December month null Meet, Mumbai

1. CRYPTOGRAPHY - 101
VISHAL PUNJABI
vp0502@gmail.com

2. OVERVIEW
• Terminologies
• Symmetric key algorithms
-Vernam cipher
-A5/1
-DES
-AES
• Asymmetric key algorithms
-RSA
-Deffie Hellman
• Some cryptographic hashes
• Tools for cryptanalysis

3. TERMINOLOGY
• Cryptology-Art and science of making
“secret codes”.
• Cryptography- The practice and study
of hiding information.
• Cryptanalysis-Art of finding some
weakness and insecurity in a
cryptographic scheme.

4. CRYPTOGRAPHIC TERMINOLOGY
• Plain text-The format of the data before being
encrypted.
• Cipher Text-The “scrambled” format of data after
being encrypted.
• Key-A secret value used during the encryption
and decryption process
• Encryption-Method of transforming plain text into
an unreadable format
• Decryption-Method of obtaining the encrypted
message back to its original form.

5. ENCRYPTION AND DECRYPTION

6. TYPES OF ALGORITHMS
Cryptographic algorithms
Symmetric key Asymmetric key
(Shared secret key) (Public key)

7. SYMMETRIC KEY ENCRYPTION

8. TYPES OF SYMMETRIC CIPHERS
• Stream ciphers
– Encrypts one bit/character at a time
• Block ciphers
– Break plaintext message in equal-size
blocks
– Encrypts each block as a unit

9. SUBSTITUTION CIPHER
• Substituting by a character “key” places ahead of the current
character
a)Monoalphabetic cipher (Stream cipher)
• Eg. PlainText : THIS IS AN EASY TASK
• Key : 3
• Encryption : WKLV LV DQ HDVB WDVN
b) Polyalphabetic cipher (Block cipher)
• Eg : THIS IS AN EASY TASK.
• Make group of 3 characters and a set of keys used could be 135.
THI SIS ANE…
Encryption : UKN TLX…

10. TRANSPOSITION CIPHER
• Transposition ciphers use the letters of the plaintext
message, but they permute the order of the letters.
Encrypt : hello my dear friend
Key: 2143
1. Remove spaces
2. Divide the text into blocks of 4 characters.
3. Add bogus character(s) at the end(if reqiured).
hello myde arfr iend
Ciphertext: ehol ymed rarf eidn
After decryption : hello myde arfr iend

11. VERNAM CIPHER
• Each character from the plaintext is encrypted by a modular addition
which a number from the secret random key pad which is of the
same length as the plain text.
Step 1: Convert the letters to their numeric equivalents
V E R N A M C I P H E R
21 4 17 13 0 12 2 8 15 7 4 17
Assume the random 2 digit no. series (key)
76 48 16 82 44 03 58 11 60 05 10 88
Step 2: Add the numeric equivalent and the corresponding
random no.
Random no + numeric equivalent =sum
Sum 97 52 33 95 44 15 60 19 75 12 14 105

12. VERNAM CIPHER
Step 3 : Perform sum mod 26
19 0 7 17 18 15 8 19 23 12 14 1
Ciphertext ----
t a h r s p i t x m o b
Decryption
Step 1
a = (numeric equivalent of ciphertext - key)
Step 2
a mod 26
(if a negative then keep adding 26 till you get a positive no.)
Step 3
Convert numeric equivalent back to alphabet

13. A5/1 STREAM CIPHER
• GSM uses A5/1 as a cryptographic
algorithm.
• Phone communication in GSM is done
as a sequence of 228 bit frames.
• A5/1 creates a bit stream of 228 bits in
a 228 bit buffer which is EX-Ored with
228 bits of plain text to generate the
ciphertext.

14. A5/1 STREAM CIPHER

15. A5/1 STREAM CIPHER
• It was initially kept secret, but became
public knowledge through leaks
and reverse engineering.
• COPACOBANA was the first
commercially available solution to
break the cipher.

16. RC4 STREAM CIPHER
• Most widely used stream cipher used in
popular protocols such as Secure
Sockets Layer (SSL) (to protect Internet
traffic) and WEP (to secure wireless
networks).
• Designed by Ron Rivest in 1984.
• Hence the name RC4( Rivest cipher 4).
• Fluhrer, Mantin and Shamir attack AND
Klein's Attack are a few attempts.

17. RC4 STREAM CIPHER
• Consists of 2 parts: Key Scheduling
Algorithm (KSA) & Pseudo-Random
Generation Algorithm
• 8 bits of the plain text is Exored with a
byte of the key to produce a byte of
ciphertext.
• Key stream is a a sequence of bytes(
can contain 1-256 bytes).

18. DATA ENCRYPTION
STANDARD (DES)
• Modern symmetric key block cipher.
• Developed by IBM and then published
by National Institute of standards and
technology(NIST).
• Vulnerable only because of its small
key length.
• Often used in VPN servers.

