Cryptography and

Its Applications
ITBP 301
Fall-2015

Outline
Introduction to Encryption
Secret Key Encryption Principles
Secret Key Encryption Algorithms
Cipher Block Modes of Operation
Public Key Encryption

Cryptography

Benefits of Cryptographic
Protocols

The use of cryptographic protocols can help us

with some of the issues in e-mail security:

messages should be transmitted to destination

only the recipient should see it
only the recipient should get it
proof of the senders identity
message should not be corrupted in transit
message should be sent/received once only

Notice: help, not solve.

Historical Encryption

An ancient art - update over time with new

technology
Julius Caesar used a consistent cipher that today
bears his name
Evidence that it was used over 4000 years ago by
the
Egyptians.
The Arabs in the 7th Century AD were the first to
write down methods of cryptanalysis

Caesar/Shift Cipher

Example:
K

=3
A D, B E , C F, , X A , Y B Z
C
HELLO

KHOOR

Click here to try the Java Applet

Caesar Cipher Cryptanalysis

Assume a Hacker caught this Cipher message:

:GB OR BE ABG GB OR: GUNG VF GUR DHRFGVBA
JURGURE 'GVF ABOYRE VA GUR ZVAQ GB FHSSRE
,GUR FYVATF NAQ NEEBJF BS BHGENTRBHF SBEGHAR
,BE GB GNXR NEZF NTNVAFG N FRN BS GEBHOYRF
;NAQ OL BCCBFVAT RAQ GURZ? GB QVR: GB FYRRC
AB ZBER; NAQ OL N FYRRC GB FNL JR RAQ
GUR URNEG-NPUR NAQ GUR GUBHFNAQ ANGHENY FUBPXF
GUNG SYRFU VF URVE GB, 'GVF N PBAFHZZNGVBA
;QRIBHGYL GB OR JVFU'Q. GB QVR: GB FYRRC
;GB FYRRC: CREPUNAPR GB QERNZ: NL, GURER'F GUR EHO
SBE VA GUNG FYRRC BS QRNGU JUNG QERNZF ZNL PBZR
,JURA JR UNIR FUHSSYRQ BSS GUVF ZBEGNY PBVY
ZHFG TVIR HF CNHFR: GURER'F GUR ERFCRPG
;GUNG ZNXRF PNYNZVGL BS FB YBAT YVSR

Caesar Cipher Cryptanalysis

GB OR BE ABG GB OR: GUNG VF GUR DHRFGVBA:

JURGURE 'GVF ABOYRE VA GUR ZVAQ GB FHSSRE
,GUR FYVATF NAQ NEEBJF BS BHGENTRBHF SBEGHAR
,BE GB GNXR NEZF NTNVAFG N FRN BS GEBHOYRF
;NAQ OL BCCBFVAT RAQ GURZ? GB QVR: GB FYRRC
AB ZBER; NAQ OL N FYRRC GB FNL JR RAQ
GUR URNEG-NPUR NAQ GUR GUBHFNAQ ANGHENY FUBPXF
GUNG SYRFU VF URVE GB, 'GVF N PBAFHZZNGVBA
;QRIBHGYL GB OR JVFU'Q. GB QVR: GB FYRRC
;GB FYRRC: CREPUNAPR GB QERNZ: NL, GURER'F GUR EHO
SBE VA GUNG FYRRC BS QRNGU JUNG QERNZF ZNL PBZR
,JURA JR UNIR FUHSSYRQ BSS GUVF ZBEGNY PBVY
ZHFG TVIR HF CNHFR: GURER'F GUR ERFCRPG
;GUNG ZNXRF PNYNZVGL BS FB YBAT YVSR

N could be I or A key is 5 or 13

Caesar Cipher Cryptanalysis

Try the shift:

1, 6, 13, or 17
The common shift is
13

Monoalphabetic Cipher
Plain:
abcdefghijklmnopqrstuvwxyz
Cipher Key:
DKVQFIBJWPESCXHTMYAUOLRGZN
EXAMPLE
Plaintext:

ifwewishtoreplaceletters
Ciphertext:WIRFRWAJUHYFTSDVFSF
UUFYA

Playfair Cipher

a 5X5 matrix of letters based on a keyword

fill in letters of keyword (sans duplicates)
fill rest of matrix with other letters
eg. using the keyword CHARLES

L
F
N
U
Z

R
D
M
T
Y

A
B
K
Q
X

H
S
I
P
W

C
E
G
O
V

Click here to try the Java Applet

..Playfair

Cipher- Cont

Plaintext is encrypted two letters

at a time according to the following
rules:

Repeating plaintext letters that fall in

the same pair are separated with a
filter letter, such as x.
Plaintext letters that fall in the same
row of the matrix are each replaced by
the letter to the right.
Plaintext letters that fall in the same
column are each replaced by the letter
beneath
Otherwise, each plaintext letter is
replaced by the letter that lies in its
own row and the column occupied by
the other letter plaintext letter.

