You are on page 1of 19

CSE 425, Introduction to Computer Security

Chapter 5. Cryptography

5.1 Introduction
Security Engineering
Chapter 5. Cryptography
by Ross Anderson

Cryptography • …Provides the Tools that Are the Foundation For Security Protocols. • …Where Security Engineering Meets Mathematics.

Cryptography and Network Security
Chapter 2. Classical Encryption Techniques
by William Stallings

CSE 425, Introduction to Computer Security
Professor Wayne Dyksen Department of Computer Science and Engineering Michigan State University Spring 2006
5-2

Plaintext vs Ciphertext
• Plaintext
– – – – Original Message Often Denoted by Lower Case Letters E.g., tobeornottobethatisthequestion N.B.: Might Not Be “Plain” Or “Text”
• Computer Generated “Text” • E.g., mpeg, PostScript, pdf, dll, etc…

Encryption vs Decryption
• Encryption
– – – – – – – –
5-3

Algorithm That Maps Plaintext to Ciphertext May Use Second Input Called a (Secret) Key May Or May Not Be Reversible (“Invertible”) AKA Enciphering Algorithm That Maps Ciphertext to Plaintext May Use Second Input Called a (Secret) Key Reverse (“Inverse”) of the Encryption Algorithm AKA Deciphering
5-4

• Decryption

• Ciphertext
– Coded Message – Often Denoted by Upper Case Letters – E.g., KIOVIEEIGKIOVNURNVJNUVKHVMGZIA
– May Depend on Plain Text and a (Secret) “Key”

Encryption Illustrated

Encryption Motivation
Shared Key Shared Key

Key

Key

Plain Text

Encryption Algorithm

Cipher Text

?

Decryption Algorithm

Plain Text

Plain Text

Encryption Algorithm

Cipher Text

Decryption Algorithm

Plain Text

Sender

Transmission

Receiver

5-5

5-6

© 2006 by Wayne R. Dyksen. All Rights Reserved.

5-1

Michigan State University Department of Computer Science and Engineering

WEP and WPA for Wi-Fi – AKA Crypto Suite • Desires – Decipher One Particular Ciphertext? – Decipher Any/All Ciphertexts? (The Key?) – Etc…? • “The Code Breakers” 5-7 5-8 Cryptology • Study of – Cryptography – Cryptanalysis Who’s-on-first? Problem Cryptographic Systems Three Characteristics • Types of (E/D) Operations • Number of Keys • Number of Elements Per (E/D) Operation (E/D = Encryption/Decryption) (Element = Letter. 0 → 7. Etc…) 5-9 5-10 • Is… – …very mathematical – …very hard • Your Goal – Learn Terminology – Gain Intuition Types of (E/D) Operations • Two Fundamental Operations – Substitution • Map One Element Into Another • E.g. 7 → 4 • Word Scramble • Two Keys or Two Sets of Keys – Separate for Encryption and Decryption – AKA • Asymmetric • Two-Key • Public-Key 5-11 5-12 • Product Systems – Combination of Substitutions and Transpositions – Really “Composition” Systems © 2006 by Wayne R.. Introduction to Computer Security Chapter 5. 6 → 1..CSE 425. Bit.. 1 → 3. etc… • Cryptoquote Number of Keys • One Key or One Set of Keys – Same for Encryption and Decryption – AKA • Symmetric • Single-Key • Secret-Key – Permutation (Transposition) • Rearrange Elements • E.g. c → D. Cipher Cryptanalysis • Study of Deciphering Ciphertext Without – – – – – – Key Algorithm? Lots of Ciphertext? Particular Ciphertext? Any Plaintext.. a → B. Byte. DES – AKA Crypto System.g. Lots of Plaintext? Etc…? • Cryptographic Suite – Set of Cryptographic Systems – E. Cryptography Cryptography • Study of Encryption/Decryption • Cryptographic System – Particular Encryption/Decryption Scheme – E. 2 → 5. 3 → 0.g. 5 → 6. All Rights Reserved. 5-2 Michigan State University Department of Computer Science and Engineering . Dyksen. b → C. 4 → 2.

Introduction to Computer Security Chapter 5.3 x 109 256 ≈ 7.4 x 1018 yrs 5.4 x 1018 years to crack? 5-16 Big Numbers One Million (106) Seconds In a Year Global Population Age of the Universe 1 MIPS Year (MY) Protons In the Universe 220 225 232 234 Years 246 Operations 2256 5-17 Encryption/Decryption Key • Input to Encryption/Decryption • Independent of Plaintext • Require (Desire) – Secret – Are Many (to Chose From) – Different Keys → “Very” Different Ciphertext • Often Shared • Must Be Managed (“Key Management”) – – – – Generated Distributed Protected Recovered? 5-18 © 2006 by Wayne R.2 x 1016 2128 ≈ 3.15 ms 600 hrs 5. 5-3 Michigan State University Department of Computer Science and Engineering .9 x 1036 yrs 26!/2 µs ≈ 6. All Rights Reserved.4 x 1024 yrs 2167 µs ≈ 5. Dyksen.9 x 1030 yrs 6.8 mins 255 µs ≈ 1142 yrs 2127 µs ≈ 5.7 x 1050 26! ≈ 4 x 1026 Time 1 / µs (1 Encryption/µs) 231 µs ≈ 35.CSE 425.4 x 1012 yrs Time 106 / µs (106 Encryptions/µs) 2.4 x 106 yrs • Analysis (Cyptanalysis) – Know • • • • Nature of E/D Algorithms? Characteristics of Plaintext? Some Plaintext-Ciphertext Pairs? Etc…? 5-15 Does this mean that an encryption scheme with an 128-bit key would take 5. Cryptography # of Elements Per (E/D) Operation • Stream Cipher – One Element • • • • Letter Bit Byte Etc… Modern Encryption Scheme plaintext Round 1 Substitution(s) and/or Permutation(s) Key? – Processed As a “Stream” Round 2 Substitution(s) and/or Permutation(s) Key? • Block Cipher – N Elements At A Time • • • • N Letters N Bits N Bytes Etc… Round N : : Substitution(s) and/or Permutation(s) Key? – Processed In “Blocks” 5-13 CIPHERTEXT 5-14 Cryptanalysis Two Fundamental Approaches • Brute Force – Know E/D Algorithms – Try • Every Possible Key • On Average Must Try ½ All Possible Keys Average Time For Brute Force Key Size (Bits) 32 56 128 168 26 (Chars) Number of Keys 232 ≈ 4.4 x 1038 2168 ≈ 3.

