DOCSLIB.ORG

Cryptography I

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text

Load more

Cryptography I David Basin Institut f¨urInformatik Albert-Ludwigs-Universit¨at Freiburg IT-Security: Theory and Practice (WS02) David Basin 1 Motivation then and now Three can keep a secret, if two of them are dead. — Benjamin Franklin We interact and transact by directing flocks of digital packets towards each other through cyberspace, carrying love notes, digital cash, and secret corporate documents. Our personal and economic lives rely on our ability to let such ethereal carrier pigeons mediate at a distance what we used to do with face-to-face meetings, paper documents, and a firm handshake. How do we converse privately when every syllable is bounced off a satellite and smeared over an entire continent? How should a bank know that it really is Bill Gates requesting from his laptop in Fiji a transfer of $10,000,000,000 to another bank? Fortunately, the mathematics of cryptography can help. — Ron Rivest IT-Security: Theory and Practice (WS02) 29.10.02 David Basin 2 Road map • Basic concepts • A mathematical formalization • Symmetric-key encryption IT-Security: Theory and Practice (WS02) 29.10.02 David Basin 3 Network security model Trusted Third Party Principal Principal Message Information Message Channel Secret Secret Information Information Opponent Since information channel is untrusted, measures must be taken to ensure confidentiality (integrity, ...) of transactions. IT-Security: Theory and Practice (WS02) 29.10.02 David Basin 4 Security measures and mechanisms • Prevention: measures that hinder asset damage. Real-world: build a castle with a moat and crocodiles. E-Commerce: encrypt your credit card number. • Detection: measures to detect when an asset has been damaged, how it has been damaged, and who caused the damage. Real-world: install a closed-circuit television. E-Commerce: monthly statement of credit card transactions. • Reaction: take measures to recover your assets or rectify damages. Real-world: call the police and pray. E-Commerce: block old card and request a new one. IT-Security: Theory and Practice (WS02) 29.10.02 David Basin 5 Information hiding STEGANOGRAPHY SECRET (hidden) CODE WRITING SUBSTITUTION (replace words) CRYPTOGRAPHY CIPHER (scrambled) (replace letters) TRANSPOSITION • Cryptology: the study of secret writing. • Steganography: the science of hiding messages in other messages. • Cryptography: the science of secret writing. N.B. Terms like encrypt, encode, and encipher are often (loosely and wrongly) used interchangeably IT-Security: Theory and Practice (WS02) 29.10.02 David Basin 6 Cryptographic algorithms • General Schema: Ekey1(P) = C , Dkey2(C ) = P Key1 Key2 Ciphertext Plaintext Plain Text Encryption Decryption P C P • Security depends on secrecy of the key, not the algorithm • Symmetric algorithms – Key1 = Key2, or are easily derived from each other. • Asymmetric or public key algorithms – Different keys, which cannot be derived from each other. – Public key can be published without compromising private key. IT-Security: Theory and Practice (WS02) 29.10.02 David Basin 7 Other cryptographic primitives • A function f : X → Y is a one-way function, if f is “easy” to compute for all x ∈ X , but f −1 is “hard” to compute “Easy” and “hard” with respect to complexity theory • A hash function is a one-way function that maps messages of arbitrary length to a fixed size value (e.g., 128 bits) • We will see other cryptographic primitives later Trapdoor functions, pseudo-random generators, . IT-Security: Theory and Practice (WS02) 29.10.02 David Basin 8 Goals for cryptographic algorithms Key1 Key2 Ciphertext Plaintext Plain Text Encryption Decryption • Encryption andP decryption are easyC if keys are known.P • Keep plaintext (or keys) secret from attacker. I.e., it is hard to: – get P from C without Key2. – get the keys even if given one or more pairs of C and corresponding P, IT-Security: Theory and Practice (WS02) 29.10.02 David Basin 9 Cryptanalysis • Cryptanalysis: science of recovering the plaintext from ciphertext without the key. • Always assume attackers know the algorithms used! – Worst-case analysis and realistic in open systems – Algorithms should be published to facilitate the evaluation of their security. • Contrast with security by obscurity. Analogy: hide a letter under your mattress versus lock it in a safe, whose design has been published and whose locking mechanism has withstood attacks from the world’s best safecrackers. IT-Security: Theory and Practice (WS02) 29.10.02 David Basin 10 Kinds of attacks Ciphertext only Given: C1 = EK (M1),..., Cn = EK (Mn) Deduce: M1,..., Mn or algorithm to compute Mn+1 from Cn+1 = EK (Mn+1) Known plaintext Given: M1, C1 = EK (M1),..., Mn, Cn = EK (Mn) Deduce: Inverse key or algorithm to compute Mn+1 from Cn+1 = EK (Mn+1) Chosen plaintext Same as above but