Chapter 05

CSE 425, Introduction to Computer Security
Chapter 5. Cryptography
5.1 Introduction
Security Engineering
by Ross Anderson
Cryptography Provides the Tools that Are the Foundation For Security Protocols. Where Security Engineering Meets Mathematics.
Cryptography and Network Security

Chapter 2. Classical Encryption Techniques
by William Stallings

Professor Wayne Dyksen Department of Computer Science and Engineering Michigan State University Spring 2006
5-2
Plaintext vs Ciphertext
Plaintext
Original Message Often Denoted by Lower Case Letters E.g., tobeornottobethatisthequestion N.B.: Might Not Be Plain Or Text
Computer Generated Text E.g., mpeg, PostScript, pdf, dll, etc
Encryption vs Decryption
Encryption

5-3
Algorithm That Maps Plaintext to Ciphertext May Use Second Input Called a (Secret) Key May Or May Not Be Reversible (Invertible) AKA Enciphering Algorithm That Maps Ciphertext to Plaintext May Use Second Input Called a (Secret) Key Reverse (Inverse) of the Encryption Algorithm AKA Deciphering
5-4
Decryption
Ciphertext
Coded Message Often Denoted by Upper Case Letters E.g., KIOVIEEIGKIOVNURNVJNUVKHVMGZIA
May Depend on Plain Text and a (Secret) Key
Encryption Illustrated
Encryption Motivation
Shared Key Shared Key
Key
Key
Plain Text
Encryption Algorithm
Cipher Text
Decryption Algorithm
Plain Text
Plain Text
Encryption Algorithm
Cipher Text
Decryption Algorithm
Plain Text
Sender
Transmission
Receiver
5-5
5-6
2006 by Wayne R. Dyksen. All Rights Reserved.
5-1
Michigan State University Department of Computer Science and Engineering
Cryptography
Study of Encryption/Decryption Cryptographic System
Particular Encryption/Decryption Scheme E.g., DES AKA Crypto System, Cipher
Cryptanalysis
Study of Deciphering Ciphertext Without
Key Algorithm? Lots of Ciphertext? Particular Ciphertext? Any Plaintext, Lots of Plaintext? Etc?
Cryptographic Suite
Set of Cryptographic Systems E.g., WEP and WPA for Wi-Fi AKA Crypto Suite
Desires
Decipher One Particular Ciphertext? Decipher Any/All Ciphertexts? (The Key?) Etc?
The Code Breakers

5-7 5-8
Cryptology
Study of
Cryptography Cryptanalysis Whos-on-first? Problem
Cryptographic Systems
Three Characteristics Types of (E/D) Operations Number of Keys Number of Elements Per (E/D) Operation (E/D = Encryption/Decryption) (Element = Letter, Bit, Byte, Etc)
5-9 5-10
Is
very mathematical very hard
Your Goal
Learn Terminology Gain Intuition
Types of (E/D) Operations

Two Fundamental Operations
Substitution
Map One Element Into Another E.g., a B, b C, c D, etc Cryptoquote
Number of Keys
One Key or One Set of Keys
Same for Encryption and Decryption AKA
Symmetric Single-Key Secret-Key
Permutation (Transposition)
Rearrange Elements E.g., 0 7, 1 3, 2 5, 3 0, 4 2, 5 6, 6 1, 7 4 Word Scramble
Two Keys or Two Sets of Keys

Separate for Encryption and Decryption AKA
Asymmetric Two-Key Public-Key
5-11 5-12
Product Systems
Combination of Substitutions and Transpositions Really Composition Systems
5-2
# of Elements Per (E/D) Operation

Stream Cipher
One Element
Letter Bit Byte Etc
Modern Encryption Scheme

plaintext Round 1 Substitution(s) and/or Permutation(s) Key?
Processed As a Stream
Round 2
Substitution(s) and/or Permutation(s)
Key?
Block Cipher
N Elements At A Time
N Letters N Bits N Bytes Etc
Round N
: :
Key?
Processed In Blocks
5-13
CIPHERTEXT
5-14
Cryptanalysis
Two Fundamental Approaches Brute Force
Know E/D Algorithms Try
Every Possible Key On Average Must Try All Possible Keys
Average Time For Brute Force

Key Size (Bits)
32 56 128 168 26 (Chars)
Number of Keys
232 4.3 x 109 256 7.2 x 1016 2128 3.4 x 1038 2168 3.7 x 1050 26! 4 x 1026
Time 1 / s
(1 Encryption/s) 231 s 35.8 mins 255 s 1142 yrs 2127 s 5.4 x 1024 yrs 2167 s 5.9 x 1036 yrs 26!/2 s 6.4 x 1012 yrs
Time 106 / s
(106 Encryptions/s) 2.15 ms 600 hrs 5.4 x 1018 yrs 5.9 x 1030 yrs 6.4 x 106 yrs
Analysis (Cyptanalysis)
Know
Nature of E/D Algorithms? Characteristics of Plaintext? Some Plaintext-Ciphertext Pairs? Etc?
5-15
Does this mean that an encryption scheme with an 128-bit key would take 5.4 x 1018 years to crack?
5-16
Big Numbers
One Million (106) Seconds In a Year Global Population Age of the Universe 1 MIPS Year (MY) Protons In the Universe 220 225 232 234 Years 246 Operations 2256
5-17
Encryption/Decryption Key
Input to Encryption/Decryption Independent of Plaintext Require (Desire)
Secret Are Many (to Chose From) Different Keys Very Different Ciphertext
Often Shared Must Be Managed (Key Management)

Generated Distributed Protected Recovered?
5-18
5-3
Characteristics of Plaintext
Statistical Characteristics
Letter Frequencies: e, t, a, i, Digram Frequencies: th, he, in, Trigram Frequencie: the, and, tha,
Letter Frequencies (English)

5-19
Probable Words
%PDF-1.1, /Type, /Name, /Filter, /ColorSpace, %!PS-Adobe-3.0, %%Creator, %%BeginProlog, Michigan State University Transfer Funds Etc
e t a o i n s h r d l c u
0.12702 0.09056 0.08167 0.07507 0.06966 0.06749 0.06327 0.06094 0.05987 0.04253 0.04025 0.02782 0.02758
m w f g y p b v k j x q z
0.02406 0.02360 0.02228 0.02015 0.01974 0.01929 0.01492 0.00978 0.00772 0.00153 0.00150 0.00095 0.00074
5-20
Digrams & Trigrams