al. ra. sth.1.06749 0.0456 • f 0. Dyksen. tha. /Filter.06094 0. sa. et.02782 0.0382 5-21 End Word (Top Ten) • e 0.05987 0.08167 0. ti. has.00978 0. oft. t. tis. he. ing. in. em.… %!PS-Adobe-3. an.00074 5-20 Digrams & Trigrams • Digrams Most Common. er. or. Introduction to Computer Security Chapter 5. Cryptography Characteristics of Plaintext • Statistical Characteristics – Letter Frequencies: e.0730 • r 0. tio. for. 5-4 Michigan State University Department of Computer Science and Engineering .06327 0. ro • Trigrams Most Common.01974 0. Why not? 5-23 Ciphertext Attacks (1 of 3) • Ciphertext Only Cryptanalyst Knows… – Encryption Algorithm – Ciphertext To Be Deciphered • Known Plaintext Cryptanalyst Knows… – Encryption Algorithm – Ciphertext To Be Deciphered – One or More Plaintext-Cipher Text Pairs 5-24 © 2006 by Wayne R. /ColorSpace.02228 0. /Type. it. de.0426 • f 0.00153 0. i. ar.… Letter Frequencies (English) • • • • • • • • • • • • • 5-19 • Probable Words – – – – – %PDF-1. a.0923 • t 0.0775 • o 0. in. to.1550 • i 0. nce. In Order: the.01929 0.1594 • a 0.… – Digram Frequencies: th.00772 0. In Order: th.04025 0.01492 0.0597 • m 0.02360 0.02015 0.040 • w 0. nt.1435 • d 0.0693 • o 0.0..0408 5-22 Ciphertext Revisited • Coded Message • Often Denoted by Upper Case Letters • E. on.0467 • l 0.… – Trigram Frequencie: the.0864 • n 0.12702 0. co. at.06966 0. es. nd.02758 • • • • • • • • • • • • • m w f g y p b v k j x q z 0.… Michigan State University Transfer Funds Etc… e t a o i n s h r d l c u 0. tha.09056 0. and.00150 0. men Start/End-of-Word Letters Start Word (Top Ten) • t 0. ed. he.0712 • c 0.02406 0. KIOVIEEIGKIOVNURNVJNUVKHVMGZIA • May Depend on Plain Text and a (Secret) “Key” • Require (Desire) – – – – Unintelligible Undecipherable Unbreakable “Appear” Random • No Detectable Patterns • It’s not random.00095 0.0408 • p 0.CSE 425. All Rights Reserved.0823 • s 0. nde. ion. re.0786 • y 0.g.07507 0. edt. %%Creator. %%BeginProlog. /Name. and. se.1917 • s 0.04253 0. ent. te. en.

Dyksen. Introduction to Computer Security Chapter 5.CSE 425. Cryptography Ciphertext Attacks (2 of 3) • Chosen Plaintext Cryptanalyst Knows… – Encryption Algorithm – Ciphertext To Be Deciphered – Plaintext-Cipher Text Pair with Plaintext Chosen Ciphertext Attacks (3 of 3) Chosen Text Cryptanalyst Knows… – Encryption Algorithm – Ciphertext To Be Deciphered – Plaintext-Cipher Text Pair with Plaintext Chosen – Plaintext-Cipher Text Pair with Ciphertext Chosen • Known Ciphertext Cryptanalyst Knows… – Encryption Algorithm – Ciphertext To Be Deciphered – Plaintext-Cipher Text Pair with Ciphertext Chosen 5-25 How do you get your chosen plaintext encrypted since you don’t know the key? Hmm… 5-26 Strong Encryption • Cryptanalyst Can NOT – Decipher the Ciphertext – Figure Out the Key Secure Encryption • Unconditionally Secure – CanNOT Deduce Plaintext from Ciphertext (In Any Amount of Time) – Only One Such Known Encryption Algorithm (But Not Practical For Most Applications) • Even If Cryptanalyst – – – – Knows the Algorithm Has the Ciphertext Has One Or More Ciphertexts Has A Number of Plaintext-Ciphertext Pairs • Computationally Secure – Cost of Deciphering > Value of Plaintext – Time to Decipher > Useful Lifetime of Plaintext 5-27 5-28 Cryptosystem Requirements • Encryption/Decryption Algorithm – Strong – Computationally Secure – Plus • Fast? • Cheap? • Etc…? Conventional Cryptosystem ~P Cryptanalyst ~K Intercepted Message Source P Encryption Algorithm C Decryption Algorithm P Message Destination • Key – – – – Strong Shared Secure Plus K Transmitted K P = Plaintext Secure Channel • Fast? • Cheap? • Etc…? 5-29 Key Source C = Ciphertext K = Key ~ = Approximate 5-30 Which is the hardest part? All of it! © 2006 by Wayne R. All Rights Reserved. 5-5 Michigan State University Department of Computer Science and Engineering .

Be careful! Modular Arithmetic (4 of 5) • • • • • • • • • • 5-35 • a mod b = r a=b*n+r • (– 7) mod 26 = 19 – 7 = 26 * (– 1) + 19 • Be Careful (–7) mod 26 = 19 – (7 mod 26) = – 7 – 7 mod 26 = ? • NB: VB’s Mod Operator is Incorrect Integers mod 5 0 mod 5 = 0 1 mod 5 = 1 2 mod 5 = 2 3 mod 5 = 3 4 mod 5 = 4 5 mod 5 = 0 6 mod 5 = 1 7 mod 5 = 2 8 mod 5 = 3 9 mod 5 = 4 • • • • • • • • • • Integers mod 5 10 mod 5 = 0 11 mod 5 = 1 12 mod 5 = 2 13 mod 5 = 3 14 mod 5 = 4 15 mod 5 = 0 16 mod 5 = 1 17 mod 5 = 2 18 mod 5 = 3 19 mod 4 = 4 5-36 © 2006 by Wayne R. Dyksen. Introduction to Computer Security Chapter 5.2 Historical Background • Substitution Techniques • Transposition Techniques • Rotor Machines • Steganography (Julius) Caesar Cipher • Cipher plain: a b c d e f g h i j k l m n o p q r s t u v w x y z ↓ ↓ ↓ ↓ ↓ ↓ ↓ ↓ ↓ ↓ ↓ ↓ ↓ ↓ ↓ ↓ ↓ ↓ ↓ ↓ ↓ ↓ ↓ ↓ ↓ ↓ CIPHER: D E F G H I J K L M N O P Q R S T U V W X Y Z A B C • Example plain: attack the enemy on friday CIPHER: DWWDFN WKH HQHPB RQ IULGDB • Cipher Characteristics – Substitution – Monoalphabetic (Single Cipher Alphabet Used) 5-31 5-32 Modular Arithmetic (1 of 5) • Definition For integers a and b.CSE 425. • Intuitively a mod b is the remainder after dividing a by b Modular Arithmetic (2 of 5) • a mod b = r – a div b = n with remainder r – a=b*n+r • 14 mod 4 = 2 – 14 div 4 = 3 with remainder 2 – 14 = 4 * 3 + 2 • 1095 mod 10 = 5 – 1095 div 10 = 109 with remainder 5 – 1095 = 10 * 109 + 5 • (b * n) mod b = 0 – (b * n) div b = n with remainder 0 – (b * n) = b * n + 0 5-33 5-34 Modular Arithmetic (3 of 5) • What if a < 0? Note that 0 ≤ a mod b < b. Cryptography 5. we define r = a mod b if there exist integers n and 0 ≤ r < b such that a = b * n + r. 5-6 Michigan State University Department of Computer Science and Engineering . All Rights Reserved.

