Search for notes by fellow students, in your own course and all over the country.
Browse our notes for titles which look like what you need, you can preview any of the notes via a sample of the contents. After you're happy these are the notes you're after simply pop them into your shopping cart.
Document Preview
Extracts from the notes are below, to see the PDF you'll receive please use the links above
Attacks On Cryptosystems
Information now controls almost every aspect of modern life,
not just business
...
Let's consider the
many types of threats that information regularly encounters
...
An assault can therefore be active or passive
...
Passive attack techniques include, for
instance, intercepting and listening in on the communication
channel
...
Passive
assaults are typically linked to information theft
...
Passive information attack is more dangerous
than stealing of objects since information theft may go
undetected by the owner
...
For example,
•
•
•
•
•
Modifying the information in an unauthorized manner
...
Alteration of authentication data such as originator
name or timestamp associated with information
Unauthorized deletion of data
...
Cryptography provides many tools and techniques for
implementing cryptosystems capable of preventing most of the
attacks described above
...
The attacker's
capabilities are determined by his presumptions and
environmental information
...
Details of the Encryption Scheme
The design of a cryptosystem is based on the following two
cryptography algorithms −
•
•
Public Algorithms − With this option, all the details of
the algorithm are in the public domain, known to
everyone
...
In case of proprietary algorithms, security is ensured through
obscurity
...
Secondly, they allow communication among closed group only
...
Also, according to Kerckhoff’s principle, the algorithm is
preferred to be public with strength of encryption lying in
the key
...
Availability of Ciphertext
We are aware that after the plaintext has been converted to
ciphertext, it is sent across an insecure public channel (like
email), where it is then sent
...
Availability of Plaintext and Ciphertext
This assumption is not as obvious as other
...
Some such possible circumstances are
−
The attacker influences the sender to convert plaintext
of his choice and obtains the ciphertext
...
The attacker has access to
corresponding ciphertext gathered from open channel
...
Using this key, he can generate pairs of corresponding
plaintexts and ciphertexts
...
The attacker simply
has to learn the secret decryption key to get the plaintext
because the algorithm is already known to the general public
...
The attacked system is regarded as broken or
compromised if the attacker discovers the key
...
He does
not have access to corresponding plaintext
...
Occasionally, the encryption key can be determined
from this attack
...
Known Plaintext Attack (KPA) − In this method, the
attacker knows the plaintext for some parts of the
ciphertext
...
This may be done by
determining the key or via some other method
...
Chosen Plaintext Attack (CPA) − In this method, the
attacker has the text of his choice encrypted
...
This
simplifies his task of determining the encryption key
...
A popular public key cryptosystem, RSA
is also vulnerable to chosen-plaintext attacks
...
In simplest
method of this attack, attacker builds a dictionary of
ciphertexts and corresponding plaintexts that he has
•
•
•
learnt over a period of time
...
Brute Force Attack (BFA) − In this method, the attacker
tries to determine the key by attempting all possible
keys
...
The attacker knows the
ciphertext and the algorithm, now he attempts all the
256 keys one by one for decryption
...
Birthday Attack − This attack is a variant of brute-force
technique
...
When students in a class are asked about
their birthdays, the answer is one of the possible 365
dates
...
Then to find the next student whose birthdate
is 3rd Aug, we need to enquire 1
...
Similarly, if the hash function produces 64 bit hash
values, the possible hash values are 1
...
By
repeatedly evaluating the function for different inputs,
the same output is expected to be obtained after about
5
...
If the attacker is able to find two different inputs that
give the same hash value, it is a collision and that hash
function is said to be broken
...
o Host A wants to communicate to host B,
hence requests public key of B
...
o Thus, whatever host A sends to host B, the
attacker is able to read
...
o The attacker sends his public key as A’s public
key so that B takes it as if it is taking it from A
...
Instead, it is launched to exploit the
weakness in physical implementation of the
cryptosystem
...
By measuring such timings, it is be possible
to know about a particular computation the processor
is carrying out
...
Power Analysis Attacks − These attacks are similar to
timing attacks except that the amount of power
consumption is used to obtain information about the
nature of the underlying computations
...
Practicality of Attacks
•
The majority of the assaults on cryptosystems detailed here are
academic in nature because they originate from the academic
world
...
For instance, in a chosen-ciphertext attack, the attacker needs a
prohibitively large number of pairs of plaintext and ciphertext
...
Nonetheless, the fact that any attack exists should be a cause of
concern, particularly if the attack technique has the potential for
improvement
...
We compared cryptography to a toolkit, with
different cryptographic algorithms serving as the fundamental
tools
...
This chapter expands on this technique's use in creating different
types of cryptosystems
...
The only security service these systems provide is
confidentiality of information
...
These earlier cryptographic systems are also referred to as
Ciphers
...
Caesar Cipher
It is a mono-alphabetic cipher wherein each letter of the
plaintext is substituted by another letter to form the ciphertext
...
This cryptosystem is generally referred to as the Shift Cipher
...
