introduction to cryptography cs 136 computer security
play

Introduction to Cryptography CS 136 Computer Security Peter Reiher - PowerPoint PPT Presentation

Dec 11, 2022 •488 likes •1.16k views

Introduction to Cryptography CS 136 Computer Security Peter Reiher January 17, 2017 Lecture 3 Page 1 CS 136, Winter 2017 Outline What is data encryption? Cryptanalysis Basic encryption methods Substitution ciphers

  1. Introduction to Cryptography CS 136 Computer Security Peter Reiher January 17, 2017 Lecture 3 Page 1 CS 136, Winter 2017

  2. Outline • What is data encryption? • Cryptanalysis • Basic encryption methods – Substitution ciphers – Permutation ciphers Lecture 3 Page 2 CS 136, Winter 2017

  3. Introduction to Encryption • Much of computer security is about keeping secrets • One method is to make the secret hard for others to read • While (usually) making it simple for authorized parties to read Lecture 3 Page 3 CS 136, Winter 2017

  4. Encryption • Encryption is the process of hiding information in plain sight • Transform the secret data into something else • Even if the attacker can see the transformed data, he can’t understand the underlying secret Lecture 3 Page 4 CS 136, Winter 2017

  5. Encryption and Data Transformations • Encryption is all about transforming the data • One bit or byte pattern is transformed to another bit or byte pattern • Usually in a reversible way Lecture 3 Page 5 CS 136, Winter 2017

  6. Encryption Terminology • Encryption is typically described in terms of sending a message – Though it’s used for many other purposes • The sender is S • The receiver is R • And the attacker is O Lecture 3 Page 6 CS 136, Winter 2017

  7. More Terminology • Encryption is the process of making message unreadable/unalterable by O • Decryption is the process of making the encrypted message readable by R • A system performing these transformations is a cryptosystem – Rules for transformation sometimes called a cipher Lecture 3 Page 7 CS 136, Winter 2017

  8. Plaintext and Ciphertext • Plaintext is the original Transfer $100 to my form of the message savings (often referred to as P ) account • Ciphertext is the Sqzmredq #099 sn lx encrypted form of the rzuhmfr message (often referred zbbntms to as C ) Lecture 3 Page 8 CS 136, Winter 2017

  9. Very Basics of Encryption Algorithms • Most algorithms use a key to perform encryption and decryption – Referred to as K • The key is a secret • Without the key, decryption is hard • With the key, decryption is easy Lecture 3 Page 9 CS 136, Winter 2017

  10. Terminology for Encryption Algorithms • The encryption algorithm is referred to as E() • C = E(K,P) • The decryption algorithm is referred to as D() – Sometimes the same algorithm as E() • The decryption algorithm also has a key Lecture 3 Page 10 CS 136, Winter 2017

  11. Symmetric and Asymmetric Encryption Systems • Symmetric systems use the same keys for E and D : P = D(K, C) Expanding, P = D(K, E(K,P)) • Asymmetric systems use different keys for E and D: C = E(K E ,P) P = D(K D ,C) Lecture 3 Page 11 CS 136, Winter 2017

  12. Characteristics of Keyed Encryption Systems • If you change only the key, a given plaintext encrypts to a different ciphertext – Same applies to decryption • Decryption should be hard without knowing the key Lecture 3 Page 12 CS 136, Winter 2017

  13. Cryptanalysis • The process of trying to break a cryptosystem • Finding the meaning of an encrypted message without being given the key • To build a strong cryptosystem, you must understand cryptanalysis Lecture 3 Page 13 CS 136, Winter 2017

  14. Forms of Cryptanalysis • Analyze an encrypted message and deduce its contents • Analyze one or more encrypted messages to find a common key • Analyze a cryptosystem to find a fundamental flaw Lecture 3 Page 14 CS 136, Winter 2017

  15. Breaking Cryptosystems • Most cryptosystems are breakable • Some just cost more to break than others • The job of the cryptosystem designer is to make the cost infeasible – Or incommensurate with the benefit extracted Lecture 3 Page 15 CS 136, Winter 2017

