DOCSLIB.ORG

Cryptography and Security of Digital Devices Exercise Book

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Cryptography and Security of Digital Devices Exercise Book Cryptography and Security of Digital Devices Exercise book Alessandro Barenghi, Gerardo Pelosi April 6, 2017- Rev 1.4.1 Contents 1 Historical Ciphers and Basic Principles 5 1.1 Substitution Ciphers . 5 1.1.1 Distinguishing ciphers . 5 1.1.2 Breaking Vigenére . 6 1.1.3 Breaking Playfair . 8 1.1.4 Breaking Nihilist . 10 1.2 Permutation Ciphers . 11 1.2.1 A simple permutation cipher . 11 1.2.2 Matrix Based Permutation Cipher . 11 1.3 Composition of historical ciphers . 12 1.3.1 Double Substitution . 12 1.3.2 Double Vigenére . 12 1.3.3 Double Permutation . 13 1.3.4 Mixing Substitutions and Permutations . 14 1.4 Enigma . 15 1.5 Principles of Information Theory . 18 1.5.1 Computing the entropy of random variables . 18 2 Block Ciphers 21 2.1 Data Encryption Standard . 21 2.1.1 DES-V and DES-W . 21 2.1.2 DES-A . 22 2.1.3 DES Collision attacks . 23 2.1.4 DES Block Widening . 24 2.2 Modes of Operation . 25 2.2.1 Error Recovery in CBC and ECB . 25 2.2.2 CBC Malleability . 25 2.2.3 CTR With Repeated IV . 26 2.2.4 Faulty Disk Encryption . 27 2.2.5 Altering messages with CBC and CTR . 28 2.3 Block Cipher Cryptanalysis . 28 2.3.1 S-Box Design . 28 2.3.2 Linear and Differential Cryptanalysis - (I) . 29 2.3.3 Linear and Differential Cryptanalysis - (II) . 32 2.3.4 Linear and Differential Cryptanalysis - (III) . 34 3 Stream Ciphers 37 3.1 Linear Feedback Registers . 37 3.1.1 LFSR (I) . 37 3.1.2 LFSR (II) . 38 3.1.3 LFSR (III) . 39 4 Cryptographic Hashes 41 2 A. Barenghi - G. Pelosi 4.0.1 Hashes with multiplicative groups . 41 4.1 Collisions . 41 4.1.1 Saving on digest size . 41 4.1.2 Strengthening MD5 . 42 4.1.3 Keyed and strengthened SHA-31337 . 42 4.1.4 Triple Collisions . 43 4.2 Length extension attacks . 43 4.2.1 The Gambling House . 43 5 Finite Fields 45 5.1 Prime Fields . 45 ∗ 5.1.1 Quick Computations over Fp .......................... 45 5.2 Polynomial Rings . 45 5.2.1 Irreducible and Primitive polynomials . 45 5.2.2 Irreducible and Primitive polynomials - 2 . 46 5.2.3 Zech Logarithm . 46 6 Public-Key Cryptosystems 49 6.1 RSA Cryptosystem . 49 6.1.1 Computing RSA . 49 6.1.2 Computing RSA - 2 . 49 6.1.3 Mental Poker . 50 6.1.4 Factoring n with collateral information . 51 6.2 Diffie-Hellman Cryptosystem . 53 6.2.1 Prime Field Choice . 53 6.2.2 Breaking DSS-DSA . 53 6.3 Elliptic Curve Cryptosystems . 54 6.3.1 Elliptic Curve Characterization - (I) . 54 6.3.2 Elliptic Curve Characterization - (2) . 55 6.3.3 Faulty RNG and ECDSA . 56 7 Fast Arithmetics, Discrete Logs and Factoring 57 7.1 Montgomery Multiplication . 57 7.1.1 Montgomery Multiplication in radix-4 . 58 7.2 Factoring . 59 7.2.1 Pollard’s P − 1 .................................. 59 7.2.2 Fermat’s Method . 59 7.2.3 Pollard Rho . 60 7.3 Discrete Logarithms . 60 7.3.1 Pohlig-Hellmann method - ex1 - . 60 7.3.2 Pohlig-Hellmann method - ex2 - . 61 8 Protocols 63 8.1 TLS . 63 8.1.1 Ciphersuite choices . 63 8.1.2 SSLv3 IV Flaw . 64 8.2 Custom Protocols Analysis . 65 8.2.1 (Un)Safe communication with symmetric key only . 65 8.2.2 Secure Password Storage . 65 8.2.3 Time-To-Memory tradeoff for bruteforcing - (I) . 66 8.3 Commitment schemes . 67 8.3.1 Washing Dishes . 67 9 Side Channel Attacks 69 3 A. Barenghi - G. Pelosi 9.1 Passive Side Channel Attacks . 