Cryptography Study Notes by Steven Gordon School of Engineering and Technology CQUniversity Australia This book is available as: HTML: sandilands.info/crypto/ PDF: sandilands.info/crypto/crypto.pdf Crypto 20.03 14 May 2020 (r1863) Contents List of Figures vii List of Tables xi Glossary xiii I Introduction1 1 Introduction3 2 Cryptography Concepts and Terminology5 2.1 Security Concepts...............................5 2.2 Cryptography Concepts...........................6 2.3 Cryptography Notation and Terminology..................8 II Tools and Techniques9 3 Software Tools 11 3.1 Linux and Ubuntu.............................. 11 3.1.1 Hex and Binary Viewer: xxd..................... 11 3.1.2 Arbitrary Precision Calculator: bc................. 13 3.1.3 Random Numbers........................... 15 3.1.4 Hash Functions............................ 16 3.1.5 Bash Scripts.............................. 16 3.2 OpenSSL................................... 17 3.2.1 Overview of OpenSSL........................ 17 3.2.2 Common Operations......................... 17 3.2.3 Listing Ciphers and Algorithms................... 18 3.2.4 Random Number Generation with OpenSSL............ 19 3.3 Python..................................... 20 3.3.1 Cryptography Package........................ 20 3.3.2 PyCipher Package.......................... 20 4 Statistics for Communications and Security 23 4.1 Binary Values................................. 23 4.2 Counting.................................... 25 i ii CONTENTS 4.3 Permutations and Combinations....................... 26 4.4 Probability.................................. 28 4.5 Collisions................................... 30 5 Number Theory 31 5.1 Divisibility and Primes............................ 31 5.2 Modular Arithmetic.............................. 34 5.3 Fermat’s and Euler’s Theorems....................... 37 5.4 Discrete Logarithms............................. 37 5.5 Computationally Hard Problems....................... 40 III Symmetric Key Encryption 43 6 Classical Ciphers 45 6.1 Caesar Cipher................................. 45 6.1.1 Caesar Cipher Definitions and Examples.............. 45 6.1.2 Brute Force Attack on Caesar Cipher................ 48 6.2 Monoalphabetic Ciphers........................... 50 6.2.1 Monoalphabetic Cipher Definitions and Examples......... 50 6.2.2 Brute Force Attack on Monoalphabetic Cipher........... 51 6.2.3 Frequency Analysis Attack on Monoalphabetic Cipher....... 51 6.3 Playfair Cipher................................ 54 6.4 Polyalphabetic Ciphers............................ 57 6.5 Vigenère Cipher................................ 57 6.6 Vernam Cipher................................ 59 6.7 One Time Pad................................. 60 6.8 Transposition Techniques........................... 62 7 Encryption and Attacks 65 7.1 Encryption Building Blocks......................... 65 7.2 Attacks on Encryption............................ 68 7.2.1 Aims and Knowledge of the Attacker................ 69 7.2.2 Brute Force Attacks......................... 69 7.2.3 Cryptanalysis............................. 70 7.2.4 Measuring Security.......................... 72 7.3 Block Cipher Design Principles....................... 73 7.4 Stream Cipher Design Principles....................... 78 7.5 Example: Brute Force on DES........................ 79 7.6 Example: Brute Force on AES........................ 81 7.7 Example: Meet-in-the-Middle Attack.................... 82 7.8 Example: Cryptanalysis on Triple-DES and AES............. 87 8 Data Encryption Standard 89 8.1 Overview of the Data Encryption Standard (DES)............. 89 8.2 Simplified-DES................................ 89 8.3 Details of DES................................ 96 8.4 DES in OpenSSL............................... 101 CONTENTS iii 8.4.1 DES Encryption Basics in OpenSSL................. 101 8.4.2 Symmetric Key Encryption Padding and Modes of Operation.. 104 8.4.3 DES OpenSSL Exercises....................... 107 8.5 DES in Python................................ 107 9 Advanced Encryption Standard 109 9.1 Overview of AES............................... 109 9.2 Simplified-AES................................ 111 9.3 Simplified-AES Example........................... 116 9.4 Details of AES................................ 116 9.5 AES in OpenSSL............................... 118 9.5.1 AES Encryption Basics in OpenSSL................. 118 9.5.2 AES Performance Benchmarking.................. 118 9.5.3 AES OpenSSL Exercises....................... 119 9.6 AES in Python................................ 120 10 Pseudorandom Number Generators 121 11 Block Cipher Modes of Operation 123 11.1 Block Ciphers with Multiple Blocks..................... 