Professional Documents
Culture Documents
Cryptography
Cryptography
PYTHON
About The Instructor
• from Budapest, Hungary
• BSc in physics
• MSc in applied mathematics
• working as a software engineer
• special addiction to algorithms, artificial intelligence and
quantitative finance
About The Course
• cryptography fundamentals
• Caesar cipher
• Vigenere cipher
• detecting language
• frequency analysis
• Kasiski-algorithm
• Data Encryption Standard (DES)
• Advanced Encryption Standard (AES)
About The Course
• public key cryptosystems
• modular arithmetic
• Diffie-Hellman key exchange
• RSA
HD Option For the Lectures
Cryptography
„Cryptography is the practise and study of techniques for secure
communication in the presence of third parties”
The basic concept is that there are cases when we want to make sure a given message
is read by the sender and the receiver exclusively
KEY: this is a sequence that is needed both for encryption and decryption
Cryptography
„Cryptography is the practise and study of techniques for secure
communication in the presence of third parties”
cipher_text = f(plain_text, key) encryption function plain_text = f -1 (cipher_text, key) decryption function
Cryptography
PRIVATE KEY CRYPTOGRAPHY
This type of cryptography uses just a single key. So the same key is used
both for encryption and decryption as well
~ this is why it is also called „symmetric encryption”
This type of cryptography uses a public key and a private key as well.
~ this is why it is also called „asymmetric encryption”
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25
Caesar-cipher
Caesar-cipher
ENCRYPTION
Why to use mod 26? The size of the english alphabet is 26 which means
there are 26 letters in the english alphabet
Why to use mod 26? The size of the english alphabet is 26 which means
there are 26 letters in the english alphabet
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
PRIVATE KEY = 3
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
PRIVATE KEY = 3
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25
Ciphertext:
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
PRIVATE KEY = 3
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25
Ciphertext: W
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
PRIVATE KEY = 3
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25
Ciphertext: WK
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
PRIVATE KEY = 3
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25
Ciphertext: WKL
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
PRIVATE KEY = 3
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25
Ciphertext: WKLV
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
PRIVATE KEY = 3
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25
Ciphertext: WKLV L
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
PRIVATE KEY = 3
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25
Ciphertext: WKLV LV
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
PRIVATE KEY = 3
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25
Ciphertext: WKLV LV D
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
PRIVATE KEY = 3
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25
Ciphertext: WKLV LV DQ
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
PRIVATE KEY = 3
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25
Ciphertext: WKLV LV DQ H
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
PRIVATE KEY = 3
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25
Ciphertext: WKLV LV DQ HA
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
PRIVATE KEY = 3
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
PRIVATE KEY = 3
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
PRIVATE KEY = 3
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
PRIVATE KEY = 3
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
PRIVATE KEY = 3
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
PRIVATE KEY = 3
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
PRIVATE KEY = 3
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25
Plaintext:
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
PRIVATE KEY = 3
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25
Plaintext: T
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
PRIVATE KEY = 3
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25
Plaintext: TH
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
PRIVATE KEY = 3
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25
Plaintext: THI
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
PRIVATE KEY = 3
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25
Plaintext: THIS
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
PRIVATE KEY = 3
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25
Plaintext: THIS I
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
PRIVATE KEY = 3
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25
Plaintext: THIS IS
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
PRIVATE KEY = 3
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25
Plaintext: THIS IS A
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
PRIVATE KEY = 3
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25
Plaintext: THIS IS AN
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
PRIVATE KEY = 3
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25
Plaintext: THIS IS AN E
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
PRIVATE KEY = 3
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25
Plaintext: THIS IS AN EX
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
PRIVATE KEY = 3
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
PRIVATE KEY = 3
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
PRIVATE KEY = 3
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
PRIVATE KEY = 3
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
PRIVATE KEY = 3
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
PRIVATE KEY = 3
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25
For example: using Caesar-encyrpion with key 2 and then with key 3
is the same as using key 5
Cracking Caesar-cipher
There are 2 types of approaches to crack Caesar-cipher:
1.) brute-force attack: because the number of possible key is 26 thats why
we can consider all these cases (so check all the possible key values)
we use all the possible key values within the range [0,SIZE_ALPHABET-1]
and check whether the decrypted message makes sense or not
key: S E C R E T
18 4 2 17 4 19
in Vigenere cipher we have to use the i-th letter of the key for
encrypting the i-th letter
Why to use mod 26? The size of the english alphabet is 26 which means
there are 26 letters in the english alphabet
in Vigenere cipher we have to use the i-th letter of the key for
decrypting the i-th letter
Why to use mod 26? The size of the english alphabet is 26 which means
there are 26 letters in the english alphabet
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
PRIVATE KEY = SECRET
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
PRIVATE KEY = SECRET
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25
