Intro to Crypto

2019. 9. 21

1

Contents Introduction to crypto

Symmetric-key cryptography• Stream cipher• Block ciphers• Cipher block modes

Public-key cryptography• RSA• Public key Infrastructure

2

Cryptology

3

cryptology

cryptanalysisCryptography

symmetricciphers

asymmetricciphers

hashalgorithms

protocols

Cryptography system기본 가정

• 암호 체계는 완전히 공격자에게 알려져 있다.• 즉. 암호 알고리즘은 비밀이 아니다.• 오직 키(key) 만이 유일한 비밀이다.

Kerckhoffs’ Principle• 암호 체계는 공격자가 키를 제외한 모든 내용(알고리즘)을 알더라도 안전해야 한다.

왜 이런 가정을 하는가?• 암호 알고리즘 자체는 강력하지 않을 경우가 많다.• 비밀 알고리즘은 결국 공개적으로 드러난다.• 사전에 취약점을 발견하는 것이 유리하다.

4

Symmetric Cryptography

5

plaintext

keykey

plaintext

ciphertextencrypt decrypt

ciphertext평문

암호문

Caesar’s cipher(시저 암호)

Plaintext: fourscoreandsevenyearsagoKey=3

Ciphertext: IRXUVFRUHDAGVHYHABHDUVDIR

6

a b c d e f g h i j k l m n o p q r s t u v w x y zD E F G H I J K L M N O P Q R S T U V W X Y Z A B C

Plaintext Ciphertext

Simple Substitution Cipher(단순 치환)Plaintext: fourscoreandsevenyearsagoKey:

Ciphertext: IRXUVFRUHDQGVHYHQBHDUVDJR

7

a b c d e f g h i j k l m n o p q r s t u v w x y

D E F G H I J K L M N O P Q R S T U V W X Y Z A B

z

C

Plaintext

Ciphertext

Cryptanalysis IExhausted key search or Brute-Force Attack

• Try them all keysHow may keys?

• Key space = 26∙25∙ ∙ ∙3 ∙2 ∙1= 26! ≈288

According to the key space size, the substitution cipher is secure.

8

Cryptanalysis IILetter frequency analysis

• Cannot try all 288 simple substitution keys• Can we be more clever?• Statistical property of the plaintext: English letter frequency

90.00

0.02

0.04

0.06

0.08

0.10

0.12

0.14

ExampleStatistical property of the encrypted plaintextCiphertext:PBFPVYFBQXZTYFPBFEQJHDXXQVAPTPQJKTOYQWIPBVWLXTOXBTFXQWAXBVCXQWAXFQJVWLEQNTOZQGGQLFXQWAKVWLXQWAEBIPBFXFQVXGTVJVWLBTPQWAEBFPBFHCVLXBQUFEVWLXGDPEQVPQGVPPBFTIXPFHXZHVFAGFOTHFEFBQUFTDHZBQPOTHXTYFTODXQHFTDPTOGHFQPBQWAQJJTODXQHFOQPWTBDHHIXQVAPBFZQHCFWPFHPBFIPBQWKFABVYYDZBOTHPBQPQJTQOTOGHFQAPBFEQJHDXXQVAVXEBQPEFZBVFOJIWFFACFCCFHQWAUVWFLQHGFXVAFXQHFUFHILTTAVWAFFAWTEVOITDHFHFQAITIXPFHXAFQHEFZQWGFLVWPTOFFA

Ciphertext frequency counts:

10

A B C D E F G H I J K L M N O P Q R S T U V W X Y21 26 6 10 12 51 10 25 10 9 3 10 0 1 15 28 42 0 0 27 4 24 22 28 6

Z8

History of Frequency AnalysisDiscovered by Arabs

• The first record of the frequency analysis can be found in the book of Al-Kindi in the 9C. (Abū Yūsuf Yaqūb ibn Isḥāq al-Kindī,

الكنديأبو يوسف يعقوب إبن إسحاق ) (c. 801–873 CE), (Alkindus)

Introduced to Europe at the Renaissance

11

What is the “secure” crytposystem?Cryptosystem is secure if the best known attack is to try all keys.

• i.e., Exhaustive key searchCryptosystem is insecure if any shortcut attack is known.But sometimes insecure cipher might be harder to break than a secure cipher!

12

More to “secure” crytposystemComputationally security

• A cryptosystem is computationally secure if the best known algorithm for breaking it requires the exhaustive search.

Unconditional security• A cryptosystem is unconditionally or information-theoretically

secure if it cannot be broken even with infinite computational resources.

13

Cryptanalysis(암호 해석)

14

cryptanalysis

Social engineeringImplementation

attacksclassical

cryptanalysis

mathematicalanalysis

Brute-forceattacks

Implementation AttacksSide-channel Analysis can obtain the key by measuring the electrical power consumption of a processor which operates on the key. The power trace can then be used to recover the key by applying signal processing techniques. Electromagnetic radiation can give information about the key.The implementation attacks are related to the physical access of attackers.

15

Social Engineering AttacksAny human related activities such as bribing, blackmailing, tricking, or espionageCurrent fishing is a typical attack.

16

CryptanalysisFrom perspective of information available to attackers

• Ciphertext only• Known plaintext• Chosen plaintext

• “Lunchtime attack”• Protocols might encrypt chosen data

• Adaptively chosen plaintext• Related key• Forward search (public key crypto)

17

Safe key spaceHow many keys are enough?

18

Key length Estimated time56-64 bits A few hours or days

112-128 bits Several decades in the absence of quantum computers

256 bits Several decades even with quantum computers that run the current known quantum computing algorithms

Exhaustive Key Search times

19

Key size(bits)

Key space Execution time(when 1 decypt/us)

Execution time(when 106 decypt/us)

3256128168

232=4.3X109

256=7.2X1016

2128=4.3X1038

2168=4.3X1050

231us=35.8 min 255 us=1142 yrs 2127 us=5.4X1024 yr 2167 us=5.9X1036 yr

2.15 ms10.01 hrs5.4X1018 yrs5.9X1030 yr

Powers of Two Conversion & Useful Units 2n = 10m

m ~ (n/10) * 3n ~ (m/3) * 10 Fast conversion trick:

• 210 ~ 103 , 220 ~ 106 , 230 ~ 109

• 20 = 1, 21 = 2, 22 = 4, 23 = 8, 24 = 16, 25 = 32, 26 = 64, 128, 256, 512 Seconds per day ~216 , seconds per year ~225

Schneier’s Applied Cryptography, p18• Probability to get hit by lightning per day (10-10 , 2-33 )• Number of atoms on earth (1051 , 2170 )• Number of atoms in the universe (1077 , 2265 )• Time until next ice age (14,000, 214 years)• Duration until sun goes nova (109 , 230 years)• Age of the Universe (1010 , 233 years)

20

Confusion and DiffusionClaude Shannon: the founder of Information TheoryHe proposed two fundamental concepts:

• Confusion obscure relationship between key and ciphertext (or plaintext and ciphertext)

• Diffusion the influence of one plaintext symbol is spread over many ciphertext symbols to hide statistical properties of the plaintext

21

Cryptography areas

22

Cryptography

symmetricciphers

Blockciphers

Streamciphers

asymmetricciphers

hashalgorithms

protocols