Classical Encryption Cipher
Classical Encryption Cipher
How: encrypt the original data; anyone can see the encrypted data,
but only authorized individuals can decrypt to see the original data
Used for both sending data across network and storing data on a
computer system
Model of Encryption for Confidentiality
Model of Encryption for Confidentiality
Model of Encryption for Confidentiality
Terminology
Plaintext original message
Ciphertext encrypted or coded message
Encryption convert from plaintext to ciphertext (enciphering)
Decryption restore the plaintext from ciphertext (deciphering)
Key information used in cipher known only to
sender/receiver
Cipher a particular algorithm (cryptographic system)
Cryptography study of algorithms used for encryption
Cryptanalysis study of techniques for decryption without
knowledge of plaintext
Cryptology areas of cryptography and cryptanalysis
Symmetric Encryption
mathematically have:
C = E(K, P)
P = D(K, C)
Assumptions
• encryption algorithm is known
• a secure channel to distribute key
Kerckhoff’s principle
Although it may appear that a cipher would be more secure if we
hide both the encryption/decryption algorithm and the secret key,
this is not recommended.
Processing of plaintext:
Block cipher process one block of elements at a time
Stream cipher process input elements continuously
Cryptography Classification
Symmetric Key Encryption for Confidentiality
Requirements
Strong encryption algorithm: given algorithm, ciphertext and known
pairs of (plaintext, ciphertext), attacker should be unable to find plaintext
or key
Shared secret keys: sender and receiver both have shared a secret key; no-
one else knows the key
Attacks
Goal of the Attacker
• Discover the plaintext (good)
• Discover the key (better)
Assumed Attacker Knowledge
• Ciphertext (want to decrypt)
• Algorithm (nature of the algorithm) or general idea of the type of plaintext
• Other pairs of (plaintext, ciphertext) using same key (not the plaintext in
question)
Attack Methods
Brute-force attack Try every possible key on ciphertext
Cryptanalysis Exploit characteristics of algorithm to deduce
plaintext or key
Assumption: attacker can recognize correct plaintext
Attacks on Block Ciphers
Brute Force Attack
Approach: try all keys in key space
Metric: number of operations (time)
k bit key requires 2k operations
Depends on key length and computer speed
Cryptanalysis
Approach: Find weaknesses in algorithms
Methods: Linear cryptanalysis, differential cryptanalysis,
meet-in-the-middle attack, side-channel attacks
Metrics: Number of operations
Amount of memory
Number of known plaintexts/ciphertexts
Cryptanalysis attacks
Cryptanalysis (Cont.)
Ciphertext-only attack
Known-Plaintext Attack
Chosen-Plaintext Attack
Chosen-Ciphertext Attack
Computationally Secure
If either:
- Cost of breaking cipher exceeds value of encrypted information
-Time required to break cipher exceeds useful lifetime of
encrypted information
Hard to estimate value/lifetime of some information
Hard to estimate how much effort needed to break cipher
Motivation for cryptanalysts
Topics:
Monoalphabetic Ciphres
Polyalphabetic Ciphers
Monoalphabetic Ciphers
Example
Example
The following shows a plaintext and its corresponding ciphertext. The
cipher is not monoalphabetic because each l (el) is encrypted by a
different character.
Plain : a b c d e f g h i j k l m n o p q r s t u v w x y z
Cipher: D E F G H I J K L M N O P Q R S T U V W X Y Z A B C
Solution
We apply the encryption algorithm to the plaintext, character by
character:
Continued
Shift Cipher and Caesar Cipher
Solution
Eve tries keys from 1 to 7. With a key of 7, the plaintext is “not
very secure”, which makes sense.
Breaking the Caesar Cipher
If, instead, the “cipher” line can be any permutation of the 26 alphabetic
characters,
We can use the key in Figure in previous slide to encrypt the message
The ciphertext is
Attacks on Mono-alphabetic Ciphers
14.000
12.000
10.000
8.000
6.000
4.000
2.000
0.000
E T A O I N S H R D L C U MW F G Y P B V K J X Q Z
Example cryptanalysis
frequency
UZQSOVUOHXMOPVGPOZPEVSGZWSZOPFPESXUDBMETSXAIZ
VUEPHZHMDZSHZOWSFPAPPDTSVPQUZWYMXUZUHSX
EPYEPOPDZSZUFPOMBZWPFUPZHMDJUDTMOHMQ
Multiplicative cipher
Solution
The key needs to be in Z26*. This set has only 12 members: 1, 3, 5, 7, 9, 11, 15, 17,
19, 21, 23, 25.