S E CR ET S E C R E T S E C R E T S
Plaintext: THIS IS JUST AN EXAMPLE
Ciphertext:
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
PRIVATE KEY = SECRET
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25
S E CR ET S E C R E T S E C R E T S
Plaintext: THIS IS JUST AN EXAMPLE
Ciphertext: L
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
PRIVATE KEY = SECRET
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25
S E CR ET S E C R E T S E C R E T S
Plaintext: THIS IS JUST AN EXAMPLE
Ciphertext: LL
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
PRIVATE KEY = SECRET
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25
S E CR ET S E C R E T S E C R E T S
Plaintext: THIS IS JUST AN EXAMPLE
Ciphertext: LLK
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
PRIVATE KEY = SECRET
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25
S E CR ET S E C R E T S E C R E T S
Plaintext: THIS IS JUST AN EXAMPLE
Ciphertext: LLKJ
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
PRIVATE KEY = SECRET
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25
S E CR ET S E C R E T S E C R E T S
Plaintext: THIS IS JUST AN EXAMPLE
Ciphertext: LLKJ M
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
PRIVATE KEY = SECRET
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25
S E CR ET S E C R E T S E C R E T S
Plaintext: THIS IS JUST AN EXAMPLE
Ciphertext: LLKJ ML
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
PRIVATE KEY = SECRET
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25
S E CR ET S E C R E T S E C R E T S
Plaintext: THIS IS JUST AN EXAMPLE
Ciphertext: LLKJ ML B
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
PRIVATE KEY = SECRET
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25
S E CR ET S E C R E T S E C R E T S
Plaintext: THIS IS JUST AN EXAMPLE
Ciphertext: LLKJ ML BY
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
PRIVATE KEY = SECRET
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25
S E CR ET S E C R E T S E C R E T S
Plaintext: THIS IS JUST AN EXAMPLE
Ciphertext: LLKJ ML BYU
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
PRIVATE KEY = SECRET
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25
S E CR ET S E C R E T S E C R E T S
Plaintext: THIS IS JUST AN EXAMPLE
Ciphertext: LLKJ ML BYUK
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
PRIVATE KEY = SECRET
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25
S E CR ET S E C R E T S E C R E T S
Plaintext: THIS IS JUST AN EXAMPLE
Ciphertext: LLKJ ML BYUK E
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
PRIVATE KEY = SECRET
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25
S E CR ET S E C R E T S E C R E T S
Plaintext: THIS IS JUST AN EXAMPLE
Ciphertext: LLKJ ML BYUK EG
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
PRIVATE KEY = SECRET
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25
S E CR ET S E C R E T S E C R E T S
Plaintext: THIS IS JUST AN EXAMPLE
Ciphertext: LLKJ ML BYUK EG W
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
PRIVATE KEY = SECRET
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25
S E CR ET S E C R E T S E C R E T S
Plaintext: THIS IS JUST AN EXAMPLE
Ciphertext: LLKJ ML BYUK EG WB
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
PRIVATE KEY = SECRET
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25
S E CR ET S E C R E T S E C R E T S
Plaintext: THIS IS JUST AN EXAMPLE
Ciphertext: LLKJ ML BYUK EG WBC
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
PRIVATE KEY = SECRET
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25
S E CR ET S E C R E T S E C R E T S
Plaintext: THIS IS JUST AN EXAMPLE
Ciphertext: LLKJ ML BYUK EG WBCD
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
PRIVATE KEY = SECRET
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25
S E CR ET S E C R E T S E C R E T S
Plaintext: THIS IS JUST AN EXAMPLE
Ciphertext: LLKJ ML BYUK EG WBCDT
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
PRIVATE KEY = SECRET
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25
S E CR ET S E C R E T S E C R E T S
Plaintext: THIS IS JUST AN EXAMPLE
Ciphertext: LLKJ ML BYUK EG WBCDTE
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
PRIVATE KEY = SECRET
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25
S E CR ET S E C R E T S E C R E T S
Plaintext: THIS IS JUST AN EXAMPLE
Ciphertext: LLKJ ML BYUK EG WBCDTEW
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
PRIVATE KEY = SECRET
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25
S E CR ET S E C R E T S E C R E T S
Plaintext: THIS IS JUST AN EXAMPLE
Ciphertext: LLKJ ML BYUK EG WBCDTEW
Vigenere Cipher
EXAMPLE
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
PRIVATE KEY = SECRET
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25
S E CR E T S E C R E T S E CR ET S
Ciphertext: LLKJ ML BYUK EG WBCDTEW
Plaintext:
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
PRIVATE KEY = SECRET
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25
S E CR E T S E C R E T S E CR ET S
Ciphertext: LLKJ ML BYUK EG WBCDTEW
Plaintext: T
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
PRIVATE KEY = SECRET
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25
S E CR E T S E C R E T S E CR ET S
Ciphertext: LLKJ ML BYUK EG WBCDTEW
Plaintext: TH
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
PRIVATE KEY = SECRET
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25
S E CR E T S E C R E T S E CR ET S
Ciphertext: LLKJ ML BYUK EG WBCDTEW
Plaintext: THI
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
PRIVATE KEY = SECRET
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25
S E CR E T S E C R E T S E CR ET S
Ciphertext: LLKJ ML BYUK EG WBCDTEW
Plaintext: THIS
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
PRIVATE KEY = SECRET
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25
S E CR E T S E C R E T S E CR ET S
Ciphertext: LLKJ ML BYUK EG WBCDTEW
Plaintext: THIS I
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
PRIVATE KEY = SECRET
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25
S E CR E T S E C R E T S E CR ET S
Ciphertext: LLKJ ML BYUK EG WBCDTEW
Plaintext: THIS IS
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
PRIVATE KEY = SECRET
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25
S E CR E T S E C R E T S E CR ET S
Ciphertext: LLKJ ML BYUK EG WBCDTEW
Plaintext: THIS IS J
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
PRIVATE KEY = SECRET
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25
S E CR E T S E C R E T S E CR ET S
Ciphertext: LLKJ ML BYUK EG WBCDTEW
Plaintext: THIS IS J
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
PRIVATE KEY = SECRET
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25
S E CR E T S E C R E T S E CR ET S
Ciphertext: LLKJ ML BYUK EG WBCDTEW
Plaintext: THIS IS JU
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
PRIVATE KEY = SECRET
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25
S E CR E T S E C R E T S E CR ET S
Ciphertext: LLKJ ML BYUK EG WBCDTEW
