1

CHAPTER TWO

CRYPTOGRAPH
Y
 2 INTRODUCTION
 The global Internet is the internationally connected network of
computer networks with addresses that are administrated by
IANA (Internet address and Naming Authority).
 There are many aspects to security and many applications,
ranging from secure commerce and payments to private
communications and protecting passwords.
 Network security is mostly achieved through the use of
cryptography, a science based on abstract algebra.
 One essential aspect for secure communications = cryptography.
 3  What is Cryptography?
 The word cryptography was coined by combining two Greek words, Krypto
meaning hidden and graphene meaning writing = Secret writing.
 Cryptography is the practice and study of hiding information.
 It is the Art or Science of converting a plain intelligible data into
an unintelligible data and again retransforming that message into
its original form.
 Aim: to make messages secure and immune to attacks.
 Cryptography is about constructing and analysing protocols that prevent
third parties or the public from reading private messages; various aspects in
information security such as data confidentiality, data integrity,
authentication, and nonrepudiation (Availability and authentication) are
central to modern cryptography.
 4  PURPOSE OF CRYPTOGRAPHY
 Authentication: The process of proving one's identity. (The
primary forms of host-to-host authentication on the Internet
today are name-based or address-based, both of which are
notoriously weak.)
 Privacy/confidentiality: Ensuring that no one can read the
message except the intended receiver.
 Integrity: Assuring the receiver that the received message has
not been altered in any way from the original.
 Non-repudiation: A mechanism to prove that the sender
really sent this message.
 Terminologies
5
 Plaintext: The original intelligible message, before being
transformed.
 Cipher text: The transformed message.
 Cipher (Encipher) or Encode: An algorithm for transforming
an intelligible message into one that is unintelligible by
transposition and/or substitution methods
 The process of converting plaintext to cipher text using a
cipher and a key
 An encryption algorithm transforms the plaintext into cipher text; a decryption algorithm
transforms the cipher text back into plaintext.
 The sender uses an encryption algorithm, and the receiver uses a decryption algorithm.
 6
 Key: Some critical information used by the cipher, known only to the
sender& receiver
 A key is a number (or a set of numbers) that the cipher, as
an algorithm, operates on.
 To encrypt a message, we need an encryption algorithm, an
encryption key, and the plaintext.
 These create the cipher text.
 To decrypt a message, we need a decryption algorithm, a
decryption key, and the cipher text.
 These reveal the original plaintext.
7 Components of Cryptography
8 Using Keys
 Private keys are used for decrypting.
 Public keys are used for encrypting.
 9

 
Process of cryptography
 10 Three Types of Keys
 three types of keys in cryptography:
 Secret key, the public key, and the private key.
 The secret key, is the shared key used in symmetric-key
cryptography.
 The second and the third are the public and private keys
used in asymmetric-key cryptography.
 11

 Decipher (decode) the process of converting cipher text back

into plaintext using a cipher and a key
 Cryptology: is the art and science of making and breaking
“secret codes.”
 Cryptography: is the making of “secret codes.”
 Cryptanalysis: is the breaking of “secret codes.”
 The study of principles and methods of transforming an unintelligible
message back into an intelligible message without knowledge of the
key. Also called code breaking
 Crypto: is a synonym for any or all of the above.
12 Cryptanalysis
 The process of attempting to discover X or K or
both is known as cryptanalysis.
 The strategy used by the cryptanalysis depends on
the nature of the encryption scheme and the
information available to the cryptanalyst
 types of cryptanalytic attacks based on the
amount of information known to the cryptanalyst.
 13

 Cipher text only – A copy of cipher text alone is known to the

cryptanalyst.
 Known plaintext – The cryptanalyst has a copy of the cipher text
and the corresponding plaintext.
 Chosen plaintext – The cryptanalysts gains temporary access to the
encryption machine.
 They cannot open it to find the key, however; they can encrypt a large
number of suitably chosen plaintexts and try to use the resulting cipher
texts to deduce the key.
 Chosen cipher text – The cryptanalyst obtains temporary access to
the decryption machine, uses it to decrypt several string of symbols,
and tries to use the results to deduce the key.
14
Steganography (Conventional)
 The methods of concealing the existence of the message, whereas the methods of
cryptography render the message unintelligible to outsiders by various transformations of
the text.
 A time-consuming to construct, is one in which an arrangement of words or letters.
 (i) the sequence of first letters of each word of the
overall message spells out the real (Hidden) message. (ii) Subset of the
words of the overall message is used to convey the hidden message
 For example, the sequence of first letters of each word of the overall message spells out
the hidden message.
 Character marking: Selected letters of printed or typewritten text are overwritten in
pencil. The marks are ordinarily not visible unless the paper is held at an angle to bright
light.
 Invisible ink: A number of substances can be used for writing but leave no visible trace
until heat or some chemical is applied to the paper.
 Reverse Writing
15 Drawbacks of steganography
 Requires a lot of overhead to hide a relatively few bits of information.
 Once the system is discovered, it becomes virtually worthless.
 16

