Innovation and Cryptoventures Cryptology Campbell R Harvey Duke
Innovation and Cryptoventures Cryptology Campbell R. Harvey Duke University and NBER January 19, 2018
Campbell R. Harvey 2018
Overview Cryptology Cryptography Cryptanalysis Symmetric Ciphers Asymmetric Ciphers Protocols Campbell R. Harvey 2018
Overview Science of making things secret Cryptology Cryptography Cryptanalysis Symmetric Ciphers Asymmetric Ciphers Protocols Campbell R. Harvey 2018 Science of breaking cryptosystems
Overview Science of making things secret Cryptology Cryptography Symmetric Ciphers Asymmetric Ciphers Protocols Cryptanalysis Science of breaking cryptosystems Share a secret key Share a public key but each has secret private key Application of cryptographic algos, like TLS Campbell R. Harvey 2018
Overview Process of concealing messages • Greek κρυπτω meaning “secret” or “hidden” • Used for 4, 000 years • Early techniques involved concealed writing/symbols • Parchments that had to be wrapped around a rod of a specific size to figure out the message Material drawn liberally from M. Cozzens and S. J. Miller, The Mathematics of Encryption, 2013. Campbell R. Harvey 2018
Overview We will not talk about steganography • This is the practice of concealing a message • In contrast to cryptography, steganography does not attract any attention • In cryptography, you encrypt the content of the message • In steganography, you focus on hiding the fact that a secret message is even being sent Campbell R. Harvey 2018
Polybius square 300 -400 BCE Polybius advocated a square (originally using the Greek alphabet) • Note that i/j are ambiguous • Read off row, column. CAM = 13, 11, 32 Campbell R. Harvey 2018
Cipher From Arabic, sifr, meaning “nothing” • Method of concealment where letters are replaced by other letters, numbers or symbols – or the order of the letters is shifted • Code is related but different. Code is a method of concealment that uses words, numbers or syllables to replace original words or phrases (does not appear until modern times). Texting short forms, e. g. ttyl, would not qualify because everyone knows them. • Ciphers traditionally have been broken by frequency analysis. For example, “e” and “t” are the two most common English letters. Campbell R. Harvey 2018
Substitution Cipher Caesar Cipher shift letters by fixed number of places (originally 3). Note 3 is called the “key”. • The shift could be arbitrary. +3 CAM=FDP • Not very secure Campbell R. Harvey 2018
Substitution Cipher Caesar Cipher is early example of using modulo arithmetic. • If we shifted +26 (or -26), we end up with the regular alphabet • If we shifted +27, it is the same as +1 • If we shifted +54, it is the same as +2 • A clock is modulo 12 • Note: Modulo arithmetic very important for advanced encryption Campbell R. Harvey 2018
Substitution Cipher Caesar Cipher is early example of using modulo arithmetic. • Let A=0, B=1, …, Z=25 Then: • Encrypted(x) = (x + k) mod 26 • Here “k” is the shift or “key”, mod is the modulo operation (in Python code on earlier slide denoted by “%”) Campbell R. Harvey 2018 Caesar cipher is a special case of an “affine cipher”; more generally encrypted (x) = (ax + k) mod 26; a=1 for Caesar.