Plaintext: THIS IS JUS
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
PRIVATE KEY = SECRET
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25
S E CR E T S E C R E T S E CR ET S
Ciphertext: LLKJ ML BYUK EG WBCDTEW
Plaintext: THIS IS JUST
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
PRIVATE KEY = SECRET
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25
S E CR E T S E C R E T S E CR ET S
Ciphertext: LLKJ ML BYUK EG WBCDTEW
Plaintext: THIS IS JUST A
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
PRIVATE KEY = SECRET
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25
S E CR E T S E C R E T S E CR ET S
Ciphertext: LLKJ ML BYUK EG WBCDTEW
Plaintext: THIS IS JUST AN
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
PRIVATE KEY = SECRET
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25
S E CR E T S E C R E T S E CR ET S
Ciphertext: LLKJ ML BYUK EG WBCDTEW
Plaintext: THIS IS JUST AN E
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
PRIVATE KEY = SECRET
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25
S E CR E T S E C R E T S E CR ET S
Ciphertext: LLKJ ML BYUK EG WBCDTEW
Plaintext: THIS IS JUST AN EX
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
PRIVATE KEY = SECRET
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25
S E CR E T S E C R E T S E CR ET S
Ciphertext: LLKJ ML BYUK EG WBCDTEW
Plaintext: THIS IS JUST AN EXA
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
PRIVATE KEY = SECRET
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25
S E CR E T S E C R E T S E CR ET S
Ciphertext: LLKJ ML BYUK EG WBCDTEW
Plaintext: THIS IS JUST AN EXAM
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
PRIVATE KEY = SECRET
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25
S E CR E T S E C R E T S E CR ET S
Ciphertext: LLKJ ML BYUK EG WBCDTEW
Plaintext: THIS IS JUST AN EXAMP
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
PRIVATE KEY = SECRET
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25
S E CR E T S E C R E T S E CR ET S
Ciphertext: LLKJ ML BYUK EG WBCDTEW
Plaintext: THIS IS JUST AN EXAMPL
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
PRIVATE KEY = SECRET
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25
S E CR E T S E C R E T S E CR ET S
Ciphertext: LLKJ ML BYUK EG WBCDTEW
Plaintext: THIS IS JUST AN EXAMPLE
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
PRIVATE KEY = SECRET
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25
S E CR E T S E C R E T S E CR ET S
Ciphertext: LLKJ ML BYUK EG WBCDTEW
Plaintext: THIS IS JUST AN EXAMPLE
1.) we can use dictionary attack: so we have a dictionary (file containing the words)
and we use these words as the possible keys
1.) we have to find the size of the key: we can analyse repeated substrings
and their factors to get a good guess
2.) we can construct substrings from the ciphertext that are encrypted by the same letters
3.) we can use frequency analysis to find the letters of the key
Cracking Vigenere Cipher
KASISKI-ALGORITHM
BY THE WAY THIS IS
1.) first we have to find repeated substrings in the ciphertext WHY TO LEARN ALGORITHMS
(the size of these substrings are at least 3 letters long) AND DATA STRUCTURES
(SUFFIX TREES)
Key: TABLE
Ciphertext:
WS AYHHTMUAZBUXTRWUYYAKYUHSVMSMAKZEWS AYHDWCWYOEUJL
so here we can find a repeated substring (WS AY) because both occurrences
of „CRYPT” line up with „TABLE”
note that we can get the same repeated substrings by accident: because the same index
can be obtained several ways !!!
we can assume that if the repeated string occurs in the plaintext and the distance between
corresponding characters is a multiple of the keyword length then the keyword letters
will line up in the same way with both occurrences
2.) second step is to consider the distances between these repeated substrings
and find the factors of these values
3.) if we know the size of the key then we can use frequency analysis
because Vigenere cipher is the same as Caesar cipher
~ of course it uses multiple subkeys
3.) if we know the size of the key then we can use frequency analysis
because Vigenere cipher is the same as Caesar cipher
~ of course it uses multiple subkeys
WS AYHHTMUAZBUXTRWUYYAKYUHSVMSMAKZEWS AYHDWCWYOEUJL
Cracking Vigenere Cipher
KASISKI-ALGORITHM
3.) if we know the size of the key then we can use frequency analysis
because Vigenere cipher is the same as Caesar cipher
~ of course it uses multiple subkeys
WS AYHHTMUAZBUXTRWUYYAKYUHSVMSMAKZEWS AYHDWCWYOEUJL
#1 substring: WHATYHMWHYL
Cracking Vigenere Cipher
KASISKI-ALGORITHM
3.) if we know the size of the key then we can use frequency analysis
because Vigenere cipher is the same as Caesar cipher
~ of course it uses multiple subkeys
WS AYHHTMUAZBUXTRWUYYAKYUHSVMSMAKZEWS AYHDWCWYOEUJL
#1 substring: WHATYHMWHYL
#2 substring: SHZRASASDO
Cracking Vigenere Cipher
KASISKI-ALGORITHM
3.) if we know the size of the key then we can use frequency analysis
because Vigenere cipher is the same as Caesar cipher
~ of course it uses multiple subkeys
WS AYHHTMUAZBUXTRWUYYAKYUHSVMSMAKZEWS AYHDWCWYOEUJL
#1 substring: WHATYHMWHYL
#2 substring: SHZRASASDO
#3 substring: TBWKVK WE
Cracking Vigenere Cipher
KASISKI-ALGORITHM
3.) if we know the size of the key then we can use frequency analysis
because Vigenere cipher is the same as Caesar cipher
~ of course it uses multiple subkeys
WS AYHHTMUAZBUXTRWUYYAKYUHSVMSMAKZEWS AYHDWCWYOEUJL
#1 substring: WHATYHMWHYL
#2 substring: SHZRASASDO
#3 substring: TBWKVK WE
#4 substring: AMUUYMZACU
Cracking Vigenere Cipher
KASISKI-ALGORITHM
3.) if we know the size of the key then we can use frequency analysis
because Vigenere cipher is the same as Caesar cipher
~ of course it uses multiple subkeys
WS AYHHTMUAZBUXTRWUYYAKYUHSVMSMAKZEWS AYHDWCWYOEUJL
#1 substring: WHATYHMWHYL
#2 substring: SHZRASASDO
#3 substring: TBWKVK WE
#4 substring: AMUUYMZACU
#5 substring: YUXYUSEYWJ
Cracking Vigenere Cipher
KASISKI-ALGORITHM
3.) if we know the size of the key then we can use frequency analysis
because Vigenere cipher is the same as Caesar cipher
~ of course it uses multiple subkeys
WS AYHHTMUAZBUXTRWUYYAKYUHSVMSMAKZEWS AYHDWCWYOEUJL
3.) if we know the size of the key then we can use frequency analysis
because Vigenere cipher is the same as Caesar cipher
~ of course it uses multiple subkeys
For example: if the most frequent letter in the decrypted text is E then
counter+1 because E is the most frequent letter in the
english alphabet is well
Cracking Vigenere Cipher
KASISKI-ALGORITHM
3.) if we know the size of the key then we can use frequency analysis
#1 substring because Vigenere cipher is the same as Caesar cipher
WHATYHMWHYL ~ of course it uses multiple subkeys
So we have to try with all possible letter (26 letters so A-Z) and consider
the matches with highest values
3.) if we know the size of the key then we can use frequency analysis
because Vigenere cipher is the same as Caesar cipher
~ of course it uses multiple subkeys
WE CONSIDER ALL THESE 36 POSSIBLE KEYS AND CHECK WHETHER THE DECRYPTED
TEXT IS VALID (SO ENGLISH) OR NOT !!!