 Alice, Bob, and Eve

In cryptography, it is customary to use three characters in an
information exchange scenario; we use Alice, Bob, and Eve.
 Alice is the person who needs to send secure data.
 Bob is the recipient of the data.
 Eve is the person who somehow disturbs the communication
between Alice and Bob by intercepting messages to uncover the
data or by sending her own disguised messages.
 These three names represent computers or processes that actually
send or receive data, or intercept or change data.
17  TYPES OF CRYPTOGRAPHIC
ALGORITHMS
 18 Types of Cryptography
 cryptography algorithms (ciphers) into two groups:
symmetric key (also called secret-key) cryptography
algorithms and asymmetric (also called public-key)
cryptography algorithms.
 19  Types of Cryptography
Secret Key Cryptography- Symmetric Key
• Single key used to encrypt and decrypt.
• Key must be known by both parties.
• In symmetric-key cryptography, the same key is used by both
parties.
 The sender uses this key and an encryption algorithm to encrypt
data; the receiver uses the same key and
the corresponding decryption algorithm to decrypt the data.
 It may be hard to share a secret key in distributed system.
20 Cond…
 21
Cont.…
 Cryptographic systems are generally classified along 3 independent
dimensions:
1. Type of operations used for transforming plain
text to cipher text: All the encryption algorithms are based on two
general principles:
A. Substitution, in which each element in the plaintext is mapped into
another element, and
B. Transposition, in which elements in the plaintext are rearranged.
2. The number of keys used
 If the sender and receiver uses same key then it is said to be symmetric key
(or) single key (or) conventional encryption.
 If the sender and receiver use different keys then it is said to be
public key encryption.
 22 Cond…
 3. The way in which the plain text is processed
A. A block cipher processes the input and block of
elements at a time, producing output block for each
input block.
B. A stream cipher processes the input elements
continuously, producing output element one at a time,
as it goes along
23 Stream, Block Ciphers
• E encipherment function
– Ek(b) encipherment of message b with key k
– In what follows, m = b1b2 …, each bi of fixed length

• Block cipher
– Ek(m) = Ek(b1)Ek(b2) …

• Stream cipher
– k = k1k2 …
– Ek(m) = Ek1(b1)Ek2(b2) …
– If k1k2 … repeats itself, cipher is periodic and the length of its period is
one cycle of k1k2 …
 24 SYMMETRIC-KEY CRYPTOGRAPHY
 Traditional Ciphers
 these are now obsolete
 We can divide traditional symmetric-key ciphers into two broad
categories: substitution ciphers and transposition ciphers
 25 1. Substitution Cipher- Julius Caesar
 substitutes one symbol with another- is called shift cipher
 We can replace character A with D, and character T with Z.
 If the symbols are digits (0 to 9), we can replace 3 with 7, and 2 with 6.
 Can be either
 monoalphabetic ciphers.
 the plaintext is always changed to the same character (or symbol) in the
ciphertext regardless of its position in the text.
 if the algorithm says that character A in the plaintext is changed to character
D, every character A is changed to character D. (one-to-one relationship)
 polyalphabetic ciphers
 each occurrence of a character can have a different substitute.
 one-to-many relationship
 character A could be changed to D in the beginning of the text, but it could
be changed to N at the middle.
 Example
26

 Use the shift cipher with key = 15 to encrypt the message "HELLO."
 Solution
 We encrypt one character at a time.
 Each character is shifted 15 characters down.
 Letter H is encrypted to W. Letter E is encrypted to T. The first L is encrypted to A.
The second L is also encrypted to A. And 0 is encrypted to D.
 The cipher text is WTAAD.
 Use the shift cipher with key = 15 to decrypt the message
"WTAAD."
 Disadvantages
 The encryption and decryption algorithms are known.
 There are only 25 keys to try.
 The language of the plaintext is known and easily recognizable.
27 2. Transposition Ciphers
 there is no substitution of characters; instead, their locations
change.
 A character in the first position of the plaintext may appear in
the tenth position of the cipher text.
 A character in the eighth position may appear in the first
position.
 In other words, a transposition cipher reorders the symbols in
a block of symbols.
 A transposition cipher reorders (permutes) symbols in a block
of symbols.
 28