Example
We use a multiplicative cipher to encrypt the message “hello” with a key of 7. The
ciphertext is “XCZZU”.
Affine Ciphers
Combining additive and multiplicative cipher
Affine Ciphers
Example
The affine cipher uses a pair of keys in which the first key is from Z 26* and the
second is from Z26. The size of the key domain is 26 × 12 = 312.
Example
Use an affine cipher to encrypt the message “hello” with the key pair (7, 2).
Affine Ciphers
Example
Use the affine cipher to decrypt the message “ZEBBW” with the
key pair (7, 2) in modulus 26.
Solution
Example
The additive cipher is a special case of an affine cipher in which
Use multiple ciphers. Use a key to select which alphabet (code) is used for
each letter of the message
Poly-alphabetic Ciphers
Monoalphabetic ciphers are easy to break because they reflect the
frequency data of the original alphabet. A countermeasure is to
provide multiple substitutes known as homophones, for a single letter.
Autokey Cipher
Autokey Cipher
Assume that Alice and Bob agreed to use an autokey cipher
with initial key value k1 = 12. Now Alice wants to send Bob
the message “Attack is today”. Enciphering is done character
by character.
Autokey Cipher
Even this scheme is vulnerable to cryptanalysis. Because the key and the
plaintext share the same frequency distribution of letters, a statistical
technique can be applied.
Playfair Cipher
Example
Let us encrypt the plaintext “hello” using the key in Figure
An example of a secret key in the Playfair cipher
An example of a secret key in the Playfair cipher
Exercise
Measuring Effectiveness of the Playfair and other ciphers
Example:
Plain: internettechnologies
Key: sirindhornsirindhorn
Cipher: AVKMEQLHKRUPEWYRNWVF
Multiple ciphertext letters for each plaintext letter
For the next m letters of the plaintext, the key letters are
repeated.
Expressed numerically, we have the following result.
Vigenere Cipher
Example
Vigenere Cipher
We can encrypt the message “She is listening” using the 6-
character keyword “PASCAL”.
Let us see how we can encrypt the message “She is listening” using the
6-character keyword “PASCAL”. The initial key stream is (15, 0, 18, 2, 0,
11). The key stream is the repetition of this initial key stream (as many
times as needed).
Vigenere Cipher
Table
A Vigenere Tableau
Vigenere Cipher
(Cryptanalysis)
Example
Let us assume we have intercepted the following ciphertext:
Example Cont.
Let us assume we have intercepted the following ciphertext:
3.86
Vigenere Cipher - Is it Breakable?
Yes
Monoalphabetic or Vigenere cipher? Letter frequency
analysis
Determine length of keyword
For keyword length m, Vigenere is m mono-alphabetic
substitutions
Break the mono-alphabetic ciphers separately
Weakness is repeating, structured keyword
Hill Cipher
Another interesting multiletter cipher is the Hill cipher, developed by the
mathematician Lester Hill in 1929.
Plaintext are divided into equal size blocks. Each character in a block
contributes to the encryption of the other characters in the block. (Block
Cipher)
Figure Example
Example Hill2
Assume that Eve knows that m = 3. She has intercepted three
plaintext/ciphertext pair blocks (not necessarily from the same
message) as shown in Figure .
Figure
Example Hill2 cont.
Now she has the key and can break any ciphertext encrypted
with that key.
Hill Cipher
Concepts from Linear Algebra
We define the inverse M-1 of a square matrix M by the equation M(M-1)
= M-1M = I, where I is the identity matrix. I is a square matrix that is all
zeros except for ones along the main diagonal from upper left to lower
right.
(we are concerned with matrix arithmetic modulo 26).
Matrix Operations
Matrix addition/subtraction
Matrices must be of same size.
