dokumen.tips_chapter-2-classical-encryption-techniques-56969e027fe68.ppt

Chapter 2 – Classical Encryption
Techniques
Jen-Chang Liu, 2004
Adopted from
lecture slides by Lawrie Brown

Many savages at the present day regard
their names as vital parts of themselves,
and therefore take great pains to conceal
their real names, lest these should give to
evil-disposed persons a handle by which
to injure their owners. —The Golden
Bough, Sir James George Frazer

Sir James George Frazer
 《金枝》一書原名應作「The Golden
Bough」，作者Sir James Frazer (1854-1941)，
他是英國人類學家、民俗學家，和古典學者。
《金枝》一書的主旨在於：人類思想方式的
發展過程是由巫術、宗教發展為科學。
 一個小鎮每年到了6月27日都會舉行一種儀式：
全鎮居民集合然後抽籤，抽中的人必須讓其他
居民用亂石打死，且不得反抗；這是為了驅
除災難，被打死的人是為全鎮犧牲的英雄

Review: Model for Network
Security
1
2
3
3 roles to play in security system

Cryptography
 Cryptographic systems can be characterized
by:
 encryption operations used for transforming
plaintext to ciphertext
 substitution / transposition (permutation) / product
 number of keys used
 single-key or private / two-key or public
 way in which plaintext is processed
 block / stream
密碼學

What’s the secret information?

Outline
 Symmetric cipher model
 Substitution technique
 Transposition technique
 Rotor machines
 Steganography

Symmetric Cipher Model
?
對稱式

Symmetric Encryption
 conventional / single-key encryption
 sender and recipient share a common key
 all classical encryption algorithms are private-
key
 was only type prior to invention of public-key
in 1970’s

Basic Terminology
 plaintext - the original message
 ciphertext - the coded message
 cipher - algorithm for transforming plaintext to
ciphertext
 key - info used in cipher known only to sender/receiver
 encipher (encrypt) - converting plaintext to ciphertext
 decipher (decrypt) - recovering ciphertext from
plaintext
 cryptography - study of encryption principles/methods
 cryptanalysis (codebreaking) - the study of
principles/ methods of deciphering ciphertext without
knowing key
 cryptology - the field of both cryptography and
cryptanalysis
明文
密文

Mathematical formulation
Y = EK(X)
X = DK(Y)

Example: Caesar Cipher
 earliest known substitution cipher by Julius
Caesar
 first attested use in military affairs
 example:
meet me after the toga party
PHHW PH DIWHU WKH WRJD SDUWB
m
n
o
p
replaces each letter by 3rd letter further down the alphabet

Example: Caesar Cipher (cont.)
 Plaintext alphabets
 
z
y
x
d
c
b
a
X ,
,
,...,
,
,
,

Assign a number to each alphabet:
 
25
,
24
,
23
,...,
3
,
2
,
1
,
0

X
 Ciphertext alphabets
 
25
,
24
,
23
,...,
3
,
2
,
1
,
0

Y
 Encryption algorithm
Y = EK(X)=(X+3) mod 26

Security Requirements
 two requirements for secure use of
symmetric encryption:
 a strong encryption algorithm
 assume encryption algorithm is known, the opponent
is unable to decipher the ciphertext
 a secret key known only to sender / receiver
 implies a secure channel to distribute key

Cryptanalysis of Caesar Cipher
 Assume that the encryption is known as a
Caesar cipher
 Try 25 possible keys – brute force
 See fig. 2.3
 Why brute force attack works?
 Encryption (decryption) algorithm is known
 25 keys  too small
 The language of plaintext is recognizable
 Ex. A zipped file

Brute Force Search
 Given encryption algorithm, it’s always possible to
simply try every key
 On average, try half of all keys
 assume either know / recognise plaintext
decryption
DES
AES
3DES

Types of Cryptanalytic Attacks

Degree of security for encryption
schemes
 unconditional security
 no matter how much computer power is available,
the cipher cannot be broken since the ciphertext
provides insufficient information to uniquely
determine the corresponding plaintext
 不論花多少時間也無法破解
 computational security
 given limited computing resources (eg time
needed for calculations is greater than age of
universe), the cipher cannot be broken

Mini break
 There will be a programming project this
semester
 Implementation of DES or AES

Classical Substitution Ciphers
 where letters of plaintext are replaced by
other letters or by numbers or symbols
 if plaintext is viewed as a sequence of bits,
then substitution involves replacing plaintext
bit patterns with ciphertext bit patterns
A
B
C
.
.
Y
Z
A
B
C
.
.
Y
Z
26! Possible transforms

