58
Chapter 3 Evolution of Classical Cryptography Cryptography-Application and Practice Harbin Institute of Technology School of Computer Science and Technology Zhijun Li http://cst.hit.edu.cn/~lizhi jun [email protected]

Chapter 3 Evolution of Classical Cryptography Cryptography-Application and Practice Harbin Institute of Technology School of Computer Science and Technology

Embed Size (px)

Citation preview

Page 1: Chapter 3 Evolution of Classical Cryptography Cryptography-Application and Practice Harbin Institute of Technology School of Computer Science and Technology

Chapter 3 Evolution of Classical Cryptography

Cryptography-Application and PracticeHarbin Institute of TechnologySchool of Computer Science and Technology

Zhijun Lihttp://cst.hit.edu.cn/~lizhijun

[email protected]

Page 2: Chapter 3 Evolution of Classical Cryptography Cryptography-Application and Practice Harbin Institute of Technology School of Computer Science and Technology

Zhijun Li S1034040/Autumn08/HIT 2

Outline

• Symmetric Cipher

• Substitution Ciphers– Monoalphabetic Substitution Ciphers– Polyalphabetic Substitution Ciphers– Polygraphic Substitution Ciphers

• Transposition Ciphers

Page 3: Chapter 3 Evolution of Classical Cryptography Cryptography-Application and Practice Harbin Institute of Technology School of Computer Science and Technology

Zhijun Li S1034040/Autumn08/HIT 3

MessageSource

EncryptionAlgorithm

DecryptionAlgorithm

Secure Channel

CRYPTANALYST

P CP

K

InsecureChannel

C

Key Generator

Alice Bob

Oscar

Model of Symmetric Cipher

Page 4: Chapter 3 Evolution of Classical Cryptography Cryptography-Application and Practice Harbin Institute of Technology School of Computer Science and Technology

Zhijun Li S1034040/Autumn08/HIT 4

Formal Description

• A Cipher is (K,P,C, E, D)– c=EK(p)

– p=DK(c)

– Use the same key K to encrypt and decrypt– So symmetric encryption

– K must be secret, why?

Page 5: Chapter 3 Evolution of Classical Cryptography Cryptography-Application and Practice Harbin Institute of Technology School of Computer Science and Technology

Zhijun Li S1034040/Autumn08/HIT 5

Math in Classical Ciphers

• Typical transforms – Substitution

• Substitute x by y if x present• Example: axxbcx ayybcy

– Permutation (Transposition) • Transposes the alpha at position I by J • Example: ababc cabab

Page 6: Chapter 3 Evolution of Classical Cryptography Cryptography-Application and Practice Harbin Institute of Technology School of Computer Science and Technology

Zhijun Li S1034040/Autumn08/HIT 6

Outline

• Symmetric Cipher

• Substitution Ciphers– Monoalphabetic Substitution Ciphers– Polyalphabetic Substitution Ciphers– Polygraphic Substitution Ciphers

• Transposition Ciphers

Page 7: Chapter 3 Evolution of Classical Cryptography Cryptography-Application and Practice Harbin Institute of Technology School of Computer Science and Technology

Zhijun Li S1034040/Autumn08/HIT 7

Example: Caesar Cipher

meet me after the toga party

PHHW PH DIWHU WKH WRJD SDUWB

mnop

Replaces each letter by 3rd letter further down the alphabet

Encryption algorithm

Y= EK(X)=(X+3) mod 26

Page 8: Chapter 3 Evolution of Classical Cryptography Cryptography-Application and Practice Harbin Institute of Technology School of Computer Science and Technology

Zhijun Li S1034040/Autumn08/HIT 8

Shift Cipher: Definition

• Associate numbers with the alphabet A B C D E F G H I J K L M N O P Q R S T U V W X Y Z 0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25

={A, B, C, …, Z}=Z26

• K= Z26 • P=C=+

• Encrypt a message m ci=ek(mi)=(mi+k) mod 26• Decrypt a ciphertext c mi=dk(ci)=(ci-k) mod 26

Page 9: Chapter 3 Evolution of Classical Cryptography Cryptography-Application and Practice Harbin Institute of Technology School of Computer Science and Technology

