Network Security and Cryptography Lecture 2

Uday Prakash Pethakamsetty

Udayprakash.jntuhceh@gmail.com

Model for Network Security

1. Designing a suitable cryptography algorithm 2. Secret Key Generation for the algorithm. 3. develop methods to distribute and share the secret information. 4. specify a protocol to use the transformation and secret information for a security service.

TRADEOFF :::Efficiency, Resource Utilization and Security

Especially in resource constraint networks. E.g.: Wireless sensor networks

TRADEOFF: Security, Cost and Speed

12/21/2012 Dept. of ECE Network Security & Cryptography 2

Model for Network Access Security

Using this model requires us to:
1. select appropriate gatekeeper functions to identify users 2. implement security controls to ensure only authorised users access designated information or resources. NOTE that model does not include: a) Monitoring of system for successful penetration. b) Monitoring of Authorized users for

misuse.

12/21/2012

Dept. of ECE

Network Security & Cryptography

CRYPTOLOGY
Cryptology= cryptography + cryptanalysis. Cryptography Area of study of encryption &
decryption. Cryptanalysis Techniques used for deciphering a message without any knowledge of enciphering details i.e, studying ways for breaking the code. Encryption (Enciphering) Process of converting from plain text to cipher text. Decryption (Deciphering) Process of restoring the plain text from the cipher text.

Plain Text the original intelligible message. Cipher Text coded unintelligible message.
12/21/2012 Dept. of ECE Network Security & Cryptography 4

Roadmap of Cryptography
classical cryptography (--- 1920s) secret writing required only pen and paper Mostly: transposition, substitution ciphers Easily broken by statistics analysis (e.g., frequency) mechanical devices invented for encryption Rotor machines (e.g. Enigma cipher) 1930s-1950s featured in films, such as in the James Bond adventure From Russia with Love specification of DES and the invention of RSA (1970s) --modern ciphers Public key system, most notably Quantum Cryptography (future?)
12/21/2012 Dept. of ECE Network Security & Cryptography 5

History--Ancient Ciphers
Have a history of at least 4000 years Ancient Egyptians enciphered some of their hieroglyphic writing on monuments Ancient Hebrews enciphered certain words in the scriptures , and bible used a reverse-alphabet simple substitution cipher known as the ATBASH cipher 2000 years ago Julius Caesar used a simple substitution cipher, now known as the Caesar cipher Roger bacon described several methods in 1200s
12/21/2012 Dept. of ECE Network Security & Cryptography 6

History--Ancient Ciphers
Geoffrey Chaucer included several ciphers in his works. Leon Alberti devised a cipher wheel, and described the principles of frequency analysis in the 1460s Blaise de Vigenre published a book on cryptology in 1585, & described the polyalphabetic substitution cipher Increasing use, esp in diplomacy & war over centuries
12/21/2012 Dept. of ECE Network Security & Cryptography 7

1900 B.C.Egytpian Hieroglyphic writing

12/21/2012

Dept. of ECE

Network Security & Cryptography

1500 B.C.--Mesopotamia
A 3" x 2" Mesopotamian tablet contained an enciphered formula for making pottery glaze. Cuneiform signs were used in the least common syllabic values to attempt to hide secrets of the formula. About Cuneiform: Pictograms, or drawings representing actual things, were the basis for cuneiform writing.

12/21/2012

Dept. of ECE

Network Security & Cryptography

50-60 B.C.Julius Caesar

Julius Caesar's simple substitution cipher.
This type of encryption is one of the simplest and most widely known encryption techniques. Each letter of the plaintext is replaced by a letter some fixed number of positions further down the alphabet.

12/21/2012

Dept. of ECE

Network Security & Cryptography

10

Polybius Square
Polybius was responsible for

a useful tool in telegraphy

which allowed letters to be easily also signaled lends using itself a to

numerical system. This idea

cryptographic manipulation.

