8/11/2019 Topic 3 Cryptography
1/89
TOPIC 3:CRYPTOGRAPHY
8/11/2019 Topic 3 Cryptography
2/89
Outline
History Terms & Defnitions
Overview o Cryptor!p"y #ymmetri$ %ey Cryptor!p"y Puli$ %ey Cryptor!p"y
'ess!e interity !n( (iit!lsin!tures
8/11/2019 Topic 3 Cryptography
3/89
Intro(u$tion
3
Hidden writing Increasingly used to protect
informationCan ensure condentiality
Integrity and Authenticity too
8/11/2019 Topic 3 Cryptography
4/89
Introduction
Cryptography Greek for hidden and writing isa means of transforming data in a way thatrenders it unreadale y anyone e!cept the
intended recipient" #hat was originally used almost e!clusi$ely y
go$ernments for espionage has ecome apowerful tool for personal pri$acy today"
%$ery modern computer system uses moderncryptographic methods to secure passwordsstored and pro$ides the trusted ackone fore&commerce
8/11/2019 Topic 3 Cryptography
5/89
Introduction
Cryptography ts into the CIA triad &used to ensure condentiality andintegrity of a message" 'ome forms alsopro$ide for sender authenticity and proof
of deli$ery" (ut cryptography doesn)taddress a$ailaility as some other formsof security do"
Although forgetting a password for your
user account can certainly lead to adenial of ser$ice attack" Cryptography is used in many access
control systems
8/11/2019 Topic 3 Cryptography
6/89
6
IntroductionAttacks
*pponent whose goal is to reakcryptosystem is the adversary 'tandard cryptographic practice+ Assume
ad$ersary knows algorithm used, ut not the
key -hree types of attacks+
ciphertext only+ ad$ersary has only cipherte!t.goal is to nd plainte!t, possily key
known plaintext+ ad$ersary has cipherte!t,
corresponding plainte!t. goal is to nd key chosen plaintext+ ad$ersary may supply
plainte!ts and otain correspondingcipherte!t. goal is to nd key
8/11/2019 Topic 3 Cryptography
7/89
7
Introduction (asis for
Attacks '!t"em!ti$!l !tt!$)s (ased on analysis of underlying
mathematics
#t!tisti$!l !tt!$)s /ake assumptions aout the distriutionof letters, pairs of letters 0diagrams1,triplets of letters 0trigrams1, etc. Called models of the language %"g" Caesar Cipher, letter %
%!amine cipherte!t, correlate propertieswith the assumptions"
8/11/2019 Topic 3 Cryptography
8/89
History
!* '!nu!l +r! 2ates ack to at least 3444 ("C" 5en and 5aper Cryptography %!amples
'cytale Atash
Caesar 6igen7re
8/11/2019 Topic 3 Cryptography
9/89
History
* 'e$"!ni$!l +r!
In$ention of cipher machines %!amples
Confederate Army)s Cipher 2isk 8apanese 9ed and 5urple /achines
German %nigma
8/11/2019 Topic 3 Cryptography
10/89
'o(ern +r!
Computers:
%!amples+ ;ucifer. 9i
8/11/2019 Topic 3 Cryptography
11/89
Cryptosystem #ervi$es
Condentiality *nly authori=ed entities areallowed to $iew
Integrity %nsures the message was not altered
y unauthori=ed indi$iduals Authenticity 6alidates the source of a message,
to ensure the sender is properly identied
>onrepudiation %stalishes sender identity so
that the entity cannot deny ha$ing sent themessage
Access Control Access to an o
8/11/2019 Topic 3 Cryptography
12/89
#ome ,!si$ Terminoloy
pl!inte-t& original message
$ip"erte-t& coded message
$ip"er& algorithm for transforming plainte!t to cipherte!t
)ey& info used in cipher known only to sender@recei$er en$ip"er .en$rypt*& con$erting plainte!t to cipherte!t
(e$ip"er .(e$rypt*& reco$ering plainte!t from cipherte!t
$ryptor!p"y& study of encryption principles@methods
$rypt!n!lysis .$o(ere!)in*& study of principles@methods of deciphering cipherte!t withoutknowing key
$ryptoloy& eld of oth cryptography and cryptanalysis
8/11/2019 Topic 3 Cryptography
13/89
Cryptography
CSE2500 System Security and Privacy
13
