210 likes | 381 Views
Classic Cryptography. plaintext. plaintext. MESSAGE. MESSAGE. decode/decipher. encode/encipher. Cryptography “art or science concerning the principles, means and methods for rendering plain information unintelligible and for restoring encrypted information to
E N D
Classic Cryptography plaintext plaintext MESSAGE MESSAGE decode/decipher encode/encipher Cryptography “art or science concerning the principles, means and methods for rendering plain information unintelligible and for restoring encrypted information to intelligible form.” -- National Information System Security Glossary (NSTISSC) ciphertext ZXYCTHI encryption algorithm decryption algorithm
The Caesar Cipher letters are numbered from zero (A≈0, B≈1, …Z≈25) Encryption Algorithm Each letter (Lp) is replaced by the letter from the following function: E(Lp) = (Lp + 3) mod 26 Example HI MOM SEND DOLLARS plaintext KL PRP VHQG GROODUV ciphertext Decryption Algorithm Each letter (Lc) is replaced by the letter from the following function: D(Lc) = (Lc + 23) mod 26
Keys key Simple Caesar Cipher E(Lp) = (Lp + 3) mod 26 Generalized Caesar Cipher Ek(Lp) = (Lp + k) mod 26 Key “a sequence of random or pseudorandom bits used initially to set up and periodically change the operations performed in crypto-equipment for the purpose of encrypting or decrypting electronic signals...” -- National Information System Security Glossary (NSTISSC)
Two Types of Keyed Encryption plaintext plaintext plaintext plaintext ciphertext ciphertext encryption algorithm encryption algorithm decryption algorithm decryption algorithm Symmetric Encryption Asymmetric Encryption
Encipher Ek(Lp) = (Lp + k) mod 26 Decipher Dk(Lc) = (Lc + (26-k)) mod 26 code breaker Is the Caesar Cipher (keyed version) symmetric or asymmetric? Symmetric encryption is also known as private key encryption, because the key must be kept private from…
code breaker Cryptanalysis “operations performed in converting encrypted messages to plain text without initial knowledge of the crypto-algorithm and/or key employed in the encryption.” -- National Information System Security Glossary (NSTISSC) Common Cryptanalysis Attacks Attack TypeCryptanalysis Knowledge ciphertext only • encryption algorithm (less the key) • ciphertext to be deciphered known plaintext • encryption algorithm (less the key) • ciphertext to be deciphered • a segment of plaintext with corresponding ciphertext chosen plaintext • encryption algorithm (less the key) • ciphertext to be deciphered • a segment of plaintext selected by cryptanalyst with corresponding ciphertext How difficult is a ciphertext only attack on a keyed Caesar cipher?
Cipher Techniques substitute ortransposeorproduct (both) A substitution cipher forms ciphertext from replacing plaintext bit patterns with other bit patterns. A transposition cipher forms ciphertext from rearranging plaintext bit sequences. stream orblock A stream cipher transforms plaintext one small subsequence (bit, byte, letter) at a time. A block cipher transforms a larger units of plaintext (usually 64 or 128 bits). Keyed Caesar Cipher a mono-alphabetic substitution cipher
Cryptanalysis of Substitution brute force The Caesar Cipher has only 26 different possibilities. alphabetic frequency cryptanalysis (Cryptography and Data Security, Denning, 1982.) Suppose you know only that the cipher uses some tabular mono-alphabetic substitution. Digrams and trigrams can be analyzed in similar fashion.
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z plaintext index a b c d e f g h i j k l m n o z A B C D E F G H I J K L M N O P Q R S T U V W X Y Z B C D E F G H I J K L M N O P Q R S T U V W X Y Z A C D E F G H I J K L M N O P Q R S T U V W X Y Z A B D E F G H I J K L M N O P Q R S T U V W X Y Z A B C E F G H I J K L M N O P Q R S T U V W X Y Z A B C D F G H I J K L M N O P Q R S T U V W X Y Z A B C D E G H I J K L M N O P Q R S T U V W X Y Z A B C D E F H I J K L M N O P Q R S T U V W X Y Z A B C D E F G I J K L M N O P Q R S T U V W X Y Z A B C D E F G H J K L M N O P Q R S T U V W X Y Z A B C D E F G H I K L M N O P Q R S T U V W X Y Z A B C D E F G H I J L M N O P Q R S T U V W X Y Z A B C D E F G H I J K M N O P Q R S T U V W X Y Z A B C D E F G H I J K L N O P Q R S T U V W X Y Z A B C D E F G H I J K L M O P Q R S T U V W X Y Z A B C D E F G H I J K L M N . . . Z A B C D E F G H I J K L M N O P Q R S T U V W X Y key index Vignere Cipher (best known polyalphabetic substitution cipher) Tableau Use a string as key, repeatedly. The key letters serve as row indices for enciphering.
