1 / 41

Cryptanalysis

Cryptanalysis. Kyle Johnson. Cryptology. Comprised of both Cryptography and Cryptanalysis Cryptography - which is the practice and study of techniques for secure communication in the presence of third parties

tambre
Download Presentation

Cryptanalysis

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Cryptanalysis Kyle Johnson

  2. Cryptology • Comprised of both Cryptography and Cryptanalysis • Cryptography- which is the practice and study of techniques for secure communication in the presence of third parties • Cryptanalysis -which is the art of defeating cryptographic security systems, and gaining access to the contents of encrypted messages or obtaining the key itself.

  3. History • Fialka Cipher machine • Used by the Soviet in the cold war era. • Uses 10 rotors each with 30 contacts and also makes use of a punch card mechanism. http://en.wikipedia.org/wiki/File:FIALKA-rotors-in-machine.jpg

  4. Cryptanalysis Tools Scytale(rhymes with Italy) Ancient Greek device used to implement a cipher. Vigenere square used for the Vigenere Cipher. http://www.braingle.com/brainteasers/codes/images/scytale.gif http://en.wikipedia.org/wiki/File:Vigen%C3%A8re_square_shading.svg

  5. Classical Ciphers • Term given by William Friedman in 1920 • First recorded explanation in the 9th century by Al-Kindi • A manuscript • Blaise de Vigenereused a repeating key cipher

  6. Significance in History • Mary, Queen of Scots • World War I, Zimmerman Telegram • World War II, German Enigma Machine

  7. Cryptanalysis Results (Breaks) • Total Break • Global deduction • Instance (local) deduction • Information Deduction • Distinguishing algorithm

  8. Types of Attacks • Ciphertext-only • Known-plaintext • Chosen-plaintext • Chosen-Ciphertext

  9. Ciphertext-only • Also known as the known-ciphertext attack • Attacker only has a set of Ciphertexts • Successful, plaintext or key obtained • Used in Frequency Analysis

  10. Known-plaintext • Attacker has both the plaintext and ciphertext. • Goal: get the key • WWII: German Enigma Machine • Length, patterns, frequency

  11. Known-Plaintext Example • Plaintext: “THIS IS AN EXAMPLE OF A CIPHER” • Ciphertext: “XLMW MW ER IBEQTPI SJ E GMTLIV” • Try Caesar Cipher: word length pattern noticed. • Shift-1 Plaintext: “UIJT JT BO FYBNQMF PG B DJQIFS” • Ciphertext: “XLMW MW ER IBEQTPI SJ E GMTLIV” • Not the same. Repeat for all possible shifts(25 times) • Shift -4 Plaintext: “XLMW MW ER IBEQTPI SJ E GMTLIV” • Ciphertext: “XLMW MW ER IBEQTPI SJ E GMTLIV” • Same! • Caesar cipher: key is shift of 4.

  12. Chosen-Plaintext • Choose Plaintext to get random ciphertext • Goal: Weaken the security, get key • Plaintext injections • Types of chosen-plaintext • Batch chosen-plaintext • Adaptive chosen-plaintext

  13. Batch Chosen-plaintext Attack • Chooses all of the plaintexts before they are encrypted • This is the means of an unqualified use of this type of attack on encrypted data.

  14. Adaptive Chosen-plaintext Attack • Attacker will make a series of interactive queries • Choosing subsequent plaintexts based on the information from the previous encryptions

  15. Chosen Ciphertext • Choose ciphertext, decrypt unknown key • Enter multiple ciphertexts • May be both adaptive and non-adaptive • Types of chosen-ciphertext • Lunchtime Attack • Adaptive chosen ciphertext

  16. Lunchtime Attack • Also known as the midnight or indifferent attack • Attacker makes adaptive chosen-ciphertext queries up to a certain point • Can attack computer while user at lunch.

  17. Adaptive chosen-ciphertext • Attack in which ciphertexts may be chosen adaptively and after a challenge ciphertext is given to the attacker • Ciphertext can’t be used itself • Stronger attack than lunchtime but few practical attacks are of this form

  18. Tests and Analysis • Frequency Analysis • Index of Coincidence • Kasiski Test

  19. Frequency Analysis • Frequency of letters • Used to solve classical ciphers • Substitution • Caesar • Natural Langauge properties and patterns

  20. Example of Frequency Analysis • Consider this ciphertext : • “XZJZ WI RN ZDCQLSZ MO R OJZKGZNYB RNRSBIWI”

  21. Example of Frequency Analysis • “XZJZ WI RN ZDCQLSZ MO R OJZKGZNYB RNRSBIWI” • A: 0 • B: 2 • C: 1 • So on down the alphabet…

