CSc 466/566. Computer Security. 4 : Cryptography Introduction

Similar documents
An Introduction to Cryptography

Institute of Southern Punjab, Multan

Cryptography CS 555. Topic 5: Pseudorandomness and Stream Ciphers. CS555 Spring 2012/Topic 5 1

PART FIVE. Transposition Systems TYPES OF TRANSPOSITION SYSTEMS

Sherlock Holmes and the adventures of the dancing men

Understanding Cryptography A Textbook for Students and Practitioners by Christof Paar and Jan Pelzl. Chapter 2 Stream Ciphers ver.

PART FOUR. Polyalphabetic Substitution Systems PERIODIC POLYALPHABETIC SUBSTITUTION SYSTEMS

Understanding Cryptography A Textbook for Students and Practitioners by Christof Paar and Jan Pelzl. Chapter 2 Stream Ciphers ver.

PA Substitution Cipher

Cardano Girolamo Cardano invented: Fleissner, after Austrian cryptologist (Eduard). Described by Jules Verne in the story Mathias Sandorf.

Substitution cipher. Contents

STA4000 Report Decrypting Classical Cipher Text Using Markov Chain Monte Carlo

Playfair Cipher. From the earliest forms of stenography to the most advanced forms of encryption, the

Cryptography. The Codebreakers: The Story of Secret Writing. by David Kahn A Bit of History. Seminal Text on Cryptography

Cedar Rapids Community School District

Stream Cipher. Block cipher as stream cipher LFSR stream cipher RC4 General remarks. Stream cipher

New Address Shift Linear Feedback Shift Register Generator

Modbus Register Tables for SITRANS RD300 & WI100

LECTURE NOTES ON Classical Cryptographic Techniques ( Substitution Ciphers System)

Breaking the Enigma. Dmitri Gabbasov. June 2, 2015

VIDEO intypedia001en LESSON 1: HISTORY OF CRYPTOGRAPHY AND ITS EARLY STAGES IN EUROPE. AUTHOR: Arturo Ribagorda Garnacho

V.Sorge/E.Ritter, Handout 5

CS408 Cryptography & Internet Security

LFSR stream cipher RC4. Stream cipher. Stream Cipher

FOR OFFICIAL USE ONLY

Sequences and Cryptography

OWNER S MANUAL EXTERNAL CONTROL DEVICE SETUP

Permutation-based cryptography for the Internet of Things

Enigma. Developed and patented (in 1918) by Arthur Scherbius Many variations on basic design Eventually adopted by Germany

Spare Parts, Accessories, Consumable Material for Older Design Recorders

Key- The key k for my cipher is a single number from 1-26 which is shared between the sender and the reciever.

Encryption. Secure Chat. Encryption Machine

CRYPTOGRAPHY. Sharafat Ibn Mollah Mosharraf TOUCH-N-PASS EXAM CRAM GUIDE SERIES. Special Edition for CSEDU. Students CSE, DU )

Nomenclators. Nomenclator Example. Alberti s Cipher Disk. Early code/cipher combination, popular form 1400s-1800s. Philip of Spain (1589, see Kahn):

The Swiss cipher machine NeMa

ISSN (Print) Original Research Article. Coimbatore, Tamil Nadu, India

Australia Digital Tone Generator Supervision Tones

VENDOR NUMBER CROSS REFERENCE LIST

SMPTE STANDARD. for Digital Video Recording /2-in Type D-5 Component Format /60 and 625/50 ANSI/SMPTE 279M-1996.

Attacking of Stream Cipher Systems Using a Genetic Algorithm

Multiple Image Secret Sharing based on Linear System

NXDN. NXDN Technical Specifications. Part 2: Conformance Test. Sub-part B: Common Air Interface Test. NXDN TS 2-B Version 1.2.

Modified Version of Playfair Cipher Using Linear Feedback Shift Register and Transpose Matrix Concept

NUMB3RS Activity: Coded Messages. Episode: The Mole

Cabinet War Rooms SIGSALY. The A-3 scrambler

21.1. Unit 21. Hardware Acceleration

ABSTRACT. Figure 1. Continuous, 3-note, OP-Space (Mod-12) (Tymoczko 2011, fig )

HCCA: A Cryptogram Analysis Algorithm Based on Hill Climbing

Stream Ciphers. Debdeep Mukhopadhyay

How to Predict the Output of a Hardware Random Number Generator

Physical Layer Built-in Security Enhancement of DS-CDMA Systems Using Secure Block Interleaving

CRYPTOGRAPHY AND STATISTICS: A DIDACTICAL PROJECT. Massimo BORELLI, Anna FIORETTO, Andrea SGARRO, Luciana ZUCCHERI

APPLICATION NOTE VACUUM FLUORESCENT DISPLAY MODULE

Differences Between, Changes Within: Guidelines on When to Create a New Record

UNIT 1: DIGITAL LOGICAL CIRCUITS What is Digital Computer? OR Explain the block diagram of digital computers.

FE REVIEW LOGIC. The AND gate. The OR gate A B AB A B A B 0 1 1

Keywords- Cryptography, Frame, Least Significant Bit, Pseudo Random Equations, Text, Video Image, Video Steganography.

Physical Layer Built-in Security Enhancement of DS-CDMA Systems Using Secure Block Interleaving

Ultra-lightweight 8-bit Multiplicative Inverse Based S-box Using LFSR

Fault Analysis of Stream Ciphers

NH 67, Karur Trichy Highways, Puliyur C.F, Karur District UNIT-III SEQUENTIAL CIRCUITS

David Chaum s Voter Verification using Encrypted Paper Receipts

Example: compressing black and white images 2 Say we are trying to compress an image of black and white pixels: CSC310 Information Theory.

