310 likes | 412 Views
Cryptography. Lecture 2 : Classic Ciphers Piotr Faliszewski. Last class Historical perspective Kerckhoff’s principle Requirements for information security Confidentiality Data integrity Authentication Non-repuditation. Attacks on confidentiality Ciphertext only attack
E N D
Cryptography Lecture 2: Classic Ciphers Piotr Faliszewski
Last class Historical perspective Kerckhoff’s principle Requirements for information security Confidentiality Data integrity Authentication Non-repuditation Attacks on confidentiality Ciphertext only attack Plaintext only attack Chosen ciphertext attack Chosen plaintext attack Key-only attack Previous Class Highlights
Convention • Plaintext alphabet and ciphertext alphabet
Modular Arithmetic • Modulo arithmetic • Modulus m • “Clock”-like arithmetic – numbers “wrap around” after reaching m • Calculate in the world of remainders modulo m • 2 = 14 mod (12) • 26 = 0 (mod 26) • 7*11 ≡ 77 (mod 5) ≡ 2 (mod 5) ≡ 2 * 1 (mod 5) • -5 (mod 11) ≡ 6 (mod 11)
Each letter is replaced by another letter from the alphabet Key: 1-1 mapping of letters How many keys are there? Various flavors Shift cipher Affine cipher Atbash Kama-sutra cipher Monoalphabetic Substitution
Substitution cipher Key k N Formula: y = (x + k) mod 26 26 size of the alphabet Cryptanalisis? Brute force! Popular culture 2001: Space Odyssey HAL 9000 Shift Cipher
Substitution cipher Key k N Formula: y = (x + k) mod 26 26 size of the alphabe Cryptanalisis? Brute force! Popular culture 2001: Space Odyssey HAL 9000 A B B C C D D E E F F G G H H I I J J K K L L M M N Shift Cipher
Substitution cipher Key k N Formula: y = (x + k) mod 26 26 size of the alphabe Cryptanalisis? Brute force! Popular culture 2001: Space Odyssey HAL 9000 A B B C C D D E E F F G G H H I I J J K K L L M M N Shift Cipher
Substitution cipher Key k N Formula: y = (x + k) mod 26 26 size of the alphabe Cryptanalisis? Brute force! Popular culture 2001: Space Odyssey IBM 9000 A B B C C D D E E F F G G H H I I J J K K L L M M N Shift Cipher
Affine Cipher • Substitution cipher • Key (, ) • Formula: • y = (x + ) mod 26 • How to select keys? • Cryptanalysis? A 0 B 1 C 2 D 3 E 4 F 5 G 6 H 7 I 8 J 9 K 10 L 11 M 12 N 13 O 14 P 15 Q 16 R 17 S 18 T 19 U 20 V 21 W 22 X 23 Y 24 Z 25
General Substitution Cipher • Key • Permutation of the alphabet • Large key space! • … but not used efficiently! • Does not hide various properties of the underlying text!
General Substitution Cipher • Key • Permutation of the alphabet • Large key space! • … but not used efficiently! • Does not hide various properties of the underlying text! • How to attack a substitution cipher? • Frequency attack • Digrams, trigrams • “fingerprint” of a language
Frequency Attack • Frequencies of letters • Letters appear with different frequencies in natural texts • Exceptions: • Gadsby by E.V. Wright • Disparation by George Perec (A Void, translation G. Adair) • Breaking substitution ciphers A 0.082 N 0.067 B 0.015 O 0.075 C 0.028 P 0.019 D 0.043 Q 0.001 E 0.127 R 0.060 F 0.022 S 0.063 G 0.020 T 0.091 H 0.061 U 0.028 I 0.070 V 0.010 J 0.002 W 0.023 K 0.008 X 0.001 L 0.040 Y 0.020 M 0.024 Z 0.001
Frequencies vs Subst’n Cipher • Shift and affine cipher • usually enough to locate ‘E’ gives the key • for affine cipher: One more letter can be helpful • Full substitution cipher • Might need digram and trigram frequencies A 0.082 N 0.067 B 0.015 O 0.075 C 0.028 P 0.019 D 0.043 Q 0.001 E 0.127 R 0.060 F 0.022 S 0.063 G 0.020 T 0.091 H 0.061 U 0.028 I 0.070 V 0.010 J 0.002 W 0.023 K 0.008 X 0.001 L 0.040 Y 0.020 M 0.024 Z 0.001
Example: Shift Cipher • The following frequencies were found: • Count the letters • Normalize the frequencies • Compare to the natural one A : 27 B : 6 C : 5 D : 12 E : 14 F : 1 G : 2 H : 8 I : 5 J : 14 K : 16 L : 5 M : 2 N : 13 O : 14 P : 19 Q : 6 R : 3 S : 5 T : 0 U : 4 V : 0 W : 17 X : 4 Y : 6 Z : 8
Example: Shift Cipher • There are 216 letters • Divide counts by 216 A : 0.125 B : 0.027 C : 0.023 D : 0.055 E : 0.064 F : 0.004 G : 0.009 H : 0.037 I : 0.0231 J : 0.064 K : 0.074 L : 0.023 M : 0.009
Example: Shift Cipher • There are 216 letters • Divide counts by 216 • Compare to natural frequencies • Natural guess: shift 4 • Others plausible • shift A : 0.125 B : 0.027 C : 0.023 D : 0.055 E : 0.064 F : 0.004 G : 0.009 H : 0.037 I : 0.0231 J : 0.064 K : 0.074 L : 0.023 M : 0.009 A : 0.082 B : 0.015 C : 0.028 D : 0.043 E : 0.127 F : 0.022 G : 0.02 H : 0.061 I : 0.07 J : 0.002 K : 0.008 L : 0.04 M : 0.024
