Cryptography

Cryptography

Lecture 2: Classic Ciphers

Piotr Faliszewski

Previous Class Highlights

Last class Historical perspective Kerckhoff’s principle Requirements for

information security Confidentiality Data integrity Authentication Non-repuditation

Attacks on confidentiality Ciphertext only attack Plaintext only attack Chosen ciphertext attack Chosen plaintext attack Key-only attack

Convention

Plaintext alphabet and ciphertext alphabet

A B C D E F G H I J K L M

0 1 2 3 4 5 6 7 8 9 10 11 12

N O P Q R S T U V W X Y Z

13 14 15 16 17 18 19 20 21 22 23 24 25

Modular Arithmetic

Modulo arithmetic Modulus m “Clock”-like arithmetic – numbers “wrap around”

after reaching m Calculate in the world of remainders modulo m

2 = 14 mod (12) 26 = 0 (mod 26) 7*11 ≡ 77 (mod 5) ≡ 2 (mod 5) ≡ 2 * 1 (mod 5) -5 (mod 11) ≡ 6 (mod 11)

Monoalphabetic Substitution

Each letter is replaced by another letter from the alphabet

Key: 1-1 mapping of letters How many keys are

there?

Various flavors Shift cipher Affine cipher Atbash Kama-sutra cipher

Shift Cipher

Substitution cipher Key k N Formula:

y = (x + k) mod 26 26 size of the alphabet

Cryptanalisis? Brute force!

Popular culture 2001: Space Odyssey HAL 9000

Shift Cipher


y = (x + k) mod 26 26 size of the alphabe


Popular culture 2001: Space Odyssey HAL 9000

A B

B C

C D

D E

E F

F G

G H

H I

I J

J K

K L

L M

M N

Shift Cipher


y = (x + k) mod 26 26 size of the alphabe


Popular culture 2001: Space Odyssey IBM 9000

A B

B C

C D

D E

E F

F G

G H

H I

I J

J K

K L

L M

M N

Affine Cipher

Substitution cipher Key (, ) Formula:

y = (x + ) mod 26

How to select keys? Cryptanalysis?

A 0

B 1

C 2

D 3

E 4

F 5

G 6

H 7

I 8

J 9

K 10

L 11

M 12

N 13

O 14

P 15

Q 16

R 17

S 18

T 19

U 20

V 21

W 22

X 23

Y 24

Z 25

General Substitution Cipher

Key Permutation of the alphabet Large key space!

… but not used efficiently! Does not hide various properties of the underlying

text!

General Substitution Cipher

Key Permutation of the alphabet Large key space!

… but not used efficiently! Does not hide various properties of the underlying

text!

How to attack a substitution cipher? Frequency attack

Digrams, trigrams

“fingerprint” of a language

Frequency Attack

Frequencies of letters Letters appear with

different frequencies in natural texts

Exceptions: Gadsby by E.V. Wright Disparation by George

Perec (A Void, translation G. Adair)

Breaking substitution ciphers

A 0.082 N 0.067

B 0.015 O 0.075

C 0.028 P 0.019

D 0.043 Q 0.001

E 0.127 R 0.060

F 0.022 S 0.063

G 0.020 T 0.091

H 0.061 U 0.028

I 0.070 V 0.010

J 0.002 W 0.023

K 0.008 X 0.001

L 0.040 Y 0.020

M 0.024 Z 0.001

Frequencies vs Subst’n Cipher

Shift and affine cipher usually enough to locate ‘E’

gives the key for affine cipher: One more

letter can be helpful

Full substitution cipher Might need digram and

trigram frequencies

A 0.082 N 0.067

B 0.015 O 0.075

C 0.028 P 0.019

D 0.043 Q 0.001

E 0.127 R 0.060

F 0.022 S 0.063

G 0.020 T 0.091

H 0.061 U 0.028

I 0.070 V 0.010

J 0.002 W 0.023

K 0.008 X 0.001

L 0.040 Y 0.020

M 0.024 Z 0.001

Example: Shift Cipher

The following frequencies were found: Count the letters Normalize the frequencies Compare to the natural one