12/21/2012

Dept. of ECE

Network Security & Cryptography

11

1000-Frequency Analysis
Frequency Analysis leading to techniques for breaking mono-alphabetic substitution ciphers. Frequency analysis is based on the fact that in any given stretch of a language, letters and combinations of letters occur with varying frequencies. In the English language for example, E is the most common letter, while X is rare. Its use spread, and was so widely used by European states by the Renaissance that several schemes were invented by cryptographers to defeat it. These included homophones, poly-alphabetic substitution and poly-graphic substitution schemes. It was the most fundamental cryptanalytic advance until WWII.
12/21/2012 Dept. of ECE Network Security & Cryptography 12

1467- Poly-alphabetic cipher

A polyalphabetic cipher is any cipher based on substitution, using multiple substitution alphabets. The Alberti cipher by Leon Battista Alberti around 1467 was believed to be the first polyalphabetic cipher. Alberti used a mixed alphabet to encrypt a message, but whenever he wanted to, he would switch to a different alphabet, indicating that he had done so by including an uppercase letter or a number in the cryptogram. More Examples: The Vigenre cipher is probably the best-known example of a polyalphabetic cipher, though it is a simplified special case. The Enigma machine is more complex but still fundamentally a polyalphabetic substitution cipher. Good till 1800s
12/21/2012 Dept. of ECE Network Security & Cryptography 13

1587- Vigenere Cipher

The Vigenere Cipher is polyalphabetic, meaning that instead of there being a one-toone relationship between each letter and its substitute, there is a one-to-many relationship between each letter and its substitutes.
The encipherer chooses a keyword and repeats it until it matches the length of the plaintext 1863 - Kasiski breaks Vigenere Cipher (Prussian major), based on earlier Charles Babbage's Crimean War era work on mathematical cryptanalysis.
12/21/2012 Dept. of ECE Network Security & Cryptography 14

1587--Mary Queen of Scots

Mary Queen of Scots was beheaded for plotting against Queen Elizabeth using mono-alphabetic substitution ciphers. Mary was condemned on the basis of evidence obtained from enciphered messages cracked by Tomas Phelippes. Phelippes was able to crack a cipher used by Mary and conspirators who wanted to place her on the English throne, even though the cipher contained nulls and codewords.
12/21/2012 Dept. of ECE Network Security & Cryptography 15

1753 - The Telegraph Invented

The Telegraph showed that electrostatically generated signals which stood for letters of the alphabet could be sent a long way through a wire with the circuit being completed through the Earth.

12/21/2012

Dept. of ECE

Network Security & Cryptography

16

1845 - Morse Code

Samuel Morse creates Morse code: Morse code represents letters, numbers and punctuation marks by means of a code signal sent intermittently. It uses to states(on and off) composed into five symbols: dit('), dah(-), short gap (between letters), medium gap (between words) and long gap (between sentences).
12/21/2012 Dept. of ECE Network Security & Cryptography 17

1918 - ADFGVX Cipher

The German ADFGVX cipher was the first cipher used by the German Army during World War I. This was a fractioning transposition cipher which combined a modified Polybius square with a single columnar transposition

12/21/2012

Dept. of ECE

Network Security & Cryptography

18

1918 - The Enigma

Arthur Scherbius designed the Enigma a device which allowed businesses to communicate confidential documents without having to resort to clumsy and slow codebooks. The device consisted of many rotors turning on a common axis. The rotors had numbers 1 through 26 marked on the edge, or the alphabet A-Z, and were equipped with 26 electrical contacts (one for each letter of the alphabet) so that when a letter was pressed, the output would depend on the position of the rotor and its cross wiring. Within the same year, the Enigma was put to use; most famously by Nazi Germany before and during WWII.

12/21/2012

Dept. of ECE

Network Security & Cryptography

19

1918-1945
Mathematical methods proliferated in the period prior to World War II
(notably in William F. Friedman's application of statistical techniques to cryptanalysis and cipher development and in Marian Rejewski's initial break into the German Army's version of the Enigma system) in 1932.

