[SEC] Cryptography I
Cryptography I
Content
- What is encryption?
- Primitive types
- Historic ciphers
- The One Time Pad
- Stream Ciphers
- Cryptanalysis(密码分析学,密码翻译法)
Encryption
- Encryption: We encode a message such that only authorised users may read it
- Cipher: takes a string of plaintext, and converts it into a string of ciphertext
- Encryption can provide:
- Confidentiality
- Integrity
- Authenticity
Notation
- A cipher converts a plaintext message M into a ciphertext C under the control of a key K
- C is not a secret, but without knowledge of the key, it should be impossible to reconstruct M
- Comes in two forms:
- Symmetric- same key for encryption/decryption
- Asymmetric- separate keys
The Caesar Cipher
- An early substitution cipher, we replace each letter of plaintext with a shifted letter further down the alphabet
- Vulnerable to frequency analysis
Frequency Analysis
- The frequency of occurrences of each character are very consistent across the same language
- The longer the ciphertext, the easier this becomes
- A corresponding to H
Monoalphabetic Substitution
- A slightly better approach, a key is used to alter the cipher alphabet
- Still extremely vulnerable to frequency analysis
The Vigenere Cipher
- An early stream cipher, the Vigenere cipher adds the plaintext to a key modulo 26: C = P + K mod 26
- Unlike the Ceasar cipher, the key is repeated for as long as is required:
- Equivalent to multiple interleaved Caesar ciphers
- Spreads out the occurrences of characters making frequency analysis hard
- This cipher is weak to Kasiski examination:
- Repeated phrases in the ciphertext give away clues as to the length of the running key
- Once the length of the key is known, simple frequency analysis can be performed
However, if we find(guess) the key length, the frequency analysis is pretty straightforward, just like the Ceasar Cipher:
Playfair
- Playfair is an early block cipher
- By using blocks of two characters(diagram) we increase the number of mappings to 650
- This makes frequency analysis much harder
(看看小block 对角线吧)
The One Time Pad
XOR
The One Time Pad(two kinds)
- Key and M and C has the same length
- The key is one time use only
BUT
- The one time pad is not practical:
- A 1GB file would need a 1GB key!
- If you ever reuse a key, the entire cipher is broken
What the one-time pad gives us in secrecy, it lacks in:
- Portability - the key is the same size as the message
- Convenience - you must never reuse the key
- Modern stream ciphers attempt to approximate the one time pad with a pseudorandom key stream
Modern Stream Ciphers
- Modern stream ciphers use an initial seed key to generate an infinite pseudorandom keystream
- The message and keystream are usually combined using XOR, which is reversible if applied twice
ChaCha20
Advantages of Stream Ciphers
- Encrypting long continuous stream, possibly of unknown length, e.g. GSM mobile communications
- Extremely fast with a low memory footprint, ideal for low-power devices
- If designed well, can seek to any location in the steam
Cryptanalysis
Kerckhoff’s Principle
“A cryptographic system must be secure even if everything is known about the system with the exception of the secret key”
- Algorithms can be published, but will work providing that the key remains secret - rather than security through obscurity.
Cryptographic Attack Models
评论
发表评论