Codes and Ciphers: An Introduction to Cryptography and Secret

Communication

These hieroglyphics have evidently a meaning. If it is a purely arbitrary one, it may be

impossible for us to solve it. If, on the other hand, it is systematic, I have no doubt that
we shall get to the bottom of it.
-Sherlock Holmes in The Dancing Men, by Arthur Conan Doyle

Outline for Today

1. Early cryptography
2. Mathematical prereqs
3. public key cryptography

1
Some Useful Definitions

• plain alphabet - alphabet used to write original message

• cipher alphabet - letters that are substituted for the plain letters
• cipher - a means of hiding a message by replacing each letter with another letter or
symbol
• cryptography - The science of developing and using methods to conceal the meaning of
a message
• cryptanalysis - Breaking a message concealment method
• cryptology - cryptography + cryptanalysis

2
Transposition Ciphers - Anagrams

Letters of message rearranged, not changed.

Example: Rail Fence Cipher

• Write message so alternate letters are written on separate upper and lower lines.
• Form ciphertext by appending string on lower line to end of string on upper line.

Example: i came i saw i left

Upper: i a e s w l f
Lower: c m i a i e t

ciphertext: IAESWLFCMIAIET

3
Substitution Ciphers - Cryptograms

Replace each letter in plaintext with another letter or symbol.

Example: Caesar Shift Cipher

Replace each letter in plaintext with the letter 3 places down in the alphabet (with wrap-around)

plain a b c d e f g h i j k l m n o p q r s t u v w x y z
cipher D E F G H I J K L M N 0 P Q R S T U V W X Y z A B C
Plaintext: i came, i saw, i left.
Ciphertext: L FDPH, L VDZ, L OHIW.

In this case, the key = 3.

4
Secure Communication

Earlier we discussed the problems with XORing the data with a random secret key
• Need a secure method to exchange keys
• Should use a new secret key for each communication (one-time pad)
Simple encryption schemes such as substitution ciphers easily broken.
• letter frequencies enable decrypting messages
Public key cryptography is a better solution

5
Public Key Cryptography (Diffie and Hellman)

Many schemes are symmetric - given the encryption method, it’s easy to determine how to
decrypt the message.
We now discuss assymetric methods.

A user Bob has a public key, which is available to everyone, and a private key (known only to
Bob).
• Bob’s public key is an encryption function f that is applied to every message x before it is
sent to him.
• Bob’s private key is f −1 - Bob can decrypt messages using this function.
This scheme avoids the key exchange problem.
• The function f needs to be one-way.
– Given any message x, it is easy to compute f (x).
– But given f (x), it is hard (computationally intractable) to compute x

6
Public Key Cryptography: RSA (Rivest, Shamir, and Adelman)

The encryption function is chosen from a family of functions that are conjectured to be difficult
to invert.

If a fast algorithm for factoring were to be found, this family of functions would no longer be
one-way.

7
 Factoring is Hard

Fact: Every positive integer has a unique prime factorization

Question: How hard is it to determine the factorization, given an integer?

• An algorithm runs in polynomial time if its running time is bounded from above by some
polynomial in the input size (measured in bits)
• If the input to a factoring algorithm is an integer n, then input size is about log2n bits
√
• Given a positive integer n, we can determine if n has a non-trivial factor in O( n) integer
divisions
√ √ 1
• Note that n is exponential in the input size, since n = 2 2 log2 n.
• Factoring a 100-digit number might take something like 1050 operations.
– Suppose a computer can perform 109 such operations per second
– There are approximately 3 × 107 < 108 seconds in a year
– So we would need about 1033 computers to perform such a computation within a year

8
Factoring: State of the Art

The fastest, general-purpose factoring algorithm that is known is the number field sieve algo-
rithm.
1 2
O(d 3 (log2 d) 3 )
• For d-bit numbers, the running time is 2
• More information is available at

http://en.wikipedia.org/wiki/Integer_factorization

9
Mathematical Preliminaries for RSA

Definition: For all integers x and y, we say that x divides y, denoted x|y, if y = kx for
some integer k.

Definition: For positive integers a, b and n, we say that a is congruent to b mod n,

denoted a ≡n b or a ≡ b(mod n), if n|(a − b).

Examples: 28 and 37 are congruent mod 9, since 37 − 28 = 9 = 1(9), i.e., 9|(37 − 28).

Note: Two integers a and b are congruent mod n if a and b have the same remainder when
divided by n. (Exercise: prove!)

Recall: ≡ (modn) is an equivalence relation over Z. (Exercise: prove!)

10
Properties of Congruence mod n

Theorem: Let u, v, p, x and y be positive integers. If u ≡ v(mod n) and x ≡ y(mod n),

then u + x ≡ v + y(mod n) and ux ≡n vy.

Proof: in-class

Exercise: Let u, v, p be positive integers. Then for all integers n ≥ 0, if x ≡p y, then

xn ≡ p y n .

11
Fermat’s Little Theorem

I would send you the demonstration, if I did not fear its being too long.
-Fermat (in a comment explaining why he did not provide a proof in his notes)

Theorem: For any prime p and any positive integer a such that p6 |a, ap−1 ≡ 1(modp).

Proof: Assume p is prime, a ∈ Z+, and p does not divide a. The first p − 1 multiples of a are
a, 2a, 3a, ..., (p − 1)a. Suppose that ra ≡p sa, for some integers r, s ∈ {1, 2, ..., p − 1}. Then
since p is prime and p6 |a, p|(r − s), since p|a(r − s). Thus r ≡p s. Since 1 ≤ r, s ≤ p − 1,
r = s. Therefore, no two distinct values in the collection a, 2a, ..., (p − 1)a are congruent.
Therefore, in some order, these values must be congruent to 1, 2, ..., p − 1. Therefore
a(2a)(3a)...(p − 1)a ≡ 1(2)(3)...(p − 1)(mod p), or ap−1(p − 1)! ≡ (p − 1)!(mod p).
So p|(ap−1(p − 1)! − (p − 1)!, or equivalently, p|(p − 1)!(ap−1 − 1). Since p does not divide
(p − 1)!, it follows that p|(ap−1 − 1). 

12