  16. Types of Attacks on Cryptosystems • Ciphertext only • Known plaintext • Chosen plaintext – Differential cryptanalysis • Algorithm and ciphertext – Timing attacks • In many cases, the intent is to guess the key Lecture 3 Page 16 CS 136, Winter 2017

  17. Ciphertext Only • No a priore knowledge of plaintext • Or details of algorithm • Must work with probability distributions, patterns of common characters, etc. • Hardest type of attack Lecture 3 Page 17 CS 136, Winter 2017

  18. Known Plaintext • Full or partial • Cryptanalyst has matching sample of ciphertext and plaintext • Or may know something about what ciphertext represents – E.g., an IP packet with its headers Lecture 3 Page 18 CS 136, Winter 2017

  19. Chosen Plaintext • Cryptanalyst can submit chosen samples of plaintext to the cryptosystem • And recover the resulting ciphertext • Clever choices of plaintext may reveal many details • Differential cryptanalysis iteratively uses varying plaintexts to break the cryptosystem – By observing effects of controlled changes in the offered plaintext Lecture 3 Page 19 CS 136, Winter 2017

  20. Algorithm and Ciphertext • Cryptanalyst knows the algorithm and has a sample of ciphertext • But not the key, and cannot get any more similar ciphertext • Can use “exhaustive” runs of algorithm against guesses at plaintext • Password guessers often work this way • Brute force attacks – try every possible key to see which one works Lecture 3 Page 20 CS 136, Winter 2017

  21. Timing Attacks • Usually assume knowledge of algorithm • And ability to watch algorithm encrypting/ decrypting • Some algorithms perform different operations based on key values • Watch timing to try to deduce keys • Successful against some smart card crypto • Similarly, observe power use by hardware while it is performing cryptography Lecture 3 Page 21 CS 136, Winter 2017

  22. Basic Encryption Methods • Substitutions – Monoalphabetic – Polyalphabetic • Permutations Lecture 3 Page 22 CS 136, Winter 2017

  23. Substitution Ciphers • Substitute one or more characters in a message with one or more different characters • Using some set of rules • Decryption is performed by reversing the substitutions Lecture 3 Page 23 CS 136, Winter 2017

  24. Example of a Simple Substitution Cipher How did this transformation happen? Sqzmredq Sqzmredq Sqzmredq Sqzmrfer Sqzmreer Sqzmredq Sqzmredr Sqzmredq Sqzmredq Sqzmredq Sqzmredq Sqzmredq Sqzmredq Sqzmredq Sqzmredq Sqzmsfer Sqzmredq Sqzmredq Sqzmredq Sqzmredq Sqzmredq Sqzmredq Sqzmredq Sqzmredq Sqzmredq Sqzmredq Sqzmredq Sransfer Sqzmredq Sqznsfer Sqansfer Transfer Sqzmsfer #099 sn lx #099 to my #099 sn lx $100 to my #090 to my #099 sn lx #099 sn lx $100 to my #099 sn lx #099 sn ly #099 so my #099 sn lx #099 sn lx #099 sn my #099 sn lx #099 sn lx #000 to my #099 sn lx #099 sn lx $100 to my $100 to my $100 to my $100 to my #099 sn lx #099 sn lx #099 sn lx $100 to my #099 sn lx $100 to my #099 sn lx $100 to my #100 to my $100 to my rzuhmfr rzvings rzuhmfr rzuhmfr rzuhmfr rzuings rzuhmfr rzuhmfr rzuhngs rzuhmfr rzuhmgs rzuhmfs rzuhmfr savings ravings savings savings savings savings savings savings savings savings savings savings savings savings savings rzuhmfr savings savings savings savings zbbntms account account account zbbount account account zbbnunt account account zbbntnt account zbbntmt account account account zbcount account account account account account account account account zbbntms account account account account zccount account account Every letter was changed to the “next lower” letter Lecture 3 Page 24 CS 136, Winter 2017

  25. Caesar Ciphers • A simple substitution cipher like the previous example – Supposedly invented by Julius Caesar • Translate each letter a fixed number of positions in the alphabet • Reverse by translating in opposite direction Lecture 3 Page 25 CS 136, Winter 2017

