Cryptography -- Classical Styles
Anita Jones
CS451 Information Security
Copyright(C) Anita Jones
9/2006
Overview
IntroductionA security modelWhat is cryptography?Some classical ciphers
from days of olde ……. up to World War II
9/2006
Security problems of interest
confidentiality - protect info content from unwarranted observation
integrity - protect info accuracy availability - ensure information delivery
authentication - assure identity of user (sender) non-repudiation - protect from deniability
access control - control access to info/resources
Policies:
Problems that arise in implementation:
9/2006
Attacks
interception - of information-traffic, breaches confidentiality
interruption - of service, availabilitymodification - of information, i.e. loss of
integrityfabrication - of information, destroys
authenticity
9/2006
Response?
identify key assets evaluate threat posed to assets implement suitable countermeasures manage implementation cryptography is a key technology
Note – not a “perimeter defense” technology
9/2006
Model for cryptography
Principal Principal
Message
SecretInformation
SecurityTransform
SecurityTransform
Message
SecretInformation
Trusted 3rd Party(arbitrates, distributessecret information)
Opponent
Info channel
9/2006
Issues
Transformation algorithmWhat’s the secret information; How to
generate itHow to distribute secret information Protocols -- disciplined interaction
involving all parties
9/2006
What’s cryptographycryptography is the study of secret (crypto-)
writing (-graphy) concerned with developing algorithms which
may be used to: conceal the content of a message from all except
the sender & recipient (secrecy or confidentiality) verify the correctness of a message or its sender
to the recipient (integrity & authentication)
includes protocols solving many problems
9/2006
A few terms
cryptography the art or science of transforming an intelligible
message into one that is unintelligible, and then transforming that message back to original form
plaintext the original intelligible message
ciphertext the transformed message
9/2006
A few terms
cipher an algorithm for transforming an intelligible
message into one that is unintelligible
key critical (secret) information used in the cipher
& known only to the sender & receiver Symmetric – shared Asymmetric – public/private
9/2006
A few terms
encipher (encode) the process of converting plaintext to ciphertext
using a cipher plus key
decipher (decode) the process of converting ciphertext back into
plaintext using a cipher plus key
9/2006
A few terms
cryptanalysis (codebreaking) the study of methods for transforming an
unintelligible message back into an intelligible message without knowledge of the key
code an algorithm for transforming an intelligible
message into an unintelligible message using a code-book
9/2006
Transformations
encryption applying a mathematical function mapping
plaintext to ciphertext using the specified key:
C = EK(P)
decryption applying a mathematical function mapping
ciphertext to plaintext using the specified key:
P = EK-1(C) P = DK(C)
9/2006
More terms
cryptographic system a single parameter family of invertible
transformations with unique inverses where only the key is secret
the cryptographic system is typically made public
keys, of course, are secret
9/2006
Steganography
embed message in innocuous setting
My Special Friend,
Our speaker today in class today is exciting, & I know that the next speaker is even better. I need to report to you that next class the teacher will give the mid-term exam. Well, there is only one mid-term! YEAH!!! That is it for now. I’m awful at writing, but will keep trying ………...
9/2006
Steganography
embed message in innocuous setting
My Special Friend,
Our speaker today in class today is exciting, & I know that the next speaker is even better. I need to report to you that next class the teacher will give the mid-term exam. Well, there is only one mid-term! YEAH!!! That is it for now. I’m awful at writing, but will keep trying ………...
Two crypto techniques
Permutation
Substitution
9/2006
“Staff” cipheran early Greek transposition cipher:
cut a narrow strip of paper long enough to write message
wind it around a staff so that adjacent edges abut write message horizontally down the shaft with a
character on each wrapping unwind
Result: long sequence of seemingly random letters
9/2006
The ole alternation trick
write message letters on alternate rows read off cipher by row
Plain = “I CAME I SAW I CONQUERED”
Plain: I A E S W C N U E C M I A I O Q R D Cipher: IAESW CNUE CMIAI OQRD
9/2006
The ole structured patterns trick
write message letters as a matrix read off cipher by some pattern
Plain: I C A M E I S A W I C O N Q U E R E D A Cipher: diagonals, concentric circle, in and out, etc
9/2006
The ole mirror trick
write the message backwards
Plain: I CAME I SAW I CONQUERED Cipher: DEREU QNOCI WASIE MACI
………and speaking of J. Caesar
Two crypto techniques
Permutation
Substitution
9/2006
Caesar cipher - substitution cipher
Julius Caesar invented to transmit military information -- 2000 years ago
Map each letter to another -- fixed offset -- called the translation alphabet
Alphabets: Plain: A B C D E F G H I J K L M N O P Q R S T UCipher: E F G H I J K L M N O P Q R S T U V W X Y
CipherText: W TI G M E P W T I E O I V G S Q M R K
9/2006
Caesar cipher - substitution cipher
Julius Caesar invented to transmit military information -- 2000 years ago
Map each letter to another -- fixed offset -- called the translation alphabet
Alphabets: Plain: A B C D E F G H I J K L M N O P Q R S T UCipher: E F G H I J K L M N O P Q R S T U V W X Y
CipherText: W TI G M E P W T I E O I V G S Q M R KP = S P E C I A L S P EA K E R C O M I N G
9/2006
Substitution TechniqueEncryption algorithm used in previous slide is C = E(P) = (p + 4) mod(26)
More generally, any shift, k, in range 1:25 C = E(P) = (p + k) mod(26)
Decryption algorithm p = D(C) = (c - k) mod(26)
plaintext letter P (p is its offset into the alphabet of interest; ciphertext letter C (ditto); modulus function mod
9/2006
Cryptanalysis – break Caesar cipher
check out brute force cryptanalysis of a Caesar cipher
What is the Key?What is the Key size?
