Report

Share

•0 likes•4 views

•0 likes•4 views

Report

Share

Download to read offline

classical encryption techniques

- 1. Chapter 2 – Classical Encryption Techniques Jen-Chang Liu, 2004 Adopted from lecture slides by Lawrie Brown
- 2. Many savages at the present day regard their names as vital parts of themselves, and therefore take great pains to conceal their real names, lest these should give to evil-disposed persons a handle by which to injure their owners. —The Golden Bough, Sir James George Frazer
- 3. Sir James George Frazer 《金枝》一書原名應作「The Golden Bough」，作者Sir James Frazer (1854-1941)， 他是英國人類學家、民俗學家，和古典學者。 《金枝》 一書的主旨在於：人類思想方式的 發展過程是由巫術、宗教發展為科 學。 一個小鎮每年到了6月27日都會舉行 一種儀式： 全鎮居民集合然後抽籤，抽中的人必須讓其他 居民用亂石打死，且 不得反抗；這是為了驅 除災難，被打死的人是為全鎮犧牲的英雄
- 4. Review: Model for Network Security 1 2 3 3 roles to play in security system
- 5. Cryptography Cryptographic systems can be characterized by: encryption operations used for transforming plaintext to ciphertext substitution / transposition (permutation) / product number of keys used single-key or private / two-key or public way in which plaintext is processed block / stream 密碼學
- 6. What’s the secret information?
- 7. Outline Symmetric cipher model Substitution technique Transposition technique Rotor machines Steganography
- 9. Symmetric Encryption conventional / single-key encryption sender and recipient share a common key all classical encryption algorithms are private- key was only type prior to invention of public-key in 1970’s
- 10. Basic Terminology plaintext - the original message ciphertext - the coded message cipher - algorithm for transforming plaintext to ciphertext key - info used in cipher known only to sender/receiver encipher (encrypt) - converting plaintext to ciphertext decipher (decrypt) - recovering ciphertext from plaintext cryptography - study of encryption principles/methods cryptanalysis (codebreaking) - the study of principles/ methods of deciphering ciphertext without knowing key cryptology - the field of both cryptography and cryptanalysis 明文 密文
- 11. Mathematical formulation Y = EK(X) X = DK(Y)
- 12. Example: Caesar Cipher earliest known substitution cipher by Julius Caesar first attested use in military affairs example: meet me after the toga party PHHW PH DIWHU WKH WRJD SDUWB m n o p replaces each letter by 3rd letter further down the alphabet
- 13. Example: Caesar Cipher (cont.) Plaintext alphabets z y x d c b a X , , ,..., , , , Assign a number to each alphabet: 25 , 24 , 23 ,..., 3 , 2 , 1 , 0 X Ciphertext alphabets 25 , 24 , 23 ,..., 3 , 2 , 1 , 0 Y Encryption algorithm Y = EK(X)=(X+3) mod 26
- 14. Security Requirements two requirements for secure use of symmetric encryption: a strong encryption algorithm assume encryption algorithm is known, the opponent is unable to decipher the ciphertext a secret key known only to sender / receiver implies a secure channel to distribute key
- 15. Cryptanalysis of Caesar Cipher Assume that the encryption is known as a Caesar cipher Try 25 possible keys – brute force See fig. 2.3 Why brute force attack works? Encryption (decryption) algorithm is known 25 keys too small The language of plaintext is recognizable Ex. A zipped file
- 16. Brute Force Search Given encryption algorithm, it’s always possible to simply try every key On average, try half of all keys assume either know / recognise plaintext decryption DES AES 3DES
- 17. Types of Cryptanalytic Attacks
- 18. Degree of security for encryption schemes unconditional security no matter how much computer power is available, the cipher cannot be broken since the ciphertext provides insufficient information to uniquely determine the corresponding plaintext 不論花多少時間也無法破解 computational security given limited computing resources (eg time needed for calculations is greater than age of universe), the cipher cannot be broken
