Professional Documents
Culture Documents
ELEMENTARY CRYPTOGRAPHY
Part One
2
Cryptography Vs. Steganography
1. Steganography:- is the art and science of writing hidden messages in such a way
that no one, apart from the sender and intended recipient, suspects the existence of
the message.
It is a form of security through obscurity.
The word steganography is of Greek origin and means "concealed writing"
from the Greek words steganos meaning "covered or protected", and
graphei meaning "writing".
The advantage of steganography, over cryptography alone, is that messages do
not attract attention to themselves.
Plainly visible encrypted messages—no matter how unbreakable—will arouse
suspicion, and may in themselves be incriminating in countries where
encryption is illegal.
Therefore, whereas cryptography protects the contents of a message,
steganography can be said to protect both messages and communicating
parties.
3
Steganography Methods
Some of the many methods of steganography includes:
a. Character Marking:- Selected letters of text are overwritten in pencil. The
marks are not visible unless the paper is held at an angle to bright light.
b. Invisible ink:- Substances can be used that leave no visible trace heat or some
chemical is applied.
c. Pin Punctures:- Small pin punctures on selected letters are not ordinarily
visible unless paper is held in front of light.
d. A message can be concealed in a much longer, innocent-looking piece of text;
the long text is composed so that a subsequence of the letters (chosen by some
rule known to the recipient) forms the message.
For example, taking every fifth letter(excluding the white spaces) of “The
prepared letters bring news of amounts” gives the message “Retreat”.
4
Contd.
2. Cryptography:- is the art of protecting transmitted information from
unauthorized interception or tampering.
It is the art and science of encompassing the principle and methods of
transforming an intelligible(plain text) message into one that is
unintelligible(cipher text), and then retransforming that message back to its
original form.
The sender enciphers a message into unintelligible form, and the receiver
deciphers it into intelligible form.
The word “cryptology” is derived from the Greek kryptos (hidden) and
logos (word)
Cryptography is closely related to another part of communication theory,
namely coding theory.
Coding Theory involves translating information of any kind (text, scientific
data, pictures, sound, and so on) into a standard form for transmission, and
protecting this information against distortion by random noise.
5
Basic Cryptography Concepts and Terminologies
Plaintext:- is the original intelligible message or data that is fed into the algorithm as
input.
The plaintext is not quite the same as the message being sent.
The message probably has to be translated into some standard form to be encrypted;
for example, this might be leaving out the punctuation, turning it into ASCII code or
a sequence of numbers, etc.
But there is nothing secret about this stage; knowing the plaintext is equivalent to
knowing the message.
Ciphertext:- is the scramble message produced as an output of the encryption
algorithm.
Key(Secret Key):- is some critical information used by the encryption algorithm as
input to encrypt the plaintext.
It is independent of the plaintext and encryption algorithm
It is only known to the sender and receiver.
6
Contd.
Enciphering or Encryption:- is the process of converting the plaintext to
ciphertext.
10
Current Two Aspects of Quantum Cryptography
1. Quantum key exchange (also known as quantum key distribution), a
method for secure communications based on quantum mechanics
2. Conjectured effect of quantum computing on cryptanalysis, although it
is currently, like quantum computing itself, only a theoretical concept.
Basic idea of quantum key exchange is to use the "noisy" properties of
light to render incoherent an image that acts to complement a secret key.
This image can be represented in a number of ways, but the ability to
decode that image rests upon an understanding of how it was made. No way
to intercept the transmission without changing it is possible, so key
information can be exchanged with great confidence it has been transmitted
secretly.
quantum computing will considerably extend the reach of cryptanalysis,
making brute force key space searches much more effective -- if such
computers ever become possible in actual practice
11
b) 16th-century book-shaped
a) German Lorenz cipher machine, French cipher machine, with
used in World War II to encrypt arms of Henri II of France
very-high-level general staff
messages
block.
A stream cipher processes the input elements (one bit or one byte)
continuously, producing output one element at a time, as it goes
along.
Symmetric Vs. Asymmetric Encryption
Symmetric encryption is a form of cryptography in which encryption
and decryption are performed using the same key.
It is a single-key encryption which was the only encryption in use
prior to the development of public-key encryption 1970s.
It is also known as conventional Encryption.
