SlideShare a Scribd company logo

paper10.pdf

A
aminasouyah

paper10

Engineering
1 of 44
Download to read offline
January 10, 2012 1 Cryptography and Network Security Lecture 2: Classical encryption Ion Petre Department of IT, Åbo Akademi University Spring 2012 http://users.abo.fi/ipetre/crypto/ http://users.abo.fi/ipetre/crypto/
January 10, 2012 2 Overview of the course  I. CRYPTOGRAPHY  Secret-key cryptography  Classical encryption techniques  DES, AES, RC5, RC4  Public-key cryptography  RSA  Key management  II. AUTHENTICATION  MAC  Hashes and message digests  Digital signatures  Kerberos  III. NETWORK SECURITY  Email security  IP security  Web security (SSL, secure electronic transactions)  Firewalls  Wireless security  IV. OTHER ISSUES  Viruses  Digital cash  Secret sharing schemes  Zero-knowledge techniques http://users.abo.fi/ipetre/crypto/
January 10, 2012 3 Part I. Cryptography  Will cover more than half of this course  I.1 Secret-key cryptography  Also called symmetric or conventional cryptography  Five ingredients  Plaintext  Encryption algorithm: runs on the plaintext and the encryption key to yield the ciphertext  Secret key: an input to the encryption algorithm, value independent of the plaintext; different keys will yield different outputs  Ciphertext: the scrambled text produced as an output by the encryption algorithm  Decryption algorithm: runs on the ciphertext and the key to produce the plaintext  Requirements for secure conventional encryption  Strong encryption algorithm  An opponent who knows one or more ciphertexts would not be able to find the plaintexts or the key  Ideally, even if he knows one or more pairs plaintext-ciphertext, he would not be able to find the key  Sender and receiver must share the same key. Once the key is compromised, all communications using that key are readable  It is impractical to decrypt the message on the basis of the ciphertext plus the knowledge of the encryption algorithm  encryption algorithm is not a secret http://users.abo.fi/ipetre/crypto/
January 10, 2012 4 Cryptography – some notations  Notation for relating the plaintext, ciphertext, and the keys  C=EK(P) denotes that C is the encryption of the plaintext P using the key K  P=DK(C) denotes that P is the decryption of the ciphertext C using the key K  Then DK(EK(P))=P http://users.abo.fi/ipetre/crypto/
January 10, 2012 5 Caesar Cipher  It is a typical substitution cipher and the oldest known – attributed to Julius Caesar  Simple rule: replace each letter of the alphabet with the letter standing 3 places further down the alphabet  Example: MEET ME AFTER THE TOGA PARTY PHHW PH DIWHU WKH WRJD SDUWB  Here the key is 3 – choose another key to get a different substitution  The alphabet is wrapped around so that after Z follows A: a b c d e f g h i j k l m n o p q r s t u v w x y z D E F G H I J K L M N O P Q R S T U V W X Y Z A B C http://users.abo.fi/ipetre/crypto/
January 10, 2012 6 Caesar cipher  Mathematically, give each letter a number a b c d e f g h i j k l m n o p q r s t u v w x y z 0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25  The key is a number from to 25  Caesar cipher can now be given as  E(p) = (p + k) mod (26)  D(C) = (C – k) mod (26) http://users.abo.fi/ipetre/crypto/
January 10, 2012 7 Attacking Caesar  Caesar can be broken if we only know one pair (plain letter, encrypted letter)  The difference between them is the key  Caesar can be broken even if we only have the encrypted text and no knowledge of the plaintext  Brute-force attack is easy: there are only 25 keys possible  Try all 25 keys and check to see which key gives an intelligible message http://users.abo.fi/ipetre/crypto/
January 10, 2012 8 From Stallings – “Cryptography and Network Security” Why is Caesar easy to break?  Only 25 keys to try  The language of the plaintext is known and easily recognizable  What if the language is unknown?  What if the plaintext is a binary file of an unknown format? http://users.abo.fi/ipetre/crypto/
January 10, 2012 9 Strengthening Caesar: monoalphabetic ciphers  Caesar only has 25 possible keys – far from secure  Idea: instead of shifting the letters with a fixed amount how about allowing any permutation of the alphabet Plain: abcdefghijklmnopqrstuvwxyz Cipher: DKVQFIBJWPESCXHTMYAUOLRGZN Plaintext: if we wish to replace letters Ciphertext: WI RF RWAJ UH YFTSDVF SFUUFYA  This is called monoalphabetic susbstitution cipher – a single alphabet is used  The increase in the number of keys is dramatic: 26!, i.e., more than 4x1026 possible keys  Compare: DES only has an order of 1016 possible keys http://users.abo.fi/ipetre/crypto/
January 10, 2012 10 How large is large? Adapted from Handbook of Applied Cryptography (A.Menezes, P.van Oorschot, S.Vanstone), 1996 Reference Order of magnitude Seconds in a year ≈ 3 x 107 Age of our solar system (years) ≈ 6 x 109 Seconds since creation of solar system ≈ 2 x 1017 Clock cycles per year, 3 GHz computer ≈ 9.6 x 1016 Binary strings of length 64 264 ≈ 1.8 x 1019 Binary strings of length 128 2128 ≈ 3.4 x 1038 Binary strings of length 256 2256 ≈ 1.2 x 1077 Number of 75-digit prime numbers ≈ 5.2 x 1072 Electrons in the universe ≈ 8.37 x 1077 http://users.abo.fi/ipetre/crypto/
January 10, 2012 11 Monoalphabetic ciphers  Having 1016 possible keys appears to make the system challenging: difficult to perform brute-force attacks  There is however another line of attack that easily defeats the system even when a relatively small ciphertext is known  If the cryptanalyst knows the nature of the text, e.g., noncompressed English text, then he can exploit the regularities of the language http://users.abo.fi/ipetre/crypto/
January 10, 2012 12 Language redundancy and cryptanalysis  Human languages are redundant  Letters are not equally commonly used  In English E is by far the most common letter  Followed by T,R,N,I,O,A,S  Other letters are fairly rare  See Z,J,K,Q,X  Tables of single, double & triple letter frequencies exist  Most common digram in English is TH  Most common trigram in English in THE http://users.abo.fi/ipetre/crypto/
January 10, 2012 13 English Letter Frequencies http://users.abo.fi/ipetre/crypto/
January 10, 2012 14 Cryptanalysis of monoalphabetic ciphers  Key concept - monoalphabetic substitution ciphers do not change relative letter frequencies  Discovered by Arabs in the 9th century  Calculate letter frequencies for ciphertext  Compare counts/plots against known values  Most frequent letter in the ciphertext may well encrypt E  The next one could encrypt T or A  After relatively few tries the system is broken  If the ciphertext is relatively short (and so, the frequencies are not fully relevant) then more guesses may be needed  Powerful tool: look at the frequency of two-letter combinations (digrams) http://users.abo.fi/ipetre/crypto/
January 10, 2012 15 Example of cryptanalysis  Ciphertext: UZQSOVUOHXMOPVGPOZPEVSGZWSZOPFPESXUDBMETSXAIZVUEPHZHMDZSHZOWSFPAPPDTSVPQUZ WYMXUZUHSXEPYEPOPDZSZUFPOMBZWPFUPZHMDJUDTMOHMQ  Count relative letter frequencies: P is the most frequent (13.33%), followed by Z (11.67), S (8.33), U (8.33), O (7.5), M (6.67), H (5.83), etc.  Guess P and Z stand for E and T but the order is not clear because of small difference in the frequency  The next set of letters {S,U, O, M, H} may stand for {A, H, I, N, O, R, S} but again it is not completely clear which is which  One may try to guess and see how the text translates  Also, a good guess is that ZW, the most common digram in the ciphertext, is TH, the most common digram in English: thus, ZWP is THE  Proceed with trial and error and finally get after inserting the proper blanks: it was disclosed yesterday that several informal but direct contacts have been made with political representatives of the viet cong in moscow http://users.abo.fi/ipetre/crypto/
January 10, 2012 16 Some conclusions after this cryptanalysis  Monoalphabetic ciphers are easy to break because they reflect the frequency of the original alphabet  Essential to know the original alphabet  Countermeasure: provide multiple substitutes for a given letter  Highly frequent letters such as E could be encrypted using a larger number of letters than less frequent letters such as Z: to encrypt E one could choose either one of, say 15 fixed letters, and to encrypt Z one could choose either one of, say 2 fixed letters  The number of encryptions for a letter may be proportional with the frequency rate in the original language (English)  This would hide the letter-frequency information  However: Multiple-letter patterns (digrams, trigrams, etc) survive in the text providing a tool for cryptanalysis  Each element of the plaintext only affects one element in the ciphertext  Longer text needed for breaking the system, but cryptanalysis still relatively straightforward http://users.abo.fi/ipetre/crypto/
January 10, 2012 17 Measures to hide the structure of the plaintext 1. Encrypt multiple letters of the plaintext at once 2. Use more than one substitution in encryption and decryption (polyalphabetic ciphers)  Consider both these approaches in the following http://users.abo.fi/ipetre/crypto/
January 10, 2012 18 Playfair Cipher  The Playfair Cipher is an example of multiple-letter encryption  Invented by Sir Charles Wheatstone in 1854, but named after his friend Baron Playfair who championed the cipher at the British foreign office  Based on the use of a 5x5 matrix in which the letters of the alphabet are written (I is considered the same as J)  This is called key matrix http://users.abo.fi/ipetre/crypto/
January 10, 2012 19 Playfair key matrix  A 5X5 matrix of letters based on a keyword  Fill in letters of keyword (no duplicates)  Left to right, top to bottom  Fill the rest of matrix with the other letters in alphabetic order  E.g. using the keyword MONARCHY, we obtain the following matrix M O N A R C H Y B D E F G I K L P Q S T U V W X Z http://users.abo.fi/ipetre/crypto/
January 10, 2012 20 Encrypting and decrypting with Playfair  The plaintext is encrypted two letters at a time: 1. Break the plaintext into pairs of two consecutive letters 2. If a pair is a repeated letter, insert a filler like 'X‘ in the plaintext, eg. "balloon" is treated as "ba lx lo on" 3. If both letters fall in the same row of the key matrix, replace each with the letter to its right (wrapping back to start from end), eg. “AR" encrypts as "RM" 4. If both letters fall in the same column, replace each with the letter below it (again wrapping to top from bottom), eg. “MU" encrypts to "CM" 5. Otherwise each letter is replaced by the one in its row in the column of the other letter of the pair, eg. “HS" encrypts to "BP", and “EA" to "IM" or "JM" (as desired)  Decryption works in the reverse direction  The examples above are based on this key matrix: M O N A R M O N A R C H Y B D C H Y B D E F G I K E F G I K L P Q S T L P Q S T U V W X Z U V W X Z http://users.abo.fi/ipetre/crypto/
January 10, 2012 21 Security of Playfair  Security much improved over monoalphabetic  There are 26 x 26 = 676 digrams  Needs a 676 entry digram frequency table to analyse (vs. 26 for a monoalphabetic) and correspondingly more ciphertext  Widely used for many years (eg. US & British military in WW I, other allied forces in WW II)  Can be broken, given a few hundred letters  Still has much of plaintext structure http://users.abo.fi/ipetre/crypto/
Source: W.Stallings, Cryptography and network security, 2011 (figure 2.6) January 10, 2012 22 http://users.abo.fi/ipetre/crypto/
Hill cipher  Developed by mathematician Lester Hill, 1929  Based on linear algebra  Recall  denote by I the (square) unit matrix, having 1 on the main diagonal, 0 everywhere else  for any square matrix M we have that MxI = IxM = M  the property holds over any semiring, e.g. Z, R, but also Z26  for a square matrix M, if there is a matrix N such that MxN=NxM=I, then we say that N is the inverse of M and we denote it M-1  do not discuss here determinants and calculating the inverse of a matrix (if it exists) January 10, 2012 23 http://users.abo.fi/ipetre/crypto/
Hill cipher  Each letter is represented by numbers from 0 to 25, similarly as in the Caesar cipher, from a to z  calculations are done modulo 26  Key: an invertible matrix K modulo 26, of size m  Example with m=3:  Plaintext: split it into blocks of m consecutive letters  consider each block as a row vector p with m entries modulo 26  encrypt each block separately to yield an encrypted row vector of the same size  Encryption: c=pK mod 26  Decryption: p=cK-1 mod 26 January 10, 2012 24           =           = − 17 0 24 6 17 15 15 9 4 ; 19 2 2 21 18 21 5 17 17 1 K K           = 33 32 31 23 22 21 13 12 11 3 2 1 3 2 1 ) , , ( ) , , ( k k k k k k k k k p p p c c c http://users.abo.fi/ipetre/crypto/