  22. Example of Frequency Analysis • “XZJZ WI RN ZDCQLSZ MO R OJZKGZNYB RNRSBIWI”

  23. Example of Frequency Analysis “XZJZ WI RN ZDCQLSZ MO R OJZKGZNYB RNRSBIWI”

  24. Example of Frequency Analysis “XEJE WI RN EDCQLSE MO R OJEKGENYB RNRSBIWI”

  25. Example of Frequency Analysis Decrypted: “HERE IS AN EXAMPLE OF A FREQUENCY ANALYSIS” Encrypted: “XZJZ WI RN ZDCQLSZ MO R OJZKGZNYB RNRSBIWI”

  26. Kasiski Test • Method of attacking polyalphabetic substitution ciphers • Deduce length of Keyword • ‘m’ number of rows • Identical Segments of Ciphertext, length >= 3

  27. Kasiski Test • Consider the following text: • KCCPKBGUFDPHQTYAVINRRTMVGRKDNBVFDETDGILTXRGUDDKOTFMBPVGEGLTGCKQRACQCWDNAWCRXIZAKFTLEWRPTYCQKYVXCHKFTPONCQQRHJVAJUWETMCMSPKQDYHJVDAHCTRLSVSKCGCZQQDZXGSFRLSWCWSJTBHAFSIASPRJAHKJRJUMVGKMITZHFPDISPZLVLGWTFPLKKEBDPGCEBSHCTJRWXBAFSPEZQNRWXCVYCGAONWDDKACKAWBBIKFTIOVKCGGHJVLNHIFFSQESVYCLACNVRWBBIREPBBVFEXOSCDYGZWPFDTKFQIYCWHJVLNHIQIBTKHJVNPIST

  28. Kasiski Test • KCCPKBGUFDPHQTYAVINRRTMVGRKDNBVFDETDGILTXRGUDDKOTFMBPVGEGLTGCKQRACQCWDNAWCRXIZAKFTLEWRPTYCQKYVXCHKFTPONCQQRHJVAJUWETMCMSPKQDYHJVDAHCTRLSVSKCGCZQQDZXGSFRLSWCWSJTBHAFSIASPRJAHKJRJUMVGKMITZHFPDISPZLVLGWTFPLKKEBDPGCEBSHCTJRWXBAFSPEZQNRWXCVYCGAONWDDKACKAWBBIKFTIOVKCGGHJVLNHIFFSQESVYCLACNVRWBBIREPBBVFEXOSCDYGZWPFDTKFQIYCWHJVLNHIQIBTKHJVNPIST • Trigram HJV

  29. Kasiski Test • KCCPKBGUFDPHQTYAVINRRTMVGRKDNBVFDETDGILTXRGUDDKOTFMBPVGEGLTGCKQRACQCWDNAWCRXIZAKFTLEWRPTYCQKYVXCHKFTPONCQQRHJVAJUWETMCMSPKQDYHJVDAHCTRLSVSKCGCZQQDZXGSFRLSWCWSJTBHAFSIASPRJAHKJRJUMVGKMITZHFPDISPZLVLGWTFPLKKEBDPGCEBSHCTJRWXBAFSPEZQNRWXCVYCGAONWDDKACKAWBBIKFTIOVKCGGHJVLNHIFFSQESVYCLACNVRWBBIREPBBVFEXOSCDYGZWPFDTKFQIYCWHJVLNHIQIBTKHJVNPIST • Trigram HJV : differences (δ) = 18, 138, 54, 12

  30. Kasiski Test • KCCPKBGUFDPHQTYAVINRRTMVGRKDNBVFDETDGILTXRGUDDKOTFMBPVGEGLTGCKQRACQCWDNAWCRXIZAKFTLEWRPTYCQKYVXCHKFTPONCQQRHJVAJUWETMCMSPKQDYHJVDAHCTRLSVSKCGCZQQDZXGSFRLSWCWSJTBHAFSIASPRJAHKJRJUMVGKMITZHFPDISPZLVLGWTFPLKKEBDPGCEBSHCTJRWXBAFSPEZQNRWXCVYCGAONWDDKACKAWBBIKFTIOVKCGGHJVLNHIFFSQESVYCLACNVRWBBIREPBBVFEXOSCDYGZWPFDTKFQIYCWHJVLNHIQIBTKHJVNPIST • Trigram HJV : differences (δ) = 18, 138, 54, 12 • Greatest common denominator: m = 6 , length of the keyword is 6.

