Escolar Documentos
Profissional Documentos
Cultura Documentos
1
Encryption Algorithms
Symmetric
o Key at the sender side is same as receiver side
o Key is called secret key
Asymmetric
o Sender and receiver have different keys, called
private keys
o Public key is derived from private key
o Public key is sent on the channel
o Hence secrecy of key is maintained
2
Simplified Model of Symmetric Encryption
3
Simplified Model of Symmetric Encryption
4
Simplified Model of Symmetric Encryption
5
Simplified Model of Symmetric Encryption
6
Some Basic Terminology
Plaintext - original message
Ciphertext - enciphered message
Cipher - algorithm for transforming plaintext to
ciphertext
Secret key - information used to encrypt and decrypt
Encipher (encryption) - convert plaintext to ciphertext
Decipher (decryption) - recover plaintext from
ciphertext
Cryptography Area of encryption schemes
Cryptanalysis (code breaking) - Methods of
deciphering ciphertext without knowledge of key
Cryptology - Field of cryptography and cryptanalysis
7
Model of Symmetric Cryptosystem
Cryptanalyst X
K
X
Message X Encryption Decryption
Destination
source Algorithm Y=E(K,X) Algorithm
Secure
channel
K
Key
source
8
Model of Symmetric Cryptosystem
Cryptanalyst X
K
X
Message X Encryption Decryption
Destination
source Algorithm Y=E(K,X) Algorithm
Secure
channel
K
Key
source
9
Model of Symmetric Cryptosystem
Cryptanalyst X
K
X
Message X Encryption Decryption
Destination
source Algorithm Y=E(K,X) Algorithm
Secure
channel
K
Key
source
10
Cryptanalysis
Try to recover key and or message
general approaches
cryptanalytic attack-
knowledge of algorithm
general characteristics of the plain text
sample plaintext-ciphertext pairs
brute-force attack-
every possible key on ciphertext to extract
plaintext
generally, half of all possible keys are required
11
Brute Force Search
try every key
proportional to key size
Key Size (bits) Number of Alternative Time required at 1 Time required at 106
Keys decryption/s decryptions/s
32 232 = 4.3 109 231 s = 35.8 minutes 2.15 milliseconds
56 256 = 7.2 1016 255 s = 1142 years 10.01 hours
128 2128 = 3.4 1038 2127 s = 5.4 1024 years 5.4 1018 years
168 2168 = 3.7 1050 2167 s = 5.9 1036 years 5.9 1030 years
26 characters 26! = 4 1026 2 1026 s = 6.4 1012 years 6.4 106 years
(permutation)
Key Size (bits) Number of Alternative Time required at 1 Time required at 106
Keys decryption/s decryptions/s
32 232 = 4.3 109 231 s = 35.8 minutes 2.15 milliseconds
56 256 = 7.2 1016 255 s = 1142 years 10.01 hours
128 2128 = 3.4 1038 2127 s = 5.4 1024 years 5.4 1018 years
168 2168 = 3.7 1050 2167 s = 5.9 1036 years 5.9 1030 years
26 characters 26! = 4 1026 2 1026 s = 6.4 1012 years 6.4 106 years
(permutation)
Key Size (bits) Number of Alternative Time required at 1 Time required at 106
Keys decryption/s decryptions/s
32 232 = 4.3 109 231 s = 35.8 minutes 2.15 milliseconds
56 256 = 7.2 1016 255 s = 1142 years 10.01 hours
128 2128 = 3.4 1038 2127 s = 5.4 1024 years 5.4 1018 years
168 2168 = 3.7 1050 2167 s = 5.9 1036 years 5.9 1030 years
26 characters 26! = 4 1026 2 1026 s = 6.4 1012 years 6.4 106 years
(permutation)
substitution
transposition
product
15
Symmetric Encryption
Transposition cipher
o Arrangement of bits without changing the value
o For n bit cipher n! rearrangements are possible
o Required number of key bits = ceil(log2(n!))
o For n=3, n!=6 and key size is = 3
o For 6 possible transpositions we are using 3 bit key
o Therefore out of 8 possible keys only 6 are used
Substitution cipher
o Substitutes the bits with another bits
o Number of possible substitutions is 2n
o Number of possible substitution arrangements is 2n!
o Number of key bits = log2(2n!)