- 19. Mini break There will be a programming project this semester Implementation of DES or AES
- 20. Outline Symmetric cipher model Substitution technique Transposition technique Rotor machines Steganography
- 21. Classical Substitution Ciphers where letters of plaintext are replaced by other letters or by numbers or symbols if plaintext is viewed as a sequence of bits, then substitution involves replacing plaintext bit patterns with ciphertext bit patterns A B C . . Y Z A B C . . Y Z 26! Possible transforms
- 22. Caesar Cipher can define transformation as: a b c d e f g h i j k l m n o p q r s t u v w x y z D E F G H I J K L M N O P Q R S T U V W X Y Z A B C then have Caesar cipher as: C = E(p) = (p + k) mod (26) p = D(C) = (C – k) mod (26) Caesar cipher can be cryptoanalyzed by brute-force attack => Far from secure
- 23. Monoalphabetic Cipher rather than just shifting the alphabet each plaintext letter maps to a different random ciphertext letter A B C . . Y Z A B C . . Y Z 26! Possible transforms E(.) . . .
- 24. Monoalphabetic Cipher Security now have a total of 26! = 4 x 1026 keys Very secure !? How to break?
- 25. Language Redundancy and Cryptanalysis human languages are redundant
- 26. Cryptanalysis of monoalphabetic cipher Given ciphertext: Calculate its relative frequencies: * Compare it with the previous table
- 27. Cryptanalysis (cont.) One alphabet frequencies: guess P & Z are e and t Digrams and trigrams: frequencies of compound letters guess ZW is th and hence ZWP is the proceeding with trial and error UZQSOVUOHXMOPVGPOZPEVSGZWSZOPFPESXUDBMETSXAIZ VUEPHZHMDZSHZOWSFPAPPDTSVPQUZWYMXUZUHSX EPYEPOPDZSZUFPOMBZWPFUPZHMDJUDTMOHMQ t t t t t t t t t t t t t t e e e e e e ee e e e e e e e e h h h h
- 28. How to improve monoalphabetic cipher? Encrypt multiple letters of plaintext at the same time Playfair cipher Hill cipher Use multiple cipher alphabets Polyalphabetic cipher
- 29. Playfair Cipher Best-known multiple-letter encryption cipher invented by Charles Wheatstone in 1854, but named after his friend Baron Playfair Example: digram mapping x y c g 26x26 diagrams
- 30. Playfair Key Matrix a 5X5 matrix of letters based on a keyword eg. using the keyword MONARCHY M O N A R C H Y B D E F G I/J K L P Q S T U V W X Z fill in letters of keyword fill rest of matrix with other letters in alphabetic order
- 31. Playfair: Encrypting and Decrypting plaintext encrypted two letters at a time: if a pair is a repeated letter, insert a filler like 'X', eg. "balloon" encrypts as "ba lx lo on" if both letters fall in the same row, replace each with letter to right (wrapping back to start from end), eg. “ar" encrypts as "RM" if both letters fall in the same column, replace each with the letter below it (again wrapping to top from bottom), eg. “mu" encrypts to "CM" otherwise each letter is replaced by the one in its row in the column of the other letter of the pair, eg. “hs" encrypts to "BP", and “ea" to "IM" or "JM" (as desired) M O N C H Y E F G L P Q U V W
- 32. Security of the Playfair Cipher security much improved over monoalphabetic 26 x 26 = 676 digrams would need a 676 entry frequency table to analyse (verses 26 for a monoalphabetic) was widely used for many years (eg. US & British military in WW1) it can be broken, given a few hundred letters since still has much of plaintext structure
- 33. Idea: Relative frequency of occurrence of letters in ciphertext * Make the freq. Distribution information concealed => flatter
- 34. Hill cipher Mathematician Lester Hill in 1929 Multi-letter cipher Ex. 3-letter cipher p1 p2 p3 c1 c2 c3 ? Input: 263 Output: 263 26 mod 3 2 1 33 32 31 23 22 21 13 12 11 3 2 1 p p p k k k k k k k k k c c c Key matrix Linear equations: C=KP mod 26
