8. Cryptography1 ISA 562 Information Security Theory & Practice Introduction to Cryptography.
Classical cryptography1
-
Upload
aravindh-ramanan -
Category
Education
-
view
157 -
download
1
description
Transcript of Classical cryptography1
![Page 1: Classical cryptography1](https://reader033.fdocuments.us/reader033/viewer/2022061218/54b6dc264a7959aa168b4582/html5/thumbnails/1.jpg)
CRYPTOSYSTEMS & CRYPTOSYSTEMS & AUTHENTICATIONAUTHENTICATION
Classical Cryptography-Substitution Ciphers-permutation Ciphers-Block Ciphers-DES Modes of Operation- AES-Linear Cryptanalysis, Differential Cryptanalysis- Hash Function -SHA 512- Message Authentication Codes-HMAC - Authentication Protocols
UNIT II
![Page 2: Classical cryptography1](https://reader033.fdocuments.us/reader033/viewer/2022061218/54b6dc264a7959aa168b4582/html5/thumbnails/2.jpg)
Objectives
0To introduce basic concepts & terminology of encryption
0To prepare us for studying modern cryptography
IFETCE/M.E CSE/NE7202-NIS/Unit 2
2
![Page 3: Classical cryptography1](https://reader033.fdocuments.us/reader033/viewer/2022061218/54b6dc264a7959aa168b4582/html5/thumbnails/3.jpg)
Overview
0Cryptography0Basic Terminology0Classical Cryptography
0 Substitution0 Transposition0 Product
IFETCE/M.E CSE/NE7202-NIS/Unit 2 Slide #9-3
![Page 4: Classical cryptography1](https://reader033.fdocuments.us/reader033/viewer/2022061218/54b6dc264a7959aa168b4582/html5/thumbnails/4.jpg)
What is Cryptography?
0 The idea of storing and transmitting data in a form that only the authorized parties can interpret.
0 Process of making and using codes to secure transmission of information
IFETCE/M.E CSE/NE7202-NIS/Unit 2 Slide #9-4
![Page 5: Classical cryptography1](https://reader033.fdocuments.us/reader033/viewer/2022061218/54b6dc264a7959aa168b4582/html5/thumbnails/5.jpg)
Cryptography
0 Can be characterized by:0 type of encryption operations used
0substitution / transposition / product
0 number of keys used0single-key or private / two-key or public
0 way in which plaintext is processed0block / stream
IFETCE/M.E CSE/NE7202-NIS/Unit 2 Slide #9-5
![Page 6: Classical cryptography1](https://reader033.fdocuments.us/reader033/viewer/2022061218/54b6dc264a7959aa168b4582/html5/thumbnails/6.jpg)
Basic terminology
0 Plaintext: original message to be encrypted
0 Ciphertext: the encrypted message
0 Enciphering or encryption: the process of converting plaintext into ciphertext
0 Encryption algorithm: performs encryption
0 Two inputs: a plaintext and a secret key
IFETCE/M.E CSE/NE7202-NIS/Unit 2 Slide #9-6
![Page 7: Classical cryptography1](https://reader033.fdocuments.us/reader033/viewer/2022061218/54b6dc264a7959aa168b4582/html5/thumbnails/7.jpg)
Basic terminology
0 Deciphering or decryption: recovering plaintext from ciphertext
0 Decryption algorithm: performs decryption0 Two inputs: ciphertext and secret key
0 Secret key: same key used for encryption and decryption0 Also referred to as a symmetric key
IFETCE/M.E CSE/NE7202-NIS/Unit 2 Slide #9-7
![Page 8: Classical cryptography1](https://reader033.fdocuments.us/reader033/viewer/2022061218/54b6dc264a7959aa168b4582/html5/thumbnails/8.jpg)
IFETCE/M.E CSE/NE7202-NIS/Unit 2 Slide #9-8
![Page 9: Classical cryptography1](https://reader033.fdocuments.us/reader033/viewer/2022061218/54b6dc264a7959aa168b4582/html5/thumbnails/9.jpg)
IFETCE/M.E CSE/NE7202-NIS/Unit 2 Slide #9-9
![Page 10: Classical cryptography1](https://reader033.fdocuments.us/reader033/viewer/2022061218/54b6dc264a7959aa168b4582/html5/thumbnails/10.jpg)
IFETCE/M.E CSE/NE7202-NIS/Unit 2 Slide #9-10
![Page 11: Classical cryptography1](https://reader033.fdocuments.us/reader033/viewer/2022061218/54b6dc264a7959aa168b4582/html5/thumbnails/11.jpg)
