1 / 76

CHAPTER 3: CLASSIC CRYPTOGRAPHY

CHAPTER 3: CLASSIC CRYPTOGRAPHY Motivation : Information in any form, written, typed, or electronic is subject to disclosure, modification, and/or misuse since it is readily human readable.

kana
Télécharger la présentation

CHAPTER 3: CLASSIC CRYPTOGRAPHY

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. CHAPTER 3: CLASSIC CRYPTOGRAPHY Motivation: Information in any form, written, typed, or electronic is subject to disclosure, modification, and/or misuse since it is readily human readable. Need: Methods for providing secret communication to protect information in any state (during processing, while stored, or in transit). This also implies the need to be able to recover and read secret communications. Cryptology & Classic Cryptography

  2. CRYPTOLOGY Secret communications means: Cryptology : from the Greek Crypto meaning secret or hidden, and ology meaning doctrine, theory, or science Two major divisions: Cryptography & Cryptanalysis Cryptology & Classic Cryptography

  3. Cryptography & Cryptanalysis Cryptography - communications in the presence of Adversaries: Methods that turn ordinary text (plaintext) into unreadable ciphertext. Only unreadable as long as an adversary cannot invert (recover) the information Cryptanalysis - recovering plaintext from ciphertext Methods that recover plaintext from ciphertext and/or methods to forge ciphertext so it appears to be authentic Cryptology & Classic Cryptography

  4. Conventional Cryptology X’ Cryptanalyst K’ Source Destination Now is the time for all.. ………. ... country Now is the time for all.. ………. ... country X Encryption Algorithm Decryption Algorithm X Y Ciphertext Message Plaintext Message Plaintext Message K K K Key Source Secure Distribution Channel Cryptology & Classic Cryptography

  5. Conventional Cryptography - Ground Rules Assumptions about the cryptographic environment 1. Adversary has access to the ciphertext 2. Adversary knows the encryption algorithm 3. Secret key is conveyed over a secure channel and is unavailable to the attacker. 4. The plain message is composed of random characters. 5. The key is composed of random characters. Any of these can fail and make the job harder, or easier, but these rules form the basis for modern cryptography. Cryptology & Classic Cryptography

  6. Conventional Cryptography - Ground Rules Access to ciphertext & knowledge of algorithm are based on many years of real experience - can’t be avoided. If the secret key is not protected all is lost since the adversary has the same information as the legitimate receiver. Cryptology & Classic Cryptography

  7. Conventional Cryptography - Ground Rules Randomizing the plaintext is non-obvious since any message contains structure - trouble is, it is the structure that makes the encrypted message recoverable if the encryption does not randomize the plaintext as part of the process. Randomizing the key is more obvious, since non-random keys reduce the key space and give clues to key recovery. Cryptology & Classic Cryptography

  8. Methods for Information Hiding - 2 Main Forms Steganography - literally meaning covered writing and depends on hiding the very existence of a secret message from an adversary. Cryptography - uses an algorithm and key to transform a message into an unreadable form that can only be inverted by using the same key and running the algorithm backwards. It is also possible (as usual) to combine methods. Cryptology & Classic Cryptography

  9. Steganography - Classical Hides the message using a secret algorithm. Knowing the algorithm typically breaks the secret. Examples: Greeks used wax covered tablets, hidden tattoos; Microdots, the size of a period, hidden in a letter; Invisible ink, revealed by chemicals or intense light; Selected characters (e.g., first letter of each word, or letters that have been perforated by a pin). Primary problem is algorithmic secrecy. Is seeing renewed interest in electronic systems. Cryptology & Classic Cryptography

  10. Steganography - Modern Types: Injection – message embedded in another message. Substitution – message replaces existing information. Injection: File contents that are usually ignored when displayed – such as hidden fields in html pages. Substitution: Least significant bit of every pixel in a complex graphics image is used. At 2048 x 2048 x 24 bits (x,y, and color), using 1 bit of the 24 affords a 4.19 Mbit or 524 kByte message space in each each image. Cryptology & Classic Cryptography

