Classical Cryptographic Techniques DATA Security Lect. #2
Classical CryptographicTechniques
DATA Security
Lect. #2
Homework quiz
Cookies:
Purpose: 1- To identify users and possibly prepare customized web pages for them as they return to a site.
2- It may hold and provide personnel information to the server and other people who query it.
Definition: is a message given to a web browser by a web server. The browser stores the message in a text file on the user’s machine and is sent back to the server each time the browser requests a page from the server.
Wi-Fi:
wireless Fidelity : is a network that has one base station (access point) that controls communications with all of the other wireless nodes connected with that network.
Wi-Fi family:
802.11 refers to a family of specifications developed by IEEE for wireless technology. It specifies an over-the-air interface b/w a wireless client and a base station.
802-11 : a wireless LANs and provides 1 or 2 MBps transmission in the 2.4 GHZ band. 802-11 a: up to 54 MBps in the 5GHz 802-11 b: up to 11 MBps tranmission 802-11 g: up to +20 Mbps in 2.4 GHz band. a family has many more nonoverlapping channels than either 802.11 b or 802.11 g, so more
access point s can be place close togather, giving much more throughput in smaller area.
Symmetric Encryption
also referred to as conventional encryption or single-key encryption.
the universal technique for providing confidentiality for transmitted or stored data
Why?
Purpose:
confidentiality ( from x.800 security service def.) is the protection of transmitted data from passive attacks, and the protection of traffic flow from analysis.
Table 1.6
X.800Security
Mechanisms
Simplified Model of symmetric
Encryption
• Plaintext: This is the original message or data that is fed into the algorithm as input.
• Encryption algorithm: The encryption algorithm performs various
substitutions and transformations on the plaintext.
• Secret key: The secret key is also input to the encryption algorithm. The exact
substitutions and transformations performed by the algorithm depend on
the key.
• Ciphertext: This is the scrambled message produced as output. It depends on the
plaintext and the secret key. For a given message, two different keys will
produce two different ciphertexts.
• Decryption algorithm: This is essentially the encryption algorithm run in reverse. It
takes the ciphertext and the secret key and produces the
original plaintext.
A symmetric encryption ingredients
Symmetric Encryption Requirements
two requirements for secure use:
1. need a strong encryption algorithm. This requirement is usually stated in a stronger form:”The
opponent should be unable to decrypt ciphertext or discoverthe key even if he has a number of ciphertexts together withthe plaintext that produced each ciphertext.
2. sender and receiver must have obtained copies of the secret key in a secure fashion and must keep the key secure. If someone can discover the key and knows the algorithm, all
communication using this key is readable.
Attacking Symmetric Encryption
1-Cryptanalytic attacks
Is the process of attempting to discover the plaintext or key. It rely on:
nature of the algorithm.
some knowledge of the general characteristics of the plaintext
some sample plaintext-ciphertext pairs.
Exploits the characteristics of the algorithm to attempt to deduce a specific plaintext or the key being used. if successful all future and past messages encrypted with that key are compromised.
2- Brute-Force Attack
try all possible keys on some ciphertext until an intelligible translation into plaintext is obtained
on average half of all possible keys must be tried to achieve success.
Attacking Symmetric Encryption
Average Time Required for Key
Exchange
An encryption scheme is computationally secure if :
The cost of breaking the cipher text exceeds the value of the
encrypted information.
The time required to break the cipher exceeds the life time of
the information.
Cryptography Techniques Classification
Generally classified along three independent Dimensions:
1. The type of operations used for transforming plaintext to cipher text in the technique: (substitution, and transposition )
2. The way in which the plaintext is processed :
– Block (cipher one block at a time)
– Stream (cipher the input continuously)
3. The number of keys used :
– Symmetric (single key)
– Public key or asymmetric (two keys)
Block & Stream Ciphers
• processes the input one block of elements at a time
• produces an output block for each input block
• The advantage of a block cipher is that you can reuse keys.
• more common.
Block Cipher
• processes the input elements continuously, produces output one element at a time(byte per byte)
• primary advantage is that they are almost always faster and use far less code
• encrypts plaintext one byte at a time
• pseudorandom stream is one that is unpredictable without knowledge of the input key.