Zhijun Li S1034040/Autumn08/HIT 9

Shift Cipher: Cryptanalysis

• Search the key space - brute force• |K|=26

LIZHZLVKWRUHSODFHOHWWHUV Ciphertext KHYGYKUJVQTGRNCEGNGVVGTU try shift of 1 JGXFXJTIUPSFQMBDFMFUUFST try shift of 2 IFW

EWISHTOREPLACELETTERS try shift of 3 *** Plaintext HEVDVHRGSNQDOKZBDKDSSDQR try shift of 4 GD

UCUGQFRMPCNJYACJCRRCPQ try shift of 5 ..... MJAIAMWLXSVITPEGIPIXXIVW try shift of 25

Page 10: Chapter 3 Evolution of Classical Cryptography Cryptography-Application and Practice Harbin Institute of Technology School of Computer Science and Technology

Zhijun Li S1034040/Autumn08/HIT 10

Why Brute Force Can?

• |K| is too small– For brute force attack (alphabet of size n)– complexity (n-1)/2 in average case– complexity (n-1) in worst-case

• Lessons Learnt– Larger the key space

Page 11: Chapter 3 Evolution of Classical Cryptography Cryptography-Application and Practice Harbin Institute of Technology School of Computer Science and Technology

Zhijun Li S1034040/Autumn08/HIT 11

Affine Cipher

• An extension of the shift cipher

p=am+b mod m

a and b define the key

• Example:

What’s wrong with this?

ax1+bax2+b mod n

Page 12: Chapter 3 Evolution of Classical Cryptography Cryptography-Application and Practice Harbin Institute of Technology School of Computer Science and Technology

Zhijun Li S1034040/Autumn08/HIT 12

Affine Cipher: Definition

• Message Space: P=Zn

• Cryptogram Space: C=Zn

• Key Space: K={(a,b)ZnXZn| gcd(a,n)=1}

• Encryption: ek(m)=am+b (mod n)

• Decryption: dk(c)=(c-b)a-1 (mod n)

Page 13: Chapter 3 Evolution of Classical Cryptography Cryptography-Application and Practice Harbin Institute of Technology School of Computer Science and Technology

Zhijun Li S1034040/Autumn08/HIT 13

Affine Cipher: Cryptanalysis

• Brute force attack– |K|=mX(m) for Zm

– |K|=312 for Z26 it is feasible

– for Z100

(100)=80 and |K|=8000 • Computing by hand? • Computing by computer!

Page 14: Chapter 3 Evolution of Classical Cryptography Cryptography-Application and Practice Harbin Institute of Technology School of Computer Science and Technology

Zhijun Li S1034040/Autumn08/HIT 14

Monoalphabetic Substitution

• The key space: All permutations in • Encryption given a key :

– each letter m in the plaintext P is replaced with (m)• Decryption given a key -1:

– each letter c in the cipherext C is replaced with -1(c)

• Example: A B C D E F G H I J K L M N O P Q R S T U V W X Y Z = B A D C Z H W Y G O Q X S V T R N M S K J I P F E U

BECAUSE → AZDBJSZ

Page 15: Chapter 3 Evolution of Classical Cryptography Cryptography-Application and Practice Harbin Institute of Technology School of Computer Science and Technology

Zhijun Li S1034040/Autumn08/HIT 15

• Exhaustive search is infeasible– key space size is 26! 4×1026

– If every person on earth tried one per second, it would take 91 years

• Frequency statistical analysis– Each language has certain features: frequency of

letters, or of groups of two or more letters– Substitution ciphers preserve the language features– So vulnerable to frequency analysis attacks

Strength of Substitution Cipher

Page 16: Chapter 3 Evolution of Classical Cryptography Cryptography-Application and Practice Harbin Institute of Technology School of Computer Science and Technology

Zhijun Li S1034040/Autumn08/HIT 16

Frequency of English Letters

Page 17: Chapter 3 Evolution of Classical Cryptography Cryptography-Application and Practice Harbin Institute of Technology School of Computer Science and Technology

Zhijun Li S1034040/Autumn08/HIT 17

Other Frequency Features

• EN is the most common two-letter combination, followed by RE, ER, and NT

• The letter A is often found in the beginning of a word or second from last.

