390 likes | 770 Vues
Cryptography Classical Ciphers. Examples of threats to Network Security . User A sends a file to user B. User C intercept and reads valuable data A network manager D transmits a message to E with authorization privileges and User F intercepts the message and changes it and reroute it to D
E N D
Examples of threats to Network Security • User A sends a file to user B. User C intercept and reads valuable data • A network manager D transmits a message to E with authorization privileges and User F intercepts the message and changes it and reroute it to D • User F can also create a new message and send it to E claiming it is from D
Symmetric Ciphers • Symmetric Cipher: A from of cryptosystems that encrypt and decrypt using the same key (Conventional or single key encryption) • 2 key encryption is called public key • Two possible attacks on encryption algorithms: • Cryptanalysis: Based on the properties of the encryption algorithm • Brute-force: Trying all possible keys
Some definitions • Plaintext: the original message • Ciphertext: the coded message • Encryption/ciphering: convert plaintext to ciphertext • Decryption/deciphering: restoring to plaintext • Cryptography: the act of ciphering and deciphering
Symmetric Cipher Model • Consists of five ingredients • Plaintext • Encryption algorithm • Secret Key • Ciphertext • Decryption Algorithm
Properties of a Secure system • The encryption algorithm should not be obvious • Sender and receiver should obtain the secret key in a secure fashion • We should assume that the opponent should not be able to decipher the text based on ciphertext or decryption/encryption algorithm
Symmetric Cryptography Example • Given plaintext X = [X1, X2, ..., XM]. • The M elements of X are letters in some finite alphabet. • A key of the form K = [K1, K2, ..., KJ] is generated. • With the message X and the encryption key K as input, the encryption algorithm forms the ciphertextY = [Y1, Y2, ..., YN]. • Y=E(K,X) • X=D(K,Y)
More Definitions • unconditional security • no matter how much computer power or time is available, the cipher cannot be broken since the ciphertext provides insufficient information to uniquely determine the corresponding plaintext • computational security • given limited computing resources (eg time needed for calculations is greater than age of universe), the cipher cannot be broken
Brute Force Search • always possible to simply try every key • most basic attack, proportional to key size • assume either know / recognise plaintext
Classical Substitution Ciphers • where letters of plaintext are replaced by other letters or by numbers or symbols • or if plaintext is viewed as a sequence of bits, then substitution involves replacing plaintext bit patterns with ciphertext bit patterns
Caesar Cipher • earliest known substitution cipher • by Julius Caesar • first attested use in military affairs • replaces each letter by 3rd letter on • example: meet me after the toga party PHHW PH DIWHU WKH WRJD SDUWB
Caesar Cipher • can define transformation as: a b c d e f g h i j k l m n o p q r s T U V W X Y Z D E F G H I J K L M N O P Q R S T U V W X Y Z A B C • mathematically give each letter a number a b c d e f g h i j k l m n o p q r s t u v w x y z 0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 • then have Caesar cipher as: c = E(p) = (p + k) mod (26) p = D(c) = (c – k + 26) mod (26)
Cryptanalysis of Caesar Cipher • only have 25 possible ciphers • A maps to A,B,..Z • could simply try each in turn • a brute force search • given ciphertext, just try all shifts of letters • do need to recognize when have plaintext • eg. break ciphertext "GCUA VQ DTGCM"
Monoalphabetic Cipher • rather than just shifting the alphabet • could shuffle (jumble) the letters arbitrarily • each plaintext letter maps to a different random ciphertext letter • hence key is 26 letters long Plain: abcdefghijklmnopqrstuvwxyz Cipher: DKVQFIBJWPESCXHTMYAUOLRGZN Plaintext: ifwewishtoreplaceletters Ciphertext: WIRFRWAJUHYFTSDVFSFUUFYA
Monoalphabetic Cipher Security • now have a total of 25! = 1.6x10^25keys • with so many keys, might think is secure • but would be !!!WRONG!!! • problem is language characteristics
Language Redundancy and Cryptanalysis • human languages are redundant • eg "th lrd s m shphrd shll nt wnt" • letters are not equally commonly used • in English E is by far the most common letter • followed by T,R,N,I,O,A,S • other letters like Z,J,K,Q,X are fairly rare • have tables of single, double & triple letter frequencies for various languages
Use in Cryptanalysis • key concept - monoalphabetic substitution ciphers do not change relative letter frequencies • discovered by Arabian scientists in 9th century • calculate letter frequencies for ciphertext • compare counts/plots against known values • if caesar cipher look for common peaks/troughs • peaks at: A-E-I triple, NO pair, RST triple • troughs at: JK, X-Z • for monoalphabetic must identify each letter • tables of common double/triple letters help
