Embed Size (px)
Citation preview
Classical Encryption Techniques
Many savages at the present day regard their names as vital parts of themselves, and therefore take great pains to conceal their real names, lest these should give to evil-disposed persons a handle by which to injure their owners.
—The Golden Bough, Sir James George Frazer
Objectives ❏ To define the terms and the concepts of symmetric key ciphers
❏ To emphasize the two categories of traditional ciphers: substitution and transposition ciphers
❏ To describe the categories of cryptanalysis used to break the symmetric ciphers
❏ To introduce the concepts of the stream ciphers and block ciphers
❏ To discuss some very dominant ciphers used in the past, such as the Enigma machine
Objectives
Introduction
Figure 3.1 shows the general idea behind a symmetric-key cipher. The original message from Alice to Bob is called plaintext; the message that is sent through the channel is called the ciphertext. To create the ciphertext from the plaintext, Alice uses an encryption algorithm and a shared secret key. To create the plaintext from ciphertext, Bob uses a decryption algorithm and the same secret key.
Kerckhoff ’s Principle
Cryptanalysis
Categories of Traditional Ciphers
Kerckhoff’s principle
Based on Kerckhoff’s principle, one should always assume that the adversary, Eve, knows the encryption/decryption algorithm. The resistance of the cipher to attack must be based only on the secrecy of the key.
Cryptography characterize cryptographic system by:
type of encryption operations used
substitution / transposition / product
number of keys used
single-key or private / two-key or public
way in which plaintext is processed
block / stream
3.7
Figure 3.2 Locking and unlocking with the same key
Cryptography
Symmetric Encryption or conventional / private-key / single-key
sender and recipient share a common key
all classical encryption algorithms are private-key
was only type prior to invention of public-key in 1970’s
and by far most widely used
General Idea of Symmetric Key Cipher
Some Basic Terminology plaintext - original message ciphertext - coded message cipher - algorithm for transforming plaintext to ciphertext key - info used in cipher known only to sender/receiver encipher (encrypt) - converting plaintext to ciphertext decipher (decrypt) - recovering ciphertext from plaintext cryptography - study of encryption principles/methods cryptanalysis (codebreaking) - study of principles/
methods of deciphering ciphertext without knowing key cryptology - field of both cryptography and cryptanalysis
3.11
3.1 Continued
If P is the plaintext, C is the ciphertext, and K is the key,
We assume that Bob creates P1; we prove that P1 = P:
Requirements two requirements for secure use of symmetric
encryption: a strong encryption algorithm
a secret key known only to sender / receiver
mathematically have: Y = EK(X)
X = DK(Y)
assume encryption algorithm is known
implies a secure channel to distribute key
Cryptanalysis As cryptography is the science and art of creating
secret codes, cryptanalysis is the science and art of breaking those codes.
objective to recover key not just message
general approaches:
cryptanalytic attack
brute-force attack
Cryptanalytic Attacks
ciphertext only only know algorithm & ciphertext, is statistical, know or
can identify plaintext
known plaintext know/suspect plaintext & ciphertext
chosen plaintext select plaintext and obtain ciphertext
chosen ciphertext select ciphertext and obtain plaintext
chosen text select plaintext or ciphertext to en/decrypt
3.15
Ciphertext-only attack: only know algorithm & ciphertext, is statistical,
know or can identify plaintext
Ciphertext-Only Attack
3.16
know/suspect plaintext & ciphertext
Known-Plaintext Attack
3.17
select plaintext and obtain ciphertext
Chosen-Plaintext Attack
3.18
select ciphertext and obtain plaintext
Chosen-Ciphertext Attack
More Definitions unconditional security
no matter how much computer power or time is available, the cipher cannot be broken since the ciphertext provides insufficient information to uniquely determine the corresponding plaintext
computational security
given limited computing resources (eg time needed for calculations is greater than age of universe), the cipher cannot be broken
Brute Force Search always possible to simply try every key
most basic attack, proportional to key size
assume either know / recognise plaintext
Key Size (bits) Number of Alternative
Keys
Time required at 1
decryption/µs
Time required at 106
decryptions/µs
32 232 = 4.3 109 231 µs = 35.8 minutes 2.15 milliseconds
56 256 = 7.2 1016 255 µs = 1142 years 10.01 hours
128 2128 = 3.4 1038 2127 µs = 5.4 1024 years 5.4 1018 years
168 2168 = 3.7 1050 2167 µs = 5.9 1036 years 5.9 1030 years
26 characters
(permutation)
26! = 4 1026 2 1026 µs = 6.4 1012 years 6.4 106 years
3.21
SUBSTITUTION CIPHERS A substitution cipher replaces one symbol with another. Substitution ciphers can be categorized as either monoalphabetic ciphers or polyalphabetic ciphers.
3.2.1 Monoalphabetic Ciphres 3.2.2 Polyalphabetic Ciphers
Topics discussed in this section:
A substitution cipher replaces one symbol
with another.