Digrams Most Common, In Order: th, he, in, en, nt, re, er, an, ti, es, on, at, se, nd, or, ar, al, te, co, de, to, ra, et, ed, it, sa, em, ro Trigrams Most Common, In Order: the, and, tha, ent, ing, ion, tio, for, nde, has, nce, edt, tis, oft, sth, men
Start/End-of-Word Letters
Start Word (Top Ten) t 0.1594 a 0.1550 i 0.0823 s 0.0775 o 0.0712 c 0.0597 m 0.0426 f 0.0408 p 0.040 w 0.0382
5-21
End Word (Top Ten) e 0.1917 s 0.1435 d 0.0923 t 0.0864 n 0.0786 y 0.0730 r 0.0693 o 0.0467 l 0.0456 f 0.0408
5-22
Ciphertext Revisited
Coded Message Often Denoted by Upper Case Letters E.g., KIOVIEEIGKIOVNURNVJNUVKHVMGZIA
May Depend on Plain Text and a (Secret) Key Require (Desire)
Unintelligible Undecipherable Unbreakable Appear Random
No Detectable Patterns Its not random. Why not?
5-23
Ciphertext Attacks (1 of 3)
Ciphertext Only
Cryptanalyst Knows Encryption Algorithm Ciphertext To Be Deciphered
Known Plaintext
Cryptanalyst Knows Encryption Algorithm Ciphertext To Be Deciphered One or More Plaintext-Cipher Text Pairs
5-24
5-4
Chosen Plaintext
Cryptanalyst Knows Encryption Algorithm Ciphertext To Be Deciphered Plaintext-Cipher Text Pair with Plaintext Chosen
Chosen Text
Cryptanalyst Knows Encryption Algorithm Ciphertext To Be Deciphered Plaintext-Cipher Text Pair with Plaintext Chosen Plaintext-Cipher Text Pair with Ciphertext Chosen
Known Ciphertext
Cryptanalyst Knows Encryption Algorithm Ciphertext To Be Deciphered Plaintext-Cipher Text Pair with Ciphertext Chosen
5-25
How do you get your chosen plaintext encrypted since you dont know the key? Hmm
5-26
Strong Encryption
Cryptanalyst Can NOT
Decipher the Ciphertext Figure Out the Key
Secure Encryption
Unconditionally Secure
CanNOT Deduce Plaintext from Ciphertext (In Any Amount of Time) Only One Such Known Encryption Algorithm (But Not Practical For Most Applications)
Even If Cryptanalyst
Knows the Algorithm Has the Ciphertext Has One Or More Ciphertexts Has A Number of Plaintext-Ciphertext Pairs
Computationally Secure
Cost of Deciphering > Value of Plaintext Time to Decipher > Useful Lifetime of Plaintext
5-27
5-28
Cryptosystem Requirements
Encryption/Decryption Algorithm
Strong Computationally Secure Plus
Fast? Cheap? Etc?
Conventional Cryptosystem
~P Cryptanalyst ~K
Intercepted Message Source P Encryption Algorithm C Decryption Algorithm P Message Destination
Key
Strong Shared Secure Plus
Transmitted K P = Plaintext
Secure Channel
Fast? Cheap? Etc?

5-29
Key Source
C = Ciphertext K = Key ~ = Approximate

5-30
Which is the hardest part? All of it!
5-5
5.2 Historical Background

Substitution Techniques Transposition Techniques Rotor Machines Steganography
(Julius) Caesar Cipher

Cipher
plain: a b c d e f g h i j k l m n o p q r s t u v w x y z CIPHER: D E F G H I J K L M N O P Q R S T U V W X Y Z A B C
Example
plain: attack the enemy on friday CIPHER: DWWDFN WKH HQHPB RQ IULGDB
Cipher Characteristics
Substitution Monoalphabetic (Single Cipher Alphabet Used)
5-31 5-32
Modular Arithmetic (1 of 5)
Definition For integers a and b, we define r = a mod b if there exist integers n and 0 r < b such that a = b * n + r. Intuitively a mod b is the remainder after dividing a by b
a mod b = r
a div b = n with remainder r a=b*n+r
14 mod 4 = 2
14 div 4 = 3 with remainder 2 14 = 4 * 3 + 2
1095 mod 10 = 5
1095 div 10 = 109 with remainder 5 1095 = 10 * 109 + 5
(b * n) mod b = 0
(b * n) div b = n with remainder 0 (b * n) = b * n + 0
5-33 5-34
What if a < 0?
Note that 0 a mod b < b. Be careful!

5-35
a mod b = r
a=b*n+r
( 7) mod 26 = 19
7 = 26 * ( 1) + 19
Be Careful
(7) mod 26 = 19 (7 mod 26) = 7 7 mod 26 = ?
NB: VBs Mod Operator is Incorrect
Integers mod 5 0 mod 5 = 0 1 mod 5 = 1 2 mod 5 = 2 3 mod 5 = 3 4 mod 5 = 4 5 mod 5 = 0 6 mod 5 = 1 7 mod 5 = 2 8 mod 5 = 3 9 mod 5 = 4
Integers mod 5 10 mod 5 = 0 11 mod 5 = 1 12 mod 5 = 2 13 mod 5 = 3 14 mod 5 = 4 15 mod 5 = 0 16 mod 5 = 1 17 mod 5 = 2 18 mod 5 = 3 19 mod 4 = 4
5-36
5-6
Integers mod n
Only n digits 0, 1,,n-1 Denoted by Zn n Prime
Special Case Use p instead of n Zp
5-37
Caesar Cipher Revisited (1 of 3)

Cipher
plain: a b c d e f g h i j k l m n o p q r s t u v w x y z CIPHER: D E F G H I J K L M N O P Q R S T U V W X Y Z A B C
Let a = 0, b = 1, c = 2, d = 3, , z = 25 Cipher
plain: CIPHER: plain: 0 3 1 4 2 5 3 6 4 7 5 8 6 7 8 9 10 11 12 9 10 11 12 13 14 15
13 14 15 16 17 18 19 20 21 22 23 24 25 CIPHER: 16 17 18 19 20 21 22 23 24 25 0 1 2
5-38

