Information security

Nguyen Phi Le
About this course

n Materials
q slides
n Evaluation
q Project + exercises: (30%)
q final exam: writing exam (70%)
n Contents
q Cryptography foundation
n Ciphers
n Cryptography protocols
q Security applications
n Digital signature
n Network security
Cryptography I

General concepts and some classical

ciphers
Outline

n Basic concepts
n Attack models
n Classic ciphers: mono-alphabetic
n Vigenere cipher
n One-time-pad cipher
Security Goals

n Confidentiality (secrecy, privacy)

q Assure that data is accessible to only one who are
authorized to know
n Integrity
q Assure that data is only modified by authorized
parties and in authorized ways
n Availability
q Assure that resource is available for authorized
users
General tools

n Cryptography
n Software controls
n Hardware controls
n Policies and procedures
n Physical controls
What is Crypto?

n Constructing and analyzing cryptographic protocols

which enable parties to achieve security objectives
q Under the present of adversaries.
n A protocol (or a scheme) is a suite of procedures
that tell each party what to do
q usually, computer algorithms
n Cryptographers devise and analyze protocols under
Attack model
q assumptions about the resources and actions available to
the adversary
n So, you need to think as an adversary
Terms

n Cryptography: the study of mathematical

techniques for providing information security
services.
n Cryptanalysis: the study of mathematical
techniques for attempting to get security services
breakdown.
n Cryptology: the study of cryptography and
cryptanalysis.
Terms
n plaintexts
n ciphertexts
n keys
n encryption
n decryption

Y=EZ(X) Y X=DZ’(Y)
Sender Alice Receiver Bob

Key Z Enemy/Adversary Eve Key Z’

Secret-key cryptography

n Also called: symmetric cryptography

n Use the same key for both encryption & decryption
(Z=Z’)
n Key must be kept secret
n Key distribution – how to share a secret between A
and B very difficult
Public-key cryptography

n Also called: asymmetric cryptography

n Encryption key different from decryption key and
q It is not possible to derive decryption key from encryption
key
n Higher cost than symmetric cryptography
Breaking ciphers …

n There are different methods of breaking a

cipher, depending on:
q the type of information available to the attacker
q the interaction with the cipher machine
q the computational power available to the attacker
Breaking ciphers …

n Ciphertext-only attack:
q The cryptanalyst knows only the ciphertext.
q Goal: to find the plaintext and the key.
q NOTE: such vulnerable is seen completely insecure
n Known-plaintext attack:
q The cryptanalyst knows one or several pairs of
ciphertext and the corresponding plaintext.
q Goal: to find the key used to encrypt these messages
n or a way to decrypt any new messages that use the same key
(although may not know the key).
Breaking ciphers …

n Chosen-plaintext attack
q The cryptanalyst can choose a number of messages and
obtain the ciphertexts for them
q Goal: deduce the key used in the other encrypted
messages or decrypt any new messages (using that key).
n Chosen-ciphertext attack
q Similar to above, but the cryptanalyst can choose a
number of ciphertexts and obtain the plaintexts.
n Both can be adaptive
q The choice of ciphertext may depend on the plaintext
received from previous requests.
Classic ciphers
Shift cipher (additive cipher)
n Key Space: [1 .. 25]
n Encryption given a key K:
q each letter in the plaintext P is replaced with the K’th letter
following corresponding number (shift right):
q Another way: Y=X Å K è additive cipher

n Decryption given K:
q shift left

ABCDEFGHIJKLMNOPQRSTUVWXYZ
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25
P = CRYPTOGRAPHYISFUN
K = 11
C = NCJAVZRCLASJTDQFY
Shift Cipher: Cryptanalysis

n Easy, just do exhaustive search

q key space is small (<= 26 possible keys).
q once K is found, very easy to decrypt
General Mono-alphabetical Substitution
Cipher
n The key space: all permutations of Σ = {A, B, C, …, Z}
n Encryption given a key π:
q each letter X in the plaintext P is replaced with π(X)

n Decryption given a key π :

q each letter Y in the cipherext P is replaced with π-1(Y)

