History Of Cryptography And Cryptanalysis Aleksandar Nikoli´c University of Novi Sad Faculty of Technical Sciences Chair of Informatics [email protected] April 11, 2013 Aleksandar Nikoli´c (FTN) History Of Cryptography April 11, 2013 1 / 32 Overview 1 Introduction 2 History 3 Cryptool 4 Ciphers - making and breaking Caesar’s cipher Simple substitution Vigen`ere Cipher One time pad Enigma machine 5 Conclusion Aleksandar Nikoli´c (FTN) History Of Cryptography April 11, 2013 2 / 32 Introduction What is cryptography? Cryptography is the (very) delicate science of keeping secrets secret. In the old days, cryptography’s sole purpose was to ensure secret communication between two parties. This was achieved by enciphering the message thus rendering it unintelligible to anyone but those who know the secret code. Today, cryptography is used virtually everywhere for all sorts of different purposes: authentication, digital signatures, digital currency, secure computation. Few historical ciphers shall be reviewed and their flaws exposed. Aleksandar Nikoli´c (FTN) History Of Cryptography April 11, 2013 3 / 32 Introduction Terminology Cryptography The science of keeping secrets secret. Cryptanalysis The art and science of breaking and deciphering secret codes. Cryptology Science, branch of mathematics, that includes both of the above. Aleksandar Nikoli´c (FTN) History Of Cryptography April 11, 2013 4 / 32 Introduction Terminology Plaintext Non-enciphered, readable message. Ciphertext Enciphered message, appears to be nonsensical. Encryption Process of turning plaintext into ciphertext. Decryption Reverse. Turning ciphertext into plaintext. Aleksandar Nikoli´c (FTN) History Of Cryptography April 11, 2013 5 / 32 Introduction Usual characters Explaining cryptographic schemes and protocols can sometimes be tricky. These are the standard characters everybody uses when trying to explain anything. Alice and Bob - they are trying to communicate securely. Eve - eavesdropper, trying to listen in on Alice and Bob. Malory - malicious person. Tries to actively disrupt, or in some way trick Alice and Bob and break the security of their communication. Charlie - third person that wants to communicate securely. Trent - trusted third party. Alice, Bob and Charlie can rely on him to play fair and keep secrets. ... Some go too far and say that Alice is Bob’s girlfriend, Eve likes Bob, Malory is his ex, Trent is a good buddy and so on. Cryptographers are strange. Aleksandar Nikoli´c (FTN) History Of Cryptography April 11, 2013 6 / 32 History Beginnings Since the dawn of written communication, there was a need for its secrecy. First known uses of ciphers date back to ancient Egypt where ciphers were carved in stone. There are stories of old soldiers/pirates/spies that would shave their head, tattoo the message and let the hair grow back. Most ancient ciphers were of two kinds: transposition - rearranging the orders of letters. substitution - changing one letter to another. Aleksandar Nikoli´c (FTN) History Of Cryptography April 11, 2013 7 / 32 History First ciphers Atbash - Hebrew cipher was a first example of substitution cipher. first letter substituted with last, second with second to last and so on obviously, if you knew the scheme, you knew to read it, no key Scytale - Greek cipher - first example of transposition cipher. Used cylinders of different sizes. Long piece of paper rolled onto the cylinder, then text is written vertically. Diameter of the cylinder is the key for decipherment Caesar’s Cipher - shifts the alphabet, thus substituting the letters. Aleksandar Nikoli´c (FTN) History Of Cryptography April 11, 2013 8 / 32 Cryptool A slight digression - Cryptool Cryptool CrypTool 1 is a free, open-source Windows program for cryptography and cryptanalysis. It is available in 5 languages and the most wide-spreaded e-learning software of its kind. It supports both contemporary teaching methods at schools and universities as well as awareness training for employees and civil servants. We will be using it to demonstrate how different historical ciphers work and how they can be broken. Can be downloaded at: http://www.cryptool.org/en/ download-ct1-en/215-ct1-downloads-eng Aleksandar Nikoli´c (FTN) History Of Cryptography April 11, 2013 9 / 32 Ciphers - making and breaking Caesar’s cipher Caesar’s cipher - making Used by Caesar to securely communicate to his generals. Substitution cipher - each letter of the alphabet is shifted a number of position. Caesar supposedly used to shift the alphabet by 3. number of shifts serves as a cipher key Aleksandar Nikoli´c (FTN) History Of Cryptography April 11, 2013 10 / 32 Ciphers - making and breaking Caesar’s cipher Caesar’s cipher - making DEMO TIME! Aleksandar Nikoli´c (FTN) History Of Cryptography April 11, 2013 