+ All Categories
Home > Documents > 1 Chapter 2 Advanced Cryptography (Part A) Overview History of cryptography Cryptanalysis.

1 Chapter 2 Advanced Cryptography (Part A) Overview History of cryptography Cryptanalysis.

Date post: 02-Jan-2016
Category:
Upload: kelley-stanley
View: 224 times
Download: 1 times
Share this document with a friend
Popular Tags:
39
1 Chapter 2 Advanced Cryptography (Part A) Overview History of cryptography Cryptanalysis
Transcript
Page 1: 1 Chapter 2 Advanced Cryptography (Part A) Overview History of cryptography Cryptanalysis.

1

Chapter 2 Advanced Cryptography (Part A)

Overview History of cryptography Cryptanalysis

Page 2: 1 Chapter 2 Advanced Cryptography (Part A) Overview History of cryptography Cryptanalysis.

2

What is Cryptography? (review)

Cryptography is the process of converting plaintext into ciphertext to hide information from unauthorized users Plaintext: readable text (also called cleartext) Ciphertext: unreadable or encrypted text

Decryption is the process of converting ciphertext back to plaintext

Page 3: 1 Chapter 2 Advanced Cryptography (Part A) Overview History of cryptography Cryptanalysis.

3

Cryptosystems (review) Cryptosystems provide the following services:

Confidentiality: denies unauthorized parties access to information.

Authenticity: validates the source of the message, to ensure that the sender is properly identified.

Integrity: provides assurance that the message was not modified, accidentally or intentionally.

Nonrepudiation: establishes that a particular sender has sent the message so that they cannot deny having sent the message at a later date.

Different types of messages require higher or lower degrees of one or all of the services. For example …

Page 4: 1 Chapter 2 Advanced Cryptography (Part A) Overview History of cryptography Cryptanalysis.

4

Strength of Cryptosystem (review)

The strength of the algorithm and the secrecy of the key determine how secure the encrypted data is

E.g.: breaking a cryptosystem can be accomplished by a brute force attack

Trying every possible key value until the resulting plaintext is meaningful.

If a key can be broken with a Pentium processor in three hours, the cipher is not strong at all.

If the key can only be broken with the use of a thousand multiprocessing systems over 1.2 million years, then it is pretty strong. Security is relative

Page 5: 1 Chapter 2 Advanced Cryptography (Part A) Overview History of cryptography Cryptanalysis.

5

Chapter 2 Advanced Cryptography (Part A)

Overview History of cryptography Cryptanalysis

Page 6: 1 Chapter 2 Advanced Cryptography (Part A) Overview History of cryptography Cryptanalysis.

6

History of cryptography The first encryption methods date back to

4000 years ago. Some Egyptian hieroglyphics were encrypted

Atbash Cipher a Hebrew cryptographic method the alphabet to be flipped so that each letter in the

original alphabet was mapped to a different letter in the flipped, alphabet.

ABCDEFGHIJKLMNOPQRSTUVWXYZZYXWVUTSRQPONMLKJIHGFEDCBA

e.g.:Encypt “atbash” ?Decrpt “hvxfirgb” ?

Page 7: 1 Chapter 2 Advanced Cryptography (Part A) Overview History of cryptography Cryptanalysis.

7

Scytale Cipher (review)

Scytale cipher 400 B.C. the Spartans Write a message on a sheet of papyrus that was

wrapped around a staff; The papyrus was delivered and wrapped around

a different staff by the recipient; The message was only readable if it was

wrapped around the correct size staff, which would make the letters properly match up

Page 8: 1 Chapter 2 Advanced Cryptography (Part A) Overview History of cryptography Cryptanalysis.

8

Caesar Cipher (review)

Julius Caesar (100–44 B.C.) developed a simpleencryption method -- shifted the alphabet by

threepositions

Standard Alphabet: ABCDEFGHIJKLMNOPQRSTUVWXYZCryptographic Alphabet:DEFGHIJKLMNOPQRSTUVWXYZABC

Example:Encypt “caesar” ?Decrpt “vhfxulwb” ?