plaintext (data file or messages)
encryption
ciphertext (stored or transmitted safely)
decryption
plaintext (original data or messages)
8/11/2019 Topic 3 Cryptography
14/89
Cryptosystem$omponents5lainte!t 0p1 original messageCipherte!t 0c1 encrypted
messageey 0k1 pri$ate information%ncryption algorithm c B %0p,k1
2ecryption algorithm p B 20c,k1
8/11/2019 Topic 3 Cryptography
15/89
Cryptor!p"i$
#ystems
8/11/2019 Topic 3 Cryptography
16/89
Cryptography
can characteri=e cryptographic system y+ type of encryption operations used
'ustitution & 9eplacing one letter with another-ransposition & 9earranging or reordering the letters product
numer of keys used single&key or pri$ate & symmetric two&key or pulic asymmetric Hash functions+ no key
way in which plainte!t is processed (lock& processes the input one lock of elements at a
time, producing an output lock for each input lock 'tream& processes the input elements continuously,
producing output one element at a time
8/11/2019 Topic 3 Cryptography
17/89
'teganography
Hiding a message within another medium, such asan image
>o key is re?uired 0old steganography1
%!ample /odify color map of 85%G image
In$isile ink, hidden tattoos, and microdots are alle!amples of steganography"
(y taking a color digital image and slightly alteringthe color of each pi!el, you can hide a message inthe image without noticealy altering theappearance" -he recei$er can then e!tract themessage if they ha$e the original, unaltered image"
8/11/2019 Topic 3 Cryptography
18/89
%er$)"o/s0s Prin$iple
%er$)"o/s0s Prin$iple: -he cipher method must not e re?uired to e
secret, and it must e ale to fall into the hands ofthe enemy without incon$enience
#"!nnon0s m!-im+ -he enemy knows the system" *pen design. 'ecurity y oscurity doesn)t
work
'hould assume that the ad$ersary knows thealgorithm. the only secret the ad$ersary isassumed to not know is the key 9e$erse engineering, careful re$iew of algorithm,
etc"
8/11/2019 Topic 3 Cryptography
19/89
Conusion !n( Di/usion
In cryptography, $onusionand (i/usionare two properties of the operation of asecure cipherwhich were identied y
Claude 'hannon confusionrefers to making the
relationship etween the cipherte!tandthe symmetric keyas comple! and
in$ol$ed as possile. diusionrefers todissipating the statistical structure ofplainte!to$er ulk of cipherte!t"
http://en.wikipedia.org/wiki/Cryptographyhttp://en.wikipedia.org/wiki/Cipherhttp://en.wikipedia.org/wiki/Claude_Elwood_Shannonhttp://en.wikipedia.org/wiki/Ciphertexthttp://en.wikipedia.org/wiki/Symmetric_keyhttp://en.wikipedia.org/wiki/Plaintexthttp://en.wikipedia.org/wiki/Ciphertexthttp://en.wikipedia.org/wiki/Ciphertexthttp://en.wikipedia.org/wiki/Plaintexthttp://en.wikipedia.org/wiki/Symmetric_keyhttp://en.wikipedia.org/wiki/Ciphertexthttp://en.wikipedia.org/wiki/Claude_Elwood_Shannonhttp://en.wikipedia.org/wiki/Cipherhttp://en.wikipedia.org/wiki/Cryptography8/11/2019 Topic 3 Cryptography
20/89
Conusion !n(Di/usion1 Aim o $onusion is to m!)e it very "!r( to
fn( t"e )ey even i one "!s ! l!renumer o pl!inte-t2$ip"erte-t p!irspro(u$e( wit" t"e s!me )ey" -herefore,each it of the cipherte!t should depend on theentire key, and in diDerent ways on diDerentits of the key" In particular, changing one it ofthe key should change the cipherte!tcompletely"
simplest way to achie$e oth diDusion and confusion
is to use a sustitution&permutation network" In thesesystems, the plainte!t and the key often ha$e a $erysimilar role in producing the output, hence the samemechanism ensures oth diDusion and confusion"
http://en.wikipedia.org/wiki/Substitution-permutation_networkhttp://en.wikipedia.org/wiki/Substitution-permutation_network8/11/2019 Topic 3 Cryptography