• must never reuse stream key, otherwise can recover messages
Stream Cipher
Block Cipher Encryption
Stream Encryption
Substitution & Transposition
Techniques
• Substitution Encryption: the letters of plaintext are
replaced by other letters or by numbers,
• examples are: (Caesar cipher, Mono-alphabetic, Playfair,
and Vigenere cipher).
• Permutation techniques: performing some
rearrangement on the plaintext letters.• Examples : as Rail Fence algorithm and row transposition.
1-Caesar Cipher Technique
• Each letter of the alphabet is replaced by the letter
stands three places further down the alphabet:
• Note that the alphabet is wrapped around, so that
the letter following Z is A.
• a b c d e f g hi j kl m nopqr st u v w x y z
Plaintext meet me after the party
Ciphertext phhw ph diwhu wkh sduwb
Continue…
• The important characteristics of Caesar technique:
1. The encryption and decryption algorithms are
known.
2. There are only 25 key to try which is far from
security.
3. The language of the plaintext is known
4. Then having Caesar’s Cipher as:
• C = E(P) = (P+ k) mod (26)
• p = D(C) = (C – k) mod (26)
Brute-Force Cryptanalysis
Caesar Cipher
• Rather than just shifting the alphabet
• Could shuffle (jumble) the letters arbitrarily
• Each plaintext letter maps to a different random
cipher text letter.
• hence key is 26 letters long Exampl: Plain: abcdefghijklmnopqrstuvwxyz
Cipher DKVQFIBJWPESCXHTMYAUOLRGZN
Plaintext: ifwewishtoreplaceletters
Cipher text: WIRFRWAJUHYFTSDVFSFUUFYA
2-Monoalphabetic Cipher
Monoalphabetic Cipher Security
• Now have a total of 26! keys
• With so many keys, might think the system is secure
• But would be !!!WRONG!!!
• Problem is the regularities of the language
Language Redundancy and
Cryptanalysis
• Human languages are redundant
• Letters are not equally commonly used
• The English letter e is by far the most common
letters, then l T,R,N,I,O,A,S letters
• Other letters are fairly rare : Z, J, K, Q, X
English Letter Frequencies
Example Cryptanalysis
• Given ciphertext:
UZQSOVUOHXMOPVGPOZPEVSGZWSZOPFPESXUDBMETSXAIZ
VUEPHZHMDZSHZOWSFPAPPDTSVPQUZWYMXUZUHSX
EPYEPOPDZSZUFPOMBZWPFUPZHMDJUDTMOHMQ
• Count relative letter frequencies (see text)
• The most common letters are P & Z and are equivalent to e and t
• The most common Digram are ZW is equivalent to th and hence Z W P is equivalent to: t h e
• Proceeding with trial and error finally get:
it was disclosed yesterday that several informal but
direct contacts have been made with political
representatives of the viet cong in moscow
Use of the English Letter Frequencies in Cryptanalysis
• Key concept - monoalphabetic substitution ciphers do not
change relative letter frequencies.
• Discovered by Arabian scientists in 9th century.
• Calculate letter frequencies for ciphertext.
• compare counts against known values
3- Playfair Cipher
• Not even the large number of keys in a monoalphabeticcipher provides security .
• One approach to improving security was to encrypt multiple letters.
• The Playfair Cipher is an example , invented by Charles Wheatstone in 1854, but named after his friend Baron Playfair .
3- Playfair Cipher (cnt’d)
• A 5X5 matrix of letters based on a keyword.
• Fill in letters of the keyword. Then, fill rest of
matrix with other letters of the plaintext message ( in sorted ascending alphabetic).
• plaintext encrypted/decrypted two letters at a
time:
Playfair Key Matrix
Playfair Key Matrix
Encryption / Decryption
1. if both letters fall in the same row, replace each with letter to right (wrapping back from right to left).
2. if both letters fall in the same column, replace each with the letter below it (again wrapping to top from bottom),
3. Otherwise, each letter is replaced by the one in its row and in the column of the other letter of the pair.
Ex. the keyword is “monarchy”
1. eg. “AR" encrypts as “rm “
if both letters fall in the same row, replace each with the letter to right (wrapping back to start from end).