Cryptanalysis
0 Opponent whose goal is to break cryptosystem is the adversary
0 Objective: to recover the plaintext of a ciphertext or, more typically, to recover the secret key.
0 Kerkhoff’s principle: adversary knows algorithm used, but not key
0 Two general approaches:0 brute-force attack0 non-brute-force attack (cryptanalytic attack)
IFETCE/M.E CSE/NE7202-NIS/Unit 2 Slide #9-11
![Page 12: Classical cryptography1](https://reader033.fdocuments.us/reader033/viewer/2022061218/54b6dc264a7959aa168b4582/html5/thumbnails/12.jpg)
Brute-Force Attack0 Try every key to decipher the ciphertext.0 On average, need to try half of all possible keys 0 Time needed proportional to size of key space
Key Size (bits) Number of Alternative Keys
Time required at 1 decryption/µs
Time required at 106 decryptions/µs
32 232 = 4.3 109 231 µs = 35.8 minutes 2.15 milliseconds
56 256 = 7.2 1016 255 µs = 1142 years 10.01 hours
128 2128 = 3.4 1038 2127 µs = 5.4 1024 years 5.4 1018 years
168 2168 = 3.7 1050 2167 µs = 5.9 1036 years 5.9 1030 years
26 characters (permutation)
26! = 4 1026 2 1026 µs = 6.4 1012 years 6.4 106 years
![Page 13: Classical cryptography1](https://reader033.fdocuments.us/reader033/viewer/2022061218/54b6dc264a7959aa168b4582/html5/thumbnails/13.jpg)
Cryptanalytic Attacks
0 Classified by how much information needed by the attacker
0 Three types of attacks:0 Ciphertext only: adversary has only ciphertext; goal is to find
plaintext, possibly key. 0 Known plaintext: adversary has ciphertext, corresponding
plaintext; goal is to find key0 Chosen plaintext: adversary may supply plaintexts and obtain
corresponding ciphertext; goal is to find key0 Chosen-ciphertext attack: adversary may choose ciphertext
and corresponding decrypted plaintext ; goal is to find key
IFETCE/M.E CSE/NE7202-NIS/Unit 2 Slide #9-13
![Page 14: Classical cryptography1](https://reader033.fdocuments.us/reader033/viewer/2022061218/54b6dc264a7959aa168b4582/html5/thumbnails/14.jpg)
Ciphertext-only attack
0 Given: a ciphertext c 0 Q: what is the plaintext m?0 An encryption scheme is completely insecure if it
cannot resist ciphertext-only attacks.
IFETCE/M.E CSE/NE7202-NIS/Unit 2 Slide #9-14
![Page 15: Classical cryptography1](https://reader033.fdocuments.us/reader033/viewer/2022061218/54b6dc264a7959aa168b4582/html5/thumbnails/15.jpg)
Known-plaintext attack
0 Given: (m1,c1), (m2,c2), …, (mk,ck) and a new ciphertext c.
0 Q: what is the plaintext of c?0 Q: what is the secret key in use?
IFETCE/M.E CSE/NE7202-NIS/Unit 2 Slide #9-15
![Page 16: Classical cryptography1](https://reader033.fdocuments.us/reader033/viewer/2022061218/54b6dc264a7959aa168b4582/html5/thumbnails/16.jpg)
Chosen-plaintext attack
0 Given: (m1,c1), (m2,c2), …, (mk,ck), where m1, m2, …, mk are chosen by the adversary; and a new ciphertext c.
0 Q: what is the plaintext of c, or what is the secret key?
IFETCE/M.E CSE/NE7202-NIS/Unit 2 Slide #9-16
![Page 17: Classical cryptography1](https://reader033.fdocuments.us/reader033/viewer/2022061218/54b6dc264a7959aa168b4582/html5/thumbnails/17.jpg)
Chosen-Plaintext Attack
Crook #1 changeshis PIN to a numberof his choice
cipher(key,PIN)
PIN is encrypted andtransmitted to bank
Crook #2 eavesdropson the wire and learnsciphertext correspondingto chosen plaintext PIN
… repeat for any PIN value
![Page 18: Classical cryptography1](https://reader033.fdocuments.us/reader033/viewer/2022061218/54b6dc264a7959aa168b4582/html5/thumbnails/18.jpg)
Chosen-ciphertext attack
0 Given: (m1,c1), (m2,c2), …, (mk,ck), where c1, c2, …, ck are chosen by the adversary; and a new ciphertext c.
0 Q: what is the plaintext of c, or what is the secret key?
IFETCE/M.E CSE/NE7202-NIS/Unit 2 Slide #9-18
![Page 19: Classical cryptography1](https://reader033.fdocuments.us/reader033/viewer/2022061218/54b6dc264a7959aa168b4582/html5/thumbnails/19.jpg)
Basis for Attacks
0 Mathematical attacks0 Based on analysis of underlying mathematics
0 Statistical attacks0 Make assumptions about the distribution of letters,
pairs of letters (digrams), triplets of letters (trigrams), etc.0Called models of the language