Example:
Plaintext: kill
Step # 1: Kill becomes kI lx lx
Step # 2: KI becomes EK; lx becomes
SU.
Ciphertext: EKSUSU

Vigenre Cipher

An improvement over the Playfair

It is a polyalphabetic substitution cipher
Effectively multiple Caesar ciphers
Key is multiple letters long K = k1 k2 ... kd
ith letter specifies ith alphabet to use
Use each alphabet in turn
Repeat from start after d letters in
message
Decryption simply works in reverse

Vigenre Cipher

KEY

Vigenre Cipher

write the plaintext out

write the keyword repeated above it
use each key letter as a caesar cipher key
encrypt the corresponding plaintext letter
eg using keyword deceptive

key:
deceptivedeceptivedeceptive
plaintext:
wearediscoveredsaveyourself
ciphertext:ZICVTWQNGRZGVTWAVZHCQYGLM
GJ

Vigenre Cipher Autokey

Cryptanalysis
Ideally, we need a key as long as the
message
Vigenre proposed the autokey cipher
Example:

key:
deceptivewearediscoveredsav
plaintext:
wearediscoveredsaveyourself
ciphertext:ZICVTWQNGKZEIIGASXSTSLVVW
LA

Transposition Ciphers

Hiding the message by rearranging the

letter order without altering the actual
letters used

Still can be recognised since ciphertext

have the same frequency distribution as
the original text

Rail Fence cipher

write message letters out diagonally over
a number of rows
then read off cipher row by row
eg. write message out as:

m e m a t r h t g p r y
e t e f e t e o a a t

giving ciphertext
MEMATRHTGPRYETEFETEOAAT

Row Transposition Ciphers

a more complex scheme

write letters of message out in rows over a
specified number of columns
then reorder the columns according to some key
before reading off the rows
M = attackpostponeduntiltwoam
Key:
4 3 1 2 5 6 7
Plaintext: a t t a c k p
o s t p o n e
d u n t i l t
w o a m x y z
C: TTNAAPTMTSUOAODWCOIXKNLYPETZ

Terminologies

Encryption The process of coding a

message so that its meaning is concealed
Decryption The process of
transforming an
encrypted message into the original form
Often we use encode or encipher instead
of encrypt, and decode or decipher instead
of decrypt
Cryptosystem A system for encryption
and
decryption

Terminologies

Plaintext or Cleartext A message

in its original form
Ciphertext A message in the
encrypted form
Cryptography The practice (or art)
of using encryption to conceal text
Cryptographer Invents/discovers
encryption algorithms (Good Guys)
Cryptanalyst Attempts to break
encryption algorithms (Bad Guys)

Encryption and Decryption

Cryptographic Services

Confidentiality
Content

Authentication

cannot be revealed

Message cannot be forged

Integrity
Message

cannot be altered

Non-repudiation
Only

sender could have produced the

message

Different types of Algorithms

Restricted Algorithm
The

security of a restricted algorithm

requires keeping the algorithm secret.

Key-Based Algorithm
The

security of key-based algorithms is

based on the secrecy of the algorithm,
the secrecy of the key (s), or both.

Stream and Block Ciphers

Stream ciphers convert each symbol of

plaintext into a symbol of ciphertext

For block ciphers, break the plaintext

into strings (called blocks) of fixed
length and encrypt one block at a time

Most well-known symmetric key encryption

schemes are block ciphers

Block Ciphers Sizes & key Sizes

64 bit data block size
Key sizes

Data

Encryption Standard DES: 56 bit

key
Double DES: 112 bit key
Triple DES 168
IDEA: 128 bit key
Skipjack (Clipper): 80 bit
also RC2 and Advanced Encryption
Standard

Block Size (cont.)

