Computer Security:

Principles and Practice

Fourth Edition, Global Edition

By: William Stallings and Lawrie Brown

 Chapter 2
Cryptographic Tools
 Cryptographic Techniques

Cryptographic

Symmetric Asymmetric Secure H

Encryption Encryption

DES Triple DES AES RSA ECC ELGamal MD5 SHA-1

Team
TTTN 6224 : COMPUTER SECURITY & DEFENSE Modellers
 Types of Encryption

Team
TTTN 6224 : COMPUTER SECURITY & DEFENSE Modellers
 Team
TTTN 6224 : COMPUTER SECURITY & DEFENSE Modellers
 Symmetric Encryption

§ The universal technique for providing confidentiality for transmitted or stored data
§ Also referred to as conventional encryption or single-key encryption
§ Two requirements for secure use:
§ Need a strong encryption algorithm
§ Sender and receiver must have obtained copies of the secret key in a secure fashion and must
keep the key secure

Team
TTTN 6224 : COMPUTER SECURITY & DEFENSE Modellers
 Team
TTTN 6224 : COMPUTER SECURITY & DEFENSE Modellers
 Attacking Symmetric Encryption

Cryptanalytic Attacks Brute-Force Attacks

l Rely on: l Try all possible keys on some

l Nature of the algorithm ciphertext until an intelligible
l Some knowledge of the general characteristics
translation into plaintext is obtained
l On average half of all possible keys must be
of the plaintext
tried to achieve success
l Some sample plaintext-ciphertext pairs
l Exploits the characteristics of the
algorithm to attempt to deduce a
specific plaintext or the key being
used
l If successful all future and past messages
encrypted with that key are compromised
 Comparison of Three Popular Symmetric
Encryption Algorithms
Team
TTTN 6224 : COMPUTER SECURITY & DEFENSE Modellers
 Data Encryption Standard (DES)

Until recently was the most widely used encryption

scheme
FIPS PUB 46
Referred to as the Data Encryption Algorithm (DEA)
Uses 64 bit plaintext block and 56 bit key to produce a 64
bit ciphertext block

Strength concerns:
Concerns about the algorithm itself
DES is the most studied encryption algorithm in existence
Concerns about the use of a 56-bit key
The speed of commercial off-the-shelf processors makes this key length
woefully inadequate

Team
TTTN 6224 : COMPUTER SECURITY & DEFENSE Modellers
 Number of Time Required
Key size Alternative Time Required at 109 at 1013
(bits) Cipher Keys decryptions/s decryptions/s
56 DES 256 ≈ 7.2 × 1016 255 ns = 1.125 years 1 hour
AES 2127 ns = 5.3 × 1021
128 2128 ≈ 3.4 × 1038 years 5.3 × 1017 years

Triple DES 2167 ns = 5.8 × 1033

168 2168 ≈ 3.7 × 1050 years 5.8 × 1029 years

192 AES 2192 ≈ 6.3 × 1057 2191 ns = 9.8 × 1040 9.8 × 1036 years
years
256 AES 2256 ≈ 1.2 × 1077 2255 ns = 1.8 × 1060 1.8 × 1056 years
years

Average Time Required for Exhaustive Key Search

Team
TTTN 6224 : COMPUTER SECURITY & DEFENSE Modellers
 Triple DES (3DES)

• Repeats basic DES algorithm three times using either two or three unique keys

• First standardized for use in financial applications in ANSI standard X9.17 in 1985

• Attractions:
• 168-bit key length overcomes the vulnerability to brute-force attack of DES
• Underlying encryption algorithm is the same as in DES

• Drawbacks:
• Algorithm is sluggish in software
• Uses a 64-bit block size

Team
TTTN 6224 : COMPUTER SECURITY & DEFENSE Modellers
 Advanced Encryption Standard (AES)

