2. What is cryptography?
Cryptography enables you to store sensitive information or transmit it
across insecure networks so that it cannot be read by anyone except the
intended recipient.
Cryptography concerns itself with the following four
objectives:
1) Confidentiality
2) Integrity
3) Non-repudiation
4) Authentication
3.
4. Cipher Text and Plain Text
Cipher text is also known as encrypted or
encoded information because it contains a form
of the original plaintext that is unreadable by a
human or computer without the proper cipher to
decrypt it. Decryption, the inverse of encryption,
is the process of turning cipher text into
readable plaintext.
5. encoder
decoder
(plaintext in -
ciphertext out)
ciphertextciphertext
msgmsg
(ciphertext in
- plaintext out)
(should understand
nothingnothing about the msg)
eavesdropper
bla-blabla-bla
cmbcmb--cmbcmb bla-blabla-bla
6. Public Key and Private Key
In cryptography, a key is a piece of information (a
parameter) that determines the functional output of
a cryptographic algorithm or cipher. Without a key, the
algorithm would produce no useful result.
A cryptographic system that uses two keys -- a public
key known to everyone and a private or secret key known
only to the recipient of the message. When John wants to
send a secure message to Jane, he uses Jane's public
key to encrypt the message. Jane then uses her private
key to decrypt it.
7. What is cryptanalysis?
Cryptanalysis refers to the study of ciphers,
cipher text, or cryptosystems (that is, to
secret code systems) with a view to finding
weaknesses in them that will permit
retrieval of the plaintext from the cipher
text, without necessarily knowing the key or
the algorithm.
8. Role of Cryptanalysis
The cryptographer's goal is to provide security for information by developing strong cryptosystems, while
the cryptanalyst's goal is to discover weaknesses or flaws in cryptosystems and break the security provided
by those systems.
Cryptanalysts can use powerful computing equipment and a variety of procedures, processes, and
techniques to launch attacks against cryptosystems.
A good cryptanalyst can even determine plaintext from samples of ciphertext without even knowing the
cipher that was used to produce it.
9. What is an Attack?
In computer and computer networks an attack is any
attempt to destroy, expose, alter, disable, steal or
gain unauthorized access to or make unauthorized
use of an asset.
An attack should lead to a security incident i.e.
a security event that involves a security violation.
10. Active and Passive Attack
An active attack is a network attack characterized by the
attacker attempting to break into the system. During an
active attack, the intruder will introduce data into the
system as well as potentially change data within the
system.
A passive attack is a network attack in which the purpose
is solely to gain information about the target and no data
is changed on the target.
11. Types of Attacks on Encrypted messages
Known Plaintext Attack
Chosen Plaintext Attack
12. Known Plain Text Attack
The known-plaintext attack (KPA) is an attack
model for cryptanalysis where the attacker has access to
both the plaintext and its encrypted version (cipher text).
In cryptography, the known plaintext attack, or KPA, is an
attack based on having samples of both the plaintext and
corresponding encrypted or cipher text for that
information available.
13. Understanding Known
Plain Text Attack
Alice sends a message to Bob encrypted with
his public key. Eve overhears an encrypted
communication from Bob to Alice, and later
observes them meeting at Baker Street . Eve
can now guess that the communication
contained the word "baker street" somewhere,
a form of known plaintext attack.
16. An Example
We have,
Ciphertext: PQ
Plaintext: if
Formula:
Y = aX + b ( Y is cipher, X is plain)
Two equations:
16 = a.9 + b (i P)
17 = a.6 + b (f Q)
17. An Example
16 = a.9 + b
17 = a.6 + b
-1 = a.3 + 0 ( by subtracting)
25 (mod 26) = a.3
a = 25/3
a= 25.(3^-1)
a = 25.9 as 3^-1 (mod 26) = 9 using Euclidean algorithm
a = 17 (mod 26)
Also by solving two equations we get,
b = 9 (mod 26)
So, we get the final equation Y = 17.X + 9
Key is (17,9)
18. Controlling
Plain Text Attack
• Reduce frequent word in the message
• Reduce special word or phrase in the message
• Less number of pairs of plaintext-ciphertext
• Minimize validity of key