Beruflich Dokumente
Kultur Dokumente
artorscienceconcerningtheprinciples,meansandmethodsforrendering
plaininformationunintelligibleandforrestoringencryptedinformationto
intelligibleform.NationalInformationSystemSecurityGlossary(NSTISSC)
plaintext
plaintext
ciphertext
ZXYCTHI
MESSAGE
encode/encipher
algorithm
MESSAGE
decode/decipher
algorithm
xaiettlnp
areadableformforamessage(e.g.Englishtext)
tcxiepthre
dcnoee
ascrambledversionofsomeplaintextmessageintendedto
protectthemessagesconfidentialityand/orintegrity
translatefromplaintexttociphertext
dceoed
translatefromciphertextbacktoplaintext
pihcenre
synonymforencode(technically,encodesasinglesymbol/character)
pihcdere
synonymfordecode(technically,decodesasinglesymbol)
niprnecyto
theactofencoding
niprdecyto
theactofdecoding
ysterocmptsyacollectionofalgorithmsforencryptionanddecryption
hpicer
aparticularcryptosystem
ytapopcghyrr
thestudyofcryptosystems(thescienceofsecretwriting)
plaintext
plaintext
ciphertext
ZXYCTHI
MESSAGE
encode/encipher
MESSAGE
decode/decipher
InverseFunction
Function
E(plaintext)=ciphertext
E1(ciphertext)=plaintext
EncryptionAlgorithm
Eachletter(Lp)isreplacedbytheletterfromthefollowingfunction:
E(Lp)=(Lp+3)mod26
lettersarenumberedfromzero(A0,B1,Z25)
Example
HIMOMSENDDOLLARS plaintext
KLPRPVHQGGROODUV ciphertext
DecryptionAlgorithm
Eachletter(Lc)isreplacedbytheletterfromthefollowingfunction:
D(L
c)=
SimpleCaesarCipher
E(Lp)=(Lp+3)mod26
GeneralizedCaesarCipher
ECaesar(Lp,k)=(Lp+k)mod26
Key
asequenceofrandomorpseudorandombitsusedinitiallytosetupandperiodically
changetheoperationsperformedincryptoequipmentforthepurposeofencrypting
ordecryptingelectronicsignals...NationalInformationSystemSecurityGlossary(NSTISSC)
SymmetricEncryption
plaintext
plaintext
ciphertext
encryptionalgorithm
decryptionalgorithm
AsymmetricEncryption
plaintext
plaintext
ciphertext
encryptionalgorithm
decryptionalgorithm
IstheCaesarCipher(keyedversion)symmetricorasymmetric?
rot13(Lp)=ECaesar(Lp,13)
Notethatrot13=rot131(i.e.rot13decodesanymessageencodedwithrot13)
Ingeneral,whatisDCaesar(Ln,k)intermsofECaesar(Ln,k)?
Encode
Decode
ECaesar(Lp,k)=(Lp+k)mod26
DCaesar(Lc,k)=
Symmetricencryptionisalsoknownas________keyencryption,
becausethekeymustbekeptprivatefrom
codebreaker
Cryptanalysis
operationsperformedinconvertingencryptedmessagesto
plaintextwithoutinitialknowledgeofthecryptoalgorithm
and/orkeyemployedintheencryption.
NationalInformationSystemSecurityGlossary(NSTISSC)
codebreaker
CommonCryptanalysisAttacks
AttackType
CryptanalysisKnowledge
ciphertextonly
encryptionalgorithm(lessthekey)
ciphertexttobedeciphered
knownplaintext
encryptionalgorithm(lessthekey)
ciphertexttobedeciphered
asegmentofplaintextwithcorrespondingciphertext
chosenplaintext
encryptionalgorithm(lessthekey)
ciphertexttobedeciphered
asegmentofplaintextselectedbycryptanalyst
withcorrespondingciphertext
HowdifficultiscryptanalysisonakeyedCaesarcipher?
substitution
Asubstitutioncipherformsciphertextfromreplacingplaintextbitpatterns
withotherbitpatterns.
Asimple(monoalphabetic)substitutionalwaysmapsthesamebitpatternconsistently.
Example(Caesarcipherwithkey=1)
E( )
ABCDEFGHIJKLMNOPQRSTUVWXYZ
BCDEFGHIJKLMNOPQRSTUVWXYZA
AnotherExample
Useawordaskey.Encodeusingwordfollowedbyremainingalphabet.