Caesar Cipher
Encode Letters (0, 1, 2,, 25) Add Three (Add d) But Wrap (26 0, 27 1, 28 2)

Let a = 0, b = 1, c = 2, d = 3, , z = 25 Caesar Cipher
Encryption
C = (p + d) mod 26 C = (p + 3) mod 26 C = (p + k) mod 26, key k = d = 3
Hmm
( 0 + 3) mod 26 = 3 ( 1 + 3) mod 26 = 4 ( 2 + 3) mod 26 = 5 ( 3 + 3) mod 26 = 6 ( 4 + 3) mod 26 = 7 ( 5 + 3) mod 26 = 8 ( 6 + 3) mod 26 = 9 ( 7 + 3) mod 26 = 10 ( 8 + 3) mod 26 = 11 ( 9 + 3) mod 26 = 12 (10 + 3) mod 26 = 13 (11 + 3) mod 26 = 14 (12 + 3) mod 26 = 15 (13 + 3) mod 26 = 16 (14 + 3) mod 26 = 17 (15 + 3) mod 26 = 18 (16 + 3) mod 26 = 19 (17 + 3) mod 26 = 10 (18 + 3) mod 26 = 21 (19 + 3) mod 26 = 22 (20 + 3) mod 26 = 23 (21 + 3) mod 26 = 24 (22 + 3) mod 26 = 25 (23 + 3) mod 26 = 0 (24 + 3) mod 26 = 1 (25 + 3) mod 26 = 2
5-39
Decryption
P = (C k) mod 26
Family of Caesar Ciphers

c = (p + k) mod 26, k = any character 25 Ciphers (Why not 26?)
5-40
(Augustus) Caesar Cipher

Cipher
plain: a b c d e f g h i j k l m n o p q r s t u v w x y z CIPHER: C D E F G H I J K L M N O P Q R S T U V W X Y Z A B
Caesar Ciphers Implemented

Excel
CHAR(MOD( CODE($B3)-CODE("a") + CODE(C$2)-CODE("a") , 26) + CODE("A") )
Example
plain: attack the enemy on friday CIPHER: CVVCEM VJG GPGOA QP HTKFCA
Visual Basic
k = Asc(key) - Asc("a") Caesar_Encrypt = "" For i = 1 To Len(plain) p = Asc(Mid(plain, i, 1)) - Asc("a") c = (p + k) Mod 26 Caesar_Encrypt = Caesar_Encrypt & Chr(c + Asc("A")) Next i
5-41 5-42
Augustus changed the key from d to c.

c = (p + 2) mod 26 p = (c 2) mod 26
5-7
Cracking the Caesar Cipher

Ciphertext
SDDUKWWPSEKSJWFGOUSFUWDDWV
Bruce Force Attack

Key 0 a 1 b 2 c 3 d 4 e 5 f 6 g 7 h 8 i 9 j 10 k 11 l 12 m 13 n 14 o 15 p 16 q 17 r 18 s 19 t 20 u 21 v 22 w 23 x 24 y 25 z S s r q p o n m l k j i h g f e d c b a z y x w v u t D d c b a z y x w v u t s r q p o n m l k j i h g f e D d c b a z y x w v u t s r q p o n m l k j i h g f e U u t s r q p o n m l k j i h g f e d c b a z y x w v K k j i h g f e d c b a z y x w v u t s r q p o n m l W w v u t s r q p o n m l k j i h g f e d c b a z y x W w v u t s r q p o n m l k j i h g f e d c b a z y x P p o n m l k j i h g f e d c b a z y x w v u t s r q S s r q p o n m l k j i h g f e d c b a z y x w v u t E e d c b a z y x w v u t s r q p o n m l k j i h g f K k j i h g f e d c b a z y x w v u t s r q p o n m l Ciphertext S J W F s j w f r i v e q h u d p g t c o f s b n e r a m d q z l c p y k b o x j a n w i z m v h y l u g x k t f w j s e v i r d u h q c t g p b s f o a r e n z q d m y p c l x o b k w n a j v m z i u l y h t k x g G g f e d c b a z y x w v u t s r q p o n m l k j i h O o n m l k j i h g f e d c b a z y x w v u t s r q p U u t s r q p o n m l k j i h g f e d c b a z y x w v S s r q p o n m l k j i h g f e d c b a z y x w v u t F f e d c b a z y x w v u t s r q p o n m l k j i h g U u t s r q p o n m l k j i h g f e d c b a z y x w v W w v u t s r q p o n m l k j i h g f e d c b a z y x D d c b a z y x w v u t s r q p o n m l k j i h g f e D d c b a z y x w v u t s r q p o n m l k j i h g f e W w v u t s r q p o n m l k j i h g f e d c b a z y x V v u t s r q p o n m l k j i h g f e d c b a z y x w
Observations
Algorithm Is Known Plaintext Easily Recognizable Only 26 Keys
Attack Ideas?
5-43
5-44
Improvements?
Increase Number of Keys Allow Any Substitution Ordering An Idea
Key: Set of Unique Letters Substitution: Key & (Alphabet Minus Key Letters)
Using the Plaintext Structure

Suppose
Plaintext Structure Known Encryption Preserves Plaintext Structure
Cryptanalyst Attack Strategy

5-45
Example
plain: a b c d e f g h i j k l m n o p q r s t u v w x y z CIPHER: S E C U R I T Y A B D F G H J K L M N O P Q V W X Z
Analysis?
26! Keys
but
(Say For English Text) Single Letter Frequency Digram, Trigram Frequency Start/End-of-Word Letters Probable Words Etc
5-46
Plaintext Structure Preserved
Recall: Letter Frequencies

e t a o i n s h r d l c u 0.12702 0.09056 0.08167 0.07507 0.06966 0.06749 0.06327 0.06094 0.05987 0.04253 0.04025 0.02782 0.02758 m w f g y p b v k j x q z 0.02406 0.02360 0.02228 0.02015 0.01974 0.01929 0.01492 0.00978 0.00772 0.00153 0.00150 0.00095 0.00074
5-47
Recall: Digrams & Trigrams

