You are on page 1of 72

Cryptography /Computer Security

Classical Cryptography

Background
Information Security requirements have changed in recent times traditionally provided by physical and administrative mechanisms computer use requires automated tools to protect files and other stored information use of networks and communications links requires measures to protect data during transmission

Cryptography -Lect-01

Definitions
Computer Security - generic name for the collection of tools designed to protect data and to thwart hackers. Network Security - measures to protect data during their transmission Internet Security - measures to protect data during their transmission over a collection of interconnected networks.

Cryptography -Lect-01

Security
Definition (Cambridge Dictionary of English)
Ability to avoid being harmed by any risk, danger or threat

therefore, in practice, an impossible goal . What can we do then?


Be as secure as needed Ability to avoid being harmed too much by reasonably predictable risks, dangers or threats .
Cryptography -Lect-01 4

Security Goals
Security Goal : Confidentiality: Confidentiality is the term used to prevent the discloser the information to unauthorized access. Integrity : Integrity means that changes need to be done only by an unauthorized entity. Availability : Available the information resources.

Overall distribution of cyber security incidents and events for fiscal year 2009 first quarter (FY09 Q1)

Source : www.us-cert.gov

Cryptography -Lect-01

Which country has the most infected computers (October 2009)

Source http://www.net-security.org/

Cryptography -Lect-01

Aspect of Information Security


Every business has confidential information. Business would demand confidence, privacy, reliability and protection at all time. There are three aspect which are related to the information security: 1. Security threat & attack 2. Security Services. 3. Security mechanism

Security threats &Attacks


Any action which leads to compromise the security of information is called security attack. Such attacks must be planned efforts.

Fabrication Modification Environmental Attack Interruption

Waste

Data tapping

Computer Virus Malicious leakage

Data / Information thread

Unauthorized access
Abuse Theft Disclosure

Fraud

Damage due to breakage

Classification of threat
There are four type of threats : > Physical threat > Accidental Error > Unauthorized access > Malicious Misuse

Cont.
Security Attack may be classified as: 1. Active Security attacks. 2. Passive security attacks. Active Attack : An active attack may change the data or harm the system. Attack that threaten the integrity and availability are active attack.
Active Threats

Replay attack

Modification

DoS

Masquerade

Network Security

Passive Attack: The attackers goal is just obtain the information. This attack threaten the confidentiality of data or information. 1. Release of message contents 2. Traffic analysis - Location and Identity of host - Frequency of messages -length of messages generally transmitted - Guessing of nature of information exchanged between the hosts.
Passive threats
Interception of Information

Cont.

Release of Message contents

Traffic Analysis

Data/Information Security

Passive Vs Active attack


Passive attacks are more dangerous because they are not known. The only remedy to struggle this attacks is prevention rather then detection. Opposite to the passive attack, active attacks require physical protection, detection, recovery from their effects such as interruption, loss, modification or delay etc.

Security Services
International Telecommunication Union-Telecommunication Standardization Sector (ITU-T) divides the security services in to five categories : 1. Data confidentiality - Connection confidentiality - Connectionless Confidentiality - Selective field confidentiality - Traffic flow confidentiality. 2. Data Integrity 3. Authentication - Entity Authentication (Used in association with a logical connection to provide confidence in the identity of the entities connected) - Data origin Authentication(In e connection less transfer that the source of received data is as claimed) 4. Non-repudiation 5. Access Control

Security Mechanism
The security mechanism is designed to implement the security services. ITU-T defines the security mechanism in to two part: 1. Specific Security Mechanism - Encipherment - Digital Signature - Access Control - Data Integrity - Authentication Exchange - Traffic Padding - Routing Control - Notarization 2. invasive Security Mechanism - Trusted Functionality - Security Level - Event Detection - Security Audit trial

Relationship between the security services and mechanism


Service
Peer Entity Auth. Data Origin Auth. Access Control Confidenti ality Y Encipherment Y Digital Signature Y Access Control Data Integrity Auth. Exchange Y Traffic Padding Routing Control Notarizati -on

