SlideShare a Scribd company logo

355_Fall05_lect02.pdf

A
AndreSeptian14

This document provides an overview of classical cryptography techniques including the Spartan scytale cipher, shift ciphers, and substitution ciphers. It discusses how shift ciphers have a small key space making them vulnerable to brute force attacks. Substitution ciphers are vulnerable to frequency analysis attacks, which works by analyzing letter frequencies in the ciphertext to determine the plaintext. The document also outlines ways to strengthen substitution ciphers against frequency analysis like using nulls or homophonic substitution.

Technology
1 of 23
Download to read offline
CS 355 Fall 2005/Lecture 2 1 Introduction to Cryptography CS 355 Lecture 2 Classical Cryptography: Shift Cipher and Substitution Cipher
CS 355 Fall 2005 / Lecture 2 2 Announcements • Join class mailing list – CS355_Fall2005@cs.purdue.edu – To join the list sent an email to mailer@cs.purdue.edu, with empty subject and the body containing the text 'add your_email to CS355_Fall2005' • TA office hour: – Monday 9:30am to 10:30am – Wednesday 3:15pm to 4:15pm
CS 355 Fall 2005 / Lecture 2 3 Lecture Outline • The Spartan scytale and transposition ciphers • Shift and substitution ciphers. • Frequency Analysis: attacks on substitution ciphers.
CS 355 Fall 2005 / Lecture 2 4 History of Cryptography • 2500+ years • An ongoing battle between codemakers and codebreakers • Driven by communication & computation technology – paper and ink – cryptographic engine & telegram, radio – modern cryptography: computers & digital communication
CS 355 Fall 2005 / Lecture 2 5 A Symmetric Cipher • A Cipher (K, P, C, E, D) – K : the key space – P : the plaintext space – C : the ciphertext space – E: K ×P → C : the encryption function – D: K ×C → P : the decryption function • Given a key K and a plaintext P, D(K, E(K,P)) = P
CS 355 Fall 2005 / Lecture 2 6 Cryptanalysis of Ciphers • Goals: – recover the encryption key – decrypt a given message
CS 355 Fall 2005 / Lecture 2 7 Adversarial Models for Symmetric Ciphers • The language of the plaintext and the nature of the cipher are assumed to be known to the adversary. • Ciphertext-only attack: The adversary knows a number of ciphertexts. • Known-plaintext attack: The adversary knows some pairs of ciphertext and corresponding plaintext.
CS 355 Fall 2005 / Lecture 2 8 Adversarial Models for Symmetric Ciphers • Chosen-plaintext attack The adversary can choose a number of messages and obtain the ciphertexts for them • Chosen-ciphertext attack The adversary can choose a number of ciphertexts and obtain the plaintexts.
CS 355 Fall 2005 / Lecture 2 9 The Spartan Scytale Cipher • Dating back to 5th centry B.C. • A scytale is a wooden staff, around which a belt is wound; message is written along the length of the scytale • It is a transposition cipher – the letters of a message are rearranged • Cryptanalysis?
CS 355 Fall 2005 / Lecture 2 10 Shift Cipher • A substitution cipher • The Key Space: – [1 .. 25] • Encryption given a key K: – each letter in the plaintext P is replaced with the K’th letter following corresponding number (shift right) • Decryption given K: – shift left History: K = 3, Caesar’s cipher
CS 355 Fall 2005 / Lecture 2 11 Shift Cipher: An Example A B C D E F G H I J K L M N O P Q R S T U V W X Y Z 0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 P = CRYPTOGRAPHYISFUN K = 11 C = NCJAVZRCLASJTDQFY C → 2; 2+11 mod 26 = 13 → N R → 17; 17+11 mod 26 = 2 → C … N → 13; 13+11 mod 26 = 24 → Y
CS 355 Fall 2005 / Lecture 2 12 Shift Cipher: Cryptanalysis • Can an attacker find K? – YES: exhaustive search, key space is small (<= 26 possible keys). • Once K is found, very easy to decrypt
CS 355 Fall 2005 / Lecture 2 13 General Monoalphabetic Substitution Cipher • The key space: all permutations of Σ = {A, B, C, …, Z} • Encryption given a key π: – each letter X in the plaintext P is replaced with π(X) • Decryption given a key π: – each letter Y in the cipherext P is replaced with π-1(Y) Example: A B C D E F G H I J K L M N O P Q R S T U V W X Y Z π= B A D C Z H W Y G O Q X S V T R N M S K J I P F E U BECAUSE → AZDBJSZ
CS 355 Fall 2005 / Lecture 2 14 Strength of the General Substitution Cipher • Exhaustive search is infeasible – key space size is 26! ≈ 4×1026 • Dominates the art of secret writing throughout the first millennium A.D. • Thought to be unbreakable by many back then
CS 355 Fall 2005 / Lecture 2 15 Cryptanalysis of Substitution Ciphers: Frequency Analysis • Basic ideas: – Each language has certain features: frequency of letters, or of groups of two or more letters. – Substitution ciphers preserve the language features. – Substitution ciphers are vulnerable to frequency analysis attacks.
CS 355 Fall 2005 / Lecture 2 16 Frequency of Letters in English 0 2 4 6 8 10 12 14 a b c d e f g h i j k l m n o p q r s t u v w x y z Series1
CS 355 Fall 2005 / Lecture 2 17 Other Frequency Features of English • EN is the most common two-letter combination, followed by RE, ER, and NT. • Vowels, which constitute 40 % of plaintext, are often separated by consonants. • The letter A is often found in the beginning of a word or second from last. The letter I is often third from the end of a word. • The letter Q is followed only by U • And more …
CS 355 Fall 2005 / Lecture 2 18 Substitution Ciphers: Cryptanalysis • The number of different ciphertext characters or combinations are counted to determine the frequency of usage. • The cipher text is examined for patterns, repeated series, and common combinations. • Replace ciphertext characters with possible plaintext equivalents using known language characteristics.
CS 355 Fall 2005 / Lecture 2 19 History • Discovered by the Arabs – earliest known description of frequency analysis is in a book by the ninth-century scientist al-Kindi • Rediscovered or introduced from the Arabs in the Europe during the Renaissance • Frequency analysis made substitution cipher insecure
CS 355 Fall 2005 / Lecture 2 20 Ways to Improve the Security of Substitution Cipher • Using nulls – e.g., using numbers from 1 to 99 as the ciphertext alphabet, some numbers representing nothing and are inserted randomly • Deliberately misspell words – e.g., “Thys haz thi ifekkt off diztaughting thi ballans off frikwenseas” • Homophonic substitution cipher – each letter is replaced by a variety of substitutes • These make frequency analysis more difficult, but not impossible
CS 355 Fall 2005 / Lecture 2 21 Summary • Shift ciphers are easy to break using brute force attacks, they have small key space. • Substitution ciphers vulnerable to frequency analysis attacks.
CS 355 Fall 2005 / Lecture 2 22 Recommended Reading for This Lecture • The Code Book, Chapter 1
CS 355 Fall 2005 / Lecture 2 23 Coming Attractions … • Basic modular arithmetic • Affine cipher • Recommended reading for next lecture: Trappe & Washington: 2.0, 2.1, 2.2