key ≡ k = ‘d’ = 3 • Hmm… ( 0 + 3) mod 26 = 3 ( 1 + 3) mod 26 = 4 ( 2 + 3) mod 26 = 5 ( 3 + 3) mod 26 = 6 ( 4 + 3) mod 26 = 7 ( 5 + 3) mod 26 = 8 ( 6 + 3) mod 26 = 9 ( 7 + 3) mod 26 = 10 ( 8 + 3) mod 26 = 11 ( 9 + 3) mod 26 = 12 (10 + 3) mod 26 = 13 (11 + 3) mod 26 = 14 (12 + 3) mod 26 = 15 (13 + 3) mod 26 = 16 (14 + 3) mod 26 = 17 (15 + 3) mod 26 = 18 (16 + 3) mod 26 = 19 (17 + 3) mod 26 = 10 (18 + 3) mod 26 = 21 (19 + 3) mod 26 = 22 (20 + 3) mod 26 = 23 (21 + 3) mod 26 = 24 (22 + 3) mod 26 = 25 (23 + 3) mod 26 = 0 (24 + 3) mod 26 = 1 (25 + 3) mod 26 = 2 5-39 – Decryption • P = (C – k) mod 26 • Family of Caesar Ciphers – c = (p + k) mod 26. Dyksen. 2. …. k = any character – 25 Ciphers (Why not 26?) 5-40 (Augustus) Caesar Cipher • Cipher plain: a b c d e f g h i j k l m n o p q r s t u v w x y z ↓ ↓ ↓ ↓ ↓ ↓ ↓ ↓ ↓ ↓ ↓ ↓ ↓ ↓ ↓ ↓ ↓ ↓ ↓ ↓ ↓ ↓ ↓ ↓ ↓ ↓ CIPHER: C D E F G H I J K L M N O P Q R S T U V W X Y Z A B Caesar Ciphers Implemented • Excel CHAR(MOD( CODE($B3)-CODE("a") + CODE(C$2)-CODE("a") .….n-1 • Denoted by Zn • n Prime – Special Case – Use p instead of n – Zp 5-37 Caesar Cipher Revisited (1 of 3) • Cipher plain: a b c d e f g h i j k l m n o p q r s t u v w x y z ↓ ↓ ↓ ↓ ↓ ↓ ↓ ↓ ↓ ↓ ↓ ↓ ↓ ↓ ↓ ↓ ↓ ↓ ↓ ↓ ↓ ↓ ↓ ↓ ↓ ↓ CIPHER: D E F G H I J K L M N O P Q R S T U V W X Y Z A B C • Let a = 0. i. Introduction to Computer Security Chapter 5.CSE 425. 5-7 Michigan State University Department of Computer Science and Engineering . c = 2. 25) – Add Three (Add ‘d’) – But “Wrap” (26 → 0. 28 → 2) Caesar Cipher Revisited (3 of 3) • Let a = 0. All Rights Reserved. c = 2. …. 1.…. z = 25 • Cipher plain: CIPHER: plain: 0 ↓ 3 1 ↓ 4 2 ↓ 5 3 ↓ 6 4 ↓ 7 5 ↓ 8 6 7 8 9 10 11 12 ↓ ↓ ↓ ↓ ↓ ↓ ↓ 9 10 11 12 13 14 15 13 14 15 16 17 18 19 20 21 22 23 24 25 ↓ ↓ ↓ ↓ ↓ ↓ ↓ ↓ ↓ ↓ ↓ ↓ ↓ CIPHER: 16 17 18 19 20 21 22 23 24 25 0 1 2 5-38 Caesar Cipher Revisited (2 of 3) • Caesar Cipher – Encode Letters (0. 27 → 1. – c = (p + 2) mod 26 – p = (c – 2) mod 26 © 2006 by Wayne R. d = 3. 1. 1)) . b = 1. Cryptography Modular Arithmetic (5 of 5) Integers mod n • Only n digits 0. z = 25 • Caesar Cipher – Encryption • C = (p + ‘d’) mod 26 • C = (p + 3) mod 26 • C = (p + k) mod 26. b = 1.Asc("a") Caesar_Encrypt = "" For i = 1 To Len(plain) p = Asc(Mid(plain. 26) + CODE("A") ) • Example plain: attack the enemy on friday CIPHER: CVVCEM VJG GPGOA QP HTKFCA • Visual Basic k = Asc(key) .Asc("a") c = (p + k) Mod 26 Caesar_Encrypt = Caesar_Encrypt & Chr(c + Asc("A")) Next i 5-41 5-42 • Augustus changed the key from ‘d’ to ‘c’. d = 3.

ion.12702 0. er. tio. tis. it. em. nd.08167 0. at. co. In Order: the.CSE 425. Trigram Frequency Start/End-of-Word Letters Probable Words Etc… 5-46 – Plaintext Structure Preserved Recall: Letter Frequencies • • • • • • • • • • • • • e t a o i n s h r d l c u 0. on.02782 0. al. ing. edt. ed. oft.02360 0. ra. te. de.02015 0. for. ar. All Rights Reserved.01492 0. ti. nde. nt. 5-8 Michigan State University Department of Computer Science and Engineering .01929 0.06966 0.04253 0.00074 5-47 Recall: Digrams & Trigrams • Digrams Most Common.00772 0.00095 0. an. men 5-48 © 2006 by Wayne R. has.00150 0. sa. Introduction to Computer Security Chapter 5.02758 • • • • • • • • • • • • • m w f g y p b v k j x q z 0.09056 0. re.06094 0. nce.02228 0. to.06749 0. tha.05987 0.02406 0. or.00153 0. Cryptography Cracking the Caesar Cipher • Ciphertext SDDUKWWPSEKSJWFGOUSFUWDDWV Bruce Force Attack Key 0 a 1 b 2 c 3 d 4 e 5 f 6 g 7 h 8 i 9 j 10 k 11 l 12 m 13 n 14 o 15 p 16 q 17 r 18 s 19 t 20 u 21 v 22 w 23 x 24 y 25 z S s r q p o n m l k j i h g f e d c b a z y x w v u t D d c b a z y x w v u t s r q p o n m l k j i h g f e D d c b a z y x w v u t s r q p o n m l k j i h g f e U u t s r q p o n m l k j i h g f e d c b a z y x w v K k j i h g f e d c b a z y x w v u t s r q p o n m l W w v u t s r q p o n m l k j i h g f e d c b a z y x W w v u t s r q p o n m l k j i h g f e d c b a z y x P p o n m l k j i h g f e d c b a z y x w v u t s r q S s r q p o n m l k j i h g f e d c b a z y x w v u t E e d c b a z y x w v u t s r q p o n m l k j i h g f K k j i h g f e d c b a z y x w v u t s r q p o n m l Ciphertext S J W F s j w f r i v e q h u d p g t c o f s b n e r a m d q z l c p y k b o x j a n w i z m v h y l u g x k t f w j s e v i r d u h q c t g p b s f o a r e n z q d m y p c l x o b k w n a j v m z i u l y h t k x g G g f e d c b a z y x w v u t s r q p o n m l k j i h O o n m l k j i h g f e d c b a z y x w v u t s r q p U u t s r q p o n m l k j i h g f e d c b a z y x w v S s r q p o n m l k j i h g f e d c b a z y x w v u t F f e d c b a z y x w v u t s r q p o n m l k j i h g U u t s r q p o n m l k j i h g f e d c b a z y x w v W w v u t s r q p o n m l k j i h g f e d c b a z y x D d c b a z y x w v u t s r q p o n m l k j i h g f e D d c b a z y x w v u t s r q p o n m l k j i h g f e W w v u t s r q p o n m l k j i h g f e d c b a z y x V v u t s r q p o n m l k j i h g f e d c b a z y x w • Observations – Algorithm Is Known – Plaintext Easily Recognizable – Only 26 Keys • Attack Ideas? 5-43 5-44 Improvements? • Increase Number of Keys • Allow Any Substitution Ordering • An Idea – Key: Set of Unique Letters – Substitution: Key & (Alphabet Minus Key Letters) Using the Plaintext Structure • Suppose – Plaintext Structure Known – Encryption Preserves Plaintext Structure • Cryptanalyst Attack Strategy – – – – – 5-45 • Example plain: a b c d e f g h i j k l m n o p q r s t u v w x y z ↓ ↓ ↓ ↓ ↓ ↓ ↓ ↓ ↓ ↓ ↓ ↓ ↓ ↓ ↓ ↓ ↓ ↓ ↓ ↓ ↓ ↓ ↓ ↓ ↓ ↓ CIPHER: S E C U R I T Y A B D F G H J K L M N O P Q V W X Z • Analysis? – 26! Keys …but… (Say For English Text) Single Letter Frequency Digram. se. In Order: th. sth. es. ent. et. en. in.00978 0. Dyksen.06327 0.01974 0.04025 0. ro • Trigrams Most Common. and. he.07507 0.

