27th Aug 2009 - Lab 4: Modern Cryptography(extended version)

Today lab session, Mr. Zaki continue teaches the modern cryptography. It is the extended version of the modern cryptography.

First, Mr. Zaki is explaining how the DES works? DES works by encrypting group of 64 message bits, which is the same as 16 hexadecimal numbers. To do the encryption, DES uses "keys" where are also 64 bits long. However, every 8th key bit is ignored in the DES algorithm, so that the effective key size is 56. The plaintext and the Key will undergo 16 rounds of expansion, substitution, key mixing and permutatio process. Figure below show the detail operation undertaken in each round.

Next, Mr. Zaki demonstrates how to do the encryption by using DES. Mr. Zaki step by step taught us the process of the DES algorithm. However, Mr. Zaki just managed to show us the first round of the DES algorithm, the rest of the round (15round) we have to finish our self.

26th Aug 2009 - Lecture 3: Modern Cryptography Part 2

In the last lecture, Mr. Zaki teaches about the stream ciphters, block ciphers and DES. Today, Mr. Zaki is going to teach us about MAC; stands for Message Authentication Code. MAC is one of the modern cryptography. It is used to protect against active attacks. It also used to verify received messages is authentic which mean the contents are unaltered, from the authentic source and also timely and in correct sequence. Below figure show that the way of encryption and decryption messages by using MAC.

Next, Mr. Zaki teaches about the Hash function. Hash function is a deterministic procedure that takes an arbitrary block of data and returns a fixed-size bit string. Below figure show that the processes of hash function:

There are 2 prominent algorithms in Hashing functions that are MD-5 and SHA-1. MD-5 algorithm produces a 128-bit output. While SHA-1 can produces a 160-bit MAC. So this longer output is considered to be more secure than MD-5.

After that, Mr. Zaki is teaches the Digital signature. Digital signature is the provision of a means of setting disputes between sender and receiver that distinguishes the digital signature mechanism from the MACing process.

In the end of the lecture, Mr. Zaki is teaches the Certification Authority (CA), RSA that learn in last lab session and methods of attack. There are four general attacks that can be performing against encrypted information:

• Ciphertext - only attack guessing the plaintext or using frequency analysis
• Know Plaintext guess using known plaintext
• Chosen-plaintext
• Chosen-ciphertext attack

Besides that, there are also specific attacks that can be launched against encryption systems.

• Brute-Force attack
• Replay attacks
• Man-in-the-middle attacks
• Fault in Cryptosystem
  

13rd Aug 2009 - Lab 4: Modern Cryptography

Today in the lab session, Mr. Zaki going to teaches us how to find the private and public key using the RSA algorithm. What is public and private key? Public key and private key is the unique pair of key that widely use in asymmetric encryption.

Usually the private key is kept secret while the public key may be widely distributed. Messages are encrypted with the recipient's public key and can only be decrypted with the corresponding private key. The keys are related mathematically. However, even you know the public key; you also cannot derive the private key from the public key. So it can prove the authenticity.

How using RSA algorithm to calculate private key and public key? Below is the steps to calculate private and public key:

1. Select primes: p=17 & q=11
2. Compute n = pq = 17*11=187
3. Compute node n = (p-1)(q-1) = 16*10 = 160
4. Select e: gcd(e,160)=1
5. Determine d: d*e = 1 mod 160. So value d=23

After the 5 steps, publish key PU={e,n}; PU = {7, 187} and secret private key is PR={d,n}; PR = {23, 187}.

12nd Aug 2009 - Lecture 3: Modern Cryptography

Today, Mr. Zaki teaches about the modern cryptography. Modern cryptography is different from classic cryptography that taught last lecture. This is because modern cryptography is use a sequence of binary digits (bits) that is, zeros and ones such as ASCII. This bit sequence representing the plain text is then encrypted to give the cipher text as a bit sequence.

Modern cryptography algorithms consist of various types such as stream ciphers and block ciphers. Stream ciphers where the sequence is encrypted bit-by-bit. While block ciphers where the sequence is divided into blocks of a predetermined size. ASCII requires 8 bits to represent one character, and so for a block cipher that has 64-bit blocks, the encryption algorithms acts on eight characters at once.

