1 / 34

Classical Ciphers

Classical Ciphers. CSCI 284/162 Spring 2007 GWU. Formal definition: cryptosystem. A cryptosystem consists of: P set of all plaintext C set of all ciphertext K set of all keys E set of encryption rules, e K : P  C D set of decryption rules d K : C  P d K e K (x) = x

samuel-pitts
Télécharger la présentation

Classical Ciphers

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Classical Ciphers CSCI 284/162 Spring 2007 GWU

  2. Formal definition: cryptosystem A cryptosystem consists of: P set of all plaintext C set of all ciphertext K set of all keys E set of encryption rules, eK: PC D set of decryption rules dK : CP dK eK(x) = x dK eK invertible and inverses of each other CS284-162/Spring07/GWU/Vora/ Classical Ciphers

  3. Typical Scenario • Alice and Bob choose a key, K  K when they are unobserved or communicating on a secure channel • If Alice wants to send Bob a message, x1x2x3x4…xn She sends: y1y2y3y4…yn Where yi = eK(xi) xi is a symbol from the alphabet CS284-162/Spring07/GWU/Vora/ Classical Ciphers

  4. Encryption is an invertible function Inversion should be somewhat easier than a lookup table, because both Alice and Bob would need the entire lookup table. This is provided by some “structure” in the encryption function. However, structure helps adversary decrypt CS284-162/Spring07/GWU/Vora/ Classical Ciphers

  5. Example of EncryptionShift Cipher on English Alphabet P = C = K = English Alphabet Example: key = D A B C D E F G H I J D E F G H I J K L M Encryption, decryption, cryptanalysis examples To do this for different alphabets, need some math CS284-162/Spring07/GWU/Vora/ Classical Ciphers

  6. Zm Definition: ab (mod m) m divides a-b  a and b have the same remainder when divided by m We define a mod m to be the unique remainder of a when divided by m Zm is the “ring” of integers modulo m: The set of all possible remainders on division with m: 0, 1, 2, …m-1 with normal addition and multiplication, performed modulo m CS284-162/Spring07/GWU/Vora/ Classical Ciphers

  7. Shift Cipher P = C = K = Zm eK(x) = x + k mod m dK(x) = x - kmod m Examples Cryptanalysis CS284-162/Spring07/GWU/Vora/ Classical Ciphers

  8. Need: Some group theory What is a group? • A set of elements G with • An additive operation  such that • G is closed under the operation, i.e. if a, b G, so does a b • The operation is associative, i.e. (a b) c = a (b c) • An identity exists and is in G, i.e. • e  G, s.t. e  g = g e = g • Every element has an inverse in G, i.e.  g  G  g-1  G s.t g  g-1 = e CS284-162/Spring07/GWU/Vora/ Classical Ciphers

  9. Multiplicative and additive groups • The group operation can be addition or multiplication • Consider Zn • Is it a multiplicative group? Additive? Fact: Zp* for prime p is cyclic, generated by a primitive element  {1, , 2, … p-1} Examples of Zn - multiplicative and additive groups, prime and composite n, primitive elements CS284-162/Spring07/GWU/Vora/ Classical Ciphers

  10. Shift Cipher: generalized further P = C = K = G eK(x) = x + g dK(x) = x + g-1 = x-g Examples Cryptanalysis CS284-162/Spring07/GWU/Vora/ Classical Ciphers

  11. Properties of Zm (definition of a ring) • Closed under addition and multiplication If a, b  Zmthen a+b, ab  Zm • Addition and multiplication are commutative and associative If a, b  Zmthen a+b = b+a ab = ba (a+b)+c = a +(b+c) and (ab)c = a(bc) CS284-162/Spring07/GWU/Vora/ Classical Ciphers

  12. Properties of Zm – contd. • Additive and multiplicative identities in Zm Additive identity is 0 mod m Multiplicative identity is 1 mod m • Distributive property holds For a,b,c  Zm (a+b)c = ac + bc and a(b+c) = ab + ac CS284-162/Spring07/GWU/Vora/ Classical Ciphers

  13. Properties of Zm – contd. • Additive inverse? A number y such that x + y = x for all x in Zm Zm/ring contains additive inverse • Multiplicative inverse? A number y such that x*y = 1 for all x in Zm Zm/ring need not contain multiplicative inverse CS284-162/Spring07/GWU/Vora/ Classical Ciphers

  14. Affine Cipher P = C = R (R is the ring) K R  R eK(x) = ax + b dK(x) = a-1 (x – b) Examples Cryptanalysis When is a invertible? We do this next week. CS284-162/Spring07/GWU/Vora/ Classical Ciphers

  15. Vigenère Cipher Shift cipher with a different key for each letter: aeiou plaintext fgyloi key ciphertext? Decryption? VPXZGIAXIVWPUBTTMJPWIZITWZT Key:cipher CS284-162/Spring07/GWU/Vora/ Classical Ciphers

