Introduction to Cryptography and Cryptanalysis, Lecture notes of Cryptography and System Security

An introduction to the key concepts of cryptography and how it is used as a tool for security. It also covers cryptanalysis and the attempt to extract the meaning of encrypted messages. terminology related to encryption and decryption, as well as examples of encryption and decryption processes. a set of lecture notes for CS361: Introduction to Computer Security at the University of Texas at Austin.

Typology: Lecture notes

2021/2022

Uploaded on 05/11/2023

hayley
hayley šŸ‡ŗšŸ‡ø

4

(7)

224 documents

1 / 62

Toggle sidebar

This page cannot be seen from the preview

Don't miss anything!

bg1
CS361: Introduction to Computer Security
Cryptography I
Dr. Bill Young
Department of Computer Sciences
University of Texas at Austin
Last updated: February 25, 2020 at 12:03
CS361 Slideset 5: 1 Cryptography I
pf3
pf4
pf5
pf8
pf9
pfa
pfd
pfe
pff
pf12
pf13
pf14
pf15
pf16
pf17
pf18
pf19
pf1a
pf1b
pf1c
pf1d
pf1e
pf1f
pf20
pf21
pf22
pf23
pf24
pf25
pf26
pf27
pf28
pf29
pf2a
pf2b
pf2c
pf2d
pf2e
pf2f
pf30
pf31
pf32
pf33
pf34
pf35
pf36
pf37
pf38
pf39
pf3a
pf3b
pf3c
pf3d
pf3e

Partial preview of the text

Download Introduction to Cryptography and Cryptanalysis and more Lecture notes Cryptography and System Security in PDF only on Docsity!

CS361: Introduction to Computer Security

Cryptography I

Dr. Bill Young Department of Computer Sciences University of Texas at Austin

Last updated: February 25, 2020 at 12:

Elementary Cryptography

This is not a course in cryptography. The department offers one and you are advised to take it, if you plan to work in the security field.

Our point here will be to give some intuitions about: what are the key concepts of cryptography; how is it used as a tool for security; how effective is it in that regard.

A Thought Experiment

Suppose you’re confronted with a text that you believe to be the encryption of some message. You’d like to apply your cryptanalytic skills. How do you get started? What questions should you ask? What is the likely underlying language of the plaintext? What characteristics of the probable source text are relevant? What characteristics of the source language are relevant? Have any transformations/compressions been applied prior to encryption? What is the likely nature/complexity of the encryption algorithm? Anything else?

Thought Experiment: The Gold Bug

The setting: In the early 1800’s, a man named William Legrand finds a scrap of parchment on a South Carolina beach. The parchment appears blank, but when he holds it close to a candle flame to examine it, a strange encoded message appears. In one corner is a drawing of a goat. Legrand wonders if the message could be directions to the location of a treasure buried by the infamous pirate Captain Kidd.

An Aside: Talk Like a Pirate

A useful Pirate to English translator can be found at: http://www.talklikeapirate.com/translator.html

Information Theory and Cryptography

Information theory vitally informs cryptography in a number of ways: What effect does encoding a message have on the information content of the file? An attempt to decrypt a message is really an attempt to recover a message from a (systematically) noisy channel. How can redundancy in the source give clues to the decoding process? Is a perfect encryption possible (i.e., one that is theoretically unbreakable)?

Encryption / Decryption

The purpose of encryption is to render the message less useful / meaningful to the intruder. Conceptually, the process of encryption is quite simple:

Encrypt (^6) key e (optional)

plaintext (^) - ciphertext-

as is the process of decryption:

Decrypt (^6) key d (optional)

ciphertext (^) - plaintext-

Some Terminology

Encryption is the process of encoding a message so that its meaning is not obvious.

Decryption is the reverse process, transforming an encrypted message back to its original form.

The terms encrypt, encode, and encipher are used interchangeably, as are decrypt, decode, and decipher.

A system for encryption and decryption is called a cryptosystem.

The original form of a message is called plaintext and the encrypted form called ciphertext.

Keyed Algorithms

Often the encryption and decryption algorithms use a key K. The key selects a specific algorithm from the family of algorithms defined by E.

We write this dependence as:

C = E (P, KE ) and P = D(C , KD )

If KE = KD , then the algorithm is called symmetric. If not, then it is called asymmetric. In general,

P = D(E (P, KE ), KD )

An algorithm that does not use a key is called a keyless cipher.

Some Notation

Often the notation E (P, K ) and D(C , K ) becomes cumbersome. An alternative notation is often used, particularly in cryptographic protocols.

We’ll often use {M}K to denote E (M, K ), and sometimes to denote D(M, K ). For example,

P = D(E (P, KE ), KD ) = {{P}KE }KD.

This is usually appropriate since, in many of the most important commercial crypto systems, the same algorithm is used for both encryption and decryption (i.e., the algorithm is its own inverse).

Cryptanalysis

A cryptanalyst can attempt to do any or all of the following: to break a single message; to recognize patterns in encrypted messages; to infer some meaning without breaking the algorithm; to deduce the key; to find weaknesses in the implementation or environment or the use of encryption; to find weaknesses in the algorithm, without necessarily having intercepted any messages.

Cryptanalysis (Cont.)

The analyst works with: encrypted messages, known encryption algorithms, intercepted plaintext, data items known or suspected to be in a ciphertext message, mathematical and statistical tools and techniques, properties of languages, computers, ingenuity and luck.

Breakability Evolves

Suppose we use a more ingenious approach that reduces this to 1015 operations. An exhaustive approach would require only about one day. (But still not be needed, probably!)

Because of advances in computer technology, algorithms that were considered strong enough 20 years ago, can be effectively broken today.

You see the result in current discussion of increasing the key length for standard algorithms such as DES and RSA. We’ll consider this issue later.

Strong Encryption

A cryptosystem is strong if there are no ā€œshort cutsā€ to breaking it. That is, there is no cryptoanalytic approach that is substantially faster than brute force—i.e., trying all of the keys one by one. Most strong algorithms are still breakable.

For an n-bit block cipher with k-bit key, given a small number of plaintext/ciphertext pairs encrypted under key K , K can be recovered by exhaustive search in an expected time on the order of 2 kāˆ’^1 operations.

The larger the keyspace, the longer to find the key by search. Thus, an important question for any cryptosystem: What is the size of the keyspace? How does this relate to the size of the key?