Digrams Most Common, In Order: th, he, in, en, nt, re, er, an, ti, es, on, at, se, nd, or, ar, al, te, co, de, to, ra, et, ed, it, sa, em, ro Trigrams Most Common, In Order: the, and, tha, ent, ing, ion, tio, for, nde, has, nce, edt, tis, oft, sth, men
5-48
5-8
Analyzing Ciphertext (1 of 6)
VRYJFUOYRNROMPOYNOJERNRFIRQAURHOOYSOSFFGRHSMRCMRSO RURLPSFOYSOOYRXSMRRHUJVRUEXOYRAMCMRSOJMVAOYCRMOSAH PHSFARHSEFRMATYONOYSOSGJHTOYRNRSMRFAIRFAERMOXSHUOY RKPMNPAOJIYSKKAHRNN
Cipher: Plain: Cipher: Plain: Cipher: Plain: Cipher: Plain: VRYJFUOYRNROMPOYNOJERNRFIRQAURHOOYSOSFFGRHSMRCMRSO -------------------------------------------------RURLPSFOYSOOYRXSMRRHUJVRUEXOYRAMCMRSOJMVAOYCRMOSAH -------------------------------------------------PHSFARHSEFRMATYONOYSOSGJHTOYRNRSMRFAIRFAERMOXSHUOY -------------------------------------------------RKPMNPAOJIYSKKAHRNN ------------------Map from Cipher to Plain
Cipher: ABCDEFGHIJKLMNOPQRSTUVWXYZ Plain: --------------------------
Letter, Diagram, Trigram Frequencies
Cryptanalysis
Plain Cipher Freq. Plain Cipher Freq. Plain Cipher Freq. Plain Cipher Freq. R 28 F 9 I 3 Q 1 O 22 N 8 K 3 B 0 S 16 J 6 V 3 D 0 Y 13 U 6 X 3 W 0 M 12 P 5 G 2 Z 0 A 10 E 4 T 2 H 9 C 3 L 1 OY YR 10 5 OYR OYS 5 3
5-49
5-50
Cipher: Plain: Cipher: Plain: Cipher: Plain: Cipher: Plain: VRYJFUOYRNROMPOYNOJERNRFIRQAURHOOYSOSFFGRHSMRCMRSO -eh---the-et--th-t--e-e--e---e-tthata---e-a-e--eat RURLPSFOYSOOYRXSMRRHUJVRUEXOYRAMCMRSOJMVAOYCRMOSAH e-e--a-thatthe-a-ee----e---the----eat----th-e-ta-PHSFARHSEFRMATYONOYSOSGJHTOYRNRSMRFAIRFAERMOXSHUOY --a--e-a--e---ht-thata----the-ea-e---e---e-t-a--th RKPMNPAOJIYSKKAHRNN e------t--ha----e-Map from Cipher to Plain
Cipher: Plain: Cipher: Plain: Cipher: Plain: Cipher: Plain: VRYJFUOYRNROMPOYNOJERNRFIRQAURHOOYSOSFFGRHSMRCMRSO -ehol-thesetr-thsto-esel-e-i-entthatall-enare-reat RURLPSFOYSOOYRXSMRRHUJVRUEXOYRAMCMRSOJMVAOYCRMOSAH e-e--althatthe-areen-o-e---their-reator-ith-ertain PHSFARHSEFRMATYONOYSOSGJHTOYRNRSMRFAIRFAERMOXSHUOY -naliena-leri-htsthata-on-theseareli-eli-ert-an-th RKPMNPAOJIYSKKAHRNN e--rs-ito-ha--iness Map from Cipher to Plain
Cipher: ABCDEFGHIJKLMNOPQRSTUVWXYZ Plain: --------------t--ea-----h-
Cipher: ABCDEFGHIJKLMNOPQRSTUVWXYZ Plain: i----l-n-o--rst--ea-----h-

Plain Cipher Freq. Plain Cipher Freq. Plain Cipher Freq. Plain Cipher Freq. e R 28 F 9 I 3 Q 1 t O 22 N 8 K 3 B 0 a S 16 J 6 V 3 D 0 h Y 13 U 6 X 3 W 0 M 12 P 5 G 2 Z 0 A 10 E 4 T 2 H 9 C 3 L 1 OY YR 10 5 OYR OYS 5 3

Plain Cipher Freq. Plain Cipher Freq. Plain Cipher Freq. Plain Cipher Freq. e R 28 l F 9 I 3 Q 1 t O 22 s N 8 K 3 B 0 a S 16 o J 6 V 3 D 0 h Y 13 U 6 X 3 W 0 r M 12 P 5 G 2 Z 0 i A 10 E 4 T 2 n H 9 C 3 L 1 OY YR 10 5 OYR OYS 5 3
5-51
5-52
Cipher: Plain: Cipher: Plain: Cipher: Plain: Cipher: Plain: VRYJFUOYRNROMPOYNOJERNRFIRQAURHOOYSOSFFGRHSMRCMRSO weholdthesetruthstobeselfevidentthatallmenarecreat RURLPSFOYSOOYRXSMRRHUJVRUEXOYRAMCMRSOJMVAOYCRMOSAH edequalthattheyareendowedbytheircreatorwithcertain PHSFARHSEFRMATYONOYSOSGJHTOYRNRSMRFAIRFAERMOXSHUOY unalienablerightsthatamongthesearelifelibertyandth RKPMNPAOJIYSKKAHRNN epursuitofhappiness Map from Cipher to Plain
VR YJFU OYRNR OMPOYN OJ ER NRFI RQAURHO OYSO SFF we hold these truths to be self evident that all GRH SMR CMRSORU RLPSF OYSO OYRX SMR RHUJVRU EX men are created equal that they are endowed by OYRAM CMRSOJM VAOY CRMOSAH PHSFARHSEFR MATYON their creator with certain unalienable rights OYSO SGJHT OYRNR SMR FAIR FAERMOX SHU OYR that among these are life liberty and the KPMNPAO JI YSKKAHRNN pursuit of happiness
Cipher: ABCDEFGHIJKLMNOPQRSTUVWXYZ Plain: i-c-blmnfopqrstuveagdw-yh-

