cryptography basics
play

Cryptography Basics Network Security Instructor: Haojin Zhu 1 - PowerPoint PPT Presentation

Oct 11, 2022 •617 likes •1.2k views

Cryptography Basics Network Security Instructor: Haojin Zhu 1 Cryptography What is cryptography? Related fields: Cryptography ("secret writing"): Making secret messages Turning plaintext (an ordinary readable message)

  1. Cryptography Basics Network Security Instructor: Haojin Zhu 1

  2. Cryptography • What is cryptography? • Related fields: – Cryptography ("secret writing"): Making secret messages • Turning plaintext (an ordinary readable message) into Ciphertext (secret messages that are “hard” to read) – Cryptanalysis: Breaking secret messages • Recovering the plaintext from the ciphertext • Cryptology is the science that studies these both • The point of cryptography is to send secure messages over an insecure medium (like the Internet)

  3. Building blocks • Cryptography contains three major types of components Confidentiality components • • Preventing Eve from reading Alice’s messages • Integrity components • Preventing Mallory from modifying Alice’s messages without being detected Authenticity components • • Preventing Mallory from impersonating Alice 5-8

  4. Dramatis Personae • When talking about cryptography, we often use a standard cast of characters • Alice, Bob, Carol, Dave • People (usually honest) who wish to communicate • Eve • A passive eavesdropper, who can listen to any transmitted messages • Mallory • An active Man-In-The-Middle, who can listen to, and modify, insert, or delete, transmitted messages • Trent • A Trusted Third Party

  5. Why use Alice, Bob to represent attacker? Rivest 、 Shamir 、 Adleman , A Method of Obtaining Digital Signatures and Public-Key Cryptosystems , Communications of the ACM , 1978. (ACM Turing Award in 2002) 5

  6. Shamir 、 Rivest 、 Adleman 。 https://cryptologicfoundation.org/ 6

  7. Rivest loves the movie "Alices adventures in wonder land" 7

  8. Another movie “Bob & Carol & Ted & Alice” 8

  9. Kerckhoffs' Principle (19th c.) • The security of a cryptosystem should not rely on a secret that's hard (or expensive) to change • So don't have secret encryption methods • Then what do we do? • Have a large class of encryption methods, instead • Hopefully, they're all equally strong • Make the class public information • Use a secret key to specify which one you're using • It's easy to change the key; it's usually just a smallish number 5-8

  10. Kerckhoffs' Principle (19th c.) • This has a number of implications: • The system is at most as secure as the number of keys • Eve can just try them all, until she finds the right one • A strong cryptosystem is one where that's the best Eve can do • With weaker systems, there are shortcuts to finding the key • Example: newspaper cryptogram has 403,291,461,126,605,635,584,000,000 possible keys • But you don't try them all; it's way easier than that! 5-8

  11. Strong cryptosystems • What information do we assume the attacker (Eve) has when she's trying to break our system? • She may: • Know the algorithm (the public class of encryption methods) • Know some part of the plaintext • Know a number (maybe a large number) of corresponding plaintext/ciphertext pairs • Have access to an encryption and/or decryption oracle • And we still want to prevent Eve from learning the key! 5-8

  12. Secret-key encryption • Secret-key encryption is the simplest form of cryptography • Also called symmetric encryption • Used for thousands of years • The key Alice uses to encrypt the message is the same as the key Bob uses to decrypt it 5-8

  13. Secret-key encryption • Eve, not knowing the key, should not be able to recover the plaintext 5-8

  14. Perfect secret-key encryption • Is it possible to make a completely unbreakable cryptosystem? • Yes: the One-Time Pad • It's also very simple: • The key is a truly random bitstring of the same length as the message • The “Encrypt" and “Decrypt" functions are each just XOR 5-22

  15. One-time pad • Q: Why does "try every key" not work here? • It's very hard to use correctly • The key must be truly random, not pseudorandom • The key must never be used more than once! • A “two -time pad" is insecure! • Q: How do you share that much secret key? • Used in the Washington / Moscow hotline for many years 5-22