• The letter Q is followed only by U

• And more …

• English: about 1.3 bits of information per letter • Compress English with gzip – about 1:6

Page 18: Chapter 3 Evolution of Classical Cryptography Cryptography-Application and Practice Harbin Institute of Technology School of Computer Science and Technology

Zhijun Li S1034040/Autumn08/HIT 18

A Cryptanalysis Example

• Ciphertext:

“XBW HGQW XS ACFPSUWG FWPGWXF CF AWWKZV CDQGJCDWA CD BHYJD DJXHGW; WUWD XBW ZWJFX PHGCSHF YCDA CF GSHFWA LV XBW KGSYCFW SI FBJGCDQ RDSOZWAQW OCXBBWZA IGSY SXBWGF.”

Page 19: Chapter 3 Evolution of Classical Cryptography Cryptography-Application and Practice Harbin Institute of Technology School of Computer Science and Technology

Zhijun Li S1034040/Autumn08/HIT 19

Frequency Analysis

“XBW HGQW XS ACFPSUWG FWPGWXF CF AWWKZV CDQGJCDWA CD BHYJD DJXHGW; WUWD XBW ZWJFX PHGCSHF YCDA CF GSHFWA LV XBW KGSYCFW SI FBJGCDQ RDSOZWAQW OCXBBWZA IGSY SXBWGF.”

W: 20 “Normal” English:C: 11 e 12%F: 11 t 9%

G: 11 a 8%

Page 20: Chapter 3 Evolution of Classical Cryptography Cryptography-Application and Practice Harbin Institute of Technology School of Computer Science and Technology

Zhijun Li S1034040/Autumn08/HIT 20

Pattern Analysis

“XBe HGQe XS ACFPSUeG FePGeXF CF AeeKZV CDQGJCDeA CD BHYJD DJXHGe; eUeD XBe ZeJFX PHGCSHF YCDA CF GSHFeA LV XBe KGSYCFe SI FBJGCDQ RDSOZeAQe OCXBBeZA IGSY SXBeGF.”

XBe = “the”Most common trigrams in English:

the = 6.4%and = 3.4%

Page 21: Chapter 3 Evolution of Classical Cryptography Cryptography-Application and Practice Harbin Institute of Technology School of Computer Science and Technology

Zhijun Li S1034040/Autumn08/HIT 21

Guessing

“the HGQe tS ACFPSUeG FePGetF CF AeeKZV CDQGJCDeA CD hHYJD DJtHGe; eUeD the ZeJFt PHGCSHF YCDA CF GSHFeA LV the KGSYCFe SI FhJGCDQ RDSOZeAQe OCthheZA IGSY Sthe

GF.”

S = “o”

Page 22: Chapter 3 Evolution of Classical Cryptography Cryptography-Application and Practice Harbin Institute of Technology School of Computer Science and Technology

Zhijun Li S1034040/Autumn08/HIT 22

Guessing

“the HGQe to ACFPoUeG FePGetF CF AeeKZV CDQGJCDeA CD hHYJD DJtHGe; eUeD the ZeJFt PHGCoHF YCDA CF GoHFeA LV the KGoYCFe oI FhJGCDQ RDoOZeAQe OCthheZA IGoY otheGF.”

otheGF = “others”

Page 23: Chapter 3 Evolution of Classical Cryptography Cryptography-Application and Practice Harbin Institute of Technology School of Computer Science and Technology

Zhijun Li S1034040/Autumn08/HIT 23

Guessing

“the HrQe to ACsPoUer sePrets Cs AeeKZV CDQrJCDeA CD hHYJD DJtHre; eUeD the ZeJst PHrCoHs YCDA Cs roHseA LV the KroYCse oI shJrCDQ RDoOZeAQe OCthheZA IroY others.”

“sePrets” = “secrets”

Page 24: Chapter 3 Evolution of Classical Cryptography Cryptography-Application and Practice Harbin Institute of Technology School of Computer Science and Technology

Zhijun Li S1034040/Autumn08/HIT 24

Plaintext

“The urge to discover secrets is deeply ingrained in human nature; even the least curious mind is roused by the promise of sharing knowledge withheld from others.”

