430 likes | 648 Views
Cryptography -- Classical Styles. Anita Jones CS451 Information Security . Copyright(C) Anita Jones. Overview. Introduction A security model What is cryptography? Some classical ciphers from days of olde ……. up to World War II. Security problems of interest. Policies:.
E N D
Cryptography -- Classical Styles Anita Jones CS451 Information Security Copyright(C) Anita Jones
Overview • Introduction • A security model • What is cryptography? • Some classical ciphers • from days of olde ……. • up to World War II
Security problems of interest Policies: • confidentiality - protect info content from unwarranted observation • integrity - protect info accuracy • availability - ensure information delivery • authentication - assure identity of user (sender) • non-repudiation - protect from deniability • access control - control access to info/resources Problems that arise in implementation:
Attacks • interception - of information-traffic, breaches confidentiality • interruption - of service, availability • modification - of information, i.e. loss of integrity • fabrication - of information, destroys authenticity
Response? • identify key assets • evaluate threat posed to assets • implement suitable countermeasures • manage implementation • cryptography is a key technology • Note – not a “perimeter defense” technology
Model for cryptography Trusted 3rd Party (arbitrates, distributes secret information) Principal Principal Message Message Secret Information Info channel Secret Information Security Transform Security Transform Opponent
Issues • Transformation algorithm • What’s the secret information; How to generate it • How to distribute secret information • Protocols -- disciplined interaction involving all parties
What’s cryptography • cryptography is the study of secret (crypto-) writing (-graphy) • concerned with developing algorithms which may be used to: • conceal the content of a message from all except the sender & recipient (secrecy or confidentiality) • verify the correctness of a message or its sender to the recipient (integrity & authentication) • includes protocols solving many problems
A few terms • cryptography • the art or science of transforming an intelligible message into one that is unintelligible, and then transforming that message back to original form • plaintext • the original intelligible message • ciphertext • the transformed message
A few terms • cipher • an algorithm for transforming an intelligible message into one that is unintelligible • key • critical (secret) information used in the cipher & known only to the sender & receiver • Symmetric – shared • Asymmetric – public/private
A few terms • encipher (encode) • the process of converting plaintext to ciphertext using a cipher plus key • decipher (decode) • the process of converting ciphertext back into plaintext using a cipher plus key
A few terms • cryptanalysis (codebreaking) • the study of methods for transforming an unintelligible message back into an intelligible message without knowledge of the key • code • an algorithm for transforming an intelligible message into an unintelligible message using a code-book
Transformations • encryption • applying a mathematical function mapping plaintext to ciphertext using the specified key: C = EK(P) • decryption • applying a mathematical function mapping ciphertext to plaintext using the specified key: P = EK-1(C) P = DK(C)
More terms • cryptographic system • a single parameter family of invertible transformations with unique inverses where only the key is secret • the cryptographic system is typically made public • keys, of course, are secret
Steganography • embed message in innocuous setting My Special Friend, Our speaker today in class today is exciting, & I know that the next speaker is even better. I need to report to you that next class the teacher will give the mid-term exam. Well, there is only one mid-term! YEAH!!! That is it for now. I’m awful at writing, but will keep trying ………...
Steganography • embed message in innocuous setting My Special Friend, Our speaker today in class today is exciting, & I know that the next speaker is even better. I need to report to you that next class the teacher will give the mid-term exam. Well, there is only one mid-term! YEAH!!! That is it for now. I’m awful at writing, but will keep trying ………...
Two crypto techniques Permutation Substitution
“Staff” cipher • an early Greek transposition cipher: • cut a narrow strip of paper long enough to write message • wind it around a staff so that adjacent edges abut • write message horizontally down the shaft with a character on each wrapping • unwind • Result: long sequence of seemingly random letters
The ole alternation trick write message letters on alternate rows read off cipher by row Plain = “I CAME I SAW I CONQUERED” Plain: I A E S W C N U E C M I A I O Q R D Cipher: IAESW CNUE CMIAI OQRD
The ole structured patterns trick write message letters as a matrix read off cipher by some pattern Plain: I C A M E I S A W I C O N Q U E R E D A Cipher: diagonals, concentric circle, in and out, etc
The ole mirror trick write the message backwards Plain: I CAME I SAW I CONQUERED Cipher: DEREU QNOCI WASIE MACI ………and speaking of J. Caesar
Two crypto techniques Permutation Substitution
Caesar cipher - substitution cipher • Julius Caesar invented to transmit military information -- 2000 years ago • Map each letter to another -- fixed offset -- called the translation alphabet Alphabets: Plain: A B C D E F G H I J K L M N O P Q R S T U Cipher: E F G H I J K L M N O P Q R S T U V W X Y CipherText: W TI G M E P W T I E O I V G S Q M R K
Caesar cipher - substitution cipher • Julius Caesar invented to transmit military information -- 2000 years ago • Map each letter to another -- fixed offset -- called the translation alphabet Alphabets: Plain: A B C D E F G H I J K L M N O P Q R S T U Cipher: E F G H I J K L M N O P Q R S T U V W X Y CipherText: W TI G M E P W T I E O I V G S Q M R K P = S P E C I A L S P EA K E R C O M I N G
Substitution Technique Encryption algorithm used in previous slide is C = E(P) = (p + 4) mod(26) More generally, any shift, k, in range 1:25 C = E(P) = (p + k) mod(26) Decryption algorithm p = D(C) = (c - k) mod(26) plaintext letter P (p is its offset into the alphabet of interest; ciphertext letter C (ditto); modulus function mod
Cryptanalysis – break Caesar cipher • check out brute force cryptanalysis of a Caesar cipher • What is the Key? • What is the Key size?