69 9.1.1 Simple and Differential Power Analysis . 69 9.2 Fault Attacks . 70 9.2.1 Faulty RSA-CRT signatures . 70 A Useful notions for fast approximations 71 B Summary of linear algebra: Determinant and Matrix Inversion 73 4 Chapter 1 Historical Ciphers and Basic Principles Cryptanalyzing historical ciphers allows to see clearly what does it happen whenever pre-Kerchoff prin- ciple cryptographic schemes are scrutinized with full knowledge of their structure. More in detail, we will be breaking a couple of ciphers employing a known ciphertext only attack: the weakest possible condition for an attacker, sometimes despite the fact that the cipher keyspace is not negligible. 1.1 Substitution Ciphers 1.1.1 Distinguishing ciphers Examining the frequency of the single letters in an encrypted plaintext yields the results depicted in Figure 1.1. From the results of the frequency analysis, what can you infer on the following points: 0:12 0:1 0:08 0:06 0:04 0:02 0 E T A O I N H S R D L U M W C Y F G P B V K X J Q Z Figure 1.1: Letter frequencies of a large English text (the actual letter is employed as the x-axis label), and ciphertext . 1. Which is the plaintext language? 2. Is the employed cipher a substitution cipher of some kind? 3. Does the employed cipher include a permutation? 5 A. Barenghi - G. Pelosi Solution: 1. The letter frequencies match perfectly the ones of plain English: it is quite likely that the plaintext is expressed in it. 2. The match between the two histograms suggests a monoalphabetic substitution to be the technique in use. 3. It is not possible to infer whether or not the cipher includes a permutation from a single-letter frequency analysis, as permutations leave this quantity unaltered. 1.1.2 Breaking Vigenére The polyalphabetic substitution cipher known as the Vigenére cipher was invented by Giovan Battista Bellaso back in 1553, and later misattributed to Vigenére. The scheme exploits a keyword to define a set of shift ciphers which are applied to the plaintext depending on the plaintext letter position. This is done mapping each letter of the alphabet to a shift amount, and applying the circular shifts in the same order of the key letters, to the plaintext. The shifts are repeated enough times to get the whole plaintext mapped into ciphertext. As a simple running example, given HAL as a plaintext, and BBB as the key, the resulting shift amounts are 1-1-1, thus yielding IBM as ciphertext. The main advantage of the Vigenére cipher is a flattening effect on the frequency histogram of the ciphertext letters, as it can be seen in Figure 1.2. The flattening effect is more and more evident as the length of the cipher key grows. 0:12 0:1 0:08 0:06 0:04 0:02 0 E T A O I N H S R D L U M W C Y F G P B V K X J Q Z Figure 1.2: Letter Frequencies of different encrypted texts computed on a ≈450k characters ciphertext: Monoalphabetic Substitution , Vigenére w/ 6 letters key ,Vigenére w/ 30 letters key , One- Time-Pad The Vigenére cipher can be broken observing that, the ciphertext characters in sharing the same position modulo the key length are actually shifted by the same amount. This in turn leads to the possibility of finding out the key length via Kasiski examination, i.e. looking for repeated patterns in the ciphertext, and computing the greatest common divisor of their distances. This.