Plain Cipher Freq. Plain Cipher Freq. Plain Cipher Freq. Plain Cipher Freq. e R 28 l F 9 f I 3 v Q 1 t O 22 s N 8 p K 3 B 0 a S 16 o J 6 w V 3 D 0 h Y 13 d U 6 y X 3 W 0 r M 12 u P 5 m G 2 Z 0 i A 10 b E 4 g T 2 n H 9 c C 3 q L 1 OY YR 10 5 OYR OYS 5 3
5-53
5-54
5-9
Hiding the Plaintext Structure

Two Possible Approaches Encrypt Multiple Letters At A Time
Playfair Cipher Hill Cipher Etc
5.2.3 An Early Block Cipher: Playfair

Invented by Sir Charles Wheatstone Championed by Baron Playfair of St. Andrews Characteristics
Key is a Word Process Letters in Pairs (Block Cipher) Monoalphabetic
Use Multiple Cipher Alphabets (Polyalphabetic Substitution Cipher)

Vigenre Cipher One Time Pad Etc
5-55
5-56
Playfair Cipher (1 of 11)

Encrypting Matrix
Put I and J Together Put in Keyword (Minus Duplicates) Put in Rest of Alphabet

E T F M V C Y G N W U A H O X R B K P Z Encrypting Plaintext (Pairwise) Same Row? S I/J D L Q E T F M V C Y G N W U A H O X R B K P Z
S I/J D L Q
Plaintext
Group in Pairs Separate Double Letters (If Needed, Say With x) Pad Last Pair (If Needed, say With x) E.g. attack the enemy on
Friday becomes at ta ck th ex en em yo nf ri da yx
Letter To Right SC t EU NP t OL (Circular) Letter Below EF t TM AX t HU (Circular) Letter In Same Row, In Column of Pair TH t AF WB t ZY
Same Column?
Otherwise
5-57
5-58

Encrypting Plaintext (Pairwise) Same Row? S I/J D L Q E T F M V C Y G N W U A H O X R B K P Z

Same Column?
Same Column?
Otherwise
Otherwise
5-59
5-60
5-10


Same Column?
Same Column?
Otherwise
Otherwise
5-61
5-62


Same Column?
Same Column?
Otherwise
Otherwise
5-63
5-64


Same Column?
Same Column?
Otherwise
Otherwise
5-65
5-66
5-11

Plaintext
attacktheenemyonfriday at ta ck th ex en em yo nf ri da yx
Analysis of Playfair
Improvements
E T F M V C Y G N W U A H O X R B K P Z Increases Number of Keys (From 26 to 26 x 26 = 676) Flattens Out Frequencies of Letter
S I/J
History
Considered Unbreakable For a Long Time Used By
British Army in World War I U.S. Army and Allies in World War II
Ciphertext
attackthexenemyonfridayx BYYBRGAFUVCMTVANMGSBHIAW
D L Q
Strength?
Much of Plaintext Structure Survives Broken With Few Hundred Letters Of Ciphertext
5-67 5-68
Hill Cipher
Invented by Lester Hill Characteristics
Key is a Matrix Process Letters in Vectors (Block Cipher) Monoalphabetic
Motivation for Hill Cipher

Recall a Line
y = f(x) = mx + b
Recall Caesar Ciphers

Line With m = 1, b = k c = (p + k) mod 26 c = (1*p + k) mod 26
Generalization of Caesar Ciphers

Line with m = k2, b = k1 c = (k2 p + k1) mod 26
5-69 5-70
Hill Cipher (n = 3)
Idea
Process 3 Plaintext Characters At A Time (Block Cipher With Block Size 3) Use 9 Keys (Or Generate 9 Keys From One Key) Ciphertext Is Linear Combination of Plaintext Mod 26
Hill With Matrix Notation

c1 k11 c2 = k 21 c k 3 31 k12 k 22 k32 k13 p1 k 23 p2 mod 26 k33 p3
r r c , p are n vectors K is an n n matrix
Mathematically
c1 c2 c3
= (k11 p1 + k12 p2 + k13 p3 ) mod 26 = (k 21 p1 + k 22 p2 + k 23 p3 ) mod 26 = (k31 p1 + k32 p2 + k33 p3 ) mod 26

5-71
r r c = K p mod 26
5-72
5-12
Hill Encryption Example (1 of 4)

w 17 17 5 r Let K = 21 18 21 and p = e . h 2 2 19 r r Then c = Kp mod 26.

r r c = K p mod 26 17 = 21 2 17 = 21 2 17 5 w 18 21 e mod 26 2 19 h 17 5 22 18 21 4 mod 26 2 19 7
477 = 681 mod 26 185 9 J = 5 = F 3 D
22 17 + 4 17 + 7 5 = 22 21 + 4 18 + 7 21 mod 26 22 2 + 4 2 + 7 19
5-73 5-74
Recall Caesar Cipher (3 of 4)

Cipher: Plain: Cipher: Plain: Cipher: Plain: Cipher: Plain: VRYJFUOYRNROMPOYNOJERNRFIRQAURHOOYSOSFFGRHSMRCMRSO weholdthesetruthstobeselfevidentthatallmenarecreat RURLPSFOYSOOYRXSMRRHUJVRUEXOYRAMCMRSOJMVAOYCRMOSAH edequalthattheyareendowedbytheircreatorwithcertain PHSFARHSEFRMATYONOYSOSGJHTOYRNRSMRFAIRFAERMOXSHUOY unalienablerightsthatamongthesearelifelibertyandth RKPMNPAOJIYSKKAHRNN epursuitofhappiness Map from Cipher to Plain

Cipher: Plain: Cipher: Plain: Cipher: Plain: Cipher: Plain: JFDYJDULYBRPWYTAMVPGCNFTYUBZUUPAJGALINXZZTXAGFQKFKK weholdthesetruthstobeselfevidentthatallmenarecreate RDGFBPAFAFEBIWENTOEXMPZFAUVTXSSWXHPFNWMAHFFDXZVICWB dequalthattheyareendowedbytheircreatorwithcertainun TCSDGIQRWNDIMJEAFATBGVEMULYKISWKRHEYQGFKJNFXJTGVHUC alienablerightsthatamongthesearelifelibertyandthepu HUCTJIJYIWXYEZEPVMGBZ epursuitofhappinessxx Letter, Diagram, Trigram Frequencies
Plain Cipher Freq. Plain Cipher Freq. Plain Cipher Freq. Plain Cipher Freq. A 10 H 5 O 1 V 6 B 7 I 8 P 7 W 8 C 5 J 8 Q 3 Y 8 D 6 K 6 R 4 Y 8 E 8 L 3 S 4 Z 7 F 14 M 6 T 9 G 9 N 6 U 8
Cipher: ABCDEFGHIJKLMNOPQRSTUVWXYZ Plain: i-c-blmnfopqrstuveagdw-yh-