Page 9: 1 Chapter 2 Advanced Cryptography (Part A) Overview History of cryptography Cryptanalysis.

9

Substitution Cipher (review)

Both Atbash cipher and Caesar Cipher are substitution cipher, because each character is replaced with another character.

Monoalphabetic substitution cipher: uses only one alphabet,

Polyalphabetic substitution cipher: uses multiple alphabets

Q1. Can you formulate them use mathematically?Hint: integers 0 – 25 represent 26 characters;

m: message / plaintext, c: cipher text;encryption: c = E(m) = ?decryption: m = D(c) = ?

Q2. Is Scytale cipher a substitution cipher?

Page 10: 1 Chapter 2 Advanced Cryptography (Part A) Overview History of cryptography Cryptanalysis.

10

Transposition Cipher (review)

Transposition Cipher: rearrange letters in plaintext

to produce cipher text Scytale cipher is a transposition cipher Rail-Fence cipher is another transposition cipher

Plaintext is HELLO WORLD Encryption: c = E(m) HLOOL

ELWRD

HLOOLELWRD Describe decryption process: m = D(c) = ?

Page 11: 1 Chapter 2 Advanced Cryptography (Part A) Overview History of cryptography Cryptanalysis.

11

Vigenère Cipher The Vigenère cipher is a method of

encryption that uses a series of different Caesar ciphers based on the letters of a keyword.

Appears to be unbreakable.

The Vigenère cipher has been reinvented many times.

The method was originally described by Giovan Batista Belaso in his 1553 book La cifra del. Sig. Giovan Batista Belaso

However, the scheme was later misattributed to Blaise de Vigenère in the 19th century, and is now widely known as the "Vigenère cipher".

Page 12: 1 Chapter 2 Advanced Cryptography (Part A) Overview History of cryptography Cryptanalysis.

12

Terms in Vigènere Cipher

Vigènere table: a table used to encipher and decipher

Vigènere cipher has key letters on top, plaintext

letters on the left. There are 27 shift alphabets Vigènere cipher is a polyalphabetic substitution cipher.

In contrary, Caesar cipher is a monoalphabetic substitution cipher

Key is used with Vigènere table in encryption / decryption

Page 13: 1 Chapter 2 Advanced Cryptography (Part A) Overview History of cryptography Cryptanalysis.

13

The Vigènere Table

G I VA G I VB H J WE L M ZH N P CL R T GO U W JS Y A NT Z B OY E H T

A mini exampleEncryption:A key letter V, and a plaintext letter T follow V column down to T row “O”

Decryptioin:A key letter V, and aciphertext letter O “T”

Page 14: 1 Chapter 2 Advanced Cryptography (Part A) Overview History of cryptography Cryptanalysis.

14

Vigènere Cipher Example

If the message is longer than the key, the key repeats itself E.g. 1: Key: LEMON

Encrypt plaintext: ATTACKATDAWN

Key L E M O N L E M O N L E

m A T T A C K A T D A W N

c

E.g.2, Decrypt ciphertext: P R U U Z L

Q: How to represent Vigènere Cipher in formula?

(Hint: encryption / decryption is done character by character)

Page 15: 1 Chapter 2 Advanced Cryptography (Part A) Overview History of cryptography Cryptanalysis.

15

Exercise

1) Encrypt a plaintext with the key “lucky”c o m p u t i n g g i v e s i n s i g h t

2) Decrypt a ciphertext with the key “vector”o l k l w j v r g q o d k p g h t k c i x b u v i i t x q z k l g

k

Page 16: 1 Chapter 2 Advanced Cryptography (Part A) Overview History of cryptography Cryptanalysis.