Load more

Recommended publications
  • 4 Information Theory
    Jay Daigle Occidental College Math 400: Cryptology 4 Information Theory Definition 4.1. A (symmetric) encryption system is composed of: • A set of possible messages M • A set of possible keys K • A set of possible ciphertexts C • An encryption function e : K × M ! C • A decryption function d : K × C ! M such that the decryption function is a partial inverse to the encryption function: that is d(k; e(k; m)) = m e(k; d(k; c)) = c: −1 We often write ek(m) = e(k; m) and dk(c) = d(k; c). Thus for each k 2 K, dk = ek . This implies that each ek is one-to-one. Of course, some encryption systems are terrible. To be good, we'd like our cryptosystem to have the following properties: 1. Given any k 2 K; m 2 M, it's easy to compute e(k; m). 2. Given any k 2 K; c 2 C, it's easy to compute d(k; c). 3. Given a set of ciphertexts ci 2 C, it's difficult to compute dk(ci) without knowing k. 4. Given a collection of pairs (mi; ci), it's difficult to decrypt a ciphertext whose plaintext is not already known. (\known-plaintext attack"). The first two principles make a cryptosystem practically usable; the third and fourth make it secure. The fourth property is by far the most difficult to achieve. You'll notice that all of the cryptosystems we've studied so far satisfy the first two properties, and several of them do at least okay on the third, none of them achieve the fourth at all.
    [Show full text]
  • Amy Bell Abilene, TX December 2005
    Compositional Cryptology Thesis Presented to the Honors Committee of McMurry University In partial fulfillment of the requirements for Undergraduate Honors in Math By Amy Bell Abilene, TX December 2005 i ii Acknowledgements I could not have completed this thesis without all the support of my professors, family, and friends. Dr. McCoun especially deserves many thanks for helping me to develop the idea of compositional cryptology and for all the countless hours spent discussing new ideas and ways to expand my thesis. Because of his persistence and dedication, I was able to learn and go deeper into the subject matter than I ever expected. My committee members, Dr. Rittenhouse and Dr. Thornburg were also extremely helpful in giving me great advice for presenting my thesis. I also want to thank my family for always supporting me through everything. Without their love and encouragement I would never have been able to complete my thesis. Thanks also should go to my wonderful roommates who helped to keep me motivated during the final stressful months of my thesis. I especially want to thank my fiancé, Gian Falco, who has always believed in me and given me so much love and support throughout my college career. There are many more professors, coaches, and friends that I want to thank not only for encouraging me with my thesis, but also for helping me through all my pursuits at school. Thank you to all of my McMurry family! iii Preface The goal of this research was to gain a deeper understanding of some existing cryptosystems, to implement these cryptosystems in a computer programming language of my choice, and to discover whether the composition of cryptosystems leads to greater security.
    [Show full text]
  • Analysis of Stream Ciphers Based on Theoretic Approach
    International Journal of Science and Research (IJSR) ISSN (Online): 2319-7064 Impact Factor (2012): 3.358 Analysis of Stream Ciphers Based on Theoretic Approach Shisif Pokhrel1, Ahmed Abdul Kadhim Basheer2 1Jawaharlal Nehru Technological University Hyderabad, Andhra Pradesh, Hyderabad, Kukatpally - 500085 2Jawaharlal Nehru Technological University Hyderabad, Andhra Pradesh, Hyderabad, Kukatpally - 500085 Abstract: This paper is intended to determine the strength of modern security systems by theoretic approach. The design of existing security system is based on complexity of algorithm and secrecy of key. Besides, several parameters exists that may be useful to determine the strength of cryptosystem. Spurious keys gives text like text as decrypted output to a cryptogram and leads to confusion in proceeding towards unique solution during cryptanalysis. A system rich in spurious keys can be considered as more secured system. This paper presents analysis on stream ciphers and provides a construct model with rich spurious keys. The paper also shows the effect of implementation of Natural Language Model in security system Keywords: Cryptosystem, Cryptogram, Spurious Keys, Code-Points, Unicity Distance 1. Introduction Cryptography is a major tool concerned with security of information. The core of cryptography deals with key establishment and secured communication. The secret key is implemented for encryption and decryption. A basic convention exists in cryptography that the algorithm is public, cant be kept hidden to the attacker and the secrecy of the system solely depend on the secrecy of key and complexity of algorithm. However, there are different parameters defined in information theory of secrecy system like Entropy, Redundancy, Unicity Distance, Equivocation, which describe the strength of cryptosystem.