21/89
Defnin #e$ure+n$ryption
Ad$ersary should not e ale to
E" 9eco$er the key
3" Find the plainte!t corresponding to a
cipherte!t" Cannot determine any character of the
plainte!t
" Can deri$e any meaningful information
aout the plainte!t
" Can compute any function of the plainte!t
8/11/2019 Topic 3 Cryptography
22/89
22
8/11/2019 Topic 3 Cryptography
23/89
23
8/11/2019 Topic 3 Cryptography
24/89
Cryptor!p"i$ 'et"o(s
Cryptographic Algorithms generally fall into oneof two diDerent categories, or are a cominationof oth"
Symmetric 'ame key for encryption and decryption ey distriution prolem
Asymmetric
/athematically related key pairs for encryptionand decryption
5ulic and pri$ate keys
8/11/2019 Topic 3 Cryptography
25/89
E" 'ymmetric %ncryption
Con$entional @ pri$ate&key @ single&key sender and recipient share a common
key
all classical encryption algorithms arepri$ate&key was only type prior to in$ention of pulic&
key in EJK4)s and y far most widely used 0still1 is signicantly faster than pulic&key
crypto
8/11/2019 Topic 3 Cryptography
26/89
E" 'ymmetric Cipher /odel
8/11/2019 Topic 3 Cryptography
27/89
CSE2500 System Security and Privacy
27
ED
Message(cleartext, plaintext)
Encrypted message(ciphertext)
Encrypted message(ciphertext)
Encryption Decryption
key
Alice
Bob
Private key cipherPrivate key cipher
Message(cleartext,plaintext)
8/11/2019 Topic 3 Cryptography
28/89
E" 'ymmetric Algorithm
'ecret algorithm+ additional hurdle
Hard to keep secret if used widely+ 9e$erse engineering, social engineering
Commercial+ pulished #ide re$iew, trust
/ilitary+ a$oid gi$ing enemy good ideas
8/11/2019 Topic 3 Cryptography
29/89
E" 'ymmetric
L Fast
L *nly pro$ide condentiality
L >eed secure channel for key distriution
L
ey management headaches from large numerof key pairs to maintain >0>&E1@3
L -hat)s o$er M" million key pairs to let all M5urdue A@5 staD memers e!change encrypted
messagesL -o do the same for all students would re?uire o$er
half a illion key pairs:
L %!amples+ 2%', A%', (lowsh, 9C, 9C
8/11/2019 Topic 3 Cryptography
30/89
%!amples of 'ymmetric Algorithm
2%' /odes+ %C(, C(C, CF(, *F(, C/
2%' A%' I2%A (lowsh
8/11/2019 Topic 3 Cryptography
31/89
%!amples of 'ymmetric Algorithm
9C
9C
CA'-
'AF%9 -wosh
8/11/2019 Topic 3 Cryptography
32/89
5ri$ate ey %ncryption
5ri$ate ey %ncryption can e used+ -ransmitting data o$er an insecure channel 'ecure stored data 0encrypt N store1
5ro$ide integrity check+ 0ey O /es"1 &P /AC 0message authentication
code1
8/11/2019 Topic 3 Cryptography
33/89
Reuirements o #ymmetri$+n$ryption
-wo re?uirements for secure use ofsymmetric encryption+ a strong encryption algorithm a secret key known only to sender @ recei$er
/athematically ha$e+Y B %0,X1X B 20, Y1
Assume encryption algorithm is known erckhoD)s 5rinciple+ security in secrecy of key
alone, not in oscurity of the encryptionalgorithm Implies a secure channel to distriute key
Central prolem in symmetric cryptography
8/11/2019 Topic 3 Cryptography
34/89
Desin o Priv!te %ey Cip"ers
A Cryptographic algorithm should e e4$ientforgood use It should e fast and key length should e of the right
length e"g". not too short Cryptographic algorithms are not impossile to
reak without a key If we try all the cominations, we can get the original
message -he security of a cryptographic algorithm depends
on how much work it takes for someone to reak it
%"g If it takes E4 mil" years to reak a cryptographicalgorithm Q using all the computers of a state, Q can ethought of as a secure one reason+ cluster computersand ?uantum computers are powerful enough to crackmany current cryptographic algorithms"
