Information Security

Technologies
Stephen Thorpe & Ajit Narayanan

Example question
Imagine that you want to encipher the plaintext I will do well in
this exam. Using Ajit as the key, show how a transposition
cipher will encipher this plaintext.

Exercise in decryption
You receive the ciphertext
etooaotutyhscnurocrsooeememh
and you have the key student and
know that a transposition cipher has
been used. What is the plain text?
key

num

Solution
key

number 4

etooaotutyhscnurocrsooeem
emh=
Come at once to your
mothers house

Symmetric Cryptographic Algorithms

- Summary so far
Symmetric cryptographic algorithms
Use the same single key to encrypt and decrypt a message
Also called private key cryptography

Stream cipher
Takes one character and replaces it with one character

Substitution cipher
The simplest type of stream cipher
Simply substitutes one letter or character for another

Symmetric Cryptographic
Algorithms

Symmetric Cryptographic Algorithms Overview

Transpositio
n cipher is a
stream
cipher only
after P is
made into
columns

Symmetric Cryptographic
Algorithms
Block
ciphers
using
bits
p q xor
11
01
10
00

0
1
1
0

Plaintext message
converted into binary (e.g.
ASCII) and transmitted in
binary polyalphabetic

See
http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation

Class Exercise 5 - Block cipher

You are given the ciphertext:
11011110000100010100

p q xor
110
011
101
000
letter:
bit
string:

and the key:

10101010101010101010
Using the XOR table and the bit
strings of English characters
below, work out the original
plaintext.
a
0000

b
0001

c
0010

d
0011

e
0100

f
0101

g
0110

h
0111

i
1000

j
1001

k
1010

l
1011

m
1100

n
1101

o
1110

p
1111

Class Exercise 5 Block

11011110000100010100
10101010101010101010
XOR =
0111 0100 1011 1011
1110
=h e
l
l
o
letter:
bit
string:

cipher

You are given the ciphertext:

11011110000100010100
and the key:
10101010101010101010
Using the XOR table and the bit
strings of English characters
below, work out the original
plaintext.

a
0000

b
0001

c
0010

d
0011

e
0100

f
0101

g
0110

h
0111

i
1000

j
1001

k
1010

l
1011

m
1100

n
1101

o
1110

p
1111

Symmetric Cryptographic
Algorithms
Block cipher
Manipulates an entire block of plaintext at one time
Plaintext message is divided into separate blocks of 8
to 16 bytes
And then each block is encrypted independently

Stream cipher advantages and disadvantages

Fast when the plaintext is short
Useful for compressing original plaintext (more later)
More prone to attack because the engine that
generates the stream does not vary
12

Symmetric Cryptographic
Algorithms
Block cipher advantages and disadvantages
Considered more secure because the output is more
random
Cipher is reset to its original state after each block is
Processed
Results in the ciphertext being more difficult to break

13

A shared secret key satisfies

requirements for security

Overview:
Cryptography can
help to keep
information secure

The sender (A) and

receiver (B) share
the same key
(substitution,
transposition, block)
but how is this
possible if A and B
have never met to

1. A: Hello, B. Here is a secret key for our communication

2. Secret key sent

in plaintext by
email

B
3.B: Thank you, A.
Now lets communicate
secretly

1. A: Hello, B. Here is a secret key for our

communication

2. Secret key sent in

plaintext by email

B
3. B: Thank you, A. Now
lets communicate
secretly

Attacker: See plaintext

email and can now read C
also.
Attacker thinks: Thank
you, you fools
How can A and B ensure
secret communication?

Summary of Lecture 1: Shared,

secret keys
Shared, secret keys (SSKs) in cryptography can provide basic security protection
for information:
SSKs can protect the confidentiality of information provided only sender and
receiver have the key
SSKs can protect the integrity of the information provided only sender and
receiver
SSKs can help ensure the availability of the resources
SSKs can verify the authenticity of the sender
SSKs can enforce non-repudiation
SSKs are required for substitution ciphers, transposition ciphers, block ciphers,
etc.
But, no point in A sending an encrypted message to B unless A
knows that B can decrypt
Also, ciphertext draws attention to itself

Summary of Lecture 1
Basic problem is: how do the sender and receiver of
secure information share the common key if they have
previously not communicated with each other?
They cannot send the key to each other in plain text,
since an attacker will then also get the key
In any case, would you give your secret key to
someone you dont know? Will it work in a team?

The Case of the Hollow Nickel

On June 22, 1953, a newspaper boy,
collecting for the Brooklyn Eagle, at an
apartment building at 3403 Foster
Avenue in the New York City borough of
Brooklyn, was paid with a nickel (U.S.
five cent piece) that felt too light to
him.
When he dropped it on the ground, it
popped open, revealing that it
contained microfilm. The microfilm
contained a series of numbers.

