Computer Security I
Computer Security I
Unit 2: Authorization & Authentication
Objectives
Objectives
Introduce the basic concepts of cryptography
Cryptographic algorithms
Basic Concepts
Basic Concepts
Cryptography: is the study of
secret (crypto-) writing (-graphy)
It is the practice of using
encryption to conceal a message from all except the sender and
Encryption: is the process of
encoding a message so that its meaning is not obvious.
Decryption: is the reverse
process, transforming an
Cipher: an algorithm for
transforming an intelligible message into one that is
unintelligible by transposition and/or substitution methods
Key: some critical information
Plaintext (P): The original form
of a message. We denote a plaintext message P as a
sequence of individual characters
P = {p1,p2,…pn}
Ciphertext (C): The encrypted
form of a message. We denote a ciphertext message C as a
sequence of individual characters
The transformation between
plaintext and ciphertext are denoted :
C = E(P) and P=D(C)
C: Ciphertext
E: Encryption Algorithm
P: Plaintext
Therefore we want a
cryptosystem for which P = D(E(P))
Encryptio n
Decryptio n
Encryption Algorithms
Encryption Algorithms
Some encryption algorithms use
a key K, so the cipher text
message depends on the original plaintext message and the key
value, denoted
C = E(K,P) where E is a set of
encryption algorithms and the key K selects one specific
Symmetric and Asymmetric
Symmetric and Asymmetric
Encryption
Encryption
Symmetric Encryption:
Encryption key and decryption key are the same, so that
P=D(K,E(K,P)) where D and E are mirror image processes. Parties that communicate share a secret key. Mainly used to encipher/
Symmetric and Asymmetric
Symmetric and Asymmetric
Encryption
Asymmetric Encryption:
Each party has a pair of keys (Kpu, Kpr) where Kpu is the public key and Kpr is the private key.
The Public and Private key pair
comprise of two uniquely related cryptographic keys (basically long random numbers). Below is an
example of a Public Key:
The Public Key is what its name suggests - Public. It is made available to everyone via a publicly accessible repository or
directory. On the other hand, the Private Key must remain confidential to its
respective owner.
Because the key pair is mathematically related, whatever is encrypted with a
Public Key may only be decrypted by its corresponding Private Key and vice
For example, if Cindy wants to send
sensitive data to Lisa, and wants to be sure that only Lisa may be able to read it, she will encrypt the data with Lisa's Public Key. Only Lisa has access to her corresponding Private Key and as a
result is the only person with the
capability of decrypting the encrypted data back into its original form.
Public Key Cryptography can therefore achieve Confidentiality.
Classes of Encryption
Classes of Encryption
Substitution: Exchanging each
character of a message with another character or symbol
Transposition: The order of the
Substitution
Substitution
(Monoalphabetic Ciphers)
(Monoalphabetic Ciphers)
◦ Caesar Cipher: Used a shift of 3, so that plaintext P was
enciphered as ciphertext letter C by
An alternative is to use a key, a
word that controls the enciphering.
Eg.
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
Another possibility is to count by
3s , (or 5s, 7s or 9s) using every third letter
Eg. Using (3*µ) mod 26
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
Disadvantages
Disadvantages
Monoalphabetic ciphers: -
Frequency distribution reflects
Substitution
Substitution
(Polyalphabetic Ciphers)
(Polyalphabetic Ciphers)
Flattens distribution by combining
two distributions, using two
separate encryption alphabets.
1st: For all characters in odd
positions of plaintext
2nd: For all characters in even
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
a d g j m p s v y b e h k
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
n s x c h m r w b g l q v
Table 1 (Odd Position): (3*µ) mod 26
Table 2 (Even Position): ((5*µ)+13) mod 26
C O M P U T E R
g f k k i e m u
Vigenere Tableaux
Vigenere Tableaux
• Uses a keyword and lets the
Vigenere Tableaux
Vigenere Tableaux
Eg
P A S S C O D E P A S S C O D E P A S S C O D E
One Time Pads
One Time Pads
Large non-repeating set of keys
are written on sheets of paper, put together into a pad.
Sender would write the
non-repeating keys one at a time
The receiver needs an identical
pad as the sender. Upon
receiving the message, the
receiver takes the appropriate number of keys and deciphers the message.
Explore also Long Random
Problems with one time
Problems with one time
pads
pads
Need absolute synchronization
between sender and receiver
Need unlimited number of keys
(Generating large number of keys is no problem, however, the
Transpositions
Transpositions
(Permutations)
(Permutations)
An encryption process in which
the letters of the message are rearranged.
Goal: To spread the information
Columnar Transposition
Columnar Transposition
The plaintext is separated into
blocks in the form
Eg
p1 p2 P3 p4 p5
p6 P7 p8 p9 p10 p11 P12 p13 p14 p15
T H I S I
The resulting ciphertext would
then be: tsu ham icn soa ilr
Explore also Double Transposition
Cryptanalytic Attacks
Cryptanalytic Attacks
Ciphertext only: The cryptanalyst
knows only the ciphertext.
Sometimes the language of the
plaintext and cipher are also known. Goal: Find the plaintext and the key
Known-plaintext attack: The
cryptanalyst knows several pairs of ciphertext and corresponding
plaintext. Goal: Find the key used to encrypt messages or a way to
Chosen-plaintext: The
cryptanalyst knows a number of encrypted messages and he can also encrypt any message he
chooses. Goal: To deduce the key used in the other encrypted
messages or decrypt any new message using that key.
Chosen ciphertext: Similar to the
chosen-plaintext but the
cryptanalyst can choose the