USAGE OF FIREFLY ALGORITHM IN VIGNERE CIPHER TO REDUCE VARIABLE LENGTH KEY SEARCH TIME

& w w w w w w # w w. Example A: notes of a scale are identified with Scale Degree numbers or Solfege Syllables

SUMMARY OF CHANGES LIST OF DUAL-USE GOODS & TECHNOLOGIES AND MUNITIONS LIST. as of 7 December 2017

Music Theory. Solfege Scales and The Piano

6.115 KryptoPhone Final Project Report

Video Encryption Based on Chaotic Systems in the Compression Domain

Annex xx (Informative)

Update to 8 June 2011 Press Release

3M Pressurized Closure System 2-Type 505

Improved Coercion-Resistant Electronic Elections through Deniable Re-Voting

Perfect Localized Security of the Fourtytwofish Cipher in the Delphic Oracle Model

Kramer Electronics, Ltd. USER MANUAL. Model: VP-719DS, Seamless Switcher / Scaler

Pushbutton Units and Indicator Lights

On the Construction of Lightweight Circulant Involutory MDS Matrices

Student Guide for SOLO-TUNED HARMONICA (Part II Chromatic)

Lecture 8: Cracking the Codes based on Tony Sale s Codes & Ciphers Web Page. History of Computing. Today s Topics. History of Computing Cipher Systems

DESIGN OF RECONFIGURABLE IMAGE ENCRYPTION PROCESSOR USING 2-D CELLULAR AUTOMATA GENERATOR

CLASSICAL CRYPTOGRAPHY COURSE BY LANAKI. July 01, 1996 COPYRIGHT 1996 ALL RIGHTS RESERVED LECTURE 15 STATISTICAL ATTACKS

Annex xx (Informative)

RECOMMENDATION ITU-R BT STUDIO ENCODING PARAMETERS OF DIGITAL TELEVISION FOR STANDARD 4:3 AND WIDE-SCREEN 16:9 ASPECT RATIOS

Performance Evaluation of Stream Ciphers on Large Databases

(12) United States Patent (10) Patent No.: US 6,409,089 B1. Eskicioglu (45) Date of Patent: Jun. 25, 2002

Fault Analysis of Stream Ciphers

Optimum Composite Field S-Boxes Aimed at AES

Module 8 VIDEO CODING STANDARDS. Version 2 ECE IIT, Kharagpur

Table of Contents. Lesson Page Material Major Scales (Up to 4 flats/sharps) Key Signatures

MC9211 Computer Organization

Taiwan Digital Tone Generator Supervision Tones

MATHEMATICAL APPROACH FOR RECOVERING ENCRYPTION KEY OF STREAM CIPHER SYSTEM

Coastal Amusements, Inc Swarthmore Ave. Lakewood, NJ (732)

Testing of Cryptographic Hardware

Dorabella Cipher. Cryptography peppers the world s history as an aid to military communication

Randomness analysis of A5/1 Stream Cipher for secure mobile communication

CS 61C: Great Ideas in Computer Architecture

for Television Data Structure for DV-Based Audio, Data and Compressed Video 25 and 50 Mb/s

Eric Roberts and Jerry Cain Handout #36 CS 106J May 15, The Enigma Machine

DESIGN and IMPLETATION of KEYSTREAM GENERATOR with IMPROVED SECURITY

Transcription:

1/51 CSc 466/566 Computer Security 4 : Cryptography Introduction Version: 2012/02/06 16:06:05 Department of Computer Science University of Arizona collberg@gmail.com Copyright c 2012 Christian Collberg Christian Collberg

Introduction 2/51 Outline 1 Introduction 2 Attacks 3 Substitution Ciphers 4 Transposition Ciphers 5 Substitution and Permutation Boxes 6 One-Time Pads 7 Summary

Introduction 3/51 Introduction In this section we introduce some classical symmetric ciphers. We also discuss various attacks against ciphers.

Attacks 4/51 Outline 1 Introduction 2 Attacks 3 Substitution Ciphers 4 Transposition Ciphers 5 Substitution and Permutation Boxes 6 One-Time Pads 7 Summary

Attacks 5/51 Attacks Against Cryptosystems Definition (cryptanalysis) The science of attacking cryptosystems. A cryptanalyst attacks cryptosystems. We assume the cryptanalyst knows the algorithms involved. He wants to discover plaintext or keys.

Ciphertext-only attack plaintext encrypt ciphertext decrypt plaintext K K We have: the ciphertext of several messages that have been encrypted with the same key, K. We recover: the plaintexts, or K.

Ciphertext-only attack plaintext encrypt ciphertext decrypt plaintext K K Eve We have: the ciphertext of several messages that have been encrypted with the same key, K. We recover: the plaintexts, or K.

Attacks 6/51 Ciphertext-only attack plaintext encrypt ciphertext decrypt plaintext K K Eve K plaintext We have: the ciphertext of several messages that have been encrypted with the same key, K. We recover: the plaintexts, or K.

Known-plaintext attack plaintext encrypt ciphertext decrypt plaintext K K We have: the ciphertexts and corresponding plaintexts of several messages, all encrypted with the same key K. We recover: the key K.

Known-plaintext attack plaintext encrypt ciphertext decrypt plaintext K K Eve We have: the ciphertexts and corresponding plaintexts of several messages, all encrypted with the same key K. We recover: the key K.

Attacks 7/51 Known-plaintext attack plaintext encrypt ciphertext decrypt plaintext K K Eve K We have: the ciphertexts and corresponding plaintexts of several messages, all encrypted with the same key K. We recover: the key K.

Chosen-plaintext attack plaintext encrypt ciphertext decrypt plaintext K K We have: the ciphertext of several messages that have been encrypted with the same key K, such that we get to choose the plaintexts. We recover: the key K.

Chosen-plaintext attack plaintext encrypt ciphertext decrypt plaintext K K Eve plaintext We have: the ciphertext of several messages that have been encrypted with the same key K, such that we get to choose the plaintexts. We recover: the key K.

Chosen-plaintext attack plaintext encrypt ciphertext decrypt plaintext K K Eve plaintext We have: the ciphertext of several messages that have been encrypted with the same key K, such that we get to choose the plaintexts. We recover: the key K.

We have: the ciphertext of several messages that have been encrypted with the same key K, such that we get to choose the plaintexts. We recover: the key K. Attacks 8/51 Chosen-plaintext attack plaintext encrypt ciphertext decrypt plaintext K K Eve plaintext K

Chosen-ciphertext attack plaintext encrypt ciphertext decrypt plaintext K K We have: the plaintext of several messages that have been encrypted with the same key K, such that we get to choose the ciphertexts. We recover: the key K.

Chosen-ciphertext attack plaintext encrypt ciphertext decrypt plaintext K K Eve ciphertext We have: the plaintext of several messages that have been encrypted with the same key K, such that we get to choose the ciphertexts. We recover: the key K.

