1 / 27

Cryptography Part 1: Classical Ciphers

Cryptography Part 1: Classical Ciphers. Jerzy Wojdy ł o May 4, 2001. Overview. Classical Cryptography Simple Cryptosystems Cryptoanalysis of Simple Cryptosystems Shannon’s Theory of Secrecy Modern Encryption Systems DES, Rijndel RSA Signature Schemes. Cryptosystem.

Download Presentation

Cryptography Part 1: Classical Ciphers

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. CryptographyPart 1: Classical Ciphers Jerzy Wojdyło May 4, 2001

  2. Overview • Classical Cryptography • Simple Cryptosystems • Cryptoanalysis of Simple Cryptosystems • Shannon’s Theory of Secrecy • Modern Encryption Systems • DES, Rijndel • RSA • Signature Schemes Cryptography, Jerzy Wojdylo, 5/4/01

  3. Cryptosystem A cryptosystem is a five-tuple (P,C,K,E,D), where the following are satisfied: • P is a finite set of possible plaintexts • C isa finite set of possible ciphertexts • K, the keyspace, is a finite set of possible keys • KK, eKE (encryption rule), dKD (decryption rule). Each eK: PC and dK: CP are functions such that xP, dK(eK(x)) = x. Cryptography, Jerzy Wojdylo, 5/4/01

  4. Notation • English alphabet • Lower case: a, b, c,…, z for plaintext • Upper case: A, B, C,…, Z for ciphertext • For encryption and decryption algorithms, we will substitute letters a, b, c,…, z with numbers 0, 1, 2,…, 25. Cryptography, Jerzy Wojdylo, 5/4/01

  5. Classical Cryptography • Monoalphabetic CiphersOnce a key is chosen, each alphabetic character of a plaintext is mapped onto a uniquealphabetic character of a ciphertext. • The Shift Cipher (Caesar Cipher) • The Substitution Cipher • The Affine Cipher Cryptography, Jerzy Wojdylo, 5/4/01

  6. Classical Cryptography • Polyalphabetic CiphersEach alphabetic character of a plaintext can be mapped onto malphabetic characters of a ciphertext. Usually m is related to the encryption key. • The Vigenère Cipher • The Hill Cipher • The Permutation Cipher Cryptography, Jerzy Wojdylo, 5/4/01

  7. The Shift (Caesar) Cipher Let P = C = K = Z26. xP, yC, KK, define eK(x) = x + K (mod 26) and dK(y) = y - K (mod 26). Example on www. Cryptography, Jerzy Wojdylo, 5/4/01

  8. The Substitution Cipher Let P = C = Z26, let K =S26 xP, yC, K, define e(x) = (x) and d(x) = -1(x). • Example on www. Cryptography, Jerzy Wojdylo, 5/4/01

  9. The Affine Cipher Let P = C = Z26, let K ={(a, b)  Z26  Z26|gcd(a, 26) = 1}. xP, yC, KK, define eK(x) = ax + b (mod 26) and dK(y) = a-1(y – b) (mod 26). • Example on www. Cryptography, Jerzy Wojdylo, 5/4/01

  10. The Vigenère Cipher Let m Z+, let P = C = K = (Z26)m. For a key K = (k1, k2, ,…, km), we define eK (x1, x2, ,…, xm) = (x1+ k1, x2+ k2,…, xm + km) and dK (x1, x2, ,…, xm) = (x1–k1, x1 –k1,…, xm –km) where all operations are modulo 26. This is an example (www) of a block cipher. Cryptography, Jerzy Wojdylo, 5/4/01

  11. The Hill Cipher Let m Z+, let P = C = (Z26)m, let K = {mm invertible matrices over Z26}. For a key K, we define eK(x) = Kx (mod 26) and dK(y) = K-1y (mod 26). • Example MATLAB. Cryptography, Jerzy Wojdylo, 5/4/01

  12. The Permutation Cipher Let m Z+, let P = C = (Z26)m, let K =Sm. For a key (i.e. a permutation) π we define eπ(x1, x2, ,…, xm) = (xπ (1), xπ (2),…, xπ (m)) and dπ(y1, y2, ,…, ym)=(yπ-1(1), yπ -1 (2),…, yπ-1(m)) where π-1 is the inverse permutation to π. (The Hill Cipher, where K = a permutation matrix.) Cryptography, Jerzy Wojdylo, 5/4/01

  13. Cryptoanalysis • Kerchkhoff’s Principle: cryptosystem (the algorithm) is NOT secret, the key is secret. • Common attacks to obtain the key • Ciphertext-only • Known plaintext • Chosen plaintext • Chosen ciphertext Cryptography, Jerzy Wojdylo, 5/4/01

