4. September 10, 2009 Slide #8-4
What is Cryptography?
• Secret writing.
• Cryptanalysis is the breaking of codes.
• Basic component of cryptography is a
cryptosystem
• The goal of cryptography is to keep
enciphered information secret.
5. September 10, 2009 Slide #8-5
Cryptosystem
• Quintuple (E, D, M, K, C)
– M set of plaintexts
– K set of keys
– C set of ciphertexts
– E set of encryption functions e: M K C
– D set of decryption functions d: C K M
6. September 10, 2009 Slide #8-6
Example
• Example: Cæsar cipher( in which letters are
shifted)
– M = { sequences of letters }
– K = { i | i is an integer and 0 ≤ i ≤ 25 }
– E = { Ek | k K and for all letters m,
Ek(m) = (m + k) mod 26 }
– D = { Dk | k K and for all letters c C,
Dk(c) = (26 + c – k) mod 26 }
– D = M
7. September 10, 2009 Slide #8-7
Attacks
• Opponent whose goal is to break cryptosystem is
the adversary
– Assume adversary knows algorithm used, but not key
• Three types of attacks:
– ciphertext only: adversary has only ciphertext; goal is to
find plaintext, possibly key
– known plaintext: adversary has ciphertext,
corresponding plaintext; goal is to find key
– chosen plaintext: adversary may supply plaintexts and
obtain corresponding ciphertext; goal is to find key
8. September 10, 2009 Slide #8-8
Classical Cryptography
• Sender, receiver share common key
– Keys may be the same, or trivial to derive from one
another
– Sometimes called symmetric key cryptography
– In this system. Dk=Ek
-1 (e.g. in Caeser Cipher key are
E3 and D3)
• Two basic types
– Transposition ciphers
– Substitution ciphers
– Combinations are called product ciphers
9. September 10, 2009 Slide #8-9
Transposition Cipher
• Rearrange letters in plaintext to produce
ciphertext.
• Example (Rail-Fence Cipher)
– Plaintext is HELLO WORLD
– Rearrange as
HLOOL
ELWRD
– Ciphertext is HLOOL ELWRD
10. September 10, 2009 Slide #8-10
Substitution Ciphers
• Change characters in plaintext to produce
ciphertext
• Example (Cæsar cipher)
– Plaintext is HELLO WORLD
– Change each letter to the third letter following it
(X goes to A, Y to B, Z to C)
• Key is 3, usually written as letter ‘D’
– Ciphertext is KHOOR ZRUOG
11. September 10, 2009 Slide #8-11
Attacking the Cipher
• Exhaustive search
– If the key space is small enough, try all possible
keys until you find the right one
– Cæsar cipher has 26 possible keys
12. September 10, 2009 Slide #8-12
Cæsar’s Problem
• Key is too short
– Can be found by exhaustive search
– Statistical frequencies not concealed well
• They look too much like regular English letters
• So make it longer
– Multiple letters in key
– Idea is to smooth the statistical frequencies to
make cryptanalysis harder
16. Vernam Cipher
Selects the key that is as long as the
plaintext.
It works on binary bits than letters
Ci=pi X-OR ki
Where ith cipher bit is equal to ith plaintext bit
X-OR with ith key bit.
17. September 10, 2009 Slide #8-17
One-Time Pad
• A Vigenère cipher with a random key at least as
long as the message
Example: (letter numbers from 0 to 25)
Plain Text: H O W A R E Y O U
7 14 22 0 17 4 24 14 20
One time pad N C B T Z Q A R X
13 2 1 19 25 16 0 17 23
Initial total 16 23 19 42 20 24 31 43
Substract 26 20 16 23 19 16 20 24 5 17
( if > 25)
Cipher text U Q X T Q U Y F R
56. Digital Signature
Definition: A digital signature is a construct
that authenticates both the origin and
contents of a message in a manner that is
provable to a disinterested third party.
RSA Digital signature:
suppose Alice is sending Bob her signature
on a confidential contract m. She enciphers
it first and then signs it.
C= (meBob mod nBob )dAlice mod nAlice
57. El Gamal Digital Signature
Similar to Diffie-Hellman scheme and relies on the solving of
discrete log problem.
Choose a prime p and two random numbers g and d both less
than p.
Compute y= g d mod p ;
Public key is (y,g,p) , private key is d.
Supose Alice wants to send Bob a signed contract m. Alice
selects a number k that is relatively prime to p-1.
Computes a =g k mod p and find b using m=(da+kb) mod p-1.
The pair (a,b) is the signature.
To verify the signature, check that; yaab mod p = g m mod p
58. El Gamal: Example
Alice chooses p=29 , g=3, and dAlice=6, yielding y =4.
She wants to send Bob the signed contract X(23). She
choose k=5, which is relatively prime to 28.
She computes a= 35 mod29=11. Solve for b using.
23=(6*11+5*b) mod 28. yields b= 25.
Alice send Bob m=23 and the signature (11, 25)
Bob wants to verify the signature, so he computes,
yaab mod p = 411 *1125 mod 29 =8, and
gm mod p =323 mod 29 =8
Because the two match, Alice signed the message.