Hill cipher - cryptanalysis  Quite strong against ciphertext-only attacks  Weak against the known plaintext-attack  collect m pairs plaintext-ciphertext, where m is the size of the key  write the m plaintexts as the rows of a square matrix P of size m  write the m ciphertexts as the rows of a square matrix C of size m  we have that C=PK mod 26  if P is invertible modulo 26, then K=P-1C mod 26  if P is not invertible, then collect more plaintext-ciphertext pairs until an invertible P is obtained January 10, 2012 25 http://users.abo.fi/ipetre/crypto/
January 10, 2012 26 Measures to hide the structure of the plaintext 1. Encrypt multiple letters of the plaintext at once 2. Use more than one substitution in encryption and decryption (polyalphabetic ciphers) http://users.abo.fi/ipetre/crypto/
January 10, 2012 27 Polyalphabetic substitution ciphers  Idea: use different monoalphabetic substitutions as one proceeds through the plaintext  Makes cryptanalysis harder with more alphabets (substitutions) to guess and flattens frequency distribution  A key determines which particular substitution is used in each step  Example: the Vigenère cipher http://users.abo.fi/ipetre/crypto/
January 10, 2012 28 Vigenère Cipher  Proposed by Giovan Batista Belaso (1553) and reinvented by Blaise de Vigenère (1586), called “le chiffre indéchiffrable” for 300 years  Effectively multiple Caesar ciphers  Key is a word K = k1 k2 ... kd  Encryption  Read one letter t from the plaintext and one letter k from the key-word  t is encrypted according to the Caesar cipher with key k  for the next plain-letter, use the next letter from the key-word  When the key word is finished, start the reading of the key from the beginning  In other words: ci=(pi+ki mod m) mod 26  Decryption works in reverse  Example: key is “bcde”; “testing” is encrypted as “ugvxjpj”  Note that the two ‘t’ are encrypted by different letters: ‘u’ and ‘x’  The two ‘j’ in the cryptotext come from different plain letters: ‘i’ and ‘j’ http://users.abo.fi/ipetre/crypto/
January 10, 2012 29 Source: W.Stallings, Cryptography and network security, 2011 (Table 2.3) http://users.abo.fi/ipetre/crypto/
January 10, 2012 30 Vigenere tableau A B C D E F G H I J K L M N O P Q R S T U V W X Y Z A A B C D E F G H I J K L M N O P Q R S T U V W X Y Z B B C D E F G H I J K L M N O P Q R S T U V W X Y Z A C C D E F G H I J K L M N O P Q R S T U V W X Y Z A B D D E F G H I J K L M N O P Q R S T U V W X Y Z A B C E E F G H I J K L M N O P Q R S T U V W X Y Z A B C D F F G H I J K L M N O P Q R S T U V W X Y Z A B C D E G G H I J K L M N O P Q R S T U V W X Y Z A B C D E F H H I J K L M N O P Q R S T U V W X Y Z A B C D E F G I I J K L M N O P Q R S T U V W X Y Z A B C D E F G H J J K L M N O P Q R S T U V W X Y Z A B C D E F G H I K K L M N O P Q R S T U V W X Y Z A B C D E F G H I J L L M N O P Q R S T U V W X Y Z A B C D E F G H I J K M M N O P Q R S T U V W X Y Z A B C D E F G H I J K L N N O P Q R S T U V W X Y Z A B C D E F G H I J K L M O O P Q R S T U V W X Y Z A B C D E F G H I J K L M N P P Q R S T U V W X Y Z A B C D E F G H I J K L M N O Q Q R S T U V W X Y Z A B C D E F G H I J K L M N O P R R S T U V W X Y Z A B C D E F G H I J K L M N O P Q S S T U V W X Y Z A B C D E F G H I J K L M N O P Q R T T U V W X Y Z A B C D E F G H I J K L M N O P Q R S U U V W X Y Z A B C D E F G H I J K L M N O P Q R S T V V W X Y Z A B C D E F G H I J K L M N O P Q R S T U W W X Y Z A B C D E F G H I J K L M N O P Q R S T U V X X Y Z A B C D E F G H I J K L M N O P Q R S T U V W Y Y Z A B C D E F G H I J K L M N O P Q R S T U V W X Z Z A B C D E F G H I J K L M N O P Q R S T U V W X Y Example • write the plaintext out • write the keyword repeated above it • use each key letter as a Caesar cipher key • encrypt the corresponding plaintext letter • eg using keyword deceptive plain: wearediscoveredsaveyourself key: deceptivedeceptivedeceptive cipher: ZICVTWQNGRZGVTWAVZHCQYGLMGJ Plaintext letters here Key letters here http://users.abo.fi/ipetre/crypto/
January 10, 2012 31 Security of Vigenère Ciphers  Its strength lays in the fact that each plaintext letter has multiple ciphertext letters  Letter frequencies are obscured (but not totally lost) http://users.abo.fi/ipetre/crypto/
January 10, 2012 32 Breaking Vigenère: the Kasiski Method (cryptotext only)  Method developed by Babbage (1854) / Kasiski (1863)  Famous incident with breaking the Zimmerman telegram (Jan 16, 1917), contributed to the US entering WWI  We need to find the key word and for this, we first find its length  Idea: if the length is N, then the letters on positions 1, N+1, 2N+1, 3N+1, etc are encrypted with Caesar; same for letters on positions i, N+i, 2N+i, 3N+i, etc., where i runs from 1 to N  Clearly, if we deduce the length of the key word, then breaking the system is easy: break N Caesar systems  Finding the length of the key word  If plaintext starts with “the” (encrypted say by “XYZ”) and “the” also occurs starting from position N+1, then 2nd occurrence of “the” will also be encrypted by “XYZ”  Idea: repetitions in ciphertext give clues to period  Approach: find a piece of ciphertext that is repeated several times (say, at distance 6, 9, 18, 9 from each other)  If they really come from the same piece of plaintext, then the length of the key word will be a divisor of all those distances (in our example, the length of the key word must be 3) Example plain: wearediscoveredsaveyourself key: deceptivedeceptivedeceptive cipher: ZICVTWQNGRZGVTWAVZHCQYGLMGJ http://users.abo.fi/ipetre/crypto/
January 10, 2012 33 Improvement on Vigenère: autokey system  If the key were as long as the message, then the system would be defended against the previous attack  Vigenère proposed the autokey cipher  the keyword is followed by the message itself (see example bellow)  Decryption  Knowing the keyword can recover the first few letters  Use these in turn on the rest of the message  Note: the system still has frequency characteristics to attack and can be rather easily defeated  Example: the key is deceptive  Weakness: plaintext and key share the same statistical distribution of letters plaintext: wearediscoveredsaveyourself key: deceptivewearediscoveredsav ciphertext: ZICVTWQNGKZEIIGASXSTSLVVWLA http://users.abo.fi/ipetre/crypto/
Vernam cipher  Proposed as a reaction to the Kasinksi method and to the statistical attack on the auto-key method  Proposed by Gilbert Vernam (1918), an AT&T engineer  Key: a (very) long sequence of bits written on a self-looped tape  Plaintext: binary sequence (rather than sequence of letters)  Encryption: ci=pi⊕ki  Decryption: pi=ci⊕ki  Weakness: the repeating key  possible attack with (very long) ciphertext or with known plaintext January 10, 2012 34 http://users.abo.fi/ipetre/crypto/
January 10, 2012 35 One-Time pad  Proposed by Army Signal Corp office Joseph Mauborgne (1918) as an improvement over the Vernam cipher  Idea: use a (truly) random key as long as the plaintext  It is unbreakable since the ciphertext bears no statistical relationship to the plaintext  Moreover, for any plaintext & any ciphertext there exists a key mapping one to the other  Thus, a ciphertext can be decrypted to any plaintext of the same length  The cryptanalyst is in an impossible situation  Example: the ciphertext RPAY may have come from “dead”, “live”, “book” or any other 4-letter combination  nothing to learn about the key by listening on the channel because the key is never repeated http://users.abo.fi/ipetre/crypto/
January 10, 2012 36 Security of the one-time pad  The security is entirely given by the randomness of the key and by never repeating a key  If the key is truly random, then the ciphertext is random  A key can only be used once if the cryptanalyst is to be kept in the “dark”  Perfect secrecy  Problems with this perfect cryptosystem  Making large quantities of truly random characters is a significant task  Key distribution is enormously difficult: for any message to be sent, a key of equal length must be available to both parties  Very limited use in practice, only over limited-bandwidth channels requiring perfect security http://users.abo.fi/ipetre/crypto/
January 10, 2012 37 Other technique of encryption: transpositions  We have considered so far substitutions to hide the plaintext: each letter is mapped into a letter according to some substitution  Different idea: perform some sort of permutation on the plaintext letters  Hide the message by rearranging the letter order without altering the actual letters used  The simplest such technique: rail fence technique http://users.abo.fi/ipetre/crypto/
January 10, 2012 38 Rail Fence cipher  Idea: write plaintext letters diagonally over a number of rows, then read off cipher row by row  E.g., with a rail fence of depth 2, to encrypt the text “meet me after the toga party”, write message out as: m e m a t r h t g p r y e t e f e t e o a a t  Ciphertext is read from the above row-by-row: MEMATRHTGPRYETEFETEOAAT  Attack: trivial (no key involved) http://users.abo.fi/ipetre/crypto/
January 10, 2012 39 Row transposition ciphers  More complex scheme: row transposition  Write letters of message out in rows over a specified number of columns  Reading the cryptotext column-by-column, with the columns permuted according to some key  Example: “attack postponed until two am” with key 4312567: first read the column marked by 1, then the one marked by 2, etc. Key: 4 3 1 2 5 6 7 Plaintext: a t t a c k p o s t p o n e d u n t i l t w o a m x y z  If we number the letters in the plaintext from 1 to 28, then the result of the first encryption is the following permutation of letters from plaintext: 03 10 17 24 04 11 18 25 02 09 16 23 01 08 15 22 05 12 19 26 06 13 20 27 07 14 21 28  Note the regularity of that sequence!  Cryptanalysis: write the ciphertext onto columns and play with the order of the columns Ciphertext: TTNAAPTMTSUOAODWCOIXKNLYPETZ http://users.abo.fi/ipetre/crypto/
January 10, 2012 40 Iterating the encryption makes it more secure  Idea: use the same scheme once more to increase security Key: 4 3 1 2 5 6 7 Input: T T N A A P T M T S U O A O D W C O I X K N L Y P E T Z  After the second transposition we get the following sequence of letters: 17 09 05 27 24 16 12 07 10 02 22 20 03 25 15 12 04 23 19 14 11 01 26 21 18 08 06 28  This is far less structured and so, more difficult to cryptanalyze  In general, easy to recognize pure transposition ciphers: same letter frequency as the language of the plaintext Output: NSCYAUOPTTWLTMDNAOIEPAXTTOKZ http://users.abo.fi/ipetre/crypto/
January 10, 2012 41 Product Ciphers  Ciphers using substitutions or transpositions are not secure because of language characteristics  Idea: using several ciphers in succession increases security  However:  two substitutions only make another (more complex?) substitution  two transpositions make another (more complex?) transposition  a substitution followed by a transposition makes a new much harder cipher This is the bridge from classical to modern ciphers http://users.abo.fi/ipetre/crypto/
January 10, 2012 42 Rotor Machines  Before modern ciphers, rotor machines were most common product cipher  Widely used in WWII  German Enigma, Allied Hagelin, Japanese Purple  Implemented a very complex, varying substitution cipher  Principle: the machine has a set of independently rotating cylinders through which electrical impulses flow  Each cylinder has 26 input pins and 26 output pins with internal wiring that connects each input pin to a unique, fixed output pin (one cylinder thus defines a monoalphabetic substitution cipher)  The output pins of one cylinder are connected to the input pins of the next cylinder  After each keystroke, the last cylinder rotates one position and the others remain still  After a complete rotation of the last cylinder (26 keystrokes), the cylinder before it rotates one position, etc.  3 cylinders have a period of 263=17576  4 cylinders have a period of 456 976  5 cylinders have a period of 11 881 376  each period is far larger than the length of the typical message sent at any one time  different transmissions would use different keys http://users.abo.fi/ipetre/crypto/
January 10, 2012 43 The Enigma machine (pictures from Wikipedia) http://users.abo.fi/ipetre/crypto/
January 10, 2012 44 http://users.abo.fi/ipetre/crypto/