Plain Cipher Freq. Plain Cipher Freq. Plain Cipher Freq. Plain Cipher Freq. Trigram Frequencies Cryptanalysis Plain Cipher Freq. e R 28 F 9 I 3 Q 1 t O 22 N 8 K 3 B 0 a S 16 J 6 V 3 D 0 h Y 13 U 6 X 3 W 0 M 12 P 5 G 2 Z 0 A 10 E 4 T 2 H 9 C 3 L 1 OY YR 10 5 OYR OYS 5 3 Letter. Plain Cipher Freq. 5-9 Michigan State University Department of Computer Science and Engineering . Plain Cipher Freq. Plain Cipher Freq. Plain Cipher Freq. Trigram Frequencies Plain Cipher Freq. Dyksen. Diagram. Diagram. Trigram Frequencies Plain Cipher Freq. Trigram Frequencies Plain Cipher Freq. R 28 F 9 I 3 Q 1 O 22 N 8 K 3 B 0 S 16 J 6 V 3 D 0 Y 13 U 6 X 3 W 0 M 12 P 5 G 2 Z 0 A 10 E 4 T 2 H 9 C 3 L 1 OY YR 10 5 OYR OYS 5 3 5-49 5-50 Analyzing Ciphertext (3 of 6) Cipher: Plain: Cipher: Plain: Cipher: Plain: Cipher: Plain: VRYJFUOYRNROMPOYNOJERNRFIRQAURHOOYSOSFFGRHSMRCMRSO -eh---the-et--th-t--e-e--e---e-tthata---e-a-e--eat RURLPSFOYSOOYRXSMRRHUJVRUEXOYRAMCMRSOJMVAOYCRMOSAH e-e--a-thatthe-a-ee----e---the----eat----th-e-ta-PHSFARHSEFRMATYONOYSOSGJHTOYRNRSMRFAIRFAERMOXSHUOY --a--e-a--e---ht-thata----the-ea-e---e---e-t-a--th RKPMNPAOJIYSKKAHRNN e------t--ha----e-Map from Cipher… …to Plain Analyzing Ciphertext (4 of 6) Cipher: Plain: Cipher: Plain: Cipher: Plain: Cipher: Plain: VRYJFUOYRNROMPOYNOJERNRFIRQAURHOOYSOSFFGRHSMRCMRSO -ehol-thesetr-thsto-esel-e-i-entthatall-enare-reat RURLPSFOYSOOYRXSMRRHUJVRUEXOYRAMCMRSOJMVAOYCRMOSAH e-e--althatthe-areen-o-e---their-reator-ith-ertain PHSFARHSEFRMATYONOYSOSGJHTOYRNRSMRFAIRFAERMOXSHUOY -naliena-leri-htsthata-on-theseareli-eli-ert-an-th RKPMNPAOJIYSKKAHRNN e--rs-ito-ha--iness Map from Cipher… …to Plain Cipher: ABCDEFGHIJKLMNOPQRSTUVWXYZ Plain: --------------t--ea-----h- Cipher: ABCDEFGHIJKLMNOPQRSTUVWXYZ Plain: i----l-n-o--rst--ea-----h- Letter. Diagram.CSE 425. Plain Cipher Freq. Diagram. Plain Cipher Freq. Plain Cipher Freq. Cryptography Analyzing Ciphertext (1 of 6) VRYJFUOYRNROMPOYNOJERNRFIRQAURHOOYSOSFFGRHSMRCMRSO RURLPSFOYSOOYRXSMRRHUJVRUEXOYRAMCMRSOJMVAOYCRMOSAH PHSFARHSEFRMATYONOYSOSGJHTOYRNRSMRFAIRFAERMOXSHUOY RKPMNPAOJIYSKKAHRNN Analyzing Ciphertext (2 of 6) Cipher: Plain: Cipher: Plain: Cipher: Plain: Cipher: Plain: VRYJFUOYRNROMPOYNOJERNRFIRQAURHOOYSOSFFGRHSMRCMRSO -------------------------------------------------RURLPSFOYSOOYRXSMRRHUJVRUEXOYRAMCMRSOJMVAOYCRMOSAH -------------------------------------------------PHSFARHSEFRMATYONOYSOSGJHTOYRNRSMRFAIRFAERMOXSHUOY -------------------------------------------------RKPMNPAOJIYSKKAHRNN ------------------Map from Cipher… …to Plain Cipher: ABCDEFGHIJKLMNOPQRSTUVWXYZ Plain: -------------------------- Letter. Introduction to Computer Security Chapter 5. Plain Cipher Freq. e R 28 l F 9 I 3 Q 1 t O 22 s N 8 K 3 B 0 a S 16 o J 6 V 3 D 0 h Y 13 U 6 X 3 W 0 r M 12 P 5 G 2 Z 0 i A 10 E 4 T 2 n H 9 C 3 L 1 OY YR 10 5 OYR OYS 5 3 5-51 5-52 Analyzing Ciphertext (5 of 6) Cipher: Plain: Cipher: Plain: Cipher: Plain: Cipher: Plain: VRYJFUOYRNROMPOYNOJERNRFIRQAURHOOYSOSFFGRHSMRCMRSO weholdthesetruthstobeselfevidentthatallmenarecreat RURLPSFOYSOOYRXSMRRHUJVRUEXOYRAMCMRSOJMVAOYCRMOSAH edequalthattheyareendowedbytheircreatorwithcertain PHSFARHSEFRMATYONOYSOSGJHTOYRNRSMRFAIRFAERMOXSHUOY unalienablerightsthatamongthesearelifelibertyandth RKPMNPAOJIYSKKAHRNN epursuitofhappiness Map from Cipher… …to Plain Analyzing Ciphertext (6 of 6) VR YJFU OYRNR OMPOYN OJ ER NRFI RQAURHO OYSO SFF we hold these truths to be self evident that all GRH SMR CMRSORU RLPSF OYSO OYRX SMR RHUJVRU EX men are created equal that they are endowed by OYRAM CMRSOJM VAOY CRMOSAH PHSFARHSEFR MATYON their creator with certain unalienable rights OYSO SGJHT OYRNR SMR FAIR FAERMOX SHU OYR that among these are life liberty and the KPMNPAO JI YSKKAHRNN pursuit of happiness Cipher: ABCDEFGHIJKLMNOPQRSTUVWXYZ Plain: i-c-blmnfopqrstuveagdw-yh- Letter. All Rights Reserved. e R 28 l F 9 f I 3 v Q 1 t O 22 s N 8 p K 3 B 0 a S 16 o J 6 w V 3 D 0 h Y 13 d U 6 y X 3 W 0 r M 12 u P 5 m G 2 Z 0 i A 10 b E 4 g T 2 n H 9 c C 3 q L 1 OY YR 10 5 OYR OYS 5 3 5-53 5-54 © 2006 by Wayne R.