The modern study of symmetric-key ciphers relates mainly
to the study of block ciphers and stream ciphers and to
their applications.
A block cipher is, in a sense, a modern embodiment of
Alberti's polyalphabetic cipher: block ciphers take as input
a block of plaintext and a key, and output a block of
ciphertext of the same size.
Contd.
Since messages are almost always longer than a single block,
some method of knitting together successive blocks is required.
The Data Encryption Standard (DES) and the Advanced
Encryption Standard (AES) are block cipher designs which have
been designated cryptography standards by the US government
(though DES's designation was finally withdrawn after the AES
was adopted).
Stream ciphers, in contrast to the 'block' type, create an
arbitrarily long stream of key material, which is combined with
the plaintext bit-by-bit or character-by-character, somewhat
like the one-time pad.
In a stream cipher, the output stream is created based on a
hidden internal state which changes as the cipher operates.
RC4 is a widely used stream cipher;
Contd.
Contd.
To wrap the concept let us discuss a case for three entities that need to
communicate securely using symmetric encryption.
From the figure , we can conclude that
we will use 9 different private keys for
achieving bidirectional communication
between xyz and abc .
We can conclude also that we need to
define a way by which we can
exchange these private keys in a secure
manner between distant entities.
DES , 3DES , Blowfish , IDEA , RC5 ,
Safer , Serpent and AES are the well
known symmetric encryption
algorithms .
Asymmetric Encryption
Here the sender will use a key to encrypt the message and the receiver
will use a different key to decrypt the message , in case we have a
bidirectional communication , each pair will use two keys one of them is
public for others and a private key for himself.
Contd.
Back to the same case that was assumed when using symmetric
encryption.
ABC and XYZ have their public keys
distributed over each other , anyone needs
to talk to the other will use the other’s
public key to encrypt the traffic and the
other will use his own private key to
decrypt the traffic , X will use A’s public
key to encrypt clear traffic A will receive
the cipher to decrypt it using his own
private key .
Less number of keys and simple key
distribution.
Let us now compare them (symmetric and asymmetric) :
Now how can we deal with that problem ?!!! , Diffie and Hellman will
answer this question for us .
Key Management
We will talk more about how we can generate keys for two
parties who are “unknown” of each other before, and want
secure communication
22
Diffie-hellman
Diffie-Hellman algorithm will use
public key encryption to only
distribute symmetric keys for
communicating parties , symmetric
key encryption will be used to deal
with clear data to create the cipher ,
so we will have no odds: high
performance using symmetric key
encryption and simple key
distribution process using Diffie-
Hellman algorithm.
Contd.
Khaled will generate two (public and private ) keys using his own
Diffie-Hellman algorithm , Ali will do the same thing ; both of them will
exchange his own public key , khaled will have his own private key and
Ali’s public key , he will use his Diffie-Hellman algorithm to generate a
new private key ; Ali will have the same private key if he executed the
same operation.
Requirements for Secure use of Conventional Encryption
1. Strong Encryption algorithm:- The algorithm should be strong enough
so that an opponent who knows the algorithm and has access to one or
more ciphertext would be unable to decipher the ciphertext or figure out
the key.
2. Sender and receiver must have obtained copies of the secret key in a
secure fashion and must keep the key secure.
If someone can discover the key and knows the algorithm, all
communication using the key is readable.
Therefore, if the key is generated at the message source, then
it must be provided to the destination by means of some secure
channel.
Alternatively, a third party could generate the key and securely
deliver it to both source and destination.
Contd.
26
Contd.
If P is the plaintext, C is the ciphertext, and K is the key,
27
Attacking Symmetric Encryption
cryptanalysis
rely on nature of the algorithm
brute-force attack
try all possible keys on some ciphertext until get an intelligible
translation into plaintext
On average, half of all possible keys must be tried to achieve success.
28
Cryptanalysis
brute-force attack
29
Brute-Force Attack
The attacker tries every possible key on a piece of ciphertext until an
intelligent translation into plaintext is obtained.