NIST called for

Needed a replacement Selected Rijndael in
proposals for a new
for 3DES November 2001
AES in 1997
Should have a security strength
equal to or better than 3DES

Significantly improved
efficiency Published as
3DES was not reasonable
for long term use FIPS 197
Symmetric block cipher

128 bit data and 128/192/256

bit keys

Team
TTTN 6224 : COMPUTER SECURITY & DEFENSE Modellers
 Practical Security Issues
• Typically symmetric encryption is applied to a unit of data larger than a single 64-bit or 128-
bit block

• Electronic codebook (ECB) mode is the simplest approach to multiple-block encryption

• Each block of plaintext is encrypted using the same key
• Cryptanalysts may be able to exploit regularities in the plaintext

• Modes of operation
• Alternative techniques developed to increase the security of symmetric block encryption for large
sequences
• Overcomes the weaknesses of ECB

Team
TTTN 6224 : COMPUTER SECURITY & DEFENSE Modellers
Block Cipher vs Stream Cipher

Block Cipher

• Processes the input one block of elements at a time

• Produces an output block for each input block
• Can reuse keys
• More common

Stream Cipher
• Processes the input elements continuously
• Produces output one element at a time
• Primary advantage is that they are almost always faster and use far
less code
• Encrypts plaintext one byte at a time
• Pseudorandom stream is one that is unpredictable without
knowledge of the input key
 Block Cipher vs Stream Cipher

Team
TTTN 6224 : COMPUTER SECURITY & DEFENSE Modellers
 Block Cipher vs Stream Cipher

Team
TTTN 6224 : COMPUTER SECURITY & DEFENSE Modellers
 Secure H

Team
TTTN 6224 : COMPUTER SECURITY & DEFENSE Modellers
 Message Authentication

Protects against active attacks

• Contents have not been altered

Verifies received message is
• From authentic source
authentic
• Timely and in correct sequence

Can use conventional • Only sender and receiver share

encryption a key

Team
TTTN 6224 : COMPUTER SECURITY & DEFENSE Modellers
 Message Authentication Without Confidentiality
• Message encryption by itself does not provide a secure form of authentication
• It is possible to combine authentication and confidentiality in a single algorithm by encrypting
a message plus its authentication tag
• Typically message authentication is provided as a separate function from message encryption
• Situations in which message authentication without confidentiality may be preferable include:
• There are a number of applications in which the same message is broadcast to a number of destinations
• An exchange in which one side has a heavy load and cannot afford the time to decrypt all incoming messages
• Authentication of a computer program in plaintext is an attractive service

• Thus, there is a place for both authentication and encryption in meeting security
requirements

Team
TTTN 6224 : COMPUTER SECURITY & DEFENSE Modellers
 Team
TTTN 6224 : COMPUTER SECURITY & DEFENSE Modellers
 MD5 or SHA1 or SHA256

Team
TTTN 6224 : COMPUTER SECURITY & DEFENSE Modellers
 To be useful for message authentication, a hash
function H must have the following properties:
Can be applied to a block of data of any size

Produces a fixed-length output

H(x) is relatively easy to compute for any given x

One-way or pre-image resistant

• Computationally infeasible to find x such that H(x) = h

Computationally infeasible to find y ≠ x such that H(y) = H(x)

Collision resistant or strong collision resistance

• Computationally infeasible to find any pair (x,y) such that H(x) = H(y)

Team
TTTN 6224 : COMPUTER SECURITY & DEFENSE Modellers
 Security of Hash Functions

There are two

approaches to SHA most widely used Additional secure hash
attacking a secure hash algorithm function applications:
hash function:

Cryptanalysis Passwords
• Exploit logical weaknesses • Hash of a password is
in the algorithm stored by an operating
system

Brute-force attack Intrusion detection

• Strength of hash function • Store H(F) for each file on
depends solely on the a system and secure the
length of the hash code hash values
produced by the algorithm