Y Y

Traffic Flow con


Data Integrity Nonrepudiation Availabilit y

Y
Y Y Y Y Y

Cryptography
Cryptography is the study of secret (crypto-) writing (-graphy) Concerned with developing algorithms which may be used to: cover up the context of some message from all except the sender and recipient (privacy or secrecy), and/or Verify the correctness of a message to the recipient (authentication or integrity) It is referred to the science and art of transforming messages to make them secure and resistant to attack. It basically divided in to two types: > Symmetric Key Encipherment > Asymmetric Key Encipherment
Cryptography -Lect-01 17

Purpose of Cryptography
Secure stored information Secure transmitted information

Cryptography -Lect-01

18

Services Provided by Cryptography


Confidentiality
provides privacy for messages and stored data by hiding

Message Integrity
provides assurance to all parties that a message remains unchanged

Non-repudiation
Can prove a document came from X even if X denies it

Authentication
identifies the origin of a message verifies the identity of person using a computer system

Cryptography -Lect-01

19

Basic Terminology
Cryptography
The art or science encompassing the principles and methods of transforming message an intelligible into one that is unintelligible, and then retransforming that message back to its original form

Plaintext
The original intelligible message

Ciphertext
The transformed message

Cipher
An algorithm for transforming an intelligible message into one that is meaningless by transposition and/or substitution methods

Key
Some critical information used by the cipher, known only to the sender & receiver
Cryptography -Lect-01 20

Basic Terminology contd..


Encipher (encode)
Process of converting plaintext to ciphertext using a cipher and a key

Decipher (decode)
The process of converting ciphertext back into plaintext using a cipher and a key

Cryptanalysis (codebreaking)
The study of principles and methods of transforming an unintelligible message back into an intelligible message without knowledge of the key.

Cryptology
The field encompassing both cryptography and cryptanalysis

Cryptography -Lect-01

21

Basic Terminology contd.


Encryption
The mathematical function mapping plaintext to ciphertext using the specified key: Y = EK(X) or E(K, X)

Decryption
The mathematical function mapping ciphertext to plaintext using the specified key: X = DK(Y) or D(K, X) = EK-1(Y)

Cryptography -Lect-01

22

Basic Terminology contd.


Cryptographic system (Cryptosystem)
A cryptosystem is a five-tuple (P, C, K, E, D), where following conditions are satisfied :

1. P is a finite set of possible plaintexts


2. C is a finite set of possible ciphertexts 3. K, the keyspace, is a finite set of possible keys 4. For each K K, there is an encryption algorithm EK E and a corresponding decryption algorithm DK D.

Cryptography -Lect-01

23

Simplified Conventional Encryption Model

Requirements
1. Strong encryption algorithm 2. Share of the secret key in a secure fashion

Kerchhoffs Principle

Conventional
Secret-Key ( Public-Key) Single-Key ( Two-Key) Symmetric ( Asymmetric)
Cryptography -Lect-01

Encryption algorithms being used should be assumed to be publicly known and the security of the algorithm should reside only in the key chosen
24

Conventional Cryptosystem Model

Cryptography -Lect-01

25

Cryptanalysis (from the Greek krypts, "hidden", and analein, "to loosen" or "to untie") is the study of methods for obtaining the meaning of encrypted information, without access to the secret information that is normally required to do so. Cryptanalysis refers to the study of ciphers, ciphertext, or cryptosystems (that is, to secret code systems) with a view to finding weaknesses in them that will permit retrieval of the plaintext from the ciphertext, without necessarily knowing the key or the algorithm. This is known as breaking the cipher or cryptosystem.

Cryptanalysis

Exhaustive Key Search


Brute-force attack Always theoretically possible to simply try every key Most basic attack, directly proportional to key size Assume either know or can recognize when plaintext is found

Average Time Required for Exhaustive Key Search

Substitution Techniques

Classical Encryption Techniques


Monoalphabetic Substitution Polyalphabetic Substitution Homophonic Substitution Polygraphic Substitution

Transposition (Permutation) Techniques


Keyless Transposition Cipher Keyed Transposition Cipher

Product Techniques
Substitution and transposition ciphers are concatenated
Cryptography -Lect-01 28

Substitution cipherformal definition


A substitution technique is one in which the letters of plaintext are replaced by other letters or by the number or symbols. If the plaintext is viewed as a sequence of bit, then substitution involves replacing bit pattern with cipher bit pattern.