8/11/2019 Topic 3 Cryptography
35/89
3" Asymmetri$5Puli$ %ey +n$ryption
Asymmetric %ncryption
L ;arge mathematical operations make it slowerthan symmetric algorithms
L
>o need for out of and key distriution 0pulickeys are pulic:1
L 'cales etter since only a single key pair neededper indi$idual
L
Can pro$ide authentication and nonrepudiationL %!amples+ 9'A, %l Gamal, %CC, 2iRe&Hellman
8/11/2019 Topic 3 Cryptography
36/89
Comple!ity Classes
Answer in polynomial spacemay need e!hausti$e search
If yes, can guess and check inpolynomial time
Answer in polynomial time,with high proaility
Answer in polynomial timecompute answer directly
P
BPP
NP
PSpace
easy
hard
8/11/2019 Topic 3 Cryptography
37/89
Puli$ )ey lueprint
-he keys used to encrypt and decrypt are diDerent"
Anyone who wants to e a recei$er needs topulish an encryption key, which is known as thepulic key"
Anyone who wants to e a recei$er needs a uni?uedecryption key, which is known as the pri$ate key"
It should not e possile to deduce the plainte!t fromknowledge of the cipherte!t and the pulic key"
'ome guarantee needs to e oDered of theauthenticity of a pulic key"
8/11/2019 Topic 3 Cryptography
38/89
+-!mples o Asymmetri$Alorit"ms
Diffie-Hellman-Provides means for secure key
ec!an"e over insecure c!annel
RSA-Stands for inventors names# $ivest# S!amir# and
Adleman% $elies on difficulty of findin" prime
factori&ation of lar"e numbers
' El amal - Based on (iffie-)ellman met!od of
computin" discrete lo"arit!ms% Can also be used for
messa"e confidentiality and di"ital si"nature services
Elliptic !"rve !rypt#$raphy-$elies on computin"
discrete lo"arit!ms over elliptic curve "roup% (ue to
difficulty of problem# key si&es can be muc! smaller t!an
$SA and still retain stren"t!
8/11/2019 Topic 3 Cryptography
39/89
Desin o ! puli$ )ey !lorit"m
In a pulic key system, if e$eryoneknows e$erything necessary+ theencryption algorithm !n(the
encryption key to determine thecipherte!t then how is it possilethat they cannot then work out what
the plainte!t 0decryption key1 is fromthis informationS
8/11/2019 Topic 3 Cryptography
40/89
#ymmetri$ vs Asymmetri$+n$ryption
symmetric)ey$rypto
re?uires
sender, recei$erknow sharedsecret key
Fast encryption 5ro$ides low
security
%&
publickey crypto"rap!y
sender# receiver do not
s!are secret key
public encryption keykno*n toall
privatedecryption key
kno*n only to receiver
Slo*er encyption Provides !i"!er
security
8/11/2019 Topic 3 Cryptography
41/89
Puli$ )ey $ryptor!p"y
%1
plaintet
messa"e# m
cip!ertetencryption
al"orit!mdecryption
al"orit!m
Bob+s public
key
plaintet
messa"e, m.
B
/
,B
/
Bob+s private
key,
B
-
m , , m..B
/
B
-
8/11/2019 Topic 3 Cryptography
42/89
Puli$ )ey en$ryption!lorit"ms
%2
need and such thatB B
. .
"iven public key , # it s!ould be impossible to
compute private key ,
B
B
$e1uirements
1
2
$SA$ivest# S!amir# Adelson al"orit!m
/ -
, , m.. mBB
- /
/
-
8/11/2019 Topic 3 Cryptography
43/89
36 Hyri( +n$ryption
Comines strengths of oth methods comines the scalaility and key management
features of the asymmetric algorithms with thespeed of symmetric ones"
Asymmetric distriutes symmetric keyAlso known as a session key
'ymmetric pro$ides ulk encryption
'ecure 'ockets ;ayer 0'';1 protocol negotiateswhich asymmetric and symmetric algorithms touse in a hyrid system to protect -C5connections, such as an H--5 connection
etween a we rowser and we ser$er
8/11/2019 Topic 3 Cryptography
44/89
Comining 5ulic@5ri$ateey 'ystemsPublic key encryption is more expensive than symmetric key encryptionFor efficiency, combine the two approaches
(2) Use symmetric key for encrypting subsequent ata transmissions
3.