Cracking Vigenere Cipher
KASISKI-ALGORITHM
intuition: let’s use as many letters in the key as the length of the plaintext
solution: let’s use totally random numbers to shift the letters in the plaintext
~ the key must have the same size as the plaintext
+ key must contain random numbers
1.) generate a truly random sequence (as many random numbers as the letters in the plaintext)
2.) shift the letters in the plaintext with the random numbers in the same manner
as in Vigenere cipher or Caesar cipher
For example: character a has the ASCII value 97. So what is the binary
representation of 97? It is 01100001
0 1 2 3 4 5 6 7
01100001 = 1x2 + 0x2 + 0x2 + 0x2 + 0x2 + 1x2 + 1x2 + 0x2 = 97
One Time Pad (OTP) „XOR is an involution so
EXAMPLE the function’s inverse is
Originally one time pad algorithm used XOR operation so first the function itself”
we consider the binary representation
we find the ASCII value for every letter in the text
Plaintext: HELLO
Key: 11001000001011101111011011000000
One Time Pad (OTP)
EXAMPLE
Plaintext: HELLO
Key: 11001000001011101111011011000000
1.) let’s convert the ASCII values of the letters into binary
72 69 76 76 79
H E L L O = 01001000010001010100110001001111
72 = 01001000
69 = 01000101
76 = 01001100
79 = 01001111
One Time Pad (OTP)
EXAMPLE
Plaintext: HELLO
Key: 11001000001011101111011011000000
01001000010001010100110001001111
XOR 11001000001011101111011011000000
10000000011010111011101010001111
This is the result of the XOR operation which means
this is the ciphertext !!!
One Time Pad (OTP)
EXAMPLE
Plaintext: HELLO
Key: 11001000001011101111011011000000
3.) because XOR operation’s inverse is XOR operation itself, we have to apply the same
transformation to get the plaintext again
10000000011010111011101010001111
XOR 11001000001011101111011011000000
01001000010001010100110001001111
This is how we get the plaintext from the ciphertext
with the same XOR operation
One Time Pad (OTP)
EXAMPLE
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25
4 9 1 6 25 1 6 4 3 1 6 2 8 4 3 5 6 1
THIS IS JUST AN EXAMPLE
Ciphertext: XQJY KX KAWW BT GFEPURF
E i (xi ) = (x i+ OTPi ) mod 26
One Time Pad (OTP)
EXAMPLE
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25
4 9 1 6 2 5 1 6 4 3 1 6 2 8 4 3 5 6 1
XQJY KX KAWW BT GFEPURF
Plaintext: THIS IS JUTS AN EXAMPLE
If we measure some physical phenomenon then Instead of measuring some physical phenomenon, we
we end up with true random numbers use computers to generate random numbers
For example: radioactive decay or atmospheric noise PROBLEM: computers are deterministic !!!
The randomness of the sequence depends on the randomness of the seed exclusively
One Time Pad (OTP)
MIDDLE-SQUARE METHOD
ALGORITHM: 1.) multiply the seed by itself
2.) get the middle of the result
3.) the result is the seed in the next iteration
One Time Pad (OTP)
MIDDLE-SQUARE METHOD
ALGORITHM: 1.) multiply the seed by itself
2.) get the middle of the result
3.) the result is the seed in the next iteration
seed: 152
One Time Pad (OTP)
MIDDLE-SQUARE METHOD
ALGORITHM: 1.) multiply the seed by itself
2.) get the middle of the result
3.) the result is the seed in the next iteration
seed: 152
seed: 152
310
One Time Pad (OTP)
MIDDLE-SQUARE METHOD
ALGORITHM: 1.) multiply the seed by itself
2.) get the middle of the result
3.) the result is the seed in the next iteration
seed: 310
310
One Time Pad (OTP)
MIDDLE-SQUARE METHOD
ALGORITHM: 1.) multiply the seed by itself
2.) get the middle of the result
3.) the result is the seed in the next iteration
seed: 310
310610
One Time Pad (OTP)
MIDDLE-SQUARE METHOD
ALGORITHM: 1.) multiply the seed by itself
2.) get the middle of the result
3.) the result is the seed in the next iteration
seed: 610
310610
One Time Pad (OTP)
MIDDLE-SQUARE METHOD
ALGORITHM: 1.) multiply the seed by itself
2.) get the middle of the result
3.) the result is the seed in the next iteration
seed: 610
310610210
One Time Pad (OTP)
MIDDLE-SQUARE METHOD
2 digits seed: algorithm uses at most 100 digits before reusing the seed
3 digits seed: algorithm uses at most 1000 digits before reusing the seed
.
.
N
N digits seed: algorithm uses 10 digits before reusing the seed
One Time Pad (OTP)
MIDDLE-SQUARE METHOD
which means the one time pad is not that secure any more
One Time Pad (OTP)
LINEAR CONGRUENTIAL GENERATOR
X n+1 = ( a X n + c ) mod m
the key has the same length as the plaintext: if we are able to exchange this key
securely then why not to exchange the plaintext itself?
One Time Pad (OTP)
We are not able to break one time pad with brute-force approach
we are not able to use brute-force approach because we will find all the valid plaintexts
~ which contains every valid words and sentences in english
How to decide what was the original message?
Data Encryption Standard (DES)
In the early 1970s it became apparent that the commercial sector
also has a need for cryptography
For example: corporate secrets must have been transmitted securely, ATM machines
needed encrypted messages etc.
it was constructed in the early 1970 at IBM (designed mostly by Horst Feistel)
4.) it’s main advantage is that encryption and decryption operations are very similar
(requiring only the reversal of the key schedule)
Block size: 64 bits
Key size: 64 bits (56 relevant bits are used in the algorithm)
Number of rounds: 16
Number of subkeys: 16 (every subkey is 48 bits long)
Ciphertext size: 64 bits
Data Encryption Standard (DES)
DIAGRAM OF DES
block of plaintext
(64 bits) T T
R R R
A R R R A
O
N O O O N
S U S
P U U U P
N block ofciphertext
O N N N ... O
(64 bits)
S D S
I D D D I
T T
I 1 I
O 1 2 3 O
N
6 N
key
(64 bits)
Data Encryption Standard (DES)
64 bits long plaintext block 64 bits long private key
shuffle the order of the bits
we are going to shuffle the order permuted choice 1 (PC-1)
initial permutation (IP) of the bits in the block containing 64 bits
and omit 8 bits
(output contains 56 bits only)
56 bits
48 bits 56 bits
round #1 permuted choice 2 (PC-2) left circular shift
56 bits
48 bits 56 bits
round #2 permuted choice 2 (PC-2) left circular shift
. . .
