Cryptographic Techniques

Module I.
Fundamentals of Information Security
Chapter 2
Cryptographic Techniques
Web Security: Theory & Applications
School of Software, Sun Yat-sen University
Chapter 2 - Outline
2.1 Cryptology Introduction
Introduction
History
Concepts & Items
2.2 Symmetric Key Cryptographic Algorithms
Introduction
Types & Modes
Data Encryption Standard (DES)
Advanced Encryption Standard (AES)
Web Security : Theory And Applications
2 / 41
Chapter 2 - Outline
2.3 Asymmetric Key Cryptographic Algorithms
Introduction
The RSA Algorithm
Digital Signatures
2.4 Hashing Algorithms
Introduction
Message-Digest Algorithm (MD5)
2.5 Typical Applications
MD5 and Passwords

AES and Wi-Fi Protected Access
RSA and E-Business
3 / 41
Chapter 2 - Outline
Introduction
History
Concepts & Items
4 / 41

2.1.1 Introduction
Definition
Cryptography (or cryptology; from Greek krypts,
"hidden, secret"; and grphein, "writing", or -logia,
"study", respectively) is the practice and study of
techniques for secure communication in the presence
of third parties (called adversaries). More generally, it
is about constructing and analyzing protocols that
overcome the influence of adversaries and which are
related to various aspects in information security such
as data confidentiality, data integrity, authentication,
and non-repudiation.
5 / 41
Modern cryptography intersects the disciplines of

mathematics, computer science, and electrical
engineering.
Applications of cryptography include ATM cards,
computer passwords, and electronic commerce.
6 / 41

2.1.2 History
The Manual ERA

The Mechanical ERA
The Modern ERA
German Lorenz cipher machine,

used in World War II to encrypt
very-high-level general staff
messages
7 / 41

2.1.3 Concepts & Items
Plain Text and Cipher Text
Key and Key Space
Cryptosystem Services
Confidentiality, Integrity, Authenticity, Non-repudiation,

Access Control
Cryptographic Methods
Symmetric, Asymmetric
Attributes of Strong Encryption
Confusion, Diffusion
8 / 41
Chapter 2 - Outline

Introduction
Types & Modes
Data Encryption Standard (DES)
Advanced Encryption Standard (AES)

9 / 41
2.2 Symmetric Key Crypt. Algorithms

2.2.1 Introduction
Symmetric-key cryptography is sometimes called secretkey cryptography. It is a kind of encryption system in

which the sender and receiver of a message share a
single, common key that is used to encrypt and decrypt
the message.
Symmetric-key systems are simpler and faster. The two
parties must somehow exchange the key in a secure
way.
The most popular symmetric-key system is the DES,
Data Encryption Standard.
10 / 41

2.2.2 Algorithm Types and Modes
Algorithm Types
Block Cipher
E(M,K)=E(M1,K)E(M2,K) ..E(Mn,K)
MM1M2 Mn
Stream Cipher
11 / 41
12 / 41
Algorithm Modes
Electronic Code Book (ECB) Mode
13 / 41
Source
ECB mode
non-ECB mode
14 / 41
Cipher Block Chaining (CBC) Mode (IBM,1976)
CBC - Encryption
15 / 41
CBC - Decryption
16 / 41
Cipher Feedback (CFB) Mode
CFB - Encryption
17 / 41
CFB - Decryption
18 / 41
Output Feedback (OFB) Mode
OFB - encryption
19 / 41
OFB - Decryption
20 / 41

2.2.3 Data Encryption StandardDES
Background and History
How DES Works
Feistel function
21 / 41

2.2.4 Advanced Encryption StandardAES
Introduction
2001, FIPS PUB 197
Rijndael - Joan Daemen & Vincent Rijmen
Properties
Block length = 128 bit
Key length = 128/192/256 bit
Steps
AddRoundKey
SubBytes
ShiftRows
MixColumns
22 / 41
Chapter 2 - Outline

Introduction
The RSA Algorithm
Digital Signatures

23 / 41
2.3 Asymmetric Key Crypt. Algorithms

2.3.1 Introduction
Definition
Scenery
A cryptographic system that uses two keys -- a public key known

to everyone and a private or secret key known only to the
recipient of the message.
When Alice wants to send a secure message to Bob, she uses
Bob's public key to encrypt the message. Bob then uses his
private key to decrypt it.
Property
It is important that the public and private keys are related in such
a way that only the public key can be used to encrypt messages
and only the corresponding private key can be used to decrypt
them. Moreover, it is virtually impossible to deduce the private key
from the known public key.
24 / 41

2.3.2 The RSA Algorithm
Introduction
Ron Rivest, Adi Shamir & Leonard Adleman (MIT,

1977)
RSA algorithm is based on the presumed difficulty

of factoring large integers, the factoring problem.
25 / 41
How RSA Works

Generating of Public key and Private key
Select two different big prims p and q. Let N=pq.

By Eulers function, the number of integers less than and
prim to N is
(N) = (pq) = (p) (q) = ( p-1)(q-1)
Select an integer e which is less than and prim to (N)
Compute d byed 1 (mod (N))
Destroy p and q (when N is big enough, it will be extremely
difficult to find p, q).
(e,N) is used as the public key, and (d,N) the private key.
Alice will send her (e,N) to Bob, but keep her (d,N) in secret.
26 / 41
Encryption
Suppose that Bob want to send Alice a message m. Bob has