Recommended

Ch02...1
Ch02...1Ch02...1
Ch02...1nathanurag
 
Otp
OtpOtp
Otpdraihl
 
Introduction To PKI Technology
Introduction To PKI TechnologyIntroduction To PKI Technology
Introduction To PKI TechnologySylvain Maret
 
Edward Schaefer
Edward SchaeferEdward Schaefer
Edward SchaeferInformation Security Awareness Group
 
Day5
Day5Day5
Day5Jai4uk
 
02 Information System Security
02 Information System Security02 Information System Security
02 Information System SecurityShu Shin
 
Cryptography- "A Black Art"
Cryptography- "A Black Art"Cryptography- "A Black Art"
Cryptography- "A Black Art"Aditya Raina
 
Cryptography Lecture by Sam Bowne
Cryptography Lecture by Sam BowneCryptography Lecture by Sam Bowne
Cryptography Lecture by Sam BowneSecurityTube.Net
 

Recommended

Ch02...1
Ch02...1Ch02...1
Ch02...1nathanurag
 
Otp
OtpOtp
Otpdraihl
 
Introduction To PKI Technology
Introduction To PKI TechnologyIntroduction To PKI Technology
Introduction To PKI TechnologySylvain Maret
 
Edward Schaefer
Edward SchaeferEdward Schaefer
Edward SchaeferInformation Security Awareness Group
 
Day5
Day5Day5
Day5Jai4uk
 
02 Information System Security
02 Information System Security02 Information System Security
02 Information System SecurityShu Shin
 
Cryptography- "A Black Art"
Cryptography- "A Black Art"Cryptography- "A Black Art"
Cryptography- "A Black Art"Aditya Raina
 
Cryptography Lecture by Sam Bowne
Cryptography Lecture by Sam BowneCryptography Lecture by Sam Bowne
Cryptography Lecture by Sam BowneSecurityTube.Net
 
Ch12 Cryptography it-slideshares.blogspot.com
Ch12 Cryptography it-slideshares.blogspot.comCh12 Cryptography it-slideshares.blogspot.com
Ch12 Cryptography it-slideshares.blogspot.comphanleson
 
Unit i
Unit iUnit i
Unit itamil arasan
 
Cryptography and network security
Cryptography and network securityCryptography and network security
Cryptography and network securityNagendra Um
 
Cryptography - An Overview
Cryptography - An OverviewCryptography - An Overview
Cryptography - An Overviewppd1961
 
Introductory Lecture on Cryptography and Information Security
Introductory Lecture on Cryptography and Information SecurityIntroductory Lecture on Cryptography and Information Security
Introductory Lecture on Cryptography and Information SecurityBikramjit Sarkar, Ph.D.
 