  26. Is the Caesar Cipher a Good Cipher? • Well, it worked great 2000 years ago • It’s simple, but • It’s simple • Fails to conceal many important characteristics of the message • Which makes cryptanalysis easier • Limited number of useful keys Lecture 3 Page 26 CS 136, Winter 2017

  27. How Would Cryptanalysis Attack a Caesar Cipher? • Letter frequencies • In English (and other alphabetic languages), some letters occur more frequently than others • Caesar ciphers translate all occurrences of a given plaintext letter into the same ciphertext letter • All you need is the offset Lecture 3 Page 27 CS 136, Winter 2017

  28. More On Frequency Distributions • In most languages, some letters used more than others – In English, “e,” “t,” and “s” are common • True even in non-natural languages – Certain characters appear frequently in C code – Zero appears often in numeric data Lecture 3 Page 28 CS 136, Winter 2017

  29. Cryptanalysis and Frequency Distribution • If you know what kind of data was encrypted, you can (often) use frequency distributions to break it • Especially for Caesar ciphers – And other simple substitution-based encryption algorithms Lecture 3 Page 29 CS 136, Winter 2017

  30. Breaking Caesar Ciphers • Identify (or guess) the kind of data • Count frequency of each encrypted symbol • Match to observed frequencies of unencrypted symbols in similar plaintext • Provides probable mapping of cipher • The more ciphertext available, the more reliable this technique Lecture 3 Page 30 CS 136, Winter 2017

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Security in Distributed Systems Introduction Cryptography Authentication Key

Security in Distributed Systems Introduction Cryptography Authentication Key

Security in Distributed Systems Introduction Cryptography Authentication Key exchange Computer Science Lecture 18, page 1 Network Security Intruder may eavesdrop remove, modify, and/or insert messages read and

361 views • 11 slides
Cryptography Well, a gentle intro to cryptography Fall 2014 CS 334: Computer Security 1

Cryptography Well, a gentle intro to cryptography Fall 2014 CS 334: Computer Security 1

Cryptography Well, a gentle intro to cryptography Fall 2014 CS 334: Computer Security 1 Special Thanks: to our friends at the Australian Defense Force Academy for providing the basis for these slides Fall 2014 CS 334: Computer Security 2

730 views • 47 slides
Cryptography Well, a gentle intro to cryptography Fall 2010 CS 334: Computer Security 1

Cryptography Well, a gentle intro to cryptography Fall 2010 CS 334: Computer Security 1

Cryptography Well, a gentle intro to cryptography Fall 2010 CS 334: Computer Security 1 Special Thanks: to our friends at the Australian Defense Force Academy for providing the basis for these slides Fall 2010 CS 334: Computer Security 2

626 views • 43 slides
Symmetric Key Cryptography Introduction to Symmetric Key Cryptography Myth Where does security

Symmetric Key Cryptography Introduction to Symmetric Key Cryptography Myth Where does security

PQCRYPTO Summer School on Post-Quantum Cryptography 2017 Stefan Klbl June 19th, 2017 DTU Compute, Technical University of Denmark Symmetric Key Cryptography Introduction to Symmetric Key Cryptography Myth Where does security fail?

758 views • 72 slides
Security II: Cryptography Markus Kuhn Computer Laboratory Lent 2012 Part II

Security II: Cryptography Markus Kuhn Computer Laboratory Lent 2012 Part II

Security II: Cryptography Markus Kuhn Computer Laboratory Lent 2012 Part II http://www.cl.cam.ac.uk/teaching/1213/SecurityII/ 1 Related textbooks Jonathan Katz, Yehuda Lindell: Introduction to Modern Cryptography Chapman & Hall/CRC,

887 views • 39 slides
An Introduction to Quantum Computers and Quantum Cryptography Computer Network Security

An Introduction to Quantum Computers and Quantum Cryptography Computer Network Security

An Introduction to Quantum Computers and Quantum Cryptography Computer Network Security Prepared by: Nima Bayan, P.Eng. Fall 2003 Contents ! Introduction " Cryptography and Relativity " Quantum Algorithms " Quantum Computers !

