intro to cryptoants.mju.ac.kr/2019fall/info security/intro to crypto.pdf · 2019-09-20 ·...
TRANSCRIPT
Intro to Crypto
2019. 9. 21
1
Contents Introduction to crypto
Symmetric-key cryptography• Stream cipher• Block ciphers• Cipher block modes
Public-key cryptography• RSA• Public key Infrastructure
2
Cryptology
3
cryptology
cryptanalysisCryptography
symmetricciphers
asymmetricciphers
hashalgorithms
protocols
Cryptography system기본 가정
• 암호 체계는 완전히 공격자에게 알려져 있다.• 즉. 암호 알고리즘은 비밀이 아니다.• 오직 키(key) 만이 유일한 비밀이다.
Kerckhoffs’ Principle• 암호 체계는 공격자가 키를 제외한 모든 내용(알고리즘)을 알더라도 안전해야 한다.
왜 이런 가정을 하는가?• 암호 알고리즘 자체는 강력하지 않을 경우가 많다.• 비밀 알고리즘은 결국 공개적으로 드러난다.• 사전에 취약점을 발견하는 것이 유리하다.
4
Symmetric Cryptography
5
plaintext
keykey
plaintext
ciphertextencrypt decrypt
ciphertext평문
암호문
Caesar’s cipher(시저 암호)
Plaintext: fourscoreandsevenyearsagoKey=3
Ciphertext: IRXUVFRUHDAGVHYHABHDUVDIR
6
a b c d e f g h i j k l m n o p q r s t u v w x y zD E F G H I J K L M N O P Q R S T U V W X Y Z A B C
Plaintext Ciphertext
Simple Substitution Cipher(단순 치환)Plaintext: fourscoreandsevenyearsagoKey:
Ciphertext: IRXUVFRUHDQGVHYHQBHDUVDJR
7
a b c d e f g h i j k l m n o p q r s t u v w x y
D E F G H I J K L M N O P Q R S T U V W X Y Z A B
z
C
Plaintext
Ciphertext
Cryptanalysis IExhausted key search or Brute-Force Attack
• Try them all keysHow may keys?
• Key space = 26∙25∙ ∙ ∙3 ∙2 ∙1= 26! ≈288
According to the key space size, the substitution cipher is secure.
8
Cryptanalysis IILetter frequency analysis
• Cannot try all 288 simple substitution keys• Can we be more clever?• Statistical property of the plaintext: English letter frequency
90.00
0.02
0.04
0.06
0.08
0.10
0.12
0.14
ExampleStatistical property of the encrypted plaintextCiphertext:PBFPVYFBQXZTYFPBFEQJHDXXQVAPTPQJKTOYQWIPBVWLXTOXBTFXQWAXBVCXQWAXFQJVWLEQNTOZQGGQLFXQWAKVWLXQWAEBIPBFXFQVXGTVJVWLBTPQWAEBFPBFHCVLXBQUFEVWLXGDPEQVPQGVPPBFTIXPFHXZHVFAGFOTHFEFBQUFTDHZBQPOTHXTYFTODXQHFTDPTOGHFQPBQWAQJJTODXQHFOQPWTBDHHIXQVAPBFZQHCFWPFHPBFIPBQWKFABVYYDZBOTHPBQPQJTQOTOGHFQAPBFEQJHDXXQVAVXEBQPEFZBVFOJIWFFACFCCFHQWAUVWFLQHGFXVAFXQHFUFHILTTAVWAFFAWTEVOITDHFHFQAITIXPFHXAFQHEFZQWGFLVWPTOFFA
Ciphertext frequency counts:
10
A B C D E F G H I J K L M N O P Q R S T U V W X Y21 26 6 10 12 51 10 25 10 9 3 10 0 1 15 28 42 0 0 27 4 24 22 28 6
Z8
History of Frequency AnalysisDiscovered by Arabs
• The first record of the frequency analysis can be found in the book of Al-Kindi in the 9C. (Abū Yūsuf Yaqūb ibn Isḥāq al-Kindī,
الكنديأبو يوسف يعقوب إبن إسحاق ) (c. 801–873 CE), (Alkindus)
Introduced to Europe at the Renaissance
11
What is the “secure” crytposystem?Cryptosystem is secure if the best known attack is to try all keys.
• i.e., Exhaustive key searchCryptosystem is insecure if any shortcut attack is known.But sometimes insecure cipher might be harder to break than a secure cipher!
12
More to “secure” crytposystemComputationally security
• A cryptosystem is computationally secure if the best known algorithm for breaking it requires the exhaustive search.
Unconditional security• A cryptosystem is unconditionally or information-theoretically
secure if it cannot be broken even with infinite computational resources.
13
Cryptanalysis(암호 해석)
14
cryptanalysis
Social engineeringImplementation
attacksclassical
cryptanalysis
mathematicalanalysis
Brute-forceattacks
Implementation AttacksSide-channel Analysis can obtain the key by measuring the electrical power consumption of a processor which operates on the key. The power trace can then be used to recover the key by applying signal processing techniques. Electromagnetic radiation can give information about the key.The implementation attacks are related to the physical access of attackers.
15
Social Engineering AttacksAny human related activities such as bribing, blackmailing, tricking, or espionageCurrent fishing is a typical attack.
16
CryptanalysisFrom perspective of information available to attackers
• Ciphertext only• Known plaintext• Chosen plaintext
• “Lunchtime attack”• Protocols might encrypt chosen data
• Adaptively chosen plaintext• Related key• Forward search (public key crypto)
17
Safe key spaceHow many keys are enough?
18
Key length Estimated time56-64 bits A few hours or days
112-128 bits Several decades in the absence of quantum computers
256 bits Several decades even with quantum computers that run the current known quantum computing algorithms
Exhaustive Key Search times
19
Key size(bits)
Key space Execution time(when 1 decypt/us)
Execution time(when 106 decypt/us)
3256128168
232=4.3X109
256=7.2X1016
2128=4.3X1038
2168=4.3X1050
231us=35.8 min 255 us=1142 yrs 2127 us=5.4X1024 yr 2167 us=5.9X1036 yr
2.15 ms10.01 hrs5.4X1018 yrs5.9X1030 yr
Powers of Two Conversion & Useful Units 2n = 10m
m ~ (n/10) * 3n ~ (m/3) * 10 Fast conversion trick:
• 210 ~ 103 , 220 ~ 106 , 230 ~ 109
• 20 = 1, 21 = 2, 22 = 4, 23 = 8, 24 = 16, 25 = 32, 26 = 64, 128, 256, 512 Seconds per day ~216 , seconds per year ~225
Schneier’s Applied Cryptography, p18• Probability to get hit by lightning per day (10-10 , 2-33 )• Number of atoms on earth (1051 , 2170 )• Number of atoms in the universe (1077 , 2265 )• Time until next ice age (14,000, 214 years)• Duration until sun goes nova (109 , 230 years)• Age of the Universe (1010 , 233 years)
20
Confusion and DiffusionClaude Shannon: the founder of Information TheoryHe proposed two fundamental concepts:
• Confusion obscure relationship between key and ciphertext (or plaintext and ciphertext)
• Diffusion the influence of one plaintext symbol is spread over many ciphertext symbols to hide statistical properties of the plaintext
21
Cryptography areas
22
Cryptography
symmetricciphers
Blockciphers
Streamciphers
asymmetricciphers
hashalgorithms
protocols