Chosen-ciphertext attack plaintext encrypt ciphertext decrypt plaintext K K Eve ciphertext We have: the plaintext of several messages that have been encrypted with the same key K, such that we get to choose the ciphertexts. We recover: the key K.

We have: the plaintext of several messages that have been encrypted with the same key K, such that we get to choose the ciphertexts. We recover: the key K. Attacks 9/51 Chosen-ciphertext attack plaintext encrypt ciphertext decrypt plaintext K K Eve ciphertext K

Attacks 10/51 Offline vs. Adaptive Attacks There are two variants of the chosen-plaintext attack: Offline chosen-plaintext attack: the attacker must choose all plaintexts in advance; Adaptive chosen-plaintext attack: the attacker can choose one plaintext at a time, and choose plaintexts based on previous choices. Similar for the chosen-ciphertex attack.

Attacks 11/51 Rubber-hose cryptanalysis We have: access to a person who can be threatened, blackmailed, tortured,... We recover: Everything! Also purchase-key attack.

Attacks 12/51 How to Recognize Plaintext In a brute-force attack we try every possible key until we find the right one. How do we know that we ve found the right key?

Attacks 12/51 How to Recognize Plaintext In a brute-force attack we try every possible key until we find the right one. How do we know that we ve found the right key? Well, when we get something out which is plaintext.

Attacks 12/51 How to Recognize Plaintext In a brute-force attack we try every possible key until we find the right one. How do we know that we ve found the right key? Well, when we get something out which is plaintext. Well, how do we know that it is plaintext?

Attacks 12/51 How to Recognize Plaintext In a brute-force attack we try every possible key until we find the right one. How do we know that we ve found the right key? Well, when we get something out which is plaintext. Well, how do we know that it is plaintext? Because it looks like plaintext!

Attacks 12/51 How to Recognize Plaintext In a brute-force attack we try every possible key until we find the right one. How do we know that we ve found the right key? Well, when we get something out which is plaintext. Well, how do we know that it is plaintext? Because it looks like plaintext! Plaintext could be: English, Russian, Chinese (many different encoding); A Microsoft Word file; A gzip compressed file,....

Attacks 12/51 How to Recognize Plaintext In a brute-force attack we try every possible key until we find the right one. How do we know that we ve found the right key? Well, when we get something out which is plaintext. Well, how do we know that it is plaintext? Because it looks like plaintext! Plaintext could be: English, Russian, Chinese (many different encoding); A Microsoft Word file; A gzip compressed file,.... Binary files usually have headers that are easy to recognize. Generally, when you decrypt with the wrong key, you get gibberish, when you have the right key the plaintext looks reasonable.

Attacks 13/51 Unicity Distance: How Much Ciphertext do We Need? Definition (unicity distance) The unicity distance is the amount of the original ciphertext required such that there is only one reasonable plaintext, i.e. the expected amount of ciphertext needed such that there is exactly one key that produces a plaintext that makes sense. The unicity distance depends on the 1 characteristics of the plaintext 2 the key length of the encryption algorithm. Unicity distance of Standard English text: K/6.8, where K is the key length. (6.8 is a measure of the redundancy of ASCII English text). DES: 8.2 bytes. 128-bit ciphers: 19 bytes.

Attacks 14/51 Unicity Distance: How Much Ciphertext do We Need?... RC4 encrypts data in bytes. Example 1: Plaintex: a single ASCII letter (0-25). Ciphertext: a single byte (0-255). Attacker tries to decrypt a ciphertext byte with a random key. He has a 26/256 chance of producing a valid plaintext. There s no way for him to tell the correct plaintext from the wrong plaintext.

Attacks 14/51 Unicity Distance: How Much Ciphertext do We Need?... RC4 encrypts data in bytes. Example 1: Plaintex: a single ASCII letter (0-25). Ciphertext: a single byte (0-255). Attacker tries to decrypt a ciphertext byte with a random key. He has a 26/256 chance of producing a valid plaintext. There s no way for him to tell the correct plaintext from the wrong plaintext. Example 2: Plaintext: a 1K e-mail message. The attacker tries to decrypt with random keys. Eventually there s a plaintext that looks like an e-mail. The odds are small that this is not the correct plaintext!

Attacks 14/51 Unicity Distance: How Much Ciphertext do We Need?... RC4 encrypts data in bytes. Example 1: Plaintex: a single ASCII letter (0-25). Ciphertext: a single byte (0-255). Attacker tries to decrypt a ciphertext byte with a random key. He has a 26/256 chance of producing a valid plaintext. There s no way for him to tell the correct plaintext from the wrong plaintext. Example 2: Plaintext: a 1K e-mail message. The attacker tries to decrypt with random keys. Eventually there s a plaintext that looks like an e-mail. The odds are small that this is not the correct plaintext! The unicity distance determines when you can think like the second example instead of the first.

Attacks 15/51 In-Class Exercise: Goodrich & Tamassia R-8.1-4 What type of attack is Eve employing here: 1 Eve tricks Alice into decrypting a bunch of ciphertexts that Alice encrypted last month.

Attacks 15/51 In-Class Exercise: Goodrich & Tamassia R-8.1-4 What type of attack is Eve employing here: 1 Eve tricks Alice into decrypting a bunch of ciphertexts that Alice encrypted last month. 2 Eve picks Alice s encrypted cell phone conversations.

Attacks 15/51 In-Class Exercise: Goodrich & Tamassia R-8.1-4 What type of attack is Eve employing here: 1 Eve tricks Alice into decrypting a bunch of ciphertexts that Alice encrypted last month. 2 Eve picks Alice s encrypted cell phone conversations. 3 Eve has given a bunch of messages to Alice for her to sign using the RSA signature scheme, which Alice does without looking at the messages and without using a one-way hash function. In fact, these messages are ciphertexts that Eve constructed to help her figure out Alice s RSA private key.

Attacks 15/51 In-Class Exercise: Goodrich & Tamassia R-8.1-4 What type of attack is Eve employing here: 1 Eve tricks Alice into decrypting a bunch of ciphertexts that Alice encrypted last month. 2 Eve picks Alice s encrypted cell phone conversations. 3 Eve has given a bunch of messages to Alice for her to sign using the RSA signature scheme, which Alice does without looking at the messages and without using a one-way hash function. In fact, these messages are ciphertexts that Eve constructed to help her figure out Alice s RSA private key. 4 Eve has bet Bob that she can figure out the AES secret key he shares with Alice if he will simply encrypt 20 messages for Eve using that key. Bob agrees. Eve gives him 20 messages, which he then encrypts and emails back to Eve.