cryptanalyst may choose M1,..., Mn. Adaptive chosen plaintext Cryptanalyst can not only choose plaintext, but he can modify the plaintext based on encryption results. Chosen ciphertext Cryptanalyst can chose different ciphertexts to be decrypted and gets access to the decrypted plaintext. Rubber-hose Cryptanalyst bribes or tortures someone until he gets the key! IT-Security: Theory and Practice (WS02) 29.10.02 David Basin 11 Road map • Basic concepts • A mathematical formalization • Symmetric key encryption IT-Security: Theory and Practice (WS02) 29.10.02 David Basin 12 Encryption/decryption • A, the alphabet, is a finite set. • M, the message space, is A∗, the finite strings over A. M ∈ M is a plaintext (message). • C is the ciphertext space, whose alphabet may differ from M. • K denotes the key space of keys. • Each e ∈ K determines a bijective function from M to C, denoted by Ee. Ee is the encryption function (or transformation). • For each d ∈ K, Dd denotes a bijection from C to M. Dd is the decryption function. • Applying Ee (or Dd ) is called encryption (or decryption). IT-Security: Theory and Practice (WS02) 29.10.02 David Basin 13 Encryption/decryption (cont.) • An encryption scheme (or cipher) consists of a set {Ee : e ∈ K} and a corresponding set {De : e ∈ K} with the property that for −1 each e ∈ K there is a unique d ∈ K such that Dd = Ee ; i.e., Dd (Ee(m)) = m for all m ∈ M . • The keys e and d above form a key pair, sometimes denoted by (e, d). They can be identical. • To construct an encryption scheme requires fixing a message space M, a ciphertext space C and a key space K, as well as encryption transformations {Ee : e ∈ K} and corresponding decryption transformations {Dd : d ∈ K}. IT-Security: Theory and Practice (WS02) 29.10.02 David Basin 14 Question — why bother with keys? • Formalization based on two parties exchanging a key pair (e, d) to achieve confidentiality. • Why not just exchange encryption/decryption functions? IT-Security: Theory and Practice (WS02) 29.10.02 David Basin 14 Question — why bother with keys? • Formalization based on two parties exchanging a key pair (e, d) to achieve confidentiality. • Why not just exchange encryption/decryption functions? • Answer: By exchanging key pairs, if some encryption/decryption transformation is revealed, one doesn’t have to redesign entire scheme. Just exchange new keys! • Analogy with combination lock: If your combination is compromised, just change it, not the physical lock. However, if the lock design is compromised . IT-Security: Theory and Practice (WS02) 29.10.02 David Basin 15 An example Let M = {m1, m2, m3} and C = {c1, c2, c3}. There are 3! = 6 bijections from M to C. The key space K = {1, 2, 3, 4, 5, 6} specifies these transformations. E1 E2 E3 m1 c1 m1 c1 m1 c1 m2 c2 m2 c2 m2 c2 m3 c3 m3 c3 m3 c3 E4 E5 E6 m1 c1 m1 c1 m1 c1 m2 c2 m2 c2 m2 c2 m3 c3 m3 c3 m3 c3 Suppose Alice and Bob agree on the transformation E1. To encrypt m1, Alice computes E1(m1) = c3. Bob decrypts c3 by reversing the arrows on the diagram for E1 and observing that c3 points to m1. IT-Security: Theory and Practice (WS02) 29.10.02 David Basin 16 Road map • Basic concepts • A mathematical formalization • Symmetric-key encryption Codes, substitution ciphers, transposition ciphers, one-time pads. IT-Security: Theory and Practice (WS02) 29.10.02 David Basin 17 Symmetric key encryption • Consider an encryption scheme {Ee : e ∈ K} and {Dd : d ∈ K}. The scheme is symmetric-key if for each associated pair (e, d) it is computationally “easy” to determine d knowing only e and to determine e from d. In practice e = d. • Other terms: single-key, one-key, private-key, and conventional encryption. • A block cipher is an encryption scheme that breaks up the plaintext message into strings (blocks) of a fixed length t and encrypts one block at a time. • A stream cipher is one where the block-length is 1. • In contrast, codes work on words of varying length. IT-Security: Theory and Practice (WS02) 29.10.02 David Basin 18 Codes • Code: a string of symbols stands for a complete message. • Translation given by a ‘code-book’. Word Code ... ... The 1701 secret 5603 mischiefs 4008 that 3790 I 2879 set 0524 ... ... IT-Security: Theory and Practice (WS02) 29.10.02 David Basin 18 Codes • Code: a string of symbols stands for a complete message. • Translation given by a ‘code-book’. Word Code ... ... The 1701 secret 5603 mischiefs 4008 that 3790 I 2879 set 0524 ... ... 2327 6605 1702 9853 0001 0970 3190 8817 1320 0000 = 1701 5603 4008 3790 2879 0524 7946 = 2879 2870 6699 1702 3982 5550 8102 7354 0000 = IT-Security: Theory and Practice (WS02) 29.10.02 David Basin 18 Codes • Code: a string of symbols stands for a complete message. • Translation given by a ‘code-book’.
Recommended publications
  • Enhancing the Security of Caesar Cipher Substitution Method Using a Randomized Approach for More Secure Communication

