5/22/10

Cryptography

“art or science concerning the principles, means and methods for rendering

plain information unintelligible and for restoring encrypted information to

intelligible form.” -- National Information System Security Glossary (NSTISSC)

plaintext
plaintext

ciphertext

MESSAGE
ZXYCTHI! MESSAGE

encode/encipher
decode/decipher

encryption algorithm
decryption algorithm

plaintext
-- a readable form for a message (e.g. Chinese text)

ciphertext
-- a scrambled version of some plaintext message intended to

protect the message’s confidentiality and/or integrity

encode
-- translate from plaintext to ciphertext

decode
-- translate from ciphertext back to plaintext

encipher
-- synonym for encode (technically, encodes a single symbol/character)

decipher
-- synonym for decode (technically, decodes a single symbol)

encryption
-- the act of encoding

decryption
-- the act of decoding

cryptosystem
-- a collection of algorithms for encryption and decryption

cipher
-- a particular cryptosystem

cryptography
-- the study of cryptosystems (the science of secret writing)

1

 5/22/10

plaintext
plaintext

ciphertext

MESSAGE
ZXYCTHI! MESSAGE

encode/encipher
decode/decipher

Function
Inverse Function

E( plaintext ) = ciphertext
E-1( ciphertext ) = plaintext

D( ciphertext ) = plaintext

Encryption Algorithm


Each letter (Lp) is replaced by the letter from the following function:

E(Lp) = (Lp + 3) mod 26

letters are numbered from zero (A≈0, B≈1, …Z≈25)

Example

HI MOM SEND DOLLARS!plaintext

KL PRP VHQG GROODUV!ciphertext

Decryption Algorithm


Each letter (Lc) is replaced by the letter from the following function:

D(Lc) = (Lc + 23) mod 26

2

 5/22/10

Simple Caesar Cipher

E(Lp) = (Lp + 3) mod 26

Generalized Caesar Cipher

ECaesar(Lp, k) = (Lp + k) mod 26

key

Key


“a sequence of random or pseudorandom bits used initially to set up and periodically


change the operations performed in crypto-equipment for the purpose of encrypting


or decrypting electronic signals...” -- National Information System Security Glossary (NSTISSC)

Symmetric Encryption

plaintext
ciphertext
plaintext

encryption algorithm
decryption algorithm

Asymmetric Encryption

plaintext
ciphertext
plaintext

encryption algorithm
decryption algorithm

3

 5/22/10

Is the Caesar Cipher (keyed version) symmetric or asymmetric?

rot13(Lp) = ECaesar(Lp, 13)

Note that rot13 = rot13-1 (i.e. rot13 decodes any message encoded with rot13)

In general, what is DCaesar(Ln, k) in terms of ECaesar(Ln, k) ?

Encode


ECaesar(Lp, k) = (Lp + k) mod 26

Decode


DCaesar(Lc, k) =
(Lc + (26-k)) mod 26

Symmetric encryption is also known as private key encryption,

because the key must be kept private from…

code breaker

Cryptanalysis


“operations performed in converting encrypted messages to


plain text without initial knowledge of the crypto-algorithm


and/or key employed in the encryption.”



-- National Information System Security Glossary (NSTISSC)

code breaker

Common Cryptanalysis Attacks

Attack Type

Cryptanalysis Knowledge

ciphertext only

• encryption algorithm (less the key)




• ciphertext to be deciphered

known plaintext

• encryption algorithm (less the key)




• ciphertext to be deciphered




• a segment of plaintext with corresponding ciphertext

chosen plaintext

• encryption algorithm (less the key)




• ciphertext to be deciphered




• a segment of plaintext selected by cryptanalyst




with corresponding ciphertext

How difficult is cryptanalysis on a keyed Caesar cipher?

4

 5/22/10

substitution

A substitution cipher forms ciphertext from replacing plaintext bit patterns

with other bit patterns.

A simple (mono-alphabetic) substitution always maps the same bit pattern consistently.

Example (Caesar cipher with key = 1)

E( ) A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

D( )
B C D E F G H I J K L M N O P Q R S T U V W X Y Z A!

Another Example

Use a word as key. Encode using word followed by remaining alphabet.

A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

T U R K E Y
Y!A B C D F G H I J L M N O P Q S V W X Z!

key
Cryptanalysis of this second example?

Non-sequential

There is nothing to suggest that alphabetic ordering be used at all. (Why not

use every third letter in the alphabet?)

A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

C F I L O R U X A D G J M P S V Y B E H K N Q T W Z!

There is a need to use a proper permutation. Why?

Non-alphabetic

Computers have no need to use alphabets - bit strings are easier.

5

 5/22/10

brute force (for mono-alphabetic substitution)

There are 26! simple substitution ciphers from the English alphabet.

alphabetic frequency cryptanalysis (Cryptography and Data Security, Denning, 1982.)

Suppose you know only that the cipher uses some tabular mono-alphabetic substitution.

Digrams and trigrams can be analyzed in similar fashion.

In 1949 Shannon proposed the following characteristics of a good cipher:

1) The amount of required secrecy should determine the amount of encrypting/decrypting work.

2) The choice of keys and the enciphering algorithm should be free from complexity.

3) The implementation of the process should be as simple as possible.

4) Errors in ciphering should not propagate, corrupting other message parts.

5) The size of the ciphertext should be no larger than its corresponding plaintext.

Today’s priorities:

1) The encryption/decryption algorithm must be proven to be mathematically sound.