o For n=3, 2n! =40320 and key size is = 16
o Therefore out of 216=65536 possible keys only 40320 are used
o Lot of unused keys 16
Substitution Ciphers
17
Types of Substitution Cipher
o Caesar
o Playfair
o Hill
o Vigenere
o Vernam
o One-Time Pad
18
Caesar Cipher
Replaces each letter by 3rd letter after the current letter
in sequence
Define transformation as:
Plaintext: a b c d e f g h i j k l m n o p q r s t u v w x y z
Ciphertext: D E F G H I J K L M N O P Q R S T U V W X Y Z A
BC
example:
Plain: caesar cipher
Cipher: FDHVDU FLSKHU
19
Caesar Cipher
Mathematically each letter is given a number
a b c d e f g h i j k l m n o p q r s t u v w x y z
0 1 2 3 4 5 6 7 8 9 10 11 12 1 1 1 1 1 1 1 2 2 2 2 2 2
3 4 5 6 7 8 9 0 1 2 3 4 5
0 1 2 3 4 5 6 7 8 9 10 11 12 1 1 1 1 1 1 1 2 2 2 2 2 2
3 4 5 6 7 8 9 0 1 2 3 4 5
Not secure
Algorithm is known
26 possible ciphers
22
Multiplicative Ciphers
C= (P K) mod 26
P = (C K-1) mod 26
P= home, K = 7
C= (7x7)mod 26, (14x7)mod26, (12x7)mod26 ,
(4x7) mod26
= 23, 20, 6, 2
= XUGC
23
Affine Cipher
C = ((P x k1) + k2 ) mod 26
P = ((C- k2) x k1-1 ) mod 26
24
Affine Cipher
25
Monoalphabetic substitution Cipher
Key table
a b c d e f g h i j k l m n o p q r s t u v w x y z
N O A T R B E C F U X D Q G Y L K H V I J M P Z S W
Example
Plain : wish
Cipher: PFVC
A total of 26! = 4 x 1026 possible keys for monoalphabetic
General Caesar has 26 possible keys
Therefore security of monoalphabetic is better than
additive cipher
26
Monoalphabetic Cipher Security
It is not completely secure
Statistical attack based on the frequency of characters
can be used
If cryptanalyst knows language, regularities in language
and nature of plain text
Then it is possible to predict plaintext
Each letter is encrypted to the same letter even if that
letter repeats in the plaintext
Ex: Therefore ICRHRBYHR
Frequency of e is 3 in plaintext and R is 3 in ciphertext
Monoalphabetic cipher does not change the frequency
of characters in ciphertext
Therefore vulnerable to statistical attack
27
English Letter Frequencies
28
Language Redundancy and
Cryptanalysis
29
Letter frequency for Cryptanalysis
a b c d e f g h i j k l m n o p q r s t u v w x y z
N O A T R B E C F U X D Q G Y L K H V I J M P Z S W
30
Example Cryptanalysis
given ciphertext:
UZQSOVUOHXMOPVGPOZPEVSGZWSZOPFPESXUDBMETSXAIZ
VUEPHZHMDZSHZOWSFPAPPDTSVPQUZWYMXUZUHSX
EPYEPOPDZSZUFPOMBZWPFUPZHMDJUDTMOHMQ
count relative letter frequencies
P & Z are e and t
ZW is th and hence ZWP is the
proceeding with trial and error finally get
it was disclosed yesterday that several informal but
direct contacts have been made with political
representatives of the viet cong in moscow
31
Attacks on Additive Cipher
Ciphertext only
Apply Bruteforce method
Do a frequency count for letters like, e, t
Known plaintext
If one plaintext letter and corresponding
ciphertext then key can be deduced
Ex: t (=19) D(=3) then
k=(3-19) mod 26= -16=10
Chosen plaintext
ciphertext gives the key for the chosen plaintext
Chosen ciphertext
plaintext gives the key for the chosen ciphertext
Therefore large number of keys in a monoalphabetic
cipher do not provide security 32
Playfair Cipher
Monoalphabetic cipher
Encrypt multiple (two) letters called digram at once
Provides better security
33
Playfair Key Matrix
