Ciphers: Making and Breaking Ralph Morelli Trinity College, Hartford ([email protected])
Smithsonian Institute October 31, 2009
© 2009 Ralph Morelli
You are free to reuse and remix this presentation under a creative commons license provided you give credit to the author. http://creativecommons.org/licenses/by/3.0/us/
This presentation was created using Open Office 3.0, free and open source software. http://www.openoffice.org/
Part II: Cryptology in Transition
Outline
Polyalphabetic Substitution Alberti Cipher Vigenère Cipher – Le Chiffre Indéchiffrable Kasiski Decipherment Mechanical Ciphers The Enigma Machine WWII
Leon Battista Alberti (1404-1472)
Leon Battista Alberti (1404-1472)
Renaissance man. Architect, author, artist, poet, philosopher. Father of Modern Cryptography – First western exposition of frequency analysis. – Invention of polyalphabetic cipher.
Courtyard of the Uffizi Palace
Alberti the Architect
Santa Maria Novella – Florence De Cifris First comprehensive account of cryptanalysis in the West. Invention of the polyalphabetic cipher.
Alberti Cipher Disk
Outer disk stationary with regular alphabet. Inner disk moveable with permuted alphabet. An inner disk letter (k) is picked as index, and aligned with some letter on outer disk (B). The index is changed every 3 or 4 words and inserted into the message. “Ciao amici” might be encrypted as “BlvgyCeztkt”.
Compare Letter Frequencies
Plain Caesar Simple Polyalphabetic
Polyalphabetic Development
Alberti (~ 1472): devised genuine polyalphabetic cipher with mixed alphabet plus a practical cipher disk device. Abbot Trithemius (~ 1508): used tables of regular alphabets to be used in fixed order. Giovanni Battista Belaso (~ 1550 ): invented principle of a key or keyword to select alphabets. Giovanni Battista Porta (~ 1563): “invented” using mixed alphabets. Blaise de Vigenère (~ 1586): combined table or Trithemius, keyword of Belaso, and mixed alphabets of Porta into an autokey cipher.
Johannes Trithemius (1462-1516)
Abbot, occultist.
First printed book crypto book.
Most famous for Steganagraphia (banned book).
Believed to be about occult.
Decrypted in 1998.
Trithemius Cipher
• The Trithemius Cipher cycles through each row of the table.
Encryption:
Meetusatthebridge ABCDEFGHIJKLMNOPQ MFEWYXGABQOMDVRVG
So-called “Chiffre Indéchiffrable”
• The Bellaso Cipher uses a keyword to select alphabets.
Encryption:
ZEBRASZEBRASZEBRAS therearesomethirty
SLFIESQITFMWSLJRTQ ** **
Decryption:
ZEBRASZEBRASZEBRAS slfiesqitfmwsljrtq
THEREARESOMETHIRTY Vigenère's Autokey Cipher
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z • Uses mixed A Z E B R A F I S H C D G J K L M N O P Q T U V W X Y B E B R A F I S H C D G J K L M N O P Q T U V W X Y Z alphabets and the text C B R A F I S H C D G J K L M N O P Q T U V W X Y Z E itself as the key. D R A F I S H C D G J K L M N O P Q T U V W X Y Z E B E A F I S H C D G J K L M N O P Q T U V W X Y Z E B R Encryption: F F I S H C D G J K L M N O P Q T U V W X Y Z E B R A G I S H C D G J K L M N O P Q T U V W X Y Z E B R A F H S H C D G J K L M N O P Q T U V W X Y Z E B R A F I Therearesomethirty (MSG=col) I H C D G J K L M N O P Q T U V W X Y Z E B R A F I S J C D G J K L M N O P Q T U V W X Y Z E B R A F I S H Xtherearesomethirt (KEY=row) K D G J K L M N O P Q T U V W X Y Z E B R A F I S H C OZGUUAOUVIZNWZMYDP (Crypto) L G J K L M N O P Q T U V W X Y Z E B R A F I S H C D M J K L M N O P Q T U V W X Y Z E B R A F I S H C D G N K L M N O P Q T U V W X Y Z E B R A F I S H C D G K Decryption: O L M N O P Q T U V W X Y Z E B R A F I S H C D G K L P M N O P Q T U V W X Y Z E B R A F I S H C D G K L M OZGUUAOUVIZNWZMYDP(MSG=ltr) Q N O P Q T U V W X Y Z E B R A F I S H C D G K L M N R O P Q T U V W X Y Z E B R A F I S H C D G K L M N O XthereareS.. (KEY=row) S P Q T U V W X Y Z E B R A F I S H C D G K L M N O P T Q T U V W X Y Z E B R A F I S H C D G K L M N O P Q O in row X gives column T U T U V W X Y Z E B R A F I S H C D G K L M N O P Q T V U V W X Y Z E B R A F I S H C D G K L M N O P Q T U ... W V W X Y Z E B R A F I S H C D G K L M N O P Q T U V V in row E gives column S X W X Y Z E B R A F I S H C D G K L M N O P Q T U V W Y X Y Z E B R A F I S H C D G K L M N O P Q T U V W X Z Y Z E B R A F I S H C D G K L M N O P Q T U V W X Y Jefferson's Wheel Cipher
Invented in 1795.
