Lecture 2

Ciphers

The historic example of an early cipher used was the Caesar cipher, used by Julius Caesar. This is an instance of a substitution cipher. More specifically, it is a monoalphabetic substitution cipher

Encryption

There are three components of any encryption scheme

  1. key-generation algorithm: probabilistic algorithm that creates key k
  2. encryption algorithm: takes in a key, and a message, and outputs a ciphertext message
  3. decryption algorithm: takes in a key, and ciphertext, and outputs the original message

Messages have a correctness requirement, which stipulates that for every key, and every message, decrypting an encrypted message should result in the original message.

Kerckhoff's second axiom

For a given encryption scheme, an eavesdropping adversary needs the following things to decrypt the ciphertext it has stolen:

  1. the key
  2. the decryption algorithm

For Kerckhoff's second axiom, he's stating that a cipher's implementation, if that cipher is a good one, should remain secure even if one can't count on secrecy, it should not be a problem if it falls into enemy hands.

In other words, the encryption algorithm should not need to be kept a secret in order for the communication to be secure. It's hard to keep an algorithm a secret, and it's hard to replace one in practice. It's easy to keep a key secret, and trivial to generate a new one.

When you're being told to use a standard library "securely," be sure not to miscontrue "security" with "privacy/secrecy".

In the case of the Android example, the meaning of "security" would probably amount more to "correctly" or "properly."

Security through obscurity has largely been debunked. Things are most secure when the procedure is known to everyone, and has had time to be scrutinized for potential vulnerabilities.

Exhaustive Key Searches

An exhaustive key search is the typical manifestation of the brute force attack All keys are generated, the ciphertext is passed through each, and the initial message is recovered.

key space
the set of all possible permutations of encryption keys that can be created by the key-generation algorithm

Humans do not select passwords randomly, therefore attackers frequently try a dictionary attack before a brute force attack, as this approach can often produce the correct answer in far less time than a systematic brute force search of all possible character combinations.

Advanced Encryption Standard (AES) can use a symmetric key of 256 bits, resulting in a key space containing 2^256 possible keys

Principles of modern cryptography

There are three main principles

  1. Formal definitions
  2. Precise assumptions
  3. Rigorous proofs

Threat models

Threat models can be broken down into passive and active

Perfect secrecy

All cipher text is equally likely to be output by any key as the cipher text produced by that message in the message space.

Shannon's theorem

Every key is equally likely to be chosen, which means that key length must equal message length in order to guarantee perfect secrecy, which computationally is too arduous.

One time pad, the implementation of perfect secrecy, is used in extremely high security situations, such as between the embassies of Russia and the United States.

Private key encryption arose out of our newfound understanding of computational complexity, through which we realized we don't need perfect secrecy to make it computationally moot for hackers to try exhaustive search strategies.

One-time pad

One-time pad
an encryption technique that cannot be cracked, but requires the use of a one-time pre-shared key the same size as, or longer than, the message being sent. In this technique, a plaintext is paired with a random secret key. Then, each bit or character of the plaintext is encrypted by combining it with the corresponding bit or character from the pad using modular addition.