香港浸会大学：Computer Security（PPT课件讲稿）Cryptography Chapter 1 Symmetric Ciphers

Computer Security Cryptography Chapter 1 Symmetricⅰ phers··· ●●。●● COMP4690. HKBU

COMP4690, HKBU 1 Computer Security -- Cryptography Chapter 1 Symmetric Ciphers

●●●●● ●●●● ●●0 Outline ●●● ●●●● Overview of Cryptography Classical Encryption Techniques Substitution Transposition ● Block Ciphers DES AES COMP4690. HKBU

COMP4690, HKBU 2 Outline ⚫ Overview of Cryptography ⚫ Classical Encryption Techniques ⚫ Substitution ⚫ Transposition ⚫ Block Ciphers ⚫ DES ⚫ AES

●●●●● ●●●● ●●0 Basic Terminology ●●● ●●●● plaintext -the original intelligible message ciphertext- the coded message that depends on the plaintext and the secret key cipher-algorithm for transforming plaintext to ciphertext key -info used in cipher, known only to sender/recipient encipher(encrypt)-converting plaintext to ciphertext decipher (decry pt)-recovering ciphertext from plaintext cryptography -study of encryption principles/methods cry ptanalysis( codebreaking)-the study of principles/methods of deciphering ciphertext without knowing key cryptology-the field of both cryptography and cryptanalysis COMP4690. HKBU

COMP4690, HKBU 3 Basic Terminology ⚫ plaintext - the original intelligible message ⚫ ciphertext - the coded message that depends on the plaintext and the secret key ⚫ cipher - algorithm for transforming plaintext to ciphertext ⚫ key - info used in cipher, known only to sender/recipient ⚫ encipher (encrypt) - converting plaintext to ciphertext ⚫ decipher (decrypt) - recovering ciphertext from plaintext ⚫ cryptography - study of encryption principles/methods ⚫ cryptanalysis (codebreaking) - the study of principles/ methods of deciphering ciphertext without knowing key ⚫ cryptology - the field of both cryptography and cryptanalysis

●●●●● ●●●● ●●0 Symmetric Encryption ●●● ●●●● e Also called conventional private-key single-key sender and recipient share a common key o all classical encryption algorithms are private- key o was the only type prior to the invention of public-key in 1970S COMP4690. HKBU

COMP4690, HKBU 4 Symmetric Encryption ⚫ Also called conventional / private-key / single-key ⚫ sender and recipient share a common key ⚫ all classical encryption algorithms are private￾key ⚫ was the only type prior to the invention of public-key in 1970’s

●●●●● ●●●● ●●0 Symmetric Cipher Model ●●● ●●●● Secret key shared by Secret key shared by sender and recipient sender and recipient Transmitted ciphertext Plaintext Plaintext Input Encryption algorithm Decryption algorithm output (e. g, DES) (reverse of encryption algorithm) COMP4690. HKBU

COMP4690, HKBU 5 Symmetric Cipher Model

●●●●● ●●●● ●●0 Requirements ●●● ●●●● o two requirements for secure use of symmetric encryption a strong encryption algorithm: the opponent should be unable to decrypt ciphertext or discover the key even if he has a number of ciphextexts together with the plaintext that produced each ciphertext o sender and recipient must have the secret key in a secure fashion and must keep the key secure o assume encryption algorithm is known assume a secure channel to distribute the key COMP4690. HKBU

COMP4690, HKBU 6 Requirements ⚫ two requirements for secure use of symmetric encryption: ⚫ a strong encryption algorithm: the opponent should be unable to decrypt ciphertext or discover the key even if he has a number of ciphextexts together with the plaintext that produced each ciphertext ⚫ sender and recipient must have the secret key in a secure fashion, and must keep the key secure ⚫ assume encryption algorithm is known ⚫ assume a secure channel to distribute the key

●●●●● ●●●● ●●0 Cryptanalysis ●●● ●●●● To exploit the characteristics of the cipher algorithm to attem pt to deduce a specific plaintext or to deduce the key ciphertext only o only know the ciphertext, the most difficult known plaintext o know some plaintext, ciphertext] pairs, to deduce the key chosen plaintext Plaintext chosen by cryptanalyst, together with its corresponding ciphertext generated with the key chosen ciphertext o ciphertext chosen by cryptanalyst, together with its corresponding decrypted plaintext generated with the key e chosen text chosen plaintext& chosen ciphertext COMP4690. HKBU

COMP4690, HKBU 7 Cryptanalysis ⚫ To exploit the characteristics of the cipher algorithm to attempt to deduce a specific plaintext or to deduce the key ⚫ ciphertext only ⚫ only know the ciphertext, the most difficult! ⚫ known plaintext ⚫ know some {plaintext, ciphertext} pairs, to deduce the key ⚫ chosen plaintext ⚫ Plaintext chosen by cryptanalyst, together with its corresponding ciphertext generated with the key ⚫ chosen ciphertext ⚫ ciphertext chosen by cryptanalyst, together with its corresponding decrypted plaintext generated with the key ⚫ chosen text ⚫ chosen plaintext & chosen ciphertext

●●●●● ●●●● ●●0 Brute-Force Attack ●●● ●●●● o Attacker tries every possible key on a piece of ciphertext until an intelligible translation into plaintext is obtained proportional to key size assume either know /recognise plaintext Number of Alternative Time required at 10 Key Size(bits) Key Time required at I encryption/ps encryptions 32 232=43x10 21s=358mus 2. 15 milliseconds 20=72x10 As=ll42 years 10.01 hours 212=34x103 21271s=54x102yeas 5. x 10 years 2168=37x1030 s=59×10yean 59 x 100yean 26 characters 26=4×102x1°15s=64x10yean 6.4 x I( years (permutation)

COMP4690, HKBU 8 Brute-Force Attack ⚫ Attacker tries every possible key on a piece of ciphertext until an intelligible translation into plaintext is obtained. ⚫ proportional to key size ⚫ assume either know / recognise plaintext

Classical Encryption ●●●●● ●●●● ●●0 Technique ●●● ●●●● ● Substitution letters of plaintext are replaced by other letters or by numbers or symbols ● Transposition e Combine substitution transposition COMP4690. HKBU

COMP4690, HKBU 9 Classical Encryption Technique ⚫ Substitution ⚫ letters of plaintext are replaced by other letters or by numbers or symbols ⚫ Transposition ⚫ Combine substitution & transposition

●●●●● ●●●● ●●0 Caesar Cipher ●●● ●●●● by Julius Caesar o first attested use in military affairs o replaces each letter with the letter standing three places further down the alphabet ● example Plaintext: meet me after the toga party Ciphertext: PHHW PH DIWHU WKH WRUD SDUWB COMP4690. HKBU

COMP4690, HKBU 10 Caesar Cipher ⚫ by Julius Caesar ⚫ first attested use in military affairs ⚫ replaces each letter with the letter standing three places further down the alphabet ⚫ example: Plaintext: meet me after the toga party Ciphertext:PHHW PH DIWHU WKH WRJD SDUWB