Caesar Cipher
 can define transformation as:
a b c d e f g h i j k l m n o p q r s t u v w x y z
D E F G H I J K L M N O P Q R S T U V W X Y Z A B C
 then have Caesar cipher as:
C = E(p) = (p + k) mod (26)
p = D(C) = (C – k) mod (26)
Caesar cipher can be cryptoanalyzed by brute-force attack
=> Far from secure

Monoalphabetic Cipher
 rather than just shifting the alphabet
 each plaintext letter maps to a different
random ciphertext letter
A
B
C
.
.
Y
Z
A
B
C
.
.
Y
Z
26! Possible transforms
E(.)
.
.
.

Monoalphabetic Cipher
Security
 now have a total of 26! = 4 x 1026 keys
 Very secure !?
 How to break?

Language Redundancy and
Cryptanalysis
 human languages are redundant

Cryptanalysis of monoalphabetic
cipher
Given ciphertext:
Calculate its relative frequencies:
* Compare it with the previous table

Cryptanalysis (cont.)
 One alphabet frequencies: guess P & Z are e and t
 Digrams and trigrams: frequencies of compound
letters
 guess ZW is th and hence ZWP is the
 proceeding with trial and error
UZQSOVUOHXMOPVGPOZPEVSGZWSZOPFPESXUDBMETSXAIZ
VUEPHZHMDZSHZOWSFPAPPDTSVPQUZWYMXUZUHSX
EPYEPOPDZSZUFPOMBZWPFUPZHMDJUDTMOHMQ
t t t t t
t t t t
t
t
t t
t
e e e e e
e
ee
e
e
e e e e e e
h
h
h
h

How to improve monoalphabetic
cipher?
 Encrypt multiple letters of plaintext at the
same time
 Playfair cipher
 Hill cipher
 Use multiple cipher alphabets
 Polyalphabetic cipher

Playfair Cipher
 Best-known multiple-letter encryption cipher
 invented by Charles Wheatstone in 1854, but
named after his friend Baron Playfair
Example: digram mapping
x
y
c
g
26x26 diagrams

Playfair Key Matrix
 a 5X5 matrix of letters based on a keyword
 eg. using the keyword MONARCHY
M O N A R
C H Y B D
E F G I/J K
L P Q S T
U V W X Z
fill in letters of keyword
fill rest of matrix with other letters in
alphabetic order

Playfair: Encrypting and
Decrypting
 plaintext encrypted two letters at a time:
 if a pair is a repeated letter, insert a filler like 'X',
eg. "balloon" encrypts as "ba lx lo on"
 if both letters fall in the same row, replace each
with letter to right (wrapping back to start from
end), eg. “ar" encrypts as "RM"
 if both letters fall in the same column, replace
each with the letter below it (again wrapping to
top from bottom), eg. “mu" encrypts to "CM"
 otherwise each letter is replaced by the one in its
row in the column of the other letter of the pair,
eg. “hs" encrypts to "BP", and “ea" to "IM" or "JM"
(as desired)
M O N
C H Y
E F G
L P Q
U V W

Security of the Playfair Cipher
 security much improved over monoalphabetic
 26 x 26 = 676 digrams
 would need a 676 entry frequency table to analyse
(verses 26 for a monoalphabetic)
 was widely used for many years (eg. US & British
military in WW1)
 it can be broken, given a few hundred letters
 since still has much of plaintext structure

Idea: Relative frequency of
occurrence of letters in ciphertext
* Make the freq. Distribution information concealed => flatter

Hill cipher
 Mathematician Lester Hill in 1929
 Multi-letter cipher
 Ex. 3-letter cipher
p1
p2
p3
c1
c2
c3
?
Input: 263 Output: 263
26
mod
3
2
1
33
32
31
23
22
21
13
12
11
3
2
1































p
p
p
k
k
k
k
k
k
k
k
k
c
c
c
Key matrix
Linear equations: C=KP mod 26

Hill cipher (cont.)
 Encryption: C = KP mod 26
 Decryption: P = K-1C mod 26
 Idea: hide single-letter frequencies
 2x2 key matrix: hide single-letter freq.
 3x3 key matrix: hide single-letter and digram
freq.
 …
How to attack Hill cipher?