 Key In a transposition cipher, the key is a mapping between

the position of the symbols in the plaintext and cipher text. For
example, the following shows the key using a block of four
characters:

 In encryption, we move the character at position 2 to position

1, the character at position 4 to position 2, and so on. In
decryption, we do the reverse.
 29 Example
 Encrypt the message "HELLO MY DEAR," using the above
key.
 Solution
 We first remove the spaces in the message.
 We then divide the text into blocks of four characters.
 We add a bogus character Z at the end of the third block. The
result is HELL OMYD EARZ.
 We create a three-block ciphertext ELHLMDOYAZER.
 Decrypt the message "ELHLMDOYAZER".
Solution
The result is HELL OMYD EARZ. After removing the bogus
character and combining the characters, we get the original
message "HELLO MY DEAR."
30 Play fair cipher
 Play fair, which treats diagrams in the plaintext as single
units and translates these units into cipher text diagrams.
 The play fair algorithm is based on the use of 5x5 matrix
of letters constructed using a keyword.
31
32 Example
 33
Modern Symmetric Ciphers
• Disadvantage: key distribution
• Traditional symmetric keys are character oriented and the advent is bit oriented.
• Commercial Symmetric systems
– DES
– AES

 The most widely used encryption scheme is based on the Data Encryption
Standard (DES) adopted in 1977 by the National Bureau of Standards, now the
National Institute of Standards and Technology (NIST), as Federal Information
Processing Standard 46
 For DES, data are encrypted in 64-bit blocks using
a 56-bit key. The algorithm transforms 64-bit input in a series of steps into a
64-bit output.
 The same steps, with the same key, are used to reverse the encryption.
34 Assignment (20%)

 Write a detail notes on AES and DES with brief examples

 Why organization needs security and define the security levels
 35 Overview of the DES
• A block cipher:
– encrypts blocks of 64 bits using a 56 bit key
– outputs 64 bits of ciphertext
• A product cipher
– basic unit is the bit
– performs both substitution (S-box) and transposition
(permutation) (P-box) on the bits
• Cipher consists of 16 rounds (iterations) each with a
round key generated from the user-supplied key
36 Feistel Network
• Structured to enable use of same S-box and P-box
for encryption and decryption
– Change only key schedule
• Major feature is key division and swapping
– L(i) = R(i-1)
– R(i) = L(i-1) xor f(K(i), R(i-1))
37 The Big Picture
 38 DES Decryption
• decrypt must unwind steps of data computation
• with Feistel design, do encryption steps again using
subkeys in reverse order (SK16 … SK1)
• note that IP undoes final FP step of encryption
– 1st round with SK16 undoes 16th encrypt round
– ….
– 16th round with SK1 undoes 1st encrypt round
• then final FP undoes initial encryption IP thus
recovering original data value
 39 AES Background
• Clear a replacement for DES was needed
– Can use Triple-DES –but slow with small blocks
• US NIST issued call for ciphers in 1997
– 15 candidates accepted in Jun 98
– 5 were short-listed in Aug-99
• Rijndael was selected as AES in Oct-2000
– issued as FIPS PUB 197 standard in Nov-2001
40 AES Requirements
• Private key symmetric block cipher
– 128-bit data, 128/192/256-bit keys
• Stronger & faster than Triple-DES
• Active life of 20-30 years (+ archival use)
• Provide full specification & design details
• Both C & Java implementations
• NIST have released all submissions &
unclassified analyses
 41 Algorithm Overview
• Processes data as 4 groups of 4 bytes (state)
• Has 9/11/13 rounds in which state undergoes:
– Byte substitution (1 S-box used on every byte)
– Shift rows (permute bytes between groups/columns)
– Mix columns (subs using matrix multiply of groups)
– Add round key (XOR state with key material)
• All operations can be combined into XOR and table
lookups -hence very fast & efficient
 42 Byte Substitution
• A simple substitution of each byte
• Uses one table of 16x16 bytes containing a permutation of all 256
8-bit values
• Each byte of state is replaced by byte in row (left 4-bits) & column
(right 4-bits)
• S-box is constructed using a defined
transformation of the values in GF(2 ) 8