Secret-Key-Cryptography-ppt-by-alljobs.co_.in_.pptx
Secret-Key-Cryptography-ppt-by-alljobs.co_.in_.pptxSecret-Key-Cryptography-ppt-by-alljobs.co_.in_.pptx
Secret-Key-Cryptography-ppt-by-alljobs.co_.in_.pptxjibonjibon5
 
Cryptography - A Brief History
Cryptography - A Brief HistoryCryptography - A Brief History
Cryptography - A Brief Historyprasenjeetd
 
MAJOR PROJECT FORMAT--2013(new 1)
MAJOR PROJECT FORMAT--2013(new 1)MAJOR PROJECT FORMAT--2013(new 1)
MAJOR PROJECT FORMAT--2013(new 1)Neelabja Manna
 
Enhancing security of caesar cipher using different
Enhancing security of caesar cipher using differentEnhancing security of caesar cipher using different
Enhancing security of caesar cipher using differenteSAT Journals
 
chapter 7.pptx
chapter 7.pptxchapter 7.pptx
chapter 7.pptxMelkamtseganewTigabi1
 
Cryptography
CryptographyCryptography
CryptographyIGZ Software house
 
Ch02
Ch02Ch02
Ch02Joe Christensen
 
Dy35710714
Dy35710714Dy35710714
Dy35710714IJERA Editor
 
doc5.pdf
doc5.pdfdoc5.pdf
doc5.pdfaminasouyah
 
sheet5.pdf
sheet5.pdfsheet5.pdf
sheet5.pdfaminasouyah
 
paper5.pdf
paper5.pdfpaper5.pdf
paper5.pdfaminasouyah
 
doc5.pdf
doc5.pdfdoc5.pdf
doc5.pdfaminasouyah
 
lecture4.pdf
lecture4.pdflecture4.pdf
lecture4.pdfaminasouyah
 
lecture4.pdf
lecture4.pdflecture4.pdf
lecture4.pdfaminasouyah
 
Enhancing security of caesar cipher using different
Enhancing security of caesar cipher using differentEnhancing security of caesar cipher using different
Enhancing security of caesar cipher using differenteSAT Publishing House
 
paper9.pdf
paper9.pdfpaper9.pdf
paper9.pdfaminasouyah
 
paper8.pdf
paper8.pdfpaper8.pdf
paper8.pdfaminasouyah
 

More Related Content

Similar to paper10.pdf

Ch12 Cryptography it-slideshares.blogspot.com
Ch12 Cryptography it-slideshares.blogspot.comCh12 Cryptography it-slideshares.blogspot.com
Ch12 Cryptography it-slideshares.blogspot.comphanleson
 
Cryptography and network security
Cryptography and network securityCryptography and network security
Cryptography and network securityNagendra Um
 
Cryptography - An Overview
Cryptography - An OverviewCryptography - An Overview
Cryptography - An Overviewppd1961
 
Introductory Lecture on Cryptography and Information Security
Introductory Lecture on Cryptography and Information SecurityIntroductory Lecture on Cryptography and Information Security
Introductory Lecture on Cryptography and Information SecurityBikramjit Sarkar, Ph.D.
 
Secret-Key-Cryptography-ppt-by-alljobs.co_.in_.pptx
Secret-Key-Cryptography-ppt-by-alljobs.co_.in_.pptxSecret-Key-Cryptography-ppt-by-alljobs.co_.in_.pptx
Secret-Key-Cryptography-ppt-by-alljobs.co_.in_.pptxjibonjibon5
 
Cryptography - A Brief History
Cryptography - A Brief HistoryCryptography - A Brief History
Cryptography - A Brief Historyprasenjeetd
 
MAJOR PROJECT FORMAT--2013(new 1)
MAJOR PROJECT FORMAT--2013(new 1)MAJOR PROJECT FORMAT--2013(new 1)
MAJOR PROJECT FORMAT--2013(new 1)Neelabja Manna
 
Enhancing security of caesar cipher using different
Enhancing security of caesar cipher using differentEnhancing security of caesar cipher using different
Enhancing security of caesar cipher using differenteSAT Journals
 
Enhancing security of caesar cipher using different
Enhancing security of caesar cipher using differentEnhancing security of caesar cipher using different
Enhancing security of caesar cipher using differenteSAT Publishing House
 

Similar to paper10.pdf (20)

Ch12 Cryptography it-slideshares.blogspot.com
Ch12 Cryptography it-slideshares.blogspot.comCh12 Cryptography it-slideshares.blogspot.com
Ch12 Cryptography it-slideshares.blogspot.com
 
Unit i
Unit iUnit i
Unit i
 
Cryptography and network security
Cryptography and network securityCryptography and network security
Cryptography and network security
 
Cryptography - An Overview
Cryptography - An OverviewCryptography - An Overview
Cryptography - An Overview
 
Introductory Lecture on Cryptography and Information Security
Introductory Lecture on Cryptography and Information SecurityIntroductory Lecture on Cryptography and Information Security
Introductory Lecture on Cryptography and Information Security
 
Secret-Key-Cryptography-ppt-by-alljobs.co_.in_.pptx
Secret-Key-Cryptography-ppt-by-alljobs.co_.in_.pptxSecret-Key-Cryptography-ppt-by-alljobs.co_.in_.pptx
Secret-Key-Cryptography-ppt-by-alljobs.co_.in_.pptx
 
Cryptography - A Brief History
Cryptography - A Brief HistoryCryptography - A Brief History
Cryptography - A Brief History
 
MAJOR PROJECT FORMAT--2013(new 1)
MAJOR PROJECT FORMAT--2013(new 1)MAJOR PROJECT FORMAT--2013(new 1)
MAJOR PROJECT FORMAT--2013(new 1)
 
Enhancing security of caesar cipher using different
Enhancing security of caesar cipher using differentEnhancing security of caesar cipher using different
Enhancing security of caesar cipher using different
 
chapter 7.pptx
chapter 7.pptxchapter 7.pptx
chapter 7.pptx
 
Cryptography
CryptographyCryptography
Cryptography
 
Ch02
Ch02Ch02
Ch02
 
Dy35710714
Dy35710714Dy35710714
Dy35710714
 
doc5.pdf
doc5.pdfdoc5.pdf
doc5.pdf
 
sheet5.pdf
sheet5.pdfsheet5.pdf
sheet5.pdf
 
paper5.pdf
paper5.pdfpaper5.pdf
paper5.pdf
 
doc5.pdf
doc5.pdfdoc5.pdf
doc5.pdf
 
lecture4.pdf
lecture4.pdflecture4.pdf
lecture4.pdf
 
lecture4.pdf
lecture4.pdflecture4.pdf
lecture4.pdf
 
Enhancing security of caesar cipher using different
Enhancing security of caesar cipher using differentEnhancing security of caesar cipher using different
Enhancing security of caesar cipher using different
 

More from aminasouyah

More from aminasouyah (20)

paper9.pdf
paper9.pdfpaper9.pdf
paper9.pdf
 
paper8.pdf
paper8.pdfpaper8.pdf
paper8.pdf
 
paper7.pdf
paper7.pdfpaper7.pdf
paper7.pdf
 
paper6.pdf
paper6.pdfpaper6.pdf
paper6.pdf
 
paper4.pdf
paper4.pdfpaper4.pdf
paper4.pdf
 
paper3.pdf
paper3.pdfpaper3.pdf
paper3.pdf
 
paper2.pdf
paper2.pdfpaper2.pdf
paper2.pdf
 
paper1.pdf
paper1.pdfpaper1.pdf
paper1.pdf
 
sheet7.pdf
sheet7.pdfsheet7.pdf
sheet7.pdf
 
sheet6.pdf
sheet6.pdfsheet6.pdf
sheet6.pdf
 
sheet4.pdf
sheet4.pdfsheet4.pdf
sheet4.pdf
 
sheet3.pdf
sheet3.pdfsheet3.pdf
sheet3.pdf
 
sheet2.pdf
sheet2.pdfsheet2.pdf
sheet2.pdf
 
sheet1.pdf
sheet1.pdfsheet1.pdf
sheet1.pdf
 
doc4.pdf
doc4.pdfdoc4.pdf
doc4.pdf
 
doc7.pdf
doc7.pdfdoc7.pdf
doc7.pdf
 
doc6.pdf
doc6.pdfdoc6.pdf
doc6.pdf
 
doc4.pdf
doc4.pdfdoc4.pdf
doc4.pdf
 
doc3.pdf
doc3.pdfdoc3.pdf
doc3.pdf
 
doc2.pdf
doc2.pdfdoc2.pdf
doc2.pdf
 

Recently uploaded

Decoding Kotlin - Your guide to solving the mysterious in Kotlin.pptx
Decoding Kotlin - Your guide to solving the mysterious in Kotlin.pptxDecoding Kotlin - Your guide to solving the mysterious in Kotlin.pptx
Decoding Kotlin - Your guide to solving the mysterious in Kotlin.pptxJoão Esperancinha
 
