Session-1 CRYPTO_Intro_basics_part1.0.ppt

Cryptographic Basics
Dr Om Pal, Associate Professor
Dept of Computer Science,
University of Delhi

The Objectives of Cryptography
What is Cryptography:
Cryptography is the science of keeping secrets secret.
The fundamental and classical task of cryptography is to provide confidentiality
by encryption methods.
Cryptography is from Greek word kryptos, which means "hidden, secret"; and
gráphō, which means "I write“.
Modern cryptography intersects the disciplines of mathematics, computer
science, and engineering. Applications of cryptography include ATM cards,
computer passwords, and electronic commerce.
hidden secret

Steganography and Cryptography:
Steganography is the art and science of communicating in a way which hides
the existence of the communication. As an example, it is possible to embed a
text inside an image or an audio file.
On the other hand, cryptography is the study of mathematical techniques
related to aspects of information security such as confidentiality, data
integrity, entity authentication, and data origin authentication.

Steganography
• In a digital message, the secret information is inserted or
"hidden" into the “container data” <any type of digital
data file>
• It doesn’t appear to be anything other than what it is eg.
A picture or music file.
• An encrypted file on the other hand cries out ‘I contain
sensitive information!!!’
• Computer files (images, sounds recordings, even disks)
contain unused or insignificant areas of data.
• Steganography takes advantage of these areas,
replacing them with information.

• Hiding the message among irrelevant data
• To Confuse the cryptoanalyst
Steganography: AN Example

Big rumble in New Guinea.
The war on
celebrity acts should end soon.
Over four
big ecstatic elephants replicated.

Big rumble in New Guinea.
The war on
celebrity acts should end soon.
Over four
big ecstatic elephants replicated.
Bring two cases of beer.

Fundamental tasks of cryptography:
It is to provide confidentiality by encryption methods.
The message to be transmitted {it can be some text, numerical data, an
executable program or any other kind of information} is called the plaintext.
Alice encrypts the plaintext m and obtains the ciphertext c. The ciphertext c is
transmitted to Bob. Bob turns the ciphertext back into the plaintext by
decryption. To decrypt, Bob needs some secret information, a secret decryption
key.
Say an adversary Eve still may intercept the ciphertext. However, the
encryption should guarantee secrecy and prevent her from deriving any
information about the plaintext from the observed ciphertext.

Session-1 CRYPTO_Intro_basics_part1.0.ppt

Providing confidentiality is not the only objective of cryptography. Cryptography
is also used to provide solutions for other problems:
1. Data integrity: The receiver of a message should be able to check whether
the message was modified during transmission, either accidentally or
deliberately. No one should be able to substitute a false message for the original
message, or for parts of it.
2. Authentication: The receiver of a message should be able to verify its origin.
No one should be able to send a message to Bob and pretend to be Alice (data
origin authentication). When initiating a communication, Alice and Bob should be
able to identify each other (entity authentication).
Access control is a data security process that enables organizations to
manage who is authorized to access corporate data and resources. Secure
access control uses policies that verify users are who they claim to be and
ensures appropriate control access levels are granted to users.
3. Non-repudiation: The sender should not be able to later deny that she sent a
message.

11
Cryptographic System
Plain-text
Encryption
key
Decryption
key
Cipher-text
Alice Encrypt Decrypt Bob
Eve
Encryption method is assumed to be known to Eve. Eve could have one of the
following goals-
(i)Read message
(ii)Find the key and read all messages encrypted with that key
(iii)Alter Alice’s message
(iv)Masquerade as Alice, and communicate with Bob (Bob assumes that he is
communicating with Alice.

12
Cryptographic System
Possible attacks: How Eve can determine key based on how much
information is available with him.
(i)Cipher-text only: Eve has copy of Cipher-text only
(ii)Known plain-text: Eve has plaint-text and corresponding cipher-text. Let
Alic always start message with Dear Bob
(iii) Chosen Plain-text: Let Eve has temporary access of encryption machine
but not key.
(iv) Chosen Cipher-text: Eve get temporary access of decryption machine.

Attacks
Brute-Force Attacks
In this type of attack, also called an exhaustive serach of the keyspace, all
possible keys are tried to determine which one is being used by communicating
parties. For a well-designed cryptosystem, this type of attack is too time
consuming to undertake.
Ex. DES symmetric Crypto algorithm takes input of 56 bits. So, 256
=7.2 × 1016
.
Due to short key length DES has been broken in less than 24 hours.
But assume that key space is 1030
then if computer does 109
calculations per
second. There are 3×107
seconds per year so it will take more than 3×1013
years to break the system which is more than age of universe.

Attacks
Brute-Force Attacks vs Other attacks
Quantum computing attack
Algorithmic attacks
Hardware attack
Side channel attack
Dictionary attack
Protocol based attack
Timing/Power consumption
Mathematical attacks etc

Symmetric Key Cryptographic System
In a symmetric key algorithm, the keys involved are identical for both encrypting and
decrypting a message.
ABCDEFGHIJKL
MNOPQRSTUV
WXYZ
nJ73:<><$
%g8#@h4$*&^*5 ABCDEFGHIJK
LMNOPQRST
UVWXYZ

Asymmetric Key Cryptographic System
One of these two keys should be kept private, called private-key, and the other can be
made public (it can even be sent in mail), called public-key.