- 35. Hill cipher (cont.) Encryption: C = KP mod 26 Decryption: P = K-1C mod 26 Idea: hide single-letter frequencies 2x2 key matrix: hide single-letter freq. 3x3 key matrix: hide single-letter and digram freq. … How to attack Hill cipher?
- 36. Cryptanalysis on Hill cipher Known ciphertext X Ex. 2x2 key matrix, given “friday” => “PQCFKU” d r i f K F Q C P 26 mod 3 17 8 5 5 16 2 15 K => => 解出K !!! Known plaintext-ciphertext pairs
- 37. How to improve monoalphabetic cipher? Encrypt multiple letters of plaintext at the same time Playfair cipher Hill cipher Use multiple cipher alphabets Polyalphabetic cipher Monoalph. Cipher: a k Polyalph. Cipher: a k J Rule 1 Rule 2
- 38. Polyalphabetic Ciphers Polyalphabetic substitution ciphers A set of related monoalphabetic substitution rules is used use a key to select which alphabet is used for each letter of the message
- 39. Vigenère Cipher simplest polyalphabetic substitution cipher is the Vigenère Cipher 26 Caesar ciphers Each Caesar cipher is labelled by a key letter See Table 2.3
- 40. key plaintext
- 41. Example: Vigenère Cipher Encryption: need a key and the plaintext Eg. using keyword deceptive key: deceptivedeceptivedeceptive plaintext: wearediscoveredsaveyourself ciphertext:ZICVTWQNGRZGVTWAVZHCQYGLMGJ Decryption: the table and the key are known • advantage: multiple ciphertext letters for each plaintext letter => hide letter frequency => See Fig. 2.6
- 42. Cryptanalysis on Substitution Cipher Calculate the statistical properties of the ciphertext Match language letter freq. Monoalphabetic cipher Polyalphabetic cipher (Vigenère Cipher) Find the length of keyword Attack each monoalphabetic cipher Yes No key: deceptivedeceptivedeceptive plaintext: wearediscoveredsaveyourself ciphertext:ZICVTWQNGRZGVTWAVZHCQYGLMGJ Guess key length
- 43. Improve over Vigenère Cipher Avoid repetition of key Autokey system weakness: the key and plaintext share the same frequency key: deceptivewearediscoveredsav plaintext: wearediscoveredsaveyourself ciphertext:ZICVTWQNGKZEIIGASXSTSLVVWLA
- 44. Improve over Vigenère Cipher (cont.) Avoid repetition of key Gilbert Vernam, 1918 Use of a running loop of tape that eventually repeat the key A very long but repeating keyword Encryption: bitwise operation i i i k p c i-th bit plaintext i-th bit key i-th bit ciphertext
- 45. One-Time Pad Unconditional security !!! Improve on Vigenère Cipher, by Jeseph Mauborgne Use a random key that was truly as long as the message, no repetitions
- 46. Example: one-time pad Known Vigenère Cipher with one-time key Given ciphertext: ANKYODKYUREPFJBYOJDSPLREYIUNOFDOIUERFPLUYTS Decrypt by hacker 1: Ciphertext: ANKYODKYUREPFJBYOJDSPLREYIUNOFDOIUERFPLUYTS Key: pxlmvmsydofuyrvzwc tnlebnecvgdupahfzzlmnyih Plaintext: mr mustard with the candlestick in the hall Decrypt by hacker 2: Ciphertext: ANKYODKYUREPFJBYOJDSPLREYIUNOFDOIUERFPLUYTS Key: pftgpmiydgaxgoufhklllmhsqdqogtewbqfgyovuhwt Plaintext: miss scarlet with the knife in the library Which one?
- 47. a b c d e f g h i j k l m n o p q r s t u v w x y z ? A B C D E F G H I J K L M N O P Q R S T U V W X Y Z ? B C D E F G H I J K L M N O P Q R S T U V W X Y Z ? A C D E F G H I J K L M N O P Q R S T U V W X Y Z ? A B D E F G H I J K L M N O P Q R S T U V W X Y Z ? A B C E F G H I J K L M N O P Q R S T U V W X Y Z ? A B C D F G H I J K L M N O P Q R S T U V W X Y Z ? A B C D E G H I J K L M N O P Q R S T U V W X Y Z ? A B C D E F H I J K L M N O P Q R S T U V W X Y Z ? A B C D E F G I J K L M N O P Q R S T U V W X Y Z ? A B C D E F G H J K L M N O P Q R S T U V W X Y Z ? A B C D E F G H I K L M N O P Q R S T U V W X Y Z ? A B C D E F G H I J L M N O P Q R S T U V W X Y Z ? A B C D E F G H I J K M N O P Q R S T U V W X Y Z ? A B C D E F G H I J K L N O P Q