Recommended

Spring12_topic01.ppt
Spring12_topic01.pptSpring12_topic01.ppt
Spring12_topic01.ppt
DakshPrajapati23
 
Symmetric Encryption Techniques
Symmetric Encryption Techniques Symmetric Encryption Techniques
Symmetric Encryption Techniques
Dr. Kapil Gupta
 
Classical encryption techniques
Classical encryption techniquesClassical encryption techniques
Classical encryption techniques
Dr.Florence Dayana
 
2 classical cryptosystems
2 classical cryptosystems2 classical cryptosystems
2 classical cryptosystems
dmc5abdulla
 
EncryptionTechChap2.ppt
EncryptionTechChap2.pptEncryptionTechChap2.ppt
EncryptionTechChap2.ppt
rajirajesh8
 
Information and network security 12 classical substitution ciphers
Information and network security 12 classical substitution ciphersInformation and network security 12 classical substitution ciphers
Information and network security 12 classical substitution ciphers
Vaibhav Khanna
 
Classical Encryption Techniques.pdf
Classical Encryption Techniques.pdfClassical Encryption Techniques.pdf
Classical Encryption Techniques.pdf
DevangShukla10
 
Basic Encryption Decryption Chapter 2
Basic Encryption Decryption Chapter 2Basic Encryption Decryption Chapter 2
Basic Encryption Decryption Chapter 2
AfiqEfendy Zaen
 

Recommended

Spring12_topic01.ppt
Spring12_topic01.pptSpring12_topic01.ppt
Spring12_topic01.ppt
DakshPrajapati23
 