    Enhancing the Security of Caesar Cipher Substitution Method Using a Randomized Approach for More Secure Communication

    International Journal of Computer Applications (0975 – 8887) Volume 129 – No.13, November2015 Enhancing the Security of Caesar Cipher Substitution Method using a Randomized Approach for more Secure Communication Atish Jain Ronak Dedhia Abhijit Patil Dept. of Computer Engineering Dept. of Computer Engineering Dept. of Computer Engineering D.J. Sanghvi College of D.J. Sanghvi College of D.J. Sanghvi College of Engineering Engineering Engineering Mumbai University, Mumbai, Mumbai University, Mumbai, Mumbai University, Mumbai, India India India ABSTRACT communication can be encoded to prevent their contents from Caesar cipher is an ancient, elementary method of encrypting being disclosed through various techniques like interception plain text message into cipher text protecting it from of message or eavesdropping. Different ways include using adversaries. However, with the advent of powerful computers, ciphers, codes, substitution, etc. so that only the authorized there is a need for increasing the complexity of such people can view and interpret the real message correctly. techniques. This paper contributes in the area of classical Cryptography concerns itself with four main objectives, cryptography by providing a modified and expanded version namely, 1) Confidentiality, 2) Integrity, 3) Non-repudiation for Caesar cipher using knowledge of mathematics and and 4) Authentication. [1] computer science. To increase the strength of this classical Cryptography is divided into two types, Symmetric key and encryption technique, the proposed modified algorithm uses Asymmetric key cryptography. In Symmetric key the concepts of affine ciphers, transposition ciphers and cryptography a single key is shared between sender and randomized substitution techniques to create a cipher text receiver. The sender uses the shared key and encryption which is nearly impossible to decode.
  • Simple Substitution and Caesar Ciphers

