Wednesday, August 21, 2019

An Introduction To Cryptology Computer Science Essay

An Introduction To Cryptology Computer Science Essay Cryptography was used only for military and diplomatic communication until the development of public key cryptography. Secrecy is one of most important requirement for any communication and it becomes more important when the content of communication is for military and diplomatic purpose. Hieroglyphs used by Egyptians are earliest known example of cryptography in 1900 BC. These hieroglyphics were used to write the stories of the life of kings and describe the great acts of his life. Around 500 BC Hebrew scholars used mono alphabetic substitution cipher such as Atbash cipher. Around 400 BC the Spartans also developed a Scytale cipher that used ribbons of parchment for writing any secret message after wrapping it around a cylindrical rod named as Scytale. In second century BC Greek historian Polybius invented Polybius Square a type of substitution ciphers. Around 1st century BC the Roman emperor Julius Ceaser used the substitution cipher named after him as Ceaser Cipher. The Caesar Cipher is a Monoalphabetic type Cipher. Around 9th century AD the Arab Mathematician AbÃ…Â « YÃ…Â «suf YaÊ »qÃ…Â «b ibn Isà ¡Ã‚ ¸Ã‚ ¥Ãƒâ€žÃ‚ q al-KindÄ « popularly known as Al-Kindi published the first text book on cryptnalysis of ciphers named Risalah fi Istikhraj al-Muamma (On Deciphering Cryptographic Messages). This book can be stated as the pioneer of the medieval cryptography. In this book Al-Kindi described the frequency analysis technique for deciphering substitution ciphers and some polyalphabetic substitution ciphers. The relative frequency of symbols is used in Frequency analysis to decode the message. Al-Kindi used this technique on Quran to understand the meaning for religious purpose. The field of cryptography had not made any significant development until 15th century when the Italian mathematician Leon Battista Alberti known as The Father of Western Cryptology, developed the concept of polyalphabetic substitution. Although he had not made any practical cipher but by using this concept a practical Poly-Alphabetic substitution cryptographic system was developed by French cryptographer BLAISE DE VIGENERE, which was named after him and called as VIGENERE SQUARE. For a long time this cipher was believed to be secure but around 1854, CHARLES BABBAGE, an English mathematician and engineer, better known as father of Computer Science for his development work of difference engine that become the first mechanical computer, successfully cracked the Vigenere Square Cipher by using the method of statistical analysis. Cryptography was widely used in World War I and II. The most famous incident of World War I is of German foreign Minister Zimmerman Telegram that changed the whole World War I and involved the America in world war which was neutral till that date and Germany was finally defeated. Unlike the past cryptographic algorithms in which the main concentration was on hiding the algorithm or technique the modern ciphers needed the technique or algorithm which can be widely used and whose security should not be compromised if the algorithm is known. To encrypt and decrypt the information, a key is used in modern cryptographic algorithms which convert the message and data in such format which are senseless to the receiver through encryption and then return them to the original form through decryption process. Claude E. Shannon, father of modern cryptography has contributed his work to cryptography in the form of A mathematical theory of cryptography and A Communications Theory of Secrecy Systems which are considered as the foundation of modern cryptography. In seventies the field of cryptography has witnessed two major developments. First was the development of Data Encryption Standard (DES) by IBM, which was accepted as standard after some modification by the NSA in 1977 and it was later replaced by the Advanced Encryption Standard (AES) in 2001. The second development which is more important and that changed the whole working process and use of cryptography is the development of Public Key Cryptography. It was started with the publication of the paper titled New Directions in Cryptography, by Whitfield Diffie and Martin Hellman and similar development made by Ron Rivest, Adi Shamir and Leonard Adleman, who were the first to publicly describe the algorithm in 1977 and it was named after them as RSA algorithm. An Introduction to Cryptology: The word cryptology is a combination of two greek words, kryptos, which means hidden and logos means study. Cryptology is as old as writing itself and it has been primarily for thousands of years it had been used for securing military and diplomatic communications. The field of Cryptology can be further classified into two main fields, namely: Cryptography and Cryptanalysis. On the one hand the cryptographers try to develop a system or algorithm that will be safe and secure for communication while on the other hand the cryptanalysts seek weaknesses in the developed system and try to breach the security of the system. The two works can be considered against each other but the work of cryptanalysts cannot be always negative and they can work for the betterment of the developed system by trying to find out the weaknesses