Substitution Ciphers 16/51 Outline 1 Introduction 2 Attacks 3 Substitution Ciphers 4 Transposition Ciphers 5 Substitution and Permutation Boxes 6 One-Time Pads 7 Summary

Substitution Ciphers 17/51 Substitution Ciphers Definition (Substitution Cipher) A method of encryption by which units of plaintext are replaced with ciphertext according to a regular system. The units can be single letters, pairs of letters, triplets of letters. The goal is confusion: ciphertext bits should depend on the cleartext bits in a very complex way. Easily broken: underlying letter frequencies are not hidden. The letter E occurs the most frequently in English. The letter in the ciphertext that occurs most often probably E!

http://www.math.cornell.edu/~mec/2003-2004/cryptography/subs/frequencies.html Substitution Ciphers 18/51 English Letter Frequency Letter Frequency E 12.02% T 9.10% A 8.12% O 7.68% I 7.31% N 6.95% S 6.28% R 6.02% H 5.92% D 4.32% L 3.98% U 2.88% C 2.71% Letter Frequency M 2.61% F 2.30% Y 2.11% W 2.09% G 2.03% P 1.82% B 1.49% V 1.11% K 0.69% X 0.17% Q 0.11% J 0.10% Z 0.07%

Substitution Ciphers 19/51 Monoalphabetic Substitution Ciphers In a monoalphabetic cipher each character of the plaintext is mapped to a corresponding character of the ciphertext: A 9,B 11,... Caesar Cipher: Add 3 to the ASCII value of each character, mod 26: A D,B E,X A,... ROT13: Unix utility used on Usenet. Adds 13 mod 26 to each letter. P = ROT13(ROT13(P)) These methods are simple to break: use the fact that different letters in the English alphabet occur with different frequencies.

Substitution Ciphers 20/51 Encoding In these simple ciphers we typically 1 convert all letters to upper case; 2 remove spaces; 3 remove punctuation; 4 break into blocks of the same size (typically 5 letters); 5 add some unusual letter (like Z) to the last block, if necessary. Example: I t was A DArk and stormy NighT... turns into ITWAS ADARK ANDST ORMYN IGHTZ Knowing word boundaries can help with cryptanalysis.

Substitution Ciphers 21/51 Homophonic Substitution Ciphers In a homophonic cipher each character of the plaintext is mapped to several characters of the ciphertext: A {9,10,11},B {3,1,8},... Address the letter-frequency attack that can be used against monoalphabetic ciphers. Assign each plaintext letter a set of symbols proportional to it s frequency. For example, E 14, 16, 24, 44, 46, 55, 57, 64, 74, 82, 87, 98 H 23, 39, 50, 56, 65, 58 L 26, 37, 51, 84 O 00, 05, 07, 54, 72, 90, 99 Z 02 Notice E maps to a lot more symbols than Z

Polyalphabetic Substitution Ciphers In a polyalphabetic cipher you have several keys, each one used to encrypt one letter of the plaintext. We recycle keys when we run out of them: K 1 K 2 K 3 K 1 K 2 K 3 K 1 K 2 K 3 a t t a c k a t x v d x t d r p d The number of keys is called the period. In a running-key cipher (AKA book cipher) one text is used to encrypt another. Substitution Ciphers 22/51

Polygraphic Substitution Ciphers In a polygram cipher blocks of characters in the plaintext are mapped to blocks of characters in the ciphertext: ARF RTW,ING PWQ,... We represent the cipher with a Substitution Box (S-Box): A B C D E F Examples: A BA CA DC DD DE FB B EA AB EC BD BE AF C AA BB AC ED CE BF D EB DB BC CD DF FC E DA CB CC AD AE FF F FA CF EE FD EF FE AA BA AB CA EF FF Substitution Ciphers 23/51

Substitution Ciphers 24/51 Polygraphic Substitution Ciphers: Playfair Create a jumbled 5 x 5 square of jumbled letters: T X V H R L K M U P N Z O J E C G W Y A F B S D I Convert letters a pair at a time: TI RF, TW VC To use in the heat of battle we want it to be simple to 1 generate the table; 2 memorize the table; 3 encrypt/decrypt.

Substitution Ciphers 25/51 Polygraphic Substitution Ciphers: Playfair... How do we create the table (the cipher key)? 1 Select a key phrase; 2 Fill in the spaces of the table, starting top left (omitting duplicate letters), with the letters from the key phrase; 3 Fill in the remaining spaces with the remaining letters of the alphabet, in order. Omit Q to make the alphabet fit, or merge I/J into one entry. Example (key phrase: DIAMONDRING): D DIAMONDRING Alphabet: ABCDEFGHIJKLMNOPRSTUVWXYZ

Substitution Ciphers 25/51 Polygraphic Substitution Ciphers: Playfair... How do we create the table (the cipher key)? 1 Select a key phrase; 2 Fill in the spaces of the table, starting top left (omitting duplicate letters), with the letters from the key phrase; 3 Fill in the remaining spaces with the remaining letters of the alphabet, in order. Omit Q to make the alphabet fit, or merge I/J into one entry. Example (key phrase: DIAMONDRING): D I /// DIAMONDRING Alphabet: ABC//DEFGHIJKLMNOPRSTUVWXYZ

Substitution Ciphers 25/51 Polygraphic Substitution Ciphers: Playfair... How do we create the table (the cipher key)? 1 Select a key phrase; 2 Fill in the spaces of the table, starting top left (omitting duplicate letters), with the letters from the key phrase; 3 Fill in the remaining spaces with the remaining letters of the alphabet, in order. Omit Q to make the alphabet fit, or merge I/J into one entry. Example (key phrase: DIAMONDRING): D I A /// D/IAMONDRING Alphabet: ABC//DEFGH/IJKLMNOPRSTUVWXYZ

Substitution Ciphers 25/51 Polygraphic Substitution Ciphers: Playfair... How do we create the table (the cipher key)? 1 Select a key phrase; 2 Fill in the spaces of the table, starting top left (omitting duplicate letters), with the letters from the key phrase; 3 Fill in the remaining spaces with the remaining letters of the alphabet, in order. Omit Q to make the alphabet fit, or merge I/J into one entry. Example (key phrase: DIAMONDRING): D I A M /// D/I//AMONDRING Alphabet:/// ABC//DEFGH/IJKLMNOPRSTUVWXYZ