  14. Attack on a Shift Cipher • Ciphertext-only • Exhaustive search • 26 cases • Very insecure cipher Cryptography, Jerzy Wojdylo, 5/4/01

  15. Cryptoanalysis of a Monoalphabetic Cipher • Ciphertext-only attack • Letter frequencies the English language Cryptography, Jerzy Wojdylo, 5/4/01

  16. Attack on a Substitution Cipher • Insecure cipher, even though the number of possible keys is 26! = 403291461126605635584000000(approximately 4.0329·1026) • Letter frequencies calculator • www Cryptography, Jerzy Wojdylo, 5/4/01

  17. Attack on the Vigenère Cipher • Kasiski test (m, length of the key) • Fredrich Wilhelm Kasiski (1863) • Charles Babbage (1854, result remained secret) • Two identical segments of plaintext will be encrypted to the same ciphertext if their occurrence in the plaintext is x position apart, where x is a multiple of m. Cryptography, Jerzy Wojdylo, 5/4/01

  18. Attack on the Vigenère Cipher CHREEVOAHMAERATBIAXXWTNXBEEOPHBSBQMQEQERBWRVXUOAKXAOSXXWEAHBWGJMMQMNKGRFVGXWTRZXWIAKLXFPSKAUTEMNDCMGTSXMXBTUIADNGMGPSRELXNJELXVRVPRTULHDNQWTWDTYGBPHXTFALJHASVBFXNGLLCHRZBWELEKMSJIKNBHWRJGNMGJSGLXFEYPHAGNRBIEQJTAMRVLCRREMNDGLXRRIMGNSNRWCHRQHAEYEVTAQEBBIPEEWEVKAKOEWADREMXMTBHHCHRTKDNVRZCHRCLQOHPWQAIIWXNRMGWOIIFKEE Cryptography, Jerzy Wojdylo, 5/4/01

  19. Attack on the Vigenère Cipher • Positions of CHR: 1, 166, 236, 276, 286. • Differences of positions: 166 – 1 = 165 236 – 1 = 235276 – 1 = 235 286 – 1 = 285 • The gcd of these differences is 5, so the key is most likely of length m = 5. Cryptography, Jerzy Wojdylo, 5/4/01

  20. Attack on the Vigenère Cipher • Divide the ciphertext into 5 subsrtings (positions 5k, 5k+1, 5k+2, 5k+3, 5k+4) • Analize each substring as a monoalphabetic cipher. • Continue on http://math.ucsd.edu/~crypto/java/EARLYCIPHERS/Vigenere.html • Also an insecure cipher Cryptography, Jerzy Wojdylo, 5/4/01

  21. Cryptonalysis of the Hill Cipher • Number of keys k = number of invertible mm matrices with coefficients from Z26.Does anyone know the formula? • If p is prime, the alphabet is Zp then • If p = 29 and Cryptography, Jerzy Wojdylo, 5/4/01

  22. Cryptonalysis of the Hill Cipher • Easily broken with known plaintext attack. • Permutation Cipher = Hill Cipher, where the key is a permutation matrix. • Both ciphers are insecure. Cryptography, Jerzy Wojdylo, 5/4/01

  23. Perfect Secrecy • A cryptosystem is computationally secure if the best algorithm for breaking it requires at least N operations, where N is some specified , very large number.Problems… • A cryptosystem is unconditionally secure if it cannot be broken with infinite computational resources. Cryptography, Jerzy Wojdylo, 5/4/01

  24. Perfect Secrecy • None of the classical cryptosystems is even computationally secure. • However the Shift Cipher, the Substitution Cipher, and the Vigènere Cipher are unconditionally secure if only one element of plaintext is encrypted with a given key!REALLY??? Cryptography, Jerzy Wojdylo, 5/4/01

  25. Perfect Secrecy • Claude Shannon “Communication Theory of Secrecy Systems”, Bell Systems Technical Journal, (1949) . • A cryptosystem has perfect secrecy if pP(x|y) = pP(x) for any xP and yC. That is the a posteriori probability that the plaintext is x, given that the ciphertext is y, is identical to the a priori probability that the plaintext is x. Cryptography, Jerzy Wojdylo, 5/4/01

  26. Perfect Secrecy • Theorem (Shannon). Suppose the 26 keys in the Shift Cipher are used with equal probability 1/26. Then for any plaintext probability distribution, the Shift Cipher has perfect secrecy. • Consequences: One-time Pad Cryptosystem (Gilbert Vernam, 1917). Key, plaintext, and ciphertext have the same length. Problems with keys: very long, distribution. Each key can be used only ONCE! Cryptography, Jerzy Wojdylo, 5/4/01

  27. The EndCryptography, Part 1: Classical Ciphers Cryptography Part 2: Modern Cryptosystems Stay Tuned…

More Related