lecture-1 network security
TRANSCRIPT
11
Network SecurityNetwork Security
Lecture-1Lecture-1
22
Dangers of 2006 and beyondDangers of 2006 and beyond1048713Spyware
bull also called adware or malwarebull Distributed through IE and Windowsbull Softwares like KaZaa and Bonzi buddy act as spywarebull Advertisement bombardmentbull People with Mozilla Firefox(cross platform web browser) are safebull Transferred by Trojan horse method or scripts
Identity Theft bullPhishingbullSpammingbullStealing personal informationbullVAULT concept in Zone alarm Firewall prevents Identity theft
Website attacksbullStealing information from other sources not just banksbullTrojan Horse method
33
Course OutlineCourse Outline
I CRYPTOGRAPHY1048713Secret-key cryptography1048713Classical encryption techniques 1048713DES AES1048713Public-key cryptography1048713RSA1048713Key management
44
Course Outline (Continued)Course Outline (Continued)
II AUTHENTICATION 1048713MAC1048713Hashes and message digests1048713Digital signatures1048713Kerberos
55
Course Outline (Continued)Course Outline (Continued)III Network securityIP securityWeb security (SSL secure electronic transactions) FirewallsVPNsWireless security
66
Course Outline (Continued)Course Outline (Continued)IV Other IssuesVirusesTrojan HorsesNetwork attacksSecuring networks
77
Teaching materialsTeaching materialsReference BooksNetwork Security (A Hackerrsquos Perspective) by Ankit Fadia by Premier PressCryptography Principles and Practices by William StallingsCryptography by SchniderCKaufman RPerlamn MSpecinerndashldquoNetwork security Private communication in a public worldrdquoHandouts
88
Why do we need CryptographyWhy do we need Cryptography
Computers are used by millions of people for many purposes1048713Banking1048713Shopping1048713Tax returns1048713Protesting1048713Military1048713Student records1048713hellip1048713Privacy is a crucial issue in many of these applications1048713Security is to make sure that nosy people cannot read or secretly modify messages intended for other recipients
99
The Good Old DaysThe Good Old Days
The world before computers was in some ways much simpler1048713Signing legalizing a paper would authenticate it1048713Photocopying easily detected1048713Erasing inserting modifying words on a paper document easily detectable1048713Secure transmission of a document seal it and use a reasonable mail carrier (hoping the mail train does not get robbed)1048713One can recognize each otherrsquos face voice hand signature etc
1010
The Electronic AgeThe Electronic Age
The ability to copy and alter information has changed dramatically1048713No difference between an ldquooriginalrdquo file and copies of it1048713Removing a word from a file or inserting others is undetectable1048713Adding a signature to the end of a fileemail one can impersonate it ndashadd it to other files as well modify it etc1048713Electronic traffic can be (and is) monitored altered often without noticing1048713How to authenticate the person electronically communicating with you
1111
Possible adversariesPossible adversariesStudent to have fun snooping on other peoplersquos emailCracker to test out someonersquos security system to steal dataBusinessman to discover a competitorrsquos strategic marketing planEx-employee to get revenge for being firedAccountant to embezzle money from a companyStockbroker to deny a promise made to a customer by emailConvict to steal credit card numbers for saleSpy to learn an enemyrsquos military or industrial secretsTerrorist to steal germ warfare secrets
1212
Important PointsImportant PointsMaking a network or a communication secure involves more than just keeping it free of programming errors
It involves outsmarting often intelligent dedicated and often well-funded adversaries
1313
Security issues some practical Security issues some practical situationssituations
A sends a file to B E intercepts it and reads itHow to send a file that looks gibberish to all but the intended receiver
A send a file to B E intercepts it modifies it and then forwards it to BHow to make sure that the document has been received in exactly the form it has been sent
E sends a file to B pretending it is from AHow to make sure your communication partner is really who (s)he claims to be
1414
Security issues some practical Security issues some practical situationssituations
A sends a message to B E is able to delay the message for a whileHow to detect old messages
A sends a message to B Later A (or B) denies having sent (received) the messageHow to deal with electronic contracts
1515
Classes of Network Security Classes of Network Security ProblemsProblems
Secrecy (or confidentiality)1048713Keep the information out of the hands of unauthorized users even if it has to travel over insecure linksAuthentication1048713Determine whom you are talking to before revealing sensitive informationNon-repudiation (or signatures)1048713Sender cannot deny the transmissionData integrity (or message authentication)1048713Make sure that the message received was exactly the message you sent (not necessarily interested here in the confidentiality of the document)
1616
Basic situation in cryptographyBasic situation in cryptography
1717
Basic situation in cryptographyBasic situation in cryptography
A(lice) sends a message (or file) to B(ob) through an open channel (say Internet) where E(vil nemy) tries to read or change the messageA will encrypt the plaintext using a key transforming it into a ldquounreadablerdquo cryptotextThis operation must be computationally easyB also has a key (say the same key) and decrypts the cryptotext to get the plaintext This operation must be computationally easyE tries to cryptanalyze deduce the plaintext (and the key) knowing only the cryptotext This operation should be computationally difficultWe will use cryptography to cover both the design of secure systems and their cryptanalysisndash cryptology is also used sometimes
1818
Cryptography-Some type of Cryptography-Some type of SystemsSystems
Depending on the type of operations in the encryptiondecryptionSubstitutions (replacements) or transpositions (rearrangement) Number of keys usedSymmetric unsymmetric systemsThe way the plaintext is processedBlock or stream approach
1919
Cryptanalysis (Some types of Cryptanalysis (Some types of attacks)attacks)
1048713Fundamental rule one must always assume that the attacker knows the methods for encryption and decryption he is only looking for the keys
bull Difficult to keep the cryptography algorithm secret (too many people involved)bull Bonus of advertising (People try to break it for you)
Passive attack the attacker only monitors the traffic attacking the confidentiality of the data
Active attack the adversary attempts to alter the transmission attacking data integrity confidentiality and authentication
Brute-force attack try every possible key on the ciphertext until an intelligible translation into a plaintext is obtained
2020
Brute forcingBrute forcing
2121
Attacks on protocolsAttacks on protocols
Known-key attack obtain some previous keys and use the information to get the new onesReplay the adversary records a communication session and replays the entire session or portions of it at a later timeImpersonation adversary assume the identity of a legitimate userDictionary the attacker has a list of probable passwords hashes them and compares with the entries in the list of true encrypted passwords hoping to get a match
2222
How secure is secureHow secure is secure
Evaluating the security of a system is a crucial and most difficult taskUnconditionally secure system
bullIf the ciphertext does not contain enough information to determine uniquely the corresponding ciphertext any plaintext may be mapped into that ciphertext with a suitable keybullConsequently the attacker cannot find the plaintext regardless of how much time and computational power he has because the information is not there
Bad news only one known system has this property one-time pad
2323
How secure is secureHow secure is secureProvable security
bull1048713Prove that breaking the system is equivalent with solving a supposedly difficult (math) problem (eg from Number Theory)
Computationally securebull1048713The (perceived) cost of breaking the system exceeds the value of the encrypted informationbullThe (perceived) time required to break the system exceeds the useful lifetime of the information
2424
Aims and objectives of the courseAims and objectives of the course
To increase awareness among computer professionals on ldquo Computer amp Network SecurityrdquoTo study the interesting science of cryptographyTo keep the contents lively by the right mix of mathematics algorithm design and protocol analysisTo award an A+ to ldquodeservingrdquo candidates To dive into the turbulent waters of computer crime and fight the ldquosharksrdquo (hackers)
2525
ICRYPTOGRAPHY
2626
I1 Secret Key cryptographyI1 Secret Key cryptography
I1 Secret-key cryptographyAlso called symmetric or conventional cryptographyFive ingredients
1048713Plaintext1048713Encryption algorithm runs on the plaintext and the encryption key to yield the ciphertext1048713Secret key an input to the encryption algorithm value independent of the plaintext different keys will yield different outputs1048713Ciphertext the scrambled text produced as an output by the encryption algorithm1048713Decryption algorithm runs on the ciphertext and the key to produce the plaintext
2727
Secret Key cryptography Secret Key cryptography (Contd)(Contd)
bull Requirements for secure conventional encryption1048713Strong encryption algorithm
bull An opponent who knows one or more ciphertexts would not be able to find the plaintexts or the key
bull Ideally even if he knows one or more pairs plaintext-ciphertext he would not be able to find the key
bull Sender and receiver must share the same key Once the key is compromised all communications using that key are readable
bull Encryption algorithm is not a secret
2828
Cryptography notationsCryptography notations
C=EK(P) denotes that C is the encryption of the plaintext P using the key K
P=DK(C) denotes that P is the decryption of the ciphertext C using the key K
2929
CAESER CipherCAESER Cipher1048713It is a typical substitution cipher and the oldest known ndashattributed to Julius Caesar1048713Simple rule replace each letter of the alphabet with the letterstanding 3 places further down the alphabet1048713Example
MEET ME AFTER THE TOGA PARTYPHHW PH DIWHU WKH WRJD SDUWBHere the key is 3 ndashchoose another key to get a different substitution1048713The alphabet is wrapped around so that after Z follows A
a b c d e f g h i j k l m n o p q r s t u v w x y zD E F G H I J K L M N O P Q R S T U V W X Y Z A B C
3030
CAESER CipherCAESER CipherMathematically give each letter a numbera b c d e f g h i j k l m n o p q r s t u v w x y z0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25
The key is a number from 0 to 25Caesar cipher can now be given asE(p) = (p + k) mod (26)D(C) = (C ndashk) mod (26)
3131
Attacking CAESER CipherAttacking CAESER Cipher
Substitute a value of key k from 0 to 25 and stop when english message is obtainedExercise attack the ciphertext
PHHW PH DIWHU WKH WRJD SDUWB
3232
Attack resultsAttack results
CAESER too easy to attack
Why
3333
Attack resultsAttack results
Adapted from Cryptography and network security Adapted from Cryptography and network security by William Stallingsby William Stallings
3434
Modification to CaeserModification to Caeser1048713
Ideainstead of shifting the letters with a fixed amount how about allowing any permutation of the alphabet
Plain a b c d e f g h I j k l m n o p q r s t u v w x y zCipher D K V Q F I B J W P E S C X H T M Y A U O L R G Z N
Plaintext if we wish to replace lettersCiphertext WI RF RWAJ UH YFTSDVF SFUUFYA1048713This is called monoalphabetic susbstitution cipherndasha single alphabet is usedThe increase in the number of keys is dramatic 26 ie more than 4x1026 possible keysCompare DES only has an order of 1016possible keys
Adapted from Cryptography and network security by William StallingsAdapted from Cryptography and network security by William Stallings
3535
3636
3737
3838
3939
4040
4141
4242
4343
4444
4545
4646
4747
4848
4949
5050
Hill CipherHill Cipher
5151
Hill CipherHill Cipher
Takes two or three or more letter Takes two or three or more letter combinations to the same size combinations to the same size combinations eg ldquotherdquo combinations eg ldquotherdquo ldquorqvrdquo ldquorqvrdquo
Uses simple linear equationsUses simple linear equations An example of a ldquoblockrdquo cipher An example of a ldquoblockrdquo cipher
encrypting a block of text at a timeencrypting a block of text at a time Numbered alphabet a = 0 b = 1 c = Numbered alphabet a = 0 b = 1 c =
3 etc3 etc(in CAP use ASCII code)(in CAP use ASCII code)
5252
ExampleExample
C1 = 9p1 + 18p2 + 10p3 (mod 26)
C2 = 16p1 + 21p2 + 1p3 (mod 26)
C3 = 5p1 + 12p2 + 23p3 (mod 26)
C1 9 18 10 p1
C2 = 16 21 1 p2 (mod 26)
C3 5 12 23 p3
5353
18 9 18 10 14
21 = 16 21 1 8 (mod 26)
9 5 12 23 19
I canrsquot do it
8 2 0 13 19 3 14 8 19
4 9 18 10 8
14 = 16 21 1 2 (mod 26)
12 5 12 23 0
19 9 18 10 13
12 = 16 21 1 19 (mod 26)
14 5 12 23 3
EOM TMY SVJ
5454
Hill ndash key is matrixHill ndash key is matrix
k11 k12 k13k11 k12 k13
k21 k22 k23k21 k22 k23
k31 k32 k33k31 k32 k33
Generalize to any size larger blocksGeneralize to any size larger blocks
Matrix must be invertibleMatrix must be invertible
5555
Hill ndash Important ObservationHill ndash Important ObservationF r i d a y
a b c d e f g h I j k l m n o p q r s t u v w
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22
x y z
23 24 25
22
Dangers of 2006 and beyondDangers of 2006 and beyond1048713Spyware
bull also called adware or malwarebull Distributed through IE and Windowsbull Softwares like KaZaa and Bonzi buddy act as spywarebull Advertisement bombardmentbull People with Mozilla Firefox(cross platform web browser) are safebull Transferred by Trojan horse method or scripts
Identity Theft bullPhishingbullSpammingbullStealing personal informationbullVAULT concept in Zone alarm Firewall prevents Identity theft
Website attacksbullStealing information from other sources not just banksbullTrojan Horse method
33
Course OutlineCourse Outline
I CRYPTOGRAPHY1048713Secret-key cryptography1048713Classical encryption techniques 1048713DES AES1048713Public-key cryptography1048713RSA1048713Key management
44
Course Outline (Continued)Course Outline (Continued)
II AUTHENTICATION 1048713MAC1048713Hashes and message digests1048713Digital signatures1048713Kerberos
55
Course Outline (Continued)Course Outline (Continued)III Network securityIP securityWeb security (SSL secure electronic transactions) FirewallsVPNsWireless security
66
Course Outline (Continued)Course Outline (Continued)IV Other IssuesVirusesTrojan HorsesNetwork attacksSecuring networks
77
Teaching materialsTeaching materialsReference BooksNetwork Security (A Hackerrsquos Perspective) by Ankit Fadia by Premier PressCryptography Principles and Practices by William StallingsCryptography by SchniderCKaufman RPerlamn MSpecinerndashldquoNetwork security Private communication in a public worldrdquoHandouts
88
Why do we need CryptographyWhy do we need Cryptography
Computers are used by millions of people for many purposes1048713Banking1048713Shopping1048713Tax returns1048713Protesting1048713Military1048713Student records1048713hellip1048713Privacy is a crucial issue in many of these applications1048713Security is to make sure that nosy people cannot read or secretly modify messages intended for other recipients
99
The Good Old DaysThe Good Old Days
The world before computers was in some ways much simpler1048713Signing legalizing a paper would authenticate it1048713Photocopying easily detected1048713Erasing inserting modifying words on a paper document easily detectable1048713Secure transmission of a document seal it and use a reasonable mail carrier (hoping the mail train does not get robbed)1048713One can recognize each otherrsquos face voice hand signature etc
1010
The Electronic AgeThe Electronic Age
The ability to copy and alter information has changed dramatically1048713No difference between an ldquooriginalrdquo file and copies of it1048713Removing a word from a file or inserting others is undetectable1048713Adding a signature to the end of a fileemail one can impersonate it ndashadd it to other files as well modify it etc1048713Electronic traffic can be (and is) monitored altered often without noticing1048713How to authenticate the person electronically communicating with you
1111
Possible adversariesPossible adversariesStudent to have fun snooping on other peoplersquos emailCracker to test out someonersquos security system to steal dataBusinessman to discover a competitorrsquos strategic marketing planEx-employee to get revenge for being firedAccountant to embezzle money from a companyStockbroker to deny a promise made to a customer by emailConvict to steal credit card numbers for saleSpy to learn an enemyrsquos military or industrial secretsTerrorist to steal germ warfare secrets
1212
Important PointsImportant PointsMaking a network or a communication secure involves more than just keeping it free of programming errors
It involves outsmarting often intelligent dedicated and often well-funded adversaries
1313
Security issues some practical Security issues some practical situationssituations
A sends a file to B E intercepts it and reads itHow to send a file that looks gibberish to all but the intended receiver
A send a file to B E intercepts it modifies it and then forwards it to BHow to make sure that the document has been received in exactly the form it has been sent
E sends a file to B pretending it is from AHow to make sure your communication partner is really who (s)he claims to be
1414
Security issues some practical Security issues some practical situationssituations
A sends a message to B E is able to delay the message for a whileHow to detect old messages
A sends a message to B Later A (or B) denies having sent (received) the messageHow to deal with electronic contracts
1515
Classes of Network Security Classes of Network Security ProblemsProblems
Secrecy (or confidentiality)1048713Keep the information out of the hands of unauthorized users even if it has to travel over insecure linksAuthentication1048713Determine whom you are talking to before revealing sensitive informationNon-repudiation (or signatures)1048713Sender cannot deny the transmissionData integrity (or message authentication)1048713Make sure that the message received was exactly the message you sent (not necessarily interested here in the confidentiality of the document)
1616
Basic situation in cryptographyBasic situation in cryptography
1717
Basic situation in cryptographyBasic situation in cryptography
A(lice) sends a message (or file) to B(ob) through an open channel (say Internet) where E(vil nemy) tries to read or change the messageA will encrypt the plaintext using a key transforming it into a ldquounreadablerdquo cryptotextThis operation must be computationally easyB also has a key (say the same key) and decrypts the cryptotext to get the plaintext This operation must be computationally easyE tries to cryptanalyze deduce the plaintext (and the key) knowing only the cryptotext This operation should be computationally difficultWe will use cryptography to cover both the design of secure systems and their cryptanalysisndash cryptology is also used sometimes
1818
Cryptography-Some type of Cryptography-Some type of SystemsSystems
Depending on the type of operations in the encryptiondecryptionSubstitutions (replacements) or transpositions (rearrangement) Number of keys usedSymmetric unsymmetric systemsThe way the plaintext is processedBlock or stream approach
1919
Cryptanalysis (Some types of Cryptanalysis (Some types of attacks)attacks)
1048713Fundamental rule one must always assume that the attacker knows the methods for encryption and decryption he is only looking for the keys
bull Difficult to keep the cryptography algorithm secret (too many people involved)bull Bonus of advertising (People try to break it for you)
Passive attack the attacker only monitors the traffic attacking the confidentiality of the data
Active attack the adversary attempts to alter the transmission attacking data integrity confidentiality and authentication
Brute-force attack try every possible key on the ciphertext until an intelligible translation into a plaintext is obtained
2020
Brute forcingBrute forcing
2121
Attacks on protocolsAttacks on protocols
Known-key attack obtain some previous keys and use the information to get the new onesReplay the adversary records a communication session and replays the entire session or portions of it at a later timeImpersonation adversary assume the identity of a legitimate userDictionary the attacker has a list of probable passwords hashes them and compares with the entries in the list of true encrypted passwords hoping to get a match
2222
How secure is secureHow secure is secure
Evaluating the security of a system is a crucial and most difficult taskUnconditionally secure system
bullIf the ciphertext does not contain enough information to determine uniquely the corresponding ciphertext any plaintext may be mapped into that ciphertext with a suitable keybullConsequently the attacker cannot find the plaintext regardless of how much time and computational power he has because the information is not there
Bad news only one known system has this property one-time pad
2323
How secure is secureHow secure is secureProvable security
bull1048713Prove that breaking the system is equivalent with solving a supposedly difficult (math) problem (eg from Number Theory)
Computationally securebull1048713The (perceived) cost of breaking the system exceeds the value of the encrypted informationbullThe (perceived) time required to break the system exceeds the useful lifetime of the information
2424
Aims and objectives of the courseAims and objectives of the course
To increase awareness among computer professionals on ldquo Computer amp Network SecurityrdquoTo study the interesting science of cryptographyTo keep the contents lively by the right mix of mathematics algorithm design and protocol analysisTo award an A+ to ldquodeservingrdquo candidates To dive into the turbulent waters of computer crime and fight the ldquosharksrdquo (hackers)
2525
ICRYPTOGRAPHY
2626
I1 Secret Key cryptographyI1 Secret Key cryptography
I1 Secret-key cryptographyAlso called symmetric or conventional cryptographyFive ingredients
1048713Plaintext1048713Encryption algorithm runs on the plaintext and the encryption key to yield the ciphertext1048713Secret key an input to the encryption algorithm value independent of the plaintext different keys will yield different outputs1048713Ciphertext the scrambled text produced as an output by the encryption algorithm1048713Decryption algorithm runs on the ciphertext and the key to produce the plaintext
2727
Secret Key cryptography Secret Key cryptography (Contd)(Contd)
bull Requirements for secure conventional encryption1048713Strong encryption algorithm
bull An opponent who knows one or more ciphertexts would not be able to find the plaintexts or the key
bull Ideally even if he knows one or more pairs plaintext-ciphertext he would not be able to find the key
bull Sender and receiver must share the same key Once the key is compromised all communications using that key are readable
bull Encryption algorithm is not a secret
2828
Cryptography notationsCryptography notations
C=EK(P) denotes that C is the encryption of the plaintext P using the key K
P=DK(C) denotes that P is the decryption of the ciphertext C using the key K
2929
CAESER CipherCAESER Cipher1048713It is a typical substitution cipher and the oldest known ndashattributed to Julius Caesar1048713Simple rule replace each letter of the alphabet with the letterstanding 3 places further down the alphabet1048713Example
MEET ME AFTER THE TOGA PARTYPHHW PH DIWHU WKH WRJD SDUWBHere the key is 3 ndashchoose another key to get a different substitution1048713The alphabet is wrapped around so that after Z follows A
a b c d e f g h i j k l m n o p q r s t u v w x y zD E F G H I J K L M N O P Q R S T U V W X Y Z A B C
3030
CAESER CipherCAESER CipherMathematically give each letter a numbera b c d e f g h i j k l m n o p q r s t u v w x y z0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25
The key is a number from 0 to 25Caesar cipher can now be given asE(p) = (p + k) mod (26)D(C) = (C ndashk) mod (26)
3131
Attacking CAESER CipherAttacking CAESER Cipher
Substitute a value of key k from 0 to 25 and stop when english message is obtainedExercise attack the ciphertext
PHHW PH DIWHU WKH WRJD SDUWB
3232
Attack resultsAttack results
CAESER too easy to attack
Why
3333
Attack resultsAttack results
Adapted from Cryptography and network security Adapted from Cryptography and network security by William Stallingsby William Stallings
3434
Modification to CaeserModification to Caeser1048713
Ideainstead of shifting the letters with a fixed amount how about allowing any permutation of the alphabet
Plain a b c d e f g h I j k l m n o p q r s t u v w x y zCipher D K V Q F I B J W P E S C X H T M Y A U O L R G Z N
Plaintext if we wish to replace lettersCiphertext WI RF RWAJ UH YFTSDVF SFUUFYA1048713This is called monoalphabetic susbstitution cipherndasha single alphabet is usedThe increase in the number of keys is dramatic 26 ie more than 4x1026 possible keysCompare DES only has an order of 1016possible keys
Adapted from Cryptography and network security by William StallingsAdapted from Cryptography and network security by William Stallings
3535
3636
3737
3838
3939
4040
4141
4242
4343
4444
4545
4646
4747
4848
4949
5050
Hill CipherHill Cipher
5151
Hill CipherHill Cipher
Takes two or three or more letter Takes two or three or more letter combinations to the same size combinations to the same size combinations eg ldquotherdquo combinations eg ldquotherdquo ldquorqvrdquo ldquorqvrdquo
Uses simple linear equationsUses simple linear equations An example of a ldquoblockrdquo cipher An example of a ldquoblockrdquo cipher
encrypting a block of text at a timeencrypting a block of text at a time Numbered alphabet a = 0 b = 1 c = Numbered alphabet a = 0 b = 1 c =
3 etc3 etc(in CAP use ASCII code)(in CAP use ASCII code)
5252
ExampleExample
C1 = 9p1 + 18p2 + 10p3 (mod 26)
C2 = 16p1 + 21p2 + 1p3 (mod 26)
C3 = 5p1 + 12p2 + 23p3 (mod 26)
C1 9 18 10 p1
C2 = 16 21 1 p2 (mod 26)
C3 5 12 23 p3
5353
18 9 18 10 14
21 = 16 21 1 8 (mod 26)
9 5 12 23 19
I canrsquot do it
8 2 0 13 19 3 14 8 19
4 9 18 10 8
14 = 16 21 1 2 (mod 26)
12 5 12 23 0
19 9 18 10 13
12 = 16 21 1 19 (mod 26)
14 5 12 23 3
EOM TMY SVJ
5454
Hill ndash key is matrixHill ndash key is matrix
k11 k12 k13k11 k12 k13
k21 k22 k23k21 k22 k23
k31 k32 k33k31 k32 k33
Generalize to any size larger blocksGeneralize to any size larger blocks
Matrix must be invertibleMatrix must be invertible
5555
Hill ndash Important ObservationHill ndash Important ObservationF r i d a y
a b c d e f g h I j k l m n o p q r s t u v w
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22
x y z
23 24 25
33
Course OutlineCourse Outline
I CRYPTOGRAPHY1048713Secret-key cryptography1048713Classical encryption techniques 1048713DES AES1048713Public-key cryptography1048713RSA1048713Key management
44
Course Outline (Continued)Course Outline (Continued)
II AUTHENTICATION 1048713MAC1048713Hashes and message digests1048713Digital signatures1048713Kerberos
55
Course Outline (Continued)Course Outline (Continued)III Network securityIP securityWeb security (SSL secure electronic transactions) FirewallsVPNsWireless security
66
Course Outline (Continued)Course Outline (Continued)IV Other IssuesVirusesTrojan HorsesNetwork attacksSecuring networks
77
Teaching materialsTeaching materialsReference BooksNetwork Security (A Hackerrsquos Perspective) by Ankit Fadia by Premier PressCryptography Principles and Practices by William StallingsCryptography by SchniderCKaufman RPerlamn MSpecinerndashldquoNetwork security Private communication in a public worldrdquoHandouts
88
Why do we need CryptographyWhy do we need Cryptography
Computers are used by millions of people for many purposes1048713Banking1048713Shopping1048713Tax returns1048713Protesting1048713Military1048713Student records1048713hellip1048713Privacy is a crucial issue in many of these applications1048713Security is to make sure that nosy people cannot read or secretly modify messages intended for other recipients
99
The Good Old DaysThe Good Old Days
The world before computers was in some ways much simpler1048713Signing legalizing a paper would authenticate it1048713Photocopying easily detected1048713Erasing inserting modifying words on a paper document easily detectable1048713Secure transmission of a document seal it and use a reasonable mail carrier (hoping the mail train does not get robbed)1048713One can recognize each otherrsquos face voice hand signature etc
1010
The Electronic AgeThe Electronic Age
The ability to copy and alter information has changed dramatically1048713No difference between an ldquooriginalrdquo file and copies of it1048713Removing a word from a file or inserting others is undetectable1048713Adding a signature to the end of a fileemail one can impersonate it ndashadd it to other files as well modify it etc1048713Electronic traffic can be (and is) monitored altered often without noticing1048713How to authenticate the person electronically communicating with you
1111
Possible adversariesPossible adversariesStudent to have fun snooping on other peoplersquos emailCracker to test out someonersquos security system to steal dataBusinessman to discover a competitorrsquos strategic marketing planEx-employee to get revenge for being firedAccountant to embezzle money from a companyStockbroker to deny a promise made to a customer by emailConvict to steal credit card numbers for saleSpy to learn an enemyrsquos military or industrial secretsTerrorist to steal germ warfare secrets
1212
Important PointsImportant PointsMaking a network or a communication secure involves more than just keeping it free of programming errors
It involves outsmarting often intelligent dedicated and often well-funded adversaries
1313
Security issues some practical Security issues some practical situationssituations
A sends a file to B E intercepts it and reads itHow to send a file that looks gibberish to all but the intended receiver
A send a file to B E intercepts it modifies it and then forwards it to BHow to make sure that the document has been received in exactly the form it has been sent
E sends a file to B pretending it is from AHow to make sure your communication partner is really who (s)he claims to be
1414
Security issues some practical Security issues some practical situationssituations
A sends a message to B E is able to delay the message for a whileHow to detect old messages
A sends a message to B Later A (or B) denies having sent (received) the messageHow to deal with electronic contracts
1515
Classes of Network Security Classes of Network Security ProblemsProblems
Secrecy (or confidentiality)1048713Keep the information out of the hands of unauthorized users even if it has to travel over insecure linksAuthentication1048713Determine whom you are talking to before revealing sensitive informationNon-repudiation (or signatures)1048713Sender cannot deny the transmissionData integrity (or message authentication)1048713Make sure that the message received was exactly the message you sent (not necessarily interested here in the confidentiality of the document)
1616
Basic situation in cryptographyBasic situation in cryptography
1717
Basic situation in cryptographyBasic situation in cryptography
A(lice) sends a message (or file) to B(ob) through an open channel (say Internet) where E(vil nemy) tries to read or change the messageA will encrypt the plaintext using a key transforming it into a ldquounreadablerdquo cryptotextThis operation must be computationally easyB also has a key (say the same key) and decrypts the cryptotext to get the plaintext This operation must be computationally easyE tries to cryptanalyze deduce the plaintext (and the key) knowing only the cryptotext This operation should be computationally difficultWe will use cryptography to cover both the design of secure systems and their cryptanalysisndash cryptology is also used sometimes
1818
Cryptography-Some type of Cryptography-Some type of SystemsSystems
Depending on the type of operations in the encryptiondecryptionSubstitutions (replacements) or transpositions (rearrangement) Number of keys usedSymmetric unsymmetric systemsThe way the plaintext is processedBlock or stream approach
1919
Cryptanalysis (Some types of Cryptanalysis (Some types of attacks)attacks)
1048713Fundamental rule one must always assume that the attacker knows the methods for encryption and decryption he is only looking for the keys
bull Difficult to keep the cryptography algorithm secret (too many people involved)bull Bonus of advertising (People try to break it for you)
Passive attack the attacker only monitors the traffic attacking the confidentiality of the data
Active attack the adversary attempts to alter the transmission attacking data integrity confidentiality and authentication
Brute-force attack try every possible key on the ciphertext until an intelligible translation into a plaintext is obtained
2020
Brute forcingBrute forcing
2121
Attacks on protocolsAttacks on protocols
Known-key attack obtain some previous keys and use the information to get the new onesReplay the adversary records a communication session and replays the entire session or portions of it at a later timeImpersonation adversary assume the identity of a legitimate userDictionary the attacker has a list of probable passwords hashes them and compares with the entries in the list of true encrypted passwords hoping to get a match
2222
How secure is secureHow secure is secure
Evaluating the security of a system is a crucial and most difficult taskUnconditionally secure system
bullIf the ciphertext does not contain enough information to determine uniquely the corresponding ciphertext any plaintext may be mapped into that ciphertext with a suitable keybullConsequently the attacker cannot find the plaintext regardless of how much time and computational power he has because the information is not there
Bad news only one known system has this property one-time pad
2323
How secure is secureHow secure is secureProvable security
bull1048713Prove that breaking the system is equivalent with solving a supposedly difficult (math) problem (eg from Number Theory)
Computationally securebull1048713The (perceived) cost of breaking the system exceeds the value of the encrypted informationbullThe (perceived) time required to break the system exceeds the useful lifetime of the information
2424
Aims and objectives of the courseAims and objectives of the course
To increase awareness among computer professionals on ldquo Computer amp Network SecurityrdquoTo study the interesting science of cryptographyTo keep the contents lively by the right mix of mathematics algorithm design and protocol analysisTo award an A+ to ldquodeservingrdquo candidates To dive into the turbulent waters of computer crime and fight the ldquosharksrdquo (hackers)
2525
ICRYPTOGRAPHY
2626
I1 Secret Key cryptographyI1 Secret Key cryptography
I1 Secret-key cryptographyAlso called symmetric or conventional cryptographyFive ingredients
1048713Plaintext1048713Encryption algorithm runs on the plaintext and the encryption key to yield the ciphertext1048713Secret key an input to the encryption algorithm value independent of the plaintext different keys will yield different outputs1048713Ciphertext the scrambled text produced as an output by the encryption algorithm1048713Decryption algorithm runs on the ciphertext and the key to produce the plaintext
2727
Secret Key cryptography Secret Key cryptography (Contd)(Contd)
bull Requirements for secure conventional encryption1048713Strong encryption algorithm
bull An opponent who knows one or more ciphertexts would not be able to find the plaintexts or the key
bull Ideally even if he knows one or more pairs plaintext-ciphertext he would not be able to find the key
bull Sender and receiver must share the same key Once the key is compromised all communications using that key are readable
bull Encryption algorithm is not a secret
2828
Cryptography notationsCryptography notations
C=EK(P) denotes that C is the encryption of the plaintext P using the key K
P=DK(C) denotes that P is the decryption of the ciphertext C using the key K
2929
CAESER CipherCAESER Cipher1048713It is a typical substitution cipher and the oldest known ndashattributed to Julius Caesar1048713Simple rule replace each letter of the alphabet with the letterstanding 3 places further down the alphabet1048713Example
MEET ME AFTER THE TOGA PARTYPHHW PH DIWHU WKH WRJD SDUWBHere the key is 3 ndashchoose another key to get a different substitution1048713The alphabet is wrapped around so that after Z follows A
