Add to collection(s) Add to saved
  1. Engineering & Technology
  2. Computer Science
  3. Networking

Cryptology - Roggeweck.net

advertisement 
DataCommunication&Networks
Cryptology
Cryptology
Social importance
-
first military use
now very important for internet, electronic transactions and electronic
payment
transaction, also science and economy
economy espionage is wide spread
History
-
-
cryptography is as old as the writing
transmitted from the antiquity
"Skytale von Sparta"  2500 years ago, for encryption of military
messages
 message on a paper winded on a cylinder; after curling it up there
was
no sense in it (but very easy to crack)
KR
L O
Aus
MA
S P
-
-
-
Y
G
C
A
P
I
H
S
T O
E
wird KLMSROAPYGCAPIHSTETSO.
T
S
another is lettering of Cesar
 alphabet was shifted on a special number (but also very easy to
crack)
16th century Blaise de Vegniere used polyalphabetic coding
 different key-alphabets for every letter  more difficult to crack
first algorithm was published in 1863 by Kasiski
second in 1925 Friedman
 both were basics of the crypto analysis
20th century cryptography was very important for the war technology
Chiffrierzylinder
 several discs were the alphabet was marked in a special way
- for cracking a special set of discs in a special way was
used
 every letter was with a different disc encoded
 M94 (USA); CSP 642 (Jap)
1
DataCommunication&Networks
Cryptology
-
rotor maschines
 many discs beside  by electrical grind contact many substitutions
took out
 by encoding the discs rotated after every letter (left or right)
 very complex and difficult
 ENIGMA
-
50s first computer programs for encoding with mathematic methods
Cryptology
-
2 sides: encryption of messages and cracking of these
another differentiation is : visualization of an encryption (everybody knows
that it is encrypted) or you have to find out whether a message is
encrypted or not (non visualization)
-
originally cryptography was only for encoding messages, now its more:
o keep secret of the message content
o security of the integrity and origin of the message
o identification of the communication partner(special id-name & id-no.
 temporary IP)
o authentication (improvement of identity)-by digital signatures
o transmit a message by using an ordinary information - not visible
changes in a picture or music file can include many pages of text 
steganography
key management
 symmetric encoding: same key for communication partner
 asymmetric encoding: private key; communication partner has a
public key
crypto analysis cares about making secret information visible and to
identify anonymous communication partners
-
-
2
DataCommunication&Networks
Cryptology
Steganography
-
covered communication
very simple method is the link of several first letters of an open message
possible by using other positions of the words or a special pattern, too
mathematic method for encoding is the number of letters in a word
 even=0(bit) -- uneven=1
 digital messages hidden in a text or picture(high expenditure)
 bits are written in the color value of the pixel
-
principal: replace unimportant data by secure information
-
mostly the messages are written in the LSB (least significant bit)
 per byte of the original data one bit of the secure information is
hidden
but before entering the bit values an encoding method is used and after
that the an image comprime method
some programs: JPEG-JSTEG; PGE(Pretty Good Envelope); Steganos II;
S-Tools 4; Texto; MP3 Stego;
-
Symmetrical method
-
usage of the same key for coding and decoding of the information
e.g.:
 'Morsecode', 'Lochschablone'(marks only few of a collection of
letters and numbers)
 book page code-> only page number, column number and word
position is sent (without knowing the book, this method is really
difficult)
- shifting the letters of the alphabet, so that a new one results (Cesar)
- irregular instruction of the letters (Substitution)
 very simple
- better is a code without a regular method (not every letter appears in the
same way)
 polyalphabetic coding
 several key alphabets with different shifting constants (by a key
word)
Alphabet
A B C D E F G H I
I
J
J K L M N O P Q R S T U V W X Y Z
K L M N O P Q R S T U V W X Y Z A B C D E F G H
N O P Q R S T U V W X Y Z A B C D E F G H I
Key
alphabets
F G H I
J
J
K L M
K L M N O P Q R S T U V W X Y Z A B C D E
O P Q R S T U V W X Y Z A B C D E F G H I
R S T U V W X Y Z A B C D E F G H I
3
J
J
K L M N
K L M N O P Q
DataCommunication&Networks
Cryptology
M N O P Q R S T U V W X Y Z A B C D E F G H I
A B C D E F G H I
J
J
K L
K L M N O P Q R S T U V W X Y Z
T U V W X Y Z A B C D E F G H I
I
J
J
K L M N O P Q R S
K L M N O P Q R S T U V W X Y Z A B C D E F G H
K L M N O P Q R S T U V W X Y Z A B C D E F G H I
HALLO=PNQZF
-
the most important standard methods are today DES(Data Encryption
Standard) and IDEA(International Data Encryption Algorithm)
DES:
 developed by IBM, in 1977 normed as US-encryption standard
- by NBS(National Bureau of Standards)
 but can be cracked in a few days
 coded text results in blocks by several mathematical operations
like permutations, non linear substitutions and logical multiplication
 individual key for user
 text is separated in blocks of 64bit length; the key is mostly bigger
 operations are quite simple: advantage - good direct
implementation into the hardware and high speed for coding and
decoding
IDEA:
 uses 64bit blocks, too
 but uses longer keys
 more security, because the still coded text is coded more times by
the same method
 result is the 8th loop
 can be implemented into the hardware very good, too
 key distribution/exchange--the secure transfer of the
key to the receiver of the message
 key management—many key pairs to be managed in network (there should
be frequently change of the key)
Asymmetric Method
-
concept of public-key cryptography was introduced in 1976 by Whitfield
Diffie and Martin Hellman
uses one public key(decoding) and one private key(encoding)
intention to keep the process of transforming plain text to cipher text
relatively easy and the reverse process of converting cipher text to plain
text effectively impossible  One- way function
4
J
DataCommunication&Networks
Cryptology
-
encryption and decryption are two mathematical functions that are
inverses of each other
-
additional thing you can do with public key technology is to generate a
digital signature on a message
digital signature is like an electronic fingerprint that only the private key
holder can generate
-
-
most commonly used implementation of public key algorithm is RSA
approach
RSA Algorithm
-
developed by Rivest, Shamir and Aldeman in 1977
select two random prime numbers p and q (normally 500 digits at length)
simple example: p=3 q=11
compute n with n= p*q
n=33
compute O(n)=(p-1)(q-1)
O(n)=20
5
DataCommunication&Networks
Cryptology
-
-
select a small odd integer e that is relatively prime to O(n)
e=3
compute d as the multiplicative inverse of e modulo O(n)
we need e*d mod O(n) = 1
3*7 mod 20 = 21 mod 20 = 1
public the pair P=(e,n) as the public key
keep secret the pair S=(d,n) as private key
encrypt message M (example a c=’3’) with C=Me mod n
C=33 mod 33= 27
decrypt message C with M=Cd mod n
M=277 mod 33= 3
 public key cryptography mostly use for secure E-commerce to fit the following
four requirements
 confidentiality = protecting data from all but the intended receiver (s)
 authentication = proving identity
 integrity = ensuring no unauthorized alteration of data
 non- repudiation = preventing an entity from denying previous
commitments or actions
simple applications and their underlying technology
 secure mail SMIME protocol
 secure web browsing SSL(Secure Socket Layer) protocol, developed
by Netscape
o example: the following is a way SSL uses public key cryptography
techniques for authentication (where Alice wants to authenticate
Bob):
1. Alice sends some random message r to Bob.
2. Bob encrypts r using his private key and sends to Alice.
3. Alice decrypts the data sent by Bob using Bob's public key
and compares it with r (that she sent) to find out the identity
of Bob.
o because Bob's private key is known only to Bob, he could only have
encrypted the message r if the comparison at Alice's end was
successful