    Simple Substitution and Caesar Ciphers

    Spring 2015 Chris Christensen MAT/CSC 483 Simple Substitution Ciphers The art of writing secret messages – intelligible to those who are in possession of the key and unintelligible to all others – has been studied for centuries. The usefulness of such messages, especially in time of war, is obvious; on the other hand, their solution may be a matter of great importance to those from whom the key is concealed. But the romance connected with the subject, the not uncommon desire to discover a secret, and the implied challenge to the ingenuity of all from who it is hidden have attracted to the subject the attention of many to whom its utility is a matter of indifference. Abraham Sinkov In Mathematical Recreations & Essays By W.W. Rouse Ball and H.S.M. Coxeter, c. 1938 We begin our study of cryptology from the romantic point of view – the point of view of someone who has the “not uncommon desire to discover a secret” and someone who takes up the “implied challenged to the ingenuity” that is tossed down by secret writing. We begin with one of the most common classical ciphers: simple substitution. A simple substitution cipher is a method of concealment that replaces each letter of a plaintext message with another letter. Here is the key to a simple substitution cipher: Plaintext letters: abcdefghijklmnopqrstuvwxyz Ciphertext letters: EKMFLGDQVZNTOWYHXUSPAIBRCJ The key gives the correspondence between a plaintext letter and its replacement ciphertext letter. (It is traditional to use small letters for plaintext and capital letters, or small capital letters, for ciphertext. We will not use small capital letters for ciphertext so that plaintext and ciphertext letters will line up vertically.) Using this key, every plaintext letter a would be replaced by ciphertext E, every plaintext letter e by L, etc.
  • Cryptography in Modern World

    Cryptography in Modern World

    Cryptography in Modern World Julius O. Olwenyi, Aby Tino Thomas, Ayad Barsoum* St. Mary’s University, San Antonio, TX (USA) Emails: [email protected], [email protected], [email protected] Abstract — Cryptography and Encryption have been where a letter in plaintext is simply shifted 3 places down used for secure communication. In the modern world, the alphabet [4,5]. cryptography is a very important tool for protecting information in computer systems. With the invention ABCDEFGHIJKLMNOPQRSTUVWXYZ of the World Wide Web or Internet, computer systems are highly interconnected and accessible from DEFGHIJKLMNOPQRSTUVWXYZABC any part of the world. As more systems get interconnected, more threat actors try to gain access The ciphertext of the plaintext “CRYPTOGRAPHY” will to critical information stored on the network. It is the be “FUBSWRJUASLB” in a Caesar cipher. responsibility of data owners or organizations to keep More recent derivative of Caesar cipher is Rot13 this data securely and encryption is the main tool used which shifts 13 places down the alphabet instead of 3. to secure information. In this paper, we will focus on Rot13 was not all about data protection but it was used on different techniques and its modern application of online forums where members could share inappropriate cryptography. language or nasty jokes without necessarily being Keywords: Cryptography, Encryption, Decryption, Data offensive as it will take those interested in those “jokes’ security, Hybrid Encryption to shift characters 13 spaces to read the message and if not interested you do not need to go through the hassle of converting the cipher. I. INTRODUCTION In the 16th century, the French cryptographer Back in the days, cryptography was not all about Blaise de Vigenere [4,5], developed the first hiding messages or secret communication, but in ancient polyalphabetic substitution basically based on Caesar Egypt, where it began; it was carved into the walls of cipher, but more difficult to crack the cipher text.
  • A Cipher Based on the Random Sequence of Digits in Irrational Numbers

