6. cryptography:
Cryptography is the study of mathematical techniques related to
aspects of information security such as confidentiality, data
integrity, entity authentication, and data origin authentication.
Cryptography is not the only means of providing information
security, but rather one set of techniques.
Cryptography is the process of writing,using various
method(“ciphers”)to keep message secret
7. Crytographic goals:
CONFIDENTIALITY:
Confidentiality is a service used to keep the content of
information from all but those authorized to have it.
Secrecy is a term synonymous with confidentiality and
privacy.
There are numerous approaches to providing
confidentiality, ranging from physical protection to mathematical algorithms
which render data unintelligible.
DATA INTEGRITY:
Data integrity is a service which addresses the
unauthorized alteration of data.
To assure data integrity, one must have the ability to
detect data manipulation by unauthorized parties.
Data manipulation includes such things as insertion,
deletion, and substitution.
8. AUTHENTICATION:
Authentication is a service related to identification. This function
applies to both entities and information itself.
Two parties entering into a communication should identify each
other.
Information delivered over a channel should be authenticated as
to origin , date of origin, data content, time sent, etc.
For these reasons this aspect of cryptography is usually
subdivided into two major classes:
entity authentication & data origin authentication.
Data origin authentication implicitly provides data integrity
NON-REPUDIATION :
Non-repudiation is a service which prevents an entity from
denying previous commitments or actions.
When disputes arise due to an entity denying that certain actions
were taken, a means to resolve the situation is necessary.
9. History of cryptography:
Cryptography was concerned solely with message
confidentiality(encryption).
Conversion of message from a comprehensible form
into an incomprehensible one, rendering it unreadable by
interceptors without secret knowledge(decryption).
Encryption was used to ensure secrecy in
communication , such as military leaders & diplomats.
In recent days , it has expanded beyond
confidentiality concern include , digital signature, identity
authentication, interactive proof & secure computation.
10. Classic cryptography:
The earliest forms of secret writing required little more
than pen & paper analogs , as most people could not read.
The main classical cipher types are transposition cipher
, which arrange the order of letters in a message.
Transposition cipher
eg : hello world becomes “ehlol owrdl”.
substitution ciphers, which systematical replace letters
or group of letters.
substitution cipher
eg : fly at once becomes “gmz bu podf”
11. SECURITY OF ALGORITHM:
TOTAL BREAKS:
A cryptanalyst finds the key k ,such that
D k(c)=p.
K is a key factor
GLOBAL DEDUCTION:
A cryptanalyst finds the alternative algorithm ,
a equivalent to D k( c)
INSTANCE OR DEDUCTION:
A cryptanalyst finds the plain text of an intercepted cipher text
INFORMATION DEDUCTION:
A cryptanalyst gains the information about the key or plain text
. this information could be a few bit of the key.
12. TYPES OF ATTACKS TO THE CIPHER TEXT:
There are 4 attacks , namely
! Cipher text only attack
!! Known plaintext attack
!!!Cryptanalyst chosen cipher text
A. CIPHER TEXT-ONLY ATTACK:
c1=e k(p1)….c2=e k(p2)…….c i=e k(pi)
reduce : c i+1=e k(pi+1)
B. KNOWN PLAINTEXT ATTACK:
p1,c1=e k(p1),p2,c2=e k(p2)….pi c i=e k(pi)
reduce: pi+1 from ci+1=e k(pi+1)
C. cryptanalyst chosen plaintext attack:
pi , ci = ek (p1),pi , ci = ek (pi)
reduce: pi+1 from ci+1=ek(pi+1)
13. PROCEDURE OF ATTACKS:
DATA COMPLEXITY:
The amount of data needed as input to the attack
PROCESSING:
The time needed to perform the attack .
This is often called as work factor.
STORAGE REQUIREMENT:
The amount of memory needed to attack
14. Information security &
cryptography
To introduce cryptography, an understanding of issues related to
information security in general is necessary.
Information security manifests itself in many ways according to the
situation and requirement.
