lect2 classical encryption technique(cs 634)

Classical CryptographicTechniques

DATA Security

Lect. #2

Homework quiz

Cookies:

Purpose: 1- To identify users and possibly prepare customized web pages for them as they return to a site.

2- It may hold and provide personnel information to the server and other people who query it.

Definition: is a message given to a web browser by a web server. The browser stores the message in a text file on the user’s machine and is sent back to the server each time the browser requests a page from the server.

Wi-Fi:

wireless Fidelity : is a network that has one base station (access point) that controls communications with all of the other wireless nodes connected with that network.

Wi-Fi family:

802.11 refers to a family of specifications developed by IEEE for wireless technology. It specifies an over-the-air interface b/w a wireless client and a base station.

802-11 : a wireless LANs and provides 1 or 2 MBps transmission in the 2.4 GHZ band. 802-11 a: up to 54 MBps in the 5GHz 802-11 b: up to 11 MBps tranmission 802-11 g: up to +20 Mbps in 2.4 GHz band. a family has many more nonoverlapping channels than either 802.11 b or 802.11 g, so more

access point s can be place close togather, giving much more throughput in smaller area.

Symmetric Encryption

also referred to as conventional encryption or single-key encryption.

the universal technique for providing confidentiality for transmitted or stored data

Why?

Purpose:

confidentiality ( from x.800 security service def.) is the protection of transmitted data from passive attacks, and the protection of traffic flow from analysis.

Table 1.6

X.800Security

Mechanisms

Simplified Model of symmetric

Encryption

• Plaintext: This is the original message or data that is fed into the algorithm as input.

• Encryption algorithm: The encryption algorithm performs various

substitutions and transformations on the plaintext.

• Secret key: The secret key is also input to the encryption algorithm. The exact

substitutions and transformations performed by the algorithm depend on

the key.

• Ciphertext: This is the scrambled message produced as output. It depends on the

plaintext and the secret key. For a given message, two different keys will

produce two different ciphertexts.

• Decryption algorithm: This is essentially the encryption algorithm run in reverse. It

takes the ciphertext and the secret key and produces the

original plaintext.

A symmetric encryption ingredients

Symmetric Encryption Requirements

two requirements for secure use:

1. need a strong encryption algorithm. This requirement is usually stated in a stronger form:”The

opponent should be unable to decrypt ciphertext or discoverthe key even if he has a number of ciphertexts together withthe plaintext that produced each ciphertext.

2. sender and receiver must have obtained copies of the secret key in a secure fashion and must keep the key secure. If someone can discover the key and knows the algorithm, all

communication using this key is readable.

Attacking Symmetric Encryption

1-Cryptanalytic attacks

Is the process of attempting to discover the plaintext or key. It rely on:

nature of the algorithm.

some knowledge of the general characteristics of the plaintext

some sample plaintext-ciphertext pairs.

Exploits the characteristics of the algorithm to attempt to deduce a specific plaintext or the key being used. if successful all future and past messages encrypted with that key are compromised.

2- Brute-Force Attack

try all possible keys on some ciphertext until an intelligible translation into plaintext is obtained

on average half of all possible keys must be tried to achieve success.

Attacking Symmetric Encryption

Average Time Required for Key

Exchange

An encryption scheme is computationally secure if :

The cost of breaking the cipher text exceeds the value of the

encrypted information.

The time required to break the cipher exceeds the life time of

the information.

Cryptography Techniques Classification

Generally classified along three independent Dimensions:

1. The type of operations used for transforming plaintext to cipher text in the technique: (substitution, and transposition )

2. The way in which the plaintext is processed :

– Block (cipher one block at a time)

– Stream (cipher the input continuously)

3. The number of keys used :

– Symmetric (single key)

– Public key or asymmetric (two keys)

Block & Stream Ciphers

• processes the input one block of elements at a time

• produces an output block for each input block

• The advantage of a block cipher is that you can reuse keys.

• more common.

Block Cipher

• processes the input elements continuously, produces output one element at a time(byte per byte)

• primary advantage is that they are almost always faster and use far less code

• encrypts plaintext one byte at a time

• pseudorandom stream is one that is unpredictable without knowledge of the input key.