Substitution Ciphers 25/51 Polygraphic Substitution Ciphers: Playfair... How do we create the table (the cipher key)? 1 Select a key phrase; 2 Fill in the spaces of the table, starting top left (omitting duplicate letters), with the letters from the key phrase; 3 Fill in the remaining spaces with the remaining letters of the alphabet, in order. Omit Q to make the alphabet fit, or merge I/J into one entry. Example (key phrase: DIAMONDRING): D I A M O /// D/I//A/// MONDRING Alphabet:/// ABC//DEFGH/IJKL//MNOPRSTUVWXYZ

Substitution Ciphers 25/51 Polygraphic Substitution Ciphers: Playfair... How do we create the table (the cipher key)? 1 Select a key phrase; 2 Fill in the spaces of the table, starting top left (omitting duplicate letters), with the letters from the key phrase; 3 Fill in the remaining spaces with the remaining letters of the alphabet, in order. Omit Q to make the alphabet fit, or merge I/J into one entry. Example (key phrase: DIAMONDRING): D I A M O N /// D/I//A/// M//ONDRING Alphabet:/// ABC//DEFGH/IJKL//MN//OPRSTUVWXYZ

Substitution Ciphers 25/51 Polygraphic Substitution Ciphers: Playfair... How do we create the table (the cipher key)? 1 Select a key phrase; 2 Fill in the spaces of the table, starting top left (omitting duplicate letters), with the letters from the key phrase; 3 Fill in the remaining spaces with the remaining letters of the alphabet, in order. Omit Q to make the alphabet fit, or merge I/J into one entry. Example (key phrase: DIAMONDRING): D I A M O N /// D/I//A/// M//O/// NDRING Alphabet:/// ABC//DEFGH/IJKL//M/// N//OPRSTUVWXYZ

Substitution Ciphers 25/51 Polygraphic Substitution Ciphers: Playfair... How do we create the table (the cipher key)? 1 Select a key phrase; 2 Fill in the spaces of the table, starting top left (omitting duplicate letters), with the letters from the key phrase; 3 Fill in the remaining spaces with the remaining letters of the alphabet, in order. Omit Q to make the alphabet fit, or merge I/J into one entry. Example (key phrase: DIAMONDRING): D I A M O N R /// D/I//A/// M//O/// N//DRING Alphabet:/// ABC//DEFGH/IJKL//M/// N//OPRSTUVWXYZ

Substitution Ciphers 25/51 Polygraphic Substitution Ciphers: Playfair... How do we create the table (the cipher key)? 1 Select a key phrase; 2 Fill in the spaces of the table, starting top left (omitting duplicate letters), with the letters from the key phrase; 3 Fill in the remaining spaces with the remaining letters of the alphabet, in order. Omit Q to make the alphabet fit, or merge I/J into one entry. Example (key phrase: DIAMONDRING): D I A M O N R /// D/I//A/// M//O/// N//D//RING Alphabet:/// ABC//DEFGH/IJKL//M/// N//OP/// RSTUVWXYZ

Substitution Ciphers 25/51 Polygraphic Substitution Ciphers: Playfair... How do we create the table (the cipher key)? 1 Select a key phrase; 2 Fill in the spaces of the table, starting top left (omitting duplicate letters), with the letters from the key phrase; 3 Fill in the remaining spaces with the remaining letters of the alphabet, in order. Omit Q to make the alphabet fit, or merge I/J into one entry. Example (key phrase: DIAMONDRING): D I A M O N R /// D/I//A/// M//O/// N//D//R/ING Alphabet:/// ABC//DEFGH/IJKL//M/// N//OP/// RSTUVWXYZ

Substitution Ciphers 25/51 Polygraphic Substitution Ciphers: Playfair... How do we create the table (the cipher key)? 1 Select a key phrase; 2 Fill in the spaces of the table, starting top left (omitting duplicate letters), with the letters from the key phrase; 3 Fill in the remaining spaces with the remaining letters of the alphabet, in order. Omit Q to make the alphabet fit, or merge I/J into one entry. Example (key phrase: DIAMONDRING): D I A M O N R G /// D/I//A/// M//O/// N//D//R/I//NG Alphabet:/// ABC//DEFGH/IJKL//M/// N//OP/// RSTUVWXYZ

Substitution Ciphers 25/51 Polygraphic Substitution Ciphers: Playfair... How do we create the table (the cipher key)? 1 Select a key phrase; 2 Fill in the spaces of the table, starting top left (omitting duplicate letters), with the letters from the key phrase; 3 Fill in the remaining spaces with the remaining letters of the alphabet, in order. Omit Q to make the alphabet fit, or merge I/J into one entry. Example (key phrase: DIAMONDRING): D I A M O N R G B /// D/I//A/// M//O/// N//D//R/I//N/// G Alphabet:/// ABC//DEF/// GH/IJKL//M/// N//OP/// RSTUVWXYZ

Substitution Ciphers 25/51 Polygraphic Substitution Ciphers: Playfair... How do we create the table (the cipher key)? 1 Select a key phrase; 2 Fill in the spaces of the table, starting top left (omitting duplicate letters), with the letters from the key phrase; 3 Fill in the remaining spaces with the remaining letters of the alphabet, in order. Omit Q to make the alphabet fit, or merge I/J into one entry. Example (key phrase: DIAMONDRING): D I A M O N R G B C /// D/I//A/// M//O/// N//D//R/I//N/// G Alphabet:/// A//BC//DEF/// GH/IJKL//M/// N//OP/// RSTUVWXYZ

Substitution Ciphers 25/51 Polygraphic Substitution Ciphers: Playfair... How do we create the table (the cipher key)? 1 Select a key phrase; 2 Fill in the spaces of the table, starting top left (omitting duplicate letters), with the letters from the key phrase; 3 Fill in the remaining spaces with the remaining letters of the alphabet, in order. Omit Q to make the alphabet fit, or merge I/J into one entry. Example (key phrase: DIAMONDRING): D I A M O N R G B C E /// D/I//A/// M//O/// N//D//R/I//N/// G Alphabet:/// A//B//C//DEF/// GH/IJKL//M/// N//OP/// RSTUVWXYZ

