Today. Network Security. Crypto as Munitions. Crypto as Munitions. History of Cryptography

Size: px

Start display at page:

Download "Today. Network Security. Crypto as Munitions. Crypto as Munitions. History of Cryptography"

Martin Henry
10 years ago
Views:

1 Network Security Symmetric Key Cryptography Today Substitution Ciphers Transposition Ciphers Cryptanalysis 1 2 Crypto as Munitions Does: protecting information kill enemies? failure to protect information kill friendlies? failure to "steal" enemy information kill friendlies? US Government decided that enough of the above were "yes" to declare crypto munitions 3 Crypto as Munitions Why are export restrictions a problem? Commercial applications of strong cryptography abound US Corporations cannot export products that use strong cryptography Foreign companies will take the market for crypto applications and all that goes with it 4 History of Cryptography Primary use: Military Romans (probably before) WWII (Ultra, Enigma, Japanese unbreakable codes) Data Encryption Standard History of Cryptography Substitution ciphers Transposition ciphers Codes Combinations 5 6 Public Key Cryptography Network Security and Formal Methods 1

US Government decided that enough of the above were "yes" to declare crypto munitions 3 Crypto as Munitions Why are export restrictions a problem?

2 Substitution Cipher bmddmg replacement Each letter is replaced by another letter Caesar cipher Rot13 CIPHERTEXT D E F G H I J K L M N O P Q R S T U V W X Y Z A B C CIPHERTEXT N O P Q R S T U V W X Y Z A B C D E F G H I J K L M Twenty six letter key 7 CIPHERTEXT Random selection of order Transposition Cipher a l b k a s b l t e b a s k e t b a l l 8 Transposition Ciphers Word embcrals Key = Blocks t h i s i s a a i h i s s t n e x a m p l l m e x a p n e o f a t r a a t o f a r e n s p o t i o o t s p o i n n c i p h e r r h c i p e n 9 Transposition Ciphers Word = timbers Key = beimrst 7 byte blocks t h i s i s a s i h i s a t n e x a m p l a m e x p l n e o f a t r a a t o f r a e n s p o t i o o t s p i o n n c i p h e r p h c i e r n 10 Transposition Cipher Plaintext: Roses are red Violets are blue 2. Alphabetize the letters in the key. 3. Scramble the plaintext according to the key. 4. Generate the ciphertext by reading down the columns. 71 AR RE VR RT E 62 OC E US 43 MI RS DL AL Key: ROMANTIC 1. Choose a key with no repeating letters and arrange the plaintext as below. 14 MA ES VD AR 5 N S I E 86 OT AO BS 37 RI R RL LT E Ciphertext: EVR EEU RLL SDA SIE S RRTE AOB 28 CT AE UB 11 Codes Words/phrases are substituted with other words, phrases, or numbers Code books are required. Advantages/disadvantages 12 Network Security and Formal Methods 2

7523461 Blocks 1 2 3 4 5 6 7 7 5 2 3 4 6 1 t h i s i s a a i h i s s t n e x a m p l l m e x a p n e o f a t r a a t o f a r e n s p o t i o o t s p o i n n c i p h e r r h c i p e n 9 Transposition

3 Attack Retreat Defend Defend at all costs Surrender Codes Sunrise Sunset Rain Snow Notinyourlifetime Substitute, Transpose, Codes Unbreakable Japanese code in WW II Combination is foundation of modern crypto Cryptography Paradigms Symmetric Key Cryptography Private/Secret Key Cryptography Encrypt/decrypt with the same key Asymmetric Key Cryptography Public/Private Key Cryptography Encrypt/decrypt with different keys Hash: Creates a message digest More Cipher Techniques Reverse Cipher Railfence Cipher Syctale Cipher Geometric Figure Nilhilist Cipher Feistel Structures Signature: Foundation of nonrepudiation Reverse Cipher Reverse the order of the letters in a message. egassemanisrettelehtforedroehtesrever Rail Fence Cipher Write the message alternating letters in two rows w i e h m s a e n w r w r t t e e s g i t o o s Write the ciphertext from the rows wiehmsaenwrwr t teesgi toos Network Security and Formal Methods 3

Encrypt/decrypt with different keys Hash: Creates a message digest More Cipher Techniques Reverse Cipher Railfence Cipher Syctale Cipher Geometric Figure Nilhilist Cipher Feistel Structures

4 Scytale Cipher An early Greek transposition cipher A strip of paper was wound round a staff message written along staff in rows, then paper removed leaving a strip of seemingly random letters Not very secure as key was width of paper & staff 19 Nihilist Cipher Combines row and column transposition Write message in rows in order controlled by the key Read off by rows, but in order controlled by the key Plaintext: NOWISTHETIMEFORALLGOODMEN N O W I S 2 T H E T I 3 M E F O R 4 A L L G O 5 O D M E N H T E I T 1 O N W S I 3 E M F R O 5 D O M N E 4 L A L O G Ciphertext: HTEIT ONWSI EMFRO DOMNE LALOG 20 Product Ciphers Ciphers based on just substitutions or just transpositions are not secure Two substitutions are really only one more complex substitution Two transpositions are really only one more complex transposition What about when we combine the two? Substitute Transpose Substitute Transpose Etc. Round one Round two 21 Machine Ciphers Jefferson cylinder 22 Machine Ciphers Wheatstone Disc 23 Enigma Rotor machine It allowed encryption of a large volume of data Utilized several wheels (rotors) placed adjacent to one another. Each performed a monoalphabetic substitution. Similar to a "souped up" Vigenere cipher 24 Network Security and Formal Methods 4

by the key Plaintext: NOWISTHETIMEFORALLGOODMEN 1 2 3 4 5 1 N O W I S 2 T H E T I 3 M E F O R 4 A L L G O 5 O D M E N 2 1 3 5 4 2 H T E I T 1 O N W S I 3 E M F R O 5 D O M N E 4 L A L O G Ciphertext:

5 Stream Ciphers Data is encrypted a bit or byte at a time Confusion sequence is created at encryption time and is combined with the plaintext to form the ciphertext stream. The key allows recreation of the confusion sequence for recreation of Confusion Sequence Random Number Stream Generate one random bit at a time & XOR One time pad, with all its up and down sides Substitution Cipher Substitute a byte at a time Keyed Random Number Generator Use the same RNG and the same IV key the plaintext at the receiving end One Stream Cipher Parties share key k. RC4 is a random number generator that deterministically generates a string of random bits given two parameters An initialization vector is created by the originator CT = PT RC4(IV, k) Transmit (CT,IV) 27 v Stream Cipher with RC4 Plaintext RC4 (v,k) Ciphertext RC4 (v,k) Plaintext CRC CRC 28 Review Substitution Ciphers Transposition Ciphers Stream Ciphers 29 Network Security and Formal Methods 5

Substitution Cipher Substitute a byte at a time Keyed Random Number Generator Use the same RNG and the same IV key the plaintext at the receiving end 25 26 One Stream Cipher Parties share key k.

IT Networks & Security CERT Luncheon Series: Cryptography

IT Networks & Security CERT Luncheon Series: Cryptography Presented by Addam Schroll, IT Security & Privacy Analyst 1 Outline History Terms & Definitions Symmetric and Asymmetric Algorithms Hashing PKI