Professional Documents
Culture Documents
1
Cryptography means "secret writing“
Cryptosystem Cryptography
Cryptanalysis
Cryptosystem Cryptography
Cryptanalysis
Cryptanalysis
Cryptography Cryptanalysis
7
Taxonomy of cryptographic
functions Cryptographic Functions
Symmetric S Asymmetric A
One secret key Public key used for
used for both encryption and private
encryption and decryption key used for decryption
Called “public-key
Block Stream
cryptography”
8
Block Cipher vs. Stream Cipher
Block cipher Stream cipher
Plaintext blocks Key
n bits
Key
stream
Key Block
generator
Cipher
Key stream
n bits ⊕
Plaintext stream Ciphertext stream
Ciphertext blocks
Note that the key stream repeats itself
and is not totally random, hence a
stream cipher is not a One-Time-Pad.
9
Symmetric cryptography (secret key)
Alice Bob
Secret key Secret key
Message Message
Algorithm Algorithm
Ciphertext
encryption decryption
Plaintext Plaintext
10
Evolution of Ciphers
Classical Medieval Pre-WW2 WW2 Pre-2000 Post-2000
ciphers ciphers ciphers ciphers ciphers ciphers
Transposition Poly- One-time Complex DES AES
Scytale alphabetic pad mechanics Feistel Rijmen &
Substitution Enigma Daemen
+
Transposition Vernam
1916
Vigenère
Substution 1566 SP-networks Asymmetric
Caesar Info-theory crypto
cipher Post-
Shannon Diffie Quantum
Hellman Asymmetric
crypto
11
Scytale 7th century BC
Cryptosystem - Caesar cipher
• Information Theory
– Defined the "binary digit" (bit)
as information unit
– Defined information "entropy" to
measure amount of information
• Cryptography
– Model of secrecy systems
– Defined perfect secrecy
– Principle of S-P encryption (substitution
& permutation) to hide statistical regularities
– Any unbreakable system must have essentially the same
characteristics as the one-time pad: the key must be truly
random, as large as the plaintext, never reused in whole or
part, and kept secret 15
Shannon’s S-P Network
Removes statistical regularities in ciphertext
plaintext
• “S-P Networks” (1949)
– Substitutions & Permutations S S .... S
– Substitute bits e.g. 0001 with 0110
P
– Permute parts e.g. part-1 to part-2
– Substitution provides “confusion”
i.e. complex relationship between
S S .... S
...
– Permutation provide “diffusion”, E
i.e. a single input bit influences
many output bits S S .... S
– Iterated S-P functions a specific
number of times P
– Functions must be invertible
ciphertext
16
S-P Network
AES - Advanced Encryption Standard
• DES (Data Encryption Standard) from 1977 had a
56-bit key and a 64-bit block. In the mid-1990s
DES could be cracked with exhaustive key search.
• In 1997, NIST announced an open competition for
a new block cipher to replace DES.
• The best proposal called “Rijndael” was nominated
as AES (Advanced Encryption Standard) in 2001.
• AES has key sizes of 128, 192 or 256
bit and block size of 128 bit.
AES is designed by
Vincent Rijmen and
Joan Daemen from
Belgium
14
Cryptosystem Example
Cryptosystem - Caesar cipher
• plain: hello
C = E(k, p) = (p + k) mod 26
C = E(3, p) = (p + 3) mod 26
Caesar Cipher
• plain: hello
• Offset 3
• cipher: khoor
C = E(k, p) = (p + k) mod 26
C = E(3, p) = (p + 3) mod 26
Cryptosystem
Ciphertext
• Plaintext?
• Plain Text: ?
Known plaintext attack
• Adversary has:
– Ciphertext and
Cipher Text: A Se YgafY lg SllSUc S UahZWj.
– Plaintext
Plain Text: I am going to attack a cipher.
• Key?
Chosen Plaintext Attack
– LOW
– ORL
– DXX
– (X goes to A, Y to B, Z to C)
– If the key space is small enough, try all possible keys until you find the
right one
• Statistical analysis
• Encryption Algo
Key or Offset ?
Exhaustive / Brute force search
Cipher text
When Brute
force becomes
impractical?
