Cryptography

Jumana Khwaileh-LTUC
Learning Objectives

 Upon successful completion of this chapter, you will be understanding :

Terminologies

Symmetric algorithms
Asymmetric Algorithms
Cryptography Terminologies
We lco me To Cr y pto g r a p hy …
What is cryptography?

Cryptography

• Art and science of making

“secret codes”.

• The practice and study of

hiding information.
What’s Cryptanalysis?
• Cryptanalysis: Art of finding some weakness and insecurity in cryptographic
scheme.

• Cryptanalysis: is a process of finding weaknesses in cryptographic algorithms

and using these weaknesses to decipher the cipher-text without knowing the
secret key.
Cryptography Terminology

• Plain text: The format of the data before being encrypted.

• Cipher text: The “scrambled” format of data after being encrypted.

• Key: A secret value used during the encryption and decryption process.

• Encryption: method of transforming plain text into unreadable format.

• Decryption: Method of obtaining the encrypted message back to its

original form.
Cryptographic Systems
• Characterized along three independent dimensions:

The type of operations

The number of keys The way in which the
used for transforming
used plaintext is processed
plaintext to ciphertext
Symmetric, single-
key, secret-key,
Substitution Block cipher
conventional
encryption

Asymmetric, two-
Transposition key, or public-key Stream cipher
encryption
Cryptanalysis and Brute-Force Attack
Cryptanalysis
Brute-force attack
• Attack relies on the
• Attacker tries every
nature of the
algorithm plus some possible key on a
knowledge of the piece of cipher text
general characteristics until an intelligible
of the plaintext. translation into
• Attack exploits the plaintext is obtained.
• On average, half of all
characteristics of the
algorithm to attempt possible keys must be
to deduce a specific tried to achieve
plaintext or to deduce success.
the key being used.
Friends and enemies: Alice, Bob, Trudy
• well-known in network security world
• Bob, Alice (lovers!) want to communicate “securely”
• Trudy (intruder) may intercept, delete, add messages

Alice Bob
channel data, control
messages

secure secure
data data
sender receiver

Trudy
 Who might Bob, Alice be?

• … well, real-life Bobs and Alices!

• Web browser/server for electronic transactions (e.g., on-line
purchases)
• on-line banking client/server
• DNS servers
• routers exchanging routing table updates
• other examples?
 There are bad guys (and girls) out there!
Q: What can a “bad guy” do?
A: a lot!
• eavesdrop: intercept messages
• actively insert messages into connection
• impersonation: can fake (spoof) source address in packet (or any field in
packet)
• hijacking: “take over” ongoing connection by removing sender or
receiver, inserting himself in place
• denial of service: prevent service from being used by others (e.g., by
overloading resources)

more on this later ……

Encryption
• An algorithm (program) encodes or scrambles information during transmission or
storage
• Decoded/unscrambled by only authorized individuals to read it
• How is this done?
• Both parties agree on the encryption method (there are many) using keys
• Symmetric key – sender and receiver have the
key which can be risky
• Public Key – use a public and private key
where the public key is used to send an
encrypted message and a private key that the
receiver uses to decode the message
 The language of cryptography
Alice’s Bob’s
K
A encryption K decryption
key B key

plaintext encryption ciphertext decryption plaintext

algorithm algorithm

symmetric key crypto: sender, receiver keys identical

public-key crypto: encryption key public, decryption key secret
(private)
Symmetric Cipher Model
• There are two requirements for secure use of conventional
encryption:
• A strong encryption algorithm

• Sender and receiver must have obtained copies of the secret key in a secure
fashion and .must keep the key secure.
 Symmetric Algorithms
• Algorithms in which the key for encryption and decryption are the
same are Symmetric
• Example: Caesar Cipher
• Types:
1. Block Ciphers
– Encrypt data one block at a time (typically 64 bits, or 128 bits)
– Used for a single message
– Break plaintext message in equal size blocks (encrypt s each block as a unit )
2. Stream Ciphers
– Encrypt data one bit or one byte at a time
– Used if data is a constant stream of information
 Symmetric key cryptography
substitution cipher: substituting one thing for another
• monoalphabetic cipher: substitute one letter for another
plaintext: abcdefghijklmnopqrstuvwxyz

ciphertext: mnbvcxzasdfghjklpoiuytrewq

E.g.: Plaintext: bob. i love you. alice

ciphertext: nkn. s gktc wky. mgsbc

Q: How hard to break this simple cipher?:

 brute force (how hard?)
 other?
Symmetric key cryptography
K K
A-B A-B

plaintext encryption ciphertext decryption plaintext

message, m algorithm algorithm
K (m) m=K (K (m))
A-B A-B A-B

symmetric key crypto: Bob and Alice share know same (symmetric)
key: K
A-B
• e.g., key is knowing substitution pattern in mono alphabetic
substitution cipher
• Q: how do Bob and Alice agree on key value?
Symmetric key crypto: DES
DES: Data Encryption Standard
• US encryption standard [NIST 1993]
• 56-bit symmetric key, 64-bit plaintext input
• How secure is DES?
• DES Challenge: 56-bit-key-encrypted phrase (“Strong cryptography makes
the world a safer place”) decrypted (brute force) in 4 months
• no known “backdoor” decryption approach