  16. Key Randomness in One-Time Pad • One-Time Pad uses a very long key, what if the key is not chosen randomly, instead, texts from, e.g., a book are used as keys. – this is not One-Time Pad anymore – this can be broken – How? • Corrolary: The key in One-Time Pad should never be reused. – If it is reused, it is Two-Time Pad, and is insecure! – Why? 16

  17. Usage of One-Time Pad • To use one-time pad, one must have keys as long as the messages. • To send messages totaling certain size, sender and receiver must agree on a shared secret key of that size. – typically by sending the key over a secure channel • Key agreement is difficult to do in practice. • Can’t one use the channel for sending the key to send the messages instead? • Why is OTP still useful, even though difficult to use? 17

  18. Usage of One-Time Pad • The channel for distributing keys may exist at a different time from when one has messages to send. • The channel for distributing keys may have the property that keys can be leaked, but such leakage will be detected – Such as in Quantum cryptography 18

  19. 19 http://www.xinhuanet.com/science/2018-01/21/c_136912037.htm

  20. 20

  21. https://www.youtube.com/watch?v=qj22gj6vNX4 21

  22. Computational security • In contrast to OTP's "perfect" or "info- theoretic“ security, most cryptosystems have "computational" security • This means that it's certain they can be broken, given enough work by Eve • How much is "enough"? • At worst, Eve tries every key • How long that takes depends on how long the keys are • But it only takes this long if there are no "shortcuts"! 5-22

  23. Some data points • One computer can try about 17 million keys per second • A medium-sized corporate or research lab may have 100 computers • The BOINC project has 13 million computers Berkeley Open Infrastructure for Network Computing • Remember that most computers are idle most of the time (they're waiting for you to type something); getting them to crack keys in their spare time doesn't actually cost anything extra 5-22

  24. 40-bit crypto • This was the US legal export limit for a long time 2 40 = 1,099,511,627,776 possible keys • • • One computer: 18 hours • • One lab: 11 minutes • • BOINC: 5 ms 5-22

  25. 56-bit crypto • This was the US government standard (DES) for a long time 2 56 = 72,057,594,037,927,936 possible keys • • One computer: 134 years • One lab: 16 months • BOINC: 5 minutes 5-22

  26. Cracking DES “DES cracker" machine of Electronic Frontier Foundation 5-22

  27. 128-bit crypto • This is the modern standard • 2 128 = 340,282,366,920,938,463,463,374,607, 431,768,211,456 possible keys • One computer: 635 thousand million million million years • One lab: 6 thousand million million million years • BOINC: 49 thousand million million years 5-22

  28. Well, we cheated a bit • This isn’t really true, since computers get faster over time • A better strategy for breaking 128-bit crypto is just to wait until computers get 2^ 88 times faster, then break it on one computer in 18 hours. • How long do we wait? Moore’s law says 132 years. • If we believe Moore’s law will keep on working, we’ll be able to break 128-bit crypto in 132 years (and 18 hours) :-) • Q: Do we believe this? 5-23

  29. An even better strategy • Don’t break the crypto at all! • There are always weaker parts of the system to attack • Remember the Principle of Easiest Penetration • The point of cryptography is to make sure the information transfer is not the weakest link

  30. Rubber hose cryptanalysis

  31. Encryption/Decryption plaintext ciphertext plaintext encryption decryption key key • Plaintext: a message in its original form • Ciphertext: a message in the transformed, unrecognized form • Encryption: the process that transforms a plaintext into a ciphertext • Decryption: the process that transforms a ciphertext to the corresponding plaintext • Key: the value used to control encryption/decryption. 31

  32. Cryptanalysis • “code breaking”, “attacking the cipher” • Difficulty depends on – sophistication of the cipher – amount of information available to the code breaker • Any cipher can be broken by exhaustive trials, but rarely practical 32