123 11.2 Electronic Code Book............................. 124 11.3 Cipher Block Chaining Mode........................ 124 11.4 Cipher Feedback Mode............................ 125 11.5 Output Feedback Mode............................ 126 11.6 Counter Mode................................. 127 11.7 Feedback Characteristics of Modes..................... 128 11.8 XTS-AES................................... 128 IV Public Key Cryptography 133 12 Public Key Cryptography 135 12.1 Concepts of Public Key Cryptography................... 135 13 RSA 139 13.1 RSA Algorithm................................ 139 13.2 Analysis of RSA................................ 144 13.3 Implementations of RSA........................... 147 13.4 RSA in OpenSSL............................... 148 13.4.1 RSA Key Generation in OpenSSL.................. 149 13.4.2 RSA Signing in OpenSSL (Sender)................. 152 13.4.3 RSA Encryption in OpenSSL (Sender)............... 153 13.4.4 RSA Decryption in OpenSSL (Receiver).............. 153 13.4.5 RSA Verification in OpenSSL (Receiver).............. 154 13.4.6 RSA OpenSSL Exercises....................... 154 13.5 RSA in Python................................ 154 iv CONTENTS 14 Diffie–Hellman Key Exchange 155 14.1 Diffie–Hellman Key Exchange Algorithm.................. 155 14.2 Analysis of DHKE.............................. 158 14.3 Man-in-the-Middle Attack on DHKE.................... 159 14.4 Implementations of DHKE.......................... 161 14.5 Diffie–Hellman in OpenSSL......................... 161 14.6 DHKE in Python............................... 165 15 Elliptic Curve Cryptography 167 15.1 Overview of Elliptic Curve Cryptography.................. 167 15.2 Applications of Elliptic Curve Cryptography................ 174 15.3 Elliptic Curve Cryptography in OpenSSL.................. 175 V Authentication 177 16 Hash Functions and MACs 179 16.1 Introduction to Hash Functions....................... 179 16.2 Properties of Cryptographic Hash Functions................ 181 16.3 Introduction to Message Authentication Codes............... 184 17 Authentication and Data Integrity 187 17.1 Aims of Authentication............................ 187 17.2 Authentication with Symmetric Key Encryption.............. 188 17.3 Authentication with Hash Functions.................... 189 17.4 Authentication with MACs.......................... 191 17.5 Digital Signatures............................... 193 VI Key Management 195 18 Key Distribution and Management 197 18.1 Recommended Key Sizes........................... 197 19 Digital Certificates 199 VII Advances in Cryptography 201 20 Quantum Computing and Cryptography 203 20.1 Quantum Computing............................. 204 20.2 Quantum Algorithms............................. 206 20.3 Issues in Quantum Computing........................ 209 20.4 Quantum Cryptography........................... 211 20.5 Cryptography in the Quantum Era..................... 212 CONTENTS v VIII Additional Resources 213 A Cryptography Assumptions and Principles 215 A.1 Assumptions.................................. 215 A.1.1 Encryption.............................. 215 A.1.2 Knowledge of Attacker........................ 216 A.1.3 Authentication with Symmetric Key and MACs.......... 216 A.1.4 Hash Functions............................ 216 A.1.5 Digital Signatures........................... 216 A.1.6 Key Management and Random Numbers.............. 216 A.2 Principles................................... 217 B Data Formats 219 B.1 Common Data Formats............................ 219 B.1.1 English Alphabet........................... 219 B.1.2 Printable Keyboard Characters................... 219 B.1.3 Binary Data.............................. 220 B.1.4 ASCII................................. 220 B.1.5 Hexadecimal.............................. 221 B.1.6 Base64................................. 221 B.2 Conversions using Linux........................... 222 B.3 Conversions using Python.......................... 222 C Organisations and People in Cryptography 227 C.1 Organisations in Cryptography and Security................ 227 C.1.1 National Institute of Standards and Technology.......... 227 C.1.2 International Association for Cryptologic Research......... 227 C.1.3 Australian Signals Directorate.................... 227 C.1.4 National Security Agency...................... 227 C.1.5 Government Communications Headquarters............ 227 C.1.6 Institute of Electrical and Electronics Engineers.......... 227 C.1.7 Internet Engineering Task Force................... 227 C.2 People in Cryptography and Security.................... 228 C.2.1 Diffie, Hellman and Merkle...................... 228 C.2.2 Rivest, Shamir and Adleman..................... 228 C.2.3 Alan Turing.............................. 229 C.2.4 Claude Shannon............................ 230 C.2.5 Hedy Lamarr............................. 231 C.2.6 Phil Zimmermann..........................