a b c d e f g h i j k l m n o p q r s t u v w x y zD E F G H I J K L M N O P Q R S T U V W X Y Z A B C
3030
CAESER CipherCAESER CipherMathematically give each letter a numbera b c d e f g h i j k l m n o p q r s t u v w x y z0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25
The key is a number from 0 to 25Caesar cipher can now be given asE(p) = (p + k) mod (26)D(C) = (C ndashk) mod (26)
3131
Attacking CAESER CipherAttacking CAESER Cipher
Substitute a value of key k from 0 to 25 and stop when english message is obtainedExercise attack the ciphertext
PHHW PH DIWHU WKH WRJD SDUWB
3232
Attack resultsAttack results
CAESER too easy to attack
Why
3333
Attack resultsAttack results
Adapted from Cryptography and network security Adapted from Cryptography and network security by William Stallingsby William Stallings
3434
Modification to CaeserModification to Caeser1048713
Ideainstead of shifting the letters with a fixed amount how about allowing any permutation of the alphabet
Plain a b c d e f g h I j k l m n o p q r s t u v w x y zCipher D K V Q F I B J W P E S C X H T M Y A U O L R G Z N
Plaintext if we wish to replace lettersCiphertext WI RF RWAJ UH YFTSDVF SFUUFYA1048713This is called monoalphabetic susbstitution cipherndasha single alphabet is usedThe increase in the number of keys is dramatic 26 ie more than 4x1026 possible keysCompare DES only has an order of 1016possible keys
Adapted from Cryptography and network security by William StallingsAdapted from Cryptography and network security by William Stallings
3535
3636
3737
3838
3939
4040
4141
4242
4343
4444
4545
4646
4747
4848
4949
5050
Hill CipherHill Cipher
5151
Hill CipherHill Cipher
Takes two or three or more letter Takes two or three or more letter combinations to the same size combinations to the same size combinations eg ldquotherdquo combinations eg ldquotherdquo ldquorqvrdquo ldquorqvrdquo
Uses simple linear equationsUses simple linear equations An example of a ldquoblockrdquo cipher An example of a ldquoblockrdquo cipher
encrypting a block of text at a timeencrypting a block of text at a time Numbered alphabet a = 0 b = 1 c = Numbered alphabet a = 0 b = 1 c =
3 etc3 etc(in CAP use ASCII code)(in CAP use ASCII code)
5252
ExampleExample
C1 = 9p1 + 18p2 + 10p3 (mod 26)
C2 = 16p1 + 21p2 + 1p3 (mod 26)
C3 = 5p1 + 12p2 + 23p3 (mod 26)
C1 9 18 10 p1
C2 = 16 21 1 p2 (mod 26)
C3 5 12 23 p3
5353
18 9 18 10 14
21 = 16 21 1 8 (mod 26)
9 5 12 23 19
I canrsquot do it
8 2 0 13 19 3 14 8 19
4 9 18 10 8
14 = 16 21 1 2 (mod 26)
12 5 12 23 0
19 9 18 10 13
12 = 16 21 1 19 (mod 26)
14 5 12 23 3
EOM TMY SVJ
5454
Hill ndash key is matrixHill ndash key is matrix
k11 k12 k13k11 k12 k13
k21 k22 k23k21 k22 k23
k31 k32 k33k31 k32 k33
Generalize to any size larger blocksGeneralize to any size larger blocks
Matrix must be invertibleMatrix must be invertible
5555
Hill ndash Important ObservationHill ndash Important ObservationF r i d a y
a b c d e f g h I j k l m n o p q r s t u v w
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22
x y z
23 24 25
44
Course Outline (Continued)Course Outline (Continued)
II AUTHENTICATION 1048713MAC1048713Hashes and message digests1048713Digital signatures1048713Kerberos
55
Course Outline (Continued)Course Outline (Continued)III Network securityIP securityWeb security (SSL secure electronic transactions) FirewallsVPNsWireless security
66
Course Outline (Continued)Course Outline (Continued)IV Other IssuesVirusesTrojan HorsesNetwork attacksSecuring networks
77
Teaching materialsTeaching materialsReference BooksNetwork Security (A Hackerrsquos Perspective) by Ankit Fadia by Premier PressCryptography Principles and Practices by William StallingsCryptography by SchniderCKaufman RPerlamn MSpecinerndashldquoNetwork security Private communication in a public worldrdquoHandouts
88
Why do we need CryptographyWhy do we need Cryptography
Computers are used by millions of people for many purposes1048713Banking1048713Shopping1048713Tax returns1048713Protesting1048713Military1048713Student records1048713hellip1048713Privacy is a crucial issue in many of these applications1048713Security is to make sure that nosy people cannot read or secretly modify messages intended for other recipients
99
The Good Old DaysThe Good Old Days
The world before computers was in some ways much simpler1048713Signing legalizing a paper would authenticate it1048713Photocopying easily detected1048713Erasing inserting modifying words on a paper document easily detectable1048713Secure transmission of a document seal it and use a reasonable mail carrier (hoping the mail train does not get robbed)1048713One can recognize each otherrsquos face voice hand signature etc
1010
The Electronic AgeThe Electronic Age
The ability to copy and alter information has changed dramatically1048713No difference between an ldquooriginalrdquo file and copies of it1048713Removing a word from a file or inserting others is undetectable1048713Adding a signature to the end of a fileemail one can impersonate it ndashadd it to other files as well modify it etc1048713Electronic traffic can be (and is) monitored altered often without noticing1048713How to authenticate the person electronically communicating with you
1111
Possible adversariesPossible adversariesStudent to have fun snooping on other peoplersquos emailCracker to test out someonersquos security system to steal dataBusinessman to discover a competitorrsquos strategic marketing planEx-employee to get revenge for being firedAccountant to embezzle money from a companyStockbroker to deny a promise made to a customer by emailConvict to steal credit card numbers for saleSpy to learn an enemyrsquos military or industrial secretsTerrorist to steal germ warfare secrets
1212
Important PointsImportant PointsMaking a network or a communication secure involves more than just keeping it free of programming errors
It involves outsmarting often intelligent dedicated and often well-funded adversaries
1313
Security issues some practical Security issues some practical situationssituations
A sends a file to B E intercepts it and reads itHow to send a file that looks gibberish to all but the intended receiver
A send a file to B E intercepts it modifies it and then forwards it to BHow to make sure that the document has been received in exactly the form it has been sent
E sends a file to B pretending it is from AHow to make sure your communication partner is really who (s)he claims to be
1414
Security issues some practical Security issues some practical situationssituations
A sends a message to B E is able to delay the message for a whileHow to detect old messages
A sends a message to B Later A (or B) denies having sent (received) the messageHow to deal with electronic contracts
1515
Classes of Network Security Classes of Network Security ProblemsProblems
Secrecy (or confidentiality)1048713Keep the information out of the hands of unauthorized users even if it has to travel over insecure linksAuthentication1048713Determine whom you are talking to before revealing sensitive informationNon-repudiation (or signatures)1048713Sender cannot deny the transmissionData integrity (or message authentication)1048713Make sure that the message received was exactly the message you sent (not necessarily interested here in the confidentiality of the document)
1616
Basic situation in cryptographyBasic situation in cryptography
1717
Basic situation in cryptographyBasic situation in cryptography
A(lice) sends a message (or file) to B(ob) through an open channel (say Internet) where E(vil nemy) tries to read or change the messageA will encrypt the plaintext using a key transforming it into a ldquounreadablerdquo cryptotextThis operation must be computationally easyB also has a key (say the same key) and decrypts the cryptotext to get the plaintext This operation must be computationally easyE tries to cryptanalyze deduce the plaintext (and the key) knowing only the cryptotext This operation should be computationally difficultWe will use cryptography to cover both the design of secure systems and their cryptanalysisndash cryptology is also used sometimes
1818
Cryptography-Some type of Cryptography-Some type of SystemsSystems
Depending on the type of operations in the encryptiondecryptionSubstitutions (replacements) or transpositions (rearrangement) Number of keys usedSymmetric unsymmetric systemsThe way the plaintext is processedBlock or stream approach
1919
Cryptanalysis (Some types of Cryptanalysis (Some types of attacks)attacks)
1048713Fundamental rule one must always assume that the attacker knows the methods for encryption and decryption he is only looking for the keys
bull Difficult to keep the cryptography algorithm secret (too many people involved)bull Bonus of advertising (People try to break it for you)
Passive attack the attacker only monitors the traffic attacking the confidentiality of the data
Active attack the adversary attempts to alter the transmission attacking data integrity confidentiality and authentication
Brute-force attack try every possible key on the ciphertext until an intelligible translation into a plaintext is obtained
2020
Brute forcingBrute forcing
2121
Attacks on protocolsAttacks on protocols
Known-key attack obtain some previous keys and use the information to get the new onesReplay the adversary records a communication session and replays the entire session or portions of it at a later timeImpersonation adversary assume the identity of a legitimate userDictionary the attacker has a list of probable passwords hashes them and compares with the entries in the list of true encrypted passwords hoping to get a match
2222
How secure is secureHow secure is secure
Evaluating the security of a system is a crucial and most difficult taskUnconditionally secure system
bullIf the ciphertext does not contain enough information to determine uniquely the corresponding ciphertext any plaintext may be mapped into that ciphertext with a suitable keybullConsequently the attacker cannot find the plaintext regardless of how much time and computational power he has because the information is not there
Bad news only one known system has this property one-time pad
2323
How secure is secureHow secure is secureProvable security
bull1048713Prove that breaking the system is equivalent with solving a supposedly difficult (math) problem (eg from Number Theory)
Computationally securebull1048713The (perceived) cost of breaking the system exceeds the value of the encrypted informationbullThe (perceived) time required to break the system exceeds the useful lifetime of the information
2424
Aims and objectives of the courseAims and objectives of the course
To increase awareness among computer professionals on ldquo Computer amp Network SecurityrdquoTo study the interesting science of cryptographyTo keep the contents lively by the right mix of mathematics algorithm design and protocol analysisTo award an A+ to ldquodeservingrdquo candidates To dive into the turbulent waters of computer crime and fight the ldquosharksrdquo (hackers)
2525
ICRYPTOGRAPHY
2626
I1 Secret Key cryptographyI1 Secret Key cryptography
I1 Secret-key cryptographyAlso called symmetric or conventional cryptographyFive ingredients
1048713Plaintext1048713Encryption algorithm runs on the plaintext and the encryption key to yield the ciphertext1048713Secret key an input to the encryption algorithm value independent of the plaintext different keys will yield different outputs1048713Ciphertext the scrambled text produced as an output by the encryption algorithm1048713Decryption algorithm runs on the ciphertext and the key to produce the plaintext
2727
Secret Key cryptography Secret Key cryptography (Contd)(Contd)
bull Requirements for secure conventional encryption1048713Strong encryption algorithm
bull An opponent who knows one or more ciphertexts would not be able to find the plaintexts or the key
bull Ideally even if he knows one or more pairs plaintext-ciphertext he would not be able to find the key
bull Sender and receiver must share the same key Once the key is compromised all communications using that key are readable
bull Encryption algorithm is not a secret
2828
Cryptography notationsCryptography notations
C=EK(P) denotes that C is the encryption of the plaintext P using the key K
P=DK(C) denotes that P is the decryption of the ciphertext C using the key K
2929
CAESER CipherCAESER Cipher1048713It is a typical substitution cipher and the oldest known ndashattributed to Julius Caesar1048713Simple rule replace each letter of the alphabet with the letterstanding 3 places further down the alphabet1048713Example
MEET ME AFTER THE TOGA PARTYPHHW PH DIWHU WKH WRJD SDUWBHere the key is 3 ndashchoose another key to get a different substitution1048713The alphabet is wrapped around so that after Z follows A
a b c d e f g h i j k l m n o p q r s t u v w x y zD E F G H I J K L M N O P Q R S T U V W X Y Z A B C
3030
CAESER CipherCAESER CipherMathematically give each letter a numbera b c d e f g h i j k l m n o p q r s t u v w x y z0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25
The key is a number from 0 to 25Caesar cipher can now be given asE(p) = (p + k) mod (26)D(C) = (C ndashk) mod (26)
3131
Attacking CAESER CipherAttacking CAESER Cipher
Substitute a value of key k from 0 to 25 and stop when english message is obtainedExercise attack the ciphertext
PHHW PH DIWHU WKH WRJD SDUWB
3232
Attack resultsAttack results
CAESER too easy to attack
Why
3333
Attack resultsAttack results
Adapted from Cryptography and network security Adapted from Cryptography and network security by William Stallingsby William Stallings
3434
Modification to CaeserModification to Caeser1048713
Ideainstead of shifting the letters with a fixed amount how about allowing any permutation of the alphabet
Plain a b c d e f g h I j k l m n o p q r s t u v w x y zCipher D K V Q F I B J W P E S C X H T M Y A U O L R G Z N
Plaintext if we wish to replace lettersCiphertext WI RF RWAJ UH YFTSDVF SFUUFYA1048713This is called monoalphabetic susbstitution cipherndasha single alphabet is usedThe increase in the number of keys is dramatic 26 ie more than 4x1026 possible keysCompare DES only has an order of 1016possible keys
Adapted from Cryptography and network security by William StallingsAdapted from Cryptography and network security by William Stallings
3535
3636
3737
3838
3939
4040
4141
4242
4343
4444
4545
4646
4747
4848
4949
5050
Hill CipherHill Cipher
5151
Hill CipherHill Cipher
Takes two or three or more letter Takes two or three or more letter combinations to the same size combinations to the same size combinations eg ldquotherdquo combinations eg ldquotherdquo ldquorqvrdquo ldquorqvrdquo
Uses simple linear equationsUses simple linear equations An example of a ldquoblockrdquo cipher An example of a ldquoblockrdquo cipher
encrypting a block of text at a timeencrypting a block of text at a time Numbered alphabet a = 0 b = 1 c = Numbered alphabet a = 0 b = 1 c =
3 etc3 etc(in CAP use ASCII code)(in CAP use ASCII code)
5252
ExampleExample
C1 = 9p1 + 18p2 + 10p3 (mod 26)
C2 = 16p1 + 21p2 + 1p3 (mod 26)
C3 = 5p1 + 12p2 + 23p3 (mod 26)
C1 9 18 10 p1
C2 = 16 21 1 p2 (mod 26)
C3 5 12 23 p3
5353
18 9 18 10 14
21 = 16 21 1 8 (mod 26)
9 5 12 23 19
I canrsquot do it
8 2 0 13 19 3 14 8 19
4 9 18 10 8
14 = 16 21 1 2 (mod 26)
12 5 12 23 0
19 9 18 10 13
12 = 16 21 1 19 (mod 26)
14 5 12 23 3
EOM TMY SVJ
5454
Hill ndash key is matrixHill ndash key is matrix
k11 k12 k13k11 k12 k13
k21 k22 k23k21 k22 k23
k31 k32 k33k31 k32 k33
Generalize to any size larger blocksGeneralize to any size larger blocks
Matrix must be invertibleMatrix must be invertible
5555
Hill ndash Important ObservationHill ndash Important ObservationF r i d a y
a b c d e f g h I j k l m n o p q r s t u v w
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22
x y z
23 24 25
55
Course Outline (Continued)Course Outline (Continued)III Network securityIP securityWeb security (SSL secure electronic transactions) FirewallsVPNsWireless security
66
Course Outline (Continued)Course Outline (Continued)IV Other IssuesVirusesTrojan HorsesNetwork attacksSecuring networks
77
Teaching materialsTeaching materialsReference BooksNetwork Security (A Hackerrsquos Perspective) by Ankit Fadia by Premier PressCryptography Principles and Practices by William StallingsCryptography by SchniderCKaufman RPerlamn MSpecinerndashldquoNetwork security Private communication in a public worldrdquoHandouts
88
Why do we need CryptographyWhy do we need Cryptography
Computers are used by millions of people for many purposes1048713Banking1048713Shopping1048713Tax returns1048713Protesting1048713Military1048713Student records1048713hellip1048713Privacy is a crucial issue in many of these applications1048713Security is to make sure that nosy people cannot read or secretly modify messages intended for other recipients
99
The Good Old DaysThe Good Old Days
The world before computers was in some ways much simpler1048713Signing legalizing a paper would authenticate it1048713Photocopying easily detected1048713Erasing inserting modifying words on a paper document easily detectable1048713Secure transmission of a document seal it and use a reasonable mail carrier (hoping the mail train does not get robbed)1048713One can recognize each otherrsquos face voice hand signature etc
1010
The Electronic AgeThe Electronic Age
The ability to copy and alter information has changed dramatically1048713No difference between an ldquooriginalrdquo file and copies of it1048713Removing a word from a file or inserting others is undetectable1048713Adding a signature to the end of a fileemail one can impersonate it ndashadd it to other files as well modify it etc1048713Electronic traffic can be (and is) monitored altered often without noticing1048713How to authenticate the person electronically communicating with you
1111
Possible adversariesPossible adversariesStudent to have fun snooping on other peoplersquos emailCracker to test out someonersquos security system to steal dataBusinessman to discover a competitorrsquos strategic marketing planEx-employee to get revenge for being firedAccountant to embezzle money from a companyStockbroker to deny a promise made to a customer by emailConvict to steal credit card numbers for saleSpy to learn an enemyrsquos military or industrial secretsTerrorist to steal germ warfare secrets
1212
Important PointsImportant PointsMaking a network or a communication secure involves more than just keeping it free of programming errors
It involves outsmarting often intelligent dedicated and often well-funded adversaries
1313
Security issues some practical Security issues some practical situationssituations
A sends a file to B E intercepts it and reads itHow to send a file that looks gibberish to all but the intended receiver
A send a file to B E intercepts it modifies it and then forwards it to BHow to make sure that the document has been received in exactly the form it has been sent
E sends a file to B pretending it is from AHow to make sure your communication partner is really who (s)he claims to be
1414
Security issues some practical Security issues some practical situationssituations
A sends a message to B E is able to delay the message for a whileHow to detect old messages
A sends a message to B Later A (or B) denies having sent (received) the messageHow to deal with electronic contracts
1515
Classes of Network Security Classes of Network Security ProblemsProblems
Secrecy (or confidentiality)1048713Keep the information out of the hands of unauthorized users even if it has to travel over insecure linksAuthentication1048713Determine whom you are talking to before revealing sensitive informationNon-repudiation (or signatures)1048713Sender cannot deny the transmissionData integrity (or message authentication)1048713Make sure that the message received was exactly the message you sent (not necessarily interested here in the confidentiality of the document)
1616
Basic situation in cryptographyBasic situation in cryptography
1717
Basic situation in cryptographyBasic situation in cryptography
A(lice) sends a message (or file) to B(ob) through an open channel (say Internet) where E(vil nemy) tries to read or change the messageA will encrypt the plaintext using a key transforming it into a ldquounreadablerdquo cryptotextThis operation must be computationally easyB also has a key (say the same key) and decrypts the cryptotext to get the plaintext This operation must be computationally easyE tries to cryptanalyze deduce the plaintext (and the key) knowing only the cryptotext This operation should be computationally difficultWe will use cryptography to cover both the design of secure systems and their cryptanalysisndash cryptology is also used sometimes
1818
Cryptography-Some type of Cryptography-Some type of SystemsSystems
Depending on the type of operations in the encryptiondecryptionSubstitutions (replacements) or transpositions (rearrangement) Number of keys usedSymmetric unsymmetric systemsThe way the plaintext is processedBlock or stream approach
1919
Cryptanalysis (Some types of Cryptanalysis (Some types of attacks)attacks)
1048713Fundamental rule one must always assume that the attacker knows the methods for encryption and decryption he is only looking for the keys
bull Difficult to keep the cryptography algorithm secret (too many people involved)bull Bonus of advertising (People try to break it for you)
Passive attack the attacker only monitors the traffic attacking the confidentiality of the data
Active attack the adversary attempts to alter the transmission attacking data integrity confidentiality and authentication
Brute-force attack try every possible key on the ciphertext until an intelligible translation into a plaintext is obtained
2020
Brute forcingBrute forcing
2121
Attacks on protocolsAttacks on protocols
Known-key attack obtain some previous keys and use the information to get the new onesReplay the adversary records a communication session and replays the entire session or portions of it at a later timeImpersonation adversary assume the identity of a legitimate userDictionary the attacker has a list of probable passwords hashes them and compares with the entries in the list of true encrypted passwords hoping to get a match
2222
How secure is secureHow secure is secure
Evaluating the security of a system is a crucial and most difficult taskUnconditionally secure system
bullIf the ciphertext does not contain enough information to determine uniquely the corresponding ciphertext any plaintext may be mapped into that ciphertext with a suitable keybullConsequently the attacker cannot find the plaintext regardless of how much time and computational power he has because the information is not there
Bad news only one known system has this property one-time pad
2323
How secure is secureHow secure is secureProvable security
bull1048713Prove that breaking the system is equivalent with solving a supposedly difficult (math) problem (eg from Number Theory)
Computationally securebull1048713The (perceived) cost of breaking the system exceeds the value of the encrypted informationbullThe (perceived) time required to break the system exceeds the useful lifetime of the information
2424
Aims and objectives of the courseAims and objectives of the course
To increase awareness among computer professionals on ldquo Computer amp Network SecurityrdquoTo study the interesting science of cryptographyTo keep the contents lively by the right mix of mathematics algorithm design and protocol analysisTo award an A+ to ldquodeservingrdquo candidates To dive into the turbulent waters of computer crime and fight the ldquosharksrdquo (hackers)
2525
ICRYPTOGRAPHY
2626
I1 Secret Key cryptographyI1 Secret Key cryptography
I1 Secret-key cryptographyAlso called symmetric or conventional cryptographyFive ingredients
1048713Plaintext1048713Encryption algorithm runs on the plaintext and the encryption key to yield the ciphertext1048713Secret key an input to the encryption algorithm value independent of the plaintext different keys will yield different outputs1048713Ciphertext the scrambled text produced as an output by the encryption algorithm1048713Decryption algorithm runs on the ciphertext and the key to produce the plaintext
2727
Secret Key cryptography Secret Key cryptography (Contd)(Contd)
bull Requirements for secure conventional encryption1048713Strong encryption algorithm
bull An opponent who knows one or more ciphertexts would not be able to find the plaintexts or the key
bull Ideally even if he knows one or more pairs plaintext-ciphertext he would not be able to find the key
bull Sender and receiver must share the same key Once the key is compromised all communications using that key are readable
bull Encryption algorithm is not a secret
2828
Cryptography notationsCryptography notations
C=EK(P) denotes that C is the encryption of the plaintext P using the key K
P=DK(C) denotes that P is the decryption of the ciphertext C using the key K
2929
CAESER CipherCAESER Cipher1048713It is a typical substitution cipher and the oldest known ndashattributed to Julius Caesar1048713Simple rule replace each letter of the alphabet with the letterstanding 3 places further down the alphabet1048713Example
MEET ME AFTER THE TOGA PARTYPHHW PH DIWHU WKH WRJD SDUWBHere the key is 3 ndashchoose another key to get a different substitution1048713The alphabet is wrapped around so that after Z follows A
a b c d e f g h i j k l m n o p q r s t u v w x y zD E F G H I J K L M N O P Q R S T U V W X Y Z A B C
3030
CAESER CipherCAESER CipherMathematically give each letter a numbera b c d e f g h i j k l m n o p q r s t u v w x y z0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25
The key is a number from 0 to 25Caesar cipher can now be given asE(p) = (p + k) mod (26)D(C) = (C ndashk) mod (26)
3131
Attacking CAESER CipherAttacking CAESER Cipher
Substitute a value of key k from 0 to 25 and stop when english message is obtainedExercise attack the ciphertext
PHHW PH DIWHU WKH WRJD SDUWB
3232
Attack resultsAttack results
CAESER too easy to attack
Why
3333
Attack resultsAttack results
Adapted from Cryptography and network security Adapted from Cryptography and network security by William Stallingsby William Stallings
3434
Modification to CaeserModification to Caeser1048713
Ideainstead of shifting the letters with a fixed amount how about allowing any permutation of the alphabet
Plain a b c d e f g h I j k l m n o p q r s t u v w x y zCipher D K V Q F I B J W P E S C X H T M Y A U O L R G Z N
Plaintext if we wish to replace lettersCiphertext WI RF RWAJ UH YFTSDVF SFUUFYA1048713This is called monoalphabetic susbstitution cipherndasha single alphabet is usedThe increase in the number of keys is dramatic 26 ie more than 4x1026 possible keysCompare DES only has an order of 1016possible keys
Adapted from Cryptography and network security by William StallingsAdapted from Cryptography and network security by William Stallings
3535
3636
3737
3838
3939
4040
4141
4242
4343
4444
4545
4646
4747
4848
4949
5050
Hill CipherHill Cipher
5151
Hill CipherHill Cipher
Takes two or three or more letter Takes two or three or more letter combinations to the same size combinations to the same size combinations eg ldquotherdquo combinations eg ldquotherdquo ldquorqvrdquo ldquorqvrdquo
Uses simple linear equationsUses simple linear equations An example of a ldquoblockrdquo cipher An example of a ldquoblockrdquo cipher
encrypting a block of text at a timeencrypting a block of text at a time Numbered alphabet a = 0 b = 1 c = Numbered alphabet a = 0 b = 1 c =
3 etc3 etc(in CAP use ASCII code)(in CAP use ASCII code)
5252
ExampleExample
C1 = 9p1 + 18p2 + 10p3 (mod 26)
C2 = 16p1 + 21p2 + 1p3 (mod 26)
C3 = 5p1 + 12p2 + 23p3 (mod 26)
C1 9 18 10 p1
C2 = 16 21 1 p2 (mod 26)
C3 5 12 23 p3
5353
18 9 18 10 14
21 = 16 21 1 8 (mod 26)
9 5 12 23 19
I canrsquot do it
8 2 0 13 19 3 14 8 19
4 9 18 10 8
14 = 16 21 1 2 (mod 26)
12 5 12 23 0
19 9 18 10 13
12 = 16 21 1 19 (mod 26)
14 5 12 23 3
EOM TMY SVJ
5454
Hill ndash key is matrixHill ndash key is matrix
k11 k12 k13k11 k12 k13
k21 k22 k23k21 k22 k23
k31 k32 k33k31 k32 k33
Generalize to any size larger blocksGeneralize to any size larger blocks
Matrix must be invertibleMatrix must be invertible
5555
Hill ndash Important ObservationHill ndash Important ObservationF r i d a y
a b c d e f g h I j k l m n o p q r s t u v w
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22
x y z
23 24 25
66
Course Outline (Continued)Course Outline (Continued)IV Other IssuesVirusesTrojan HorsesNetwork attacksSecuring networks
77
Teaching materialsTeaching materialsReference BooksNetwork Security (A Hackerrsquos Perspective) by Ankit Fadia by Premier PressCryptography Principles and Practices by William StallingsCryptography by SchniderCKaufman RPerlamn MSpecinerndashldquoNetwork security Private communication in a public worldrdquoHandouts
88
Why do we need CryptographyWhy do we need Cryptography
Computers are used by millions of people for many purposes1048713Banking1048713Shopping1048713Tax returns1048713Protesting1048713Military1048713Student records1048713hellip1048713Privacy is a crucial issue in many of these applications1048713Security is to make sure that nosy people cannot read or secretly modify messages intended for other recipients
99
The Good Old DaysThe Good Old Days
The world before computers was in some ways much simpler1048713Signing legalizing a paper would authenticate it1048713Photocopying easily detected1048713Erasing inserting modifying words on a paper document easily detectable1048713Secure transmission of a document seal it and use a reasonable mail carrier (hoping the mail train does not get robbed)1048713One can recognize each otherrsquos face voice hand signature etc
1010
The Electronic AgeThe Electronic Age
The ability to copy and alter information has changed dramatically1048713No difference between an ldquooriginalrdquo file and copies of it1048713Removing a word from a file or inserting others is undetectable1048713Adding a signature to the end of a fileemail one can impersonate it ndashadd it to other files as well modify it etc1048713Electronic traffic can be (and is) monitored altered often without noticing1048713How to authenticate the person electronically communicating with you
1111
Possible adversariesPossible adversariesStudent to have fun snooping on other peoplersquos emailCracker to test out someonersquos security system to steal dataBusinessman to discover a competitorrsquos strategic marketing planEx-employee to get revenge for being firedAccountant to embezzle money from a companyStockbroker to deny a promise made to a customer by emailConvict to steal credit card numbers for saleSpy to learn an enemyrsquos military or industrial secretsTerrorist to steal germ warfare secrets
1212
Important PointsImportant PointsMaking a network or a communication secure involves more than just keeping it free of programming errors
It involves outsmarting often intelligent dedicated and often well-funded adversaries
1313
Security issues some practical Security issues some practical situationssituations
A sends a file to B E intercepts it and reads itHow to send a file that looks gibberish to all but the intended receiver
A send a file to B E intercepts it modifies it and then forwards it to BHow to make sure that the document has been received in exactly the form it has been sent
E sends a file to B pretending it is from AHow to make sure your communication partner is really who (s)he claims to be
1414
Security issues some practical Security issues some practical situationssituations
A sends a message to B E is able to delay the message for a whileHow to detect old messages
A sends a message to B Later A (or B) denies having sent (received) the messageHow to deal with electronic contracts
1515
Classes of Network Security Classes of Network Security ProblemsProblems
Secrecy (or confidentiality)1048713Keep the information out of the hands of unauthorized users even if it has to travel over insecure linksAuthentication1048713Determine whom you are talking to before revealing sensitive informationNon-repudiation (or signatures)1048713Sender cannot deny the transmissionData integrity (or message authentication)1048713Make sure that the message received was exactly the message you sent (not necessarily interested here in the confidentiality of the document)
1616
Basic situation in cryptographyBasic situation in cryptography
1717
Basic situation in cryptographyBasic situation in cryptography
A(lice) sends a message (or file) to B(ob) through an open channel (say Internet) where E(vil nemy) tries to read or change the messageA will encrypt the plaintext using a key transforming it into a ldquounreadablerdquo cryptotextThis operation must be computationally easyB also has a key (say the same key) and decrypts the cryptotext to get the plaintext This operation must be computationally easyE tries to cryptanalyze deduce the plaintext (and the key) knowing only the cryptotext This operation should be computationally difficultWe will use cryptography to cover both the design of secure systems and their cryptanalysisndash cryptology is also used sometimes
1818
Cryptography-Some type of Cryptography-Some type of SystemsSystems
Depending on the type of operations in the encryptiondecryptionSubstitutions (replacements) or transpositions (rearrangement) Number of keys usedSymmetric unsymmetric systemsThe way the plaintext is processedBlock or stream approach
1919
Cryptanalysis (Some types of Cryptanalysis (Some types of attacks)attacks)
1048713Fundamental rule one must always assume that the attacker knows the methods for encryption and decryption he is only looking for the keys
bull Difficult to keep the cryptography algorithm secret (too many people involved)bull Bonus of advertising (People try to break it for you)
Passive attack the attacker only monitors the traffic attacking the confidentiality of the data
Active attack the adversary attempts to alter the transmission attacking data integrity confidentiality and authentication
Brute-force attack try every possible key on the ciphertext until an intelligible translation into a plaintext is obtained
2020
Brute forcingBrute forcing
2121
Attacks on protocolsAttacks on protocols
Known-key attack obtain some previous keys and use the information to get the new onesReplay the adversary records a communication session and replays the entire session or portions of it at a later timeImpersonation adversary assume the identity of a legitimate userDictionary the attacker has a list of probable passwords hashes them and compares with the entries in the list of true encrypted passwords hoping to get a match
2222
How secure is secureHow secure is secure
Evaluating the security of a system is a crucial and most difficult taskUnconditionally secure system
bullIf the ciphertext does not contain enough information to determine uniquely the corresponding ciphertext any plaintext may be mapped into that ciphertext with a suitable keybullConsequently the attacker cannot find the plaintext regardless of how much time and computational power he has because the information is not there
Bad news only one known system has this property one-time pad
2323
How secure is secureHow secure is secureProvable security
bull1048713Prove that breaking the system is equivalent with solving a supposedly difficult (math) problem (eg from Number Theory)
Computationally securebull1048713The (perceived) cost of breaking the system exceeds the value of the encrypted informationbullThe (perceived) time required to break the system exceeds the useful lifetime of the information
2424
Aims and objectives of the courseAims and objectives of the course
To increase awareness among computer professionals on ldquo Computer amp Network SecurityrdquoTo study the interesting science of cryptographyTo keep the contents lively by the right mix of mathematics algorithm design and protocol analysisTo award an A+ to ldquodeservingrdquo candidates To dive into the turbulent waters of computer crime and fight the ldquosharksrdquo (hackers)
2525
ICRYPTOGRAPHY
2626
I1 Secret Key cryptographyI1 Secret Key cryptography
I1 Secret-key cryptographyAlso called symmetric or conventional cryptographyFive ingredients
1048713Plaintext1048713Encryption algorithm runs on the plaintext and the encryption key to yield the ciphertext1048713Secret key an input to the encryption algorithm value independent of the plaintext different keys will yield different outputs1048713Ciphertext the scrambled text produced as an output by the encryption algorithm1048713Decryption algorithm runs on the ciphertext and the key to produce the plaintext
2727
Secret Key cryptography Secret Key cryptography (Contd)(Contd)
bull Requirements for secure conventional encryption1048713Strong encryption algorithm
bull An opponent who knows one or more ciphertexts would not be able to find the plaintexts or the key
bull Ideally even if he knows one or more pairs plaintext-ciphertext he would not be able to find the key
bull Sender and receiver must share the same key Once the key is compromised all communications using that key are readable
