Documente Academic
Documente Profesional
Documente Cultură
Outline
Data
security
Cryptography basics
Cryptographic systems
DES
RSA
C. H. HUANG IN CML
Cryptography
Secret Writing
Encryption
Plaintext
Key
Ciphertext
Decryption
C. H. HUANG IN CML
Cryptographic Systems
C
ciphertext
plaintext
Dk
M
plaintext
Cryptosystem
requirements:
Efficient enciphering/deciphering
Systems must be easy to use
The security of the system depends only on the
keys, not the secrecy of E or D
C. H. HUANG IN CML
Secure Cipher
Unconditionally
secure
secure
C. H. HUANG IN CML
Secrecy Requirements
Ek
C
disallowed
C. H. HUANG IN CML
Dk
M
M
Authenticity requirements
Dk
disallowed
C. H. HUANG IN CML
10
Key-distribution cryptosystem
Message
Source
Encryption
Decryption
Receiver
11
Public-key Cryptosystem
Message
Source
Encryption
Key source 1
Ek
Decryption
Receiver
Key source 2
Dk
12
13
Digital Signature
Guaranteeing authenticity.
Let B be the recipient of a message m signed by
A. Then As signature must satisfy:
1. B must be able to able to validate As signature on m.
2. It must be impossible to forge As signature
3. If A disavow signing a message, a third party must
be able to resolve the distribute.
C. H. HUANG IN CML
14
1.
Dk(Ek(m))=Ek(Dk(m))=m
C. H. HUANG IN CML
15
DA(m)=S
EB(S)=C
Transformations applied
by sender
DB(C)=S
EA(S)=m
Transformations applied
by receiver
EA(DB(C))=EA(DB(EB(DA(M))))
=EA(DA(M))
=M
C. H. HUANG IN CML
16
Reference
Cryptography
C. H. HUANG IN CML
17
Conventional Cryptosystems
Using
(Permutation ciphers)
Stream Ciphers
C. H. HUANG IN CML
18
Substitution Ciphers
Replace
19
20
Permutation Ciphers
R
I
T
N
E
R
N O M T O E H I U S O I R
F
A
N C
Q
F
P
IRITNERNOMTOEHIUSOIRFANCQFP
21
Product Cipher
P
S
S
C. H. HUANG IN CML
22
C. H. HUANG IN CML
23
DES
C. H. HUANG IN CML
24
DES (cont.)
25
DES (cont.)
1.
C. H. HUANG IN CML
26
DES (cont.)
Key calculation
Each iteration i uses a different 48-bit key Ki derived
from the initial key K, which is input as a 64-bit block
with 8 parity bits in positions 8, 16, , 64.
PC-1 discards the parity bits and transposes the
remaining 56-bit bits to obtain PC-1(K).
PC-1(K) is then split to C and D of 28-bits each, and
circular shifted by LS.
Ci=LSi(Ci-1), Di=LSi (Di-1)
Ki=PC-2(CiDi).
C. H. HUANG IN CML
27
DES (cont.)
Deciphering
C. H. HUANG IN CML
28
29
Stream Ciphers
Cipher stream
Key stream
C. H. HUANG IN CML
30
NP-complete problems
A systematic deterministic solution is likely to require
exponential time in the number of inputs.
C. H. HUANG IN CML
31
32
C. H. HUANG IN CML
33
C. H. HUANG IN CML
34
The
35
36
C. H. HUANG IN CML
37
38
Using RSA
39
key
to recover a message
Guessed-plaintext attacks.
This attacks can be defeated by appending
random bits.
C. H. HUANG IN CML
40
Security of RSA
C. H. HUANG IN CML
41