Data Encryption Phil Johnson Overview Standards Techniques Examples

Data Encryption Phil Johnson

Overview Standards Techniques Examples of Algorithms Cryptanalysis

What is Data Encryption? Conversion of some information into a form that is no longer easily readable Difficult to reverse without special knowledge Normally applied to binary data

Kerckhoff’s Law Truly secure encryption techniques will have the following characteristics: 1) The system must be practically, if not mathematically, indecipherable 2) It must not be required to be secret, and it must be able to fall into the hands of the enemy without inconvenience 3) Its key must be communicable and retainable without the help of written notes, and changeable or modifiable at the will of the correspondents

Kerckhoff’s Law (cont’d) For an encryption technique to be secure: 4) It must be applicable to telegraphic correspondence 5) It must be portable, and its usage and function must not require the concourse of several people 6) Finally, it is necessary, given the circumstances that command its application, that the system be easy to use, requiring neither mental strain nor the knowledge of a long series of rules to observe

Keys Used for encryption and decryption Should be very long n Some say at least 128 bits Can be derived from words or phrases Two Types of Keys n n Symmetric Asymmetric

Symmetric Keys Also known as private-keys or single-keys Same key used for both encryption and decryption Practical Example: Alice and Bob

Symmetric Keys – Advantages Good for storing files for single-user access Quite secure mathematically speaking n Tough to brute force a 128 -bit key

Symmetric Keys – Disadvantages Can be risky when used for data transfer n n More than one person must know the key Mathematical difficulties can be sidestepped Undetectable tampering possible

Asymmetric Keys Also known as public keys Different keys for encryption and decryption n n Public key – used for encryption Private key – used for decryption Alice and Bob

Asymmetric Keys – Advantages Much more secure than symmetric keys for data transfer Often rely on factoring or some other ‘hard’ mathematical problem

Asymmetric Keys – Disadvantages Public and private keys must be somehow related Security is tied to ‘hard’ math problem used to create the keys n If the problem is solved, all data is at risk

One-Way Functions Function which is easy to compute normally but exceedingly difficult to invert Example: ceiling (log x) Most commonly used in cryptography: Factoring of very large numbers whose only factors are two very large primes

Example Algorithms RSA Algorithm DES Algorithm One-time pad

RSA Algorithm Developed by Ron Rivest, Adi Shamir, and Len Adleman Uses asymmetric keys Relies upon factorization problem

The Algorithm Method is mathematically complex Result is simple: n Two numbers: e – used for public key d – used for private key n One ‘extra’ number: n – used for both keys

The Algorithm (cont’d) Using these three numbers, encryption itself is quite simple For some unencrypted message m, c = me mod n Where c is the encrypted result Similarly, to decrypt a message, m = cd mod n

Digital Signatures RSA method is completely reversible n Private key = public key, vice versa Applying digital signature: n n n Private key holder sends message, attaches some value encrypted with private key Recipient decrypts value with public key If the value is ok, the recipient knows that whoever sent the message knows the private key

DES Algorithm Data Encryption Standard – Developed by IBM and approved by NBS Uses symmetric key n Same key used for encryption, decryption Adopted as a US standard in 1976

The Algorithm Uses a 64 -bit key for encryption n n 56 bits for actual encryption 8 bits for error detection Divides data into 64 -bit blocks, and applies algorithm to each Algorithm itself extremely complex

Controversy Original IBM plan called for 128 -bit encryption Modified by the NSA down to only 56 Questionable motives, security Became much less trusted over its lifetime Was cracked for the first time in 1997 Replaced by AES in 2001

One-Time Pad Has been used for quite a long time Can be done without a computer Has been proven to be completely impossible to crack

The Algorithm Most useful for text, can be used on binary data as well Key must be at least as long as the message itself Each letter in key represents the amount to change the corresponding letter in the message

Example Message Key Ciphertext = ‘WELCOME’ = ‘PBKVAUJ’ = ‘LGYYPHO’

The Catch Key must be purely random Key must accompany encrypted data at all times Key must only be used once, then discarded and destroyed

The Proof of Security Message Key Ciphertext = ‘WELCOME’ = ‘PBKVAUJ’ = ‘LGYYPHO’ Key guessed by computer with infinite computing power = ‘ERJUNMU’ Result = ‘GOODBYE’

Modern Applications Widespread usage would be infeasible n n Too many keys Unsafe No known source for pure randomness on a large scale Still used on occasion, but only rarely

Cryptanalysis Refers to the attempts at getting past encryption security measures Most commonly refers to algorithmic analysis, not other means, such as theft, bribery, keylogging, etc.

Types of attacks Ciphertext-only attack n No plaintext available, only ciphertext Known-plaintext attack n The attacker has a set of ciphertexts along with corresponding plaintexts Chosen plaintext attack n The attacker is able to produce ciphertexts based on strategically chosen plaintexts

Types of Attacks (cont’d) Adaptive Chosen Plaintext Attack n Attacker can follow a chosen plaintext attack with another, using information gained from the first Related-Key Attack n Attacker can perform chosen plaintext attacks with different keys and compare the results of each

Modern Cryptanalysis Nowadays, ciphertext-only attacks are rare n n Can be successful with weaker algorithms Usually difficult to have success with more modern ciphers Most attackers are able to utilize at least a known-plaintext attack

Breaking Ciphers Brute force n n Often unsuccessful Most algorithms ensure sufficient protection against brute-force attacks Find patterns n n Weakness in algorithm Information about key

Frequency Analysis Letters in the English language occur at different rates n n n ‘e’ is most common letter ‘th’ is most common pair of letters ‘the’ is most common trio of letters Weak ciphers fail to sufficiently mask this information

Cryptanalysis Example - Vigenere Cipher Requires a key of arbitrary length n n The longer the key, the stronger the algorithm If key length = message length, one-time pad Adjust letters according to key n Message: LOVEL YWEAT HERTO n Key: PSSWD n Ciphertext: AGNAO NOWWW WWJPR DAY PSS SSQ

Cryptography Example (cont’d) http: //homepage. cs. uri. edu/research/crypt ography/classicalvigenerecryptdemo. htm Ciphertext: ODFWDMSUDLKUCSNISNGTNSZDAMC ZLHKIHATKRMLAZSMGFGAYJIIOUFDZ CNZEXSJMBRWWXOXKBACNWNKTGB XKOTSHSTOCHMNJSLYOJWHVIBWMA BRSQATNZCTEXHSSNJXOKTOQYXOX OFD

References [1] http: //catalog. com/sft/encrypt. html [2] http: //en. wikipedia. org/wiki/Data_encryption [3] http: //en. wikipedia. org/wiki/One-time_pad [4] http: //homepage. cs. uri. edu/research/cryptography/index 2. htm [5] http: //www. itl. nist. gov/fipspubs/fip 46 -2. htm [6] http: //www. ciphersbyritter. com/GLOSSARY. HTM [7] Stinson, Douglas R. Cryptography: Theory and Practice. 2 nd Edition. New York: Chapman & Hall/CRC, 2002. [8] Welsh, Dominic Codes and Cryptography. Oxford: Clarendon Press, 1988.