1. eg. “MU" encrypts to "CM“
if both letters fall in the same column, replace each with the letter below it (again wrapping to top from bottom),
1. eg. “HS" encrypts to "BP", and “ER" to “KM”
Otherwise, each letter is replaced by the one in its row in the column of the other letter of the pair.
M O N A R
C H Y B D
E F G I/J K
L P Q S T
U V W X Z
QUIZ
• Ex: Encrypt and Decrypt
the word “MATRIX” where
the keyword is :
• ” ENJOY HIM”
E N J O Y
H I M A B
C D F G H
K L P R S
T U V W X/Z
Quiz ANSWER
• ENCRYPTION:
• MA= AB & TR= WK & IX= BU
• So, “MATRIX” will encrypted as:
“ABWKBU”
• DECRYPTION:
• “ABWKBU will decrypted as:
• AB = “MA “
• WK= “ TR ”
• BU= “ IX ”
• So “ABWKBU” will decrypted as “MATRIX”
E N J O Y
H I M A B
C D F G H
K L P R S
T U V W X/Z
Security of the Playfair Cipher
• security much improved over monoalphabetic since
have 26 x 26 = 676 digrams
• would need a 676 entry frequency table to analyse
(verses 26 for a monoalphabetic) .
• Was widely used for many years (eg. US & British
military in WW1)
4-Vigenère Cipher
• Simplest polyalphabetic substitution cipher is
the Vigenère Cipher
• Given a key letter Y and a plain text X, the
cipher text letter is at inspection of the row
labelled x and the column labelled y in this
case the cipher text is V (keyword in columns,
plaintext in rows)
• Decryption simply works in reverse:– the plaintext letter is at intersection of the column labelled y , the row
intersect with the place of the column of the ciphertext letter labelled v
How to use Vigenère
1. Write the plaintext out .
2. Write the keyword repeated above it until finishing
the message characters.
3. Use each key letter as a Caesar cipher key
4. Encrypt the corresponding plaintext letter (keyword in
columns, plaintext in rows)
5. Eg. using keyword “deceptive”key: deceptivedeceptivedeceptive
plaintext: “we””are”discovered”save””yourself”
ciphertext: ZICVTWQNGRZGVTWAVZHCQYGLMGJ
the plaintext letter is at intersection of the column labelled y , the row intersect
with the place of the column of the ciphertext letter labelled v
Security of Vigenère Ciphers
• Have multiple ciphertext letters for each
plaintext letter
• Hence letter frequencies are obscured but not
totally lost.
• Start with letter frequencies to see if look
monoalphabetic or not
B-Transposition Ciphers
• Now consider classical transposition or permutation
ciphers.
• These hide the message by rearranging the letter order
without altering the actual letters used.
• Can recognise these since have the same frequency
distribution as the original text
1-Rail-Fence Cipher Technique
•
• The plain text is written down a sequence of columns and then
read off as a sequence of rows.
Example ciphering of “meet me after the party”
• Plaintext with Rail-Fence of depth 2:
• The encrypted message will formed by reading in
rows as:
mematrhpry-etefeteat-
m e m a t r h p r y
e t e f e t e a t -
2-Row Transposition Ciphers
• A more complex scheme.
– Write letters of message out in rows over a specified number of columns.
– Then reorder the columns according to some key before reading off the rows.
• Ex:
– P: “attack postponed until two am xzy”
– 1 2 3 4 5 6 7
- Plaintext: a t t a c k p
o s t p o n e
d u n t i l t
w o a m x y z
- Key : 3 4 2 1 5 6 7
- The reordering: t a t a c k p
t p s o o n e
n t u d i l t
a m o w x y z
- Ciphertext: “tatackp/tpsoone/ntudilt/amowxyz”
3-Product Ciphers
• Ciphers using substitutions or transpositions are not
secure because of language characteristics
• Hence consider using several ciphers in succession to
make harder, but:
– two substitutions make a more complex substitution
– two transpositions make more complex transposition
– but a substitution(permutation) followed by a transposition
makes a new much harder cipher
• This is bridge from classical to modern ciphers