n Example:
ABCDEFGHIJKLMNOPQRSTUVWXYZ
π=BADCZHWYGOQXSVTRNMSKJIPFEU

BECAUSE → AZDBJSZ
Looks secure, early days

n Exhaustive search is infeasible

q key space size is 26! ≈ 4*1026
n Dominates the art of secret writing throughout
the first millennium A.D.
n Thought to be unbreakable by many back
then
Cryptanalysis of Substitution Ciphers:
Frequency Analysis
n Each language has certain features:
q frequency of letters, or of groups of two or more letters.
n Substitution ciphers preserve the mentioned
language features è vulnerable to frequency
analysis attacks
General Mono-alphabetical Substitution
Cipher
n Observations:
q A cipher system should not allow statistical properties of
plaintext to pass to the ciphertext.
q The ciphertext ginerated by a "good" cipher systim should
be satistically indistinguishable form random text.
n Idea for a stronger cipher (1460’s by Alberti)
q use more than one cipher alphabet, and switch between
them when encrypting different letters è Polyalphabetic
Substitution Ciphers
q Developed into a practical cipher by Vigenère (published in
1586)
Polyalphabetic Substitution Ciphers
n Polyalphabetic Substitution Ciphers
(Vigenère cipher - published in 1586)
q Definition:
n Given m, a positive integer, P = C = (Z26)n, and K = (k1, k2, …, km) a
key, we define:
q Encryption:
n ek (p1, p2… pm) = (p1+k1, p2+k2…pm+km) (mod 26)
q Decryption:
n dk (c1, c2… cm) = (c1-k1, c2-k2 … cm- km) (mod 26)
q Example:
Plaintext: CRYPTOGRAPHY
Key: LUCKLUCKLUCK
Ciphertext: NLAZE I I B LJ J I
Vigenère cipher
n Cryptanalysis
Plain text 𝑃 Cipher text 𝐶

𝑝! 𝑝" …… 𝑝# 𝑐! 𝑐" …… 𝑐#
𝑝#$! 𝑝#$" …… 𝑝"# 𝑐#$! 𝑐#$" …… 𝑐"#
. .
. .
. .
𝑝%#$! 𝑝%#$" …… 𝑐%#$! 𝑐%#$" ……

+𝑘!
+𝑘!

Same statistical properties

Can be broken by the statistical method once the key length is determined
Vigenère cipher
n How to determine the key length
q The frequency of letters in 𝑝! , 𝑝"#! , … , 𝑝$"#! is
approximately the same as that in the plain text 𝑃
q The frequency of letters in 𝑐! , 𝑐"#! , … , 𝑐$"#! is
the same as that in 𝑝! , 𝑝"#! , … , 𝑝$"#!
n The index of coincidence (IC)
q Suppose 𝑥 = 𝑥% 𝑥& … . 𝑥' is a string of alphabetic
characters à 𝐼𝐶 𝑥 is the probability that two
random elements of 𝑥 are identical
 Vigenère cipher
n The index of coincidence (IC)
q Suppose the frequencies of 𝐴, 𝐵, … , 𝑍 in 𝑥 are
𝑓( , 𝑓% … , 𝑓&)
+&
∑)*
&'( ) -& -& .%
q 𝐼𝐶 𝑥 = , = ∑&)
+,( ≈ ∑&)
+,( 𝑝+
&
) ' '.%
𝑝" : the frequency of the i-th letter
letter probability
A .082
B .015
C .028 For an English text For a totally random string
𝐼𝐶 𝑥 ≈ 0.065 $% 1
D .043 𝐼𝐶 𝑥 ≈ % = 0.038
E .127 !"# 26
F .022
…
Z .001
 Vigenère cipher
n The index of coincidence (IC)
q Let 𝑃& = 𝑝& , 𝑝'(& , … , 𝑝)'(& ; 𝐶& = 𝑐& , 𝑐'(& , … , 𝑐)'(&
n 𝐼𝐶 𝐶& = 𝐼𝐶 𝑃& ≈ 0.065
n Cryptanalysis algorithm
1. Set 𝑚 = 1
2. Check if 𝑚 is indeed the key length
n Divide the cipher into 𝑚 letter group and compute the IC of each
n If they are quite the same and approximately equals to 0.065 then
𝑚 is the key length
n If they are quite different and smaller than 0.065, then the key length
should be greater
3. Increase 𝑚 by 1 and go to step 1
 Vigenère cipher