Matrix multiplication
mxn nx p mxp
n
Condition: n = q
Identity Matrix
Matrix Transpose
Symmetric Matrices
Example:
Determinants
2x2
3x3
nxn
Properties:
Matrix Inverse
The inverse A-1 of a matrix A has the property:
AA-1=A-1A=I
Terminology
Singular matrix: A-1 does not exist
Ill-conditioned matrix: A is “close” to being singular
Matrix Inverse (cont’d)
Determinant
For any square matrix (m × m), the determinant equals the sum of
all the products that can be formed by taking exactly one element
from each row and exactly one element from each column, with
certain of the product terms preceded by a minus sign
Det(A)=
Note:
Det(A)=
“paymoremoney”
One-Time Pad
A cipher system has perfect secrecy if the ciphertext gives the cryptanalyst
no information about the key. The one time pad achieves perfect secrecy.
Continued
Mauborgne suggested using a random key that is as long as the message, so
that the key need not be repeated.
In addition, the key is to be used to encrypt and decrypt a single message, and
then is discarded.
Each new message requires a new key of the same length as the new message.
Such a scheme, known as a one-time pad, is unbreakable.
His system works on binary data (bits) rather than letters. The
system can be expressed succinctly as follows
Vernam proposed the use of a running loop of tape that eventually
repeated the key, so that in fact the system worked with a very long
but repeating keyword.
Rotor Cipher
Although one-tme pad is not practical, one step toward more secured
encipherment is rotor cipher.
‘.
Each cylinder has 26 input pins and 26 output pins, with internal wiring that
connects each input pin to a unique output pin.
After each input key is depressed, the cylinder rotates one position, so that the
internal connections are shifted accordingly.
After 26 letters of plaintext, the cylinder would be back to the initial position.
For every complete rotation of the inner cylinder, the middle cylinder
rotates one pin position. Finally, for every complete rotation of the middle
cylinder, the outer cylinder rotates one pin position.
Thus, a given setting of a 5-rotor machine is equivalent to a Vigenère cipher
with a key length of 11,881,376.
Poly-alphabetic Ciphers Summary
14.000
12.000
equiprobable
10.000
unencrypted
8.000
two keys
6.000
four keys
4.000
eight keys
2.000
0.000
A D G J M P S V Y
Frequencies After Polyalphabetic Encryption
14
12
10 Equiprobible
Unencrypted/1 key
8
two keys
6
four keys
4
eight keys
2
0
1 4 7 10 13 16 19 22 25
Transposition Ciphers
A transposition cipher does not substitute one symbol
for another, instead it changes the location of the
symbols.
Topics:
Example
A good example of a keyless cipher using the first method is the
rail fence cipher. The ciphertext is created reading the pattern
row by row. For example, to send the message “Meet me at the
park” to Bob, Alice writes
Alice and Bob can agree on the number of columns and use the
second method. Alice writes the same plaintext, row by row, in a
table of four columns.
Example
3.132
Stream and Block Ciphers
The literature divides the symmetric ciphers into two broad categories:
stream ciphers and block ciphers. Although the definitions are normally
applied to modern ciphers, this categorization also applies to traditional
ciphers.
Topics :
Stream Ciphers
Block Ciphers
Combination
Stream Ciphers
Call the plaintext stream P, the ciphertext stream C, and the key stream K.
Example
We can establish a criterion to divide stream ciphers based on
their key streams. We can say that a stream cipher is a
monoalphabetic cipher if the value of ki does not depend on the
position of the plaintext character in the plaintext stream;
otherwise, the cipher is polyalphabetic.
Continued
harder cipher
this is bridge from classical to modern ciphers
The transposition cipher can be made significantly more secure by
performing more than one stage of transposition. If we apply previous
mapping again:
To visualize the result of this double transposition, designate the letters in the
original plaintext message by the numbers designating their position.
After the first transposition, we have
k1 1 2
k2 2 3
k3 3 4
a b
k1 1 2
k2 2 3
k3 3 4
Summary
have considered:
classical cipher techniques and terminology
monoalphabetic substitution ciphers
cryptanalysis using letter frequencies
Playfair cipher
polyalphabetic ciphers
transposition ciphers
product ciphers and rotor machines
steganography