Scribd
Upload
13 views46 pages

Lecture 2 - Traditional Symmetric Cryptography

Uploaded by

recomalta
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
13 views46 pages

Lecture 2 - Traditional Symmetric Cryptography

Uploaded by

recomalta
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 46

DM 426

Computers and
Information Security
Fall 2023/2024
Lecture # 2

Traditional Symmetric-
Key Ciphers
Chapter Objectives

➢ To define the terms and the concepts of symmetric key ciphers


➢ To emphasize the two categories of traditional ciphers: substitution and
transposition ciphers
➢ To describe the categories of cryptanalysis used to break the symmetric
ciphers
➢ To introduce the concepts of the stream ciphers and block ciphers
➢ To discuss some very dominant ciphers used in the past, such as the Enigma
machine
Introduction
• Figure below shows the general idea behind a symmetric-key cipher. The original
message from Alice to Bob is called plaintext; the message that is sent through the
channel is called the ciphertext. To create the ciphertext from the plaintext, Alice
uses an encryption algorithm and a shared secret key. To create the plaintext from
ciphertext, Bob uses a decryption algorithm and the same secret key.
Introduction
• If P is the plaintext, C is the ciphertext, and K is the key,

• We assume that Bob creates P1; we prove that P1 = P:


Introduction
3.1.1 Kerckhoff’s Principle
• Based on Kerckhoff’s principle, one should always assume that the
adversary, Eve, knows the encryption/decryption algorithm. The
resistance of the cipher to attack must be based only on the secrecy of
the key.
3.1.2 Cryptanalysis
• As cryptography is the science and art of creating secret codes,
cryptanalysis is the science and art of breaking those codes.
Cryptanalysis
Ciphertext-Only
Attack

Known-Plaintext
Attack
Cryptanalysis
Chosen-Plaintext
Attack

Chosen-Ciphertext
Attack
Substitution Cipher
Substitution Cipher
• A substitution cipher replaces one symbol with another. Substitution
ciphers can be categorized as either monoalphabetic ciphers or
polyalphabetic ciphers.

A substitution cipher replaces one


symbol with another.
Monoalphabetic Ciphers
• In monoalphabetic substitution, the relationship between a symbol in
the plaintext to a symbol in the ciphertext is always one-to-one.
• Examples:
o The following shows a plaintext and its corresponding ciphertext. The cipher is probably
monoalphabetic because both l’s (els) are encrypted as O’s.

o The following shows a plaintext and its corresponding ciphertext. The cipher is not
monoalphabetic because each l (el) is encrypted by a different character.
Additive Ciphers
• The simplest monoalphabetic cipher is the additive cipher. This cipher
is sometimes called a shift cipher and sometimes a Caesar cipher, but
the term additive cipher better reveals its mathematical nature.

• When the cipher is additive, the plaintext, ciphertext, and key are
integers in Z26.
Additive Ciphers
• Examples:
• Use the additive cipher with key = 15 to encrypt the message “hello”.

• Use the additive cipher with key = 15 to decrypt the message “WTAAD”.
Additive Ciphers
• Examples (Brute Force attack):
• Eve has intercepted the ciphertext “UVACLYFZLJBYL”. Show how she can use a brute-force
attack to break the cipher.
➢ Eve tries keys from 1 to 7. With a key of 7, the plaintext is “not very secure”, which makes
sense.
Statistical Attack Table 3.1 Frequency of characters in English

Table 3.2 Frequency of diagrams and trigrams


Additive Ciphers
• Eve has intercepted the following ciphertext. Using a statistical attack, find the
plaintext.

• When Eve tabulates the frequency of letters in this ciphertext, she gets: I =14, V =13,
S =12, and so on. The most common character is I with 14 occurrences. This means
key = 4.
Multiplicative Ciphers
• In a multiplicative cipher, the plaintext and ciphertext are integers in
Z26; the key is an integer in Z26*.

• What is the key domain for any multiplicative cipher?


• The key needs to be in Z26*. This set has only 12 members: 1, 3, 5, 7,
9, 11, 15, 17, 19, 21, 23, 25.
Multiplicative Ciphers
• Example:
• We use a multiplicative cipher to encrypt the message “hello” with a key of 7. The ciphertext
is “XCZZU”.
Affine Ciphers
• The affine cipher uses a pair of keys in which the first key is from Z26* and the
second is from Z26.
Affine Ciphers
• The additive cipher is a special case of an affine cipher in which
k1 = 1. The multiplicative cipher is a special case of affine cipher in
which k2 = 0.

• Example:
• Use the affine cipher to decrypt the message “ZEBBW” with the key pair (7, 2) in modulus 26.
Monoalphabetic Substitution Cipher
• Because additive, multiplicative, and affine ciphers have small key
domains, they are very vulnerable to brute-force attack.
• A better solution is to create a mapping between each plaintext
character and the corresponding ciphertext character. Alice and Bob
can agree on a table showing the mapping for each character.
• Example:

• We can use the key in the above figure to encrypt the message
Polyalphabetic Ciphers
• In polyalphabetic substitution, each occurrence of a character may
have a different substitute. The relationship between a character in the
plaintext to a character in the ciphertext is one-to-many.