Let P and C Z26 , K, consists of all possible permutations of the 26 symbols 0,1, , 25 ( or a,b,,z). For each permutation K, , define
e(x) = (x)

and
d(y) = -1(y)
(-1 is the inverse permutation of )
Cryptography -Lect-01 29

Substitution cipherexample
Given following random permutation ,
a|b|c|d|e|f|g|h|i|j|k|l|m|n|o|p|q|r|s|t|u|v|w|x|y|z X| N| Y| A| H| P| O| G| Z|Q| W|B| T | S | F| L| R| C |V|M|U |E | K | J | D | I

Thus e(a) = X, e(b) = N, etc. Correspondingly, d(X) = a, d(N) = b, d(A) = d, d(B) = l, etc. Given plaintext: cryptography
The ciphertext: YCDLMFOCXLGD

Cryptography -Lect-01

30

Substitution cipher -- security


Question: what is the key space?

A key is a permutation of 26 letters, so 26! permutations, i.e., more than 4.0 1026 . Thus exhaustive key search is infeasible.

However, using frequency analysis, substitution cipher is easily broken. Question: what is the relationship between shift and substitution cipher?
Shift cipher is a special case of substitution cipher which includes only 26 of 26! possible permutations.

Cryptography -Lect-01

31

Monoalphabetic Substitution Ciphers


In monoalphabetic cipher, a character or symbol in the plaintext always changed to same character or symbol in the cipher text regardless of its position in the text. Plain: abcdefghijklmnopqrstuvwxyz Cipher: DEFGHIJKLMNOPQRSTUVWXYZABC
Key size = 26 Unique mapping of plaintext alphabet to ciphertext alphabet For a long time thought secure, but easily breakable by frequency analysis attack. There are four types of monoalphabetic Substitution cipher:

- Additive Cipher - Shift Cipher - caesar Cipher - Affien Cipher


Cryptography -Lect-01 32

Relative Frequency of Letters in English Text

Cryptography -Lect-01

33

Additive Cipher
The simplest monoalphabetic cipher is additive cipher. This cipher some times called a shift cipher or Caesar cipher. In this cipher plain text consist of lower case letters and the cipher text consist of upper case letters. Each character assigned an integer from 0 to 25. The secret key K is also an integer between 0 to 25.

Encryption: C= (P+K) mod 26 Decryption: P= (C-K) mod 26

Shift cipherformal definition


Let P = C = K, = Z26 , for 0 K 25, define
eK(x) = x + K mod 26

and
dK(y) = y - K mod 26
(x, y Z26 )

Cryptography -Lect-01

35

Shift cipher -- security


Two basic properties for a cryptosystem:

1. Each encryption function eK and each decryption dK should be efficiently computable. 2. An opponent upon seeing a ciphertext string y, should be unable to determine the key K that was used, or the plaintext string x.
Question: is shift cipher secure? Of course NOT, since there are only 26 possible keys, it is easy to be broken by exhaustive key search or by frequency analysis. Example: JBCRCLQRWCRVNBJENBWRWN

Plaintext: astitchintimesavesnine (K=9)


On average, a plaintext will be computed after trying 26/2=13 times.
Cryptography -Lect-01 36

Caesar Cipher
The Caesar cipher involves replacing each letter of the alphabet with the three places fuether down the alphabet. No key, just one mapping (translation) 0123456... Plain: abcdefghijklmnopqrstuvwxyz Cipher: DEFGHIJKLMNOPQRSTUVWXYZABC 3456789... ci=E(3,pi)=(pi+3) mod 26; pi=D(3,ci)=(ci-3) mod 26

Cryptography -Lect-01

37

Basic Mathnumber theory


Integers: Z ={,-3,-2,-1,0,1,2,3,} Natural number: Zn={0,1,,n-1} Greatest common divisor: d=gcd(a,b)
e.g., gcd(21,26)=1, gcd(6,26)=2.

If gcd(a,b) =1, then a and b are co-prime, or a is relatively prime to b.