    A Cipher Based on the Random Sequence of Digits in Irrational Numbers

    https://doi.org/10.48009/1_iis_2016_14-25 Issues in Information Systems Volume 17, Issue I, pp. 14-25, 2016 A CIPHER BASED ON THE RANDOM SEQUENCE OF DIGITS IN IRRATIONAL NUMBERS J. L. González-Santander, [email protected], Universidad Católica de Valencia “san Vicente mártir” G. Martín González. [email protected], Universidad Católica de Valencia “san Vicente mártir” ABSTRACT An encryption method combining a transposition cipher with one-time pad cipher is proposed. The transposition cipher prevents the malleability of the messages and the randomness of one-time pad cipher is based on the normality of "almost" all irrational numbers. Further, authentication and perfect forward secrecy are implemented. This method is quite suitable for communication within groups of people who know one each other in advance, such as mobile chat groups. Keywords: One-time Pad Cipher, Transposition Ciphers, Chat Mobile Groups Privacy, Forward Secrecy INTRODUCTION In cryptography, a cipher is a procedure for encoding and decoding a message in such a way that only authorized parties can write and read information about the message. Generally speaking, there are two main different cipher methods, transposition, and substitution ciphers, both methods being known from Antiquity. For instance, Caesar cipher consists in substitute each letter of the plaintext some fixed number of positions further down the alphabet. The name of this cipher came from Julius Caesar because he used this method taking a shift of three to communicate to his generals (Suetonius, c. 69-122 AD). In ancient Sparta, the transposition cipher entailed the use of a simple device, the scytale (skytálē) to encrypt and decrypt messages (Plutarch, c.
  • The Mathemathics of Secrets.Pdf

    The Mathemathics of Secrets.Pdf

    THE MATHEMATICS OF SECRETS THE MATHEMATICS OF SECRETS CRYPTOGRAPHY FROM CAESAR CIPHERS TO DIGITAL ENCRYPTION JOSHUA HOLDEN PRINCETON UNIVERSITY PRESS PRINCETON AND OXFORD Copyright c 2017 by Princeton University Press Published by Princeton University Press, 41 William Street, Princeton, New Jersey 08540 In the United Kingdom: Princeton University Press, 6 Oxford Street, Woodstock, Oxfordshire OX20 1TR press.princeton.edu Jacket image courtesy of Shutterstock; design by Lorraine Betz Doneker All Rights Reserved Library of Congress Cataloging-in-Publication Data Names: Holden, Joshua, 1970– author. Title: The mathematics of secrets : cryptography from Caesar ciphers to digital encryption / Joshua Holden. Description: Princeton : Princeton University Press, [2017] | Includes bibliographical references and index. Identifiers: LCCN 2016014840 | ISBN 9780691141756 (hardcover : alk. paper) Subjects: LCSH: Cryptography—Mathematics. | Ciphers. | Computer security. Classification: LCC Z103 .H664 2017 | DDC 005.8/2—dc23 LC record available at https://lccn.loc.gov/2016014840 British Library Cataloging-in-Publication Data is available This book has been composed in Linux Libertine Printed on acid-free paper. ∞ Printed in the United States of America 13579108642 To Lana and Richard for their love and support CONTENTS Preface xi Acknowledgments xiii Introduction to Ciphers and Substitution 1 1.1 Alice and Bob and Carl and Julius: Terminology and Caesar Cipher 1 1.2 The Key to the Matter: Generalizing the Caesar Cipher 4 1.3 Multiplicative Ciphers 6
  • Index-Of-Coincidence.Pdf