2.A B
(!) Use public key encryption for authentication" once
authenticate, transfer a share secret symmetric key
8/11/2019 Topic 3 Cryptography
45/89
7* H!s"in Alorit"ms
'D8 /2& is ased on /2& and was created to address
$ulnerailities found in /2&" /2 generates E3T&it hash $alues o$er E3&it locks in rounds of EMsteps each"
Computes E3T&it hash $alue #idely used for le integrity checking
#HA29
'HA&E also operates on E3&it locks, ut producesa EM4&it hash $alue in rounds of 34 steps each
Computes EM4&it hash $alue >I'- appro$ed message digest algorithm
8/11/2019 Topic 3 Cryptography
46/89
Crypt!n!lysis
-he study of methods to reak cryptosystems
*ften targeted at otaining a key
*
8/11/2019 Topic 3 Cryptography
47/89
Cryptanalysis
erckhoD)s 5rinciple -he only secrecy in$ol$ed with a
cryptosystem should e the key
Cryptosystem 'trength How hard is it to determine the secret
associated with the systemS
8/11/2019 Topic 3 Cryptography
48/89
Types o $rypt!n!lysis
2epending on what a cryptanalyst has towork with, attacks can e classied into cipherte!t only attack
known plainte!t attack chosen plainte!t attack chosen cipherte!t attack 0most se$ere1
8/11/2019 Topic 3 Cryptography
49/89
!* Crypt!n!lyti$ Att!$)s
$ip"erte-t only only know algorithm N cipherte!t, is
statistical, can identify plainte!t & the onlydata a$ailale is a target cipherte!t
)nown pl!inte-t know@suspect plainte!t N cipherte!t&a target
cipherte!t. pairs of other cipherte!t andplainte!t 0say, pre$iously roken or guessing1
$"osen pl!inte-t select plainte!t and otain cipherte!t. can
feed encryption algorithm with plainte!ts and
otain the matching cipherte!ts
8/11/2019 Topic 3 Cryptography
50/89
a1 Cryptanalytic Attacks
$"osen $ip"erte-t select cipherte!t and otain
plainte!t
can feed decryption algorithm withcipherte!ts and otain thematching plainte!ts
$"osen te-t select plainte!t or cipherte!t toen@decrypt
8/11/2019 Topic 3 Cryptography
51/89
4all# 2005CPSC66 7nformation Security 8ana"ement
Chosen&5lainte!t Attack
Crook UE changeshis 5I> to a numerof his choice
cipher0key,5I>1
5I> is encrypted andtransmitted to ank
Crook U3 ea$esdropson the wire and learnscipherte!t correspondingto chosen plainte!t 5I>
repeat for any 5I> $alue
8/11/2019 Topic 3 Cryptography
52/89
a1 Cryptanalytic Attacks
9!e most difficult problem to be break is presented
*!en all t!at is available is t!e cip!ertet only%
7n some cases# not even t!e encryption al"orit!m
is kno*n# but o*n-plaintin "eneral *e can assumet!at t!e opponent does kno* t!e al"orit!m used
for encryption%
9!en *it! increasin" information !ave t!e ot!er
attacks% :enerally# an encryption al"orit!m is desi"ned to
*it!stand cryptanalytic attack%
8/11/2019 Topic 3 Cryptography
53/89
Cip"er #trent"
n$on(ition!l se$urity& if t!e cip!ertet"enerated by t!e sc!eme does not contain enou"!
information to determine uni1uely t!e correspondin"
plaintet# no matter !o* muc! cip!ertet is available -
#ne-time pad% !#mp"tati#nally sec"re- if eit!er t!e cost of breakin"
t!e cip!er eceeds t!e value of t!e encrypted
information# or t!e time re1uired to break t!e cip!er
eceeds t!e useful lifetime of t!e information% 4or all reasonable encryption al"orit!ms# *e !ave to
assume computational security *!ere it eit!er takes too
lon"# or is too epensive# to bot!er breakin" t!e cip!er%
8/11/2019 Topic 3 Cryptography
54/89
* ,rute ;or$e #e!r$"
In$ol$es trying e$ery possile key until an intelligile translation ofthe cipherte!t into plainte!t is otained
*n a$erage, half of all possile keys must e tried to achie$esuccess
-ime re?uired to conduct a rute&force attack, for $arious commonkey si=es 02%' is M, A%' is E3T, -riple&2%' is EMT
Key Size (bits) Number of Alternative Keys Time required at 1 decryption/ s Time required at 106
decryptions/s
32 232 = 4.3 109 231s = 35.8 minutes 2.15 milliseconds
56 256 = 7.2 1016 255s = 1142 years 10.01 hours
128 2128 = 3.4 1038 2127s = 5.4 1024years 5.4 1018years