ABCDEFGHIJKLMNOPQRSTUVWXYZ
TURKEY
TURKEYABCDFGHIJLMNOPQSVWXZ
Cryptanalysisofthissecondexample?
D( )
Nonsequential
Thereisnothingtosuggestthatalphabeticorderingbeusedatall.(Whynot
useeverythirdletterinthealphabet?)
ABCDEFGHIJKLMNOPQRSTUVWXYZ
CFILORUXADGJMPSVYBEHKNQTWZ
Thereisaneedtouseaproperpermutation.Why?
Nonalphabetic
Computershavenoneedtousealphabetsbitstringsareeasier.
bruteforce(formonoalphabeticsubstitution)
Thereare26!simplesubstitutionciphersfromtheEnglishalphabet.
alphabeticfrequencycryptanalysis(CryptographyandDataSecurity,Denning,1982.)
Supposeyouknowonlythatthecipherusessometabularmonoalphabeticsubstitution.
14%
12%
10%
8%
6%
4%
2%
0%
Frequency
8 1.5 3
13
2 0.2 6.5 6
Digramsandtrigramscanbeanalyzedinsimilarfashion.
In1949Shannonproposedthefollowingcharacteristicsofagoodcipher:
1)Theamountofrequiredsecrecyshoulddeterminetheamountofencrypting/decryptingwork.
2)Thechoiceofkeysandtheencipheringalgorithmshouldbefreefromcomplexity.
3)Theimplementationoftheprocessshouldbeassimpleaspossible.
4)Errorsincipheringshouldnotpropagate,corruptingothermessageparts.
5)Thesizeoftheciphertextshouldbenolargerthanitscorrespondingplaintext.
Todayspriorities:
1)Theencryption/decryptionalgorithmmustbeproventobemathematicallysound.
2)Thealgorithmmusthavebeenanalyzedbyexpertsforitsvulnerability.
3)Thealgorithmmusthavestoodthetestoftime.
4)Timetoencode/decodemuststillbeacceptable.
(basisforwellknownpolyalphabeticsubstitutionciphers)
Tableau
ABCDEFGHIJKLMNOPQRSTUVWXYZ
a
b
c
d
e
f
g
h
i
j
k
l
m
n
o
ABCDEFGHIJKLMNOPQRSTUVWXYZ
BCDEFGHIJKLMNOPQRSTUVWXYZA
CDEFGHIJKLMNOPQRSTUVWXYZAB
DEFGHIJKLMNOPQRSTUVWXYZABC
EFGHIJKLMNOPQRSTUVWXYZABCD
FGHIJKLMNOPQRSTUVWXYZABCDE
GHIJKLMNOPQRSTUVWXYZABCDEF
HIJKLMNOPQRSTUVWXYZABCDEFG
IJKLMNOPQRSTUVWXYZABCDEFGH
JKLMNOPQRSTUVWXYZABCDEFGHI
KLMNOPQRSTUVWXYZABCDEFGHIJ
LMNOPQRSTUVWXYZABCDEFGHIJK
MNOPQRSTUVWXYZABCDEFGHIJKL
NOPQRSTUVWXYZABCDEFGHIJKLM
OPQRSTUVWXYZABCDEFGHIJKLMN
...
ZABCDEFGHIJKLMNOPQRSTUVWXY
Useastringaskey,repeatedly.Thekeylettersserveasrowindicesforenciphering.
Example
ABCDEFGHIJKLMNOPQRSTUVWXYZ
a
b
c
d
e
f
g
h
i
j
k
l
m
n
o
ABCDEFGHIJKLMNOPQRSTUVWXYZ
BCDEFGHIJKLMNOPQRSTUVWXYZA
CDEFGHIJKLMNOPQRSTUVWXYZAB
DEFGHIJKLMNOPQRSTUVWXYZABC
EFGHIJKLMNOPQRSTUVWXYZABCD
FGHIJKLMNOPQRSTUVWXYZABCDE
GHIJKLMNOPQRSTUVWXYZABCDEF
HIJKLMNOPQRSTUVWXYZABCDEFG
IJKLMNOPQRSTUVWXYZABCDEFGH
JKLMNOPQRSTUVWXYZABCDEFGHI
KLMNOPQRSTUVWXYZABCDEFGHIJ
LMNOPQRSTUVWXYZABCDEFGHIJK
MNOPQRSTUVWXYZABCDEFGHIJKL
NOPQRSTUVWXYZABCDEFGHIJKLM
OPQRSTUVWXYZABCDEFGHIJKLMN
...
