Internet of Things Encryption James Ballance

Developing the Industrial Internet of Things I

3/11/2019
Background
Message encryption is almost as ancient as the advent of written language.
Cryptography in the ancient world played a critical role in providing a safer method to
scrabble a message into some indiscernible such that unwanted adversaries did not
gain access to secrets they definitely did not want unintended parties to learn. Secrets
relating to battle plans, political opposition, you name it, encoding and decoding
messages based on a known cipher was and still is, extremely useful. The mathematics
and technology of encryption did not make much headway until the invention of the
computer, much of the work of Alan Turning (father of computer science) and Claude
Shannon (father of information theory) that the ideas seeded from ancient battlefields
matured into the nexus of mathematics, computer science, and electrical engineering
that it is today. The maturation cryptography heavily relies on utilizing matrix operations
and preforming bit-wise operators.
Rather than manual encrypting and decoding information, computers allow for
much more complex methods in which messages can be transformed into seeming
nonsense to those without the background expertise in modern encryption methods to
make sense of it all. Modern encryption relies on simple mathematical matrix operations
when chained together produce complex results that brute force algorithms could spend
infinite time cracking.
This paper will address some of the highlights of the Cryptopals problem sets
with an emphasis on XOR decryption and AES (Advanced Encryption Standard)
instruction sets due to a personal interest in the topics. AES, for example, is
implemented in a wide array of computation hardware ranging from AMD's Ryzen
processors to Intel's i7 processors to bulletproof instruction set leakage. AES is a
symmetric algorithm meaning, if a key and ciphertext are inputs to the reverse of this
stack of algorithms the original plaintext will be the output. It is somewhat simple to
conceptualize while still remaining practically useful in many scenarios. We could
discuss AES-256 (256-bit strength) however the only difference here is the number of
“encryption rounds” are invoked, more on this later.

What I did
The Cryptopals problem set proved to be a challenging yet, extremely insightful
exercise on cryptography. Each of these exercises could warrant a paper onto
themselves, barring XOR-ing bytes, but I would like to focus my writing on a couple of
these encryption algorithms, how they work, and ultimately their use case and how to
break them. With each evolution of difficulty while calling back to previously expressed
knowledge one gets a true appreciation of encryption at a more granular scale. Writing a
paper on this topic solidified my understanding on the topic and having a deeper
knowledge on this one facet of encryption helped me understand each new encryption
method much better.
What I Learned:
XOR Cryptography and Its Implementation (Set 1)
The simplest and perhaps most important subset of cryptography is the bit-wise
XOR. Understand the concepts introduced are expanded and extrapolated on in each of
the following sets. The concept is quite simple but can get a little confusing (personally)
from converting data types from chars to hex to bytes and then preforming bit-wise
operations, glossing over this is not trivial. At its fundamental level, we are translating
ASCII strings to hex to bits and performing a XOR on a ciphertext based on a key of our
choosing. This is illustrated below:

Figure 1:https://en.wikipedia.org/wiki/Base64

Next, to encrypt a message one could use a cipher key and XOR the plaintext to garble
up a message. These can be single or multiple characters. The key will loop across the
length of the plaintext message until the end.

Figure 2: XOR

Now the resulting Cipher could be decoded as a base64, ASCII-256 extended, etc
depending on the preferred bitlength. This procedure was reproduced on set 1-2 and
then a cipher key was guessed and corroborated on set 1-3.

import codecs
def main(): hex_message =
"1c0111001f010100061a024b53535009181c" hex_key =
"686974207468652062756c6c277320657965"
# Convert string to hex
codecs.decode(hex_message, 'hex')
codecs.decode(hex_key, 'hex')
# Convert Hex to byte
byte_message = bytes.fromhex(hex_message)
byte_key = bytes.fromhex(hex_key)
# Logical XOR hashing byte message and byte key xor_encoded =
xor_strings(byte_message, byte_key) xor_encoded.hex()
print(xor_encoded) def xor_strings(hexStringOne, hexStringTwo):
return bytes([b1 ^ b2 for b1, b2 in zip(hexStringOne, hexStringTwo)]) if
__name__ == '__main__': main()