  33. Shift Cipher • The Key Space: – [0 .. 25] • Encryption given a key K: – each letter in the plaintext P is replaced with the K’th letter following corresponding number (shift right) • Decryption given K: – shift left History: K = 3, Caesar ’ s cipher 33

  34. Caesar Cipher • Replace each letter with the one 3 letters later in the alphabet – ex.: plaintext CAT → ciphertext FDW plaintext A B C D E F G H I J K … alphabet A B C D E F G H I J K … ciphertext alphabet Trivial to break 34

  35. Shift Cipher: Cryptanalysis • Can an attacker find K? – YES: by a bruteforce attack through exhaustive key search. • key space is small (<= 26 possible keys). – How much ciphertext is needed? • Lessons: – Key space needs to be large enough. – Exhaustive key search can be effective. 35

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Cryptography Basics Part 1: Concepts Cryptology: Contents Cryptography goals Encryption

Cryptography Basics Part 1: Concepts Cryptology: Contents Cryptography goals Encryption

Cryptography Basics Part 1: Concepts Cryptology: Contents Cryptography goals Encryption principles Encryption quality Cryptography Public key cryptography The art of making Next week: Example algorithms DES, AES, AES

893 views • 78 slides
RSA Cryptography basics of security / cryptography Bob encrypts message M into ciphertext

RSA Cryptography basics of security / cryptography Bob encrypts message M into ciphertext

RSA Cryptography basics of security / cryptography Bob encrypts message M into ciphertext C=P(M) using a public key; Bob sends C to Alice Alice decrypts ciphertext back into M using a private key (secret) M = S(C) anyone else

796 views • 16 slides
Cryptography basics for embedded developers Embedded Linux Conference, San Diego, 2016 &quot;If

Cryptography basics for embedded developers Embedded Linux Conference, San Diego, 2016 &quot;If

Cryptography basics for embedded developers Embedded Linux Conference, San Diego, 2016 &quot;If you think cryptography is the solution to your problem, then you don't understand your problem &quot; - Roger Needham Cryptography basics are

417 views • 25 slides
ilab Lab 7 Basics of Cryptography / Security I Testate 2 nd Half of Term This lecture is

ilab Lab 7 Basics of Cryptography / Security I Testate 2 nd Half of Term This lecture is

Lehrstuhl fr Netzarchitekturen und Netzdienste Institut fr Informatik Technische Universitt Mnchen ilab Lab 7 Basics of Cryptography / Security I Testate 2 nd Half of Term This lecture is divided into two halves: Basics of

935 views • 51 slides
1 Cryptography basics Secret-key encryption Algorithms (E, D) are widely known Also

1 Cryptography basics Secret-key encryption Algorithms (E, D) are widely known Also

Security The security environment Basics of cryptography User authentication Chapter 9: Security Attacks from inside the system Attacks from outside the system Protection mechanisms Trusted systems CS 1550, cs.pitt.edu

538 views • 11 slides
Basics of Cryptography and Cybersecurity Protecting Against Harm That May Come via Network

Basics of Cryptography and Cybersecurity Protecting Against Harm That May Come via Network

Basics of Cryptography and Cybersecurity Protecting Against Harm That May Come via Network Access Security Goal: Confidentiality q Suppose you are a customer using a credit card to order an item from a website q Threat: - An adversary may

305 views • 27 slides
Learning Cryptography through handcyphers or the encryption 101 If you understand the basics of

Learning Cryptography through handcyphers or the encryption 101 If you understand the basics of

Learning Cryptography through handcyphers or the encryption 101 If you understand the basics of cryptography you're more able to understand the tools and thus apply the technology better It's not too complex! It's not too complex! In this

460 views • 33 slides
CryptoClue Cryptography &amp; Math Circles An Unexpected Topic for a Math Circle Basics of

CryptoClue Cryptography &amp; Math Circles An Unexpected Topic for a Math Circle Basics of

