Mais conteúdo relacionado
Introduction to cryptography
- 1. WORK IN PROGRESS | PRIVATE USE ONLY
Basics of Cryptography
An Introduction to Theory of
Cryptography
10/29/2012 © 2012, C.J. Dedduwage, University of Colombo 1
- 2. Section I
BASIC TERMINOLOGY AND CONCEPTS
© 2012, C.J. Dedduwage, University of
10/29/2012 2
Colombo
- 3. Terminology
• A Message (M) is a crucial piece of information
• Sender (S) is the party that originates the message
• Recipient (R) is the intended party of receipt for M
• The medium through which M is sent, is called Transmission
Medium (T)
• Usually this involves a Computer System (or System), composed of
hardware, software and data
• A Vulnerability is a weakness in the security of the system
• An Attack is an exploitation of a vulnerability, by an Intruder
(human/machine) who perpetrates (commonly an Outsider O)
10/29/2012 © 2012, C.J. Dedduwage, University of Colombo 3
- 4. Properties of a Message
• Only intended
Confidentiality parties must
receive M
• Contents of M
Integrity
must be
unchanged
from S to R
• Once received
Non-
repudiation M cannot be
denied by R
10/29/2012 © 2012, C.J. Dedduwage, University of Colombo 4
- 5. Main Types of Attack
1. Interception
– Listening to the message while it passes from S to R
– Does not stop R from getting the message M
– Causes loss of confidentiality of message M
2. Interruption / Blocking
– Prevents R from getting message M
– Causes loss of availability of message M
10/29/2012 © 2012, C.J. Dedduwage, University of Colombo 5
- 6. Main Types of Attack
3. Modification
– Alteration of the contents of message M
– R does not receive the original M sent by S
– Causes loss of integrity of message M
4. Fabrication
– R receives an authentic-looking message, as if it was
originated by S
– Causes loss of integrity of message M
Closely related but different scenario is denial of M by S—called repudiation
10/29/2012 © 2012, C.J. Dedduwage, University of Colombo 6
- 7. Requirements for a Successful Attack
• Method: tools, knowledge, skills
• Opportunity: time and access to resources
• Motivation: a reason to conduct the attack
• If any of these are denied, attack would not occur
• But all three lie with the intruder, not system
• Not practical to target and eliminate these
Method–Opportunity–Motivation: MOM
10/29/2012 © 2012, C.J. Dedduwage, University of Colombo 7
- 8. Control of Attacks
• Control is the means by which an attack is
stopped / prevented
• Stops a vulnerability from becoming an attack
• Control is a part of the system and is under our
influence
10/29/2012 © 2012, C.J. Dedduwage, University of Colombo 8
- 9. Cryptology, Cryptography & Cryptanalysis
• Cryptography is the science of (overt) secret
writing, and its unauthorized decryption
• Cryptology = cryptography + cryptanalysis
• Cryptography is the science of overt secret
writing
• Cryptanalysis is the science of unauthorized
decryption of an encrypted message
10/29/2012 © 2012, C.J. Dedduwage, University of Colombo 9
- 10. Cryptography
Cryptography
• Steganography is covert
Steganography
Cryptography
secret writing—only R
and S know that M is
Proper
Technical Linguistic being passed
Semagrams Open Code
• Cryptography proper is
Jargon Code
Concealment
cipher about overt secret
writing—not only R and
S know that an M is
Cue Null cipher
The Grille being passed
© 2012, C.J. Dedduwage, University of
10/29/2012 10
Colombo
- 11. Section II
MATHEMATICS OF CRYPTOGRAPHY
© 2012, C.J. Dedduwage, University of
10/29/2012 11
Colombo
- 12. Plaintext & Ciphertext
• Plaintext P is the original form of the message
• Ciphertext C is the message in its encrypted form
• P and C are sequences of characters in the form
– P = <P1, P2, P3, P4, … >
– C = <C1, C2, C3, C4, … >
• Usually P is written in lowercase while C is written in
uppercase
10/29/2012 © 2012, C.J. Dedduwage, University of Colombo 12
- 13. Encryption & Decryption
• Encryption is the process of translating P into C
• Decryption is the reverse process: C into P
– Encryption: C = E(P)
– Decryption: P = D(C)
– Satisfying, P = D(E(C))
10/29/2012 © 2012, C.J. Dedduwage, University of Colombo 13
- 14. Character Sets
• A Vocabulary is a set of characters, V, used to
formulate plaintext P, or set of characters, W, used to
formulate C
• Length of a word is usually denoted in superscript
– V*– set of words constructed from V
– W*– set of words constructed from W
– ε – the empty (null) word
– Zn – the set of all words of length n, where,
– Zn = {ε}Z1 Z2 … Zn | Zn Z*
10/29/2012 © 2012, C.J. Dedduwage, University of Colombo 14
- 15. Encryption & Decryption
• An encryption X is a relation / rule / algorithm
– X ∶ V ∗ ⇢ W ∗ where x ↦ z ⋀ y ↦ z ⟶ (x = y)
that is injective:
– X −1 : V ∗ ⇠ W ∗ x ↤ z iff (x ↦ y)
• The converse is written X-1:
10/29/2012 © 2012, C.J. Dedduwage, University of Colombo 15
- 16. Fiber, Homophones and Nulls
• Fiber of message 𝑥: (𝑥 ∈ 𝑉 ∗ ) is defined 𝐻 𝑥 where
– 𝐻 𝑥 = 𝑦 ∈ 𝑊∗ 𝑥 ↦ 𝑦 𝑢𝑢𝑢𝑢𝑢 𝑋}
• If 𝑛(𝐻 𝑥 ) > 1 then each 𝑦 ∈ 𝐻 𝑥 is called a
Homophone (same x, many y’s)
• If (∆∈ 𝐻 𝑥 : 𝜀 ↦ ∆ 𝑢𝑢𝑢𝑢𝑢 𝑋), that is, non-empty
𝐻 𝑥 for empty word 𝜀 exist, they are called Nulls
Homophones and Nulls help to mask character and word frequencies.
10/29/2012 © 2012, C.J. Dedduwage, University of Colombo 16
- 18. Keys
• A Key is an external parameter that selects a
subset of the encryption steps
– C = E(P, KE): KE is the encryption key
– P = D(C, KD): KD is the decryption key
• If KE = KD then the cryptosystem is symmetric,
otherwise asymmetric
• If KE = KD = ε then M is a keyless cipher
10/29/2012 © 2012, C.J. Dedduwage, University of Colombo 18
- 19. Alphabets
• Number of steps in system M = |M| is known as
its cardinality
• If |M|=1 then the system M is monoalphabetic,
otherwise polyalphabetic
10/29/2012 © 2012, C.J. Dedduwage, University of Colombo 19
- 20. Word Lengths and Blocks
Word Length Encryption Decryption • A Block is a word from 𝑉 𝑛
1 Monographic Unipartite / that is subjected to one step
Monopartite
from M
2 Digraphic Bipartite
3 Trigraphic Tripartite
• If block length is 1 it is a
etc. Polygraphic Polypartite
stream cipher, otherwise it
is a block cipher
• Note that in a suitable
All the above assumes that each encryption
vocabulary of character n-
step X is injunctive. If not, more than one tuples, a block encryption is
word from V would encrypt to the same W. simplified to a monographic
This, known as polyphony, is rarely seen.
encryption
The most basic encryption types are Substitution and Permutation (Transposition)
© 2012, C.J. Dedduwage, University of
10/29/2012 20
Colombo
- 21. Section III
CRYPTANALYSIS
© 2012, C.J. Dedduwage, University of
10/29/2012 21
Colombo