Example: CryptoPals Set 1-2

import pprint
# http://www.data-compression.com/english.html
CHAR_Percent = {
'a': 0.0651738, 'b': 0.0124248, 'c': 0.0217339, 'd': 0.0349835, 'e': 0.1041442,
'f': 0.0197881, 'g': 0.0158610,
'h': 0.0492888, 'i': 0.0558094, 'j': 0.0009033, 'k': 0.0050529, 'l': 0.0331490,
'm': 0.0202124, 'n': 0.0564513,
'o': 0.0596302, 'p': 0.0137645, 'q': 0.0008606, 'r': 0.0497563, 's': 0.0515760,
't': 0.0729357, 'u': 0.0225134,
'v': 0.0082903, 'w': 0.0171272, 'x': 0.0013692, 'y': 0.0145984, 'z': 0.0007836, '
': 0.1918182
} def
get_score(input_bytes):
"""The summation of the single character decrypted message score is added based
on character frequency in the english langauge
""" score = 0 for byte in input_bytes:
score += CHAR_Percent.get(chr(byte).lower(), 0)
return score def singlechar_xor(input_bytes,
key_value):
"""XORs every byte of the input with the given key_value and returns
the result.""" output = b'' for char in input_bytes:
output += bytes([char ^ key_value]) return output def
singlechar_xor_brute_force(ciphertext):
candidates = [] for
key_candidate in range(256):
plaintext_candidate = singlechar_xor(ciphertext,
key_candidate) candidate_score =
get_score(plaintext_candidate) result = {
'key': key_candidate,
'score': candidate_score,
'plaintext': plaintext_candidate
}
candidates.append(result)
# Sorts dictionary from highest to lowest scores
return sorted(candidates, key=lambda c: c['score'], reverse=True)
def print_results(result):
"""Prints the given resulting candidate in a pretty
format.""" pprint.pprint(result) def main():
ciphertext =
bytes.fromhex("1b37373331363f78151b7f2b783431333d78397828372d363c78373e783a393b3736")

plaintext = singlechar_xor_brute_force(ciphertext)
print_results(plaintext) if __name__ == "__main__":
main()

Example: Cryptopals Set 1-3

 I found the ideas in set 1-3 to be fairly interesting. Using a scoring method and
data of the frequency of characters, one could then further narrow a search for a key
based on frequency of certain words, character pairs, and groups of letters often used
together [7]. A Pareto distribution (sometimes colloquially known as the 80-20 rule)
emerges from letter frequency, word choice, and character pairs, thus potentially
significantly narrowing any decryption search algorithm.

AES:
AES (Advanced Encryption Standard) uses the Rijndael block cipher algorithm.
Since Rijndael is an iterated block cipher, the encryption or decryption of a block of data
is accomplished by the iteration (a round) of a specific transformation (a round function).
As input, Rijndael accepts one-dimensional 8-bit byte arrays that create data blocks.
The plaintext is input and then mapped onto state bytes. The cipher key is also a one-
dimensional 8-bit byte array. There were several candidate algorithms but Rijndael was
selected because based on the analyses, it had the best combination of security,
performance, efficiency, ease of implementation and flexibility. The Rijndael algorithm
instantiates rounds which are composed of four separate matrix operations: sub bytes,
shift rows, mix columns, and add round key. The general framework is depicted below
on figure 1. We will go into further detail of the function of each of the matrix operators
within each encryption round.
Sub_bytes(): Substituent bytes is called based on the size of the cipher key the number
of iterations required increases.

Shift_rows(): A matrix transform where elements are rotated. The most simple matrix
rotation is shown below:

Mix_Columns(): Multiplies a column by a fixed cipher.

AddRoundKey: XOR the cipher subkey with the “plaintext” message. The subkey is a
modified for each iteration of AES based on the Rijndael key schedule. Each
subsequent round takes this output as the input. The number of AES rounds depends
on the bit-strength of the encryption.

Numerous peer-to-peer encrypted emails, government classified documentation among

other methods use the AES encryption scheme or variants of its implementation for
“impossible” to brute force crack.

This Paper and How it Relates to What I Learned in Class

Data encryption and the methods which modern data transfer is secured is of an
interest to all potential internet of things engineers. CryptoPals problem sets give a
thought provoking exercise of data encryption that is not purely theoretical, one needs
extensive practice on these problems to fully grasp each algorithms features and flaws. I
was able to crack single character and secret phrase encrypted messages using the
scoring approach outlined (code included) as an idea of how this was achieved. As the
matrix manipulation gets more and more complex, finding these holes (and the
Cryptopal provides enough information but certainly does not provide you the solution)
in each problem. I was able to complete up to set 1-7 but got stuck on set 1-8. Given the
timeframe for this assignment unless there was much more time provided, and lectures
on each of the problem sets it is extremely difficult to complete all of set 1 and 2.

Citations:
History of cryptography:
[1] http://www.inquiriesjournal.com/articles/1698/a-brief-history-of-cryptography [2]
https://www.cia.gov/news-information/featured-story-archive/2015-featured-
storyarchive/the-enigma-of-alan-turing.html
AES Encryption lecture
[3] https://www.youtube.com/watch?v=4pmR49izUL0
[4] https://csrc.nist.gov/csrc/media/publications/fips/197/final/documents/fips-197.pdf
[5] https://www.cs.mcgill.ca/~kaleigh/computers/crypto_rijndael.html
[6] https://en.wikipedia.org/wiki/Rijndael_S-box
[7] https://homepages.math.uic.edu/~leon/mcs425-s08/handouts/char_freq2.pdf
[8] https://www.statisticshowto.datasciencecentral.com/pareto-principle-the-8020-
rule/
[9] https://en.wikipedia.org/wiki/Advanced_Encryption_Standard#/media/File:AES-
MixColumns.svg