Regardless of who is involved, to one degree or another, all
parties to a
transaction must have confidence that certain objectives associated with
information security have been met.
15. Over the centuries, an elaborate set of protocols and mechanisms
has been created to deal with information security issues when the
information is conveyed by physical documents.
Often the objectives of information security cannot solely be
achieved through mathematical algorithms and protocols alone, but
require procedural techniques and abidance
of laws to achieve the desired result.
16. Basic terminology and concepts:
Sender and Receiver:
Suppose a sender wants to send a message to a receiver.
Moreover, this sender wants to send the message securely: She wants to make
sure an eavesdropper cannot read the message.
Messages and Encryption:
A message is plaintext (sometimes called clear text). The
process of disguising a message in such a way as to hide its substance is
encryption.
An encrypted message is cipher text. The process of turning
Cipher text back into plaintext is decryption.
(If you want to follow the ISO 7498-2 standard, use the terms
“encipher” and “decipher.” It seems that some cultures find the terms “encrypt”
and “decrypt” offensive, as they refer to dead bodies.)
17. The art and science of keeping messages secure is cryptography,
and it is practiced by cryptographers.
Cryptanalysts are practitioners of cryptanalysis, the art and
science of breaking cipher text.
The branch of mathematics encompassing both
cryptography and cryptanalysis is cryptology and its practitioners are
cryptologists.
Modern cryptologists are generally trained in theoretical
mathematics—they have to be.
18. Encryption and Decryption.
Plaintext is denoted by M, for message, or P, for plaintext.
It can be a stream of bits, a text file, a bitmap, a stream of digitized voice, a
digital video image.
As far as a computer is concerned, M is simply binary data.
The plaintext can be intended for either transmission or storage.
In any case,
M is the message to be encrypted.
Cipher text is denoted by C.
It is also binary data: sometimes the same size as M, sometimes
larger. (By combining encryption with compression, C may be smaller than M.
However, encryption does not accomplish this.)
19. The encryption function E, operates on M to produce C. Or, in
mathematical notation:
E(M) = C
In the reverse process, the decryption function D operates on
C to produce M:
D(C) = M
Since the whole point of encrypting and then decrypting a
message is to recover the original plaintext, the following identity
must hold true:
D(E(M)) = M
20. Notation:
p is the plaintext. This is the original readable
message(written in some standard language like english , french ,
hindi).
c is ciphertext .this is the output of some encryption scheme ,
and is not readable by humans.
E is the encryption function.
E(P)=C
EG. to mean that appling the encryption process E to the
plaintext P produces the ciphertext C.
D is the decryption function. Eg
D(C)=P.
NOTE:
D(E(P))=P & E(D(C))=C
21. The encryption key is the piece of data that allows the
computation of E.
similarly we have the decryption key .
These may or may not be same. they also may not be
secret.
To attack a cipher is to attempt unauthorized reading of
plaintext , or to attempt unauthorized transmission of cipher text
22. Cryptography techniques:
Cryptanalysis is the study of mathematical techniques for
attempting to defeat cryptographic techniques, and, more generally, information
security services
A cryptanalyst is someone who engages in cryptanalysis
Cryptology is the study of cryptography and cryptanalysis
A cryptosystem is a general term referring to a set of
cryptographic primitives used to provide information security services.
Most often the term is used in conjunction with primitives
providing confidentiality, i.e., encryption
Cryptographic techniques are typically divided into two
generic types:
symmetric-key cryptography
public-key cryptography
23. Symmetric key cryptography:
Let a={ a,b,c………x ,y,z}, be the english alphabet ,
let m & c be the set of string of length five over A .the key E is chosen to
be permutation A.
To encrypt , an english message is broken up into
groups each having five letter (appropriate padding , if the length of
the message is not a multiple of five & permutation E is applied to
each letter one at a time).
To decrypt , the inverse permutation D=E/1,is
applied to each letter of the cipher text , E is choosen to the permutation
E=
A,B,C,D,E,F,G,H,I,J,K,L,M,N,O,P,Q,R,S,T,U,V,W,X,Y,Z.