• must never reuse stream key, otherwise can recover messages

Stream Cipher

Block Cipher Encryption

Stream Encryption

Substitution & Transposition

Techniques

• Substitution Encryption: the letters of plaintext are

replaced by other letters or by numbers,

• examples are: (Caesar cipher, Mono-alphabetic, Playfair,

and Vigenere cipher).

• Permutation techniques: performing some

rearrangement on the plaintext letters.• Examples : as Rail Fence algorithm and row transposition.

1-Caesar Cipher Technique

• Each letter of the alphabet is replaced by the letter

stands three places further down the alphabet:

• Note that the alphabet is wrapped around, so that

the letter following Z is A.

• a b c d e f g hi j kl m nopqr st u v w x y z

Plaintext meet me after the party

Ciphertext phhw ph diwhu wkh sduwb

Continue…

• The important characteristics of Caesar technique:

1. The encryption and decryption algorithms are

known.

2. There are only 25 key to try which is far from

security.

3. The language of the plaintext is known

4. Then having Caesar’s Cipher as:

• C = E(P) = (P+ k) mod (26)

• p = D(C) = (C – k) mod (26)

Brute-Force Cryptanalysis

Caesar Cipher

• Rather than just shifting the alphabet

• Could shuffle (jumble) the letters arbitrarily

• Each plaintext letter maps to a different random

cipher text letter.

• hence key is 26 letters long Exampl: Plain: abcdefghijklmnopqrstuvwxyz

Cipher DKVQFIBJWPESCXHTMYAUOLRGZN

Plaintext: ifwewishtoreplaceletters

Cipher text: WIRFRWAJUHYFTSDVFSFUUFYA

2-Monoalphabetic Cipher

Monoalphabetic Cipher Security

• Now have a total of 26! keys

• With so many keys, might think the system is secure

• But would be !!!WRONG!!!

• Problem is the regularities of the language

Language Redundancy and

Cryptanalysis

• Human languages are redundant

• Letters are not equally commonly used

• The English letter e is by far the most common

letters, then l T,R,N,I,O,A,S letters

• Other letters are fairly rare : Z, J, K, Q, X

English Letter Frequencies

Example Cryptanalysis

• Given ciphertext:

UZQSOVUOHXMOPVGPOZPEVSGZWSZOPFPESXUDBMETSXAIZ

VUEPHZHMDZSHZOWSFPAPPDTSVPQUZWYMXUZUHSX

EPYEPOPDZSZUFPOMBZWPFUPZHMDJUDTMOHMQ

• Count relative letter frequencies (see text)

• The most common letters are P & Z and are equivalent to e and t

• The most common Digram are ZW is equivalent to th and hence Z W P is equivalent to: t h e

• Proceeding with trial and error finally get:

it was disclosed yesterday that several informal but

direct contacts have been made with political

representatives of the viet cong in moscow

Use of the English Letter Frequencies in Cryptanalysis

• Key concept - monoalphabetic substitution ciphers do not

change relative letter frequencies.

• Discovered by Arabian scientists in 9th century.

• Calculate letter frequencies for ciphertext.

• compare counts against known values

3- Playfair Cipher

• Not even the large number of keys in a monoalphabeticcipher provides security .

• One approach to improving security was to encrypt multiple letters.

• The Playfair Cipher is an example , invented by Charles Wheatstone in 1854, but named after his friend Baron Playfair .

3- Playfair Cipher (cnt’d)

• A 5X5 matrix of letters based on a keyword.

• Fill in letters of the keyword. Then, fill rest of

matrix with other letters of the plaintext message ( in sorted ascending alphabetic).

• plaintext encrypted/decrypted two letters at a

time:

Playfair Key Matrix

Playfair Key Matrix

Encryption / Decryption

1. if both letters fall in the same row, replace each with letter to right (wrapping back from right to left).

2. if both letters fall in the same column, replace each with the letter below it (again wrapping to top from bottom),

3. Otherwise, each letter is replaced by the one in its row and in the column of the other letter of the pair.

Ex. the keyword is “monarchy”

1. eg. “AR" encrypts as “rm “

if both letters fall in the same row, replace each with the letter to right (wrapping back to start from end).