    Index-Of-Coincidence.Pdf

    The Index of Coincidence William F. Friedman in the 1930s developed the index of coincidence. For a given text X, where X is the sequence of letters x1x2…xn, the index of coincidence IC(X) is defined to be the probability that two randomly selected letters in the ciphertext represent, the same plaintext symbol. For a given ciphertext of length n, let n0, n1, …, n25 be the respective letter counts of A, B, C, . , Z in the ciphertext. Then, the index of coincidence can be computed as 25 ni (ni −1) IC = ∑ i=0 n(n −1) We can also calculate this index for any language source. For some source of letters, let p be the probability of occurrence of the letter a, p be the probability of occurrence of a € b the letter b, and so on. Then the index of coincidence for this source is 25 2 Isource = pa pa + pb pb +…+ pz pz = ∑ pi i=0 We can interpret the index of coincidence as the probability of randomly selecting two identical letters from the source. To see why the index of coincidence gives us useful information, first€ note that the empirical probability of randomly selecting two identical letters from a large English plaintext is approximately 0.065. This implies that an (English) ciphertext having an index of coincidence I of approximately 0.065 is probably associated with a mono-alphabetic substitution cipher, since this statistic will not change if the letters are simply relabeled (which is the effect of encrypting with a simple substitution). The longer and more random a Vigenere cipher keyword is, the more evenly the letters are distributed throughout the ciphertext.
  • The Enigma Cipher Machine

    The Enigma Cipher Machine

    The Enigma Cipher Machine Anna Hurlbut 2018-11-27 Abstract The Enigma cipher machine was invented in the early 1920s to help businesses protect commercial secrets, but the German military soon saw its potential application to military communications. By the mid-1930s, every branch of the German military was using Enigma for nearly all their encrypted communications. The electromechanical cipher machine works using a system of wires, rotors, a reflector and a plugboard to send an electrical signal from the keyboard to the lampboard, encrypting each message letter by letter. Enigma masterfully balances ease of use and security, the opposing forces of any cryptosystem. The key space is ap- proximately 15 million million million, and it could be compared to a Vigen´erecipher with a key length of 16900. Though it seemed infallible, the infamous machine eventually failed. While the cryptosystem did have inherent technical flaws, its defeat was mainly a result of errors in human operation. British intelligence at Bletchley Park was able to find patterns in German messages and used these patterns as cracks to break into the entire system. Enigma represents a vital moment in the field of cryptogra- phy. It initiated the transition from by-hand methods to automated and mechanized methods and acted as a catalyst for the development of com- puters. Additionally, Enigma's ultimate failure illustrated the inadequacy of security through obscurity and pointed the future of cryptography to- wards more advanced methods. 1 Contents 1 Historical Context 3 2 Cryptography Basics and Simple Substitution Ciphers 4 2.1 Caesar Cipher . 6 3 The Vigen´ereCipher 6 3.1 Vigen´ereCryptanalysis .
  • A Hybrid Cryptosystem Based on Vigenère Cipher and Columnar Transposition Cipher

    A Hybrid Cryptosystem Based on Vigenère Cipher and Columnar Transposition Cipher

    International Journal of Advanced Technology & Engineering Research (IJATER) www.ijater.com A HYBRID CRYPTOSYSTEM BASED ON VIGENÈRE CIPHER AND COLUMNAR TRANSPOSITION CIPHER Quist-Aphetsi Kester, MIEEE, Lecturer Faculty of Informatics, Ghana Technology University College, PMB 100 Accra North, Ghana Phone Contact +233 209822141 Email: [email protected] / [email protected] graphy that use the same cryptographic keys for both en- Abstract cryption of plaintext and decryption of cipher text. The keys may be identical or there may be a simple transformation to Privacy is one of the key issues addressed by information go between the two keys. The keys, in practice, represent a Security. Through cryptographic encryption methods, one shared secret between two or more parties that can be used can prevent a third party from understanding transmitted raw to maintain a private information link [5]. This requirement data over unsecured channel during signal transmission. The that both parties have access to the secret key is one of the cryptographic methods for enhancing the security of digital main drawbacks of symmetric key encryption, in compari- contents have gained high significance in the current era. son to public-key encryption. Typical examples symmetric Breach of security and misuse of confidential information algorithms are Advanced Encryption Standard (AES), Blow- that has been intercepted by unauthorized parties are key fish, Tripple Data Encryption Standard (3DES) and Serpent problems that information security tries to solve. [6]. This paper sets out to contribute to the general body of Asymmetric or Public key encryption on the other hand is an knowledge in the area of classical cryptography by develop- encryption method where a message encrypted with a reci- ing a new hybrid way of encryption of plaintext.
  • Grade 6 Math Circles Cryptography Solutions Atbash Cipher Caesar Cipher

