Sunteți pe pagina 1din 31

Classical Cryptography

Kunwar Singh
NIT Trichy
Basic Terminology
Plaintext original message
Ciphertext transformed message
Key secret used in transformation
Encryption the process of converting
plaintext into ciphertext
Decryption recovering plaintext from
ciphertext
Cryptography study of encryption
principles/ methods
Cryptanalysis (codebreaking) the study of
principles/ methods of deciphering ciphertext
without knowing key
2
Cryptology cryptography + cryptanalysis
Symmetric Encryption
or conventional / secret-key / single-
key
sender and recipient share a
common key
all classical encryption algorithms
are symmetric
The only type of ciphers prior to the
invention of asymmetric-key ciphers
in 1970s
by far most widely used 4
Figure 3.2 Locking and unlocking with the same key

3.5
Kerckhoffs Principle

Based on Kerckhoffs principle, one should always assume that the


adversary, Eve, knows the encryption/decryption algorithm. The resistance
of the cipher to attack must be based only on the secrecy of the key.

3.6
3.1.2 Cryptanalysis

As cryptography is the science and art of creating secret codes,


cryptanalysis is the science and art of breaking those codes.

Figure 3.3 Cryptanalysis attacks

3.7
3.1.2 Continued
Ciphertext-Only Attack

Figure 3.4 Ciphertext-only attack

3.8
3.1.2 Continued
Known-Plaintext Attack

Figure 3.5 Known-plaintext attack

3.9
3.1.2 Continued
Chosen-Plaintext Attack

Figure 3.6 Chosen-plaintext attack

3.10
Monoalphabetic Ciphers

Note

In monoalphabetic substitution, the


relationship between a symbol in the
plaintext to a symbol in the ciphertext is
always one-to-one.

3.11
Classical Ciphers
Plaintext is viewed as a sequence of
elements (e.g., bits or characters)
Substitution cipher: replacing each
element of the plaintext with another
element.

then have Caesar cipher as:


C = E(p) = (p + k) mod (26)
p = D(C) = (C k) mod (26)
12
Cryptanalysis of Caesar
Cipher
a brute force search
given ciphertext, just try all shifts of
letters
(only 26 possible keys, of which only
25 are of any use, since identical
mapping (A to A etc.) doesn't make
sense )
Affine Ciphers

Figure 3.11 Affine cipher

3.14
3.2.1 Continued

Example 3.7
What is the key domain for any multiplicative cipher?
Solution

The key needs to be in Z26*. This set has only 12


members: 1, 3, 5, 7, 9, 11, 15, 17, 19, 21, 23, 25.
Example 3.8
We use a multiplicative cipher to encrypt the message
hello with a key of 7. The ciphertext is XCZZU.

3.15
3.2.1 Continued

Example 3.11
Use the affine cipher to decrypt the message ZEBBW
with the key pair (7, 2) in modulus 26.
Solution

Example 3.12
The additive cipher is a special case of an affine cipher
in which
k1 = 1. The multiplicative cipher is a special case of
affine
3.16
cipher in which k2 = 0.
Mono-alphabetic Substitution Cipher
(Permutation Cipher)
The key space: all permutations of = {A, B, C, ,
Z}
Encryption given a key :
each letter X in the plaintext P is replaced
with (X)
Decryption given a key :
each letter Y in the cipherext P is
replaced with -1(Y)

Example:
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
= B A D C Z H W Y G O Q X S V T R N M L K J I P F E
U
BECAUSE AZDBJSZ
17
Strength of the Mono-alphabetic
Substitution Cipher
Exhaustive search is difficult
key space size is 26! 41026 288

Dominates the art of secret writing


throughout the first millennium A.D.

Thought to be unbreakable by many back


then

How to break it?


18
Cryptanalysis of Substitution
Ciphers: Frequency Analysis
Basic ideas:
Each language has certain features:
frequency of letters, or of groups of
two or more letters.
Substitution ciphers preserve the
language features.
Substitution ciphers are vulnerable to
frequency analysis attacks.

19
Frequency of Letters in
English

20
Statistics for double & triple letters

In decreasing order of frequency

Double letters:
th he an in er re es on,

Triple letters:
the and ent ion tio for
nde, 21
An Example
UKBYBIPOUZBCUFEEBORUKBYBHOBBRFESPVKBWFOFERVNBCVBZPRUBOFERVN
BCVBPCYYFVUFOFEIKNWFRFIKJNUPWRFIPOUNVNIPUBRNCUKBEFWWFDNCHXCY
BOHOPYXPUBNCUBOYNRVNIWNCPOJIOFHOPZRVFZIXUBORJRUBZRBCHNCBBON
CHRJZSFWNVRJRUBZRPCYZPUKBZPUNVPWPCYVFZIXUPUNFCPWRVNBCVBRPYY
NUNFCPWWJUKBYBIPOUZBCUIPOUNVNIPUBRNCHOPYXPUBNCUBOYNRVNIWNCP
OJIOFHOPZRNCRVNBCUNENVVFZIXUNCHPCYVFZIXUPUNFCPWZPUKBZPUNVR

B 3 E
6
N 3 NC 11 IN UK 6 THE
4 T PU 10 AT B
U 3 A UB 10 RV 6
3 N
UN 9 trigrams
P 3 FZI 4
2 digrams

C 2
How to Defeat Frequency
Analysis?
Use larger blocks as the basis of
substitution. Rather than substituting
one letter at a time, substitute 64 bits at
a time, or 128 bits.
Leads to block ciphers such as DES & AES.

Use different substitutions to get rid of


frequency features.
Leads to polyalphabetical substituion ciphers

23
Polyalphabetic Ciphers
In polyalphabetic substitution, each occurrence of a character may have a
different substitute. The relationship between a character in the plaintext
to a character in the ciphertext is one-to-many.

3.24
Vigener cipher (16th century,
Rome)

k = C R Y P T OC R Y P T O C R Y P T
(+ mod 26)
m = W H A T A N I C E D A Y T O D A Y

c = Z Z Z J U C L U D T U N W G C Q S
Cryptanalysis (Kasiskytest)

k = C R Y P T OC R Y P T O C R Y P T
(+ mod 26)
m = W H A T A N I C E D A Y T O D A Y

c = Z Z Z J U C L U D T U N W G C Q S

Exhaustive search requires = ?

uppose most common = H first letter of key = H E = C


Hill Cipher

Figure 3.15 Key in the Hill cipher

Note

The key matrix in the Hill cipher needs to


have a multiplicative inverse.
3.27
3.2.2 Continued
Example 3.20
For example, the plaintext code is ready can make a 3
4 matrix when adding extra bogus character z to
the last block and removing the spaces. The ciphertext
is OHKNIHGKLISS.
Figure 3.16 Example 3.20

3.28
Known plaintext Attack
Example 3.21
Assume that Eve knows that m = 3. She has intercepted
three plaintext/ciphertext pair blocks (not necessarily
from the same message) as shown in Figure 3.17.

Figure 3.17 Example 3.21

3.29
3.2.2 Continued
Example 3.21 (Continued)

She makes matrices P and C from these pairs. Because


P is invertible, she inverts the P matrix and multiplies it
by C to get the K matrix as shown in Figure 3.18.
Figure 3.18 Example 3.21

Now she has the key and can break any ciphertext
encrypted
3.30
with that key.
Slide are taken from Forozan and
others