n Kasiski method: a hint to find the key length

q Observation: two identical segments of plaintext
will be encrypted to the same cipher text wherever
their occurrence in the plain text is 𝛿 position
apart, 𝛿 ≡ 0(𝑚𝑜𝑑 𝑚)
𝑝! … 𝑝" 𝑝"#! … 𝑝"#$ …… 𝑝% 𝑐! … 𝑐" 𝑐"#! … 𝑐"#$ …… 𝑐%
. .
. .
. .
𝑝&%#! … 𝑝&%#" 𝑝&%#"#! … 𝑝&%"#$ …… 𝑝&%#% 𝑐&%#! … 𝑐&%#" 𝑐&%#"#! … 𝑐&%"#$ …… 𝑐&%#%

If these are the same Then, these will be the same

Vigenère cipher

n Kasiski method
q Search the cipher text for pairs of identical
segments and record the distance between their
starting positions
n Suppose the obtained distances are 𝛿! , … , 𝛿%
q Then, 𝑚 should divides the greatest common
divisor of 𝛿% , … , 𝛿$
Vigenère cipher

n Example
Vigenère cipher

n Example

Kasiski method: CHR’s occurrence positions: 1, 166, 236, 276 and 286
à Distances: 165, 235, 275 and 285
à Gcd(165, 235, 275, 285) = 5
à The key length should divides 5
Vigenère cipher

n Example

Confirmation of Kasiski method

M = 1 à IC = 0.045
M = 2 à ICs = 0.046 and 0.041
M = 3 à ICs = 0.043, 0.050, 0.047
M = 4 à ICs = 0.042, 0.039, 0.046, 0.040
M = 5 à ICs = 0.063, 0.068, 0.069, 0.061 and 0.072
Vigenère cipher
𝐾 = 9, 0, 13, 4, 19 = 𝐽𝐴𝑁𝐸𝑇
𝑝" 𝑓"(#
&'
𝑀# = ,
"$% 𝑛′
If 𝑔 ≠ 𝑘" , then 𝑀# ≪ 0.065
The almond tree was in tentative blossom. The days were longer,
often ending with magnificent evenings of corrugated pink skies.
The hunting season was over, with hounds and guns put away for
six months. The vineyards were busy again as the well-organized
farmers treated their vines and the more lackadaisical neighbors
hurried to do the pruning they should have done in November.
Exercises
n Decode the following cipher texts
q Encrypted by shift cipher:
n JBCRCLQRWCRVNBJENBWRWN
q Encrypted by substitution cipher:
n Pjmu mu b amtjfo rfsr. Mr jbu cffi fiaowtrfg cw rjf uvcurmrvrmqi amtjfo. Wqv
bof xfow nvahw. Rjf amtjfo jbu cffi coqhfi
n YIFQFMZRWQFYVECFMDZPCVMRZWNMDZVEJBTXCDDUMJ
NDIFEFMDZCDMQZKCEYFCJMYRNCWJCSZREXCHZUNMXZ
NZUCDRJXYYSMRTMEYIFZWDYVZVYFZUMRZCRWNZDZJJ
XZWGCHSMRNMDHNCMFQCHZJMXJZWIEJYUCFWDJNZDIR
n Hints:
q The letters in the English alphabet can be divided into 5 groups of similar frequencies
§ e
§ t,a,o,i,n,s,h,r
§ d,l
§ c,u,m,w,f,g,y,p,b
§ v,k,j,x,q,z
q Some frequently appearing bigrams or trigrams
§ Th, he, in, an, re, ed, on, es, st, en at, to
§ The, ing, and, hex, ent, tha, nth, was eth, for, dth.
Exercises
n Decode the following cipher texts
q Encrypted by substitution cipher:
YIFQFMZRWQFYVECFMDZPCVMRZWNMDZVEJBTXCDDUMJ
NDIFEFMDZCDMQZKCEYFCJMYRNCWJCSZREXCHZUNMXZ
NZUCDRJXYYSMRTMEYIFZWDYVZVYFZUMRZCRWNZDZJJ
XZWGCHSMRNMDHNCMFQCHZJMXJZWIEJYUCFWDJNZDIR

DZ and ZW: four times each

NZ and ZU: three times each
RZ, HZ, YZ, FZ, ZR, ZV, ZC, ZD, ZJ: twice each