On average, need to try half of all possible keys
Time needed proportional to size of key space
Key Size (bits) Number of Time required at 1 Time required at 106
Alternative Keys decryption/µs decryptions/µs
32 232 = 4.3 109 231 µs = 35.8 minutes 2.15 milliseconds
128 2128 = 3.4 1038 2127 µs = 5.4 1024 years 5.4 1018 years
168 2168 = 3.7 1050 2167 µs = 5.9 1036 years 5.9 1030 years
26 characters 26! = 4 1026 2 1026 µs = 6.4 1012 years 6.4 106 years
(permutation)
30
Cryptanalytic Attack
Cryptanalytic attacks rely on the nature of the algorithm plus perhaps
some knowledge of the general characteristics of the plaintext or even
some sample plaintext-ciphertext pairs.
This type of attack exploits the characteristics of the algorithm to
attempt to deduce a specific plaintext or to deduce the key being used.
May be classified by how much information needed by the attacker:
1. Ciphertext-only attack
2. Known-plaintext attack
3. Chosen-plaintext attack
4. Chosen-ciphertext attack
5. Chosen-text attack
31
Ciphertext-only attack
Attacker knows ciphertext of several messages encrypted with same
key (but doesn’t know plaintext).
ciphertext.
That is, Given: (m1,c1), (m2,c2), …, (mk, ck) and a new ciphertext
c
Attacker can choose the plaintext and look at the paired ciphertext
Attacker has more control than known-plaintext attack and may be
able to gain more info about key
That is, Given: (m1,c1), (m2,c2), …,(mk,ck), where m1, m2, …, mk are
36
Contd.
The attacker knows the Algorithm, ciphertext and chosen plaintext and
its ciphertext 37
Example: chosen-plaintext attack
In 1942, US Navy cryptanalysts discovered that Japan was planning an attack on
“AF”.
38
Chosen-ciphertext attack
That is, Given: (m1,c1), (m2,c2), …,(mk, ck), where c1, c2, …, ck are chosen
41
Two forms of Chosen-text attack
plaintext attack".
42
Definitions
1. An encryption scheme is unconditionally secure, if the ciphertext
generated by the scheme does not contain enough information to determine
uniquely the corresponding plaintext, no matter how much ciphertext is
available.
The cost of breaking the cipher exceeds the value of the encrypted
information.
The time required to break the cipher exceeds the useful timeline of the
information.
43
Classical Cryptography
Substitution ciphers
44
Transposition Cipher
Rearrange letters in plaintext to produce ciphertext
1. Rail-Fence Cipher, the plaintext is written downwards and diagonally on
successive "rails" of an imaginary fence, then moving up when we reach the
bottom rail.
When we reach the top rail, the message is written downwards again
until the whole plaintext is written out.
For example, the word ZEBRAS is of length 6 (so the rows are of length 6),
and the permutation is defined by the alphabetical order of the letters in the
keyword. In this case, the order would be "6 3 2 4 1 5".
In a regular columnar transposition cipher, any spare spaces are filled with
nulls; in an irregular columnar transposition cipher, the spaces are left blank.
47
Contd.
Finally, the message is read off in columns, in the order specified by the
keyword.
For example, suppose we use the keyword ZEBRAS and the message WE
ARE DISCOVERED FLEE AT ONCE. In a regular columnar
transposition, we write this into the grid as:
6 3 2 4 1 5 6 3 2 4 1 5
W E A R E D W E A R E D
I S C O V E I S C O V E
R E D F L E R E D F L E
E A T O N C E A T O N C
E Q K J E N E
Providing five nulls (QKJEU) at the end. The In the irregular case, the columns are not
ciphertext is then read off as: EVLNE ACDTK completed by nulls. The ciphertext is then read
ESEAQ ROFOJ DEECU WIREE off as EVLNA CDTES EAROF ODEEC
WIREE 48
4. Double transposition
A single columnar transposition could be attacked by guessing possible
column lengths, writing the message out in its columns (but in the wrong
order, as the key is not yet known), and then looking for possible anagrams.
The same key can be used for both transpositions, or two different keys can be
used.
49
Contd.
5 6 4 2 3 1
E V L N A C
D T E S E A
R O F O D E
E C W I R E
E
50
5. Myszkowski Transposition
A variant form of columnar transposition, proposed by Émile Victor
Théodore Myszkowski in 1902, requires a keyword with recurrent
letters.
52
6. Disrupted Transposition
In disrupted transposition, certain positions in a grid are blanked out,
and not used when filling in the plaintext.
more difficult.
[Reading Assignment]
53