Module 4 Enhancing Cryptographic security Modes Of Encryption

Module 4 Enhancing Cryptographic security & Modes Of Encryption ¨MModified by : Ahmad Al Ghoul ¨PPhiladelphia University ¨FFaculty Of Administrative & Financial Sciences ¨BBusiness Networking & System Management Department ¨RRoom Number 32406 ¨EE-mail Address: ahmad 4_2_69@hotmail. com Network Security Philadelphia Universityl Ahmad Al-Ghoul 2010 -2011 1

Objectives ¨ ¨ ¨ Key Escrow Types of Ciphers General Types of Ciphers Some encryption Trends Monoalphabetic Substitution Ciphers Polyalphabetic Substitution Ciphers Transposition Ciphers DES RSA Error Prevention and Detection Cipher Block Chain One Way Encryption Network Security Philadelphia Universityl Ahmad Al-Ghoul 2010 -2011 2

Encyption – can it be broken? ¨ Theoretically, it is possible to devise unbreakable cryptosystems ¨ However, practical cryptosystems almost always are breakable, given adequate time and computing power ¨ The trick is to make breaking a cryptosystem hard enough for the intruder Network Security Philadelphia Universityl Ahmad Al-Ghoul 2010 -2011 3

Types of Ciphers ¨ Ciphers can be broadly classified into the following two categories depending upon whether (i) a symbol of plaintext is immediately converted into a symbol of ciphertext (Stream Ciphers) (ii) or a group of plaintext symbols are converted as a block into a group of ciphertext symbols (Block Ciphers) – Speed of Encryption • stream symmetric > block symmetric > asymmetric Network Security Philadelphia Universityl Ahmad Al-Ghoul 2010 -2011 4

Stream Ciphers ¨ A symbol of plaintext is immediately converted into a symbol of ciphertext ¨ Advantages – Speed of transformation – Low error propagation ¨ Disadvantages – Low diffusion (Change in the plaintext should affect many parts of the ciphertext) – Susceptible to malicious insertions and modifications Network Security Philadelphia Universityl Ahmad Al-Ghoul 2010 -2011 5

Block Ciphers ¨ A group of plaintext symbols are converted as a block into a group of ciphertext symbols ¨ Advantages – Diffusion – Immunity to insertions ¨ Disadvantages – Slowness of encryption – Error propagation Network Security Philadelphia Universityl Ahmad Al-Ghoul 2010 -2011 6

Trends ¨ Block size: larger block sizes mean greater security ¨ Key Size: larger key size means greater security ¨ Number of rounds: multiple rounds offer increasing security Network Security Philadelphia Universityl Ahmad Al-Ghoul 2010 -2011 7

DES developed at IBM, every five years re-certification is held, it is a block cipher algorithm, it maps 64 -bit plaintext into 64 block of cipher text, keys are 56 bit long, the procedures is repeated several time, the brute force approach to decipher requires 70 million billion trials (2 raised on 56) Network Security Philadelphia Universityl Ahmad Al-Ghoul 2010 -2011 8

Overview of DES is a careful combination of two fundamental building blocks of encryption: substitution and permutation (transposition) Algorithm repeats these operation in 16 cycles Algorithm uses only standard arithmetic and logical operation on up to 64 numbers, although complex, the algorithm is repetitive, making it suitable for implementation on a single purpose chip, Several such chips are available on the market Network Security Philadelphia Universityl Ahmad Al-Ghoul 2010 -2011 9

Rivest-Shamir-Adleman Encryption RSA incorporates results from number theory, combined with the difficulties of determining the prime factors of a target RSA operates with arithmetic mod n Two keys d and e are used for encryption and decryption They are interchangeable, the plain text is encrypted as P(e)mod n The decrypting key d is chosen, so that ((P(e)d) mod n=P The underlying problem on which the RSA is based is that of factoring large numbers Network Security Philadelphia Universityl Ahmad Al-Ghoul 2010 -2011 10

