– science of encrypting information. “scrambles” data so only authorized parties can “unscramble” and read data using two methods Can substitute – change one letter with a different letter Can transpose – scramble the order of letters, without actually changing one for another. The best both substitute and transpose.  Dang Thanh Binh

Explain general cryptography concepts Explain basic hashing concepts. Basic concepts. Explain and implement protocols Explain core concepts of public cryptography Cryptography - a method of storing and transmitting data Key space – the range of possible values used to in a form only intended for authorized parties to read or construct keys process. example: - science of studying, breaking, and if a key can be 4 digits (0-9) reverse engineering algorithms and keys. key space = 10,000 (0000 – 9999) Encryption – the method of transforming data (plaintext) if it can be 6 digits into an unreadable format. key space = 1,000,000 (000,000 – 999,999) Plain text – the format (usually readable) of data before Key Clustering – Instance when two different keys being encrypted generate the same text from the same plaintext Cipher text – the “Scrambled” format of data after being Work factor – estimated time and resources to break a encrypted

Decryption – the method of turning cipher text back into Romans used a shift cipher called a “CEASAR” cipher. plain text Shift simply shift characters in an alphabet. Encryption algorithm – a set or rules or procedures that dictates how to encrypt and decrypt data. Also called an encryption “cipher” Key – (crypto variable) a values used in the encryption process to encrypt and decrypt Jumbles up the ordering of characters in a message. The Spartans of Greece used a form of this called the “” Cipher. Hiding one message in another “Meet the mini me that ate later.” “Meet me later.”

The Vigenère cipher is named for Blaise de Vigenère, For example, suppose that the plaintext to be encrypted is: although Giovan Battista Bellaso had invented the cipher ATTACKATDAWN earlier. Vigenère did invent a stronger autokey cipher. The person sending the message chooses a keyword and repeats it until it matches the length of the plaintext, for Vigenère cipher is a method of encrypting alphabetic text example, the keyword "LEMON": LEMONLEMONLE by using a series of different Caesar ciphers based on the The first letter of the plaintext, A, is enciphered using the letters of a keyword. It is a simple form of polyalphabetic alphabet in row L, which is the first letter of the key. This is done substitution. by looking at the letter in row L and column A of the Vigenère square, namely L. The rest of the plaintext is enciphered in a This cipher is well known because while it is easy to similar fashion. understand and implement, it often appears to beginners Plaintext: ATTACKATDAWN to be unbreakable. Key:LEMONLEMONLE : LXFOPVEFRNHR Take the message and break it up into fixed sized blocks, encrypt each block using the given key.

Often with block encryption, we include a value in addition to the key that changes for each block, so we don’t get repetitive cipher text blocks. This is called Cipher Block Chaining (see next slide) Initialization Vectors are used with the first block in CBC The “key” is used as a key stream generator, which creates a series of bits each are is mathematically combined with the bit stream of plaintext to produce cipher text. This is done for small pieces of information, or information not in blocks. Keyboard input Morse Any input that arrives one bit or byte at a time

XORing is a Boolean mathematical “function” which Cipher Text Bit Bit Output Bit creates an output bit based on two input bits. It outputs a 1 0 1 IF and ONLYif one bit of input is 1 and the other is a 0. 1 1 1 0 INPUT1 INPUT 2 XOR OUTPUT 0 1 ------1 XOR 1 = 0 0 0 = 0 0 1 = 1 Cipher text = 0 1 0 = 1 1 1 = 0 Cipher Text Bit Keystream Bit Output Bit Cipher Text Bit Keystream Bit Output Bit

0 1 1 1 1 0 0 1 0 XOR 1 = 1 1 XOR 1 = 0

Cipher text = 0 1 Cipher text = 0 1 1 0

Cipher Text Bit Keystream Bit Output Bit Cipher Text Bit Keystream Bit Output Bit

0 1 1 1 1 XOR 0 = 1 0 XOR 1 = 1

Cipher text = 0 1 1 Cipher text =0 11 01 1011 – plain text The pad must be used only one time 0101 – pad The pad must be shared by both sides. ------XOR The pad must be as long as the message 1110 – cipher text The pad must be securely distributed In a one time pad you use a different key/pad each time The pad must be used up of truly random values you send a message

A “perfect cryptosystem” Idea same key is used to BOTH encrypt and decrypt data! Unbreakable if implemented properly The key is a series of bits (0 and 1) The plain text is converted to bits The message is XORed with the pad/key to generated the cipher text (more) Called Symmetric or “Private Key encryption” Data Encryption Standard Must securely distribute keys to both parties. Developed from at NIST request for an encryption standard Chicken in the egg situation with networks Chosen algorithm was called “Lucifer” from IBM Anyone with the key can either encrypt or decrypt Very Fast to encrypt or decrypt Fixed sized blocks of 64 bits Key Management is the big issue Key size 64 bits, effective size is 56 bits 16 rounds of substitution and transposition DES is no longer considered strong enough, can be broken easily with distributed computing.

n: number of parties who want Nothing but DES 3 times to securely communicate 3DES – EEE3 # keys = (n*(n-1)) / 2 3DES – EDE3 5 = (5*4)/2 = 10 keys 3DES – EEE2 10 = (10*9)/2 = 45 keys 3DES – EDE2 100 = (100*99)/2 = 4950 keys

