Classical Encryption Techniques

Classical Encryption TechniquesWhat is Cryptography?The art of secret writing The art of protection using informationThe science of encrypting or hiding secretsNeeded for confidentiality

Simplified Model of Conventional Encryption

Model of Conventional Cryptosystem

Cryptanalysis

Brute-force attack

Brute-Force AttackTry every key to decipher the ciphertext.On average, need to try half of all possible keys Time needed proportional to size of key space

Key Size (bits)Number of Alternative KeysTime required at 1 decryption/sTime required at 106 decryptions/s32232 = 4.3 109231 s= 35.8 minutes2.15 milliseconds56256 = 7.2 1016255 s= 1142 years10.01 hours1282128 = 3.4 10382127 s= 5.4 1024 years5.4 1018 years1682168 = 3.7 10502167 s= 5.9 1036 years5.9 1030 years26 characters (permutation)26! = 4 10262 1026 s= 6.4 1012 years6.4 106 years7Letters of plain text are replaced by other letters/symbols/numbers.

Different TypesCaesar CipherMonoalphabetic CiphersPlayfair CipherHill CipherPolyalphabeticOne-Time Pad

Substitution Techniques of EncryptionCaesar CipherThe Caesar cipher is a substitution cipher.Named after Julius Caesar.

Operation principle:Each letter is translated into the letter a fixed number of positions after it in the alphabet table.The fixed number of positions is a key both for encryption and decryption.

Caesar CipherThe Caesar cipher (cntd.)

Outer: plaintextInner: ciphertextThe Caesar cipher (cntd.)

K=3Caesar CipherMathematically, map letters to numbers:a, b, c, ..., x, y, z0, 1, 2, ..., 23, 24, 25Then the general Caesar cipher is:c = EK(p) = (p + k) mod 26p = DK(c) = (c k) mod 26Can be generalized with any alphabet.

13An examplefor a key K=3,plaintext letter: abcdef...uvwxyzciphtertext letter: DEF...UVWXYZABCHencetreaty impossibleis translated intoWUHDWB LPSRVVLEOHCryptanalysis of Caesar Cipher Key space: {0, 1, ..., 25} Vulnerable to brute-force attacks. E.g., break ciphertext "UNOU YZGZK

15Monoalphabetic CipherMonoalphabetic CipherShuffle the letters and map each plaintext letter to a different random ciphertext letter:

Plain letters: abcdefghijklmnopqrstuvwxyzCipher letters: DKVQFIBJWPESCXHTMYAUOLRGZN

Plaintext: ifwewishtoreplacelettersCiphertext: WIRFRWAJUHYFTSDVFSFUUFYA

What does a key look like?

17Monoalphabetic Cipher SecurityNow we have a total of 26! = 4 x 1026 keys. With so many keys, it is secure against brute-force attacks.But not secure against some cryptanalytic attacks.Problem is language characteristics.

18Language Statistics and CryptanalysisHuman languages are not random.

Letters are not equally frequently used.

In English, E is by far the most common letter, followed by T, R, N, I, O, A, S.

Other letters like Z, J, K, Q, X are fairly rare.

There are tables of single, double & triple letter frequencies for various languages

19English Letter Frequencies

20Statistics for double & triple lettersIn decreasing order of frequency

Double letters: th he an in er re es on,

Triple letters: the and ent ion tio for nde, Use in CryptanalysisKey concept: monoalphabetic substitution does not change relative letter frequencies

To attack, we calculate letter frequencies for ciphertextcompare this distribution against the known one22 Example CryptanalysisGiven ciphertext:UZQSOVUOHXMOPVGPOZPEVSGZWSZOPFPESXUDBMETSXAIZVUEPHZHMDZSHZOWSFPAPPDTSVPQUZWYMXUZUHSXEPYEPOPDZSZUFPOMBZWPFUPZHMDJUDTMOHMQCount relative letter frequencies (see next page)Guess {P, Z} = {e, t}Of double letters, ZW has highest frequency, so guess ZW = th and hence ZWP = theProceeding with trial and error finally get:it was disclosed yesterday that several informal butdirect contacts have been made with politicalrepresentatives of the viet cong in moscow

23Letter frequencies in ciphertextP 13.33H 5.83F 3.33B 1.67C 0.00Z 11.67D 5.00W 3.33G 1.67K 0.00S 8.33E 5.00Q 2.50Y 1.67L 0.00U 8.33V 4.17T 2.50I 0.83N 0.00O 7.50X 4.17A 1.67J 0.83R 0.00M 6.67Playfair CipherPlayfair CipherNot even the large number of keys in a monoalphabetic cipher provides security. One approach to improving security is to encrypt multiple letters at a time.

The Playfair Cipher is the best known such cipher.