    [Show full text]
  • Decrypt Cryptotexts: GBLVMUB JOGPSNBUJLZ VMNIR RPNBMZ EBMFLP OFABKEFT Decrypt: VHFUHW GH GHXA VHFUHW GH GLHX, VHFUHW GH WURLV VH
    PROLOGUE - I. Decrypt cryptotexts: Part IV GBLVMUB JOGPSNBUJLZ Secret-key cryptosystems VMNIR RPNBMZ EBMFLP OFABKEFT prof. Jozef Gruska IV054 4. Secret-key cryptosystems 2/99 PROLOGUE - II. CHAPTER 4: SECRET-KEY (SYMMETRIC) CRYPTOGRAPHY Decrypt: In this chapter we deal with some of the very old, or quite old, classical (secret-key or symmetric) cryptosystems and their cryptanalysis that were primarily used in the pre-computer era. VHFUHW GH GHXA These cryptosystems are too weak nowadays, too easy to break, especially VHFUHW GH GLHX, with computers. However, these simple cryptosystems give a good illustration of several of the VHFUHW GH WURLV important ideas of the cryptography and cryptanalysis. Moreover, most of them can be very useful in combination with more modern VHFUHW GH WRXV. cryptosystem - to add a new level of security. prof. Jozef Gruska IV054 4. Secret-key cryptosystems 3/99 prof. Jozef Gruska IV054 4. Secret-key cryptosystems 4/99 BASICS CRYPTOLOGY - HISTORY + APPLICATIONS Cryptology (= cryptography + cryptanalysis) has more than four thousand years long history. Some historical observation People have always had fascination with keeping information away from others. Some people – rulers, diplomats, military people, businessmen – have always had needs to keep some information away from others. BASICS Importance of cryptography nowadays Applications: cryptography is the key tool to make modern information transmission secure, and to create secure information society. Foundations: cryptography gave rise to several new key concepts of the foundation of informatics: one-way functions, computationally perfect pseudorandom generators, zero-knowledge proofs, holographic proofs, program self-testing and self-correcting, . prof. Jozef Gruska IV054 4. Secret-key cryptosystems 5/99 prof.