Team
TTTN 6224 : COMPUTER SECURITY & DEFENSE Modellers
 Team
TTTN 6224 : COMPUTER SECURITY & DEFENSE Modellers
 Public-Key Encryption Structure

Asymmetric
• Uses two
separate keys
Publicly Some form of
Based on • Public key and
proposed by protocol is
mathematical private key
Diffie and needed for
functions • Public key is
Hellman in 1976 made public for distribution
others to use

Team
TTTN 6224 : COMPUTER SECURITY & DEFENSE Modellers
 Team
TTTN 6224 : COMPUTER SECURITY & DEFENSE Modellers
 Public-key encryption

l
l

l
l

l
l

l
l

l
l

Team
TTTN 6224 : COMPUTER SECURITY & DEFENSE Modellers
Public-key encryption
 Applications for Public-Key Cryptosystems

Algorithm Digital Signature Symmetric Key Encryption of

Distribution Secret Keys
RSA Yes Yes Yes
Diffie-Hellman No Yes No
DSS Yes No No
Elliptic Curve Yes Yes Yes

Team
TTTN 6224 : COMPUTER SECURITY & DEFENSE Modellers
 Requirements for Public-Key Cryptosystems
Computationally easy
to create key pairs

Computationally easy
Useful if either key for sender knowing
can be used for each public key to encrypt
role messages

Computationally
Computationally easy
infeasible for
for receiver knowing
opponent to
private key to decrypt
otherwise recover
ciphertext
original message
Computationally
infeasible for opponent
to determine private
key from public key

Team
TTTN 6224 : COMPUTER SECURITY & DEFENSE Modellers
 Asymmetric Encryption Algorithms
RSA (Rivest, Most widely accepted and
Block cipher in which the
plaintext and ciphertext
Shamir, Developed in 1977 implemented approach to
public-key encryption
are integers between 0
Adleman) and n-1 for some n.

Enables two users to

Diffie-Hellman securely reach agreement
about a shared secret that Limited to the exchange of
key exchange can be used as a secret key the keys
algorithm for subsequent symmetric
encryption of messages

Digital Signature Provides only a digital

signature function with
Cannot be used for
encryption or key
Standard (DSS) SHA-1 exchange

Elliptic curve
Security like RSA, but with
cryptography much smaller keys
(ECC)

Team
TTTN 6224 : COMPUTER SECURITY & DEFENSE Modellers
 Digital Signatures
• NIST FIPS PUB 186-4 defines a digital signature as:

“The result of a cryptographic transformation of data that, when properly implemented,

provides a mechanism for verifying origin authentication, data integrity and signatory non-
repudiation.”

• Thus, a digital signature is a data-dependent bit pattern, generated by an agent as a function

of a file, message, or other form of data block

• FIPS 186-4 specifies the use of one of three digital signature algorithms:
• Digital Signature Algorithm (DSA)
• RSA Digital Signature Algorithm
• Elliptic Curve Digital Signature Algorithm (ECDSA)

Team
TTTN 6224 : COMPUTER SECURITY & DEFENSE Modellers
 Team
TTTN 6224 : COMPUTER SECURITY & DEFENSE Modellers
 Team
TTTN 6224 : COMPUTER SECURITY & DEFENSE Modellers
 Random Numbers

üKeys for public-key algorithms

üStream key for symmetric stream cipher

üSymmetric key for use as a temporary

session key or in creating a digital envelope

üHandshaking to prevent replay attacks

ü Session key

Team
TTTN 6224 : COMPUTER SECURITY & DEFENSE Modellers
Summary
• Confidentiality with symmetric • Public-key encryption
encryption § Structure
§ Symmetric encryption § Applications for public-key cryptosystems
§ Symmetric block encryption algorithms § Requirements for public-key cryptography
§ Stream ciphers § Asymmetric encryption algorithms