A : 27B : 6C : 5D : 12E : 14F : 1G : 2H : 8I : 5J : 14K : 16L : 5M : 2

N : 13O : 14P : 19Q : 6R : 3S : 5T : 0U : 4V : 0W : 17X : 4Y : 6Z : 8


There are 216 letters Divide counts by 216 A : 0.125

B : 0.027C : 0.023D : 0.055E : 0.064F : 0.004G : 0.009H : 0.037I : 0.0231J : 0.064K : 0.074L : 0.023M : 0.009


There are 216 letters Divide counts by 216

Compare to natural frequencies Natural guess: shift 4 Others plausible

shift

A : 0.125B : 0.027C : 0.023D : 0.055E : 0.064F : 0.004G : 0.009H : 0.037I : 0.0231J : 0.064K : 0.074L : 0.023M : 0.009

A : 0.082B : 0.015C : 0.028D : 0.043E : 0.127F : 0.022G : 0.02H : 0.061I : 0.07J : 0.002K : 0.008L : 0.04M : 0.024


There are 216 letters Divide counts by 216

Compare to natural frequencies Natural guess: shift 4 Others plausible

shift -2 but the rest of frequencies

mismatch

A : 0.125B : 0.027C : 0.023D : 0.055E : 0.064F : 0.004G : 0.009H : 0.037I : 0.0231J : 0.064K : 0.074L : 0.023M : 0.009

A : 0.082B : 0.015C : 0.028D : 0.043E : 0.127F : 0.022G : 0.02H : 0.061I : 0.07J : 0.002K : 0.008L : 0.04M : 0.024

Dot-Product Method

Treat the list of frequencies as vector A0 – list of frequencies

Ai – list of frequencies shifted by i

Example A0 = ( 0.82, 0.015, 0.028, 0.043, ... )

A2 = ( 0.20, 0.001, 0.082, 0.015, ... )

Dot-product Ai · Aj multiply elements position wise and add

Dot-Product Method

Property Ai · Aj largest when i = j

Method Compute frequency vector W for our text

W approximates some Aj

Compute W · Ai for each i Shift is the i that maximizes the value

Vigenere Cipher

How to make the shift cipher more difficult to break? Problem: each letter shifted by the same

ammount Solution: pick different shifts for different letters!

Vigenere cipher A sequence of shift ciphers

Vigenere Cipher

Key a vector (k1, ..., kn)

each ki is a letter (or equivalently, a small integer)

Cipher: plaintext: x1x2... xm

ciphertext: yj = xj + kj mod n (mod 26)

Vigenere Cipher: Cryptanalisis

Known ciphertext attack dljhswbesidtyjfcqpjhrxfmdxipdabhordg

itutnzfgiibhspzjcmovdlfkskfcovfrstitbeosdlbigixxvpugixpqbibzsruwogmpcwsdyqkjcxudcifwyafpccuwswjh

Finding the key: Find the key length displacement method Break a sequence of shift ciphers

Displacement Method

dljhswbesidtyjfcqpjhrxfmdxipdabhordgitutnzfgiibhsp dljhswbesidtyjfcqpjhrxfmdxipdabhordgitutnzfgiibhsp

3 matches


6 matches


0 matches


7 matches

Vigenere Cipher: Cryptanalisis

After we get the key length Break a series of shift ciphers...

... but we just have a sample of English letters for each cipher.

Example:

with key length 6, for each cipher we get every 6th letter of the message

Can still match the frequencies dot-product method

Unbreakable cipher

Is it possible to create an unbreakable cipher?

Unbreakable cipher

Is it possible to create an unbreakable cipher?

One-time pad Plaintext: x1x2x3 ... xn

Random string: b1b2b3 ... bn

Ciphertext:yi = xi bi

Cryptanalisis? Applications?

This message is completely unreadable. I have encrypted it with the toughest cipher ever, one-time pad. TWICE!

-- found in a cryptography discussion on the internet

One-Time Pad Keys

Generate random sequence

Hardware generators Thermal noise from a semiconductor device Random fluctuations in disk sector latency times Etc.

Software generators Deterministic Initiated „randomly”

System clock Elapsed time between keystrokes Etc.

Pseudorandom Numbers

Linear congruential generator xi = axi-1 + b (mod m) Dangerous for cryptography!

Blum-Blum-Shub generator xi = xi-1

2 (mod n)

ui = xi (mod 2)

Many others...

Cryptography

Documents

Transcript of Cryptography