19. DES ALGORITHM
• DES is a Feistel cipher
– 64 bit block length
– 56 bit key length
– 16 rounds
– 48 bits of key used each
round (subkey)
• Each round is simple
(for a block cipher)
• Security depends
primarily on “S-boxes”
– Each S-boxes maps 6 bits
to 4 bits

20. L R key
32 28 28
expand shift shift One
48 28 28
Round
32 Ki
48
of
48 compress
S-boxes
28 28 DES
32
P box
32
32
32
key
L R

21. DES ATTACKS
• Brute force attack
• Differential cryptanalysis
• Linear cryptanalysis
• Improved Davies' attack
• distributed.net and the Electronic Frontier
Foundation collaborated to publicly
break a DES key in 22 hours and 15
minutes
• Now replaced by AES

22. ADVANCED ENCRYPTION STANDARD
(AES)
• Replacement for DES
• AES competition (late 90’s)
– NSA openly involved
– Transparent process
– Many strong algorithms proposed
– Rijndael Algorithm ultimately selected
• Iterated block cipher (like DES)
• Not a Feistel cipher (unlike DES)
• 3 versions are : AES - 128
AES - 192
AES – 256
• Used in Open SSL and WPA2

23. AES OVERVIEW
• Block size: 128, 192 or 256 bits
• Key length: 128, 192 or 256
bits (independent of block
size)
• 10 to 14 rounds (depends on
key length)
• Each round uses 4 functions
(in 3 “layers”)
– ByteSub (nonlinear layer)
– ShiftRow (linear mixing
layer)
– MixColumn (nonlinear
layer)
– AddRoundKey (key
addition layer)

24. ATTACKS
• Side-channel attack
• Brute force attack
• XSL attack
• Related-key attack
• Known-key distinguishing attack

25. ASYMMETRIC KEY ENCRYPTION

26. RSA
• The most common public-key algorithm is the RSA
cryptosystem, named for its inventors (Rivest, Shamir, and
Adleman).
• Applications
1. To protect web traffic, in the SSL protocol (Security
Socket Layer),
2. To guarantee email privacy and authenticity in PGP
(Pretty Good Privacy)
3. To guarantee remote connection in SSH (Secure Shell)
4. Furthermore it plays an important role in the modern
payment systems through SET protocol (Secure
Electronic Transaction).

27. ALGORITHM
• Let p and q be two large prime numbers
• Let N = pq be the modulus
• Find ф(n)=(p-1).(q-1)
• Choose e such that it is relatively prime to ф(n).
• Choose d such that : e x d mod ф(n)=1
• Public key is (N,e)
• Private key is d
• To encrypt message M compute
– C = Me mod N
• To decrypt C compute
– M = Cd mod N

28. RSA ATTACKS
• Factoring the Public Key
To make RSA secure recommended
size of p and q is 512 bits(154 decimal
digits).
This makes n 1024 bits.
• Guessing d
• Cycle Attack
• Common Modulus

29. Diffie Hellman
• Invented by Williamson (GCHQ) and,
independently, by D and H (Stanford)
• A “key exchange” algorithm
– Used to establish a shared symmetric key
- Not for encrypting or signing but for
exchanging keys.

30. 1. P is very large prime no and g is its primitive root.
2. Alice chooses a large random no. x such that 0<= x <= p-1 and calculates
R1= gx mod p.
3. Bob chooses another large random no. y such that 0<= y <= p-1 and
calculates R2=gy mod p.
4. Alice sends R1 to Bob. Alice does not send x; she only sends R1.
5. Bob sends R2 to Alice. Bob does not send y; he only sends R2.
6. Alice calculates K= (R2)x mod p.
7. Bob calculates K= (R1)y mod p.

31. ATTACKS
1. Discrete logarithm attack
Intruder can intercept R1 and R2. If
he can find x from R1=gx mod p and
y from R2=gy mod p then he can
calculate k=gxy mod p
2. Man in the middle attack.

32. SOME CRYPTOGRAPHIC HASHES
a) MD5(Message Digest 5)
• Developed by Ron Rivest of MIT.
• Was the mostly used secure hash algorithm till
it was cracked.
• Takes an input msg of arbitrary length and
produces as output a 128-bit message digest.
• The input is processed in 512-bit block.
• Attacks possible on MD5 are Bruteforce and
Fast collision attacks.

33. SOME CRYPTOGRAPHIC HASHES
b) SHA-1(Secure hash algorithm)
• Developed by NIST(National Institute of
standards and technology).
SHA-1 Logic :
• The algorithm takes as input a message with a
maximum length of less than 264 bits and
produces a 160-bit message digest.
• The input is processed in 512-bit blocks.

34. TOOLS FOR CRYPTANALYSTS
• Ganzúa-A cryptanalysis tool for
classical ciphers
• EverCrack - Open Source
Cryptanalysis Engine
• Lepton's Crack
• Online crackers

35. SOME RESOURCES
• CRYPTOGRAPHY CLASS BY STANFORD
http://www.crypto-class.org/
• Awesome videos
http://www.intypedia.com/
• CRYPTOGRAPHY AND NETWORK SECURITY
-BEHEROUZ A FOROUZAN

36. THANK YOU