Call Us ≽ 8377877756 ≼ Call Girls In Shastri Nagar (Delhi)
Call Us ≽ 8377877756 ≼ Call Girls In Shastri Nagar (Delhi)Call Us ≽ 8377877756 ≼ Call Girls In Shastri Nagar (Delhi)
Call Us ≽ 8377877756 ≼ Call Girls In Shastri Nagar (Delhi)dollysharma2066
 
Application of Residue Theorem to evaluate real integrations.pptx
Application of Residue Theorem to evaluate real integrations.pptxApplication of Residue Theorem to evaluate real integrations.pptx
Application of Residue Theorem to evaluate real integrations.pptx959SahilShah
 
Work Experience-Dalton Park.pptxfvvvvvvv
Work Experience-Dalton Park.pptxfvvvvvvvWork Experience-Dalton Park.pptxfvvvvvvv
Work Experience-Dalton Park.pptxfvvvvvvvLewisJB
 
Sachpazis Costas: Geotechnical Engineering: A student's Perspective Introduction
Sachpazis Costas: Geotechnical Engineering: A student's Perspective IntroductionSachpazis Costas: Geotechnical Engineering: A student's Perspective Introduction
Sachpazis Costas: Geotechnical Engineering: A student's Perspective IntroductionDr.Costas Sachpazis
 
INFLUENCE OF NANOSILICA ON THE PROPERTIES OF CONCRETE
INFLUENCE OF NANOSILICA ON THE PROPERTIES OF CONCRETEINFLUENCE OF NANOSILICA ON THE PROPERTIES OF CONCRETE
INFLUENCE OF NANOSILICA ON THE PROPERTIES OF CONCRETEroselinkalist12
 
CCS355 Neural Network & Deep Learning UNIT III notes and Question bank .pdf
CCS355 Neural Network & Deep Learning UNIT III notes and Question bank .pdfCCS355 Neural Network & Deep Learning UNIT III notes and Question bank .pdf
CCS355 Neural Network & Deep Learning UNIT III notes and Question bank .pdfAsst.prof M.Gokilavani
 
Study on Air-Water & Water-Water Heat Exchange in a Finned Tube Exchanger
Study on Air-Water & Water-Water Heat Exchange in a Finned Tube ExchangerStudy on Air-Water & Water-Water Heat Exchange in a Finned Tube Exchanger
Study on Air-Water & Water-Water Heat Exchange in a Finned Tube ExchangerAnamika Sarkar
 
IVE Industry Focused Event - Defence Sector 2024
IVE Industry Focused Event - Defence Sector 2024IVE Industry Focused Event - Defence Sector 2024
IVE Industry Focused Event - Defence Sector 2024Mark Billinghurst
 
Effects of rheological properties on mixing
Effects of rheological properties on mixingEffects of rheological properties on mixing
Effects of rheological properties on mixingviprabot1
 
Biology for Computer Engineers Course Handout.pptx
Biology for Computer Engineers Course Handout.pptxBiology for Computer Engineers Course Handout.pptx
Biology for Computer Engineers Course Handout.pptxDeepakSakkari2
 
main PPT.pptx of girls hostel security using rfid
main PPT.pptx of girls hostel security using rfidmain PPT.pptx of girls hostel security using rfid
main PPT.pptx of girls hostel security using rfidNikhilNagaraju
 
Gfe Mayur Vihar Call Girls Service WhatsApp -> 9999965857 Available 24x7 ^ De...
Gfe Mayur Vihar Call Girls Service WhatsApp -> 9999965857 Available 24x7 ^ De...Gfe Mayur Vihar Call Girls Service WhatsApp -> 9999965857 Available 24x7 ^ De...
Gfe Mayur Vihar Call Girls Service WhatsApp -> 9999965857 Available 24x7 ^ De...srsj9000
 
Gurgaon ✡️9711147426✨Call In girls Gurgaon Sector 51 escort service
Gurgaon ✡️9711147426✨Call In girls Gurgaon Sector 51 escort serviceGurgaon ✡️9711147426✨Call In girls Gurgaon Sector 51 escort service
Gurgaon ✡️9711147426✨Call In girls Gurgaon Sector 51 escort servicejennyeacort
 
Internship report on mechanical engineering
Internship report on mechanical engineeringInternship report on mechanical engineering
Internship report on mechanical engineeringmalavadedarshan25
 
Past, Present and Future of Generative AI
Past, Present and Future of Generative AIPast, Present and Future of Generative AI
Past, Present and Future of Generative AIabhishek36461
 
HARMONY IN THE NATURE AND EXISTENCE - Unit-IV
HARMONY IN THE NATURE AND EXISTENCE - Unit-IVHARMONY IN THE NATURE AND EXISTENCE - Unit-IV
HARMONY IN THE NATURE AND EXISTENCE - Unit-IVRajaP95
 

Recently uploaded (20)

Decoding Kotlin - Your guide to solving the mysterious in Kotlin.pptx
Decoding Kotlin - Your guide to solving the mysterious in Kotlin.pptxDecoding Kotlin - Your guide to solving the mysterious in Kotlin.pptx
Decoding Kotlin - Your guide to solving the mysterious in Kotlin.pptx
 
Call Us ≽ 8377877756 ≼ Call Girls In Shastri Nagar (Delhi)
Call Us ≽ 8377877756 ≼ Call Girls In Shastri Nagar (Delhi)Call Us ≽ 8377877756 ≼ Call Girls In Shastri Nagar (Delhi)
Call Us ≽ 8377877756 ≼ Call Girls In Shastri Nagar (Delhi)
 
Application of Residue Theorem to evaluate real integrations.pptx
Application of Residue Theorem to evaluate real integrations.pptxApplication of Residue Theorem to evaluate real integrations.pptx
Application of Residue Theorem to evaluate real integrations.pptx
 
Call Us -/9953056974- Call Girls In Vikaspuri-/- Delhi NCR
Call Us -/9953056974- Call Girls In Vikaspuri-/- Delhi NCRCall Us -/9953056974- Call Girls In Vikaspuri-/- Delhi NCR
Call Us -/9953056974- Call Girls In Vikaspuri-/- Delhi NCR
 
Work Experience-Dalton Park.pptxfvvvvvvv
Work Experience-Dalton Park.pptxfvvvvvvvWork Experience-Dalton Park.pptxfvvvvvvv
Work Experience-Dalton Park.pptxfvvvvvvv
 
Design and analysis of solar grass cutter.pdf
Design and analysis of solar grass cutter.pdfDesign and analysis of solar grass cutter.pdf
Design and analysis of solar grass cutter.pdf
 
Sachpazis Costas: Geotechnical Engineering: A student's Perspective Introduction
Sachpazis Costas: Geotechnical Engineering: A student's Perspective IntroductionSachpazis Costas: Geotechnical Engineering: A student's Perspective Introduction
Sachpazis Costas: Geotechnical Engineering: A student's Perspective Introduction
 
INFLUENCE OF NANOSILICA ON THE PROPERTIES OF CONCRETE
INFLUENCE OF NANOSILICA ON THE PROPERTIES OF CONCRETEINFLUENCE OF NANOSILICA ON THE PROPERTIES OF CONCRETE
INFLUENCE OF NANOSILICA ON THE PROPERTIES OF CONCRETE
 
CCS355 Neural Network & Deep Learning UNIT III notes and Question bank .pdf
CCS355 Neural Network & Deep Learning UNIT III notes and Question bank .pdfCCS355 Neural Network & Deep Learning UNIT III notes and Question bank .pdf
CCS355 Neural Network & Deep Learning UNIT III notes and Question bank .pdf
 
Study on Air-Water & Water-Water Heat Exchange in a Finned Tube Exchanger
Study on Air-Water & Water-Water Heat Exchange in a Finned Tube ExchangerStudy on Air-Water & Water-Water Heat Exchange in a Finned Tube Exchanger
Study on Air-Water & Water-Water Heat Exchange in a Finned Tube Exchanger
 
🔝9953056974🔝!!-YOUNG call girls in Rajendra Nagar Escort rvice Shot 2000 nigh...
🔝9953056974🔝!!-YOUNG call girls in Rajendra Nagar Escort rvice Shot 2000 nigh...🔝9953056974🔝!!-YOUNG call girls in Rajendra Nagar Escort rvice Shot 2000 nigh...
🔝9953056974🔝!!-YOUNG call girls in Rajendra Nagar Escort rvice Shot 2000 nigh...
 