The Case of the Hollow Nickel

There was no key for the numbers.
The FBI tried for nearly four years to
find the origin of the nickel and the
meaning of the numbers.
It was when KGB agent Reino
Hyhnen (aka Eugene Nicolai Mki)
wanted to defect in May 1957 from
Paris, that the FBI was able to link the
nickel to KGB agents.

The Case of the Hollow Nickel

1. WE CONGRATULATE YOU ON A SAFE ARRIVAL. WE CONFIRM THE RECEIPT OF YOUR
LETTER TO THE ADDRESS `V REPEAT V' AND THE READING OF LETTER NUMBER 1.
2. FOR ORGANIZATION OF COVER, WE GAVE INSTRUCTIONS TO TRANSMIT TO YOU
THREE THOUSAND IN LOCAL (CURRENCY). CONSULT WITH US PRIOR TO INVESTING IT
IN ANY KIND OF BUSINESS, ADVISING THE CHARACTER OF THIS BUSINESS.
3. ACCORDING TO YOUR REQUEST, WE WILL TRANSMIT THE FORMULA FOR THE
PREPARATION OF SOFT FILM AND NEWS SEPARATELY, TOGETHER WITH (YOUR)
MOTHER'S LETTER.
4. IT IS TOO EARLY TO SEND YOU THE GAMMAS. ENCIPHER SHORT LETTERS, BUT THE
LONGER ONES MAKE WITH INSERTIONS. ALL THE DATA ABOUT YOURSELF, PLACE OF
WORK, ADDRESS, ETC., MUST NOT BE TRANSMITTED IN ONE CIPHER MESSAGE.
TRANSMIT INSERTIONS SEPARATELY.
5. THE PACKAGE WAS DELIVERED TO YOUR WIFE PERSONALLY. EVERYTHING IS ALL
RIGHT WITH THE FAMILY. WE WISH YOU SUCCESS. GREETINGS FROM THE COMRADES.
NUMBER 1, 3RD OF DECEMBER.

The Case of the Hollow Nickel

Hyhnen and Fisher were in the United
States mainly looking for information on
the U.S. atomic program and U.S. Navy
submarine information.
When Fisher was arrested, the hotel room
and photo studio that he lived in contained
multiple items of modern espionage
equipment: cameras and film for producing
microdots, cipher pads, cufflinks, a hollow
shaving brush, shortwave radios, and
numerous "trick" containers.

Hashing and
Security

Learning Objectives
You will be able to describe how a hash function
aids integrity and authentication of
information

Different levels of encryption

If there is no need to keep the message secret
but there is a need to ensure that the message
has not been tampered with, the key can be
sent with the message (integrity)
If there is no need to keep the message secret
but there is a need to know that the person who
sent the message is the person they claim to be,
the key does not have to be sent at all
(authenticity)

Answer: Different types of encryption

required depending on what you want to do
Integrity: the trustworthiness of data or resources in terms of
preventing improper use or changes.
Authenticity: the person requesting the resource is who they claim to
be
For example, how does one gain confidence that, given an ATM
(automated teller machine, cash dispenser) transaction:
That the person using the ATM card has the right to have and use
the card (authenticity)?
That the card is genuine and has not been tampered with
(integrity)?

ATM in Jungle
27

Cryptographic hashing algorithms for

authenticity and integrity
Hashing
Also called a one-way hash
A process for creating a unique signature for a set of data
This signature, called a hash or digest, represents the contents
Hashing is used to ensure that:
Information is in its original form
Hash created from a set of data cannot be reversed
Hashing by itself does not prevent the message from being read and
understood
But hashing can also be used for authentication if supported by something
else (later in this lecture)

28

Preventing a Man-in-the-Middle Attack

with Hashing

Hash Functions
A hash function h takes as input a message of arbitrary length
Long Message
and produces as output a message digest
of fixed length.
(binary
0 1 1 0 1 0 0 1
version of
text or code)
Hash Function h
160-Bit
Message
Digest
See http://en.wikipedia.org/wiki/Hash_function
for more on hash functions
1 1 1 0

30

Ideal Message Digests

A message digest is a compacted form/representation
of the original message, with no intention that the
original message should be recreated
An ideal digest never generate the same hash for
two different sets of input
Theoretically the ideal hash could be as long as the
message/file being hashed

Practical Message Digests

Compromise in favour of a digest of modest and
usually fixed size created with an algorithm
designed to make preparation of input text with
a given digest computationally infeasible
Chances of two message digests being the same
for two different inputs extremely remote