Substitution Ciphers 25/51 Polygraphic Substitution Ciphers: Playfair... How do we create the table (the cipher key)? 1 Select a key phrase; 2 Fill in the spaces of the table, starting top left (omitting duplicate letters), with the letters from the key phrase; 3 Fill in the remaining spaces with the remaining letters of the alphabet, in order. Omit Q to make the alphabet fit, or merge I/J into one entry. Example (key phrase: DIAMONDRING): D I A M O N R G B C E F /// D/I//A/// M//O/// N//D//R/I//N/// G Alphabet:/// A//B//C//D//EF/// GH/IJKL//M/// N//OP/// RSTUVWXYZ

Substitution Ciphers 25/51 Polygraphic Substitution Ciphers: Playfair... How do we create the table (the cipher key)? 1 Select a key phrase; 2 Fill in the spaces of the table, starting top left (omitting duplicate letters), with the letters from the key phrase; 3 Fill in the remaining spaces with the remaining letters of the alphabet, in order. Omit Q to make the alphabet fit, or merge I/J into one entry. Example (key phrase: DIAMONDRING): D I A M O N R G B C E F H /// D/I//A/// M//O/// N//D//R/I//N/// G Alphabet:/// A//B//C//D//E//F/// GH/IJKL//M/// N//OP/// RSTUVWXYZ

Substitution Ciphers 25/51 Polygraphic Substitution Ciphers: Playfair... How do we create the table (the cipher key)? 1 Select a key phrase; 2 Fill in the spaces of the table, starting top left (omitting duplicate letters), with the letters from the key phrase; 3 Fill in the remaining spaces with the remaining letters of the alphabet, in order. Omit Q to make the alphabet fit, or merge I/J into one entry. Example (key phrase: DIAMONDRING): D I A M O N R G B C E F H J /// D/I//A/// M//O/// N//D//R/I//N/// G Alphabet:/// A//B//C//D//E//F/// G//H/IJKL//M/// N//OP/// RSTUVWXYZ

Substitution Ciphers 25/51 Polygraphic Substitution Ciphers: Playfair... How do we create the table (the cipher key)? 1 Select a key phrase; 2 Fill in the spaces of the table, starting top left (omitting duplicate letters), with the letters from the key phrase; 3 Fill in the remaining spaces with the remaining letters of the alphabet, in order. Omit Q to make the alphabet fit, or merge I/J into one entry. Example (key phrase: DIAMONDRING): D I A M O N R G B C E F H J K /// D/I//A/// M//O/// N//D//R/I//N/// G Alphabet:/// A//B//C//D//E//F/// G//H/I/JKL//M/// N//OP/// RSTUVWXYZ

Substitution Ciphers 25/51 Polygraphic Substitution Ciphers: Playfair... How do we create the table (the cipher key)? 1 Select a key phrase; 2 Fill in the spaces of the table, starting top left (omitting duplicate letters), with the letters from the key phrase; 3 Fill in the remaining spaces with the remaining letters of the alphabet, in order. Omit Q to make the alphabet fit, or merge I/J into one entry. Example (key phrase: DIAMONDRING): D I A M O N R G B C E F H J K L /// D/I//A/// M//O/// N//D//R/I//N/// G Alphabet:/// A//B//C//D//E//F/// G//H/I/J/// KL//M/// N//OP/// RSTUVWXYZ

Substitution Ciphers 25/51 Polygraphic Substitution Ciphers: Playfair... How do we create the table (the cipher key)? 1 Select a key phrase; 2 Fill in the spaces of the table, starting top left (omitting duplicate letters), with the letters from the key phrase; 3 Fill in the remaining spaces with the remaining letters of the alphabet, in order. Omit Q to make the alphabet fit, or merge I/J into one entry. Example (key phrase: DIAMONDRING): D I A M O N R G B C E F H J K L P /// D/I//A/// M//O/// N//D//R/I//N/// G Alphabet:/// A//B//C//D//E//F/// G//H/I/J/// K// L//M/// N//OP/// RSTUVWXYZ

Substitution Ciphers 25/51 Polygraphic Substitution Ciphers: Playfair... How do we create the table (the cipher key)? 1 Select a key phrase; 2 Fill in the spaces of the table, starting top left (omitting duplicate letters), with the letters from the key phrase; 3 Fill in the remaining spaces with the remaining letters of the alphabet, in order. Omit Q to make the alphabet fit, or merge I/J into one entry. Example (key phrase: DIAMONDRING): D I A M O N R G B C E F H J K L P S /// D/I//A/// M//O/// N//D//R/I//N/// G Alphabet:/// A//B//C//D//E//F/// G//H/I/J/// K// L//M/// N//O//P/// RSTUVWXYZ

Substitution Ciphers 25/51 Polygraphic Substitution Ciphers: Playfair... How do we create the table (the cipher key)? 1 Select a key phrase; 2 Fill in the spaces of the table, starting top left (omitting duplicate letters), with the letters from the key phrase; 3 Fill in the remaining spaces with the remaining letters of the alphabet, in order. Omit Q to make the alphabet fit, or merge I/J into one entry. Example (key phrase: DIAMONDRING): D I A M O N R G B C E F H J K L P S T /// D/I//A/// M//O/// N//D//R/I//N/// G Alphabet:/// A//B//C//D//E//F/// G//H/I/J/// K// L//M/// N//O//P/// R/STUVWXYZ

Substitution Ciphers 25/51 Polygraphic Substitution Ciphers: Playfair... How do we create the table (the cipher key)? 1 Select a key phrase; 2 Fill in the spaces of the table, starting top left (omitting duplicate letters), with the letters from the key phrase; 3 Fill in the remaining spaces with the remaining letters of the alphabet, in order. Omit Q to make the alphabet fit, or merge I/J into one entry. Example (key phrase: DIAMONDRING): D I A M O N R G B C E F H J K L P S T U /// D/I//A/// M//O/// N//D//R/I/// G Alphabet:/// A//B//C//D//E//F/// G//H/I/J/// K// L//M/// N//O//P/// R/S/// DUVWXYZ