168 2168 = 3.7 1050 2167s = 5.9 1036years 5.9 1030years
26 characters
(permutation)26! = 4 1026 2 1026s = 6.4 1012years 6.4 106years
8/11/2019 Topic 3 Cryptography
55/89
Cl!ssi$!l #ymmetri$Cip"er
#ustitution Cip"er Tr!nsposition Cip"er
8/11/2019 Topic 3 Cryptography
56/89
9 #ustitution Cip"ers
;etters of plainte!t are replaced y otherletters or y numers or symols
5lainte!t is $iewed as a se?uence of its,
then sustitution in$ol$es replacingplainte!t it patterns with cipherte!t itpatterns
8/11/2019 Topic 3 Cryptography
57/89
a1 Caesar Cipher
%arliest known sustitution cipher y 8uliusCaesar
First attested use in military aDairs 9eplaces each letter y rd letter@yte with
another %!ample+meet me after the toga party
PHHW PH DIWHU WKH WRJD SDUWB 'till call any cipher using a simple letter shift
a caesar cipher, not
8/11/2019 Topic 3 Cryptography
58/89
Caesar Cipher
can dene transformation as+a b c d e f g h i j k l m n o p q r s t u v w x y z =
IN
D E F G H I J K L M N O P Q R S T U V W X Y Z A B C =
OUT
mathematically gi$e each letter anumera b c d e f g h i j k l m n o p q r s t u v w x y z
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25
C t l i f C
8/11/2019 Topic 3 Cryptography
59/89
Cryptanalysis of CaesarCipher *nly ha$e 3 possile ciphers
A maps to (,""V 0mapping A to A etc doesnWtreally oscure the message1
Gi$en cipherte!t,
8/11/2019 Topic 3 Cryptography
60/89
* 'ono!lp"!eti$ Cip"er
9ather than
8/11/2019 Topic 3 Cryptography
61/89
'ono!lp"!eti$ Cip"er #e$urity
>ow ha$e a total of 3M: keys Is that secureS 5rolem is language characteristics Human languages are re(un(!nt ;etters are not e?ually commonly
used
8/11/2019 Topic 3 Cryptography
62/89
#e donWt actually need all the letters in orderto understand written %nglish te!t
Human languages arere(un(!nt
e"g", th lrd s m shphrd shll nt wnt ;etters are not e?ually commonly used In %nglish %is y far the most common letter
followed y -,9,>,I,*,A,' *ther letters like V,8,,Y,Q are fairly rare Ha$e tales of single, doule N triple letter
fre?uencies for $arious languages
+nlis"
8/11/2019 Topic 3 Cryptography
63/89
+nlis"
8/11/2019 Topic 3 Cryptography
64/89
+nlis"
8/11/2019 Topic 3 Cryptography
65/89
pp
;!at kind of cip!er is t!is
8/11/2019 Topic 3 Cryptography
66/89
pp
X i C t l i
8/11/2019 Topic 3 Cryptography
67/89
Xse in Cryptanalysis
ey concept & monoalphaetic sustitutionciphers do not change relati$e letterfre?uencies
2isco$ered y Araian scientists in Jthcentury-hese ciphers are easy to reak ecause they
re[ect the fre?uency data of the originalalphaet"
Calculate letter fre?uencies for cipherte!t Compare counts@plots against known $alues If caesar cipher look for common peaks@troughs
peaks at+ A&%&I triple, >&* pair, 9&'&- triple troughs at+ 8&, X&6&Q&\&V
Amount of cipherte!t is important statistics:
8/11/2019 Topic 3 Cryptography
68/89
%!ample Cryptanalysis
gi$en cipherte!t+
UZQSOVUOHXMOPVGPOZPEVSGZWSZOPPESXUDBME!SX"IZ
VUEPHZHMDZSHZOWSP"PPD!SVPQUZW#MXUZUHSX
EP#EPOPDZSZUPOMBZWPUPZHMDJUD!MOHMQ
guess 5 N V are e and t guess V# is th and hence V#5 is the proceeding with trial and error nally get+
$t %a& '$&()o&e' ye&ter'ay that &e*era)
$+forma) ,-t'$re(t (o+ta(t& ha*e ,ee+ ma'e %$th po)$t$(a)
repre&e+tat$*e& of the *$et (o+g $+ mo&(o%
* Pl i Ci "
8/11/2019 Topic 3 Cryptography
69/89
$* Pl!y!ir Cip"er
>ot e$en the large numer of keys in amonoalphaetic cipher pro$ides security
*ne approach to impro$ing security was toencrypt multiple letters & thePl!y!ir Cip"er
is an e!ample In$ented y Charles #heatstone in ET, ut
named after his friend (aron 5layfair 9educes the spikyness of natural language
te!t, since if
8/11/2019 Topic 3 Cryptography
70/89
5layfair ey /atri!
a Q matri! of letters ased on akeyword
ll in letters of keyword 0sans duplicates1 ll rest of matri! with other letters eg" using the keyword /*>A9CH\88 == NN AA $$
CC )) >> BB ((
EE 44 :: 7?@7?@ ,,
PP SS 99
DD ;; FF
5l f i / t i
8/11/2019 Topic 3 Cryptography
71/89
5layfair ey /atri!