Example: Shift Cipher • There are 216 letters • Divide counts by 216 • Compare to natural frequencies • Natural guess: shift 4 • Others plausible • shift A : 0.082 B : 0.015 C : 0.028 D : 0.043 E : 0.127 F : 0.022 G : 0.02 H : 0.061 I : 0.07 J : 0.002 K : 0.008 L : 0.04 M : 0.024 A : 0.125 B : 0.027 C : 0.023 D : 0.055 E : 0.064 F : 0.004 G : 0.009 H : 0.037 I : 0.0231 J : 0.064 K : 0.074 L : 0.023 M : 0.009
Example: Shift Cipher • There are 216 letters • Divide counts by 216 • Compare to natural frequencies • Natural guess: shift 4 • Others plausible • shift -2 • but the rest of frequencies mismatch A : 0.125 B : 0.027 C : 0.023 D : 0.055 E : 0.064 F : 0.004 G : 0.009 H : 0.037 I : 0.0231 J : 0.064 K : 0.074 L : 0.023 M : 0.009 A : 0.082 B : 0.015 C : 0.028 D : 0.043 E : 0.127 F : 0.022 G : 0.02 H : 0.061 I : 0.07 J : 0.002 K : 0.008 L : 0.04 M : 0.024
Example: Shift Cipher • There are 216 letters • Divide counts by 216 • Compare to natural frequencies • Natural guess: shift 4 • Others plausible • shift -2 • but the rest of frequencies mismatch A : 0.125 B : 0.027 C : 0.023 D : 0.055 E : 0.064 F : 0.004 G : 0.009 H : 0.037 I : 0.0231 J : 0.064 K : 0.074 L : 0.023 M : 0.009 A : 0.082 B : 0.015 C : 0.028 D : 0.043 E : 0.127 F : 0.022 G : 0.02 H : 0.061 I : 0.07 J : 0.002 K : 0.008 L : 0.04 M : 0.024
Dot-Product Method • Treat the list of frequencies as vector • A0 – list of frequencies • Ai – list of frequencies shifted by i • Example • A0 = ( 0.82, 0.015, 0.028, 0.043, ... ) • A2 = ( 0.20, 0.001, 0.082, 0.015, ... ) • Dot-product • Ai· Aj multiply elements position wise and add
Dot-Product Method • Property • Ai· Aj largest when i = j • Method • Compute frequency vector W for our text • W approximates some Aj • Compute W · Ai for each i • Shift is the i that maximizes the value
Vigenere Cipher • How to make the shift cipher more difficult to break? • Problem: each letter shifted by the same ammount • Solution: pick different shifts for different letters! • Vigenere cipher • A sequence of shift ciphers
Vigenere Cipher • Key • a vector (k1, ..., kn) • each ki is a letter (or equivalently, a small integer) • Cipher: • plaintext: x1x2... xm • ciphertext: yj = xj + kj mod n (mod 26)
Vigenere Cipher: Cryptanalisis • Known ciphertext attack • dljhswbesidtyjfcqpjhrxfmdxipdabhordgitutnzfgiibhspzjcmovdlfkskfcovfrstitbeosdlbigixxvpugixpqbibzsruwogmpcwsdyqkjcxudcifwyafpccuwswjh • Finding the key: • Find the key length displacement method • Break a sequence of shift ciphers
Displacement Method dljhswbesidtyjfcqpjhrxfmdxipdabhordgitutnzfgiibhsp dljhswbesidtyjfcqpjhrxfmdxipdabhordgitutnzfgiibhsp 3 matches dljhswbesidtyjfcqpjhrxfmdxipdabhordgitutnzfgiibhsp dljhswbesidtyjfcqpjhrxfmdxipdabhordgitutnzfgiibhsp 6 matches dljhswbesidtyjfcqpjhrxfmdxipdabhordgitutnzfgiibhsp dljhswbesidtyjfcqpjhrxfmdxipdabhordgitutnzfgiibhsp 0 matches dljhswbesidtyjfcqpjhrxfmdxipdabhordgitutnzfgiibhsp dljhswbesidtyjfcqpjhrxfmdxipdabhordgitutnzfgiibhsp 7 matches
Vigenere Cipher: Cryptanalisis • After we get the key length • Break a series of shift ciphers... • ... but we just have a sample of English letters for each cipher. Example: with key length 6, for each cipher we get every 6th letter of the message • Can still match the frequencies • dot-product method
Unbreakable cipher • Is it possible to create an unbreakable cipher?
Unbreakable cipher • Is it possible to create an unbreakable cipher? • One-time pad • Plaintext: x1x2x3 ... xn • Random string: b1b2b3 ... bn • Ciphertext: yi = xi bi • Cryptanalisis? • Applications? This message is completely unreadable. I have encrypted it with the toughest cipher ever, one-time pad. TWICE! -- found in a cryptography discussion on the internet
One-Time Pad Keys • Generate random sequence • Hardware generators • Thermal noise from a semiconductor device • Random fluctuations in disk sector latency times • Etc. • Software generators • Deterministic • Initiated „randomly” • System clock • Elapsed time between keystrokes • Etc.
Pseudorandom Numbers • Linear congruential generator • xi = axi-1 + b (mod m) • Dangerous for cryptography! • Blum-Blum-Shub generator • xi = xi-12 (mod n) • ui = xi (mod 2) • Many others...