3
3

Message digests as hashes

A hash is a fingerprint for a document and its purpose is to
provide proof that that data has not been altered or tampered
with.
Usually 16 or 20 bytes in length but can be longer if the intention
is that no two messages produce the same digest and it is not
possible to recreate the message from the digest
Used for password authentication
Public domain message digest algorithms

MD5 - Ron Rivest of RSA Security Inc., 128-bit

SHA and SHA-1 - Secure Hash Algorithm, NIST, 1993,
160-bit, more secure than MD5

Examples of hash functions

Notes:
1. Same length
output always
produced
2. Changing a
small part of
input produces
a totally
different hash
sum

34

Simple example of (logical) hash

function
Plaintext: beach (see
pq
or
1 1
1
0 1
1
1 1
0
0 0
0

table below)
00010100000000
100111
and the key:
This
1 0 1produces
0 1 0 1 0 the
1 0 ciphertext/hash using the OR function:
1 0 1 1 1 1 1 0 1 0 1 0 1 0 1 0 1 1 1 1 (key applied twice) =
780975 in decimal
This is block cipher: message is converted into blocks of
fixed size and each block is separately encrypted with a
key (of the same size).
Working back: 1/0 0 1/0 1/0 1/0 1/0 1/0 0 1/0 0 1/0 0 1/0 0
1/0 0 1/0 1/0 1/0 1/0 One possibility: 1 0 1 1 1 1 1 0 1 0 1 0
letter: 1 0 a1 0 1 1b 1 1 (only
c
green
d
0 bits
e
aref known
g for certain)
h
bit
0000
0001 version:
0010
0011
0100
0101
0110
0111
One
plaintext
lokkp
string:

i
1000

j
1001

k
1010

l
1011

m
1100

n
1101

o
1110

p
1111

Hashing security
While using OR will create multiple possibilities of
decrypting back to plaintext, a brute force approach
may be able to extract the plaintext by working
through all possible combinations
This is because the hash is as long as the original
message
Much better is to produce a hash where there is no
indication of how long the original message is
XOR the favoured hash method for producing
fixed length hashes

Fixed length hash to stop numbers

becoming too big
1011111010101010111
1 is as long as original message
If hash is to be 5 bits only, use
XOR function
1
0 1 1 0 1as
10
110
repeatedly
follows:
1
1
00
1101 1010 011
0
1 1message digest
1 0 1 1 11 is a 5 bit
200 bit
digest
of
0 of
1 1original
0 110
10
1
This
is another versionbeach
of a stream
cipher,
plaintext
=
in
1 where encryption
0
1 depends23
of a1block
on the
decimal
encryption of a previous block
Now intruder will not be sure how many times
to apply XOR backwards

2
0

Exercise 1
p
0
1
0

q
1
0
0

xor 1 1 0
1
1
0

P=melon. What is the digest of

P using 10101 as the block cipher
key and XOR as the function?
1100 0100 1011 1110 1101 P in
binary

Blocke
110001001011111
dP
01101
Key
10101
Answer:

Exercise 2
p
0
1
0

q
1
0
0

xor 1 1 0
1
1
0

P=melon. What is the digest

of P using a stream hash of 5
bits and XOR as the function?

1100 0100 1011 1110 1101

P in binary
11000 10010
Blocke
11111 01101
dP
10010
= 01010 ???
Answer:

Exercise 3
p
0
1
0

q
1
0
0

or 1 1 1
1
1
0

P=melon. What is the digest of

P using 10101 as the block
cipher key and OR as the
function?

1100 0100 1011 1110 1101 P

Blocke
in binary
110001001011111
dP
01101
Key
10101
Answer:

Exercise 4
p
0
1
0

q
1
0
0

or 1 1 1
1
1
0

P=melon. What is the digest of

P using a stream hash of 5 bits
and OR as the function?
1100 0100 1011 1110 1101 P in
11000 10010
Blocke
binary
11111 01101
dP
10010
= 11010
Answer:

Symmetric Cryptographic Algorithms

(continued)
Data Encryption Standard (DES)
One of the first widely popular symmetric cryptography
algorithms
DES is a block cipher and encrypts data in 64-bit blocks (8x8)
However, the 8-bit parity bit is ignored so the effective key length is
only 56 bits

Triple Data Encryption Standard (3DES)

Designed to replace DES
Uses three rounds of encryption instead of just one

42

Notice how
three different
keys are
required
If the plaintext
has to be
recovered from
the ciphertext,
somehow the
keys must be
shared
But if the
purpose is to
stop a brute
force attack,
the attacker
will now find it
much more
difficult to
work back from
a stolen hash
(e.g. password)
file to the