• Message authentication and hash • Digital signatures and key

functions management
§ Authentication using symmetric § Digital signature
encryption § Public-key certificates
§ Symmetric key exchange using public-key encryption
§ Message authentication without
§ Digital envelopes
message encryption
§ Secure hash functions • Practical Application: Encryption of
§ Other applications of hash functions Stored Data
• Random and pseudorandom numbers
§ The use of random numbers
§ Random versus pseudorandom
 Classic Ciphers

Caesar Cipher

Team
TTTN 6224 : COMPUTER SECURITY & DEFENSE Modellers
46
 Classical Substitution Ciphers
• letters of plaintext are replaced by other letters or by numbers or symbols
• or if plaintext is viewed as a sequence of bits, then substitution involves replacing plaintext bit
patterns with ciphertext bit patterns

Team
TTTN 6224 : COMPUTER SECURITY & DEFENSE Modellers
 Caesar Cipher
ž earliest known substitution cipher
ž by Julius Caesar
ž first attested use in military affairs
ž replaces each letter by 3rd letter on example:

meet me after the toga party

PHHW PH DIWHU WKH WRJD SDUWB

ž Any cipher using a simple letter shift, is a Caesar cipher, not just those
with shift 3.

Team
TTTN 6224 : COMPUTER SECURITY & DEFENSE Modellers
48
 Caesar Cipher
ž can define transformation as:
a b c d e f g h i j k l m n o p q r s t u v w x y z
D E F G H I J K L M N O P Q R S T U V W X Y Z A B C
ž mathematically give each letter a number

ž then have Caesar cipher as:

Encrypt: c = E(k, p) = (p + k) mod (26)
Decrypt: p = D(k, c) = (c – k) mod (26)

Modulo arithmetic: when you reach Z, you go back to A and start

again. Mod 26 implies that when you reach 26, you use 0 instead.
(i.e.: the letter after Z, or 25 + 1 goes to A or 0)
Team
TTTN 6224 : COMPUTER SECURITY & DEFENSE Modellers
49
 Caesar Cipher
meet me after the toga party
PHHW PH DIWHU WKH WRJD SDUWB

Encrypt: c = E(k, p) = (p + k) mod (26)

• M = 12, k= 3 Decrypt: p = D(k, c) = (c – k) mod (26)
• (12 + 3) mod 26 ; 26 √15, remainder = 15 = P

•E=?
•T=?
Team
TTTN 6224 : COMPUTER SECURITY & DEFENSE Modellers
50
 Caesar Cipher meet me after the toga party
PHHW PH DIWHU WKH WRJD SDUWB

Encrypt: c = E(k, p) = (p + k) mod (26)

Decrypt: p = D(k, c) = (c – k) mod (26)

• What about “MTBID”? encrypted using key f (ie a shift of 5) is.... howdy
(7,14,22,3,24) encrypted using key f(5)

• Encrypt “i am good” with key d (shif of 4)?

Team
TTTN 6224 : COMPUTER SECURITY & DEFENSE Modellers
51
 Caesar Cipher
ž Using this encryption, the message
TREATY IMPOSSIBLE

ž would be encoded as:

wuhdwb lpsrvvleoh
¡with shift 3

Team
TTTN 6224 : COMPUTER SECURITY & DEFENSE Modellers
52
 Cryptanalysis of the Caesar Cipher

žA letter will always be substituted with the same letter

TREATY IMPOSSIBLE
wuhdwb lpsrvvleoh
žFrom the ciphertext, we can get many clues. For example:

¡The break/space between the two words is preserved

¡Double letters are preserved: SS is translated to vv
¡There are repeated letters: T, I, and E always mapped to w, l, and h

Team
TTTN 6224 : COMPUTER SECURITY & DEFENSE Modellers
 Cryptanalysis of the Caesar Cipher