  11. Steganography - Modern Could use options field in IP header to carry message w/o options flag set. Then use special software to read The options field in multiple packets = message. Requires special, but not difficult, programming and may have high overhead. Many, many possibilities – limited only by creativity! Cryptology & Classic Cryptography

  12. Steganography - Tools S-tools – Puts message in least significant bits (lsb) of .bmp image files. ftp://idea.sec.dsi.unimi.it/pub/security/crypt/code/ s-tools4.zip http://members.tripod.com/steganography/stego/ software.html MP3 stego – hides messages in mpeg files. S-Mail – hides messages in .exe and .dll files. Invisible secrets – hidden in banner ads on web sites. Stash – hides messages in several image types. Cryptology & Classic Cryptography

  13. Detecting Use of Steganography Normal bmp files have few duplicate colors. A bmp with an embedded message has many. So….Search for duplicates or near duplicates Use file size signatures in well-known .exe, .dll files and compare to the suspect files. Reported as being used by Al Qaida (also has been denied)! Truth is unclear – but there is renewed interest. Cryptology & Classic Cryptography

  14. Cryptography - Formally Has 3 finite sets: Plaintext space P, Ciphertext space C, and Key space K. Two functions: Encryption e  E and Decryption d  D such that: For each k  K there is an encryption rule e  E such that: f(ek) = P  C or C = ek(P) Key k used to encrypt (e) a plaintext P, produces ciphertext C Cryptology & Classic Cryptography

  15. Cryptography - Formally Decryption: for each k  K there is a decryption rule d  D such that: dk : C  P or P = dk(C) Key k used to decrypt (d) a ciphertext C, produces a plaintext P. ek & dk are inverses of each other for all p  P and k  K such that: dk(ek(p)) = p for every plaintext element p  P. Cryptology & Classic Cryptography

  16. Cryptography - Rich and Lengthy History 1900 BC - Non-standard Egyption hierogliphs 1700 BC - Clay of Phaistos still unrecovered 600 BC - Book of Jeremiah encoded 60 BC - Caesar used encryption for communication 790 AD - First writing (known by reference, never found) 1200 AD - Roger Bacon describes several methods 1518 AD - First printed book on cryptography 1861 AD - 1st U. S. patent issued 1927 AD - Used during prohibition by criminals 1942 AD - Used to read axis messages (Germany/Japan) 1976 AD - Public key Cryptography invented 1977 AD - Public key algorithm reduced to practice Cryptology & Classic Cryptography

  17. Classical Cryptography Three major methods (algorithms): Substitution - Plaintext symbols are replaced with ciphertext symbols using a substitution algorithm. (e.g., if A=T, T = X, then AT = TX). Transposition - Plaintext symbols are permuted (re-arranged) using a permutation algorithm. (e.g., if position 1=position 2, position 2 = position 1, then AT = TA) Product - Uses alternate steps of substitution and transposition. Cryptology & Classic Cryptography

  18. Substitution Ciphers Monoalphabetic - Each symbol of the plaintext alphabet is mapped into a single ciphertext symbol (Caesar cipher). Homophonic - Each symbol is mapped into one of several possible ciphertext symbols (or reverse) (Playfair). Polyalphabetic – Each symbol is mapped into a cipher symbol as in the mono case, but the substitution changes For every symbol (variable substitution) (Vigenère). Polygram - Symbol groups in plaintext are substituted for symbol groups in ciphertext (Hill). Cryptology & Classic Cryptography

  19. Monoalphabetic Substitution Ciphers The keyspace is the set of all permutations on {0, 1, 2, ….,25}. For a given key  and algorithm Ek(P) = C: E(x1x2, ….xn) = (x1)(x2) ….. (xn), and D(y1y2…..yn) = -1(y1)  -1(y2)…..  -1(yn) Caesar: C = Ek(P) = (P + k) mod 26 Where: C = Ciphertext symbol, P = Plaintext symbol k = 0 < k < 26, E = (P+k)mod 26 Cryptology & Classic Cryptography