16

Chapter 2 Advanced Cryptography (Part A)

Overview History of cryptography Cryptanalysis

Page 17: 1 Chapter 2 Advanced Cryptography (Part A) Overview History of cryptography Cryptanalysis.

17

Cryptanalysis

Cryptanalysis is the science of studying and breaking the secrecy of encryption processes, compromising authentication schemes, and reverse-engineering protocols. All previously introduced ciphers have been

broken.

Basic methods: Statistical analysis Exhaustive search key space

Page 18: 1 Chapter 2 Advanced Cryptography (Part A) Overview History of cryptography Cryptanalysis.

18

Statistical analysis

Each character has a certain frequency. A.k.a. 1-gram model of English

a 0.080 h 0.060 n 0.070 t 0.090

b 0.015 i 0.065 o 0.080 u 0.030

c 0.030 j 0.005 p 0.020 v 0.010

d 0.040 k 0.005 q 0.002 w 0.015

e 0.130 l 0.035 r 0.065 x 0.005

f 0.020 m 0.030 s 0.060 y 0.020

g 0.015 z 0.002

Page 19: 1 Chapter 2 Advanced Cryptography (Part A) Overview History of cryptography Cryptanalysis.

19

Statistical Analysis (1)

f(c) frequency of character c in ciphertext

p(x) is frequency of character x in English

(i) correlation of frequency of letters in ciphertext with corresponding letters in English, assuming key is i

(i) = 0 ≤ c ≤ 25 f(c)p(c – i)

Page 20: 1 Chapter 2 Advanced Cryptography (Part A) Overview History of cryptography Cryptanalysis.

20

Statistical Attack (2)

E.g., a Caesar cipher : KHOOR ZRUOG

step 1: Compute frequency of each letter in ciphertext:

G 0.1 H 0.1 K 0.1 O 0.3

R 0.2 U 0.1 Z 0.1

Step 2: Compute correlation for key i

(i) = 0.1p(6 – i) + 0.1p(7 – i) + 0.1p(10 – i) + 0.3p(14 – i) + 0.2p(17 – i) + 0.1p(20 – i) + 0.1p(25 – i)

Page 21: 1 Chapter 2 Advanced Cryptography (Part A) Overview History of cryptography Cryptanalysis.

21

Correlation: (i) for 0 ≤ i ≤ 25

i (i) i (i) i (i) i (i)

0 0.0482 7 0.0442 13 0.0520 19 0.0315

1 0.0364 8 0.0202 14 0.0535 20 0.0302

2 0.0410 9 0.0267 15 0.0226 21 0.0517

3 0.0575 10 0.0635 16 0.0322 22 0.0380

4 0.0252 11 0.0262 17 0.0392 23 0.0370

5 0.0190 12 0.0325 18 0.0299 24 0.0316

6 0.0660 25 0.0430

Page 22: 1 Chapter 2 Advanced Cryptography (Part A) Overview History of cryptography Cryptanalysis.

22

The Result

Step 3: find the most probable keys, based on : i = 6, (i) = 0.0660

plaintext EBIIL TLOLA i = 10, (i) = 0.0635

plaintext AXEEH PHKEW i = 3, (i) = 0.0575

plaintext HELLO WORLD i = 14, (i) = 0.0535

plaintext WTAAD LDGAS

The only valid English phrase is for i = 3. That’s the key (3 or ‘D’)

Page 23: 1 Chapter 2 Advanced Cryptography (Part A) Overview History of cryptography Cryptanalysis.

23

Exhaustive search

Exhaustive search If the key space is small enough, try all possible

keys until you find the right one

Q 1: How large is the key space in Caesar cipher ?

Q2: If we use exhaustive search, what is the expected number of trials when breaking Caesar cipher?

Q3: How about the key space of Vigènere Cipher?

Q4: How to break Vigènere Cipher?

Page 24: 1 Chapter 2 Advanced Cryptography (Part A) Overview History of cryptography Cryptanalysis.