in the cryptographic algorithm and fix it. Cryptography: Cryptography is the technique for writing secretly so that the unintended recipients cannot comprehend the original message. It transforms the information into such an unintelligible form so that illegitimate or unintended users cannot devise the original meaning of the message and it looks like a garbage value for them. But the main consideration during the transformation is that the process must be reversible so that the intended user can get the original information after applying the original key and process. This is the traditional use of cryptography but in modern times the scope of cryptography has widened. Cryptanalysis: Cryptanalysis is the field of study that deals with the techniques that verify and assert the security of the protocol or system. The objective of the cryptanalysis techniques is to assess the security claims of the cryptographic algorithm or system. Cryptanalysts try to develop an attack to show that claimed security level is not achieved due to weaknesses in the cryptographic system. It is difficult to define when a cryptosystem is broken. Generally, efficiency of an attack is compared with the efficiency of exhaustive key search attack and if the efficiency of attack is less than it then it is considered an attack on the cryptographic system. Classification of attacks can be made on the basis of the amount of information available to attacker: à ¢Ã¢â€š ¬Ã‚ ¢ Ciphertext-only attack: The attacker has access to the ciphertext only. à ¢Ã¢â€š ¬Ã‚ ¢ Known-plaintext attack: In this case the attacker has access to both the plaintext and the corresponding ciphertext. This attack can be employed when the attacker has limited access to the encrypting device. à ¢Ã¢â€š ¬Ã‚ ¢ Chosen-Plaintext attack: The attacker selects a plaintext and generates corresponding ciphertext using the correct key. This can only be applied if the attacker has access to encryption device and is able to encrypt a message of choice using this device. The goal of such type of attack is to discover the secret key or algorithm for any given encrypted text. à ¢Ã¢â€š ¬Ã‚ ¢ Chosen-Ciphertext attack: The attacker selects a ciphertext and generates corresponding plaintext using the correct key. This can only be possible if the attacker has access to decryption device and is able to decrypt a message of choice using this device. The goal of such type of attack is also to discover the secret key or algorithm for any given encrypted text. The goals of such attacks in general can be classified as secret key recovery, plaintext recovery without recovering the key or the discovery of the encryption/decryption algorithm. Classification of Cryptographic primitives: Unkeyed Cryptography: Unkeyed cryptosystem is that cryptosystem which does not use any key or parameter for application. Examples of such system are one-way functions, cryptographic hash functions, and random bit generators. Public Key or Asymmetric Cryptography: Public Key or Asymmetric Key cryptography is the latest addition to the cryptographic techniques that has changed the basic uses of cryptography. Two different keys are used for encryption and decryption in Public or asymmetric key cryptography. Public key is being used for encryption and it is known to everyone and is freely distributable but the encrypted message can only be decrypted by using the private key corresponding to public key which is known only to the authorized person. Public key cryptography evolved to solve the problems of Secret key cryptography but it is very slow in comparison to secret key cryptography. Public key cryptography cannot be used for high volume encryption. Therefore we use combination of Public and Private Key cryptography for practical applications. Secret Key or Private Key or Symmetric Key Cryptography: In Symmetric Key or Secret Key cryptography, only a single key is used to encrypt and decrypt. It is also called Private Key cryptography. The main problem of the secret key cryptography is the sharing of same key by sender and receiver. In the case of unsecure channels, there is no mean to exchange key securely. The secret key must be shared using any secure channel before communication take place and for such purpose Public Key cryptography is generally used. An overview of Symmetric Algorithms: Symmetric key cryptography is still highly used due to its efficiency and is generally used where high volume of data is encrypted. Symmetric key primitives can be classified into two basic designs; namely Block Cipher and Stream Cipher. Block Ciphers: Block cipher is a symmetric key encryption which divides the input stream of plaintext into fixed size of blocks, generally 64, 128 or 256 bits long and using a fixed transformation (substitutions and permutations) on every block on by one. These transformations are repeated many times to obtain highly nonlinear output bits. The two most popular block ciphers are DES and AES. Modes of operation: A block cipher performs fixed transformations on any block of data and results in same ciphertext for same plaintext, hence can only be considered secure for a single block of data. A mode of operation is actually a way of encryption using a block cipher securely for data more than one block. The Block ciphers are used in one of the five modes to