bull Encryption algorithm is not a secret
2828
Cryptography notationsCryptography notations
C=EK(P) denotes that C is the encryption of the plaintext P using the key K
P=DK(C) denotes that P is the decryption of the ciphertext C using the key K
2929
CAESER CipherCAESER Cipher1048713It is a typical substitution cipher and the oldest known ndashattributed to Julius Caesar1048713Simple rule replace each letter of the alphabet with the letterstanding 3 places further down the alphabet1048713Example
MEET ME AFTER THE TOGA PARTYPHHW PH DIWHU WKH WRJD SDUWBHere the key is 3 ndashchoose another key to get a different substitution1048713The alphabet is wrapped around so that after Z follows A
a b c d e f g h i j k l m n o p q r s t u v w x y zD E F G H I J K L M N O P Q R S T U V W X Y Z A B C
3030
CAESER CipherCAESER CipherMathematically give each letter a numbera b c d e f g h i j k l m n o p q r s t u v w x y z0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25
The key is a number from 0 to 25Caesar cipher can now be given asE(p) = (p + k) mod (26)D(C) = (C ndashk) mod (26)
3131
Attacking CAESER CipherAttacking CAESER Cipher
Substitute a value of key k from 0 to 25 and stop when english message is obtainedExercise attack the ciphertext
PHHW PH DIWHU WKH WRJD SDUWB
3232
Attack resultsAttack results
CAESER too easy to attack
Why
3333
Attack resultsAttack results
Adapted from Cryptography and network security Adapted from Cryptography and network security by William Stallingsby William Stallings
3434
Modification to CaeserModification to Caeser1048713
Ideainstead of shifting the letters with a fixed amount how about allowing any permutation of the alphabet
Plain a b c d e f g h I j k l m n o p q r s t u v w x y zCipher D K V Q F I B J W P E S C X H T M Y A U O L R G Z N
Plaintext if we wish to replace lettersCiphertext WI RF RWAJ UH YFTSDVF SFUUFYA1048713This is called monoalphabetic susbstitution cipherndasha single alphabet is usedThe increase in the number of keys is dramatic 26 ie more than 4x1026 possible keysCompare DES only has an order of 1016possible keys
Adapted from Cryptography and network security by William StallingsAdapted from Cryptography and network security by William Stallings
3535
3636
3737
3838
3939
4040
4141
4242
4343
4444
4545
4646
4747
4848
4949
5050
Hill CipherHill Cipher
5151
Hill CipherHill Cipher
Takes two or three or more letter Takes two or three or more letter combinations to the same size combinations to the same size combinations eg ldquotherdquo combinations eg ldquotherdquo ldquorqvrdquo ldquorqvrdquo
Uses simple linear equationsUses simple linear equations An example of a ldquoblockrdquo cipher An example of a ldquoblockrdquo cipher
encrypting a block of text at a timeencrypting a block of text at a time Numbered alphabet a = 0 b = 1 c = Numbered alphabet a = 0 b = 1 c =
3 etc3 etc(in CAP use ASCII code)(in CAP use ASCII code)
5252
ExampleExample
C1 = 9p1 + 18p2 + 10p3 (mod 26)
C2 = 16p1 + 21p2 + 1p3 (mod 26)
C3 = 5p1 + 12p2 + 23p3 (mod 26)
C1 9 18 10 p1
C2 = 16 21 1 p2 (mod 26)
C3 5 12 23 p3
5353
18 9 18 10 14
21 = 16 21 1 8 (mod 26)
9 5 12 23 19
I canrsquot do it
8 2 0 13 19 3 14 8 19
4 9 18 10 8
14 = 16 21 1 2 (mod 26)
12 5 12 23 0
19 9 18 10 13
12 = 16 21 1 19 (mod 26)
14 5 12 23 3
EOM TMY SVJ
5454
Hill ndash key is matrixHill ndash key is matrix
k11 k12 k13k11 k12 k13
k21 k22 k23k21 k22 k23
k31 k32 k33k31 k32 k33
Generalize to any size larger blocksGeneralize to any size larger blocks
Matrix must be invertibleMatrix must be invertible
5555
Hill ndash Important ObservationHill ndash Important ObservationF r i d a y
a b c d e f g h I j k l m n o p q r s t u v w
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22
x y z
23 24 25
77
Teaching materialsTeaching materialsReference BooksNetwork Security (A Hackerrsquos Perspective) by Ankit Fadia by Premier PressCryptography Principles and Practices by William StallingsCryptography by SchniderCKaufman RPerlamn MSpecinerndashldquoNetwork security Private communication in a public worldrdquoHandouts
88
Why do we need CryptographyWhy do we need Cryptography
Computers are used by millions of people for many purposes1048713Banking1048713Shopping1048713Tax returns1048713Protesting1048713Military1048713Student records1048713hellip1048713Privacy is a crucial issue in many of these applications1048713Security is to make sure that nosy people cannot read or secretly modify messages intended for other recipients
99
The Good Old DaysThe Good Old Days
The world before computers was in some ways much simpler1048713Signing legalizing a paper would authenticate it1048713Photocopying easily detected1048713Erasing inserting modifying words on a paper document easily detectable1048713Secure transmission of a document seal it and use a reasonable mail carrier (hoping the mail train does not get robbed)1048713One can recognize each otherrsquos face voice hand signature etc
1010
The Electronic AgeThe Electronic Age
The ability to copy and alter information has changed dramatically1048713No difference between an ldquooriginalrdquo file and copies of it1048713Removing a word from a file or inserting others is undetectable1048713Adding a signature to the end of a fileemail one can impersonate it ndashadd it to other files as well modify it etc1048713Electronic traffic can be (and is) monitored altered often without noticing1048713How to authenticate the person electronically communicating with you
1111
Possible adversariesPossible adversariesStudent to have fun snooping on other peoplersquos emailCracker to test out someonersquos security system to steal dataBusinessman to discover a competitorrsquos strategic marketing planEx-employee to get revenge for being firedAccountant to embezzle money from a companyStockbroker to deny a promise made to a customer by emailConvict to steal credit card numbers for saleSpy to learn an enemyrsquos military or industrial secretsTerrorist to steal germ warfare secrets
1212
Important PointsImportant PointsMaking a network or a communication secure involves more than just keeping it free of programming errors
It involves outsmarting often intelligent dedicated and often well-funded adversaries
1313
Security issues some practical Security issues some practical situationssituations
A sends a file to B E intercepts it and reads itHow to send a file that looks gibberish to all but the intended receiver
A send a file to B E intercepts it modifies it and then forwards it to BHow to make sure that the document has been received in exactly the form it has been sent
E sends a file to B pretending it is from AHow to make sure your communication partner is really who (s)he claims to be
1414
Security issues some practical Security issues some practical situationssituations
A sends a message to B E is able to delay the message for a whileHow to detect old messages
A sends a message to B Later A (or B) denies having sent (received) the messageHow to deal with electronic contracts
1515
Classes of Network Security Classes of Network Security ProblemsProblems
Secrecy (or confidentiality)1048713Keep the information out of the hands of unauthorized users even if it has to travel over insecure linksAuthentication1048713Determine whom you are talking to before revealing sensitive informationNon-repudiation (or signatures)1048713Sender cannot deny the transmissionData integrity (or message authentication)1048713Make sure that the message received was exactly the message you sent (not necessarily interested here in the confidentiality of the document)
1616
Basic situation in cryptographyBasic situation in cryptography
1717
Basic situation in cryptographyBasic situation in cryptography
A(lice) sends a message (or file) to B(ob) through an open channel (say Internet) where E(vil nemy) tries to read or change the messageA will encrypt the plaintext using a key transforming it into a ldquounreadablerdquo cryptotextThis operation must be computationally easyB also has a key (say the same key) and decrypts the cryptotext to get the plaintext This operation must be computationally easyE tries to cryptanalyze deduce the plaintext (and the key) knowing only the cryptotext This operation should be computationally difficultWe will use cryptography to cover both the design of secure systems and their cryptanalysisndash cryptology is also used sometimes
1818
Cryptography-Some type of Cryptography-Some type of SystemsSystems
Depending on the type of operations in the encryptiondecryptionSubstitutions (replacements) or transpositions (rearrangement) Number of keys usedSymmetric unsymmetric systemsThe way the plaintext is processedBlock or stream approach
1919
Cryptanalysis (Some types of Cryptanalysis (Some types of attacks)attacks)
1048713Fundamental rule one must always assume that the attacker knows the methods for encryption and decryption he is only looking for the keys
bull Difficult to keep the cryptography algorithm secret (too many people involved)bull Bonus of advertising (People try to break it for you)
Passive attack the attacker only monitors the traffic attacking the confidentiality of the data
Active attack the adversary attempts to alter the transmission attacking data integrity confidentiality and authentication
Brute-force attack try every possible key on the ciphertext until an intelligible translation into a plaintext is obtained
2020
Brute forcingBrute forcing
2121
Attacks on protocolsAttacks on protocols
Known-key attack obtain some previous keys and use the information to get the new onesReplay the adversary records a communication session and replays the entire session or portions of it at a later timeImpersonation adversary assume the identity of a legitimate userDictionary the attacker has a list of probable passwords hashes them and compares with the entries in the list of true encrypted passwords hoping to get a match
2222
How secure is secureHow secure is secure
Evaluating the security of a system is a crucial and most difficult taskUnconditionally secure system
bullIf the ciphertext does not contain enough information to determine uniquely the corresponding ciphertext any plaintext may be mapped into that ciphertext with a suitable keybullConsequently the attacker cannot find the plaintext regardless of how much time and computational power he has because the information is not there
Bad news only one known system has this property one-time pad
2323
How secure is secureHow secure is secureProvable security
bull1048713Prove that breaking the system is equivalent with solving a supposedly difficult (math) problem (eg from Number Theory)
Computationally securebull1048713The (perceived) cost of breaking the system exceeds the value of the encrypted informationbullThe (perceived) time required to break the system exceeds the useful lifetime of the information
2424
Aims and objectives of the courseAims and objectives of the course
To increase awareness among computer professionals on ldquo Computer amp Network SecurityrdquoTo study the interesting science of cryptographyTo keep the contents lively by the right mix of mathematics algorithm design and protocol analysisTo award an A+ to ldquodeservingrdquo candidates To dive into the turbulent waters of computer crime and fight the ldquosharksrdquo (hackers)
2525
ICRYPTOGRAPHY
2626
I1 Secret Key cryptographyI1 Secret Key cryptography
I1 Secret-key cryptographyAlso called symmetric or conventional cryptographyFive ingredients
1048713Plaintext1048713Encryption algorithm runs on the plaintext and the encryption key to yield the ciphertext1048713Secret key an input to the encryption algorithm value independent of the plaintext different keys will yield different outputs1048713Ciphertext the scrambled text produced as an output by the encryption algorithm1048713Decryption algorithm runs on the ciphertext and the key to produce the plaintext
2727
Secret Key cryptography Secret Key cryptography (Contd)(Contd)
bull Requirements for secure conventional encryption1048713Strong encryption algorithm
bull An opponent who knows one or more ciphertexts would not be able to find the plaintexts or the key
bull Ideally even if he knows one or more pairs plaintext-ciphertext he would not be able to find the key
bull Sender and receiver must share the same key Once the key is compromised all communications using that key are readable
bull Encryption algorithm is not a secret
2828
Cryptography notationsCryptography notations
C=EK(P) denotes that C is the encryption of the plaintext P using the key K
P=DK(C) denotes that P is the decryption of the ciphertext C using the key K
2929
CAESER CipherCAESER Cipher1048713It is a typical substitution cipher and the oldest known ndashattributed to Julius Caesar1048713Simple rule replace each letter of the alphabet with the letterstanding 3 places further down the alphabet1048713Example
MEET ME AFTER THE TOGA PARTYPHHW PH DIWHU WKH WRJD SDUWBHere the key is 3 ndashchoose another key to get a different substitution1048713The alphabet is wrapped around so that after Z follows A
a b c d e f g h i j k l m n o p q r s t u v w x y zD E F G H I J K L M N O P Q R S T U V W X Y Z A B C
3030
CAESER CipherCAESER CipherMathematically give each letter a numbera b c d e f g h i j k l m n o p q r s t u v w x y z0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25
The key is a number from 0 to 25Caesar cipher can now be given asE(p) = (p + k) mod (26)D(C) = (C ndashk) mod (26)
3131
Attacking CAESER CipherAttacking CAESER Cipher
Substitute a value of key k from 0 to 25 and stop when english message is obtainedExercise attack the ciphertext
PHHW PH DIWHU WKH WRJD SDUWB
3232
Attack resultsAttack results
CAESER too easy to attack
Why
3333
Attack resultsAttack results
Adapted from Cryptography and network security Adapted from Cryptography and network security by William Stallingsby William Stallings
3434
Modification to CaeserModification to Caeser1048713
Ideainstead of shifting the letters with a fixed amount how about allowing any permutation of the alphabet
Plain a b c d e f g h I j k l m n o p q r s t u v w x y zCipher D K V Q F I B J W P E S C X H T M Y A U O L R G Z N
Plaintext if we wish to replace lettersCiphertext WI RF RWAJ UH YFTSDVF SFUUFYA1048713This is called monoalphabetic susbstitution cipherndasha single alphabet is usedThe increase in the number of keys is dramatic 26 ie more than 4x1026 possible keysCompare DES only has an order of 1016possible keys
Adapted from Cryptography and network security by William StallingsAdapted from Cryptography and network security by William Stallings
3535
3636
3737
3838
3939
4040
4141
4242
4343
4444
4545
4646
4747
4848
4949
5050
Hill CipherHill Cipher
5151
Hill CipherHill Cipher
Takes two or three or more letter Takes two or three or more letter combinations to the same size combinations to the same size combinations eg ldquotherdquo combinations eg ldquotherdquo ldquorqvrdquo ldquorqvrdquo
Uses simple linear equationsUses simple linear equations An example of a ldquoblockrdquo cipher An example of a ldquoblockrdquo cipher
encrypting a block of text at a timeencrypting a block of text at a time Numbered alphabet a = 0 b = 1 c = Numbered alphabet a = 0 b = 1 c =
3 etc3 etc(in CAP use ASCII code)(in CAP use ASCII code)
5252
ExampleExample
C1 = 9p1 + 18p2 + 10p3 (mod 26)
C2 = 16p1 + 21p2 + 1p3 (mod 26)
C3 = 5p1 + 12p2 + 23p3 (mod 26)
C1 9 18 10 p1
C2 = 16 21 1 p2 (mod 26)
C3 5 12 23 p3
5353
18 9 18 10 14
21 = 16 21 1 8 (mod 26)
9 5 12 23 19
I canrsquot do it
8 2 0 13 19 3 14 8 19
4 9 18 10 8
14 = 16 21 1 2 (mod 26)
12 5 12 23 0
19 9 18 10 13
12 = 16 21 1 19 (mod 26)
14 5 12 23 3
EOM TMY SVJ
5454
Hill ndash key is matrixHill ndash key is matrix
k11 k12 k13k11 k12 k13
k21 k22 k23k21 k22 k23
k31 k32 k33k31 k32 k33
Generalize to any size larger blocksGeneralize to any size larger blocks
Matrix must be invertibleMatrix must be invertible
5555
Hill ndash Important ObservationHill ndash Important ObservationF r i d a y
a b c d e f g h I j k l m n o p q r s t u v w
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22
x y z
23 24 25
88
Why do we need CryptographyWhy do we need Cryptography
Computers are used by millions of people for many purposes1048713Banking1048713Shopping1048713Tax returns1048713Protesting1048713Military1048713Student records1048713hellip1048713Privacy is a crucial issue in many of these applications1048713Security is to make sure that nosy people cannot read or secretly modify messages intended for other recipients
99
The Good Old DaysThe Good Old Days
The world before computers was in some ways much simpler1048713Signing legalizing a paper would authenticate it1048713Photocopying easily detected1048713Erasing inserting modifying words on a paper document easily detectable1048713Secure transmission of a document seal it and use a reasonable mail carrier (hoping the mail train does not get robbed)1048713One can recognize each otherrsquos face voice hand signature etc
1010
The Electronic AgeThe Electronic Age
The ability to copy and alter information has changed dramatically1048713No difference between an ldquooriginalrdquo file and copies of it1048713Removing a word from a file or inserting others is undetectable1048713Adding a signature to the end of a fileemail one can impersonate it ndashadd it to other files as well modify it etc1048713Electronic traffic can be (and is) monitored altered often without noticing1048713How to authenticate the person electronically communicating with you
1111
Possible adversariesPossible adversariesStudent to have fun snooping on other peoplersquos emailCracker to test out someonersquos security system to steal dataBusinessman to discover a competitorrsquos strategic marketing planEx-employee to get revenge for being firedAccountant to embezzle money from a companyStockbroker to deny a promise made to a customer by emailConvict to steal credit card numbers for saleSpy to learn an enemyrsquos military or industrial secretsTerrorist to steal germ warfare secrets
1212
Important PointsImportant PointsMaking a network or a communication secure involves more than just keeping it free of programming errors
It involves outsmarting often intelligent dedicated and often well-funded adversaries
1313
Security issues some practical Security issues some practical situationssituations
A sends a file to B E intercepts it and reads itHow to send a file that looks gibberish to all but the intended receiver
A send a file to B E intercepts it modifies it and then forwards it to BHow to make sure that the document has been received in exactly the form it has been sent
E sends a file to B pretending it is from AHow to make sure your communication partner is really who (s)he claims to be
1414
Security issues some practical Security issues some practical situationssituations
A sends a message to B E is able to delay the message for a whileHow to detect old messages
A sends a message to B Later A (or B) denies having sent (received) the messageHow to deal with electronic contracts
1515
Classes of Network Security Classes of Network Security ProblemsProblems
Secrecy (or confidentiality)1048713Keep the information out of the hands of unauthorized users even if it has to travel over insecure linksAuthentication1048713Determine whom you are talking to before revealing sensitive informationNon-repudiation (or signatures)1048713Sender cannot deny the transmissionData integrity (or message authentication)1048713Make sure that the message received was exactly the message you sent (not necessarily interested here in the confidentiality of the document)
1616
Basic situation in cryptographyBasic situation in cryptography
1717
Basic situation in cryptographyBasic situation in cryptography
A(lice) sends a message (or file) to B(ob) through an open channel (say Internet) where E(vil nemy) tries to read or change the messageA will encrypt the plaintext using a key transforming it into a ldquounreadablerdquo cryptotextThis operation must be computationally easyB also has a key (say the same key) and decrypts the cryptotext to get the plaintext This operation must be computationally easyE tries to cryptanalyze deduce the plaintext (and the key) knowing only the cryptotext This operation should be computationally difficultWe will use cryptography to cover both the design of secure systems and their cryptanalysisndash cryptology is also used sometimes
1818
Cryptography-Some type of Cryptography-Some type of SystemsSystems
Depending on the type of operations in the encryptiondecryptionSubstitutions (replacements) or transpositions (rearrangement) Number of keys usedSymmetric unsymmetric systemsThe way the plaintext is processedBlock or stream approach
1919
Cryptanalysis (Some types of Cryptanalysis (Some types of attacks)attacks)
1048713Fundamental rule one must always assume that the attacker knows the methods for encryption and decryption he is only looking for the keys
bull Difficult to keep the cryptography algorithm secret (too many people involved)bull Bonus of advertising (People try to break it for you)
Passive attack the attacker only monitors the traffic attacking the confidentiality of the data
Active attack the adversary attempts to alter the transmission attacking data integrity confidentiality and authentication
Brute-force attack try every possible key on the ciphertext until an intelligible translation into a plaintext is obtained
2020
Brute forcingBrute forcing
2121
Attacks on protocolsAttacks on protocols
Known-key attack obtain some previous keys and use the information to get the new onesReplay the adversary records a communication session and replays the entire session or portions of it at a later timeImpersonation adversary assume the identity of a legitimate userDictionary the attacker has a list of probable passwords hashes them and compares with the entries in the list of true encrypted passwords hoping to get a match
2222
How secure is secureHow secure is secure
Evaluating the security of a system is a crucial and most difficult taskUnconditionally secure system
bullIf the ciphertext does not contain enough information to determine uniquely the corresponding ciphertext any plaintext may be mapped into that ciphertext with a suitable keybullConsequently the attacker cannot find the plaintext regardless of how much time and computational power he has because the information is not there
Bad news only one known system has this property one-time pad
2323
How secure is secureHow secure is secureProvable security
bull1048713Prove that breaking the system is equivalent with solving a supposedly difficult (math) problem (eg from Number Theory)
Computationally securebull1048713The (perceived) cost of breaking the system exceeds the value of the encrypted informationbullThe (perceived) time required to break the system exceeds the useful lifetime of the information
2424
Aims and objectives of the courseAims and objectives of the course
To increase awareness among computer professionals on ldquo Computer amp Network SecurityrdquoTo study the interesting science of cryptographyTo keep the contents lively by the right mix of mathematics algorithm design and protocol analysisTo award an A+ to ldquodeservingrdquo candidates To dive into the turbulent waters of computer crime and fight the ldquosharksrdquo (hackers)
2525
ICRYPTOGRAPHY
2626
I1 Secret Key cryptographyI1 Secret Key cryptography
I1 Secret-key cryptographyAlso called symmetric or conventional cryptographyFive ingredients
1048713Plaintext1048713Encryption algorithm runs on the plaintext and the encryption key to yield the ciphertext1048713Secret key an input to the encryption algorithm value independent of the plaintext different keys will yield different outputs1048713Ciphertext the scrambled text produced as an output by the encryption algorithm1048713Decryption algorithm runs on the ciphertext and the key to produce the plaintext
2727
Secret Key cryptography Secret Key cryptography (Contd)(Contd)
bull Requirements for secure conventional encryption1048713Strong encryption algorithm
bull An opponent who knows one or more ciphertexts would not be able to find the plaintexts or the key
bull Ideally even if he knows one or more pairs plaintext-ciphertext he would not be able to find the key
bull Sender and receiver must share the same key Once the key is compromised all communications using that key are readable
bull Encryption algorithm is not a secret
2828
Cryptography notationsCryptography notations
C=EK(P) denotes that C is the encryption of the plaintext P using the key K
P=DK(C) denotes that P is the decryption of the ciphertext C using the key K
2929
CAESER CipherCAESER Cipher1048713It is a typical substitution cipher and the oldest known ndashattributed to Julius Caesar1048713Simple rule replace each letter of the alphabet with the letterstanding 3 places further down the alphabet1048713Example
MEET ME AFTER THE TOGA PARTYPHHW PH DIWHU WKH WRJD SDUWBHere the key is 3 ndashchoose another key to get a different substitution1048713The alphabet is wrapped around so that after Z follows A
a b c d e f g h i j k l m n o p q r s t u v w x y zD E F G H I J K L M N O P Q R S T U V W X Y Z A B C
3030
CAESER CipherCAESER CipherMathematically give each letter a numbera b c d e f g h i j k l m n o p q r s t u v w x y z0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25
The key is a number from 0 to 25Caesar cipher can now be given asE(p) = (p + k) mod (26)D(C) = (C ndashk) mod (26)
3131
Attacking CAESER CipherAttacking CAESER Cipher
Substitute a value of key k from 0 to 25 and stop when english message is obtainedExercise attack the ciphertext
PHHW PH DIWHU WKH WRJD SDUWB
3232
Attack resultsAttack results
CAESER too easy to attack
Why
3333
Attack resultsAttack results
Adapted from Cryptography and network security Adapted from Cryptography and network security by William Stallingsby William Stallings
3434
Modification to CaeserModification to Caeser1048713
Ideainstead of shifting the letters with a fixed amount how about allowing any permutation of the alphabet
Plain a b c d e f g h I j k l m n o p q r s t u v w x y zCipher D K V Q F I B J W P E S C X H T M Y A U O L R G Z N
Plaintext if we wish to replace lettersCiphertext WI RF RWAJ UH YFTSDVF SFUUFYA1048713This is called monoalphabetic susbstitution cipherndasha single alphabet is usedThe increase in the number of keys is dramatic 26 ie more than 4x1026 possible keysCompare DES only has an order of 1016possible keys
Adapted from Cryptography and network security by William StallingsAdapted from Cryptography and network security by William Stallings
3535
3636
3737
3838
3939
4040
4141
4242
4343
4444
4545
4646
4747
4848
4949
5050
Hill CipherHill Cipher
5151
Hill CipherHill Cipher
Takes two or three or more letter Takes two or three or more letter combinations to the same size combinations to the same size combinations eg ldquotherdquo combinations eg ldquotherdquo ldquorqvrdquo ldquorqvrdquo
Uses simple linear equationsUses simple linear equations An example of a ldquoblockrdquo cipher An example of a ldquoblockrdquo cipher
encrypting a block of text at a timeencrypting a block of text at a time Numbered alphabet a = 0 b = 1 c = Numbered alphabet a = 0 b = 1 c =
3 etc3 etc(in CAP use ASCII code)(in CAP use ASCII code)
5252
ExampleExample
C1 = 9p1 + 18p2 + 10p3 (mod 26)
C2 = 16p1 + 21p2 + 1p3 (mod 26)
C3 = 5p1 + 12p2 + 23p3 (mod 26)
C1 9 18 10 p1
C2 = 16 21 1 p2 (mod 26)
C3 5 12 23 p3
5353
18 9 18 10 14
21 = 16 21 1 8 (mod 26)
9 5 12 23 19
I canrsquot do it
8 2 0 13 19 3 14 8 19
4 9 18 10 8
14 = 16 21 1 2 (mod 26)
12 5 12 23 0
19 9 18 10 13
12 = 16 21 1 19 (mod 26)
14 5 12 23 3
EOM TMY SVJ
5454
Hill ndash key is matrixHill ndash key is matrix
k11 k12 k13k11 k12 k13
k21 k22 k23k21 k22 k23
k31 k32 k33k31 k32 k33
Generalize to any size larger blocksGeneralize to any size larger blocks
Matrix must be invertibleMatrix must be invertible
5555
Hill ndash Important ObservationHill ndash Important ObservationF r i d a y
a b c d e f g h I j k l m n o p q r s t u v w
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22
x y z
23 24 25
99
The Good Old DaysThe Good Old Days
The world before computers was in some ways much simpler1048713Signing legalizing a paper would authenticate it1048713Photocopying easily detected1048713Erasing inserting modifying words on a paper document easily detectable1048713Secure transmission of a document seal it and use a reasonable mail carrier (hoping the mail train does not get robbed)1048713One can recognize each otherrsquos face voice hand signature etc
1010
The Electronic AgeThe Electronic Age
The ability to copy and alter information has changed dramatically1048713No difference between an ldquooriginalrdquo file and copies of it1048713Removing a word from a file or inserting others is undetectable1048713Adding a signature to the end of a fileemail one can impersonate it ndashadd it to other files as well modify it etc1048713Electronic traffic can be (and is) monitored altered often without noticing1048713How to authenticate the person electronically communicating with you
1111
Possible adversariesPossible adversariesStudent to have fun snooping on other peoplersquos emailCracker to test out someonersquos security system to steal dataBusinessman to discover a competitorrsquos strategic marketing planEx-employee to get revenge for being firedAccountant to embezzle money from a companyStockbroker to deny a promise made to a customer by emailConvict to steal credit card numbers for saleSpy to learn an enemyrsquos military or industrial secretsTerrorist to steal germ warfare secrets
1212
Important PointsImportant PointsMaking a network or a communication secure involves more than just keeping it free of programming errors
It involves outsmarting often intelligent dedicated and often well-funded adversaries
1313
Security issues some practical Security issues some practical situationssituations
A sends a file to B E intercepts it and reads itHow to send a file that looks gibberish to all but the intended receiver
A send a file to B E intercepts it modifies it and then forwards it to BHow to make sure that the document has been received in exactly the form it has been sent
E sends a file to B pretending it is from AHow to make sure your communication partner is really who (s)he claims to be
1414
Security issues some practical Security issues some practical situationssituations
A sends a message to B E is able to delay the message for a whileHow to detect old messages
A sends a message to B Later A (or B) denies having sent (received) the messageHow to deal with electronic contracts
1515
Classes of Network Security Classes of Network Security ProblemsProblems
Secrecy (or confidentiality)1048713Keep the information out of the hands of unauthorized users even if it has to travel over insecure linksAuthentication1048713Determine whom you are talking to before revealing sensitive informationNon-repudiation (or signatures)1048713Sender cannot deny the transmissionData integrity (or message authentication)1048713Make sure that the message received was exactly the message you sent (not necessarily interested here in the confidentiality of the document)
1616
Basic situation in cryptographyBasic situation in cryptography
1717
Basic situation in cryptographyBasic situation in cryptography
A(lice) sends a message (or file) to B(ob) through an open channel (say Internet) where E(vil nemy) tries to read or change the messageA will encrypt the plaintext using a key transforming it into a ldquounreadablerdquo cryptotextThis operation must be computationally easyB also has a key (say the same key) and decrypts the cryptotext to get the plaintext This operation must be computationally easyE tries to cryptanalyze deduce the plaintext (and the key) knowing only the cryptotext This operation should be computationally difficultWe will use cryptography to cover both the design of secure systems and their cryptanalysisndash cryptology is also used sometimes
1818
Cryptography-Some type of Cryptography-Some type of SystemsSystems
Depending on the type of operations in the encryptiondecryptionSubstitutions (replacements) or transpositions (rearrangement) Number of keys usedSymmetric unsymmetric systemsThe way the plaintext is processedBlock or stream approach
1919
Cryptanalysis (Some types of Cryptanalysis (Some types of attacks)attacks)
1048713Fundamental rule one must always assume that the attacker knows the methods for encryption and decryption he is only looking for the keys
bull Difficult to keep the cryptography algorithm secret (too many people involved)bull Bonus of advertising (People try to break it for you)
Passive attack the attacker only monitors the traffic attacking the confidentiality of the data
Active attack the adversary attempts to alter the transmission attacking data integrity confidentiality and authentication
Brute-force attack try every possible key on the ciphertext until an intelligible translation into a plaintext is obtained
2020
Brute forcingBrute forcing
2121
Attacks on protocolsAttacks on protocols
Known-key attack obtain some previous keys and use the information to get the new onesReplay the adversary records a communication session and replays the entire session or portions of it at a later timeImpersonation adversary assume the identity of a legitimate userDictionary the attacker has a list of probable passwords hashes them and compares with the entries in the list of true encrypted passwords hoping to get a match
2222
How secure is secureHow secure is secure
Evaluating the security of a system is a crucial and most difficult taskUnconditionally secure system
bullIf the ciphertext does not contain enough information to determine uniquely the corresponding ciphertext any plaintext may be mapped into that ciphertext with a suitable keybullConsequently the attacker cannot find the plaintext regardless of how much time and computational power he has because the information is not there
Bad news only one known system has this property one-time pad
2323
How secure is secureHow secure is secureProvable security
bull1048713Prove that breaking the system is equivalent with solving a supposedly difficult (math) problem (eg from Number Theory)
Computationally securebull1048713The (perceived) cost of breaking the system exceeds the value of the encrypted informationbullThe (perceived) time required to break the system exceeds the useful lifetime of the information
2424
Aims and objectives of the courseAims and objectives of the course
To increase awareness among computer professionals on ldquo Computer amp Network SecurityrdquoTo study the interesting science of cryptographyTo keep the contents lively by the right mix of mathematics algorithm design and protocol analysisTo award an A+ to ldquodeservingrdquo candidates To dive into the turbulent waters of computer crime and fight the ldquosharksrdquo (hackers)
2525
ICRYPTOGRAPHY
2626
I1 Secret Key cryptographyI1 Secret Key cryptography
I1 Secret-key cryptographyAlso called symmetric or conventional cryptographyFive ingredients
1048713Plaintext1048713Encryption algorithm runs on the plaintext and the encryption key to yield the ciphertext1048713Secret key an input to the encryption algorithm value independent of the plaintext different keys will yield different outputs1048713Ciphertext the scrambled text produced as an output by the encryption algorithm1048713Decryption algorithm runs on the ciphertext and the key to produce the plaintext
2727
Secret Key cryptography Secret Key cryptography (Contd)(Contd)
bull Requirements for secure conventional encryption1048713Strong encryption algorithm
bull An opponent who knows one or more ciphertexts would not be able to find the plaintexts or the key
bull Ideally even if he knows one or more pairs plaintext-ciphertext he would not be able to find the key
bull Sender and receiver must share the same key Once the key is compromised all communications using that key are readable
bull Encryption algorithm is not a secret
2828
Cryptography notationsCryptography notations
C=EK(P) denotes that C is the encryption of the plaintext P using the key K
P=DK(C) denotes that P is the decryption of the ciphertext C using the key K
2929
CAESER CipherCAESER Cipher1048713It is a typical substitution cipher and the oldest known ndashattributed to Julius Caesar1048713Simple rule replace each letter of the alphabet with the letterstanding 3 places further down the alphabet1048713Example
MEET ME AFTER THE TOGA PARTYPHHW PH DIWHU WKH WRJD SDUWBHere the key is 3 ndashchoose another key to get a different substitution1048713The alphabet is wrapped around so that after Z follows A
a b c d e f g h i j k l m n o p q r s t u v w x y zD E F G H I J K L M N O P Q R S T U V W X Y Z A B C
3030
CAESER CipherCAESER CipherMathematically give each letter a numbera b c d e f g h i j k l m n o p q r s t u v w x y z0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25
The key is a number from 0 to 25Caesar cipher can now be given asE(p) = (p + k) mod (26)D(C) = (C ndashk) mod (26)
3131
Attacking CAESER CipherAttacking CAESER Cipher