Hash
algorithms
using
binary
versions of
5 digit
numbers
Triple Data
Encryption
Standard
(3DES)
Designed to
replace DES
Uses three
rounds of
encryption
instead of
just one

43

Symmetric Cryptographic
Algorithms
Advanced Encryption Standard (AES)
Approved by the National Institute of Standards and
Technology (NIST) in late 2000 as a replacement for DES
AES performs three steps on every block (128 bits) of plaintext
Within Step 2, multiple rounds are performed depending upon
the key size
Within each round, bytes are substituted and rearranged, and
then special multiplication is performed based on the new
arrangement

44

Other Algorithms
Several other symmetric cryptographic algorithms are
also used:

Rivest Cipher (RC) family from RC1 to RC6

International Data Encryption Algorithm (IDEA)
Blowfish
Twofish

45

Who are Alice and Bob?

http://en.wikipedia.org/wiki/Alice_and_Bob

The names Alice and Bob are two commonly used placeholder names. They are used for
archetypal characters in fields such as cryptographyThe names are used for convenience;
for example, "Alice sends a message to Bob encrypted with his public key" is easier to
follow than "Party A sends a message to Party B encrypted by Party B's public key."
Following the alphabet, the specific names have evolved into common parlance within these
fields helping technical topics to be explained in a more understandable fashion.
In cryptography and computer security, there are a number of widely used names for the
participants in discussions and presentations about various protocols. The names
are conventional, somewhat self-suggestive, sometimes humorous, and effectively act as
metasyntactic variables.
In typical implementations of these protocols, it is understood that the actions attributed to
characters such as Alice or Bob need not always be carried out by human parties directly,
but also by a trusted automated agent (such as a computer program) on their behalf.
Perhaps because Alice's and Bob's distinct genders permit the use of gender-specific
pronouns to reduce verbosity while preventing an increase in ambiguity, there has been
little tendency to introduce inanimate parties so that neuter pronouns could refer to them.

Hash for integrity

Alice sends Bob beach with message digest (hash) 1 0 1 1 1 and the
key 1 0 1 0 1 0 1 0 1 0 as well as encryption method XOR if Bob does
not have it
Anyone can read Alices message, but Bob wants to be sure that the
message has not been altered
So Bob takes beach, calculates the hash on his machine and, if his
hash matches the message digest, he can be sure that no one has
altered the message
That does not mean that the message has come from Alice, it only
means that the message sent has not be altered on its way to Bob
Message digests are much longer than 5 bits but must be fixed length
so that, if secrecy is required, it is not possible to convert the hash
back to the plain text
Even if Alice sends just one character, the hash will be the same fixed
length of 5 bits
Usually, some multiple combinations of XOR are used as the algorithm
2
6

Use of digest: Summary

Note that the document and digest are not

encrypted

Hash function for message integrity

A and B share a hash key (not necessarily secret)
A sends B the message beach with the hash
10111110101010101111 (or 780975 in decimal) as
well as details of the hash function and key
B receives the message and hashes the message using
the same key and function
If Bs hash matches As hash, B knows that no one has
changed As message
Any change to beach (say, to sucker) by an intruder
will result in a different hash when B calculates the hash

Hashing Algorithms
Hash functions in real life are complicated mathematical
functions expressed in logical terms (shift, OR, XOR, AND)
A hashing algorithm is considered secure if it has these
characteristics:

The ciphertext hash is a fixed size no matter how long the plaintext
Two different sets of data cannot produce the same hash, which
is known as a collision
It should be impossible to produce a data set that has a desired or
predefined hash
The resulting hash ciphertext cannot be reversed unambiguously
or uniquely
That is, a hash is not meant to be reversed (not really encryption as
such, but useful nevertheless)

Hash as digest - summary

The hash serves as a check to verify the message contents
We wont go into the mathematics of hash functions here
Note that there is a distinction between knowledge of the
encryption function (such as XOR or OR) and the key
Knowing the function does not help if you dont know the
key (knowing OR was used doesnt give the key)
Knowing the key does not help if you dont know the
function (knowing 1010101010 doesnt tell you what
function was used)
So, key can be public and function can be secret and
shared, if appropriate
Functions can be complicated (for example, XOR followed
by OR followed by AND followed by XOR )
3
0

Hashing for message integrity summary

The purpose of hashing is to generate confidence that
the message received is the same as the message sent
There is no guarantee that the person who sent the
message is who they say they are
But B knows that, even if the message may be from
someone pretending to be A, at least the message has
not been interfered with