Plain Cipher Freq. Plain Cipher Freq. Plain Cipher Freq. Plain Cipher Freq. e R 28 l F 9 f I 3 v Q 1 t O 22 s N 8 p K 3 B 0 a S 16 o J 6 w V 3 D 0 h Y 13 d U 6 y X 3 W 0 r M 12 u P 5 m G 2 Z 0 i A 10 b E 4 g T 2 n H 9 c C 3 q L 1 OY YR 10 5 OYR OYS 5 3
5-75
5-76
The Inverse of K: K -1
17 Let K = 21 2 17 Then KK 1 = 21 2 17 5 4 9 15 18 21 and K 1 = 15 17 6 . 2 19 24 0 17 17 5 4 9 15 18 21 15 17 6 mod 26 2 19 24 0 17
Hill Decryption
r r Let c = K p mod 26 and K K 1 mod 26 = I .
Then r r K 1c mod 26 = K 1 (K p mod 26 ) mod 26 r = K 1 K p mod 26 r = p mod 26 r =p
443 442 442 = 858 495 780 mod 26 494 52 365 1 0 0 = 0 1 0 0 0 1

5-77
5-78
5-13
Hill Cipher
r r n n n Let p, c Z 26 , K Z 26 .
Analysis of Hill
Letter Distributions
Hides Completely 3 x 3 Hill Hides Digrams 4 x 4 Hill Hides Trigrams n x n Hill Hides (n - 1) x (n - 1)-Letter Groups
Hill Encryption : r r r c = E K ( p) = K p mod 26 Hill Decryption : r r r p = DK (c ) = K 1c mod 26

5-79
Strength?
Strong Against Ciphertext-Only Attack Easily Broken With Known Plaintext Attack (Why?)
5-80
Cracking the Hill Cipher

r r Suppose you have n Suppose c j = Kp j mod 26, j = 1,..., n. plaintext-ciphertext pairs. r c1 r r r r c nn n n Let C = 2 26 and P = ( p1 p2 L pn ) 26 . M r c n Then C = KP mod 26 so that K = CP 1 mod 26.
5-81
Cracking Hill Example (1 of 4)

Suppose 3 x 3 Hill With
Plaintext: weholdthe Ciphertext: ZHFSMTBGF
Then
w o t Z S B H M G = K e l h mod 26 h d e F T F
5-82

Z S B w H M G = K e F T F h 25 18 1 22 7 12 6 = K 4 5 19 5 7 t l h mod 26 d e o 14 19 11 7 mod 26 3 4
1

25 K = 7 5 25 = 7 5 18 1 22 12 6 4 19 5 7 18 1 19 12 6 25 19 5 13 14 19 11 7 3 4 11 1 25 0 mod 26 14 18
1
25 18 1 22 14 19 7 12 6 4 11 7 mod 26 = K 5 19 5 7 3 4
5-83
938 739 43 = 511 461 115 mod 26 635 600 95 2 11 17 = 17 19 11 11 2 17

5-84
5-14

2 11 17 7 17 8 Hence, K = 17 19 11 and K 1 = 10 17 5 11 2 17 5 13 5 So 2 11 17 r r r c = Kp mod 26 = 17 19 11 p mod 26 11 2 17 and 7 17 8 r r r p = K 1c mod 26 = 10 17 5 c mod 26. 5 13 5
5-85
5.2.1 An Early Stream Cipher The Vigenre

Invented by Blaise de Vigenre (Diplomat for King Charles IX) Characteristics
Based on Caesar Cipher Key is a Repeated String of Letters Encrypt Letters Depending on Position in Plaintext (Stream Cipher) Polyalphabetic
5-86
Polyalphabetic Substitution Ciphers

Family of Monoalphabetic Substitution Ciphers Plaintext Letters Encrypted
One At a Time (Stream Cipher) Monoalphabetic Substitution Cipher Depends On
Letters Position in the Plaintext Key
The Vigenre Cipher

Recall Family of Caesar Ciphers
c = (p + d) mod 26 (Julius) c = (p + c) mod 26 (Augustus) c = (p + k) mod 26 (General)
The Vigenre Cipher