CSE 425. Say With x) – Pad Last Pair – (If Needed. say With x) – E.2.3 An Early Block Cipher: Playfair • Invented by Sir Charles Wheatstone • Championed by Baron Playfair of St. In Column of Pair – TH t AF WB t ZY – Letter To Right – SC t EU NP t OL (“Circular”) – Letter Below – EF t TM AX t HU (“Circular”) – Letter In Same Row. Introduction to Computer Security Chapter 5. Cryptography Hiding the Plaintext Structure Two Possible Approaches • Encrypt Multiple Letters At A Time – Playfair Cipher – Hill Cipher – Etc… 5. In Column of Pair – TH t AF WB t ZY • Same Column? • Otherwise 5-57 5-58 Playfair Cipher (3 of 11) Encrypting Plaintext (Pairwise) • Same Row? S I/J D L Q E T F M V C Y G N W U A H O X R B K P Z Playfair Cipher (4 of 11) Encrypting Plaintext (Pairwise) • Same Row? S I/J D L Q E T F M V C Y G N W U A H O X R B K P Z – Letter To Right – SC t EU NP t OL (“Circular”) – Letter Below – EF t TM AX t HU (“Circular”) – Letter In Same Row. 5-10 Michigan State University Department of Computer Science and Engineering .g. Andrews • Characteristics – Key is a Word – Process Letters in Pairs (Block Cipher) – Monoalphabetic • Use Multiple Cipher Alphabets (Polyalphabetic Substitution Cipher) – Vigenère Cipher – One Time Pad – Etc… 5-55 5-56 Playfair Cipher (1 of 11) • Encrypting Matrix – Put I and J Together – Put in Keyword (Minus Duplicates) – Put in Rest of Alphabet Playfair Cipher (2 of 11) E T F M V C Y G N W U A H O X R B K P Z Encrypting Plaintext (Pairwise) • Same Row? S I/J D L Q E T F M V C Y G N W U A H O X R B K P Z S I/J D L Q • Plaintext – Group in Pairs – Separate Double Letters (If Needed. Dyksen. attack the enemy on Friday becomes at ta ck th ex en em yo nf ri da yx – Letter To Right – SC t EU NP t OL (“Circular”) – Letter Below – EF t TM AX t HU (“Circular”) – Letter In Same Row. All Rights Reserved. In Column of Pair – TH t AF WB t ZY • Same Column? • Same Column? • Otherwise • Otherwise 5-59 5-60 © 2006 by Wayne R.

In Column of Pair – TH t AF WB t ZY • Same Column? • Same Column? • Otherwise • Otherwise 5-63 5-64 Playfair Cipher (9 of 11) Encrypting Plaintext (Pairwise) • Same Row? S I/J D L Q E T F M V C Y G N W U A H O X R B K P Z Playfair Cipher (10 of 11) Encrypting Plaintext (Pairwise) • Same Row? S I/J D L Q E T F M V C Y G N W U A H O X R B K P Z – Letter To Right – SC t EU NP t OL (“Circular”) – Letter Below – EF t TM AX t HU (“Circular”) – Letter In Same Row. In Column of Pair – TH t AF WB t ZY – Letter To Right – SC t EU NP t OL (“Circular”) – Letter Below – EF t TM AX t HU (“Circular”) – Letter In Same Row. In Column of Pair – TH t AF WB t ZY • Same Column? • Same Column? • Otherwise • Otherwise 5-65 5-66 © 2006 by Wayne R. 5-11 Michigan State University Department of Computer Science and Engineering . Dyksen. In Column of Pair – TH t AF WB t ZY • Same Column? • Same Column? • Otherwise • Otherwise 5-61 5-62 Playfair Cipher (7 of 11) Encrypting Plaintext (Pairwise) • Same Row? S I/J D L Q E T F M V C Y G N W U A H O X R B K P Z Playfair Cipher (8 of 11) Encrypting Plaintext (Pairwise) • Same Row? S I/J D L Q E T F M V C Y G N W U A H O X R B K P Z – Letter To Right – SC t EU NP t OL (“Circular”) – Letter Below – EF t TM AX t HU (“Circular”) – Letter In Same Row. In Column of Pair – TH t AF WB t ZY – Letter To Right – SC t EU NP t OL (“Circular”) – Letter Below – EF t TM AX t HU (“Circular”) – Letter In Same Row. Cryptography Playfair Cipher (5 of 11) Encrypting Plaintext (Pairwise) • Same Row? S I/J D L Q E T F M V C Y G N W U A H O X R B K P Z Playfair Cipher (6 of 11) Encrypting Plaintext (Pairwise) • Same Row? S I/J D L Q E T F M V C Y G N W U A H O X R B K P Z – Letter To Right – SC t EU NP t OL (“Circular”) – Letter Below – EF t TM AX t HU (“Circular”) – Letter In Same Row. All Rights Reserved. Introduction to Computer Security Chapter 5.CSE 425. In Column of Pair – TH t AF WB t ZY – Letter To Right – SC t EU NP t OL (“Circular”) – Letter Below – EF t TM AX t HU (“Circular”) – Letter In Same Row.

S. p are n vectors K is an n × n matrix • Mathematically c1 c2 c3 = (k11 p1 + k12 p2 + k13 p3 ) mod 26 = (k 21 p1 + k 22 p2 + k 23 p3 ) mod 26 = (k31 p1 + k32 p2 + k33 p3 ) mod 26 5-71 r r c = K p mod 26 5-72 © 2006 by Wayne R. Army and Allies in World War II • Ciphertext attackthexenemyonfridayx BYYBRGAFUVCMTVANMGSBHIAW D L Q • Strength? – Much of Plaintext Structure Survives – Broken With Few Hundred Letters Of Ciphertext 5-67 5-68 Hill Cipher • Invented by Lester Hill • Characteristics – Key is a Matrix – Process Letters in Vectors (Block Cipher) – Monoalphabetic Motivation for Hill Cipher • Recall a Line – y = f(x) = mx + b • Recall Caesar Ciphers – Line With m = 1.CSE 425. Dyksen. Introduction to Computer Security Chapter 5. All Rights Reserved. b = k1 – c = (k2 p + k1) mod 26 5-69 5-70 Hill Cipher (n = 3) • Idea – Process 3 Plaintext Characters At A Time (Block Cipher With Block Size 3) – Use 9 Keys (Or Generate 9 Keys From One Key) – Ciphertext Is Linear Combination of Plaintext Mod 26 Hill With Matrix Notation ⎛ c1 ⎞ ⎛ k11 ⎜ ⎟ ⎜ ⎜ c2 ⎟ = ⎜ k 21 ⎜c ⎟ ⎜k ⎝ 3 ⎠ ⎝ 31 k12 k 22 k32 k13 ⎞⎛ p1 ⎞ ⎟⎜ ⎟ k 23 ⎟⎜ p2 ⎟ mod 26 ⎜ ⎟ k33 ⎟ ⎠⎝ p3 ⎠ r r c . b = k – c = (p + k) mod 26 – c = (1*p + k) mod 26 • Generalization of Caesar Ciphers – Line with m = k2. Cryptography Playfair Cipher (11 of 11) • Plaintext attacktheenemyonfriday at ta ck th ex en em yo nf ri da yx Analysis of Playfair • Improvements E T F M V C Y G N W U A H O X R B K P Z – Increases Number of Keys (From 26 to 26 x 26 = 676) – Flattens Out Frequencies of Letter S I/J • History – Considered Unbreakable For a Long Time – Used By • British Army in World War I • U. 5-12 Michigan State University Department of Computer Science and Engineering .