operate for breaking the linearity. A cryptographic mode usually consists of basic cipher, some sort of feedback, and some simple operations. Electronic Code Book (ECB) Mode Cipher block Chaining (CBC) Mode Cipher Feedback (CFB) Mode Output Feedback (OFB) Mode The counter (CTR) Mode Stream Ciphers: Symmetric Cryptographic systems encrypt plaintext messages unit by unit, and unlike block ciphers, which encrypt block of plaintext using fixed transformation, Stream Ciphers encrypt individual units or character of plaintext using a time-varying transformation. It takes the secret key and initialization vector (IV) as input and generates a pseudo random sequence of digits called keystream using pseudo random generator, usually part of Stream Ciphers. ciphertext digits are generated by XORing the keystream digits with the plaintext digits. The stream ciphers are classified into two parts as synchronous and asynchronous stream ciphers on the basis of application of internal state in further encryption of digits. Stream ciphers have played an important role in cryptography and still being used due to its efficiency and especially, in hardware implementations where hardware resources are restricted. Stream ciphers are the main topic of research in this thesis and it will be discussed more comprehensively in later chapters. For a general description of stream ciphers, see chapter 2. Scope of Cryptology: Today the cryptology is not just limited to data encryption and decryption as mentioned above, it has a wide range of usages. The field of cryptology is an emerging field in which continuous expansions and modifications are taking place. The field of cryptography was evolved for military usage but it has now expanded and is highly used in civilian applications also. Cryptography is the study of mathematical techniques, algorithms and protocols that can provide four basic services for information security, namely privacy, authentication, data integrity and non-repudiation. Privacy or confidentiality: The basic goal of cryptography is to keep the information secret from unauthorized persons. Cryptography is the most common mean to provide confidentiality or privacy to the information. Data Integrity: Data integrity means that system must be able to detect the unauthorized manipulation of the data. Data manipulation refers to insertion, deletion or substitution of data. Authentication: Authentication service provides the ability to correctly identify the parties in the communication and origin of the data. Non-Repudiation: Non-repudiation service prevents an entity from denying any activity done by itself or existence of a communication at any later stage in case of any dispute. Stream Cipher Standardization: Major effort towards standardization of cryptographic primitives was started by European Commission research project funded from 2000-2003 in form of NESSIE (New European Schemes for Signatures, Integrity and Encryption). In March 2000 NESSIE urged the public for submissions of cryptographic primitives, and against this call 42 primitives were submitted in February 2003. The submissions were selected in different categories for standardization. Various cryptographic primitives were standardized except Stream Ciphers and none of the six submitted stream ciphers were considered as upto standard. During this period another organization, the International Standards Organizations ISO/IEC 18033 also initiated a similar project for standardization and selected two stream ciphers: SNOW 2.0 and MUGI. Other than these two efforts a Cryptography Research and Evaluation Committee was set up by the Japanese Government which started a project CRYPTREC in 2001 to evaluate and recommend the cryptogr aphic primitives in different category for use. In the stream cipher category, three ciphers were recommended that are MUGI, MULTI-S01 and RC4 (128-bit keys only). But, Later on these ciphers were also found to be susceptible to the cryptanalytic attacks This failure on the side of cryptographic primitives in stream cipher category prompted Adi Shamir in 2004 RSA Data Security Conference to question, whether there is a need for Stream Ciphers or not. He also defined two areas were Stream Ciphers can still be useful where exceptionally high throughput is required in software and exceptionally low resource consumption is required in hardware. To explore the Stream Cipher condition and to develop a state of art stream cipher which can secure and fulfill the above mentioned requirements, ECRYPT launched the eSTREAM project in 2004. eSTREAM made a call for submission in two categories; hardware based and software based stream ciphers. In response to this call 34 ciphers were submitted in both the categories. In different phases of this project, cipher profiles were declared. The final profile issued in January 2012, seven ciphers were selected. The selected ciphers are HC-128, Rabbit, Salsa20/12 and SOSEMANUK in profile 1 (Software based Ciphers) and Grain v1, MICKEY 2.0 and Trivium in profile 2 (Harware based cipher). Even after these standardization efforts, many weaknesses were found in these ciphers. This state of Stream Ciphers has led me to involve in the research of the Stream Cipher and work towards a secure and efficient Stream Cipher.

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.