1. eg. “MU" encrypts to "CM“

if both letters fall in the same column, replace each with the letter below it (again wrapping to top from bottom),

1. eg. “HS" encrypts to "BP", and “ER" to “KM”

Otherwise, each letter is replaced by the one in its row in the column of the other letter of the pair.

M O N A R

C H Y B D

E F G I/J K

L P Q S T

U V W X Z

QUIZ

• Ex: Encrypt and Decrypt

the word “MATRIX” where

the keyword is :

• ” ENJOY HIM”

E N J O Y

H I M A B

C D F G H

K L P R S

T U V W X/Z

Quiz ANSWER

• ENCRYPTION:

• MA= AB & TR= WK & IX= BU

• So, “MATRIX” will encrypted as:

“ABWKBU”

• DECRYPTION:

• “ABWKBU will decrypted as:

• AB = “MA “

• WK= “ TR ”

• BU= “ IX ”

• So “ABWKBU” will decrypted as “MATRIX”

E N J O Y

H I M A B

C D F G H

K L P R S

T U V W X/Z

Security of the Playfair Cipher

• security much improved over monoalphabetic since

have 26 x 26 = 676 digrams

• would need a 676 entry frequency table to analyse

(verses 26 for a monoalphabetic) .

• Was widely used for many years (eg. US & British

military in WW1)

4-Vigenère Cipher

• Simplest polyalphabetic substitution cipher is

the Vigenère Cipher

• Given a key letter Y and a plain text X, the

cipher text letter is at inspection of the row

labelled x and the column labelled y in this

case the cipher text is V (keyword in columns,

plaintext in rows)

• Decryption simply works in reverse:– the plaintext letter is at intersection of the column labelled y , the row

intersect with the place of the column of the ciphertext letter labelled v

How to use Vigenère

1. Write the plaintext out .

2. Write the keyword repeated above it until finishing

the message characters.

3. Use each key letter as a Caesar cipher key

4. Encrypt the corresponding plaintext letter (keyword in

columns, plaintext in rows)

5. Eg. using keyword “deceptive”key: deceptivedeceptivedeceptive

plaintext: “we””are”discovered”save””yourself”

ciphertext: ZICVTWQNGRZGVTWAVZHCQYGLMGJ

the plaintext letter is at intersection of the column labelled y , the row intersect

with the place of the column of the ciphertext letter labelled v

Security of Vigenère Ciphers

• Have multiple ciphertext letters for each

plaintext letter

• Hence letter frequencies are obscured but not

totally lost.

• Start with letter frequencies to see if look

monoalphabetic or not

B-Transposition Ciphers

• Now consider classical transposition or permutation

ciphers.

• These hide the message by rearranging the letter order

without altering the actual letters used.

• Can recognise these since have the same frequency

distribution as the original text

1-Rail-Fence Cipher Technique

•

• The plain text is written down a sequence of columns and then

read off as a sequence of rows.

Example ciphering of “meet me after the party”

• Plaintext with Rail-Fence of depth 2:

• The encrypted message will formed by reading in

rows as:

mematrhpry-etefeteat-

m e m a t r h p r y

e t e f e t e a t -

2-Row Transposition Ciphers

• A more complex scheme.

– Write letters of message out in rows over a specified number of columns.

– Then reorder the columns according to some key before reading off the rows.

• Ex:

– P: “attack postponed until two am xzy”

– 1 2 3 4 5 6 7

- Plaintext: a t t a c k p

o s t p o n e

d u n t i l t

w o a m x y z

- Key : 3 4 2 1 5 6 7

- The reordering: t a t a c k p

t p s o o n e

n t u d i l t

a m o w x y z

- Ciphertext: “tatackp/tpsoone/ntudilt/amowxyz”

3-Product Ciphers

• Ciphers using substitutions or transpositions are not

secure because of language characteristics

• Hence consider using several ciphers in succession to

make harder, but:

– two substitutions make a more complex substitution

– two transpositions make more complex transposition

– but a substitution(permutation) followed by a transposition

makes a new much harder cipher

• This is bridge from classical to modern ciphers