Cryptography Chapter 1 - AbiusX › archive › paper › crypto1.pdf · k3 (p) (k3 = k1 + k2) ......
Transcript of Cryptography Chapter 1 - AbiusX › archive › paper › crypto1.pdf · k3 (p) (k3 = k1 + k2) ......
-
July 13 2013
CryptographyChapter 1: Early Classic Ciphers
Instructor: Abbas Naderi Afooshteh (aka AbiusX)
-
Cryptography Usages
✤ Sending Encrypted Messages (e.g Attack At Dawn)
✤ Storing Sensitive Data (e.g Treasure Passwords)
✤ What else?
-
Cryptography is a Science
✤ Information Security is a Tech, not a science
✤ Cryptography is a science, very close to pure sciences
✤ Crypto is mostly based on Mathematics,
✤ But nothing like the mathematics you’ve studied so far :D
✤ It’s based on Discrete Mathematics (no Algebra)
-
Cryptography is a Hard
✤ Crypto is one of the hardest available sciences,
✤ You have to combine rigorous math with practice!
✤ It’s secret-like nature makes it interesting
✤ Is mostly supported by militaries
✤ Is the main weapon of nowadays wars
✤ Was the second main weapon in World War II !
-
Classic Cryptography
-
Scope of Classic Crypto
✤ Everything before the age of computers
✤ We don’t have bits and bytes, we have English alphabet
✤ We want to encrypt and decrypt messages in English
✤ So our input set is the set of English alphabet {A,B,C,...,Z}
✤ Our input set has 26 elements
✤ Every letter is equal to a number, A=0, B=1, C=2, ... , Z=25
-
Terminology
✤ Plaintext: the human-readable text in English
✤ Ciphertext: the encrypted text without meaning, also in English
✤ Cipher: the machine that converts plaintext to ciphertext or vice versa
✤ Encryption: the operation that converts plaintext to ciphertext
✤ Decryption: the operation that converts ciphertext to plaintext
✤ Key: the (cryptographically) holy magic maker
✤ Cryptanalysis: breaking a cipher by analyzing it
-
Cipher
✤ Key is always an input
✤ Either plaintext or ciphertext as input
✤ The other one as output
✤ Invalid keys make invalid outputs
Cipher
Plaintext
Ciphertext
Key
-
100 BC
Caesar CipherThe earliest known cryptosystem
-
Caesar Cipher
✤ Key: a single English letter
✤ Plaintext: any English text
✤ Cipher: Add key to every letter of plaintext
✤ If its >=26, reduce by 26
✤ Example:This is a secret message (+D)=wklv lv d vhfuhw phvvdjh
-
Caesar Cipher (2)
✤ Encryption:
✤ E(p,k) = c = p+k mod 26
✤ Decryption:
✤ p = D(c,k) = c-k mod 26
✤ Key Space:
✤ 26 (why?)
✤ A larger example:
Wb qfmdhcufodvm, o Qosgof qwdvsf, ozgc ybckb og Qosgof'g qwdvsf, hvs gvwth qwdvsf, Qosgof'g qcrs cf Qosgof gvwth, wg cbs ct hvs gwadzsgh obr acgh kwrszm ybckb sbqfmdhwcb hsqvbweisg. Wh wg o hmds ct gipghwhihwcb qwdvsf wb kvwqv soqv zshhsf wb hvs dzowbhslh wg fsdzoqsr pm o zshhsf gcas twlsr biapsf ct dcgwhwcbg rckb hvs ozdvopsh. Tcf sloadzs, kwhv o zsth gvwth ct 3, R kcizr ps fsdzoqsr pm O, S kcizr psqcas P, obr gc cb. Hvs ashvcr wg boasr othsf Xizwig Qosgof, kvc igsr wh wb vwg dfwjohs qcffsgdcbrsbqs.
-
Caesar Cryptanalysis
✤ First Attack: Always Brute Force
✤ Depends on Key Space
✤ Is a Known Plaintext Attack!
✤ But every sufficiently long message has some known words
✤ Is infeasible, with 100 BC literacy
✤ Is very slow by hand
✤ A moment of a CPU
-
Attack Terminology
✤ There are 3 types of attacks against cryptosystems:
✤ Ciphertext-only Attack: the attacker only has access to the ciphertext
✤ Known-plaintext Attack: the attacker has some plaintext, along with all ciphertext
✤ Chosen-plaintext Attack: the attacker has any plaintext, and its equivalent ciphertext available (e.g a crypto machine at hand)
-
Caesar Cryptanalysis (2)
✤ Is Caesar Linear? Lets find out:
✤ E(p,k) = (p + k) mod 26
✤ Ek(p) = (p + k) mod 26 (for a constant k)
✤ Ek1( Ek2(p)) = (( p + k2 mod 26) + k1) mod 26 =
✤ (p + k2 + k1) mod 26 = (p + k3) mod 26 =
✤ Ek3 (p) (k3 = k1 + k2)
✤ Caesar is Linear. What does it mean?
-
Caesar Cryptanalysis (3)
✤ Brute-Force is slow and brute! Any better methods?