Symmetric Encryption Techniques
Symmetric Encryption Techniques Symmetric Encryption Techniques
Symmetric Encryption Techniques
Dr. Kapil Gupta
 
Classical encryption techniques
Classical encryption techniquesClassical encryption techniques
Classical encryption techniques
Dr.Florence Dayana
 
2 classical cryptosystems
2 classical cryptosystems2 classical cryptosystems
2 classical cryptosystems
dmc5abdulla
 
EncryptionTechChap2.ppt
EncryptionTechChap2.pptEncryptionTechChap2.ppt
EncryptionTechChap2.ppt
rajirajesh8
 
Information and network security 12 classical substitution ciphers
Information and network security 12 classical substitution ciphersInformation and network security 12 classical substitution ciphers
Information and network security 12 classical substitution ciphers
Vaibhav Khanna
 
Classical Encryption Techniques.pdf
Classical Encryption Techniques.pdfClassical Encryption Techniques.pdf
Classical Encryption Techniques.pdf
DevangShukla10
 
Basic Encryption Decryption Chapter 2
Basic Encryption Decryption Chapter 2Basic Encryption Decryption Chapter 2
Basic Encryption Decryption Chapter 2
AfiqEfendy Zaen
 
Network security CS2
Network security CS2Network security CS2
Network security CS2
Infinity Tech Solutions
 
15_526_topic02.ppt
15_526_topic02.ppt15_526_topic02.ppt
15_526_topic02.ppt
Meera357768
 
Cryptology
CryptologyCryptology
Cryptology
Rupesh Mishra
 
Classical Encryption
Classical EncryptionClassical Encryption
Classical Encryption
Shafaan Khaliq Bhatti
 
Pertemuan 7 cryptography
Pertemuan 7 cryptographyPertemuan 7 cryptography
Pertemuan 7 cryptography
newbie2019
 
Edward Schaefer
Edward SchaeferEdward Schaefer
Edward Schaefer
Information Security Awareness Group
 
UNIT 2.ppt
UNIT 2.pptUNIT 2.ppt
UNIT 2.ppt
Manoj R. Kharde
 
Cryptography and Network Security
Cryptography and Network SecurityCryptography and Network Security
Cryptography and Network Security
Smt. Indira Gandhi College of Engineering, Navi Mumbai, Mumbai
 
History of Cipher System
History of Cipher SystemHistory of Cipher System
History of Cipher System
Asad Ali
 
Caesar cipher
Caesar cipherCaesar cipher
Caesar cipher
Ramadhi Irawan
 
Elementary cryptography
Elementary cryptographyElementary cryptography
Elementary cryptography
G Prachi
 
Ch02...1
Ch02...1Ch02...1
Ch02...1
nathanurag
 
Fundamentals of cryptography workshop
Fundamentals of cryptography workshopFundamentals of cryptography workshop
Fundamentals of cryptography workshop
Manojit Ballav
 
dokumen.tips_chapter-2-classical-encryption-techniques-56969e027fe68.ppt
dokumen.tips_chapter-2-classical-encryption-techniques-56969e027fe68.pptdokumen.tips_chapter-2-classical-encryption-techniques-56969e027fe68.ppt
dokumen.tips_chapter-2-classical-encryption-techniques-56969e027fe68.ppt
husnainali397602
 
overview of cryptographic techniques
overview of cryptographic techniquesoverview of cryptographic techniques
overview of cryptographic techniques
Shubham Jain
 
module 1 (part A).pdf
module 1 (part A).pdfmodule 1 (part A).pdf
module 1 (part A).pdf
ChethanKrishna14
 
cryptography.ppt
cryptography.pptcryptography.ppt
cryptography.ppt
AkshayaPriyaJanartha
 
Classical encryption techniques
Classical encryption techniquesClassical encryption techniques
Classical encryption techniques
Janani S
 
Chapter_three - Computer Security.pdf
Chapter_three - Computer Security.pdfChapter_three - Computer Security.pdf
Chapter_three - Computer Security.pdf
AschalewAyele2
 
ch02.ppt
ch02.pptch02.ppt
ch02.ppt
ShailendraPardeshi4
 
Decarbonising Commercial Real Estate: The Role of Operational Performance
Decarbonising Commercial Real Estate: The Role of Operational PerformanceDecarbonising Commercial Real Estate: The Role of Operational Performance
Decarbonising Commercial Real Estate: The Role of Operational Performance
IES VE
 