Cryptography -Lect-01

38

Also a special case of substitution cipher

Affine cipher--introduction

Encryption function: e(x) = y = (ax+b) mod 26


Decription function : d(y) = x = a-1 (y-b) mod 26 where a, b are keys Z26 and gcd(a, 26) =1. a-1 is the multiplicative inverse of key a and b is the additative inverse of key b

Why gcd(a, 26) =1? when gcd (a, 26) =1, ax = (y b) mod 26 has a unique solution x, i.e., x = a-1(y - b) mod 26. That is to say: given ciphertext y, decrypt y to get plaintext x by computing a-1(y - b) mod 26.
Cryptography -Lect-01 39

Basic Math-number theory


Theorem: the congruence ax b mod m has a
unique solution x Zm for each b Zm if and only if gcd(a, m) = 1. there exists a unique element Zm , denoted by a-1, such that aa-1 a-1a 1 mod m. a-1 is called the multiplicative inverse of a.

Theorem: suppose a Zm and gcd(a, m) = 1. Then

Cryptography -Lect-01

40

Affine Cipher
ci=E(k,pi)=(k1pi+k2) mod 26; gcd(k1,26)=1 pi=D(k,ci)=(k1-1(ci-k2)) mod 26 Key k = (k1,k2) Number of keys = (26) x 26 = 12 x 26 = 312 (m):= the number of integers in Zm that are relatively prime to m k1{1,3,5,7,9,11,15,17,19,21,23,25}
Caesar/Shift ciphers are special cases of affine ciphers
Cryptography -Lect-01 41

Affine ciphersecurity
In Z26 , 1, 3, 5, 7, 9, 11, 15, 17, 19, 21, 23 and 25 are relatively prime to 26.
1-1 = 1, 3-1 = 9, 5-1 = 21, 7-1 = 15, ., 25-1 = 25

Therefore Affine cipher has 12 26 = 312 possible keys. (Of course this is much too small to be secure)

Cryptography -Lect-01

42

Basic Math-number theory


Theorem: suppose m = i=1 piei , where the pis are distinct primes and ei > 0, then the number of integers in Zm that are relatively prime to m, denoted n by (m), is (m)= i=1 (piei - piei-1 ). (m) is called Euler phi-function or Euler totient function . 26=213= 21131,
(26)=(21 -20)(131- 130)=112=12
n

100= 2252 , (100)=(22 -21)(52- 51)=2 20=40 |Zn*|= (n)

Cryptography -Lect-01

43

Affine cipherexample
Suppose K=(7,3) then
eK(x)= (7x+3) mod 26 dK(y)= 15y-19 mod 26 (i.e., 7-1(y-3) mod 26)

Check dK(eK(x))=x Given plaintext: hot Get ciphertext: AXG

Cryptography -Lect-01

44

Example (S. Singh, The Code Book, 1999)


Ciphertext PCQ VMJYPD LBYK LYSO KBXBJXWXV BXV ZCJPO EYPD KBXBJYUXJ LBJOO KCPK. CP LBO LBCMKXPV XPV IYJKL PYDBL, QBOP KBO BXV OPVOV LBO LXRO CI SX'XJMI, KBO JCKO XPV EYKKOV LBO DJCMPV ZOICJO BYS, KXUYPD: 'DJOXL EYPD, ICJ X LBCMKXPV XPV CPO PYDBLK Y BXNO ZOOP JOACMPLYPD LC UCM LBO IXZROK CI FXKL XDOK XPV LBO RODOPVK CI XPAYOPL EYPDK. SXU Y SXEO KC ZCRV XK LC AJXNO X IXNCMJ CI UCMJ SXGOKLU?' OFYRCDMO, LXROK IJCS LBO LBCMKXPV XPV CPO PYDBLK

Any Guesses???
45

Frequency Analysis
Identyfying comon letters, digrams and trigrams...
PCQ VMJYPD LBYK LYSO KBXBJXWXV BXV ZCJPO EYPD KBXBJYUXJ LBJOO KCPK. CP LBO LBCMKXPV XPV IYJKL PYDBL, QBOP KBO BXV OPVOV LBO LXRO CI SX'XJMI, KBO JCKO XPV EYKKOV LBO DJCMPV ZOICJO BYS, KXUYPD: 'DJOXL EYPD, X LBCMKXPV XPV CPO PYDBLK Y BXNO ZOOP JOACMPLYPD LC UCM LBO IXZROK CI FXKL XDOK XPV LBO RODOPVK CI XPAYOPL EYPDK. SXU Y SXEO KC ZCRV XK LC AJXNO X IXNCMJ CI UCMJ SXGOKLU?' OFYRCDMO, LXROK IJCS LBO LBCMKXPV XPV CPO PYDBLK