• Designed to be resistant to all known attacks

43 Shift Rows
• A circular byte shift in each row
– 1st row is unchanged
– 2nd row does 1 byte circular shift to left
– 3rd row does 2 byte circular shift to left
– 4th row does 3 byte circular shift to left
• Decrypt does shifts to right
• Since state is stored by columns, this step
permutes bytes between the columns
44 Mix Columns
• Each column is processed separately
• Each byte is replaced by a value dependent on
all 4 bytes in the column
• Effectively a matrix multiplication in GF(2 8)
using prime poly m(x) =x8+x4+x3+x+1
45
AES Key Expansion
• Takes 128-bit (16-byte) key and expands into array of
44/52/60 32-bit words
• Start by copying key into first 4 words
• Then loop creating words that depend on values in
previous & 4 places back
– in 3 of 4 cases just XOR these together
– every 4th has S-box + rotate + XOR constant of previous
before XOR together
• Designed to resist known attacks
46 Revesion
47 Revision

 Symmetric Key ciphers

 Block Ciphers
 Feistel Cipher Structure

 Stream ciphers
 DES
 AES
 Public Key Cryptography/Asymmetric
 RSA
 Diffie Hellman
 Hashing
 48  Public Key /Asymmetric Cryptography
 Is a class of cryptographic algorithms which requires two separate
keys.
 One of the keys allocated to each person is called the "public key",
and is published in an open directory somewhere where anyone can
easily look it up and secret or private.
 In asymmetric or public-key cryptography, there are two keys :
 Private Key (a secret)
 Public key (well known).
 The private key is kept by the receiver.
 The public key is announced to the public.
 Alice wants to send a message to Bob.
 Alice uses the public key to encrypt the message.
 When the message is received by Bob, the private key is used to decrypt the
message.
49

 In public-key encryption/decryption, the public key that is used

for encryption is different from the private key that is used for
decryption.
 The public key is available to the public and the private key is
available only to an individual.
50 Public/Private Key Cryptography
 Asymmetric key cryptography overcomes the key
management problem by using different encryption and
decryption key pairs.
 Having knowledge of one key, say the encryption key, is not
sufficient enough to determine the other key - the decryption
key.
 The mathematical relationship between the public/private key
pair permits a general rule: any message encrypted with one
key of the pair can be successfully decrypted only with that
key's counterpart.
Public Key Cryptography
symmetric key crypto
 requires sender, receiver
know shared secret key
 Q: how to agree on key in
first place (particularly if
never “met”)?
public key cryptography
 radically different
approach [Diffie-
Hellman76, RSA78]
 sender, receiver do
not share secret key
 public encryption key
known to all
 private decryption
key known only to
receiver
51
 52 Public key encryption algorithms

Requirements:

1
.+ K ( ) such that-
need K ( ) and .
B B
- +
K (K (m)) = m
B B
given public key K , it should +be impossible to
2 compute private key K B
-
B

RSA: Rivest, Shamir, Adelson algorithm

 Modular Arithmetic
• a mod b = x if for some k >= 0, bk + x = a
• Associativity, Commutativity, and
Distributivity hold in Modular Arithmetic
• Inverses also exist in modular arithmetic
– a + (-a) mod n = 0
– a * a-1 mod n = 1

53
 54 RSA
 Public-key cryptography, also known as asymmetric cryptography, uses two
different but mathematically linked keys, one public and one private.
 The public key can be shared with everyone, whereas the private key must be kept
secret.

 Generate two large random primes, p and q, of approximately equal size such that their
product n=pq is of the required bit length, e.g. 1024 bits.
 Compute n=pq and ϕ=(p−1)(q−1).
 Choose an integer e, 1<e<ϕ, such that gcd(e,ϕ)=1.
 Compute the secret exponent d, 1<d<ϕ, such that ed≡1modϕ.
 The public key is (n,e) and the private key (d,p,q).
 Keep all the values d, p, q and ϕ secret. [Sometimes the private key is written as (n,d) because
you need the value of n when using d. Other times we might write the key pair as ((N,e),d).]
 n is known as the modulus.
 e is known as the public exponent or encryption exponent or just the exponent.
 d is known as the secret exponent or decryption exponent.
 RSA: Choosing keys
1. Choose two large prime numbers p, q.
(e.g., 1024 bits each)

2. Compute n = pq, z = (p-1)(q-1)

3. Choose e (with e<n) that has no common factors

with z. (e, z are “relatively prime”).

4. Choose d such that ed-1 is exactly divisible by z.

(in other words: ed mod z = 1 ).