- John Chadwick

Page 25: Chapter 3 Evolution of Classical Cryptography Cryptography-Application and Practice Harbin Institute of Technology School of Computer Science and Technology

Zhijun Li S1034040/Autumn08/HIT 25

• Polyalphbetic substitution cipher – The letter list is substituted by substitution list

– f=(f1,f2,…), x=x1x2…, c=ek(x)=f(x)=f1(x1)f2(x2)…

– Vigenère cipher

• Ploygram substitution cipher– Multiple letters of plaintext substitute at the same time

– f:mm, c=ek(x)=f(x1x2…xm)f(xm+1xm+2…x2m)…

– Hill cipher

Ways to Improve the Security

Page 26: Chapter 3 Evolution of Classical Cryptography Cryptography-Application and Practice Harbin Institute of Technology School of Computer Science and Technology

Zhijun Li S1034040/Autumn08/HIT 26

Outline

• Symmetric Cipher

• Substitution Ciphers– Monoalphabetic Substitution Ciphers– Polyalphabetic Substitution Ciphers– Polygraphic Substitution Ciphers

• Transposition Ciphers

Page 27: Chapter 3 Evolution of Classical Cryptography Cryptography-Application and Practice Harbin Institute of Technology School of Computer Science and Technology

Zhijun Li S1034040/Autumn08/HIT 27

Vigenère Cipher: Example

• Encrypt the message

INDIVIDUAL CHARACTER

with the key HOST

m = INDI VIDU ALCH ARAC TER

k = HOST HOST HOST HOST HOS

Ek(m)=PBVB CWVN HZUA HFSV ASJ

Page 28: Chapter 3 Evolution of Classical Cryptography Cryptography-Application and Practice Harbin Institute of Technology School of Computer Science and Technology

Zhijun Li S1034040/Autumn08/HIT 28

Vigenère Cipher: Definition

• P = C = K = (Zm)n

• K = (k1, k2, k3, …kn)

• eK(x1, x2,…xn) = (x1+k1,x2+k2,…,xn+kn) mod 26

• dK(y1, y2,…yn) = (y1 -k1,y2 -k2,…,yn -kn) mod 26

• Remark:– |K| = mn

– Vigenere can mask the frequency– Vigenere cipher is a collection of substitution ciphers!

Page 29: Chapter 3 Evolution of Classical Cryptography Cryptography-Application and Practice Harbin Institute of Technology School of Computer Science and Technology

Zhijun Li S1034040/Autumn08/HIT 29

C1 = c1cm+1c2m+1…

C2 = c2cm+2c2m+2…

Cm = cmc2mc3m…

For k1

Attack each shift cipher

For k2

For km

Vigenère Cipher: Cryptanalysis

Page 30: Chapter 3 Evolution of Classical Cryptography Cryptography-Application and Practice Harbin Institute of Technology School of Computer Science and Technology

Zhijun Li S1034040/Autumn08/HIT 30

key: deceptivedeceptivedeceptive

plaintext: wearediscoveredsaveyourself

ciphertext:ZICVTWQNGRZGVTWAVZHCQYGLMGJ

Guess key length

Vigenère Cipher: Cryptanalysis

• Find the length of key

• Ways:– Kasisky test– Index of coincidence

Page 31: Chapter 3 Evolution of Classical Cryptography Cryptography-Application and Practice Harbin Institute of Technology School of Computer Science and Technology

Zhijun Li S1034040/Autumn08/HIT 31

Kasisky Test

• Note: two identical segments of plaintext will be encrypted to the same ciphertext

• if they occur at the distance ∆ and ∆≡0 (mod m), m is the key length

• Algorithm:– Search for pairs of identical segments of length at lea

st 3– Record distances between the two segments: ∆1, ∆2,

…– m divides gcd(∆1, ∆2, …)

Page 32: Chapter 3 Evolution of Classical Cryptography Cryptography-Application and Practice Harbin Institute of Technology School of Computer Science and Technology

Zhijun Li S1034040/Autumn08/HIT 32

Index of Coincidence

• Definition:

A string x = x1x2 . . . xn

The Ic(x), index of coincidence of x is the probability that two random elements of x are identical:

Ic(x)=xi,xjx Pr(xi=xj)

Page 33: Chapter 3 Evolution of Classical Cryptography Cryptography-Application and Practice Harbin Institute of Technology School of Computer Science and Technology

Zhijun Li S1034040/Autumn08/HIT 33

Computing the Ic(x)

• Suppose the frequencies of A, B, C, . . . , Z in x i

s f0, f1, . . . , f25

Ic(x) = i=025Cfi

2/Cn2

= i=025fi(fi-1)/n(n-1)

i=025(fi/n)2

Page 34: Chapter 3 Evolution of Classical Cryptography Cryptography-Application and Practice Harbin Institute of Technology School of Computer Science and Technology

