sign in sign up
<<
Home , Charles Rackoff, Ciphertext, Cryptosystem, Gilbert Vernam, Plaintext

Cryptography

Cryptography comes from the two Greek words meaning “secret writing” and and is the art and science of concealing meaning. is the breaking of codes. Basically, what we have is

Def: A is a 5-tuple (E, D, M, K, C), where M is the set of , K is the set of keys, C is the set of , E: M K C is the set of enciphering functions, and D: C K M is the set of deciphering functions

A classical example of a cryptosystem is the Caesar where letters in the are shifted to get the . Suppose that we have the message “GO CLEMSON”, and we want to encrypt that message using the . Our might be 2. The plaintext “GO CLEMSON” would turn into the ciphertext “IQ ENGOUQP”. Our cryptosystem would be:

M = { all sequences of letters }

K = { integers from 1 to 25 }

C = { all sequences of letters }

E = { Ek | k K and m M Ek(m) = (m+k) mod 26 }

D = { Dk | k K and c C Dk(c) = (26+c-k) mod 26 }

The goal of cryptography is to keep enciphered information secret. We assume that an adversary wishes to break a ciphertext. Standard cryptographic practice is to assume that the adversary knows the algorithm used to encipher the plain text. The adversary does not know the specific cryptographic key. Hence, D and E are known.

Key Dates

800 AD Al-Kindi, an Arab scholar and mathematician living in Baghdad, writes Manuscript for Deciphering Cryptographic Messages. It has the first known description of and other cryptanalysis techniques.

1586 Thomas Phelippes uses frequency analysis to decrypt messages between Mary I of Scotland and conspirators against Elizabeth I of England. Mary and the conspirators are all executed.

1918 Major Joseph O. Mauborgne of the U.S. Army and of AT&T Bell Laboratories invent the one-time pad, in which the random, secret key is as long as the message itself and is only ever used once.

1944 At Bietchley Park in England, Colossus (the first vacuum-tube-based, programmable computing machine) decrypts German High Command messages, providing invaluable information prior to the D-day invasion of Normandy.

1945 of AT&T Bell Laboratories proves that the one-time pad is unbreakable even against an adversary with unlimited computational power. This definition of secrecy is so strong, however, that he also proves that the one-time pad is the only possible cryptosystem satisfying it.

1976 Whitfield Diffie and Martin E. Hellman, both at Stanford University, propose public-key and authentication.

1977 Ronald L. Rivest, Adi Shamir, and Leonard M. Adleman, all at the Massachusetts Institute of Technology, construct the first public-key cryptosystem, the RSA algorithm.

August 1977 In Martin Gardner’s Scientific American column, Rivest et al. challenge readers to decrypt a message encrypted by the RSA algorithm with a 129-digit key (RSA-129). They estimate that doing so may take 40 quadrillion years.

1982 and , then PhD students at the University of California, Berkeley, developed the definitional foundations of modern cryptography, including a practical definition of security.

1985 Goldwasser, Micali, and Charles Rackoff of the University of Toronto invent zero-knowledge proofs. A year late Oded Goldrecih of Technion Israel Institute of Technology in Haifa, of the Hebrew University of Jerusalem, and Micali devise the zero-knowledge proof for graph three- colorability

1987 Goldreich, Wigderson, and Micali construct protocols for multiparty computation, or secure function evaluation, building on a two-party protocol developed by Andrew C. Yao of Princeton University.

1994 Netscape Communications releases the Secure Sockets Layer protocol, which employs public-key encryption to provide security for transaction on the World Wide Web.

1994 Arjen K. Lenstra of Bell Communications Research and more than 600 volunteers on the internet, using about 1,600 computers running recently developed factoring algorithms, take eight months to factor RSA-129. They reveal the message, “THE MAGIC WORDS ARE SQUEAMISH OSSIFRAGE.”

2008 An RSA key of recommended length (2,048) would take more than a quadrillion years to break on a modern PC.

Attacks

There are 3 attacks methods:

1. In a ciphertext only attack, the adversary has only the ciphertext a. The goal is to find the corresponding plaintext b. The adversary may also try to find the key

2. In a know plaintext attack, the adversary has the ciphertext and the plaintext that was enciphered. a. The goal is to find the key

3. In a chosen plaintext attack, the adversary may specify specific plaintexts to be enciphered. The adversary then has specific plaintexts and their corresponding ciphertexts. a. The goal is to find key that was used to encipher the plaintexts.

A good cryptosystem protects against all three types of attacks. Attacks can use both mathematical and statistical techniques.

Confusion and Diffusion

Two additional important concepts are related to the amount of work required to perform an encryption. An encrypting algorithm should take the information from the plaintext and transform it so that the interceptor cannot readily recognize the message. The interceptor should not be able to predict what will happen to the ciphertext by changing one character in the plaintext. We call this characteristic confusion. An algorithm providing good confusion has a complex function relationship between the plaintext/key pair and the ciphertext.

The cipher should also spread the information from the plaintext over the entire ciphertext so that changes in the plaintext affect many parts of the ciphertext. This principle is called diffusion, the characteristic of distributing the information from single plaintext letters over the entire ciphertext. Good diffusion means that the interceptor needs access to much of the ciphertext to be able to infer the algorithm.

Symmetric

Symmetric or single-key cryptosystems are most common. They have been in use for centuries and are significantly used by the military. Consider the following picture.

