-
Definition
-
Cryptography
- Study of message secrecy
-
Steganography
- Hidden writing
-
Cryptanalysis
- Study of methods for obtaining the
meaning of encrypted information
-
Steganalysis
- Detection of steganographically encoded packages
-
Goals of cryptography
-
Confidentiality
- Keep the content of information from all but those authorized
-
Data integrity
- Addresses the unauthorized alteration of data
-
Authentication
- Identification of both entities and information itself
-
Non-repudiation
- Verified that the sender and the recipient were, in fact, the parties who claimed to send or receive the message
-
Goals of steganography
- Hide the secret information within the container file
- Mask the secret information behind the container file
- Topic
-
Steganography
-
Types
- Least Significant Byte
- Injection
-
Detection
-
Benford's law
- Topic
- The values of real-world measurements are often distributed logarithmically, thus the logarithm of this set of measurements is generally distributed uniformly
-
Cryptographic mathematics
-
One-way functions
- Easy to compute, hard to invert
- e.g. MD5, SHA-1
-
Confusion
- Relationship between the plaintext and the key is complicated
-
Diffusion
- A change in the plaintext results in multiple changes spread out throughout the ciphertext
-
Public Key Infrastructure
- Digital certificates provide communicating parties with the assurance that they are communicating with people who truly are who they claim to be. Digital certificates are essentially endorsed copies of an individual’s public key
-
Certificate Authorities
- Issuing a Certificate
- Manage a Certificate
- Distribute a Certificate
- Key Management
- Key Exchange
- Key revoke
-
Kinds of certificate
- Class 1, for individuals
- Class 2, for organizations
- Class 3, for servers and softwares
- Class 4, for online business transactions
- Class 5, for private organizations and governments
-
Modern cryptography
-
Components
-
Codes
- Cryptographic systems of symbols that represent words or phrases
-
Ciphers
- Hide the true meaning of a message
-
Type
- Transposition
- Substitution
-
One-time pad
- Perfectly random
- Secure generation and exchange
- Careful treatment
-
Type
-
Symmetric
- The way to encrypt and decrypt is the same
-
Example
- Data Encryption Standard
- 1973-74, Lucifer by IBM
- 1977, published by US gov
- 64-bit blocks of cipher text, 56 bits long key
- Modes
- ECB, CBC, CFB, OFB
- Triple DES
- 168-bits (56x3)
- IDEA
- 128-bit keys (8 rounds encryption)
- Blowfish
- Variable-length keys
- 32-bits
- 448-bits
- Skipjack
- 64-bit blocks of cipher text, 80 bits long key
- Advanced Encryption Standard (aka Rijndael algorithm)
- 1997, announced by NIST
- 128-bit blocks of cipher text
- 128-bit keys (9 rounds encryption)
- 192-bit keys (11 rounds encryption)
- 256-bit keys (13 rounds encryption)
- 3 layers of transformation
- Linear Mix
- Nonlinear
- Key addition
- PGP
- CAST 128-bit encryption/ decryption algorithm
- SHA-1 hash function
-
Asymmetric (aka Diffie-Hellman Key Exchange)
- Topic
- In asymmetric, or public key, cryptography this is not an issue in the same way. Two keys, mathematically related, are used and work together in such a way that plain text encrypted with the one key can only be decrypted with the other
-
RSA
- 1977, by Ron Rivest, Adi Shamir, and Leonard Adelman
- 768, 1024, 2048-bits of key
-
Classical cryptanalysis
- Method: Frequency attack
- Relies as much on linguistic knowledge as it does on statistics
-
Stages
- Cipher text-only
- Known-plaintext
- Chosen-plaintext
- Adaptive chosen-plaintext
- Related-key attack
-
Classical cryptography
- Spartan - scytale
- Notable Roman - Caeser cipher
- India - Karma Sutra
- China - Six Strategies