Keyword is MONARCHY
M O N A R
C H Y
34
Playfair Key Matrix
Keyword is MONARCHY
M O N A R
C H Y B
35
Playfair Key Matrix
Keyword is MONARCHY
M O N A R
C H Y B D
36
Playfair Key Matrix
Keyword is MONARCHY
M O N A R
C H Y B D
E F G I/J K
L P Q S T
U V W X Z
Plaintext: unit
Ciphertext: WMKS
37
Playfair Encryption
Plaintext is encrypted two letters at a time
If plaintext has odd number of characters then
add a filler, x at the end
If a pair has repeated letters, insert filler like 'X
symmetric sy mx me tr ic
Encryption
o If both letters fall in the same row, replace each
with letter to right (wrapping back to start from
end)
o if both letters fall in the same column, replace
each with the letter below it (wrapping to top
from bottom)
o otherwise each letter is replaced by the letter in
the same row and in the column of the other
letter of the pair
38
Playfair Cipher
Keyword is MONARCHY
Plaintext is HOUSE
M O N A R
C H Y B D
E F G I/J K
L P Q S T
U V W X Z
Plaintext: HO US EX
Ciphertext: FH XL IU
39
Playfair Cipher
Keyword: playfair
Key: playfir
Plaintext: meet at the school
P L A Y F
I R B C D
E G H K M
N O Q S T
U V W X Z
Plaintext: ME ET AT TH ES CH OX OL
Ciphertext: EG MN FQ QM KN BK SV VR
40
Security of Playfair Cipher
41
Hill Cipher
p is plaintext matrix
c is ciphertext matrix
k is key matrix
c =p x k mod 26
p = c x k-1 mod 26
42
Modulo Arithmetic, 26
(3+24)mod 26
= 27 mod 26=1
(14-20)mod 26
=(-6)mod26=20
If (a*b) mod 26=1 then a and b are
multiplicative inverse of each other
Multiplicative inverse: 3*9=27 mod 26=1
3 and 9 are multiplicative inverse of each
other
43
Multiplicative Inverse for Modulo 26
44
Multiplicative Inverse for Modulo 26
45
Multiplicative Inverse for Modulo 26
46
Multiplicative Inverse for Modulo 26
47
Multiplicative Inverse for Modulo 26
48
Multiplicative Inverse for Modulo 26
49
Multiplicative Inverse for Modulo 26
50
Hill Cipher
Each letter of plaintext is assigned a numerical
value, a=0, b=1, z=25
11 12 13
k = 21 22 23
31 32 33
51
Hill Cipher
11 12 13
1 2 3 = (1 2 3 ) 21 22 23 mod 26
31 32 33
c1 = (k11p1 + k21p2 + k31p3) mod 26
c2 = (k12p1 + k22p2 + k32p3) mod 26
c3 = (k31p1 + k32p2 + k33p3) mod 26
c=p x k mod 26
52
Example Hill Cipher
Plaintext: paymoremoney
= pay mor emo ney
17 17 5
K= 21 18 21
2 2 19
abcdefghij k l m n o p q r s t u v w x y z
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25
{pay} {15,0,24},
c=p k mod 26
53
Ciphertext
17 17 5
= (15 0 24) 21 18 21 mod 26
2 2 19
54
Example Hill Cipher
Plaintext: abc
1 2 3
K= 4 5 6
11 9 8
abcdefghij k l m n o p q r s t u v w x y z
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25
{abc} {0,1,2},
c=p x k mod 26
55
Ciphertext
1 2 3
= (0 1 2) 4 5 6 mod 26
11 9 8
c = (0 23 22) mod 26
= AXW
56
Example Hill Cipher contd.
57
Inverse of A mod 26
5 8
A=
17 3
5 8
det =(5x3)-(8x17)= -121 mod 26
17 3
=(-121)+(5x26)=9
(1/9) mod 26=3
3 17 T 3 8 9 24
A-1 mod 26=3 =3 =
8 5 17 5 51 15
9 2
=
1 15
58
Determinant of Matrix
11 12
For A= 22 , det(A) = a11a22 a21a12
21
11 12 13
For A= 21 22 23
31 32 33
59
Inverse of Matrix
2 4 3
For k= 6 1 5
2 1 3
Det(k) = 2(3-5)-6(12-3)-2(20-3)= -92
If A has nonzero determinant then A has
inverse, k-1
Inv(k) =BT
Bi,j = cofi,j(k)/det(A)
b23 = -[(2x1)-(4x(-2))]/-92=10/92
60
Inverse of Matrix contd..