9!e best-kno*n multiple-letter encryption
cip!eris t!e Playfair# *!ic! treats di"rams in
t!e plaintet as sin"le units and translates
t!ese units into cip!ertet di"rams 9!e rules for fillin" in t!is 55 matri are to
$# top to bottom# first *it! key*ord after
duplicate letters !ave been removed# and t!en
*it! t!e remain letters# *it! 7?@ used as a
sin"le letter
' it f 5l f i Ci h
8/11/2019 Topic 3 Cryptography
72/89
'ecurity of 5layfair Cipher
security much impro$ed o$er monoalphaetic since ha$e 3M ! 3M B MKM digrams would need a MKM entry fre?uency tale to
analyse 0$ersus 3M for a monoalphaetic1 and correspondingly more cipherte!t was widely used for many years
eg" y X' N (ritish military in ##E it $!ne roken, gi$en a few hundred letters since still has much of plainte!t structure
% ti d 2 ti
8/11/2019 Topic 3 Cryptography
73/89
%ncrypting and 2ecrypting
plainte!t is encrypted two letters at a timeE" if a pair is a repeated letter, insert ller like
WQ)3" if oth letters fall in the same row, replace
each with letter to right 0wrapping ack tostart from end1" if oth letters fall in the same column,
replace each with the letter elow it0wrapping to top from ottom1
" otherwise each letter is replaced y the letterin the same row and in the column of theother letter of the pair
8/11/2019 Topic 3 Cryptography
74/89
5layfair %!ample
/essage B /o$e forward 5lainte!t B mo $e fo rw ar d! Here ! is XF 5H >V 9/ (V88 == NN AA $$
CC )) >> BB ((EE 44 :: 7?@7?@ ,,
PP SS 99
DD ;; FF
mo -G =NHmo -G =NH ve -G 4Hve -G 4H fo -G P)# etc%fo -G P)# etc%
(* O Ti P ( .OTP*
8/11/2019 Topic 3 Cryptography
75/89
(* One2Time P!( .OTP*
Xses a random key that was truly as long asthe message, with no repetitions, which thustotally oscures the original message
If a truly random key as long as the messageis used, is unreakale since cipherte!t earsno statistical relationship to the plainte!t
It produces random output that ears no
statistical relationship to the plainte!t Cipherte!t contains no information whatsoe$er
aout the plainte!t
(* One Time P!( .OTP*
8/11/2019 Topic 3 Cryptography
76/89
(* One2Time P!( .OTP*1
'ince for !ny pl!inte-tN !ny$ip"erte-tthere e!ists a key mappingone to other
Can only use the key once Challenges&prolem of making large
?uantities of random keys. prolem of safekey distriution and protection"
useful primarily for lo*-band*idt! c!annels re1uirin"
very !i"! security% 9!e one-time pad is t!e only
cryptosystem t!at e!ibits *!at is referred to as
perfect secrecy.