Substitution Cipher Definition • “Plaintext” is the message you want to encrypt (e. g. CAM) • “Ciphertext” is the encrypted message (e. g. FDP) Campbell R. Harvey 2018
Substitution Cipher Caesar Cipher is monoalphabetic cipher • Each plaintext letter will always have the same ciphertext letter • Easy to crack – brute force only requires 25 different tries Campbell R. Harvey 2018
Substitution Cipher It is also possible to use a keyword (with no repeating letters). • Suppose keyword = cipher • CAM = PCY • But this is just one of many possible alternative reorderings Campbell R. Harvey 2018
Substitution Cipher Many other monoalphabetic ciphers • There are 26! (factorial, i. e. 26 x 25 x 24 x…x 1) ways to reorder • This is a large number (4. 032914611 x 1026 ) of distinct ciphers. • Brute force: if you could try 1 trillion combinations a second, it would take 12, 000 years to brute force all combinations Campbell R. Harvey 2018
Substitution Cipher Breaking monoalphabetic ciphers • However, you do not need brute force • These ciphers are vulnerable to frequency analysis Campbell R. Harvey 2018
Substitution Cipher Breaking monoalphabetic ciphers • However, you do not need brute force • These ciphers are vulnerable to frequency analysis https: //en. wikipedia. org/wiki/Letter_frequency Campbell R. Harvey 2018
Properties of Valid Ciphers Properties of a valid encryption scheme • Easy to encrypt • Easy to transmit • Easy to decode • If intercepted, should be hard to decode • Ideally, source of message should be validated Campbell R. Harvey 2018
Substitution Cipher Even more advanced uses polyalphabetic substitution • Use of Vigenère square (just like Caesar but all possible starting points) • Define a keyword (called “keystream”) and repeat it to make it as long as your message: suppose my key BTC Campbell R. Harvey 2018
Substitution Cipher Encryption • CAM HARVEY • BTCBTC • For “C”, go to the row beginning with “B” (first letter of BTC) and read off the letter corresponding to “C” in the first row (which is “D”) Campbell R. Harvey 2018
Substitution Cipher Encryption • CAM HARVEY • BTCBTC • For “C”, go to the row beginning with “B” (first letter of BTC) and read off the letter corresponding to “C” in the first row (which is “D”) • For “A” go to the row beginning with “T” and read off “A” column “T” Campbell R. Harvey 2018
Substitution Cipher Encryption • CAM HARVEY • BTCBTC • For “C”, go to the row beginning with “B” (first letter of BTC) and read off the letter corresponding to “C” in the first row (which is “D”) • For “A” go to the row beginning with “T” and read off first column “T” • For “M” go to the row beginning with “C” and read off letter under “M” which is “O” etc. Campbell R. Harvey 2018
Substitution Cipher There are 25 reorderings with Vigenère square • But the square is just a visual way of doing modulo arithmetic • Let “A”=0, “B”=1, … , “Z”=25 19+19=38 mod 26 =12 (divide 38/26 and remainder is 12) Excel =mod((ROW 1 + ROW 2), 26) Campbell R. Harvey 2018
Substitution Cipher There are 25 reorderings with Vigenère square • Easy to decipher. Write down code and keystream underneath and subtract Excel =mod((ROW 1 - ROW 2), 26) Campbell R. Harvey 2018
Transposition Cipher Letters remain the same but the order is scrambled • Start with key word, say “BTC” • Write down order of letters in keyword • Fill out rectangle with message • Read off columns in order • YROIOERUHENSUAOPNSTCE Col #1 Col #3 Col #2 Campbell R. Harvey 2018
Transposition Cipher Letters remain the same but the order is scrambled • This type of cipher is immune to an attack based on frequency analysis because the exact same letters are used – the order is subject to permutation Campbell R. Harvey 2018
Transposition Cipher Chinese cipher • Fill rectangle with message down far right column and up the next column • Read off rows • ESSIY DICEO AMONU BOMOR CRPHP = Your phone is compromised(abc) Campbell R. Harvey 2018
Permutation Cipher Mixes up the letters. • Example: (1, 2, 3) -> (3, 1, 2) • So the word “THE” would be “ETH” • To decrypt, we use the inverse permutation Campbell R. Harvey 2018
Hill Cipher Uses matrix operations. • Choose the length of blocks, say 3 • Form 3 x 1 (3 rows, 1 column) matrices and use numbers for letters, i. e. A=0, B=1 • Matrix K is the “key” and will by 3 x 3 (3 rows and 3 columns) • Multiply each block by K, i. e. b 1 x. K (result will be a 3 x 1) then modulo 26 each element. This produces the Hill Cipher • To decipher, multiple each cipher block by the inverse of K, modulo 26 Campbell R. Harvey 2018
Advanced Ciphers Modern ciphers use both substitution and transposition • Mixing is called “product cipher” • Mix includes substitution, transformation and modulo operations • Foundational work by Claude Shannon • Modern standards are DES* (Data Encryption Standard from early 1970 s and no longer considered secure) and AES** (Advanced Encryption Standard adopted in 2001) *Also known as Lucifer, based on the work of Horst Feistel Campbell R. Harvey 2018 **Also known as Rijndael, after founders Vincent Rijmen and Joan Daemen
Advanced Ciphers This could be a legit purchase by one of five people that can access my e. Bay account. Campbell R. Harvey 2018
Advanced Ciphers This could be a legit purchase by one of five people that can access my e. Bay account. Why would I buy a 2009 Lenovo in 2017? Campbell R. Harvey 2018
Advanced Ciphers EC SHA-384 RSA Campbell R. Harvey 2018 AES-384
Advanced Ciphers Real sender: Someone at bundugamelodge. co. za Campbell R. Harvey 2018
- Slides: 35