Since most modern algorithms operate on binary string so we need to be familiar with a method of combining two bits called Exclusive OR and ofter written as XOR. Table below show that the way of doing the XOR. When 0 XOR with 0 will get 0 while 0 XOR with 1 will get 1.

How we encrypt using the modern cryptography? If the plain text is 1100101 and the key stream is 1000110 then by applying the XOR gives 0100011 as the cipher text.

Above table show that the ASCII table and description. How this ASCII table can help in modern cryptography? First, select a plain text and key stream. In this case, I select APPLE as my plain text while my key stream is KEY. Both of the plain text and key stream change to the binary sequence in order to use the XOR.

From the above ASCII table, A uppercase is decimal number 65 while P uppercase is decimal number 80. Follow the ASCII table; we can get the information as below:


Next, we can do the encryption. XOR with plain text and key stream then we can get the cipher text.

Next, Mr. Zaki teaches us about the DES. DES stands for Data Encryption Standards. It is a widely used encryption scheme. The plain text is divided into 64 bit blocks with a key of 56 bits (with 8 bit parity). DES must process through 16 round of Expansion, substitution, key mixing and permutation process. Figure below show that the process of DES.

In the end of the class, Mr. Zaki shows us the process of DES by using flash. However, I still don't know how to do the DES. Maybe it is because I just learn the theory. not yet do it myself.

30th Jul 2009 - Lab 3: Classic Cryptography

Today is the 3rd lab session of Information Technology Security. Before that, Mr. Zaki already taught us about the Caesar cipher and Vigenere cipher in lecture class. In this lab, we had to complete 2 tasks that are deciphering simple substitution cipher text and encrypt and decrypt using vigenere cipher. These 2 tasks are done in order to strengthen our cryptography theory. In the end of the lab, Mr. Zaki asks us to do the review question and pass up the lab report (lab1-lab3) to him. In the lab 3 review question 3, we have to use kasiski method to decrypt the vigenere cipher text as below:

To decrypt the above Vigener cipher text, we have to find out the key letter that use for encrypt. First, find out the repeated cipher text string. Then, we have to find the different spacing between the repeated strings. After that, we have to find the factors based to the number of the different spacing. For example, QLTJSU string first time appear at position 65, then it appear again at position 165, between this two strings is 100 so we find the factor of 100. Below table shown the result:

After find all the factors, the most factors repeated are 2 and 4. This number represent the key length for the key letter; either 2 or 4. In this case, we try number 4 first.

Divide the cipher text into 4 letters as shown below:

LIOM WGFE GGDV WGHH CQUC RHRW AGWI OWQL KGZE TKKM EVLW PCZV GTHV TSGX QOVG CSVE TQLT JSUM VWVE UVLX EWSL GFZM VVWL GYHC USWX OHKV GSHE EVFL CFDG VSUM PHKI RZDM PHHB VWVW JWIX GFWL TSHG JOUE EHHV UCFV GOWI CQLT JSUX GLW

Then we take out every first letter of the cipher text:

LWGWCRAOKTEPGTQCTJVUEGVGUOGECVPRPVJGTJEUGCJG

After that, we calculate the frequency of the character

From the above table, the highest frequency is G. In English language, the highest frequency is E. So we set the G into E and get the table as below:

So, we can know that the first letter of the key letter is C.

Next, we continue to find the second letter and third letter of the key. The method is just same like the method to find the first letter.

Then we can find the key letter is COD.

However, when want to find the fourth key. I face some problems. List down the every fourth letter of the cipher text:

MEVHCWILEMWVVXGETMEXLMLCXVELGMIMBWXLGEVVITX

After that, we calculate the frequency of the character:

From the above table, the highest frequency is V, E and M. In English language, the highest frequency is E. So we set the V, E and M into E:

From the above table, we still can't find the key letter. This is because CODR, CODA or CODI is not an exist word in English. So, we have to try the second highest frequency or third highest frequency.

By using try and error method, we finally find the key letter which is CODE and use it to decrypt the Vigenere cipher text. Below is the plain text:

JULIUS CAESAR USED A CRYPTO SYSTEM IN HIS WAR WHICH IS NOW REFERRED TO AS CAESAR CIPHER IT IS A SHIT CIPHER WITH THE KEY SETTM THREE EACH CHARACTER IN THE PLAINTEXT IS SHIFTER THREE CHARACTER SO CREATE A CIPHERTEXT