Zhijun Li S1034040/Autumn08/HIT 34

Ic(x) for Cryptanalysis

• For English

Ic(x) i=025(fi/n)2

i=025(pi)2 0.065

• For Random

Ic(x) i=025(fi/n)2

26/262=0.038

• Note:– More random of x, more less Ic(x)– Random means the less bias in distribution

Page 35: Chapter 3 Evolution of Classical Cryptography Cryptography-Application and Practice Harbin Institute of Technology School of Computer Science and Technology

Zhijun Li S1034040/Autumn08/HIT 35

C1 = c1cm+1c2m+1…

C2 = c2cm+2c2m+2…

Cm = cmc2mc3m…

If m is the key length, then the text ``looks like’’ English text:

Ic(yi)=0.065

If m is not the key length, the text ``looks like’’ random text:

Ic(yi)=0.038

Find the Key Length of Vigenère

Page 36: Chapter 3 Evolution of Classical Cryptography Cryptography-Application and Practice Harbin Institute of Technology School of Computer Science and Technology

Zhijun Li S1034040/Autumn08/HIT 36

key: deceptivewearediscoveredsavplaintext: wearediscoveredsaveyourselfciphertext:ZICVTWQNGKZEIIGASXSTSLVVWLA

Random key stream

Vigenère Cipher: Improvement

• Avoid repetition of key– Autokey system

Page 37: Chapter 3 Evolution of Classical Cryptography Cryptography-Application and Practice Harbin Institute of Technology School of Computer Science and Technology

Zhijun Li S1034040/Autumn08/HIT 37

One-Time Pad

• Use a random key stream K that was truly as long as the message

• Encryption: P = C = K = Z2n

Ci = Pi Ki

• Why One-Time?– For KPA: Very easy to Know K

– Ki= PiCi

Page 38: Chapter 3 Evolution of Classical Cryptography Cryptography-Application and Practice Harbin Institute of Technology School of Computer Science and Technology

Zhijun Li S1034040/Autumn08/HIT 38

OTP: Security Analysis

• Model: Complexity or Information

Pr(M|C) =? Pr(M)

• Theorem: OTP is Unconditional Security• Proof: P=C=K= {0,1}n, key is chosen randomly, and for

any probability of the plaintext:

Pr [P=m|C=c] = Pr[P=m,C=c]/Pr[C=c]

= Pr[P=m]Pr[C=c|P=m]/m’M(Pr[P=m’]Pr[C=c|P=m’])

= Pr[P=m]1/2n/m’M(Pr[P=m’]1/2n)

= Pr[P=m]/m’M(Pr[P=m’]) = Pr[P=m]

Page 39: Chapter 3 Evolution of Classical Cryptography Cryptography-Application and Practice Harbin Institute of Technology School of Computer Science and Technology

Zhijun Li S1034040/Autumn08/HIT 39

OTP: Practicability

• One-Time – known-plaintext attacks– x x’ = y y’

• Long Key

– As long as messages

• So NOT usable in commercial situation • BUT usable in military situation

Page 40: Chapter 3 Evolution of Classical Cryptography Cryptography-Application and Practice Harbin Institute of Technology School of Computer Science and Technology

Zhijun Li S1034040/Autumn08/HIT 40

OTP: Rotor Machine

• Rotor Machine: multiple rounds of substitution– Multiple cylinders, each cylinder has 26 states– Each state is a substitution cipher– A m-cylinder has 26m substitution ciphers

• 263 = 17576• 264 = 456,976• 265 = 11,881,376

Page 41: Chapter 3 Evolution of Classical Cryptography Cryptography-Application and Practice Harbin Institute of Technology School of Computer Science and Technology

Zhijun Li S1034040/Autumn08/HIT 41

Enigma Machine

• Use 3 scramblers:– 263=17576 substitutions

• Scramblers can be in any order:– 3!=6 combinations

• Plug board: – 6 pairs of letters are swapped

– 26!/(14!6!64)1011

• Total number of keys1016

Page 42: Chapter 3 Evolution of Classical Cryptography Cryptography-Application and Practice Harbin Institute of Technology School of Computer Science and Technology