IVE Industry Focused Event - Defence Sector 2024
IVE Industry Focused Event - Defence Sector 2024IVE Industry Focused Event - Defence Sector 2024
IVE Industry Focused Event - Defence Sector 2024
 
Effects of rheological properties on mixing
Effects of rheological properties on mixingEffects of rheological properties on mixing
Effects of rheological properties on mixing
 
Biology for Computer Engineers Course Handout.pptx
Biology for Computer Engineers Course Handout.pptxBiology for Computer Engineers Course Handout.pptx
Biology for Computer Engineers Course Handout.pptx
 
main PPT.pptx of girls hostel security using rfid
main PPT.pptx of girls hostel security using rfidmain PPT.pptx of girls hostel security using rfid
main PPT.pptx of girls hostel security using rfid
 
Gfe Mayur Vihar Call Girls Service WhatsApp -> 9999965857 Available 24x7 ^ De...
Gfe Mayur Vihar Call Girls Service WhatsApp -> 9999965857 Available 24x7 ^ De...Gfe Mayur Vihar Call Girls Service WhatsApp -> 9999965857 Available 24x7 ^ De...
Gfe Mayur Vihar Call Girls Service WhatsApp -> 9999965857 Available 24x7 ^ De...
 
Gurgaon ✡️9711147426✨Call In girls Gurgaon Sector 51 escort service
Gurgaon ✡️9711147426✨Call In girls Gurgaon Sector 51 escort serviceGurgaon ✡️9711147426✨Call In girls Gurgaon Sector 51 escort service
Gurgaon ✡️9711147426✨Call In girls Gurgaon Sector 51 escort service
 
Internship report on mechanical engineering
Internship report on mechanical engineeringInternship report on mechanical engineering
Internship report on mechanical engineering
 
Past, Present and Future of Generative AI
Past, Present and Future of Generative AIPast, Present and Future of Generative AI
Past, Present and Future of Generative AI
 
HARMONY IN THE NATURE AND EXISTENCE - Unit-IV
HARMONY IN THE NATURE AND EXISTENCE - Unit-IVHARMONY IN THE NATURE AND EXISTENCE - Unit-IV
HARMONY IN THE NATURE AND EXISTENCE - Unit-IV
 