0 Examine ciphertext, correlate properties with the assumptions.
IFETCE/M.E CSE/NE7202-NIS/Unit 2 Slide #9-19
![Page 20: Classical cryptography1](https://reader033.fdocuments.us/reader033/viewer/2022061218/54b6dc264a7959aa168b4582/html5/thumbnails/20.jpg)
Statistical Attack
0 Compute frequency of each letter in ciphertext:G 0.1 H 0.1 K 0.1 O 0.3
R 0.2 U 0.1 Z 0.1
0 Apply 1-gram model of English0 Frequency of characters (1-grams) in English is on next
slide
IFETCE/M.E CSE/NE7202-NIS/Unit 2 Slide #9-20
![Page 21: Classical cryptography1](https://reader033.fdocuments.us/reader033/viewer/2022061218/54b6dc264a7959aa168b4582/html5/thumbnails/21.jpg)
Cryptology
CRYPTOLOGY
CRYPTOGRAPHY CRYPTANALYSIS
Private Key(Secret Key)
Public Key
Block Cipher Stream Cipher Integer Factorization
Discrete Logarithm
![Page 22: Classical cryptography1](https://reader033.fdocuments.us/reader033/viewer/2022061218/54b6dc264a7959aa168b4582/html5/thumbnails/22.jpg)
More Definitions
0 Unconditional security 0 no matter how much computer power is available, the
cipher cannot be broken since the ciphertext provides insufficient information to uniquely determine the corresponding plaintext
0 Computational security 0 given limited computing resources (eg time needed for
calculations is greater than age of universe), the cipher cannot be broken
![Page 23: Classical cryptography1](https://reader033.fdocuments.us/reader033/viewer/2022061218/54b6dc264a7959aa168b4582/html5/thumbnails/23.jpg)
Cryptosystem
0 Quintuple (E, D, M, K, C)0 M set of plaintexts0 K set of keys0 C set of ciphertexts0 E set of encryption functions e: M K C0 D set of decryption functions d: C K M
IFETCE/M.E CSE/NE7202-NIS/Unit 2 Slide #9-23
![Page 24: Classical cryptography1](https://reader033.fdocuments.us/reader033/viewer/2022061218/54b6dc264a7959aa168b4582/html5/thumbnails/24.jpg)
Example
0Example: Cæsar cipher0M = { sequences of letters }0K = { i | i is an integer and 0 ≤ i ≤ 25 }
0E = { Ek | k K and for all letters m,
Ek(m) = (m + k) mod 26 }
0D = { Dk | k K and for all letters c,
Dk(c) = (26 + c – k) mod 26 }
0C = M
IFETCE/M.E CSE/NE7202-NIS/Unit 2 Slide #9-24
![Page 25: Classical cryptography1](https://reader033.fdocuments.us/reader033/viewer/2022061218/54b6dc264a7959aa168b4582/html5/thumbnails/25.jpg)
Ciphers0Symmetric cipher: same key used for
encryption and decryption
0Block cipher: encrypts a block of plaintext at a time
(typically 64 or 128 bits)
0Stream cipher: encrypts data one bit or one byte at
a time0Asymmetric cipher: different keys used for
encryption and decryptionIFETCE/M.E CSE/NE7202-NIS/Unit 2
25
![Page 26: Classical cryptography1](https://reader033.fdocuments.us/reader033/viewer/2022061218/54b6dc264a7959aa168b4582/html5/thumbnails/26.jpg)
Classical Cryptography
0Sender, receiver share common key0Keys may be the same, or trivial to derive
from one another0Sometimes called symmetric cryptography
0Two basic types0Transposition ciphers0Substitution ciphers0Combinations are called product ciphers
IFETCE/M.E CSE/NE7202-NIS/Unit 2 Slide #9-26
![Page 27: Classical cryptography1](https://reader033.fdocuments.us/reader033/viewer/2022061218/54b6dc264a7959aa168b4582/html5/thumbnails/27.jpg)
IFETCE/M.E CSE/NE7202-NIS/Unit 2 Slide #9-27
![Page 28: Classical cryptography1](https://reader033.fdocuments.us/reader033/viewer/2022061218/54b6dc264a7959aa168b4582/html5/thumbnails/28.jpg)
Classical Ciphers
0Plaintext is viewed as a sequence of elements (e.g., bits or characters)
0Substitution cipher: replacing each element of the plaintext with another element.
0Transposition (or permutation) cipher: rearranging the order of the elements of the plaintext.
0Product cipher: using multiple stages of substitutions and transpositions
IFETCE/M.E CSE/NE7202-NIS/Unit 2
28
![Page 29: Classical cryptography1](https://reader033.fdocuments.us/reader033/viewer/2022061218/54b6dc264a7959aa168b4582/html5/thumbnails/29.jpg)
Substitution Ciphers
0Change characters in plaintext to produce ciphertext
0Monoalphabetic Substitution0 Each plaintext character is mapped onto a unique
character of a ciphertext.
0Polyalphabetic Substitution0 Each plaintext character can be mapped onto m
alphabetic characters of a ciphertext.
IFETCE/M.E CSE/NE7202-NIS/Unit 2 Slide #9-29
![Page 30: Classical cryptography1](https://reader033.fdocuments.us/reader033/viewer/2022061218/54b6dc264a7959aa168b4582/html5/thumbnails/30.jpg)
Monoalphabetic Ciphers
0Shift Cipher(Ceaser)0Substitution Cipher0Playfair Cipher0Affine Cipher0Hill Cipher
IFETCE/M.E CSE/NE7202-NIS/Unit 2 Slide #9-30
![Page 31: Classical cryptography1](https://reader033.fdocuments.us/reader033/viewer/2022061218/54b6dc264a7959aa168b4582/html5/thumbnails/31.jpg)
1.Caesar Cipher
0 Earliest known substitution cipher0 Invented by Julius Caesar 0 Each letter is replaced by the letter three positions further
down the alphabet.Plain: a b c d e f g h i j k l m n o p q r s t u v w x y z
Cipher: D E F G H I J K L M N O P Q R S T U V W X Y Z A B C0 Example: ohio state RKLR VWDWH
IFETCE/M.E CSE/NE7202-NIS/Unit 2 Slide #9-31
![Page 32: Classical cryptography1](https://reader033.fdocuments.us/reader033/viewer/2022061218/54b6dc264a7959aa168b4582/html5/thumbnails/32.jpg)
Caesar Cipher
0Mathematically, map letters to numbers:a, b, c, ..., x, y, z
0, 1, 2, ..., 23, 24, 25
0Then the general Caesar cipher is:c = EK(p) = (p + k) mod 26
p = DK(c) = (c – k) mod 26
0Can be generalized with any alphabet.