24

Attacking Vigènere Cipher

– Vigenere ciphers were regarded by many as practically unbreakable for 300 years.

– In 1863, a Prussian major named Kasiski proposed a method for breaking it.

– This method was not in fact invented by Kasiski but instead by Charles Babbage;

– Babbage's discovery was used to aid English military campaigns, and was not published until several years later; as a result credit for the development was instead given to Friedrich Kasiski

Page 25: 1 Chapter 2 Advanced Cryptography (Part A) Overview History of cryptography Cryptanalysis.

25

Statistical analysis of Vigènere Cipher

1. Establish period n (the length of key)

2. Break cipher into n parts, each part being enciphered using the same key letter

3. Solve each part leverage one part from another

We want to break this cipher:ADQYS MIUSB OXKKT MIBHK IZOOOEQOOG IFBAG KAUMF VVTAA CIDTWMOCIO EQOOG BMBFV ZGGWP CIEKQHSNEW VECNE DLAAV RWKXS VNSVPHCEUT QOIOF MEGJS WTPCH AJMOCHIUIX

Page 26: 1 Chapter 2 Advanced Cryptography (Part A) Overview History of cryptography Cryptanalysis.

26

Step 1. Establish Period n

Important observation: Repetitions in the ciphertext occur when characters of the key appear over the same characters in the plaintext

e.g.

Key VIGVIGVIGVIGVIGVplain THEBOYHASTHEBALL

cipher OPKWWECIYOPKWIRG

Page 27: 1 Chapter 2 Advanced Cryptography (Part A) Overview History of cryptography Cryptanalysis.

27

Repetitions in this example cipher

Letters Start End Distance

Factors

MI 5 15 10 2, 5

OO 22 27 5 5

OEQOOG 24 54 30 2, 3, 5

FV 39 63 24 2, 2, 2, 3

AA 43 87 44 2, 2, 11

MOC 50 122 72 2, 2, 2, 3, 3

QO 56 105 49 7, 7

PC 69 117 48 2, 2, 2, 2, 3

NE 77 83 6 2, 3

SV 94 97 3 3

CH 118 124 6 2, 3

Page 28: 1 Chapter 2 Advanced Cryptography (Part A) Overview History of cryptography Cryptanalysis.

28

Estimate of Period n

A long repetition “OEQOOG” and “MOC” are probably not coincidence

Their distances are 30 and 72. The greatest common divisor of 30 and 72 is 6.

many other shorter repetitions have 2 and 3 in their factors

Thus the estimate period n = 6 Verify Period n by Friedman test (we skip this part)

Page 29: 1 Chapter 2 Advanced Cryptography (Part A) Overview History of cryptography Cryptanalysis.

29

Step 2: Break cipher into n parts

Key-1: AIKHOIATTOBGEEERNEOSAIKey-2: DUKKEFUAWEMGKWDWSUFWJUKey-3: QSTIQBMAMQBWQVLKVTMTMIKey-4: YBMZOAFCOOFPHEAXPQEPOXKey-5: SOIOOGVICOVCSVASHOGCCKey-6: MXBOGKVDIGZINNVVCIJHH

Page 30: 1 Chapter 2 Advanced Cryptography (Part A) Overview History of cryptography Cryptanalysis.

30

Statistical Analysis each part

Counting characters in each partABCDEFGHIJKLMNOPQRSTUVWXYZ

1. 310040113010013001120000002. 100222100130100000104040003. 120000002011400040130210004. 211022010000104310000002115. 105000212000005000300200006. 01110022311012100000030101

Compare with unshifted alphabet frequencies in English:

HMMMHMMHHMMMMHHMLHHHMLLLLL

Page 31: 1 Chapter 2 Advanced Cryptography (Part A) Overview History of cryptography Cryptanalysis.