2 4 3
For k = 6 1 5
2 1 3
b11 =[(1x3)-(5x1)]/-92=2/92
b23 = -[(2x1)-(4x(-2))]/-92=10/92
2 9 17
B = (1/92) 28 12 8
8 10 22
2 28 8
Inv(k) =BT =(1/92) 9 12 10
17 8 22
61
Hill Cipher: example
Plaintext: CAT, C=2, A=0, T=19
Key, k
6 24 1
k= 13 16 10 ,
20 17 15
p=[2 0 19]
Ciphertext=CHB
62
Decipher text
Compute k-1
8 5 10
k-1= 21 8 21
21 12 8
8 5 10
c x k-1= [2 7 1] 21 8 21 mod 26
21 12 8
= [184 78 175] mod 26
= [2 0 19]
Alternative, c=pT x k
p = k x cT
63
Cryptanalyst for Hill Cipher
64
Cryptanalyst for Hill Cipher
65
Cryptanalysis example
Y = Xk mod 26
7 2 7 8
= 26
17 25 11 11
k=X-1Y
1
7 8 25 22
1 = =
11 11 1 23
25 22 7 2
k=
1 23 17 25 If X is not invertible
549 600 then form additional
= 26 plaintext-ciphertext
398 577
3 2 pair
=
8 5 66
Polyalphabetic Ciphers
For monoalphabetic cipher each letter is encrypted to
the same letter for every occurrence of the plaintext
letter
For example letter between dgvyggp
For polyalphabetic, each occurrence of a character
may have a different substitute
The relationship between a character in the plaintext to
a character in the cipher text is one to many
For example a can be enciphered to D in the
beginning and to F later
Therefore frequency of a is hidden in the cipher
Therefore statistical attack based on frequency can not
be used
For polyalphabetic, each ciphertext character is
dependent on the plaintext letter and its position
67
Vigenre Cipher
Plaintext, p=p0, p1,,pn-1
Key, k = k0, k1, ..., km-1 (m<n)
Ciphertext, c=c0,c1, , cn-1
=(p0+ k0)mod 26 , (p1+ k1)mod 26+
Ci=(pi+ki)mod 26
Plaintext: poly 15 14 12 24
Key: beam 1 4 0 13
Ciphertext: QSLK 16 18 12 11
Decryption works in reverse
Ci=(pi-ki)mod 26
68
Example of Vigenre Cipher
o plaintext: wearediscoveredsaveyourself
o key: deceptivedeceptivedeceptive
69
Example of Vigenre Cipher
key d e c e p t i v e
k
plain w e a r e d i s c o v e r e
p
c
cipher
key
k
plain d s a v e y o u r s e l f
p
c
cipher
70
Example of Vigenre Cipher
key d e c e p t i v e d e c e p
k
plain w e a r e d i s c o v e r e
p
c
cipher
key t i v e d e c e p t i v e
k
plain d s a v e y o u r s e l f
p
c
cipher
71
Example of Vigenre Cipher
key d e c e p t i v e d e c e p
k 3 4 2 4 15 19 8 21 4 3 4 2 4 15
plain w e a r e d i s c o v e r e
p 22 4 0 17 4 3 8 18 2 14 21 4 17 4
c
cipher
key t i v e d e c e p t i v e
k 19 8 21 4 3 4 2 4 15 19 8 21 4
plain d s a v e y o u r s e l f
p 3 18 0 21 4 24 14 20 17 18 4 11 5
c
cipher
72
Example of Vigenre Cipher
key d e c e p t i v e d e c e p
k 3 4 2 4 15 19 8 21 4 3 4 2 4 15
plain w e a r e d i s c o v e r e
p 22 4 0 17 4 3 8 18 2 14 21 4 17 4
c 25 8 2 21 19 22 16 13 6 17 25 6 21 19
cipher Z I C V T W Q N G R Z G V T
key t i v e d e c e p t i v e
k 19 8 21 4 3 4 2 4 15 19 8 21 4
plain d s a v e y o u r s e l f
p 3 18 0 21 4 24 14 20 17 18 4 11 5
c 22 0 21 25 7 2 16 24 6 11 12 6 9
cipher W A V Z H C Q Y G L M G J
ciphertext:ZICVTWQNGRZGVTWAVZHCQYGLMGJ
73
Security of Vigenre Ciphers
Key length is 9
Therefore, letters at 1,10,19,28, are shifted by same
number
o key: deceptivedeceptivedeceptive
o plaintext: wearediscoveredsaveyourself
74
Autokey Cipher
keyword is concatenated with plaintext
eg. given key deceptive
plaintext: wearediscoveredsaveyourself
key: deceptivewearediscoveredsav
ciphertext: ZICVTWQNGKZEIIGASXSTSLVVWLA
Keyword and plaintext have same
frequency distribution
Statistical techniques can be used
75
Vernam Cipher
76
One-Time Pad
Use one key for one message
If a random key is used for each message
then cipher is secure
If two identical sequences of plaintext occur
at integer multiple of keyword length then
they generate identical cipher text.