• making DES more secure:

• use three keys sequentially (3-DES) on each datum
• use cipher-block chaining
Symmetric key
crypto: DES
DES operation

initial permutation
16 identical “rounds” of
function application,
each using different 48
bits of key
final permutation

8: Network Security 8-23

 The symmetric encryption scheme has five ingredients
1. Plaintext: This is the original intelligible message or data that is fed into the algorithm as input.
2. Encryption algorithm: The encryption algorithm performs various substitutions and
transformations on the plaintext.
3. Secret key: The secret key is also input to the encryption algorithm. The key is a value
independent of the plaintext and of the algorithm. The algorithm will produce a different output
depending on the specific key being used at the time. The exact substitutions and transformations
performed by the algorithm depend on the key.
4. Ciphertext: This is the scrambled message produced as output. It depends on the plaintext and
the secret key. For a given message, two different keys will produce two different ciphertexts. The
ciphertext is an apparently random stream of data and, as it stands, is unintelligible.
5. Decryption algorithm: This is essentially the encryption algorithm run in reverse. It takes the
ciphertext and the secret key and produces the original plaintext.
Asymmetric Algorithms
Asymmetric Algorithms
• Encryption algorithms that use a single key are referred to as asymmetric
encryption algorithms.
• Digital signature algorithm
• A digital signature is a value computed with a cryptographic algorithm and associated
with a data object in such a way that any recipient of the data can use the signature to
verify the data’s origin and integrity
• Key exchange
• The process of securely distributing a symmetric key to two or more parties
• User authentication
• The process of authenticating that a user attempting to access an application or service
is genuine and, similarly, that the application or service is genuine
 Strong Encryption
• The term strong encryption refers to encryption schemes that make it impractically
difficult for unauthorized persons or systems to gain access to plaintext that has
been encrypted.

• Properties that make an encryption algorithm strong are:

• Appropriate choice of cryptographic algorithm
• Use of sufficiently long key lengths
• Appropriate choice of protocols
• A well-engineered implementation
• Absence of deliberately introduced hidden flaws
 Substitution Technique

• Is one in which the letters of plaintext are replaced by other

letters or by numbers or symbols.

• If the plaintext is viewed as a sequence of bits, then substitution

involves replacing plaintext bit patterns with ciphertext bit
patterns.
 Single-Key Algorithms
Encryption algorithms that Symmetric
Single-key encryption takes
cryptographic use a single key are referred
to as symmetric encryption the following forms:
algorithms depend
on the use of a algorithms
secret key Block cipher
• A block cipher operates on data as a
With symmetric encryption, an sequence of blocks
• In most versions of the block cipher, known
encryption algorithm takes as input
as modes of operation, the transformation
some data to be protected and a depends not only on the current data block
secret key and produces an and the secret key but also on the content of
unintelligible transformation on that preceding blocks
data

A corresponding decryption Stream cipher

algorithm takes the transformed data • A stream cipher operates on data as a sequence
and the same secret key and of bits
recovers the original data • As with the block cipher, the transformation
depends on a secret key
What is network security?
Confidentiality: only sender, intended receiver should “understand” message
contents
• sender encrypts message
• receiver decrypts message

Authentication: sender, receiver want to confirm identity of each other

Message integrity: sender, receiver want to ensure message not altered (in
transit, or afterwards) without detection
Access and availability: services must be accessible and available to users
 Summary of Definitions
Plaintext Cipher-text Enciphering/encryption
• An original message • The coded message • The process of converting from
plaintext to cipher-text

Deciphering/decryption Cryptography Cryptographic

• Restoring the plaintext from the • The area of study of the system/cipher
cipher-text many schemes used for • A scheme
encryption

Cryptanalysis Cryptology
• Techniques used for deciphering • The areas of cryptography
a message without any and cryptanalysis
knowledge of the enciphering
details
 Summary
• Present an overview of the
main concepts of symmetric • Understand the
cryptography. operation of a
substitution technique.
• Present an overview of the
main concepts of Asymmetric • Understand the Block
and Stream cipher.
cryptography.
• Explain the difference
between cryptanalysis and
brute-force attack.
Lab Work
• Cryptanalysis