. . .
. . .
48 bits 56 bits
round #16 permuted choice 2 (PC-2) left circular shift
shift all the bits to the left
left half (32 bits) and right (a table defines the number of shifts)
32 bit swap half (32 bits) are swapped
64 bits
inverse permutation (IP-1 ) CIPHERTEXT
Data Encryption Standard (DES)
What is left circular shift?
a circular shift (bitwise rotation) is an operator that shifts all the bits
If we want to shift 01001000 to the left then the result
will be 10010000
0 1 0 0 1 0 0 0
a circular shift (bitwise rotation) is an operator that shifts all the bits
If we want to shift 01001000 to the left then the result
will be 10010000
0 1 0 0 1 0 0 0
a circular shift (bitwise rotation) is an operator that shifts all the bits
If we want to shift 01001000 to the left then the result
will be 10010000
1 0 0 1 0 0 0 0
S-BOX Kl Kr
32 bits in the next round in the next round
permutation
32 bits „ROUND FUNCTION”
XOR
L R
in the next round in the next round
Data Encryption Standard (DES)
What is the expansion function?
The 64 bits long private key is splitted into two 32 bits long left- and right keys
we omit some bits (8, 16, 24, 32, 40, 48, 56 and 64)
Data Encryption Standard (DES)
What is the permuted choice 2 (PC-2)?
There are 8 s-boxes in the DES algorithm: these are substitution boxes
~ the input for the boxes is 6 bits and the output is 4 bits
(this is why we tranform 48 bits into a 32 bits output)
s1 s2 s3 s4 s5 s6 s7 s8
0 1 1 0 1 1
The least-significant bit (LSB) and the most-significant bit (MSB)
defines the row index in the s-box (which is a lookup table)
00 0010 0100 1001 1011 1111 1011 0010 1011 1110 1111 1111 1011 1010 0100 0110 0001
01 0010 0100 1001 1011 1111 1011 0010 1011 1110 1111 1111 1011 1010 0100 0110 0001
10 0010 0100 1001 1011 1111 1011 0010 1011 1110 1111 1111 1011 1010 0100 0110 0001
11 0010 0100 1001 1011 1111 1011 0010 1011 1110 1111 1111 1011 1010 0100 0110 0001
Data Encryption Standard (DES)
What is the permutation?
we just have to use the same function we have used with encryption
with the subkeys in a reverse order !!!
„Deep Crack” has managed to crack DES with brute-force attack within 22 hours
~ it does not use any internal structure of the cryptosystem
just considers all the possible keys (linear search)
This is why DES was replaced by triple DES (TDES) and later with AES
Linear Cryptoanalysis
Linear cryptoanalysis was constructed by Mitsuru Matsui in 1992
~ it is a widely used attack on block ciphers such as DES
How to determine the values within the s-boxes? Of course the aim is to make sure the
output is very similar to true random numbers
~ there was a concern that a backdoor might have been planted in DES
(so only the designers can break the cryptosystem)
SCIENTISTS STATED THAT EVEN A SMALL MODIFICATION COULD WEAKEN DES !!!
Linear Cryptoanalysis
Linear cryptoanalysis needs N plaintext / ciphertext pairs
47
for cracking DES we need 2 known plaintexts so this approach is not
practical when cracking DES
This approach assumes a linear relationship between the elements (individual bits) of
the plaintext, the ciphertext and the key
This approach aim to map bitwise ΔX differences in the input (plaintext) to ΔY differences
in the output (ciphertext)
it is a private key cryptosystem with three different keylenghts – 128, 192 and 256
p0 p4 p8 p k0 k4 k8 k12
12
p1 p5 p9 p13 k1 k5 k9 k13 we store the output, the intermediate result
p2 p6 p10 p14 k2 k 6 k10 k14 and the key as a matrix like this
every entry within this matrix is a byte (8 bits) thats why 16x8=128 bits
add round key K1 [w4 ...w7 ] IN THE LAST ROUND WE DO NOT USE
THE MIX COLUMNS OPERATION !!!
Advanced Encryption Standard (AES)
ADD ROUND KEY OPERATION
As we have seen with DES cryptosystem the operations are
substitution, permutation and XOR operation
output is 0 or 1
add round key operation = XOR
with 50% probability
p0 p4 p8 p
12
p1 p5 p9 p13
8 bits S-BOX 8 bits
p2 p6 p10 p14
p3 p7 p11 p15
We consider all the items (16 items) in the matrix
+ for every item we apply the s-box: return 8 bits as an output
s0 s4 s8 s s0 s4 s8 s
12 12
s1 s5 s9 s13 s5 s9 s13 s1
s2 s6 s10 s14 s10 s14 s2 s6
s3 s7 s11 s15 s15 s3 s7 s11
Advanced Encryption Standard (AES)
MIX COLUMNS OPERATION
s0 s4 s8 s 2 3 1 1
12
s1 s5 s9 s13 1 2 3 1
s2 s6 s10 s14 1 1 2 3
s3 s7 s11 s15 3 1 1 2
we take the columns from the state-matrix and multiply the predefined
matrix with these vectors
Advanced Encryption Standard (AES)
MIX COLUMNS OPERATION
2 3 1 1 s0 s’0
1 2 3 1 s1 s’1
X =
1 1 2 3 s2 s’2
3 1 1 2 s3 s’3
Advanced Encryption Standard (AES)
MIX COLUMNS OPERATION
2 3 1 1 s4 s’4
1 2 3 1 s5 s’5
X =
1 1 2 3 s6 s’6
3 1 1 2 s7 s’7
Advanced Encryption Standard (AES)
MIX COLUMNS OPERATION
2 3 1 1 s8 s’8
1 2 3 1 s9 s’9
X =
1 1 2 3 s10 s’10
3 1 1 2 s11 s’11
Advanced Encryption Standard (AES)
MIX COLUMNS OPERATION
2 3 1 1 s12 s’12
1 2 3 1 s13 s’13
X =
1 1 2 3 s14 s’14
3 1 1 2 s15 s’15
Advanced Encryption Standard (AES)
MIX COLUMNS OPERATION
1b 22 cb 03
7c ae f4 ba
...