26 wheels with random 26- letter alphabets.
Reinvented by Etienne Bazeries in 1890s with 20-30 wheels.
Rearrange the wheels (key) and write message in one row and transmit any other row.
U.S. Army M-94, 1923-1942.
Our Polyalphabetic Cipher Disk
Outer disk stationary Z Y A with regular alphabet. X z x y e B W b Inner disk moveable w C U/ r with permuted alphabet. Vu/v D T a Keyword = zebrafish t E
f
S q
F i/j
p
R
s
G o
Q
h n
H
J
P c
m
d I/ l
O k g
K
N L M
Cipher Disk Exercise
1. Pick a keyword and write it in lower case letters, L to R, on the inner disk. 2. Fill in the rest of the alphabet on the inner disk (i/j and u/v go in one cell each). 3. Pick a key (e.g., A = k) and align the disks. 4. Encrypt: For each plaintext letter, find it on the outer disk and substitute the lower case letter on the inner disk. 5. Decrypt: For each ciphertext letter, find it on the inner disk and substitute the upper case letter on the outer disk.
Breaking the Unbreakable Cipher
Breaking the Vigenère Cipher
Vigenère cipher – a keyword of length n is used to select from among 26 Caesar-shifted alphabets. Thought to be unbreakable for ~ 300 years. 1863: Friederich Kasiski, a Prussian major, developed a method to break it. 1846: Charles Babbage, a British mathematician, philosopher, and inventor, discovered the same method. Basic approach: Find the length of the keyword, n, and use frequency analysis on the n columns, each
of which is a Caesar shifted alphabet. Kasiski Method
Location: 01234 56789 01234 56789 01234 56789 ... Keyword: RELAT IONSR ELATI ONSRE LATIO NSREL ... Plaintext: TOBEO RNOTT OBETH ATIST HEQUE STION ... Ciphertext: KSMEH ZBBLK SMEMP OGAJX SEJCS FLZSY ... Repeated Location Distance Factors Bigram KS 9 9 9, 3 SM 10 9 9, 3 ME 11 9 9, 3 ......
Find the distances between repeated bigrams, some of which are due to repeated bigrams in the plaintext.
Factor the distances—the keyword should have length equal to one factor.
Break the text into columns and use frequency analysis on each column to identify the shifted alphabet used to encrypt that column. Automating Kasiski's Method
Index of Coincidence
Index of coincidence – the number of times two identical letters occur in the same position in two adjacent texts.
William F. Friedman (Father of American cryptography).
Language Normalized IC (1/26) Plain English 0.067 German 0.079 Caesar English 0.065 Simple English 0.065 Substitution
Uniform distribution 0.0385 IC – Example
Plain Caesar Simple Polyalphabetic 0.064 0.064 0.064 0.040
The Chi-square Test
Used for comparing and observed frequency distribution with an expected distribution.
Goodness-of-fit statistic – the smaller the better.
Automated Algorithm
Assumes: long enough polyalphabetic cipher text For each possible keyword length, 2, 3, 4, ..., k – Divide the text into k columns. – Compute the average the IC for the columns. – Select the IC that is closest to 0.067 For each of the k columns – For each possible shift, 1..26. – Compute the Chi-square value. – Select the minimum as the correct Caesar alphabet.
Demo: http://starbase.cs.trincoll.edu/~crypto Rotor Machines
The Enigma Machine
The Enigma Rotor
Rotor Details
Wiring Diagram
Cool Simulation: http://enigmaco.de/enigma/enigma.html
Enigma Cryptanalysis: Poles
1931: Poles deduced the wirings of rotors from betrayed documents and made a replica. Code book with daily keys Plugboard settings: A/K, B/G, M/S, … Rotor order: 2-3-1 Rotor setting: Q-C-W Message key transmitted twice: RAMRAM – LVGHIB Polish cryptanalysis – cracked the day keys: L and H encrypt R, V and I encrypt A, G and B encrypt M. Letter chains (A—F—W—A) led to deduction of daily key. Marian Rejewski: Number of links independent of plugboard so 1017 daily keys reduced to 6 x 263 = 105,456.
Breaking Enigma
Alan Turing Marian Rejewski Government Code Polish Biuro Syzfrow and Cypher School
Hut 6, Bletchley Park
Enigma Cryptanalysis: Brits
Alan Turing, GC&CS, Bletchley Park 159,000,000,000,000,000,000 daily keys. Exploited cycles within cribs of probable words. f u h r e r f--R--r--E--e--F R J T E F H Turing bombes—16 in all, each with 12 sets of Enigma rotors for loops of up to 12 links. Given a crib, the bombes would work out the rotor settings (independent of plugboard). Bletchley Park Bombe
Replica used in Enigma movie.
Bletchley Park Model Principles and Observations
Kerckhoff's principle – the cipher requires a key and should work even if the cipher is known.
Simplicity – More secure ciphers went unused because they were thought to be too difficult.
Cryptanalysts were ahead of cryptographers.
Mary Queen of Scots' problem: Implementation, implementation, implementation.