Professional Documents
Culture Documents
CH 02
CH 02
CH 02
2
Classical
Encryp1on
Techniques
Symmetric
Encryp1on
§ or
conven1onal
/
private-‐key
/
single-‐key
§ sender
and
recipient
share
a
common
key
§ all
classical
encryp1on
algorithms
are
private-‐
key
§ was
only
type
prior
to
inven1on
of
public-‐key
in
1970’s
§ and
by
far
most
widely
used
Some
Basic
Terminology
§ plaintext
-‐
original
message
§ ciphertext
-‐
coded
message
§ cipher
-‐
algorithm
for
transforming
plaintext
to
ciphertext
§ key
-‐
info
used
in
cipher
known
only
to
sender/receiver
§ encipher
(encrypt)
-‐
conver1ng
plaintext
to
ciphertext
§ decipher
(decrypt)
-‐
recovering
plaintext
from
ciphertext
§ cryptography
-‐
study
of
encryp1on
principles/methods
§ cryptanalysis
(codebreaking)
-‐
study
of
principles/
methods
of
deciphering
ciphertext
without
knowing
key
§ cryptology
-‐
field
of
both
cryptography
and
cryptanalysis
Symmetric
Cipher
Model
Requirements
§ two
requirements
for
secure
use
of
symmetric
encryp1on:
• a
strong
encryp1on
algorithm.
An
opponent
who
knows
the
algorithm
and
has
access
to
one
or
more
ciphertexts
should
be
unable
to
decipher
the
ciphertext
or
figure
out
the
key
• a
secret
key
known
only
to
sender
and
receiver
§ mathema1cally
we
have:
Y
=
EK(X)
X
=
DK(Y)
§ assume
encryp1on
algorithm
is
known
§ implies
a
secure
channel
to
distribute
key
Cryptography
§ characterize
cryptographic
system
by:
• type
of
encryp1on
opera1ons
used
o subs1tu1on
/
transposi1on
/
product
• number
of
keys
used
o single-‐key
or
private
/
two-‐key
or
public
• way
in
which
plaintext
is
processed
o Block
/
Stream
Cryptanalysis
§ objec1ve
to
recover
key
not
just
message
§ general
approaches:
• cryptanalysis:
It
relies
on
the
nature
of
the
algorithm
plus
some
knowledge
of
the
characteris1cs
of
the
plaintext
or
some
sample
of
plaintext-‐ciphertext
pairs
• brute-‐force
aUack:
on
average
half
of
the
keys
must
be
tried
for
success
Cryptanaly1c
AUacks
§ ciphertext
only
(difficult)
« only
know
algorithm
&
ciphertext,
is
sta1s1cal
§
known
plaintext
« Know
1
or
more
plaintext-‐ciphertext
pairs
§ chosen
plaintext
« select
plaintext
and
obtain
ciphertext
§ chosen
ciphertext
« select
ciphertext
and
obtain
plaintext
§ chosen
text
« select
plaintext
and
ciphertext
to
en/decrypt
More
Defini1ons
§ uncondi8onal
security
no
maUer
how
much
computer
power
or
1me
is
available,
the
cipher
cannot
be
broken
since
the
ciphertext
provides
insufficient
informa1on
to
uniquely
determine
the
corresponding
plaintext
(hard
to
achieve)
§ computa8onal
security
þ given
limited
compu1ng
resources
(eg
1me
needed
for
calcula1ons
is
greater
than
age
of
universe),
the
cipher
cannot
be
broken
Brute
Force
Search
§ always
possible
to
simply
try
every
key
§ most
basic
aUack,
propor1onal
to
key
size
§ assume
either
know
/
recognise
plaintext
Key Size Number of Time required at 1 Time required at 106
(bits) Alternative Keys decryption/µs decryptions/µs
32 232 = 4.3 × 109 231 µs = 35.8 minutes 2.15 milliseconds
56 (DES) 256 = 7.2 × 1016 255 µs = 1142 years 10.01 hours
128 (AES) 2128 = 3.4 × 1038 2127 µs=5.4 × 1024 years 5.4 × 1018 years
168 (DES-3) 2168 = 3.7 × 1050 2167 µs=5.9 × 1036 years 5.9 × 1030 years
M O N A R
C H Y B D
E F G I/J K
L P Q S T
U V W X Z
Encryp1ng
and
Decryp1ng
§ plaintext
is
encrypted
two
leUers
at
a
1me
1. if
a
pair
is
a
repeated
leUer,
insert
filler
like
'X’.
For
example:
balloon
is
treated
as
ba
lx
lo
on
2. if
both
leUers
fall
in
the
same
row,
replace
each
with
leUer
to
right
(wrapping
back
to
start
from
end).
For
example:
ar
is
encrypted
as
RM.
Encryp1ng
and
Decryp1ng
3. if
both
leUers
fall
in
the
same
column,
replace
each
with
the
leUer
below
it
(again
wrapping
to
top
from
boUom).
For
example:
mu
is
encrypted
as
CM.
4. otherwise
each
leUer
is
replaced
by
the
leUer
in
the
same
row
and
in
the
column
of
the
other
leUer
of
the
pair.
For
example:
hs
is
encrypted
as
BP
and
ea
is
encrypted
as
IM
or
JM
(as
you
wish).
Security
of
Playfair
Cipher
§ security
much
improved
over
monoalphabe1c
§ since
have
26
x
26
=
676
digrams
§ would
need
a
676
entry
frequency
table
to
analyse
(versus
26
for
a
monoalphabe1c)
§ and
correspondingly
more
ciphertext
§ was
widely
used
for
many
years
• eg.
by
US
&
Bri1sh
military
in
WW1
§ it
can
be
broken,
given
a
few
hundred
leUers
§ since
s1ll
has
much
of
plaintext
structure
Rela1ve
Frequency
of
Occurrence
of
LeUers
Hill
Cipher
§ The
subs1tu1on
is
determined
by
m
linear
equa1ons.
For
example
for
m=3:
⎡C1 ⎤ ⎡ K11 K12 K13 ⎤ ⎡ P1 ⎤
⎢C ⎥ = ⎢ K K K ⎥ ⎢ P ⎥ mod 26
C = KP mod 26
⎢ 2 ⎥ ⎢ 21 22 23 ⎥ ⎢ 2 ⎥
⎢⎣C3 ⎥⎦ ⎢⎣ K31 K32 K33 ⎥⎦ ⎢⎣ P3 ⎥⎦ P = K-1C mod 26
§ For
example,
consider
the
palintext
“paymoremoney”
and
the
encryp1on
key
⎡17 17 5 ⎤ ⎡15 ⎤ ⎡375⎤ ⎡11⎤
K = ⎢⎢21 18 21⎥⎥ K ⎢⎢0 ⎥⎥ = ⎢⎢819 ⎥⎥ mod 26 = ⎢⎢13⎥⎥
⎢⎣2 2 19 ⎥⎦ ⎢⎣24⎥⎦ ⎢⎣486⎥⎦ ⎢⎣18⎥⎦