  20. Caesar Cipher The symbol:key relationship is defined numerically: A B C D E F G H I J K L M N O P Q R S 0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 T U V W X Y Z 19 20 21 22 23 24 25 Suppose K = 11, P = wewillmeetatmidnite Algorithm is (P + k)mod 26 Text = 22 4 22 8 11 11 12 4 4 19 0 19 12 8 3 13 8 6 7 19 Add 11 7 15 7 19 22 22 23 15 15 4 11 4 23 19 14 24 19 17 18 4 Cipher = H P H T W W X P P E L E X T O Y T R S E Cryptology & Classic Cryptography

  21. Monoalphabetic Ciphers Graphically, the Caesar cipher, for k = 3 is: Z A Y B X C W D E V F U G T H S I R J Q K L P O M N Cryptology & Classic Cryptography

  22. Monoalphabetic Ciphers Decryption: P = Dk(C) = (C - k) mod 26 Easily broken. Since k is the key, there are only 26 possible keys and each one could be tried. Example: for k = 3. P: we will attack at dawn through the left flank C: zh zloo dwwdfn dw gdzq wkurxk wkh ohiw iodqn Cryptology & Classic Cryptography

  23. Brute Force Decryption Key tryMessage produced 1 gy yknn cvvcem cv feyp vtqwj vjg nghv hncpm 2 xf xjmm buubdl bu edxo uispvi uif mfgu gmbol 3 we will attack at dawn through the left flank 4 ……… 5 …… . 25 ai ampp exxego ex hear xlvvsyl xli pijx jpero Another method uses the frequency of occurrence of letters in the English alphabet (if the message is in English). E is the most common character in frequency of appearance in the English language. Cryptology & Classic Cryptography

  24. Frequency of Occurrence Common libraries exist for single, double, triple, etc. occurrences in a particular language. Simplifies the guesswork. Cryptology & Classic Cryptography

  25. Early Substitution Ciphers - Atbash Used by the Hebrews ~ 500B.C. in the Bible (Jeremiah 25) . Substitutes by position: first letter for last, second for next-to-last (A-Z, B-Y, etc.). Cryptology & Classic Cryptography

  26. Early Substitution Ciphers - Polybius Polybius Checkerboard ~ 205-123 B.C. substitutes numbers for letters. R = 42 T = 44 Polybius = 35 34 31 54 12 24 45 43 Cryptology & Classic Cryptography

  27. Monoalphabetic Ciphers - More Playfair - Charles Wheatstone 1854 Multiple letter encryption mapping two letters into a two cipher letters. Masks the symbol frequency better than simpler ciphers. Used by British in the Boer War, WWI, and to some extent in WWII. Maps letters into a 5 x 5 matrix (Z is omitted) and follows three rules. The matrix is populated and both ends know the mapping. Cryptology & Classic Cryptography

  28. Playfair Mapping is a spiral starting at lower-right corner. Cryptology & Classic Cryptography

  29. Playfair Rules • Arrange plaintext into pairs. If a double letter (e.g., tt) • Insert an X. If an odd number, insert an X pad at the end. • If pair is in same row, cipher pair is two letters to the • right wrapped to left column (IG = HF; XB = QL). • 2. If pair is in same column, cipher pair is below, wrap to • top (FQ = SP; UN = VH; FS = SR). • 3. If pair is at corners of a rectangle of letters, 1st encrypts • to corner of same row, 2nd to corner in its row • (EK = IC; UR = SV; AI = ME). Cryptology & Classic Cryptography

  30. Playfair Example Plain = ME Rx RI LY WE RO Lx LA LO NG Cipher = AI YQ KF XK BH YP WQ BM XM OH Cryptology & Classic Cryptography