Mono-alphabetic Substitution • Use any permutation of the 26 alphabetic characters • 26! (i.e. 4 x 1026) possible keys • brute force attack is cheap to execute • But, regularities of the language give clues • English, German, Hebrew, Russian – have different characteristics in terms of letter usage
Language regularities • can base cryptanalysis on frequency of letter occurrence • E is most frequent, then • T, R, I, N, O, A, S, then ….. • rarely are J, K, Q X Z used • E is 25 times more frequent than Q • Strategy (for a “long enough” message) is to guess at letter value based on frequency of appearance in ciphertext
Language regularities - example Ceasar (Mono alphabetic substitution) Alphabets: Plain: A B C D E F G H I J K L M N O P Q R S T U Cipher: E F G H I J K L M N O P Q R S T U V W X Y CipherText: W TI G M E P W T I E O I V G S Q M R K P = S P E C I A L S P EA K E R C O M I N G P = S P E C I A L S P EA K E R C O M I N G
Crypt algorithm development • early manuscript -- Abu al-Kindi's "A Manuscript on Deciphering Cryptographic Messages" • published in the 9th century • stronger mono-alphabetic ciphers --some used several replacement symbols for each letter, for common words • nulls were developed in middle ages
Algorithm development (cont) • Roger Bacon described methods in 1200s • Geoffrey Chaucer included several ciphers in his writings • Arabic knowledge of cryptology described in an encyclopedia in 1412 • growing use in European diplomacy • Leon Alberti devised a cipher wheel -- more on that later
Poly-alphabetic substitution cipher • attributed to Blaise de Vigenère is • objective: improve security by using multiple mono-alphabetic substitution alphabets • define multiple full alphabet substitutions • each letter can be replaced by many others • use a keyto select which alphabet is used for each letter of the message • i-th letter of key specifies i-th alphabet to use • use each alphabet in turn, then repeat
Poly-alphabetic example plaintext S O U N D A L A R M key C I P H E R C I P H ciphertext U W J U H R N I G T A-> ABCDEFGHIJKLMNOPQRSTUVWXYZ C -> CDEFGHIJKLMNOPQRSTUVWXYZAB I -> IJKLMNOPQRSTUVWXYZABCDEFGH P -> PQRSTUVWXYZABCDEFGHIJKLMNO H -> HIJKLMNOPQRSTUVWXYZABCDEFG E -> EFGHIJKLMNOPQRSTUVWXYZABCD R -> RSTUVWXYZABCDEFGHIJKLMNOPQ 'S' uses alphabet 'C' maps to 'U' 'O' uses alphabet 'I' maps to 'W' ’U' uses alphabet 'P' maps to 'J’ etc
From letters to binary • Vernam (1918) uses binary, not letters Ci = pi x ki pi- ith binary digit of plaintext ki- ith binary digit of key Ci- ith binary digit of ciphertext
One time pad • Army Signal Corp officer, Joseph Mauborgne improved Vernam cipher • Use random key that was truly as long as the message • cipher output is random -- has no statistical relationship to plaintext • problem is that sender & receiver need to have that long key -- different for each message One time pad – the ultimate substitution technique
Rotor Machines • enciphering (& deciphering) is rote, tedious, and error prone (if done manually) • Automation permits multiple (transposition) stages • Rotor Machine consists of • keyboard • multiple rotors, each with 26 positions • pre-wired
Rotor machine A B C D E … U Z A B C … Z Motion Fixed wiring
Code machine • Enigma:http://webhome.idirect.com/~jproc/crypto/enigma.html • Simulated deciphering of Enigma using “Turing Bombe”: • http://library.thinkquest.org/28005/flashed/timemachine/courseofhistory/bombeapp.shtml
WW II crypto machines • German Enigma -- three rotors and later more • Japanese Purple -- broken by U.S. • Yamamoto planned attack after Pearl Harbor • U.S. fleet coming out of Pearl Harbor • plans known • hundreds of Japanese ships sunk
Next Block Ciphers
Backup Notes cracking polyalph original method developed by Babbage and Kasiski use repetitions in ciphertext to give clues as to period look for same plaintext an exact period apart which results in the same ciphertext of course, could also be random fluke eg. Plaintext: TOBEORNOTTOBE Key: NOWNOWNOWNOW Ciphertext: GCXRCNACPGCXR see repeated ciphertext "GCXR" since repeats are 9 chars apart, guess period is 3 or 9 in general find a number of duplicated sequences collect all their distances apart, look for common factors remembering that some will be random flukes and need to be discarded
Backup Notes cracking polyalph (2) in order to break a polyalphabetic cipher must 1. determine how many alphabets -- d -- were used: See Kasiski method 2. separate ciphertext into d sections 3. Determine if each as a monoalphabetic value (if not, have a wrong guess) by computing the frequency balance across the cipher text (called an Index of Coincidence) 4. solve each as a monoalphabetic cipher using - frequency distribution, - common double & triple letters - word boundaries
Issues • What do the attacks on classical techniques target? • What is a “perfect cipher” and why? • How important is redundancy in cryptology?