TrustArc Webinar - Unified Trust Center for Privacy, Security, Compliance, an...
TrustArc Webinar - Unified Trust Center for Privacy, Security, Compliance, an...TrustArc Webinar - Unified Trust Center for Privacy, Security, Compliance, an...
TrustArc Webinar - Unified Trust Center for Privacy, Security, Compliance, an...
TrustArc
 

More Related Content

Similar to 355_Fall05_lect02.pdf

Chapter_three - Computer Security.pdf
Chapter_three - Computer Security.pdfChapter_three - Computer Security.pdf
Chapter_three - Computer Security.pdf
AschalewAyele2
 

Similar to 355_Fall05_lect02.pdf (20)

Network security CS2
Network security CS2Network security CS2
Network security CS2
 
15_526_topic02.ppt
15_526_topic02.ppt15_526_topic02.ppt
15_526_topic02.ppt
 
Cryptology
CryptologyCryptology
Cryptology
 
Classical Encryption
Classical EncryptionClassical Encryption
Classical Encryption
 
Pertemuan 7 cryptography
Pertemuan 7 cryptographyPertemuan 7 cryptography
Pertemuan 7 cryptography
 
Edward Schaefer
Edward SchaeferEdward Schaefer
Edward Schaefer
 
UNIT 2.ppt
UNIT 2.pptUNIT 2.ppt
UNIT 2.ppt
 
Cryptography and Network Security
Cryptography and Network SecurityCryptography and Network Security
Cryptography and Network Security
 
History of Cipher System
History of Cipher SystemHistory of Cipher System
History of Cipher System
 
Caesar cipher
Caesar cipherCaesar cipher
Caesar cipher
 
Elementary cryptography
Elementary cryptographyElementary cryptography
Elementary cryptography
 
Ch02...1
Ch02...1Ch02...1
Ch02...1
 
Fundamentals of cryptography workshop
Fundamentals of cryptography workshopFundamentals of cryptography workshop
Fundamentals of cryptography workshop
 
dokumen.tips_chapter-2-classical-encryption-techniques-56969e027fe68.ppt
dokumen.tips_chapter-2-classical-encryption-techniques-56969e027fe68.pptdokumen.tips_chapter-2-classical-encryption-techniques-56969e027fe68.ppt
dokumen.tips_chapter-2-classical-encryption-techniques-56969e027fe68.ppt
 
overview of cryptographic techniques
overview of cryptographic techniquesoverview of cryptographic techniques
overview of cryptographic techniques
 
module 1 (part A).pdf
module 1 (part A).pdfmodule 1 (part A).pdf
module 1 (part A).pdf
 
cryptography.ppt
cryptography.pptcryptography.ppt
cryptography.ppt
 
Classical encryption techniques
Classical encryption techniquesClassical encryption techniques
Classical encryption techniques
 
Chapter_three - Computer Security.pdf
Chapter_three - Computer Security.pdfChapter_three - Computer Security.pdf
Chapter_three - Computer Security.pdf
 
ch02.ppt
ch02.pptch02.ppt
ch02.ppt
 

Recently uploaded

TrustArc Webinar - Unified Trust Center for Privacy, Security, Compliance, an...
TrustArc Webinar - Unified Trust Center for Privacy, Security, Compliance, an...TrustArc Webinar - Unified Trust Center for Privacy, Security, Compliance, an...
TrustArc Webinar - Unified Trust Center for Privacy, Security, Compliance, an...
TrustArc
 
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Victor Rentea
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Jeffrey Haguewood
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc
 
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
UiPathCommunity
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Safe Software
 

Recently uploaded (20)

Decarbonising Commercial Real Estate: The Role of Operational Performance
Decarbonising Commercial Real Estate: The Role of Operational PerformanceDecarbonising Commercial Real Estate: The Role of Operational Performance
Decarbonising Commercial Real Estate: The Role of Operational Performance
 
TrustArc Webinar - Unified Trust Center for Privacy, Security, Compliance, an...
TrustArc Webinar - Unified Trust Center for Privacy, Security, Compliance, an...TrustArc Webinar - Unified Trust Center for Privacy, Security, Compliance, an...
TrustArc Webinar - Unified Trust Center for Privacy, Security, Compliance, an...
 