IFETCE/M.E CSE/NE7202-NIS/Unit 2 Slide #9-32
![Page 33: Classical cryptography1](https://reader033.fdocuments.us/reader033/viewer/2022061218/54b6dc264a7959aa168b4582/html5/thumbnails/33.jpg)
Cryptanalysis of Caesar Cipher
0Only have 26 possible ciphers 0 A maps to A,B,..Z
0Could simply try each in turn 0A brute force search 0Given ciphertext, just try all shifts of letters0Do need to recognize when have plaintext0Eg. break ciphertext "GCUA VQ DTGCM"
IFETCE/M.E CSE/NE7202-NIS/Unit 2 Slide #9-33
![Page 34: Classical cryptography1](https://reader033.fdocuments.us/reader033/viewer/2022061218/54b6dc264a7959aa168b4582/html5/thumbnails/34.jpg)
2.Monoalphabetic Cipher
0Shuffle (jumble) the letters arbitrarily 0Each plaintext letter maps to a different
random ciphertext letter 0Hence key is 26 letters long
Plain letters: abcdefghijklmnopqrstuvwxyz
Cipher letters: DKVQFIBJWPESCXHTMYAUOLRGZN
Plaintext: ifwewishtoreplaceletters
Ciphertext: WIRFRWAJUHYFTSDVFSFUUFYA
IFETCE/M.E CSE/NE7202-NIS/Unit 2 Slide #9-34
![Page 35: Classical cryptography1](https://reader033.fdocuments.us/reader033/viewer/2022061218/54b6dc264a7959aa168b4582/html5/thumbnails/35.jpg)
Monoalphabetic Cipher Security
0Now have a total of 26! = 4 x 1026 keys 0With so many keys, might think is secure
0But not secure against some cryptanalytic attacks.
0Problem is language characteristics
IFETCE/M.E CSE/NE7202-NIS/Unit 2 Slide #9-35
![Page 36: Classical cryptography1](https://reader033.fdocuments.us/reader033/viewer/2022061218/54b6dc264a7959aa168b4582/html5/thumbnails/36.jpg)
Language Statistics and Cryptanalysis
0Human languages are not random.
0Letters are not equally frequently used.
0In English, E is by far the most common letter, followed by T, R, N, I, O, A, S.
0Other letters like Z, J, K, Q, X are fairly rare.
0There are tables of single, double & triple letter frequencies for various languages
IFETCE/M.E CSE/NE7202-NIS/Unit 2 Slide #9-36
![Page 37: Classical cryptography1](https://reader033.fdocuments.us/reader033/viewer/2022061218/54b6dc264a7959aa168b4582/html5/thumbnails/37.jpg)
English Letter Frequencies
IFETCE/M.E CSE/NE7202-NIS/Unit 2 Slide #9-37
![Page 38: Classical cryptography1](https://reader033.fdocuments.us/reader033/viewer/2022061218/54b6dc264a7959aa168b4582/html5/thumbnails/38.jpg)
Statistics for double & triple letters
0 In decreasing order of frequency
0 Double letters:
th he an in er re es on, …
0 Triple letters:
the and ent ion tio for nde, …
IFETCE/M.E CSE/NE7202-NIS/Unit 2 Slide #9-38
![Page 39: Classical cryptography1](https://reader033.fdocuments.us/reader033/viewer/2022061218/54b6dc264a7959aa168b4582/html5/thumbnails/39.jpg)
Use in Cryptanalysis0 Key concept - monoalphabetic substitution ciphers do not
change relative letter frequencies 0 To attack, we
0 calculate letter frequencies for ciphertext0 compare this distribution against the known one
0 If caesar cipher look for common peaks/troughs 0 peaks at: A-E-I triple, NO pair, RST triple0 troughs at: JK, X-Z
0 For monoalphabetic must identify each letter0 tables of common double/triple letters help
IFETCE/M.E CSE/NE7202-NIS/Unit 2 Slide #9-39
![Page 40: Classical cryptography1](https://reader033.fdocuments.us/reader033/viewer/2022061218/54b6dc264a7959aa168b4582/html5/thumbnails/40.jpg)
Example Cryptanalysis
0Given ciphertext:UZQSOVUOHXMOPVGPOZPEVSGZWSZOPFPESXUDBMETSXAIZVUEPHZHMDZSHZOWSFPAPPDTSVPQUZWYMXUZUHSXEPYEPOPDZSZUFPOMBZWPFUPZHMDJUDTMOHMQ
0Count relative letter frequencies 0Guess P & Z are e and t0Guess ZW is th and hence ZWP is the0Proceeding with trial and error finally get:
it was disclosed yesterday that several informal butdirect contacts have been made with politicalrepresentatives of the viet cong in moscow
IFETCE/M.E CSE/NE7202-NIS/Unit 2 Slide #9-40
![Page 41: Classical cryptography1](https://reader033.fdocuments.us/reader033/viewer/2022061218/54b6dc264a7959aa168b4582/html5/thumbnails/41.jpg)
3.Playfair Cipher
Not even the large number of keys in a monoalphabetic cipher provides security
One approach to improving security was to encrypt multiple letters
Playfair Cipher was invented by Charles Wheatstone in 1854, but named after his friend Baron Playfair
IFETCE/M.E CSE/NE7202-NIS/Unit 2 Slide #9-41
![Page 42: Classical cryptography1](https://reader033.fdocuments.us/reader033/viewer/2022061218/54b6dc264a7959aa168b4582/html5/thumbnails/42.jpg)
Playfair Key Matrix
0A 5X5 matrix of letters based on a keyword 0Fill in letters of keyword 0Fill rest of matrix with other letters0Eg. using the keyword MONARCHY
MM OO NN AA RR
CC HH YY BB DD
EE FF GG I/JI/J KK
LL PP QQ SS TT
UU VV WW XX ZZIFETCE/M.E CSE/NE7202-NIS/Unit 2 Slide #9-42
![Page 43: Classical cryptography1](https://reader033.fdocuments.us/reader033/viewer/2022061218/54b6dc264a7959aa168b4582/html5/thumbnails/43.jpg)
Encrypting and Decrypting0Plaintext is encrypted two letters at a time
1. if a pair is a repeated letter, insert filler like 'X’
2. if both letters fall in the same row, replace each with letter to right (wrapping back to start from end)
3. if both letters fall in the same column, replace each with the letter below it (wrapping to top from bottom)
4. otherwise each letter is replaced by the letter in the same row and in the column of the other letter of the pair
IFETCE/M.E CSE/NE7202-NIS/Unit 2 Slide #9-43
![Page 44: Classical cryptography1](https://reader033.fdocuments.us/reader033/viewer/2022061218/54b6dc264a7959aa168b4582/html5/thumbnails/44.jpg)
Security of Playfair Cipher
0Equivalent to a monoalphabetic cipher with an alphabet of 26 x 26 = 676 characters.
0Security is much improved over the simple monoalphabetic cipher.
0Widely used for many yearseg. by US & British military in WW1 and WW2
0Once thought to be unbreakable.0Actually, it can be broken, because it still
leaves some structure of plaintext intact.
IFETCE/M.E CSE/NE7202-NIS/Unit 2 Slide #9-44
![Page 45: Classical cryptography1](https://reader033.fdocuments.us/reader033/viewer/2022061218/54b6dc264a7959aa168b4582/html5/thumbnails/45.jpg)
4.Affine Ciphers
}25,24,,2,1,0{26 Z1)26,gcd( a
)( baxy
![Page 46: Classical cryptography1](https://reader033.fdocuments.us/reader033/viewer/2022061218/54b6dc264a7959aa168b4582/html5/thumbnails/46.jpg)
The affine cipher uses a pair of keys in which the first key is from 26* and the second is from
26.The size of the key domain is 26 × 12 = 312.
Use an affine cipher to encrypt the message “hello” with the key pair (7, 2).
Example 3.10
Example
![Page 47: Classical cryptography1](https://reader033.fdocuments.us/reader033/viewer/2022061218/54b6dc264a7959aa168b4582/html5/thumbnails/47.jpg)
0 If Alice chooses m=26, (a,b)=(7,3) and encrypts the German word “bald” with the affine cipher, what is the ciphertext?
Excercise
![Page 48: Classical cryptography1](https://reader033.fdocuments.us/reader033/viewer/2022061218/54b6dc264a7959aa168b4582/html5/thumbnails/48.jpg)
5.Hill Cipher
0 Takes two or three or more letter combinations to the same size combinations, e.g. “the” “rqv”
0 Uses simple linear equations0 An example of a “block” cipher encrypting a block of
text at a time0 Numbered alphabet: a = 0, b = 1, c = 3, etc.