Advantage: Ciphertext bears no statistical
relationship to the plaintext
Limitation: generation & safe distribution of
key
77
One-time pad version of Vigenere
cipher
Key is a stream of random numbers between 0 and
26
Plaintext letters shift by key numbers
Ex: a) plaintext: sendmoremoney
key: 9 0 1 7 23 15 21 14 11 11 2 8 9
B) Determine key so that ciphertext decrypts to
plaintext cashnotneeded
78
Example: vigenere
plain s e n d m o r e m o n e y
Plain
number
key 9 0 1 7 23 15 21 14 11 11 2 8 9
Cipher
number
cipher
79
Example: vigenere
plain s e n d m o r e m o n e y
Plain 18 4 13 3 12 14 17 4 12 14 13 4 24
number
key 9 0 1 7 23 15 21 14 11 11 2 8 9
Cipher
number
cipher
80
Example: vigenere
plain s e n d m o r e m o n e y
Plain 18 4 13 3 12 14 17 4 12 14 13 4 24
number
key 9 0 1 7 23 15 21 14 11 11 2 8 9
Cipher 1 4 14 10 9 3 12 18 23 25 15 12 7
number
cipher
81
Example: vigenere
plain s e n d m o r e m o n e y
Plain 18 4 13 3 12 14 17 4 12 14 13 4 24
number
key 9 0 1 7 23 15 21 14 11 11 2 8 9
Cipher 1 4 14 10 9 3 12 18 23 25 15 12 7
number
cipher B E O K J D M S X Z P M H
82
Example: find key to decipher
Plain C a s h n o t n e e d e d
Plain 2 0 18 7 13 14 19 13 4 4 3 4 3
number
key
Cipher 1 4 14 10 9 3 12 18 23 25 15 12 7
number
cipher B E O K J D M S X Z P M H
83
Example: find key to decipher
Plain C a s h n o t n e e d e d
Plain 2 0 18 7 13 14 19 13 4 4 3 4 3
number
key
84
Example: find key to decipher
Plain C a s h n o t n e e d e d
Plain 2 0 18 7 13 14 19 13 4 4 3 4 3
number
key 25 4 22 3 22 15 19 5 19 21 12 8 4
85
Transposition Ciphers
86
Rail Fence cipher
Message letters are written diagonally over a
number of rows
Ciphertext is read off row by row
eg. plaintext: rail fence cipher
r i f n e i h r
a l e c c p e
Ciphertext:
RIFNEIHRALECCPE
87
Row Transposition Ciphers
Message is arranged in 2-D array
Reorder the columns according to some key before
reading off the rows
Plaintext: attack postponed until two am
Key: 4 3 1 2 5 6 7
Matrix : a t t a c k p
o s t p o n e
d u n t i l t
w o a m x y z
Ciphertext: TTNAAPTMTSUOAODWCOIXKNLYPETZ
89
Permutation/ Transposition
encryption decryption
y1 y1
x1 x1
y2 y2 x2
x2
y3 y3 x3
x3
y4 y4 x4
x4
y5 y5 x5
x5
Plaintext: springing
90
Permutation/ Transposition
encryption decryption
s y1 y1
x1 x1
p y2 y2 x2
x2
r y3 y3 x3
x3
i y4 y4 x4
x4
n y5 y5 x5
x5
p y2 r y2 x2
x2
r y3 n y3 x3
x3
i y4 p y4 x4
x4
n y5 i y5 x5
x5
94
Rotor Machine Principles
95
Cryptanalysis Attacks on Encrypted Messages
96
Ciphertext only attack
E
plaintext
A
analyze B
A
analyze B
A analyze B
E
E
plaintext ciphertext
plaintext
A
analyze B
101