ISA Chapter Two
ISA Chapter Two
ISA Chapter Two
Basic Terminology
• plaintext - original message
• ciphertext -coded message
• cipher - algorithm for transforming plaintext to ciphertext
• key - info used in cipher known only to sender/receiver
• encipher (encrypt) - converting plaintext to ciphertext
• decipher (decrypt) - recovering ciphertext from plaintext
• cryptography - study of encryption principles/methods
• cryptanalysis (codebreaking) - study of principles/ methods of
deciphering ciphertext without knowing key
• cryptology - field of both cryptography and cryptanalysis
2
Encryption
• The most important automated tool for
network and communication security is
encryption.
• The most common forms of encryption
are: conventional or symmetric encryption
and public-key or asymmetric encryption.
3
Symmetric Encryption
• Called conventional/private-key single-
key encryption
• Sender and recipient share a common key
• All classical encryption algorithms are
private-key
• Symmetric Encryption was the only type
prior to invention of public-key in 1970’s
and is most widely used
4
Conventional Encryption
Principles
• An encryption scheme has five ingredients
• Plain text
• Encryption algorithms
• Public and private keys
• Cipher text
• Decryption algorithm
• Agents possess their private keys
• Access other public keys from a central
repository
• Security depends on the secrecy of the key,
not the secrecy of the algorithm
5
Conventional Encryption
Principles
6
Symmetric Encryption
• Security depends on the secrecy of the
key, NOT the secrecy of the algorithm
• Do not need to keep the algorithm
secret- only the key
• This feature makes symmetric
encryption feasible for widespread use.
7
Public-Key Cryptography
Features
• Knowing the public key, anyone can encrypt
messages or verify signatures, but cannot
decrypt messages or create signatures
• Use of two keys has consequences in the
areas of confidentiality, key distribution,
and authentication.
• Based on mathematical functions rather
than on operations on bit patterns.
Why Public-Key
Cryptography?
• Developed by Whitfield Diffie & Martin
Hellman at Stanford University in 1976
– known earlier in classified community
• Developed to address two key issues:
– key distribution – how to have secure
communications in general without having to
trust a Key Distribution Center with your key
– digital signatures – how to verify a message
comes intact from the claimed sender
Public-Key Cryptography
Principles
• Public key is made public for others to use, to
encrypt messages and verify signatures
• Private key is known only to owner and is used to
decrypt messages and create signatures
• The scheme has six ingredients:
– Plaintext – readable message
– Encryption algorithm – transforms plaintext into ciphertext
– Public and private key
– Ciphertext - scrambled message - output
– Decryption algorithm – reverse of encryption
Essential Steps in
Encryption
1. Each user generates a pair of keys to be used
for encryption/decryption
2. Each user places public key in a public register or
file
3. To send a private message to A, B encrypts the
message using A’s public key
4. When A receives the message, A uses her
private key to decrypt it. ( No one else can
decrypt it, without that private key.)
Symmetric vs Public-Key
Applications for Public-Key
Cryptosystems
16
Techniques
• When only ciphertext is known:
– Most difficult problem
– Brute force – using all possible keys
– Easiest to defend against, since opponent
hast least amount of information
• When some plain-text is known:
– Opponent may identify word patterns, type
of file, some context, enabling decoding
17
Cryptanalysis
• A brute force approach involves trying
every possible key until the translation is
obtained.
• Some new low cost chips have made this
approach more reasonable.
• Greatest security problem is maintaining
the security of the key
18
Computationally Secure
An encryption scheme is said to be
computationally secure if:
• The cost of breaking the cipher
exceeds the value of the encrypted
information or
• The time required to break the
cipher exceeds the useful lifetime of
the information.
19
Classical ciphers
20
Transposition Cipher
plain: abcdefghijklmnopqrstuvwxyz
key: defghijklmnopqrstuvwxyzabc
21
Stream and Block Ciphers
• Stream Ciphers and block ciphers are two
categories of ciphers used in classical
cryptography.
• Stream and Block Ciphers differ in how large a
piece of the message is processed in each
encryption operation.
• Stream ciphers encrypt plaintext one byte or
one bit at a time.
• Block ciphers encrypt plaintext in chunks.
Common block sizes are 64 and 128 bits.
22
Symmetric Block Encryption
Algorithms
• Most common symmetric encryption
algorithms are block ciphers.
• Block Ciphers process plaintext input in
fixed size blocks and produce a block of
equal size cipher text.
– DES - Data Encryption Standard
– 3DES – Triple DES
– AES – Advanced Encryption Standard
23
AES sample
Questions ?
Sample AES algorithm
24