227 views • 11 slides
CSE 484 / CSE M 584 Computer Security: Cryptography TA:

CSE 484 / CSE M 584 Computer Security: Cryptography TA:

CSE 484 / CSE M 584 Computer Security: Cryptography TA: Adrian Sham adrsham@cs Original slides by Franzi [Examples/Images thanks to Wikipedia.] Lab 1

374 views • 22 slides
Foundations of Network and Foundations of Network and Computer Security Computer Security J ohn

Foundations of Network and Foundations of Network and Computer Security Computer Security J ohn

Foundations of Network and Foundations of Network and Computer Security Computer Security J ohn Black J CSCI 6268/TLEN 5831, Fall 2004 Introduction UC Davis PhD in 2000 Cryptography Interested in broader security as well

492 views • 12 slides
CSCI-UA.9480 Introduction to Computer Security Session 1.3 Public Key Cryptography and

CSCI-UA.9480 Introduction to Computer Security Session 1.3 Public Key Cryptography and

CSCI-UA.9480 Introduction to Computer Security Session 1.3 Public Key Cryptography and Randomness Prof. Nadim Kobeissi 1.3a Hard Problems 2 CSCI-UA.9480: Introduction to Computer Security Nadim Kobeissi Evaluating computational

719 views • 49 slides
Objectives Goals of Cryptography Security Services Security Mechanisms Relationship

Objectives Goals of Cryptography Security Services Security Mechanisms Relationship

Overview on Modern Cryptography Debdeep Mukhopadhyay Assistant Professor Department of Computer Science and Engineering Indian Institute of Technology Kharagpur INDIA -721302 Objectives Goals of Cryptography Security Services

658 views • 16 slides
Introduction to Computer Security Foundations of Cryptography Pavel Laskov Wilhelm Schickard

Introduction to Computer Security Foundations of Cryptography Pavel Laskov Wilhelm Schickard

Introduction to Computer Security Foundations of Cryptography Pavel Laskov Wilhelm Schickard Institute for Computer Science Secret communication key key unitue unitue Alice Bob plaintext ciphertext plaintext Encryption I love you C

703 views • 30 slides
Introduction to Computer Security Formal Security Models Pavel Laskov Wilhelm Schickard

Introduction to Computer Security Formal Security Models Pavel Laskov Wilhelm Schickard

Introduction to Computer Security Formal Security Models Pavel Laskov Wilhelm Schickard Institute for Computer Science Security instruments learned so far Symmetric and asymmetric cryptography confidentiality, integrity, non-repudiation

319 views • 29 slides
Security II: Cryptography Markus Kuhn Computer Laboratory, University of Cambridge

Security II: Cryptography Markus Kuhn Computer Laboratory, University of Cambridge

Security II: Cryptography Markus Kuhn Computer Laboratory, University of Cambridge http://www.cl.cam.ac.uk/teaching/1415/SecurityII/ Lent 2015 Part II 1 Related textbooks Main reference: Jonathan Katz, Yehuda Lindell: Introduction to

1.68k views • 137 slides
Security II: Cryptography Markus Kuhn Computer Laboratory, University of Cambridge

Security II: Cryptography Markus Kuhn Computer Laboratory, University of Cambridge

Security II: Cryptography Markus Kuhn Computer Laboratory, University of Cambridge https://www.cl.cam.ac.uk/teaching/1516/SecurityII/ Lent 2016 Part II 1 Related textbooks Main reference: Jonathan Katz, Yehuda Lindell: Introduction

1.87k views • 154 slides
Security II: Cryptography Jonathan Katz, Yehuda Lindell: Introduction to Modern Cryptography

Security II: Cryptography Jonathan Katz, Yehuda Lindell: Introduction to Modern Cryptography

Related textbooks Main reference: Security II: Cryptography Jonathan Katz, Yehuda Lindell: Introduction to Modern Cryptography Chapman & Hall/CRC, 2nd ed., 2014 Further reading: Markus Kuhn Christof Paar, Jan Pelzl: Understanding

794 views • 27 slides
Python Cryptography & Security Jos Manuel Ortega | @jmortegac