D,E,F,G,H,I,J,K,L,M,N,O,P,Q,R,S,T,U,V,W,X,Y,Z,A,B,C
24. PUBLIC KEY CRYTOGRAPHY:
Each user has an encryption function & a decryption
function.
Alice makes her encryption function Ea publicly known ,
but keeps her decryption function Da secret
Bob wants to send alice a message P ,so he computes
C=Ea(P) and sends it to her
Alice receives C and computes P=Da(C)
The point is that the encryption function & a decryption
function are set up so that Da is very difficult to compute only knowing Ea.
Thus even if an attacker knows Ea ,he can’t compute Da
and hence can’t read bob message
25. PROTOCOLS:
A cryptographic protocol (protocol) is a distributed
algorithm defined by a sequence of steps precisely specifying the
actions required of two or more entities to achieve a specific security
objective
Remark: (protocol vs. mechanism)
As opposed to a protocol, a mechanism is a more
general term encompassing protocols, algorithms
(specifying the steps followed by a single entity)
non-cryptographic techniques
(eg : hardware protection and procedural controls) to achieve
specific security objectives
26. Protocols play a major role in cryptography and are essential
in meeting cryptographic Goals
Encryption schemes, digital signatures, hash functions, and
random number generation are among the primitives which may be utilized
to build a protocol.
Secret sharing : alice,bob,carol,….yanni,&zeke each have a piece of
information that is part of a commonly held secret S.
If N or more of them meet and combine their knowledge,then S can
be reconstructed.
But if less than N get together, S cannot be reconstructed.
27. Example: (a simple key agreement protocol)
Alice and Bob have chosen a symmetric-key encryption scheme to use
in communicating over an unsecured channel.
To encrypt information they require a key.
The communication protocol is the following:
1. Bob constructs a public-key encryption scheme and sends his public key to
Alice over the channel.
2. Alice generates a key for the symmetric-key encryption scheme.
3. Alice encrypts the key using Bob’s public key and sends the encrypted key to
Bob.
4. Bob decrypts using his private key and recovers the symmetric (secret) key.
5. Alice and Bob begin communicating with privacy by using the
symmetric-key system and the common secret key.
28. Uses of protocols:
Today we use cryptography for a lot more than just sending
secret message
Authentication:
Alice receives cipher text from bob.
How can she be sure that the message originated from bob?
How can she be sure that the message wasn’t corrupted?
Key exchange:
Over an instance channel ,
Alice & bob exchange two piece of data that allows them to
compute a common encryption/decryption key .
But any attacker who intercepts the transmissions can’t recover
the key.
29. Remark (causes of protocol failure):
Protocols and mechanisms may fail for a number of reasons,
including:
1. weaknesses in a particular cryptographic primitive which may be
amplified by the protocol or mechanism;
2. claimed or assumed security guarantees which are overstated or
not clearly understood;
3. the oversight of some principle applicable to a broad class of
primitives such as encryption.
30. Classes of attacks and security models:
Over the years, many different types of attacks on cryptographic
primitives and protocols have been identified.
The roles of an active and a passive adversary were discussed. The
attacks these adversaries can mount may be classified as follows:.
1. A passive attack is one where the adversary only monitors
the communication channel.
A passive attacker only threatens confidentiality of data.
2. An active attack is one where the adversary attempts to
delete, add, or in some other way alter the transmission on the channel.
An active attacker threatens data integrity and authentication as well
as confidentiality.
31. One Application of Cryptography:
ELECTRONIC MONEY:
The definition of electronic money (also called electronic cash or digital
cash) is a term that is still evolving.
It includes transactions carried out electronically with a net transfer of funds
from one party to another, which may be either debit or credit and can be
either anonymous or identified.
There are both hardware and software implementations.
Encryption is used in electronic money schemes to protect conventional
transaction data like account numbers and transaction amounts, digital
signatures can replace handwritten signatures or a credit-card
authorizations, and public-key encryption can provide confidentiality.