ECEN 5022 Cryptography Classical Ciphers Peter Mathys University - PowerPoint PPT Presentation

Introduction ECEN 5022 Cryptography Classical Ciphers Peter Mathys University of Colorado Spring 2008 Peter Mathys ECEN 5022 Cryptography

Introduction Classical Ciphers Classical Ciphers ◮ Most classical ciphers are either transposition or substitution ciphers. ◮ Transposition ciphers rearrange the order of letters in the plaintext. Examples are rail fence ciphers, route ciphers, columnar transpositions, and double transpositions. ◮ Substitution ciphers replace plaintext letters or groups of plaintext letters with other letters or groups of plaintext letters. Examples are Caesar cipher, simple substitution (with mixed alphabet), homophonic substitution, polyalphabetic substitution (e.g., Vigen` ere cipher), polygraphic substitution (e.g., Hill cipher), rotor machines (mechanical implementations of polyalphabetic substitution, e.g., Enigma, SIGABA), one-time pad. ◮ A powerful technique is to combine substitution and transposition ciphers. Peter Mathys ECEN 5022 Cryptography

Introduction Classical Ciphers Transposition Example ◮ For a columnar transposition the plaintext is written out in rows of fixed length and then read out columnwise, usually after permuting the column order. A keyword is typically used to specify the length of the rows and the permutation of the columns. ◮ Example: Keyword WIRED and plaintext WE ARE LOW IN SUPPLIES . The length of the keyword is 5 and the permutation of the columns is given by the alphabetical order of the letters in the keyword: 53421. Therefore 5 3 4 2 1 W E A R E L O W I N S U P P L I E S ◮ The resulting ciphertext is ENLRI PEOUE AWPSW LSI Peter Mathys ECEN 5022 Cryptography

Introduction Classical Ciphers Shift Cipher ◮ Encryption: c = E ( K , m ) = m + K (mod n ). ◮ Decryption: m = D ( K , c ) = c − K (mod n ). ◮ c , m , K ∈ { 0 , 1 , 2 , . . . , n − 1 } for some integer n > 0. ◮ Keyspace (i.e., number of possible keys) is equal to n . ◮ For English alphabet use n = 26 and A B C D E F G H I J K L M N O P Q R S T U V W X Y Z 0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 ◮ Example: Addition and multiplication modulo n = 5. + 0 1 2 3 4 0 1 2 3 4 × 0 0 1 2 3 4 0 0 0 0 0 0 1 1 2 3 4 0 1 0 1 2 3 4 2 2 3 4 0 1 2 0 2 4 1 3 3 3 4 0 1 2 3 0 3 1 4 2 4 4 0 1 2 3 4 0 4 3 2 1 Peter Mathys ECEN 5022 Cryptography

Introduction Classical Ciphers Shift Cipher Example ◮ The Caesar cipher is a shift cipher, i.e., the letters of the alphabet are shifted cyclically by a certain number K of positions. Caesar always used K = 3. ◮ Example: K = 3, plaintext ATTACK AT DAWN plain: A B C D E F G H I J K L M N O P Q R S T U V W X Y Z cipher: D E F G H I J K L M N O P Q R S T U V W X Y Z A B C ◮ Thus, the ciphertext is DWWDF NDWGD ZQ ◮ An obvious problem here is the small keyspace, only K ∈ { 0 , 1 , . . . , 25 } are possible. Thus, exhaustive keyspace search is possible. Peter Mathys ECEN 5022 Cryptography

Introduction Classical Ciphers Affine Cipher ◮ Encryption: c = E ( K , m ) = a m + b (mod n ), K = a , b . ◮ Decryption: m = D ( K , c ) = ( c − b ) a − 1 (mod n ), needs gcd ( a , n ) = 1. ◮ Suppose gcd ( a , n ) = d > 1. Then a x (mod n ) has ≥ 2 solutions. Two solutions are x 1 = 0 and x 2 = n / d . The second one follows from a x 2 = a ( n / d ) = ( a / d ) n = 0 (mod n ). ◮ Thus c = a x 1 + a m + b = a x 2 + a m + b = ⇒ same cryptogram for m and m ′ = m + n / d . ◮ Keyspace: a , b ∈ { 0 , 1 , 2 , . . . n − 1 } , a such that gcd ( a , n ) = 1. Peter Mathys ECEN 5022 Cryptography

Introduction Classical Ciphers Simple Substitution ◮ Simple or monoalphabetic substitution : (More or less) arbitrary permutation of the alphabet, applied to each plaintext letter. There are 26! = 4 . 03 × 10 26 permutations. ◮ Example: Plaintext SUCCESS TALES , substitution: plain: A B C D E F G H I J K L M N O P Q R S T U V W X Y Z cipher: H G O F P I R C A T Q K W N J M U E L S B Y Z D X V ◮ Thus, the ciphertext is LBOOP LLSHK PL ◮ Quite easy to break since statistics of plaintext language (single letter frequencies of English) are not hidden. Peter Mathys ECEN 5022 Cryptography

Introduction Classical Ciphers Single Letter Frequencies of English Relative Frequency of Letters in English Text 14 12.7 12 Relative Frequency in % 10 9.05 8.16 8 7.51 6.99 6.75 6.33 6.09 5.99 6 4.25 4.02 4 2.78 2.76 2.4 2.36 2.23 2.01 1.93 1.97 2 1.49 0.98 0.77 0.15 0.1 0.15 0.07 0 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z ◮ Letter E is most frequent, followed by T,A,O,I,N,S,H,R. ◮ Letters Z,Q,J and X are most infrequent. Peter Mathys ECEN 5022 Cryptography

