Computer Security

Communications, Networking & Security

Cryptography
Secure Communication
Needs and Requirements
• Well established needs for secure communication
– War time communication
– Business transactions
Unique value preposition
1. Secrecy
– Only intended receiver understands the message
2. Authentication
– Sender and receiver need to confirm each others identity
3. Message
– Ensure that their communication has not been altered, either
maliciously or by accident during transmission
Cryptography
Basics
• Cryptography is the science of secret, or hidden
writing
• It has two main Components:
1. Encryption
– Practice of hiding messages so that they can not be read by
anyone other than the intended recipient
2. Authentication & Integrity
– Ensuring that users of data/resources are the persons they claim
to be and that a message has not been surreptitiously altered
Encryption
Cipher
• Cipher is a method for encrypting messages

Plain Text Encryption Cipher Text Decryption Plain Text

Algorithm Algorithm

Key A Key B

• Encryption algorithms are standardized & published

• The key which is an input to the algorithm is secret
– Key is a string of numbers or characters
– If same key is used for encryption & decryption the algorithm is called
symmetric
– If different keys are used for encryption & decryption the algorithm is called
asymmetric
Encryption
Symmetric Algorithms
• Algorithms in which the key for encryption and
decryption are the same are Symmetric
– Example: Caesar Cipher
• Types:
1. Block Ciphers
– Encrypt data one block at a time (typically 64 bits, or 128 bits)
– Used for a single message
2. Stream Ciphers
– Encrypt data one bit or one byte at a time
– Used if data is a constant stream of information
Symmetric Encryption
Key Strength
• Strength of algorithm is determined by the size of the key
– The longer the key the more difficult it is to crack
• Key length is expressed in bits
– Typical key sizes vary between 48 bits and 448 bits
• Set of possible keys for a cipher is called key space
– For 40-bit key there are 240 possible keys
– For 128-bit key there are 2128 possible keys
– Each additional bit added to the key length doubles the security
• To crack the key the hacker has to use brute-force
(i.e. try all the possible keys till a key that works is found)
– Super Computer can crack a 56-bit key in 24 hours
– It will take 272 times longer to crack a 128-bit key
(Longer than the age of the universe)
Substitution Ciphers
Caesar Cipher
• Caesar Cipher is a method in which each letter in the
alphabet is rotated by three letters as shown

ABCDEFGHIJKLMNOPQRSTUVWXYZ

DEFGHIJKLMNOPQRSTUVWXYZABC

• Let us try to encrypt the message

– Attack at Dawn
Assignment: Each student will exchange a secret message
with his/her closest neighbor about some other person in the
class and the neighbor will decipher it.
Substitution Ciphers
Caesar Cipher
Encryption
Plain Text Cipher Text
Cipher:
Message: Caesar Cipher Message:
Attack at Dawn Algorithm Dwwdfn Dw Gdyq

Key (3)
Decryption
Cipher Text Plain Text
Cipher:
Message: Caesar Cipher Message:
Dwwdfn Dw Gdyq Algorithm Attack at Dawn

Key (3)

How many different keys are possible?

Data Encryption Standard (DES)
Basics
• Goal of DES is to completely scramble the data
and key so that every bit of cipher text depends on
every bit of data and ever bit of key
• DES is a block Cipher Algorithm
– Encodes plaintext in 64 bit chunks
– One parity bit for each of the 8 bytes thus it reduces to
56 bits
• It is the most used algorithm
– Standard approved by US National Bureau of
Standards for Commercial and non-classified US
government use in 1993
Encryption Algorithm
Summary

Algorithm Type Key Size Features

DES Block 56 bits Most Common, Not

Cipher strong enough
TripleDES Block 168 bits Modification of DES,
Cipher (112 effective) Adequate Security
Blowfish Block Variable Excellent Security
Cipher (Up to 448 bits)
AES Block Variable Replacement for DES,
Cipher (128, 192, or Excellent Security
256 bits)
RC4 Stream Variable Fast Stream Cipher,
Cipher (40 or 128 bits) Used in most SSL
implementations
Encryption
Limitations
• Any exposure to the secret key compromises
secrecy of ciphertext
• A key needs to be delivered to the recipient of the
coded message for it to be deciphered
– Potential for eavesdropping attack during transmission
of key
Encryption
Key Agreement
• Key agreement is a method to create secret key by exchanging only
public keys.
• Example
– Bob sends Alice his public key
– Alice sends Bob her public key
– Bob uses Alice’s public key and his private key to generate a session key
– Alice uses Bob’s public key and her private key to generate a session key
– Using a key agreement algorithm both will generate same key
– Bob and Alice do not need to transfer any key
Alice’s
Private Key

Bob’s Cipher
Public Key (DES) Alice and Bob
Bob’s Session Key Generate Same
Private Key
Session Key!
Alice’s Cipher
Public Key
(DES)
Authentication
Iris Recognition
The scanning process takes advantage of the
natural patterns in people's irises, digitizing them
for identification purposes

Facts
• Probability of two irises producing exactly the
same code: 1 in 10 to the 78th powerIndependent
variables (degrees of freedom) extracted: 266
• IrisCode record size: 512 bytes
• Average identification speed (database of 100,000
IrisCode records): one to two seconds