFF (Electronic Frontier Foundation) built a machine that can break DES in 5 days
• Faster to break using chosen plaintext attacks
– But Triple DES is secure (256 times more difficult than breaking DES
• Key size: 56*3=168 bits
• Underlying algorithm is the same
• No effective analytic attacks
• Drawbacks
– Performance: no efficient software codes for DES/3DES
– Efficiency/security: bigger block size desirable
56
 Block Ciphers: AES
 AES (Advanced Encryption Standard): published by NIST in 2001
– NIST issued call for ciphers in 1997, Rijndael was selected as the AES in
2000
– Block size: 128 bits
– Key size: 128, 192, or 256 bits
– Stronger & faster than Triple-DES
– Provide full specification & design details
– Free to use!
– Evaluation criteria
• Security: effort to practically cryptanalysis
• Cost: computational efficiency and memory requirement
• Algorithm & implementation characteristics: flexibility to apps,
hardware/software suitability, simplicity

57
 Stream Cipher

 Stream Cipher: process messages a bit or byte at a time when

en/decrypting
 Note: keys must never be used twice (unlike block cipher where
keys can be reused.)
58
Stream Cipher
 RC4 algorithm
– Design in 1987 by Ron Rivest for RSA Security
– Used in
• SSL/TLS (Secure Socket Layer/Transport layer Security)
• WEP (Wired Equivalent Privacy) Protocol
• WPA (WiFi Protected Access)
– Variable key size
• Using 128 bits key, no practical ways to break RC4 so far
– Speed: 45 Mbps on Pentium II

59
Information Hiding

There are two major branches of information

hiding, Steganography and Watermarking
 Steganography
What is Steganography?

Greek Words:
STEGANOS – “Covered”
GRAPHIE – “Writing”
Stegosaurus: a covered lizard
(but not a type of cryptography)

 Steganography is the art and science of writing

hidden messages in such a way that no one apart
from the intended recipient knows of the existence
of the message.

 This can be achieve by concealing the existence of

information within seemingly harmless carriers or
cover

 Carrier: text, image, video, audio, etc.

Steganography - Invisible

Implement OP 005 @
1423.

62
Digital Watermarking

 Used primarily for identification

 Embedding a unique piece of information
within a medium (typically an image)
without noticeably altering the medium
 Almost impossible to remove without
seriously degrading an image
Visible Watermark - Image

64
Digital Steganogaphy & Watermarking
 Digital watermarking hides data in a file, and
the act of hiding data makes it a form or
steganography
 The key difference is their goals...
– Steganography: hiding information
– Watermarking: extending the file with extra
information
 Steganographic information must never be
apparent to a viewer unaware of its presence.
Network Security and Steganography

 Confidentiality: any unauthorized person does not

know that sensitive data exists
 Survivability: verifying that the data does not get
destroyed in the transmission
 No detection: cannot be easily found out that the
data is hidden in a given file
 Visibility: people cannot see any visible changes to
the file in which the data is hidden
 Steganography & Cryptography
 Steganography and Cryptography are closely
related
 The difference is in their goals...
– Cryptography: although encypted and unreadable,
the existence of data is not hidden
– Steganography: no knowledge of the existence of
the data
 Steganography and Cryptography can be used
together to produce better protection
Difference between Steganography & Cryptography
 Cryptography prevents unauthorized party from discovering the content of communication but
Steganography prevents discovery of the existence of communication
 Cryptography alters the structure of secret message while Steganography does not alter the
structure of secret message.
 Cryptography is more common technology than Steganography technology.
 The most algorithms of Cryptography are well known, but the algorithms of Steganography
are still being developed by certain formats.
 In Cryptography, the strong algorithm depends on the key size, the more key size; the more
expensive computing power is required to decrypt ciphertext. In Steganography, once the
hidden message is detected, the message is become known.
 Cryptography can provide all security objectives by implementing the public and private
key(s) with hash functions or authentication codes or digital signatures. Steganography cannot
provide most of security objectives (Integrity, authenticity, non-repudiation) by itself without
using the cryptographic techniques. However it provides confidentiality by itself because
mostly, the concerning person knows that the message is hidden in what kind of medium.

68
 Types of Digital Steganography

 Hiding a Message inside Text

 Hiding a Message inside Images
– Most popular technique
 Hiding a Message inside Audio and Video
Files
 History of Steganography
Steganography ancient origins can be traced back to 440 BC, from the Histories of Herodotus

Demeratus sent a warning about a forthcoming attack to Greece by writing it on a wooden

panel and covering it in wax.

Histiaeus, who shaved the head of his most trusted slave and tattooed a message on it. After his
hair had grown the message was hidden. The purpose was to instigate a revolt against the
Persians.

 Some techniques:
– Character marking: selected letter of printed or typewritten text are
overwritten in pencil
– Invisible ink
– Pin punctures: small pin punctures are only shown if paper is hold
against a light source
– Typewriter correction ribbon: used between lines of normal black
ribbon. Only visible under strong light.
 Modern Steganography Techniques
Masking and Filtering: Is where information is hidden inside of a image using
digital watermarks that include information such as copyright, ownership, or
licenses. The purpose is different from traditional steganography since it is
adding an attribute to the cover image thus extending the amount of
information presented.

Algorithms and Transformations: This technique hides data in mathematical

functions that are often used in compression algorithms. The idea of this
method is to hide the secret message in the data bits in the least significant
coefficients.

Least Significant Bit Insertion: The most common and popular method of modern
day steganography is to make use of the LSB of a picture’s pixel information.
Thus the overall image distortion is kept to a minimum while the message is
spaced out over the pixels in the images. This technique works best when the
image file is larger then the message file and if the image is grayscale.
 Basics of Modern Steganography

fE:     steganographic function "embedding"

fE-1:   steganographic function "extracting"
cover:  cover data in which emb will be hidden
emb:    message to be hidden
key:    parameter of fE
stego:  cover data with the hidden message
 Important Requirement for
Steganographic System

 Security of the hidden communication

 size of the payload

 Robustness against malicious and

unintentional attacks
Steganography Tools
 Detection of Steganographic
Content/Countermeasures

The detection of steganographically encoded packages is

called Steganalysis.

– Visual Analysis tries to reveal the presence of secret

communication through inspection, either with the naked eye or
with the assistance of a computer.

– Statistical (Algorithmic) Analysis reveals tiny alterations in an

image's statistical behavior caused by steganographic embedding.
• The nominally universal methods developed to detect embedded stego-
data are generally less effective than the steganalytic methods aimed at
specific types of embedding.
Steganography, Cryptography, and Watermarking
There are two major branches of information hiding, Steganography and
Watermarking

Watermarking:
– Communication in watermarking is the host signal, with the embedded data
providing copyright protection.
– The existence of a watermark is often declared openly.
– Any attempt to remove or invalidate the embedded content renders the host
useless.

Cryptography:
– Doesn’t conceal the communication.
– Scrambles the data to prevent eavesdroppers understanding the content.
– Cryptography involves various methods and implementations.
– May be considered complementary and orthogonal (unrelated).

Once the presence of hidden information is revealed or even suspected, the

purpose of steganography is defeated.
 Steganography Sample Website

 Here is the link for Sample Steganographic

tool Website:

http://mozaiq.org/