Substitution Ciphers 25/51 Polygraphic Substitution Ciphers: Playfair... How do we create the table (the cipher key)? 1 Select a key phrase; 2 Fill in the spaces of the table, starting top left (omitting duplicate letters), with the letters from the key phrase; 3 Fill in the remaining spaces with the remaining letters of the alphabet, in order. Omit Q to make the alphabet fit, or merge I/J into one entry. Example (key phrase: DIAMONDRING): D I A M O N R G B C E F H J K L P S T U V Alphabet:/// A//B//C//D//E//F/// G//H/I/J/// K// /// D/I//A/// M//O/// N//D//R/I/// G L//M/// N//O//P/// R/S/// D//UVWXYZ

Substitution Ciphers 25/51 Polygraphic Substitution Ciphers: Playfair... How do we create the table (the cipher key)? 1 Select a key phrase; 2 Fill in the spaces of the table, starting top left (omitting duplicate letters), with the letters from the key phrase; 3 Fill in the remaining spaces with the remaining letters of the alphabet, in order. Omit Q to make the alphabet fit, or merge I/J into one entry. Example (key phrase: DIAMONDRING): D I A M O N R G B C E F H J K L P S T U V W Alphabet:/// A//B//C//D//E//F/// G//H/I/J/// K// /// D/I//A/// M//O/// N//D//R/I/// G L//M/// N//O//P/// R/S/// D//U//VWXYZ

Substitution Ciphers 25/51 Polygraphic Substitution Ciphers: Playfair... How do we create the table (the cipher key)? 1 Select a key phrase; 2 Fill in the spaces of the table, starting top left (omitting duplicate letters), with the letters from the key phrase; 3 Fill in the remaining spaces with the remaining letters of the alphabet, in order. Omit Q to make the alphabet fit, or merge I/J into one entry. Example (key phrase: DIAMONDRING): D I A M O N R G B C E F H J K L P S T U V W X Alphabet:/// A//B//C//D//E//F/// G//H/I/J/// K// /// D/I//A/// M//O/// N//D//R/I/// G L//M/// N//O//P/// R/S/// D//U//V///WXYZ

Substitution Ciphers 25/51 Polygraphic Substitution Ciphers: Playfair... How do we create the table (the cipher key)? 1 Select a key phrase; 2 Fill in the spaces of the table, starting top left (omitting duplicate letters), with the letters from the key phrase; 3 Fill in the remaining spaces with the remaining letters of the alphabet, in order. Omit Q to make the alphabet fit, or merge I/J into one entry. Example (key phrase: DIAMONDRING): D I A M O N R G B C E F H J K L P S T U V W X Y Alphabet:/// A//B//C//D//E//F/// G//H/I/J/// K// /// D/I//A/// M//O/// N//D//R/I/// G L//M/// N//O//P/// R/S/// D//U//V///W/// XYZ

Substitution Ciphers 25/51 Polygraphic Substitution Ciphers: Playfair... How do we create the table (the cipher key)? 1 Select a key phrase; 2 Fill in the spaces of the table, starting top left (omitting duplicate letters), with the letters from the key phrase; 3 Fill in the remaining spaces with the remaining letters of the alphabet, in order. Omit Q to make the alphabet fit, or merge I/J into one entry. Example (key phrase: DIAMONDRING): D I A M O N R G B C E F H J K L P S T U V W X Y Z Alphabet:/// A//B//C//D//E//F/// G//H/I/J/// K// /// D/I//A/// M//O/// N//D//R/I/// G L//M/// N//O//P/// R/S/// D//U//V///W/// X//YZ

Substitution Ciphers 26/51 Polygraphic Substitution Ciphers: Playfair... To encrypt, start by breaking the message into digraphs: I t was A DArk and stormy NighT... turns into IT WA SA DA RK AN DS TO RM YN IG HT We use the two letters of the digraph to create a rectangle in the key table.

Substitution Ciphers 27/51 Polygraphic Substitution Ciphers: Playfair... Rules to encrypt the digraph αβ: 1 If α = β, add an X, encrypt the new pair.

Substitution Ciphers 27/51 Polygraphic Substitution Ciphers: Playfair... Rules to encrypt the digraph αβ: 1 If α = β, add an X, encrypt the new pair. 2 If one letter is left, add an X, encrypt the new pair.

Substitution Ciphers 27/51 Polygraphic Substitution Ciphers: Playfair... Rules to encrypt the digraph αβ: 1 If α = β, add an X, encrypt the new pair. 2 If one letter is left, add an X, encrypt the new pair. 3 If α, β are in the same row: α X β Y αβ XY If necessary, wrap around.

Substitution Ciphers 27/51 Polygraphic Substitution Ciphers: Playfair... Rules to encrypt the digraph αβ: 1 If α = β, add an X, encrypt the new pair. 2 If one letter is left, add an X, encrypt the new pair. 3 If α, β are in the same row: α X β Y αβ XY If necessary, wrap around. 4 If αβ occur in the same column: α X αβ XY β Y

Substitution Ciphers 28/51 Polygraphic Substitution Ciphers: Playfair... And the final rule: 5 If the letters are not on the same row or column: X α αβ XY β Y Order matters: X is on the same row as α. To decrypt: 1 Use the inverse of the last three rules. 2 Drop any Xs that don t make sense.

Substitution Ciphers 29/51 Polygraphic Substitution Ciphers: Playfair... Example plaintext: IT WA SA DA RK AN DS TO RM YN IG HT IT MP D I A M O N R G B C E F H J K L P S T U V W X Y Z WA XI D I A M O N R G B C E F H J K L P S T U V W X Y Z

Substitution Ciphers 30/51 Polygraphic Substitution Ciphers: Playfair... SA XG DA IM D I A M O N R G B C E F H J K L P S T U V W X Y Z D I A M O N R G B C E F H J K L P S T U V W X Y Z

Substitution Ciphers 31/51 In-Class Exercise 1 Construct a Playfair table using the key phrase BLINKENLIGHTS. 2 Encode the message Run, RAbbit, Run! 3 Encrypt the plaintext message from 2. 4 Decrypt the ciphertext message from 3.

Transposition Ciphers 32/51 Outline 1 Introduction 2 Attacks 3 Substitution Ciphers 4 Transposition Ciphers 5 Substitution and Permutation Boxes 6 One-Time Pads 7 Summary

Transposition Ciphers 33/51 Transposition Ciphers Definition (Transposition Cipher) A method of encryption by which units of plaintext are rearranged to form the ciphertext. In a transposition cipher the original characters of the plaintext are not changed, but simply moved around in the ciphertext. Letter frequencies don t change. The ciphertext is a permutation of the cleartext. The goal is diffusion: spreading the information from the plaintext across the ciphertext.

