Keeping your bits private! Tony C Smith Dept. Computer Science University of Waikato Science of cryptography = Art of keeping secrets

Keeping your bits private!

Tony C Smith

Dept. Computer Science

University of Waikato

Science of cryptography = Art of keeping secrets

terminology

plaintext (the message)

terminology

plaintext

sender (cryptographer)

terminology

plaintext

sender receiver

terminology

plaintext

sender

encrypt

receiver

ciphertext

(transmission)

terminology

plaintext

sender

encrypt decrypt

receiver

ciphertext

plaintext

terminology

is insecure!Transmission medium

terminology

plaintext

sender

encrypt decrypt

receiver

plaintextcryptanalyst

goal: deciphering the ciphertext is ashard as just guessing the plaintext message.

encryption process: transform plaintext into ciphertext

plaintext and ciphertext are in 27 letter English:

26 letters of the alphabet, plus space

also, letters can be treated as numbers:

space is 0A is 1B is 2C is 3

…Z is 26

because we can treat letters as numbers, we can do arithmetic with them:

B + C = E2 + 3 = 5

if the sum of two numbers goes beyond 26 thenwe wrap around back to the beginning of the alphabet

W + H = ? 23 + 8 = 31

Z + E = ?26 + 5 = 31

… same as ...

five letters beyond the end = fifth from start

… so, W + H = E

plaintext

sender

encrypt decrypt

receiver

plaintextcryptanalyst

plaintext

encrypt decrypt

plaintextknows the encryption scheme

key keyguessing the key is as hard as

guessing the message

Caesar Cipher

Used by Julius Caesar to communicate with his army.

Thought to be the first general use of encryption, 75 B.C..

replace each letter with the k-th letter after it in the alphabet

Caesar Cipher

E.g. k = 3

space + 3 = C A + 3 = D B + 3 = E … W + 3 = Z X + 3 = space Y + 3 = A Z + 3 = B

ATTACK AT DAWN … becomes ...

DWWDFNCDWCGDZQciphertext:

plaintext

encrypt decrypt

plaintextknows the encryption scheme

key keyguessing the key is as hard as

guessing the message

Caesar Cipher

Easily attacked!

Simply try every possible value for k … from 1 to 26

Caesar Cipher

Easily attacked!


ciphertext = DWWDFNCDWCGDZQ

Caesar Cipher

Easily attacked!


k = 1 ? CVVCEMBCVBFCYP

DWWDFNCDWCGDZQ

Caesar Cipher

Easily attacked!



k = 2 ? BUUBDLABUAEBXO

DWWDFNCDWCGDZQ

Caesar Cipher

Easily attacked!



k = 2 ? BUUBDLABUAEBXO

k = 3 ? ATTACK AT DAWN

DWWDFNCDWCGDZQ

Keyed Substitution

A more general substitution scheme.

Keyed Substitution


Replaces each letter with another.

Keyed Substitution



Any letter can stand in for any other letter.

Keyed Substitution




Each letter in ciphertext resolves to a unique letter in plaintext.

plaintext: _ABCDEFGHIJKLMNOPQRSTUVWXYZ

Keyed Substitution




Each letter in ciphertext resolves to a unique letter in plaintext.

plaintext: _ABCDEFGHIJKLMNOPQRSTUVWXYZsubstitution: SJKEIOAHWDPMGRNVT_QLZBFYCXU

Keyed Substitution

A random substitution is hard to remember or validate.

Solution? Use a key phrase to set the substitution alphabet.

Write down each unique letter of the key phrase in order, thenappend the rest of the unused letters of the alphabet.

plaintext: _ABCDEFGHIJKLMNOPQRSTUVWXYZsubstitution: THE_QUICKBROWNFXJMPDAGLSVYZ

E.g. key phrase = THE QUICK BROWN FOX JUMPED

Keyed Substitution

Security?Any letter can stand for any other letter. Thus there

are 27! possible different substitutions schema.

27 * 26 * 25 * … * 3 * 2 = 1029

At one permutation tested per second, it would takea million, million, million centuries to test them all.

Seems pretty secure …….. but ...

ciphertext:

WSCZSDZHAKVSHQZAKZKE_ZDXXKZVHZKEXZBSHCQZSDZGSLXZOXZTXXKZEXAJ ZSPJZLSVYXQZOXZXHKJXAKZWSCZCXD XHCZSPJZDJXXZGAHCZ

ciphertext:


letter frequency:

Z 23

ciphertext:


letter frequency:

Z 23

probability in English:

space .20

ciphertext:

WSC SD HAKVSHQ AK KE_ DXXK VH KEX BSHCQ SD GSLX OX TXXK EXAJ SPJ LSVYXQ OX XHKJXAK WSC CXD XHC SPJ DJXX GAHC

letter frequency:

Z 23


space .20

ciphertext:


letter frequency:

Z 23X 16


space .20

ciphertext:


letter frequency:

Z 23X 16


space .20 e .15

ciphertext:

WSC SD HAKVSHQ AK KE_ DeeK VH KEe BSHCQ SD GSLe Oe TeeK EeAJ SPJ LSVYeQ Oe eHKJeAK WSC CeD eHC SPJ DJee GAHC

letter frequency:

Z 23X 16


space .20 e .15

ciphertext:


letter frequency:

Z 23X 16S 10


space .20 e .15

ciphertext:


letter frequency:

Z 23X 16S 10


space .20 e .15 o .09

ciphertext:

WoC oD HAKVoHQ AK KE_ DeeK VH KEe BoHCQ oD GoLe Oe TeeK EeAJ oPJ LoVYeQ Oe eHKJeAK WoC CeD eHC oPJ DJee GAHC

letter frequency:

Z 23X 16S 10


space .20 e .15 o .09

ciphertext:


letter frequency:

Z 23X 16S 10K 8


space .20 e .15 o .09

ciphertext:


letter frequency:

Z 23X 16S 10K 8


space .20 e .15 o .09 t .08

ciphertext:

WoC oD HAtVoHQ At tE_ Deet VH tEe BoHCQ oD GoLe Oe Teet EeAJ oPJ LoVYeQ Oe eHtJeAt WoC CeD eHC oPJ DJee GAHC

letter frequency:

Z 23X 16S 10K 8


space .20 e .15 o .09 t .08

ciphertext:

WoC oD HAtVoHQ At tE_ Deet VH tEe BoHCQ oD GoLe Oe Teet EeAJ oPJ LoVYeQ Oe eHtJeAt WoC CeD eHC oPJ DJee GAHC

letter frequency:

Z 23X 16S 10K 8H 7


space .20 e .15 o .09 t .08

ciphertext:

WoC oD nAtVonQ At tE_ Deet Vn tEe BonCQ oD GoLe Oe Teet EeAJ oPJ LoVYeQ Oe entJeAt WoC CeD enC oPJ DJee GAnC

letter frequency:

Z 23X 16S 10K 8H 7


space .20 e .15 o .09 t .08 n .07

ciphertext:

WoC oD nAtVonQ At tE_ Deet Vn tEe BonCQ oD GoLe Oe Teet EeAJ oPJ LoVYeQ Oe entJeAt WoC CeD enC oPJ DJee GAnC

letter frequency:

Z 23X 16S 10K 8H 7C 6


space .20 e .15 o .09 t .08 n .07

ciphertext:

Wod oD nAtVonQ At tE_ Deet Vn tEe BondQ oD GoLe Oe Teet EeAJ oPJ LoVYeQ Oe entJeAt Wod deD end oPJ DJee GAnd

letter frequency:

Z 23X 16S 10K 8H 7C 6


space .20 e .15 o .09 t .08 n .07 d .06

ciphertext:

Wod oD nAtVonQ At tE_ Deet Vn tEe BondQ oD GoLe Oe Teet EeAJ oPJ LoVYeQ Oe entJeAt Wod deD end oPJ DJee GAnd

ciphertext:

Wod oD nAtVonQ At tE_ Deet Vn tEe BondQ oD GoLe Oe Teet

EeAJ oPJ LoVYeQ Oe entJeAt Wod deDend oPJ DJee GAnd

ciphertext:

Wod oD nAtVonQ At tE_ Deet Vn tEe BondQ oD GoLe Oe Teet

EeAJ oPJ LoVYeQ Oe entJeAt Wod deDend oPJ DJee GAnd

ciphertext:

Wod of nAtVonQ At tE_ feet Vn tEe BondQ of GoLe Oe Teet

EeAJ oPJ LoVYeQ Oe entJeAt Wod defend oPJ fJee GAnd

ciphertext:


EeAJ oPJ LoVYeQ Oe entJeAt Wod defend oPJ fJee GAnd

ciphertext:


EeAr oPr LoVYeQ Oe entreAt Wod defend oPr free GAnd

ciphertext:


EeAr oPr LoVYeQ Oe entreAt Wod defend oPr free GAnd

ciphertext:

Wod of natVonQ at tE_ feet Vn tEe BondQ of GoLe Oe Teet

Eear oPr LoVYeQ Oe entreat Wod defend oPr free Gand

ciphertext:

Wod of natVonQ at tE_ feet Vn tEe BondQ of GoLe Oe Teet

Eear oPr LoVYeQ Oe entreat Wod defend oPr free Gand

ciphertext:

Wod of nations at th_ feet in the Bonds of GoLe Oe Teet

hear oPr LoiYes Oe entreat Wod defend oPr free Gand

ciphertext:

Wod of nations at th_ feet in the Bonds of GoLe Oe Teet

hear oPr LoiYes Oe entreat Wod defend oPr free Gand

ciphertext:

God of nations at th_ feet in the bonds of love we meet

hear our voices we entreat God defend our free land

plaintext:

God of nations at thy feet in the bonds of love we meet

hear our voices we entreat God defend our free land

Strangely enough, it wasn’t until around the time ofQueen Elizabeth I that general substitution codes werefound breakable (1580).

The catalyst was a plot by Queen Mary of Scotland andher loyal friends to depose Elizabeth and seize theEnglish throne. Mary was using a very clever substitutioncode which included “nulls” … irrelevant symbolsintroduced to alter the statistics of English.