Substitute a value of key k from 0 to 25 and stop when english message is obtainedExercise attack the ciphertext
PHHW PH DIWHU WKH WRJD SDUWB
3232
Attack resultsAttack results
CAESER too easy to attack
Why
3333
Attack resultsAttack results
Adapted from Cryptography and network security Adapted from Cryptography and network security by William Stallingsby William Stallings
3434
Modification to CaeserModification to Caeser1048713
Ideainstead of shifting the letters with a fixed amount how about allowing any permutation of the alphabet
Plain a b c d e f g h I j k l m n o p q r s t u v w x y zCipher D K V Q F I B J W P E S C X H T M Y A U O L R G Z N
Plaintext if we wish to replace lettersCiphertext WI RF RWAJ UH YFTSDVF SFUUFYA1048713This is called monoalphabetic susbstitution cipherndasha single alphabet is usedThe increase in the number of keys is dramatic 26 ie more than 4x1026 possible keysCompare DES only has an order of 1016possible keys
Adapted from Cryptography and network security by William StallingsAdapted from Cryptography and network security by William Stallings
3535
3636
3737
3838
3939
4040
4141
4242
4343
4444
4545
4646
4747
4848
4949
5050
Hill CipherHill Cipher
5151
Hill CipherHill Cipher
Takes two or three or more letter Takes two or three or more letter combinations to the same size combinations to the same size combinations eg ldquotherdquo combinations eg ldquotherdquo ldquorqvrdquo ldquorqvrdquo
Uses simple linear equationsUses simple linear equations An example of a ldquoblockrdquo cipher An example of a ldquoblockrdquo cipher
encrypting a block of text at a timeencrypting a block of text at a time Numbered alphabet a = 0 b = 1 c = Numbered alphabet a = 0 b = 1 c =
3 etc3 etc(in CAP use ASCII code)(in CAP use ASCII code)
5252
ExampleExample
C1 = 9p1 + 18p2 + 10p3 (mod 26)
C2 = 16p1 + 21p2 + 1p3 (mod 26)
C3 = 5p1 + 12p2 + 23p3 (mod 26)
C1 9 18 10 p1
C2 = 16 21 1 p2 (mod 26)
C3 5 12 23 p3
5353
18 9 18 10 14
21 = 16 21 1 8 (mod 26)
9 5 12 23 19
I canrsquot do it
8 2 0 13 19 3 14 8 19
4 9 18 10 8
14 = 16 21 1 2 (mod 26)
12 5 12 23 0
19 9 18 10 13
12 = 16 21 1 19 (mod 26)
14 5 12 23 3
EOM TMY SVJ
5454
Hill ndash key is matrixHill ndash key is matrix
k11 k12 k13k11 k12 k13
k21 k22 k23k21 k22 k23
k31 k32 k33k31 k32 k33
Generalize to any size larger blocksGeneralize to any size larger blocks
Matrix must be invertibleMatrix must be invertible
5555
Hill ndash Important ObservationHill ndash Important ObservationF r i d a y
a b c d e f g h I j k l m n o p q r s t u v w
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22
x y z
23 24 25
1010
The Electronic AgeThe Electronic Age
The ability to copy and alter information has changed dramatically1048713No difference between an ldquooriginalrdquo file and copies of it1048713Removing a word from a file or inserting others is undetectable1048713Adding a signature to the end of a fileemail one can impersonate it ndashadd it to other files as well modify it etc1048713Electronic traffic can be (and is) monitored altered often without noticing1048713How to authenticate the person electronically communicating with you
1111
Possible adversariesPossible adversariesStudent to have fun snooping on other peoplersquos emailCracker to test out someonersquos security system to steal dataBusinessman to discover a competitorrsquos strategic marketing planEx-employee to get revenge for being firedAccountant to embezzle money from a companyStockbroker to deny a promise made to a customer by emailConvict to steal credit card numbers for saleSpy to learn an enemyrsquos military or industrial secretsTerrorist to steal germ warfare secrets
1212
Important PointsImportant PointsMaking a network or a communication secure involves more than just keeping it free of programming errors
It involves outsmarting often intelligent dedicated and often well-funded adversaries
1313
Security issues some practical Security issues some practical situationssituations
A sends a file to B E intercepts it and reads itHow to send a file that looks gibberish to all but the intended receiver
A send a file to B E intercepts it modifies it and then forwards it to BHow to make sure that the document has been received in exactly the form it has been sent
E sends a file to B pretending it is from AHow to make sure your communication partner is really who (s)he claims to be
1414
Security issues some practical Security issues some practical situationssituations
A sends a message to B E is able to delay the message for a whileHow to detect old messages
A sends a message to B Later A (or B) denies having sent (received) the messageHow to deal with electronic contracts
1515
Classes of Network Security Classes of Network Security ProblemsProblems
Secrecy (or confidentiality)1048713Keep the information out of the hands of unauthorized users even if it has to travel over insecure linksAuthentication1048713Determine whom you are talking to before revealing sensitive informationNon-repudiation (or signatures)1048713Sender cannot deny the transmissionData integrity (or message authentication)1048713Make sure that the message received was exactly the message you sent (not necessarily interested here in the confidentiality of the document)
1616
Basic situation in cryptographyBasic situation in cryptography
1717
Basic situation in cryptographyBasic situation in cryptography
A(lice) sends a message (or file) to B(ob) through an open channel (say Internet) where E(vil nemy) tries to read or change the messageA will encrypt the plaintext using a key transforming it into a ldquounreadablerdquo cryptotextThis operation must be computationally easyB also has a key (say the same key) and decrypts the cryptotext to get the plaintext This operation must be computationally easyE tries to cryptanalyze deduce the plaintext (and the key) knowing only the cryptotext This operation should be computationally difficultWe will use cryptography to cover both the design of secure systems and their cryptanalysisndash cryptology is also used sometimes
1818
Cryptography-Some type of Cryptography-Some type of SystemsSystems
Depending on the type of operations in the encryptiondecryptionSubstitutions (replacements) or transpositions (rearrangement) Number of keys usedSymmetric unsymmetric systemsThe way the plaintext is processedBlock or stream approach
1919
Cryptanalysis (Some types of Cryptanalysis (Some types of attacks)attacks)
1048713Fundamental rule one must always assume that the attacker knows the methods for encryption and decryption he is only looking for the keys
bull Difficult to keep the cryptography algorithm secret (too many people involved)bull Bonus of advertising (People try to break it for you)
Passive attack the attacker only monitors the traffic attacking the confidentiality of the data
Active attack the adversary attempts to alter the transmission attacking data integrity confidentiality and authentication
Brute-force attack try every possible key on the ciphertext until an intelligible translation into a plaintext is obtained
2020
Brute forcingBrute forcing
2121
Attacks on protocolsAttacks on protocols
Known-key attack obtain some previous keys and use the information to get the new onesReplay the adversary records a communication session and replays the entire session or portions of it at a later timeImpersonation adversary assume the identity of a legitimate userDictionary the attacker has a list of probable passwords hashes them and compares with the entries in the list of true encrypted passwords hoping to get a match
2222
How secure is secureHow secure is secure
Evaluating the security of a system is a crucial and most difficult taskUnconditionally secure system
bullIf the ciphertext does not contain enough information to determine uniquely the corresponding ciphertext any plaintext may be mapped into that ciphertext with a suitable keybullConsequently the attacker cannot find the plaintext regardless of how much time and computational power he has because the information is not there
Bad news only one known system has this property one-time pad
2323
How secure is secureHow secure is secureProvable security
bull1048713Prove that breaking the system is equivalent with solving a supposedly difficult (math) problem (eg from Number Theory)
Computationally securebull1048713The (perceived) cost of breaking the system exceeds the value of the encrypted informationbullThe (perceived) time required to break the system exceeds the useful lifetime of the information
2424
Aims and objectives of the courseAims and objectives of the course
To increase awareness among computer professionals on ldquo Computer amp Network SecurityrdquoTo study the interesting science of cryptographyTo keep the contents lively by the right mix of mathematics algorithm design and protocol analysisTo award an A+ to ldquodeservingrdquo candidates To dive into the turbulent waters of computer crime and fight the ldquosharksrdquo (hackers)
2525
ICRYPTOGRAPHY
2626
I1 Secret Key cryptographyI1 Secret Key cryptography
I1 Secret-key cryptographyAlso called symmetric or conventional cryptographyFive ingredients
1048713Plaintext1048713Encryption algorithm runs on the plaintext and the encryption key to yield the ciphertext1048713Secret key an input to the encryption algorithm value independent of the plaintext different keys will yield different outputs1048713Ciphertext the scrambled text produced as an output by the encryption algorithm1048713Decryption algorithm runs on the ciphertext and the key to produce the plaintext
2727
Secret Key cryptography Secret Key cryptography (Contd)(Contd)
bull Requirements for secure conventional encryption1048713Strong encryption algorithm
bull An opponent who knows one or more ciphertexts would not be able to find the plaintexts or the key
bull Ideally even if he knows one or more pairs plaintext-ciphertext he would not be able to find the key
bull Sender and receiver must share the same key Once the key is compromised all communications using that key are readable
bull Encryption algorithm is not a secret
2828
Cryptography notationsCryptography notations
C=EK(P) denotes that C is the encryption of the plaintext P using the key K
P=DK(C) denotes that P is the decryption of the ciphertext C using the key K
2929
CAESER CipherCAESER Cipher1048713It is a typical substitution cipher and the oldest known ndashattributed to Julius Caesar1048713Simple rule replace each letter of the alphabet with the letterstanding 3 places further down the alphabet1048713Example
MEET ME AFTER THE TOGA PARTYPHHW PH DIWHU WKH WRJD SDUWBHere the key is 3 ndashchoose another key to get a different substitution1048713The alphabet is wrapped around so that after Z follows A
a b c d e f g h i j k l m n o p q r s t u v w x y zD E F G H I J K L M N O P Q R S T U V W X Y Z A B C
3030
CAESER CipherCAESER CipherMathematically give each letter a numbera b c d e f g h i j k l m n o p q r s t u v w x y z0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25
The key is a number from 0 to 25Caesar cipher can now be given asE(p) = (p + k) mod (26)D(C) = (C ndashk) mod (26)
3131
Attacking CAESER CipherAttacking CAESER Cipher
Substitute a value of key k from 0 to 25 and stop when english message is obtainedExercise attack the ciphertext
PHHW PH DIWHU WKH WRJD SDUWB
3232
Attack resultsAttack results
CAESER too easy to attack
Why
3333
Attack resultsAttack results
Adapted from Cryptography and network security Adapted from Cryptography and network security by William Stallingsby William Stallings
3434
Modification to CaeserModification to Caeser1048713
Ideainstead of shifting the letters with a fixed amount how about allowing any permutation of the alphabet
Plain a b c d e f g h I j k l m n o p q r s t u v w x y zCipher D K V Q F I B J W P E S C X H T M Y A U O L R G Z N
Plaintext if we wish to replace lettersCiphertext WI RF RWAJ UH YFTSDVF SFUUFYA1048713This is called monoalphabetic susbstitution cipherndasha single alphabet is usedThe increase in the number of keys is dramatic 26 ie more than 4x1026 possible keysCompare DES only has an order of 1016possible keys
Adapted from Cryptography and network security by William StallingsAdapted from Cryptography and network security by William Stallings
3535
3636
3737
3838
3939
4040
4141
4242
4343
4444
4545
4646
4747
4848
4949
5050
Hill CipherHill Cipher
5151
Hill CipherHill Cipher
Takes two or three or more letter Takes two or three or more letter combinations to the same size combinations to the same size combinations eg ldquotherdquo combinations eg ldquotherdquo ldquorqvrdquo ldquorqvrdquo
Uses simple linear equationsUses simple linear equations An example of a ldquoblockrdquo cipher An example of a ldquoblockrdquo cipher
encrypting a block of text at a timeencrypting a block of text at a time Numbered alphabet a = 0 b = 1 c = Numbered alphabet a = 0 b = 1 c =
3 etc3 etc(in CAP use ASCII code)(in CAP use ASCII code)
5252
ExampleExample
C1 = 9p1 + 18p2 + 10p3 (mod 26)
C2 = 16p1 + 21p2 + 1p3 (mod 26)
C3 = 5p1 + 12p2 + 23p3 (mod 26)
C1 9 18 10 p1
C2 = 16 21 1 p2 (mod 26)
C3 5 12 23 p3
5353
18 9 18 10 14
21 = 16 21 1 8 (mod 26)
9 5 12 23 19
I canrsquot do it
8 2 0 13 19 3 14 8 19
4 9 18 10 8
14 = 16 21 1 2 (mod 26)
12 5 12 23 0
19 9 18 10 13
12 = 16 21 1 19 (mod 26)
14 5 12 23 3
EOM TMY SVJ
5454
Hill ndash key is matrixHill ndash key is matrix
k11 k12 k13k11 k12 k13
k21 k22 k23k21 k22 k23
k31 k32 k33k31 k32 k33
Generalize to any size larger blocksGeneralize to any size larger blocks
Matrix must be invertibleMatrix must be invertible
5555
Hill ndash Important ObservationHill ndash Important ObservationF r i d a y
a b c d e f g h I j k l m n o p q r s t u v w
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22
x y z
23 24 25
1111
Possible adversariesPossible adversariesStudent to have fun snooping on other peoplersquos emailCracker to test out someonersquos security system to steal dataBusinessman to discover a competitorrsquos strategic marketing planEx-employee to get revenge for being firedAccountant to embezzle money from a companyStockbroker to deny a promise made to a customer by emailConvict to steal credit card numbers for saleSpy to learn an enemyrsquos military or industrial secretsTerrorist to steal germ warfare secrets
1212
Important PointsImportant PointsMaking a network or a communication secure involves more than just keeping it free of programming errors
It involves outsmarting often intelligent dedicated and often well-funded adversaries
1313
Security issues some practical Security issues some practical situationssituations
A sends a file to B E intercepts it and reads itHow to send a file that looks gibberish to all but the intended receiver
A send a file to B E intercepts it modifies it and then forwards it to BHow to make sure that the document has been received in exactly the form it has been sent
E sends a file to B pretending it is from AHow to make sure your communication partner is really who (s)he claims to be
1414
Security issues some practical Security issues some practical situationssituations
A sends a message to B E is able to delay the message for a whileHow to detect old messages
A sends a message to B Later A (or B) denies having sent (received) the messageHow to deal with electronic contracts
1515
Classes of Network Security Classes of Network Security ProblemsProblems
Secrecy (or confidentiality)1048713Keep the information out of the hands of unauthorized users even if it has to travel over insecure linksAuthentication1048713Determine whom you are talking to before revealing sensitive informationNon-repudiation (or signatures)1048713Sender cannot deny the transmissionData integrity (or message authentication)1048713Make sure that the message received was exactly the message you sent (not necessarily interested here in the confidentiality of the document)
1616
Basic situation in cryptographyBasic situation in cryptography
1717
Basic situation in cryptographyBasic situation in cryptography
A(lice) sends a message (or file) to B(ob) through an open channel (say Internet) where E(vil nemy) tries to read or change the messageA will encrypt the plaintext using a key transforming it into a ldquounreadablerdquo cryptotextThis operation must be computationally easyB also has a key (say the same key) and decrypts the cryptotext to get the plaintext This operation must be computationally easyE tries to cryptanalyze deduce the plaintext (and the key) knowing only the cryptotext This operation should be computationally difficultWe will use cryptography to cover both the design of secure systems and their cryptanalysisndash cryptology is also used sometimes
1818
Cryptography-Some type of Cryptography-Some type of SystemsSystems
Depending on the type of operations in the encryptiondecryptionSubstitutions (replacements) or transpositions (rearrangement) Number of keys usedSymmetric unsymmetric systemsThe way the plaintext is processedBlock or stream approach
1919
Cryptanalysis (Some types of Cryptanalysis (Some types of attacks)attacks)
1048713Fundamental rule one must always assume that the attacker knows the methods for encryption and decryption he is only looking for the keys
bull Difficult to keep the cryptography algorithm secret (too many people involved)bull Bonus of advertising (People try to break it for you)
Passive attack the attacker only monitors the traffic attacking the confidentiality of the data
Active attack the adversary attempts to alter the transmission attacking data integrity confidentiality and authentication
Brute-force attack try every possible key on the ciphertext until an intelligible translation into a plaintext is obtained
2020
Brute forcingBrute forcing
2121
Attacks on protocolsAttacks on protocols
Known-key attack obtain some previous keys and use the information to get the new onesReplay the adversary records a communication session and replays the entire session or portions of it at a later timeImpersonation adversary assume the identity of a legitimate userDictionary the attacker has a list of probable passwords hashes them and compares with the entries in the list of true encrypted passwords hoping to get a match
2222
How secure is secureHow secure is secure
Evaluating the security of a system is a crucial and most difficult taskUnconditionally secure system
bullIf the ciphertext does not contain enough information to determine uniquely the corresponding ciphertext any plaintext may be mapped into that ciphertext with a suitable keybullConsequently the attacker cannot find the plaintext regardless of how much time and computational power he has because the information is not there
Bad news only one known system has this property one-time pad
2323
How secure is secureHow secure is secureProvable security
bull1048713Prove that breaking the system is equivalent with solving a supposedly difficult (math) problem (eg from Number Theory)
Computationally securebull1048713The (perceived) cost of breaking the system exceeds the value of the encrypted informationbullThe (perceived) time required to break the system exceeds the useful lifetime of the information
2424
Aims and objectives of the courseAims and objectives of the course
To increase awareness among computer professionals on ldquo Computer amp Network SecurityrdquoTo study the interesting science of cryptographyTo keep the contents lively by the right mix of mathematics algorithm design and protocol analysisTo award an A+ to ldquodeservingrdquo candidates To dive into the turbulent waters of computer crime and fight the ldquosharksrdquo (hackers)
2525
ICRYPTOGRAPHY
2626
I1 Secret Key cryptographyI1 Secret Key cryptography
I1 Secret-key cryptographyAlso called symmetric or conventional cryptographyFive ingredients
1048713Plaintext1048713Encryption algorithm runs on the plaintext and the encryption key to yield the ciphertext1048713Secret key an input to the encryption algorithm value independent of the plaintext different keys will yield different outputs1048713Ciphertext the scrambled text produced as an output by the encryption algorithm1048713Decryption algorithm runs on the ciphertext and the key to produce the plaintext
2727
Secret Key cryptography Secret Key cryptography (Contd)(Contd)
bull Requirements for secure conventional encryption1048713Strong encryption algorithm
bull An opponent who knows one or more ciphertexts would not be able to find the plaintexts or the key
bull Ideally even if he knows one or more pairs plaintext-ciphertext he would not be able to find the key
bull Sender and receiver must share the same key Once the key is compromised all communications using that key are readable
bull Encryption algorithm is not a secret
2828
Cryptography notationsCryptography notations
C=EK(P) denotes that C is the encryption of the plaintext P using the key K
P=DK(C) denotes that P is the decryption of the ciphertext C using the key K
2929
CAESER CipherCAESER Cipher1048713It is a typical substitution cipher and the oldest known ndashattributed to Julius Caesar1048713Simple rule replace each letter of the alphabet with the letterstanding 3 places further down the alphabet1048713Example
MEET ME AFTER THE TOGA PARTYPHHW PH DIWHU WKH WRJD SDUWBHere the key is 3 ndashchoose another key to get a different substitution1048713The alphabet is wrapped around so that after Z follows A
a b c d e f g h i j k l m n o p q r s t u v w x y zD E F G H I J K L M N O P Q R S T U V W X Y Z A B C
3030
CAESER CipherCAESER CipherMathematically give each letter a numbera b c d e f g h i j k l m n o p q r s t u v w x y z0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25
The key is a number from 0 to 25Caesar cipher can now be given asE(p) = (p + k) mod (26)D(C) = (C ndashk) mod (26)
3131
Attacking CAESER CipherAttacking CAESER Cipher
Substitute a value of key k from 0 to 25 and stop when english message is obtainedExercise attack the ciphertext
PHHW PH DIWHU WKH WRJD SDUWB
3232
Attack resultsAttack results
CAESER too easy to attack
Why
3333
Attack resultsAttack results
Adapted from Cryptography and network security Adapted from Cryptography and network security by William Stallingsby William Stallings
3434
Modification to CaeserModification to Caeser1048713
Ideainstead of shifting the letters with a fixed amount how about allowing any permutation of the alphabet
Plain a b c d e f g h I j k l m n o p q r s t u v w x y zCipher D K V Q F I B J W P E S C X H T M Y A U O L R G Z N
Plaintext if we wish to replace lettersCiphertext WI RF RWAJ UH YFTSDVF SFUUFYA1048713This is called monoalphabetic susbstitution cipherndasha single alphabet is usedThe increase in the number of keys is dramatic 26 ie more than 4x1026 possible keysCompare DES only has an order of 1016possible keys
Adapted from Cryptography and network security by William StallingsAdapted from Cryptography and network security by William Stallings
3535
3636
3737
3838
3939
4040
4141
4242
4343
4444
4545
4646
4747
4848
4949
5050
Hill CipherHill Cipher
5151
Hill CipherHill Cipher
Takes two or three or more letter Takes two or three or more letter combinations to the same size combinations to the same size combinations eg ldquotherdquo combinations eg ldquotherdquo ldquorqvrdquo ldquorqvrdquo
Uses simple linear equationsUses simple linear equations An example of a ldquoblockrdquo cipher An example of a ldquoblockrdquo cipher
encrypting a block of text at a timeencrypting a block of text at a time Numbered alphabet a = 0 b = 1 c = Numbered alphabet a = 0 b = 1 c =
3 etc3 etc(in CAP use ASCII code)(in CAP use ASCII code)
5252
ExampleExample
C1 = 9p1 + 18p2 + 10p3 (mod 26)
C2 = 16p1 + 21p2 + 1p3 (mod 26)
C3 = 5p1 + 12p2 + 23p3 (mod 26)
C1 9 18 10 p1
C2 = 16 21 1 p2 (mod 26)
C3 5 12 23 p3
5353
18 9 18 10 14
21 = 16 21 1 8 (mod 26)
9 5 12 23 19
I canrsquot do it
8 2 0 13 19 3 14 8 19
4 9 18 10 8
14 = 16 21 1 2 (mod 26)
12 5 12 23 0
19 9 18 10 13
12 = 16 21 1 19 (mod 26)
14 5 12 23 3
EOM TMY SVJ
5454
Hill ndash key is matrixHill ndash key is matrix
k11 k12 k13k11 k12 k13
k21 k22 k23k21 k22 k23
k31 k32 k33k31 k32 k33
Generalize to any size larger blocksGeneralize to any size larger blocks
Matrix must be invertibleMatrix must be invertible
5555
Hill ndash Important ObservationHill ndash Important ObservationF r i d a y
a b c d e f g h I j k l m n o p q r s t u v w
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22
x y z
23 24 25
1212
Important PointsImportant PointsMaking a network or a communication secure involves more than just keeping it free of programming errors
It involves outsmarting often intelligent dedicated and often well-funded adversaries
1313
Security issues some practical Security issues some practical situationssituations
A sends a file to B E intercepts it and reads itHow to send a file that looks gibberish to all but the intended receiver
A send a file to B E intercepts it modifies it and then forwards it to BHow to make sure that the document has been received in exactly the form it has been sent
E sends a file to B pretending it is from AHow to make sure your communication partner is really who (s)he claims to be
1414
Security issues some practical Security issues some practical situationssituations
A sends a message to B E is able to delay the message for a whileHow to detect old messages
A sends a message to B Later A (or B) denies having sent (received) the messageHow to deal with electronic contracts
1515
Classes of Network Security Classes of Network Security ProblemsProblems
Secrecy (or confidentiality)1048713Keep the information out of the hands of unauthorized users even if it has to travel over insecure linksAuthentication1048713Determine whom you are talking to before revealing sensitive informationNon-repudiation (or signatures)1048713Sender cannot deny the transmissionData integrity (or message authentication)1048713Make sure that the message received was exactly the message you sent (not necessarily interested here in the confidentiality of the document)
1616
Basic situation in cryptographyBasic situation in cryptography
1717
Basic situation in cryptographyBasic situation in cryptography
A(lice) sends a message (or file) to B(ob) through an open channel (say Internet) where E(vil nemy) tries to read or change the messageA will encrypt the plaintext using a key transforming it into a ldquounreadablerdquo cryptotextThis operation must be computationally easyB also has a key (say the same key) and decrypts the cryptotext to get the plaintext This operation must be computationally easyE tries to cryptanalyze deduce the plaintext (and the key) knowing only the cryptotext This operation should be computationally difficultWe will use cryptography to cover both the design of secure systems and their cryptanalysisndash cryptology is also used sometimes
1818
Cryptography-Some type of Cryptography-Some type of SystemsSystems
Depending on the type of operations in the encryptiondecryptionSubstitutions (replacements) or transpositions (rearrangement) Number of keys usedSymmetric unsymmetric systemsThe way the plaintext is processedBlock or stream approach
1919
Cryptanalysis (Some types of Cryptanalysis (Some types of attacks)attacks)
1048713Fundamental rule one must always assume that the attacker knows the methods for encryption and decryption he is only looking for the keys
bull Difficult to keep the cryptography algorithm secret (too many people involved)bull Bonus of advertising (People try to break it for you)
Passive attack the attacker only monitors the traffic attacking the confidentiality of the data
Active attack the adversary attempts to alter the transmission attacking data integrity confidentiality and authentication
Brute-force attack try every possible key on the ciphertext until an intelligible translation into a plaintext is obtained
2020
Brute forcingBrute forcing
2121
Attacks on protocolsAttacks on protocols
Known-key attack obtain some previous keys and use the information to get the new onesReplay the adversary records a communication session and replays the entire session or portions of it at a later timeImpersonation adversary assume the identity of a legitimate userDictionary the attacker has a list of probable passwords hashes them and compares with the entries in the list of true encrypted passwords hoping to get a match
2222
How secure is secureHow secure is secure
Evaluating the security of a system is a crucial and most difficult taskUnconditionally secure system
bullIf the ciphertext does not contain enough information to determine uniquely the corresponding ciphertext any plaintext may be mapped into that ciphertext with a suitable keybullConsequently the attacker cannot find the plaintext regardless of how much time and computational power he has because the information is not there
Bad news only one known system has this property one-time pad
2323
How secure is secureHow secure is secureProvable security
bull1048713Prove that breaking the system is equivalent with solving a supposedly difficult (math) problem (eg from Number Theory)
Computationally securebull1048713The (perceived) cost of breaking the system exceeds the value of the encrypted informationbullThe (perceived) time required to break the system exceeds the useful lifetime of the information
2424
Aims and objectives of the courseAims and objectives of the course
To increase awareness among computer professionals on ldquo Computer amp Network SecurityrdquoTo study the interesting science of cryptographyTo keep the contents lively by the right mix of mathematics algorithm design and protocol analysisTo award an A+ to ldquodeservingrdquo candidates To dive into the turbulent waters of computer crime and fight the ldquosharksrdquo (hackers)
2525
ICRYPTOGRAPHY
2626
I1 Secret Key cryptographyI1 Secret Key cryptography
I1 Secret-key cryptographyAlso called symmetric or conventional cryptographyFive ingredients
1048713Plaintext1048713Encryption algorithm runs on the plaintext and the encryption key to yield the ciphertext1048713Secret key an input to the encryption algorithm value independent of the plaintext different keys will yield different outputs1048713Ciphertext the scrambled text produced as an output by the encryption algorithm1048713Decryption algorithm runs on the ciphertext and the key to produce the plaintext
2727
Secret Key cryptography Secret Key cryptography (Contd)(Contd)
bull Requirements for secure conventional encryption1048713Strong encryption algorithm
bull An opponent who knows one or more ciphertexts would not be able to find the plaintexts or the key
bull Ideally even if he knows one or more pairs plaintext-ciphertext he would not be able to find the key
bull Sender and receiver must share the same key Once the key is compromised all communications using that key are readable
bull Encryption algorithm is not a secret
2828
Cryptography notationsCryptography notations
C=EK(P) denotes that C is the encryption of the plaintext P using the key K
P=DK(C) denotes that P is the decryption of the ciphertext C using the key K
2929
CAESER CipherCAESER Cipher1048713It is a typical substitution cipher and the oldest known ndashattributed to Julius Caesar1048713Simple rule replace each letter of the alphabet with the letterstanding 3 places further down the alphabet1048713Example
MEET ME AFTER THE TOGA PARTYPHHW PH DIWHU WKH WRJD SDUWBHere the key is 3 ndashchoose another key to get a different substitution1048713The alphabet is wrapped around so that after Z follows A
a b c d e f g h i j k l m n o p q r s t u v w x y zD E F G H I J K L M N O P Q R S T U V W X Y Z A B C
3030
CAESER CipherCAESER CipherMathematically give each letter a numbera b c d e f g h i j k l m n o p q r s t u v w x y z0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25
The key is a number from 0 to 25Caesar cipher can now be given asE(p) = (p + k) mod (26)D(C) = (C ndashk) mod (26)
3131
Attacking CAESER CipherAttacking CAESER Cipher
Substitute a value of key k from 0 to 25 and stop when english message is obtainedExercise attack the ciphertext
PHHW PH DIWHU WKH WRJD SDUWB
3232
Attack resultsAttack results
CAESER too easy to attack
Why
3333
Attack resultsAttack results
Adapted from Cryptography and network security Adapted from Cryptography and network security by William Stallingsby William Stallings
3434
Modification to CaeserModification to Caeser1048713
Ideainstead of shifting the letters with a fixed amount how about allowing any permutation of the alphabet
Plain a b c d e f g h I j k l m n o p q r s t u v w x y zCipher D K V Q F I B J W P E S C X H T M Y A U O L R G Z N
Plaintext if we wish to replace lettersCiphertext WI RF RWAJ UH YFTSDVF SFUUFYA1048713This is called monoalphabetic susbstitution cipherndasha single alphabet is usedThe increase in the number of keys is dramatic 26 ie more than 4x1026 possible keysCompare DES only has an order of 1016possible keys
Adapted from Cryptography and network security by William StallingsAdapted from Cryptography and network security by William Stallings
3535
3636
3737
3838
3939
4040
4141
4242
4343
4444
4545
4646
4747
4848
4949
5050
Hill CipherHill Cipher
5151
Hill CipherHill Cipher
Takes two or three or more letter Takes two or three or more letter combinations to the same size combinations to the same size combinations eg ldquotherdquo combinations eg ldquotherdquo ldquorqvrdquo ldquorqvrdquo
Uses simple linear equationsUses simple linear equations An example of a ldquoblockrdquo cipher An example of a ldquoblockrdquo cipher
encrypting a block of text at a timeencrypting a block of text at a time Numbered alphabet a = 0 b = 1 c = Numbered alphabet a = 0 b = 1 c =
3 etc3 etc(in CAP use ASCII code)(in CAP use ASCII code)
5252
ExampleExample
C1 = 9p1 + 18p2 + 10p3 (mod 26)
C2 = 16p1 + 21p2 + 1p3 (mod 26)
C3 = 5p1 + 12p2 + 23p3 (mod 26)
C1 9 18 10 p1
C2 = 16 21 1 p2 (mod 26)
C3 5 12 23 p3
5353
18 9 18 10 14
21 = 16 21 1 8 (mod 26)
9 5 12 23 19
I canrsquot do it
8 2 0 13 19 3 14 8 19
4 9 18 10 8
14 = 16 21 1 2 (mod 26)
12 5 12 23 0
19 9 18 10 13
12 = 16 21 1 19 (mod 26)
14 5 12 23 3
EOM TMY SVJ
5454
Hill ndash key is matrixHill ndash key is matrix
k11 k12 k13k11 k12 k13
k21 k22 k23k21 k22 k23
k31 k32 k33k31 k32 k33
Generalize to any size larger blocksGeneralize to any size larger blocks
Matrix must be invertibleMatrix must be invertible
5555
Hill ndash Important ObservationHill ndash Important ObservationF r i d a y
a b c d e f g h I j k l m n o p q r s t u v w
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22
x y z
23 24 25
1313
Security issues some practical Security issues some practical situationssituations
A sends a file to B E intercepts it and reads itHow to send a file that looks gibberish to all but the intended receiver
A send a file to B E intercepts it modifies it and then forwards it to BHow to make sure that the document has been received in exactly the form it has been sent
E sends a file to B pretending it is from AHow to make sure your communication partner is really who (s)he claims to be
1414
Security issues some practical Security issues some practical situationssituations
A sends a message to B E is able to delay the message for a whileHow to detect old messages
A sends a message to B Later A (or B) denies having sent (received) the messageHow to deal with electronic contracts
1515
Classes of Network Security Classes of Network Security ProblemsProblems
Secrecy (or confidentiality)1048713Keep the information out of the hands of unauthorized users even if it has to travel over insecure linksAuthentication1048713Determine whom you are talking to before revealing sensitive informationNon-repudiation (or signatures)1048713Sender cannot deny the transmissionData integrity (or message authentication)1048713Make sure that the message received was exactly the message you sent (not necessarily interested here in the confidentiality of the document)
1616
Basic situation in cryptographyBasic situation in cryptography
1717
Basic situation in cryptographyBasic situation in cryptography
A(lice) sends a message (or file) to B(ob) through an open channel (say Internet) where E(vil nemy) tries to read or change the messageA will encrypt the plaintext using a key transforming it into a ldquounreadablerdquo cryptotextThis operation must be computationally easyB also has a key (say the same key) and decrypts the cryptotext to get the plaintext This operation must be computationally easyE tries to cryptanalyze deduce the plaintext (and the key) knowing only the cryptotext This operation should be computationally difficultWe will use cryptography to cover both the design of secure systems and their cryptanalysisndash cryptology is also used sometimes
1818
Cryptography-Some type of Cryptography-Some type of SystemsSystems
Depending on the type of operations in the encryptiondecryptionSubstitutions (replacements) or transpositions (rearrangement) Number of keys usedSymmetric unsymmetric systemsThe way the plaintext is processedBlock or stream approach
1919
Cryptanalysis (Some types of Cryptanalysis (Some types of attacks)attacks)
1048713Fundamental rule one must always assume that the attacker knows the methods for encryption and decryption he is only looking for the keys