First guess: LBO is THE

46

Frequency Analysis
Assuming LBO represents THE we replace L with T, B with H, and O with E and get PCQ VMJYPD THYK TYSE KHXHJXWXV HXV ZCJPE EYPD KHXHJYUXJ THJEE KCPK. CP
THE THCMKXPV XPV IYJKT PYDHT, QHEP KHO HXV EPVEV THE LXRE CI SX'XJMI, KHE JCKE XPV EYKKOV THE DJCMPV ZEICJE HYS, KXUYPD: 'DJEXT EYPD, ICJ X LHCMKXPV XPV CPE PYDHLK Y HXNE ZEEP JEACMPTYPD TC UCM THE IXZREK CI FXKL XDEK XPV THE REDEPVK CI XPAYEPT EYPDK. SXU Y SXEE KC ZCRV XK TC AJXNE X IXNCMJ CI UCMJ SXGEKTU?' EFYRCDME, TXREK IJCS THE LHCMKXPV XPV CPE PYDBTK

More guesses?

47

Code
X Z A V O I D B Y G E R S P C F H J K L M N Q T U W A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

Plaintext Now during this time Shahrazad had borne King Shahriyar three sons. On the thousand and first night, when she had ended the tale of Ma'aruf, she rose and kissed the ground before him, saying: 'Great King, for a thousand and one nights I have been recounting to you the fables of past ages and the legends of ancient kings. May I make so bold as to crave a favour of your majesty? Epilogue, Tales from the Thousand and One Nights
48

Frequency Statistics of Language


In addition to the frequency info of single letters, the frequency info of two-letter (digram) or three-letter (trigram) combinations can be used for the cryptanalysis Most frequent digrams
TH, HE, IN, ER, AN, RE, ED, ON, ES, ST, EN, AT, TO, NT, HA, ND, OU, EA, NG, AS, OR, TI, IS, ET, IT, AR, TE, SE, HI, OF

Most frequent trigrams


THE, ING, AND, HER, ERE, ENT, THA, NTH, WAS, ETH, FOR, DTH
Cryptography -Lect-01 49

Polyalphabetic Cipher
In polyalphabetic ciphers, each occurrence of a character may have different substitute. The relationship between a character in the plaintext to a character in the plaintext to a character in the ciphretext is one-to-many.
Typically a set of monoalphabetic substitution rules is used There are five type of polyalphebetic cipher: Auto key cipher Playfier cipher Hill cipher Vigenere cipher One time pad (vernam cipher)

Cryptography -Lect-01

50

Auto key cipher--example


In this cipher, the key is a stream of subkeys, in which each subkey is used to encrypt the corresponding character in the plaintext. The first subkey is predetermined and secret. The second subkey is the value of first plain text character. The third subkey is the value of second plain text character. Encryption function : Ci = (Pi+ki) mod 26 Decryption function : Pi = (Ci-ki) mod 26 Example : Consider the plaintext is attack is today and initial secret key is 12. What will be the ciphetext? Attack on auto key cipher : The auto key cipher definitely hides the single letter frequency statistic of the plain text. The first subkey can be only one value of 25. So brute-force attack can easily break it.
Cryptography -Lect-01 51

Playfair Cipher
Best-known multiple-letter substitution cipher Digram cipher (digram to digram, i.e., E(pipi+1) = cici+1 through keyword-based 5x5 transformation table) M O N A R
Keyword = monarchy
C E L U H F P V Y G Q W B I/J S X D K T Z

Plaintext: H S E A A R M U Ciphertext: B P I M R M C M

Great advance over simple monoalphabetic cipher (26 letters 26x26=676 digrams) Still leaves much of the structure of the plaintext language relatively easy to break
Cryptography -Lect-01 52

Encrypting and Decrypting


plaintext is encrypted two letters at a time
1. if a pair is a repeated letter, insert filler like 'X 2. if both letters fall in the same row, replace each with letter to right 3. if both letters fall in the same column, replace each with the letter below it 4. otherwise each letter is replaced by the letter in the same row and in the column of the other letter of the pair