  31. Index of Coincidence • Comparing 2 partials of same ciphertext • Ciphertext coincidences same in Plain Text • Used to help solve Vigenerecipher. • Check if two texts are in the same language, dialect

  32. Index of Coincidence • Consider the text from the Kasiski Test: • KCCPKBGUFDPHQTYAVINRRTMVGRKDNBVFDETDGILTXRGUDDKOTFMBPVGEGLTGCKQRACQCWDNAWCRXIZAKFTLEWRPTYCQKYVXCHKFTPONCQQRHJVAJUWETMCMSPKQDYHJVDAHCTRLSVSKCGCZQQDZXGSFRLSWCWSJTBHAFSIASPRJAHKJRJUMVGKMITZHFPDISPZLVLGWTFPLKKEBDPGCEBSHCTJRWXBAFSPEZQNRWXCVYCGAONWDDKACKAWBBIKFTIOVKCGGHJVLNHIFFSQESVYCLACNVRWBBIREPBBVFEXOSCDYGZWPFDTKFQIYCWHJVLNHIQIBTKHJVNPIST • And the length of the keyword m = 6

  33. Index of Coincidence • KCCPKBGUFDPHQTYAVINRRTMVGRKDNBVFDETDGILTXRGUDDKOTFMBPVGEGLTGCKQRACQCWDNAWCRXIZAKFTLEWRPTYCQKYVXCHKFTPONCQQRHJVAJUWETMCMSPKQDYHJVDAHCTRLSVSKCGCZQQDZXGSFRLSWCWSJTBHAFSIASPRJAHKJRJUMVGKMITZHFPDISPZLVLGWTFPLKKEBDPGCEBSHCTJRWXBAFSPEZQNRWXCVYCGAONWDDKACKAWBBIKFTIOVKCGGHJVLNHIFFSQESVYCLACNVRWBBIREPBBVFEXOSCDYGZWPFDTKFQIYCWHJVLNHIQIBTKHJVNPIST • And the length of the keyword m = 6 • Index of coincidence requires one to break the ciphertext up into the m number of rows. Each with as similar number of letters as possible.

  34. Index of Coincidence • Index of coincidence requires one to break the ciphertext up into the length (m) number of rows. Each with as similar number of letters as possible. • y1= KGQNGVGGTGCQWAWQHNJEPJTKQFWAP… • y2= CUTRRFIUFEKCCKRKKCVTKVRCDRSFR… • y3= CFYRKDLDMGQWRFPYFQAMQDLGZLJSJ… • y4= PDATDETDBLRDXTTVTQJCDASCXSTIA… • Y5= KPVMNTXKPTANILYXPRUMYHVZGWBAH… • Y6= BHIVBDROVGCAZECCOHWSHCSQSCHSK… • It comes out to look something like this (not full rows) • The index of coincidence is denoted as • =

  35. Smaller example: IoC • Consider x = “abaaabcda” • So as you can see there are 5:a, 2:b, 1:c, 1:d, 9 in total • =

  36. Smaller example: IoC • Consider x = “abaaabcda” • So as you can see there are 5:a, 2:b, 1:c, 1:d, 9 in total • = • Using the above equation we find that • = =

  37. Index of Coincidence • For English text the index of coincidences is approximately .o66 • The index of coincidence for the previous example: • m = 1: 0.041 • m = 2: 0.038, 0.047 • m = 3: 0.056, 0.048, 0.048 • m = 4: 0.037, 0.042, 0.037, 0.050 • m = 5: 0.043, 0.043, 0.031, 0.035, 0.043 • m = 6: 0.063, 0.084, 0.049, 0.065, 0.042, 0.071 • m = 7: 0.031, 0.044, 0.043, 0.038, 0.044, 0.044, 0.041 • Since the values are closest to .066 where m = 6 it is the appropriate choice for the keyword length.

  38. Other attacks • Brute-Force Attack • Boomerang Attack • Linear cryptanalysis • Brute-Force Attack • Boomerang Attack • Linear cryptanalysis

  39. Attack runtimes • Brute-Force with permutations per second • bits takes < 1 nanosecond • bits takes ~4.25 minutes • bits takes ~150 trillion years • bits takes ~ years

  40. Today’s Cryptanalysis • The NSA has developed, due to an enormous breakthrough, the ability to cryptanalyze unfathomably complex encryption systems • This includes those developed by other governments but as well as average computer users in the US • The NSA is known for its mathematical breakthroughs in cryptanalysis especially differential cryptanalysis

  41. Questions?

More Related