For this type of scheme, both sender and receiver agree on a
‘secret shift number’ for shifting the alphabet
...
The name ‘Caesar Cipher’ is occasionally used to describe the
Shift Cipher when the ‘shift of three’ is used
...
• The plaintext letter is then encrypted to the ciphertext
letter on the sliding ruler underneath
...
In this case, the
plaintext ‘tutorial’ is encrypted to the ciphertext
‘WXWRULDO’
...
He then replaces the ciphertext letter by the plaintext
letter on the sliding ruler underneath
...
To
decrypt a message encoded with a Shift of 3, generate
the plaintext alphabet using a shift of ‘-3’ as shown
below −
Security Value
Caesar Cipher is not a secure cryptosystem because there are
only 26 possible keys to try out
...
Simple Substitution Cipher
It is an improvement to the Caesar Cipher
...
For example, A
...
Y
...
Y……B
...
Permutation is nothing
but a jumbled up set of alphabets
...
The sender and the
receiver may choose any one of these possible permutation as a
ciphertext alphabet
...
Process of Simple Substitution Cipher
• Write the alphabets A, B, C,
...
• The sender and the receiver decide on a randomly
selected permutation of the letters of the alphabet
...
For
encryption, sender replaces each plaintext letters by
substituting the permutation letter that is directly
beneath it in the table
...
In this example, the chosen
permutation is K,D, G,
...
The plaintext ‘point’ is
encrypted to ‘MJBXZ’
...
On receiving the ciphertext, the receiver, who also
knows the randomly chosen permutation, replaces
each ciphertext letter on the bottom row with the
corresponding plaintext letter in the top row
...
Security Value
•
The Simple Substitution Cipher far outperforms the Caesar
Cipher
...
However, the Simple Substitution Cipher is susceptible to
design faults, such as picking an obvious permutation, and as a
result, this cryptosystem is readily cracked
...
For example, if ‘A’ is
encrypted as ‘D’, for any number of occurrence in that plaintext,
‘A’ will always get encrypted to ‘D’
...
Polyalphabetic Cipher is a substitution cipher in which the cipher
alphabet for the plain alphabet may be different at different
places during the encryption process
...
Playfair Cipher
In this scheme, pairs of letters are encrypted, instead of single
letters as in the case of simple substitution cipher
...
The key table is
a 5×5 grid of alphabets that acts as the key for encrypting the
plaintext
...
If the plaintext contains J,
then it is replaced by I
...
In a key table, the first characters (going left to right)
in the table is the phrase, excluding the duplicate letters
...
The key table works out to be −
Process of Playfair Cipher
• First, a plaintext message is split into pairs of two
letters (digraphs)
...
Let us say we want to
encrypt the message “hide money”
...
HI →
QC
K M N P Q
V W X Y Z
•
If both letters are in the same row, take the letter to
the right of each one (going back to the left if at the
farthest right)
T U O R I
A L
S B C
‘D’ and ‘E’ are in same row, hence take
D E F G H letter to the right of them to replace
...
Using these rules, the result of the encryption of ‘hide money’
with the key of ‘tutorials’ would be −
QC EF NU MF ZV
Decrypting the Playfair cipher is as simple as doing the same
process in reverse
...
Security Value
It is also a substitution cipher and is difficult to break compared
to the simple substitution cipher
...
The Playfair cipher was used mainly to protect important, yet
non-critical secrets, as it is quick to use and requires no special
equipment
...
For example, let’s assume the key is ‘point’
...
Thus, the key is: 16 15 9 14 20
...
Say ‘point’
is the key
...
• The sender wants to encrypt the message, say ‘attack
from south east’
...
The key must be less than or equal to the size
of the message
...
•
Security Value
Vigenere Cipher was designed by tweaking the standard Caesar
cipher to reduce the effectiveness of cryptanalysis on the
ciphertext and make a cryptosystem more robust
...
In the history, it was regularly used for protecting sensitive
political and military information
...
Variants of Vigenere Cipher
There are two special cases of Vigenere cipher −
The keyword length is same as plaintect message
...
It is more secure than
typical Vigenere cipher
...
One-Time Pad
•
The circumstances are −
The length of the keyword is same as the length of the
plaintext
...
• The keyword is used only once
...
Shift Cipher − Easy to Break
In case of Shift cipher, the entire message could have had a shift
between 1 and 25
...
However, with each character now having its own
individual shift between 1 and 26, the possible keys grow
exponentially for the message
...
It
is a 5 letter text
...
That’s for a message
with 5 alphabets
...
This makes
it computationally impossible to break the ciphertext by brute
force
...
The actual
plaintext alphabets are not replaced
...
Then the ciphertext is read vertically as shown
...
We arrange this text
horizontally in table with number of column equal to key value
...
The ciphertext is obtained by reading column vertically
downward from first to last column
...
To decrypt, the receiver prepares similar table
...
The number of rows is obtained
by dividing number of total ciphertext alphabets by key value
and rounding of the quotient to next integer value
...
To obtain the text, he reads
horizontally left to right and from top to bottom row