Zhijun Li S1034040/Autumn08/HIT 42

• How to use: – Sender and receiver set up the machine the same

way• Plugboard setting• Scrambler arrangement• Scrambler starting position

• History:– Patented by Scherius in 1918– Widely used by the Germans from 1926– First successfully broken by Polish’s in the thirties – Broken by the UK intelligence during the WW II

Enigma Machine: Remark

Page 43: Chapter 3 Evolution of Classical Cryptography Cryptography-Application and Practice Harbin Institute of Technology School of Computer Science and Technology

Zhijun Li S1034040/Autumn08/HIT 43

Outline

• Symmetric Cipher

• Substitution Ciphers– Monoalphabetic Substitution Ciphers– Polyalphabetic Substitution Ciphers– Polygraphic Substitution Ciphers

• Transposition Ciphers

Page 44: Chapter 3 Evolution of Classical Cryptography Cryptography-Application and Practice Harbin Institute of Technology School of Computer Science and Technology

Zhijun Li S1034040/Autumn08/HIT 44

• Key Matrix– 2x2 key matrix: hide single-letter freq.– 3x3 key matrix: hide single-letter and digram freq.– …

44434241

34333231

24232221

14131211

43214321

kkkk

kkkk

kkkk

kkkk

mmmmcccc

Key Matrix

Hill Cipher

Page 45: Chapter 3 Evolution of Classical Cryptography Cryptography-Application and Practice Harbin Institute of Technology School of Computer Science and Technology

Zhijun Li S1034040/Autumn08/HIT 45

Hill Cipher : Definition

• P = C = (Zm)n

• K = {all n n invertible matrices over Zm}

• Encryption: ek(m) = m k mod m• Decryption: dk(c) = c k-1 mod m

• Example:

0983

4851732263234321

mod 13 = 7 10 10 5

Page 46: Chapter 3 Evolution of Classical Cryptography Cryptography-Application and Practice Harbin Institute of Technology School of Computer Science and Technology

Zhijun Li S1034040/Autumn08/HIT 46

Hill Cipher: Cryptanalysis

• Difficult to break under OCA

• Easy to break under KPA– Know the n (the size of the key matrix)

• Can find the K easily • Lots of c=mK C=MK K=CM-1

• S(n) = O(n2)

– n is unknown • How to find n?

Page 47: Chapter 3 Evolution of Classical Cryptography Cryptography-Application and Practice Harbin Institute of Technology School of Computer Science and Technology

Zhijun Li S1034040/Autumn08/HIT 47

Ciphers: Frequency Features

Page 48: Chapter 3 Evolution of Classical Cryptography Cryptography-Application and Practice Harbin Institute of Technology School of Computer Science and Technology

Zhijun Li S1034040/Autumn08/HIT 48

Outline

• Symmetric Cipher

• Substitution Ciphers– Monoalphabetic Substitution Ciphers– Polyalphabetic Substitution Ciphers– Polygraphic Substitution Ciphers

• Transposition Ciphers

Page 49: Chapter 3 Evolution of Classical Cryptography Cryptography-Application and Practice Harbin Institute of Technology School of Computer Science and Technology

Zhijun Li S1034040/Autumn08/HIT 49

x 1 2 3 4 5

(x) 3 2 5 1 4

x 1 2 3 4 5

-1(x) ? ? ? ? ?

Permutation Cipher

• Encryption: permutation on the plaintext letters

• Example: transpositionciphers NRTSAIOPTSCONIINRHPSE• Decryption?

Page 50: Chapter 3 Evolution of Classical Cryptography Cryptography-Application and Practice Harbin Institute of Technology School of Computer Science and Technology

Zhijun Li S1034040/Autumn08/HIT 50

• P = C = (Zm)n

• K = { | a permutation of {1, 2, ….n}}

e (x1, x2,…xn) = (x (1), x (2),…x (n))

d (x1, x2,…xn) = (x -1(1), x -1(2),…x -1(n))

• Remark:– Hide the meaning by rearranging the letter order– Single-letter distribution in plaintext is useless!– BUT there are other features in the plaintext!