5. Public key is (n,e). Private key is (n,d).

+ -
KB KB
55
 RSA: Encryption, decryption
0. Given (n,e) and (n,d) as computed above

1. To encrypt bit pattern, m, compute

e
c = m emod n (i.e., remainder when m is divided by n)

2. To decrypt received bit pattern, c, compute

d
m = c dmod n (i.e., remainder when c is divided by n)

Magic d
m = (m e mod n) mod n
happens!
c
56
 Encryption
• Sender A does the following:-
– Obtains the recipient B's public key (n,e).
– Represents the plaintext message as a positive
integer m with 1<m<n.
e
– Computes the ciphertext c=m modn.
– Sends the ciphertext c to B.

57
 Decryption
• Recipient B does the following:-
• Uses his private key (n,d) to compute
m=cdmodn.
• Extracts the plaintext from the message
representative m.

58
59
 RSA Algorithm
• Choose 2 distinct prime numbers.
– p = 3 and q = 11.
• Compute n = p * q = 3 * 11 = 33
• Compute the Totient function
– φ(n) = (p - 1) * (q - 1) = 2 * 10 = 20
• Choose e such that 1 < e < φ(n) and e and n are coprime.
Let e = 7
• Compute a value for d such that (d * e) % φ(n) = 1.
– Lets say d = 3 i.e. [(3 * 7) % 20 = 1]

In RSA, e and n are announced to the public; d and are kept secret.

60
• BUT HOW TO FIND
THE VALUE OF d?

61
• Step-1: Choose two prime number p and q
• Step-2: Compute the value of
• Given as
• Step-3: Find the value of  (public key)
• Step-4: Compute the value of (private key)

62
63
 Exercises
• Let p=7, q=17 and e=5 find the public key
and private key.
• Change the value of e to 7 and find the
value of private key
• If p=7 and q=11. Let the value of e be 13
and find the private key and public key.

64
 Exercise
• Bob chooses 7 and 11 as p and q and calculates n =
7 . 11 = 77.
• The value of <p = (7 - 1) (11 - 1) or 60.
• Now he chooses two keys, e and d. If he chooses e
to be 13, then d is 37.
• Now imagine Alice sends the plaintext 5 to Bob.
• She uses the public key 13 to encrypt 5.
• Show how Bob can send a message to Alice
if he knows e and n.

65
Solution

66
67
 Where is the security?
• What problem must you solve to discover d?
• Public key: (e, n); private key: d

68
 Security Services
• Confidentiality
– Only the owner of the private key knows it, so
text enciphered with public key cannot be read
by anyone except the owner of the private key
• Authentication
– Only the owner of the private key knows it, so
text enciphered with private key must have
been generated by the owner

69
 More Security Services
• Integrity
– Enciphered letters cannot be changed
undetectably without knowing private key
• Non-Repudiation
– Message enciphered with private key came
from someone who knew it

70
 Example: Confidentiality
• Take p = 7, q = 11, so n = 77 and (n) = 60
• Alice chooses e = 17, making d = 53
• Bob wants to send Alice secret message HELLO
(07 04 11 11 14)
– 0717 mod 77 = 28
– 0417 mod 77 = 16
– 1117 mod 77 = 44
– 1117 mod 77 = 44
– 1417 mod 77 = 42
• Bob sends 28 16 44 44 42
71
 Example
• Alice receives 28 16 44 44 42
• Alice uses private key, d = 53, to decrypt message:
– 2853 mod 77 = 07
– 1653 mod 77 = 04
– 4453 mod 77 = 11
– 4453 mod 77 = 11
– 4253 mod 77 = 14
• Alice translates message to letters to read HELLO
– No one else could read it, as only Alice knows her
private key and that is needed for decryption
72
 Example:
Integrity/Authentication
• Take p = 7, q = 11, so n = 77 and (n) = 60
• Alice chooses e = 17, making d = 53
• Alice wants to send Bob message HELLO (07 04 11 11
14) so Bob knows it is what Alice sent (no changes in
transit, and authenticated)
– 0753 mod 77 = 35
– 0453 mod 77 = 09
– 1153 mod 77 = 44
– 1153 mod 77 = 44
– 1453 mod 77 = 49
• Alice sends 35 09 44 44 49