Variable data block size

RC5
32,

64, or 128 block size

Variable key size
Variable number of rounds

new Advanced Encryption Standard

must

support key-block combinations of

128-128,192-128, 256-128 (may support
other ones)

Cryptosystems

Secret Key Cryptosystem

Notation
C = E(K,M)
M = D(K,C)

K: Key
E: Encryption Algorithm
D: Decryption Algorithm
M: Plaintext Message
C: Ciphertext Message

Cryptanalysis
Cryptanalyst is assumed to know E
and D
Objective of the cryptanalyst is to
discover the secret key K
(The real objective might be to discover
the plaintext message M, but this is
generally assumed to be equivalent to
discovering K)

Secret Key

Confidentiality depends only on the secrecy

of the key
Secret key systems do not scale well:
With

N parties, it is necessary to generate and

distribute N*(N-1)/2 keys

Long-term keys
Prolonged

use increases the exposure

Session keys
Short-term

term key

keys communicated using the long-

Cryptanalysis Attacks

Ciphertext Only
Cryptanalyst

Known Plaintext
Cryptanalyst

pairs

only knows ciphertext

knows some plaintext-ciphertext

Chosen Plaintext
Cryptanalyst

knows some plaintext-ciphertext

pairs for plaintext of the cryptanalyst's choice

Chosen Ciphertext
Cryptanalyst

knows some plaintext-ciphertext pairs

for ciphertext of the cryptanalyst's choice

Basic Encryption Techniques

Substitution
Permutation (or transposition)
Product Cipher: Combinations and
iterations of these

SIMPLE ALIPHABETIC
SUBSTITUTION

Example Key:
Plaintext ABCDEFGHIJKLMNOPQRSTUVWXYZ
Ciphertext PZQSGIMBWXDFKJVCHAOLUTERYN
Trivially broken for known plaintext attack
Easily broken for ciphertext only attack (or
natural language plaintext)
Multiple encipherment does not help (No point in
doing two substitutions in sequence)

SIMPLE PERMUTATION

Example key:

Plaintext 1234
Ciphertext 4312
Easily broken for ciphertext only attack (or
natural language plaintext)
Multiple encipherment does not help (No point in

doing two substitutions in sequence)

PRODUCT CIPHER

Substitution followed by permutation followed by

substitution.
Best known example is DES
For known plaintext/chosen plaintext/chosen
ciphertext breakable by exhaustive search of key
space
Therefore security is based on computational
complexity

Average time required for

exhaustive key search
Key Size (bits)

Number of
Alternative Keys

Time required at 106 Decryption/s

32

x 109 4.3 = 232

milliseconds 2.15

56

x 1016 7.2 = 256

hours 10

128

x 1038 3.4= 2128

x 1018 years 5.4

168

x 1050 3.7= 2168

x 1030 years 5.9

PERFECT SECRECY
VERNAM ONE-TIME PAD

Each component of the encrypting key is

XORed with the each bit of the plaintext
Example: Keystream bits 10110110

Plaintext bits 11000011

Ciphertext bits 01110101

Is the ultimate cipher but is impractical for

most situations
You need as many bits in the key as in the
message

PERFECT SECRECY
VERNAM ONE-TIME PAD
Key cannot be reused
Known plaintext reveals the portion of the
key that has been used, but does not
reveal anything about the future bits of the
key

Secret-Key Cryptographic
Algorithms

Data Encryption Standard (DES)

The

most widely used encryption scheme

The algorithm is reffered to the Data
Encryption Algorithm (DEA)
DES is a block cipher
The plaintext is processed in 64-bit blocks
The key is 56-bits in length

DES Overview

Data Encryption Standard

(DES)
Has stood up remarkably well against 15
year of public cryptanalysis
Adopted as ANSI DEA (Data Encryption
Algorithm)
Considered by IOS as a standard but
abandoned due to concern that it may
become too widespread and becomes a
target

DES Controversies

Major weakness is the key size of 56 bit ( it has been

broken)

In 1997 researchers using over 3500 machines in parallel were

able to infer a DES key in four months work
In 1998 researchers built a special DES cracker machine for
approximately $100,000 that could find a DES key in approx. four
days.

Does this mean the DES is insecure? No, not yet!

The 1997 attack required a great deal of corporation

The 1998 machine is still rather expensive.

Triple DES

Use three keys and three executions of

the DES algorithm (encrypt-decryptencrypt)
C=
EK3[DK2[EK1[P]]]

C = ciphertext
P = Plaintext
EK[X] = encryption of X using key K
DK[Y] = decryption of Y using key K

Effective key length of 168 bits

Triple DES

Private-Key Cryptography
(summary)

traditional private/secret/single key cryptography uses

one key
shared by both sender and receiver
Secret key systems do not scale well:

With N parties, it is necessary to generate and distribute N*(N1)/2 keys

if this key is disclosed communications are compromised

also is symmetric, parties are equal
hence does not protect sender from receiver forging a
message & claiming is sent by sender

Public-Key Cryptography

probably most significant advance in the 3000 year

history of cryptography
Each user has two keys a public & a private key

The user may publish the public key freely because each key
does only half of the encryption and decryption process
The keys operate as inverses, meaning that one key undoes the
encryption provided by the other key

P D ( k PRIV , E ( k PUB , P ))

P D ( k PUB , E ( k PRIV , P ))

complements rather than replaces private key crypto

Public-Key Cryptography

asymmetric because parties are not equal

Cryptography involves the use of two keys:
a

public-key (may be known by anybody), can be

used to encrypt messages, and verify signatures.
a private-key (known only to the recipient), can be
used to decrypt messages, and sign (create)
signatures.