  16. Definition: Vigenère Cipher P = C = K = (Zm)n For K = (k1, k2, k3, …kn) eK(x1, x2, x3, …xn) = (x1+k1, x2+k2, x3+k3, …xn+kn) Alphabet is Zm, encryption done in blocks of n symbols dK(x1, x2, x3, …xn) = ? Cryptanalysis: very difficult Number of keys? Complexity of brute force? CS284-162/Spring07/GWU/Vora/ Classical Ciphers

  17. Permutation Cipher Encrypt: canwegohomenow CS284-162/Spring07/GWU/Vora/ Classical Ciphers

  18. Definition: Permutation Cipher P = C = (Zm)n K = { |  a permutation of {1, 2, ….n}} e (x1, x2,…xn) = (x (1), x (2),…x (n)) d (x1, x2,…xn) = (x -1(1), x  -1(2),…x  -1(n)) CS284-162/Spring07/GWU/Vora/ Classical Ciphers

  19. Special Permutation Cipherperhaps the oldest known cipher classisboringtoday ciidlsnaabgysotrsrox What was the permutation? History CS284-162/Spring07/GWU/Vora/ Classical Ciphers

  20. How about a cipher with many, many possible keys?

  21. How about using many, many keys? ABCDEFGHIJKLMNOPQRSTUVWXYZ cjmzuvywrdbunjoxaeslptfghi Different key for each letter in the alphabet? A letter goes to another one. Each time a letter appears in the message it encrypts to the same letter in the ciphertext CS284-162/Spring07/GWU/Vora/ Classical Ciphers

  22. Substitution cipher P = C = Zm K = all permutations ofZm e(x) = (x) d(y) = -1(y) The key is the table: 26! Keys Brute force could be expensive CS284-162/Spring07/GWU/Vora/ Classical Ciphers

  23. Substitution cipher - cryptanalysis lxr rwq zoazqgr sfuqb bqabq virw gxlkiz uqnb, vwqjq ir bIsgkn sqfab fggkniay rwq gjicfrq rjfabmojsfrioa mijbr fad rwqa rwq gxlkiz oaq. wq wfcq aorqd rwfr f sfeoj gjolkqs virw gjicfrq uqnb ib rwq bwqqj axslqj om uqnb f biaykq xbqj wfb ro brojq fad rjfzu. virw gxlkiz uqnb, oakn rvo uqnb fjq aqqdqd gqj xbqj: oaq gxlkiz fad oaq gjicfrq. Kqr xb bqq vwfr dimmejqazq rwib sfuqb ia rwq axslqj om uqnb aqqdqd. CS284-162/Spring07/GWU/Vora/ Classical Ciphers

  24. a 22 b 24 c 4 d 9 e 2 f 21 g 13 h i 20 j 16 k 10 l 8 m 6 n 9 o 15 p q 51 r 28 s 9 t u 9 v 7 w 16 x 10 y 2 z 8 Substitution cipher - cryptanalysis CS284-162/Spring07/GWU/Vora/ Classical Ciphers

  25. English (every 1000) E 127 T 91 A 82 O 75 I 70 N 67 S 63 H 61 R 60 D 43 L 40 C 28 Ciphertext q 51 r 28 b 24 a 22 f 21 i 20 j 16 w 16 o 15 g 13 x 10 k 10 d 9 From Stinson Frequency of occurence u 9 n 9 s 9 l 8 z 8 v 7 m 6 c 4 e 2 y 2 h 0 t 0 p 0 U 28 M 24 W 23 F 22 G 20 Y 20 P 19 B 15 V 10 K 8 J 2 Q 1 X 1 Z 1 CS284-162/Spring07/GWU/Vora/ Classical Ciphers

  26. q = E lxr rwE zoazEgr sfuEb bEabE virw gxlkiz uEnb, vwEjE ir bIsgkn sEfab fggkniay rwE gjicfrE rjfabmojsfrioa mijbr fad rwEa rwE gxlkiz oaE. vE wfcE aorEd rwfr f sfeoj gjolkEs virw gjicfrE uEnb ib rwE bwEEj axslEj om uEnb f biaykE xbEj wfb ro brojE fad rjfzu. virw gxlkiz uEnb oakn rvo uEnb fjE aEEdEd gEj xbEj: oaE gxlkiz fad oaE gjicfrE. kEr xb bEE vwfr dimmejEazE rwib sfuEb ia rwE axslEj om uEnb aEEdEd. CS284-162/Spring07/GWU/Vora/ Classical Ciphers

  27. Digram TH HE IN ER AN RE ED ON ES ST EN AT Trigram THE ING AND HER ERE ENT THA NTH WAS ETH FOR DTH From Stinson Digram/Trigram occurence TO NT HA ND OU EA NG AS OR TI IS ET IT AR TE SE HI OF CS284-162/Spring07/GWU/Vora/ Classical Ciphers

