1 / 31

Cryptography

Cryptography. Lecture 2 : Classic Ciphers Piotr Faliszewski. Last class Historical perspective Kerckhoff’s principle Requirements for information security Confidentiality Data integrity Authentication Non-repuditation. Attacks on confidentiality Ciphertext only attack

quyn-hill
Download Presentation

Cryptography

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Cryptography Lecture 2: Classic Ciphers Piotr Faliszewski

  2. Last class Historical perspective Kerckhoff’s principle Requirements for information security Confidentiality Data integrity Authentication Non-repuditation Attacks on confidentiality Ciphertext only attack Plaintext only attack Chosen ciphertext attack Chosen plaintext attack Key-only attack Previous Class Highlights

  3. Convention • Plaintext alphabet and ciphertext alphabet

  4. Modular Arithmetic • Modulo arithmetic • Modulus m • “Clock”-like arithmetic – numbers “wrap around” after reaching m • Calculate in the world of remainders modulo m • 2 = 14 mod (12) • 26 = 0 (mod 26) • 7*11 ≡ 77 (mod 5) ≡ 2 (mod 5) ≡ 2 * 1 (mod 5) • -5 (mod 11) ≡ 6 (mod 11)

  5. Each letter is replaced by another letter from the alphabet Key: 1-1 mapping of letters How many keys are there? Various flavors Shift cipher Affine cipher Atbash Kama-sutra cipher Monoalphabetic Substitution

  6. Substitution cipher Key k N Formula: y = (x + k) mod 26 26  size of the alphabet Cryptanalisis? Brute force! Popular culture 2001: Space Odyssey HAL 9000 Shift Cipher

  7. Substitution cipher Key k N Formula: y = (x + k) mod 26 26  size of the alphabe Cryptanalisis? Brute force! Popular culture 2001: Space Odyssey HAL 9000 A  B B  C C  D D  E E  F F  G G  H H  I I  J J  K K  L L  M M  N Shift Cipher

  8. Substitution cipher Key k N Formula: y = (x + k) mod 26 26  size of the alphabe Cryptanalisis? Brute force! Popular culture 2001: Space Odyssey HAL 9000 A  B B  C C  D D  E E  F F  G G  H H  I I  J J  K K  L L  M M  N Shift Cipher

  9. Substitution cipher Key k N Formula: y = (x + k) mod 26 26  size of the alphabe Cryptanalisis? Brute force! Popular culture 2001: Space Odyssey IBM 9000 A  B B  C C  D D  E E  F F  G G  H H  I I  J J  K K  L L  M M  N Shift Cipher

  10. Affine Cipher • Substitution cipher • Key (, ) • Formula: • y = (x + ) mod 26 • How to select keys? • Cryptanalysis? A  0 B  1 C  2 D  3 E  4 F  5 G  6 H  7 I  8 J  9 K  10 L  11 M  12 N 13 O 14 P 15 Q 16 R 17 S 18 T 19 U 20 V 21 W 22 X 23 Y 24 Z 25

  11. General Substitution Cipher • Key • Permutation of the alphabet • Large key space! • … but not used efficiently! • Does not hide various properties of the underlying text!

  12. General Substitution Cipher • Key • Permutation of the alphabet • Large key space! • … but not used efficiently! • Does not hide various properties of the underlying text! • How to attack a substitution cipher? • Frequency attack • Digrams, trigrams • “fingerprint” of a language

  13. Frequency Attack • Frequencies of letters • Letters appear with different frequencies in natural texts • Exceptions: • Gadsby by E.V. Wright • Disparation by George Perec (A Void, translation G. Adair) • Breaking substitution ciphers A  0.082 N  0.067 B  0.015 O  0.075 C  0.028 P  0.019 D  0.043 Q  0.001 E  0.127 R  0.060 F  0.022 S  0.063 G  0.020 T  0.091 H  0.061 U  0.028 I  0.070 V  0.010 J  0.002 W  0.023 K  0.008 X  0.001 L  0.040 Y  0.020 M  0.024 Z  0.001

  14. Frequencies vs Subst’n Cipher • Shift and affine cipher • usually enough to locate ‘E’  gives the key • for affine cipher: One more letter can be helpful • Full substitution cipher • Might need digram and trigram frequencies A  0.082 N  0.067 B  0.015 O  0.075 C  0.028 P  0.019 D  0.043 Q  0.001 E  0.127 R  0.060 F  0.022 S  0.063 G  0.020 T  0.091 H  0.061 U  0.028 I  0.070 V  0.010 J  0.002 W  0.023 K  0.008 X  0.001 L  0.040 Y  0.020 M  0.024 Z  0.001

  15. Example: Shift Cipher • The following frequencies were found: • Count the letters • Normalize the frequencies • Compare to the natural one A : 27 B : 6 C : 5 D : 12 E : 14 F : 1 G : 2 H : 8 I : 5 J : 14 K : 16 L : 5 M : 2 N : 13 O : 14 P : 19 Q : 6 R : 3 S : 5 T : 0 U : 4 V : 0 W : 17 X : 4 Y : 6 Z : 8

  16. Example: Shift Cipher • There are 216 letters • Divide counts by 216 A : 0.125 B : 0.027 C : 0.023 D : 0.055 E : 0.064 F : 0.004 G : 0.009 H : 0.037 I : 0.0231 J : 0.064 K : 0.074 L : 0.023 M : 0.009

  17. Example: Shift Cipher • There are 216 letters • Divide counts by 216 • Compare to natural frequencies • Natural guess: shift 4 • Others plausible • shift A : 0.125 B : 0.027 C : 0.023 D : 0.055 E : 0.064 F : 0.004 G : 0.009 H : 0.037 I : 0.0231 J : 0.064 K : 0.074 L : 0.023 M : 0.009 A : 0.082 B : 0.015 C : 0.028 D : 0.043 E : 0.127 F : 0.022 G : 0.02 H : 0.061 I : 0.07 J : 0.002 K : 0.008 L : 0.04 M : 0.024

