Intro To Security - Quiz 2 (Cryptography)

Weeks 3 and 4

Cryptology

The science behind cryptography

Cryptography

The process of making and using code to secure information

Cryptoanalysis

The process of decrypting a ciphertext

Plaintext

Original message

Ciphertext

Coded message

Cipher

Algorithm for transforming plaintext into ciphertext and vice versa

Key

Info used in cipher known only by sender and reciever

Enciphering/Encryption

Process of converting plaintext into ciphertext

Deciphering/Decryption

Process of converting ciphertext to plaintext

Obfuscate

Render obscure or unclear

Why do we use cryptograhpy

It improves information security

• Keeps data safe

• Helps with threats

Symmetric Cipher

A single key is used for both encryption and decryption

• Security lies with the key

• Requires sender and receiver to agree on a key

Negatives

• Difficult to manage and update

• Keys must be exchanged (may not be safe)

• Keys can be compromised

Asymmetric Cipher

Different keys are used for encryption and decryption

Block cipher

• Encrypts a block of plaintext at a time

• Less overhead

• High diffusion

• Slow

Stream cipher

• Encrypts data one bit or one byte at a time

• Each bit uses a separate key

• CPU intensive

• Much faster than block cipher

• Key is as long as plaintext

• Low diffusion

Main requirements for cipher

• Confusion

• Diffusion

Confusion

Interceptor cannot predict what will happen to the ciphertext by changing one character in the plaintext

Diffusion

Information from single plaintext is distributed over the entire cipher

Substitution cipher

Replacing each element of the plaintext with another element

Transposition cipher

Rearranging the order of elements of the plaintext

Product Cipher

Using multiple stages of substitutions and transpositions

Caesar Cipher

• Earliest known substitution cipher

• Invented by Julius Caesar

• Each letter is replaced by the letter three positions further down the alphabet

Monoalphabetic Substitution Cipher

Shuffle the letters, then choose random letter for each letter

Polyalphabetic Substitution Cipher

Each plaintext letter has multiple corresponding ciphertext letters

Vigenere Cipher

Advanced type of substitution cipher

• Have a key word

  • Repeat key word until size of plaintext

• Add plaintext letter and key word letter to get encrypted letter

Book-Based cipher

Uses a text from a predetermined book as a key to decrypt a message

Book Cipher

Ciphertext consists of a list of codes representing page, line, and work numbers of plaintext

Running key cipher

Uses a book for passing the key to cipher (similar to vigenere cipher)

Template Cipher

Involves use of hidden message in book, requires page with specific number of holes cut into it

Row Transposition Cipher

Type of diffusion cipher

• Key is random arrangement of numbers

• Write plaintext out in rows length of key, fill extra space with xyz

• The order of numbers of the key corresponds to the order of columns you write in 

  • Key = 3421

  • Ciphertext = c3, c4, 2, c1

Kerkhoff’s principle

The adversary knows all details about a cryptosystem except the secret key

2 general approaches to cryptoanalysis

• Brute force attack

• non-brute force attack

Brute force attack

Try every key to decipher a ciphertext

Ciphertext-only attack

Use statistics and other information to decrypt intercepted ciphertext

Known-plaintext attack

If some of the plaintext is known, one could uncover some of the plaintext-ciphertext

Chosen-plaintext attack

Intruder can choose the plaintext message and receive the ciphertext form

Chosen-ciphertext attack

The intruder can choose the ciphertext message and receive the plaintext

Hash Functions in cryptograhpy

How has functions are used in cryptography

• Takes input and produces a fixed size output called a has value

• Doesn’t encrypt, doesn’t use a key and you cant reverse them

• Preimage resistance

• Collision resistance

• Security strength is half the bit length of hash outputs

• Example

  • User enters a p word

  • System stores hashed version

    • no need to know actual p word

    • just compares the hash

Preimage resistance

Hard to compute M given hash(M)

Collision resistance

No 2 inputs give the same hash output

SHA2

Hash function

• Widely used

• Government standard

Salting

The addition of a unique, random string of characters

Stenanography

Hiding the fact that a hidden message is being hidden

LSB Manipulation

Idea that the LSB of a byte can change with little change to the overall file

• Used in images

• Changing LSB of grey wont change the image that much

• This way you can hide 115200 characters

Advantages

• Does not change the size of the file

• Is harder to detect than any other steganography techniques

Disadvantages

• Normally must use the original program to hide and reveal data

• If the picture with hidden information is converted to another format then the hidden data may be lost

Data Encryption Standard (DES)

Type of symmetric block cipher

• 64 bit block size

• Uses 56 bit key

• 2 hours to find key on modern computers

Advanced Encryption Standard (AES)

Type of symmetric block cipher

• 128 Bits = one block

• 128, 192, 256 bit keys

• Iterative rather than Feistel

Block Cipher Notation

P = plaintext block

C = ciphertext block

C = E(P, K) = Ek(P)

• Encrypt P with K to get ciphertext

P = D(C, K) = Dk(P)

• Decrypt C with key K to get plaintext P

DES security concerns

56-bit key is too short

• Can be broken on average in 2^55

• Moore’s law - computers are getting faster every year

2DES

DES + DES

• 2 encryption stages

• 2 keys

• Supposed to be 2^112

2DES Meet-In-The-Middle Attack

2DES is only 2 × 2^56 which is only 2^57 not 2^112

• You are doing 2^56 twice

RC4

Most popular stream cipher

• 10x faster than DES

• used in TLS and WEP

• Initial bytes of key stream are weak

Asymmetric Cryptography (Public-Key Cryptography)

Addresses two key issues

• Key distribution- secure communication without having to trust distribution center

• Digital Signatures - Verify that message comes intact from claimed sender

Uses 2 different keys

• Public key - shared with everyone (used to encrypt)

• Private key - Secret (used to decrypt)

RSA (Rivest-Shamir-Adelman) Encryption

Security comes from the difficulty of factoring large prime numbers

How it works

• Choose 2 large prime numbers, p and q

• Compute there product, N

• Compute (p-1) * (q-1), r

• Select e, 1 < e < N (5 always works)

• Compute d, d * e = 1 mod r

• Public key = (n, e)

• Private key = (n, d)

Main Attacks on RSA

• Brute

• Mathematical

• Timing

• Power consumption

• Errors

Computationally Secure

• The cost of breaking the cipher exceeds the value of information

• The time required to break the cipher exceeds the lifetime of the information

Unconditionally Secure

If it secure no matter how much resources the attacker has