  28. q = E lxr rwE zoazEgr sfuEb bEabE virw gxlkiz uEnb vwEjE ir bIsgkn sEfab fggkniay rwE gjicfrE rjfabmojsfrioa mijbr fad rwEarwE gxlkiz oaE. vE wfcE aorEd rwfr f sfeoj gjolkEs virw gjicfrE uEnb ib rwE bwEEj axslEj om uEnb f biaykE xbEj wfb ro brojE fad rjfzu. Virw gxlkiz uEnb, oakn rvo uEnb fjE aEEdEd gEj xbEj: oaE gxlkiz fad oaE gjicfrE. kEr xb bEE vwfr dimmejEazE rwib sfuEb ia rwE axslEj om uEnb aEEdEd. En 6 Ej 6 Ed 5 Ea 2 Eb 2 Er 1 Ef 1 Es 1 Eg 1 ER ED ES EN EA ET uE 8 wE 8 aE 5 bE 5 rE 4 kE 3 jE 3 dE 2 zE 2 gE 1 vE 1 cE lE 1 sE 1 HE RE TE SE TAOI NSHRD r b af i j wogxkd j=R; d = D; b or a = S; w = H; CS284-162/Spring07/GWU/Vora/ Classical Ciphers

  29. q = E; j=R; w=H; d=D lxr rHE zoazEgr sfuEb bEabE virH gxlkiz uEnb vHERE ir bIsgkn sEfab fggkniay rHE gRicfrE rRfabmoRsfrioa miRbr fad rHEarHE gxlkiz oaE. vE HfcE aorEd rHfr f sfeoR gRolkEs virH gjicfrE uEnb ib rHE bHEER axslER om uEnb f biaykE xbER Hfb ro broRE fad rRfzu. HirH gxlkiz uEnb, oakn rvo uEnb fRE aEEdEd gER xbER: oaE gxlkiz fad oaE gRicfrE. kEr xb bEE vHfr dimmeREazE rHib sfuEb ia rHE axslER om uEnb aEEdEd. TAOI NS r b af i og r = T CS284-162/Spring07/GWU/Vora/ Classical Ciphers

  30. q = E; j=R; w=H; r=T; d=D lxT THE zONzEgr MAuES SENSE WITH gxlkIz uEnS WHERE IT SIMgkn MEANS AggknINy THE gRIcATE TRANSFORMATION FIRST AND THEN THE gxlkIz ONE. WE HAVE NOTED THAT A MAJOR PROlkEM WITH PRIVATE uEnS IS THE SHEER NxMlER OF uEnS A SIaykE xSER HAS TOSTORE AND TRAzu. WITH gxlkIz uEnS, ONkn TWO uEnS ARE NEEDED gER xSER: ONE PxlkIz AND ONE PRIVATE. kET xS SEE WHAT DImmeRENzE THIS sAuESIN THE NxBlER OF uEnS NEEDED. O NS b a og v=W; i=I; f=A; b=S; o=O; m=F; a=N; s=M; c=V; g=P; e=J; CS284-162/Spring07/GWU/Vora/ Classical Ciphers

  31. Substitution cipher - cryptanalysis A B C D E F G H I J K L M N O P Q R S T U V W X Y Z f l z d q m y w i e u k s a o g t j b r x c v h n p BUT THE CONCEPT MAKES SENSE WITH PUBLIC KEYS WHERE IT SIMPLY MEANS APPLYING THE PRIVATE TRANSFORMATION FIRST AND THEN THE PUBLIC ONE. WE HAVE NOTED THAT A MAJOR PROBLEM WITH PRIVATE KEYS IS THE SHEER NUMBER OF KEYS A SINGLE USER HAS TO STORE AND TRACK. WITH PUBLIC KEYS ONLY TWO KEYS ARE NEEDED PER USER ONE PUBLIC AND ONE PRIVATE. LET US SEE WHAT DIFFERENCE THIS MAKES IN THE NUMBER OF KEYS NEEDED. CS284-162/Spring07/GWU/Vora/ Classical Ciphers

  32. Substitution cipher – cryptanalysis algorithm • Look for “a”/”I” • Compute frequency of single letters; compare to that of English • Compute frequency of digrams, compare to that of English • Compute frequency of trigrams, compare to that of English • Etc. CS284-162/Spring07/GWU/Vora/ Classical Ciphers

  33. Substitution cipher – strengths and weaknesses • Strengths: • Not vulnerable to brute force attacks • Encryption and decryption requires low computational overhead, though more than Shift cipher • Ciphertext not longer than plaintext • Weaknesses: • Vulnerable to statistical attack if language/message has statistical structure • Requires storage of key table CS284-162/Spring07/GWU/Vora/ Classical Ciphers

  34. Substitution cipher – lessons learnt • In spite of 26! possible keys, can break, because of structure of message • Can we make message without statistical structure? • Examples? Images in well-compressed form. What about zip files? CS284-162/Spring07/GWU/Vora/ Classical Ciphers

More Related