Computer Security-2

Cryptography

Dr.R.Nagulan
 Basic Terminology
• Cryptology: Cryptology is the research and study of
encryption and decryption; it includes both cryptography
and cryptanalysis.
• Cryptography: is the science of secret writing with the
goal of hiding the meaning of a message.
– it refers to the practice of using encryption to conceal text.
– Cryptographer
• Cryptanalysis : is the science and sometimes art of
breaking cryptosystems.
– Importance: without people who try to break our crypto
methods, we will never know whether they are really secure or
not
– Cryptanalyst
 Cryptography
Cryptography seems closely linked to modern electronic
communication. However, cryptography is a rather old business
(Julius Caesar – Rome - 100 B.C)
• Symmetric Cryptography: Two parties have an encryption and
decryption method for which they share a secret key. All
cryptography from ancient times until 1976 was exclusively
based on symmetric methods. Symmetric ciphers are still in
widespread use, especially for data encryption and integrity
check of messages
• Asymmetric Cryptography: In 1976 an entirely different type of
cipher was introduced by Whitfield Diffie, Martin Hellman and
Ralph Merkle. In public-key cryptography, a user possesses a
secret key as in symmetric cryptography but also a public key.
 Symmetric Cryptography
symmetric-key, secret-key, private-key and single-key schemes or algorithms.

if Alice and Bob represent two offices of a car manufacturer, and they are transmitting
documents containing the business strategy for the introduction of new car models in the
next few years, these documents should not get into the hands of their competitors.
Symmetric cryptography offers a powerful solution.
 Terminology and Background
Consider the steps involved in sending messages
• from a sender, S (Alice), to a recipient, R (Bob)
• S send a message (x) to R via T, T then becomes
the transmission medium.
• an outsider, opponent O (Oscar), wants to
access the message (to read, change, or even
destroy it), we call O an interceptor or intruder.
• Any time after S transmits it via T, the message
is vulnerable to exploitation.
O might try to access the message in any of the
following ways:
• Interruption. Block it, by preventing its reaching R,
thereby affecting the availability of the message.
• Intercept it, by reading or listening to the message,
thereby affecting the confidentiality of the
message.
• Modify it, by seizing the message and changing it
in some way, affecting the message's integrity.
• Encryption is the process of using an algorithm to
transform information to make it unreadable for
unauthorized users.
• The original form of a message is known as plaintext
(x), and the encrypted form is called ciphertext (y).
• The process of creating a ciphertext from a plaintext
is called encryption.
• The process of turning a ciphertext back into a
plaintext is called decryption.
• The verbs encipher and decipher are synonymous
with the verbs encrypt and decrypt.
• A system for encryption and decryption is called a
cryptosystem.
• The system needs a secure channel for distribution of the key
k between Alice and Bob.
• In any case, the key has only to be transmitted once between
Alice and Bob and can then be used for securing many
subsequent communications.
• Both the encryption and the decryption algorithms are
publicly known.
• The only thing that should be kept secret in a sound
cryptosystem is the key.
• Encryption/Decryption Algorithm: A mathematical procedure
or rules for performing encryption/decryption on data.
• Alice encrypts her message x using a symmetric algorithm,
yielding the ciphertext y. Bob receives the ciphertext y and
decrypts the message.
• We denote a plaintext message x as a sequence of individual
characters x =<x1,x2,x3,…,xn>. Similarly, ciphertext is written as y
=<y1,y2,….ym>.
• For instance, the plaintext message "I want cookies" can be
denoted as the message string (<I, ,w,a,n,t, ,c,o,o,k,i,e,s>) It
can be transformed into ciphertext <b,d,f,g,h,a,s,f,g,e>, and the
encryption algorithm tells us how the transformation is done.
• If we have a strong encryption algorithm, the ciphertext will
look like random bits to Oscar and will contain no information
whatsoever that is useful to him.
 C = E(P) and P = D(C)
y=e(x, k) or y=ek(x)
x= d(y, k) or x=dk(y)
Where x is the plaintext, y represents the ciphertext, e is the
encryption rule and d is the decryption rule,
What we seek is a cryptosystem for which x=dk(ek(x))
In other words, we want to be able to convert the message to
protect it from an intruder, but we also want to be able to get
the original message back.
 Cryptosystem
A cryptosystem is a five-tuple (X,Y,K,E,D), where
the following are satisfied:
1. X is a finite set of possible plaintexts.
2. Y is a finite set of possible ciphertexts.
3. K, the key space, is a finite set of possible keys
4. kK,  EKE (encryption rule),
 DKD (decryption rule).
Each EK: XY and DK: YX are functions
such that xX, DK(EK(x)) = x.
 Cryptanalysis
Cryptanalysis Goals
1. knows cipher text only
• recovering the plain text x from the cipher text y.
• deduce the key k, to break subsequent messages easily.
• recognize patterns in cipher text, to be able to break
subsequent ones.
• infer some meaning without even breaking the encryption, such
as noticing an unusual frequency of communication or
determining the communication was short or long.
2. Knows one or more plaintext & cipher text pairs
• Deduce the Key
 Breakable Encryption

