CSCE 715:Network Systems Security

Chin-Tser Huanghuangct@cse.sc.edu

University of South Carolina

08/26/2010 2

Cryptography

Study of schemes used for encryption

Can be characterized by type of encryption operations used

substitution / transposition / product number of keys used

single-key or shared / two-key or public way in which plaintext is processed

block / stream

08/26/2010 3

Security of Cryptography Unconditional security

no matter how much computer power is available, the cipher cannot be broken since the ciphertext provides insufficient information to uniquely determine the corresponding plaintext

Computational security given limited computing resources (e.g. time

needed for calculations is greater than age of universe), the cipher cannot be broken

08/26/2010 4

Average Time Required for Exhaustive Key Search

08/26/2010 5

Cryptographic Tools To Be Used

Shared keys Public and private keys Hashing functions and message

digest Nonces

08/26/2010 6

Symmetric Encryption

Sender and receiver share a common key

All classical encryption algorithms belong to this type

Was the only type of encryption prior to invention of public-key in 1970’s

08/26/2010 7

Basic Terminology plaintext - the original message ciphertext - the coded message cipher - algorithm for transforming plaintext to

ciphertext key - info used in cipher known only to sender/receiver encipher (encrypt) - converting plaintext to ciphertext decipher (decrypt) – restoring plaintext from

ciphertext cryptography - study of encryption principles/methods cryptanalysis (codebreaking) - the study of

principles/ methods of deciphering ciphertext without knowing key

cryptology - the field of both cryptography and cryptanalysis

08/26/2010 8

Types of Cryptanalytic Attacks Ciphertext only

only know algorithm, ciphertext, and statistics can identify plaintext

Known plaintext know/suspect plaintext and ciphertext

Chosen plaintext select plaintext and obtain ciphertext

Chosen ciphertext select ciphertext and obtain plaintext

Chosen text select either plaintext or ciphertext to encrypt or

decrypt

08/26/2010 9

Symmetric Cipher Model

08/26/2010 10

Requirements Two requirements for secure use of

symmetric encryption a strong encryption algorithm a secret key K known only to sender and

receiverY = EK(X)

X = DK(Y)

Assume encryption algorithm is known Imply a secure channel used to distribute

key

08/26/2010 11

Classical Substitution Ciphers

Letters of plaintext are replaced by other letters, by numbers, or by symbols

If plaintext is viewed as a sequence of bits, then substitution involves replacing plaintext bit patterns with ciphertext bit patterns

08/26/2010 12

Caesar Cipher Earliest known substitution cipher Invented by Julius Caesar First attested use in military affairs Replace each letter by the letter

three places down the alphabet For example,

meet me after the toga partyPHHW PH DIWHU WKH WRJD SDUWB

08/26/2010 13

Mechanism of Caesar Cipher Can define transformation as

a b c d e f g h i j k l m n o p q r s t u v w x y zD E F G H I J K L M N O P Q R S T U V W X Y Z A B C

Or assign each letter a numbera b c d e f g h i j k l m0 1 2 3 4 5 6 7 8 9 10 11 12n o p q r s t u v w x y Z13 14 15 16 17 18 19 20 21 22 23 24 25

In general, Caesar cipher can be specified asC = E(p) = (p + k) mod (26)p = D(C) = (C – k) mod (26)

08/26/2010 14

Cryptanalysis of Caesar Cipher

Only 26 possible ciphers “A” can map to “A”, “B”, ... “Z”

Can easily break with brute-force cryptanalysis Given ciphertext, just try all 26 ciphers

Need to recognize the original plaintext eg. break ciphertext "GCUA VQ DTGCM"

08/26/2010 15

Monoalphabetic Cipher Rather than just shifting the alphabet Can shuffle the letters arbitrarily Each letter in plain alphabet maps to a

different random letter in cipher alphabet Hence key is 26 letters long For example,

Plain: abcdefghijklmnopqrstuvwxyz Cipher: DKVQFIBJWPESCXHTMYAUOLRGZNPlaintext: ifwewishtoreplacelettersCiphertext: WIRFRWAJUHYFTSDVFSFUUFYA

08/26/2010 16

Monoalphabetic Cipher Security

Now have a total of 26! 4 x 1026

keys With so many keys, might think is

secure Still has problem: natural language

characteristics

08/26/2010 17

Language Characteristics and Cryptanalysis

Letters are not equally commonly used

In English, “E” is by far the most common letter, followed by “T”, “A”, “O”, “I”, “N”, “S”, “H”, “R”

Other letters “Z”, “J”, “K”, “Q”, “X” are rarely used

Have tables of single, double & triple letter frequencies

08/26/2010 18

English Letter Frequencies

08/26/2010 19

Cryptanalysis of Caesar Cipher and Monoalphabetic Cipher Fact: monoalphabetic substitution ciphers do

not change relative letter frequencies Discovered by Arabian scientists in 9th century Calculate letter frequencies for ciphertext Compare counts/plots against known values For Caesar cipher, look for common peaks and

troughs peaks at: A-E-I triple, NO pair, RST triple troughs at: JK, X-Z

For monoalphabetic, must identify each letter tables of common double/triple letters help

08/26/2010 20

Example Cryptanalysis Given ciphertext:

UZQSOVUOHXMOPVGPOZPEVSGZWSZOPFPESXUDBMETSXAIZVUEPHZHMDZSHZOWSFPAPPDTSVPQUZWYMXUZUHSXEPYEPOPDZSZUFPOMBZWPFUPZHMDJUDTMOHMQ

Count relative letter frequencies Guess “P” and “Z” are “e” and “t” Guess “ZW” is “th” and hence “ZWP” is