P = D ( K, E( K, P ) )

Public Key Cryptosystems

In 1976 a new approach to cryptosystem was proposed where there was one key to encrypt the plaintext and a different key used to decrypt the ciphertext. The key used to encode the message is public, i.e. it is know to the world. The key that is used to decode the encoded message is private, i.e. this key is only known to the individual. Pictorially we have

P = D ( KD, E ( KE, P ) )

3 Characteristics

1. It must be computationally easy to encipher and decipher a message given the appropriate key.

2. It must be computationally infeasible to derive the private key from the public key

3. It must b e computationally infeasible to determine the private key from a chosen plaintext attack.

The above depiction of encoding and decoding a message using public and private keys can be expressed as

P = D ( KPub, E(KPri, P)) where KPri is the private key and KPub is the public key.

Note: The Public & Private key can be applied in either order.

Classical Cryptosystems

There are two classical symmetric key : transposition ciphers and substitution ciphers. We will look at both of these examples.

Transposition Cipher Rearrange the characters in the plaintext to form the ciphertext. The letters are not changed. This is really a permutation function. The best attack is a statistical frequency attack. An example of a is the .

Rail Fence Cipher

P: H E L L O W O R L D

H L W L E O O D L R

C: H L W L E O O D L R

Susceptible to a frequency of occurrence to discover the transposition

Substitution Cipher A changes the characters in the plaintext to produce the ciphertext. The Caesar cipher is an example of a substitution cipher and is shown below.

Caesar Cipher The idea again with the Caesar cipher is to shift letters n characters with wrap around.

ABCDEFGHIJKLMNOPQRSTUVWXYZ

Let’s do a 4 shift

P H E L L O

C L I P P S

P = C = { all sequences of letters }

K = { I | I is an integer o I 25 }

E = { Ek | k K and p P, Ek(p) = (p + k) mod 26 }

D = { Dk | k K and c C, Dk(p) = (26 + c - k) mod 26 }

Caesar ciphers are susceptible to statistical attacks.

Good Cipher Characteristics

In 1949 Shannon proposed the following characteristics for a good cipher:

1. The amount of secrecy needed should determine the amount of labor appropriate for the encryption and decryption

This is just common sense in that why spend tons of money on protecting something that has little value?

2. The set of keys and the enciphering algorithm should be free from complexity

This implies that we should restrict neither the choice of keys nor the types of plaintext on which the algorithms can work. If the process is too complex, it will not be used. Furthermore, the key must be transmitted, stored, and remembered, so it must be short.

3. The implementation of the process should be as simple as possible.

This principle reflects the date when the characteristics were proposed. It references a hand implementation of an encryption algorithm. Today with the computational power that we have, we have very complex encryption algorithms. Still keeping it as simple as possible is a good idea.

4. Errors in ciphering should not propagate and cause corruption of further information in the message.

Principle 4 acknowledges that there are errors in the enciphering process, errors in computing, transmission, or human entry. One early error in the process should not throw off the entire remaining cipher.

5. The size of the enciphered text should be no larger than the text of the original message.

A ciphertext that expands dramatically in size cannot possibly carry more information than the plaintext, yet it gives the cryptanalyst more data from which to infer a pattern. Also a longer ciphertext implies more space for storage and more time to communicate.

Properties of Trustworthy Encryption Systems

1. It is based on sound mathematics

Good cryptographic algorithms are not just invented. They are derived from solid principles.

2. It has been analyzed by competent experts and found to be sound

Even the best cryptographic experts can think of only so many possible attacks. The developers may become too convinced of the strength of their own algorithm. A review by critical outside experts is essential.

3. It has stood the “test of time”.

As a new algorithm gains popularity, people continue to review both its mathematical foundations and the way that it builds upon those foundations. Although a long period of successful use and analysis is not a guarantee of a good algorithm, the flaws in many algorithms are discovered relative soon after their release.

We will be talking about several commercial grade data encryption algorithms later. Three algorithms are popular in the commercial world, namely DES (), RSA (Rivest-Shamir-Adelman), and AES (advanced encryption standard).

The table below compares the symmetric and public key approaches to encryption.

Symmetric Key Public (Asymmetric) Key

Number of Keys 1 2

Protection of Key Must be kept secret One key must be kept secret; the other can be freely exposed

Best Uses Cryptographic workhorse; secrecy , and integrity of data – single authentication characters to blocks of data, messages, files

Key Distribution Must be out-of-band Public key can be used to distribute other keys

Speed Fast Slow; typically, 10,000 times slower than symmetric key

Data & Origin Authentication

Sender encrypts with her private key. Receiver decrypts with the sender’s public key.

Alice encrypts with her private key. Only she knows her private key.

Bob decrypts with Alice’s public key and knows that the message is authenticate because only Alice knows her private key.

Therefore, the message has been authenticated as being sent by Alice.

Confidentiality and Authentication

Sender encrypts sender’s private key and recipient’s public key

Alice encrypts with her private key and again with Bob’s public key

C = (KBPub, ( KAPri, P))

Bob decrypts with his private key and Alice’s public key.

P = (KAPub, (KBPri, C))

Note:

In practice n is very large ~ 1024, 2048, or 4096 bytes

Note: Symmetric encryption is the work horse x Very fast Addition, Xor, substitution, shifting

Public Key Encryption is used for special applications 10,000x slow multiplication, division