2) The algorithm must have been analyzed by experts for its vulnerability.

3) The algorithm must have stood the “test of time”.

4) Time to encode/decode must still be acceptable.

6

 5/22/10

(basis for well-known polyalphabetic substitution ciphers)

Tableau
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z!
a! A B C D E F G H I J K L M N O P Q R S T U V W X Y Z!
b! B C D E F G H I J K L M N O P Q R S T U V W X Y Z A! plaintext

c! C D E F G H I J K L M N O P Q R S T U V W X Y Z A B! index

d! D E F G H I J K L M N O P Q R S T U V W X Y Z A B C!
e! E F G H I J K L M N O P Q R S T U V W X Y Z A B C D!
f! F G H I J K L M N O P Q R S T U V W X Y Z A B C D E!
g! G H I J K L M N O P Q R S T U V W X Y Z A B C D E F!
h! H I J K L M N O P Q R S T U V W X Y Z A B C D E F G!
i! I J K L M N O P Q R S T U V W X Y Z A B C D E F G H!
j! J K L M N O P Q R S T U V W X Y Z A B C D E F G H I!
k! K L M N O P Q R S T U V W X Y Z A B C D E F G H I J!
l! L M N O P Q R S T U V W X Y Z A B C D E F G H I J K!
m! M N O P Q R S T U V W X Y Z A B C D E F G H I J K L!
n! N O P Q R S T U V W X Y Z A B C D E F G H I J K L M!
key
o! O P Q R S T U V W X Y Z A B C D E F G H I J K L M N!
index
. . .!
z! Z A B C D E F G H I J K L M N O P Q R S T U V W X Y!

Use a string as key, repeatedly. The key letters serve as row indices for enciphering.

A B C D E F G H I J K L M N O P Q R S T U V W X Y Z!
Example

a! A B C D E F G H I J K L M N O P Q R S T U V W X Y Z!
b! B C D E F G H I J K L M N O P Q R S T U V W X Y Z A!
c! C D E F G H I J K L M N O P Q R S T U V W X Y Z A B!
d! D E F G H I J K L M N O P Q R S T U V W X Y Z A B C!
e! E F G H I J K L M N O P Q R S T U V W X Y Z A B C D!
f! F G H I J K L M N O P Q R S T U V W X Y Z A B C D E!
g! G H I J K L M N O P Q R S T U V W X Y Z A B C D E F!
h! H I J K L M N O P Q R S T U V W X Y Z A B C D E F G!
i! I J K L M N O P Q R S T U V W X Y Z A B C D E F G H!
j! J K L M N O P Q R S T U V W X Y Z A B C D E F G H I!
k! K L M N O P Q R S T U V W X Y Z A B C D E F G H I J!
l! L M N O P Q R S T U V W X Y Z A B C D E F G H I J K!
m! M N O P Q R S T U V W X Y Z A B C D E F G H I J K L!
n! N O P Q R S T U V W X Y Z A B C D E F G H I J K L M!
o! O P Q R S T U V W X Y Z A B C D E F G H I J K L M N!
. . .!
z! Z A B C D E F G H I J K L M N O P Q R S T U V W X Y!

mi lkm ilkm ilkmilk! key = milk

HI MOM SEND DOLLARS! plaintext

Cryptanalysis of such a cipher?

TQ XYY APXP LZVXICC! ciphertext

7

 5/22/10

The standard Vigenère cipher can be broken by analyzing the period of the repeating key.

One-Time Pad

• the invention of an Army Signal Corp officer, Joseph Mauborgne.

• provably unbreakable!

• algorithm: a Vigenère cipher using a random key of infinite length.

What’s the catch?

1) It is impossible to create keys of infinite length that are truly random.

2) Delivery of such sizable keys is often overwhelming.

It is possible to use a book cipher - a pad of key that are used then discarded.

Another alternative is to use a table (e.g. of sine values) or a book.

Vernam cipher

Created by Gilbert Vernam (Bell Labs)

Use paper tape (teletype) to deliver an arbitrarily-long non-repeating sequence of keys.

Encode/decode by numeric function rather than Vignère table.

Example 1: use XOR to encode and decode.

EVernam(‘R’,15)
= 01010010 ⊕ 0001111 = 01011101 = ‘[‘

Example 2: Encode with addition mod 256.

EVernam(‘R’,15)
= (82 + 15) mod 256 = 97 = ‘a‘

What is DVernam(X,K)?

8

 5/22/10

Fence Rail Transposition

Encipher by arranging plaintext in two rows, as illustrated below.

HMMEDOLR!
plaintext (in diagonal rows)

IOSNDLAS!

HMMEDOLRIOSNDLAS! ciphertext

A rail fence cypher is trivial to cryptanalyze, much like an Caesar cipher.

Tabular Transposition

Arrange plaintext row by row in 2D grid and select cipher text from columns.

Use a key to determine column order.

35241!key

HIMOM!
plaintext (in 5-letter rows)

SENDD!
OLLAR!
S!

MDRMNLHSOSODAIEL! ciphertext

substitute or transpose or product

A substitution cipher forms ciphertext from replacing plaintext bit patterns

with other bit patterns.

A transposition cipher forms ciphertext from rearranging plaintext bit sequences.

A product cipher uses both substitution and transposition.

stream or block

A stream cipher transforms plaintext one small subsequence (bit, byte, letter) at

a time.

A block cipher transforms a larger units of plaintext (usually 64 or 128 bits).