14 01 1b 4f
09 a6 88 4a
Advanced Encryption Standard (AES)
SUBKEY GENERATION
1b 22 cb 03
7c ae f4 ba
...
14 01 1b 4f
09 a6 88 4a
Advanced Encryption Standard (AES)
SUBKEY GENERATION
1b 22 cb 03
7c ae f4 ba
...
14 01 1b 4f
09 a6 88 4a
Advanced Encryption Standard (AES)
SUBKEY GENERATION
1b 22 cb 03
7c ae f4 ba
...
14 01 1b 4f
09 a6 88 4a
4a
Advanced Encryption Standard (AES)
SUBKEY GENERATION
1b 22 cb 03
7c ae f4 ba
...
14 01 1b 4f
09 a6 88 4a
03
Advanced Encryption Standard (AES)
SUBKEY GENERATION
1b 22 cb 03
7c ae f4 ba
...
14 01 1b 4f
09 a6 88 4a
1b 22 cb 03
7c ae f4 ba
...
14 01 1b 4f
09 a6 88 4a
7c ae f4 ba
...
14 01 1b 4f
09 a6 88 4a
f4 Then we have to use XOR operation with previous words in the key
and the values in the rcon table
84
~ the first value of the table is never used
d6
7b
Advanced Encryption Standard (AES)
SUBKEY GENERATION
Ki-4 Ki-1 Ki
1b 22 cb 03
7c ae f4 ba
...
14 01 1b 4f
09 a6 88 4a
1b f4 01 03
7c 84 00 ab
XOR XOR =
14 d6 00 4c
09 7b 00 a5
Advanced Encryption Standard (AES)
SUBKEY GENERATION
Ki-4 Ki-1 Ki
1b 22 cb 03 03
7c ae f4 ba ab
...
14 01 1b 4f 4c
09 a6 88 4a a5
1b f4 01 03
7c 84 00 ab
XOR XOR =
14 d6 00 4c
09 7b 00 a5
Advanced Encryption Standard (AES)
SUBKEY GENERATION
1b 22 cb 03 03
7c ae f4 ba ab
...
14 01 1b 4f 4c
09 a6 88 4a a5
Advanced Encryption Standard (AES)
SUBKEY GENERATION
1b 22 cb 03 03
7c ae f4 ba ab
...
14 01 1b 4f 4c
09 a6 88 4a a5
Advanced Encryption Standard (AES)
SUBKEY GENERATION
Ki-4 Ki-1 Ki
1b 22 cb 03 03
7c ae f4 ba ab
...
14 01 1b 4f 4c
09 a6 88 4a a5
Advanced Encryption Standard (AES)
SUBKEY GENERATION
Ki-4 Ki-1 Ki
1b 22 cb 03 03
7c ae f4 ba ab
...
14 01 1b 4f 4c
09 a6 88 4a a5
Advanced Encryption Standard (AES)
SUBKEY GENERATION
Ki-4 Ki-1 Ki
1b 22 cb 03 03
7c ae f4 ba ab
...
14 01 1b 4f 4c
09 a6 88 4a a5
22 03 01
ae ab 22
XOR =
01 4c a3
a6 a5 88
Advanced Encryption Standard (AES)
SUBKEY GENERATION
Ki-4 Ki-1 Ki
1b 22 cb 03 03 01
7c ae f4 ba ab 22
...
14 01 1b 4f 4c 03
09 a6 88 4a a5 88
Advanced Encryption Standard (AES)
SUBKEY GENERATION
1b 22 cb 03 03 01
7c ae f4 ba ab 22
...
14 01 1b 4f 4c 03
09 a6 88 4a a5 88
Advanced Encryption Standard (AES)
SUBKEY GENERATION
1b 22 cb 03 03 01
7c ae f4 ba ab 22
...
14 01 1b 4f 4c 03
09 a6 88 4a a5 88
Advanced Encryption Standard (AES)
SUBKEY GENERATION
Ki-4 Ki-1 Ki
1b 22 cb 03 03 01
7c ae f4 ba ab 22
...
14 01 1b 4f 4c 03
09 a6 88 4a a5 88
Advanced Encryption Standard (AES)
SUBKEY GENERATION
Ki-4 Ki-1 Ki
1b 22 cb 03 03 01
7c ae f4 ba ab 22
...
14 01 1b 4f 4c 03
09 a6 88 4a a5 88
Advanced Encryption Standard (AES)
SUBKEY GENERATION
Ki-4 Ki-1 Ki
1b 22 cb 03 03 01
7c ae f4 ba ab 22
...
14 01 1b 4f 4c 03
09 a6 88 4a a5 88
cb 01 f1
f4 22 ac
XOR =
1b 03 02
88 88 22
Advanced Encryption Standard (AES)
SUBKEY GENERATION
Ki-4 Ki-1 Ki
1b 22 cb 03 03 01 f1
7c ae f4 ba ab 22 ac
...
14 01 1b 4f 4c 03 02
09 a6 88 4a a5 88 22
Advanced Encryption Standard (AES)
SUBKEY GENERATION
1b 22 cb 03 03 01 f1
7c ae f4 ba ab 22 ac
...
14 01 1b 4f 4c 03 02
09 a6 88 4a a5 88 22
Advanced Encryption Standard (AES)
SUBKEY GENERATION
1b 22 cb 03 03 01 f1
7c ae f4 ba ab 22 ac
...
14 01 1b 4f 4c 03 02
09 a6 88 4a a5 88 22
Advanced Encryption Standard (AES)
SUBKEY GENERATION
1b 22 cb 03 03 01 f1
7c ae f4 ba ab 22 ac
...
14 01 1b 4f 4c 03 02
09 a6 88 4a a5 88 22
Advanced Encryption Standard (AES)
SUBKEY GENERATION
Ki-4 Ki-1 Ki
1b 22 cb 03 03 01 f1
7c ae f4 ba ab 22 ac
...
