Cryptography and Cryptanalysis: Lecture Notes for CS 436/636/736, Study notes of Computer Science

Lecture notes for a university course on cryptography and cryptanalysis (cs 436/636/736), covering topics such as key goals, nomenclature, key ideas, common cryptographic attacks, simple ciphers, attacking simple ciphers, theoretical math, key-based cryptography, security protocols, and digital signatures.

Typology: Study notes

Pre 2010

Uploaded on 04/12/2010

koofers-user-lda
koofers-user-lda ๐Ÿ‡บ๐Ÿ‡ธ

10 documents

1 / 28

Toggle sidebar

This page cannot be seen from the preview

Don't miss anything!

bg1
Cryptography/Cryptanalysis, I
CS 436/636/736
February 22, 2006
pf3
pf4
pf5
pf8
pf9
pfa
pfd
pfe
pff
pf12
pf13
pf14
pf15
pf16
pf17
pf18
pf19
pf1a
pf1b
pf1c

Partial preview of the text

Download Cryptography and Cryptanalysis: Lecture Notes for CS 436/636/736 and more Study notes Computer Science in PDF only on Docsity!

Cryptography/Cryptanalysis, I

CS 436/636/

February 22, 2006

References

โ—

Applied Cryptography, 2/e, Schneier, Wiley

  • (^) Material from several chapters adapted for this set of lectures โ—

RSA company web site

  • (^) http://www.rsasecurity.com/
  • (^) http://www.rsasecurity.com/rsalabs/ (more useful) โ—

Material from the course text (Chapter 8)

Nomenclature, I

โ—

Cryptography โ€“ encryption/decryption science

and engineering and mathematics

โ—

Cryptanalysis โ€“ the science and engineering of

breaking encryptions

Nomenclature, II

โ—

Plaintext โ€“ the document before it is encrypted

โ—

Ciphertext โ€“ the document once encrypted

โ—

encrypt/encipher: P -> M via a cryptographic

algorithm (cypher)

โ—

decipher/decrypt: M -> P under reverse algorithm

โ—

Idempotent algorithm: encryption and decryption

same algorithm (with same key)

โ—

Key : what locks and unlocks a cipher

โ—

Code : โ€œThe bird sings loudly, by the riverโ€

Key Ideas

โ— (^) All secrecy must lie with the keys โ— Secrecy within an algorithm is illusory (always assume your algorithm is public and has been studied, for maximum assurance, otherwise make it public!) โ— Algorithms must be strong enough to prevent decryption for the useful lifetime of the secrets, given today's and anticipated future computing technology โ— (^) Algorithms must be scalable enough to use as widely as needed for a given application at an acceptable cost for the level of assurance โ— Cheaters and dishonesty abound between people and computers and each other, make systems work anyway

Current computing vs. future

computing

โ— NP hard, exponential problems with large exponents can't be solved in acceptable time limits for arbitrary inputs โ— Quantum computing is fundamentally a different technology than a Turing machine โ— Quantum computing makes some NP hard problems solvable easily, including in cryptographic problems (O(1) time) โ— (^) Quantum encryption would replace some current methods, if Quantum computing becomes a reality โ— (^) The approximate age of the Universe is 10^18 seconds, as one measure of a long period of time

Some simple ciphers, I

(Chapter 8, and Shneier)

โ—

One-time Pad

โ—

Transposition (EHLL_OOWLR_D <-> HELLO_

WORLD_)

โ—

ROT13 / Caesar (rotation, special permutation)

โ—

Simple Substitution (A<->Z,B<->Q, etc, 1-to-1,

onto mapping, a permutation), monoalphabetic

โ—

Homophonic (e.g., A -> three symbols)

โ—

Polygram (e.g., ABA <-> CDC)

Some simple ciphers, II

(Chapter 8, and Schneier)

โ—

Vigenere Cipher (polyalphabetic)

โ—

Simple XOR (Vigenere type)

โ—

Rotors/Enigma (form of Vigenere)

  • (^) Each rotor does a permutation
  • (^) Input of next rotor is output of previous rotor
  • (^) Enigma also did a partial rearrangement of data at input, moved the rotors at different speeds, as text flowed through

Attacking Simple Cyphers

โ— Entropy of data in bits, means redundancy exists (you don't need eight bits per letter to encode a poem, or your essay, not even 6 bits per letter probably) โ— Frequency of letters in a language (like 'E' in English) โ— Frequency of letter pairs in a language (e.g., 'HE' vs 'HY' vs 'EH' vs. 'YH') โ— Knowledge in general of what plaintext contains โ— (^) Index of coincidence (e.g., find key lengths) โ— (^) Correlation by offset/xor (e.g., to find key lengths)

Prominence of Theoretical Math

โ— One-way function practical irreversibility โ— (^) Factorization of large numbers difficult โ— Computation of discrete logarithms difficult โ— This and other computations that can or cannot be done tractably control whether or not there is sufficient assurance to key encryption algorithms โ— (^) Researchers are trying to learn how to stretch what can be computed, some information is irreducible โ— (^) Elusiveness of Randomness, pseudo-random sequences โ— Some aspects closely related to Turing halting problem, Godel incompletness theorem, axiom vs. provability, etc

General practical strategy

โ—

Use public-key encryption for signing documents

โ—

Use symmetric key algorithms together with

signatures for encrypting documents

โ—

Public-key algorithms are subject to known-

plaintext attacks, given that one key is public,

such attacks can be on-going always

One-way function

(Schneier, Section 2.3)

โ—

Fundamental building block for public-key

cryptography

โ—

f:x->f(x), f is the one-way function, x is the input

text

โ—

Relatively easy to form f(x) given x

โ—

Very hard to form x given f(x) [preimage]

โ—

Trap-door-one-way-function, one-way-function,

but if you know a trapdoor 'y', you can compute

'x' from f(x) and y relatively easily

Message Authentication Code (MAC)

(Schneier, p. 31)

โ—

Not Mandatory Access Control (from Comp

Sec.), nor Media Access Control (ISO OSI

model)

โ—

Aka DAC (Data authentication code)

โ—

Hash is both of data and a key

Security Protocol Top-Billed Dramatis Personae* (Schneier) โ— Alice โ€“ the first party in a protocol โ— (^) Bob โ€“ the second partyin a two or more way protocol โ— Trent โ€“ The trusted arbiter for arbitrated protocols โ— Mallory (female or male?) - hacker/active attacker โ— (^) Eve (the person in the middle) โ€“ passive attacker โ— Carol โ€“ third party in a three party or more protocol โ— Dave โ€“ fourth party in a four way or more protocol