Академический Документы
Профессиональный Документы
Культура Документы
(Parts of the slides were provided by: Henric Johnson, Blekinge Institute of Technology, Sweden)
Security depends on the secrecy of the key, not the secrecy of the algorithm
2
E (m) (m) k
D (E (m)) = m (m)) k k
3
Cryptography
Classified along three independent dimensions:
The type of operations used for transforming plaintext to ciphertext (substitution, transposition) The number of keys used
symmetric (conventional, secret key) asymmetric (two-keys, or public-key encryption)
The way in which the plaintext is processed (block cipher, stream cipher)
4
Cryptanalysis
Type of Attack Known to Cryptanalyst
Ciphertext only Known plaintext Encryption Algorithm Cihpertext to be decoded Encryption algorithm Ciphertext to be decoded One or more plaintext-ciphertext pairs Encryption algorithm Ciphertext to be decoded Plaintext message chosen by cyptanalyst, together with its corresponding ciphertext
5
Chosen plaintext
Cryptanalysis (cont.)
Methods: Brute-force (exhaustive key search) Statistical analysis
Ek(m) = FRPSXWHU VHFXULWB Cryptanalysis: Exhaustive key search (26 possible keys)
8
Monoalphabetic Cipher
Ciphertext letters correspond to plaintext letters in an arbitrary manner Example: m= ABCDEFGHIJKLMNOPQRSTUVWXYZ key = permutation Ek(m) = QWERTYUIOPASDFGHJKLZXCVBNM Cryptanalysis:
Brute force is infeasible (26 ! = 4 * 1026 possible keys) Statistical Frequency Analysis
10
Polyalphabetic Ciphers
A number of monalphabetic ciphers used in strict rotation, period: number of ciphers Example: Polyalphabetic cipher with 3 monoalphabetic ciphers M1, M2, M3
now is the time for every good man JQX CZ VXH VCER AQC PCRTX LBQZ QPK
12
Period: 1 2 3 4 5 10 large
Transposition Ciphers
Rearranges characters according to some scheme, e.g., permutation of plaintext characters with a fixed period d Zd = [1..d] f: Zd Zd Permutation over Zd Key K = (d,f), Decryption by inverse Permutation f -1 Plaintext = M = m1 ... md md+1 ... m2d EK(M) = mf(1) ... mf(d) md+f(1) ... md+f(d) Example: d=4, Permutation f is defined by: i: 1234, f(i): 2413 M = RENA ISSA NCE EK(M) = EARN SAIS CNE
16
19
20
10
22
11
23
DES
The overall processing at each iteration: Li = Ri-1 Ri = Li-1 F(Ri-1, Ki)
Concerns about:
The algorithm and the key length (56bits)
24
12
25
Triple DEA
Use three keys and three executions of the DES algorithm (encrypt-decryptencrypt)
C = EK3[DK2[EK1[P]]]
C = ciphertext P = Plaintext EK[X] = encryption of X using key K DK[Y] = decryption of Y using key K
13
Triple DEA
27
14
29
30
15
32
16
33
Select j bits
Discard 64 - j bits
+
j P1 (a) Encryption
C1
+
P2
C2
+
PM
CM
34
17
DES Encrypt
DES Encrypt
DES Encrypt
Select j bits
Discard 64 - j bits
Select j bits
Discard 64 - j bits
Select j bits
Discard 64 - j bits
+
P1 (b) Decryption
C1
+
P2
C2
+
PM
CM
End-to-end encryption
The source encrypt and the receiver decrypts Payload encrypted Header in the clear
High Security: Both link and end-to-end encryption are needed (see Figure 2.9)
36
18
37
Key Distribution
1. A key could be selected by A and physically delivered to B. 2. A third party could select the key and physically deliver it to A and B. 3. If A and B have previously used a key, one party could transmit the new key to the other, encrypted using the old key. 4. If A and B each have an encrypted connection to a third party C, C could deliver a key on the encrypted links to A and B. 38
19
Permanent key:
Used between entities for the purpose of distributing session keys
39
40
20