Key Letter Corresponding to Plaintext Letter Determines Which Caesar Cipher ci = (pi + ki) mod 26 (Repeat the Key As Many Times As Needed)
5-87
5-88
Vigenre Illustrated
p w e h o l d t h e k m s u b b m s u b c ('w' ('e' ('h' ('o' ('l' ('d' ('t' ('h' ('e' + + + + + + + + + 'm') 's') 'u') 'b') 'b') 'm') 's') 'u') 'b') mod mod mod mod mod mod mod mod mod 26 26 26 26 26 26 26 26 26
5-89
Vigenre Tableau
Key a b c d e f g h i j k l m n o p q r s t u v w x y z a A B C D E F G H I J K L M N O P Q R S T U V W X Y Z b B C D E F G H I J K L M N O P Q R S T U V W X Y Z A c C D E F G H I J K L M N O P Q R S T U V W X Y Z A B d D E F G H I J K L M N O P Q R S T U V W X Y Z A B C e E F G H I J K L M N O P Q R S T U V W X Y Z A B C D f F G H I J K L M N O P Q R S T U V W X Y Z A B C D E g G H I J K L M N O P Q R S T U V W X Y Z A B C D E F h H I J K L M N O P Q R S T U V W X Y Z A B C D E F G i I J K L M N O P Q R S T U V W X Y Z A B C D E F G H j J K L M N O P Q R S T U V W X Y Z A B C D E F G H I k K L M N O P Q R S T U V W X Y Z A B C D E F G H I J Plaintext l m n o L M N O M N O P N O P Q O P Q R P Q R S Q R S T R S T U S T U V T U V W U V W X V W X Y W X Y Z X Y Z A Y Z A B Z A B C A B C D B C D E C D E F D E F G E F G H F G H I G H I J H I J K I J K L J K L M K L M N p P Q R S T U V W X Y Z A B C D E F G H I J K L M N O q Q R S T U V W X Y Z A B C D E F G H I J K L M N O P r R S T U V W X Y Z A B C D E F G H I J K L M N O P Q s S T U V W X Y Z A B C D E F G H I J K L M N O P Q R t T U V W X Y Z A B C D E F G H I J K L M N O P Q R S u U V W X Y Z A B C D E F G H I J K L M N O P Q R S T v V W X Y Z A B C D E F G H I J K L M N O P Q R S T U w W X Y Z A B C D E F G H I J K L M N O P Q R S T U V x X Y Z A B C D E F G H I J K L M N O P Q R S T U V W y Y Z A B C D E F G H I J K L M N O P Q R S T U V W X z Z A B C D E F G H I J K L M N O P Q R S T U V W X Y
5-90
5-15
Vigenre Example
Plain: Key: Cipher: Plain: Key: Cipher: Plain: Key: Cipher: Plain: Key: Cipher: weholdthesetruthstobeselfevidentthatallmenarecreat msubbmsubbmsubbmsubbmsubbmsubbmsubbmsubbmsubbmsubb IWBPMPLBFTQLLVUTKNPCQKYMGQNCEFZLNIBFSFMNQFUSFOJYBU edequalthattheyareendowedbytheircreatorwithcertain msubbmsubbmsubbmsubbmsubbmsubbmsubbmsubbmsubbmsubb QVYRVMDNIBFLBFZMJYFOPGQFENQNIFUJWSFMLISXULBDFDLUJO unalienablerightsthatamongthesearelifelibertyandth msubbmsubbmsubbmsubbmsubbmsubbmsubbmsubbmsubbmsubb GFUMJQFUCMQJCHIFKNIBFSGPOSLBFTQSLFMUXYMJNWLUZMFXUI epursuitofhappiness msubbmsubbmsubbmsubbmsubbmsubbmsubbmsubbmsubbmsubb QHOSTGANPGTSJQJZWMT
Cracking Vigenre (1 of 4)
NoteHmm
weh..entthatallualthatthehtsthatamo msu..bmsubbmsubbmsubbmsubbmsubbmsub IWB..FZLNIBFSFMVMDNIBFLBFIFKNIBFSGP
Observation
Key Repeats Key Repeats Key Repeats Any Repeating Plaintext Sequence Has 1 Out of Length(Key) Chance of Being Encrypted With the Same Key Sequence Repeating Plaintext Sequence Might Be Encrypted Into Repeating Ciphertext Sequence Distance Between Repeating Plaintext-Key Sequences Must Be An Integer Multiple of the Key Length
5-91 5-92
We see that
weh..entthatallualthatthehtsthatamo msu..bmsubbmsubbmsubbmsubbmsubbmsub IWB..FZLNIBFSFMVMDNIBFLBFIFKNIBFSGP
33 58 118
What do we have?
IWBPMPLBFTQLLVUTKNPCQKYMGQNCEFZLNIBFSFMNQFUSFOJYBU 12345123451234512345123451234512345123451234512345
Five Caesar Ciphers
so the key length must divide

25 = 58 33 60 = 118 58 85 = 118 33
What do we do?
Group Ciphertext Letters By Key Position Analyze Ciphertext by Group
Frequency Analysis
So, key length must be 5.
So, now what?

5-93
Etc
5-94
Historical Note Scientific American 1917 Vigenre impossible of translation Remember
Vigenre Twist
Autokey System
Proposed by Vigenre Eliminate Repeating Key Key: Keyword & Plaintext Recover Key While Decrypting
Example
weholdthesetruthstobeselfevidentthatallmenarecreat msubbweholdthesetruthstobeselfevidentthatallmenare IWBPMZXOSDHMYYLLLKIULKXZGINMOJROBKEGTESMXNLCQGEERX
ButStill Crackable
5-95 5-96
5-16
Vernam Cipher (1 of 3)
Gilbert Vernam, 1918 Key
Random How Long?
Long As Plaintext? Long (But Shorter than Plaintext) and Repeating
Exclusive-Or (xor) Recall
a 0 0 1 1 b a xor b 0 0 1 1 0 1 1 0
Notes
Operate on Binary Data Bitwise Exclusive-Or of Plaintext and Key

5-97
(a xor b) == (a or b) & !(a and b) (a xor b) == a + b mod 2 a b a xor b (a xor b) xor b = a 0 0 0 0 0 1 1 0 1 0 1 1 1 1 0 1

5-98
Encryption ci = pi xor ki where
pi i-th binary digit of plaintext ki i-th binary digit of key ci i-th binary digit of cihpertext
5.2.2 The One-Time Pad

Joseph Mauborgne (Army Signal Corp Officer) Idea
Stream Cipher Key
Used-Once (One-Time Pad) Random As Long As Plaintext
Decryption pi = ci xor ki Must Manage Long Keys Crackable With

Sufficient Ciphertext Known Probable Plaintext
5-99
5-100
One-Time Pad Example

Use
Vigenre Cipher Random Key As Long As Plaintext
One-Time Pad Observation

Given any plaintext and ciphertext, we can generate a key that produces the given ciphertext from the given plaintext. Hmm
Example
p: weholdthesetruthstobeselfevidentthatallmenarecreat k: iwbpmplbftqllvutknpcqkymgqncefzlnibfsfmnqfusfojybu c: EAIDXSEIJLUECPNACGDDUCCXLUIKHJMEGPBYSQXZUSUJJQACBN
So what?
5-101
5-102
5-17
One-Time Pad Example Revisited

p: weholdthesetruthstobeselfevidentthatallmenarecreat k: iwbpmplbftqllvutknpcqkymgqncefzlnibfsfmnqfusfojybu c: EAIDXSEIJLUECPNACGDDUCCXLUIKHJMEGPBYSQXZUSUJJQACBN p: edequalthattheyareendowedbytheircreatorwithcertain k: axendstpclblvlpalczqrogtitkrafeneyxyzcgdmznhfzhcta c: EAIDXSEIJLUECPNACGDDUCCXLUIKHJMEGPBYSQXZUSUJJQACBN p: unalienablerightsthatamongthesearelifelibertyandth k: knisporiiaqnujghknwdbcqjyopddrieplqqnmmrtodqlqnzig c: EAIDXSEIJLUECPNACGDDUCCXLUIKHJMEGPBYSQXZUSUJJQACBN p: epursuitofhappiness k: iwbpmplbftqllvutknp c: EAIDXSEIJLUECPNACGD
5-103
One-Time Pad Characteristics

