Basic Cryptography Ge Zhang What is Cryptography Cryptography - - PDF document

▶

May 05, 2023 46 likes •451 views

Karlstad University Basic Cryptography Ge Zhang What is Cryptography Cryptography Cryptosystem: 5-tuple (M, C, E, D, K) M: the set of plaintexts C: the set of ciphertexts E: M x K -> C enciphering functions D: C x K

SLIDE 1

Basic Cryptography

Ge Zhang Karlstad University

SLIDE 2

What is Cryptography

Cryptography Cryptosystem: 5-tuple (M, C, E, D, K)

M: the set of plaintexts C: the set of ciphertexts E: M x K -> C enciphering functions D: C x K -> M deciphering functions K: the set of keys

SLIDE 3

Example: Caesar cipher

00000000001111111111222222
01234567890123456789012345
…ABCDEFGHIJKLMNOPQRSTUVWXYZ

M={all sequences of Roman letters} K={i | i is an integer such that

0<=i<=25}

E=(m+k) mod 26 D=(c-k) mod 26

SLIDE 4

Relative Frequency of Letters in English Text

SLIDE 5

Example

Break it! WKHIDNHUDQGWKHZDONHUPHH

WQHAWZHHN

SLIDE 6

Example: Vigenère cipher

SLIDE 7

Transportation cipher

Recorder the plaintext letters Plain text: attack on tomorrow Key: 4312567 Same letter frequencies as the original

plaintext

SLIDE 8

A taxonomy of Cryptosystems

Operations

Substitution ciphers
Transposition ciphers

Number of Keys used

Symmetric
Asymmetric (public key)

The way in which the plaintext is processed

Block cipher
Stream cipher

SLIDE 9

Attacks on Cryptosystems

Cryptanalysis Brute-force attack: tries every possible

key

Computational secure

Time Cost

SLIDE 10

Classical Feistel Network

Block size Key size Number of rounds Subkey generation

algorithm

Round function (F)

SLIDE 11

The Data Encryption Standard (DES)

Block size: 64 bit Key size: 56 bit Subkey generation

56bit key->16x48bit

subkeys

Round time: 16 S-boxes: 16 X 4 Permutation rule:

SLIDE 12

Round function (F) of DES

SLIDE 13

DES-- avalanche effect

Strong avalanche effect 2 Plaintext

0000 0000 …. 0000 0000 1000 0000 …. 0000 0000

Encrypted with the same key, 34 bits

different

Input 1.5% difference Output 53% difference

SLIDE 14

Weakness of DES

Design in 1970s 56 bit key: 2 56 = 7.2 X 10 16 Brute force

1142 years, 1 decryption/us 10 hrs, 106 decryptions/us

SLIDE 15

Triple DES

SLIDE 16

Asymmetric Key Cryptography

The problems of symmetric key? Asymmetric Key Cryptography

Private/secret key Public key

RSA algorithm

SLIDE 17

Asymmetric Key Cryptography

SLIDE 18

The RSA algorithm

each user generates a public/private key pair by:
selecting two large primes at random - p,q
computing n=p.q
define ø(n)=(p-1)(q-1)
selecting at random the encryption key e
where 1<e<ø(n), gcd(e,ø(n))=1
solve following equation to find decryption key d
ed mod ø(n)= 1 and 0≤d≤n
publish their public encryption key: PU={e,n}
keep secret private decryption key: PR={d,n}

SLIDE 19

The RSA algorithm

to encrypt a message M the sender:

btains public key of recipient

PU={e,n}

computes: C = Me mod n, where 0≤M<n

to decrypt the ciphertext C the owner:

uses their private key PR={d,n} computes: M = Cd mod n

SLIDE 20

Public-Key Applications

can classify uses into 3 categories:

encryption/decryption (provide

confidentiality)

digital signatures (provide

authentication)

key exchange (of session keys)

SLIDE 21

Message Authentication

message authentication is concerned

with:

protecting the integrity of a message validating identity of originator

then two alternative functions used:

hash function message authentication code (MAC)

SLIDE 22

Hash Functions

a Hash Function produces a digest of

some file/message/data

h = H(M)

Input a variable-length message M

utput a fixed-sized digest h

usually assume that the hash function

is public and not keyed

Usage of hash:

SLIDE 23

Requirements for Hash Functions

produces fixed-length output h

is easy to compute h=H(M) for any message M

given h is infeasible to find x s.t. H(x)=h

ne-way property

given x is infeasible to find y s.t. H(y)=H(x)

weak collision resistance

is infeasible to find any x,y s.t. H(y)=H(x)

strong collision resistance

SLIDE 24

Pigeonhole principle

SLIDE 25

Message Authentication Code (MAC)

Keyed hash

depending on both message and some key like encryption though need not be reversible

appended to message as a signature
receiver performs same computation on

message and checks it matches the MAC

provides assurance that message is unaltered

and comes from sender

SLIDE 26

Questions

SLIDE 27

Lab assignment

Secure communication

SLIDE 28

Blowfish

characteristics

fast
Less memory
Easy to implement
varying key size
Allows tuning for

speed/security tradeoff

SLIDE 29

Blowfish Key Schedule

Block size either 64 bit or 128 bit uses a 32 to 448 bit key 16 rounds Subkey generation Round function

SLIDE 30

Initialize s-boxes and p-arrays

Initialize subkeys before

en(de)crypting

Update:

P-array S-boxes

SLIDE 31

Algorithm of blowfish

SLIDE 32

Blowfish Encryption

uses two primitives: addition & XOR data is divided into two 32-bit halves L0 & R0

for i = 1 to 16 do

Ri = Li-1 XOR Pi; Li = F[Ri] XOR Ri-1;

L17 = R16 XOR P18; R17 = L16 XOR i17;

where

F[a,b,c,d] = ((S1,a + S2,b) XOR S3,c) + S4,a Break 32-bit Ri into (a,b,c,d)

SLIDE 33

F function

SLIDE 34

Diffie-Hellman Algorithm

SLIDE 35

Global Public Elements

q: Prime number α: α < q and α is a primitive root of q What is a primitive root of Prime

number q?

One whose power modulo q generate

all the integers from 1 to q-1

SLIDE 36

User A Key Generation

Select private XA

XA < q

Calculate public YA

YA = α X

A

mod q

SLIDE 37

User B Key Generation

Select private XB

XB < q

Calculate public YB

YB = α X

B

mod q

SLIDE 38

Diffie-Hellman Key Exchange

SLIDE 39

Diffie-Hellman Key Exchange

XA -> YA : YA = α X

A mod q

YA -> XA : XA = d logα,q (YA)

Discrete logarithm