Slides 0x01

advertisement
CS457 – Introduction to Information Systems
Security
Cryptography 1a
Elias Athanasopoulos
elathan@ics.forth.gr
Cryptography Elements
 Symmetric Encryption
Block Ciphers
- Stream Ciphers
-
 Asymmetric Encryption
 Cryptographic Hash Functions
 Applications
CS-457
Elias Athanasopoulos
2
Computer Security
“The protection afforded to an automated
information system in order to attain the applicable
objectives of preserving the integrity, availability,
and confidentiality of information system resources
(includes hardware, software, firmware,
information/ data, and telecommunications).
CS-457
Elias Athanasopoulos
”
3
CIA
 Confidentiality
-
Data confidentiality: Assures that private or confidential information is
not made available or disclosed to unauthorized individuals.
Privacy: Assures that individuals control or influence what information
related to them may be collected and stored and by whom and to
whom that information may be disclosed.
 Integrity
-
-

Data integrity: Assures that information and programs are changed
only in a specified and authorized manner.
System integrity: Assures that a system performs its intended function
in an unimpaired manner, free from deliberate or inadvertent
unauthorized manipulation of the system.
Availability
-
CS-457
Assures that systems work promptly and service is not denied to
authorized users.
Elias Athanasopoulos
4
An Example
Confidentiality:
Bad guys cannot
see messages
Communication
Availability: The
system is
operational
System/Service
Integrity: Bad guys
cannot change
messages
CS-457
Elias Athanasopoulos
5
How to achieve CIA?
 Crypto algorithms
-
“Hide” messages, sign messages, provide
guarantees about sent/received messages, etc.
 Secure systems
-
Apply Crypto concepts in protocols, systems, etc.
 Software defenses
-
CS-457
Ensure that software is not manipulated
Elias Athanasopoulos
6
CS-457
Elias Athanasopoulos
7
Cryptographic Jargon

Plaintext
-

Encryption algorithm
-

The key is a value independent of the plaintext and of the algorithm.
The algorithm will produce a different output depending on the
specific key being used at the time.
Ciphertext:
-

The encryption algorithm performs various substitutions and
transformations on the plaintext.
Secret key
-

