Slide 1OutlineDefinitionsGoals of CryptographyProcessKey ClusteringSymmetric Key CryptographyPublic Key CryptographySlide 9Initialization VectorSlide 11Block CipherSlide 13Stream CipherSlide 15Digital SignatureSlide 17Work FactorHash FunctionChecksumSubstitution CiphersSlide 22Message Authentication CodesKey ManagementCertificate AuthoritySlide 26Public Key InfrastructureWeb of TrustSteganographySlide 30Digital WatermarkingSlide 32AlgorithmsAttacksDr. Bhavani ThuraisinghamCyber SecurityLecture for July 9, 2010Cryptography13-201/14/19 10:45 Outline0Definition of Cryptography0Important concepts-Symmetric and Asymmetric, Hash, Digital Signature etc. 0Steganography and Digital watermarking0Algorithms0Attacks13-301/14/19 10:45 Definitions0Cryptography-Mathematical manipulation of information that prevents the information being disclosed or altered0Cryptanalysis-Defeating the protected mechanisms of cryptography0Cryptology-Study of Cryptography and Cryptanalysis13-401/14/19 10:45 Goals of Cryptography0Confidentiality0Integrity0Authenticity0Non-repudiation0Access Control0Make compromise difficult13-501/14/19 10:45 Process0Input (also called Plaintext or Clear Text)0Cryptosystem (device that performs encryption/decryption)0Cryptographic Algorithms (Mathematical functions)0Output (Cipher text or Cryptogram)0Key (Crypto variable)13-601/14/19 10:45 Key Clustering0In cryptography, key clustering is said to occur when two different keys generate the same ciphertextfrom the same plaintext, using the same cipher algorithm. A good cipher algorithm, using different keys on the same plaintext, should generate a different ciphertext, irrespective of the key length.0If an 'attacker' tries to break a cipher by brute-force (trying all possible keys until it finds the correct key) then key clustering will result in an easier attack on a particular cipher text. If there are N possible keys with out any key clustering then the attacker will on average need to try N/2 keys to decrypt it and a worst case of trying all N keys. If there are two keys that are clustered then the average number of keys to try is reduced to N/4 (worst case is N-1 keys). If three keys cluster than average attempt is only N/6 attempts.13-701/14/19 10:45 Symmetric Key Cryptography0Symmetric-key algorithms are a class of algorithms for cryptography that use trivially related, often identical, cryptographic keys for both decryption and encryption.0The encryption key is trivially related to the decryption key, in that they may be identical or there is a simple transformation to go between the two keys. The keys, in practice, represent a shared secret between two or more parties that can be used to maintain a private information link.0The disadvantage of symmetric cryptography is that it presumes two parties have agreed on a key and been able to exchange that key in a secure manner prior to communication. This is a significant challenge. Symmetric algorithms are usually mixed with public key algorithms to obtain a blend of security and speed.13-801/14/19 10:45 Public Key Cryptography0Public-key cryptography is a cryptographic approach which involves the use of asymmetric key algorithms instead of or in addition to symmetric key algorithms. 0Unlike symmetric key algorithms, it does not require a secure initial exchange of one or more secret keys to both sender and receiver.0The asymmetric key algorithms are used to create a mathematically related key pair: a secret private key and a published public key. Use of these keys allows protection of the authenticity of a message by creating a digital signature of a message using the private key, which can be verified using the public key. 0It also allows protection of the confidentiality and integrity of a message, by public key encryption, encrypting the message using the public key, which can only be decrypted using the private key.13-901/14/19 10:45 Public Key Cryptography0Public key cryptography is a fundamental and widely used technology around the world. It is the approach which is employed by many cryptographic algorithms and cryptosystems. It underlies such Internet standards as Transport Layer Security (TLS) (successor to SSL), PGP, and GPG.0Uses asymmetric key algorithms, where the key used to encrypt a message is not the same as the key used to decrypt it. Each user has a pair of cryptographic keys—a public key and a private key. The private key is kept secret, whilst the public key may be widely distributed. Messages are encrypted with the recipient's public key and can only be decrypted with the corresponding private key. The keys are related mathematically, but the private key cannot be feasibly derived from the public key.13-1001/14/19 10:45 Initialization Vector0In cryptography, an initialization vector (IV) is a block of bits that is required to allow a stream cipher or a block cipher to be executed in any of several modes of operation to produce a unique stream independent from other streams produced by the same encryption key, without having to go through a (usually lengthy) re-keying process.0The size of the IV depends on the encryption algorithm and on the cryptographic protocol in use and is normally as large as the block size of the cipher or as large as the encryption key. 0The IV must be known to the recipient of the encrypted information to be able to decrypt it.13-1101/14/19 10:45 Initialization Vector0This can be ensured in a number of ways: by transmitting the IV along with the cipher text, by agreeing on it beforehand during the key exchange or the handshake, by calculating it (usually incrementally), or by measuring such parameters as current time (used in hardware authentication tokens such as RSA SecurID) IDs such as sender's and/or recipient's address or ID, file ID, the packet, sector or cluster number, etc. 0A number of variables can be combined or hashed together, depending on the protocol. If the IV is chosen at random, the cryptographer must take into consideration the probability of collisions, and if an incremental IV is used as a nonce, the algorithm's resistance to related-IV attacks must also be considered.0Nonce – number used once13-1201/14/19 10:45 Block Cipher0In cryptography, a block cipher is a symmetric key cipher operating on fixed-length groups of bits, called blocks, with an unvarying transformation. A block cipher encryption algorithm might take (for example) a 128-bit block of plaintext as
View Full Document
Unlocking...