CryptoClue CryptoClue The Setting Where? Who? With What? CryptoClue Cryptography &amp; Math Circles An Unexpected Topic for a Math Circle Basics of Cryptography Crime Resolved! Game History Math Circle Sharon K. Robbert References

639 views • 40 slides
Multivariate Quadratic Public-Key Cryptography Part 1: Basics Bo-Yin Yang Academia Sinica

Multivariate Quadratic Public-Key Cryptography Part 1: Basics Bo-Yin Yang Academia Sinica

Multivariate Quadratic Public-Key Cryptography Part 1: Basics Bo-Yin Yang Academia Sinica PQCrypto Executive Summer School 2017 Eindhoven, the Netherlands Friday, 23.06.2017 B.-Y. Yang (Academia Sinica) Multivariate Cryptography PQC Exec.

973 views • 49 slides
Multivariate Cryptography Part 1: Basics Albrecht Petzoldt PQCrypto Summer School 2017

Multivariate Cryptography Part 1: Basics Albrecht Petzoldt PQCrypto Summer School 2017

Multivariate Cryptography Part 1: Basics Albrecht Petzoldt PQCrypto Summer School 2017 Eindhoven, Netherlands Tuesday, 20.06.2017 A. Petzoldt Multivariate Cryptography PQCrypto Summer School 1 / 24 Multivariate Cryptography [DS06] MPKC:

621 views • 24 slides
HOST Cryptography I ECE 525 Cryptography Handbook of Applied Cryptography &amp;

HOST Cryptography I ECE 525 Cryptography Handbook of Applied Cryptography &amp;

HOST Cryptography I ECE 525 Cryptography Handbook of Applied Cryptography &amp; http://cseweb.ucsd.edu/users/mihir/cse207/ Brief History: Proliferation of computers and communication systems in 1960s brought with it a demand to protect

273 views • 24 slides
Modeling and verification of security protocols Part I: Basics of cryptography and introduction to

Modeling and verification of security protocols Part I: Basics of cryptography and introduction to

Modeling and verification of security protocols Part I: Basics of cryptography and introduction to security protocols Dresden University of Technology Martin Pitt martin@piware.de Paper and slides available at http://www.piware.de/docs.shtml

549 views • 33 slides
Chapter 9: Security Security The security environment Basics of cryptography User

Chapter 9: Security Security The security environment Basics of cryptography User

Chapter 9: Security Security The security environment Basics of cryptography User authentication Attacks from inside the system Attacks from outside the system Protection mechanisms Trusted systems Chapter 9: Security

801 views • 65 slides
An Overview on Post-Quantum Cryptography with an Emphasis on Code based Systems Joachim Rosenthal

An Overview on Post-Quantum Cryptography with an Emphasis on Code based Systems Joachim Rosenthal

Basics on Public Key Crypto Systems Research Directions in Post-Quantum Cryptography Variants of McEliece System Distinguisher Attacks McEliece for Rank Metric Codes An Overview on Post-Quantum Cryptography with an Emphasis on Code based

1.05k views • 100 slides
Basic Cryptography Ge Zhang What is Cryptography Cryptography Cryptosystem: 5-tuple (M,

Basic Cryptography Ge Zhang What is Cryptography Cryptography Cryptosystem: 5-tuple (M,

Karlstad University Basic Cryptography Ge Zhang What is Cryptography Cryptography Cryptosystem: 5-tuple (M, C, E, D, K) M: the set of plaintexts C: the set of ciphertexts E: M x K -&gt; C enciphering functions D: C x K

446 views • 40 slides
Intro to Cryptography Definitions Cryptography Cryptanalysis Cryptology CRYPTOGRAPHY

Intro to Cryptography Definitions Cryptography Cryptanalysis Cryptology CRYPTOGRAPHY