ž So, for this ciphertext, we will also have few hints:

wklv phvvdjh lv qrw wrr kdug wr euhdn

¡ Spaces between words allow us to determine small words: am, is, to, be,
he, we, and, are, and so on..
¡ Substitute known short words at appropriate place
¡ Once the small words fall into place, try substituting for matching characters
at other places in the ciphertext
¡ r is repeated in wrr can be mapped to see, too, add, odd, off
¡ wr also appear in the ciphertext, so we can compare and guess its use with
wrr can be to/too, of/off vs. (se/see, ad/add,od/odd)
Team
TTTN 6224 : COMPUTER SECURITY & DEFENSE Modellers
54
 Cryptanalysis of Caesar Cipher
Øonly have 26 possible ciphers
lA maps to A/B/.../Z
Øcould simply try each in turn, using a brute force search
Ø given ciphertext, just try all shifts of letters

Team
TTTN 6224 : COMPUTER SECURITY & DEFENSE Modellers
55
 Classic Ciphers

Monoalphabetic Cipher

Team
TTTN 6224 : COMPUTER SECURITY & DEFENSE Modellers
56
 Monoalphabetic Cipher
ž rather than just shifting the alphabet, shuffle (jumble) the letters arbitrarily
ž each plaintext letter maps to a different random ciphertext letter
ž hence key is 26 letters long

Plain: abcdefghijklmnopqrstuvwxyz
Cipher: DKVQFIBJWPESCXHTMYAUOLRGZN

Plaintext: ifwewishtoreplaceletters
Ciphertext: WIRFRWAJUHYFTSDVFSFUUFYA

Team
TTTN 6224 : COMPUTER SECURITY & DEFENSE Modellers
57
 Monoalphabetic Cipher Security

• now have a total permutation of 26! = 4 x 1026 keys

• with so many keys, we might think it is secure
• But could be !!!WRONG!!!
• because it does not sufficiently obscure the underlying language characteristics

Team
TTTN 6224 : COMPUTER SECURITY & DEFENSE Modellers
58
 Language Redundancy and Cryptanalysis
Ø human languages are redundant , we do not need all the letters to
understand written English text.
Ø Eg: “ndrstnd wrttn nglsh txt"

Ø letters are not equally commonly used

Ø in English E is by far the most common letter
Ø followed by T,R,N,I,O,A,S

Ø other letters like Z,J,K,Q,X are fairly rare

Ø Basic idea is to count the relative frequencies of letters, and note
the resulting pattern.

Team
TTTN 6224 : COMPUTER SECURITY & DEFENSE Modellers
59
 English Letter Frequencies

Team
TTTN 6224 : COMPUTER SECURITY & DEFENSE Modellers
60
 Use in Cryptanalysis

• key concept - monoalphabetic substitution ciphers do not change relative letter

frequencies
• This weakness was found by Arabian scientists in 9th century (letter in Arabic)
• Monoalphabetic ciphers are easy to break because they reflect the frequency data
of the original alphabet.
• cryptanalyst looks for a mapping between the observed pattern in the ciphertext,
and the known source language letter frequencies

Team
TTTN 6224 : COMPUTER SECURITY & DEFENSE Modellers
61
 Use in Cryptanalysis

žIn caesar cipher look for common peaks (frequent)/ troughs (less
frequent)
¡peaks at: A-E-I triple, N-O pair, R-S-T triple
¡troughs at: J-K, X-Z

žfor monoalphabetic must identify each letter

¡tables of common double/triple letters help

am, is, to, be, he, we, and, are

see, too, add, odd, off

Team
TTTN 6224 : COMPUTER SECURITY & DEFENSE Modellers
62
 Example Cryptanalysis

žgiven ciphertext:

UZQSOVUOHXMOPVGPOZPEVSGZWSZOPFPESXUDBMETSXAIZ
VUEPHZHMDZSHZOWSFPAPPDTSVPQUZWYMXUZUHSXEPYEPOPD
ZSZUFPOMBZWPFUPZHMDJUDTMOHMQ

