Cryptography

The basic objective as for now:

Deal with communication of data between sender and receiver over some insecure
channel in the presence of an eavesdropper wanting to understand this information.
So sender and receiver ensure via cryptography and its applications that info is not
compromised.
For example integrity of data secrecy of data etc.
So crypto gives principles for all this.
Start with a communication !"#$%
"lice and &ob wish to go for Dinner together%
"lice wants 'hinese while &ob intends (ndian% So how do they resolve this problem)
They could use an unbiased coin.
*ow consider a situation if both of them are far apart and communicate on
telephone.
Then theres a problem of T+,ST%
-ow do we resolve this problem))
So in order to resolve this they engage in a .+/T/'/0.
So they use a MAGIC FUNCTION f1x2.
Properties of f(x)
"ssume Domain and range of f1x2 are set of integers.
3. One-wayness - For every integer x it is easy to compute f1x2 from x but it is
hard to compute x from f1x2. That is it is easy to compute but hard to invert%
$x: 4 large prime numbers p and 5. !iven *6p75 then given 1 p 5 2 computing * is
easy.
&ut given * and computing 1p 52 is a relatively hard problem called Factori8ation
.roblem% 92
So the latter is a better candidate for magic function%
4. Collision Resistance- (t is hard to :nd a pair of distinct integers x and y such
that f1x26 f1y2.
!iven f1x2 output two values x%6y s.t. f1x26f1y2. This should be hard%
So lets see if these two properties resolve the problem%
.+/T/'/0%
So both agree on a #agic Function f1x2.
"n even number x represents -$"D%
"n odd number x represents T"(0%
So what they are doing is replacing the coin by the function f%
;hat happens%
"lice chooses a random x.
*ow the probability <x is even= 6 .< x is odd= 6 3>4
So there is no problem till now%
&ut the problem arises when "lice communicates to &ob whether x is odd>even.
&ob initially had to guess the parity of x%
-$"D? it is even.
T"(0? it is odd.
So "lice can lie to &ob%
That is the problem%
So "lice and &ob use function f to communicate the parity of x.
That is "lice passes on x by computing f1x2.
This is how the whole thing happens:
? "lice pic@s x and computes f1x2.
? &ob tells "lice his guess if x is odd or even%
? So &ob already has f1x2.
*ow "lice sends x to &ob%
"nd &ob veri:es by computing f1x2.
Aeep in mind that f1x2 doesnt tell anything about parity of x 1as per one?wayness of
magic function2 and "lso that there arent other values of x that compute to similar
values of f1x2. 1 as per collision resistance2.
*ow 0et us test if "lice can cheat))
For this he needs to create y%6 x st f1x26f1y2 < -ard to do=
*ow can &ob guess better than a random guess% :p
"s f1x2 spea@s nothing of x. So probability of guess is B 1random2.
*ow lets consider a more concrete example.
"lice C &ob%
+esolve a dispute over telephone%
$ncode possibilities of dispute by a binary value.
"lice?D&ob ? pic@s up x <x is a 4EE bit number=. calculates f1x2. sends f1x2 to &ob%
&ob?D"lice F tells guess of parity.
"lice?D&ob F sends x to &ob to cross chec@ result.
So we need to thin@ of such a magic function f1x2.
x is GE3H stream of 4EE values.
f ta@es in values of x.
(t divides these bits into groups of 3EE each.
"nd now performs a bitwise /+ between corresponding values in this group% 92
So f1x2 is the result of bitwise /+%
So now :nd probabilities of &ob succeeding and cheating.
"voiding any advantage to anyone% :p
So the function f1x2 6 1the most signi:cant 3EE bits of x2 I 1the least signi:cant 3EE
bits of x2.
So &ob has been provided f1x2 and has to guess x.
So he can exploit the property that aIb for EIE6E otherwise 3.
f1x2 can be E or 3. So bob chec@s only 0S&% So if 0S& is E. Then &ob can say easily
that x is even% So he wins by cheating%
&ut if its not E he says 3. Than it could be1E32 13 E2 or 1332 so prob < success = is
4>J.
"gain advantage%
So &obs probability of success6 .<x is even=7 .<&ob succeedsK x is even = L . <x is
odd=7 .<&ob succeedsK x is odd = 6 B 1 BL3 2 6 M i.e. *ot ideal%
So it is not a good candidate for #agic function%
So we study more ideal candidates in 'rypto. That ma@es crypto interesting in its
scope%
$ven "lice can cheat by changing value and parity of x @eeping f1x2 intact% 92
So well try and build many #"!(' functions further.