How it works?
Encryption
Authentication
both

Encryption using Public-Key

system

Authentication using Public-Key

System

?Why Public-Key Cryptography

developed to address two key issues:

key

distribution how to have secure

communications in general without having to
trust a KDC with your key
digital signatures how to verify a message
comes intact from the claimed sender

public invention due to Whitfield Diffie &

Martin Hellman at Stanford Uni in 1976
known

earlier in classified community

Public-Key Characteristics

Public-Key algorithms rely on two keys

with the characteristics that it is:
computationally

infeasible to find decryption

key knowing only algorithm & encryption key
computationally easy to en/decrypt messages
when the relevant (en/decrypt) key is known
either of the two related keys can be used for
encryption, with the other used for decryption
(in some schemes)

Public-Key Cryptosystems

Public-Key Applications

can classify uses into 3 categories:

encryption/decryption

(provide secrecy)
digital signatures (provide authentication)
key exchange (of session keys)

some algorithms are suitable for all uses,

others are specific to one

Security of Public Key Schemes

like private key schemes brute force exhaustive

search attack is always theoretically possible
but keys used are too large (>512bits)
security relies on a large enough difference in
difficulty between easy (en/decrypt) and hard
(cryptanalyst) problems
more generally the hard problem is known, its
just made too hard to do in practise
requires the use of very large numbers
hence is slow compared to private key schemes

Public-Key Cryptographic
Algorithms

RSA and Diffie-Hellman

RSA - Ron Rives, Adi Shamir and Len Adleman
at MIT, in 1977.
RSA is

a block cipher
The most widely implemented

Diffie-Hellman
Exchange

a secret key securely

Compute discrete logarithms

RSA use

RSA algorithm is for key generation (find

public and private keys)
Public

Key
Private key

KU={e,n}
KR={d,n}

to encrypt a message M, the sender:

obtains

public key of recipient KU={e,N}

computes: C=Me mod N, where 0M<N

to decrypt the ciphertext C, the receiver:

uses his private key KR={d,N}
computes: M=Cd mod N

The RSA Algorithm Key Generation

Select p,q
Calculate
Calculate

p and q both prime

n=pxq

(n) ( p 1)( q 1)

A large value of effectively inhibits factoring it to infer p and q

Select integer e

gcd( (n), e) 1; 1 e (n)

e is chosen so that e is relatively prime to , i.e. e has no factors in

common with .

Calculate d

Public Key
Private key

( d * e) mod( ( n )) 1
KU = {e,n}
KR = {d,n}

RSA Example (key generation)

1.

Select primes: p=17 & q=11

P and q should be large. Typically there are 100 digits each

2.
3.

Compute n = pq =1711=187
Compute (n)=(p1)(q-1)=1610=160
A large value of effectively inhibits factoring it to infer p and q

4.

Select e : gcd(e,160)=1; choose e=7

An easy way to guarantee that e is relatively prime to or (p-1)*(q-1) is to
choose e as a prime that is larger than both (p-1) and (q-1)

5.

Determine d: de mod 160 =1 and d < 160; value d=23

d=23 since 237=161, and 161 mod 160 = 1

6.
7.

Publish public key KU={7,187}

Keep secret private key KR={23,187}

RSA Example (encrypt/decrypt)

RSA Use

to encrypt a message M the sender:

obtains

public key of recipient KU={e,N}

computes: C=Me mod N, where 0M<N

to decrypt the ciphertext C the owner:

uses their private key KR={d,N}
computes: M=Cd mod N

note that the message M must be smaller

than the modulus N (block if needed)

RSA Security

three approaches to attacking RSA:

brute

force key search (infeasible given size

of numbers)
mathematical attacks (based on difficulty of
computing (N), by factoring modulus N)
timing attacks (on running of decryption)

Diffie-Hellman Key Derivation

Prior agreement on (non.secret) prime q and value

Other Public-Key Cryptographic

Algorithms

Digital Signature Standard (DSS)

Makes

use of the SHA-1

Not for encryption or key echange

Elliptic-Curve Cryptography (ECC)

Good

for smaller bit size

Low confidence level, compared with RSA
Very complex