Example Cryptanalysis • given ciphertext: UZQSOVUOHXMOPVGPOZPEVSGZWSZOPFPESXUDBMETSXAIZ VUEPHZHMDZSHZOWSFPAPPDTSVPQUZWYMXUZUHSX EPYEPOPDZSZUFPOMBZWPFUPZHMDJUDTMOHMQ • count relative letter frequencies (see text) • guess P & Z are e and t • guess ZW is th and hence ZWP is the • proceeding with trial and error finally get: it was disclosed yesterday that several informal but direct contacts have been made with political representatives of the viet cong in moscow
Playfair Cipher • not even the large number of keys in a monoalphabetic cipher provides security • one approach to improving security was to encrypt multiple letters • the Playfair Cipher is an example • invented by Charles Wheatstone in 1854, but named after his friend Baron Playfair
Playfair Key Matrix • a 5X5 matrix of letters based on a keyword • fill in letters of keyword (without duplicates) • fill rest of matrix with other letters • eg. using the keyword MONARCHY
Encrypting and Decrypting • plaintext is encrypted two letters at a time • if a pair is a repeated letter, insert filler like 'X’ • if both letters fall in the same row, replace each with letter to right (wrapping back to start from end) • if both letters fall in the same column, replace each with the letter below it (again wrapping to top from bottom) • otherwise each letter is replaced by the letter in the same row and in the column of the other letter of the pair
Security of PlayfairCipher • security much improved over monoalphabetic • since have 26 x 26 = 676 digrams • would need a 676 entry frequency table to analyse (verses 26 for a monoalphabetic) • and correspondingly more ciphertext • was widely used for many years • eg. by US & British military in WW1 • it can be broken, given a few hundred letters • since still has much of plaintext structure
Hill Cipher • Developed by Mathematician Lester Hill 1929 • The encryption algorithm takes m successive plaintext letters and substitute for them m cipher • Each letter is given a number from a=0 to z=25 • For m = 3, C=KP mod 26 • C1 = (k11p1+k12p2+k13p3)mod 26 • C2 = (k21p1+k22p2+k23p3)mod26 • C3 = (k31p1+k32p2+k33p3)mod26
Example Of Hill Cipher • Assume we want to encrypt “paymoremoney” using the key • b • Decryption require the inverse of • The inverse of the matrix should exist to decrypt the ciphertext for the entire plaintext is LNSHDLEWMTRW.
Decryption Hill Cipher • C= E(K,P) = KP mod 26 • P= D(K,P) = (K^-1)C mod 26= (K^-1)KP=P • The Hill Cipher strength that it hides single-letter and for 3x3 it hides double letter frequencies. • Hill cipher is only strong against a cipher text attack, It is easily broken with a plaintext attack
Hacking the Hill Cipher • For an mxm Hill cipher suppose we have m plaintext-ciphertext pairs, each of length m • And for some unknown K, Now define X=(Pij), and Y=(Cij) • Y=KX if X has an inverse then we can determine • K=Y(X^-1)if , if X is not invertible we have to find more cipher-text plaintext
Polyalphabetic Substitution Ciphers • An improvement over simple mono-alphabetic techniques. This general technique have the following features • A set of related mono-alphabetic substitution rules is used. • A key determines which particular rule is chosen for a given transformation • The best known and simplest one is VigenèreCipher
VigenèreCipher • This scheme depends on 26 Caesar Ciphers with shifts from 0 to 25 • Each cipher is denoted by a key letter which is the cipertext letter that subistitutes for the plain text letter. • Ex. Given key letter x and a plaintext letter y its transformation according to Vigenèretable is v • Ex. • The decryption process is equally simple just reverse the process
Hacking of the Vigenèrecipher • The strength of this cipher is that there are multiple of cipher text letters for each plaintext letter • One for each unique keyword • Improves over playfair cipher, however frequencies still occur
Hacking of the Vigenèrecipher • Lets assume that the opponent suspects either mono-alphabetic or Vigenèrecipher • A simple check about frequency letter statistics in the cipher text should be the same in the plain text • A relative frequency of 12.7% and another of 9.06% • If a Vigenere cipher is suspected • The progress depends on determining the length of the keyword
Hacking of the Vigenèrecipher • First lets find the length of the repetitive keyword: • Checking for repetition we find that “red” translates to VTW and its separated by 9 characters (between the starts) • So the key word is a multiple of 3 ( 3 or maximum 9) • This could be by chance but with large cipher texts we will find more repetitions • So with a keyword with N length it consists of N mono-alphabetic ciphers • For example Deceptive the letter 1, 10 and 19 all use the same mono-alphabetic cipher • Read how you can overcome this issue in the book
One time pad • The Ultimate in security (unbreakable … However) • For each sequence of plaintext letters of length a random key is generated of length N
One time Pad • For the same text, 2 legitimate answers can be derived • Performing an exhaustive search will end up with many texts that could be the answer • Thus its unbreakable • However its not practical • Generating large amount of keys randomly • A heavily used system may require millions of random characters • Key distribution and protection( overhead in communication)