Exhaustive / Brute force search
– If the key space is small enough, try all possible keys until you find
• Statistical analysis
• Statistical analysis
Cipher text
UZQSOVUOHXMOPVGPOZPEVSGZWSZOPFPESXUD
BMETSXAIZVUEPHZHMDZSHZOWSFPAPPDTSVPQUZ
WYMXUZUHSXEPYEPOPDZSZUFPOMBZWPFUPZHM
DJUDTMOHMQ
Attacking the Cipher
Cipher text
UZQSOVUOHXMOPVGPOZPEVSGZWSZOPFPESXUD
BMETSXAIZVUEPHZHMDZSHZOWSFPAPPDTSVPQUZ
WYMXUZUHSXEPYEPOPDZSZUFPOMBZWPFUPZHM
DJUDTMOHMQ
Attacking the Cipher
Cipher text
Relative Frequency = RF
P Appears = 16
M 6.67
Attacking the Cipher
P 13.33 H 5.83 F 3.33 B 1.67 C 0.00
M 6.67
P Z
Attacking the Cipher
P 13.33 H 5.83 F 3.33 B 1.67 C 0.00
Z 11.67 D 5.00 W 3.33 G 1.67 K 0.00 S, U, O, M, and H are all of relatively high
frequency and probably correspond to plain
S 8.33 E 5.00 Q 2.50 Y 1.67 L 0.00
letters from the set {a, h, i, n, o, r, s}.
U 8.33 V 4.17 T 2.50 I 0.83 N 0.00
M 6.67
P Z
Attacking the Cipher
P 13.33 H 5.83 F 3.33 B 1.67 C 0.00
Z 11.67 D 5.00 W 3.33 G 1.67 K 0.00 S, U, O, M, and H are all of relatively high
frequency and probably correspond to plain
S 8.33 E 5.00 Q 2.50 Y 1.67 L 0.00
letters from the set {a, h, i, n, o, r, s}.
U 8.33 V 4.17 T 2.50 I 0.83 N 0.00
M 6.67
P Z
S
Attacking the Cipher
P Z
S
Most common 2 gram and 3gram
Frequencies
54
Attacking the Cipher
• A powerful tool is to look at the frequency of two-letter combinations, known as 2 gram or
digram.
• In our ciphertext, the most common digram is ZW, which appears three times.
Attacking the Cipher
• Now notice the sequence ZWSZ in the first line.
• We do not know that these four letters form a complete word TH_T.
• If S A then it will become THAT
Attacking the Cipher
key VIGVIGVIGVIGVIGV
plain THEBOYHASTHEBALL
Cipher OPKWWECIYOPKWIRG
Key
Plain Text
Key : VIGVIGVIGVIGVIGV
Plain : THEBOYHASTHEBALL
Cipher : OPKWWECIYOPKWIRG
Useful Terms
• Vigènere cipher has key letters on top, plaintext letters on the left
polyalphabetic:
Approach
• Break message into n parts, each part being enciphered using the same
key letter
key VIGVIGVIGVIGVIGV
plain THEBOYHASTHEBALL
Cipher OPKWWECIYOPKWIRG
Note the key and plaintext line up over the repetitions (underlined).
As distance between repetitions is 9, the period is a factor of 9
(that is, 1, 3, or 9)
One-Time Pad
then is discarded.
• Each new message requires a new key of the same length as the
new message.
39
One-Time Pad
The one-time pad offers complete security but, in practice, has two
fundamental difficulties:
• Key Generation
• Key Distribution
39
One-Time Pad
• Key Generation
• Key Distribution
39
One-Time Pad
ciphertext: ANKYODKYUREPFJBYOJDSPLREYIUNOFDOIUERFPLUYTS
key: pxlmvmsydofuyrvzwc tnlebnecvgdupahfzzlmnyih
plaintext: mr mustard with the candlestick in the hall
ciphertext: ANKYODKYUREPFJBYOJDSPLREYIUNOFDOIUERFPLUYTS
key: pftgpmiydgaxgoufhklllmhsqdqogtewbqfgyovuhwt
plaintext: miss scarlet with the knife in the librar
39
Book Cipher
Book Cipher
• Approximate one-time pad with book text
• Note all such ciphers would have an even number of numbers in them, which
cipher:1,1,3,10,5,6,1,16,2,5,2,6,1,14,4,7,1,10,3,7,2,4,3,5
Book Cipher
• Substitution cipher
– Key press passes through all rotors and back through a reflector rotor
• More details
– http://www.codesandciphers.org.uk/enigma/
Enigma - Rotor Machines
• 26 * 26 * 26 = 17,576 different substitution alphabets
used before the system repeats
• The addition of fourth and fifth rotors results in periods
of 456,976 and 11,881,376 letters, respectively
• A formidable cryptanalytic challenge
• A letter frequency analysis approach, the analyst is
faced with the equivalent of over 11 million
monoalphabetic ciphers.
• The analyst would need to be in possession of a
ciphertext with a length of over half a billion letters.
Online Crypto Tools
• https://www.cryptool.org/en/cto/caesar
• https://www.boxentriq.com/code-breaking/cipher-identifier
75
Summary
Data States
Data at Rest
Attacks & Controls
Data in Motion
Attacks & Controls
Data in Use
Attacks & Controls
• Cryptography
• Main Terms
• Evolution of Ciphers
• Caesar Cipher
• Vigenère Cipher
• Transposition and Substitution Ciphers
• One Time Pad
• Book Cipher
• Rotor Machine
End of Lecture 3
77