⎟ ⎜ ⎟ 2 19 ⎠ ⎝ 24 0 17 ⎠ 17 5 ⎞ ⎛ 4 9 15 ⎞ ⎟ ⎟⎜ 18 21⎟ ⎜ 15 17 6 ⎟ mod 26 ⎜ ⎟ 2 19 ⎠ ⎝ 24 0 17 ⎟ ⎠ Hill Decryption r r Let c = K p mod 26 and K K −1 mod 26 = I . Plain Cipher Freq. e R 28 l F 9 f I 3 v Q 1 t O 22 s N 8 p K 3 B 0 a S 16 o J 6 w V 3 D 0 h Y 13 d U 6 y X 3 W 0 r M 12 u P 5 m G 2 Z 0 i A 10 b E 4 g T 2 n H 9 c C 3 q L 1 OY YR 10 5 OYR OYS 5 3 5-75 5-76 The Inverse of K: K -1 ⎛17 ⎜ Let K = ⎜ 21 ⎜2 ⎝ ⎛17 ⎜ Then KK −1 = ⎜ 21 ⎜2 ⎝ 17 5 ⎞ ⎛ 4 9 15 ⎞ ⎟ ⎜ ⎟ 18 21⎟ and K −1 = ⎜ 15 17 6 ⎟. Plain Cipher Freq. A 10 H 5 O 1 V 6 B 7 I 8 P 7 W 8 C 5 J 8 Q 3 Y 8 D 6 K 6 R 4 Y 8 E 8 L 3 S 4 Z 7 F 14 M 6 T 9 G 9 N 6 U 8 Cipher: ABCDEFGHIJKLMNOPQRSTUVWXYZ Plain: i-c-blmnfopqrstuveagdw-yh- Letter. Diagram.CSE 425. Cryptography Hill Encryption Example (1 of 4) ⎛w⎞ ⎛17 17 5 ⎞ ⎟ ⎜ r ⎜ ⎟ Let K = ⎜ 21 18 21⎟ and p = ⎜ e ⎟. Dyksen. Trigram Frequencies Plain Cipher Freq. 5-13 Michigan State University Department of Computer Science and Engineering . Introduction to Computer Security Chapter 5. Trigram Frequencies Plain Cipher Freq. Then r r K −1c mod 26 = K −1 (K p mod 26 ) mod 26 r = K −1 K p mod 26 r = p mod 26 r =p ⎛ 443 442 442 ⎞ ⎟ ⎜ = ⎜ 858 495 780 ⎟ mod 26 ⎜ 494 52 365 ⎟ ⎠ ⎝ ⎛1 0 0⎞ ⎟ ⎜ = ⎜ 0 1 0⎟ ⎜0 0 1⎟ ⎠ ⎝ 5-77 5-78 © 2006 by Wayne R. Plain Cipher Freq. Plain Cipher Freq. Diagram. Plain Cipher Freq. Plain Cipher Freq. All Rights Reserved. Hill Encryption Example (2 of 4) r r c = K p mod 26 ⎛17 ⎜ = ⎜ 21 ⎜2 ⎝ ⎛17 ⎜ = ⎜ 21 ⎜2 ⎝ 17 5 ⎞ ⎛ w ⎞ ⎟⎜ ⎟ 18 21⎟ ⎜ e ⎟ mod 26 ⎜ ⎟ 2 19 ⎟ ⎠⎝ h ⎠ 17 5 ⎞ ⎛ 22 ⎞ ⎟⎜ ⎟ 18 21⎟ ⎜ 4 ⎟ mod 26 ⎜ ⎟ 2 19 ⎟ ⎠⎝ 7 ⎠ ⎛ 477 ⎞ ⎟ ⎜ = ⎜ 681 ⎟ mod 26 ⎜ 185 ⎟ ⎠ ⎝ ⎛9⎞ ⎛ J ⎞ ⎜ ⎟ ⎜ ⎟ = ⎜5⎟ = ⎜ F ⎟ ⎜ 3⎟ ⎜ D⎟ ⎝ ⎠ ⎝ ⎠ ⎛ 22 ∗17 + 4 ∗17 + 7 ∗ 5 ⎞ ⎜ ⎟ = ⎜ 22 ∗ 21 + 4 ∗18 + 7 ∗ 21 ⎟ mod 26 ⎜ 22 ∗ 2 + 4 ∗ 2 + 7 ∗19 ⎟ ⎝ ⎠ 5-73 5-74 Recall Caesar Cipher (3 of 4) Cipher: Plain: Cipher: Plain: Cipher: Plain: Cipher: Plain: VRYJFUOYRNROMPOYNOJERNRFIRQAURHOOYSOSFFGRHSMRCMRSO weholdthesetruthstobeselfevidentthatallmenarecreat RURLPSFOYSOOYRXSMRRHUJVRUEXOYRAMCMRSOJMVAOYCRMOSAH edequalthattheyareendowedbytheircreatorwithcertain PHSFARHSEFRMATYONOYSOSGJHTOYRNRSMRFAIRFAERMOXSHUOY unalienablerightsthatamongthesearelifelibertyandth RKPMNPAOJIYSKKAHRNN epursuitofhappiness Map from Cipher… …to Plain Hill Encryption Example (4 of 4) Cipher: Plain: Cipher: Plain: Cipher: Plain: Cipher: Plain: JFDYJDULYBRPWYTAMVPGCNFTYUBZUUPAJGALINXZZTXAGFQKFKK weholdthesetruthstobeselfevidentthatallmenarecreate RDGFBPAFAFEBIWENTOEXMPZFAUVTXSSWXHPFNWMAHFFDXZVICWB dequalthattheyareendowedbytheircreatorwithcertainun TCSDGIQRWNDIMJEAFATBGVEMULYKISWKRHEYQGFKJNFXJTGVHUC alienablerightsthatamongthesearelifelibertyandthepu HUCTJIJYIWXYEZEPVMGBZ epursuitofhappinessxx Letter. ⎜h⎟ ⎜ 2 2 19 ⎟ ⎝ ⎠ ⎠ ⎝ r r Then c = Kp mod 26.

r ⎛ c1 ⎞ ⎜r ⎟ r r r ⎜c ⎟ n×n n× n Let C = ⎜ 2 ⎟ ∈ Ζ 26 and P = ( p1 p2 L pn ) ∈ Ζ 26 .CSE 425. Cryptography Hill Cipher r r n n× n Let p.. Analysis of Hill • Letter Distributions – – – – Hides Completely 3 x 3 Hill Hides Digrams 4 x 4 Hill Hides Trigrams n x n Hill Hides (n .1)-Letter Groups Hill Encryption : r r r c = E K ( p) = K p mod 26 Hill Decryption : r r r p = DK (c ) = K −1c mod 26 5-79 • Strength? – Strong Against Ciphertext-Only Attack – Easily Broken With Known Plaintext Attack (Why?) 5-80 Cracking the Hill Cipher r r Suppose you have n Suppose c j = Kp j mod 26. K ∈ Z 26 . j = 1. Dyksen. 5-81 Cracking Hill Example (1 of 4) • Suppose 3 x 3 Hill With – Plaintext: weholdthe – Ciphertext: ZHFSMTBGF • Then ⎛w o t ⎞ ⎛ Z S B⎞ ⎟ ⎜ ⎟ ⎜ ⎜ H M G ⎟ = K ⎜ e l h ⎟ mod 26 ⎜ h d e⎟ ⎜ F T F⎟ ⎠ ⎝ ⎠ ⎝ 5-82 Cracking Hill Example (2 of 4) ⎛ Z S B⎞ ⎛w ⎜ ⎟ ⎜ ⎜H M G⎟ = K⎜ e ⎜F T F⎟ ⎜h ⎝ ⎠ ⎝ ⎛ 25 18 1 ⎞ ⎛ 22 ⎜ ⎟ ⎜ ⎜ 7 12 6 ⎟ = K ⎜ 4 ⎜ 5 19 5 ⎟ ⎜7 ⎝ ⎠ ⎝ t⎞ ⎟ l h ⎟ mod 26 d e⎟ ⎠ o 14 19 ⎞ ⎟ 11 7 ⎟ mod 26 3 4⎟ ⎠ −1 Cracking Hill Example (3 of 4) ⎛ 25 ⎜ K =⎜ 7 ⎜5 ⎝ ⎛ 25 ⎜ =⎜ 7 ⎜5 ⎝ 18 1 ⎞ ⎛ 22 ⎟⎜ 12 6 ⎟ ⎜ 4 ⎜ 19 5 ⎟ ⎠⎝ 7 18 1 ⎞ ⎛ 19 ⎟⎜ 12 6 ⎟ ⎜ 25 ⎜ 19 5 ⎟ ⎠ ⎝ 13 14 19 ⎞ ⎟ 11 7 ⎟ 3 4⎟ ⎠ 11 1 ⎞ ⎟ 25 0 ⎟ mod 26 14 18 ⎟ ⎠ −1 ⎛ 25 18 1 ⎞ ⎛ 22 14 19 ⎞ ⎜ ⎟⎜ ⎟ ⎜ 7 12 6 ⎟ ⎜ 4 11 7 ⎟ mod 26 = K ⎜ 5 19 5 ⎟ ⎜ 7 3 4 ⎟ ⎝ ⎠⎝ ⎠ 5-83 ⎛ 938 739 43 ⎞ ⎜ ⎟ = ⎜ 511 461 115 ⎟ mod 26 ⎜ ⎟ ⎝ 635 600 95 ⎠ ⎛ 2 11 17 ⎞ ⎜ ⎟ = ⎜17 19 11 ⎟ ⎜ 11 2 17 ⎟ ⎝ ⎠ 5-84 © 2006 by Wayne R.1) x (n . 5-14 Michigan State University Department of Computer Science and Engineering .. M ⎜r ⎟ ⎜c ⎟ ⎝ n⎠ Then C = KP mod 26 so that K = CP −1 mod 26. All Rights Reserved. c ∈ Z 26 . plaintext-ciphertext pairs.. n. Introduction to Computer Security Chapter 5..