The idea that language exhibited conspicuous statisticalregularities was just beginning to be exploited.

The Vigenere Cipher (1600)

One way to alter the statistics of the ciphertext is tochange the substitution code often during encryption.

Instead of using a key phrase to create one substitution,use it to create many substitutions and rotate through themas each letter of the plaintext is encrypted.

The Vigenere Cipher

plaintext: ATTACK AT DAWN

key: ABC

The Vigenere Cipher


key: ABC

ABCABCABCABCAB

The Vigenere Cipher

plaintext: ATTACK AT DAWN +

key: ABC

ABCABCABCABCAB

BVWBENACWAFDXPciphertext:

The Vigenere Cipher


key: ABC

ABCABCABCABCAB


Notice that the same letter can encode differently.

The Vigenere Cipher


key: ABC

ABCABCABCABCAB


While A occurs four times and T three times in themessage, nothing occurs more than twice in the cipher.

Attacking the Vigenere Cipher

ciphertext:

HQGAQIAPDUKROUCBVCUJAAHHFVCJPCUJHADROFVAQIANRWGCXGCNGHUBKFCUAQXSBYPKFFUCXGCFPWSGDUBJPFCEGIFPGAQXSBISGHANDOF


ciphertext:


Guess the length of key phrase and apply a statisticaltest to letters separated by that distance.


ciphertext:



k = 3 ?


ciphertext:



k = 3 ? A occurs 9 times


ciphertext:

HQG QI PDUKROUCBVCUJA HHFVCJPCUJH DROFV QI NRWGCXGCNGHUBKFCU QXSBYPKFFUCXGCFPWSGDUBJPFCEGIFPG QXSBISGH NDOF


k = 3 ? A occurs 9 times = space?


ciphertext:

HQG QI PDUKROUCBVCUJA HHFVCJPCUJH DROFV QI NRWGCXGCNGHUBKFCU QXSBYPKFFUCXGCFPWSGDUBJPFCEGIFPG QXSBISGH NDOF


k = 3 ? A occurs 9 times = space?offset of every third letter is 1?


ciphertext:

gQG QI PDtKRnUCaVCtJA HHeVCiPCtJH DRnFV QI NRvGCwGCmGHtBKeCU QXrBYoKFeUCwGCePWrGDtBJoFCdGIePG QXrBIrGH NDnF


k = 3 ? A occurs 9 times = space?offset of every third letter is 1?

Vernam Cipher (1917)

Solution? make the keyphrase as long as the message!

message: ATTACK AT DAWN

Vernam Cipher


message: ATTACK AT DAWN key: ABCDEFGHIJKLMN

Vernam Cipher



ciphertext: BVWEHQGIBJOMIA

Vernam Cipher




Now any letter can encode as any other letter atany point in the message.

Vernam Cipher





Solving a letter doesn’t help solve any others.

Vernam Cipher





Solving a letter doesn’t help solve any others.

Only provably secure encryption scheme!

Vernam Cipher

Two major problems:

Vernam Cipher

Two major problems:

1. Can’t re-use keys, so how do we make them?(one-time pad)

Vernam Cipher

Two major problems:

1. Can’t re-use keys, so how do we make them?(one-time pad)

2. How do we distribute them?

Digital Vernam Cipher

Solution: generate keys

randomgenerator

message

encoder encoded message


message = ‘V’ = 86 = 01010110

random number = 223 = 11100101

XOR = 10110011

random number = 223 = 11100101

XOR = 01010110 = ‘V’

= cipher


Solution: generate keys

randomgenerator

message

encoder encoded message

Problem: distribute generator for decoding

Public Key encryption

Solution: publish the encryption key

RSA:

1. generate 3 large prime numberss=97 x=47 y=79

which give N = x * y, or N=3713

2. find a unique value, p, satisfying(p*s) mod (x-1)*(y-1) = 1

which, in this case, gives p = 37

RSA:

3. Encrypt a message segment, m, usingmp mod N

e.g. for m = 0120012037 mod 3713 = 1404


4. decrypt the coded segment, c, usingcs mod N

e.g.140497 mod 3713 = 0120

RSA: publish some of the values (p, N)

Anyone wanting to send us a message can useour public key to encrypt it.


We decrypt the message with our secret key, (s, N)

Cracking our code is as hard as deriving s from (p, N)

RSA: how secure is it

Anyone can crack our coded messages bymathematically deriving s from (p, N), which ispossible ….. but …


If N is very large, then finding its factors(i.e. x and y, from which we get p) takes a verylong time … too long to make it worth while.

RSA: one way to crack it

Quantum computers can simultaneously testall possible factors …but …

So far, only 5-qubit quantum machines havebeen achieved … and …

We can use quantum computers to make newencryption schemes.


Instead of encoding the information …

… hide it!

Bury our bits in image files in a way that no one can see them, or in audio files in a way no one can hear them.

Demo in the S Block foyer on state-of-the-art steganography research, by Kathryn Hempstalk

Steganography

Documents

Keeping your bits private! Tony C Smith Dept. Computer Science University of Waikato Science of cryptography = Art of keeping secrets