Introduction Classical Ciphers Single Letter Statistics of Cryptograms Text: ATFIR STPHI LIPHA DBEEN TOOGR ATEFU LFORR OSESF Text: DWILU VWSKL OLSKD GEHHQ WRRJU DWHIX OIRUU RVHVI 14 14 Red: Plaintext, Blue: Standard English Red: Caesar Cipher, Blue: Standard English 12 12 Relative Frequency in % Relative Frequency in % 10 10 8 8 6 6 4 4 2 2 0 0 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z A B C D E F G H I J K L M N O P Q R S T U V W X Y Z Text: HSIAE LSMCA KAMCH FGPPN SJJRE HSPIB KIJEE JLPLI Text: ASEHS OIOEH LNGAB TTOSE LUNWE IDGIS IAFNE CYLGN 14 14 Red: Substitution, Blue: Standard English Red: Transposition, Blue: Standard English 12 12 Relative Frequency in % Relative Frequency in % 10 10 8 8 6 6 4 4 2 2 0 0 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z A B C D E F G H I J K L M N O P Q R S T U V W X Y Z ◮ Clockwise from top left: Plaintext, Caesar cipher, simple substitution, transposition. Peter Mathys ECEN 5022 Cryptography

Introduction Classical Ciphers Block Ciphers ◮ To hide the statistics of the plaintext better, the plaintext can be encrypted in blocks of several letters. ◮ The Vigen` ere cipher is a polyalphabetic substitution cipher that uses several shift ciphers periodically, usually based on a keyword. If the keyword is SPY , for example, then the first plaintext letter is encrypted using a shift of the alphabet that starts at S (i.e., add 18 mod 26), the second letter is encrypted using a shifted alphabet that starts at P (i.e., add 15 mod 26), the third letter whith shift Y (i.e., add 24 mod 26), the fourth letter again with shift S , etc. Peter Mathys ECEN 5022 Cryptography

Introduction Classical Ciphers Polyalphabetic Substitution Example ◮ Example: Vigen` ere, key SPY , message RABBITS EAT CARROTS . A B C D E F G H I J K L M N O P Q R S T U V W X Y Z B C D E F G H I J K L M N O P Q R S T U V W X Y Z A C D E F G H I J K L M N O P Q R S T U V W X Y Z A B D E F G H I J K L M N O P Q R S T U V W X Y Z A B C E F G H I J K L M N O P Q R S T U V W X Y Z A B C D F G H I J K L M N O P Q R S T U V W X Y Z A B C D E G H I J K L M N O P Q R S T U V W X Y Z A B C D E F H I J K L M N O P Q R S T U V W X Y Z A B C D E F G I J K L M N O P Q R S T U V W X Y Z A B C D E F G H J K L M N O P Q R S T U V W X Y Z A B C D E F G H I K L M N O P Q R S T U V W X Y Z A B C D E F G H I J L M N O P Q R S T U V W X Y Z A B C D E F G H I J K M N O P Q R S T U V W X Y Z A B C D E F G H I J K L N O P Q R S T U V W X Y Z A B C D E F G H I J K L M O P Q R S T U V W X Y Z A B C D E F G H I J K L M N --> P Q R S T U V W X Y Z A B C D E F G H I J K L M N O Q R S T U V W X Y Z A B C D E F G H I J K L M N O P R S T U V W X Y Z A B C D E F G H I J K L M N O P Q --> S T U V W X Y Z A B C D E F G H I J K L M N O P Q R T U V W X Y Z A B C D E F G H I J K L M N O P Q R S U V W X Y Z A B C D E F G H I J K L M N O P Q R S T V W X Y Z A B C D E F G H I J K L M N O P Q R S T U W X Y Z A B C D E F G H I J K L M N O P Q R S T U V X Y Z A B C D E F G H I J K L M N O P Q R S T U V W --> Y Z A B C D E F G H I J K L M N O P Q R S T U V W X Z A B C D E F G H I J K L M N O P Q R S T U V W X Y ◮ Ciphertext: JPZTX RKTYL RYJGM LH Peter Mathys ECEN 5022 Cryptography

Introduction Classical Ciphers Hill Cipher ◮ Another (rather insecure) system, the Hill cipher, uses c = m A (mod n ) , to implement a polygraphic substitution (i.e., a simultaneous substitution of several plaintext letters). If N letters are encrypted per block then A is a (invertible modulo n ) N × N matrix. The reason for the insecurity of the Hill cipher is that it is linear. ◮ Note the computation modulo n . Most modern cryptosystems use computations in some finite group, ring, or field. Peter Mathys ECEN 5022 Cryptography

Introduction Classical Ciphers Addition Modulo n c i ≡ m i + K i (mod n ) m c + Key K ◮ Here (a block of) plaintext and (a block of) ciphertext are added modulo n . For a Vigen` ere cipher the key K is used over and over again for each block. Peter Mathys ECEN 5022 Cryptography

Introduction Classical Ciphers Stream Ciphers c i ≡ m i + K i (mod n ) m i c i + K i Keystream Generator ◮ Stream cipher: Generate a random keystream K i and combine it with the plaintext stream M i to obtain the ciphertext stream C i . ◮ The combination function is in most cases addition (or subtraction) modulo n , with either n = 2 or n = 26. ◮ The rotor machines that were used during WW II were mechanical devices that (in essence) performed the keystream generation and the addition modulo n . Peter Mathys ECEN 5022 Cryptography

Introduction Classical Ciphers Wehrmacht Enigma Peter Mathys ECEN 5022 Cryptography