Euclidean algorithm
Euclidian algorithm computes greatest common divisor (gcd) of integers a and b.
Let a>b then
a=q1b+r1 if r1=0 then b divides a and gcd is b.
If r1≠0 then
a=q1b+r1
b=q2r1+r2
r1=q3r2+r3
r2=q4r3+r4
.
.
rk-2=qkrk-1+rk
rk-1=qk+1rk+0
So, gcd (a,b) =rk.
Example: Let a=240, b=46
240=5*46+10
46=4*10+6
10=1*6+4
6=1*4+2 (Last non-zero remainder is gcd)
4=2*2+0
Hence gcd (240,46)=2

Extended Euclidean algorithm
The extended Euclidean algorithm is an extension to the Euclidean algorithm, and computes, in addition
to the greatest common divisor (gcd) of integers a and b, also the coefficients s and t such that
�� a.s+b.t =gcd(a,b)
��
Algorithm:
r0=a r1=b
s0=1 s1=0
t0=0 t1=1
. .
. .
ri+1=ri-1-qi.ri
si+1=si-1-qi.si
ti+1=ti-1-qi.ti
Computation stops when rk+1=0 and gives rk as gcd of a and b. Also it gives sk and tk to satisfy the equation
a.s+b.t =gcd(a,b).
��
Therefore -9*240+47*46=2. Hence gcd(a,b)=2, s= -9 and t= 47.
Let a=240 and b=46
i qi-1 ri si ti
0 - 240 1 0
1 - 46 0 1
2 240/46=5 240-5*46=10 1-5*0=1 0-5*1=-5
3 46/10=4 46-4*10=6 0-4*1=-4 1-4*(-5)=21
4 10/6=1 10-1*6=4 1-1*(-4)=5 -5-1*21=-26
5 6/4=1 6-1*4=2 -4-1*5=-9 21-1*(-26)=47
6 4/2=2 4-2*2=0 5-2*(-9)=23 -26-2*47=-120

RSA Algorithm
1. Bob chooses secret primes p and q and computes
n=p.q
2. Bob computes ø(n)=(p-1)(q-1)
3. Bob select a random encryption key e
where 1<e<ø(n), gcd(e,ø(n))=1
4. Bob computes the following equation to find decryption
key d
e.d≡1 (mod ø(n)) and 1<d<n
{use extended Euclidian algorithm to get d: e.d+x.ø(n)=1}
5. Bob makes n and e public, and keeps p,q,d secret.
6. Alice encrypts m as c≡me
(mod n)
7. Bob decrypts by computing: m≡cd
(mod n)

Why RSA Works?
Because of Euler's Theorem:
aø(n)
≡ 1 (mod n) where gcd(a,n)=1
In RSA we have:

e.d≡1 (mod ø(n)) so e.d=1+kø(n)
Hence :

cd
≡ (me
)d
≡ m1+k.ø(n)
≡ m1
.(mø(n)
)k
≡ M1
.(1)k
≡ m1
≡ m mod n

As n is multiple of primes so we can assume, gcd(m,n)=1
Therefore mø(n)
≡ 1 (mod n)

RSA Example

Select primes: p=17 & q=11

Compute n = pq =17×11=187

Compute ø(n)=(p–1)(q-1)=16×10=160

Select e : gcd(e,160)=1; let e=7

Determine d: de≡1 mod 160 and d < 160 Value is
d=23 since 23×7=161= 10×160+1

Use extended Euclidian algorithm for
getting d.

Publish public key KU={7,187}

Keep secret private key KR={23,17,11}

encryption:

c = 887
mod 187 = 11

decryption:

M = 1123
mod 187 = 88

ElGamal Cryptosystem

RSA’s strength is the difficulty of factorization of product of large primes.

ElGamal Signature scheme is based on Discrete log problem (DLP).

In RSA, if message is same then ciphertext is same but in ElGamal each time
ciphertext is different even message is same.

Let Bob wants to send a message m to Alice. Alice chooses a large prime p and a
primitive root α. 0<m<p.

Alice chooses a secret integer a such that 1<a<p-1 and calculate β≡αa
(mod p) .
Values of p, α, β are made public. Alice keeps ‘a’ as secret. It is difficult to an
adversary to determine a from (p, α, β) since DLP is considered difficult.
Encryption phase: Alice’s public key is (p, α, β) . Bob does following-
1. Select a secret random k such that gcd(k, p-1)=1 and compute r≡αk
(mod p)
2. Computes t ≡ βk
m (mod p)
3. Sends the pair (r, t) to Alice.
Decryption phase: Alice decrypts as follows-
t r-a
≡ m (mod p)
Correctness: Since tr-a
≡βk
m(αk
)-a
≡ (αa
)k
m(α)-ak
≡ m (mod p)
Weakness: Let Alice used same value of k for message m1 and m2. If Eve finds out
k

Session-1 CRYPTO_Intro_basics_part1.0.ppt

More Related Content

Similar to Session-1 CRYPTO_Intro_basics_part1.0.ppt (20)

Recently uploaded (20)

Session-1 CRYPTO_Intro_basics_part1.0.ppt

Editor's Notes