Computer Security Set of slides 2 Dr Alexei Vernitski Cryptography • Codes • Ciphers (read more in the textbooks) Example of code: Morse code For discussion • In what circumstances would one want to use Morse code? • For example: – Is Morse code suitable for storing data? – Is Morse code suitable for protecting data confidentiality? Example of code: ASCII code 97 is a 98 is b 99 is c 100 is d 101 is e 102 is f 103 is g 104 is h 105 is i 106 is j 107 is k 108 is l 109 is m 110 is n 111 is o 112 is p 113 is q 114 is r 115 is s 116 is t 117 is u 118 is v 119 is w 120 is x 121 is y 122 is z Example of code: ASCII code 1100001 is a 1100010 is b 1100011 is c 1100100 is d 1100101 is e 1100110 is f 1100111 is g 1101000 is h 1101001 is i 1101010 is j 1101011 is k 1101100 is l 1101101 is m 1101110 is n 1101111 is o 1110000 is p 1110001 is q 1110010 is r 1110011 is s 1110100 is t 1110101 is u 1110110 is v 1110111 is w 1111000 is x 1111001 is y 1111010 is z For discussion • In what circumstances would one want to use ASCII code? • For example: – Is ASCII code suitable for storing data? – Is ASCII code suitable for protecting data confidentiality? Encoding data in computers • • • • Characters are encoded as numbers Numbers are encoded as binary numbers – why? Binary numbers are stored as sequences of bits Memory for storing numbers is allocated in blocks of a standard length, for example, 1 byte = 8 bits • Each ASCII code is 7 bits • A byte contains 8 bits – why? Example of cipher: Dorabella cipher • This note was sent by the composer Elgar to his young friend Dora Penny • It is still unknown what is written in the note Cryptography • Codes • Ciphers Examples of codes: • Morse code • ASCII code Example of cipher: • Dorabella cipher Example: letter to John Trevanion Worthie Sir John:Hope, that is ye beste comfort of ye afflicted, cannot much, I fear me, help you now. That I would saye to you, is this only: if ever I may be able to requite that I do owe you, stand not upon asking me. 'Tis not much that I can do: but what I can do, bee ye verie sure I wille. I knowe that, if dethe comes, if ordinary men fear it, it frights not you, accounting it for a high honor, to have such a rewarde of your loyalty. Pray yet that you may be spared this soe bitter, cup. I fear not that you will grudge any sufferings; only if bie submission you can turn them away, 'tis the part of a wise man. Tell me, an if you can, to do for you anythinge that you wolde have done. The general goes back on Wednesday. Restinge your servant to command. - R.T. Example: letter to John Trevanion Worthie Sir John:Hope, that is ye beste comfort of ye afflicted, cannot much, I fear me, help you now. That I would saye to you, is this only: if ever I may be able to requite that I do owe you, stand not upon asking me. 'Tis not much that I can do: but what I can do, bee ye verie sure I wille. I knowe that, if dethe comes, if ordinary men fear it, it frights not you, accounting it for a high honor, to have such a rewarde of your loyalty. Pray yet that you may be spared this soe bitter, cup. I fear not that you will grudge any sufferings; only if bie submission you can turn them away, 'tis the part of a wise man. Tell me, an if you can, to do for you anythinge that you wolde have done. The general goes back on Wednesday. Restinge your servant to command. - R.T. Cryptography • Cryptography • Steganography Example of cryptography: • Dorabella cipher Example of steganography: • John Trevanion’s letter Digital steganography • Information can be hidden in picture files or video files • We shall look at one example: – 24-bit BMP file format 24-bit BMP file format • Each pixel of the picture is defined individually by three bytes • Each of the three bytes corresponds to one colour component of the pixel: – Red – Green – Blue • Thus, the intensity of each of these three colours is in the range 0-255. 24-bit BMP file format • I am showing you a very simple example (based on a black square) • The code I used is taken from here: http://pseentertainmentcorp.com/smf/index.php?topic=2034.0 For discussion • Suppose you plan to use steganography. • Would you also consider using cryptography in combination with steganography? Symmetric block ciphers • • • • Ciphers Blocks Keys Attacks (read more in the textbooks) (note that today we shall consider only very simple examples, not useful in practice) Caesar cipher without key • Today, in all examples, a block is a letter • Each block is encrypted separately, using exactly the same algorithm • Encryption: A→B→C→… → Y→Z→A • Decryption: A→Z→Y→… → C→B→A “Cipher” without key plaintext Encryption algorithm ciphertext ciphertext Decryption algorithm plaintext Caesar cipher without key • Encryption: A→B→C→… → Y→Z→A • Decryption: A→Z→Y→… → C→B→A • It is a block cipher (in this case, block=letter) • Is this cipher secure? Caesar cipher with key • Key k is a number between 1 and 25 • Encryption: each letter is moved k positions to the right in the alphabet • Decryption: each letter is moved k positions to the left in the alphabet Cipher with key plaintext Encryption algorithm key ciphertext ciphertext Decryption algorithm key plaintext Kerckhoffs's principle • One must assume that everything about the cipher, including the encryption and decryption algorithms, are known to the attacker • Only the key is not known to the attacker, and confidentiality must be based on this