bull Difficult to keep the cryptography algorithm secret (too many people involved)bull Bonus of advertising (People try to break it for you)
Passive attack the attacker only monitors the traffic attacking the confidentiality of the data
Active attack the adversary attempts to alter the transmission attacking data integrity confidentiality and authentication
Brute-force attack try every possible key on the ciphertext until an intelligible translation into a plaintext is obtained
2020
Brute forcingBrute forcing
2121
Attacks on protocolsAttacks on protocols
Known-key attack obtain some previous keys and use the information to get the new onesReplay the adversary records a communication session and replays the entire session or portions of it at a later timeImpersonation adversary assume the identity of a legitimate userDictionary the attacker has a list of probable passwords hashes them and compares with the entries in the list of true encrypted passwords hoping to get a match
2222
How secure is secureHow secure is secure
Evaluating the security of a system is a crucial and most difficult taskUnconditionally secure system
bullIf the ciphertext does not contain enough information to determine uniquely the corresponding ciphertext any plaintext may be mapped into that ciphertext with a suitable keybullConsequently the attacker cannot find the plaintext regardless of how much time and computational power he has because the information is not there
Bad news only one known system has this property one-time pad
2323
How secure is secureHow secure is secureProvable security
bull1048713Prove that breaking the system is equivalent with solving a supposedly difficult (math) problem (eg from Number Theory)
Computationally securebull1048713The (perceived) cost of breaking the system exceeds the value of the encrypted informationbullThe (perceived) time required to break the system exceeds the useful lifetime of the information
2424
Aims and objectives of the courseAims and objectives of the course
To increase awareness among computer professionals on ldquo Computer amp Network SecurityrdquoTo study the interesting science of cryptographyTo keep the contents lively by the right mix of mathematics algorithm design and protocol analysisTo award an A+ to ldquodeservingrdquo candidates To dive into the turbulent waters of computer crime and fight the ldquosharksrdquo (hackers)
2525
ICRYPTOGRAPHY
2626
I1 Secret Key cryptographyI1 Secret Key cryptography
I1 Secret-key cryptographyAlso called symmetric or conventional cryptographyFive ingredients
1048713Plaintext1048713Encryption algorithm runs on the plaintext and the encryption key to yield the ciphertext1048713Secret key an input to the encryption algorithm value independent of the plaintext different keys will yield different outputs1048713Ciphertext the scrambled text produced as an output by the encryption algorithm1048713Decryption algorithm runs on the ciphertext and the key to produce the plaintext
2727
Secret Key cryptography Secret Key cryptography (Contd)(Contd)
bull Requirements for secure conventional encryption1048713Strong encryption algorithm
bull An opponent who knows one or more ciphertexts would not be able to find the plaintexts or the key
bull Ideally even if he knows one or more pairs plaintext-ciphertext he would not be able to find the key
bull Sender and receiver must share the same key Once the key is compromised all communications using that key are readable
bull Encryption algorithm is not a secret
2828
Cryptography notationsCryptography notations
C=EK(P) denotes that C is the encryption of the plaintext P using the key K
P=DK(C) denotes that P is the decryption of the ciphertext C using the key K
2929
CAESER CipherCAESER Cipher1048713It is a typical substitution cipher and the oldest known ndashattributed to Julius Caesar1048713Simple rule replace each letter of the alphabet with the letterstanding 3 places further down the alphabet1048713Example
MEET ME AFTER THE TOGA PARTYPHHW PH DIWHU WKH WRJD SDUWBHere the key is 3 ndashchoose another key to get a different substitution1048713The alphabet is wrapped around so that after Z follows A
a b c d e f g h i j k l m n o p q r s t u v w x y zD E F G H I J K L M N O P Q R S T U V W X Y Z A B C
3030
CAESER CipherCAESER CipherMathematically give each letter a numbera b c d e f g h i j k l m n o p q r s t u v w x y z0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25
The key is a number from 0 to 25Caesar cipher can now be given asE(p) = (p + k) mod (26)D(C) = (C ndashk) mod (26)
3131
Attacking CAESER CipherAttacking CAESER Cipher
Substitute a value of key k from 0 to 25 and stop when english message is obtainedExercise attack the ciphertext
PHHW PH DIWHU WKH WRJD SDUWB
3232
Attack resultsAttack results
CAESER too easy to attack
Why
3333
Attack resultsAttack results
Adapted from Cryptography and network security Adapted from Cryptography and network security by William Stallingsby William Stallings
3434
Modification to CaeserModification to Caeser1048713
Ideainstead of shifting the letters with a fixed amount how about allowing any permutation of the alphabet
Plain a b c d e f g h I j k l m n o p q r s t u v w x y zCipher D K V Q F I B J W P E S C X H T M Y A U O L R G Z N
Plaintext if we wish to replace lettersCiphertext WI RF RWAJ UH YFTSDVF SFUUFYA1048713This is called monoalphabetic susbstitution cipherndasha single alphabet is usedThe increase in the number of keys is dramatic 26 ie more than 4x1026 possible keysCompare DES only has an order of 1016possible keys
Adapted from Cryptography and network security by William StallingsAdapted from Cryptography and network security by William Stallings
3535
3636
3737
3838
3939
4040
4141
4242
4343
4444
4545
4646
4747
4848
4949
5050
Hill CipherHill Cipher
5151
Hill CipherHill Cipher
Takes two or three or more letter Takes two or three or more letter combinations to the same size combinations to the same size combinations eg ldquotherdquo combinations eg ldquotherdquo ldquorqvrdquo ldquorqvrdquo
Uses simple linear equationsUses simple linear equations An example of a ldquoblockrdquo cipher An example of a ldquoblockrdquo cipher
encrypting a block of text at a timeencrypting a block of text at a time Numbered alphabet a = 0 b = 1 c = Numbered alphabet a = 0 b = 1 c =
3 etc3 etc(in CAP use ASCII code)(in CAP use ASCII code)
5252
ExampleExample
C1 = 9p1 + 18p2 + 10p3 (mod 26)
C2 = 16p1 + 21p2 + 1p3 (mod 26)
C3 = 5p1 + 12p2 + 23p3 (mod 26)
C1 9 18 10 p1
C2 = 16 21 1 p2 (mod 26)
C3 5 12 23 p3
5353
18 9 18 10 14
21 = 16 21 1 8 (mod 26)
9 5 12 23 19
I canrsquot do it
8 2 0 13 19 3 14 8 19
4 9 18 10 8
14 = 16 21 1 2 (mod 26)
12 5 12 23 0
19 9 18 10 13
12 = 16 21 1 19 (mod 26)
14 5 12 23 3
EOM TMY SVJ
5454
Hill ndash key is matrixHill ndash key is matrix
k11 k12 k13k11 k12 k13
k21 k22 k23k21 k22 k23
k31 k32 k33k31 k32 k33
Generalize to any size larger blocksGeneralize to any size larger blocks
Matrix must be invertibleMatrix must be invertible
5555
Hill ndash Important ObservationHill ndash Important ObservationF r i d a y
a b c d e f g h I j k l m n o p q r s t u v w
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22
x y z
23 24 25
1414
Security issues some practical Security issues some practical situationssituations
A sends a message to B E is able to delay the message for a whileHow to detect old messages
A sends a message to B Later A (or B) denies having sent (received) the messageHow to deal with electronic contracts
1515
Classes of Network Security Classes of Network Security ProblemsProblems
Secrecy (or confidentiality)1048713Keep the information out of the hands of unauthorized users even if it has to travel over insecure linksAuthentication1048713Determine whom you are talking to before revealing sensitive informationNon-repudiation (or signatures)1048713Sender cannot deny the transmissionData integrity (or message authentication)1048713Make sure that the message received was exactly the message you sent (not necessarily interested here in the confidentiality of the document)
1616
Basic situation in cryptographyBasic situation in cryptography
1717
Basic situation in cryptographyBasic situation in cryptography
A(lice) sends a message (or file) to B(ob) through an open channel (say Internet) where E(vil nemy) tries to read or change the messageA will encrypt the plaintext using a key transforming it into a ldquounreadablerdquo cryptotextThis operation must be computationally easyB also has a key (say the same key) and decrypts the cryptotext to get the plaintext This operation must be computationally easyE tries to cryptanalyze deduce the plaintext (and the key) knowing only the cryptotext This operation should be computationally difficultWe will use cryptography to cover both the design of secure systems and their cryptanalysisndash cryptology is also used sometimes
1818
Cryptography-Some type of Cryptography-Some type of SystemsSystems
Depending on the type of operations in the encryptiondecryptionSubstitutions (replacements) or transpositions (rearrangement) Number of keys usedSymmetric unsymmetric systemsThe way the plaintext is processedBlock or stream approach
1919
Cryptanalysis (Some types of Cryptanalysis (Some types of attacks)attacks)
1048713Fundamental rule one must always assume that the attacker knows the methods for encryption and decryption he is only looking for the keys
bull Difficult to keep the cryptography algorithm secret (too many people involved)bull Bonus of advertising (People try to break it for you)
Passive attack the attacker only monitors the traffic attacking the confidentiality of the data
Active attack the adversary attempts to alter the transmission attacking data integrity confidentiality and authentication
Brute-force attack try every possible key on the ciphertext until an intelligible translation into a plaintext is obtained
2020
Brute forcingBrute forcing
2121
Attacks on protocolsAttacks on protocols
Known-key attack obtain some previous keys and use the information to get the new onesReplay the adversary records a communication session and replays the entire session or portions of it at a later timeImpersonation adversary assume the identity of a legitimate userDictionary the attacker has a list of probable passwords hashes them and compares with the entries in the list of true encrypted passwords hoping to get a match
2222
How secure is secureHow secure is secure
Evaluating the security of a system is a crucial and most difficult taskUnconditionally secure system
bullIf the ciphertext does not contain enough information to determine uniquely the corresponding ciphertext any plaintext may be mapped into that ciphertext with a suitable keybullConsequently the attacker cannot find the plaintext regardless of how much time and computational power he has because the information is not there
Bad news only one known system has this property one-time pad
2323
How secure is secureHow secure is secureProvable security
bull1048713Prove that breaking the system is equivalent with solving a supposedly difficult (math) problem (eg from Number Theory)
Computationally securebull1048713The (perceived) cost of breaking the system exceeds the value of the encrypted informationbullThe (perceived) time required to break the system exceeds the useful lifetime of the information
2424
Aims and objectives of the courseAims and objectives of the course
To increase awareness among computer professionals on ldquo Computer amp Network SecurityrdquoTo study the interesting science of cryptographyTo keep the contents lively by the right mix of mathematics algorithm design and protocol analysisTo award an A+ to ldquodeservingrdquo candidates To dive into the turbulent waters of computer crime and fight the ldquosharksrdquo (hackers)
2525
ICRYPTOGRAPHY
2626
I1 Secret Key cryptographyI1 Secret Key cryptography
I1 Secret-key cryptographyAlso called symmetric or conventional cryptographyFive ingredients
1048713Plaintext1048713Encryption algorithm runs on the plaintext and the encryption key to yield the ciphertext1048713Secret key an input to the encryption algorithm value independent of the plaintext different keys will yield different outputs1048713Ciphertext the scrambled text produced as an output by the encryption algorithm1048713Decryption algorithm runs on the ciphertext and the key to produce the plaintext
2727
Secret Key cryptography Secret Key cryptography (Contd)(Contd)
bull Requirements for secure conventional encryption1048713Strong encryption algorithm
bull An opponent who knows one or more ciphertexts would not be able to find the plaintexts or the key
bull Ideally even if he knows one or more pairs plaintext-ciphertext he would not be able to find the key
bull Sender and receiver must share the same key Once the key is compromised all communications using that key are readable
bull Encryption algorithm is not a secret
2828
Cryptography notationsCryptography notations
C=EK(P) denotes that C is the encryption of the plaintext P using the key K
P=DK(C) denotes that P is the decryption of the ciphertext C using the key K
2929
CAESER CipherCAESER Cipher1048713It is a typical substitution cipher and the oldest known ndashattributed to Julius Caesar1048713Simple rule replace each letter of the alphabet with the letterstanding 3 places further down the alphabet1048713Example
MEET ME AFTER THE TOGA PARTYPHHW PH DIWHU WKH WRJD SDUWBHere the key is 3 ndashchoose another key to get a different substitution1048713The alphabet is wrapped around so that after Z follows A
a b c d e f g h i j k l m n o p q r s t u v w x y zD E F G H I J K L M N O P Q R S T U V W X Y Z A B C
3030
CAESER CipherCAESER CipherMathematically give each letter a numbera b c d e f g h i j k l m n o p q r s t u v w x y z0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25
The key is a number from 0 to 25Caesar cipher can now be given asE(p) = (p + k) mod (26)D(C) = (C ndashk) mod (26)
3131
Attacking CAESER CipherAttacking CAESER Cipher
Substitute a value of key k from 0 to 25 and stop when english message is obtainedExercise attack the ciphertext
PHHW PH DIWHU WKH WRJD SDUWB
3232
Attack resultsAttack results
CAESER too easy to attack
Why
3333
Attack resultsAttack results
Adapted from Cryptography and network security Adapted from Cryptography and network security by William Stallingsby William Stallings
3434
Modification to CaeserModification to Caeser1048713
Ideainstead of shifting the letters with a fixed amount how about allowing any permutation of the alphabet
Plain a b c d e f g h I j k l m n o p q r s t u v w x y zCipher D K V Q F I B J W P E S C X H T M Y A U O L R G Z N
Plaintext if we wish to replace lettersCiphertext WI RF RWAJ UH YFTSDVF SFUUFYA1048713This is called monoalphabetic susbstitution cipherndasha single alphabet is usedThe increase in the number of keys is dramatic 26 ie more than 4x1026 possible keysCompare DES only has an order of 1016possible keys
Adapted from Cryptography and network security by William StallingsAdapted from Cryptography and network security by William Stallings
3535
3636
3737
3838
3939
4040
4141
4242
4343
4444
4545
4646
4747
4848
4949
5050
Hill CipherHill Cipher
5151
Hill CipherHill Cipher
Takes two or three or more letter Takes two or three or more letter combinations to the same size combinations to the same size combinations eg ldquotherdquo combinations eg ldquotherdquo ldquorqvrdquo ldquorqvrdquo
Uses simple linear equationsUses simple linear equations An example of a ldquoblockrdquo cipher An example of a ldquoblockrdquo cipher
encrypting a block of text at a timeencrypting a block of text at a time Numbered alphabet a = 0 b = 1 c = Numbered alphabet a = 0 b = 1 c =
3 etc3 etc(in CAP use ASCII code)(in CAP use ASCII code)
5252
ExampleExample
C1 = 9p1 + 18p2 + 10p3 (mod 26)
C2 = 16p1 + 21p2 + 1p3 (mod 26)
C3 = 5p1 + 12p2 + 23p3 (mod 26)
C1 9 18 10 p1
C2 = 16 21 1 p2 (mod 26)
C3 5 12 23 p3
5353
18 9 18 10 14
21 = 16 21 1 8 (mod 26)
9 5 12 23 19
I canrsquot do it
8 2 0 13 19 3 14 8 19
4 9 18 10 8
14 = 16 21 1 2 (mod 26)
12 5 12 23 0
19 9 18 10 13
12 = 16 21 1 19 (mod 26)
14 5 12 23 3
EOM TMY SVJ
5454
Hill ndash key is matrixHill ndash key is matrix
k11 k12 k13k11 k12 k13
k21 k22 k23k21 k22 k23
k31 k32 k33k31 k32 k33
Generalize to any size larger blocksGeneralize to any size larger blocks
Matrix must be invertibleMatrix must be invertible
5555
Hill ndash Important ObservationHill ndash Important ObservationF r i d a y
a b c d e f g h I j k l m n o p q r s t u v w
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22
x y z
23 24 25
1515
Classes of Network Security Classes of Network Security ProblemsProblems
Secrecy (or confidentiality)1048713Keep the information out of the hands of unauthorized users even if it has to travel over insecure linksAuthentication1048713Determine whom you are talking to before revealing sensitive informationNon-repudiation (or signatures)1048713Sender cannot deny the transmissionData integrity (or message authentication)1048713Make sure that the message received was exactly the message you sent (not necessarily interested here in the confidentiality of the document)
1616
Basic situation in cryptographyBasic situation in cryptography
1717
Basic situation in cryptographyBasic situation in cryptography
A(lice) sends a message (or file) to B(ob) through an open channel (say Internet) where E(vil nemy) tries to read or change the messageA will encrypt the plaintext using a key transforming it into a ldquounreadablerdquo cryptotextThis operation must be computationally easyB also has a key (say the same key) and decrypts the cryptotext to get the plaintext This operation must be computationally easyE tries to cryptanalyze deduce the plaintext (and the key) knowing only the cryptotext This operation should be computationally difficultWe will use cryptography to cover both the design of secure systems and their cryptanalysisndash cryptology is also used sometimes
1818
Cryptography-Some type of Cryptography-Some type of SystemsSystems
Depending on the type of operations in the encryptiondecryptionSubstitutions (replacements) or transpositions (rearrangement) Number of keys usedSymmetric unsymmetric systemsThe way the plaintext is processedBlock or stream approach
1919
Cryptanalysis (Some types of Cryptanalysis (Some types of attacks)attacks)
1048713Fundamental rule one must always assume that the attacker knows the methods for encryption and decryption he is only looking for the keys
bull Difficult to keep the cryptography algorithm secret (too many people involved)bull Bonus of advertising (People try to break it for you)
Passive attack the attacker only monitors the traffic attacking the confidentiality of the data
Active attack the adversary attempts to alter the transmission attacking data integrity confidentiality and authentication
Brute-force attack try every possible key on the ciphertext until an intelligible translation into a plaintext is obtained
2020
Brute forcingBrute forcing
2121
Attacks on protocolsAttacks on protocols
Known-key attack obtain some previous keys and use the information to get the new onesReplay the adversary records a communication session and replays the entire session or portions of it at a later timeImpersonation adversary assume the identity of a legitimate userDictionary the attacker has a list of probable passwords hashes them and compares with the entries in the list of true encrypted passwords hoping to get a match
2222
How secure is secureHow secure is secure
Evaluating the security of a system is a crucial and most difficult taskUnconditionally secure system
bullIf the ciphertext does not contain enough information to determine uniquely the corresponding ciphertext any plaintext may be mapped into that ciphertext with a suitable keybullConsequently the attacker cannot find the plaintext regardless of how much time and computational power he has because the information is not there
Bad news only one known system has this property one-time pad
2323
How secure is secureHow secure is secureProvable security
bull1048713Prove that breaking the system is equivalent with solving a supposedly difficult (math) problem (eg from Number Theory)
Computationally securebull1048713The (perceived) cost of breaking the system exceeds the value of the encrypted informationbullThe (perceived) time required to break the system exceeds the useful lifetime of the information
2424
Aims and objectives of the courseAims and objectives of the course
To increase awareness among computer professionals on ldquo Computer amp Network SecurityrdquoTo study the interesting science of cryptographyTo keep the contents lively by the right mix of mathematics algorithm design and protocol analysisTo award an A+ to ldquodeservingrdquo candidates To dive into the turbulent waters of computer crime and fight the ldquosharksrdquo (hackers)
2525
ICRYPTOGRAPHY
2626
I1 Secret Key cryptographyI1 Secret Key cryptography
I1 Secret-key cryptographyAlso called symmetric or conventional cryptographyFive ingredients
1048713Plaintext1048713Encryption algorithm runs on the plaintext and the encryption key to yield the ciphertext1048713Secret key an input to the encryption algorithm value independent of the plaintext different keys will yield different outputs1048713Ciphertext the scrambled text produced as an output by the encryption algorithm1048713Decryption algorithm runs on the ciphertext and the key to produce the plaintext
2727
Secret Key cryptography Secret Key cryptography (Contd)(Contd)
bull Requirements for secure conventional encryption1048713Strong encryption algorithm
bull An opponent who knows one or more ciphertexts would not be able to find the plaintexts or the key
bull Ideally even if he knows one or more pairs plaintext-ciphertext he would not be able to find the key
bull Sender and receiver must share the same key Once the key is compromised all communications using that key are readable
bull Encryption algorithm is not a secret
2828
Cryptography notationsCryptography notations
C=EK(P) denotes that C is the encryption of the plaintext P using the key K
P=DK(C) denotes that P is the decryption of the ciphertext C using the key K
2929
CAESER CipherCAESER Cipher1048713It is a typical substitution cipher and the oldest known ndashattributed to Julius Caesar1048713Simple rule replace each letter of the alphabet with the letterstanding 3 places further down the alphabet1048713Example
MEET ME AFTER THE TOGA PARTYPHHW PH DIWHU WKH WRJD SDUWBHere the key is 3 ndashchoose another key to get a different substitution1048713The alphabet is wrapped around so that after Z follows A
a b c d e f g h i j k l m n o p q r s t u v w x y zD E F G H I J K L M N O P Q R S T U V W X Y Z A B C
3030
CAESER CipherCAESER CipherMathematically give each letter a numbera b c d e f g h i j k l m n o p q r s t u v w x y z0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25
The key is a number from 0 to 25Caesar cipher can now be given asE(p) = (p + k) mod (26)D(C) = (C ndashk) mod (26)
3131
Attacking CAESER CipherAttacking CAESER Cipher
Substitute a value of key k from 0 to 25 and stop when english message is obtainedExercise attack the ciphertext
PHHW PH DIWHU WKH WRJD SDUWB
3232
Attack resultsAttack results
CAESER too easy to attack
Why
3333
Attack resultsAttack results
Adapted from Cryptography and network security Adapted from Cryptography and network security by William Stallingsby William Stallings
3434
Modification to CaeserModification to Caeser1048713
Ideainstead of shifting the letters with a fixed amount how about allowing any permutation of the alphabet
Plain a b c d e f g h I j k l m n o p q r s t u v w x y zCipher D K V Q F I B J W P E S C X H T M Y A U O L R G Z N
Plaintext if we wish to replace lettersCiphertext WI RF RWAJ UH YFTSDVF SFUUFYA1048713This is called monoalphabetic susbstitution cipherndasha single alphabet is usedThe increase in the number of keys is dramatic 26 ie more than 4x1026 possible keysCompare DES only has an order of 1016possible keys
Adapted from Cryptography and network security by William StallingsAdapted from Cryptography and network security by William Stallings
3535
3636
3737
3838
3939
4040
4141
4242
4343
4444
4545
4646
4747
4848
4949
5050
Hill CipherHill Cipher
5151
Hill CipherHill Cipher
Takes two or three or more letter Takes two or three or more letter combinations to the same size combinations to the same size combinations eg ldquotherdquo combinations eg ldquotherdquo ldquorqvrdquo ldquorqvrdquo
Uses simple linear equationsUses simple linear equations An example of a ldquoblockrdquo cipher An example of a ldquoblockrdquo cipher
encrypting a block of text at a timeencrypting a block of text at a time Numbered alphabet a = 0 b = 1 c = Numbered alphabet a = 0 b = 1 c =
3 etc3 etc(in CAP use ASCII code)(in CAP use ASCII code)
5252
ExampleExample
C1 = 9p1 + 18p2 + 10p3 (mod 26)
C2 = 16p1 + 21p2 + 1p3 (mod 26)
C3 = 5p1 + 12p2 + 23p3 (mod 26)
C1 9 18 10 p1
C2 = 16 21 1 p2 (mod 26)
C3 5 12 23 p3
5353
18 9 18 10 14
21 = 16 21 1 8 (mod 26)
9 5 12 23 19
I canrsquot do it
8 2 0 13 19 3 14 8 19
4 9 18 10 8
14 = 16 21 1 2 (mod 26)
12 5 12 23 0
19 9 18 10 13
12 = 16 21 1 19 (mod 26)
14 5 12 23 3
EOM TMY SVJ
5454
Hill ndash key is matrixHill ndash key is matrix
k11 k12 k13k11 k12 k13
k21 k22 k23k21 k22 k23
k31 k32 k33k31 k32 k33
Generalize to any size larger blocksGeneralize to any size larger blocks
Matrix must be invertibleMatrix must be invertible
5555
Hill ndash Important ObservationHill ndash Important ObservationF r i d a y
a b c d e f g h I j k l m n o p q r s t u v w
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22
x y z
23 24 25
1616
Basic situation in cryptographyBasic situation in cryptography
1717
Basic situation in cryptographyBasic situation in cryptography
A(lice) sends a message (or file) to B(ob) through an open channel (say Internet) where E(vil nemy) tries to read or change the messageA will encrypt the plaintext using a key transforming it into a ldquounreadablerdquo cryptotextThis operation must be computationally easyB also has a key (say the same key) and decrypts the cryptotext to get the plaintext This operation must be computationally easyE tries to cryptanalyze deduce the plaintext (and the key) knowing only the cryptotext This operation should be computationally difficultWe will use cryptography to cover both the design of secure systems and their cryptanalysisndash cryptology is also used sometimes
1818
Cryptography-Some type of Cryptography-Some type of SystemsSystems
Depending on the type of operations in the encryptiondecryptionSubstitutions (replacements) or transpositions (rearrangement) Number of keys usedSymmetric unsymmetric systemsThe way the plaintext is processedBlock or stream approach
1919
Cryptanalysis (Some types of Cryptanalysis (Some types of attacks)attacks)
1048713Fundamental rule one must always assume that the attacker knows the methods for encryption and decryption he is only looking for the keys
bull Difficult to keep the cryptography algorithm secret (too many people involved)bull Bonus of advertising (People try to break it for you)
Passive attack the attacker only monitors the traffic attacking the confidentiality of the data
Active attack the adversary attempts to alter the transmission attacking data integrity confidentiality and authentication
Brute-force attack try every possible key on the ciphertext until an intelligible translation into a plaintext is obtained
2020
Brute forcingBrute forcing
2121
Attacks on protocolsAttacks on protocols
Known-key attack obtain some previous keys and use the information to get the new onesReplay the adversary records a communication session and replays the entire session or portions of it at a later timeImpersonation adversary assume the identity of a legitimate userDictionary the attacker has a list of probable passwords hashes them and compares with the entries in the list of true encrypted passwords hoping to get a match
2222
How secure is secureHow secure is secure
Evaluating the security of a system is a crucial and most difficult taskUnconditionally secure system
bullIf the ciphertext does not contain enough information to determine uniquely the corresponding ciphertext any plaintext may be mapped into that ciphertext with a suitable keybullConsequently the attacker cannot find the plaintext regardless of how much time and computational power he has because the information is not there
Bad news only one known system has this property one-time pad
2323
How secure is secureHow secure is secureProvable security
bull1048713Prove that breaking the system is equivalent with solving a supposedly difficult (math) problem (eg from Number Theory)
Computationally securebull1048713The (perceived) cost of breaking the system exceeds the value of the encrypted informationbullThe (perceived) time required to break the system exceeds the useful lifetime of the information
2424
Aims and objectives of the courseAims and objectives of the course
To increase awareness among computer professionals on ldquo Computer amp Network SecurityrdquoTo study the interesting science of cryptographyTo keep the contents lively by the right mix of mathematics algorithm design and protocol analysisTo award an A+ to ldquodeservingrdquo candidates To dive into the turbulent waters of computer crime and fight the ldquosharksrdquo (hackers)
2525
ICRYPTOGRAPHY
2626
I1 Secret Key cryptographyI1 Secret Key cryptography
I1 Secret-key cryptographyAlso called symmetric or conventional cryptographyFive ingredients
1048713Plaintext1048713Encryption algorithm runs on the plaintext and the encryption key to yield the ciphertext1048713Secret key an input to the encryption algorithm value independent of the plaintext different keys will yield different outputs1048713Ciphertext the scrambled text produced as an output by the encryption algorithm1048713Decryption algorithm runs on the ciphertext and the key to produce the plaintext
2727
Secret Key cryptography Secret Key cryptography (Contd)(Contd)
bull Requirements for secure conventional encryption1048713Strong encryption algorithm
bull An opponent who knows one or more ciphertexts would not be able to find the plaintexts or the key
bull Ideally even if he knows one or more pairs plaintext-ciphertext he would not be able to find the key
bull Sender and receiver must share the same key Once the key is compromised all communications using that key are readable
bull Encryption algorithm is not a secret
2828
Cryptography notationsCryptography notations
C=EK(P) denotes that C is the encryption of the plaintext P using the key K
P=DK(C) denotes that P is the decryption of the ciphertext C using the key K
2929
CAESER CipherCAESER Cipher1048713It is a typical substitution cipher and the oldest known ndashattributed to Julius Caesar1048713Simple rule replace each letter of the alphabet with the letterstanding 3 places further down the alphabet1048713Example
MEET ME AFTER THE TOGA PARTYPHHW PH DIWHU WKH WRJD SDUWBHere the key is 3 ndashchoose another key to get a different substitution1048713The alphabet is wrapped around so that after Z follows A
a b c d e f g h i j k l m n o p q r s t u v w x y zD E F G H I J K L M N O P Q R S T U V W X Y Z A B C
3030
CAESER CipherCAESER CipherMathematically give each letter a numbera b c d e f g h i j k l m n o p q r s t u v w x y z0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25
The key is a number from 0 to 25Caesar cipher can now be given asE(p) = (p + k) mod (26)D(C) = (C ndashk) mod (26)
3131
Attacking CAESER CipherAttacking CAESER Cipher
Substitute a value of key k from 0 to 25 and stop when english message is obtainedExercise attack the ciphertext
PHHW PH DIWHU WKH WRJD SDUWB
3232
Attack resultsAttack results
CAESER too easy to attack
Why
3333
Attack resultsAttack results
Adapted from Cryptography and network security Adapted from Cryptography and network security by William Stallingsby William Stallings
3434
Modification to CaeserModification to Caeser1048713
Ideainstead of shifting the letters with a fixed amount how about allowing any permutation of the alphabet
Plain a b c d e f g h I j k l m n o p q r s t u v w x y zCipher D K V Q F I B J W P E S C X H T M Y A U O L R G Z N
Plaintext if we wish to replace lettersCiphertext WI RF RWAJ UH YFTSDVF SFUUFYA1048713This is called monoalphabetic susbstitution cipherndasha single alphabet is usedThe increase in the number of keys is dramatic 26 ie more than 4x1026 possible keysCompare DES only has an order of 1016possible keys
Adapted from Cryptography and network security by William StallingsAdapted from Cryptography and network security by William Stallings
3535
3636
3737
3838
3939
4040
4141
4242
4343
4444
4545
4646
4747
4848
4949
5050
Hill CipherHill Cipher
5151
Hill CipherHill Cipher
Takes two or three or more letter Takes two or three or more letter combinations to the same size combinations to the same size combinations eg ldquotherdquo combinations eg ldquotherdquo ldquorqvrdquo ldquorqvrdquo
Uses simple linear equationsUses simple linear equations An example of a ldquoblockrdquo cipher An example of a ldquoblockrdquo cipher
encrypting a block of text at a timeencrypting a block of text at a time Numbered alphabet a = 0 b = 1 c = Numbered alphabet a = 0 b = 1 c =
3 etc3 etc(in CAP use ASCII code)(in CAP use ASCII code)
5252
ExampleExample
C1 = 9p1 + 18p2 + 10p3 (mod 26)
C2 = 16p1 + 21p2 + 1p3 (mod 26)
C3 = 5p1 + 12p2 + 23p3 (mod 26)
C1 9 18 10 p1
C2 = 16 21 1 p2 (mod 26)
C3 5 12 23 p3
5353
18 9 18 10 14
21 = 16 21 1 8 (mod 26)
9 5 12 23 19
I canrsquot do it
8 2 0 13 19 3 14 8 19
4 9 18 10 8
14 = 16 21 1 2 (mod 26)
12 5 12 23 0
19 9 18 10 13
12 = 16 21 1 19 (mod 26)
14 5 12 23 3
EOM TMY SVJ
5454
Hill ndash key is matrixHill ndash key is matrix
k11 k12 k13k11 k12 k13
k21 k22 k23k21 k22 k23
k31 k32 k33k31 k32 k33
Generalize to any size larger blocksGeneralize to any size larger blocks
Matrix must be invertibleMatrix must be invertible
5555
Hill ndash Important ObservationHill ndash Important ObservationF r i d a y
a b c d e f g h I j k l m n o p q r s t u v w
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22
x y z
23 24 25
1717
Basic situation in cryptographyBasic situation in cryptography
A(lice) sends a message (or file) to B(ob) through an open channel (say Internet) where E(vil nemy) tries to read or change the messageA will encrypt the plaintext using a key transforming it into a ldquounreadablerdquo cryptotextThis operation must be computationally easyB also has a key (say the same key) and decrypts the cryptotext to get the plaintext This operation must be computationally easyE tries to cryptanalyze deduce the plaintext (and the key) knowing only the cryptotext This operation should be computationally difficultWe will use cryptography to cover both the design of secure systems and their cryptanalysisndash cryptology is also used sometimes
1818
Cryptography-Some type of Cryptography-Some type of SystemsSystems
Depending on the type of operations in the encryptiondecryptionSubstitutions (replacements) or transpositions (rearrangement) Number of keys usedSymmetric unsymmetric systemsThe way the plaintext is processedBlock or stream approach
1919
Cryptanalysis (Some types of Cryptanalysis (Some types of attacks)attacks)
1048713Fundamental rule one must always assume that the attacker knows the methods for encryption and decryption he is only looking for the keys
bull Difficult to keep the cryptography algorithm secret (too many people involved)bull Bonus of advertising (People try to break it for you)
Passive attack the attacker only monitors the traffic attacking the confidentiality of the data
Active attack the adversary attempts to alter the transmission attacking data integrity confidentiality and authentication
Brute-force attack try every possible key on the ciphertext until an intelligible translation into a plaintext is obtained
2020
Brute forcingBrute forcing
2121
Attacks on protocolsAttacks on protocols
Known-key attack obtain some previous keys and use the information to get the new onesReplay the adversary records a communication session and replays the entire session or portions of it at a later timeImpersonation adversary assume the identity of a legitimate userDictionary the attacker has a list of probable passwords hashes them and compares with the entries in the list of true encrypted passwords hoping to get a match
2222
How secure is secureHow secure is secure
Evaluating the security of a system is a crucial and most difficult taskUnconditionally secure system
bullIf the ciphertext does not contain enough information to determine uniquely the corresponding ciphertext any plaintext may be mapped into that ciphertext with a suitable keybullConsequently the attacker cannot find the plaintext regardless of how much time and computational power he has because the information is not there
Bad news only one known system has this property one-time pad
2323
How secure is secureHow secure is secureProvable security
bull1048713Prove that breaking the system is equivalent with solving a supposedly difficult (math) problem (eg from Number Theory)
