Cryptography

Mid-Section Review

Day 1

Binary, Bits, and Bytes

• Binary : The language of computers
• “Bi’ == two
• Why? It’s simple!
• Bit : smallest unit of information
• 0 or 1
• Byte : 8 bits

Bitwise Operators

• AND (&)
• 1 & 1 = 1
• 1 & 0 = 0
• 0 & 1 = 0
• 0 & 0 = 0
• OR (|)
• 1 | 1 = 1
• 1 | 0 = 1
• 0 | 1 = 1
• 0 | 0 = 0

• XOR (^, ⊕)
• 1 ⊕ 1 = 0
• 1 ⊕ 0 = 1
• 0 ⊕ 1 = 1
• 0 ⊕ 0 = 0
• NOT (~, !)
• ~ 1 = 0
• ~ 0 = 1

Decimal to Binary

Rules:

1. Start with a number (n)
2. Divide n by 2
3. Remainders: 0/1 → append to Binary number on the left side
4. Quotient → new ‘n’
5. Continue from Step 2 until quotient becomes zero
6. Final result is your binary number!

• Convert n = 97 to binary

---------------------------------------------------------------------------------�n ÷ 2 quotient remainder num�---------------------------------------------------------------------------------

97 ÷ 2 48 1 1

48 ÷ 2 24 0 01

24 ÷ 2 12 0 001

12 ÷ 2 6 0 0001

6 ÷ 2 3 0 00001

3 ÷ 2 1 1 100001

1 ÷ 2 0 (Stop) 1 1100001

​

Binary to Decimal

​

� �1 0 1 1

1 * 2³ + 0 * 2² + 1 * 2¹ + 1 * 2⁰

1 * 8 + 0 * 4 + 1 * 2 + 1 * 1

8 + 0 + 2 + 1

11

​

ASCII

• Number representation of a character
• Python functions
• ord(<character>)
• Takes in a single character input and returns decimal ASCII code
• chr(<integer>)
• Reverses ord(), gives you character for decimal input

Why does crypto matter?

1. We use it all the time, so it must be automatic and fast
2. Bad crypto can lead to universal, covert breaches of digital security.
3. Cryptography has social, legal, and political impact

Principles

• No secure systems, only degrees of security
• Think like an adversary
• Don’t trust anything! Not even your own code
• No security through obscurity

Confidentiality, Integrity, Availability

When you’re protecting your data ask yourself if you have the following:

• Confidentiality: You want to ensure that only authorized users can access the information
• Integrity: You know the data is from a legitimate source
• Availability: You want to make sure that the people who are supposed to access the resource can access it

Kirckhoff’s Principles (SImplified)

1. System must be indecipherable
2. Must not be required to be secret
3. Key must be able to communicable and remembered without written notes, and easy to change
4. Ignored
5. Ignored
6. Easy to use

Cryptography Uncreative Names

• Two people talking: Alice and Bob
• Passive attacker: Eavesdropping Eve
• Active attacker: Mallicious Mallory

Encryption

• Hiding our information
• Caesar Cipher
• Alphabet shift
• Substitution Cipher
• Replace alphabet with new order of letters

Vocab

• Plaintext: The message that you want to send
• Ciphertext: Encoded message
• Encryption: A function that encodes a message (plaintext to ciphertext)
• Decryption: A function that decodes a message (ciphertext to plaintext)
• Key: How to encrypt and decrypt a message

Attacking Ciphertexts

• Brute force: Trying all possible keys until we get the right one
• Frequency attack: Use information about English language and frequency of letters and words to make deductions of plaintext based on ciphertexts

One Time Pad (OTP)

• What is it?
• Encryption scheme.
• XOR plaintext and key
• One Time Pad Rating
• Meh, 3/10
• Unbreakable and simple
• Many limitations
• len(plaintext) == len(key)
• Key can only be used once
• No integrity

Day 2

Randomness

• Computers and humans are very bad at generating random numbers
• Computers are bad since they’re designed to give you accurate results
• Humans are bad because their expectations of what is random and what is truly random are very different
• Computer functions are pseudorandom
• Computers use a seed to create pseudorandom numbers
• Different sources of “true” randomness exist in the world
• Bad randomness can result in algorithms that can be broken

Two Time Pad

• What is it?
• Two different messages that use the same key as an OTP on them
• Why is it bad?
• ciphertext1 = plaintext1 ⊕ key�ciphertext2 = plaintext2 ⊕ key
• If we take ciphertext1 ⊕ ciphertext2
• ciphertext12 = ciphertext1 ⊕ ciphertext2 = plaintext1 ⊕ key ⊕ plaintext2 ⊕ key = plaintext1 ⊕ plaintext2
• ciphertext12 = plaintext1 ⊕ plaintext2
• Can use a similar attack as frequency attack, but with words.
• Attack is called crib-dragging
• Take a common phrase that might appear in the plaintext (ex. “the”), and XOR this phrase with ciphertext12. If “the” exists in ciphertext1, then the result of the XOR should reveal what exists in ciphertext2.

Symmetric Key Crypto

• What is it?
• Secret communication using a shared secret key
• Messages can be encrypted and decrypted with the same key

Meet at 7

Meet at 7

ax42xcv3i

Enc

Dec

plaintext

ciphertext

plaintext

AES - Advanced Encryption Standard

• What is it?
• Most widely used block cipher
• Has confusion and diffusion
• Confusion → Change one thing in key, changes everything in ciphertext
• Diffusion → Change one thing in the plaintext, change everything in the ciphertext

Block Cipher Mode of Operation

• Electronic Codebook (ECB)
• Plaintext is broken into blocks, and each block is encrypted with the same key
• Problems:
• Two identical blocks will give identical outputs
• Linux Penguin (Called the ECB Penguin)
• Cipher Block Chain (CBC)
• Plaintext is broken into blocks, first bock is XOR with a random initialization vector (IV), then encrypted using AES, resulting ciphertext is used as IV for next block
• Can be slow, no parallelization
• Counter (CTR)
• IV and counter string is concatenated and encrypted using AES, resulting ciphertext is XOR’ed with corresponding blocks of plaintext.

Message Authentication Codes (MACs)

• Message Authentication Codes
• Allows us to make sure we know who we’re communicating with and letting us know that the message was not tampered with
• Used with symmetric key crypto and public/private key crypto
• Hash-based MACs (HMAC) are the standards
• Cryptographic Doom Principle (simplified): If you have do any crypto operation before checking the MAC, you are doomed!
• Check MAC first!
• Authenticated encryption uses Encrypt-then-MAC
• Allowed us to check MAC before decrypting message

Hash Functions

• Hash Functions
• Accepts any input and outputs a string of a fixed length, takes an input from an infinite set and maps it to a finite set
• Same input will lead to same output, different input leads to different output
• Collision resistance: the idea that it’s hard to find two different inputs that will yield the same output
• SHA-256 is the most commonly used hash function