assumption Symmetric cipher • Both to encrypt and to decrypt you need a key, and this is the same key in both cases • Such a cipher is called symmetric (the same key for both encryption and decryption) • Most ciphers are symmetric Attack • The algorithm is known • Find the plaintext • Find the key Caesar cipher with key: an attack • Key k is a number between 1 and 25 • Because there are not so many keys, we can build a table of all possible keys, or simply try all possible keys one after another • This attack is called exhaustive key search, or brute force attack Substitution cipher • A table of correspondences is prepared • Letters in the second row are placed in a random order • (Note that the table is not likely to be stored as a table with two rows when you implement the cipher) A B C… K U D X Y Z HMY Substitution cipher • Encryption: find the letter in the first row and replace by the corresponding letter in the second row • Decryption: find the letter in the second row and replace by the corresponding letter in the first row A B C… K U D X Y Z HMY Substitution cipher: attack? • • • • • Now, there are many keys How many? 26 25 24 … 2 1 This is what is denoted by 26! We cannot use exhaustive key search Substitution cipher: attack 1 • However, we have not so many blocks (26). • We can successfully use the known plaintext attack • See a separate example Substitution cipher: attack 2 • • • • • We can use frequency analysis Example from E. A. Poe Example from A. Conan Doyle A more realistic example Example: Dorabella cipher Frequency analysis: example • This is the substitution cipher from Edgar Allan Poe’s story ‘The Gold-Bug’ (1843). • 53‡‡†305))6*;4826)4‡.)4‡);806*;48†8 • “Now, in English, the letter which most frequently occurs is e. Afterwards, the succession runs thus: a o i d h n r s t u y c f g l m w b k p q x z.” • Then the character successfully decrypts the cipher Frequency analysis: example • This is the substitution cipher from Arthur Conan Doyle’s story ‘The Adventure of the Dancing Men’ (1903) The Adventure of the Dancing Men • Having once recognised, however, that the symbols stood for letters, and having applied the rules which guide us in all forms of secret writings, the solution was easy enough. The first message submitted to me was so short that it was impossible for me to do more than to say with some confidence that the symbol stood for E. As you are aware, E is the most common letter in the English alphabet, and it predominates to so marked an extent that even in a short sentence one would expect to find it most often. Out of fifteen symbols in the first message four were the same, so it was reasonable to set this down as E. A more realistic example • It is a truth universally acknowledged that a single man in possession of a good fortune, must be in want of a wife. • ot os i trmtn mhoversiddc ipkhafdelwel tnit i sohwde yih oh gassessoah au i waal uartmhe ymst be oh fiht au i foue • The second fragment is produced by applying a substitution cipher and then breaking it with frequency analysis Frequency analysis • Simple frequency analysis based only on frequency of individual letters is unlikely to be very successful • It is possible to use more advanced statistical techniques to analyse the ciphertext, assuming we know the statistical properties of the plaintext • Example of a more advanced solver • http://www.blisstonia.com/software/WebDecrypto/index.php Dorabella cipher Dorabella cipher 1, 12, 4, 0, 2, 7, 20, 0, 11, 22, 3, 16, 17, 5, 16, 6, 16, 16, 7, 12, 12, 16, 5, 20, 22, 23, 8, 3, 15 20, 16, 20, 7, 20, 0, 11, 10, 0, 4, 16, 16, 4, 7, 8, 17, 20, 16, 3, 16, 7, 19, 15, 17, 5, 23, 11, 11, 23, 3, 15 4, 15, 7, 19, 15, 4, 5, 19, 18, 8, 15, 4, 16, 7, 19, 17, 15, 8, 0, 12, 8, 15, 7, 0, 8, 23, 0 Frequency of letters in English language Symbol frequencies in Dorabella cipher and in an average English text ‘Decryption’ of Dorabella cipher • This is an example of what a simple frequency analysis produces and a ‘decryption’: wlioytsodfheurepeetllersfmnha sestsodboieeitnusehetcaurmddmha iatcaircgnaietcuanolnatonmo • More advanced versions of frequency analysis also cannot break Dorabella cipher • Probably, in this cipher not only substitutions, but also permutations are used. What we have considered today: Examples of ciphers Caesar cipher without key Caesar cipher with key Substitution cipher What we have considered today: Types of attack Unknown plaintext Known statistical properties of plaintext Known plaintext Sample exam questions • Explain briefly the difference between a code and a cipher. Give one example of a code and one example of a cipher, explaining briefly why these examples demonstrate well the difference between codes and ciphers. Sample exam questions • Describe an example of a technology which can be classified as steganography. Explain why you would classify it as steganography. Sample exam questions • Give a short definition of how the brute force attack works. • Explain briefly why Caesar’s cipher can be attacked using the brute force attack, whereas the substitution cipher cannot. • More generally, explain which types of ciphers are vulnerable to the brute force attack, and which are not. Sample exam questions • Explain why frequency analysis can be successfully used for attacking the substitution cipher. • Suggest one parameter of a cipher which is likely to make it less vulnerable to frequency analysis.