  31. Monoalphabetic Ciphers - Hill Hill - Lester Hill 1929 Multiple letter substitution like Playfair, but substitutions are designed to further mask statistics (flatten) in the original text. By this time, they are getting much better. Cryptology & Classic Cryptography

  32. Polyalphabetic Ciphers Instead of a fixed substitution, the encrypting alphabet is changed as symbols are encrypted. The key may be in the form of a numeric matrix or a text passphrase. For each symbol in the plaintext, the corresponding symbol in the matrix or passphrase is used to determine the shift that is used to determine the cipher character. Vigenère cipher function f(a) = (a + ki)mod n See Stallings, pages 40-43. Cryptology & Classic Cryptography

  33. Vigenère Autokey Ciphers In autokey, a priming key is used to initiate encryption. The key may be a single letter or a text passphrase. For each symbol in the plaintext, the corresponding symbol in the column of the tableau is used to locate the letter in the row labeled by the key to determine the cipher character. For a priming key K: Plaintext: ALL THE FINE YOUNG CANNIBALS Key: KAL LTH EFIN EYOUN GCANNIBALS Cipher: KLW EAL……… Cryptology & Classic Cryptography

  34. Transposition Ciphers Rearranges plaintext to form the ciphertext without Substituting symbols. Instead, they are transposed. Classically done using a geometric figure as a template (e.g., rail fence, 2-D rectangle, 3-D cube, etc.). Rail fence: Text = meet me for the drop at noon tomorrow m e m f r h d o a n o t m r o (easy to see) e t e o t e r p t o n o o r w But complex geometry and multi-level encryption Can mask the statistics of the plaintext message. Cryptology & Classic Cryptography

  35. Product Ciphers Combination of substitution and transposition - German ADFGX cipher used in WW1 (2 step process). 1: Transpose one plaintext character into a limited set of 2-character symbols (the inner matrix can be changed): A D F G X A n b x r u D q o k d v F a h s g f G m z c l t X e i p j w Cryptology & Classic Cryptography

  36. ADFGX Cipher M: forced to retreat ten km to abbeville few casualties A D F G X A n b x r u D q o k d v F a h s g f G m z c l t X e i p j w forced becomes: f = FX; o = DD; r = AG; c = GF; e = XA; d = DG = FXDDAGGFXADG Cryptology & Classic Cryptography

  37. Product Ciphers – ADFGX (contd.) Step 2 = transposition using a sequence of numbers between 1 & 20 arranged in scrambled order (with order changed as often as needed). Example key (the numbers): 8 9 14 7 19 13 16 1 15 6 3 10 17 2 20 5 11 18 4 12 F X D D A G G F X A D G G X D D A G X A G X A G X A F A G X G X X A A A D F G A G X D D F A A D A D X A D X X D G G G G X A F X X A X X G F F A F F A X F A G G G X X D X A F F For: “forced to retreat ten km to abbeville few casualties” Cryptology & Classic Cryptography

  38. Product Ciphers - ADFGX (contd) Output is taken a column at a time from the transpose matrix in numeric order (i.e., 1,2,3, etc) and blocked in five character groups. For the message on the previous slide (forced to retreat ten km to abbeville few casualties): FADXF XAXFD GFXFG GGDAD XAXDF DGDXD FGGXG XXXAX GXAAA DGFAA GGGAA AADAD FXXGA GGFAX FGXDF GFGAA XFXXD AXA Not very strong. A Frenchman broke it in 3.5 months. Later the code was changed - took 24 hours to break. Cryptology & Classic Cryptography

  39. Cipher Machines Jefferson Cylinder - 1790, Wheatstone Disk - 1817, Enigma- 1930’s (Germany WWII code). Rotor machines with multiple cylindrical rotors, each with 26 input lines, and 26 output lines. Each input line is connected to an output line producing a simple substitution cipher (e.g., a in, t out). For each input character typed, the rotor advances. This is a polyalphabetic cipher with a repeating cycle of 26. Relatively easy to break. Cryptology & Classic Cryptography

