SECURITY IN COMPUTING FIETH EDITION Chapter 8: Details of Cryptography 授课教师:高海波 可南中医药大学 信息管理与信息系统教研室 From Security in Computing, Fifth Edition, by Charles P Pfleeger, et al. (ISBN: 9780134085043) Copyright 2015 by Pearson Education, Inc. All rights reserved
SECURITY IN COMPUTING, FIFTH EDITION Chapter 8: Details of Cryptography From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved. 1 授课教师:高海波 河南中医药大学 信息管理与信息系统教研室
2 Chapter 8 Objectives Learn basic terms and primitives of cryptography Deep dive into how symmetric encryption algorithms work Study the rsa asymmetric encryption algorithm Compare message digest algorithms Explain the math behind digital signatures Learn the concepts behind quantum cryptography From Security in Computing, Fifth Edition, by Charles P Pfleeger, et al. (ISBN: 9780134085043) Copyright 2015 by Pearson Education, Inc. All rights reserved
Chapter 8 Objectives • Learn basic terms and primitives of cryptography • Deep dive into how symmetric encryption algorithms work • Study the RSA asymmetric encryption algorithm • Compare message digest algorithms • Explain the math behind digital signatures • Learn the concepts behind quantum cryptography 2 From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved
3 Methods of Cryptanalysis Break(decrypt) a single message Recognize patterns in encrypted messages Infer some meaning without even breaking the encryption such as from the length or frequency of messages Easily deduce the key to break one message and perhaps subsequent ones Find weaknesses in the implementation or environment of use of encryption by the sender Find general weaknesses in an encryption algorithm From Security in Computing, Fifth Edition, by Charles P Pfleeger, et al. (ISBN: 9780134085043) Copyright 2015 by Pearson Education, Inc. All rights reserved
Methods of Cryptanalysis • Break (decrypt) a single message • Recognize patterns in encrypted messages • Infer some meaning without even breaking the encryption, such as from the length or frequency of messages • Easily deduce the key to break one message and perhaps subsequent ones • Find weaknesses in the implementation or environment of use of encryption by the sender • Find general weaknesses in an encryption algorithm 3 From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved
Cryptanalysis Inputs Ciphertext only Look for patterns, similarities, and discontinuities among many messages that are encrypted alike Plaintext and ciphertext, so the cryptanalyst can see what transformations occurred Known plaintext Probable plaintext Chosen plaintext From Security in Computing, Fifth Edition, by Charles P Pfleeger, et al. (ISBN: 9780134085043) Copyright 2015 by Pearson Education, Inc. All rights reserved
Cryptanalysis Inputs • Ciphertext only • Look for patterns, similarities, and discontinuities among many messages that are encrypted alike • Plaintext and ciphertext, so the cryptanalyst can see what transformations occurred • Known plaintext • Probable plaintext • Chosen plaintext 4 From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved
5 Cryptographic Primitives Substitution One set of bits is exchanged for another Transposition Rearranging the order of the ciphertext to break any repeating patterns in the underlying plaintext Confusion An algorithm providing good confusion has a complex functional relationship between the plaintext/key pair and the ciphertext, so that changing one character in the plaintext causes unpredictable changes to the resulting ciphertext Diffusion Distributes the information from single plaintext characters over the entire ciphertext output, so that even small changes to the plaintext result in broad changes to the ciphertext From Security in Computing, Fifth Edition, by Charles P Pfleeger, et al. (ISBN: 9780134085043) Copyright 2015 by Pearson Education, Inc. All rights reserved
Cryptographic Primitives • Substitution • One set of bits is exchanged for another • Transposition • Rearranging the order of the ciphertext to break any repeating patterns in the underlying plaintext • Confusion • An algorithm providing good confusion has a complex functional relationship between the plaintext/key pair and the ciphertext, so that changing one character in the plaintext causes unpredictable changes to the resulting ciphertext • Diffusion • Distributes the information from single plaintext characters over the entire ciphertext output, so that even small changes to the plaintext result in broad changes to the ciphertext 5 From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved
6 One-Time Pads nonrepeating series of numbers Exclusive Exclusive oR or other Plaintext bining Ciphertext oR or other O riginal g combining Plaintext function function From Security in Computing, Fifth Edition, by Charles P Pfleeger, et al. (ISBN: 9780134085043) Copyright 2015 by Pearson Education, Inc. All rights reserved
One-Time Pads 6 From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved
7 Shannon's Characteristics of good Ciphers The amount of secrecy needed should determine the amount of labor appropriate for the encryption and decryption 2. The set of keys and the enciphering algorithm should be free from complexity 3. The implementation of the process should be as simple as possible 4. Errors in ciphering should not propagate and cause corruption of further information in the message 5. The size of the enciphered text should be no larger than the text of the original message From Security in Computing, Fifth Edition, by Charles P Pfleeger, et al. (ISBN: 9780134085043) Copyright 2015 by Pearson Education, Inc. All rights reserved
Shannon’s Characteristics of Good Ciphers 1. The amount of secrecy needed should determine the amount of labor appropriate for the encryption and decryption 2. The set of keys and the enciphering algorithm should be free from complexity 3. The implementation of the process should be as simple as possible 4. Errors in ciphering should not propagate and cause corruption of further information in the message 5. The size of the enciphered text should be no larger than the text of the original message 7 From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved
8 Properties of a Trustworthy Cryptosystem It is based on sound mathematics It has been analyzed by competent experts and found to be sound It has stood the test of time From Security in Computing, Fifth Edition, by Charles P Pfleeger, et al. (ISBN: 9780134085043) Copyright 2015 by Pearson Education, Inc. All rights reserved
Properties of a Trustworthy Cryptosystem • It is based on sound mathematics • It has been analyzed by competent experts and found to be sound • It has stood the test of time 8 From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved
9 DES Algorithm Left Data [ lalf Right Data Half 56 bits Expansion Substitution Permutation New Left Data Ilalf New Right Data Halr From Security in Computing, Fifth Edition, by Charles P Pfleeger, et al. (ISBN: 9780134085043) Copyright 2015 by Pearson Education, Inc. All rights reserved
DES Algorithm 9 From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved
DES Algorithm(cont) Cyl: 2 inha Prrmdhn From Security in Computing, Fifth Edition, by Charles P Pfleeger, et al. (ISBN: 9780134085043) Copyright 2015 by Pearson Education, Inc. All rights reserved
DES Algorithm (cont.) 10 From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved
