1 cryptography & classical ciphers ammar karim nust-seecs

1

Cryptography & Classical Ciphers

Ammar Karim

NUST-SEECS

2

Computer SecurityComputer Security - - generic name for generic name for the collection of tools designed to the collection of tools designed to protect data and to prevent hackers.protect data and to prevent hackers.

Network SecurityNetwork Security - - measures to measures to protect data during their transmission.protect data during their transmission.

Internet SecurityInternet Security - - measures to protect measures to protect data during their transmission over a data during their transmission over a collection of interconnected networks.collection of interconnected networks.

IntroductionIntroduction

3

Security AttackSecurity Attack

““Any action that compromises the security Any action that compromises the security of information owned by an organization”of information owned by an organization”

Information security is about how to Information security is about how to prevent attacks, or failing that, to detect prevent attacks, or failing that, to detect attacks on information-based systemsattacks on information-based systems

Generic types of attacksGeneric types of attacks passivepassive activeactive

4

Security Attacks

5

Passive AttacksPassive Attacks

6

Passive AttacksPassive Attacks

““Passive attacks” Passive attacks” attempt to learn or attempt to learn or make use of information from the system make use of information from the system but does not affect system resources.but does not affect system resources.

By By eavesdropping on, or monitoring of, eavesdropping on, or monitoring of, transmissions to:transmissions to: obtain message contents orobtain message contents or monitor traffic flowsmonitor traffic flows

Are difficult to detect Are difficult to detect because they do because they do not involve any alteration of the data.not involve any alteration of the data.

7

Active AttacksActive Attacks

8

Active AttacksActive Attacks

““Active attacks”Active attacks” attempt to alter system attempt to alter system resources or affect their operation.resources or affect their operation.

Passive attacks are relatively easier to detect. Passive attacks are relatively easier to detect. Measures are available to prevent their success. Measures are available to prevent their success.

On the contrary, it is quite difficult to prevent active On the contrary, it is quite difficult to prevent active attacks because of the wide variety of potential attacks because of the wide variety of potential physical, software, and network vulnerabilities. physical, software, and network vulnerabilities.

Instead, the goal is to detect active attacks and to Instead, the goal is to detect active attacks and to recover from any disruption or delays caused by recover from any disruption or delays caused by them. them.

9

Security ServiceSecurity Service

A processing or communication service A processing or communication service that enhances the security of the data that enhances the security of the data processing systems and the information processing systems and the information transfer for an organization. The services transfer for an organization. The services are intended to defy security attacks, and are intended to defy security attacks, and they make use of one or more security they make use of one or more security mechanisms to serve the purpose.mechanisms to serve the purpose.

10

Security Services (X.800)Security Services (X.800) Authentication

Assurance that the communicating entity is the one claimed

Access Control Prevention of the unauthorized use of a resource

Data Confidentiality Protection of data from unauthorized disclosure

Data Integrity Assurance that the contents of the data received

are the same as sent by an authorized entity Non-Repudiation

Protection against denial by one of the parties in a communication

11

Security Mechanisms Feature designed to detect, prevent, or

recover from a security attack. There is no single mechanism to provide

security of the data to be transmitted. However the element that underlies

most of the security mechanisms is the use of cryptographic techniques.

Cryptography is the art of secret writing, is the process of converting information, such as this slide, that can be read by most, into a secret code, that can only be read by those who are party to the secret.

12

Terminologies

13

Security Mechanisms

14

Cryptography vs. Steganography

Cryptography Overt writing: Evident that there is a

secret message. Enemy can intercept the message Enemy can decrypt the message

Steganography Covert writing: Its not evident that

there is a secret message.

15

Steganography Change the LSB of pixels in a random walk. Change the LSB of subsets of pixels (i.e. around

edges). Increment/Decrement the pixel value instead of

flipping the LSB.