14 01 1b 4f 4c 03 02
09 a6 88 4a a5 88 22
03 f1 23
ba ac a3
XOR =
4f 02 39
4a 22 39
Advanced Encryption Standard (AES)
SUBKEY GENERATION
1b 22 cb 03 03 01 f1 23
7c ae f4 ba ab 22 ac a3
...
14 01 1b 4f 4c 03 02 39
09 a6 88 4a a5 88 22 39
Advanced Encryption Standard (AES)
SUBKEY GENERATION
1b 22 cb 03 03 01 f1 23
7c ae f4 ba ab 22 ac a3
...
14 01 1b 4f 4c 03 02 39
09 a6 88 4a a5 88 22 39
Advanced Encryption Standard (AES)
SUBKEY GENERATION
1b 22 cb 03 03 01 f1 23
7c ae f4 ba ab 22 ac a3
...
14 01 1b 4f 4c 03 02 39
09 a6 88 4a a5 88 22 39
Advanced Encryption Standard (AES)
SUBKEY GENERATION
1b 22 cb 03 03 01 f1 23
7c ae f4 ba ab 22 ac a3
...
14 01 1b 4f 4c 03 02 39
09 a6 88 4a a5 88 22 39
Advanced Encryption Standard (AES)
SUBKEY GENERATION
1b 22 cb 03 03 01 f1 23
7c ae f4 ba ab 22 ac a3
...
14 01 1b 4f 4c 03 02 39
09 a6 88 4a a5 88 22 39
39
Advanced Encryption Standard (AES)
SUBKEY GENERATION
1b 22 cb 03 03 01 f1 23
7c ae f4 ba ab 22 ac a3
...
14 01 1b 4f 4c 03 02 39
09 a6 88 4a a5 88 22 39
23
Advanced Encryption Standard (AES)
SUBKEY GENERATION
1b 22 cb 03 03 01 f1 23
7c ae f4 ba ab 22 ac a3
...
14 01 1b 4f 4c 03 02 39
09 a6 88 4a a5 88 22 39
1b 22 cb 03 03 01 f1 23
7c ae f4 ba ab 22 ac a3
...
14 01 1b 4f 4c 03 02 39
09 a6 88 4a a5 88 22 39
1b 22 cb 03 03 01 f1 23
7c ae f4 ba ab 22 ac a3
...
14 01 1b 4f 4c 03 02 39
09 a6 88 4a a5 88 22 39
03 3a 02 ac
ab 12 00 02
XOR XOR =
4c 12 00 11
a5 26 00 f5
Advanced Encryption Standard (AES)
SUBKEY GENERATION
1b 22 cb 03 03 01 f1 23 ac
7c ae f4 ba ab 22 ac a3 02
...
14 01 1b 4f 4c 03 02 39 11
09 a6 88 4a a5 88 22 39 f5
Advanced Encryption Standard (AES)
CONFUSION AND DIFFUSION
2.) diffusion: if we change a single bit in the input (plaintext) then half of the digits in the
output (ciphertext) should change
Every pair in the network has a distinct private key for the secured communication !!!
there are ~500.000 „If there are N users in a given network - where everyone can communicate with
bitcoin users all the others – there must be private keys”
Public key cryptosystems solve these problems: every user in the network has just
a single private key and a single public key (so N users have 2N keys)
the private key can decrypt a message that has been encrypted with the
public key and vica versa
SENDER RECEIVER
Everyone can send a decrypted message to a given user using his/her public key and only
the given user can decrypt that message using the private key
Public Key Cryptography
There is a huge difference between private key crytography and public key
cryptosystems: the aspiration itself !!!
we want to make sure the ciphertext contains no information about the plaintext
we use trapdoor functions: so we rely heavily on the fact that there are some operations
that are extremely hard to do (exponential running time complexity)
dividend remainder
𝐚
= q remainder r
𝐛
divisor quotient
Two integers (a and b) are said to be congruent if they have the same
remainder when divided by a specified integer m
a ≡ b (mod m)
the mod m operation partition all the natural numbers into m subgroups
A prime number greater than 1 whose only factors are 1 and itself
~ numbers that have more than 2 factors are called composite numbers
Let p be a prime number then for any integer a (a is not divisible by p) the number
1.) naive algorithm: consider all the numbers in the range [2,N-1] and
if the given number divides N then N is not a prime
Every N composite number (so not primes) has a prime factor less than
or equal to its square root
Proof: if a N number is not a prime then it can be factored N = a x b (2 < a,b < N)
In other words: if N is a prime number then for every 1 <= a < N number
aN-1 ≡ 1 (mod N) which means in programming that aN-1 % N = 1
4
For example: since 5 is prime thats why 2 % 5 = 1 so 5 is prime
a N-1 ≡ 1 (mod N)
repeat k times:
this test fails with
generate a random number in the range [2,N-2]
Carmichael numbers N-1
PROBLEM if a % N = 1 then N is probably prime
if gcd(a,n) = 1 then
Fermat test is not valid
FERMAT’S ALGORITHM IS PROBABILISTIC !!!
When dealing with the naive primality test we end up with O() running time
BUT now the input is a large number ...
This theorem states that every positive integer can be written uniquely
as a product of prime numbers
If we have two prime numbers p and q then multiplying them is quite easy M = p x q
but calculating the factors if we have M is extremely hard
~ this is called integer factorization
if a given number has smaller factors then it may happen that the factors can be found
within hundreds or thousands of iterations
So somehow we have to make sure the prime factors will be large ...
This is where prime numbers have been proved to be important: if we have p and q large prime numbers
then we can calculate N = p*q quite fast
What are the factors of N? Of course the factors are p and q and we know
that these are large primes (this is exactly why we chose them)
THE REASON WHY WE USE PRIME NUMBERS IS TO MAKE SURE FACTORIZATION IS PRACTICALLY IMPOSSIBLE
Diffie-Hellman Key Exchange
The main disadvantage of private key cryptosystems (DES or AES) is that
the private key must be exchanged
1.) the sender (Alice) generates huge prime numbers n and g (the primitive root of n) and sends it
to the receiver (Bob) (it is not a problem if someone knows these numbers)
2.) both the sender and the receiver generate a random number < n-1
Alice generates x and Bob generates y (these are the private keys)
x y
3.) Alice calculates k1 = g mod n and send it to Bob and Bob calculates k2 = g mod n and sends it to Alice
x = 23 (random number the private key) y = 14 (random number the private key)
23 y 14
x
k1 = g mod n = 13 mod 37 = 2 k2 = g mod n = 13 mod 37 = 25
x 23 y 14
k 2 mod n = 25 mod 37 = 30 k1 mod n = 2 mod 37 = 30
It means that for example Alice can use 30 for AES encryption,
Bob can use 30 for AES decryption and it will work fine !!!