  40. Cipher Machines Now make the output of each stage, the input to the next stage up to n stages. As each stage cycles through 26 positions, the next stage cycles by one position. A 2-stage, 26 character system presents 26 x 26 = 676 combinations before repeating. Harder to break. Cryptology & Classic Cryptography

  41. Cipher Machines Adding stages makes the problem difficult. For example: Number of Stages Repetition Frequency (N) (Characters) 1 261 = 26 2 262 = 676 3 263 = 17,576 4 264 = 456,976 5 265 = 11,881,376 Enigma had 3 and 4 rotor versions. Cryptology & Classic Cryptography

  42. The Enigma Machine First developed in 1923 as a commercial product. German military noticed and withdrew it from market and made further improvements. Message is typed on a keyboard. Each letter is passed to a series of rotors that scramble the input and produce a different character as output. Output indicator is a lamp. The character is read by an operator and sent out in Morse code. Cryptology & Classic Cryptography

  43. Reflector Moving Rotors C Q K X Scrambler S N N Y Lamp Board N Keyboard Q Cryptology & Classic Cryptography

  44. The Enigma Scrambler Unit 1st design used three rotors/no reflector rotor. Input was on the left and output came out on the right. To decrypt, the input and outputs had to be reversed so the reflector rotor was added to avoid this problem. Could encrypt or decrypt without changing anything. Keyboard - 26 letters Lamp Board - 26 indicator lamps Scrambler - 3 rotating wheels on a common shaft Plugboard (not shown) - 5-13 plug (cable) Cryptology & Classic Cryptography

  45. The Rotors 26 positions, one per character. Characters were printed on an external ring mounted on the rim of the rotor. Rotors could be independently positioned by the operator (i.e., 26 x 26 x 26 possible initial conditions ). C D E F G H I J K A B C D E F G H I N O P Q R S T U V Cryptology & Classic Cryptography

  46. The Rotors The three rotors were called the fast, medium, and slow rotors in accordance with their speed of advancement. Used because the initial setting alone was not secure. The initial setting would only implement a variable Caesar shift cipher and determining the shift for an initial setting would be simple since the encrypted letter frequency would reveal the plaintext. Cryptology & Classic Cryptography

  47. The Rotors To secure the method, each time a key was pressed, the first rotor advanced one position. This caused the encryption to vary with each key stroke. This is a polyalphabetic cipher. After the first rotor got to a certain position, it would cause the middle rotor to advance one position. This was caused by a notch/pin that moved the next rotor. The pin could be moved to vary when the rotor advanced (from 1 to 26 positions). Cryptology & Classic Cryptography

  48. Rotor Advancement After the second rotor advanced by 26 positions, the third rotor advanced one position. However, the mechanics were such that the advance of the 3rd rotor also caused an advance of the middle rotor. Without this feature a total of 263 = 17,576 characters were possible before repeating. This feature caused the rotor to skip a position for every step of the slow rotor reducing the combination by 676 (26 x 26) due to lost positions. This further confused the British. Cryptology & Classic Cryptography

  49. Rotor External Ring Settings External ring settings on each rotor could be changed. The rotor was removed, adjusted, and re-inserted. This altered the position of the notch/pin so the advancement character was altered. There were two final complications: 1., The position of the rotors could be changed so there Could be six (6) different rotor orderings. (1,2,3), (1,3,2), (2,3,1), 2,1,3), (3,2,1), and (3,1,2). Cryptology & Classic Cryptography

  50. Rotor External Ring Settings 2. The operator could choose 3 rotors to use from 5 available (1,2,3), (1,2,4), (1,2,5), (2,3,4), (2,3,5), (3,4,5), (1,3,4), (1,3,5), (2,4,5), (1,4,5). These had different notch pins. Iall, there are: 17,576 x 6 x 10 initial positions = 1,054,560 x 676 possible initial ring positions = 712,882,560 states! Cryptology & Classic Cryptography

More Related