16

Steganography- Example News Eight Weather:

Tonight increasing snow. Unexpected precipitation Smothers Eastern towns. Be extremely cautious and use snow-tires especially heading east. The highways are knowingly slippery. Highway evacuation is suspected. Police report emergency situations in downtown ending near Tuesday.

First letter of each word yields:

Newt is upset because he thinks he is President.

17

Steganography- Example

From WWII German spy (Kahn):

Apparently neutral’s protest is thoroughly discounted and ignored. Isman hard hit. Blockade issue affects pretext for embargo on by products, ejecting suet and vegetable Oils.

Second letter of each word yields:

Pershing sails from NY June 1.

18

Cryptography-- Cæsar Cipher

19

Conventional Encryption

20

Classification of Cryptographic Systems

21

Classification of Cryptographic Systems

22

Classification of Cryptographic Systems

23

Classification of Cryptographic Systems

24

Symmetric Case

Ek (M) = C Dk (C) = M Dk (Ek (M)) = M

25

Asymmetric Case

Ek1 (M) = C Dk2 (C) = M Dk2 (Ek1 (M)) = M

26

Kerchoff’s Principle

The security of cryptosystem must not depend on keeping secret the crypto-algorithm. It must depend on keeping secret the key.

Reasons: Details of the crypto-algorithm can be

captured or reverse-engineered. Even if so, frequently changing the key

maintains the security.

27

In symmetric-key cryptography, the same key is used by the sender (for encryption) and the receiver (for decryption). The key is shared.

NoteNote::

28

In symmetric-key cryptography, the same key is used in both directions.

NoteNote::

29

Class Exercise

30

Polyalphabetic Substitution: Vigen`ere Cipher

31

Example: Vigen`ere Cipher

32

Example: Vigen`ere Cipher

33

Example: Vigen`ere Cipher

34

In monoalphabetic substitution, the relationship between a character in the

plaintext to the character in the ciphertext is always one-to-one.

NoteNote::

35

In polyalphabetic substitution, the relationship between a character in the

plaintext and a character in the ciphertext is one-to-many.

NoteNote::

36

Rotor Encryption

37

Rotor Encryption

38

Rotor Encryption

39

Rotor Machine

40

Transposition: The Grille

41

Transposition: The Grille

42

Transposition: The Grille

43

Transposition: The Grille

44

Transposition: The Grille

45

Transposition: The Grille

46

Hill Cipher

To Encipher: C = KM mod n

To Decipher K-1C mod n = K-1KM mod n = M

Where C, K and M are dx1, dxd, dx1 matrices respectively.

K should be invertible modulo 26

47

Hill Cipher

To Encipher: C = KM mod n

To Decipher K-1C mod n = K-1KM mod n = M

Where C, K and M are dx1, dxd, dx1 matrices respectively.

Recall the concepts of Linear Algebra

48

Linear Algebra Revision

For the matrices A, B, C, D:AB != BA in general AC = AD does not necessarily imply C = D A(BC) = (AB)C k(AB) = (kA)B = A(kB) (A+B)C = AC+BC AI = IA = A

det (A) = ad - bc

49

Linear Algebra Revision

Also recall the third order determinants.

Inverse of a matrix A is possible iff: det (A) != 0

A-1 = adj (A) / det (A) A-1A = AA-1 = I

50

Linear Algebra Revision

51

Linear Algebra Revision

52

Back to……….Hill Cipher

53

Stream Ciphers

54

Stream Ciphers

55

Stream Ciphers

56

Stream Ciphers

57

One Time Pad

58

One Time Pad

59

One Time Pad-- Example

60

Simple Block Cipher

61

Playfair Cipher

62

Playfair Cipher

63

Playfair Example

64

Playfair Example

65

Playfair Example

66

Playfair Example

Class Quiz

You have intercepted a message encrypted with a cipher of the form:-

C = aM+b

where M is the plaintext and C is the ciphertext (both integers modulo 26). The ciphertext starts with BBDJ. The plaintext starts with OOPS.

Find the key.

67