Professional Documents
Culture Documents
Plaintext- original message Ciphertext coded message Enciphering, encryption process of converting from plaintext to ciphertext eciphering, !ecryption restoring the plaintext from the ciphertext Cryptography area of study schemes for enciphering Cryptographic "y"te#, cipher scheme of enciphering Cryptanaly"i" techniques for deciphering a message without knowledge of the enciphering details Cryptology areas of cryptography and cryptanalysis
OUTLINE
1. SYMM !"#$ $#%& " M'( ) *. S+,S!#!+!#'- ! $&-#.+ S /. !"0-S%'S#!#'- ! $&-#.+ S 1. "'!'" M0$&#- S 2. S! 30-'3"0%&Y
SY$$ETRIC CIPHER $O EL
Symmetric 4conventional5 encryption scheme has the following ingredients
!here are * requirements for secure use of conventional encryption6 1. 7e need a strong encryption algorithm the opponent should 8e una8le to decrypt ciphertext or to discover the key even if s9he is in the possession of a num8er of ciphertexts together with the plaintext that produced each ciphertext *. Sender and receiver must have o8tained copies of the secret key in a secure fashion and must keep the key secure. #f someone can discover the key and knows the algorithm: all communication using this key is reada8le 7e assume that it is impractical to decrypt a message on the 8asis of the ciphertext plus knowledge of the encryption9decryption algorithm: i.e. we do not need to keep the algorithm secret; we need to keep only the key secret. )et<s consider essential elements of a symmetric encryption scheme6
7e can write6 Y=
>
4?5
?= (>4Y5 'pponent knows Y: : (. &e may 8e interested to recover ? or9and >. >nowledge of > gives him opportunity to read future messages.
CRYPTO(RAPHY
$ryptographic systems are characteri@ed 8y 1. !he type of operations used for transforming plaintext to ciphertext 4su8stitution: transposition5. Aundamental requirement no information 8e lost *. !he num8er of keys used 41 key symmetric: single-key: secretkey; * keys asymmetric: two-key: pu8lic-key5 /. !he way in which the plaintext is processed 48lock cipher: stream cipher5. Stream cipher may 8e viewed as a 8lock cipher with 8lock si@e equal to 1 element.
CRYPTANALYSIS
!here are two general approaches to attacking a conventional encryption scheme6 1. Cryptanaly"i") attempts to use characteristics of the plaintext or even some plaintext-ciphertext pairs to deduce a specific plaintext or key 8eing used *. *r+te,-orce attac.) every possi8le key is tried until an intelligi8le translation into plaintext is o8tained. 'n average: half of all possi8le keys should 8e tried to achieve success.
0ll forms of cryptanalysis for symmetric encryption try to exploit the fact that traces of structure or pattern in the plaintext may survive encryption and 8e discerni8le in the ciphertext. $ryptanalysis for pu8lic-key schemes tries to use mathematical properties of pair of keys to deduce one from the other.
SU*STITUTION TECHNIQUE
0 su8stitution technique is one in which the letters of plaintext are replaced 8y other letters or 8y num8ers. #f the plaintext is viewed as a sequence of 8its: then su8stitution involves replacing plaintext 8it patterns with ciphertext 8it patterns
CAESAR CIPHER
#t was used 8y Fulius $aesar. !he $aesar cipher involves replacing each letter of the alpha8et with the letter standing three places further down the alpha8et Aor example Plain: meet me after the toga party Cipher: PHHW PH DIWHU WKH WRJD SDUWB !ransformation is made using the following mapping6 Plain: a bc d efgh i ! l mno p" r # t $ % &'y ( Cipher: D ) * + H I J K , - . / P 0 R S 1 U 2 W 3 4 5 6 B C )et us assign a numerical equivalent to each letter from E to *2. !hen the algorithm may 8e expressed as follows. Aor each plaintext letter p: su8stitute the ciphertext letter $6 $= 4p5=4pG/5 mod *B 0 shift may 8e of any amount: so that general $aesar algorithm is
$= 4p5=4pGk5 mod *B: where k takes on a value in the range 1 to *2. !he decryption algorithm is simply p=(4$5=4$-k5 mod *B #f it is known that a given ciphertext is a $aesar cipher: then a 8ruteforce cryptanalysis is easily performed6 simply try all possi8le *2 keys. !hree important characteristics of this pro8lem ena8le us to use 8ruteforce cryptanalysis6 1. !he encryption and decryption algorithms are known *. !here are only *2 keys to try /. !he language of the plaintext is known and easily recogni@a8le #n most networking situations algorithms are assumed to 8e known. ,rute-force analysis is impractical when algorithm employs large of keys. !he /rd characteristic is also significant. #f the language of the plaintext is not known: then the plaintext output may not 8e recogni@a8le.
#f this file is then encrypted with a simple su8stitution cipher 4expanded to include more than Just *B characters5: then the plaintext may not 8e recogni@ed
$ONOALPHA*ETIC CIPHERS
7ith only *2 keys $aesar cipher is far from secure. 0 dramatic increase in the key space may 8e achieved 8y allowing an ar8itrary su8stitution. #f instead of Plain: a bc d e fgh i ! l mno p" r # t $ %&'y ( Cipher: D ) * + H I J K , - . / P 0 R S 1 U 2 W 3 4 5 6 B C the cipher line can 8e any permutation of the *B alpha8etic sym8ols: then there are *BK or greater than 1L1E *B possi8le keys. !here is however another line of attack. #f the cryptanalyst knows the nature of the plaintext 4e.g.: noncompressed nglish text5: then the analyst can exploit the regularities of the language.