Cryptanalysis on Hill cipher
 Known ciphertext X
Ex. 2x2 key matrix, given “friday” => “PQCFKU”

















d
r
i
f
K
F
Q
C
P
26
mod
3
17
8
5
5
16
2
15

















K
=>
=> 解出K !!!
 Known plaintext-ciphertext pairs

How to improve monoalphabetic
cipher?
same time
 Playfair cipher
 Hill cipher
 Polyalphabetic cipher Monoalph. Cipher:
a k
Polyalph. Cipher:
a k
J
Rule 1
Rule 2

Polyalphabetic Ciphers
 Polyalphabetic substitution ciphers
 A set of related monoalphabetic substitution rules
is used
 use a key to select which alphabet is used for
each letter of the message

Vigenère Cipher
 simplest polyalphabetic substitution cipher is
the Vigenère Cipher
 26 Caesar ciphers
 Each Caesar cipher is labelled by a key letter
 See Table 2.3

Example: Vigenère Cipher
 Encryption: need a key and the plaintext
 Eg. using keyword deceptive
key: deceptivedeceptivedeceptive
plaintext: wearediscoveredsaveyourself
ciphertext:ZICVTWQNGRZGVTWAVZHCQYGLMGJ
 Decryption: the table and the key are known
• advantage: multiple ciphertext letters for each plaintext letter
=> hide letter frequency
=> See Fig. 2.6

Cryptanalysis on Substitution
Cipher
 Calculate the statistical properties of the
ciphertext
 Match language letter freq.
 Monoalphabetic cipher
 Polyalphabetic cipher (Vigenère Cipher)
 Find the length of keyword
 Attack each monoalphabetic cipher
Yes
No
key: deceptivedeceptivedeceptive
ciphertext:ZICVTWQNGRZGVTWAVZHCQYGLMGJ
Guess key length

Improve over Vigenère Cipher
 Avoid repetition of key
 Autokey system
 weakness: the key and plaintext share the same
frequency
key: deceptivewearediscoveredsav
ciphertext:ZICVTWQNGKZEIIGASXSTSLVVWLA

Improve over Vigenère Cipher
(cont.)
 Avoid repetition of key
 Gilbert Vernam, 1918
 Use of a running loop of tape that eventually
repeat the key
 A very long but repeating keyword
 Encryption: bitwise operation
i
i
i k
p
c 

i-th bit
plaintext
i-th bit
key
i-th bit
ciphertext

One-Time Pad
 Unconditional security !!!
 Improve on Vigenère Cipher, by Jeseph
Mauborgne
 Use a random key that was truly as long as
the message, no repetitions

Example: one-time pad
 Known Vigenère Cipher with one-time key
 Given ciphertext:
ANKYODKYUREPFJBYOJDSPLREYIUNOFDOIUERFPLUYTS
Decrypt by hacker 1:
Ciphertext: ANKYODKYUREPFJBYOJDSPLREYIUNOFDOIUERFPLUYTS
Key: pxlmvmsydofuyrvzwc tnlebnecvgdupahfzzlmnyih
Plaintext: mr mustard with the candlestick in the hall
Decrypt by hacker 2:
Ciphertext: ANKYODKYUREPFJBYOJDSPLREYIUNOFDOIUERFPLUYTS
Key: pftgpmiydgaxgoufhklllmhsqdqogtewbqfgyovuhwt
Plaintext: miss scarlet with the knife in the library
Which one?

a b c d e f g h i j k l m n o p q r s t u v w x y z ?
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z ?
B C D E F G H I J K L M N O P Q R S T U V W X Y Z ? A
C D E F G H I J K L M N O P Q R S T U V W X Y Z ? A B
D E F G H I J K L M N O P Q R S T U V W X Y Z ? A B C
E F G H I J K L M N O P Q R S T U V W X Y Z ? A B C D
F G H I J K L M N O P Q R S T U V W X Y Z ? A B C D E
G H I J K L M N O P Q R S T U V W X Y Z ? A B C D E F
H I J K L M N O P Q R S T U V W X Y Z ? A B C D E F G
I J K L M N O P Q R S T U V W X Y Z ? A B C D E F G H
J K L M N O P Q R S T U V W X Y Z ? A B C D E F G H I
K L M N O P Q R S T U V W X Y Z ? A B C D E F G H I J
L M N O P Q R S T U V W X Y Z ? A B C D E F G H I J K
M N O P Q R S T U V W X Y Z ? A B C D E F G H I J K L
N O P Q R S T U V W X Y Z ? A B C D E F G H I J K L M
O P Q R S T U V W X Y Z ? A B C D E F G H I J K L M N
P Q R S T U V W X Y Z ? A B C D E F G H I J K L M N O
Q R S T U V W X Y Z ? A B C D E F G H I J K L M N O P
R S T U V W X Y Z ? A B C D E F G H I J K L M N O P Q
S T U V W X Y Z ? A B C D E F G H I J K L M N O P Q R
T U V W X Y Z ? A B C D E F G H I J K L M N O P Q R S
U V W X Y Z ? A B C D E F G H I J K L M N O P Q R S T
V W X Y Z ? A B C D E F G H I J K L M N O P Q R S T U
W X Y Z ? A B C D E F G H I J K L M N O P Q R S T U V
X Y Z ? A B C D E F G H I J K L M N O P Q R S T U V W
Y Z ? A B C D E F G H I J K L M N O P Q R S T U V W X
Z ? A B C D E F G H I J K L M N O P Q R S T U V W X Y
? A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
a
b
c
d
e
f
g
h
i
j
k
l
m
n
o
p
q
r
s
t
u
v
w
x
y
z
?