R S T U V W X Y Z ? A B C D E F G H I J K L M O P Q R S T U V W X Y Z ? A B C D E F G H I J K L M N P Q R S T U V W X Y Z ? A B C D E F G H I J K L M N O Q R S T U V W X Y Z ? A B C D E F G H I J K L M N O P R S T U V W X Y Z ? A B C D E F G H I J K L M N O P Q S T U V W X Y Z ? A B C D E F G H I J K L M N O P Q R T U V W X Y Z ? A B C D E F G H I J K L M N O P Q R S U V W X Y Z ? A B C D E F G H I J K L M N O P Q R S T V W X Y Z ? A B C D E F G H I J K L M N O P Q R S T U W X Y Z ? A B C D E F G H I J K L M N O P Q R S T U V X Y Z ? A B C D E F G H I J K L M N O P Q R S T U V W Y Z ? A B C D E F G H I J K L M N O P Q R S T U V W X Z ? A B C D E F G H I J K L M N O P Q R S T U V W X Y ? A B C D E F G H I J K L M N O P Q R S T U V W X Y Z a b c d e f g h i j k l m n o p q r s t u v w x y z ?
- 48. Problem with one-time pad Truly random key with arbitrary length? Distribution and protection of long keys The key has the same length as the plaintext!
- 49. Summary Caesar cipher Monoalphabetic cipher Encrypt multiple letters of plaintext at the same time Playfair cipher Hill cipher Use multiple cipher alphabets Polyalphabetic cipher Vernam cipher One-time Pad
- 50. Outline Symmetric cipher model Substitution technique Transposition technique Rotor machines Steganography
- 51. Transposition Ciphers Transposition cipher: permutation on the plaintext letters these hide the message by rearranging the letter order without altering the actual letters used Feature: have the same frequency distribution as the original text 排列
- 52. Rail Fence cipher write message letters out diagonally over a number of rows eg. Plaintext: “meet me after the toga party” m e m a t r h t g p r y e t e f e t e o a a t then read off cipher row by row MEMATRHTGPRYETEFETEOAAT
- 53. Row Transposition Ciphers Improve on Rain Fence cipher write letters of message out in rows over a specified number of columns Key: 4 3 1 2 5 6 7 Plaintext: a t t a c k p o s t p o n e d u n t i l t w o a m x y z Ciphertext: TTNAAPTMTSUOAODWCOIXKNLYPETZ reorder the columns according to some key before reading off the rows
- 54. Row Transposition Ciphers (cont.) Improve on Row Transposition Ciphers Re-encrypt again! Why more secure? Observe the change of plaintext position Initial plaintext: 01 02 03 04 05 06 07 08 09 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 1st permutation: 03 10 17 24 04 11 18 25 02 09 16 23 01 08 15 22 05 12 19 26 06 13 20 27 07 14 21 28 2nd permutation: 17 09 05 27 24 16 12 07 10 02 22 20 03 25 15 13 04 23 19 14 11 01 26 21 18 08 06 28
- 55. Product Ciphers ciphers using substitutions or transpositions are not secure because of language characteristics hence consider using several ciphers in succession to make harder, but: two substitutions make a more complex substitution two transpositions make more complex transposition but a substitution followed by a transposition makes a new much harder cipher this is bridge from classical to modern ciphers
- 56. Outline Symmetric cipher model Substitution technique Transposition technique Rotor machines Steganography
- 57. Rotor Machines apply multiple stages of encryption were widely used in WW2 German Enigma, Allied Hagelin, Japanese Purple with 3 cylinders have 263=17576 alphabets Each cylinder is a monoalphabetic substitution
- 58. Three-rotor machine Rotate after an input
- 59. Steganography Encryption Steganography: hides existence of message 偽裝 plaintext ciphertext encryption (un-recognizable) plaintext another plaintext steganography
- 61. Summary have considered: classical cipher techniques and terminology monoalphabetic substitution ciphers cryptanalysis using letter frequencies Playfair ciphers polyalphabetic ciphers transposition ciphers product ciphers and rotor machines stenography