1000 = (1000*999)/2 = 499500 Since it’s 3 x DES, 48 rounds of substitution and keys transposition. Developed as a replacement to DES Block cipher based on RC5 Actual algorithm is called “Rinjdael” Same attributes as RC5 Block cipher Developed to be a AES candidate 128 bit blocks Faster that RC5 Key sizes of 128,192, 256 Rounds depend on key size 9: for 128 keys 11: for 192 keys 13: for 256 bit keys

Block cipher – what was that again? Block size 32, 64, 128 Was proprietary, but released on Internet in 1994, “ARC4” Key Size up to 2048 bits is the “open version of RC4” Rounds up to 255, minimum of 12 recommended Key length 8 – 2048 bits Used in SSL and WEP communication Block cipher That’s Symmetric Encryption 64 bit blocks Understand the concept (shared keys) Keys 32 - 448 bits Understand it’s strengths (fast for bulk encryption and 16 rounds is the “full version” decryption) Free algorithm Understand it’s weaknesses (key management, non- repudiation) Understand the different algorithm “properties” on the slides.

International Data Encryption Algorithm Non-Repudiation – being able to definitively prove Proposed AES candidate someone said or wrote something. Block cipher Proves they actually sent a message 64 bit blocks Proves the message was not altered 128 bit keys Not free, Patent expires soon though How do we provide non-repudiation? We’ll see soon after we talk about hashes, and asymmetric encryption. Used in PGP Use 2 keys, public key to encrypt a message, private key is simple! can decrypt Asymmetric Encryption is SLOW, not suitable for encrypting large amounts of data What is a problem with Asymmetric Encryption and key exchange? (MiM) Can be used to “digitally sign” a message (in a few slides) Provides integrity Provides non-repudiation Can anyone see a use to Asymmetric encryption already?* (very important)

Called Public key encryption The original Asymmetric algorithm Requires 2 related keys Used with SSL, VPNS, ssh Public key – given to anyone Used ONLY for key exchange Private key – kept secret Generates session keys for secure SYMETRIC encryption Public key is used to encrypt message communications Private key is used to decrypt message Private key is used to sign messages Public key is used to validate signed messages Can be 100 times slower than DES Encryption, key exchange or digital signatures Can be used for encryption, key exchange and digital Security based on analyzing elliptic curves in finite fields signatures Does not require much computing overhead as such used Security based on difficulty of factoring large numbers. in devices with low resources (PDAs, Cell phones etc)* Was patented, has expired

Encryption or digital signatures Uses 2 keys, one for encryption, one for decryption Free This mitigates the key management, key distribution Can be used for encryption, key exchange and digital problem (kind of…) signatures Is VERY slow (orders of magnitude slower) Security based on computing discrete logarithms in a finite Can provide integrity and proof of sender (non-repudiation) field?!? Yeah.. I don’t even know what that means… time to Often used in a hybrid system (along with private key go back to math class. encryption) Slow Encrypt symmetric keys using asymmetric algorithms Based on / extended Diffie-Hellman Actually do large scale encryption with these asymmetric keys! Hashing is similar to encryption… but different. Once hashed, no way to get Hashing is a one way operation. back the original message Take input message Hash digests are fixed, so multiple messages theoretically Put through hashing function could produce the same hash Retrieve fixed length value (hash digest) digest (collision) oh… no...

Try for yourself at http://www.fileformat.info/tool/hash.htm Hashing can provide integrity (assuming no MiM (next slide)) Hashes can be combined with a private key to provide protection against MiM attacks (visualization in a few slides next slide) The more bits in the digest, generally the more secure (less change for collision…generally) One Example of a hash that you are probably familiar with is called a “CRC” Hash-based Message Authentication Code function hmac (key, message) Developed by Ronald Rivest (of RC and RSA fame) if (length(key) > blocksize) then key = hash(key) // keys longer than blocksize Optimized to run on 8 bit computers are shortened 128 bit digest end if if (length(key) < blocksize) then 128 bit blocks key = key zeroes(blocksize - length(key)) // keys shorter than blocksize are zero-padded end if o_key_pad = [0x5c * blocksize] key // Where blocksize is that of the underlying hash function i_key_pad = [0x36 * blocksize] key // Where is exclusive or (XOR) return hash(o_key_pad hash(i_key_pad message)) // Where is concatenation end function

Secure Hash Algorithm Optimized for 32 bit computers Designed/Published by NIST and NSA 128 bit digest Designed for use in the DSS Collisions can be found in under 1 minute on a PC ;( Modeled after MD4 SHA-1 (SHA-160) – 160 bit digest 512 bit blocks SHA-256 – 256 bit digest 512 bit blocks SHA-384 – 384 bit digest 1024 bit blocks SHA-512 – 512 bit digest 1024 bit blocks Similar to MD4, but more secure Slower and more secure 128 bit digest 512 bit blocks Was part of the NTLM authentication protocol Collisions in 8 hours on a PC Moving away from, to SHA

Know what a hash is Concept Fixed length digest What is a hash used for Know what a collision is Know it’s susceptible to MiM Know what HMAC is, and what it tries to accomplish Be familiar with MDx, and SHA-x Understand that SHA is considered the best algorithm Generally when I digital sign something.. I don’t encrypt the whole message. Instead Run message through hash algorithm, generated message digest Sign the “message digest” Send both the original message and the encrypted message digest

Provides Integrity Non repudiation NOT confidentiality