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z a b c d e f g h i j k l m n o z A B C D E F G H I J K L M N O P Q R S T U V W X Y Z B C D E F G H I J K L M N O P Q R S T U V W X Y Z A C D E F G H I J K L M N O P Q R S T U V W X Y Z A B D E F G H I J K L M N O P Q R S T U V W X Y Z A B C E F G H I J K L M N O P Q R S T U V W X Y Z A B C D F G H I J K L M N O P Q R S T U V W X Y Z A B C D E G H I J K L M N O P Q R S T U V W X Y Z A B C D E F H I J K L M N O P Q R S T U V W X Y Z A B C D E F G I J K L M N O P Q R S T U V W X Y Z A B C D E F G H J K L M N O P Q R S T U V W X Y Z A B C D E F G H I K L M N O P Q R S T U V W X Y Z A B C D E F G H I J L M N O P Q R S T U V W X Y Z A B C D E F G H I J K M N O P Q R S T U V W X Y Z A B C D E F G H I J K L N O P Q R S T U V W X Y Z A B C D E F G H I J K L M O P Q R S T U V W X Y Z A B C D E F G H I J K L M N . . . Z A B C D E F G H I J K L M N O P Q R S T U V W X Y HI MOM SEND DOLLARS plaintext mi lkm ilkm ilkmilk key = milk TQ XYY APXP LZVXICC ciphertext Example
What makes a "Good" cipher? In 1949 Shannon proposed the following characteristics of a good cipher: 1) The amount of required secrecy should determine the amount of encrypting/decrypting work. 2) The choice of keys and the enciphering algorithm should be free from complexity. 3) The implementation of the process should be as simple as possible. 4) Errors in ciphering should not propagate, corrupting other message parts. 5) The size of the ciphertext should be no larger than its corresponding palintext. Today’s priorities: 1) The encryption/decryption algorithm must be proven to be mathematically sound. 2) The algorithm must have been analyzed by experts for its vulnerability. 3) The algorithm must have stood the “test of time”.
An Unbreakable Cipher The standard Vignère cipher can be broken by analyzing the period of the repeating key. One-Time Pad • the invention of an Army Signal Corp officer, Joseph Mauborgne. • provably unbreakable! • algorithm: a Vignère cipher using a random key of infinite length. What’s the catch? 1) It is difficult to create such large keys that are truly random. 2) Delivery of such sizable keys is often overwhelming.
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z A B C D E F G H I J K L M N O P Q R S T U V W X Y Z B C D E F G H I J K L M N O P Q R S T U V W X Y Z A C D E F G H I J K L M N O P Q R S T U V W X Y Z A B D E F G H I J K L M N O P Q R S T U V W X Y Z A B C E F G H I J K L M N O P Q R S T U V W X Y Z A B C D F G H I J K L M N O P Q R S T U V W X Y Z A B C D E G H I J K L M N O P Q R S T U V W X Y Z A B C D E F H I J K L M N O P Q R S T U V W X Y Z A B C D E F G I J K L M N O P Q R S T U V W X Y Z A B C D E F G H J K L M N O P Q R S T U V W X Y Z A B C D E F G H I K L M N O P Q R S T U V W X Y Z A B C D E F G H I J L M N O P Q R S T U V W X Y Z A B C D E F G H I J K M N O P Q R S T U V W X Y Z A B C D E F G H I J K L N O P Q R S T U V W X Y Z A B C D E F G H I J K L M . . . Z A B C D E F G H I J K L M N O P Q R S T U V W X Y A B C D E F G H I J K L M N O P Q R S T U V W X Y Z a b c d e f g h i j k l m n z HI MOM SEND DOLLARS plaintext fgzmiajjdnchkbghaz key MOYYWMIAHFGCYMRHRQ ciphertext Example include blank () in tableau
Playfair Cipher • Designed by British scientist Sit Charles Wheatstone (1854) and promoted by Baron Playfair of St. Andrews. • a dual-alphabetic substitution cipher • uses a key consisting of a string of unique characters (e.g. SECURITY) Encryption Algorithm S E C U R I/J T Y A B D F G H K L M N O P Q V W X Z 1) Build 5 by 5 table beginning with key followed by remaining alphabet (combine I/J). 2) Insert X between repeated letters in plaintext. (e.g. “BALLOON” becomes “BALXLOXON” 3) Each pair of letters (Lleft, Lright) from modified plaintext is replaced as follows: a) If Lleft in same row as Lright, then replace each with letter in next column to its right. (e.g. for pair “FK” substitute “GD”) b) If Lleft in same column as Lright, then replace each with letter in row beneath. (e.g. for pair “VT” substitute “EF”) c) If Lleft and Lright in different rows and colums, then replace each with the table letter from its own row and the other letter’s column. (e.g. for pair “UN” substitute “CO”)
HI MOM SEND DOLLARS plaintext DA NP LE CM HQ HL OQ TB SE ciphertext Example S E C U R I/J T Y A B D F G H K L M N O P Q V W X Z HI MO MS EN DX DO LX LA RS Still vulnerable to digram and single-character frequency attacks.
