Cryptography Dan Fleck CS 469: Security Engineering 1 Coming up: Cryptography These slides are modified with permission from Bill Young (Univ of Texas) Cryptography Apply your cryptanalytic skills. How do you get started? What questions should you ask? • What is the likely underlying language of the plaintext? CIA Kryptos Sculpture • What characteristics of the probable source text are relevant? • What characteristics of the source language are relevant? • What is the likely nature/complexity of the encryption algorithm? • Have any transformations/compressions been applied prior to encryption? • What else? Coming up: Encryption / Decryption 2 Encryption / Decryption The purpose of encryption is to render the message less useful / meaningful to any eavesdropper. Conceptually, the process of encryption is quite simple: plaintext Encrypt ciphertext Keye (optional) As is the process of decryption: ciphertext Decrypt plaintext Keyd (optional) 3 Coming up: Information Theory and Cryptography Information Theory and Cryptography Information theory informs cryptography in several ways: • What effect does encrypting a message have on the information content of the file? • An attempt to decrypt a message is really an attempt to recover a message from a (systematically) noisy channel. • How can redundancy in the source give clues to the decoding process? • Is a perfect encryption possible (i.e., one that is theoretically unbreakable)? 4 Coming up: Some Terminology Some Terminology Encryption and decryption are functions which transform one text into another. In functional notation: C = E(P) and P = D(C) where C denotes ciphertext, E is the encryption rule, D is the decryption rule, P is the plaintext. In this case, we also have: P = D(E(P)) It is obviously important to be able to recover the original message from the ciphertext. Coming up: Keyed Algorithms 5 Keyed Algorithms Often the encryption and decryption algorithms use a key K. The key selects a specific algorithm from the family of algorithms defined by E. We write this dependence as: C = E(P,KE ) and P = D(C,KD) If KE = KD, then the algorithm is called symmetric. If not, then it is called asymmetric. In general, P = D(E(P,KE ),KD) 6 An algorithm that does not use a key is called a keyless cipher. Coming up: Some Notation Some Notation Often the notation E(P,K) and D(C,K) becomes cumbersome. An alternative notation is often used, particularly in cryptographic protocols. We’ll often use {P}K to denote E(P,K), and {P}K sometimes E D to denote D(P,K). For example, P = D(E(P, KE ), K D ) = {{P}KE }KD This is usually appropriate since, in many important commercial cryptosystems, the same algorithm is used for both encryption and decryption (i.e., the algorithm is its own inverse). 7 Coming up: Cryptanalysis Tools Cryptanalysis Tools The analyst works with: • • • • • • • • encrypted messages, known encryption algorithms, intercepted plaintext, data items known or suspected to be in a ciphertext message, mathematical and statistical tools and techniques, properties of languages, computers, ingenuity and luck. Really! CIA revealed that their analyst David Stein had also solved the same sections in 1998, using pencil and paper techniques, though at the time of his solution the information was only disseminated within the intelligence community, and no public announcement was made. -Wikipedia Coming up: Lessons 8 Lessons • Encryption is designed to obscure the meaning of text. • Redundancy is the enemy of secure encryption because it provides leverage to the attacker. 9 End of presentation