Cryptography -Lect-01

53

Security of Playfair Cipher


security much improved over monoalphabetic since have 26 x 26 = 676 digrams would need a 676 entry frequency table to analyse (verses 26 for a monoalphabetic) . was widely used for many years
eg. by US & British military in WW1

it can be broken, given a few hundred letters since still has much of plaintext structure

Cryptography -Lect-01

54

Hill cipher -- introduction


Another polyalphabetic cipher. Invented in 1929 by Lester S. Hill. Let m be an positive integer, and let P = C (Z26)m First divide the characters in plaintext into blocks of m characters, take m linear combinations of the m characters, thus producing the m characters in ciphertext.

Cryptography -Lect-01

55

Hill cipher -- example


Suppose m=2, a plaintext element is written as x=(x1,x2) and a ciphertext element as y=(y1,y2). Here y1 would be a linear combination of x1 and x2, as would y2. Suppose we take: y1=(11x1 + 3x2) mod 26 y2=(8x1 + 7x2) mod 26 then y1 and y2 can be computed from x1 and x2 We can write the above computations in matrix notation:

(y1, y2) = (x1, x2) 11 8 3 7

) ( )
56

or y = xK where y=(y1, y2) , x=(x1, x2), and K= 11 8 3 7 Assume all operations are performed by modulo 26.
Cryptography -Lect-01

Hill cipher example


Example 1.5, suppose key is:

K=

11 8 3 7

then

K-1=

7 18 23 11

Given plaintext: july , the ciphertext is: On the other hand, from DELW, we can get july.

DELW

Cryptography -Lect-01

57

Hill cipher algebra foundation


1. Determinant of a matrix A, denoted by det A : -- if A(aij) is 22, then det A =a11a22 a12a21 -- if A(aij) is 33, then det A =a11a22a33 + a12a23a31 + a13a21a32 - a13a22a31 - a12a21a33 - a11a23a32 k11 k12 k21 k22

2. Theorem: suppose

K=

with kij

Z26

Then K has an inverse if and only if det K is invertible in if and only if gcd(det K, 26)=1 Moreover, K-1=(det K)-1

Z26

k22 -k12 -k21 k11

Where det K = k11k22 k12k21

compute the inverse matrix of example 1.5.

Cryptography -Lect-01

58

Hill Cipher
Multi-letter cipher Takes m successive plaintext letters and substitutes for them m ciphertext letters c1 = (k11p1 + k12p2 + k13p3) mod 26 3x3 Hill cipher:

K=

k11 k12 k13 k21 k22 k23 k31 k32 k33

c2 = (k21p1 + k22p2 + k23p3) mod 26 c3 = (k31p1 + k32p2 + k33p3) mod 26

C = EK(P) = KP ; P = DK(C) = K-1C = K-1KP = P m x m Hill cipher hides (m-1)-letter frequency info Strong against for the ciphertext-only attack, but easily broken with known plaintext attack
with m plaintext-ciphertext pairs, each of length m; K = CP-1
Cryptography -Lect-01 59

Vigenere cipher--introduction
In substitution ciphers, once a key is chosen, each character in the plaintext is constantly mapped into a unique character in ciphertext, called monoalphabetic cryptosystems. If the same character at different locations in plaintext is mapped into different characters in ciphertext, called polyalphabetic cryptosystems. Vigenere cipher is a kind of polyalphabetic cipher: Each key consists of m characters, called keyword. Encrypt m characters at a time, i.e., each plaintext element is equivalent to m characters.

Cryptography -Lect-01

60

Vigenere cipherformal definition


Let m be an positive integer.
Define P = C = K,= (Z26)m. For each K= (k1,k2,,km), define eK(x1,x2,,xm) = (x1+ k1, x2+ k2,, xm+ km) and dK(y1,y2,,ym) = (y1- k1, y2- k2,, ym- km) Where all operations are performed in Z26, i.e, mod 26..

Cryptography -Lect-01

61

Vigenere cipherexample
Suppose m=6 and keyword = CIPHER Given plaintext:
thiscryptosystemisnotsecure

The ciphertext will be


VPXZGIAXIVWPUBTTMJPWIZITWZT

On the contrary, subtract the keyword from ciphertext to get the plaintext.