Hashing for integrity and

authenticity
Hashing can also be used to aid authenticity if the message being
transmitted to B is hashed using something that only A should know
For instance, if the digest is a hash of a document using something
that A has previously sent to B secretly (such as a secret key)
This means keeping the hash key secret to only A and B
When B receives a computer message from someone claiming to be
A, B uses the key to hash the received document to calculate and
check the hashes
That is, a message digest (MD) is different from a message
authentication code (MAC)
For a MD, the key can be public and anyone can use it
For a MAC, the key must be kept secret between A and B

Message Authentication Code (MAC), created by Alice and checked by Bob

Note that Alice and Bob must share a key to hash the
document. The MAC is therefore produced by
encrypting/hashing the document with a key to the hashing
function. This key should be known only to Alice and Bob. But

Message Authentication Codes are

appended to the file

Notice that the file is not

encrypted. If the digest is
encrypted by a key that only A
and B know, then the

Another layer of authentication: Hash based MAC (HMAC)

Note that the hash is itself encrypted with the same or another
key to produce an encrypted message digest. If the digest
encryption key is only known to A and B, the message is
authenticated. First key can be public but second key must be

Problem of sharing hash keys

For authenticity, Alice and Bob need a shared key and a
common hash function
There is no need for secret keys if integrity is the only
requirement
Hash key can be public and shared between users
(public domain)
But if authenticity is required also, the key for
producing the digest or encrypting the digest must be
something that only the sender and receiver have

Alices problem
Alice may want to communicate with Bob and 10 other people
with integrity and authenticity
Alice shares her secret hash key with all 11 people
If any one of the 11 persons is untrustworthy, then the hash
key is compromised
It is not practical for Alice to have 11 separate secret hash keys
If every pair of persons in the above scenario uses a separate
key, how many keys will be needed?
Formula: n * (n - 1)/2, where n=number of users
So, 11*10/2=55 separate keys
If n=50,000, then 1.5 billion keys are needed approximately

Exercise 5
Alice wants to communicate with Bob with integrity and
authenticity. Alice and Bob have not communicated
before. How does Alice communicate with integrity and
authenticity to Bob?

4
0

Solution: Key Distribution

Centre

Key Distribution Centre (KDC): intended to reduce the

risks inherent in exchanging keys

4
1

Creating a use-once session key between Alice and Bob using KDC

KAB can now become the shared, secret hashing key. Alice uses
KAB to hash her message and Bob uses the same key to check
the hash of her message. Integrity and authenticity are now
guaranteed.
Note that this is for shared secret keys. A different method is

From http://www.cs.northwestern.edu/~ychen/classes/cs395- w05/lectures/class5.ppt

Key Distribution Center (KDC)

Alice, Bob need shared symmetric key for digests

and/or
communication.
KDC: server shares different secret key with each
registered user (many users)
Alice, Bob know own symmetric keys, KA-KDC KB-KDC ,
for
communicating with
KDC.
KDC

Secret key shared between

KB-KDC
Bob and

Secret key shared

between Alice and
KDC

KA-KDC

KDC
KA-KDCKP-KDC

KX-KDC
KY-KDC

KB-KDC KZ-KDC

KDC stores all secret keys

Key Distribution Center (KDC)

Q: How does KDC allow Bob, Alice to determine shared
symmetric secret key to communicate with each other?
generates
R1

KA-KDC(A,B)
Alice
knows
R1

KA-KDC(R1, KB-KDC(A,R1) )
KB-KDC(A,R1)

KDC

Bob knows to
use R1 to
communicate
with Alice

Alice cannot read this

Alice and Bob communicate: using R1 as session key for shared symmetric encryption
But KDC needs to store everyones private key
From
http://www.cs.northwestern.edu/~ychen/classes/cs395-w05/lectures/class5.ppt

Pros and cons of KDC

Benefit: Easier key distribution
Benefit: scalability so that people who have not communicated
with each other before now communicate with a shared, trusted
third party
Drawback: A KDC can become a single point of failure
Drawback: Everybody must trust the KDC
Kerberos is an example of a KDC
BUT, how do Alice and Bob get a shared secret key with the
KDC?
That is, a KDC means that Alice does not need to agree
beforehand a separate secret key with everyone she intends to
communicate with
But initial shared key between Alice, Bob and the KDC not yet
explained

Summary of Lecture 2
Learning objectives:

You will be able to describe the shared key

problem - the main or largest problem in
security
You will be able to describe how a hash
function aids integrity of information

Class Exercise 2
Use the same group as yesterday and do the following:
Implement a more secure encryption technique by implementing a hashing
program.
Again there is no need for any user interface.
You should work in the same group as yesterday.
Your program should work for all ASCII characters