secure credit card transactions supported secure electronic
transactions (SET) protocol, designed by VISA and MasterCard.
6
DataCommunication&Networks
Cryptology
Cryptanalysis
-
is the science of cracking codes, decoding secrets, violating authentication
schemes in general, breaking cryptographic protocols
various techniques attempting to compromise cryptosystems refer to as
attacks
cryptanalytic attacks are generally classified into six categories that
distinguish the kind of information the cryptanalyst has available to mount
an attack (listed in decreasing order of the level of difficulty)
o ciphertext-only attackcryptanalyst obtains a sample of ciphertext,
without the plaintext
o chosen-plaintext attackcryptanalyst is able to choose plaintext
samples dynamically, and alter his or her choices based on the
results of previous encryptions
o chosen-ciphertext attackcryptanalyst may choose a piece of
ciphertext and attempt to obtain the corresponding decrypted
plaintext
o adaptive-chosen-ciphertext attackcryptanalyst can mount an
attack of this type in a scenario in which he has free use of a piece
of decryption hardware, but is unable to extract the decryption key
from it
Questions
1. What is the difference between symmetric and asymmetric
cryptography?
Symmetric cryptography:
- usage of the same key for coding and decoding of the information
- ( shifting the letters of the alphabet, so that a new one results (Cesar)
- irregular instruction of the letters (Substitution)
- polyalphabetic coding (several key alphabets with different shifting
constants)
Asymmetric cryptography:
- uses one public key(decoding) and one private key(encoding)
- intention to keep the process of transforming plain text to cipher text
relatively easy and the reverse process of converting cipher text to plain
text effectively impossible  One- way function
- encryption and decryption are two mathematical functions that are
inverses of each other
7
DataCommunication&Networks
Cryptology
2. Give a short definition of steganography!
Steganography:
- covered communication
- replace unimportant data by secure information
- mostly the messages are written in the LSB (least significant bit)
3. What are the disadvantages of the symmetric encryption?
-
mostly very simple and easy to crack
main problem of the symmetric cryptography is the secure transfer of the
key to the receiver of the message
4. What requirements must be fulfilled for coding?




confidentiality = protecting data from all but the intended receiver (s)
authentication = proving identity
integrity = ensuring no unauthorized alteration of data
non- repudiation = preventing an entity from denying previous
commitments or actions
5. What are the advantages of asymmetric cryptography?




Public key can be transmitted via every medium, must not be kept
secret
Not as much keys as in symmetric cryptography  key management in
a network
Everyone can use your public key to send an encrypted message to
you
Difficult to crack because of the usage of large prime numbers
8
Related documents
plaintext version
plaintext version
Preface
Preface
Introduction to Mathematical Cryptology
Introduction to Mathematical Cryptology
Cryptography Extra Credit - Lincoln Park High School
Cryptography Extra Credit - Lincoln Park High School
Course outline Data security and Cryptography
Course outline Data security and Cryptography
modulo cryptology
modulo cryptology
CSCE 212 - Computer Science & Engineering
CSCE 212 - Computer Science & Engineering
INFA 723 Applied Cryptography
INFA 723 Applied Cryptography
COURSES OFFERED IN FOREIGN LANGUAGES
COURSES OFFERED IN FOREIGN LANGUAGES
Download
advertisement