Cryptography -Lect-01

62

Security of Vigenre Ciphers


have multiple ciphertext letters for each plaintext letter hence letter frequencies are masked but not totally lost start with letter frequencies
see if look monoalphabetic or not

if not, then need to determine number of alphabets, since then can attach each
Cryptography -Lect-01 63

Vigenere ciphersecurity
Question: what is the key space? Suppose the keyword length is m. There are total 26m possible keys. Suppose m=5, then 265 = 1.1 107 , which is large enough to preclude exhaustive key search by hand. However, we will see that there will be a systemic method to break Vigenere cipher. Finding the length of key. (Kasiski test) Finding the key itself. We see that one character could be mapped into m different characters when the character is in m different positions.

Cryptography -Lect-01

64

One-Time Pad
Perfect substitution cipher Improved Vernam cipher Use a random key (pad) which is as long as the message, with no repetitions.
Key distribution is a problem Or, random key stream generation is a problem

With such key, plaintext and ciphertext are statistically independent Unconditionally secure (Unbreakable)

Cryptography -Lect-01

65

Transposition (Permutation) Techniques


A transposition cipher does not substitute one symbol for another, instead it changes the location of the symbol. A very different kind of mapping is achieved by performing some sort of permutation on the plaintext letters. A symbol in the 1st position of the plaintext may appear in the 10th position of the ciphertext. This may be two types: - Keyless transposition cipher - Keyed transposition cipher

Cryptography -Lect-01

66

Keyless Transposition Techniques

Hide the message by rearranging the letter order without altering the actual letters used Rail Fence Cipher(Column by Column -> Row by Row)
Write message on alternate rows, and read off cipher row by row Example:

M e m a t r h t g p r y e t e f e t e o a a t Row by Row->Column by Column

MEMATRHTGPRYETEFETEOAAT

Message is written in rectangle, row by row, but read off column by column; The order of columns read off is the key Example:

m
m t a

e
e h r

e
a e k

t
t p

Read it column wise : MMTAEEHREAEKTTP


Cryptography -Lect-01 67

Keyed Transposition Cipher


The keyless cipher permute the characters by using writing plaintext in one way and reading it in another way. In the keyed cipher, the plaintext is divide into groups of predetermined size, called blocks, then use a key to permute the character in each block separately. Example: Suppose the key is,
3
Encryption 1

1
2

4
3

5
4

2
5

Decryption

And the plaintext is Enemy attacks tonight . What will be the ciphertext ??

Rotor Machines used in WWII; Mechanical cipher machines, extensively


Germany (Enigma), Japan (Purple), Sweden (Hagelin)

Each rotor corresponds to a substitution cipher


A one-rotor machine produces a polyalphabetic cipher with period 26 Output of each rotor is input to next rotor After each symbol, the fast rotor is rotated

After a full rotation, the adjacent rotor is rotated (like odometer)


- An n rotor machine produces a polyalphabetic cipher with period 26n
Cryptography -Lect-01 69

The art of covered writing Covert channel or Security by obscurity Subliminal channel Hide messages in other messages Conceal the existence of message Conceal what you are communicating (Sending encrypted messages would make you a spy)
Character marking. Overwrite with a pencil Invisible ink, - Pin punctures, - First letter of each word Letter position on page, - Drawings, - Codes Typewriter correction ribbon Microdots

Steganography

Digital steganography Spread spectrum

Digital Watermarking
Cryptography -Lect-01 70

Steganography - Example
News Eight Weather: Tonight increasing snow. Unexpected precipitation Smothers Eastern towns. Be extremely cautious and use snowtires especially heading east. The highways are knowingly slippery. Highway evacuation is suspected. Police report emergency situations in downtown ending near Tuesday
First letter of each word yields: Newt is upset because he thinks he is President
This example was created by Neil F. Johnson, and was published in Steganography,Technical Report TR_95_11_nfj, 1995. URL: http://www.jjtc.com/pub/tr_95_11_nfj/

From WWII German spy (Kahn): Apparently neutrals protest is thoroughly discounted and ignored. Isman hard hit. Blockade issue affects pretext for embargo on by products, ejecting suets and vegetable Oils.
Cryptography -Lect-01 Second letter of each word yields: Pershing sails from NY June 1. 71

Thank you