• Example: Autokey Cipher


Polyalphabetic Ciphers
• Assume that Alice and Bob agreed to use an autokey cipher with initial
key value k1 = 12. Now Alice wants to send Bob the message “Attack
is today”. Enciphering is done character by character.
Playfair Cipher

• Let us encrypt the plaintext “hello” using the key in the above Figure.
Vigenère Cipher

• We can encrypt the message “She is listening” using the 6-character keyword
“PASCAL”. The initial key stream is (15, 0, 18, 2, 0, 11). The key stream is the
repetition of this initial key stream (as many times as needed).
Vigenère Cipher - Cryptanalysis
• Let us assume we have intercepted the following ciphertext:

• The Kasiski test for repetition of three-character segments yields the results shown
in Table 3.4.
Vigenère Cipher - Cryptanalysis
• The greatest common divisor of differences is 4, which means that the key length
is multiple of 4. First try m = 4.

• In this case, the plaintext makes sense.


Hill Cipher
• Key in Hill cipher

• The encryption goes like this:

• The key matrix in the Hill cipher needs to have a multiplicative inverse.
Hill Cipher
• For example, the plaintext “code is ready” can make a 3 × 4 matrix
when adding extra bogus character “z” to the last block and removing
the spaces. The ciphertext is “OHKNIHGKLISS”.
Hill Cipher - Cryptanalysis
• Assume that Eve knows that m = 3. She has intercepted three
plaintext/ciphertext pair blocks (not necessarily from the same
message) as shown in Figure below.
Hill Cipher - Cryptanalysis
• She makes matrices P and C from these pairs. Because P is invertible,
she inverts the P matrix and multiplies it by C to get the K matrix as
shown in Figure below.

• Now she has the key and can break any ciphertext encrypted with that
key.
One-Time Pad
• One of the goals of cryptography is perfect secrecy.
• A study by Shannon has shown that perfect secrecy can be achieved if
each plaintext symbol is encrypted with a key randomly chosen from a
key domain.
• This idea is used in a cipher called one-time pad, invented by Vernam.
Rotor Cipher

Enigma Machine
Transposition Ciphers
Transposition Cipher
• A transposition cipher does not substitute one symbol for another,
instead it changes the location of the symbols.
• A transposition cipher reorders symbols.
• Keyless Transposition Ciphers - The keyless ciphers permute the
characters by using writing plaintext in one way and reading it in
another way The permutation is done on the whole plaintext to create
the whole ciphertext.
• Keyed Transposition Ciphers - Another method is to divide the
plaintext into groups of predetermined size, called blocks, and then use
a key to permute the characters in each block separately.
Keyless Transposition Ciphers
• A good example of a keyless cipher using the first method is the rail
fence cipher. The ciphertext is created reading the pattern row by row.
• For example, to send the message “Meet me at the park” to Bob, Alice
writes:

• She then creates the ciphertext “MEMATEAKETETHPR”.


Keyless Transposition Ciphers
• Example 2: Alice and Bob can agree on the number of columns and
use the second method. Alice writes the same plaintext, row by row, in
a table of four columns.

• She then creates the ciphertext “MMTAEEHREAEKTTP”.


Keyless Transposition Ciphers
• The cipher in the previous example is actually a transposition cipher.
The following shows the permutation of each character in the plaintext
into the ciphertext based on the positions.

• Although the characters are permuted, there is a pattern in the permutation: (01,
05, 09, 13), (02, 06, 10, 13), (03, 07, 11, 15), and (08, 12). In each section, the
difference between the two adjacent numbers is 4.
Keyed Transposition Ciphers
• Example: Alice needs to send the message “Enemy attacks tonight” to
Bob.

• The key used for encryption and decryption is a permutation key,


which shows how the character are permuted.

• The permutation yields


Stream and Block Ciphers
• The literature divides the symmetric ciphers into two broad categories:
stream ciphers and block ciphers.
• Although the definitions are normally applied to modern ciphers, this
categorization also applies to traditional ciphers.
Stream Ciphers
• Call the plaintext stream P, the ciphertext stream C, and the key stream
K.
Stream Ciphers
• Monoalphabetic substitution ciphers
• We can establish a criterion to divide stream ciphers based on their key
streams. We can say that a stream cipher is a monoalphabetic cipher if the
value of ki does not depend on the position of the plaintext character in the
plaintext stream; otherwise, the cipher is polyalphabetic.
• Additive ciphers
• Additive ciphers are definitely monoalphabetic because ki in the key stream is
fixed; it does not depend on the position of the character in the plaintext.
• Vigenère cipher
• Vigenere ciphers are polyalphabetic ciphers because ki definitely depends on
the position of the plaintext character. However, the dependency is cyclic. The
key is the same for two characters m positions apart.
Block Ciphers
• In a block cipher, a group of plaintext symbols of size m (m > 1) are
encrypted together creating a group of ciphertext of the same size.
• A single key is used to encrypt the whole block even if the key is made
of multiple values.
Block Ciphers
• Playfair ciphers are block ciphers. The size of the block is m = 2. Two
characters are encrypted together.
• Hill ciphers are block ciphers. A block of plaintext, of size 2 or more is
encrypted together using a single key (a matrix). In these ciphers, the
value of each character in the ciphertext depends on all the values of
the characters in the plaintext.
• From the definition of the block cipher, it is clear that every block
cipher is a polyalphabetic cipher because each character in a ciphertext
block depends on all characters in the plaintext block.
Combination
• In practice, blocks of plaintext are encrypted individually, but they use
a stream of keys to encrypt the whole message block by block.
• In other words, the cipher is a block cipher when looking at the
individual blocks, but it is a stream cipher when looking at the whole
message considering each block as a single unit.

You might also like