Computationally securebull1048713The (perceived) cost of breaking the system exceeds the value of the encrypted informationbullThe (perceived) time required to break the system exceeds the useful lifetime of the information
2424
Aims and objectives of the courseAims and objectives of the course
To increase awareness among computer professionals on ldquo Computer amp Network SecurityrdquoTo study the interesting science of cryptographyTo keep the contents lively by the right mix of mathematics algorithm design and protocol analysisTo award an A+ to ldquodeservingrdquo candidates To dive into the turbulent waters of computer crime and fight the ldquosharksrdquo (hackers)
2525
ICRYPTOGRAPHY
2626
I1 Secret Key cryptographyI1 Secret Key cryptography
I1 Secret-key cryptographyAlso called symmetric or conventional cryptographyFive ingredients
1048713Plaintext1048713Encryption algorithm runs on the plaintext and the encryption key to yield the ciphertext1048713Secret key an input to the encryption algorithm value independent of the plaintext different keys will yield different outputs1048713Ciphertext the scrambled text produced as an output by the encryption algorithm1048713Decryption algorithm runs on the ciphertext and the key to produce the plaintext
2727
Secret Key cryptography Secret Key cryptography (Contd)(Contd)
bull Requirements for secure conventional encryption1048713Strong encryption algorithm
bull An opponent who knows one or more ciphertexts would not be able to find the plaintexts or the key
bull Ideally even if he knows one or more pairs plaintext-ciphertext he would not be able to find the key
bull Sender and receiver must share the same key Once the key is compromised all communications using that key are readable
bull Encryption algorithm is not a secret
2828
Cryptography notationsCryptography notations
C=EK(P) denotes that C is the encryption of the plaintext P using the key K
P=DK(C) denotes that P is the decryption of the ciphertext C using the key K
2929
CAESER CipherCAESER Cipher1048713It is a typical substitution cipher and the oldest known ndashattributed to Julius Caesar1048713Simple rule replace each letter of the alphabet with the letterstanding 3 places further down the alphabet1048713Example
MEET ME AFTER THE TOGA PARTYPHHW PH DIWHU WKH WRJD SDUWBHere the key is 3 ndashchoose another key to get a different substitution1048713The alphabet is wrapped around so that after Z follows A
a b c d e f g h i j k l m n o p q r s t u v w x y zD E F G H I J K L M N O P Q R S T U V W X Y Z A B C
3030
CAESER CipherCAESER CipherMathematically give each letter a numbera b c d e f g h i j k l m n o p q r s t u v w x y z0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25
The key is a number from 0 to 25Caesar cipher can now be given asE(p) = (p + k) mod (26)D(C) = (C ndashk) mod (26)
3131
Attacking CAESER CipherAttacking CAESER Cipher
Substitute a value of key k from 0 to 25 and stop when english message is obtainedExercise attack the ciphertext
PHHW PH DIWHU WKH WRJD SDUWB
3232
Attack resultsAttack results
CAESER too easy to attack
Why
3333
Attack resultsAttack results
Adapted from Cryptography and network security Adapted from Cryptography and network security by William Stallingsby William Stallings
3434
Modification to CaeserModification to Caeser1048713
Ideainstead of shifting the letters with a fixed amount how about allowing any permutation of the alphabet
Plain a b c d e f g h I j k l m n o p q r s t u v w x y zCipher D K V Q F I B J W P E S C X H T M Y A U O L R G Z N
Plaintext if we wish to replace lettersCiphertext WI RF RWAJ UH YFTSDVF SFUUFYA1048713This is called monoalphabetic susbstitution cipherndasha single alphabet is usedThe increase in the number of keys is dramatic 26 ie more than 4x1026 possible keysCompare DES only has an order of 1016possible keys
Adapted from Cryptography and network security by William StallingsAdapted from Cryptography and network security by William Stallings
3535
3636
3737
3838
3939
4040
4141
4242
4343
4444
4545
4646
4747
4848
4949
5050
Hill CipherHill Cipher
5151
Hill CipherHill Cipher
Takes two or three or more letter Takes two or three or more letter combinations to the same size combinations to the same size combinations eg ldquotherdquo combinations eg ldquotherdquo ldquorqvrdquo ldquorqvrdquo
Uses simple linear equationsUses simple linear equations An example of a ldquoblockrdquo cipher An example of a ldquoblockrdquo cipher
encrypting a block of text at a timeencrypting a block of text at a time Numbered alphabet a = 0 b = 1 c = Numbered alphabet a = 0 b = 1 c =
3 etc3 etc(in CAP use ASCII code)(in CAP use ASCII code)
5252
ExampleExample
C1 = 9p1 + 18p2 + 10p3 (mod 26)
C2 = 16p1 + 21p2 + 1p3 (mod 26)
C3 = 5p1 + 12p2 + 23p3 (mod 26)
C1 9 18 10 p1
C2 = 16 21 1 p2 (mod 26)
C3 5 12 23 p3
5353
18 9 18 10 14
21 = 16 21 1 8 (mod 26)
9 5 12 23 19
I canrsquot do it
8 2 0 13 19 3 14 8 19
4 9 18 10 8
14 = 16 21 1 2 (mod 26)
12 5 12 23 0
19 9 18 10 13
12 = 16 21 1 19 (mod 26)
14 5 12 23 3
EOM TMY SVJ
5454
Hill ndash key is matrixHill ndash key is matrix
k11 k12 k13k11 k12 k13
k21 k22 k23k21 k22 k23
k31 k32 k33k31 k32 k33
Generalize to any size larger blocksGeneralize to any size larger blocks
Matrix must be invertibleMatrix must be invertible
5555
Hill ndash Important ObservationHill ndash Important ObservationF r i d a y
a b c d e f g h I j k l m n o p q r s t u v w
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22
x y z
23 24 25
1818
Cryptography-Some type of Cryptography-Some type of SystemsSystems
Depending on the type of operations in the encryptiondecryptionSubstitutions (replacements) or transpositions (rearrangement) Number of keys usedSymmetric unsymmetric systemsThe way the plaintext is processedBlock or stream approach
1919
Cryptanalysis (Some types of Cryptanalysis (Some types of attacks)attacks)
1048713Fundamental rule one must always assume that the attacker knows the methods for encryption and decryption he is only looking for the keys
bull Difficult to keep the cryptography algorithm secret (too many people involved)bull Bonus of advertising (People try to break it for you)
Passive attack the attacker only monitors the traffic attacking the confidentiality of the data
Active attack the adversary attempts to alter the transmission attacking data integrity confidentiality and authentication
Brute-force attack try every possible key on the ciphertext until an intelligible translation into a plaintext is obtained
2020
Brute forcingBrute forcing
2121
Attacks on protocolsAttacks on protocols
Known-key attack obtain some previous keys and use the information to get the new onesReplay the adversary records a communication session and replays the entire session or portions of it at a later timeImpersonation adversary assume the identity of a legitimate userDictionary the attacker has a list of probable passwords hashes them and compares with the entries in the list of true encrypted passwords hoping to get a match
2222
How secure is secureHow secure is secure
Evaluating the security of a system is a crucial and most difficult taskUnconditionally secure system
bullIf the ciphertext does not contain enough information to determine uniquely the corresponding ciphertext any plaintext may be mapped into that ciphertext with a suitable keybullConsequently the attacker cannot find the plaintext regardless of how much time and computational power he has because the information is not there
Bad news only one known system has this property one-time pad
2323
How secure is secureHow secure is secureProvable security
bull1048713Prove that breaking the system is equivalent with solving a supposedly difficult (math) problem (eg from Number Theory)
Computationally securebull1048713The (perceived) cost of breaking the system exceeds the value of the encrypted informationbullThe (perceived) time required to break the system exceeds the useful lifetime of the information
2424
Aims and objectives of the courseAims and objectives of the course
To increase awareness among computer professionals on ldquo Computer amp Network SecurityrdquoTo study the interesting science of cryptographyTo keep the contents lively by the right mix of mathematics algorithm design and protocol analysisTo award an A+ to ldquodeservingrdquo candidates To dive into the turbulent waters of computer crime and fight the ldquosharksrdquo (hackers)
2525
ICRYPTOGRAPHY
2626
I1 Secret Key cryptographyI1 Secret Key cryptography
I1 Secret-key cryptographyAlso called symmetric or conventional cryptographyFive ingredients
1048713Plaintext1048713Encryption algorithm runs on the plaintext and the encryption key to yield the ciphertext1048713Secret key an input to the encryption algorithm value independent of the plaintext different keys will yield different outputs1048713Ciphertext the scrambled text produced as an output by the encryption algorithm1048713Decryption algorithm runs on the ciphertext and the key to produce the plaintext
2727
Secret Key cryptography Secret Key cryptography (Contd)(Contd)
bull Requirements for secure conventional encryption1048713Strong encryption algorithm
bull An opponent who knows one or more ciphertexts would not be able to find the plaintexts or the key
bull Ideally even if he knows one or more pairs plaintext-ciphertext he would not be able to find the key
bull Sender and receiver must share the same key Once the key is compromised all communications using that key are readable
bull Encryption algorithm is not a secret
2828
Cryptography notationsCryptography notations
C=EK(P) denotes that C is the encryption of the plaintext P using the key K
P=DK(C) denotes that P is the decryption of the ciphertext C using the key K
2929
CAESER CipherCAESER Cipher1048713It is a typical substitution cipher and the oldest known ndashattributed to Julius Caesar1048713Simple rule replace each letter of the alphabet with the letterstanding 3 places further down the alphabet1048713Example
MEET ME AFTER THE TOGA PARTYPHHW PH DIWHU WKH WRJD SDUWBHere the key is 3 ndashchoose another key to get a different substitution1048713The alphabet is wrapped around so that after Z follows A
a b c d e f g h i j k l m n o p q r s t u v w x y zD E F G H I J K L M N O P Q R S T U V W X Y Z A B C
3030
CAESER CipherCAESER CipherMathematically give each letter a numbera b c d e f g h i j k l m n o p q r s t u v w x y z0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25
The key is a number from 0 to 25Caesar cipher can now be given asE(p) = (p + k) mod (26)D(C) = (C ndashk) mod (26)
3131
Attacking CAESER CipherAttacking CAESER Cipher
Substitute a value of key k from 0 to 25 and stop when english message is obtainedExercise attack the ciphertext
PHHW PH DIWHU WKH WRJD SDUWB
3232
Attack resultsAttack results
CAESER too easy to attack
Why
3333
Attack resultsAttack results
Adapted from Cryptography and network security Adapted from Cryptography and network security by William Stallingsby William Stallings
3434
Modification to CaeserModification to Caeser1048713
Ideainstead of shifting the letters with a fixed amount how about allowing any permutation of the alphabet
Plain a b c d e f g h I j k l m n o p q r s t u v w x y zCipher D K V Q F I B J W P E S C X H T M Y A U O L R G Z N
Plaintext if we wish to replace lettersCiphertext WI RF RWAJ UH YFTSDVF SFUUFYA1048713This is called monoalphabetic susbstitution cipherndasha single alphabet is usedThe increase in the number of keys is dramatic 26 ie more than 4x1026 possible keysCompare DES only has an order of 1016possible keys
Adapted from Cryptography and network security by William StallingsAdapted from Cryptography and network security by William Stallings
3535
3636
3737
3838
3939
4040
4141
4242
4343
4444
4545
4646
4747
4848
4949
5050
Hill CipherHill Cipher
5151
Hill CipherHill Cipher
Takes two or three or more letter Takes two or three or more letter combinations to the same size combinations to the same size combinations eg ldquotherdquo combinations eg ldquotherdquo ldquorqvrdquo ldquorqvrdquo
Uses simple linear equationsUses simple linear equations An example of a ldquoblockrdquo cipher An example of a ldquoblockrdquo cipher
encrypting a block of text at a timeencrypting a block of text at a time Numbered alphabet a = 0 b = 1 c = Numbered alphabet a = 0 b = 1 c =
3 etc3 etc(in CAP use ASCII code)(in CAP use ASCII code)
5252
ExampleExample
C1 = 9p1 + 18p2 + 10p3 (mod 26)
C2 = 16p1 + 21p2 + 1p3 (mod 26)
C3 = 5p1 + 12p2 + 23p3 (mod 26)
C1 9 18 10 p1
C2 = 16 21 1 p2 (mod 26)
C3 5 12 23 p3
5353
18 9 18 10 14
21 = 16 21 1 8 (mod 26)
9 5 12 23 19
I canrsquot do it
8 2 0 13 19 3 14 8 19
4 9 18 10 8
14 = 16 21 1 2 (mod 26)
12 5 12 23 0
19 9 18 10 13
12 = 16 21 1 19 (mod 26)
14 5 12 23 3
EOM TMY SVJ
5454
Hill ndash key is matrixHill ndash key is matrix
k11 k12 k13k11 k12 k13
k21 k22 k23k21 k22 k23
k31 k32 k33k31 k32 k33
Generalize to any size larger blocksGeneralize to any size larger blocks
Matrix must be invertibleMatrix must be invertible
5555
Hill ndash Important ObservationHill ndash Important ObservationF r i d a y
a b c d e f g h I j k l m n o p q r s t u v w
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22
x y z
23 24 25
1919
Cryptanalysis (Some types of Cryptanalysis (Some types of attacks)attacks)
1048713Fundamental rule one must always assume that the attacker knows the methods for encryption and decryption he is only looking for the keys
bull Difficult to keep the cryptography algorithm secret (too many people involved)bull Bonus of advertising (People try to break it for you)
Passive attack the attacker only monitors the traffic attacking the confidentiality of the data
Active attack the adversary attempts to alter the transmission attacking data integrity confidentiality and authentication
Brute-force attack try every possible key on the ciphertext until an intelligible translation into a plaintext is obtained
2020
Brute forcingBrute forcing
2121
Attacks on protocolsAttacks on protocols
Known-key attack obtain some previous keys and use the information to get the new onesReplay the adversary records a communication session and replays the entire session or portions of it at a later timeImpersonation adversary assume the identity of a legitimate userDictionary the attacker has a list of probable passwords hashes them and compares with the entries in the list of true encrypted passwords hoping to get a match
2222
How secure is secureHow secure is secure
Evaluating the security of a system is a crucial and most difficult taskUnconditionally secure system
bullIf the ciphertext does not contain enough information to determine uniquely the corresponding ciphertext any plaintext may be mapped into that ciphertext with a suitable keybullConsequently the attacker cannot find the plaintext regardless of how much time and computational power he has because the information is not there
Bad news only one known system has this property one-time pad
2323
How secure is secureHow secure is secureProvable security
bull1048713Prove that breaking the system is equivalent with solving a supposedly difficult (math) problem (eg from Number Theory)
Computationally securebull1048713The (perceived) cost of breaking the system exceeds the value of the encrypted informationbullThe (perceived) time required to break the system exceeds the useful lifetime of the information
2424
Aims and objectives of the courseAims and objectives of the course
To increase awareness among computer professionals on ldquo Computer amp Network SecurityrdquoTo study the interesting science of cryptographyTo keep the contents lively by the right mix of mathematics algorithm design and protocol analysisTo award an A+ to ldquodeservingrdquo candidates To dive into the turbulent waters of computer crime and fight the ldquosharksrdquo (hackers)
2525
ICRYPTOGRAPHY
2626
I1 Secret Key cryptographyI1 Secret Key cryptography
I1 Secret-key cryptographyAlso called symmetric or conventional cryptographyFive ingredients
1048713Plaintext1048713Encryption algorithm runs on the plaintext and the encryption key to yield the ciphertext1048713Secret key an input to the encryption algorithm value independent of the plaintext different keys will yield different outputs1048713Ciphertext the scrambled text produced as an output by the encryption algorithm1048713Decryption algorithm runs on the ciphertext and the key to produce the plaintext
2727
Secret Key cryptography Secret Key cryptography (Contd)(Contd)
bull Requirements for secure conventional encryption1048713Strong encryption algorithm
bull An opponent who knows one or more ciphertexts would not be able to find the plaintexts or the key
bull Ideally even if he knows one or more pairs plaintext-ciphertext he would not be able to find the key
bull Sender and receiver must share the same key Once the key is compromised all communications using that key are readable
bull Encryption algorithm is not a secret
2828
Cryptography notationsCryptography notations
C=EK(P) denotes that C is the encryption of the plaintext P using the key K
P=DK(C) denotes that P is the decryption of the ciphertext C using the key K
2929
CAESER CipherCAESER Cipher1048713It is a typical substitution cipher and the oldest known ndashattributed to Julius Caesar1048713Simple rule replace each letter of the alphabet with the letterstanding 3 places further down the alphabet1048713Example
MEET ME AFTER THE TOGA PARTYPHHW PH DIWHU WKH WRJD SDUWBHere the key is 3 ndashchoose another key to get a different substitution1048713The alphabet is wrapped around so that after Z follows A
a b c d e f g h i j k l m n o p q r s t u v w x y zD E F G H I J K L M N O P Q R S T U V W X Y Z A B C
3030
CAESER CipherCAESER CipherMathematically give each letter a numbera b c d e f g h i j k l m n o p q r s t u v w x y z0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25
The key is a number from 0 to 25Caesar cipher can now be given asE(p) = (p + k) mod (26)D(C) = (C ndashk) mod (26)
3131
Attacking CAESER CipherAttacking CAESER Cipher
Substitute a value of key k from 0 to 25 and stop when english message is obtainedExercise attack the ciphertext
PHHW PH DIWHU WKH WRJD SDUWB
3232
Attack resultsAttack results
CAESER too easy to attack
Why
3333
Attack resultsAttack results
Adapted from Cryptography and network security Adapted from Cryptography and network security by William Stallingsby William Stallings
3434
Modification to CaeserModification to Caeser1048713
Ideainstead of shifting the letters with a fixed amount how about allowing any permutation of the alphabet
Plain a b c d e f g h I j k l m n o p q r s t u v w x y zCipher D K V Q F I B J W P E S C X H T M Y A U O L R G Z N
Plaintext if we wish to replace lettersCiphertext WI RF RWAJ UH YFTSDVF SFUUFYA1048713This is called monoalphabetic susbstitution cipherndasha single alphabet is usedThe increase in the number of keys is dramatic 26 ie more than 4x1026 possible keysCompare DES only has an order of 1016possible keys
Adapted from Cryptography and network security by William StallingsAdapted from Cryptography and network security by William Stallings
3535
3636
3737
3838
3939
4040
4141
4242
4343
4444
4545
4646
4747
4848
4949
5050
Hill CipherHill Cipher
5151
Hill CipherHill Cipher
Takes two or three or more letter Takes two or three or more letter combinations to the same size combinations to the same size combinations eg ldquotherdquo combinations eg ldquotherdquo ldquorqvrdquo ldquorqvrdquo
Uses simple linear equationsUses simple linear equations An example of a ldquoblockrdquo cipher An example of a ldquoblockrdquo cipher
encrypting a block of text at a timeencrypting a block of text at a time Numbered alphabet a = 0 b = 1 c = Numbered alphabet a = 0 b = 1 c =
3 etc3 etc(in CAP use ASCII code)(in CAP use ASCII code)
5252
ExampleExample
C1 = 9p1 + 18p2 + 10p3 (mod 26)
C2 = 16p1 + 21p2 + 1p3 (mod 26)
C3 = 5p1 + 12p2 + 23p3 (mod 26)
C1 9 18 10 p1
C2 = 16 21 1 p2 (mod 26)
C3 5 12 23 p3
5353
18 9 18 10 14
21 = 16 21 1 8 (mod 26)
9 5 12 23 19
I canrsquot do it
8 2 0 13 19 3 14 8 19
4 9 18 10 8
14 = 16 21 1 2 (mod 26)
12 5 12 23 0
19 9 18 10 13
12 = 16 21 1 19 (mod 26)
14 5 12 23 3
EOM TMY SVJ
5454
Hill ndash key is matrixHill ndash key is matrix
k11 k12 k13k11 k12 k13
k21 k22 k23k21 k22 k23
k31 k32 k33k31 k32 k33
Generalize to any size larger blocksGeneralize to any size larger blocks
Matrix must be invertibleMatrix must be invertible
5555
Hill ndash Important ObservationHill ndash Important ObservationF r i d a y
a b c d e f g h I j k l m n o p q r s t u v w
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22
x y z
23 24 25
2020
Brute forcingBrute forcing
2121
Attacks on protocolsAttacks on protocols
Known-key attack obtain some previous keys and use the information to get the new onesReplay the adversary records a communication session and replays the entire session or portions of it at a later timeImpersonation adversary assume the identity of a legitimate userDictionary the attacker has a list of probable passwords hashes them and compares with the entries in the list of true encrypted passwords hoping to get a match
2222
How secure is secureHow secure is secure
Evaluating the security of a system is a crucial and most difficult taskUnconditionally secure system
bullIf the ciphertext does not contain enough information to determine uniquely the corresponding ciphertext any plaintext may be mapped into that ciphertext with a suitable keybullConsequently the attacker cannot find the plaintext regardless of how much time and computational power he has because the information is not there
Bad news only one known system has this property one-time pad
2323
How secure is secureHow secure is secureProvable security
bull1048713Prove that breaking the system is equivalent with solving a supposedly difficult (math) problem (eg from Number Theory)
Computationally securebull1048713The (perceived) cost of breaking the system exceeds the value of the encrypted informationbullThe (perceived) time required to break the system exceeds the useful lifetime of the information
2424
Aims and objectives of the courseAims and objectives of the course
To increase awareness among computer professionals on ldquo Computer amp Network SecurityrdquoTo study the interesting science of cryptographyTo keep the contents lively by the right mix of mathematics algorithm design and protocol analysisTo award an A+ to ldquodeservingrdquo candidates To dive into the turbulent waters of computer crime and fight the ldquosharksrdquo (hackers)
2525
ICRYPTOGRAPHY
2626
I1 Secret Key cryptographyI1 Secret Key cryptography
I1 Secret-key cryptographyAlso called symmetric or conventional cryptographyFive ingredients
1048713Plaintext1048713Encryption algorithm runs on the plaintext and the encryption key to yield the ciphertext1048713Secret key an input to the encryption algorithm value independent of the plaintext different keys will yield different outputs1048713Ciphertext the scrambled text produced as an output by the encryption algorithm1048713Decryption algorithm runs on the ciphertext and the key to produce the plaintext
2727
Secret Key cryptography Secret Key cryptography (Contd)(Contd)
bull Requirements for secure conventional encryption1048713Strong encryption algorithm
bull An opponent who knows one or more ciphertexts would not be able to find the plaintexts or the key
bull Ideally even if he knows one or more pairs plaintext-ciphertext he would not be able to find the key
bull Sender and receiver must share the same key Once the key is compromised all communications using that key are readable
bull Encryption algorithm is not a secret
2828
Cryptography notationsCryptography notations
C=EK(P) denotes that C is the encryption of the plaintext P using the key K
P=DK(C) denotes that P is the decryption of the ciphertext C using the key K
2929
CAESER CipherCAESER Cipher1048713It is a typical substitution cipher and the oldest known ndashattributed to Julius Caesar1048713Simple rule replace each letter of the alphabet with the letterstanding 3 places further down the alphabet1048713Example
MEET ME AFTER THE TOGA PARTYPHHW PH DIWHU WKH WRJD SDUWBHere the key is 3 ndashchoose another key to get a different substitution1048713The alphabet is wrapped around so that after Z follows A
a b c d e f g h i j k l m n o p q r s t u v w x y zD E F G H I J K L M N O P Q R S T U V W X Y Z A B C
3030
CAESER CipherCAESER CipherMathematically give each letter a numbera b c d e f g h i j k l m n o p q r s t u v w x y z0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25
The key is a number from 0 to 25Caesar cipher can now be given asE(p) = (p + k) mod (26)D(C) = (C ndashk) mod (26)
3131
Attacking CAESER CipherAttacking CAESER Cipher
Substitute a value of key k from 0 to 25 and stop when english message is obtainedExercise attack the ciphertext
PHHW PH DIWHU WKH WRJD SDUWB
3232
Attack resultsAttack results
CAESER too easy to attack
Why
3333
Attack resultsAttack results
Adapted from Cryptography and network security Adapted from Cryptography and network security by William Stallingsby William Stallings
3434
Modification to CaeserModification to Caeser1048713
Ideainstead of shifting the letters with a fixed amount how about allowing any permutation of the alphabet
Plain a b c d e f g h I j k l m n o p q r s t u v w x y zCipher D K V Q F I B J W P E S C X H T M Y A U O L R G Z N
Plaintext if we wish to replace lettersCiphertext WI RF RWAJ UH YFTSDVF SFUUFYA1048713This is called monoalphabetic susbstitution cipherndasha single alphabet is usedThe increase in the number of keys is dramatic 26 ie more than 4x1026 possible keysCompare DES only has an order of 1016possible keys
Adapted from Cryptography and network security by William StallingsAdapted from Cryptography and network security by William Stallings
3535
3636
3737
3838
3939
4040
4141
4242
4343
4444
4545
4646
4747
4848
4949
5050
Hill CipherHill Cipher
5151
Hill CipherHill Cipher
Takes two or three or more letter Takes two or three or more letter combinations to the same size combinations to the same size combinations eg ldquotherdquo combinations eg ldquotherdquo ldquorqvrdquo ldquorqvrdquo
Uses simple linear equationsUses simple linear equations An example of a ldquoblockrdquo cipher An example of a ldquoblockrdquo cipher
encrypting a block of text at a timeencrypting a block of text at a time Numbered alphabet a = 0 b = 1 c = Numbered alphabet a = 0 b = 1 c =
3 etc3 etc(in CAP use ASCII code)(in CAP use ASCII code)
5252
ExampleExample
C1 = 9p1 + 18p2 + 10p3 (mod 26)
C2 = 16p1 + 21p2 + 1p3 (mod 26)
C3 = 5p1 + 12p2 + 23p3 (mod 26)
C1 9 18 10 p1
C2 = 16 21 1 p2 (mod 26)
C3 5 12 23 p3
5353
18 9 18 10 14
21 = 16 21 1 8 (mod 26)
9 5 12 23 19
I canrsquot do it
8 2 0 13 19 3 14 8 19
4 9 18 10 8
14 = 16 21 1 2 (mod 26)
12 5 12 23 0
19 9 18 10 13
12 = 16 21 1 19 (mod 26)
14 5 12 23 3
EOM TMY SVJ
5454
Hill ndash key is matrixHill ndash key is matrix
k11 k12 k13k11 k12 k13
k21 k22 k23k21 k22 k23
k31 k32 k33k31 k32 k33
Generalize to any size larger blocksGeneralize to any size larger blocks
Matrix must be invertibleMatrix must be invertible
5555
Hill ndash Important ObservationHill ndash Important ObservationF r i d a y
a b c d e f g h I j k l m n o p q r s t u v w
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22
x y z
23 24 25
2121
Attacks on protocolsAttacks on protocols
Known-key attack obtain some previous keys and use the information to get the new onesReplay the adversary records a communication session and replays the entire session or portions of it at a later timeImpersonation adversary assume the identity of a legitimate userDictionary the attacker has a list of probable passwords hashes them and compares with the entries in the list of true encrypted passwords hoping to get a match
2222
How secure is secureHow secure is secure
Evaluating the security of a system is a crucial and most difficult taskUnconditionally secure system
bullIf the ciphertext does not contain enough information to determine uniquely the corresponding ciphertext any plaintext may be mapped into that ciphertext with a suitable keybullConsequently the attacker cannot find the plaintext regardless of how much time and computational power he has because the information is not there
Bad news only one known system has this property one-time pad
2323
How secure is secureHow secure is secureProvable security
bull1048713Prove that breaking the system is equivalent with solving a supposedly difficult (math) problem (eg from Number Theory)
Computationally securebull1048713The (perceived) cost of breaking the system exceeds the value of the encrypted informationbullThe (perceived) time required to break the system exceeds the useful lifetime of the information
2424
Aims and objectives of the courseAims and objectives of the course
To increase awareness among computer professionals on ldquo Computer amp Network SecurityrdquoTo study the interesting science of cryptographyTo keep the contents lively by the right mix of mathematics algorithm design and protocol analysisTo award an A+ to ldquodeservingrdquo candidates To dive into the turbulent waters of computer crime and fight the ldquosharksrdquo (hackers)
2525
ICRYPTOGRAPHY
2626
I1 Secret Key cryptographyI1 Secret Key cryptography
I1 Secret-key cryptographyAlso called symmetric or conventional cryptographyFive ingredients
1048713Plaintext1048713Encryption algorithm runs on the plaintext and the encryption key to yield the ciphertext1048713Secret key an input to the encryption algorithm value independent of the plaintext different keys will yield different outputs1048713Ciphertext the scrambled text produced as an output by the encryption algorithm1048713Decryption algorithm runs on the ciphertext and the key to produce the plaintext
2727
Secret Key cryptography Secret Key cryptography (Contd)(Contd)
bull Requirements for secure conventional encryption1048713Strong encryption algorithm
bull An opponent who knows one or more ciphertexts would not be able to find the plaintexts or the key
bull Ideally even if he knows one or more pairs plaintext-ciphertext he would not be able to find the key
bull Sender and receiver must share the same key Once the key is compromised all communications using that key are readable
bull Encryption algorithm is not a secret
2828
Cryptography notationsCryptography notations
C=EK(P) denotes that C is the encryption of the plaintext P using the key K
P=DK(C) denotes that P is the decryption of the ciphertext C using the key K
2929
CAESER CipherCAESER Cipher1048713It is a typical substitution cipher and the oldest known ndashattributed to Julius Caesar1048713Simple rule replace each letter of the alphabet with the letterstanding 3 places further down the alphabet1048713Example
MEET ME AFTER THE TOGA PARTYPHHW PH DIWHU WKH WRJD SDUWBHere the key is 3 ndashchoose another key to get a different substitution1048713The alphabet is wrapped around so that after Z follows A
a b c d e f g h i j k l m n o p q r s t u v w x y zD E F G H I J K L M N O P Q R S T U V W X Y Z A B C
3030
CAESER CipherCAESER CipherMathematically give each letter a numbera b c d e f g h i j k l m n o p q r s t u v w x y z0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25
The key is a number from 0 to 25Caesar cipher can now be given asE(p) = (p + k) mod (26)D(C) = (C ndashk) mod (26)
3131
Attacking CAESER CipherAttacking CAESER Cipher
Substitute a value of key k from 0 to 25 and stop when english message is obtainedExercise attack the ciphertext
PHHW PH DIWHU WKH WRJD SDUWB
3232
Attack resultsAttack results
CAESER too easy to attack
Why
3333
Attack resultsAttack results
Adapted from Cryptography and network security Adapted from Cryptography and network security by William Stallingsby William Stallings
3434
Modification to CaeserModification to Caeser1048713
Ideainstead of shifting the letters with a fixed amount how about allowing any permutation of the alphabet
Plain a b c d e f g h I j k l m n o p q r s t u v w x y zCipher D K V Q F I B J W P E S C X H T M Y A U O L R G Z N
Plaintext if we wish to replace lettersCiphertext WI RF RWAJ UH YFTSDVF SFUUFYA1048713This is called monoalphabetic susbstitution cipherndasha single alphabet is usedThe increase in the number of keys is dramatic 26 ie more than 4x1026 possible keysCompare DES only has an order of 1016possible keys
Adapted from Cryptography and network security by William StallingsAdapted from Cryptography and network security by William Stallings
3535
3636
3737
3838
3939
4040
4141
4242
4343
4444
4545
4646
4747
4848
4949
5050
Hill CipherHill Cipher
5151
Hill CipherHill Cipher
Takes two or three or more letter Takes two or three or more letter combinations to the same size combinations to the same size combinations eg ldquotherdquo combinations eg ldquotherdquo ldquorqvrdquo ldquorqvrdquo
Uses simple linear equationsUses simple linear equations An example of a ldquoblockrdquo cipher An example of a ldquoblockrdquo cipher
encrypting a block of text at a timeencrypting a block of text at a time Numbered alphabet a = 0 b = 1 c = Numbered alphabet a = 0 b = 1 c =
3 etc3 etc(in CAP use ASCII code)(in CAP use ASCII code)
5252
ExampleExample
C1 = 9p1 + 18p2 + 10p3 (mod 26)
C2 = 16p1 + 21p2 + 1p3 (mod 26)
C3 = 5p1 + 12p2 + 23p3 (mod 26)
C1 9 18 10 p1
C2 = 16 21 1 p2 (mod 26)
C3 5 12 23 p3
5353
18 9 18 10 14
21 = 16 21 1 8 (mod 26)
9 5 12 23 19
I canrsquot do it
8 2 0 13 19 3 14 8 19
4 9 18 10 8
14 = 16 21 1 2 (mod 26)
12 5 12 23 0
19 9 18 10 13
12 = 16 21 1 19 (mod 26)
14 5 12 23 3
EOM TMY SVJ
5454
Hill ndash key is matrixHill ndash key is matrix
k11 k12 k13k11 k12 k13
k21 k22 k23k21 k22 k23
k31 k32 k33k31 k32 k33
Generalize to any size larger blocksGeneralize to any size larger blocks
Matrix must be invertibleMatrix must be invertible
5555
Hill ndash Important ObservationHill ndash Important ObservationF r i d a y
a b c d e f g h I j k l m n o p q r s t u v w
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22
x y z
23 24 25
2222
How secure is secureHow secure is secure
Evaluating the security of a system is a crucial and most difficult taskUnconditionally secure system
bullIf the ciphertext does not contain enough information to determine uniquely the corresponding ciphertext any plaintext may be mapped into that ciphertext with a suitable keybullConsequently the attacker cannot find the plaintext regardless of how much time and computational power he has because the information is not there
Bad news only one known system has this property one-time pad
2323
How secure is secureHow secure is secureProvable security
bull1048713Prove that breaking the system is equivalent with solving a supposedly difficult (math) problem (eg from Number Theory)
Computationally securebull1048713The (perceived) cost of breaking the system exceeds the value of the encrypted informationbullThe (perceived) time required to break the system exceeds the useful lifetime of the information
2424
Aims and objectives of the courseAims and objectives of the course
To increase awareness among computer professionals on ldquo Computer amp Network SecurityrdquoTo study the interesting science of cryptographyTo keep the contents lively by the right mix of mathematics algorithm design and protocol analysisTo award an A+ to ldquodeservingrdquo candidates To dive into the turbulent waters of computer crime and fight the ldquosharksrdquo (hackers)
2525
ICRYPTOGRAPHY
2626
I1 Secret Key cryptographyI1 Secret Key cryptography
I1 Secret-key cryptographyAlso called symmetric or conventional cryptographyFive ingredients
1048713Plaintext1048713Encryption algorithm runs on the plaintext and the encryption key to yield the ciphertext1048713Secret key an input to the encryption algorithm value independent of the plaintext different keys will yield different outputs1048713Ciphertext the scrambled text produced as an output by the encryption algorithm1048713Decryption algorithm runs on the ciphertext and the key to produce the plaintext
2727
Secret Key cryptography Secret Key cryptography (Contd)(Contd)
bull Requirements for secure conventional encryption1048713Strong encryption algorithm
bull An opponent who knows one or more ciphertexts would not be able to find the plaintexts or the key
bull Ideally even if he knows one or more pairs plaintext-ciphertext he would not be able to find the key
bull Sender and receiver must share the same key Once the key is compromised all communications using that key are readable
bull Encryption algorithm is not a secret
2828
Cryptography notationsCryptography notations
C=EK(P) denotes that C is the encryption of the plaintext P using the key K
P=DK(C) denotes that P is the decryption of the ciphertext C using the key K
2929
CAESER CipherCAESER Cipher1048713It is a typical substitution cipher and the oldest known ndashattributed to Julius Caesar1048713Simple rule replace each letter of the alphabet with the letterstanding 3 places further down the alphabet1048713Example
MEET ME AFTER THE TOGA PARTYPHHW PH DIWHU WKH WRJD SDUWBHere the key is 3 ndashchoose another key to get a different substitution1048713The alphabet is wrapped around so that after Z follows A
a b c d e f g h i j k l m n o p q r s t u v w x y zD E F G H I J K L M N O P Q R S T U V W X Y Z A B C