This is the original intelligible message or data that is fed into the
algorithm as input.
This is the scrambled message produced as output. It depends on the
plaintext and the secret key.
Decryption algorithm
-
CS-457
This is essentially the encryption algorithm run in reverse.
Elias Athanasopoulos
8
NOT Security via Obscurity
 The encryption/decryption algorithm is
assumed to be known
 Security is based on
Secrecy of the key
- Hard to infer the plaintext via the ciphertext by
just knowing the key
-
 Cryptanalysis
-
CS-457
Infer the plaintext from ciphertext without
knowing the key
Elias Athanasopoulos
9
Symmetric Encryption
CS-457
Elias Athanasopoulos
10
Caesar Cipher
CS-457
Elias Athanasopoulos
11
Key: 3
CS-457
Elias Athanasopoulos
12
Or…
Plain: abcdefghijklmnopqrstuvwxyz
Cipher: DEFGHIJKLMNOPQRSTUVWXYZABC
CS-457
Elias Athanasopoulos
13
Encrypting a message
Plain: meet me after the toga
party
Cipher: PHHW PH DIWHU WKH WRJD
SDUWB
CS-457
Elias Athanasopoulos
14
Simple Brute Force
attack: we need to try
25 different keys.
CS-457
Elias Athanasopoulos
15
Increase the key space
 Permutations: {a, b, c}
-
abc, acb, bac, bca, cab, cba
 Size: 6 (or 3! ~ 1*2*3)
-
In general the size is n! (n is the size of the set)
 For the alphabet: 26!
CS-457
Elias Athanasopoulos
16
Frequency Analysis
CS-457
Elias Athanasopoulos
17
Example
UZQSOVUOHXMOPVGPOZPEVSGZWSZOPFPESXUDBMETSXAIZ
VUEPHZHMDZSHZOWSFPAPPDTSVPQUZWYMXUZUHSX
EPYEPOPDZSZUFPOMBZWPFUPZHMDJUDTMOHMQ
CS-457
Elias Athanasopoulos
18
Count Frequencies
CS-457
Elias Athanasopoulos
19
Compare with English
CS-457
Elias Athanasopoulos
20
And try…
CS-457
Elias Athanasopoulos
21
Voila!
CS-457
Elias Athanasopoulos
22
One-Time Pad
Ciphertext: ANKYODKYUREPFJBYOJDSPLREYIUNOFDOIUERFPLUYTS
key:
pxlmvmsydofuyrvzwc tnlebnecvgdupahfzzlmnyih
plaintext: mr mustard with the candlestick in the hall
Ciphertext: ANKYODKYUREPFJBYOJDSPLREYIUNOFDOIUERFPLUYTS
key:
pxlmvmsydofuyrvzwc tnlebnecvgdupahfzzlmnyih
plaintext: miss scarlet with the knife in the library
Key = Size of message
CS-457
Elias Athanasopoulos
23
Transposition
CS-457
Elias Athanasopoulos
24
Modern Symmetric Ciphers
 DES, 3DES, and AES
-
AES is the dominant one, today
 Based on
-
Substitutions and transpositions
 Very complex
 Type
Block
- Stream
-
CS-457
Elias Athanasopoulos
25
Block vs Stream
 Block cipher
-
one in which a block of plaintext is treated as a
whole and used to produce a ciphertext block of
equal length. Typically, a block size of 64 or 128
bits is used.
 Stream cipher
-
CS-457
one that encrypts a digital data stream one bit or
one byte at a time.
Elias Athanasopoulos
26
Block Cipher
CS-457
Elias Athanasopoulos
27
Stream Cipher
CS-457
Elias Athanasopoulos
28
Block cipher
 Plaintext of n bits produces a ciphertext of n
bits
-
Block size: n bits
 Space of different plaintext blocks: 2^n
-
CS-457
Each block must be unique
Elias Athanasopoulos
29
Encryption should be reversible
CS-457
Elias Athanasopoulos
30
General n-bit-n-bit Block (n = 4)
CS-457
Elias Athanasopoulos
31
Decryption/Encryption
CS-457
Elias Athanasopoulos
32
Problems
 Vulnerable to statistical attacks
Small blocks can take limited transformations
- Increase n
-
 Key size: 4 bits * 16 rows
In general: n * 2^n
- Approximate the ideal case
-
CS-457
Elias Athanasopoulos
33
Feistel Cipher
 Goal
-
Approximate the ideal cipher
Reduce statistical properties between plaintext,
ciphertext, and key(s)
 Difussion
-
Each plaintext digit affect the value of many ciphertext
digits
 Confusion
-
CS-457
The statistics of the ciphertext and the value of the
encryption key is as complex as possible
Elias Athanasopoulos
34
Feistel Cipher
Substitution: right part is
transformed by F(Ki) and
XORed with left part.
Permutation: right part
swapped with left part.
CS-457
Elias Athanasopoulos
35
Properties
 Block size:
-
Larger block sizes mean greater security but reduced
encryption/decryption speed for a given algorithm. A
block size of 64 bits is reasonable tradeoff. AES uses a
128-bit block size.
 Key size:
-
CS-457
Larger key size means greater security but may
decrease encryption/ decryption speed. Key sizes of
64 bits or less are now widely considered to be
inadequate, and 128 bits has become a common size.
Elias Athanasopoulos
36
Properties
 Number of rounds:
-
The essence of the Feistel cipher is that a single round
offers inadequate security but that multiple rounds
offer increasing security. A typical size is 16 rounds.
 Subkey generation algorithm:
-
Greater complexity in this algorithm should lead to
greater difficulty of cryptanalysis.
 Round function F:
-
CS-457
Again, greater complexity generally means greater
resistance to cryptanalysis.
Elias Athanasopoulos
37
Extra (desired) properties
 Fast software encryption/decryption:
-
In many cases, encryption is embedded in applications
or utility functions in such a way as to preclude a
hardware implementation.
 Ease of analysis:
-
CS-457
There is great benefit in making the algorithm easy to
analyze. It is easier to analyze that algorithm for
cryptanalytic vulnerabilities and therefore develop a
higher level of assurance as to its strength. DES, for
example, does not have an easily analyzed
functionality.
Elias Athanasopoulos
38
Block modes
Mode
Description
Typical Application
Electronic Codebook (ECB)
Each block of 64 plaintext
bits is encoded
independently using the
same key.
• Secure transmission of
single values (e.g., an
encryption key)
Cipher Block Chaining
(CBC)
The input to the encryption • General-purpose blockalgorithm is the XOR of the oriented transmission
next 64 bits of plaintext
• Authentication
and the preceding 64 bits
of ciphertext.
CS-457
Elias Athanasopoulos
39
Download