Lecture 1: Computer Security 09/01/18

Code vs ciphers

Encryption is crucial and necessary. However, it is not sufficient to protect and safeguard data.

Ciphers are required as they are hard to read even with lots of computing power.

Hex

It is the easiest way to write binary as text and is unreadable.

Base 64

It is the shortest way to write binary and is a common for key and cryptography. It takes a 6 bit and
encodes in ASCII.

Note: Encryption produces a sequence of bits but cannot be used to send message across email. The
encrypted text is sent using Base 64 and then converted back.

Caesar Cipher

Texts become unreadable.

Encryption- add 3 letters. (e.g a becomes d)

Decryption- move 3 letters back. (e.g d becomes a)

Therefore, the original information is recovered without any losses as compared to when
compressing an image which can result in parts being lost.

Using a key

Breaking a cipher is easy with mean of a key.

Key: How many letters do you advance?

Kerckhoffs’ Principle: A cipher should be secure even if the attacker knows everything about it apart
from the key.

Frequency analysis
It can be used to break a cipher.

Using the Caesar cipher rotating ‘n’ rotations is easy to break. A better scheme would be replacing
each letter with another letter give 26! Possible keys (around 4 x 1026).

However, this is not very secure as using a frequency analysis of

- how many times a symbol occurs (e.g letter ‘e’ is most occurring in the English language. Find the
most occurring character and replace it with the letter ‘e’)
- how many times a pair of symbols. (the combination ‘the’ is also very common.)

and replacing them would help break the cipher.

A good cipher requires a small change in plain text to create a large change in cipher text.
One Time Pads

Perfect encryption and needs a key as long as the message.

XOR/ add the key and the message.

XOR- binary version

message key cipher

0 0 0
0 1 1
1 0 1
1 1 0

Example

Key: SGFKPQYEIJ
- how many positions you need to move (E moves 5 position further as in alphabet)
- different offset for each letter.

Note: Cannot go back without the key and changing the key gives a different information.

Disadvantage:

- Key needs to be as long as text

-cannot use the same key twice

Using XOR

(M ⨁k) = M

M1 ⨁ k = M1

M2 ⨁ k = M2

M1 ⨁ k⨁ M2 ⨁ k= M1⨁ M2

Frequency analysis can reveal original message since key is no longer valid.

Block ciphers

Substitution is not enough when encrypting. Block ciphers are made up of a series of permutations
and combinations on each block.

Advanced Encryption Standard

-encrypts 128 bits in one go

Therefore 2128 possibilities through permutations.

This is approximately 1036 possibilities and makes decryption impossible even with modern
computing power.
Modulo arithmetic

-Arithmetic modulo “n” means that you count up to “n-1” then loop back to 0
For example, a clock is modulo 12 and numbered 0 to 11 and back to 0.

Sub-bytes
- fixed substitution based on matrix multiplication
-arranges bytes in 4x4 matrix and replaces the bytes by looking in a table.
Shift rows
- creates a global change
- therefore, frequency analysis is not possible
MixColumn
- this uses mathematic equations to mix the columns. (ensure the key can decrypt the equations)
AddRoundkey
- Key is used in this process only.
AES
- bit shifting operations followed by use of round key.

Crypto operation
- Should not be implemented by oneself as small mistakes can be omitted. Use from library.
-Timing attacks are the worst.
-it is important for embedded devices.
-Excellent random number generator is important for cryptography
-Key in terms of bytes is not readable. Print as integers.
-Key in terms of hex is the longest

Note: Crypto is brittle. Follow library to prevent mistake.