  18. Example: Shift Cipher • There are 216 letters • Divide counts by 216 • Compare to natural frequencies • Natural guess: shift 4 • Others plausible • shift A : 0.082 B : 0.015 C : 0.028 D : 0.043 E : 0.127 F : 0.022 G : 0.02 H : 0.061 I : 0.07 J : 0.002 K : 0.008 L : 0.04 M : 0.024 A : 0.125 B : 0.027 C : 0.023 D : 0.055 E : 0.064 F : 0.004 G : 0.009 H : 0.037 I : 0.0231 J : 0.064 K : 0.074 L : 0.023 M : 0.009

  19. Example: Shift Cipher • There are 216 letters • Divide counts by 216 • Compare to natural frequencies • Natural guess: shift 4 • Others plausible • shift -2 • but the rest of frequencies mismatch A : 0.125 B : 0.027 C : 0.023 D : 0.055 E : 0.064 F : 0.004 G : 0.009 H : 0.037 I : 0.0231 J : 0.064 K : 0.074 L : 0.023 M : 0.009 A : 0.082 B : 0.015 C : 0.028 D : 0.043 E : 0.127 F : 0.022 G : 0.02 H : 0.061 I : 0.07 J : 0.002 K : 0.008 L : 0.04 M : 0.024

  20. Example: Shift Cipher • There are 216 letters • Divide counts by 216 • Compare to natural frequencies • Natural guess: shift 4 • Others plausible • shift -2 • but the rest of frequencies mismatch A : 0.125 B : 0.027 C : 0.023 D : 0.055 E : 0.064 F : 0.004 G : 0.009 H : 0.037 I : 0.0231 J : 0.064 K : 0.074 L : 0.023 M : 0.009 A : 0.082 B : 0.015 C : 0.028 D : 0.043 E : 0.127 F : 0.022 G : 0.02 H : 0.061 I : 0.07 J : 0.002 K : 0.008 L : 0.04 M : 0.024

  21. Dot-Product Method • Treat the list of frequencies as vector • A0 – list of frequencies • Ai – list of frequencies shifted by i • Example • A0 = ( 0.82, 0.015, 0.028, 0.043, ... ) • A2 = ( 0.20, 0.001, 0.082, 0.015, ... ) • Dot-product • Ai· Aj multiply elements position wise and add

  22. Dot-Product Method • Property • Ai· Aj largest when i = j • Method • Compute frequency vector W for our text • W approximates some Aj • Compute W · Ai for each i • Shift is the i that maximizes the value

  23. Vigenere Cipher • How to make the shift cipher more difficult to break? • Problem: each letter shifted by the same ammount • Solution: pick different shifts for different letters! • Vigenere cipher • A sequence of shift ciphers

  24. Vigenere Cipher • Key • a vector (k1, ..., kn) • each ki is a letter (or equivalently, a small integer) • Cipher: • plaintext: x1x2... xm • ciphertext: yj = xj + kj mod n (mod 26)

  25. Vigenere Cipher: Cryptanalisis • Known ciphertext attack • dljhswbesidtyjfcqpjhrxfmdxipdabhordgitutnzfgiibhspzjcmovdlfkskfcovfrstitbeosdlbigixxvpugixpqbibzsruwogmpcwsdyqkjcxudcifwyafpccuwswjh • Finding the key: • Find the key length  displacement method • Break a sequence of shift ciphers

  26. Displacement Method dljhswbesidtyjfcqpjhrxfmdxipdabhordgitutnzfgiibhsp dljhswbesidtyjfcqpjhrxfmdxipdabhordgitutnzfgiibhsp 3 matches dljhswbesidtyjfcqpjhrxfmdxipdabhordgitutnzfgiibhsp dljhswbesidtyjfcqpjhrxfmdxipdabhordgitutnzfgiibhsp 6 matches dljhswbesidtyjfcqpjhrxfmdxipdabhordgitutnzfgiibhsp dljhswbesidtyjfcqpjhrxfmdxipdabhordgitutnzfgiibhsp 0 matches dljhswbesidtyjfcqpjhrxfmdxipdabhordgitutnzfgiibhsp dljhswbesidtyjfcqpjhrxfmdxipdabhordgitutnzfgiibhsp 7 matches

  27. Vigenere Cipher: Cryptanalisis • After we get the key length • Break a series of shift ciphers... • ... but we just have a sample of English letters for each cipher. Example: with key length 6, for each cipher we get every 6th letter of the message • Can still match the frequencies • dot-product method

  28. Unbreakable cipher • Is it possible to create an unbreakable cipher?

  29. Unbreakable cipher • Is it possible to create an unbreakable cipher? • One-time pad • Plaintext: x1x2x3 ... xn • Random string: b1b2b3 ... bn • Ciphertext: yi = xi bi • Cryptanalisis? • Applications? This message is completely unreadable. I have encrypted it with the toughest cipher ever, one-time pad. TWICE! -- found in a cryptography discussion on the internet

  30. One-Time Pad Keys • Generate random sequence • Hardware generators • Thermal noise from a semiconductor device • Random fluctuations in disk sector latency times • Etc. • Software generators • Deterministic • Initiated „randomly” • System clock • Elapsed time between keystrokes • Etc.

  31. Pseudorandom Numbers • Linear congruential generator • xi = axi-1 + b (mod m) • Dangerous for cryptography! • Blum-Blum-Shub generator • xi = xi-12 (mod n) • ui = xi (mod 2) • Many others...

More Related