Ransomware
sb230529
CH07.pptxChapter 7 Encrypting Files
Chapter 7 Overview
Encryption fundamentals, including cryptanalysis
Building blocks for computer-based encryption
Features and properties of effective file encryption
Digital rights management
Protecting the Accessible
Cryptography (crypto) protects information even when it is not under your physical control
When crypto properly protects data, it prevents its disclosure or modification
Protecting pre-computer documents
In fiction: treasure maps
In reality: diaries
Pepys, Charles Wesley, Beatrix Potter
Only after death were these diaries read
Example: Encrypted Diary
Asset: Confidential personal statements
Risk: Disclosure to anyone except the author
Sometimes a matter of embarrassment
Sometimes political or professional risks
Policy: No one should read the diary
Implementation: Manual encryption using a handwritten cipher
Monitoring: Keep track of diary's location
Recovery: If lost, trust to the encryption
The Process of Encryption
Kerckhoff's Principle
We assume that threats are familiar with how our cryptography works
All security rests in a secret key
We can change the key without replacing our cryptosystem
The key can't be guessed by the attacker
Shannon's Maxim:
“The enemy knows the system”
Categories of Encryption
Encryption and Information States
Encryption and Cryptanalysis
If we can figure out how to reverse the encryption, we can read the ciphertext
Cracking ciphertext = cryptanalysis
Cipher designers often start as cryptanalysts
Helps them recognize weaknesses
Example: solve this cipher –
SEND
+MORE
MONEY
Types of Cryptanalysis
Known ciphertext, or ciphertext only
All we know is the ciphertext
Most difficult situation, but common
Known plaintext
We know the plaintext to match some of the ciphertext encrypted with a particular key
Chosen plaintext
We can choose some plaintext to encipher with our victim's cipher, and retrieve the ciphertext
The Caesar and Vignère Ciphers
Caesar Cipher
Replace each letter in a text by the 3rd letter following it in the alphabet:
ABCD becomes DEFG; CAT becomes FDW
Variations rotate by different amounts
Vignère Cipher
Named after a 16th century author
Uses a series of different rotations
The “key” may be a word – each letter indicates a rotation
Vignère Example
plaintext: SENDMOREFOOD
key stream: HUNGRYHUNGRY
ciphertext: ZYAJDMYYSUFB
Encryption/decryption often uses a cipher wheel
Device with two wheels, each with alphabet
Align “A” on one wheel with the key letter
The plaintext letter lines up with the ciphertext letter
Repeat for each letter of key and text
Cipher Wheel
Courtesy of Dr. Richard Smith
Automating Crypto
Electromechanical crypto devices appeared in the early 20th century.
Adopted by most militaries during WWI
These automated ciphers often defeated cryptanalysts who attacked them by hand
Automated trial-and-error cracking became an effective tool to attack such ciphers
Allied efforts at Bletchley Park and in US
This spurred electronic computer design
Enigma – WWII Cipher Machine
Courtesy of Dr. Richard Smith
Computer-Based Encryption
The Data Encryption Standard (DES)
Developed by IBM and US government
Adopted by banks to protect the earliest electronic bank transactions
Supported 56-bit keys: 256 different keys
72,057,594,037,927,900
Over 72 quadrillion keys (7 x 1016)
Not enough keys: DES Cracker (1998)
Cracked 92 billion keys/second
1 DES key every 3.5 days
Advanced Encryption Standard
AES was unveiled in 2002
128-bit, 192-bit, and 256-bit keys
Smallest key is still too large for DES Cracker
128-bit key would take 1019 years
AES arose from a public competition
Cryptographers world-wide submitted ciphers to qualify as the new AES
Had to be strong and efficient
The chosen standard was by Dutch designers
Predicting Cracking Speeds
DES was impractical to crack in 1975 when it was introduced
Cracking became commercially practical in the 1990s
How soon are other key lengths vulnerable?
Moore's Law estimates future cracking speeds
Given past year's rate, estimate future rate
Ratefuture = Ratepast x 2((future-past)/1.5)
Exclusive Or: Crypto Building Block
Exclusive Or: Encryption Example
Courtesy of Dr. Richard Smith
Exclusive Or in General
Strong points
Very, very easy to implement
Works at the bit level
Handles data streams arbitrarily short or long
Weak points
Easily inverts – can't re-use a key stream
Whole stream must be random in some sense
A totally random stream is hard to manage
Stream Ciphers: A Building Block
What Is a Key Stream?
It is a stream of bits with these properties:
Attackers can't predict its contents in practice
All trusted recipients either
Have a copy of the same key stream, or
They can reconstruct the key stream
We either distribute the entire key stream to everyone (a one-time pad) or,
We use a pseudo-random number generator (PRNG) to generate the key stream
A Simple (Defective) Key Stream
An Improved Key Stream
Pseudo-Random Numbers And Key Streams
Statistically random numbers: good for simulations, bad for cryptography
Easy to generate with PRNGs
Cryptographically random numbers
Ideally: Derived from truly random events
Otherwise: Produced by special “cryptographic quality” PRNGs
Use a secret key to “seed” the PRNG
Key Stream Security
A good stream cipher:
Generates a key stream from the input key
Attackers can't guess other parts of the key stream even if they recover some parts of it
The RC4 problem
Key stream was not random enough
Could be cracked in a very short time
Effect of ciphertext errors
Each changed bit of ciphertext changes the corresponding bit of plaintext
One-Time Pads
The most secret stream cipher
Use one bit of truly random bit stream for each bit of data to be encrypted
Sender and recipient must both share exactly the same key stream
Also works with decimal digits
A popular spy cipher
Based on modular arithmetic
Not practical in most applications
Key stream distribution is too difficult
Soviet Spies and One-Time Pads
Popular technique during the Cold War
Moscow printed two copies of each book – unique for each spy
Spy took one copy
The other stayed in Moscow
Without the book of key, the message might say anything
These were DECIMAL codes, not binary
29
30
One-Time Pads in Decimal
To encrypt:
Put plaintext in numeric form
Write decimal numbers from pad underneath
Encrypt by doing add-without-carry
To decrypt:
Write ciphertext digits in a row
Write decimal numbers from pad underneath
Decrypt by doing subtract-without-borrow
We “pretend” to borrow, but don't change the neighboring digit when we do
File Encryption Software
Built-in file encryption
MS Windows
Apple OS X “home folder encryption”
Separate encryption applications
Examples: PGP, GPG, PKZip (modern), others often provided in a “security suite”
Policies that may require file encryption
Protect a file during transmission
Protect a file from Trojans, rogue OSes, or from low-level data recovery
File Encryption Application
Erasing a Plaintext File
We must overwrite a file's contents to erase it
Otherwise the data remains on the disk, though it isn't normally accessible
Single-pass overwriting is OK for modern drives
Older devices left vestiges of old data that experts could recover in a laboratory
Erasing flash drives and optical drives
Optical drives must be physically destroyed
Flash drives: Research is uncertain
Data recovery unlikely, but not impossible
File Encryption Checklist
Software Security
Cost
Compatibility
Installation
Usability
Trust
Crypto Security
AES algorithm, or similarly secure
Restricts access to plaintext file
Overwrites plaintext file after encryption
Handle keys safely
Third-party evaluation
Digital Rights Management
