CIS 628 Intro to Crypto

1. CIS 628 Intro to Crypto Dr. Leonard Popyack Fall 2007

2. Basic Encryption And Decryption

3. Concepts of Encryption • Cryptanalysis: how encryption systems are broken

4. Terms Sender Outsider (interceptor,intruder) Receiver Transmission

5. Outsider Can.. • Block message (interruption) • Intercept message • Modify your message • Fabricate a message

6. Terminology • Encryption – process of encoding a message so that its meaning is not obvious • Decryption – Transforming encrypted messages back to normal form. Encrypt Encode (words or phrases) Encipher (symbols or letters) Decrypt Decode (words or phrases) Decipher (symbols or letters)

7. More Terminology • Cryptography – hidden writing. Process of using encryption to conceal text. (Legitimate work) • Cryptanalyst – studies encryption & encrypted messages with a goal of finding the hidden meanings of messages. (Unauthorized interceptor)

8. Cryptography • Research into and study of encryption and decryption. Includes both the good guys and the ‘bad’ guys.

9. Encryption Algorithms P=(p1, p2, p3, …. pn) plaintext C=(c1, c2, c3, …. cn) cyphertext EXAMPLE: P=(f,r,a,n,k) C=(I,u,d,q,n)

10. Transformations C=E(P) P=D(C) E = encryption algorithm D = decryption algorithm We want a cryptosystem: P=D(E(P)) This is a keyless cypher.

11. Key Encryption Cyphertext depends both on the original plaintext, P, and on the key value, K. C=E(K,P) E is a set of encryption algorithms K selects which out of the set to use.

12. Symmetric If K is the same key for encoding and decoding, the D and E are mirror image processes: P=D(K,E(K,P))

13. Asymmetric Encryption and decryption keys come in pairs, KE, KD P=D(KD,E(KE,P)

14. Why Keys? • Keys allow different encryptions of one plaintext message by just changing the key. • Example, a secure message sent to all of your commanders in a war. The message may be the same, however, you don’t want it to appear as if the same message was sent to every commander. • Key adds additional security (enemy knows the algorithm, but not the keys)

15. GOAL: break the encryption Deduce the meaning of the ciphertext Determine a decrypting algorithm that matches the encryption algorithm Any or All: Break a single message Attempt to recognize patterns in encrypted messages Attempt to find general weaknesses in encryption algorithms HOW? Cryptoanalysis

16. How? An analyst works with encrypted messages, known encryption algorithms, intercepted plaintext, data items known or suspected to be in a ciphertext message, mathematical or statistical tools and techniques, properties of languages, computers, and plenty of ingenuity and luck.

17. Technically breakableGiven enough time & data, using brute force. Practically, unbreakable (generally due to time) EXAMPLE: Given cypher scheme has 1030 possible decipherments. GOAL: select one out of 1030 Current computers: 1010 operations/sec. 1030/1010 = 1020 sec Or 1012 years! Not feasible! Breakable Encryption

18. Cryptanalysis • Cryptanalysis will try to create a more ingenious approach to reduce operations. • Say in our example, to reduce the brute force possibilities to 1015 possibilities: 1015 1010 = 105 sec or 1 day.

19. Character Representation Letter A B C D E F G H I J K L M Code 0 1 2 3 4 5 6 7 8 9 10 11 12 Letter N O P Q R S T U V W X Y Z Code 13 14 15 16 17 18 19 20 21 22 23 24 25 This representation allows arithmetic to be performed on letters. Addition and sub­traction on letters are performed on the corresponding code number. Expressions such as A + 3 = D or K ‑ 1 = J have their natural interpretation. Arithmetic is performed as if the alphabetic table were circular. That is, addition wraps around from one end of the table to the other, so that Y + 3 = B. Thus, every result is between 0 and 25.

20. Modular Arithmetic 12 11 1 MOD n 2 10 0 <= result <= n 3 9 MOD 12 Use the remainder Ex: 18/12 =1 remain 6 8 4 7 5 6

21. Monoalpabetic Ciphers • Substitutions (one character for another) • Can be built into a table • Julius Caesar Cipher

22. Caesar Cipher Letter A B C D E F G H I J K L M Code 0 1 2 3 4 5 6 7 8 9 10 11 12 Letter N O P Q R S T U V W X Y Z Code 13 14 15 16 17 18 19 20 21 22 23 24 25 Ci=E(pi) = pi+3 Plaintext A B C D E F G H I J K L M N O P Q R S T U V W X Y Z Ciphertext d e f g h i j k 1 m n o p q r s t u v w x y z a b c

23. Caesar Cipher Plaintext A B C D E F G H I J K L M N O P Q R S T U V W X Y Z Ciphertext d e f g h i j k 1 m n o p q r s t u v w x y z a b c T R E A T Y I M P O S S I B L E w u h d w b 1 p s r v v 1 e o h Ci=E(pi) = pi+3

