1 / 23

CIT 380: Securing Computer Systems

CIT 380: Securing Computer Systems. Classical Cryptography. Countering Frequency Analysis. Primary weakness of simple substition: Each ciphertext letter corresponds to only one letter of plaintext. Solution: polyalphabetic substitution Use multiple cipher alphabets.

oscar-cantu
Télécharger la présentation

CIT 380: Securing Computer Systems

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. CIT 380: Securing Computer Systems Classical Cryptography CIT 380: Securing Computer Systems

  2. Countering Frequency Analysis Primary weakness of simple substition: • Each ciphertext letter corresponds to only one letter of plaintext. Solution: polyalphabetic substitution • Use multiple cipher alphabets. • Switch between cipher alphabets from character to character in the plaintext. CIT 380: Securing Computer Systems

  3. Letter Frequency Distributions CIT 380: Securing Computer Systems

  4. Vigènere Cipher Use phrase instead of letter as key. Example: • Message THE BOY HAS THE BALL • Key VIG • Encipher using Cæsar cipher for each letter: key VIGVIGVIGVIGVIGV plain THEBOYHASTHEBALL cipher OPKWWECIYOPKWIRG Key space size is 26m. CIT 380: Securing Computer Systems

  5. G I V A G I V B H J W E L M Z H N P C L R T G O U W J S Y A N T Z B O Y E H T Tableau shown has relevant rows, columns only. Example encipherments: key V, letter T: follow V column down to T row (giving “O”) Key I, letter H: follow I column down to H row (giving “P”) Relevant Parts of Tableau CIT 380: Securing Computer Systems

  6. Useful Terms period: length of key • In earlier example, period is 3 tableau: table used to encipher and decipher • Vigènere cipher has key letters on top, plaintext letters on the left. CIT 380: Securing Computer Systems

  7. Simple Attacks • Chosen Plaintext • Choose plaintext of all a’s. • If long enough, it will be encrypted to the key. • Dictionary Attack • Guess key from dictionary and try decryption. CIT 380: Securing Computer Systems

  8. Simple Attacks • Brute Force • Try every possible key in turn. • Is there a ciphertext only attack that’s faster? CIT 380: Securing Computer Systems

  9. Vigènere Cryptanalysis • Find key length (period). • Break message into n parts, each part being enciphered using the same key letter. • Use frequency analysis to solve resulting simple substition ciphers. key VIGVIGVIGVIGVIGV plain THEBOYHASTHEBALL cipher OPKWWECIYOPKWIRG CIT 380: Securing Computer Systems

  10. Kaskski Test • Conjunction of key repetition with repeated portion of plaintext produces repeated ciphertext. • Example: key VIGVIGVIGVIGVIGV plain THEBOYHASTHEBALL cipher OPKWWECIYOPKWIRG Key and plaintext line up over the repetitions. • Distance between reptitions is 9 • Repeated phrase “OPK” at 1st and 10th positions. • Period is a multiple of 9 (1, 3 or 9.) CIT 380: Securing Computer Systems

  11. Example Vigènere Ciphertext ADQYS MIUSB OXKKT MIBHK IZOOO EQOOG IFBAG KAUMF VVTAA CIDTW MOCIO EQOOG BMBFV ZGGWP CIEKQ HSNEW VECNE DLAAV RWKXS VNSVP HCEUT QOIOF MEGJS WTPCH AJMOC HIUIX CIT 380: Securing Computer Systems

  12. Repetitions in Example CIT 380: Securing Computer Systems

  13. Estimate of Period • OEQOOG is probably not a coincidence • Two character repetitions may be chance. • Period may be 1, 2, 3, 5, 6, 10, 15, or 30 • Most others (7/10) have 2 in their factors • Almost as many (6/10) have 3 in their factors. • Begin with period of 2  3 = 6. CIT 380: Securing Computer Systems

  14. English Letter Frequencies CIT 380: Securing Computer Systems

  15. Splitting Into Alphabets Alphabet IC AIKHOIATTOBGEEERNEOSAI 0.069 DUKKEFUAWEMGKWDWSUFWJU 0.078 QSTIQBMAMQBWQVLKVTMTMI 0.078 YBMZOAFCOOFPHEAXPQEPOX 0.056 SOIOOGVICOVCSVASHOGCC 0.124 MXBOGKVDIGZINNVVCIJHH 0.043 Divide cipher into 6 (period) alphabets. IC indicates single alphabet, except #4 and #6. CIT 380: Securing Computer Systems

  16. Frequency Examination ABCDEFGHIJKLMNOPQRSTUVWXYZ 1 31004011301001300112000000 2 10022210013010000010404000 3 12000000201140004013021000 4 21102201000010431000000211 5 10500021200000500030020000 • 01110022311012100000030101 HMMMHMMHHMMMMHHMLHHHMLLLLL Unshifted frequencies (H high, M medium, L low) CIT 380: Securing Computer Systems

  17. Begin Decryption • First matches characteristics of unshifted alphabet • Third matches if I shifted to A • Sixth matches if V shifted to A • Substitute into ciphertext (bold are substitutions) ADIYS RIUKB OCKKL MIGHK AZOTO EIOOL IFTAG PAUEF VATAS CIITW EOCNO EIOOL BMTFV EGGOP CNEKI HSSEW NECSE DDAAA RWCXS ANSNP HHEUL QONOF EEGOS WLPCM AJEOC MIUAX CIT 380: Securing Computer Systems

  18. Look For Clues AJE in last line suggests “are”, meaning second alphabet maps A into S: ALIYS RICKB OCKSL MIGHS AZOTO MIOOL INTAG PACEF VATIS CIITE EOCNO MIOOL BUTFV EGOOP CNESI HSSEE NECSE LDAAA RECXS ANANP HHECL QONON EEGOS ELPCM AREOC MICAX CIT 380: Securing Computer Systems

  19. Next Alphabet MICAX in last line suggests “mical” (a common ending for an adjective), meaning fourth alphabet maps O into A: ALIMS RICKP OCKSL AIGHS ANOTO MICOL INTOG PACET VATIS QIITE ECCNO MICOL BUTTV EGOOD CNESI VSSEE NSCSE LDOAA RECLS ANAND HHECL EONON ESGOS ELDCM ARECC MICAL CIT 380: Securing Computer Systems

  20. Got It! QI means that U maps into I, as Q is always followed by U: ALIME RICKP ACKSL AUGHS ANATO MICAL INTOS PACET HATIS QUITE ECONO MICAL BUTTH EGOOD ONESI VESEE NSOSE LDOMA RECLE ANAND THECL EANON ESSOS ELDOM ARECO MICAL CIT 380: Securing Computer Systems

  21. Countering Frequency Analaysis • Observation: If Vigènere key is very long, frequency analysis won’t work. • Problem: Long keys are hard to remember. • Solution: Use multiple encryptions. • Encrypting with a key m and key n is same as encryption by key whose length is least common multiple of m and n. • If m and n are relatively prime, then the least common multiple is mn. CIT 380: Securing Computer Systems

  22. Rotor Machines Use multiple rounds of Vigènere substitution. • Machine contains multiple cylinders. • Each cylinder has 26 states (ciphers). • Cylinders rotate to change states on different schedules. • m-cylinder machine has 26m substitution ciphers. CIT 380: Securing Computer Systems

  23. Enigma Machine • 3 rotors: 17576 substitutions. • 3 rotors can be used in any order: 6 combinations. • Plug board: 6 pairs of letters can be swapped. • Total keys ~ 1016 CIT 380: Securing Computer Systems

More Related