Cryptography Cracking Hill Example (4 of 4) ⎛ 2 11 17 ⎞ ⎛ 7 17 8 ⎞ ⎟ ⎜ ⎜ ⎟ Hence. All Rights Reserved. Introduction to Computer Security Chapter 5.1 An Early Stream Cipher The Vigenère • Invented by Blaise de Vigenère (Diplomat for King Charles IX) • Characteristics – Based on Caesar Cipher – Key is a Repeated String of Letters – Encrypt Letters Depending on Position in Plaintext (Stream Cipher) – Polyalphabetic 5-86 Polyalphabetic Substitution Ciphers • Family of Monoalphabetic Substitution Ciphers • Plaintext Letters Encrypted – One At a Time (Stream Cipher) – Monoalphabetic Substitution Cipher Depends On • Letter’s Position in the Plaintext • Key The Vigenère Cipher • Recall Family of Caesar Ciphers – c = (p + ‘d’) mod 26 (Julius) – c = (p + ‘c’) mod 26 (Augustus) – c = (p + k) mod 26 (General) • The Vigenère Cipher – Key Letter Corresponding to Plaintext Letter Determines Which Caesar Cipher – ci = (pi + ki) mod 26 – (Repeat the Key As Many Times As Needed) 5-87 5-88 Vigenère Illustrated p w e h o l d t h e k m s u b b m s u b → → → → → → → → → → c ('w' ('e' ('h' ('o' ('l' ('d' ('t' ('h' ('e' + + + + + + + + + 'm') 's') 'u') 'b') 'b') 'm') 's') 'u') 'b') mod mod mod mod mod mod mod mod mod 26 26 26 26 26 26 26 26 26 5-89 Vigenère Tableau Key a b c d e f g h i j k l m n o p q r s t u v w x y z a A B C D E F G H I J K L M N O P Q R S T U V W X Y Z b B C D E F G H I J K L M N O P Q R S T U V W X Y Z A c C D E F G H I J K L M N O P Q R S T U V W X Y Z A B d D E F G H I J K L M N O P Q R S T U V W X Y Z A B C e E F G H I J K L M N O P Q R S T U V W X Y Z A B C D f F G H I J K L M N O P Q R S T U V W X Y Z A B C D E g G H I J K L M N O P Q R S T U V W X Y Z A B C D E F h H I J K L M N O P Q R S T U V W X Y Z A B C D E F G i I J K L M N O P Q R S T U V W X Y Z A B C D E F G H j J K L M N O P Q R S T U V W X Y Z A B C D E F G H I k K L M N O P Q R S T U V W X Y Z A B C D E F G H I J Plaintext l m n o L M N O M N O P N O P Q O P Q R P Q R S Q R S T R S T U S T U V T U V W U V W X V W X Y W X Y Z X Y Z A Y Z A B Z A B C A B C D B C D E C D E F D E F G E F G H F G H I G H I J H I J K I J K L J K L M K L M N p P Q R S T U V W X Y Z A B C D E F G H I J K L M N O q Q R S T U V W X Y Z A B C D E F G H I J K L M N O P r R S T U V W X Y Z A B C D E F G H I J K L M N O P Q s S T U V W X Y Z A B C D E F G H I J K L M N O P Q R t T U V W X Y Z A B C D E F G H I J K L M N O P Q R S u U V W X Y Z A B C D E F G H I J K L M N O P Q R S T v V W X Y Z A B C D E F G H I J K L M N O P Q R S T U w W X Y Z A B C D E F G H I J K L M N O P Q R S T U V x X Y Z A B C D E F G H I J K L M N O P Q R S T U V W y Y Z A B C D E F G H I J K L M N O P Q R S T U V W X z Z A B C D E F G H I J K L M N O P Q R S T U V W X Y 5-90 © 2006 by Wayne R. ⎜ 5 13 5 ⎟ ⎝ ⎠ 5-85 5. 5-15 Michigan State University Department of Computer Science and Engineering . K = ⎜17 19 11 ⎟ and K −1 = ⎜10 17 5 ⎟ ⎜ 11 2 17 ⎟ ⎜ 5 13 5 ⎟ ⎝ ⎠ ⎝ ⎠ So ⎛ 2 11 17 ⎞ ⎜ ⎟r r r c = Kp mod 26 = ⎜17 19 11 ⎟ p mod 26 ⎜ 11 2 17 ⎟ ⎝ ⎠ and ⎛ 7 17 8 ⎞ ⎜ ⎟r r r p = K −1c mod 26 = ⎜10 17 5 ⎟c mod 26. Dyksen.2.CSE 425.