Permutation Cipher: Definition

Page 51: Chapter 3 Evolution of Classical Cryptography Cryptography-Application and Practice Harbin Institute of Technology School of Computer Science and Technology

Zhijun Li S1034040/Autumn08/HIT 51

Permutation Cipher Cryptanalysis

• Features of English– Frequent (scarce) patterns

• Such as th, ch …

– Pilot letters (can be followed limited letters)• Such as q is always followed by u• j can only followed by a vowel …

– Others …

• Example: P U 33J U 25A F 38O I 42E R 94G R42

P A 61J U 25A R 82O A 48E E 81G E 61

274 358rankMore Preferable

Page 52: Chapter 3 Evolution of Classical Cryptography Cryptography-Application and Practice Harbin Institute of Technology School of Computer Science and Technology

Zhijun Li S1034040/Autumn08/HIT 52

Some Transposition Ciphers

Formal definition of the ciphers?Cryptanalysis?

IC A M

E I S A W

= ECIIA SMAW

• Rail Fence Cipher– Example: E( I A E S W

C M I A ) = IAESW CMIA

• Triangle Transposition Cipher– Example:

• Scytale Cipher

Page 53: Chapter 3 Evolution of Classical Cryptography Cryptography-Application and Practice Harbin Institute of Technology School of Computer Science and Technology

Zhijun Li S1034040/Autumn08/HIT 53

• Encrypt: CRYPTANALYST 1 2 3 4 (coat) C R Y P T A N A L Y S T• Read by column 2,3,1,4 RAYYNSCTLPAT

• Decrypt: RAYYNSCTLPAT 1 2 3 4 C R Y P T A N A L Y S T• Read by row CRYPTANALYST

Block Transposition Cipher

Page 54: Chapter 3 Evolution of Classical Cryptography Cryptography-Application and Practice Harbin Institute of Technology School of Computer Science and Technology

Zhijun Li S1034040/Autumn08/HIT 54

Block Transposition Cryptanalysis

• Step 1: Find possible block sizes – A full rectangle: factoring

• Example: 153 = 3 51, 51 3, 17 9, 9 17

– Only the last line is fragmentary: fill and factoring• n-m < ml < n

• Step 2: Determining the correct rectangle– The feature of the correct rectangle

• Each line represents a line of standard English• A line of English consist of about 40% vowels

• Step 3: Break the permutation cipher

Page 55: Chapter 3 Evolution of Classical Cryptography Cryptography-Application and Practice Harbin Institute of Technology School of Computer Science and Technology

Zhijun Li S1034040/Autumn08/HIT 55

Initial plaintext: 01 02 03 04 05 06 07 08 09 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28

1st transposition: 03 10 17 24 04 11 18 25 02 09 16 23 01 08 15 22 05 12 19 26 06 13 20 27 07 14 21 28

2nd transposition: 17 09 05 27 24 16 12 07 10 02 22 20 03 25 15 13 04 23 19 14 11 01 26 21 18 08 06 28

Double Block Transposition

• Re-encryption using same block transposition– Example:

• Why more secure?

Page 56: Chapter 3 Evolution of Classical Cryptography Cryptography-Application and Practice Harbin Institute of Technology School of Computer Science and Technology

Zhijun Li S1034040/Autumn08/HIT 56

Introduction of Product Cipher

• Combine two transforms– Combine two same operators (iteration)

• Example: two permutation ciphers (1 2)

– Let the period of 1 is n1, the period of 2 is n2

– If n1=n2, then 1 2 = ?

– If n1|n2, then 1 2 = ?

– If gcd(n1, n2) = 1, then 1 2 = ?

– Combine two different operators• Example: Affine = Shift Hill (n=1)• Example: Substation Transposition

Page 57: Chapter 3 Evolution of Classical Cryptography Cryptography-Application and Practice Harbin Institute of Technology School of Computer Science and Technology

Zhijun Li S1034040/Autumn08/HIT 57

Summary

• Ciphers can be characterized by:– Number of keys used

• asymmetric or private / symmetric or public

• Classical Ciphers are asymmetric ciphers– Math transformations– Substitution

• Monoalphabetic / Polyalphabetic Substitution • Polygraphic Substitution

– Transpositions• Permutation / Block transpositions

– Product

Page 58: Chapter 3 Evolution of Classical Cryptography Cryptography-Application and Practice Harbin Institute of Technology School of Computer Science and Technology

Zhijun Li S1034040/Autumn08/HIT 58

Homework

• HTTP URL http://cst.hit.edu.cn/cryptography/

• Due Date