RSA Because of symmetry in modular arithmetic, encryption and decryption are mutual inverse and commutative The encryption key consists of a pair of integers (e, n) and the decryption key is (d, n), e and d are used as: P=C mod n = (P ) mod n The value of n should be quite large, a product of two primes p and q Both should be large themselves, 100 digits each, and n is 200 digits long Network Security Philadelphia Universityl Ahmad Al-Ghoul 2010 -2011 11

the RSA power To give an intuitive feel what this means, suppose we have to find the two factors of the number 437, which two numbers multiplied together give 437. This can be solved easily by a calculator, but numbers made sufficiently large, like those requiring several hundreds or thousand of bits to represent them make this task even difficult for computers The state of art in factoring in 1994 was demonstrated by well publicized event - the factoring of a 129 digit (429 bit) RSA modules. The total processing power required was 4 600 MIPS years or to a processing done by Pentium 100 running non stop for 46 year. Today it is considered that 1024 bit modules provide enough protection even for the computer power beyond year 2000 Network Security Philadelphia Universityl Ahmad Al-Ghoul 2010 -2011 12

ALGORITHM ¨ Key Generation 1. 2. 3. 4. 5. Generate two large prime numbers, p and q Let n = pq Let m = (p-1)(q-1) Choose a small number e, coprime to m Find d, such that de % m = 1 ¨ Publish e and n as the public key. Keep d and n as the secret key. ¨ Encryption ¨ C = Pe % n ¨ Decryption ¨ P = Cd % n ¨ x % y means the remainder of x divided by y Network Security Philadelphia Universityl Ahmad Al-Ghoul 2010 -2011 13

Key Generation ¨ 1) Generate two large prime numbers, p and q ¨ To make the example easy to follow I am going to use small numbers, but this is not secure. To find random primes, we start at a random number and go up ascending odd numbers until we find a prime. Lets have: ¨p = 7 q = 19 Network Security Philadelphia Universityl Ahmad Al-Ghoul 2010 -2011 14

Key Generation ¨ 2) Let n = pq ¨ n = 7 * 19 = 133 ¨ 3) Let m = (p - 1)(q - 1) ¨ m = (7 - 1)(19 - 1) = 6 * 18 = 108 Network Security Philadelphia Universityl Ahmad Al-Ghoul 2010 -2011 15

Key Generation ¨ 4) Choose a small number, e coprime to m ¨ e coprime to m, means that the largest number that can exactly divide both e and m (their greatest common divisor, or gcd) is 1. Euclid's algorithm is used to find the gcd of two numbers, but the details are omitted here. ¨ e = 2 => gcd(e, 108) = 2 (no) e = 3 => gcd(e, 108) = 3 (no) e = 4 => gcd(e, 108) = 4 (no) e = 5 => gcd(e, 108) = 1 (yes!) Network Security Philadelphia Universityl Ahmad Al-Ghoul 2010 -2011 16

Key Generation ¨ 5) Find d, such that de % m = 1 ¨ This is equivalent to finding d which satisfies de = 1 + nm where n is any integer. We can rewrite this as d = (1 + nm) / e. Now we work through values of n until an integer solution for e is found: ¨ n = 0 => d = 1 / 5 (no) n = 1 => d = 109 / 5 (no) n = 2 => d = 217 / 5 (no) n = 3 => d = 325 / 5 = 65 (yes!) Network Security Philadelphia Universityl Ahmad Al-Ghoul 2010 -2011 17

Key Generation ¨ To do this with big numbers, a more sophisticated algorithm called extended Euclid must be used. ¨ Public Key ¨ n = 133 e = 5 ¨ Secret Key ¨ n = 133 d = 65 Network Security Philadelphia Universityl Ahmad Al-Ghoul 2010 -2011 18

Communication ¨ Encryption ¨ The message must be a number less than the smaller of p and q. However, at this point we don't know p or q, so in practice a lower bound on p and q must be published. This can be somewhat below their true value and so isn't a major security concern. For this example, lets use the message "6. " ¨ C = Pe % n = 65 % 133 = 7776 % 133 = 62 Network Security Philadelphia Universityl Ahmad Al-Ghoul 2010 -2011 19

Decryption ¨ This works very much like encryption, but involves a larger exponation, which is broken down into several steps ¨ P = Cd % n = 6265 % 133 = 62 * 6264 % 133 = 62 * (622)32 % 133 = 62 * 384432 % 133 = 62 * (3844 % 133)32 % 133 = 62 * 12032 % 133 Network Security Philadelphia Universityl Ahmad Al-Ghoul 2010 -2011 20

