Cryptography and Network Chapter 2 Classical Encryption Techniques - PDF document

4/19/2010 Cryptography and Network Chapter 2 – Classical Encryption Techniques Security Chapter 2 • "I am fairly familiar with all the forms of secret writings, and am myself the author of a trifling writings, and am myself the author of a trifling monograph upon the subject, in which I analyze one Fifth Edition hundred and sixty separate ciphers," said Holmes.. by William Stallings — The Adventure of the Dancing Men , Sir Arthur Conan Doyle Lecture slides by Lawrie Brown Symmetric Encryption Some Basic Terminology • or conventional / private ‐ key / single ‐ key • plaintext ‐ original message • ciphertext ‐ coded message • sender and recipient share a common key • cipher ‐ algorithm for transforming plaintext to ciphertext • all classical encryption algorithms are private ‐ • key ‐ info used in cipher known only to sender/receiver key info used in cipher known only to sender/receiver key • encipher (encrypt) ‐ converting plaintext to ciphertext • was only type prior to invention of public ‐ key • decipher (decrypt) ‐ recovering ciphertext from plaintext in 1970’s • cryptography ‐ study of encryption principles/methods • and by far most widely used • cryptanalysis (codebreaking) ‐ study of principles/ methods of deciphering ciphertext without knowing key • cryptology ‐ field of both cryptography and cryptanalysis Symmetric Cipher Model Requirements • two requirements for secure use of symmetric encryption: – a strong encryption algorithm – a secret key known only to sender / receiver y y • mathematically have: Y = E(K, X ) X = D(K, Y ) • assume encryption algorithm is known • implies a secure channel to distribute key 1

4/19/2010 Cryptography Cryptanalysis • can characterize cryptographic system by: • objective to recover key not just message – type of encryption operations used • general approaches: • substitution • transposition – cryptanalytic attack • product – brute ‐ force attack b f k – number of keys used • if either succeed all key use compromised • single ‐ key or private • two ‐ key or public – way in which plaintext is processed • block • stream Cryptanalytic Attacks More Definitions  ciphertext only  unconditional security  only know algorithm & ciphertext, is statistical,  no matter how much computer power or time is know or can identify plaintext available, the cipher cannot be broken since the  known plaintext ciphertext provides insufficient information to  know/suspect plaintext & ciphertext  know/suspect plaintext & ciphertext uniquely determine the corresponding plaintext  chosen plaintext  computational security  select plaintext and obtain ciphertext  given limited computing resources (eg time  chosen ciphertext needed for calculations is greater than age of  select ciphertext and obtain plaintext universe), the cipher cannot be broken  chosen text  select plaintext or ciphertext to en/decrypt Brute Force Search Classical Substitution Ciphers • always possible to simply try every key • where letters of plaintext are replaced by • most basic attack, proportional to key size other letters or by numbers or symbols • assume either know / recognise plaintext • or if plaintext is viewed as a sequence of bits, then substitution involves replacing plaintext then substitution involves replacing plaintext Key Size (bits) Number of Alternative Time required at 1 Time required at 10 6 bit patterns with ciphertext bit patterns Keys decryption/µs decryptions/µs 2 32 = 4.3  10 9 2 31 µs 32 = 35.8 minutes 2.15 milliseconds 2 56 = 7.2  10 16 2 55 µs 56 = 1142 years 10.01 hours 2 128 = 3.4  10 38 2 127 µs = 5.4  10 24 years 5.4  10 18 years 128 2 168 = 3.7  10 50 2 167 µs = 5.9  10 36 years 5.9  10 30 years 168 26! = 4  10 26 2  10 26 µs = 6.4  10 12 years 6.4  10 6 years 26 characters (permutation) 2

4/19/2010 Caesar Cipher Caesar Cipher • earliest known substitution cipher • can define transformation as: • by Julius Caesar a b c d e f g h i j k l m n o p q r s t u v w x y z D E F G H I J K L M N O P Q R S T U V W X Y Z A B C • first attested use in military affairs • mathematically give each letter a number • replaces each letter by 3rd letter on • replaces each letter by 3rd letter on a b c d e f g h i j k l m n o p q r s t u v w x y z 0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 • example: • then have Caesar cipher as: meet me after the toga party c = E(k, p ) = ( p + k ) mod (26) PHHW PH DIWHU WKH WRJD SDUWB p = D(k, c) = (c – k ) mod (26) Cryptanalysis of Caesar Cipher Monoalphabetic Cipher  only have 26 possible ciphers • rather than just shifting the alphabet • could shuffle (jumble) the letters arbitrarily  A maps to A,B,..Z • each plaintext letter maps to a different random  could simply try each in turn ciphertext letter  a brute force search • hence key is 26 letters long  given ciphertext, just try all shifts of letters Plain: abcdefghijklmnopqrstuvwxyz  do need to recognize when have plaintext Cipher: DKVQFIBJWPESCXHTMYAUOLRGZN  eg. break ciphertext "GCUA VQ DTGCM" Plaintext: ifwewishtoreplaceletters Ciphertext: WIRFRWAJUHYFTSDVFSFUUFYA Language Redundancy and Monoalphabetic Cipher Security Cryptanalysis • now have a total of 26! = 4 x 10 26 keys  human languages are redundant  eg "th lrd s m shphrd shll nt wnt" • with so many keys, might think is secure  letters are not equally commonly used • but would be !!!WRONG!!!  in English E is by far the most common letter  in English E is by far the most common letter • problem is language characteristics  followed by T,R,N,I,O,A,S  other letters like Z,J,K,Q,X are fairly rare  have tables of single, double & triple letter frequencies for various languages 3

4/19/2010 English Letter Frequencies Use in Cryptanalysis • key concept ‐ monoalphabetic substitution ciphers do not change relative letter frequencies • discovered by Arabian scientists in 9 th century • calculate letter frequencies for ciphertext • compare counts/plots against known values / • if caesar cipher look for common peaks/troughs – peaks at: A ‐ E ‐ I triple, NO pair, RST triple – troughs at: JK, X ‐ Z • for monoalphabetic must identify each letter – tables of common double/triple letters help Example Cryptanalysis Playfair Cipher • given ciphertext:  not even the large number of keys in a UZQSOVUOHXMOPVGPOZPEVSGZWSZOPFPESXUDBMETSXAIZ monoalphabetic cipher provides security VUEPHZHMDZSHZOWSFPAPPDTSVPQUZWYMXUZUHSX EPYEPOPDZSZUFPOMBZWPFUPZHMDJUDTMOHMQ  one approach to improving security was to • count relative letter frequencies (see text) encrypt multiple letters encrypt multiple letters • guess P & Z are e and t  the Playfair Cipher is an example • guess ZW is th and hence ZWP is the  invented by Charles Wheatstone in 1854, but • proceeding with trial and error finally get: it was disclosed yesterday that several informal but named after his friend Baron Playfair direct contacts have been made with political representatives of the viet cong in moscow Playfair Key Matrix Encrypting and Decrypting  a 5X5 matrix of letters based on a keyword • plaintext is encrypted two letters at a time 1. if a pair is a repeated letter, insert filler like 'X’  fill in letters of keyword (sans duplicates) 2. if both letters fall in the same row, replace each  fill rest of matrix with other letters with letter to right (wrapping back to start from end) end)  eg. using the keyword MONARCHY 3. if both letters fall in the same column, replace each with the letter below it (wrapping to top from M O O N N A A R R bottom) C H H Y Y B B D D 4. otherwise each letter is replaced by the letter in the same row and in the column of the other letter E F F G G I/J I/J K K of the pair L P P Q Q S S T T U V V W W X X Z Z 4