    [Show full text]
  • Introduction to Cryptography with Open-Source Software
    DISCRETE MATHEMATICS AND ITS APPLICATIONS Series Editor KENNETH H. ROSEN INTRODUCTION TO CRYPTOGRAPHY WITH OPEN-SOURCE SOFTWARE Alasdair McAndrew Victoria University Melbourne, Victoria, Australia CRC Press Taylor &. Francis Croup Boca Raton London New York CRC Press is an imprint of the Taylor & Francis Group, an informa business A CHAPMAN & HALL BOOK Contents Preface xv 1 Introduction to cryptography 1 1.1 Hiding information: Confidentiality 1 1.2 Some basic definitions 3 1.3 Attacks on a cryptosystem 5 1.4 Some cryptographic problems 7 1.5 Cryptographic protocols 8 1.6 Some simple ciphers 12 1.7 Cryptography and computer security 18 1.8 Glossary 19 Exercises 20 2 Basic number theory 23 2.1 Introduction 23 2.2 Some basic definitions 23 2.3 Some number theoretic calculations 27 2.4 Primality testing 44 2.5 Glossary 47 Exercises 48 3 Classical cryptosystems 55 3.1 Introduction 55 3.2 The Caesar cipher 56 3.3 Translation ciphers 57 3.4 Transposition ciphers 58 3.5 The Vigenere cipher 61 3.6 The one-time pad 65 3.7 Permutation ciphers 65 3.8 Matrix ciphers 66 3.9 Glossary 71 Exercises 71 4 Introduction to information theory 79 4.1 Entropy and uncertainty 79 ix X 4.2 Perfect secrecy 82 4.3 Estimating the entropy of English 84 4.4 Unicity distance 88 4.5 Glossary • 89 Exercises 89 5 Public-key cryptosystems based on factoring 93 5.1 Introduction 93 93 5.2 The RSA cryptosystem . 5.3 Attacks against RSA 99 5.4 RSA in Sage 101 5.5 Rabin's cryptosystem 104 5.6 Rabin's cryptosystem in Sage 109 5.7 Some notes on security HI 5.8 Factoring H2 5.9
    [Show full text]
  • SOLVING CIPHER SECRETS Edited by M
    SOLVING CIPHER SECRETS Edited by M. E. Ghaver INTERESTED FANS SEND IN SOME LIVELY CHAT-AND SEVERAL NEW PUZZLERS ARE OFFERED FOR HUNGRY HEADS ID you ever have trouble in occasionally, notwithstanding our combined solving some particular efforts to the contrary. cipher? And did you ever This, by way of introduction, fans, to a feel like running the party sort of " get-together " celebration that we ragged that contrived the have planned in this article. affair? It's just this way. So much has been Well, that's how Frank Spalding, of received from cipher enthusiasts in the way Wrangell, Alaska, must have felt about the of interesting questions, general comments, cipher of Foster F. V. Staples, in the June ciphers, and methods of solving them, that 6 " Solving Cipher Secrets." the only adequate way to cope with the sit• " If I could have caught him last night— uation, and thus to discharge this duty to June 7," writes Mr. Spalding, " he would our readers, is for us all to get together in have had to do some tall explaining." an entire article devoted to that purpose. Nevertheless, Mr. Spalding succeeded in So let's pull up our chairs and talk things solving this cipher, as well as all the others over. It may be that your particular ques• in that issue, although he confesses that tion will not crop up. Btit in that event when he had finished the lot he was " not a you will find another case that covers the good Christian any more!" same ground more completely.
    [Show full text]
  • Caesar Cipher Yjggngt Kuncpf
    Caesar Cipher Yjggngt Kuncpf The Caesar cipher was one of the earliest ciphers ever invented. 25 for uppercase characters; it performs modular addition of the value, using the size of the alphabet as the modulus;. Instalação: $ npm install caesar-cipher-lib. A different version than the online version below, it is exactly like the Caesar Cipher program that comes on the diskette included with "Secret Code Breaker - A Cryptanalyst's Handbook". Brit explains the Caesar cipher, the first popular substitution cipher, and shows how it was broken with "frequency analysis" Watch the next lesson In this video, i have explained the concept of Caesar Cipher in Cryptography and Network Security. 1 CAESAR METHOD: There are number of methods to encrypt a plain text, the ancient one is Caesar Cipher, It is a process of. Fountas And Pinnell Sight Word List 200 Humane killing on farm is often carried out using a rifle and, depending on the species, will be done using one of the following positions: Frontal method – the firearm is directed at a point midway across the forehead where two lines from the topside of the base of the ears and top of the eyes intersect (pigs – from the bottom side of the. Download Caesar Cipher Encrypter-Decrypter for free. The method is named after Julius Caesar, who used it in his private correspondence. In this video, i have explained the concept of Caesar Cipher in Cryptography and Network. It is named for Julius Caesar, who used it to encrypt messages of military importance that he did not wish to fall into enemy hands.