paper10.pdf

  • 1. January 10, 2012 1 Cryptography and Network Security Lecture 2: Classical encryption Ion Petre Department of IT, Åbo Akademi University Spring 2012 http://users.abo.fi/ipetre/crypto/ http://users.abo.fi/ipetre/crypto/
  • 2. January 10, 2012 2 Overview of the course  I. CRYPTOGRAPHY  Secret-key cryptography  Classical encryption techniques  DES, AES, RC5, RC4  Public-key cryptography  RSA  Key management  II. AUTHENTICATION  MAC  Hashes and message digests  Digital signatures  Kerberos  III. NETWORK SECURITY  Email security  IP security  Web security (SSL, secure electronic transactions)  Firewalls  Wireless security  IV. OTHER ISSUES  Viruses  Digital cash  Secret sharing schemes  Zero-knowledge techniques http://users.abo.fi/ipetre/crypto/
  • 3. January 10, 2012 3 Part I. Cryptography  Will cover more than half of this course  I.1 Secret-key cryptography  Also called symmetric or conventional cryptography  Five ingredients  Plaintext  Encryption algorithm: runs on the plaintext and the encryption key to yield the ciphertext  Secret key: an input to the encryption algorithm, value independent of the plaintext; different keys will yield different outputs  Ciphertext: the scrambled text produced as an output by the encryption algorithm  Decryption algorithm: runs on the ciphertext and the key to produce the plaintext  Requirements for secure conventional encryption  Strong encryption algorithm  An opponent who knows one or more ciphertexts would not be able to find the plaintexts or the key  Ideally, even if he knows one or more pairs plaintext-ciphertext, he would not be able to find the key  Sender and receiver must share the same key. Once the key is compromised, all communications using that key are readable  It is impractical to decrypt the message on the basis of the ciphertext plus the knowledge of the encryption algorithm  encryption algorithm is not a secret http://users.abo.fi/ipetre/crypto/
  • 4. January 10, 2012 4 Cryptography – some notations  Notation for relating the plaintext, ciphertext, and the keys  C=EK(P) denotes that C is the encryption of the plaintext P using the key K  P=DK(C) denotes that P is the decryption of the ciphertext C using the key K  Then DK(EK(P))=P http://users.abo.fi/ipetre/crypto/
  • 5. January 10, 2012 5 Caesar Cipher  It is a typical substitution cipher and the oldest known – attributed to Julius Caesar  Simple rule: replace each letter of the alphabet with the letter standing 3 places further down the alphabet  Example: MEET ME AFTER THE TOGA PARTY PHHW PH DIWHU WKH WRJD SDUWB  Here the key is 3 – choose another key to get a different substitution  The alphabet is wrapped around so that after Z follows A: a b c d e f g h i j k l m n o p q r s t u v w x y z D E F G H I J K L M N O P Q R S T U V W X Y Z A B C http://users.abo.fi/ipetre/crypto/
  • 6. January 10, 2012 6 Caesar cipher  Mathematically, give each letter a number a b c d e f g h i j k l m n o p q r s t u v w x y z 0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25  The key is a number from to 25  Caesar cipher can now be given as  E(p) = (p + k) mod (26)  D(C) = (C – k) mod (26) http://users.abo.fi/ipetre/crypto/
  • 7. January 10, 2012 7 Attacking Caesar  Caesar can be broken if we only know one pair (plain letter, encrypted letter)  The difference between them is the key  Caesar can be broken even if we only have the encrypted text and no knowledge of the plaintext  Brute-force attack is easy: there are only 25 keys possible  Try all 25 keys and check to see which key gives an intelligible message http://users.abo.fi/ipetre/crypto/
  • 8. January 10, 2012 8 From Stallings – “Cryptography and Network Security” Why is Caesar easy to break?  Only 25 keys to try  The language of the plaintext is known and easily recognizable  What if the language is unknown?  What if the plaintext is a binary file of an unknown format? http://users.abo.fi/ipetre/crypto/
  • 9. January 10, 2012 9 Strengthening Caesar: monoalphabetic ciphers  Caesar only has 25 possible keys – far from secure  Idea: instead of shifting the letters with a fixed amount how about allowing any permutation of the alphabet Plain: abcdefghijklmnopqrstuvwxyz Cipher: DKVQFIBJWPESCXHTMYAUOLRGZN Plaintext: if we wish to replace letters Ciphertext: WI RF RWAJ UH YFTSDVF SFUUFYA  This is called monoalphabetic susbstitution cipher – a single alphabet is used  The increase in the number of keys is dramatic: 26!, i.e., more than 4x1026 possible keys  Compare: DES only has an order of 1016 possible keys http://users.abo.fi/ipetre/crypto/
  • 10. January 10, 2012 10 How large is large? Adapted from Handbook of Applied Cryptography (A.Menezes, P.van Oorschot, S.Vanstone), 1996 Reference Order of magnitude Seconds in a year ≈ 3 x 107 Age of our solar system (years) ≈ 6 x 109 Seconds since creation of solar system ≈ 2 x 1017 Clock cycles per year, 3 GHz computer ≈ 9.6 x 1016 Binary strings of length 64 264 ≈ 1.8 x 1019 Binary strings of length 128 2128 ≈ 3.4 x 1038 Binary strings of length 256 2256 ≈ 1.2 x 1077 Number of 75-digit prime numbers ≈ 5.2 x 1072 Electrons in the universe ≈ 8.37 x 1077 http://users.abo.fi/ipetre/crypto/
  • 11. January 10, 2012 11 Monoalphabetic ciphers  Having 1016 possible keys appears to make the system challenging: difficult to perform brute-force attacks  There is however another line of attack that easily defeats the system even when a relatively small ciphertext is known  If the cryptanalyst knows the nature of the text, e.g., noncompressed English text, then he can exploit the regularities of the language http://users.abo.fi/ipetre/crypto/
  • 12. January 10, 2012 12 Language redundancy and cryptanalysis  Human languages are redundant  Letters are not equally commonly used  In English E is by far the most common letter  Followed by T,R,N,I,O,A,S  Other letters are fairly rare  See Z,J,K,Q,X  Tables of single, double & triple letter frequencies exist  Most common digram in English is TH  Most common trigram in English in THE http://users.abo.fi/ipetre/crypto/
  • 13. January 10, 2012 13 English Letter Frequencies http://users.abo.fi/ipetre/crypto/
  • 14. January 10, 2012 14 Cryptanalysis of monoalphabetic ciphers  Key concept - monoalphabetic substitution ciphers do not change relative letter frequencies  Discovered by Arabs in the 9th century  Calculate letter frequencies for ciphertext  Compare counts/plots against known values  Most frequent letter in the ciphertext may well encrypt E  The next one could encrypt T or A  After relatively few tries the system is broken  If the ciphertext is relatively short (and so, the frequencies are not fully relevant) then more guesses may be needed  Powerful tool: look at the frequency of two-letter combinations (digrams) http://users.abo.fi/ipetre/crypto/
  • 15. January 10, 2012 15 Example of cryptanalysis  Ciphertext: UZQSOVUOHXMOPVGPOZPEVSGZWSZOPFPESXUDBMETSXAIZVUEPHZHMDZSHZOWSFPAPPDTSVPQUZ WYMXUZUHSXEPYEPOPDZSZUFPOMBZWPFUPZHMDJUDTMOHMQ  Count relative letter frequencies: P is the most frequent (13.33%), followed by Z (11.67), S (8.33), U (8.33), O (7.5), M (6.67), H (5.83), etc.  Guess P and Z stand for E and T but the order is not clear because of small difference in the frequency  The next set of letters {S,U, O, M, H} may stand for {A, H, I, N, O, R, S} but again it is not completely clear which is which  One may try to guess and see how the text translates  Also, a good guess is that ZW, the most common digram in the ciphertext, is TH, the most common digram in English: thus, ZWP is THE  Proceed with trial and error and finally get after inserting the proper blanks: it was disclosed yesterday that several informal but direct contacts have been made with political representatives of the viet cong in moscow http://users.abo.fi/ipetre/crypto/
  • 16. January 10, 2012 16 Some conclusions after this cryptanalysis  Monoalphabetic ciphers are easy to break because they reflect the frequency of the original alphabet  Essential to know the original alphabet  Countermeasure: provide multiple substitutes for a given letter  Highly frequent letters such as E could be encrypted using a larger number of letters than less frequent letters such as Z: to encrypt E one could choose either one of, say 15 fixed letters, and to encrypt Z one could choose either one of, say 2 fixed letters  The number of encryptions for a letter may be proportional with the frequency rate in the original language (English)  This would hide the letter-frequency information  However: Multiple-letter patterns (digrams, trigrams, etc) survive in the text providing a tool for cryptanalysis  Each element of the plaintext only affects one element in the ciphertext  Longer text needed for breaking the system, but cryptanalysis still relatively straightforward http://users.abo.fi/ipetre/crypto/
  • 17. January 10, 2012 17 Measures to hide the structure of the plaintext 1. Encrypt multiple letters of the plaintext at once 2. Use more than one substitution in encryption and decryption (polyalphabetic ciphers)  Consider both these approaches in the following http://users.abo.fi/ipetre/crypto/
  • 18. January 10, 2012 18 Playfair Cipher  The Playfair Cipher is an example of multiple-letter encryption  Invented by Sir Charles Wheatstone in 1854, but named after his friend Baron Playfair who championed the cipher at the British foreign office  Based on the use of a 5x5 matrix in which the letters of the alphabet are written (I is considered the same as J)  This is called key matrix http://users.abo.fi/ipetre/crypto/
  • 19. January 10, 2012 19 Playfair key matrix  A 5X5 matrix of letters based on a keyword  Fill in letters of keyword (no duplicates)  Left to right, top to bottom  Fill the rest of matrix with the other letters in alphabetic order  E.g. using the keyword MONARCHY, we obtain the following matrix M O N A R C H Y B D E F G I K L P Q S T U V W X Z http://users.abo.fi/ipetre/crypto/
  • 20. January 10, 2012 20 Encrypting and decrypting with Playfair  The plaintext is encrypted two letters at a time: 1. Break the plaintext into pairs of two consecutive letters 2. If a pair is a repeated letter, insert a filler like 'X‘ in the plaintext, eg. "balloon" is treated as "ba lx lo on" 3. If both letters fall in the same row of the key matrix, replace each with the letter to its right (wrapping back to start from end), eg. “AR" encrypts as "RM" 4. If both letters fall in the same column, replace each with the letter below it (again wrapping to top from bottom), eg. “MU" encrypts to "CM" 5. Otherwise each letter is replaced by the one in its row in the column of the other letter of the pair, eg. “HS" encrypts to "BP", and “EA" to "IM" or "JM" (as desired)  Decryption works in the reverse direction  The examples above are based on this key matrix: M O N A R M O N A R C H Y B D C H Y B D E F G I K E F G I K L P Q S T L P Q S T U V W X Z U V W X Z http://users.abo.fi/ipetre/crypto/
  • 21. January 10, 2012 21 Security of Playfair  Security much improved over monoalphabetic  There are 26 x 26 = 676 digrams  Needs a 676 entry digram frequency table to analyse (vs. 26 for a monoalphabetic) and correspondingly more ciphertext  Widely used for many years (eg. US & British military in WW I, other allied forces in WW II)  Can be broken, given a few hundred letters  Still has much of plaintext structure http://users.abo.fi/ipetre/crypto/
  • 22. Source: W.Stallings, Cryptography and network security, 2011 (figure 2.6) January 10, 2012 22 http://users.abo.fi/ipetre/crypto/
  • 23. Hill cipher  Developed by mathematician Lester Hill, 1929  Based on linear algebra  Recall  denote by I the (square) unit matrix, having 1 on the main diagonal, 0 everywhere else  for any square matrix M we have that MxI = IxM = M  the property holds over any semiring, e.g. Z, R, but also Z26  for a square matrix M, if there is a matrix N such that MxN=NxM=I, then we say that N is the inverse of M and we denote it M-1  do not discuss here determinants and calculating the inverse of a matrix (if it exists) January 10, 2012 23 http://users.abo.fi/ipetre/crypto/
  • 24. Hill cipher  Each letter is represented by numbers from 0 to 25, similarly as in the Caesar cipher, from a to z  calculations are done modulo 26  Key: an invertible matrix K modulo 26, of size m  Example with m=3:  Plaintext: split it into blocks of m consecutive letters  consider each block as a row vector p with m entries modulo 26  encrypt each block separately to yield an encrypted row vector of the same size  Encryption: c=pK mod 26  Decryption: p=cK-1 mod 26 January 10, 2012 24           =           = − 17 0 24 6 17 15 15 9 4 ; 19 2 2 21 18 21 5 17 17 1 K K           = 33 32 31 23 22 21 13 12 11 3 2 1 3 2 1 ) , , ( ) , , ( k k k k k k k k k p p p c c c http://users.abo.fi/ipetre/crypto/