3030
CAESER CipherCAESER CipherMathematically give each letter a numbera b c d e f g h i j k l m n o p q r s t u v w x y z0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25
The key is a number from 0 to 25Caesar cipher can now be given asE(p) = (p + k) mod (26)D(C) = (C ndashk) mod (26)
3131
Attacking CAESER CipherAttacking CAESER Cipher
Substitute a value of key k from 0 to 25 and stop when english message is obtainedExercise attack the ciphertext
PHHW PH DIWHU WKH WRJD SDUWB
3232
Attack resultsAttack results
CAESER too easy to attack
Why
3333
Attack resultsAttack results
Adapted from Cryptography and network security Adapted from Cryptography and network security by William Stallingsby William Stallings
3434
Modification to CaeserModification to Caeser1048713
Ideainstead of shifting the letters with a fixed amount how about allowing any permutation of the alphabet
Plain a b c d e f g h I j k l m n o p q r s t u v w x y zCipher D K V Q F I B J W P E S C X H T M Y A U O L R G Z N
Plaintext if we wish to replace lettersCiphertext WI RF RWAJ UH YFTSDVF SFUUFYA1048713This is called monoalphabetic susbstitution cipherndasha single alphabet is usedThe increase in the number of keys is dramatic 26 ie more than 4x1026 possible keysCompare DES only has an order of 1016possible keys
Adapted from Cryptography and network security by William StallingsAdapted from Cryptography and network security by William Stallings
3535
3636
3737
3838
3939
4040
4141
4242
4343
4444
4545
4646
4747
4848
4949
5050
Hill CipherHill Cipher
5151
Hill CipherHill Cipher
Takes two or three or more letter Takes two or three or more letter combinations to the same size combinations to the same size combinations eg ldquotherdquo combinations eg ldquotherdquo ldquorqvrdquo ldquorqvrdquo
Uses simple linear equationsUses simple linear equations An example of a ldquoblockrdquo cipher An example of a ldquoblockrdquo cipher
encrypting a block of text at a timeencrypting a block of text at a time Numbered alphabet a = 0 b = 1 c = Numbered alphabet a = 0 b = 1 c =
3 etc3 etc(in CAP use ASCII code)(in CAP use ASCII code)
5252
ExampleExample
C1 = 9p1 + 18p2 + 10p3 (mod 26)
C2 = 16p1 + 21p2 + 1p3 (mod 26)
C3 = 5p1 + 12p2 + 23p3 (mod 26)
C1 9 18 10 p1
C2 = 16 21 1 p2 (mod 26)
C3 5 12 23 p3
5353
18 9 18 10 14
21 = 16 21 1 8 (mod 26)
9 5 12 23 19
I canrsquot do it
8 2 0 13 19 3 14 8 19
4 9 18 10 8
14 = 16 21 1 2 (mod 26)
12 5 12 23 0
19 9 18 10 13
12 = 16 21 1 19 (mod 26)
14 5 12 23 3
EOM TMY SVJ
5454
Hill ndash key is matrixHill ndash key is matrix
k11 k12 k13k11 k12 k13
k21 k22 k23k21 k22 k23
k31 k32 k33k31 k32 k33
Generalize to any size larger blocksGeneralize to any size larger blocks
Matrix must be invertibleMatrix must be invertible
5555
Hill ndash Important ObservationHill ndash Important ObservationF r i d a y
a b c d e f g h I j k l m n o p q r s t u v w
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22
x y z
23 24 25
2323
How secure is secureHow secure is secureProvable security
bull1048713Prove that breaking the system is equivalent with solving a supposedly difficult (math) problem (eg from Number Theory)
Computationally securebull1048713The (perceived) cost of breaking the system exceeds the value of the encrypted informationbullThe (perceived) time required to break the system exceeds the useful lifetime of the information
2424
Aims and objectives of the courseAims and objectives of the course
To increase awareness among computer professionals on ldquo Computer amp Network SecurityrdquoTo study the interesting science of cryptographyTo keep the contents lively by the right mix of mathematics algorithm design and protocol analysisTo award an A+ to ldquodeservingrdquo candidates To dive into the turbulent waters of computer crime and fight the ldquosharksrdquo (hackers)
2525
ICRYPTOGRAPHY
2626
I1 Secret Key cryptographyI1 Secret Key cryptography
I1 Secret-key cryptographyAlso called symmetric or conventional cryptographyFive ingredients
1048713Plaintext1048713Encryption algorithm runs on the plaintext and the encryption key to yield the ciphertext1048713Secret key an input to the encryption algorithm value independent of the plaintext different keys will yield different outputs1048713Ciphertext the scrambled text produced as an output by the encryption algorithm1048713Decryption algorithm runs on the ciphertext and the key to produce the plaintext
2727
Secret Key cryptography Secret Key cryptography (Contd)(Contd)
bull Requirements for secure conventional encryption1048713Strong encryption algorithm
bull An opponent who knows one or more ciphertexts would not be able to find the plaintexts or the key
bull Ideally even if he knows one or more pairs plaintext-ciphertext he would not be able to find the key
bull Sender and receiver must share the same key Once the key is compromised all communications using that key are readable
bull Encryption algorithm is not a secret
2828
Cryptography notationsCryptography notations
C=EK(P) denotes that C is the encryption of the plaintext P using the key K
P=DK(C) denotes that P is the decryption of the ciphertext C using the key K
2929
CAESER CipherCAESER Cipher1048713It is a typical substitution cipher and the oldest known ndashattributed to Julius Caesar1048713Simple rule replace each letter of the alphabet with the letterstanding 3 places further down the alphabet1048713Example
MEET ME AFTER THE TOGA PARTYPHHW PH DIWHU WKH WRJD SDUWBHere the key is 3 ndashchoose another key to get a different substitution1048713The alphabet is wrapped around so that after Z follows A
a b c d e f g h i j k l m n o p q r s t u v w x y zD E F G H I J K L M N O P Q R S T U V W X Y Z A B C
3030
CAESER CipherCAESER CipherMathematically give each letter a numbera b c d e f g h i j k l m n o p q r s t u v w x y z0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25
The key is a number from 0 to 25Caesar cipher can now be given asE(p) = (p + k) mod (26)D(C) = (C ndashk) mod (26)
3131
Attacking CAESER CipherAttacking CAESER Cipher
Substitute a value of key k from 0 to 25 and stop when english message is obtainedExercise attack the ciphertext
PHHW PH DIWHU WKH WRJD SDUWB
3232
Attack resultsAttack results
CAESER too easy to attack
Why
3333
Attack resultsAttack results
Adapted from Cryptography and network security Adapted from Cryptography and network security by William Stallingsby William Stallings
3434
Modification to CaeserModification to Caeser1048713
Ideainstead of shifting the letters with a fixed amount how about allowing any permutation of the alphabet
Plain a b c d e f g h I j k l m n o p q r s t u v w x y zCipher D K V Q F I B J W P E S C X H T M Y A U O L R G Z N
Plaintext if we wish to replace lettersCiphertext WI RF RWAJ UH YFTSDVF SFUUFYA1048713This is called monoalphabetic susbstitution cipherndasha single alphabet is usedThe increase in the number of keys is dramatic 26 ie more than 4x1026 possible keysCompare DES only has an order of 1016possible keys
Adapted from Cryptography and network security by William StallingsAdapted from Cryptography and network security by William Stallings
3535
3636
3737
3838
3939
4040
4141
4242
4343
4444
4545
4646
4747
4848
4949
5050
Hill CipherHill Cipher
5151
Hill CipherHill Cipher
Takes two or three or more letter Takes two or three or more letter combinations to the same size combinations to the same size combinations eg ldquotherdquo combinations eg ldquotherdquo ldquorqvrdquo ldquorqvrdquo
Uses simple linear equationsUses simple linear equations An example of a ldquoblockrdquo cipher An example of a ldquoblockrdquo cipher
encrypting a block of text at a timeencrypting a block of text at a time Numbered alphabet a = 0 b = 1 c = Numbered alphabet a = 0 b = 1 c =
3 etc3 etc(in CAP use ASCII code)(in CAP use ASCII code)
5252
ExampleExample
C1 = 9p1 + 18p2 + 10p3 (mod 26)
C2 = 16p1 + 21p2 + 1p3 (mod 26)
C3 = 5p1 + 12p2 + 23p3 (mod 26)
C1 9 18 10 p1
C2 = 16 21 1 p2 (mod 26)
C3 5 12 23 p3
5353
18 9 18 10 14
21 = 16 21 1 8 (mod 26)
9 5 12 23 19
I canrsquot do it
8 2 0 13 19 3 14 8 19
4 9 18 10 8
14 = 16 21 1 2 (mod 26)
12 5 12 23 0
19 9 18 10 13
12 = 16 21 1 19 (mod 26)
14 5 12 23 3
EOM TMY SVJ
5454
Hill ndash key is matrixHill ndash key is matrix
k11 k12 k13k11 k12 k13
k21 k22 k23k21 k22 k23
k31 k32 k33k31 k32 k33
Generalize to any size larger blocksGeneralize to any size larger blocks
Matrix must be invertibleMatrix must be invertible
5555
Hill ndash Important ObservationHill ndash Important ObservationF r i d a y
a b c d e f g h I j k l m n o p q r s t u v w
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22
x y z
23 24 25
2424
Aims and objectives of the courseAims and objectives of the course
To increase awareness among computer professionals on ldquo Computer amp Network SecurityrdquoTo study the interesting science of cryptographyTo keep the contents lively by the right mix of mathematics algorithm design and protocol analysisTo award an A+ to ldquodeservingrdquo candidates To dive into the turbulent waters of computer crime and fight the ldquosharksrdquo (hackers)
2525
ICRYPTOGRAPHY
2626
I1 Secret Key cryptographyI1 Secret Key cryptography
I1 Secret-key cryptographyAlso called symmetric or conventional cryptographyFive ingredients
1048713Plaintext1048713Encryption algorithm runs on the plaintext and the encryption key to yield the ciphertext1048713Secret key an input to the encryption algorithm value independent of the plaintext different keys will yield different outputs1048713Ciphertext the scrambled text produced as an output by the encryption algorithm1048713Decryption algorithm runs on the ciphertext and the key to produce the plaintext
2727
Secret Key cryptography Secret Key cryptography (Contd)(Contd)
bull Requirements for secure conventional encryption1048713Strong encryption algorithm
bull An opponent who knows one or more ciphertexts would not be able to find the plaintexts or the key
bull Ideally even if he knows one or more pairs plaintext-ciphertext he would not be able to find the key
bull Sender and receiver must share the same key Once the key is compromised all communications using that key are readable
bull Encryption algorithm is not a secret
2828
Cryptography notationsCryptography notations
C=EK(P) denotes that C is the encryption of the plaintext P using the key K
P=DK(C) denotes that P is the decryption of the ciphertext C using the key K
2929
CAESER CipherCAESER Cipher1048713It is a typical substitution cipher and the oldest known ndashattributed to Julius Caesar1048713Simple rule replace each letter of the alphabet with the letterstanding 3 places further down the alphabet1048713Example
MEET ME AFTER THE TOGA PARTYPHHW PH DIWHU WKH WRJD SDUWBHere the key is 3 ndashchoose another key to get a different substitution1048713The alphabet is wrapped around so that after Z follows A
a b c d e f g h i j k l m n o p q r s t u v w x y zD E F G H I J K L M N O P Q R S T U V W X Y Z A B C
3030
CAESER CipherCAESER CipherMathematically give each letter a numbera b c d e f g h i j k l m n o p q r s t u v w x y z0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25
The key is a number from 0 to 25Caesar cipher can now be given asE(p) = (p + k) mod (26)D(C) = (C ndashk) mod (26)
3131
Attacking CAESER CipherAttacking CAESER Cipher
Substitute a value of key k from 0 to 25 and stop when english message is obtainedExercise attack the ciphertext
PHHW PH DIWHU WKH WRJD SDUWB
3232
Attack resultsAttack results
CAESER too easy to attack
Why
3333
Attack resultsAttack results
Adapted from Cryptography and network security Adapted from Cryptography and network security by William Stallingsby William Stallings
3434
Modification to CaeserModification to Caeser1048713
Ideainstead of shifting the letters with a fixed amount how about allowing any permutation of the alphabet
Plain a b c d e f g h I j k l m n o p q r s t u v w x y zCipher D K V Q F I B J W P E S C X H T M Y A U O L R G Z N
Plaintext if we wish to replace lettersCiphertext WI RF RWAJ UH YFTSDVF SFUUFYA1048713This is called monoalphabetic susbstitution cipherndasha single alphabet is usedThe increase in the number of keys is dramatic 26 ie more than 4x1026 possible keysCompare DES only has an order of 1016possible keys
Adapted from Cryptography and network security by William StallingsAdapted from Cryptography and network security by William Stallings
3535
3636
3737
3838
3939
4040
4141
4242
4343
4444
4545
4646
4747
4848
4949
5050
Hill CipherHill Cipher
5151
Hill CipherHill Cipher
Takes two or three or more letter Takes two or three or more letter combinations to the same size combinations to the same size combinations eg ldquotherdquo combinations eg ldquotherdquo ldquorqvrdquo ldquorqvrdquo
Uses simple linear equationsUses simple linear equations An example of a ldquoblockrdquo cipher An example of a ldquoblockrdquo cipher
encrypting a block of text at a timeencrypting a block of text at a time Numbered alphabet a = 0 b = 1 c = Numbered alphabet a = 0 b = 1 c =
3 etc3 etc(in CAP use ASCII code)(in CAP use ASCII code)
5252
ExampleExample
C1 = 9p1 + 18p2 + 10p3 (mod 26)
C2 = 16p1 + 21p2 + 1p3 (mod 26)
C3 = 5p1 + 12p2 + 23p3 (mod 26)
C1 9 18 10 p1
C2 = 16 21 1 p2 (mod 26)
C3 5 12 23 p3
5353
18 9 18 10 14
21 = 16 21 1 8 (mod 26)
9 5 12 23 19
I canrsquot do it
8 2 0 13 19 3 14 8 19
4 9 18 10 8
14 = 16 21 1 2 (mod 26)
12 5 12 23 0
19 9 18 10 13
12 = 16 21 1 19 (mod 26)
14 5 12 23 3
EOM TMY SVJ
5454
Hill ndash key is matrixHill ndash key is matrix
k11 k12 k13k11 k12 k13
k21 k22 k23k21 k22 k23
k31 k32 k33k31 k32 k33
Generalize to any size larger blocksGeneralize to any size larger blocks
Matrix must be invertibleMatrix must be invertible
5555
Hill ndash Important ObservationHill ndash Important ObservationF r i d a y
a b c d e f g h I j k l m n o p q r s t u v w
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22
x y z
23 24 25
2525
ICRYPTOGRAPHY
2626
I1 Secret Key cryptographyI1 Secret Key cryptography
I1 Secret-key cryptographyAlso called symmetric or conventional cryptographyFive ingredients
1048713Plaintext1048713Encryption algorithm runs on the plaintext and the encryption key to yield the ciphertext1048713Secret key an input to the encryption algorithm value independent of the plaintext different keys will yield different outputs1048713Ciphertext the scrambled text produced as an output by the encryption algorithm1048713Decryption algorithm runs on the ciphertext and the key to produce the plaintext
2727
Secret Key cryptography Secret Key cryptography (Contd)(Contd)
bull Requirements for secure conventional encryption1048713Strong encryption algorithm
bull An opponent who knows one or more ciphertexts would not be able to find the plaintexts or the key
bull Ideally even if he knows one or more pairs plaintext-ciphertext he would not be able to find the key
bull Sender and receiver must share the same key Once the key is compromised all communications using that key are readable
bull Encryption algorithm is not a secret
2828
Cryptography notationsCryptography notations
C=EK(P) denotes that C is the encryption of the plaintext P using the key K
P=DK(C) denotes that P is the decryption of the ciphertext C using the key K
2929
CAESER CipherCAESER Cipher1048713It is a typical substitution cipher and the oldest known ndashattributed to Julius Caesar1048713Simple rule replace each letter of the alphabet with the letterstanding 3 places further down the alphabet1048713Example
MEET ME AFTER THE TOGA PARTYPHHW PH DIWHU WKH WRJD SDUWBHere the key is 3 ndashchoose another key to get a different substitution1048713The alphabet is wrapped around so that after Z follows A
a b c d e f g h i j k l m n o p q r s t u v w x y zD E F G H I J K L M N O P Q R S T U V W X Y Z A B C
3030
CAESER CipherCAESER CipherMathematically give each letter a numbera b c d e f g h i j k l m n o p q r s t u v w x y z0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25
The key is a number from 0 to 25Caesar cipher can now be given asE(p) = (p + k) mod (26)D(C) = (C ndashk) mod (26)
3131
Attacking CAESER CipherAttacking CAESER Cipher
Substitute a value of key k from 0 to 25 and stop when english message is obtainedExercise attack the ciphertext
PHHW PH DIWHU WKH WRJD SDUWB
3232
Attack resultsAttack results
CAESER too easy to attack
Why
3333
Attack resultsAttack results
Adapted from Cryptography and network security Adapted from Cryptography and network security by William Stallingsby William Stallings
3434
Modification to CaeserModification to Caeser1048713
Ideainstead of shifting the letters with a fixed amount how about allowing any permutation of the alphabet
Plain a b c d e f g h I j k l m n o p q r s t u v w x y zCipher D K V Q F I B J W P E S C X H T M Y A U O L R G Z N
Plaintext if we wish to replace lettersCiphertext WI RF RWAJ UH YFTSDVF SFUUFYA1048713This is called monoalphabetic susbstitution cipherndasha single alphabet is usedThe increase in the number of keys is dramatic 26 ie more than 4x1026 possible keysCompare DES only has an order of 1016possible keys
Adapted from Cryptography and network security by William StallingsAdapted from Cryptography and network security by William Stallings
3535
3636
3737
3838
3939
4040
4141
4242
4343
4444
4545
4646
4747
4848
4949
5050
Hill CipherHill Cipher
5151
Hill CipherHill Cipher
Takes two or three or more letter Takes two or three or more letter combinations to the same size combinations to the same size combinations eg ldquotherdquo combinations eg ldquotherdquo ldquorqvrdquo ldquorqvrdquo
Uses simple linear equationsUses simple linear equations An example of a ldquoblockrdquo cipher An example of a ldquoblockrdquo cipher
encrypting a block of text at a timeencrypting a block of text at a time Numbered alphabet a = 0 b = 1 c = Numbered alphabet a = 0 b = 1 c =
3 etc3 etc(in CAP use ASCII code)(in CAP use ASCII code)
5252
ExampleExample
C1 = 9p1 + 18p2 + 10p3 (mod 26)
C2 = 16p1 + 21p2 + 1p3 (mod 26)
C3 = 5p1 + 12p2 + 23p3 (mod 26)
C1 9 18 10 p1
C2 = 16 21 1 p2 (mod 26)
C3 5 12 23 p3
5353
18 9 18 10 14
21 = 16 21 1 8 (mod 26)
9 5 12 23 19
I canrsquot do it
8 2 0 13 19 3 14 8 19
4 9 18 10 8
14 = 16 21 1 2 (mod 26)
12 5 12 23 0
19 9 18 10 13
12 = 16 21 1 19 (mod 26)
14 5 12 23 3
EOM TMY SVJ
5454
Hill ndash key is matrixHill ndash key is matrix
k11 k12 k13k11 k12 k13
k21 k22 k23k21 k22 k23
k31 k32 k33k31 k32 k33
Generalize to any size larger blocksGeneralize to any size larger blocks
Matrix must be invertibleMatrix must be invertible
5555
Hill ndash Important ObservationHill ndash Important ObservationF r i d a y
a b c d e f g h I j k l m n o p q r s t u v w
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22
x y z
23 24 25
2626
I1 Secret Key cryptographyI1 Secret Key cryptography
I1 Secret-key cryptographyAlso called symmetric or conventional cryptographyFive ingredients
1048713Plaintext1048713Encryption algorithm runs on the plaintext and the encryption key to yield the ciphertext1048713Secret key an input to the encryption algorithm value independent of the plaintext different keys will yield different outputs1048713Ciphertext the scrambled text produced as an output by the encryption algorithm1048713Decryption algorithm runs on the ciphertext and the key to produce the plaintext
2727
Secret Key cryptography Secret Key cryptography (Contd)(Contd)
bull Requirements for secure conventional encryption1048713Strong encryption algorithm
bull An opponent who knows one or more ciphertexts would not be able to find the plaintexts or the key
bull Ideally even if he knows one or more pairs plaintext-ciphertext he would not be able to find the key
bull Sender and receiver must share the same key Once the key is compromised all communications using that key are readable
bull Encryption algorithm is not a secret
2828
Cryptography notationsCryptography notations
C=EK(P) denotes that C is the encryption of the plaintext P using the key K
P=DK(C) denotes that P is the decryption of the ciphertext C using the key K
2929
CAESER CipherCAESER Cipher1048713It is a typical substitution cipher and the oldest known ndashattributed to Julius Caesar1048713Simple rule replace each letter of the alphabet with the letterstanding 3 places further down the alphabet1048713Example
MEET ME AFTER THE TOGA PARTYPHHW PH DIWHU WKH WRJD SDUWBHere the key is 3 ndashchoose another key to get a different substitution1048713The alphabet is wrapped around so that after Z follows A
a b c d e f g h i j k l m n o p q r s t u v w x y zD E F G H I J K L M N O P Q R S T U V W X Y Z A B C
3030
CAESER CipherCAESER CipherMathematically give each letter a numbera b c d e f g h i j k l m n o p q r s t u v w x y z0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25
The key is a number from 0 to 25Caesar cipher can now be given asE(p) = (p + k) mod (26)D(C) = (C ndashk) mod (26)
3131
Attacking CAESER CipherAttacking CAESER Cipher
Substitute a value of key k from 0 to 25 and stop when english message is obtainedExercise attack the ciphertext
PHHW PH DIWHU WKH WRJD SDUWB
3232
Attack resultsAttack results
CAESER too easy to attack
Why
3333
Attack resultsAttack results
Adapted from Cryptography and network security Adapted from Cryptography and network security by William Stallingsby William Stallings
3434
Modification to CaeserModification to Caeser1048713
Ideainstead of shifting the letters with a fixed amount how about allowing any permutation of the alphabet
Plain a b c d e f g h I j k l m n o p q r s t u v w x y zCipher D K V Q F I B J W P E S C X H T M Y A U O L R G Z N
Plaintext if we wish to replace lettersCiphertext WI RF RWAJ UH YFTSDVF SFUUFYA1048713This is called monoalphabetic susbstitution cipherndasha single alphabet is usedThe increase in the number of keys is dramatic 26 ie more than 4x1026 possible keysCompare DES only has an order of 1016possible keys
Adapted from Cryptography and network security by William StallingsAdapted from Cryptography and network security by William Stallings
3535
3636
3737
3838
3939
4040
4141
4242
4343
4444
4545
4646
4747
4848
4949
5050
Hill CipherHill Cipher
5151
Hill CipherHill Cipher
Takes two or three or more letter Takes two or three or more letter combinations to the same size combinations to the same size combinations eg ldquotherdquo combinations eg ldquotherdquo ldquorqvrdquo ldquorqvrdquo
Uses simple linear equationsUses simple linear equations An example of a ldquoblockrdquo cipher An example of a ldquoblockrdquo cipher
encrypting a block of text at a timeencrypting a block of text at a time Numbered alphabet a = 0 b = 1 c = Numbered alphabet a = 0 b = 1 c =
3 etc3 etc(in CAP use ASCII code)(in CAP use ASCII code)
5252
ExampleExample
C1 = 9p1 + 18p2 + 10p3 (mod 26)
C2 = 16p1 + 21p2 + 1p3 (mod 26)
C3 = 5p1 + 12p2 + 23p3 (mod 26)
C1 9 18 10 p1
C2 = 16 21 1 p2 (mod 26)
C3 5 12 23 p3
5353
18 9 18 10 14
21 = 16 21 1 8 (mod 26)
9 5 12 23 19
I canrsquot do it
8 2 0 13 19 3 14 8 19
4 9 18 10 8
14 = 16 21 1 2 (mod 26)
12 5 12 23 0
19 9 18 10 13
12 = 16 21 1 19 (mod 26)
14 5 12 23 3
EOM TMY SVJ
5454
Hill ndash key is matrixHill ndash key is matrix
k11 k12 k13k11 k12 k13
k21 k22 k23k21 k22 k23
k31 k32 k33k31 k32 k33
Generalize to any size larger blocksGeneralize to any size larger blocks
Matrix must be invertibleMatrix must be invertible
5555
Hill ndash Important ObservationHill ndash Important ObservationF r i d a y
a b c d e f g h I j k l m n o p q r s t u v w
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22
x y z
23 24 25
2727
Secret Key cryptography Secret Key cryptography (Contd)(Contd)
bull Requirements for secure conventional encryption1048713Strong encryption algorithm
bull An opponent who knows one or more ciphertexts would not be able to find the plaintexts or the key
bull Ideally even if he knows one or more pairs plaintext-ciphertext he would not be able to find the key
bull Sender and receiver must share the same key Once the key is compromised all communications using that key are readable
bull Encryption algorithm is not a secret
2828
Cryptography notationsCryptography notations
C=EK(P) denotes that C is the encryption of the plaintext P using the key K
P=DK(C) denotes that P is the decryption of the ciphertext C using the key K
2929
CAESER CipherCAESER Cipher1048713It is a typical substitution cipher and the oldest known ndashattributed to Julius Caesar1048713Simple rule replace each letter of the alphabet with the letterstanding 3 places further down the alphabet1048713Example
MEET ME AFTER THE TOGA PARTYPHHW PH DIWHU WKH WRJD SDUWBHere the key is 3 ndashchoose another key to get a different substitution1048713The alphabet is wrapped around so that after Z follows A
a b c d e f g h i j k l m n o p q r s t u v w x y zD E F G H I J K L M N O P Q R S T U V W X Y Z A B C
3030
CAESER CipherCAESER CipherMathematically give each letter a numbera b c d e f g h i j k l m n o p q r s t u v w x y z0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25
The key is a number from 0 to 25Caesar cipher can now be given asE(p) = (p + k) mod (26)D(C) = (C ndashk) mod (26)
3131
Attacking CAESER CipherAttacking CAESER Cipher
Substitute a value of key k from 0 to 25 and stop when english message is obtainedExercise attack the ciphertext
PHHW PH DIWHU WKH WRJD SDUWB
3232
Attack resultsAttack results
CAESER too easy to attack
Why
3333
Attack resultsAttack results
Adapted from Cryptography and network security Adapted from Cryptography and network security by William Stallingsby William Stallings
3434
Modification to CaeserModification to Caeser1048713
Ideainstead of shifting the letters with a fixed amount how about allowing any permutation of the alphabet
Plain a b c d e f g h I j k l m n o p q r s t u v w x y zCipher D K V Q F I B J W P E S C X H T M Y A U O L R G Z N
Plaintext if we wish to replace lettersCiphertext WI RF RWAJ UH YFTSDVF SFUUFYA1048713This is called monoalphabetic susbstitution cipherndasha single alphabet is usedThe increase in the number of keys is dramatic 26 ie more than 4x1026 possible keysCompare DES only has an order of 1016possible keys
Adapted from Cryptography and network security by William StallingsAdapted from Cryptography and network security by William Stallings
3535
3636
3737
3838
3939
4040
4141
4242
4343
4444
4545
4646
4747
4848
4949
5050
Hill CipherHill Cipher
5151
Hill CipherHill Cipher
Takes two or three or more letter Takes two or three or more letter combinations to the same size combinations to the same size combinations eg ldquotherdquo combinations eg ldquotherdquo ldquorqvrdquo ldquorqvrdquo
Uses simple linear equationsUses simple linear equations An example of a ldquoblockrdquo cipher An example of a ldquoblockrdquo cipher
encrypting a block of text at a timeencrypting a block of text at a time Numbered alphabet a = 0 b = 1 c = Numbered alphabet a = 0 b = 1 c =
3 etc3 etc(in CAP use ASCII code)(in CAP use ASCII code)
5252
ExampleExample
C1 = 9p1 + 18p2 + 10p3 (mod 26)
C2 = 16p1 + 21p2 + 1p3 (mod 26)
C3 = 5p1 + 12p2 + 23p3 (mod 26)
C1 9 18 10 p1
C2 = 16 21 1 p2 (mod 26)
C3 5 12 23 p3
5353
18 9 18 10 14
21 = 16 21 1 8 (mod 26)
9 5 12 23 19
I canrsquot do it
8 2 0 13 19 3 14 8 19
4 9 18 10 8
14 = 16 21 1 2 (mod 26)
12 5 12 23 0
19 9 18 10 13
12 = 16 21 1 19 (mod 26)
14 5 12 23 3
EOM TMY SVJ
5454
Hill ndash key is matrixHill ndash key is matrix
k11 k12 k13k11 k12 k13
k21 k22 k23k21 k22 k23
k31 k32 k33k31 k32 k33
Generalize to any size larger blocksGeneralize to any size larger blocks
Matrix must be invertibleMatrix must be invertible
5555
Hill ndash Important ObservationHill ndash Important ObservationF r i d a y
a b c d e f g h I j k l m n o p q r s t u v w
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22
x y z
23 24 25
2828
Cryptography notationsCryptography notations
C=EK(P) denotes that C is the encryption of the plaintext P using the key K
P=DK(C) denotes that P is the decryption of the ciphertext C using the key K
2929
CAESER CipherCAESER Cipher1048713It is a typical substitution cipher and the oldest known ndashattributed to Julius Caesar1048713Simple rule replace each letter of the alphabet with the letterstanding 3 places further down the alphabet1048713Example
MEET ME AFTER THE TOGA PARTYPHHW PH DIWHU WKH WRJD SDUWBHere the key is 3 ndashchoose another key to get a different substitution1048713The alphabet is wrapped around so that after Z follows A
a b c d e f g h i j k l m n o p q r s t u v w x y zD E F G H I J K L M N O P Q R S T U V W X Y Z A B C
3030
CAESER CipherCAESER CipherMathematically give each letter a numbera b c d e f g h i j k l m n o p q r s t u v w x y z0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25
The key is a number from 0 to 25Caesar cipher can now be given asE(p) = (p + k) mod (26)D(C) = (C ndashk) mod (26)
3131
Attacking CAESER CipherAttacking CAESER Cipher
Substitute a value of key k from 0 to 25 and stop when english message is obtainedExercise attack the ciphertext
PHHW PH DIWHU WKH WRJD SDUWB
3232
Attack resultsAttack results
CAESER too easy to attack
Why
3333
Attack resultsAttack results
Adapted from Cryptography and network security Adapted from Cryptography and network security by William Stallingsby William Stallings
3434
Modification to CaeserModification to Caeser1048713
Ideainstead of shifting the letters with a fixed amount how about allowing any permutation of the alphabet
Plain a b c d e f g h I j k l m n o p q r s t u v w x y zCipher D K V Q F I B J W P E S C X H T M Y A U O L R G Z N
Plaintext if we wish to replace lettersCiphertext WI RF RWAJ UH YFTSDVF SFUUFYA1048713This is called monoalphabetic susbstitution cipherndasha single alphabet is usedThe increase in the number of keys is dramatic 26 ie more than 4x1026 possible keysCompare DES only has an order of 1016possible keys
Adapted from Cryptography and network security by William StallingsAdapted from Cryptography and network security by William Stallings
3535
3636
3737
3838
3939
4040
4141
4242
4343
4444
4545
4646
4747
4848
4949
5050
Hill CipherHill Cipher
5151
Hill CipherHill Cipher
Takes two or three or more letter Takes two or three or more letter combinations to the same size combinations to the same size combinations eg ldquotherdquo combinations eg ldquotherdquo ldquorqvrdquo ldquorqvrdquo
Uses simple linear equationsUses simple linear equations An example of a ldquoblockrdquo cipher An example of a ldquoblockrdquo cipher
encrypting a block of text at a timeencrypting a block of text at a time Numbered alphabet a = 0 b = 1 c = Numbered alphabet a = 0 b = 1 c =
3 etc3 etc(in CAP use ASCII code)(in CAP use ASCII code)
5252
ExampleExample
C1 = 9p1 + 18p2 + 10p3 (mod 26)
C2 = 16p1 + 21p2 + 1p3 (mod 26)
C3 = 5p1 + 12p2 + 23p3 (mod 26)
C1 9 18 10 p1
C2 = 16 21 1 p2 (mod 26)
C3 5 12 23 p3
5353
18 9 18 10 14
21 = 16 21 1 8 (mod 26)
9 5 12 23 19
I canrsquot do it
8 2 0 13 19 3 14 8 19
4 9 18 10 8
14 = 16 21 1 2 (mod 26)
12 5 12 23 0
19 9 18 10 13
12 = 16 21 1 19 (mod 26)
14 5 12 23 3
EOM TMY SVJ
5454
Hill ndash key is matrixHill ndash key is matrix
k11 k12 k13k11 k12 k13
k21 k22 k23k21 k22 k23
k31 k32 k33k31 k32 k33
Generalize to any size larger blocksGeneralize to any size larger blocks
Matrix must be invertibleMatrix must be invertible
5555
Hill ndash Important ObservationHill ndash Important ObservationF r i d a y
a b c d e f g h I j k l m n o p q r s t u v w
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22
x y z
23 24 25
2929
CAESER CipherCAESER Cipher1048713It is a typical substitution cipher and the oldest known ndashattributed to Julius Caesar1048713Simple rule replace each letter of the alphabet with the letterstanding 3 places further down the alphabet1048713Example
MEET ME AFTER THE TOGA PARTYPHHW PH DIWHU WKH WRJD SDUWBHere the key is 3 ndashchoose another key to get a different substitution1048713The alphabet is wrapped around so that after Z follows A
a b c d e f g h i j k l m n o p q r s t u v w x y zD E F G H I J K L M N O P Q R S T U V W X Y Z A B C
3030
CAESER CipherCAESER CipherMathematically give each letter a numbera b c d e f g h i j k l m n o p q r s t u v w x y z0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25
The key is a number from 0 to 25Caesar cipher can now be given asE(p) = (p + k) mod (26)D(C) = (C ndashk) mod (26)
3131
Attacking CAESER CipherAttacking CAESER Cipher
Substitute a value of key k from 0 to 25 and stop when english message is obtainedExercise attack the ciphertext
PHHW PH DIWHU WKH WRJD SDUWB
3232
Attack resultsAttack results
CAESER too easy to attack
Why
3333
Attack resultsAttack results
Adapted from Cryptography and network security Adapted from Cryptography and network security by William Stallingsby William Stallings
3434
Modification to CaeserModification to Caeser1048713
Ideainstead of shifting the letters with a fixed amount how about allowing any permutation of the alphabet
Plain a b c d e f g h I j k l m n o p q r s t u v w x y zCipher D K V Q F I B J W P E S C X H T M Y A U O L R G Z N
Plaintext if we wish to replace lettersCiphertext WI RF RWAJ UH YFTSDVF SFUUFYA1048713This is called monoalphabetic susbstitution cipherndasha single alphabet is usedThe increase in the number of keys is dramatic 26 ie more than 4x1026 possible keysCompare DES only has an order of 1016possible keys
Adapted from Cryptography and network security by William StallingsAdapted from Cryptography and network security by William Stallings
3535
3636
3737
3838
3939
4040
4141
4242
4343
4444
4545
4646
4747
4848
4949
5050
Hill CipherHill Cipher
5151
Hill CipherHill Cipher
Takes two or three or more letter Takes two or three or more letter combinations to the same size combinations to the same size combinations eg ldquotherdquo combinations eg ldquotherdquo ldquorqvrdquo ldquorqvrdquo
Uses simple linear equationsUses simple linear equations An example of a ldquoblockrdquo cipher An example of a ldquoblockrdquo cipher
encrypting a block of text at a timeencrypting a block of text at a time Numbered alphabet a = 0 b = 1 c = Numbered alphabet a = 0 b = 1 c =
3 etc3 etc(in CAP use ASCII code)(in CAP use ASCII code)
5252
ExampleExample
C1 = 9p1 + 18p2 + 10p3 (mod 26)
C2 = 16p1 + 21p2 + 1p3 (mod 26)
C3 = 5p1 + 12p2 + 23p3 (mod 26)
C1 9 18 10 p1
C2 = 16 21 1 p2 (mod 26)
C3 5 12 23 p3
5353
18 9 18 10 14
21 = 16 21 1 8 (mod 26)
9 5 12 23 19
I canrsquot do it
8 2 0 13 19 3 14 8 19
4 9 18 10 8
14 = 16 21 1 2 (mod 26)
12 5 12 23 0
19 9 18 10 13
12 = 16 21 1 19 (mod 26)
14 5 12 23 3
EOM TMY SVJ
5454
Hill ndash key is matrixHill ndash key is matrix
k11 k12 k13k11 k12 k13
k21 k22 k23k21 k22 k23
k31 k32 k33k31 k32 k33
Generalize to any size larger blocksGeneralize to any size larger blocks
Matrix must be invertibleMatrix must be invertible
5555
Hill ndash Important ObservationHill ndash Important ObservationF r i d a y
a b c d e f g h I j k l m n o p q r s t u v w
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22
x y z
23 24 25
3030
CAESER CipherCAESER CipherMathematically give each letter a numbera b c d e f g h i j k l m n o p q r s t u v w x y z0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25
The key is a number from 0 to 25Caesar cipher can now be given asE(p) = (p + k) mod (26)D(C) = (C ndashk) mod (26)
3131
Attacking CAESER CipherAttacking CAESER Cipher
Substitute a value of key k from 0 to 25 and stop when english message is obtainedExercise attack the ciphertext
PHHW PH DIWHU WKH WRJD SDUWB
3232
Attack resultsAttack results
CAESER too easy to attack
Why
3333
Attack resultsAttack results
Adapted from Cryptography and network security Adapted from Cryptography and network security by William Stallingsby William Stallings
3434
Modification to CaeserModification to Caeser1048713
Ideainstead of shifting the letters with a fixed amount how about allowing any permutation of the alphabet
Plain a b c d e f g h I j k l m n o p q r s t u v w x y zCipher D K V Q F I B J W P E S C X H T M Y A U O L R G Z N
Plaintext if we wish to replace lettersCiphertext WI RF RWAJ UH YFTSDVF SFUUFYA1048713This is called monoalphabetic susbstitution cipherndasha single alphabet is usedThe increase in the number of keys is dramatic 26 ie more than 4x1026 possible keysCompare DES only has an order of 1016possible keys
Adapted from Cryptography and network security by William StallingsAdapted from Cryptography and network security by William Stallings
3535
3636
3737
3838
3939
4040
4141
4242
4343
4444
4545
4646
4747
4848
4949
5050
Hill CipherHill Cipher
5151
Hill CipherHill Cipher
Takes two or three or more letter Takes two or three or more letter combinations to the same size combinations to the same size combinations eg ldquotherdquo combinations eg ldquotherdquo ldquorqvrdquo ldquorqvrdquo
Uses simple linear equationsUses simple linear equations An example of a ldquoblockrdquo cipher An example of a ldquoblockrdquo cipher
encrypting a block of text at a timeencrypting a block of text at a time Numbered alphabet a = 0 b = 1 c = Numbered alphabet a = 0 b = 1 c =
3 etc3 etc(in CAP use ASCII code)(in CAP use ASCII code)
5252
ExampleExample
C1 = 9p1 + 18p2 + 10p3 (mod 26)
C2 = 16p1 + 21p2 + 1p3 (mod 26)
C3 = 5p1 + 12p2 + 23p3 (mod 26)
C1 9 18 10 p1
C2 = 16 21 1 p2 (mod 26)
C3 5 12 23 p3
5353
18 9 18 10 14
21 = 16 21 1 8 (mod 26)
