Академический Документы
Профессиональный Документы
Культура Документы
Traditional
Symmetric-Key Ciphers
3.1
3-1 Introduction to Symmetric Key Ciphers
3.2
3.1 Continued
3.3
3.1 Continued
3.4
3.1 Continued
3.5
Number of keys in Symmetric Key encipherment
• Ans: ???
3.6
3.1.1 Kerckhoff’s Principle
Based on Kerckhoff’s principle, one should always assume that the adversary knows the
encryption/decryption algorithm.
The resistance of the cipher to attack must be based only on the secrecy of the key.
Key domain is so large that it makes it difficult for the adversary to find the key
3.7
3.1.2 Cryptanalysis
As cryptography is the science and art of creating secret codes, cryptanalysis is the science
and art of breaking those codes.
Needed to learn how vulnerable cryptosystem is
To create better secret codes
3.8
3.1.2 Continued
Ciphertext-Only Attack
Assumption: Eve knows the algorithm
A substitution cipher replaces one symbol with another. Substitution ciphers can be
categorized as:
• Monoalphabetic ciphers or
• Polyalphabetic ciphers.
3.13
3.2.1 Monoalphabetic Ciphers
Note
3.14
3.2.1 Continued
Example 3.1
Example 3.2
3.15
3.2.1 Continued
Additive Cipher
3.16
3.2.1 Continued
Figure 3.9 Additive cipher
Note
3.17
3.2.1 Continued
Example 3.3
Use the additive cipher with key = 15 to encrypt the message “hello”.
Solution
We apply the encryption algorithm to the plaintext, character by
character:
3.18
3.2.1 Continued
Example 3.4
3.19
3.2.1 Continued
Shift Cipher and Caesar Cipher
Historically, additive ciphers are called shift ciphers.
Julius Caesar used an additive cipher to communicate with his
officers.
For this reason, additive ciphers are sometimes referred to as the
Caesar cipher. Caesar used a key of 3 for his communications.
Note
3.21
Cryptanalysis
3.22
3.2.1 Continued
Example 3.5
Eve has intercepted the ciphertext “UVACLYFZLJBYL”. Show how she
can use a brute-force attack to break the cipher.
Solution
Eve tries keys from 1 to 7. With a key of 7, the plaintext is “not very
secure”, which makes sense.
3.23
3.2.1 Continued
Table 3.1 Frequency of characters in English
3.24
3.2.1 Continued
Example 3.6
Solution
3.25
3.2.1 Continued
Multiplicative Ciphers
Note
Example 3.7
What is the key domain for any multiplicative cipher?
Solution
3.27
3.2.1 Continued
Affine Ciphers
3.28
3.2.1 Continued
Example 3.09
The affine cipher uses a pair of keys in which the first key is from Z26*
and the second is from Z26. The size of the key domain is
26 × 12 = 312.
Example 3.10
Use an affine cipher to encrypt the message “hello” with the key pair
(7, 2).
3.29
3.2.1 Continued
Additive inverse of 2 in Z26 is 24
Multiplicative inverse of 7 in Z26* is 15
Example 3.11
Use the affine cipher to decrypt the message “ZEBBW” with the key
pair (7, 2) in modulus 26.
Solution
Example 3.12
The additive cipher is a special case of an affine cipher in which
k1 = 1. The multiplicative cipher is a special case of affine cipher in
which
3.30
k2 = 0.
3.2.1 Continued
Monoalphabetic Substitution Cipher
3.31
3.2.1 Continued
Example 3.13
We can use the key in Figure 3.12 to encrypt the message
The ciphertext is
3.32
Cryptanalysis
3.33
• Size of monoalphabetic substitution cipher is
26!(Almost 4*1026).
• This makes brute force attack really difficult
• However, she can use statistical attack based
on frequency of characters
• Cipher doesn’t change frequency of characters
3.34
3.2.2 Polyalphabetic Ciphers
Autokey Cipher
3.35
• Advantage of hiding frequency of characters
3.37
Cryptanalysis
• Requirement
– Cipher required that not only hide frequency but
also have large key domains
3.38
Playfair Cipher
• Secret key in the cipher is made up of 25
characters arranged in a 5*5 matrix
Example 3.15
Let us encrypt the plaintext “hello” using the key in Figure 3.13.
3.40
• If 2 letters in a pair are same, a bogus letter is inserted to separate
them.
3.41
Cryptanalysis
3.42
3.2.2 Continued
Vigenere Cipher
Key stream is a repetition of an initial secret key stream of length m
Example 3.16
We can encrypt the message “She is listening” using the 6-character
keyword “PASCAL”.
3.43
3.2.2 Continued
Example 3.16
Let us see how we can encrypt the message “She is listening” using
the 6-character keyword “PASCAL”. The initial key stream is (15, 0, 18,
2, 0, 11). The key stream is the repetition of this initial key stream (as
many times as needed).
3.44
• One important difference between Vigenere and
other 2 poly-alphabetic cipher is that Vigenere key
stream doesn’t depend upon plaintext characters.
3.45
3.2.2 Continued
Example 3.17
3.46
A Vigenere Tableau
1st row shows plaintext character to be encrypted
1st column contains characters to be used by key
Eg. plaintext “she is listening”, key “PASCAL”. s in 1st row P in
1st column, cross-section is ciphertext “H”
3.47
Hill Cipher
• Unlike other polyalphabetic ciphers, plain text is
divided into equal sized blocks.