“the” Proceeding with trial and error finally get:

it was disclosed yesterday that several informal butdirect contacts have been made with politicalrepresentatives of the viet cong in moscow

08/26/2010 21

Playfair Cipher

Not even the large number of keys in a monoalphabetic cipher provides security

One approach to improving security was to encrypt multiple letters

Playfair cipher is an example

08/26/2010 22

Playfair Key Matrix A 5X5 matrix of letters based on a keyword Fill in letters of keyword (sans duplicates) Fill rest of matrix with other letters Eg. using the keyword MONARCHY

M O N A R

C H Y B D

E F G I/J K

L P Q S T

U V W X Z

08/26/2010 23

Encrypting and Decrypting plaintext is encrypted two letters at a time

1. if a pair is a repeated letter, insert a filler like “X” eg. “balloon” is transformed into “ba lx lo on”

2. if both letters fall in the same row, replace each with the letter to right (wrapping back to start from end) eg. “ar” encrypts as “RM”

3. if both letters fall in the same column, replace each with the letter below it (again wrapping to top from bottom) eg. “mu” encrypts to “CM”

4. otherwise each letter is replaced by the one in its row in the column of the other letter of the pair eg. “hs” encrypts to “BP”, and “ea” to “IM” or “JM” (as desired)

08/26/2010 24

Security of Playfair Cipher Security much improved over

monoalphabetic Have 26 x 26 = 676 digrams Would need a 676-entry frequency table to

analyze (verses 26 for a monoalphabetic) Also need correspondingly more

ciphertexts Can still be broken since still has much of

plaintext structure

08/26/2010 25

Polyalphabetic Ciphers Another approach is to use multiple

cipher alphabets to improve security Make cryptanalysis harder with more

alphabets to guess and flatter frequency distribution

Use a key to select which alphabet is used for each letter of the message

Use each alphabet in turn Repeat from start after end of key is

reached

08/26/2010 26

Vigenère Cipher Simplest polyalphabetic substitution cipher

which effectively multiply Caesar ciphers Key is multiple letters long: K = k1 k2 ... kd ith letter specifies ith alphabet to use Use each key letter as a Caesar cipher key Eg. using keyword deceptive

key: deceptivedeceptivedeceptiveplaintext: wearediscoveredsaveyourselfciphertext:ZICVTWQNGRZGVTWAVZHCQYGLMGJ

08/26/2010 27

Security of Vigenère Ciphers Have multiple ciphertext letters for each

plaintext letter: obscure letter frequencies a bit Cryptanalysis starts with letter frequencies

see if look monoalphabetic or not if not, need to determine number of alphabets

Repetitions in ciphertext give clues to period Find same plaintext an exact period apart which

results in the same ciphertext (could also be random fluke)

E.g. repeated “VTW” in previous example suggests size of 3 or 9

08/26/2010 28

Autokey Cipher To eliminate periodic nature of keyword,

keyword is concatenated with plaintext to form a running key

Knowing keyword can recover the first few letters

Use these in turn on the rest of the message E.g. given key deceptive

key: deceptivewearediscoveredsavplaintext: wearediscoveredsaveyourselfciphertext:ZICVTWQNGKZEIIGASXSTSLVVWLA

Still have frequency characteristics to attack

08/26/2010 29

One-Time Pad If use a truly random key as long as

plaintext, cipher will be secure Unbreakable

ciphertext bears no statistical relationship to the plaintext

for any plaintext and any ciphertext there exists a key mapping one to other

Can only use the key once Problems

overhead of making large number of random keys

safe distribution of key

08/26/2010 30

Transposition Ciphers

Hide message by rearranging order of letters

Without altering the actual letters used

Can recognize these since they have the same frequency distribution as the original text

08/26/2010 31

Rail Fence Cipher Write message letters out

diagonally over a number of rows Then read off cipher row by row For example, write message out as

m e m a t r h t g p r y e t e f e t e o a a t

and get ciphertext asMEMATRHTGPRYETEFETEOAAT

08/26/2010 32

Row Transposition Ciphers A more complex scheme Write letters of message out in rows

over a specified number of columns Then reorder the columns according

to some key before reading off the rowsKey: 3 4 2 1 5 6 7Plaintext: a t t a c k p o s t p o n e d u n t i l t w o a m x y zCiphertext: TTNAAPTMTSUOAODWCOIXKNLYPETZ

08/26/2010 33

Product Ciphers Ciphers using substitutions or transpositions are

not secure because of language characteristics Hence consider using several ciphers in

succession to make it harder to break two substitutions make a more complex

substitution, but still a substitution two transpositions make a more complex

transposition, but still a transposition but a substitution followed by a transposition

makes a new much harder cipher Significance: bridge from classical to modern

ciphers

08/26/2010 34

Rotor Machines Before modern ciphers, rotor machines were

most common product cipher Were widely used in WW2

German Enigma, Allied Hagelin, Japanese Purple Implement a very complex, varying

substitution cipher Use a series of cylinders, each giving one

substitution, which rotate and change after each letter was encrypted

With 3 cylinders, have 263=17576 alphabets

08/26/2010 35

History of Enigma

Marian Rejewski, the Polish Mathematician who solved the Enigma Cipher Machine

08/26/2010 36

An Example of Rotor Machine

08/26/2010 37

Steganography An alternative to encryption Hide existence of message

using only a subset of letters/words in a longer message marked in some way

using invisible ink hiding in LSB in graphic image or sound file

Has drawbacks high overhead to hide relatively few info

bits

08/26/2010 38

Next Class

Block ciphers Modern symmetric encryption

standard Read Ch. 3