    [Show full text]
  • Solving Substitution Ciphers
    Solving Substitution Ciphers Sam Hasinoff Department of Computer Science, University of Toronto [email protected] Abstract We present QUIPSTER, an experimental system for the automatic solu- tion of short substitution ciphers (Cryptoquotes). The system operates using an -gram model of English characters and stochastic local search over the space of ¡£¢¥¤§¦©¨ possible keys. Experimental results show a median of 94% cipher letters correctly decoded, which is typi- cally good enough for an unskilled human to finish decoding the cipher with minimal additional effort. Extensions incorporating a dictionary with word frequencies and a database of word patterns are also discussed. 1 Introduction In Arthur Conan Doyle’s short story “The Adventure of the Dancing Men” (1903), the pro- tagonist Sherlock Holmes solves a murder mystery by realizing that a series of unusual stick figure drawings (Figure 1) are actually messages encoded using a substitution cipher [5]. The substitution cipher is a well-known classical cipher in which every plaintext character in all its occurrences in a message is replaced by a unique ciphertext character. Figure 1: Dancing men ciphertext from “The Adventure of the Dancing Men” (1903). Thus, each permutation of the 26 letters of the English alphabet (there are ¡¢¤¦¨ in total) gives a unique key for encrypting a message. If a particular permutation is used to encrypt a message, then the inverse of that permutation can be used to decrypt it. A worked out example of a substitution cipher is given in Figure 2. Decoding substitution ciphers is a popular activity among amateur cryptographers and peo- ple who enjoy word puzzles.
    [Show full text]
  • Introduction to Symmetric Cryptography
    Introduction to Symmetric Cryptography Lars R. Knudsen June 2014 L.R. Knudsen Introduction to Symmetric Cryptography What is cryptography? Cryptography is communication in the presence of an adversary Ron Rivest. Coding theory Detection and correction of random errors Cryptography Detection and protection of hostile \errors" L.R. Knudsen Introduction to Symmetric Cryptography What is cryptography about? Secrecy (confidentiality) Keeping things secret (data, communication, entity, etc.) Authentication Assurance about authenticity (of data, origin, entity, etc.) L.R. Knudsen Introduction to Symmetric Cryptography Symmetric encryption Classical encryption Secure channel %AC&@9^( Message Encryption Decryption Message L.R. Knudsen Introduction to Symmetric Cryptography Public-key encryption L.R. Knudsen Introduction to Symmetric Cryptography Public-key versus symmetric cryptosystems Advantages Disadvantages Symmetric fast systems secure key-exchange Public-key slow systems no secure key-exchange Hybrid encryption L.R. Knudsen Introduction to Symmetric Cryptography Introduction to symmetric cryptosystems Cryptosystem( P; C; K; E; D) P : set of plaintexts C : set of ciphertexts K : set of keys E : for k 2 K : ek (x) encryption rule D : for k 2 K : dk (x) decryption rule For every k 2 K : it holds for all m that dk (ek (m)) = m L.R. Knudsen Introduction to Symmetric Cryptography Symmetric encryption Kerckhoffs’ principle Everything is known to an attacker except for the value of the secret key. Attack scenarios Ciphertext only Known plaintext Chosen plaintext/ciphertext Adaptive chosen plaintext/ciphertext (black-box) Typical goal High security even under black-box attack L.R. Knudsen Introduction to Symmetric Cryptography Claude E. Shannon, 1916-2001 Communication Theory of Secrecy Systems, published in 1949.