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
 
Simplifying Mobile A11y Presentation.pptx
Simplifying Mobile A11y Presentation.pptxSimplifying Mobile A11y Presentation.pptx
Simplifying Mobile A11y Presentation.pptx
 
Navigating Identity and Access Management in the Modern Enterprise
Navigating Identity and Access Management in the Modern EnterpriseNavigating Identity and Access Management in the Modern Enterprise
Navigating Identity and Access Management in the Modern Enterprise
 
Platformless Horizons for Digital Adaptability
Platformless Horizons for Digital AdaptabilityPlatformless Horizons for Digital Adaptability
Platformless Horizons for Digital Adaptability
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
 
[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf
 
AI+A11Y 11MAY2024 HYDERBAD GAAD 2024 - HelloA11Y (11 May 2024)
AI+A11Y 11MAY2024 HYDERBAD GAAD 2024 - HelloA11Y (11 May 2024)AI+A11Y 11MAY2024 HYDERBAD GAAD 2024 - HelloA11Y (11 May 2024)
AI+A11Y 11MAY2024 HYDERBAD GAAD 2024 - HelloA11Y (11 May 2024)
 
CNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In PakistanCNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In Pakistan
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
 
Choreo: Empowering the Future of Enterprise Software Engineering
Choreo: Empowering the Future of Enterprise Software EngineeringChoreo: Empowering the Future of Enterprise Software Engineering
Choreo: Empowering the Future of Enterprise Software Engineering
 
Design and Development of a Provenance Capture Platform for Data Science
Design and Development of a Provenance Capture Platform for Data ScienceDesign and Development of a Provenance Capture Platform for Data Science
Design and Development of a Provenance Capture Platform for Data Science
 
Elevate Developer Efficiency & build GenAI Application with Amazon Q​
Elevate Developer Efficiency & build GenAI Application with Amazon Q​Elevate Developer Efficiency & build GenAI Application with Amazon Q​
Elevate Developer Efficiency & build GenAI Application with Amazon Q​
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
Exploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusExploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with Milvus
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptx
 