24. ADVANTAGES Easy to perform in the field – no algorithm to write down. Simple (for simple folks!) DISADVANTAGES Obvious pattern Small piece of the message could be used to break the algorithm Advantages to Caesar Cipher

25. Cryptanalysis of the Caesar Cipher phvvdjh lv qrw wrr kdug wr euhdn Note the 27th character – the space! And it is translated to itself, revealing the small words. English has few small words: am, is, to, be, he, we, and, are, you, .she, and so on. Some letters are repeated:the repeated R in the word wrr. Two very common three‑letter words having the pattern xyy are see and too; other less common possibilities are add, odd, and off

26. Lets break it! If wrr is SEE, wr would have to be SE, which is unlikely, but if wrr is TOO, wr would be TO, which is quite reasonable. Substituting T for w and 0 for r, the message becomes: wklv phvvdjh lv qrw wrr kdug wr euhdn T‑‑‑ -‑‑‑‑‑‑ ‑‑ ‑OT TOO ‑‑‑‑ TO ‑‑‑‑­ The ‑OT could be cot, dot, got, hot, lot, not, pot, rot, or tot; a likely choice is not. Unfortunately, q = N does not give any more clues, because q appears only once in this sample. The word lv is also the end of the word wklv, which probably starts with T. Likely two‑letter words that can also end a longer word include so, is, in, etc. However, so is unlikely because the form T ‑SO is not recognizable; IN is ruled out because of the previous assumption that q is N. A more promising alternative is to substitute IS for lv throughout, and continue to analyze the message in that way.

27. Break it some more! wklv phvvdjh lv qrw wrr kdug wr euhdn T‑IS -‑SS‑‑‑ ISNOT TOO ‑‑‑‑ TO ‑‑‑‑­ wklv phvvdjh lv qrw wrr kdug wr euhdn THIS -‑SS‑‑‑ ISNOT TOO H‑‑‑ TO ‑‑-‑­ wklv phvvdjh lv qrw wrr kdug wr euhdn THIS -‑SSA‑‑ ISNOT TOO HARD TO ‑R-A­ wklv phvvdjh lv qrw wrr kdug wr euhdn THIS MESSAGE ISNOT TOO HARD TO BREAK

28. Other Monoalphabetic Substitutions In monoalphabetic substitutions, the alphabet is scrambled, and each plaintext letter maps to a unique ciphertext letter a permutation is a reordering of the elements of a series Example: =(1,3,5,7,9,10,8,6,4,2) or ()=25- ABCDEFGHIJKLMNOPQRSTUVWXYZ key ABCDEFGHIJKLMNOPQRSTUVWXYZ keyabcdfghijlmnopqrstuvwxz

29. Key Monoalphabetic Substitutions ABCDEFGHIJKLMNOPQRSTUVWXYZ spectaulrbdfghijknnoqvwxyz Re-arrangement is good to do. Like a permutation which takes every third letter until the pattern is complete: ()=3* mod 26 1111111111222222 01234567890123456789012345 ABCDEFGHIJKLMNOPQRSTUVWXYZ adgjmpsvybehknqtwzcfilorux

30. Cryptanalysis of Monoalphabetic Ciphers • Crossword puzzle method (short words, words with repeat patterns, common initial and final letters, clues and guesses. • Frequency distribution analysis

31. Frequency Distribution Example hqfubswlrq lv d phdqv ri dwwdlqlqj vhfxuh frpsxwdwlrq ryhu lqvhfxuh fkdqqhov eb xvlqj hqfubswlrq zh glvjxlvh wkh phvvdjh yr wkdw hyhq li wkh wudqvplvvlrq lv glyhuwhg wkh phvvdjh zloo qrw eh uhyhdohg

33. Frequencies of Chars in Text

34. Sample Cipher

35. Sample Cipher ()=+3 (E)=E+3 = 4+3=7 = “h” hqfubswlrq lv d phdqv rl dwwdlqlqj vhfxuh frpsxwdwlrq ryhu lqvhfxuh fkdqqhov eb xvlqj hqfubswlrq zh glvjxlvh wkh phvvdjh yr wkdw hyhq li wkh wudqvplvvlrq lv glyhuwhg wkh phvvdjh zloo qrw eh uhyhdohg ENCRYPTION IS A MEANS OF ATTAINING SECURE COMMUNICATION OVER INSECURE CHANNELS BY USING ENCRYPTION WE DISGUISE THE MESSAGE SO THAT EVEN IF THE TRANSMISSION IS DIVERTED THE MESSAGE WILL NOT BE REVEALED

36. Short Messages a.k.a. The Cryptographer's Dilemma wklv phvvdjh lv qrw wrr kdug wr euhdn

37. Homework Next: Polyalphabetic substitution