HMMEDOLR IOSNDLAS HIMOM SENDD OLLAR S plaintext (in diagonal rows) plaintext (in 5-letter rows) key 35241 HMMEDOLRIOSNDLAS MDRMNLHSOSODRIEL ciphertext ciphertext Transposition Ciphers Rail Fence Transposition Encipher by arranging plaintext in two rows, as illustrated below. A rail fence cypher is trivial to cryptanalyze, much like an Caesar cipher. Tabular Transposition Arrange plaintext row by row in 2D grid and select cipher text from columns. Use a key to determine column order.
HIMOM SENDD OLLAR S MDRMN LHSOS ODRIE L plaintext (in 5-letter rows) after first transposition key 35241 NSERSRMLOLMOIDHD ciphertext The prior tabular transposition is still extremely vulnerable to attack by digram frequency analysis. A repeated transposition improves the cipher.
Round 1 f subkey1 HI Mom S XYWJLRAM block of ciphertext block of plaintext Round 2 f subkey2 + + + + • • • • • • • • • f some function Round N f subkeyN exclusive OR (bitwise) Feistel Ciphers Key • Horst Feistel (IBM) invented the basic algorithm in 1973. • Feistel ciphers use symmetric block encryption relying upon product transformations. • Encryption & decryption use the same algorithm.
DES DES Data Encryption Standard - an algorithm selected by the National Institute of Standards Technology for the encryption of non-classified data. The current DES algorithm was adopted by the U.S. Nat. Bureau of Standards in 1977. Block size: 64 bits Key size: 56 bits + 8-bit parity 16-round Feistel encryption (preceded by one permutation and followed by the permutation’s inverse) Subkeys The key (56-bits) is split in two and each half is rotated left by 1 or 2 bits. The resulting two 28-bit values index into a table to produce a 48-bit subkey. The rotated values are also forwarded to compute the next subkey. ffunction 1) input to f is expanded from 32 to 48 bits via table lookup 2) 48-bit value from (1) is XORed with subkey 3) 48-bit value from (2) is partitioned into eight 6-bit values 4) 6-bit values from (3) are separated into outside 2 bits and center 4 bits (outside bits select row and inside bits select column from S-box table) 5) eight S-box lookup values (each 4 bits long) are concatenated
Time to Produce All Possible Encodings Key Size (in bits) Number of Keys (1 encrypt./s) (106 encrypt./s) 32 232 ≈ 4.3 X 109 36 min. 2 msec. 56 256 ≈ 7.2 X 1016 1142 years 10 hr. 128 2128 ≈ 3.4 X 1038 5.4 X 1024 years 5.4 X 1018 years 26-char permutation 26!≈ 4 X 1026 6.4 X 1012 years 6.4 X 106 years DES Crytanalysis Brute Force • 1977 - brute force attacks might be possible in the future [Diffie & Hellman IEEE Computer, June] • 1997 - a distributed collection of 3500 research computers discover DES key in 4 months • 1998 - Electronic Frontier Foundation builds $250K “DES cracker” requiring about 10 hrs.
Other Symmetric Ciphers 3DES - 1979 • also called triple DES • use two keys and three DES encryptions cipher = Ekey1( Dkey2( Ekey1( plaintext ) ) ) • 3DES has an effective key size of 112 bits. IDEA - 1991 • International Data Encryption Algorithm • developers from Swiss Federal Institute of Technology • 128-bit key, but differs from DES in round function and subkey generation. Blowfish - 1993 • developed by Bruce Schneier • compact, efficient, algorithm w/ key of 128 bits RC5 - 1994 • developed by Ron Rivest • efficient algorithm with variable length keys AES - 1999 • Advanced Encryption Standard • selected algorithm: Rijndael • a product cipher using key sizes of 128, 192 and 256 bits (128-bit block size).