355_Fall05_lect02.pdf

  • 1. CS 355 Fall 2005/Lecture 2 1 Introduction to Cryptography CS 355 Lecture 2 Classical Cryptography: Shift Cipher and Substitution Cipher
  • 2. CS 355 Fall 2005 / Lecture 2 2 Announcements • Join class mailing list – CS355_Fall2005@cs.purdue.edu – To join the list sent an email to mailer@cs.purdue.edu, with empty subject and the body containing the text 'add your_email to CS355_Fall2005' • TA office hour: – Monday 9:30am to 10:30am – Wednesday 3:15pm to 4:15pm
  • 3. CS 355 Fall 2005 / Lecture 2 3 Lecture Outline • The Spartan scytale and transposition ciphers • Shift and substitution ciphers. • Frequency Analysis: attacks on substitution ciphers.
  • 4. CS 355 Fall 2005 / Lecture 2 4 History of Cryptography • 2500+ years • An ongoing battle between codemakers and codebreakers • Driven by communication & computation technology – paper and ink – cryptographic engine & telegram, radio – modern cryptography: computers & digital communication
  • 5. CS 355 Fall 2005 / Lecture 2 5 A Symmetric Cipher • A Cipher (K, P, C, E, D) – K : the key space – P : the plaintext space – C : the ciphertext space – E: K ×P → C : the encryption function – D: K ×C → P : the decryption function • Given a key K and a plaintext P, D(K, E(K,P)) = P
  • 6. CS 355 Fall 2005 / Lecture 2 6 Cryptanalysis of Ciphers • Goals: – recover the encryption key – decrypt a given message
  • 7. CS 355 Fall 2005 / Lecture 2 7 Adversarial Models for Symmetric Ciphers • The language of the plaintext and the nature of the cipher are assumed to be known to the adversary. • Ciphertext-only attack: The adversary knows a number of ciphertexts. • Known-plaintext attack: The adversary knows some pairs of ciphertext and corresponding plaintext.
  • 8. CS 355 Fall 2005 / Lecture 2 8 Adversarial Models for Symmetric Ciphers • Chosen-plaintext attack The adversary can choose a number of messages and obtain the ciphertexts for them • Chosen-ciphertext attack The adversary can choose a number of ciphertexts and obtain the plaintexts.
  • 9. CS 355 Fall 2005 / Lecture 2 9 The Spartan Scytale Cipher • Dating back to 5th centry B.C. • A scytale is a wooden staff, around which a belt is wound; message is written along the length of the scytale • It is a transposition cipher – the letters of a message are rearranged • Cryptanalysis?
  • 10. CS 355 Fall 2005 / Lecture 2 10 Shift Cipher • A substitution cipher • The Key Space: – [1 .. 25] • Encryption given a key K: – each letter in the plaintext P is replaced with the K’th letter following corresponding number (shift right) • Decryption given K: – shift left History: K = 3, Caesar’s cipher
  • 11. CS 355 Fall 2005 / Lecture 2 11 Shift Cipher: An Example A B C D E F G H I J K L M N O P Q R S T U V W X Y Z 0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 P = CRYPTOGRAPHYISFUN K = 11 C = NCJAVZRCLASJTDQFY C → 2; 2+11 mod 26 = 13 → N R → 17; 17+11 mod 26 = 2 → C … N → 13; 13+11 mod 26 = 24 → Y
  • 12. CS 355 Fall 2005 / Lecture 2 12 Shift Cipher: Cryptanalysis • Can an attacker find K? – YES: exhaustive search, key space is small (<= 26 possible keys). • Once K is found, very easy to decrypt
  • 13. CS 355 Fall 2005 / Lecture 2 13 General Monoalphabetic Substitution Cipher • The key space: all permutations of Σ = {A, B, C, …, Z} • Encryption given a key π: – each letter X in the plaintext P is replaced with π(X) • Decryption given a key π: – each letter Y in the cipherext P is replaced with π-1(Y) Example: A B C D E F G H I J K L M N O P Q R S T U V W X Y Z π= B A D C Z H W Y G O Q X S V T R N M S K J I P F E U BECAUSE → AZDBJSZ
  • 14. CS 355 Fall 2005 / Lecture 2 14 Strength of the General Substitution Cipher • Exhaustive search is infeasible – key space size is 26! ≈ 4×1026 • Dominates the art of secret writing throughout the first millennium A.D. • Thought to be unbreakable by many back then
  • 15. CS 355 Fall 2005 / Lecture 2 15 Cryptanalysis of Substitution Ciphers: Frequency Analysis • Basic ideas: – Each language has certain features: frequency of letters, or of groups of two or more letters. – Substitution ciphers preserve the language features. – Substitution ciphers are vulnerable to frequency analysis attacks.
  • 16. CS 355 Fall 2005 / Lecture 2 16 Frequency of Letters in English 0 2 4 6 8 10 12 14 a b c d e f g h i j k l m n o p q r s t u v w x y z Series1
  • 17. CS 355 Fall 2005 / Lecture 2 17 Other Frequency Features of English • EN is the most common two-letter combination, followed by RE, ER, and NT. • Vowels, which constitute 40 % of plaintext, are often separated by consonants. • The letter A is often found in the beginning of a word or second from last. The letter I is often third from the end of a word. • The letter Q is followed only by U • And more …
  • 18. CS 355 Fall 2005 / Lecture 2 18 Substitution Ciphers: Cryptanalysis • The number of different ciphertext characters or combinations are counted to determine the frequency of usage. • The cipher text is examined for patterns, repeated series, and common combinations. • Replace ciphertext characters with possible plaintext equivalents using known language characteristics.
  • 19. CS 355 Fall 2005 / Lecture 2 19 History • Discovered by the Arabs – earliest known description of frequency analysis is in a book by the ninth-century scientist al-Kindi • Rediscovered or introduced from the Arabs in the Europe during the Renaissance • Frequency analysis made substitution cipher insecure
  • 20. CS 355 Fall 2005 / Lecture 2 20 Ways to Improve the Security of Substitution Cipher • Using nulls – e.g., using numbers from 1 to 99 as the ciphertext alphabet, some numbers representing nothing and are inserted randomly • Deliberately misspell words – e.g., “Thys haz thi ifekkt off diztaughting thi ballans off frikwenseas” • Homophonic substitution cipher – each letter is replaced by a variety of substitutes • These make frequency analysis more difficult, but not impossible
  • 21. CS 355 Fall 2005 / Lecture 2 21 Summary • Shift ciphers are easy to break using brute force attacks, they have small key space. • Substitution ciphers vulnerable to frequency analysis attacks.
  • 22. CS 355 Fall 2005 / Lecture 2 22 Recommended Reading for This Lecture • The Code Book, Chapter 1
  • 23. CS 355 Fall 2005 / Lecture 2 23 Coming Attractions … • Basic modular arithmetic • Affine cipher • Recommended reading for next lecture: Trappe & Washington: 2.0, 2.1, 2.2