12/21/2012

Dept. of ECE

Network Security & Cryptography

20

1968- British Intelligence inventors of PKC

James Ellis, Clifford Cocks, Malcolm Williamson stated as the original inventors of public key cryptography. This fact was originally kept secret until after 1976

when Diffie and Hellman take credit for discovering

PKC. RSAGovernment Communications Headquarters, US in 1958
12/21/2012 Dept. of ECE Network Security & Cryptography 21

1971 - Lucifer
Horst Feistel created Lucifer at IBMs Thomas J. Watson Laboratory. Lucifer was the name given to several of the earliest civilian block ciphers. It was a direct precursor to the Data Encryption Standard. 17 March 1975 --- DES draft
Federal Information Processing Standard Publication in 1977 (currently at FIPS 46-3)
12/21/2012 Dept. of ECE Network Security & Cryptography 22

1976 - Diffie & Hellman

Whitfield Diffie & Martin Hellman publish Public-key Cryptography.
This asymmetric key cryptosystem was known as the DiffieHellman key exchange, and was the first published practical method for establishing a secret key through unprotected communications channels without a prior shared secret.

12/21/2012

Dept. of ECE

Network Security & Cryptography

23

2001--AES
In 2001 when NIST announced FIPS 197. After an open competition, NIST selected Rijndael, submitted by two Belgian cryptographers, to be the AES. Later evolved, Triple DES.

12/21/2012

Dept. of ECE

Network Security & Cryptography

24

Modern Cryptanalysis
While modern ciphers like AES and the higher quality asymmetric ciphers are widely considered unbreakable,
poor designs and implementations are still sometimes adopted and there have been important cryptanalytic breaks of deployed crypto systems in recent years. Notable examples of broken crypto designs include DES, the first Wi-Fi encryption scheme WEP, the Content Scrambling System used for encrypting and controlling DVD use, the A5/1 and A5/2 ciphers used in GSM cell phones, Thus far, not one of the mathematical ideas underlying public key cryptography has been proven to be 'unbreakable

12/21/2012

Dept. of ECE

Network Security & Cryptography

25

Symmetric Encryption
or conventional / private-key / single-key sender and recipient share a common key all classical encryption algorithms are private-key was only type prior to invention of public-key in 1970s Two basic components of classical ciphers:
Substitution: letters are replaced by other letters Transposition: letters are arranged in a different order

These ciphers may be:

or Polyalphabetic: where several substitutions/ transpositions are used Product cipher:

--several ciphers concatenated together.

Monoalphabetic: only one substitution/ transposition is used,

12/21/2012

Dept. of ECE

Network Security & Cryptography

26

Symmetric Cipher Model

12/21/2012

Dept. of ECE

Network Security & Cryptography

27

Key Management
Using secret channel Encrypt the key Third trusted party The sender and the receiver generate key
The key must be same We will talk more about how we can generate keys for two parties who are unknown of each other before, and want secure communication
12/21/2012 Dept. of ECE Network Security & Cryptography 28

Cryptanalysis

12/21/2012

Dept. of ECE Network Security & Cryptography

29

Possible Attacks
Recover the message Recover the secret key Thus also the message Thus the number of keys possible must be large!
cipher text only only know algorithm / cipher text, statistical, can identify plaintext known plaintext know/suspect plaintext & cipher text to attack cipher chosen plaintext select plaintext and obtain cipher text to attack cipher chosen cipher text select cipher text and obtain plaintext to attack cipher chosen text select either plaintext or cipher text to en/decrypt to attack cipher

12/21/2012

Dept. of ECE

Network Security & Cryptography

30

Security
No crime can be committed clueless. No Security service can be implemented flawless. There are TWO fundamentally different securities:
1. Unconditional Security
No matter how much computational power is available, the cipher cannot be broken.

2. Computational Security
Given limited computing resource, the cipher cant be broken within its lifetime.

12/21/2012

Dept. of ECE

Network Security & Cryptography

31