11 / 32 Ciphers - making and breaking Caesar’s cipher Caesar’s cipher - breaking limited key space, only 26 different values (for English alphabet) easy to try them all can be done with pen and paper highlights one important fact about ciphers still relevant today Keyspace Key space (number of unique keys) of a cipher must be sufficiently large to render brute force attack unfeasible. Aleksandar Nikoli´c (FTN) History Of Cryptography April 11, 2013 12 / 32 Ciphers - making and breaking Simple substitution Simple substitution the flaw of Caesar’s cipher is it’s small key space lets improve on it by, instead of simply shifting the alphabet, rearrange the letters in some way Atbash and Caesar’s ciphers are just examples of this algorithm with specific way of generating the mixed alphabet mixed alphabet can be generated by using a keyword at the beginning and removing the repeating letters ABCDEFGHIJKLMNOPQRSTUVWXYZ QUICKBROWNADEFGHJLMOPSTVYZ some letters can remain the same easy to communicate to the other party or just plain randomly scrambled Aleksandar Nikoli´c (FTN) History Of Cryptography April 11, 2013 13 / 32 Ciphers - making and breaking Simple substitution Simple substitution - making DEMO TIME! Aleksandar Nikoli´c (FTN) History Of Cryptography April 11, 2013 14 / 32 Ciphers - making and breaking Simple substitution Simple substitution - breaking Any ideas on how to break this? Aleksandar Nikoli´c (FTN) History Of Cryptography April 11, 2013 15 / 32 Ciphers - making and breaking Simple substitution Frequency analysis Frequency analysis is a study of frequency of letters in words in a language Letter frequency is not uniform ETAOINSHRDLU are (in that order) the most frequent letters in the regular english text. Aleksandar Nikoli´c (FTN) History Of Cryptography April 11, 2013 16 / 32 Ciphers - making and breaking Simple substitution Simple substitution - breaking Weak ciphers obfuscate the characters, but not the frequency Ciphertext needs to be long enough for frequencies to be correct (300+ characters should be enough) Can be concluded that the most frequent character in the ciphertext is actually the letter E Same goes for second most frequent, the third and so on . Bigrams and Trigrams frequencies can also be used Aleksandar Nikoli´c (FTN) History Of Cryptography April 11, 2013 17 / 32 Ciphers - making and breaking Vigen`ere Cipher Major flaw in the simple substitution ciphers is that character occurance frequency isn’t obfuscated and can be exploited to reveal the plaintext Blase De Vigenere designed his cipher to overcome this flaw. It was used to be called le chiffre ind´echiffrable Uses a table and a keyword. Table is a 26x26 alphabet matrix If message was ATTACK and keyword was SECRET the ciphertext would be SXVRGD Aleksandar Nikoli´c (FTN) History Of Cryptography April 11, 2013 18 / 32 Ciphers - making and breaking Vigen`ere Cipher Vigen`ere CipherSimple substitution - making DEMO TIME! Aleksandar Nikoli´c (FTN) History Of Cryptography April 11, 2013 19 / 32 Ciphers - making and breaking Vigen`ere Cipher Vigen`ere Cipher - breaking Surelly this one is secure!?! Aleksandar Nikoli´c (FTN) History Of Cryptography April 11, 2013 20 / 32 Ciphers - making and breaking Vigen`ere Cipher Vigen`ere Cipher - breaking What we have is actually just multiple different substitutions. Every other character (up to the length of a keyword) is substituted by another mixed alphabet If we knew what the keyword length was, we can split the ciphertext into multiple simple substitution ciphertexts and solve them as before. Problem with this cipher is the repeating nature of it’s key Aleksandar Nikoli´c (FTN) History Of Cryptography April 11, 2013 21 / 32 Ciphers - making and breaking Vigen`ere Cipher Kasiski test Sometimes, repeated words in the plaintext will be encrypted by the same part of the key Key: ABCDABCDABCDABCDABCDABCDABCD Plaintext: CRYPTOISSHORTFORCRYPTOGRAPHY Ciphertext: CSASTPKVSIQUTGQUCSASTPIUAQJB By counting the distance between the repetitions, we can guess the length of the key. In this case, the distance is 16, so the probable key lengths are 2,4,8, or 16. Aleksandar Nikoli´c (FTN) History Of Cryptography April 11, 2013 22 / 32 Ciphers - making and breaking Vigen`ere Cipher Index Of Coincidence Another way to determine key length Exploiting the known probabilities of the language, we can estimate the key length with this formula: 25 n (n − 1) κ = X i i . c n(n − 1) i=0 Aleksandar Nikoli´c (FTN) History Of Cryptography April 11, 2013 23 / 32 Ciphers - making and breaking One time pad One time pad Major flaw of the Vigen`ere Cipher is it’s repeating key. What if we made the key as long as the message? One time pad cipher - the key is as long as the message. Provably unbreakable! Aleksandar Nikoli´c (FTN) History