Invented by Charles Wheatstone in 1854, but named after his friend Baron Playfair. 26Playfair Key MatrixUse a 5 x 5 matrix.Fill in letters of the key (w/o duplicates). Fill the rest of matrix with other letters.E.g., key = MONARCHY.MONARCHYBDEFGI/JKLPQSTUVWXZ27 Encrypting and DecryptingPlaintext is encrypted two letters at a time. If a pair is a repeated letter, insert filler like 'X.If both letters fall in the same row, replace each with the letter to its right (circularly). If both letters fall in the same column, replace each with the the letter below it (circularly).Otherwise, each letter is replaced by the letter in the same row but in the column of the other letter of the pair. 28Security of Playfair CipherEquivalent to a monoalphabetic cipher with an alphabet of 26 x 26 = 676 characters.

Security is much improved over the simple monoalphabetic cipher.

Was widely used for many decadeseg. by US & British military in WW1 and early WW2

Once thought to be unbreakable.

Actually, it can be broken, because it still leaves some structure of plaintext intact.29Hill CipherHill CipherTakes two or three or more letter combinations to the same size combinations, e.g. the rqvUses simple linear equationsAn example of a block cipher encrypting a block of text at a timeNumbered alphabet: a = 0, b = 1, c = 3, etc.(in CAP, use ASCII code)ExampleC1 = 9*p1 + 18*p2 + 10*p3 (mod 26)C2 = 16*p1 + 21*p2 + 1*p3 (mod 26)C3 = 5*p1 + 12*p2 + 23*p3 (mod 26)C1 9 18 10 p1C2 = 16 21 1 p2 (mod 26)C3 5 12 23 p318 9 18 10 1421 = 16 21 1 8 (mod 26) 9 5 12 23 19I cant do it8 2 0 13 19 3 14 8 19 4 9 18 10 814 = 16 21 1 2 (mod 26)12 5 12 23 019 9 18 10 1312 = 16 21 1 19 (mod 26)14 5 12 23 3 EOM TMY SVJHill key is matrix k11 k12 k13 k21 k22 k23 k31 k32 k33

Generalize to any size, larger blocks

Matrix must be invertibleHill -- bad matrix23 9 18 10 7 9 = 16 21 1 5 (mod 26)17 5 12 22 023 9 18 10 1 9 = 16 21 1 2 (mod 26)17 5 12 22 3bcd XJRhfa XJR Polyalphabetic CipherSubstitution is made from many alphabet sequences:A set of related monoalphabetic substitution rules is usedA key determines what particular rule is chosen for a given transformation

Polyalphabetic Cipherkey: deceptive deceptive deceptiveplaintext: wearediscoveredsaveyourselfciphertext: ??????????????????????????????

Note: usually key is concatenated with plain text.

key: deceptive wearediscoveredsavplaintext: wearediscoveredsaveyourselfciphertext: ??????????????????????????????

An Example

One-Time PadOne-Time Pad

= 10111101---------------= 00110010 10001111 00110010 = 10111101Key is a random bit sequenceas long as the plaintextEncrypt by bitwise XOR ofplaintext and key:ciphertext = plaintext keyDecrypt by bitwise XOR ofciphertext and key:ciphertext key = (plaintext key) key =plaintext (key key) =plaintext Cipher achieves perfect secrecy if and only if there are as many possible keys as possible plaintexts, andevery key is equally likely (Claude Shannon, 1949)Advantages of One-Time PadEasy to computeEncryption and decryption are the same operationBitwise XOR is very cheap to computeAs secure as theoretically possibleGiven a ciphertext, all plaintexts are equally likely, regardless of attackers computational resourcesif and only if the key sequence is truly randomTrue randomness is expensive to obtain in large quantitiesif and only if each key is as long as the plaintextBut how do the sender and the receiver communicate the key to each other? Where do they store the key?

Problems with One-Time PadKey must be as long as the plaintextImpractical in most realistic scenariosStill used for diplomatic and intelligence trafficDoes not guarantee integrityOne-time pad only guarantees confidentialityAttacker cannot recover plaintext, but can easily change it to something elseInsecure if keys are reusedAttacker can obtain XOR of plaintexts

No Integrity

= 10111101---------------= 00110010 10001111 00110010 = 10111101Key is a random bit sequenceas long as the plaintextEncrypt by bitwise XOR ofplaintext and key:ciphertext = plaintext keyDecrypt by bitwise XOR ofciphertext and key:ciphertext key = (plaintext key) key =plaintext (key key) =plaintext 00Dangers of Reuse

= 00000000---------------= 00110010 00110010 00110010 = 00000000P1C1

= 11111111---------------= 00110010 11001101 P2C2Learn relationship between plaintextsC1C2 = (P1K)(P2K) = (P1P2)(KK) = P1P2Reducing Key SizeWhat to do when it is infeasible to pre-share huge random keys?Use special cryptographic primitives: block ciphers, stream ciphersSingle key can be re-used (with some restrictions)Not as theoretically secure as one-time padPerforming some sort of permutation on the plain text

Transposition TechniquesRail Fence cipherwrite message letters out diagonally over a number of rows then read off cipher row by roweg. If the plain text is meet me after the toga party yields m e m a t r h t g p r y e t e f e t e o a a tciphertextMEMATRHTGPRYETEFETEOAAT

48Example message is: "meet me after the toga party" with a rail fence of depth 2.

An example