✤ Frequency Analysis: Some letters are more frequent in English text than others.
✤ Requires a sufficiently large text
✤ In worst case, reduces key-space
✤ Only one run through the whole text (Counting Sort)
-
Frequency AnalysisSome letters are more frequent in English text than others
-
Caesar Cryptanalysis (4)
✤ How to employ Frequency Analysis?
✤ If our ciphertext’s counting sort result has 100 x and 80 i
✤ What is the key?
✤ If result had 70 k, 70 z and 70 o,
✤ What would the key be this time?
✤A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25
-
Caesar Cryptanalysis (5)
✤ Assignment 1:
✤ I) Write a program that receives a text and a letter, and encrypts or decrypts it based on user decision via Caesar cipher.
✤ II) Write a program (in your desired PL) that receives a Caesar ciphertext, a part of the plaintext (at least 5 letters), and outputs the key. Break the sample on page 11 using that.
✤ III) Write a program (in your desired PL) that receives a Caesar ciphertext (at least 1000 characters long) and breaks the code using Frequency Analysis. Test it on shorter passages, and add features to reduce program mistakes.
Submit To: [email protected]
-
Crypto Epoch
Affine CipherThe twisted Caesar!
-
Affine Cipher
✤ Key: two single English letter
✤ one of them needs to be a coprime of 26 (i.e no 2’s or 13’s in it)
✤ We will know why later.
✤ Plaintext: any English text
✤ Cipher: Multiply every letter by first key letter, then add with second key letter
✤ If its >=26, modulo (not reduce) by 26
-
Affine Cipher (2)
✤ Key = (ka,kb)
✤ Encryption:
✤ E(p,k) = (ka*p+kb) mod 26
✤ Decryption:
✤ D(c,k) = ???
✤ Key Space:
✤ 26*12=312 (why?)
✤ A large example:
Uwd vsslid zlmwdq lf v urmd xs txixvemwvkdulz fjkfulujulxi zlmwdq, nwdqdli dvzw eduudq li vi vemwvkdu lf tvmmdo ux luf ijtdqlz dbjlyvediu, dizqrmudo jflih v fltmed tvuwdtvulzve sjizulxi, vio zxiydqudo kvzp ux v eduudq. Uwd sxqtjev jfdo tdvif uwvu dvzw eduudq dizqrmuf ux xid xuwdq eduudq, vio kvzp vhvli, tdvilih uwd zlmwdq lf dffdiulveer v fuviovqo fjkfulujulxi zlmwdq nluw v qjed hxydqilih nwlzw eduudq hxdf ux nwlzw. Vf fjzw, lu wvf uwd ndvpidffdf xs vee fjkfulujulxi zlmwdqf. Dvzw eduudq lf dizlmwdqdo nluw uwd sjizulxi (vc+k)\txo(26), nwdqd k lf uwd tvhilujod xs uwd fwlsu.
-
Affine Cipher (3)
✤ What is the decryption algorithm?
✤ We need the inverse operation for a module-multiplication (finite-field arithmetic)
✤ a * b mod x = c => a = c/b mod x (?)
✤ No division in discrete mathematics (no fractions!)
✤ We need to multiply by MMI (modular multiplicative inverse)
-
Affine Cipher (4)
✤ MMI of a mod x is:
✤ a-1 if and only if a * a-1 mod x = 1
✤ x is 26 in our cipher
✤ MMI of 5 mod 26 is:
✤ 5 * ? mod 26 = 1 => 21 (5*21 = 105, 105-26*4 =1)
✤ MMI is calculated using the Extended Euclidean Algorithm
-
Affine Cryptanalysis
✤ Affine Key Space is 312:
✤ Large enough for hand
✤ Still too small for a CPU, but we made it 10 times slower easily!
✤ Brute-Force without a computer is futile
✤ What about Frequency Analysis?
-
Affine Cryptanalysis (2)
✤ We can still use frequency analysis, but we have to discover both key components (ka & kb)
✤ Example: assume we had 100 x and 80 q, how can we find out keys?
-
Affine Cryptanalysis (3)
✤ Is Affine Linear?
✤ Ek1(Ek2(p))= Ek1( k2a* p + k2b) mod 26 (both mul and sum are modulo safe)
✤ = (k1a* ( k2a* p + k2b) + k1b) mod 26
✤ = (k1a * k2a * p + k1a*k2b + k1b) mod 26
✤ = (k3a * p + k3b) mod 26 (Where k3a = k1a*k2a and k3b= k1a*k2b + k1b)
✤ = Ek3(p)
✤ Affine is Linear too.
-
Affine Cryptanalysis (4)
✤ How to make Affine or Caesar more resistant to Frequency Analysis?
✤ Why were both of them prone to Frequency Analysis?
✤ Was the ciphertext letters, the same with plaintext?
-
Caesar Cryptanalysis (5)
✤ Assignment 2:
✤ I) Write a program that receives a text and two letters, and encrypts or decrypts it based on user decision via Affine cipher.
✤ II) (bonus) Create a program that breaks Affine ciphertext using frequency analysis (more than 1000 characters).
Submit To: [email protected]
-
End of Chapter 1