'imple Idea+ *ne&-ime 5ad
8/11/2019 Topic 3 Cryptography
77/89
4all# 2005CPSC66 7nformation Security 8ana"ement
'imple Idea+ *ne -ime 5ad
B E4EEEE4E
&&&&&
&&&&&&&&&&
B 44EE44E4
E444EEEE44EE44E4
E4EEEE4E
ey is a ne$er&repeating itse?uence as long as plainte!t
%ncrypt y itwise Q*9 ofplainte!t and key+cipherte!t Bplainte!t key
2ecrypt y itwise Q*9 of
cipherte!t and key+cipherte!t key B0plainte!t key1 key Bplainte!t 0key key1 Bplainte!t
Cipher achie$esperfect secrecyif and only ifthere are as many possile keys as possile plainte!ts,e$ery key is e?ually likely 0Claude 'hannon)s result1
Ad t f *
8/11/2019 Topic 3 Cryptography
78/89
4all# 2005CPSC66 7nformation Security 8ana"ement
Ad$antages of *ne&
-ime 5ad
%asy to compute
%ncryption and decryption are the same operation (itwise Q*9 is $ery cheap to compute
As secure as possile Gi$en a cipherte!t, all plainte!ts are e?ually likely,
regardless of attacker)s computational resources as long as the key se?uence is truly random
-rue randomness is e!pensi$e to otain in large?uantities
as long as each key is same length asplainte!t (ut how does the sender communicate the key to
recei$erS
5rolems with *ne
8/11/2019 Topic 3 Cryptography
79/89
4all# 2005CPSC66 7nformation Security 8ana"ement
5rolems with *ne&-ime 5ad ey must e as long as plainte!t
Impractical in most realistic scenarios 'till used for diplomatic and intelligence
traRc
2oes not guarantee integrity *ne&time pad only guarantees condentiality Attacker cannot reco$er plainte!t, ut can
easily change it to something else
Insecure if keys are reused Attacker can otain Q*9 of plainte!ts
=*
8/11/2019 Topic 3 Cryptography
80/89
=*Tr!nsposition5Permut!tion
Cip"ers )ides t!e messa"e by rearran"in" t!e letterorder *it!out alterin" t!e actual letters used
4orms t!e second basic buildin" block of
cip!ers 9!e core idea is to rearran"e t!e order of
basic units letters?bytes?bits. *it!out
alterin" t!eir actual values%
9ow -ransposition Ciphers
8/11/2019 Topic 3 Cryptography
81/89
4all# 2005CPSC66 7nformation Security 8ana"ement
9ow -ransposition Ciphers
a more comple! scheme write letters of message out in rows o$er
a specied numer of columns then reorder the columns according to
some key efore reading oD the rowsey: 7 8 9 ; < =
Plaintext: a t t a c k p
o s t p o n e
d u n t i l t
w o a m x y z
Ciphertext: ,,6//P,-,)01/1D'C1$*62.P(,5
!* R!il ;en$e $ip"er
8/11/2019 Topic 3 Cryptography
82/89
!* R!il ;en$e $ip"er
5lainte!t is written down as a se?uence ofdiagonals and then read oD as a se?uenceof rows"
#rite message letters out diagonally o$er
a numer of rows then read oD cipher rowy row
eg" write message out as+m e m a t r h t g p r y
e t e f e t e o a a t
gi$ing cipherte!tMEM"!RH!GPR#E!EE!EO""!
* R i "
8/11/2019 Topic 3 Cryptography
83/89
* Route $ip"er
In a route cipher, the plainte!t is rstwritten out in a grid of gi$endimensions, then read oD in a pattern
gi$en in the key
$* Column!r tr!nsposition
8/11/2019 Topic 3 Cryptography
84/89
$* Column!r tr!nsposition
-he message is written out in rows of a !ed length,and then read out again column y column, and thecolumns are chosen in some scramled order"
(oth the width of the rows and the permutation of thecolumns are usually dened y a keyword
For e!ample, the word V%(9A' is of length M 0so therows are of length M1, and the permutation is denedy the alphaetical order of the letters in the keyword"In this case, the order would e M 3 E "
-he keyword V%(9A' and the message #% A9%2I'C*6%9%2" F;%% A- *>C%"
5ro$iding $e nulls 0Y8%X1 at the end"
8/11/2019 Topic 3 Cryptography
85/89
Pro(u$t Cip"ers
5roduct Ciphers
8/11/2019 Topic 3 Cryptography
86/89
5roduct Ciphers
Ciphers using sustitutions or transpositions arenot secure ecause of language characteristics
Hence consider using se$eral ciphers in
succession to make harder, ut+ -wo sustitutions make a more comple!sustitution
-wo transpositions make more comple!
transposition (ut a sustitution followed y a transposition
makes a new much harder cipher
-his is ridge from classical to modern ciphers
;imitations of cryptography
8/11/2019 Topic 3 Cryptography
87/89
;imitations of cryptography
'ost se$urity prolems !re not $rypto prolems -his is good
Cryptography works: -his is ad
5eople make other mistakes. crypto doesn)t sol$ethem
/isuse of cryptography is fatal for security
#%5 ineDecti$e, highly emarrassing for industry *ccasional une!pected attacks on systems
su
8/11/2019 Topic 3 Cryptography
88/89
8/11/2019 Topic 3 Cryptography
89/89
,
Top Related