    Grade 6 Math Circles Cryptography Solutions Atbash Cipher Caesar Cipher

    Faculty of Mathematics Centre for Education in Waterloo, Ontario N2L 3G1 Mathematics and Computing Grade 6 Math Circles November 5/6 2019 Cryptography Solutions Hello World Khoor Zruog Hello Zruog Khoor Khoor Zruog World 1. Person A encrypts plaintext 2. Person B receives ciphertext 3. Person B decrypts ciphertext back into ciphertext into plaintext Atbash Cipher Examples 1. Encrypt \Math Circles" using the Atbash cipher. Nzgs Xrixovh 2. Decrypt \ORLM PRMT" using the Atbash cipher. LION KING Caesar Cipher Examples: Encrypt or decrypt the following messages using the shift number given in parentheses: a) Welcome to Math Circles! (5) Bjqhtrj yt Rfym Hnwhqjx! plaintext A B C D E F G H I J K L M N O P Q R S T U V W X Y Z ciphertext F G H I J K L M N O P Q R S T U V W X Y Z A B C D E 1 b) Ljw hxd anjm cqrb? (9) Can you read this? plaintext A B C D E F G H I J K L M N O P Q R S T U V W X Y Z ciphertext J K L M N O P Q R S T U V W X Y Z A B C D E F G H I c) What if I did a Caesar Shift of 26 units on \Welcome to Math Circles!"? A Caesar shift of 26 would be shifting by the length of the alphabet. For example I would be shifting A 26 letters to the right.
  • Shift Cipher Substitution Cipher Vigenère Cipher Hill Cipher

    Shift Cipher Substitution Cipher Vigenère Cipher Hill Cipher

    Lecture 2 Classical Cryptosystems Shift cipher Substitution cipher Vigenère cipher Hill cipher 1 Shift Cipher • A Substitution Cipher • The Key Space: – [0 … 25] • Encryption given a key K: – each letter in the plaintext P is replaced with the K’th letter following the corresponding number ( shift right ) • Decryption given K: – shift left • History: K = 3, Caesar’s cipher 2 Shift Cipher • Formally: • Let P=C= K=Z 26 For 0≤K≤25 ek(x) = x+K mod 26 and dk(y) = y-K mod 26 ʚͬ, ͭ ∈ ͔ͦͪ ʛ 3 Shift Cipher: An Example ABCDEFGHIJKLMNOPQRSTUVWXYZ 0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 • P = CRYPTOGRAPHYISFUN Note that punctuation is often • K = 11 eliminated • C = NCJAVZRCLASJTDQFY • C → 2; 2+11 mod 26 = 13 → N • R → 17; 17+11 mod 26 = 2 → C • … • N → 13; 13+11 mod 26 = 24 → Y 4 Shift Cipher: Cryptanalysis • Can an attacker find K? – YES: exhaustive search, key space is small (<= 26 possible keys). – Once K is found, very easy to decrypt Exercise 1: decrypt the following ciphertext hphtwwxppelextoytrse Exercise 2: decrypt the following ciphertext jbcrclqrwcrvnbjenbwrwn VERY useful MATLAB functions can be found here: http://www2.math.umd.edu/~lcw/MatlabCode/ 5 General Mono-alphabetical Substitution Cipher • The key space: all possible permutations of Σ = {A, B, C, …, Z} • Encryption, given a key (permutation) π: – each letter X in the plaintext P is replaced with π(X) • Decryption, given a key π: – each letter Y in the ciphertext C is replaced with π-1(Y) • Example ABCDEFGHIJKLMNOPQRSTUVWXYZ πBADCZHWYGOQXSVTRNMSKJI PEFU • BECAUSE AZDBJSZ 6 Strength of the General Substitution Cipher • Exhaustive search is now infeasible – key space size is 26! ≈ 4*10 26 • Dominates the art of secret writing throughout the first millennium A.D.
  • Classic Crypto