31

Solve each part (2)

First part: matches characteristics of unshifted alphabet A A

Third part : I A Sixth part : V A

Substitute into ciphertext:ADIYS RIUKB OCKKL MIGHK AZOTO EIOOL IFTAG PAUEF VATAS CIITW EOCNO EIOOL BMTFV EGGOP CNEKIHSSEW NECSE DDAAA RWCXS ANSNP HHEUL QONOF EEGOS WLPCM AJEOC MIUAX

Page 32: 1 Chapter 2 Advanced Cryptography (Part A) Overview History of cryptography Cryptanalysis.

32

Solve each part (3) further analysis

AJE in last line suggests “ARE”, meaning second alphabet maps A into S:

ALIYS RICKB OCKSL MIGHS AZOTO

MIOOL INTAG PACEF VATIS CIITE

EOCNO MIOOL BUTFV EGOOP CNESI

HSSEE NECSE LDAAA RECXS ANANP

HHECL QONON EEGOS ELPCM AREOC

MICAX

Page 33: 1 Chapter 2 Advanced Cryptography (Part A) Overview History of cryptography Cryptanalysis.

33

Solve each part (4) further analysis

MICAX in last line suggests “mical” (a common ending for an adjective), meaning fourth alphabet maps O into A:

QI means that U maps into I, as Q is always followed by U:

ALIMS RICKP OCKSL AIGHS ANOTO MICOL INTOG PACET VATIS QIITE ECCNO MICOL BUTTV EGOOD CNESI VSSEE NSCSE LDOAA RECLS ANAND HHECL EONON ESGOS ELDCM ARECC MICAL

Page 34: 1 Chapter 2 Advanced Cryptography (Part A) Overview History of cryptography Cryptanalysis.

34

Got It!

ALIME RICKP ACKSL AUGHS ANATO MICAL INTOS PACET HATIS QUITE ECONO MICAL BUTTH EGOOD ONESI VESEE NSOSE LDOMA RECLE ANAND THECL EANON ESSOS ELDOM ARECO MICAL

Note that: Vigenere cipher is easy to break by hand. However, the principle of cryptanalysis hold for more complex ciphers that can be implemented only by computer.

Page 35: 1 Chapter 2 Advanced Cryptography (Part A) Overview History of cryptography Cryptanalysis.

35

The War Machines: The Purple Machine

The Purple Machine is developed and used by the Japanese during World War II

Employed techniques discovered by Herbert O. Yardley The code was broken by William Frederick Friedman

Known as the “Father of U.S. Cryptanalysis”

Page 36: 1 Chapter 2 Advanced Cryptography (Part A) Overview History of cryptography Cryptanalysis.

36

The War Machines: Enigma

Enigma is developed by Arthur Scherbius

Used by the Germans during World War II

Enigma substituted each letter typed by an operator

Substitutions were computed using a key and a set of switches or rotors

The code was broken first by a group of Polish cryptographers

The machine for breaking the code was called the “Bombe”

Page 37: 1 Chapter 2 Advanced Cryptography (Part A) Overview History of cryptography Cryptanalysis.

37

Design of Enigma Machine

An electrical voltage applied to the Q terminal on the toprow will appear at the L terminal on the bottom row.

Page 38: 1 Chapter 2 Advanced Cryptography (Part A) Overview History of cryptography Cryptanalysis.

38

How to use the Enigma machine?

1. The originator configures the Enigma machine to its initial settings;

1. Type in the first letter of the message, and the machine would substitute the letter with a different letter;

The encryption was done by moving the rotors a predefined number of times

2. Advance the rotors and enter the next letter.

Each time a new letter was to be encrypted, the operator would advance the rotors to a new setting.

Page 39: 1 Chapter 2 Advanced Cryptography (Part A) Overview History of cryptography Cryptanalysis.

39

Mechanism of the Enigma Machine

The chosen substitution for each letter was dependent upon the rotor setting

Assumption: the operators at each end needed to know the key - the initial setting, which is the crucial

and secret part of this process And how to advanced the rotors when

encrypting and decrypting a message


Recommended