Diffie-Hellman Key Exchange
Why is it important to choose a primitive root?
The size of the keyspace is crucial in cryptography: if there are just a few keys
we can check them even with brute-force search quite fast
if we use n=11 and g=10 values then there would be just 2 possible keys
Another important factor is to use a large prime number for n: of course because the size of
the keyspace is proportinal to the value of n
~ the valid keys will be within the range [1,n-1] and if we use the primitive root
then all the integer values within this range are valid possible keys
Diffie-Hellman Key Exchange
Why is it important to choose n to be prime?
the whole cryptosystem relies heavily on the fact that solving the discrete
logarithm problem has exponential running time complexity so it is extremely hard
23 14
k1 = g x mod n = 13 mod 37 = 2 k2 = g y mod n = 13 mod 37 = 25
The attacker may know n, g, k1 and k2 because these parameters are being sent
over a public channel (for example the internet)
Alice
Bob
Mallory
Cracking Diffie-Hellman Key Exchange
n=37 and g=13
Alice
Bob
Mallory
Cracking Diffie-Hellman Key Exchange
n=37 and g=13
Alice
Bob
Mallory has k 1
Mallory
Cracking Diffie-Hellman Key Exchange
n=37 and g=13
Alice
Bob
k 1 = g x mod n k 2 = g y mod n
m1y mod n
Bob thinks it is the shared
secret key with Alice but in
z (random number < n-1) fact it is the shared secret key
Mallory has k 1 with Mallory !!!
m 1 = g z mod n
Mallory
Cracking Diffie-Hellman Key Exchange
n=37 and g=13
Alice
Bob
m1y mod n
Bob thinks it is the shared
secret key with Alice but in
z (random number < n-1) fact it is the shared secret key
Mallory has k 1 with Mallory !!!
m 1 = g z mod n and k 2
Mallory
Cracking Diffie-Hellman Key Exchange
n=37 and g=13
Alice
Bob
k 1 = g x mod n k 2 = g y mod n
m1y mod n
Bob thinks it is the shared
secret key with Alice but in
z (random number < n-1) fact it is the shared secret key
Mallory has k 1 with Mallory !!!
m 1 = g z mod n and k 2
w (random number < n-1) Mallory
m 2 = g w mod n
Cracking Diffie-Hellman Key Exchange
n=37 and g=13
Alice
Bob
k 1 = g x mod n k 2 = g y mod n
Mallory sends m2 to Alice
in the name of Bob m1y mod n
Bob thinks it is the shared
secret key with Alice but in
z (random number < n-1) fact it is the shared secret key
Mallory has k 1 with Mallory !!!
m 1 = g z mod n and k 2
w (random number < n-1) Mallory
m 2 = g w mod n
Cracking Diffie-Hellman Key Exchange
n=37 and g=13
Alice
Bob
k 1 = g x mod n k 2 = g y mod n
m2x mod n m1y mod n
Alice thinks it is the shared Bob thinks it is the shared
secret key with Bob but in
fact it is the shared secret key
secret key with Alice but in
z (random number < n-1) fact it is the shared secret key
with Mallory !!!
Mallory has k 1 with Mallory !!!
m 1 = g z mod n and k 2
w (random number < n-1) Mallory
m 2 = g w mod n
Cracking Diffie-Hellman Key Exchange
zy yz
wx xw
g mod n = g mod n g mod n = g mod n
Alice and Mallory will use Bob and Mallory will use
this shared secret key this shared secret key
during encryption and decryption during encryption and decryption
Mallory
RSA Cryptosystem
it is a public key cryptosystem (so it has a private key and a public key)
a p-1 ≡ 1 (mod p)
„Fermat’s little theorem”
We can generalize this theorem with Euler’s Φ(n) function: this totient function counts the
positive integers up to a given integer n that are relative prime to n
Relative prime: two integers a and b are said to be relative prime or coprime
if the only positive integer (factor) that divides both of them is 1
gcd(a,b)=1
RSA Cryptosystem
Φ(5) = 1,2,3,4 so the value of the function is 4
Φ(prime) = prime-1
Φ(n) = (p-1)(q-1)
4.) let’s calculate the private key d parameter: let’s calculate the modular inverse of e
(this is why it is crucial that e and Φ(n) is coprime)
we have to solve this equation
d * e mod Φ(n) = 1 to get the d parameter
e
ciphertext_block = plaintext_block mod n
we can use ASCII table
to convert text into numbers
d
plaintext_block = ciphertext_block mod n
RSA Cryptosystem
RSA ALGORITHM EXAMPLE
For example: we have the character a we want to encrypt. The ASCII representation of a is 97
e 21
Encryption ciphertext_block = plaintext_block mod n = 97 mod 391 = 37
d 285
Decryption plaintext_block = ciphertext_block mod n = 37 mod 391 = 97
RSA Cryptosystem
CRACKING RSA ALGORITHM
the aim of the attacker is to calculate the private key (d,n) pair
INTEGER FACTORIZATION
TRAPDOOR FUNCTION !!!
RSA Cryptosystem
CRACKING RSA ALGORITHM
factoring large numbers is usually hard: but not always
if a given number has smaller factors then it may happen that the factors can be found
within hundreds or thousands of iterations
So somehow we have to make sure the prime factors will be large ...
This is where prime numbers have been proved to be important: if we have p and q large prime numbers
then we can calculate n = p*q quite fast
What are the factors of n? Of course the factors are p and q and we know
that these are large primes (this is exactly why we chose them)
THE REASON WHY WE USE PRIME NUMBERS IS TO MAKE SURE FACTORIZATION IS PRACTICALLY IMPOSSIBLE