73
 Example
• Bob receives 35 09 44 44 49
• Bob uses Alice’s public key, e = 17, n = 77, to decrypt message:
– 3517 mod 77 = 07
– 0917 mod 77 = 04
– 4417 mod 77 = 11
– 4417 mod 77 = 11
– 4917 mod 77 = 14
• Bob translates message to letters to read HELLO
– Alice sent it as only she knows her private key, so no one else could have
enciphered it
– If (enciphered) message’s blocks (letters) altered in transit, would not
decrypt properly

74
 Example: Both
• Alice wants to send Bob message HELLO both enciphered
and authenticated (integrity-checked)
– Alice’s keys: public (17, 77); private: 53
– Bob’s keys: public: (37, 77); private: 13
• Alice enciphers HELLO (07 04 11 11 14):
– (0753 mod 77)37 mod 77 = 07
– (0453 mod 77)37 mod 77 = 37
– (1153 mod 77)37 mod 77 = 44
– (1153 mod 77)37 mod 77 = 44
– (1453 mod 77)37 mod 77 = 14
• Alice sends 07 37 44 44 14

75
 Diffie-Hellman Key Exchange
• RSA is a public-key cryptosystem that is often
used to encrypt and decrypt symmetric keys.
• Diffie-Hellman, on the other hand, was
originally designed for key exchange.
• In the Diffie-Hellman cryptosystem, two
parties create a symmetric session key to
exchange data without having to remember or
store the key for future use.

76
• They do not have to meet to agree on the key; it can
be done through the Internet.
• Let us see how the protocol works when Alice and Bob
need a symmetric key to communicate.
• Before establishing a symmetric key, the two parties need
to choose two numbers p and g. The first number, p, is a
large prime number on the order of 300 decimal digits
(1024 bits).
• The second number is a random number.
• These two numbers need not be confidential.
• They can be sent through the Internet; they can be public.

77
78
• The symmetric key for the session is K

79
80
 Example
• Assume g =7 and p =23.

81
82 Attacks of cryptography

Cipher text only attack

 The only data available is a target cipher text

Known plaintext attack

 A target cipher text
 Pairs of other cipher text and plaintext (say, previously broken or
guessing)
83 Attacks of cryptography…

Chosen plaintext attacks

 A target cipher text

 Can feed encryption algorithm with

plaintexts and obtain the matching cipher
texts
Chosen cipher text attack
 A target cipher text
 Can feed decryption algorithm with cipher texts and obtain the
matching plaintext matching cipher texts
84 CONCLUSION

 We use different types of algorithms to establish

security services in different service
mechanisms.
 We use either private key cryptography or public
key cryptography according to requirement.
 If we want to send message quickly we use
private key algorithm and if we want to send
messages secretly we use public key algorithm.
85
Cryptographic Hashes
• Hash or Checksums
• Mathematical function to generate a set
of k bits from a set of n bits (where k ≤
n).
–k is smaller then n except in unusual
circumstances
• Example: ASCII parity bit
–ASCII has 7 bits; 8th bit is “parity”
–Even parity: even number of 1 bits
–Odd parity: odd number of 1 bits
86
Example Use
• Bob receives “10111101” as bits.
– Sender is using even parity; 6 1 bits, so
character was received correctly
•Note: could be garbled, but 2 bits would need to have
been changed to preserve parity
– Sender is using odd parity; even number of 1
bits, so character was not received correctly
87
Another Example
• 8-bit Cyclic Redundancy Check (CRC)
– XOR all bytes in the file/message
– Good for detecting accidental errors
– But easy for malicious user to “fix up” to match altered
message
• For example, change the 4th bit in one of the bytes
– Fix up by flipping the 4th bit in the CRC
• Easy to find a M’ that has the same CRC
88
MD5 and SHA
• Most widely used keyless crypto hashes
• Both are round based bit operations
– Similar in spirit to AES and DES
– Looking for avalanche effect to make output
appear random
• MD5 is 128 bits and SHA-1 is 160 bits
89
Message Authentication Codes
• MAC is a crypto hash that is a proof of a
message’s integrity
– Important that adversary cannot fixup MAC if
he changes message
• MAC’s rely on keys to ensure integrity
– Either Crypto Hash is encrypted already
– Or Crypto Hash must be augmented to take a
key
90
Use Symmetric Ciphers for Keyed Hash

• Can use DES or AES in CBC mode

– Last block is the hash
• DES with 64 bit block size is too small to
be effective MAC
91
Key Points
• Symmetric cryptosystems encipher and decipher
using the same key
– Or one key is easily derived from the other
• Public key cryptosystems encipher and decipher
using different keys
– Computationally infeasible to derive one from the other
• Cryptographic checksums provide a check on
integrity