IFETCE/M.E CSE/NE7202-NIS/Unit 2 Slide #9-48
![Page 49: Classical cryptography1](https://reader033.fdocuments.us/reader033/viewer/2022061218/54b6dc264a7959aa168b4582/html5/thumbnails/49.jpg)
Letter to Number Substitution
A B C D E F G H I J K L M
0 1 2 3 4 5 6 7 8 9 10 11 12
N O P Q R S T U V W X Y Z
13 14 15 16 17 18 19 20 21 22 23 24 25
![Page 50: Classical cryptography1](https://reader033.fdocuments.us/reader033/viewer/2022061218/54b6dc264a7959aa168b4582/html5/thumbnails/50.jpg)
Modular Inverses of Mod 26
A 1 3 5 7 9 11 15 17 19 21 23 25
A-1 1 9 21 15 3 19 7 23 11 5 17 25
Example – Find the Modular Inverse of 9 for Mod 269 · 3 = 27
27 Mod 26 = 1
3 is the Modular Inverse of 9 Mod 26
![Page 51: Classical cryptography1](https://reader033.fdocuments.us/reader033/viewer/2022061218/54b6dc264a7959aa168b4582/html5/thumbnails/51.jpg)
Encryption
0 Assign each letter in alphabet a number between 0 and 25
0 Change message into 2 x 1 letter vectors0 Change each vector into 2 x 1 numeric vectors0 Multiply each numeric vector by encryption matrix0 Convert product vectors to letters
![Page 52: Classical cryptography1](https://reader033.fdocuments.us/reader033/viewer/2022061218/54b6dc264a7959aa168b4582/html5/thumbnails/52.jpg)
Change Message to Vectors
Message to encrypt = HELLO WORLD
![Page 53: Classical cryptography1](https://reader033.fdocuments.us/reader033/viewer/2022061218/54b6dc264a7959aa168b4582/html5/thumbnails/53.jpg)
Multiply Matrix by Vectors
![Page 54: Classical cryptography1](https://reader033.fdocuments.us/reader033/viewer/2022061218/54b6dc264a7959aa168b4582/html5/thumbnails/54.jpg)
Convert to Mod 26
![Page 55: Classical cryptography1](https://reader033.fdocuments.us/reader033/viewer/2022061218/54b6dc264a7959aa168b4582/html5/thumbnails/55.jpg)
Convert Numbers to Letters
“hello world” has been encrypted to SLHZY ATGZT
![Page 56: Classical cryptography1](https://reader033.fdocuments.us/reader033/viewer/2022061218/54b6dc264a7959aa168b4582/html5/thumbnails/56.jpg)
Decryption
0 Change message into 2 x 1 letter vectors0 Change each vector into 2 x 1 numeric vectors0 Multiply each numeric vector by decryption matrix0 Convert new vectors to letters
![Page 57: Classical cryptography1](https://reader033.fdocuments.us/reader033/viewer/2022061218/54b6dc264a7959aa168b4582/html5/thumbnails/57.jpg)
Change Message to Vectors
Ciphertext to decrypt = SLHZYATGZ
![Page 58: Classical cryptography1](https://reader033.fdocuments.us/reader033/viewer/2022061218/54b6dc264a7959aa168b4582/html5/thumbnails/58.jpg)
Multiply Matrix by Vectors
![Page 59: Classical cryptography1](https://reader033.fdocuments.us/reader033/viewer/2022061218/54b6dc264a7959aa168b4582/html5/thumbnails/59.jpg)
Convert to Mod 26
![Page 60: Classical cryptography1](https://reader033.fdocuments.us/reader033/viewer/2022061218/54b6dc264a7959aa168b4582/html5/thumbnails/60.jpg)
Convert Numbers to Letters
SLHZYATGZT has been decrypted to “hello world”
![Page 61: Classical cryptography1](https://reader033.fdocuments.us/reader033/viewer/2022061218/54b6dc264a7959aa168b4582/html5/thumbnails/61.jpg)
Exercise
C1 9 18 10 p1
C2 = 16 21 1 p2 (mod 26)
C3 5 12 23 p3
0Encrypt the plaintext “pay more money” with the given key
![Page 62: Classical cryptography1](https://reader033.fdocuments.us/reader033/viewer/2022061218/54b6dc264a7959aa168b4582/html5/thumbnails/62.jpg)
Polyalphabetic Substitution Ciphers
0A sequence of monoalphabetic ciphers (M1, M2, M3, ..., Mk) is used in turn to encrypt letters.
0A key determines which sequence of ciphers to use.
0Each plaintext letter has multiple corresponding ciphertext letters.
0This makes cryptanalysis harder since the letter frequency distribution will be flatter. vc
IFETCE/M.E CSE/NE7202-NIS/Unit 2 Slide #9-62
![Page 63: Classical cryptography1](https://reader033.fdocuments.us/reader033/viewer/2022061218/54b6dc264a7959aa168b4582/html5/thumbnails/63.jpg)
1.Vigenère Cipher
0Simplest polyalphabetic substitution cipher0Effectively multiple caesar ciphers
0Key is multiple letters long K = k1 k2 ... kd
0ith letter specifies ith alphabet to use 0Use each alphabet in turn 0Repeat from start after d letters in message0Decryption simply works in reverse
IFETCE/M.E CSE/NE7202-NIS/Unit 2 Slide #9-63
![Page 64: Classical cryptography1](https://reader033.fdocuments.us/reader033/viewer/2022061218/54b6dc264a7959aa168b4582/html5/thumbnails/64.jpg)
IFETCE/M.E CSE/NE7202-NIS/Unit 2 Slide #9-64
![Page 65: Classical cryptography1](https://reader033.fdocuments.us/reader033/viewer/2022061218/54b6dc264a7959aa168b4582/html5/thumbnails/65.jpg)
Example of Vigenère Cipher
0Keyword: deceptivekey: deceptivedeceptivedeceptive
plaintext: wearediscoveredsaveyourself
ciphertext: ZICVTWQNGRZGVTWAVZHCQYGLMGJ
IFETCE/M.E CSE/NE7202-NIS/Unit 2 Slide #9-65
![Page 66: Classical cryptography1](https://reader033.fdocuments.us/reader033/viewer/2022061218/54b6dc264a7959aa168b4582/html5/thumbnails/66.jpg)
Security of Vigenère Ciphers0There are multiple ciphertext letters corresponding
to each plaintext letter.0So, letter frequencies are obscured but not totally
lost.0To break Vigenere cipher:
1. Try to guess the key length. How?
2. If key length is N, the cipher consists of N Caesar ciphers. Plaintext letters at positions k, N+k, 2N+k, 3N+k, etc., are encoded by the same cipher.