Cryptanalysis
If the key is random, any and all plaintexts are equally likely for a given ciphertext. A brute force search would yield every plain text the length of the ciphertext. Thus, the code is unbreakable.
Fundamental Difficulty: Key Management

Key Generation Key Distribution
Useful For Low Bandwidth + High Security

5-104
Transposition Techniques
Permute Plaintext Letters Rail Fence Technique
Plaintext
w h l t e e r t s o e e f v d n t a a l e a e r a e o d h s t u h t b s l e i e t h t l m n r c e t
Transposition Cipher
Key: Plaintext: 43512 wehol dthes etrut hstob eself evide nttha tallm enare creat
Cryptanalysis Plaintext Structure Preserved Easily Crackable
Ciphertext
WHLTEERTSOEEFVDNTAALEAERAEODHSTUHTBSLEIETHTLMNRCET
Trivial To AnalyzeBut Right Idea
Ciphertext: OEUOLDHLRALSTBFEAMETETTSSVTANRWDEHEENTECHHRTEITLAE
1
5-105
5
5-106
Repeated Transposition
Key: Plaintext: 43512 oeuol dhlra lstbf eamet ettss vtanr wdehe entec hhrte itlae
Modern Encryption Scheme

plaintext Round 1 Substitution(s) and/or Permutation(s) Key?
Ciphertext After Round 1
Round 2
Key?
: :
Ciphertext: ORBESNHETALAFTSRECEEEHSATTDNHTODLEEVWEHIULTMTAETRL
Ciphertext After Round 2
5-107
Round N
Key?
CIPHERTEXT
5-108
5-18
Rotor Machines
Rotor Machines
26 x 26 x 26 = 17,576 Substitution Alphabets Frequency Analysis
Would Require Unrealistic Amounts of Ciphertext Not Practically Possible
World War II
Germany: Enigma Japan: Purple
Motivation For
DES AES
5-109 5-110
Steganography
Conceal Message
Character Marking Invisible Ink Pin Punctures Typewriter Correction Ribbon Etc Digital Color Image 2,048 x 3,072 x 24 (8 Bits of Red, Green, Blue) Change Last Bit of Red, Green, Blue 2,048 x 3,072 x 3 =18,874,368 Bits (~2.3 MByte)
5-111
Example
5-19

Chapter 05

Încărcat de

Informații document

Drepturi de autor

Formate disponibile

Partajați acest document

Partajați sau inserați document

Opțiuni de partajare

Vi se pare util acest document?

Este necorespunzător acest conținut?

Drepturi de autor:

Formate disponibile

Chapter 05

Încărcat de

Drepturi de autor:

Formate disponibile

CSE 425, Introduction to Computer Security

Cryptography and Network Security

CSE 425, Introduction to Computer Security

2006 by Wayne R. Dyksen. All Rights Reserved.

Michigan State University Department of Computer Science and Engineering

CSE 425, Introduction to Computer Security

The Code Breakers

Types of (E/D) Operations

Two Keys or Two Sets of Keys

2006 by Wayne R. Dyksen. All Rights Reserved.

Michigan State University Department of Computer Science and Engineering

CSE 425, Introduction to Computer Security

# of Elements Per (E/D) Operation

Modern Encryption Scheme

Substitution(s) and/or Permutation(s)

Substitution(s) and/or Permutation(s)

Average Time For Brute Force

Often Shared Must Be Managed (Key Management)

2006 by Wayne R. Dyksen. All Rights Reserved.

Michigan State University Department of Computer Science and Engineering

CSE 425, Introduction to Computer Security

Letter Frequencies (English)

Digrams & Trigrams

2006 by Wayne R. Dyksen. All Rights Reserved.

Michigan State University Department of Computer Science and Engineering

CSE 425, Introduction to Computer Security

Intercepted Message Source P Encryption Algorithm C Decryption Algorithm P Message Destination

Fast? Cheap? Etc?

C = Ciphertext K = Key ~ = Approximate

Which is the hardest part? All of it!

2006 by Wayne R. Dyksen. All Rights Reserved.

Michigan State University Department of Computer Science and Engineering

CSE 425, Introduction to Computer Security

5.2 Historical Background

(Julius) Caesar Cipher

NB: VBs Mod Operator is Incorrect

2006 by Wayne R. Dyksen. All Rights Reserved.

Michigan State University Department of Computer Science and Engineering

CSE 425, Introduction to Computer Security

Caesar Cipher Revisited (1 of 3)

Caesar Cipher Revisited (2 of 3)

Caesar Cipher Revisited (3 of 3)

Family of Caesar Ciphers

(Augustus) Caesar Cipher

Caesar Ciphers Implemented

Augustus changed the key from d to c.

2006 by Wayne R. Dyksen. All Rights Reserved.

Michigan State University Department of Computer Science and Engineering

CSE 425, Introduction to Computer Security

Cracking the Caesar Cipher

Bruce Force Attack

Using the Plaintext Structure

Cryptanalyst Attack Strategy

Plaintext Structure Preserved

Recall: Letter Frequencies

Recall: Digrams & Trigrams

2006 by Wayne R. Dyksen. All Rights Reserved.

Michigan State University Department of Computer Science and Engineering

CSE 425, Introduction to Computer Security

Cipher: ABCDEFGHIJKLMNOPQRSTUVWXYZ Plain: --------------------------

Letter, Diagram, Trigram Frequencies

Cipher: ABCDEFGHIJKLMNOPQRSTUVWXYZ Plain: --------------t--ea-----h-

Cipher: ABCDEFGHIJKLMNOPQRSTUVWXYZ Plain: i----l-n-o--rst--ea-----h-

Letter, Diagram, Trigram Frequencies