Note
3.50
Inverse of a matrix
• [A:I]->[I:A-1]
R2 -> R1+2R2
R3 -> R1+(-2R2)
3.51
v
3.52
Cryptanalysis
• Brute force is difficult because key is an m*m
matrix
• Matrix can have 1 of 26 values
• At 1st glance, size of key domain is 26m*m
3.53
3.2.2 Continued
Example 3.21
Assume that Eve knows that m = 3. She has intercepted three
plaintext/ciphertext pair blocks (not necessarily from the same
message) as shown in Figure 3.17.
3.54
3.2.2 Continued
Example 3.21 (Continued)
Now she has the key and can break any ciphertext encrypted with
that
3.55
key.
3.2.2 Continued One-Time Pad
A study by Shannon has shown that perfect secrecy can be achieved if each plaintext symbol
is encrypted with a key randomly chosen from a key domain.
In this cipher, key has same length as plaintext and is chosen completely random
• Resistant to brute-force
3.59
3.2.2 Continued
Enigma Machine
3.60
3-3 TRANSPOSITION CIPHERS
A transposition cipher does not substitute one symbol for another, instead it changes the
location of the symbols.
Note
A transposition cipher reorders symbols.
1st method:
write column by column and
read row by row.
A good example of a keyless cipher using the first method is the rail
fence cipher.
For eg “Meet me at the park”
3.62
Ciphertext “MEMATEAKETETHPR”.
3.3.1 Continued
Alice and Bob can agree on the number of columns and use the
second method.
Alice writes the same plaintext, row by row and read column by
column
3.63
3.3.1 Continued
Example 3.24
Transposition cipher:
The 2nd character in the plaintext has moved to the 5th position in the
ciphertext;
The 3rd character has moved to the 9th position; and so on.
Divide the plaintext into groups of predetermined size, called blocks, and then
3.65
3.3.2 Continued
Example 3.25
3.66
3.3.3 Combining Two Approaches
Example 3.26
Figure 3.21
3.67
3.3.3 Continued
Keys
A single key was used in two directions for the column exchange:
downward for encryption, upward for decryption.
3.68
3.3.3 Continued
3.69
3.3.3 Continued
Using Matrices
We can use matrices to show the encryption/decryption process for a
transposition cipher.
Example 3.27
3.70
3.3.3 Continued
Example 3.27
Figure 3.24 shows the encryption process. Multiplying the 4 × 5
plaintext matrix by the 5 × 5 encryption key gives the 4 × 5 ciphertext
matrix.
3.71
• No need to invert the matrix, encryption key matrix
can be simply transposed to get decryption key
matrix
3.72
Cryptanalysis: Combining 2 approaches
• Statistical Attack: Transpositional cipher doesn’t change frequency
of alphabets
.
3.73
• Ciphertext: ” EEMYNTAACTTKONSHITZG”
• Ignore 1, no permutation
• If no of column is 2:
– 2 permutation are (1,2) and (2,1). 1st one means no permutation ,
2nd means divide ciphertext in 2 character units: EE MY NT AA……
– Permute each one, getting EE YM TN….
– Not making any sense
3.74
• If no of column is 4:
– 4! is 24 possible combinations. {1,2,3,4}, no
permutation
– Eve tried other 23 combination but no meaningful
results
• If no of column is 5:
– 5! is 120 possible combinations
– Permutation {2,5,1,3,4} gives meaningful result
– Result: “enemyattacktonightz”
3.75
• Pattern Attack: Keyed transposition cipher has
some pattern, example 3.26
• Pattern is:
(3,8,13,18)
(1,6,11,16)
(4,9,14,19)
(5,10,15,20)
(2,7,12,17)
3.76
3.3.3 Continued
Double Transposition Ciphers
Figure 3.25 Double transposition cipher
3.77
• With double transposition, cryptanalyst can still use
single –letter frequency attack
• Output:
13 16 5 7 3 6 10 20 18 4 10
12 1 9 15 17 8 11 19 2
Conclusion:
No repetitive pattern
Remove irregularities seen before
3.78
3-4 STREAM AND BLOCK CIPHERS
The literature divides the symmetric ciphers into two broad categories:
• stream ciphers &
• block ciphers.
Although the definitions are normally applied to modern ciphers, this categorization also
applies to traditional ciphers.
3.80
3.4.1 Continued
Example 3.30
Additive ciphers can be categorized as stream ciphers in which the key
stream is the repeated value of the key.
However, each value of the key stream in this case is the mapping of
the current plaintext character to the corresponding ciphertext
character in the mapping table.
3.81
3.4.1 Continued
Example 3.32
Vigenere ciphers are also stream ciphers according to the definition.
In this case, the key stream is a repetition of m values, where m is the
size of the keyword. In other words,
Example 3.33
A stream cipher is a monoalphabetic cipher if the value of ki does not
depend on the position of the plaintext character in the plaintext
stream;
Otherwise, the cipher is polyalphabetic.
3.82
3.4.1 Continued
Example 3.33 (Continued)
3.83
3.4.2 Block Ciphers
In a block cipher, a group of plaintext symbols of size m (m > 1) are encrypted together
creating a group of ciphertext of the same size.
Figure 3.27 shows the concept of a block cipher.
3.84
3.4.2 Continued
Example 3.34
Playfair ciphers are block ciphers. The size of the block is m = 2. Two
characters are encrypted together.
Example 3.35
• Hill ciphers are block ciphers. A block of plaintext, of size 2 or more
is encrypted together using a single key (a matrix).
The cipher is a block cipher when looking at the individual blocks, but
It is a stream cipher when looking at the whole message considering each block as a single
unit.
3.86