3. Attack each individual cipher as before.IFETCE/M.E CSE/NE7202-NIS/Unit 2 Slide #9-66
![Page 67: Classical cryptography1](https://reader033.fdocuments.us/reader033/viewer/2022061218/54b6dc264a7959aa168b4582/html5/thumbnails/67.jpg)
Guessing the Key Length0Main idea: Plaintext words separated by multiples
of the key length are encoded in the same way. 0In our example, if plaintext = “…thexxxxxxthe…”
then “the” will be encrypted to the same ciphertext words.
0So look at the ciphertext for repeated patterns.0E.g. repeated “VTW” in the previous example
suggests a key length of 3 or 9: ciphertext: ZICVTWQNGRZGVTWAVZHCQYGLMGJ
0Of course, the repetition could be a random fluke.0Then attack each monoalphabetic cipher
individually using same techniques as before
IFETCE/M.E CSE/NE7202-NIS/Unit 2 Slide #9-67
![Page 68: Classical cryptography1](https://reader033.fdocuments.us/reader033/viewer/2022061218/54b6dc264a7959aa168b4582/html5/thumbnails/68.jpg)
2.Vernam Cipher/
0 Ultimate defense is to use a key as long as the plaintext with no statistical relationship to it
0 Invented by AT&T engineer Gilbert Vernam in 19180 Originally proposed using a very long but eventually
repeating key
IFETCE/M.E CSE/NE7202-NIS/Unit 2 Slide #9-68
![Page 69: Classical cryptography1](https://reader033.fdocuments.us/reader033/viewer/2022061218/54b6dc264a7959aa168b4582/html5/thumbnails/69.jpg)
Vernam cipher random key bits K1, K2,…, Kn
plaintext bits P1, P2,…, Pn
+P1 K1, P2 K2,…, Pn Kn
ciphertext bits
How do you decrypt using the Vernam cipher?
![Page 70: Classical cryptography1](https://reader033.fdocuments.us/reader033/viewer/2022061218/54b6dc264a7959aa168b4582/html5/thumbnails/70.jpg)
Vernam Cipher Example
![Page 71: Classical cryptography1](https://reader033.fdocuments.us/reader033/viewer/2022061218/54b6dc264a7959aa168b4582/html5/thumbnails/71.jpg)
3.One-Time Pad
0If a truly random key as long as the message is used, the cipher will be secure
0Called as One-Time pad0It is unbreakable since ciphertext bears no
statistical relationship to the plaintext0Since for any plaintext & any ciphertext there
exists a key mapping one to other0Can use the key only once though0Problems in generation & safe distribution of key
IFETCE/M.E CSE/NE7202-NIS/Unit 2 Slide #9-71
![Page 72: Classical cryptography1](https://reader033.fdocuments.us/reader033/viewer/2022061218/54b6dc264a7959aa168b4582/html5/thumbnails/72.jpg)
One-Time Pad
0 The message is represented as a binary string (a sequence of 0’s and 1’s using a coding mechanism such as ASCII coding.
0 The key is a truly random sequence of 0’s and 1’s of the same length as the message.
0 The encryption is done by adding the key to the message modulo 2, bit by bit. This process is often called exclusive or, and is denoted by XOR. The symbol is used
IFETCE/M.E CSE/NE7202-NIS/Unit 2 Slide #9-72
![Page 73: Classical cryptography1](https://reader033.fdocuments.us/reader033/viewer/2022061218/54b6dc264a7959aa168b4582/html5/thumbnails/73.jpg)
Example
0message =‘IF’ 0then its ASCII code =(1001001 1000110) 0key = (1010110 0110001)0Encryption:
0 1001001 1000110 plaintext0 1010110 0110001 key0 0011111 1110110 ciphertext
0Decryption:0 0011111 1110110 ciphertext0 1010110 0110001 key0 1001001 1000110 plaintext
![Page 74: Classical cryptography1](https://reader033.fdocuments.us/reader033/viewer/2022061218/54b6dc264a7959aa168b4582/html5/thumbnails/74.jpg)
4.Rotor Cipher 0 Before modern ciphers, rotor machines were most common
complex ciphers in use.
0 Widely used in WW2.
0 Used a series of rotating cylinders.
0 Implemented a polyalphabetic substitution cipher of period K.
0 With 3 cylinders, K = 263 =17,576.
0 With 5 cylinders, K = 265 =12 x 106.
IFETCE/M.E CSE/NE7202-NIS/Unit 2 Slide #9-74
![Page 75: Classical cryptography1](https://reader033.fdocuments.us/reader033/viewer/2022061218/54b6dc264a7959aa168b4582/html5/thumbnails/75.jpg)
Rotor Cipher
A three letter word such as “bee” is encrypted as
“BCA”.
![Page 76: Classical cryptography1](https://reader033.fdocuments.us/reader033/viewer/2022061218/54b6dc264a7959aa168b4582/html5/thumbnails/76.jpg)
Enigma Machine
Originally invented by Sherbius, but was modified by
the German army and extensively used during World
War II.