Note
3.22
Monoalphabetic Ciphers
In monoalphabetic substitution, the
relationship between a symbol in the
plaintext to a symbol in the ciphertext is
always one-to-one.
Note
Monoalphabetic Cipher rather than just shifting the alphabet could shuffle (jumble) the letters arbitrarily each plaintext letter maps to a different random
ciphertext letter hence key is 26 letters long
Plain: abcdefghijklmnopqrstuvwxyz
Cipher: DKVQFIBJWPESCXHTMYAUOLRGZN
Plaintext: ifwewishtoreplaceletters
Ciphertext: WIRFRWAJUHYFTSDVFSFUUFYA
3.24
The following shows a plaintext and its corresponding ciphertext. The cipher is probably monoalphabetic because both l’s (els) are encrypted as O’s.
Example 3.1
The following shows a plaintext and its corresponding ciphertext. The cipher is not monoalphabetic because each l (el) is encrypted by a different character.
Example 3.2
3.25
The simplest monoalphabetic cipher is the additive cipher. This cipher is sometimes called a shift cipher and sometimes a Caesar cipher, but the term additive cipher better reveals its mathematical nature.
Additive Cipher
Figure 3.8 Plaintext and ciphertext in Z26
3.26
Figure 3.9 Additive cipher
When the cipher is additive, the plaintext,
ciphertext, and key are integers in Z26.
Note
3.27
Use the additive cipher with key = 15 to encrypt the message “hello”.
Example 3.3
We apply the encryption algorithm to the plaintext, character by character:
Solution
3.28
Use the additive cipher with key = 15 to decrypt the message “WTAAD”.
Example 3.4
We apply the decryption algorithm to the plaintext character by character:
Solution
3.29
Historically, additive ciphers are called shift ciphers. Julius Caesar used an additive cipher to communicate with his officers. For this reason, additive ciphers are sometimes referred to as the Caesar cipher. Caesar used a key of 3 for his communications.
Shift Cipher and Caesar Cipher
Additive ciphers are sometimes referred to
as shift ciphers or Caesar cipher.
Note
3.30
Eve has intercepted the ciphertext “UVACLYFZLJBYL”. Show how she can use a brute-force attack to break the cipher.
Example 3.5
Eve tries keys from 1 to 7. With a key of 7, the plaintext is “not very secure”, which makes sense.
Solution
Monoalphabetic Cipher Security now have a total of 26! = 4 x 1026 keys
with so many keys, might think is secure
but would be !!!WRONG!!!
problem is language characteristics
Caesar Cipher earliest known substitution cipher
by Julius Caesar
first attested use in military affairs
replaces each letter by 3rd letter on
example:
meet me after the toga party
PHHW PH DIWHU WKH WRJD SDUWB
Caesar Cipher can define transformation as:
a b c d e f g h i j k l m n o p q r s t u v w x y z
D E F G H I J K L M N O P Q R S T U V W X Y Z A B C
mathematically give each letter a number a b c d e f g h i j k l m n o p q r s t u v w x y z
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25
then have Caesar cipher as:
c = E(p) = (p + k) mod (26)
p = D(c) = (c – k) mod (26)
Cryptanalysis of Caesar Cipher only have 26 possible ciphers
A maps to A,B,..Z
could simply try each in turn
a brute force search
given ciphertext, just try all shifts of letters
do need to recognize when have plaintext
eg. break ciphertext "GCUA VQ DTGCM"
Language Redundancy and Cryptanalysis
human languages are redundant
eg "th lrd s m shphrd shll nt wnt"
letters are not equally commonly used
in English E is by far the most common letter
followed by T,R,N,I,O,A,S
other letters like Z,J,K,Q,X are fairly rare
have tables of single, double & triple letter frequencies for various languages
English Letter Frequencies
3.37
Table 3.1 Frequency of characters in English
Table 3.2 Frequency of diagrams and trigrams
Use in Cryptanalysis key concept - monoalphabetic substitution ciphers
do not change relative letter frequencies
discovered by Arabian scientists in 9th century
calculate letter frequencies for ciphertext
compare counts/plots against known values
if caesar cipher look for common peaks/troughs
peaks at: A-E-I triple, NO pair, RST triple
troughs at: JK, X-Z
for monoalphabetic must identify each letter
tables of common double/triple letters help
Example Cryptanalysis given ciphertext:
UZQSOVUOHXMOPVGPOZPEVSGZWSZOPFPESXUDBMETSXAIZ
VUEPHZHMDZSHZOWSFPAPPDTSVPQUZWYMXUZUHSX
EPYEPOPDZSZUFPOMBZWPFUPZHMDJUDTMOHMQ
count relative letter frequencies (see text)
guess P & Z are e and t
guess ZW is th and hence ZWP is the
proceeding with trial and error finally get:
Example Cryptanalysis proceeding with trial and error finally get:
Example Cryptanalysis proceeding with trial and error finally get: it was disclosed yesterday that several informal but
direct contacts have been made with political
representatives of the viet cong in moscow