Decryption ¨ We now repeat the sequence of operations that reduced 6265 to 12032 to reduce the exponent down to 1. ¨ = 62 * 3616 % 133 = 62 * 998 % 133 = 62 * 924 % 133 = 62 * 852 % 133 = 62 * 43 % 133 = 2666 % 133 = 6 Network Security Philadelphia Universityl Ahmad Al-Ghoul 2010 -2011 21

Java RSA Code ¨ A Java implementation of RSA is just a transcription of the algorithm: ¨ import java. math. Big. Integer; import java. security. Secure. Random; class Rsa{ private Big. Integer n, d, e; public Rsa(int bitlen) { Secure. Random r = new Secure. Random(); Big. Integer p = new Big. Integer(bitlen / 2, 100, r); Big. Integer q = new Big. Integer(bitlen / 2, 100, r); n = p. multiply(q); Big. Integer m = (p. subtract(Big. Integer. ONE)). multiply(q. subtract(Big. Integer. ONE)); e = new Big. Integer("3"); while(m. gcd(e). int. Value() > 1) e = e. add(new Big. Integer("2")); d = e. mod. Inverse(m); } public Big. Integer encrypt(Big. Integer message) { return message. mod. Pow(e, n); } public Big. Integer decrypt(Big. Integer message) { return message. mod. Pow(d, n); }} Network Security Philadelphia Universityl Ahmad Al-Ghoul 2010 -2011 22

Enhancing Cryptographic Security ¨ Currently 3 DES and RSA(1024) are believed to be secure – An intruder is unlikely to discover the content of a message encrypted under one of them ¨ But some systems based on these cryptosystem may not achieve their goals – block replay – operation mode dependent Network Security Philadelphia Universityl Ahmad Al-Ghoul 2010 -2011 23

Error Prevention and Detection ¨ In the DES and any block Cipher each block is an entity. ¨ An interceptor who understood the format of a sender’s messages could modify messages without needing to break the encryption. Network Security Philadelphia Universityl Ahmad Al-Ghoul 2010 -2011 24

Error Prevention and Detection ¨ Attack : Block Replay Block 1 Encrypted Block 2 Name Block 3 Block 4 Block 5 Account Amount – If ECB mode (each block encrypted separately) is used, then intruder can replace the forth block arbitrarily using the previously used data ¨ Solution – Block Chaining • Error propagation - cannot reconstruct the whole ciphertext – Initial Chaining Value(Initial Vector) • randomize the first block • candidates : random number, date, time, etc. Network Security Philadelphia Universityl Ahmad Al-Ghoul 2010 -2011 25

One-Way Functions ¨ One-way functions are relatively easy to compute, but significantly harder to reverse. That is, given x it is easy to compute f(x), but given f(x) it is hard to compute x. In this context, “hard” is defined as something like: It would take millions of years to compute x from f(x), even if all the computers in the world were assigned to the problem. ¨ Breaking a plate is a good example of a one-way function. It is easy to smash a plate into a thousand tiny pieces. However, it’s not easy to put all of those tiny pieces back together into a plate. Network Security Philadelphia Universityl Ahmad Al-Ghoul 2010 -2011 26

One Way Encryption ¨ one-way encryption, allows for the encryption of some plain text, but does not provide a way in which to convert the cipher text back to its original form. ¨ it is a widely used technique for ensuring the integrity of system passwords. ¨ if the one-way encrypted passwords somehow fall into the hands of a third-party, it isn't going to do much good because they can never be converted back to plain text. Network Security Philadelphia Universityl Ahmad Al-Ghoul 2010 -2011 27

One Way Encryption ¨ The user enter his password, the input ( password ) is encrypted ¨ ¨ using the one-way algorithm. The password that encrypted with one way encryption compared with the stored encrypted password. If they match, the input password must be correct. The input parameter input_string is just the string that you would like to encrypt. The second, optional input parameter salt refers to a bit-string that will influence the encryption outcome to further eliminate the possibility of what are known as precomputation attacks Network Security Philadelphia Universityl Ahmad Al-Ghoul 2010 -2011 28