entthatall…ualthatthe…htsthatamo… msu.CSE 425.. key length must be 5.. 5-16 Michigan State University Department of Computer Science and Engineering .bmsubbmsub…bmsubbmsub…bmsubbmsub… IWB..bmsubbmsub…bmsubbmsub…bmsubbmsub… IWB. Cryptography Vigenère Example Plain: Key: Cipher: Plain: Key: Cipher: Plain: Key: Cipher: Plain: Key: Cipher: weholdthesetruthstobeselfevidentthatallmenarecreat msubbmsubbmsubbmsubbmsubbmsubbmsubbmsubbmsubbmsubb IWBPMPLBFTQLLVUTKNPCQKYMGQNCEFZLNIBFSFMNQFUSFOJYBU edequalthattheyareendowedbytheircreatorwithcertain msubbmsubbmsubbmsubbmsubbmsubbmsubbmsubbmsubbmsubb QVYRVMDNIBFLBFZMJYFOPGQFENQNIFUJWSFMLISXULBDFDLUJO unalienablerightsthatamongthesearelifelibertyandth msubbmsubbmsubbmsubbmsubbmsubbmsubbmsubbmsubbmsubb GFUMJQFUCMQJCHIFKNIBFSGPOSLBFTQSLFMUXYMJNWLUZMFXUI epursuitofhappiness msubbmsubbmsubbmsubbmsubbmsubbmsubbmsubbmsubbmsubb QHOSTGANPGTSJQJZWMT Cracking Vigenère (1 of 4) • Note…Hmm… weh. now what? 5-93 • Etc… 5-94 Cracking Vigenère (4 of 4) Historical Note • Scientific American 1917 • Vigenère “impossible of translation” • Remember ☺ Vigenère Twist • Autokey System – – – – Proposed by Vigenère Eliminate Repeating Key Key: Keyword & Plaintext Recover Key While Decrypting • Example weholdthesetruthstobeselfevidentthatallmenarecreat msubbweholdthesetruthstobeselfevidentthatallmenare IWBPMZXOSDHMYYLLLKIULKXZGINMOJROBKEGTESMXNLCQGEERX • But…Still Crackable ☺ 5-95 5-96 © 2006 by Wayne R. Dyksen.. All Rights Reserved.FZLNIBFSFM…VMDNIBFLBF…IFKNIBFSGP… • Observation – Key Repeats Key Repeats Key Repeats… – Any Repeating Plaintext Sequence Has 1 Out of Length(Key) Chance of Being Encrypted With the Same Key Sequence – Repeating Plaintext Sequence Might Be Encrypted Into Repeating Ciphertext Sequence – Distance Between Repeating Plaintext-Key Sequences Must Be An Integer Multiple of the Key Length 5-91 5-92 Cracking Vigenère (2 of 4) • We see that… weh. Introduction to Computer Security Chapter 5.entthatall…ualthatthe…htsthatamo… msu.FZLNIBFSFM…VMDNIBFLBF…IFKNIBFSGP… 33 58 118 Cracking Vigenère (3 of 4) • What do we have? IWBPMPLBFTQLLVUTKNPCQKYMGQNCEFZLNIBFSFMNQFUSFOJYBU 12345123451234512345123451234512345123451234512345 Five Caesar Ciphers • …so the key length must divide – 25 = 58 – 33 – 60 = 118 – 58 – 85 = 118 – 33 • What do we do? – Group Ciphertext Letters By Key Position – Analyze Ciphertext by Group • Frequency Analysis • So... So.

Introduction to Computer Security Chapter 5. All Rights Reserved. 5-17 Michigan State University Department of Computer Science and Engineering . 1918 • Key – Random – How Long? • Long As Plaintext? • Long (But Shorter than Plaintext) and Repeating Vernam Cipher (2 of 3) • Exclusive-Or (xor) • Recall a 0 0 1 1 b a xor b 0 0 1 1 0 1 1 0 • Notes • Operate on Binary Data • Bitwise Exclusive-Or of Plaintext and Key 5-97 – (a xor b) == (a or b) & !(a and b) – (a xor b) == a + b mod 2 – a b a xor b (a xor b) xor b = a 0 0 0 0 0 1 1 0 1 0 1 1 1 1 0 1 5-98 Vernam Cipher (3 of 3) • Encryption ci = pi xor ki where – pi i-th binary digit of plaintext – ki i-th binary digit of key – ci i-th binary digit of cihpertext 5.2. • Hmm… • Example p: weholdthesetruthstobeselfevidentthatallmenarecreat k: iwbpmplbftqllvutknpcqkymgqncefzlnibfsfmnqfusfojybu c: EAIDXSEIJLUECPNACGDDUCCXLUIKHJMEGPBYSQXZUSUJJQACBN • So what? 5-101 5-102 © 2006 by Wayne R.2 The One-Time Pad • Joseph Mauborgne (Army Signal Corp Officer) • Idea – Stream Cipher – Key • Used-Once (“One-Time Pad”) • Random • As Long As Plaintext • Decryption pi = ci xor ki • Must Manage Long Keys • Crackable With – Sufficient Ciphertext – Known Probable Plaintext 5-99 5-100 One-Time Pad Example • Use – Vigenère Cipher – Random Key As Long As Plaintext One-Time Pad Observation • Given any plaintext and ciphertext. Cryptography Vernam Cipher (1 of 3) • Gilbert Vernam.CSE 425. we can generate a key that produces the given ciphertext from the given plaintext. Dyksen.

CSE 425. Dyksen. • Fundamental Difficulty: Key Management – Key Generation – Key Distribution • Useful For Low Bandwidth + High Security 5-104 Transposition Techniques • Permute Plaintext Letters • Rail Fence Technique – Plaintext w h l t e e r t s o e e f v d n t a a l e a e r a e o d h s t u h t b s l e i e t h t l m n r c e t Transposition Cipher Key: Plaintext: 43512 wehol dthes etrut hstob eself evide nttha tallm enare creat Cryptanalysis • Plaintext Structure Preserved • Easily Crackable – Ciphertext WHLTEERTSOEEFVDNTAALEAERAEODHSTUHTBSLEIETHTLMNRCET – Trivial To Analyze…But Right Idea Ciphertext: OEUOLDHLRALSTBFEAMETETTSSVTANRWDEHEENTECHHRTEITLAE 1 5-105 2 3 4 5 5-106 Repeated Transposition Key: Plaintext: 43512 oeuol dhlra lstbf eamet ettss vtanr wdehe entec hhrte itlae Modern Encryption Scheme plaintext Round 1 Substitution(s) and/or Permutation(s) Key? Ciphertext After Round 1 Round 2 Substitution(s) and/or Permutation(s) Key? : : Ciphertext: ORBESNHETALAFTSRECEEEHSATTDNHTODLEEVWEHIULTMTAETRL Ciphertext After Round 2 5-107 Round N Substitution(s) and/or Permutation(s) Key? CIPHERTEXT 5-108 © 2006 by Wayne R. any and all plaintexts are equally likely for a given ciphertext. 5-18 Michigan State University Department of Computer Science and Engineering . – Thus. All Rights Reserved. Cryptography One-Time Pad Example Revisited p: weholdthesetruthstobeselfevidentthatallmenarecreat k: iwbpmplbftqllvutknpcqkymgqncefzlnibfsfmnqfusfojybu c: EAIDXSEIJLUECPNACGDDUCCXLUIKHJMEGPBYSQXZUSUJJQACBN p: edequalthattheyareendowedbytheircreatorwithcertain k: axendstpclblvlpalczqrogtitkrafeneyxyzcgdmznhfzhcta c: EAIDXSEIJLUECPNACGDDUCCXLUIKHJMEGPBYSQXZUSUJJQACBN p: unalienablerightsthatamongthesearelifelibertyandth k: knisporiiaqnujghknwdbcqjyopddrieplqqnmmrtodqlqnzig c: EAIDXSEIJLUECPNACGDDUCCXLUIKHJMEGPBYSQXZUSUJJQACBN p: epursuitofhappiness k: iwbpmplbftqllvutknp c: EAIDXSEIJLUECPNACGD 5-103 One-Time Pad Characteristics • Cryptanalysis – If the key is random. – A brute force “search” would yield every plain text the length of the ciphertext. the code is unbreakable. Introduction to Computer Security Chapter 5.

Green. Green. 5-19 Michigan State University Department of Computer Science and Engineering .576 Substitution Alphabets • Frequency Analysis – Would Require Unrealistic Amounts of Ciphertext – Not Practically Possible • World War II – Germany: Enigma – Japan: Purple • Motivation For – DES – AES 5-109 5-110 Steganography • Conceal Message – – – – – – – – – Character Marking Invisible Ink Pin Punctures Typewriter Correction Ribbon Etc… Digital Color Image 2.3 MByte) 5-111 • Example © 2006 by Wayne R.874. All Rights Reserved.CSE 425. Blue 2.072 x 24 (8 Bits of Red. Cryptography Rotor Machines Rotor Machines • 26 x 26 x 26 = 17. Blue) Change Last Bit of Red.048 x 3.048 x 3. Dyksen.072 x 3 =18. Introduction to Computer Security Chapter 5.368 Bits (~2.