• An encryption algorithm is breakable when given enough time

and data, an analyst can determine the algorithm/key.
• consider a 25-character message that is expressed in just
uppercase letters.
• A given cipher scheme may have 2625 (approximately 1035)
possible decipherments (Substitution ciphers), so the task is to
select the right one out of the 2625
• If your computer could perform on the order of 1010 operations
per second, finding this decipherment would require on the
order of 1016 seconds, or roughly 1011 years.
• In this case, although we know that theoretically we could
generate the solution, determining the deciphering algorithm
by examining all possibilities can be ignored as infeasible with
current technology.
Brute-force attack/Exhaustive Search
Brute-force attack/Exhaustive Search
• The attacker tries every possible key on a piece
of ciphertext until an intelligible translation into
plaintext is obtained. On average, half of all
possible keys must be tried to achieve success.
Brute-force attack/Exhaustive Search
• In practice, a brute-force attack can be more
complicated because incorrect keys can give
false positive results.
• It is important to note that a brute-force attack
against symmetric ciphers is always possible
in principle. If testing all the keys on many
modern computers takes too much time, i.e.,
several decades, the cipher is computationally
secure against a brute-force attack.
 Number Sets
Natural numbers (N ): The counting numbers {1, 2, 3, ...} are
commonly called natural numbers.

Irrational numbers ( I ): Real numbers that are not rational.

Real numbers (R ): Numbers that can represent a distance
along a line.
 Modulo Real World Example
• Consider the hours on a clock. If you keep
adding one hour, you obtain:

Even though we keep adding one hour, we

never leave the set.
Divides: a divides b means there exists an integer n such
that b=na
If a divides b, a is a factor of b, or in other words, b is divisible
by a.
For instance, 3 divides 15 because 15=3⋅5, 3 is a factor of 15.
 Modular Arithmetic
• If b= q*a+r a,b,q,r are integers, a≠0 and 0≤r<|
a|
then b mod a =r
Examples
17 mod 5 = 2 7 mod 11 = 7
20 mod 3 = 2 11 mod 11 = 0
-3 mod 11 = 8 -1 mod 11 = 10
25 mod 5 = 0 -11 mod 11 = 0
Properties of Modular Arithmetic
If
(a mod n) =r1
(b mod n)= r2
Then (a+b) mod n = (r1+r2) mod n

If
(a mod n) =r1
(b mod n)= r2
Then (a-b) mod n = (r1-r2) mod n
 Examples
11 mod 8 = 3;
15 mod 8 = 7
=> 26 mod 8 = 10 mod 8=2
-6 mod 26 =20
3 mod 26 =3
=> -3 mod 26 =23 mod 26=23
 Modulo Inverse
where a−1 is the modular multiplicative
inverse of a modulo m. I.e., it satisfies the
equation.
1= a a−1 mod m
Example
1 = 3.9 mod 26
2= 5.21 mod 26

Multiplicative inverses modulo 26: 1, 3, 5, 7, 9, 11, 15, 17, 19, 21, 23, and 25,
whose inverses are 1, 9, 21, 15, 3, 19, 7, 23, 11, 5, 17, and 25, respectively.
The numbers which have no inverse modulo 26 are
0, 2, 4, 6, 8, 10, 12, 13, 14, 16, 18, 20, 22, and 24.