    [Show full text]
  • Codebreakers
    1 Some of the things you will learn in THE CODEBREAKERS • How secret Japanese messages were decoded in Washington hours before Pearl Harbor. • How German codebreakers helped usher in the Russian Revolution. • How John F. Kennedy escaped capture in the Pacific because the Japanese failed to solve a simple cipher. • How codebreaking determined a presidential election, convicted an underworld syndicate head, won the battle of Midway, led to cruel Allied defeats in North Africa, and broke up a vast Nazi spy ring. • How one American became the world's most famous codebreaker, and another became the world's greatest. • How codes and codebreakers operate today within the secret agencies of the U.S. and Russia. • And incredibly much more. "For many evenings of gripping reading, no better choice can be made than this book." —Christian Science Monitor THE Codebreakers The Story of Secret Writing By DAVID KAHN (abridged by the author) A SIGNET BOOK from NEW AMERICAN LIBRARV TIMES MIRROR Copyright © 1967, 1973 by David Kahn All rights reserved. No part of this book may be reproduced or transmitted in any form or by any means, electronic or mechanical, including photocopying, recording or by any information storage and retrieval system, without permission in writing from the publisher. For information address The Macmillan Company, 866 Third Avenue, New York, New York 10022. Library of Congress Catalog Card Number: 63-16109 Crown copyright is acknowledged for the following illustrations from Great Britain's Public Record Office: S.P. 53/18, no. 55, the Phelippes forgery, and P.R.O. 31/11/11, the Bergenroth reconstruction.
    [Show full text]
  • 2. Classic Cryptography Methods 2.1. Spartan Scytale. One of the Oldest Known Examples Is the Spartan Scytale (Scytale /Skɪtəl
    2. Classic Cryptography Methods 2.1. Spartan scytale. One of the oldest known examples is the Spartan scytale (scytale /skɪtəli/, rhymes with Italy, a baton). From indirect evidence, the scytale was first mentioned by the Greek poet Archilochus who lived in the 7th century B.C. (over 2500 years ago). The ancient Greeks, and the Spartans in particular, are said to have used this cipher to communicate during military campaigns.Sender and recipient each had a cylinder (called a scytale) of exactly the same radius. The sender wound a narrow ribbon of parchment around his cylinder, then wrote on it lengthwise. After the ribbon is unwound, the writing could be read only by a person who had a cylinder of exactly the same circumference. The following table illustrate the idea. Imagine that each column wraps around the dowel one time, that is that the bottom of one column is followed by the top of the next column. Original message: Kill king tomorrow midnight Wrapped message: k i l l k i n g t o m o r r o w m i d n i g h t Encoded message: ktm ioi lmd lon kri irg noh gwt The key parameter in using the scytale encryption is the number of letters that can be recorded on one wrap ribbon around the dowel. Above the maximum was 3, since there are 3 rows in the wrapped meassage. The last row was padded with blank spaces before the message was encoded. We'll call this the wrap parameter. If you don't know the wrap parameter you cannot decode a message.
    [Show full text]
  • Theoretical Security
    Theoretical Security Klaus Pommerening Fachbereich Mathematik der Johannes-Gutenberg-Universit¨at Saarstraße 21 D-55099 Mainz February 6, 2000|English version July 30, 2014|last change January 19, 2021 The theory of this section goes back to Claude Shannon[15] (with later simplifications by Hellman[8]). In his paper Shannon developed the first general mathematical model of cryptology as well as the analysis of cryp- tosystems by information theoretical methods. The basic question this the- ory asks is: How much information about the plaintext is preserved in the ciphertext? (no matter how difficult or expensive the extraction of this information is.) If this information doesn't suffice to determine the plaintext, then the cipher is secure. Shannon's ideas are based on the information theory that he had de- veloped before [14]. The practical value of Shannon's theory is limited. But besides it there are almost no sufficient criteria for the security of cryptographic methods that are mathematically proved. In contrast there are lots of necessary cri- teria derived from cryptanalytic procedures. Lacking better ideas one tries to optimize the cryptographic procedures for these necessary conditions. We saw and shall see many instances of this in these lecture notes. 1 K. Pommerening, Theoretical Security 2 1 A Priori and A Posteriori Probabilities Model Scenario Consider • a finite set M0 ⊆ M of possible plaintexts|for example all plaintexts of length r or of length ≤ r, • a finite set K of keys, ∗ • a cipher F = (fk)k2K with fk : M −! Σ . The restriction to a finite set M0 allows us to handle probabilities in the naive way.
    [Show full text]