žcount relative letter frequencies

¡To find out the highest and lowest frequency

Team
TTTN 6224 : COMPUTER SECURITY & DEFENSE Modellers
63
 Example Cryptanalysis
žgiven ciphertext:
UZQSOVUOHXMOPVGPOZPEVSGZWSZOPFPESXUDBMETSXAIZ
VUEPHZHMDZSHZOWSFPAPPDTSVPQUZWYMXUZUHSX
EPYEPOPDZSZUFPOMBZWPFUPZHMDJUDTMOHMQ

P 13.33 H 5.83 F 3.33 B 1.67

Z 11.67 D 5.00 W 3.33 …
S 8.33 E 5.00 Q 2.50
U 8.33 V 4.17 T 2.50
0 7.50 X 4.17 A
M 6.67

ž guess P & Z are e and t

ž S U O M H might be a h i n o r s
ž guess ZW is th and hence ZWP is the
Team
TTTN 6224 : COMPUTER SECURITY & DEFENSE Modellers
64
 Example Cryptanalysis

žproceeding with trial and error finally get:

it was disclosed yesterday that several

informal but direct contacts have been
made with political representatives of
the viet cong in moscow

Team
TTTN 6224 : COMPUTER SECURITY & DEFENSE Modellers
65
 Classic Ciphers

Playfair Cipher

Team
TTTN 6224 : COMPUTER SECURITY & DEFENSE Modellers
66
 Playfair Cipher
Ønot even the large number of keys in a monoalphabetic cipher provides
security

Øone approach to improve security was to encrypt multiple letters

Øthe Playfair Cipher is an example

Øinvented by Charles Wheatstone in 1854, but named after his friend Baron
Playfair

Team
TTTN 6224 : COMPUTER SECURITY & DEFENSE Modellers
67
 Playfair Key Matrix
Ø a 5X5 matrix of letters based on a keyword
Ø fill in letters of keyword (sans duplicates)
Ø fill rest of matrix with other letters (from A to Z)
Øeg. using the keyword MONARCHY
Ø L to R, top to bottom, first with keyword after duplicate letters have been
removed, and then with the remaining letters, with I/J used as a single
letter

M O N A R
C H Y B D
E F G I/J K
L P Q S T
U V W X Z

Team
TTTN 6224 : COMPUTER SECURITY & DEFENSE Modellers
68
 Encrypting and Decrypting M O N A R
C H Y B D
E F G I/J K
L P Q S T
U V W X Z

ž plaintext is encrypted with two letters at a time

1. if a pair is a repeated letter, insert filler like 'X’

¢ "balloon" will be divided into "ba lx lo on“

2. if both letters fall in the same row, replace each with letter to the
right (wrapping back to start from end)

A-R becomes R-M (after A is R, after R us M),

M-N becomes O-A (after M is O, after N is A) etc

Team
TTTN 6224 : COMPUTER SECURITY & DEFENSE Modellers
69
 Encrypting and Decrypting M O N A R
C H Y B D
E F G I/J K
L P Q S T
ž plaintext is encrypted with two letters at a time U V W X Z

3. if both letters fall in the same column, replace each with

the letter below it (wrapping to top from bottom)
M-U becomes C-M (below M is C, below U is M)
C- L becomes E-U

4. otherwise each letter is replaced by the letter in the same

row and in the column of the other letter of the pair

Team
TTTN 6224 : COMPUTER SECURITY & DEFENSE Modellers
70
 Example

ž Suppose that we wanted to encipher the text

Advance right flank to Bunker Hill, then take up

positions ready for attack.

ž The first step is to divide the text into digrams:

ad va nc er ig ht fl an kt ob un ke rh il lt he nt ak
eu px po si ti on sr ea dy fo ra tx ta ck

ž Note that in this case two nulls must be added. There are no 'J's to
worry about.