9/2006
Mono-alphabetic Substitution
Use any permutation of the 26 alphabetic characters 26! (i.e. 4 x 1026) possible keys brute force attack is cheap to execute But, regularities of the language give clues
English, German, Hebrew, Russian – have different characteristics in terms of letter usage
9/2006
Language regularitiescan base cryptanalysis on frequency of letter occurrenceE is most frequent, thenT, R, I, N, O, A, S, then …..rarely are J, K, Q X Z used
E is 25 times more frequent than Q
Strategy (for a “long enough” message) is to guess at letter value based on frequency of appearance in ciphertext
9/2006
Language regularities - example
Ceasar (Mono alphabetic substitution) Alphabets: Plain: A B C D E F G H I J K L M N O P Q R S T UCipher: E F G H I J K L M N O P Q R S T U V W X Y
CipherText: W TI G M E P W T I E O I V G S Q M R KP = S P E C I A L S P EA K E R C O M I N G
P = S P E C I A L S P EA K E R C O M I N G
9/2006
Crypt algorithm developmentearly manuscript -- Abu al-Kindi's "A
Manuscript on Deciphering Cryptographic Messages" published in the 9th century stronger mono-alphabetic ciphers --some used
several replacement symbols for each letter, for common words
nulls were developed in middle ages
9/2006
Algorithm development (cont)Roger Bacon described methods in 1200s Geoffrey Chaucer included several ciphers
in his writings Arabic knowledge of cryptology described in
an encyclopedia in 1412 growing use in European diplomacyLeon Alberti devised a cipher wheel -- more
on that later
9/2006
Poly-alphabetic substitution cipher
attributed to Blaise de Vigenère isobjective: improve security by using multiple
mono-alphabetic substitution alphabets define multiple full alphabet substitutions each letter can be replaced by many others use a key to select which alphabet is used for each
letter of the message i-th letter of key specifies i-th alphabet to use use each alphabet in turn, then repeat
9/2006
Poly-alphabetic example
plaintext S O U N D A L A R M key C I P H E R C I P Hciphertext U W J U H R N I G T A-> ABCDEFGHIJKLMNOPQRSTUVWXYZ C -> CDEFGHIJKLMNOPQRSTUVWXYZAB I -> IJKLMNOPQRSTUVWXYZABCDEFGH P -> PQRSTUVWXYZABCDEFGHIJKLMNO H -> HIJKLMNOPQRSTUVWXYZABCDEFG E -> EFGHIJKLMNOPQRSTUVWXYZABCD R -> RSTUVWXYZABCDEFGHIJKLMNOPQ
'S' uses alphabet 'C' maps to 'U' 'O' uses alphabet 'I' maps to 'W' ’U' uses alphabet 'P' maps to 'J’ etc
9/2006
From letters to binary
Vernam (1918) uses binary, not letters
Ci = pi x ki
pi - ith binary digit of plaintext
ki - ith binary digit of key
Ci - ith binary digit of ciphertext
9/2006
One time padArmy Signal Corp officer, Joseph Mauborgne
improved Vernam cipherUse random key that was truly as long as the
messagecipher output is random -- has no statistical
relationship to plaintextproblem is that sender & receiver need to have
that long key -- different for each message
One time pad – the ultimate substitution technique
9/2006
Rotor Machinesenciphering (& deciphering) is rote, tedious,
and error prone (if done manually)Automation permits multiple (transposition)
stagesRotor Machine consists of
keyboard multiple rotors, each with 26 positions pre-wired
9/2006
Rotor machine
ABC…
Z
MotionFixed wiring
ABCDE…
U
Z
9/2006
Enigma: http://webhome.idirect.com/~jproc/crypto/enigma.html
Simulated deciphering of Enigma using “Turing Bombe”: http://library.thinkquest.org/28005/flashed/timemachine/courseofhistory/bombeapp.shtml
Code machine
9/2006
WW II crypto machines
German Enigma -- three rotors and later more
Japanese Purple -- broken by U.S. Yamamoto planned attack after Pearl Harbor U.S. fleet coming out of Pearl Harbor plans known hundreds of Japanese ships sunk
Next
Block Ciphers
9/2006
Backup Notes cracking polyalph original method developed by Babbage and Kasiski use repetitions in ciphertext to give clues as to period look for same plaintext an exact period apart which results in the same ciphertext of course, could also be random fluke eg.
Plaintext: TOBEORNOTTOBE Key: NOWNOWNOWNOW Ciphertext: GCXRCNACPGCXR
see repeated ciphertext "GCXR" since repeats are 9 chars apart, guess period is 3 or 9 in general find a number of duplicated sequences collect all their distances apart, look for common factors remembering that some will be random flukes and need to be discarded
9/2006
Backup Notes cracking polyalph (2) in order to break a polyalphabetic cipher must 1. determine how many alphabets -- d -- were used: See Kasiski method 2. separate ciphertext into d sections 3. Determine if each as a monoalphabetic value (if not, have a wrong guess) by computing the frequency balance across the cipher text (called an Index of Coincidence) 4. solve each as a monoalphabetic cipher using - frequency distribution, - common double & triple letters - word boundaries
9/2006
IssuesWhat do the attacks on classical
techniques target?
What is a “perfect cipher” and why?
How important is redundancy in cryptology?