  • 25. Hill cipher - cryptanalysis  Quite strong against ciphertext-only attacks  Weak against the known plaintext-attack  collect m pairs plaintext-ciphertext, where m is the size of the key  write the m plaintexts as the rows of a square matrix P of size m  write the m ciphertexts as the rows of a square matrix C of size m  we have that C=PK mod 26  if P is invertible modulo 26, then K=P-1C mod 26  if P is not invertible, then collect more plaintext-ciphertext pairs until an invertible P is obtained January 10, 2012 25 http://users.abo.fi/ipetre/crypto/
  • 26. January 10, 2012 26 Measures to hide the structure of the plaintext 1. Encrypt multiple letters of the plaintext at once 2. Use more than one substitution in encryption and decryption (polyalphabetic ciphers) http://users.abo.fi/ipetre/crypto/
  • 27. January 10, 2012 27 Polyalphabetic substitution ciphers  Idea: use different monoalphabetic substitutions as one proceeds through the plaintext  Makes cryptanalysis harder with more alphabets (substitutions) to guess and flattens frequency distribution  A key determines which particular substitution is used in each step  Example: the Vigenère cipher http://users.abo.fi/ipetre/crypto/
  • 28. January 10, 2012 28 Vigenère Cipher  Proposed by Giovan Batista Belaso (1553) and reinvented by Blaise de Vigenère (1586), called “le chiffre indéchiffrable” for 300 years  Effectively multiple Caesar ciphers  Key is a word K = k1 k2 ... kd  Encryption  Read one letter t from the plaintext and one letter k from the key-word  t is encrypted according to the Caesar cipher with key k  for the next plain-letter, use the next letter from the key-word  When the key word is finished, start the reading of the key from the beginning  In other words: ci=(pi+ki mod m) mod 26  Decryption works in reverse  Example: key is “bcde”; “testing” is encrypted as “ugvxjpj”  Note that the two ‘t’ are encrypted by different letters: ‘u’ and ‘x’  The two ‘j’ in the cryptotext come from different plain letters: ‘i’ and ‘j’ http://users.abo.fi/ipetre/crypto/
  • 29. January 10, 2012 29 Source: W.Stallings, Cryptography and network security, 2011 (Table 2.3) http://users.abo.fi/ipetre/crypto/
  • 30. January 10, 2012 30 Vigenere tableau A B C D E F G H I J K L M N O P Q R S T U V W X Y Z A A B C D E F G H I J K L M N O P Q R S T U V W X Y Z B B C D E F G H I J K L M N O P Q R S T U V W X Y Z A C C D E F G H I J K L M N O P Q R S T U V W X Y Z A B D D E F G H I J K L M N O P Q R S T U V W X Y Z A B C E E F G H I J K L M N O P Q R S T U V W X Y Z A B C D F F G H I J K L M N O P Q R S T U V W X Y Z A B C D E G G H I J K L M N O P Q R S T U V W X Y Z A B C D E F H H I J K L M N O P Q R S T U V W X Y Z A B C D E F G I I J K L M N O P Q R S T U V W X Y Z A B C D E F G H J J K L M N O P Q R S T U V W X Y Z A B C D E F G H I K K L M N O P Q R S T U V W X Y Z A B C D E F G H I J L L M N O P Q R S T U V W X Y Z A B C D E F G H I J K M M N O P Q R S T U V W X Y Z A B C D E F G H I J K L N N O P Q R S T U V W X Y Z A B C D E F G H I J K L M O O P Q R S T U V W X Y Z A B C D E F G H I J K L M N P P Q R S T U V W X Y Z A B C D E F G H I J K L M N O Q Q R S T U V W X Y Z A B C D E F G H I J K L M N O P R R S T U V W X Y Z A B C D E F G H I J K L M N O P Q S S T U V W X Y Z A B C D E F G H I J K L M N O P Q R T T U V W X Y Z A B C D E F G H I J K L M N O P Q R S U U V W X Y Z A B C D E F G H I J K L M N O P Q R S T V V W X Y Z A B C D E F G H I J K L M N O P Q R S T U W W X Y Z A B C D E F G H I J K L M N O P Q R S T U V X X Y Z A B C D E F G H I J K L M N O P Q R S T U V W Y Y Z A B C D E F G H I J K L M N O P Q R S T U V W X Z Z A B C D E F G H I J K L M N O P Q R S T U V W X Y Example • write the plaintext out • write the keyword repeated above it • use each key letter as a Caesar cipher key • encrypt the corresponding plaintext letter • eg using keyword deceptive plain: wearediscoveredsaveyourself key: deceptivedeceptivedeceptive cipher: ZICVTWQNGRZGVTWAVZHCQYGLMGJ Plaintext letters here Key letters here http://users.abo.fi/ipetre/crypto/
  • 31. January 10, 2012 31 Security of Vigenère Ciphers  Its strength lays in the fact that each plaintext letter has multiple ciphertext letters  Letter frequencies are obscured (but not totally lost) http://users.abo.fi/ipetre/crypto/
  • 32. January 10, 2012 32 Breaking Vigenère: the Kasiski Method (cryptotext only)  Method developed by Babbage (1854) / Kasiski (1863)  Famous incident with breaking the Zimmerman telegram (Jan 16, 1917), contributed to the US entering WWI  We need to find the key word and for this, we first find its length  Idea: if the length is N, then the letters on positions 1, N+1, 2N+1, 3N+1, etc are encrypted with Caesar; same for letters on positions i, N+i, 2N+i, 3N+i, etc., where i runs from 1 to N  Clearly, if we deduce the length of the key word, then breaking the system is easy: break N Caesar systems  Finding the length of the key word  If plaintext starts with “the” (encrypted say by “XYZ”) and “the” also occurs starting from position N+1, then 2nd occurrence of “the” will also be encrypted by “XYZ”  Idea: repetitions in ciphertext give clues to period  Approach: find a piece of ciphertext that is repeated several times (say, at distance 6, 9, 18, 9 from each other)  If they really come from the same piece of plaintext, then the length of the key word will be a divisor of all those distances (in our example, the length of the key word must be 3) Example plain: wearediscoveredsaveyourself key: deceptivedeceptivedeceptive cipher: ZICVTWQNGRZGVTWAVZHCQYGLMGJ http://users.abo.fi/ipetre/crypto/
  • 33. January 10, 2012 33 Improvement on Vigenère: autokey system  If the key were as long as the message, then the system would be defended against the previous attack  Vigenère proposed the autokey cipher  the keyword is followed by the message itself (see example bellow)  Decryption  Knowing the keyword can recover the first few letters  Use these in turn on the rest of the message  Note: the system still has frequency characteristics to attack and can be rather easily defeated  Example: the key is deceptive  Weakness: plaintext and key share the same statistical distribution of letters plaintext: wearediscoveredsaveyourself key: deceptivewearediscoveredsav ciphertext: ZICVTWQNGKZEIIGASXSTSLVVWLA http://users.abo.fi/ipetre/crypto/
  • 34. Vernam cipher  Proposed as a reaction to the Kasinksi method and to the statistical attack on the auto-key method  Proposed by Gilbert Vernam (1918), an AT&T engineer  Key: a (very) long sequence of bits written on a self-looped tape  Plaintext: binary sequence (rather than sequence of letters)  Encryption: ci=pi⊕ki  Decryption: pi=ci⊕ki  Weakness: the repeating key  possible attack with (very long) ciphertext or with known plaintext January 10, 2012 34 http://users.abo.fi/ipetre/crypto/
  • 35. January 10, 2012 35 One-Time pad  Proposed by Army Signal Corp office Joseph Mauborgne (1918) as an improvement over the Vernam cipher  Idea: use a (truly) random key as long as the plaintext  It is unbreakable since the ciphertext bears no statistical relationship to the plaintext  Moreover, for any plaintext & any ciphertext there exists a key mapping one to the other  Thus, a ciphertext can be decrypted to any plaintext of the same length  The cryptanalyst is in an impossible situation  Example: the ciphertext RPAY may have come from “dead”, “live”, “book” or any other 4-letter combination  nothing to learn about the key by listening on the channel because the key is never repeated http://users.abo.fi/ipetre/crypto/
  • 36. January 10, 2012 36 Security of the one-time pad  The security is entirely given by the randomness of the key and by never repeating a key  If the key is truly random, then the ciphertext is random  A key can only be used once if the cryptanalyst is to be kept in the “dark”  Perfect secrecy  Problems with this perfect cryptosystem  Making large quantities of truly random characters is a significant task  Key distribution is enormously difficult: for any message to be sent, a key of equal length must be available to both parties  Very limited use in practice, only over limited-bandwidth channels requiring perfect security http://users.abo.fi/ipetre/crypto/
  • 37. January 10, 2012 37 Other technique of encryption: transpositions  We have considered so far substitutions to hide the plaintext: each letter is mapped into a letter according to some substitution  Different idea: perform some sort of permutation on the plaintext letters  Hide the message by rearranging the letter order without altering the actual letters used  The simplest such technique: rail fence technique http://users.abo.fi/ipetre/crypto/
  • 38. January 10, 2012 38 Rail Fence cipher  Idea: write plaintext letters diagonally over a number of rows, then read off cipher row by row  E.g., with a rail fence of depth 2, to encrypt the text “meet me after the toga party”, write message out as: m e m a t r h t g p r y e t e f e t e o a a t  Ciphertext is read from the above row-by-row: MEMATRHTGPRYETEFETEOAAT  Attack: trivial (no key involved) http://users.abo.fi/ipetre/crypto/
  • 39. January 10, 2012 39 Row transposition ciphers  More complex scheme: row transposition  Write letters of message out in rows over a specified number of columns  Reading the cryptotext column-by-column, with the columns permuted according to some key  Example: “attack postponed until two am” with key 4312567: first read the column marked by 1, then the one marked by 2, etc. Key: 4 3 1 2 5 6 7 Plaintext: a t t a c k p o s t p o n e d u n t i l t w o a m x y z  If we number the letters in the plaintext from 1 to 28, then the result of the first encryption is the following permutation of letters from plaintext: 03 10 17 24 04 11 18 25 02 09 16 23 01 08 15 22 05 12 19 26 06 13 20 27 07 14 21 28  Note the regularity of that sequence!  Cryptanalysis: write the ciphertext onto columns and play with the order of the columns Ciphertext: TTNAAPTMTSUOAODWCOIXKNLYPETZ http://users.abo.fi/ipetre/crypto/
  • 40. January 10, 2012 40 Iterating the encryption makes it more secure  Idea: use the same scheme once more to increase security Key: 4 3 1 2 5 6 7 Input: T T N A A P T M T S U O A O D W C O I X K N L Y P E T Z  After the second transposition we get the following sequence of letters: 17 09 05 27 24 16 12 07 10 02 22 20 03 25 15 12 04 23 19 14 11 01 26 21 18 08 06 28  This is far less structured and so, more difficult to cryptanalyze  In general, easy to recognize pure transposition ciphers: same letter frequency as the language of the plaintext Output: NSCYAUOPTTWLTMDNAOIEPAXTTOKZ http://users.abo.fi/ipetre/crypto/
  • 41. January 10, 2012 41 Product Ciphers  Ciphers using substitutions or transpositions are not secure because of language characteristics  Idea: using several ciphers in succession increases security  However:  two substitutions only make another (more complex?) substitution  two transpositions make another (more complex?) transposition  a substitution followed by a transposition makes a new much harder cipher This is the bridge from classical to modern ciphers http://users.abo.fi/ipetre/crypto/
  • 42. January 10, 2012 42 Rotor Machines  Before modern ciphers, rotor machines were most common product cipher  Widely used in WWII  German Enigma, Allied Hagelin, Japanese Purple  Implemented a very complex, varying substitution cipher  Principle: the machine has a set of independently rotating cylinders through which electrical impulses flow  Each cylinder has 26 input pins and 26 output pins with internal wiring that connects each input pin to a unique, fixed output pin (one cylinder thus defines a monoalphabetic substitution cipher)  The output pins of one cylinder are connected to the input pins of the next cylinder  After each keystroke, the last cylinder rotates one position and the others remain still  After a complete rotation of the last cylinder (26 keystrokes), the cylinder before it rotates one position, etc.  3 cylinders have a period of 263=17576  4 cylinders have a period of 456 976  5 cylinders have a period of 11 881 376  each period is far larger than the length of the typical message sent at any one time  different transmissions would use different keys http://users.abo.fi/ipetre/crypto/
  • 43. January 10, 2012 43 The Enigma machine (pictures from Wikipedia) http://users.abo.fi/ipetre/crypto/
  • 44. January 10, 2012 44 http://users.abo.fi/ipetre/crypto/