Team
TTTN 6224 : COMPUTER SECURITY & DEFENSE Modellers
71
 ž Suppose that we choose PLAYFAIR for the keyword
ž and suppose that we use the following keysquare :

P L A Y F

I R S T U

V W X Z B

C D E G H

K M N O Q

ž ad va nc er ig ht fl an kt ob un ke rh
il lt he nt ak eu px po si ti on sr ea
dy fo ra tx ta ck

Team
TTTN 6224 : COMPUTER SECURITY & DEFENSE Modellers
72
 P L A Y F
ad va nc er ig ht fl
an kt ob un ke rh il I R S T U
lt he nt ak eu px po V W X Z B :

si ti on sr ea dy fo C D E G H
ra tx ta ck
K M N O Q

ž According to Rule 4 , the first digram in the

plaintext, 'ad' becomes 'LE'.

73
Team
TTTN 6224 : COMPUTER SECURITY & DEFENSE Modellers
 P L A Y F
ad va nc er ig ht fl
an kt ob un ke rh il I R S T U
lt he nt ak eu px po V W X Z B :

si ti on sr ea dy fo C D E G H
ra tx ta ck
K M N O Q

ž Likewise, the second digram, 'va' becomes 'XP', and

so on. Rule 1 says that the seventh digram,
'fl' becomes 'PA' and

ž Rule 2 says that the eighth digram, 'an' becomes 'SA'.

74
Team
TTTN 6224 : COMPUTER SECURITY & DEFENSE Modellers
 LE XP KE DS TC GU PA SA kt ob un ke rh il
lt he nt ak eu px po si ti on sr ea dy fo
ra tx ta ck

ž When the whole plaintext is enciphered using the rules

above, it becomes:

LE XP KE DS TC GU PA SA OI QZ SQ NC UD
RP YR CG OS PN HS AV YK TR UR QO TS NS
GL YQ SL SZ SY KP

ž If we rewrite this in blocks of 5 letters, then we get

LEXPK EDSTC GUPAS AOIQZ SQNCU DRPYR
CGOSP NHSAV YKTRU RQOTS NSGLY QSLSZ
SYKP

Team
TTTN 6224 : COMPUTER SECURITY & DEFENSE Modellers
75
 ž With the same key, try this:

Hide the gold in the tree stump

Team
TTTN 6224 : COMPUTER SECURITY & DEFENSE Modellers
76
 ž With the same key, try this:

Hide the gold in the tree stump

HI DE TH EG OL DI NT HE TR EX ES TU MP

P L A Y F
I R S T U
V W X Z B
C D E G H
K M N O Q

Team
TTTN 6224 : COMPUTER SECURITY & DEFENSE Modellers
77
 Classic Ciphers

Double Transposition Cipher

US Military

Team
TTTN 6224 : COMPUTER SECURITY & DEFENSE Modellers
78
 Double Transposition Cipher
(a.k.a. double columnar transposition)

Team
TTTN 6224 : COMPUTER SECURITY & DEFENSE Modellers
 Double Transposition Cipher
(a.k.a. double columnar transposition)

Exercise:

Key (Memory Words): Malicious Code and Malware Detection

One of the major challenges in the realm of security threats is malicious software.

Team
TTTN 6224 : COMPUTER SECURITY & DEFENSE Modellers
 One of the major challenges in the realm of security threats is
malicious software

Team
TTTN 6224 : COMPUTER SECURITY & DEFENSE Modellers
 Security of Playfair Cipher
Øsecurity much improved over monoalphabetic
Øsince have 26 x 26 = 676 digrams

Øwould need a 676 entry frequency table to analyse (verses

26 for a monoalphabetic)

Øand correspondingly more ciphertext

Øwas widely used for many years
leg. by US & British military in WW1

Øit can be broken, given a few hundred letters

Øsince still has much of plaintext structure

Team
TTTN 6224 : COMPUTER SECURITY & DEFENSE Modellers
82