CNIT 141: 1. Encryption
0 likes561 views
The document covers various encryption topics including classical ciphers, asymmetric encryption, perfect encryption with one-time pads, and security models for cryptography. It explains basic concepts, methods of attacks, and introduces advanced encryption techniques like authenticated and format-preserving encryption. The document also discusses common pitfalls in encryption practices and highlights the importance of proper implementation for security.
CNIT 141: 1. Encryption
- 1. CNIT 141 Cryptography for Computer Networks 1. Encryption
- 2. Topics • The Basics • Classical Ciphers • How Ciphers Work • Perfect Encryption: The One-Time Pad • Encryption Security • Asymmetric Encryption • When Ciphers Do More Than Encryption • How Things Can Go Wrong
- 3. The Basics • P: Plaintext • K: Key • C: Cleartext • E: Encryption via cipher • D: Decryption via cipher
- 6. Caesar Cipher in Python
- 7. Brute Force Attack in Python
- 9. Vigenere Cipher • Shift varies with a repeated keyword • Combine several Caesar ciphers together
- 10. Breaking the Vigenere Cipher • Find repeating ciphertext to deduce key length • Use frequency analysis
- 11. Frequency Analysis • From Wikipedia
- 12. Modified Caesar Program • Converts to uppercase • Preserves spaces
- 16. How Ciphers Work
- 17. Two Components • Permutation • Transforms one letter to another letter • In Caesar cipher, shift letter three places • Mode of Operation • Algorithm to handle messages of arbitrary size • In Caesar cipher, process each letter independently
- 18. Permutation Security • Permutation should be determined by the key • If key is secret, attacker can’t easily decrypt • Different keys should result in different permutations • Permutation should look random • No pattern in ciphertext
- 19. Mode of Operation • Caesar cipher encrypts letters one at a time • Double letters remain doubled • HELLO -> KHOOR • Patterns in plaintext are preserved in ciphertext • Insecure (now called “Electronic Code Book” mode) • More secure modes encrypt repeated text differently each time
- 20. Perfect Encryption: The One-Time Pad
- 21. XOR • XOR combines two bits • 0 ^ 0 = 0 • 0 ^ 1 = 1 • 1 ^ 0 = 1 • 1 ^ 1 = 0
- 22. Encrypting a Stream of Bits • Plain: ABC = 0100 0001 0100 0010 0100 0011 • Key: 0110 0110 0110 0101 1010 1110 • Cipher: 0010 0111 0010 0111 1110 1101 •Key must be random and never re-used •Key must be longer than all the plaintexts you want to send
- 23. Unbreakable • If an attacker uses a brute-force attack • Trying all possible keys • They get all possible letter sequences • No way to identify the correct decryption
- 26. Attack Models • Set requirements for cryptographers who design ciphers • So they know what attacks to prevent • Give guidelines to users • Whether a cipher is safe in their environment • Provide clues for cryptanalysts who attempt to break ciphers • Is an attack doable in the model considered?
- 27. Attack Models
- 28. Kerckhoff’s Principle • The key is secret • The cipher is not secret
- 29. Black-Box Models No knowledge of cipher operation • Ciphertext-Only Attack (COA) • Attacker sees only C • Known-Plaintext Attack (KPA) • Attacker knows P and C • Chosen-Plaintext Attack (CPA) • Attacker can perform encryption for any P • Chosen-Ciphertext Attack (CCA) • Attacker can perform encryption and decryption
- 30. Gray-Box Models • Attacker has access to the implementation • Can tamper with the system’s internals • Side-channel attack • Attacker measures something else about the cipher’s operation • Such as timing or power consumption • Noninvasive — does not alter integrity of system
- 31. Gray-Box Models • Invasive attacks • Modify system • Examples • Using acid to dissolve parts of a microchip • Injecting faults with lasers
- 32. Security Goals • Indistinguishability • Ciphertext should be indistinguishable from a random string • Non-malleability • Ciphertext cannot be altered and produce meaningful plaintext
- 33. Security Notions • IND-CPA • Indistinguishability against a Chosen- Plaintext Attack • Also called semantic security • Two identical plaintext strings must result in different ciphertexts • Accomplished by adding “random” bits each time you encrypt
- 34. Asymmetric Encryption • Uses two keys • Also called Public-Key encryption • Public key freely published to everyone • Private key held secret • Will be in later chapters—everything in this chapter is about symmetric encryption
- 35. When Ciphers Do More Than Encryption
- 36. Authenticated Encryption • Returns an authentication tag with the ciphertext • Tag ensures integrity of the message and also authenticates the author • Authenticated Encryption with Associated Data (AWAD) • Another variant
- 37. Format-Preserving Encryption • Normally encryption takes inputs as bits and returns outputs as bits • Could be written as hex, base64, etc. • Format-Preserving Encryption returns ciphertext in the same format as the plaintext • Zip code -> Zip code • IP address -> IP address
- 38. Fully Homomorphic Encryption • Allows modification of encrypted data without decrypting it • The first FHE scheme was created in 2009 • Very slow
- 39. Searchable Encryption • Searches encrypted data without decrypting it • Using an encrypted search string • Protects privacy of search engine users • Experimental at present
- 40. Tweakable Encryption • Adds a “tweak” parameter to normal encryption • Such as a unique customer number • Main application is disk encryption
- 41. How Things Can Go Wrong
- 42. Weak Cipher • 2G phone networks used the A5/1 cipher • Vulnerable to a time-memory trade-off attack • Using large lookup tables to speed up an attack
- 43. Wrong Model • Padding Oracle attack • If a user submitted data that decrypted to a valid string, that was taken as authentication • Even if the string contained nonsense • Server provided error messages for incorrect padding • Those erroirs can be used to find valid ciohertext without knowing the key