    Classic Crypto

    Classic Crypto Classic Crypto 1 Overview We briefly consider the following classic (pen and paper) ciphers o Transposition ciphers o Substitution ciphers o One-time pad o Codebook These were all chosen for a reason o We see same principles in modern ciphers Classic Crypto 2 Transposition Ciphers In transposition ciphers, we transpose (scramble) the plaintext letters o The scrambled text is the ciphertext o The transposition is the key Corresponds to Shannon’s principle of diffusion (more about this later) o This idea is widely used in modern ciphers Classic Crypto 3 Scytale Spartans, circa 500 BC Wind strip of leather around a rod Write message across the rod T H E T I M E H A S C O M E T H E W A L R U S S A I D T O T A L K O F M A N Y T H I N G S When unwrapped, letters are scrambled TSATAHCLONEORTYTMUATIESLHMTS… Classic Crypto 4 Scytale Suppose Alice and Bob use Scytale to encrypt a message o What is the key? o How hard is it for Trudy to break without key? Suppose many different rod diameters are available to Alice and Bob… o How hard is it for Trudy to break a message? o Can Trudy attack messages automatically—without manually examining each putative decrypt? Classic Crypto 5 Columnar Transposition Put plaintext into rows of matrix then read ciphertext out of columns For example, suppose matrix is 3 x 4 o Plaintext: SEETHELIGHT o Ciphertext: SHGEEHELTTIX Same effect as Scytale o What is the key? Classic Crypto 6 Keyword Columnar Transposition For example o Plaintext: CRYPTOISFUN o Matrix 3 x 4 and keyword MATH o Ciphertext:
  • Substitution Ciphers

    Substitution Ciphers

    Foundations of Computer Security Lecture 40: Substitution Ciphers Dr. Bill Young Department of Computer Sciences University of Texas at Austin Lecture 40: 1 Substitution Ciphers Substitution Ciphers A substitution cipher is one in which each symbol of the plaintext is exchanged for another symbol. If this is done uniformly this is called a monoalphabetic cipher or simple substitution cipher. If different substitutions are made depending on where in the plaintext the symbol occurs, this is called a polyalphabetic substitution. Lecture 40: 2 Substitution Ciphers Simple Substitution A simple substitution cipher is an injection (1-1 mapping) of the alphabet into itself or another alphabet. What is the key? A simple substitution is breakable; we could try all k! mappings from the plaintext to ciphertext alphabets. That’s usually not necessary. Redundancies in the plaintext (letter frequencies, digrams, etc.) are reflected in the ciphertext. Not all substitution ciphers are simple substitution ciphers. Lecture 40: 3 Substitution Ciphers Caesar Cipher The Caesar Cipher is a monoalphabetic cipher in which each letter is replaced in the encryption by another letter a fixed “distance” away in the alphabet. For example, A is replaced by C, B by D, ..., Y by A, Z by B, etc. What is the key? What is the size of the keyspace? Is the algorithm strong? Lecture 40: 4 Substitution Ciphers Vigen`ere Cipher The Vigen`ere Cipher is an example of a polyalphabetic cipher, sometimes called a running key cipher because the key is another text. Start with a key string: “monitors to go to the bathroom” and a plaintext to encrypt: “four score and seven years ago.” Align the two texts, possibly removing spaces: plaintext: fours corea ndsev enyea rsago key: monit orsto gotot hebat hroom ciphertext: rcizl qfkxo trlso lrzet yjoua Then use the letter pairs to look up an encryption in a table (called a Vigen`ere Tableau or tabula recta).