Intro to Cryptography Definitions Cryptography Cryptanalysis Cryptology CRYPTOGRAPHY Plaintext Cyphertext More definitions block cipher stream cipher hash function shared key public key digital signature

383 views • 16 slides
Validation of Critical Systems Christiano Braga Instituto de Computao with Rewriting Logic

Validation of Critical Systems Christiano Braga Instituto de Computao with Rewriting Logic

2nd School of Theoretical Computer Science and Formal Methods Validation of Critical Systems Christiano Braga Instituto de Computao with Rewriting Logic in Maude Universidade Federal Fluminense s 0 n 1 n 2 start s 1 s 5 t 1 n 2 n 1 t 2 s 2

1.07k views • 72 slides
Physics 115 General Physics II Session 21 Energy in E fields Electric Current Batteries

Physics 115 General Physics II Session 21 Energy in E fields Electric Current Batteries

Physics 115 General Physics II Session 21 Energy in E fields Electric Current Batteries Resistance R. J. Wilkes Email: phy115a@u.washington.edu Home page: http://courses.washington.edu/phy115a/ 5/6/14 1 Lecture Schedule (up to

466 views • 17 slides
Irvine/Underground Device Evaluating Attenuation Length Andrew Renshaw ANT 2011 Oct 11 th 2011

Irvine/Underground Device Evaluating Attenuation Length Andrew Renshaw ANT 2011 Oct 11 th 2011

Irvine/Underground Device Evaluating Attenuation Length Andrew Renshaw ANT 2011 Oct 11 th 2011 University of California, Irvine The Labs UCI Laboratory Setup IDEAL band - pass pure water Gd pretreat system system system Gd removal

718 views • 30 slides
1 most of their time thinking about the fundamentals, to take a step back and look at the broader

1 most of their time thinking about the fundamentals, to take a step back and look at the broader

MITOCW | 1. Introduction The following content is provided under a Creative Commons license. Your support will help MIT OpenCourseWare continue to offer high quality educational resources for free. To make a donation or view additional materials

779 views • 32 slides
Developing and Deploying Sensor Network Applications with AnduIN Daniel Klan Katja Hose Kai-Uwe

Developing and Deploying Sensor Network Applications with AnduIN Daniel Klan Katja Hose Kai-Uwe

Developing and Deploying Sensor Network Applications with AnduIN Daniel Klan Katja Hose Kai-Uwe Sattler Databases &amp; Information Systems Group Ilmenau University of Technology, Germany Outline Introduction AnduIN Query

1.09k views • 19 slides
Proactive Adaptations in Sensor Network Query Processing Alan B. Stokes , Alvaro A. A. Fernandes,

Proactive Adaptations in Sensor Network Query Processing Alan B. Stokes , Alvaro A. A. Fernandes,

Proactive Adaptations in Sensor Network Query Processing Alan B. Stokes , Alvaro A. A. Fernandes, Norman W. Paton School of Computer Science University of Manchester Manchester, UK { a.stokes|alvaro|norm } @cs.man.ac.uk SSDBM 2014 Basics:

620 views • 31 slides
CPSC 418/MATH 318 Introduction to Cryptography Outline Course Technicalities, Symmetric

CPSC 418/MATH 318 Introduction to Cryptography Outline Course Technicalities, Symmetric

CPSC 418/MATH 318 Introduction to Cryptography Outline Course Technicalities, Symmetric Cryptosystems Course Technicalities Renate Scheidler 1 Department of Mathematics &amp; Statistics Overview of Cryptography 2 Department of Computer

222 views • 9 slides
Sliding windows and face detection Tuesday, Nov 10 Kristen Grauman UT Austin Last time

Sliding windows and face detection Tuesday, Nov 10 Kristen Grauman UT Austin Last time

11/10/2009 Sliding windows and face detection Tuesday, Nov 10 Kristen Grauman UT Austin Last time Modeling categories with local features and spatial information: Histograms, configurations of visual words to capture Histograms

937 views • 40 slides

More recommend