Problem with one-time pad
 Truly random key with arbitrary length?
 Distribution and protection of long keys
 The key has the same length as the plaintext!

Summary
 Caesar cipher
 Monoalphabetic cipher
same time
 Playfair cipher
 Hill cipher
 Polyalphabetic cipher
 Vernam cipher
 One-time Pad

Transposition Ciphers
 Transposition cipher: permutation on the
plaintext letters
 these hide the message by rearranging the letter
order
 without altering the actual letters used
 Feature: have the same frequency distribution as
the original text
排列

Rail Fence cipher
 write message letters out diagonally over a
number of rows
 eg. Plaintext: “meet me after the toga party”
m e m a t r h t g p r y
e t e f e t e o a a t
 then read off cipher row by row
MEMATRHTGPRYETEFETEOAAT

Row Transposition Ciphers
 Improve on Rain Fence cipher
 write letters of message out in rows over a
specified number of columns
Key: 4 3 1 2 5 6 7
Plaintext: a t t a c k p
o s t p o n e
d u n t i l t
w o a m x y z
Ciphertext: TTNAAPTMTSUOAODWCOIXKNLYPETZ
 reorder the columns according to some key
before reading off the rows

Row Transposition Ciphers (cont.)
 Improve on Row Transposition Ciphers
 Re-encrypt again!
 Why more secure? Observe the change of
plaintext position
Initial plaintext: 01 02 03 04 05 06 07 08 09 10 11 12 13 14
15 16 17 18 19 20 21 22 23 24 25 26 27 28
1st permutation: 03 10 17 24 04 11 18 25 02 09 16 23 01 08
15 22 05 12 19 26 06 13 20 27 07 14 21 28
2nd permutation: 17 09 05 27 24 16 12 07 10 02 22 20 03 25
15 13 04 23 19 14 11 01 26 21 18 08 06 28

Product Ciphers
 ciphers using substitutions or transpositions are not
secure because of language characteristics
 hence consider using several ciphers in succession
to make harder, but:
 two substitutions make a more complex substitution
 two transpositions make more complex transposition
 but a substitution followed by a transposition makes a
new much harder cipher
 this is bridge from classical to modern ciphers

Rotor Machines
 apply multiple stages of encryption
 were widely used in WW2
 German Enigma, Allied Hagelin, Japanese Purple
 with 3 cylinders have 263=17576 alphabets
 Each cylinder is a monoalphabetic
substitution

Three-rotor machine
Rotate after
an input

Steganography
 Encryption
 Steganography: hides existence of message
偽裝
plaintext ciphertext
encryption
(un-recognizable)
plaintext another plaintext
steganography

dokumen.tips_chapter-2-classical-encryption-techniques-56969e027fe68.ppt

Summary
 have considered:
 classical cipher techniques and terminology
 monoalphabetic substitution ciphers
 cryptanalysis using letter frequencies
 Playfair ciphers
 polyalphabetic ciphers
 transposition ciphers
 product ciphers and rotor machines
 stenography

dokumen.tips_chapter-2-classical-encryption-techniques-56969e027fe68.ppt

dokumen.tips_chapter-2-classical-encryption-techniques-56969e027fe68.ppt

Recommended

More Related Content

Similar to dokumen.tips_chapter-2-classical-encryption-techniques-56969e027fe68.ppt

Similar to dokumen.tips_chapter-2-classical-encryption-techniques-56969e027fe68.ppt(20)

Recently uploaded

Recently uploaded(20)

dokumen.tips_chapter-2-classical-encryption-techniques-56969e027fe68.ppt