9 5 12 23 19
I canrsquot do it
8 2 0 13 19 3 14 8 19
4 9 18 10 8
14 = 16 21 1 2 (mod 26)
12 5 12 23 0
19 9 18 10 13
12 = 16 21 1 19 (mod 26)
14 5 12 23 3
EOM TMY SVJ
5454
Hill ndash key is matrixHill ndash key is matrix
k11 k12 k13k11 k12 k13
k21 k22 k23k21 k22 k23
k31 k32 k33k31 k32 k33
Generalize to any size larger blocksGeneralize to any size larger blocks
Matrix must be invertibleMatrix must be invertible
5555
Hill ndash Important ObservationHill ndash Important ObservationF r i d a y
a b c d e f g h I j k l m n o p q r s t u v w
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22
x y z
23 24 25
3131
Attacking CAESER CipherAttacking CAESER Cipher
Substitute a value of key k from 0 to 25 and stop when english message is obtainedExercise attack the ciphertext
PHHW PH DIWHU WKH WRJD SDUWB
3232
Attack resultsAttack results
CAESER too easy to attack
Why
3333
Attack resultsAttack results
Adapted from Cryptography and network security Adapted from Cryptography and network security by William Stallingsby William Stallings
3434
Modification to CaeserModification to Caeser1048713
Ideainstead of shifting the letters with a fixed amount how about allowing any permutation of the alphabet
Plain a b c d e f g h I j k l m n o p q r s t u v w x y zCipher D K V Q F I B J W P E S C X H T M Y A U O L R G Z N
Plaintext if we wish to replace lettersCiphertext WI RF RWAJ UH YFTSDVF SFUUFYA1048713This is called monoalphabetic susbstitution cipherndasha single alphabet is usedThe increase in the number of keys is dramatic 26 ie more than 4x1026 possible keysCompare DES only has an order of 1016possible keys
Adapted from Cryptography and network security by William StallingsAdapted from Cryptography and network security by William Stallings
3535
3636
3737
3838
3939
4040
4141
4242
4343
4444
4545
4646
4747
4848
4949
5050
Hill CipherHill Cipher
5151
Hill CipherHill Cipher
Takes two or three or more letter Takes two or three or more letter combinations to the same size combinations to the same size combinations eg ldquotherdquo combinations eg ldquotherdquo ldquorqvrdquo ldquorqvrdquo
Uses simple linear equationsUses simple linear equations An example of a ldquoblockrdquo cipher An example of a ldquoblockrdquo cipher
encrypting a block of text at a timeencrypting a block of text at a time Numbered alphabet a = 0 b = 1 c = Numbered alphabet a = 0 b = 1 c =
3 etc3 etc(in CAP use ASCII code)(in CAP use ASCII code)
5252
ExampleExample
C1 = 9p1 + 18p2 + 10p3 (mod 26)
C2 = 16p1 + 21p2 + 1p3 (mod 26)
C3 = 5p1 + 12p2 + 23p3 (mod 26)
C1 9 18 10 p1
C2 = 16 21 1 p2 (mod 26)
C3 5 12 23 p3
5353
18 9 18 10 14
21 = 16 21 1 8 (mod 26)
9 5 12 23 19
I canrsquot do it
8 2 0 13 19 3 14 8 19
4 9 18 10 8
14 = 16 21 1 2 (mod 26)
12 5 12 23 0
19 9 18 10 13
12 = 16 21 1 19 (mod 26)
14 5 12 23 3
EOM TMY SVJ
5454
Hill ndash key is matrixHill ndash key is matrix
k11 k12 k13k11 k12 k13
k21 k22 k23k21 k22 k23
k31 k32 k33k31 k32 k33
Generalize to any size larger blocksGeneralize to any size larger blocks
Matrix must be invertibleMatrix must be invertible
5555
Hill ndash Important ObservationHill ndash Important ObservationF r i d a y
a b c d e f g h I j k l m n o p q r s t u v w
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22
x y z
23 24 25
3232
Attack resultsAttack results
CAESER too easy to attack
Why
3333
Attack resultsAttack results
Adapted from Cryptography and network security Adapted from Cryptography and network security by William Stallingsby William Stallings
3434
Modification to CaeserModification to Caeser1048713
Ideainstead of shifting the letters with a fixed amount how about allowing any permutation of the alphabet
Plain a b c d e f g h I j k l m n o p q r s t u v w x y zCipher D K V Q F I B J W P E S C X H T M Y A U O L R G Z N
Plaintext if we wish to replace lettersCiphertext WI RF RWAJ UH YFTSDVF SFUUFYA1048713This is called monoalphabetic susbstitution cipherndasha single alphabet is usedThe increase in the number of keys is dramatic 26 ie more than 4x1026 possible keysCompare DES only has an order of 1016possible keys
Adapted from Cryptography and network security by William StallingsAdapted from Cryptography and network security by William Stallings
3535
3636
3737
3838
3939
4040
4141
4242
4343
4444
4545
4646
4747
4848
4949
5050
Hill CipherHill Cipher
5151
Hill CipherHill Cipher
Takes two or three or more letter Takes two or three or more letter combinations to the same size combinations to the same size combinations eg ldquotherdquo combinations eg ldquotherdquo ldquorqvrdquo ldquorqvrdquo
Uses simple linear equationsUses simple linear equations An example of a ldquoblockrdquo cipher An example of a ldquoblockrdquo cipher
encrypting a block of text at a timeencrypting a block of text at a time Numbered alphabet a = 0 b = 1 c = Numbered alphabet a = 0 b = 1 c =
3 etc3 etc(in CAP use ASCII code)(in CAP use ASCII code)
5252
ExampleExample
C1 = 9p1 + 18p2 + 10p3 (mod 26)
C2 = 16p1 + 21p2 + 1p3 (mod 26)
C3 = 5p1 + 12p2 + 23p3 (mod 26)
C1 9 18 10 p1
C2 = 16 21 1 p2 (mod 26)
C3 5 12 23 p3
5353
18 9 18 10 14
21 = 16 21 1 8 (mod 26)
9 5 12 23 19
I canrsquot do it
8 2 0 13 19 3 14 8 19
4 9 18 10 8
14 = 16 21 1 2 (mod 26)
12 5 12 23 0
19 9 18 10 13
12 = 16 21 1 19 (mod 26)
14 5 12 23 3
EOM TMY SVJ
5454
Hill ndash key is matrixHill ndash key is matrix
k11 k12 k13k11 k12 k13
k21 k22 k23k21 k22 k23
k31 k32 k33k31 k32 k33
Generalize to any size larger blocksGeneralize to any size larger blocks
Matrix must be invertibleMatrix must be invertible
5555
Hill ndash Important ObservationHill ndash Important ObservationF r i d a y
a b c d e f g h I j k l m n o p q r s t u v w
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22
x y z
23 24 25
3333
Attack resultsAttack results
Adapted from Cryptography and network security Adapted from Cryptography and network security by William Stallingsby William Stallings
3434
Modification to CaeserModification to Caeser1048713
Ideainstead of shifting the letters with a fixed amount how about allowing any permutation of the alphabet
Plain a b c d e f g h I j k l m n o p q r s t u v w x y zCipher D K V Q F I B J W P E S C X H T M Y A U O L R G Z N
Plaintext if we wish to replace lettersCiphertext WI RF RWAJ UH YFTSDVF SFUUFYA1048713This is called monoalphabetic susbstitution cipherndasha single alphabet is usedThe increase in the number of keys is dramatic 26 ie more than 4x1026 possible keysCompare DES only has an order of 1016possible keys
Adapted from Cryptography and network security by William StallingsAdapted from Cryptography and network security by William Stallings
3535
3636
3737
3838
3939
4040
4141
4242
4343
4444
4545
4646
4747
4848
4949
5050
Hill CipherHill Cipher
5151
Hill CipherHill Cipher
Takes two or three or more letter Takes two or three or more letter combinations to the same size combinations to the same size combinations eg ldquotherdquo combinations eg ldquotherdquo ldquorqvrdquo ldquorqvrdquo
Uses simple linear equationsUses simple linear equations An example of a ldquoblockrdquo cipher An example of a ldquoblockrdquo cipher
encrypting a block of text at a timeencrypting a block of text at a time Numbered alphabet a = 0 b = 1 c = Numbered alphabet a = 0 b = 1 c =
3 etc3 etc(in CAP use ASCII code)(in CAP use ASCII code)
5252
ExampleExample
C1 = 9p1 + 18p2 + 10p3 (mod 26)
C2 = 16p1 + 21p2 + 1p3 (mod 26)
C3 = 5p1 + 12p2 + 23p3 (mod 26)
C1 9 18 10 p1
C2 = 16 21 1 p2 (mod 26)
C3 5 12 23 p3
5353
18 9 18 10 14
21 = 16 21 1 8 (mod 26)
9 5 12 23 19
I canrsquot do it
8 2 0 13 19 3 14 8 19
4 9 18 10 8
14 = 16 21 1 2 (mod 26)
12 5 12 23 0
19 9 18 10 13
12 = 16 21 1 19 (mod 26)
14 5 12 23 3
EOM TMY SVJ
5454
Hill ndash key is matrixHill ndash key is matrix
k11 k12 k13k11 k12 k13
k21 k22 k23k21 k22 k23
k31 k32 k33k31 k32 k33
Generalize to any size larger blocksGeneralize to any size larger blocks
Matrix must be invertibleMatrix must be invertible
5555
Hill ndash Important ObservationHill ndash Important ObservationF r i d a y
a b c d e f g h I j k l m n o p q r s t u v w
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22
x y z
23 24 25
3434
Modification to CaeserModification to Caeser1048713
Ideainstead of shifting the letters with a fixed amount how about allowing any permutation of the alphabet
Plain a b c d e f g h I j k l m n o p q r s t u v w x y zCipher D K V Q F I B J W P E S C X H T M Y A U O L R G Z N
Plaintext if we wish to replace lettersCiphertext WI RF RWAJ UH YFTSDVF SFUUFYA1048713This is called monoalphabetic susbstitution cipherndasha single alphabet is usedThe increase in the number of keys is dramatic 26 ie more than 4x1026 possible keysCompare DES only has an order of 1016possible keys
Adapted from Cryptography and network security by William StallingsAdapted from Cryptography and network security by William Stallings
3535
3636
3737
3838
3939
4040
4141
4242
4343
4444
4545
4646
4747
4848
4949
5050
Hill CipherHill Cipher
5151
Hill CipherHill Cipher
Takes two or three or more letter Takes two or three or more letter combinations to the same size combinations to the same size combinations eg ldquotherdquo combinations eg ldquotherdquo ldquorqvrdquo ldquorqvrdquo
Uses simple linear equationsUses simple linear equations An example of a ldquoblockrdquo cipher An example of a ldquoblockrdquo cipher
encrypting a block of text at a timeencrypting a block of text at a time Numbered alphabet a = 0 b = 1 c = Numbered alphabet a = 0 b = 1 c =
3 etc3 etc(in CAP use ASCII code)(in CAP use ASCII code)
5252
ExampleExample
C1 = 9p1 + 18p2 + 10p3 (mod 26)
C2 = 16p1 + 21p2 + 1p3 (mod 26)
C3 = 5p1 + 12p2 + 23p3 (mod 26)
C1 9 18 10 p1
C2 = 16 21 1 p2 (mod 26)
C3 5 12 23 p3
5353
18 9 18 10 14
21 = 16 21 1 8 (mod 26)
9 5 12 23 19
I canrsquot do it
8 2 0 13 19 3 14 8 19
4 9 18 10 8
14 = 16 21 1 2 (mod 26)
12 5 12 23 0
19 9 18 10 13
12 = 16 21 1 19 (mod 26)
14 5 12 23 3
EOM TMY SVJ
5454
Hill ndash key is matrixHill ndash key is matrix
k11 k12 k13k11 k12 k13
k21 k22 k23k21 k22 k23
k31 k32 k33k31 k32 k33
Generalize to any size larger blocksGeneralize to any size larger blocks
Matrix must be invertibleMatrix must be invertible
5555
Hill ndash Important ObservationHill ndash Important ObservationF r i d a y
a b c d e f g h I j k l m n o p q r s t u v w
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22
x y z
23 24 25
3535
3636
3737
3838
3939
4040
4141
4242
4343
4444
4545
4646
4747
4848
4949
5050
Hill CipherHill Cipher
5151
Hill CipherHill Cipher
Takes two or three or more letter Takes two or three or more letter combinations to the same size combinations to the same size combinations eg ldquotherdquo combinations eg ldquotherdquo ldquorqvrdquo ldquorqvrdquo
Uses simple linear equationsUses simple linear equations An example of a ldquoblockrdquo cipher An example of a ldquoblockrdquo cipher
encrypting a block of text at a timeencrypting a block of text at a time Numbered alphabet a = 0 b = 1 c = Numbered alphabet a = 0 b = 1 c =
3 etc3 etc(in CAP use ASCII code)(in CAP use ASCII code)
5252
ExampleExample
C1 = 9p1 + 18p2 + 10p3 (mod 26)
C2 = 16p1 + 21p2 + 1p3 (mod 26)
C3 = 5p1 + 12p2 + 23p3 (mod 26)
C1 9 18 10 p1
C2 = 16 21 1 p2 (mod 26)
C3 5 12 23 p3
5353
18 9 18 10 14
21 = 16 21 1 8 (mod 26)
9 5 12 23 19
I canrsquot do it
8 2 0 13 19 3 14 8 19
4 9 18 10 8
14 = 16 21 1 2 (mod 26)
12 5 12 23 0
19 9 18 10 13
12 = 16 21 1 19 (mod 26)
14 5 12 23 3
EOM TMY SVJ
5454
Hill ndash key is matrixHill ndash key is matrix
k11 k12 k13k11 k12 k13
k21 k22 k23k21 k22 k23
k31 k32 k33k31 k32 k33
Generalize to any size larger blocksGeneralize to any size larger blocks
Matrix must be invertibleMatrix must be invertible
5555
Hill ndash Important ObservationHill ndash Important ObservationF r i d a y
a b c d e f g h I j k l m n o p q r s t u v w
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22
x y z
23 24 25
3636
3737
3838
3939
4040
4141
4242
4343
4444
4545
4646
4747
4848
4949
5050
Hill CipherHill Cipher
5151
Hill CipherHill Cipher
Takes two or three or more letter Takes two or three or more letter combinations to the same size combinations to the same size combinations eg ldquotherdquo combinations eg ldquotherdquo ldquorqvrdquo ldquorqvrdquo
Uses simple linear equationsUses simple linear equations An example of a ldquoblockrdquo cipher An example of a ldquoblockrdquo cipher
encrypting a block of text at a timeencrypting a block of text at a time Numbered alphabet a = 0 b = 1 c = Numbered alphabet a = 0 b = 1 c =
3 etc3 etc(in CAP use ASCII code)(in CAP use ASCII code)
5252
ExampleExample
C1 = 9p1 + 18p2 + 10p3 (mod 26)
C2 = 16p1 + 21p2 + 1p3 (mod 26)
C3 = 5p1 + 12p2 + 23p3 (mod 26)
C1 9 18 10 p1
C2 = 16 21 1 p2 (mod 26)
C3 5 12 23 p3
5353
18 9 18 10 14
21 = 16 21 1 8 (mod 26)
9 5 12 23 19
I canrsquot do it
8 2 0 13 19 3 14 8 19
4 9 18 10 8
14 = 16 21 1 2 (mod 26)
12 5 12 23 0
19 9 18 10 13
12 = 16 21 1 19 (mod 26)
14 5 12 23 3
EOM TMY SVJ
5454
Hill ndash key is matrixHill ndash key is matrix
k11 k12 k13k11 k12 k13
k21 k22 k23k21 k22 k23
k31 k32 k33k31 k32 k33
Generalize to any size larger blocksGeneralize to any size larger blocks
Matrix must be invertibleMatrix must be invertible
5555
Hill ndash Important ObservationHill ndash Important ObservationF r i d a y
a b c d e f g h I j k l m n o p q r s t u v w
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22
x y z
23 24 25
3737
3838
3939
4040
4141
4242
4343
4444
4545
4646
4747
4848
4949
5050
Hill CipherHill Cipher
5151
Hill CipherHill Cipher
Takes two or three or more letter Takes two or three or more letter combinations to the same size combinations to the same size combinations eg ldquotherdquo combinations eg ldquotherdquo ldquorqvrdquo ldquorqvrdquo
Uses simple linear equationsUses simple linear equations An example of a ldquoblockrdquo cipher An example of a ldquoblockrdquo cipher
encrypting a block of text at a timeencrypting a block of text at a time Numbered alphabet a = 0 b = 1 c = Numbered alphabet a = 0 b = 1 c =
3 etc3 etc(in CAP use ASCII code)(in CAP use ASCII code)
5252
ExampleExample
C1 = 9p1 + 18p2 + 10p3 (mod 26)
C2 = 16p1 + 21p2 + 1p3 (mod 26)
C3 = 5p1 + 12p2 + 23p3 (mod 26)
C1 9 18 10 p1
C2 = 16 21 1 p2 (mod 26)
C3 5 12 23 p3
5353
18 9 18 10 14
21 = 16 21 1 8 (mod 26)
9 5 12 23 19
I canrsquot do it
8 2 0 13 19 3 14 8 19
4 9 18 10 8
14 = 16 21 1 2 (mod 26)
12 5 12 23 0
19 9 18 10 13
12 = 16 21 1 19 (mod 26)
14 5 12 23 3
EOM TMY SVJ
5454
Hill ndash key is matrixHill ndash key is matrix
k11 k12 k13k11 k12 k13
k21 k22 k23k21 k22 k23
k31 k32 k33k31 k32 k33
Generalize to any size larger blocksGeneralize to any size larger blocks
Matrix must be invertibleMatrix must be invertible
5555
Hill ndash Important ObservationHill ndash Important ObservationF r i d a y
a b c d e f g h I j k l m n o p q r s t u v w
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22
x y z
23 24 25
3838
3939
4040
4141
4242
4343
4444
4545
4646
4747
4848
4949
5050
Hill CipherHill Cipher
5151
Hill CipherHill Cipher
Takes two or three or more letter Takes two or three or more letter combinations to the same size combinations to the same size combinations eg ldquotherdquo combinations eg ldquotherdquo ldquorqvrdquo ldquorqvrdquo
Uses simple linear equationsUses simple linear equations An example of a ldquoblockrdquo cipher An example of a ldquoblockrdquo cipher
encrypting a block of text at a timeencrypting a block of text at a time Numbered alphabet a = 0 b = 1 c = Numbered alphabet a = 0 b = 1 c =
3 etc3 etc(in CAP use ASCII code)(in CAP use ASCII code)
5252
ExampleExample
C1 = 9p1 + 18p2 + 10p3 (mod 26)
C2 = 16p1 + 21p2 + 1p3 (mod 26)
C3 = 5p1 + 12p2 + 23p3 (mod 26)
C1 9 18 10 p1
C2 = 16 21 1 p2 (mod 26)
C3 5 12 23 p3
5353
18 9 18 10 14
21 = 16 21 1 8 (mod 26)
9 5 12 23 19
I canrsquot do it
8 2 0 13 19 3 14 8 19
4 9 18 10 8
14 = 16 21 1 2 (mod 26)
12 5 12 23 0
19 9 18 10 13
12 = 16 21 1 19 (mod 26)
14 5 12 23 3
EOM TMY SVJ
5454
Hill ndash key is matrixHill ndash key is matrix
k11 k12 k13k11 k12 k13
k21 k22 k23k21 k22 k23
k31 k32 k33k31 k32 k33
Generalize to any size larger blocksGeneralize to any size larger blocks
Matrix must be invertibleMatrix must be invertible
5555
Hill ndash Important ObservationHill ndash Important ObservationF r i d a y
a b c d e f g h I j k l m n o p q r s t u v w
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22
x y z
23 24 25
3939
4040
4141
4242
4343
4444
4545
4646
4747
4848
4949
5050
Hill CipherHill Cipher
5151
Hill CipherHill Cipher
Takes two or three or more letter Takes two or three or more letter combinations to the same size combinations to the same size combinations eg ldquotherdquo combinations eg ldquotherdquo ldquorqvrdquo ldquorqvrdquo
Uses simple linear equationsUses simple linear equations An example of a ldquoblockrdquo cipher An example of a ldquoblockrdquo cipher
encrypting a block of text at a timeencrypting a block of text at a time Numbered alphabet a = 0 b = 1 c = Numbered alphabet a = 0 b = 1 c =
3 etc3 etc(in CAP use ASCII code)(in CAP use ASCII code)
5252
ExampleExample
C1 = 9p1 + 18p2 + 10p3 (mod 26)
C2 = 16p1 + 21p2 + 1p3 (mod 26)
C3 = 5p1 + 12p2 + 23p3 (mod 26)
C1 9 18 10 p1
C2 = 16 21 1 p2 (mod 26)
C3 5 12 23 p3
5353
18 9 18 10 14
21 = 16 21 1 8 (mod 26)
9 5 12 23 19
I canrsquot do it
8 2 0 13 19 3 14 8 19
4 9 18 10 8
14 = 16 21 1 2 (mod 26)
12 5 12 23 0
19 9 18 10 13
12 = 16 21 1 19 (mod 26)
14 5 12 23 3
EOM TMY SVJ
5454
Hill ndash key is matrixHill ndash key is matrix
k11 k12 k13k11 k12 k13
k21 k22 k23k21 k22 k23
k31 k32 k33k31 k32 k33
Generalize to any size larger blocksGeneralize to any size larger blocks
Matrix must be invertibleMatrix must be invertible
5555
Hill ndash Important ObservationHill ndash Important ObservationF r i d a y
a b c d e f g h I j k l m n o p q r s t u v w
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22
x y z
23 24 25
4040
4141
4242
4343
4444
4545
4646
4747
4848
4949
5050
Hill CipherHill Cipher
5151
Hill CipherHill Cipher
Takes two or three or more letter Takes two or three or more letter combinations to the same size combinations to the same size combinations eg ldquotherdquo combinations eg ldquotherdquo ldquorqvrdquo ldquorqvrdquo
Uses simple linear equationsUses simple linear equations An example of a ldquoblockrdquo cipher An example of a ldquoblockrdquo cipher
encrypting a block of text at a timeencrypting a block of text at a time Numbered alphabet a = 0 b = 1 c = Numbered alphabet a = 0 b = 1 c =
3 etc3 etc(in CAP use ASCII code)(in CAP use ASCII code)
5252
ExampleExample
C1 = 9p1 + 18p2 + 10p3 (mod 26)
C2 = 16p1 + 21p2 + 1p3 (mod 26)
C3 = 5p1 + 12p2 + 23p3 (mod 26)
C1 9 18 10 p1
C2 = 16 21 1 p2 (mod 26)
C3 5 12 23 p3
5353
18 9 18 10 14
21 = 16 21 1 8 (mod 26)
9 5 12 23 19
I canrsquot do it
8 2 0 13 19 3 14 8 19
4 9 18 10 8
14 = 16 21 1 2 (mod 26)
12 5 12 23 0
19 9 18 10 13
12 = 16 21 1 19 (mod 26)
14 5 12 23 3
EOM TMY SVJ
5454
Hill ndash key is matrixHill ndash key is matrix
k11 k12 k13k11 k12 k13
k21 k22 k23k21 k22 k23
k31 k32 k33k31 k32 k33
Generalize to any size larger blocksGeneralize to any size larger blocks
Matrix must be invertibleMatrix must be invertible
5555
Hill ndash Important ObservationHill ndash Important ObservationF r i d a y
a b c d e f g h I j k l m n o p q r s t u v w
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22
x y z
23 24 25
4141
4242
4343
4444
4545
4646
4747
4848
4949
5050
Hill CipherHill Cipher
5151
Hill CipherHill Cipher
Takes two or three or more letter Takes two or three or more letter combinations to the same size combinations to the same size combinations eg ldquotherdquo combinations eg ldquotherdquo ldquorqvrdquo ldquorqvrdquo
Uses simple linear equationsUses simple linear equations An example of a ldquoblockrdquo cipher An example of a ldquoblockrdquo cipher
encrypting a block of text at a timeencrypting a block of text at a time Numbered alphabet a = 0 b = 1 c = Numbered alphabet a = 0 b = 1 c =
3 etc3 etc(in CAP use ASCII code)(in CAP use ASCII code)
5252
ExampleExample
C1 = 9p1 + 18p2 + 10p3 (mod 26)
C2 = 16p1 + 21p2 + 1p3 (mod 26)
C3 = 5p1 + 12p2 + 23p3 (mod 26)
C1 9 18 10 p1
C2 = 16 21 1 p2 (mod 26)
C3 5 12 23 p3
5353
18 9 18 10 14
21 = 16 21 1 8 (mod 26)
9 5 12 23 19
I canrsquot do it
8 2 0 13 19 3 14 8 19
4 9 18 10 8
14 = 16 21 1 2 (mod 26)
12 5 12 23 0
19 9 18 10 13
12 = 16 21 1 19 (mod 26)
14 5 12 23 3
EOM TMY SVJ
5454
Hill ndash key is matrixHill ndash key is matrix
k11 k12 k13k11 k12 k13
k21 k22 k23k21 k22 k23
k31 k32 k33k31 k32 k33
Generalize to any size larger blocksGeneralize to any size larger blocks
Matrix must be invertibleMatrix must be invertible
5555
Hill ndash Important ObservationHill ndash Important ObservationF r i d a y
a b c d e f g h I j k l m n o p q r s t u v w
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22
x y z
23 24 25
4242
4343
4444
4545
4646
4747
4848
4949
5050
Hill CipherHill Cipher
5151
Hill CipherHill Cipher
Takes two or three or more letter Takes two or three or more letter combinations to the same size combinations to the same size combinations eg ldquotherdquo combinations eg ldquotherdquo ldquorqvrdquo ldquorqvrdquo
Uses simple linear equationsUses simple linear equations An example of a ldquoblockrdquo cipher An example of a ldquoblockrdquo cipher
encrypting a block of text at a timeencrypting a block of text at a time Numbered alphabet a = 0 b = 1 c = Numbered alphabet a = 0 b = 1 c =
3 etc3 etc(in CAP use ASCII code)(in CAP use ASCII code)
5252
ExampleExample
C1 = 9p1 + 18p2 + 10p3 (mod 26)
C2 = 16p1 + 21p2 + 1p3 (mod 26)
C3 = 5p1 + 12p2 + 23p3 (mod 26)
C1 9 18 10 p1
C2 = 16 21 1 p2 (mod 26)
C3 5 12 23 p3
5353
18 9 18 10 14
21 = 16 21 1 8 (mod 26)
9 5 12 23 19
I canrsquot do it
8 2 0 13 19 3 14 8 19
4 9 18 10 8
14 = 16 21 1 2 (mod 26)
12 5 12 23 0
19 9 18 10 13
12 = 16 21 1 19 (mod 26)
14 5 12 23 3
EOM TMY SVJ
5454
Hill ndash key is matrixHill ndash key is matrix
k11 k12 k13k11 k12 k13
k21 k22 k23k21 k22 k23
k31 k32 k33k31 k32 k33
Generalize to any size larger blocksGeneralize to any size larger blocks
Matrix must be invertibleMatrix must be invertible
5555
Hill ndash Important ObservationHill ndash Important ObservationF r i d a y
a b c d e f g h I j k l m n o p q r s t u v w
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22
x y z
23 24 25
4343
4444
4545
4646
4747
4848
4949
5050
Hill CipherHill Cipher
5151
Hill CipherHill Cipher
Takes two or three or more letter Takes two or three or more letter combinations to the same size combinations to the same size combinations eg ldquotherdquo combinations eg ldquotherdquo ldquorqvrdquo ldquorqvrdquo
Uses simple linear equationsUses simple linear equations An example of a ldquoblockrdquo cipher An example of a ldquoblockrdquo cipher
encrypting a block of text at a timeencrypting a block of text at a time Numbered alphabet a = 0 b = 1 c = Numbered alphabet a = 0 b = 1 c =
3 etc3 etc(in CAP use ASCII code)(in CAP use ASCII code)
5252
ExampleExample
C1 = 9p1 + 18p2 + 10p3 (mod 26)
C2 = 16p1 + 21p2 + 1p3 (mod 26)
C3 = 5p1 + 12p2 + 23p3 (mod 26)
C1 9 18 10 p1
C2 = 16 21 1 p2 (mod 26)
C3 5 12 23 p3
5353
18 9 18 10 14
21 = 16 21 1 8 (mod 26)
9 5 12 23 19
I canrsquot do it
8 2 0 13 19 3 14 8 19
4 9 18 10 8
14 = 16 21 1 2 (mod 26)
12 5 12 23 0
19 9 18 10 13
12 = 16 21 1 19 (mod 26)
14 5 12 23 3
EOM TMY SVJ
5454
Hill ndash key is matrixHill ndash key is matrix
k11 k12 k13k11 k12 k13
k21 k22 k23k21 k22 k23
k31 k32 k33k31 k32 k33
Generalize to any size larger blocksGeneralize to any size larger blocks
Matrix must be invertibleMatrix must be invertible
5555
Hill ndash Important ObservationHill ndash Important ObservationF r i d a y
a b c d e f g h I j k l m n o p q r s t u v w
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22
x y z
23 24 25
4444
4545
4646
4747
4848
4949
5050
Hill CipherHill Cipher
5151
Hill CipherHill Cipher
Takes two or three or more letter Takes two or three or more letter combinations to the same size combinations to the same size combinations eg ldquotherdquo combinations eg ldquotherdquo ldquorqvrdquo ldquorqvrdquo
Uses simple linear equationsUses simple linear equations An example of a ldquoblockrdquo cipher An example of a ldquoblockrdquo cipher
encrypting a block of text at a timeencrypting a block of text at a time Numbered alphabet a = 0 b = 1 c = Numbered alphabet a = 0 b = 1 c =
3 etc3 etc(in CAP use ASCII code)(in CAP use ASCII code)
5252
ExampleExample
C1 = 9p1 + 18p2 + 10p3 (mod 26)
C2 = 16p1 + 21p2 + 1p3 (mod 26)
C3 = 5p1 + 12p2 + 23p3 (mod 26)
C1 9 18 10 p1
C2 = 16 21 1 p2 (mod 26)
C3 5 12 23 p3
5353
18 9 18 10 14
21 = 16 21 1 8 (mod 26)
9 5 12 23 19
I canrsquot do it
8 2 0 13 19 3 14 8 19
4 9 18 10 8
14 = 16 21 1 2 (mod 26)
12 5 12 23 0
19 9 18 10 13
12 = 16 21 1 19 (mod 26)
14 5 12 23 3
EOM TMY SVJ
5454
Hill ndash key is matrixHill ndash key is matrix
k11 k12 k13k11 k12 k13
k21 k22 k23k21 k22 k23
k31 k32 k33k31 k32 k33
Generalize to any size larger blocksGeneralize to any size larger blocks
Matrix must be invertibleMatrix must be invertible
5555
Hill ndash Important ObservationHill ndash Important ObservationF r i d a y
a b c d e f g h I j k l m n o p q r s t u v w
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22
x y z
23 24 25
4545
4646
4747
4848
4949
5050
Hill CipherHill Cipher
5151
Hill CipherHill Cipher
Takes two or three or more letter Takes two or three or more letter combinations to the same size combinations to the same size combinations eg ldquotherdquo combinations eg ldquotherdquo ldquorqvrdquo ldquorqvrdquo
Uses simple linear equationsUses simple linear equations An example of a ldquoblockrdquo cipher An example of a ldquoblockrdquo cipher
encrypting a block of text at a timeencrypting a block of text at a time Numbered alphabet a = 0 b = 1 c = Numbered alphabet a = 0 b = 1 c =
3 etc3 etc(in CAP use ASCII code)(in CAP use ASCII code)
5252
ExampleExample
C1 = 9p1 + 18p2 + 10p3 (mod 26)
C2 = 16p1 + 21p2 + 1p3 (mod 26)
C3 = 5p1 + 12p2 + 23p3 (mod 26)
C1 9 18 10 p1
C2 = 16 21 1 p2 (mod 26)
C3 5 12 23 p3
5353
18 9 18 10 14
21 = 16 21 1 8 (mod 26)
9 5 12 23 19
I canrsquot do it
8 2 0 13 19 3 14 8 19
4 9 18 10 8
14 = 16 21 1 2 (mod 26)
12 5 12 23 0
19 9 18 10 13
12 = 16 21 1 19 (mod 26)
14 5 12 23 3
EOM TMY SVJ
5454
Hill ndash key is matrixHill ndash key is matrix
k11 k12 k13k11 k12 k13
k21 k22 k23k21 k22 k23
k31 k32 k33k31 k32 k33
Generalize to any size larger blocksGeneralize to any size larger blocks
Matrix must be invertibleMatrix must be invertible
5555
Hill ndash Important ObservationHill ndash Important ObservationF r i d a y
a b c d e f g h I j k l m n o p q r s t u v w
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22
x y z
23 24 25
4646
4747
4848
4949
5050
Hill CipherHill Cipher
5151
Hill CipherHill Cipher
Takes two or three or more letter Takes two or three or more letter combinations to the same size combinations to the same size combinations eg ldquotherdquo combinations eg ldquotherdquo ldquorqvrdquo ldquorqvrdquo
Uses simple linear equationsUses simple linear equations An example of a ldquoblockrdquo cipher An example of a ldquoblockrdquo cipher
encrypting a block of text at a timeencrypting a block of text at a time Numbered alphabet a = 0 b = 1 c = Numbered alphabet a = 0 b = 1 c =
3 etc3 etc(in CAP use ASCII code)(in CAP use ASCII code)
5252
ExampleExample
C1 = 9p1 + 18p2 + 10p3 (mod 26)
C2 = 16p1 + 21p2 + 1p3 (mod 26)
C3 = 5p1 + 12p2 + 23p3 (mod 26)
C1 9 18 10 p1
C2 = 16 21 1 p2 (mod 26)
C3 5 12 23 p3
5353
18 9 18 10 14
21 = 16 21 1 8 (mod 26)
9 5 12 23 19
I canrsquot do it
8 2 0 13 19 3 14 8 19
4 9 18 10 8
14 = 16 21 1 2 (mod 26)
12 5 12 23 0
19 9 18 10 13
12 = 16 21 1 19 (mod 26)
14 5 12 23 3
EOM TMY SVJ
5454
Hill ndash key is matrixHill ndash key is matrix
k11 k12 k13k11 k12 k13
k21 k22 k23k21 k22 k23
k31 k32 k33k31 k32 k33
Generalize to any size larger blocksGeneralize to any size larger blocks
Matrix must be invertibleMatrix must be invertible
5555
Hill ndash Important ObservationHill ndash Important ObservationF r i d a y
a b c d e f g h I j k l m n o p q r s t u v w
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22
x y z
23 24 25
4747
4848
4949
5050
Hill CipherHill Cipher
5151
Hill CipherHill Cipher
Takes two or three or more letter Takes two or three or more letter combinations to the same size combinations to the same size combinations eg ldquotherdquo combinations eg ldquotherdquo ldquorqvrdquo ldquorqvrdquo
Uses simple linear equationsUses simple linear equations An example of a ldquoblockrdquo cipher An example of a ldquoblockrdquo cipher
encrypting a block of text at a timeencrypting a block of text at a time Numbered alphabet a = 0 b = 1 c = Numbered alphabet a = 0 b = 1 c =
3 etc3 etc(in CAP use ASCII code)(in CAP use ASCII code)
5252
ExampleExample
C1 = 9p1 + 18p2 + 10p3 (mod 26)
C2 = 16p1 + 21p2 + 1p3 (mod 26)
C3 = 5p1 + 12p2 + 23p3 (mod 26)
C1 9 18 10 p1
C2 = 16 21 1 p2 (mod 26)
C3 5 12 23 p3
5353
18 9 18 10 14
21 = 16 21 1 8 (mod 26)
9 5 12 23 19
I canrsquot do it
8 2 0 13 19 3 14 8 19
4 9 18 10 8
14 = 16 21 1 2 (mod 26)
12 5 12 23 0
19 9 18 10 13
12 = 16 21 1 19 (mod 26)
14 5 12 23 3
EOM TMY SVJ
5454
Hill ndash key is matrixHill ndash key is matrix
k11 k12 k13k11 k12 k13
k21 k22 k23k21 k22 k23
k31 k32 k33k31 k32 k33
Generalize to any size larger blocksGeneralize to any size larger blocks
Matrix must be invertibleMatrix must be invertible
5555
Hill ndash Important ObservationHill ndash Important ObservationF r i d a y
a b c d e f g h I j k l m n o p q r s t u v w
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22
x y z
23 24 25
4848
4949
5050
Hill CipherHill Cipher
5151
Hill CipherHill Cipher
Takes two or three or more letter Takes two or three or more letter combinations to the same size combinations to the same size combinations eg ldquotherdquo combinations eg ldquotherdquo ldquorqvrdquo ldquorqvrdquo
Uses simple linear equationsUses simple linear equations An example of a ldquoblockrdquo cipher An example of a ldquoblockrdquo cipher
encrypting a block of text at a timeencrypting a block of text at a time Numbered alphabet a = 0 b = 1 c = Numbered alphabet a = 0 b = 1 c =
3 etc3 etc(in CAP use ASCII code)(in CAP use ASCII code)
5252
ExampleExample
C1 = 9p1 + 18p2 + 10p3 (mod 26)
C2 = 16p1 + 21p2 + 1p3 (mod 26)
C3 = 5p1 + 12p2 + 23p3 (mod 26)
C1 9 18 10 p1
C2 = 16 21 1 p2 (mod 26)
C3 5 12 23 p3
5353
18 9 18 10 14
21 = 16 21 1 8 (mod 26)
9 5 12 23 19
I canrsquot do it
8 2 0 13 19 3 14 8 19
4 9 18 10 8
14 = 16 21 1 2 (mod 26)
12 5 12 23 0
19 9 18 10 13
12 = 16 21 1 19 (mod 26)
14 5 12 23 3
EOM TMY SVJ
5454
Hill ndash key is matrixHill ndash key is matrix
k11 k12 k13k11 k12 k13
k21 k22 k23k21 k22 k23
k31 k32 k33k31 k32 k33
Generalize to any size larger blocksGeneralize to any size larger blocks
Matrix must be invertibleMatrix must be invertible
5555
Hill ndash Important ObservationHill ndash Important ObservationF r i d a y
a b c d e f g h I j k l m n o p q r s t u v w
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22
x y z
23 24 25
4949
5050
Hill CipherHill Cipher
5151
Hill CipherHill Cipher
Takes two or three or more letter Takes two or three or more letter combinations to the same size combinations to the same size combinations eg ldquotherdquo combinations eg ldquotherdquo ldquorqvrdquo ldquorqvrdquo
Uses simple linear equationsUses simple linear equations An example of a ldquoblockrdquo cipher An example of a ldquoblockrdquo cipher
encrypting a block of text at a timeencrypting a block of text at a time Numbered alphabet a = 0 b = 1 c = Numbered alphabet a = 0 b = 1 c =
3 etc3 etc(in CAP use ASCII code)(in CAP use ASCII code)
5252
ExampleExample
C1 = 9p1 + 18p2 + 10p3 (mod 26)
C2 = 16p1 + 21p2 + 1p3 (mod 26)
C3 = 5p1 + 12p2 + 23p3 (mod 26)
C1 9 18 10 p1
C2 = 16 21 1 p2 (mod 26)
C3 5 12 23 p3
5353
18 9 18 10 14
21 = 16 21 1 8 (mod 26)
9 5 12 23 19
I canrsquot do it
8 2 0 13 19 3 14 8 19
4 9 18 10 8
14 = 16 21 1 2 (mod 26)
12 5 12 23 0
19 9 18 10 13
12 = 16 21 1 19 (mod 26)
14 5 12 23 3
EOM TMY SVJ
5454
Hill ndash key is matrixHill ndash key is matrix
k11 k12 k13k11 k12 k13
k21 k22 k23k21 k22 k23
k31 k32 k33k31 k32 k33
Generalize to any size larger blocksGeneralize to any size larger blocks
Matrix must be invertibleMatrix must be invertible
5555
Hill ndash Important ObservationHill ndash Important ObservationF r i d a y
a b c d e f g h I j k l m n o p q r s t u v w
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22
x y z
23 24 25
5050
Hill CipherHill Cipher
5151
Hill CipherHill Cipher
Takes two or three or more letter Takes two or three or more letter combinations to the same size combinations to the same size combinations eg ldquotherdquo combinations eg ldquotherdquo ldquorqvrdquo ldquorqvrdquo
Uses simple linear equationsUses simple linear equations An example of a ldquoblockrdquo cipher An example of a ldquoblockrdquo cipher
encrypting a block of text at a timeencrypting a block of text at a time Numbered alphabet a = 0 b = 1 c = Numbered alphabet a = 0 b = 1 c =
3 etc3 etc(in CAP use ASCII code)(in CAP use ASCII code)
5252
ExampleExample
C1 = 9p1 + 18p2 + 10p3 (mod 26)
C2 = 16p1 + 21p2 + 1p3 (mod 26)
C3 = 5p1 + 12p2 + 23p3 (mod 26)
C1 9 18 10 p1
C2 = 16 21 1 p2 (mod 26)
C3 5 12 23 p3
5353
18 9 18 10 14
21 = 16 21 1 8 (mod 26)
9 5 12 23 19
I canrsquot do it
8 2 0 13 19 3 14 8 19
4 9 18 10 8
14 = 16 21 1 2 (mod 26)
12 5 12 23 0
19 9 18 10 13
12 = 16 21 1 19 (mod 26)
14 5 12 23 3
EOM TMY SVJ
5454
Hill ndash key is matrixHill ndash key is matrix
k11 k12 k13k11 k12 k13
k21 k22 k23k21 k22 k23
k31 k32 k33k31 k32 k33
Generalize to any size larger blocksGeneralize to any size larger blocks
Matrix must be invertibleMatrix must be invertible
5555
Hill ndash Important ObservationHill ndash Important ObservationF r i d a y
a b c d e f g h I j k l m n o p q r s t u v w
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22
x y z
23 24 25
5151
Hill CipherHill Cipher
Takes two or three or more letter Takes two or three or more letter combinations to the same size combinations to the same size combinations eg ldquotherdquo combinations eg ldquotherdquo ldquorqvrdquo ldquorqvrdquo
Uses simple linear equationsUses simple linear equations An example of a ldquoblockrdquo cipher An example of a ldquoblockrdquo cipher
encrypting a block of text at a timeencrypting a block of text at a time Numbered alphabet a = 0 b = 1 c = Numbered alphabet a = 0 b = 1 c =
3 etc3 etc(in CAP use ASCII code)(in CAP use ASCII code)
5252
ExampleExample
C1 = 9p1 + 18p2 + 10p3 (mod 26)
C2 = 16p1 + 21p2 + 1p3 (mod 26)
C3 = 5p1 + 12p2 + 23p3 (mod 26)
C1 9 18 10 p1
C2 = 16 21 1 p2 (mod 26)
C3 5 12 23 p3
5353
18 9 18 10 14
21 = 16 21 1 8 (mod 26)
9 5 12 23 19
I canrsquot do it
8 2 0 13 19 3 14 8 19
4 9 18 10 8
14 = 16 21 1 2 (mod 26)
12 5 12 23 0
19 9 18 10 13
12 = 16 21 1 19 (mod 26)
14 5 12 23 3
EOM TMY SVJ
5454
Hill ndash key is matrixHill ndash key is matrix
k11 k12 k13k11 k12 k13
k21 k22 k23k21 k22 k23
k31 k32 k33k31 k32 k33
Generalize to any size larger blocksGeneralize to any size larger blocks
Matrix must be invertibleMatrix must be invertible
5555
Hill ndash Important ObservationHill ndash Important ObservationF r i d a y
a b c d e f g h I j k l m n o p q r s t u v w
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22
x y z
23 24 25
5252
ExampleExample
C1 = 9p1 + 18p2 + 10p3 (mod 26)
C2 = 16p1 + 21p2 + 1p3 (mod 26)
C3 = 5p1 + 12p2 + 23p3 (mod 26)
C1 9 18 10 p1
C2 = 16 21 1 p2 (mod 26)
C3 5 12 23 p3
5353
18 9 18 10 14
21 = 16 21 1 8 (mod 26)
9 5 12 23 19
I canrsquot do it
8 2 0 13 19 3 14 8 19
4 9 18 10 8
14 = 16 21 1 2 (mod 26)
12 5 12 23 0
19 9 18 10 13
12 = 16 21 1 19 (mod 26)
14 5 12 23 3
EOM TMY SVJ
5454
Hill ndash key is matrixHill ndash key is matrix
k11 k12 k13k11 k12 k13
k21 k22 k23k21 k22 k23
k31 k32 k33k31 k32 k33
Generalize to any size larger blocksGeneralize to any size larger blocks
Matrix must be invertibleMatrix must be invertible
5555
Hill ndash Important ObservationHill ndash Important ObservationF r i d a y
a b c d e f g h I j k l m n o p q r s t u v w
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22
x y z
23 24 25
5353
18 9 18 10 14
21 = 16 21 1 8 (mod 26)
9 5 12 23 19
I canrsquot do it
8 2 0 13 19 3 14 8 19
4 9 18 10 8
14 = 16 21 1 2 (mod 26)
12 5 12 23 0
19 9 18 10 13
12 = 16 21 1 19 (mod 26)
14 5 12 23 3
EOM TMY SVJ
5454
Hill ndash key is matrixHill ndash key is matrix
k11 k12 k13k11 k12 k13
k21 k22 k23k21 k22 k23
k31 k32 k33k31 k32 k33
Generalize to any size larger blocksGeneralize to any size larger blocks
Matrix must be invertibleMatrix must be invertible
5555
Hill ndash Important ObservationHill ndash Important ObservationF r i d a y
a b c d e f g h I j k l m n o p q r s t u v w
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22
x y z
23 24 25
5454
Hill ndash key is matrixHill ndash key is matrix
k11 k12 k13k11 k12 k13
k21 k22 k23k21 k22 k23
k31 k32 k33k31 k32 k33
Generalize to any size larger blocksGeneralize to any size larger blocks
Matrix must be invertibleMatrix must be invertible
5555
Hill ndash Important ObservationHill ndash Important ObservationF r i d a y
a b c d e f g h I j k l m n o p q r s t u v w
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22
x y z
23 24 25
5555
Hill ndash Important ObservationHill ndash Important ObservationF r i d a y
a b c d e f g h I j k l m n o p q r s t u v w
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22
x y z
23 24 25