ZABCDEFGHIJKLMNOPQRSTUVWXY
milkmilkmilkmilk
key=milk
HIMOMSENDDOLLARS
plaintext
Cryptanalysisofsuchacipher?
TQXYYAPXPLZVXICC
ciphertext
DesignedbyBritishscientistSitCharlesWheatstone(1854)andpromotedby
BaronPlayfairofSt.Andrews.
adualalphabeticsubstitutioncipher
usesakeyconsistingofastringofuniquecharacters(e.g.SECURITY)
EncryptionAlgorithm
1)Build5by5tablebeginningwithkeyfollowed
byremainingalphabet(combineI/J).
2)InsertXbetweenrepeatedlettersinplaintext.
(e.g.BALLOONbecomesBALXLOXON
SECUR
I/JTYAB
DFGHK
LMNOP
QVWXZ
3)Eachpairofletters(Lleft,Lright)frommodifiedplaintextisreplacedasfollows:
a)IfLleftinsamerowasLright,thenreplaceeachwithletterinnextcolumntoitsright.
(e.g.forpairFKsubstituteGD)
b)IfLleftinsamecolumnasLright,thenreplaceeachwithletterinrowbeneath.
(e.g.forpairVTsubstituteEF)
c)IfLleftandLrightindifferentrowsandcolums,thenreplaceeachwiththetable
letterfromitsownrowandtheotherletterscolumn.
(e.g.forpairUNsubstituteCO)
Example
HIMOMSENDDOLLARS
SECUR
I/JTYAB
DFGHK
LMNOP
QVWXZ
plaintext
HIMOMSENDXDOLXLARS
DANPLECMHQHLOQTBSE
ciphertext
Stillvulnerabletodigramandsinglecharacterfrequencyattacks.
ThestandardVignreciphercanbebrokenbyanalyzingtheperiodoftherepeatingkey.
OneTimePad
theinventionofanArmySignalCorpofficer,JosephMauborgne.
provablyunbreakable!
algorithm:aVignrecipherusingarandomkeyofinfinitelength.
Whatsthecatch?
Itispossibletouseabookcipherapadofkeythatareusedthendiscarded.
Anotheralternativeistouseatable(e.g.ofsinevalues)orabook.
Vernamcipher
CreatedbyGilbertVernam(BellLabs)
Usepapertape(teletype)todeliveranarbitrarilylongnonrepeatingsequenceofkeys.
Encode/decodebynumericfunctionratherthanVignretable.
Plaintext
Key
Symbol
Decimal
Bit String
82
01010010
15
00001111
Example1:useXORtoencodeanddecode.
EVernam(R,15) =010100100001111=
Example2:Encodewithadditionmod256.
EVernam(R,15) =(82+15)mod256=
WhatisDVernam(X,K)?
substituteortransposeorproduct
Asubstitutioncipherformsciphertextfromreplacingplaintextbitpatterns
withotherbitpatterns.
Atranspositioncipherformsciphertextfromrearrangingplaintextbitsequences.
Aproductcipherusesbothsubstitutionandtransposition.
streamorblock
Astreamciphertransformsplaintextonesmallsubsequence(bit,byte,letter)at
atime.
Ablockciphertransformsalargerunitsofplaintext(usually64or128bits).
RailFenceTransposition
Encipherbyarrangingplaintextintworows,asillustratedbelow.
HMMEDOLR
IOSNDLAS
plaintext(indiagonalrows)
HMMEDOLRIOSNDLAS
ciphertext
Arailfencecypheristrivialtocryptanalyze,muchlikeanCaesarcipher.
TabularTransposition
Arrangeplaintextrowbyrowin2Dgridandselectciphertextfromcolumns.
Useakeytodeterminecolumnorder.
35241 key
HIMOM
SENDD
OLLAR
S
MDRMNLHSOSODRIEL
plaintext(in5letterrows)
ciphertext
Thepriortabulartranspositionisstillextremelyvulnerabletoattackby
digramfrequencyanalysis.Arepeatedtranspositionimprovesthecipher.
35241 key
HIMOM
SENDD
OLLAR
S
plaintext(in5letterrows)
MDRMN
LHSOS
ODRIE
L
afterfirsttransposition
NSERSRMLOLMOIDHD
ciphertext
Cryptanalysisofsuchacipher?