Transposition Ciphers 34/51 Columnar Transposition Cipher In a simple columnar transposition cipher we write the plaintext horizontally in a fixed width table, and read it off vertically. The plaintext attack at dawn could be enciphered into actwtk nt f aaa, using this table: a t t a c k a t d a w n

Substitution and Permutation Boxes 35/51 Outline 1 Introduction 2 Attacks 3 Substitution Ciphers 4 Transposition Ciphers 5 Substitution and Permutation Boxes 6 One-Time Pads 7 Summary

Substitution and Permutation Boxes 36/51 S-Boxes We can extend the substitution box idea to binary words. Here s a 4 4 S-box that maps 4 bits to 4 bits: S 00 01 10 11 00 0011 1000 1111 0001 01 1010 0110 0101 1011 10 1110 1101 0100 0010 11 0111 0000 1001 1100 Examples: 0000 0011 0001 0100 1010 0100 S 0 1 2 3 0 3 8 15 1 1 10 6 5 11 2 14 13 4 2 3 7 0 9 12

Substitution and Permutation Boxes 37/51 Inverse S-Boxes If S is an S-box with unique substitutions there exists an inverse S-box S 1 that reverses the substitution: S 00 01 10 11 00 0011 1000 1111 0001 01 1010 0110 0101 1011 10 1110 1101 0100 0010 11 0111 0000 1001 1100 S 1 00 01 10 11 00 1101 0011 1011 0000 01 1010 0110 0101 1100 10 0001 1110 0100 0111 11 1111 1001 1000 0010 S 0 1 2 3 0 3 8 15 1 1 10 6 5 11 2 14 13 4 2 3 7 0 9 12 S 0 1 2 3 0 13 3 11 0 1 10 6 5 12 2 1 14 4 7 3 15 8 9 2

Substitution and Permutation Boxes 38/51 Inverse S-Boxes... Examples: 0000 S 0011 0000 1111 S 1100 S 1 1111 1010 S 0100 S 1 1010 Desirable properties of S-boxes: 1 changing one input bit about half of the output bits will change (avalanche effect); 2 each output bit will depend on every input bit. S 1

Substitution and Permutation Boxes 39/51 P-Boxes We can extend the transposition cipher idea to binary words. Here s a 32-bit P-box that is used by the DES cipher: P moved to position 1-8 9 17 23 31 13 28 2 18 9-16 24 16 30 6 26 20 10 1 17-24 8 14 25 3 4 29 11 19 25-32 32 12 22 7 5 27 15 21

Substitution and Permutation Boxes 40/51 P-Boxes... P moved to position 1-8 9 17 23 31 13 28 2 18 9-16 24 16 30 6 26 20 10 1 17-24 8 14 25 3 4 29 11 19 25-32 32 12 22 7 5 27 15 21 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32

Substitution and Permutation Boxes 41/51 Product Ciphers In product ciphers we achieve both diffusion and and confusion by chaining together S-Boxes and P-Boxes.

One-Time Pads 42/51 Outline 1 Introduction 2 Attacks 3 Substitution Ciphers 4 Transposition Ciphers 5 Substitution and Permutation Boxes 6 One-Time Pads 7 Summary

One-Time Pads 43/51 One-Time Pads The pad is a large, non-repeating set of random key letters. To encrypt, add each plaintext letter to the next letter on the pad, mod 26. Decryption is done the same. This is provably secure, provided you have a truly random set of pad letters and never reuse the pad. Two problems: 1 We need an infinite number of never-repeating keys; 2 Alice and Bob need to be absolutely synchronized (at all times know which key they re using).

One-Time Pads 44/51 One-Time Pads: Example a b c d e f g h i j k l m n o p q r s t u v w x y z 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 pad : r a n d o m p a d numeric pad : 18 1 14 4 15 13 16 1 4 cleartext : a t t a c k a t d numeric cleartext : 1 20 20 1 3 11 1 20 4 add mod 26 : 19 21 8 5 18 24 17 21 8 ciphertext : s u h e r w q u h

One-Time Pads 45/51 Exclusive-OR 0 0 = 0 0 1 = 1 1 0 = 1 1 1 = 0 a a = 0 a b b = a a a a = a Since xor-ing the same value twice gives us the original, we get a simple symmetric algorithm: P K C K = C = P

One-Time Pads 46/51 Exclusive-OR in Sparkling Color = = =

One-Time Pads 47/51 Pseudo-Random Number Generator (PRNG) A PRNG is seeded with a key K and generates a sequence of numbers such that numbers are in the range [0, n 1] for some n > 0; the numbers are uniformly distributed; having seen numbers x 0, x 1,..., x i it s hard to predict x i+1. Cryptographic PRNGs can be constructed from symmetric ciphers such as AES: 1 Let K be the seed; 2 R E AES (K) 3 Output R 4 K++ 5 Goto 2

One-Time Pads 48/51 Encryption with PRNG Let key: K plaintext message: M 0, M 1, M 2,... ciphertext: C 0, C 1, C 2,... sequence of pseudo-random numbers: P 0, P 1, P 2,... Encryption algorithm: 1 Seed the PRNG with K; 2 C i = M i P i Decryption algorithm: 1 Seed the PRNG with K; 2 M i = C i P i Make sure that: 1 Only perform one encryption for a given key K. 2 The length of the plaintext should be much smaller than the period of the PRNG.

Summary 49/51 Outline 1 Introduction 2 Attacks 3 Substitution Ciphers 4 Transposition Ciphers 5 Substitution and Permutation Boxes 6 One-Time Pads 7 Summary

Summary 50/51 Readings and References Chapter 8.1.1-8.1.5 in Introduction to Computer Security, by Goodrich and Tamassia.

Summary 51/51 Acknowledgments Additional material and exercises have also been collected from these sources: 1 Igor Crk and Scott Baker, 620 Fall 2003 Basic Cryptography. 2 Bruce Schneier, How to Recognize Plaintext, http://www.schneier.com/crypto-gram-9812.html#plaintext. 3 Pfleeger and Pfleeger, Security in Computing.

2024 © artsdocbox.com Privacy Policy | Terms of Service | Feedback