1" problem is easy when it is solved in time C space which can be measured by a
small degree polynomial in the si8e of the problem%2.
*ow%
" slight /verview of #odern cryptography%%
So what are the main objectives of cryptography%
32 'on:dentiality? hiding info from unauthori8ed access.
42 (ntegrity? preventing info from unauthori8ed modi:cation%
J2 "vailability? should be easily available to authori8ed users%
So imagine communication between &ob and "lice through unreliable channel and
an eavesdropper $ve tries to drop into this channel.
So we ensure the following:
Confdentiality- over un?trusted networ@ info should remain secret related to
both storage and transmission of info.
Integrity- change should be made by authori8ed user prevent modi:cation detect
any modi:cation made.
Availability- data must be available mechanisms should have small overhead%
Mecanis!s-
These rely on @eys. *ow "lgorithms are available on public domains. &ut the @eys
are the ones that are attac@ed often.
Cryptograpic Attac"s- (te Interesting Part)
Cryptanalytic attac"s- applies mathematical techni5ues to obtain @ey better than
a brute force search 1try all possibilities2.
/bjective is to ma@e defenses stronger. :p
ex: u try out all possibilities for a 34N bit @ey. i.e. all 4O34N @eys%
So we want an attac@ with lesser possibilities.
So all attac@s are distinguishers that is our ciphers should appear as random
though they are based on algorithms.
The goal of our attac@ is to :nd the properties in cipher which dont exist in random
distribution.
"ttac@er basically guesses a portion of @ey and chec@s for property.
This is how design Paw is exposed.
#on- cryptanalytic attac"s-
Threat to con:dentiality%
32 Snooping? unauthori8ed access or interception of info. $ncryption is used to ma@e
info non intelligible to the snooper. 1.assive attac@2
42 TraQc analysis? obtain identity of receiver or sender. "lso the type of message
transferred can be @nown by eavesdropper even after encryption.
Threat to integrity% 1.assive2
32 #odi:cation? leads to delay or change the content to foil the objective of a
transaction.
$x: (f " C & @now a @ey and want to send a transaction of +s. 3EEE to & from ". then
" R/+ that @ey with 3EEE and sends the encrypted data to &. "nd $avesdropper
doesnt come to @now the transaction.
*ow in this con:dentiality is maintained. &ut not integrity% 1"ctive2
(f an $ve 1eavesdropper2 R/+ s this with another @ey after interception integrity is
compromised.
So this shows that con:dentiality and integrity are 4 diSerent aspects to be dealt
with separately% 92
42 #as5uerading? attac@er can pretend to be legal sender or receiver to obtain
unauthori8ed access. 1"ctive2
J2 +eplaying? copies a message sent by a diSerent user and replays later.
;e use time stamps etc to prevent these. 1"ctive2
T2 +epudiation? sender could deny that he sent a message. +eceiver could refuse a
receipt.
Threat to availability?
32 Denial of service?
Slow down or disable system by bursting with re5uests.
/r the ac@nowledgements are deleted by attac@er and sender sends re5uests again
and again.
1"ctive attac@2
-ow do we achieve these goals))
Through Security Services 92
(nternational Telecommunication ,nion? Telecommunication Standardi8ation Sector
1(T,?T2 provides mechanisms for:
32 'on:dentiality
42 Data integrity
J2 "uthentication
T2 *on? repudiation
U2 "ccess control
Security #echanisms:
32 $ncipherment? -iding info by encryption steganography.
42 Data integrity? a small chec@sum 1hash2 value for a message is appended and
sent. The receiver chec@s for the validity of the chec@sum% 92
To solve the integrity issue we accompany the text with a hash @ey so that one
@nows if the transaction has been altered by decrypting the hash @ey from the
cipher text%
J2 Digital Signature
T2 "uthentication? to stop mas5uerading.
U2 TraQc padding? involves inserting bogus data to prevent traQc analysis.
V2 +outing 'ontrol? to select and change available channels.
W2 *otari8ation? have a third party that @eeps trac@ of transactions.
N2 "ccess control
$ypes of cryptograpic algorit!s-
%) &y!!etric "ey Cipers- Sender and receiver share same piece of @ey for
message exchange.
') Asy!!etric "ey Cipers- Sender encrypts message using public @ey and
receiver decrypts using a secret 1or private2 @ey.
() )as f*nctions
&teganograpy- covered writing. $x: write on wood and cover with wax.
ex: blan@s between words in a sentence give code.
/+ bytes in a colored digiti8ed images.