![Page 77: Classical cryptography1](https://reader033.fdocuments.us/reader033/viewer/2022061218/54b6dc264a7959aa168b4582/html5/thumbnails/77.jpg)
Enigma Rotor Machine
IFETCE/M.E CSE/NE7202-NIS/Unit 2 Slide #9-77
![Page 78: Classical cryptography1](https://reader033.fdocuments.us/reader033/viewer/2022061218/54b6dc264a7959aa168b4582/html5/thumbnails/78.jpg)
Transposition Ciphers
0Also called permutation ciphers.0A transposition cipher reorders symbols.0Can recognise these since have the same
frequency distribution as the original text
IFETCE/M.E CSE/NE7202-NIS/Unit 2 Slide #9-78
![Page 79: Classical cryptography1](https://reader033.fdocuments.us/reader033/viewer/2022061218/54b6dc264a7959aa168b4582/html5/thumbnails/79.jpg)
1.Rail Fence cipher
0Write message letters out diagonally over a number of rows
0Then read off cipher row by row0For example to send the message “Meet
me at the park” to Bob, Alice writes
0CiphertextMEMATEAKETETHPR
IFETCE/M.E CSE/NE7202-NIS/Unit 2 Slide #9-79
![Page 80: Classical cryptography1](https://reader033.fdocuments.us/reader033/viewer/2022061218/54b6dc264a7959aa168b4582/html5/thumbnails/80.jpg)
2.Row Transposition Ciphers
0Plaintext is written row by row in a rectangle.
0Ciphertext: write out the columns in an order specified by a key.
Key: 3 4 2 1 5 6 7
Plaintext:
Ciphertext: TTNAAPTMTSUOAODWCOIXKNLYPETZ
IFETCE/M.E CSE/NE7202-NIS/Unit 2
a t t a c k po s t p o n e
d u n t i l tw o a m x y z
Slide #9-80
![Page 81: Classical cryptography1](https://reader033.fdocuments.us/reader033/viewer/2022061218/54b6dc264a7959aa168b4582/html5/thumbnails/81.jpg)
Example 2
![Page 82: Classical cryptography1](https://reader033.fdocuments.us/reader033/viewer/2022061218/54b6dc264a7959aa168b4582/html5/thumbnails/82.jpg)
• The ciphers are vulnerable to several kinds of ciphertext-only attacks.
• Statistical Attack:A transposition cipher does not change the
frequency of letters in ciphertext, but dose not preserve the frequency of digrams and trigrams.
• Brute-Force Attack: The number of keys can be huge (1! + 2! + … +
L!), where L is the length of the ciphertext.
A better approach is to guess the number of columns.
Transposition Cipher-Cryptanalysis
![Page 83: Classical cryptography1](https://reader033.fdocuments.us/reader033/viewer/2022061218/54b6dc264a7959aa168b4582/html5/thumbnails/83.jpg)
Product Ciphers0Ciphers using substitutions or transpositions are
not secure because of language characteristics0Consider using several ciphers in succession to
make harder, but: 0 two substitutions make a more complex substitution 0 two transpositions make more complex transposition
0Uses a sequence of substitutions and transpositions0 Harder to break than just substitutions or transpositions
0This is a bridge from classical to modern ciphers
IFETCE/M.E CSE/NE7202-NIS/Unit 2 Slide #9-83
![Page 84: Classical cryptography1](https://reader033.fdocuments.us/reader033/viewer/2022061218/54b6dc264a7959aa168b4582/html5/thumbnails/84.jpg)
Stream Ciphers
Call the plaintext stream P, the ciphertext stream C, and the key stream K.
![Page 85: Classical cryptography1](https://reader033.fdocuments.us/reader033/viewer/2022061218/54b6dc264a7959aa168b4582/html5/thumbnails/85.jpg)
Block Ciphers
• In a block cipher, a group of plaintext symbols of size m (m > 1) are encrypted together creating a group of ciphertext of the same size.
• A single key is used to encrypt the whole block even if the key is made of multiple values.
![Page 86: Classical cryptography1](https://reader033.fdocuments.us/reader033/viewer/2022061218/54b6dc264a7959aa168b4582/html5/thumbnails/86.jpg)
Playfair ciphers are block ciphers. The size of the block is m = 2. Two characters are encrypted together.
Example 1
Hill ciphers are block ciphers. A block of plaintext, of size 2 or more is encrypted together using a single key (a matrix). In these ciphers, the value of each character in the ciphertext depends on all the values of the characters in the plaintext.Although the key is made of m × m values,
it is considered as a single key.
Example 2
Block Ciphers
![Page 87: Classical cryptography1](https://reader033.fdocuments.us/reader033/viewer/2022061218/54b6dc264a7959aa168b4582/html5/thumbnails/87.jpg)
Classical to Modern Cryptography
0 Classical cryptography0 Encryption/decryption done by hand
0 Modern cryptography0 Computers to encrypt and decrypt0 Same principles, but automation allows ciphers to
become much more complex
IFETCE/M.E CSE/NE7202-NIS/Unit 2 Slide #9-87
![Page 88: Classical cryptography1](https://reader033.fdocuments.us/reader033/viewer/2022061218/54b6dc264a7959aa168b4582/html5/thumbnails/88.jpg)
Summary
0 Cryptography-Definitions0 Cryptanalysis0 Classical Cryptography
0 Substitution0 Transposition0 Product
0 Steam cipher0 Block Cipher
IFETCE/M.E CSE/NE7202-NIS/Unit 2 Slide #9-88