Python Cryptography & Security Jos Manuel Ortega | @jmortegac

Python Cryptography & Security Jos Manuel Ortega | @jmortegac https://speakerdeck.com/jmortega Security Conferences INDEX 1 Introduction to cryptography 2 PyCrypto and other libraries 3 Django Security 4 OWASP & Best Practices 5

881 views • 61 slides
Codes and Chains [o c p d e f ... f [o c p d e f ... f [o c p d h f ... f [o h p d c f ... f

Codes and Chains [o c p d e f ... f [o c p d e f ... f [o c p d h f ... f [o h p d c f ... f

[a b c d e f ... z] [a c b d e f ... z] [a c b d e f ... r] [x c b d e f ... r] [r c b d e f... f] [r c b d e f ... f [o c b d e f ... f Codes and Chains [o c p d e f ... f [o c p d e f ... f [o c p d h f ... f [o h p d c f ... f [n h p

742 views • 56 slides
CSE 115 Introduction to Computer Science I Road map Review HTML injection SQL

CSE 115 Introduction to Computer Science I Road map Review HTML injection SQL

CSE 115 Introduction to Computer Science I Road map Review HTML injection SQL injection Persisting data Central Random Processing Access Unit Memory CPU RAM persistent storage (e.g. file or database) Persisting data text

600 views • 26 slides
Classical Encryption Techniques Substitution Transposition Steganography CSS441: Security and

Classical Encryption Techniques Substitution Transposition Steganography CSS441: Security and

CSS441 Classical Techniques Encrypt for Confidentiality Classical Encryption Techniques Substitution Transposition Steganography CSS441: Security and Cryptography Sirindhorn International Institute of Technology Thammasat University

726 views • 39 slides
STAT 605 Data Science Computing Introduction to sed and awk Editing text streams: sed sed is short

STAT 605 Data Science Computing Introduction to sed and awk Editing text streams: sed sed is short

STAT 605 Data Science Computing Introduction to sed and awk Editing text streams: sed sed is short for stream editor One of the most powerful and versatile UNIX tools Commonly paired with awk small command line language for string processing Has

465 views • 19 slides
Administrative - A2 has a number of corrections on Pizza. They are fixed in most recent .zip

Administrative - A2 has a number of corrections on Pizza. They are fixed in most recent .zip

Administrative - A2 has a number of corrections on Pizza. They are fixed in most recent .zip file. - Btw CNNs in Matlab: http://www.vlfeat. org/matconvnet/ Fei-Fei Li & Andrej Karpathy Fei-Fei Li & Andrej Karpathy Lecture 8 -

821 views • 66 slides
4/30/2013 Conditions for Patentability Several distinct inquiries: Is my invention useful

4/30/2013 Conditions for Patentability Several distinct inquiries: Is my invention useful

4/30/2013 Conditions for Patentability Several distinct inquiries: Is my invention useful does it have utility? Is my invention patent eligible subject matter? Is my invention actually new? (Did someone else invent or

345 views • 5 slides
CHARGE DEPOSITIONS IN THE APA GAPS FILTERING GAP CROSSING EVENTS FILTERING STOPPING EVENTS USING

CHARGE DEPOSITIONS IN THE APA GAPS FILTERING GAP CROSSING EVENTS FILTERING STOPPING EVENTS USING

CHARGE DEPOSITIONS IN THE APA GAPS FILTERING GAP CROSSING EVENTS FILTERING STOPPING EVENTS USING GAPS CALIBRATION FOR GAP WIDTHS TRISTAN BLACKBURN - SUSSEX ! It is currently unknown how charge deposited in the APA gaps will behave in actuality.

239 views • 20 slides
Benchmarking) A Practical Guide to Experimentation (and publics ou privs. recherche franais

Benchmarking) A Practical Guide to Experimentation (and publics ou privs. recherche franais

HAL Id: hal-01959453 scientifjques de niveau recherche, publis ou non, panion: Proceedings of the Genetic and Evolutionary Computation Conference Companion, Jul 2018, Nikolaus Hansen. A Practical Guide to Experimentation (and Benchmarking).

970 views • 78 slides

More recommend