1 :

Fall 2014


(, )
Some dazing math. things will be introduced only when
needed

:
Cryptography and Network Security, Behrouz A. Forouzan,
McGrawHill 2008
TA : not assigened yet.
Course Materials will be uploaded on EKU of university portal.

1-1
(cryptology)

.
(web)
(buffer overflow)
A security system is only as strong as its weakest link.

1-1
(cryptology)

1-1
(cryptography)
(secret) kryptos (write)
grph
(confidentiality) .

.
Key : uniformly distributed random string
Symmetric if k1 = k2, Otherwise, asymmetric

1 =

2 =

Correctness: 2 (1 ) =

1.1.2 Kerckhoffs Principle

Kerckhoffs :
.
1.
.


2.

3. ,
.

.

4.
.

1.2
, , (GDC: Greatest Common
Divisor)
gcd(a, b) = gcd(140, 12) = 4
0 a, b , gcd(a,b)=1 a
b (relatively prime)

1.2
(Euclidean Algorithm)
Fact 1: gcd (a, 0) = a
Fact 2: gcd (a, b) = gcd (b, r), where r is
the remainder of dividing a by b

1.2
(Euclidean Algorithm)

1.2
(Extended Euclidean
Algorithm)
0 ab
s t .
s a + t b = gcd(a,b)
a = 75, b= 20
75 (-1) + 20 4 = gcd(75, 20) = 5
gcd(a,b) s t
.

1.2
gcd(a,b) s
An encryption scheme over M is perfectly secret if
for every prob. dist. over M, m in M and c in C,
Pr[M=m|C=c] = Pr[M=m].

I.e., observing c should have no effect on the knowledge

of an adversary, even with unbounded computing power.

One-time Pad

I.e., c := k m ; m := k c
0 0 = 0, 0 1 = 1, 1 0 = 1, 1 1 = 1

r = r1 q x r2, s= s1 q x s2 , t= t1 q x t2

1.2

1.2
Ex : Given a = 161 and b = 28, find gcd (a, b) and
the values of s and t.

r = r1 q x r2, s= s1 q x s2 , t= t1 q x t2

1.2.2 (modular arithmetic)

a n q
r .
a = qn + r 0<= r < n
23 = 4x5 + 3; -17 = (-3)x5 + (-2) = (-4)x4 + 3

mod

a mod n = r
23 mod 5 = 3; -17 mod 5 = 3

1.2.2 (modular arithmetic)

mod a n
q r .
a = qn + r 0<= r < n
mod Zn .

(Congruence)

1.2.2 (modular arithmetic)

mod

1.2.3 (Inverses)
,
Zn

Zn

In modular arithmetic, an integer may or may not have a

multiplicative inverse. Number a has the mult. Inverse iff
gcd(n,a) 1 (mod n)

1.2.3 (Inverses)
Find all multiplicative inverses in Z10.
There are only three pairs: (1, 1), (3, 7) and (9, 9). The
numbers 0, 2, 4, 5, 6, and 8 do not have a multiplicative
inverse.

Find the mult. Inverse of b in Zn

Use the extended Euclidean algorithm

s x a + t x b = gcd(a,b)
s x n + t x b = 1 (since gcd(n,b) 1 (mod n))
(s x n + t x b) mod n = 1 mod n
(t x b) mod n = 1 mod n
t is the inverse of b.

1.3
2 : (Substitution) (Transposition)
: - ; -

(Brute Force Attack) -
(Exhaustive Key Search Attack),

(Frequency Analysis)-

cryptanalytic attack
the nature of the algorithm plus perhaps some knowledge of
the general characteristics of the plaintext or even some
sample plaintext-ciphertext pairs.

1.3.1 (Substitution Cipher)

(Monoalphabetic Substitution Cipher) :

(Polyalphabetic Substitution Cipher)
Plaintext and ciphertext in Z26

1.3.1 (Substitution Cipher)

: (Additive Cipher)
(Caesar cipher)

: + 3 mod 26 , 26
3 mod 26 , 26 ,

+
( )

+
( )

1.2

1.3.1 (Substitution Cipher)

(Additive Cipher)
: + mod 26 ,
mod 26 ,

26
26

26 25 1 = 26!

1.3.1 (Substitution Cipher)

:
988,968 , E 12.7%

Letter

Probability

Letter

Probability

Letter

Probability

0.082

0.015

0.028

0.043

0.127

0.022

0.020

0.061

0.070

0.002

0.008

0.040

0.024

0.067

0.075

0.019

0.001

0.060

0.063

0.091

0.028

0.010

0.023

0.001

0.020

0.001

1.3.1 (Substitution Cipher)

: (Vigenre Cipher)
l
K = k1k2k3...kd, fi (m)=( m + ki ) mod n
: K = CIPHER (l = 6)

THISISASECRETMESSAGE

19

18

18

18

17

19

12

18

18

15

17

15

17

15

17

21

15

23

25

12

19

21

21

21

20

19

25

22

17

12

l = 6

1.3.1 (Substitution Cipher)

: (Vigenre Cipher)
: KASISKI METHOD
period "d"

1.3.1 (Substitution Cipher)

: (Vigenre Cipher)
GCD 4 4
First try l = 4. (C1, C2, C3, C4 )

1.3.2 (Transposition Cipher)

,
= ( 1 , , ())
()
: = 1 , , 5 = (3,1,4,5,2)

30 1! + 2! + 3! + + 30!
30 ! 30 = 1 2 3 5 30
1, 2, 3, 5, 6, 10, 15, 30 1! + 2! + 3! + 5! + 6! +
10! + 15! + 30!

1.4
(Type of Attack)

1.4
(Attack Model)

1.4

(Ciphertext Only
Attack, COA)

(Known Plaintext
Attack, KPA)

1.4

(Chosen Plaintext
Attack, CPA)

(Chosen
Ciphertext Attack,
CCA)

1.4

Secure Encryption ?
Given C,
1. No adversary can find k?
2. No adversary can find P?
3. No adversary can find any character?
4. No adversary can find any meaningful information?
Meaningful? definitions of security should suffice for all
potential applications!
5. No adversary can compute any function of P from C.

1.5
3 (NIST)
(Confidentiality)
(Integrity)
(Availability)

(Authentication)
(Entity Authentication) : (
) .
(Message Authentication) :

.
.
(Non-Repudiation)
(Access Control)