M B.BH $omparing this with Aig.*.2: it seems likely that cipher letters % and I are the equivalents of plain letters e and t: 8ut it is not certain which is which. !he letters S:+:':M: and & are all of the relatively high frequency and pro8a8ly correspond to plain letters from the set Oa:h:i:n:o:r:sP. !he letters with the lowest frequencies 40:,:3:Y:#:F5 are likely included in the set O8:J:k:q:v:x:@P. -ow we could make some tentative assignments and start to fill plaintext to see if it looks like a reasona8le QskeletonR of a message. 0nother way: to consider frequency of two-letter com8inations: is known as digrams. !he most common digram is th. #n our ciphertext: the most common digram is I7: which appears / times. So: we make correspondence6 I t: 7 h. !hen: % is equated with e. -ow notice that sequence I7% appears in the ciphertext: and we can translate it as QtheR. -ext: notice I7SI in the first line. #f they form a complete word: it will 8e thSt. #f so: S equates with a. So far: then: we have
PLAY1AIR CIPHER
!he 8est-known multiple-letter encryption cipher is the %layfair 4invented in 1C21 8y Sir $harles 7heatstone: 8ut it 8ears the name of his friend ,aron %layfair of St. 0ndrews: who championed the cipher at the ,ritish foreign office5: which treats digrams in the plaintext as single units and translates these units into ciphertext digrams.
!he matrix is constructed 8y filling in the letters of the keyword 4minus duplicates5 from left to right and from top to 8ottom: and then filling in the remainder of the matrix with the remaining letters in alpha8etic order. !he letters # and F count as one letter. %laintext is encrypted two letters at a time: according to the following rules6 1. "epeating plaintext letters that would fall in the same pair are separated with a filler letter: such as x: so that balloon will 8e treated as ba l' lo on *. %laintext letters that would fall in the same row of matrix are each replaced with the letter to the right: with the first element of the row circularly following the last. Aor example: ar is encrypted as R-. /. %laintext letters that fall in the same column are each replaced 8y the letter 8eneath: with the top element of the row circularly following the last. Aor example: m$ is encrypted as C-.
HILL CIPHER
#t was developed 8y the mathematician )ester &ill in 1M*M. !he encryption algorithm takes m successive plaintext letters and su8stitutes for them m ciphertext letters. !he su8stitution is determined 8y m linear equations in which each character is assigned a numerical value6
a 8 c d e f g h i J k E 1 * / 1 2 B H C M 1 E l 1 1 m 1 * n 1 / o 1 1 p 1 2 q 1 B r 1 H s 1 C t 1 M u * E v * 1 w * * x * / y * 1 @ *2
Aor m=/: the system can 8e descri8ed as follows6 $1=4k11p1Gk1*p*Gk1/p/5 mod *B $*=4k*1p1Gk**p*Gk*/p/5 mod *B $/=4k/1p1Gk/*p*Gk//p/5 mod *B
!he first / letters of the plaintext are represented 8y the vector 412 E *15. !hen >412 E *15 = 4/H2 C1M 1CB5 mod *B = 411 1/ 1C5 = )-S. $ontinuing in this fashion: the ciphertext for the entire plaintext is )-S&() 7M!"7. (ecryption requires using the inverse of the matrix >. !he inverse > -1 of a matrix > is defined 8y > > -1 = >-1 >=#: where # is the unit matrix 41-s on the diagonal: other elements @eroes5. !he inverse of the matrix does not always exist: 8ut when it does: it satisfies the preceding equation. #n this case: the inverse is
!his is demonstrated as follows6 > >-1 = 11/ 11* C2C 1M2 1M1 2* 0nd after taking mod *B of the o8tained. #n general terms: the &ill system can 8e expressed as follows6 $=
>
4%5=>% mod *B
%= (>4$5=>-1$ mod *B = >-1>% = % 0s with %layfair: the strength of the &ill cipher is that it completely hides single-letter frequencies. 0lthough the &ill cipher is strong against a ciphertext-only attack 4opponent has only ciphertext5: it is easily 8roken with a known plaintext attack 4opponent has pairs plaintext ciphertext5. Aor an mLm &ill cipher: suppose we have m plaintext-ciphertext pairs: each of length m. 7e la8el the pairs %J=4p1J: p*J:T: pmJ5 and $J=4c1J: c*J:T: cmJ5 such that $J=>%J for 1U=JU=m and for some unknown key matrix >. -ow define two mLm matrices ?=4 piJ5 and Y=4 ciJ5.
12 1B
* 2 C = K mod *B 2 1H /
1
2 C M * = 1H / 1 12
12 K = 1B
)et<s transformation6
* M 2 1
* 1/H = 12 11M
now that
BE H C mod *B = 1EH 1M /
this key matrix produces required
check
H 1M H 1M H 1M