Alices public key (e,N) in hand. Firstly he transforms m to an
integer n less than N in a presumed method. By applying the
key (e,N), n is encrypted to c
n e c(mod N ), or c n e mod N
Then Bob can send c to Alice through an unsafe channel.
Decryption
By applying her private (d,N), Alice can decode n from c by
c d n(mod N ) , or n c d mod N
and recover the m from n.
27 / 41
Principle of RSA
By Eulers function, given two prims p and q satisfied N=pq

and one integer n satisfied 0<n<N, we have
n k ( N ) 1 n mod N
in another hand, ed 1 (mod (N)), or ed = k (N)+1, so
ned n mod N
Now we have
c n e mod N , n c d mod N
So
n c d mod N (n e ) d mod N
n ed mod N n mod N
28 / 41
Example of RSA
For continent, we select small p,q and e.
Suppose A want to sent a string key to B by RSA
encryption.
Compute (e,N) and (d,N)
Let p=3, q=11, N=pq=311=33
f(N)=(p-1)(q-1)=210=20
We take e=3 (3 is prim to 20) and try to get d such that
ed1 mod f(n)3d1 mod 20
We get d by trial:
29 / 41

f(n)=(p-1)(q-1)=210=20. Take e=3 and try d.
d
ed
(ed) mod f(n)
12
12
15
15
18
18
21
24
27
From the table, we find that when d=7, ed 1 mod f(n) holds.
30 / 41

So the public key and the private key are as
KU =(e,N)=(3,33)
and KR =(d,N)=(7,33)
31 / 41

Digitization
01
02
03
04
05
06
07
08
09
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
By the Code Table, the code values of the string key M1,M2,M3
are 11,05,25
Note that the max value of any code is 26 (it can not over N=33).
32 / 41

Encryption
By Me= C (mod N) we have C = Me (mod N)
That is C1 = 113 mod 33, C2 = 53 mod 33, C3 = 253 mod
33
And we get C1= 11, C2= 26, C3= 16
Decryption
By Cd= M (mod N) we have M = Cd (mod N)
That is M1 = 117 mod 33, M2 = 267 mod 33, M3 = 167 mod
33
And we get M1= 11, M2= 5, M3= 25
Message recovery
By checking the Code Table, the string key is recovered.
33 / 41

2.3.3 Digital Signatures
34 / 41
Chapter 2 - Outline

Introduction
Message-Digest Algorithm (MD5)
35 / 41

2.4.1.Introduction
Hashing
Hashing value
Hashing algorithms
Data fingerprint
36 / 41

2.4.2.Message-Digest Algorithm (MD)
Whats MD5
Message-Digest Algorithm 5
128-bits length
37 / 41
Assignments of Sec.2.4
Show me how MD5 works.

Design an executable MD5 program in C with some
short samples.
38 / 41
Chapter 2 - Outline
Assignments of Sec.2.5 Write a short thesis on one

of the three applications
MD5 and password protection.

AES and Wi-Fi protected access.
RSA and electronic business.
39 / 41
References
1. William Stallings, Cryptography and Network Security: Principles and
Practice (5th Edition), Prentice Hall 2010
2. http://en.wikipedia.org/wiki/
Birthday attack
Cryptography
Data Encryption Standard
DiffieHellman key exchange
Digital signature
Hash function
Information_security
MD5
Public-key cryptography
RSA
40 / 41
Thank you!
41 / 41

Cryptographic Techniques

Uploaded by

Document Information

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Cryptographic Techniques

Uploaded by

Copyright:

Available Formats

Module I.

Fundamentals of Information Security

Web Security : Theory And Applications

MD5 and Passwords

Web Security : Theory And Applications

2.1 Cryptology Introduction

Web Security : Theory And Applications

2.1 Cryptology Introduction

Modern cryptography intersects the disciplines of

Web Security : Theory And Applications

2.1 Cryptology Introduction

The Manual ERA

German Lorenz cipher machine,

Web Security : Theory And Applications

2.1 Cryptology Introduction

Plain Text and Cipher Text

Key and Key Space

Confidentiality, Integrity, Authenticity, Non-repudiation,

Attributes of Strong Encryption

Web Security : Theory And Applications

2.1 Cryptology Introduction

2.3 Asymmetric Key Cryptographic Algorithms

Web Security : Theory And Applications

2.2 Symmetric Key Crypt. Algorithms

Symmetric-key cryptography is sometimes called secretkey cryptography. It is a kind of encryption system in

Web Security : Theory And Applications

2.2 Symmetric Key Crypt. Algorithms

Web Security : Theory And Applications

2.2 Symmetric Key Crypt. Algorithms

Web Security : Theory And Applications

2.2 Symmetric Key Crypt. Algorithms

Electronic Code Book (ECB) Mode

Web Security : Theory And Applications

2.2 Symmetric Key Crypt. Algorithms

Web Security : Theory And Applications

2.2 Symmetric Key Crypt. Algorithms

Cipher Block Chaining (CBC) Mode (IBM,1976)

Web Security : Theory And Applications

2.2 Symmetric Key Crypt. Algorithms

Web Security : Theory And Applications

2.2 Symmetric Key Crypt. Algorithms

Cipher Feedback (CFB) Mode

Web Security : Theory And Applications

2.2 Symmetric Key Crypt. Algorithms

Web Security : Theory And Applications

2.2 Symmetric Key Crypt. Algorithms

Output Feedback (OFB) Mode

Web Security : Theory And Applications

2.2 Symmetric Key Crypt. Algorithms

Web Security : Theory And Applications

2.2 Symmetric Key Crypt. Algorithms

Background and History

How DES Works

Web Security : Theory And Applications

2.2 Symmetric Key Crypt. Algorithms

Web Security : Theory And Applications

2.1 Cryptology Introduction

2.4 Hashing Algorithms

Web Security : Theory And Applications

2.3 Asymmetric Key Crypt. Algorithms

A cryptographic system that uses two keys -- a public key known

Web Security : Theory And Applications

2.3 Asymmetric Key Crypt. Algorithms

Ron Rivest, Adi Shamir & Leonard Adleman (MIT,