![Page 1: Page 1 Introduction to Cryptography Minqi Zhou mqzhou@sei.ecnu.edu.cn Distributed Systems Except as otherwise noted, the content of this presentation is](https://reader038.vdocuments.us/reader038/viewer/2022110405/56649efc5503460f94c0fe2e/html5/thumbnails/1.jpg)
Page 1Page 1
Introduction to Cryptography
Minqi [email protected]
Distributed Systems
Except as otherwise noted, the content of this presentation is licensed under the Creative Commons Attribution 2.5 License.
![Page 2: Page 1 Introduction to Cryptography Minqi Zhou mqzhou@sei.ecnu.edu.cn Distributed Systems Except as otherwise noted, the content of this presentation is](https://reader038.vdocuments.us/reader038/viewer/2022110405/56649efc5503460f94c0fe2e/html5/thumbnails/2.jpg)
Page 2Page 2
Ngywioggazhon PystempAuesfnsicutiwf & Moiiunocaiwn
Piqtoaoyp
![Page 3: Page 1 Introduction to Cryptography Minqi Zhou mqzhou@sei.ecnu.edu.cn Distributed Systems Except as otherwise noted, the content of this presentation is](https://reader038.vdocuments.us/reader038/viewer/2022110405/56649efc5503460f94c0fe2e/html5/thumbnails/3.jpg)
Page 3Page 3
Cryptographic SystemsAuthentication & Communication
Protocols
![Page 4: Page 1 Introduction to Cryptography Minqi Zhou mqzhou@sei.ecnu.edu.cn Distributed Systems Except as otherwise noted, the content of this presentation is](https://reader038.vdocuments.us/reader038/viewer/2022110405/56649efc5503460f94c0fe2e/html5/thumbnails/4.jpg)
Page 4
cryptography
κρυπός
hidden
γραφία
writing
A secret manner of writing, … Generally, the art of writing or solving ciphers.
— Oxford English Dictionary
4
![Page 5: Page 1 Introduction to Cryptography Minqi Zhou mqzhou@sei.ecnu.edu.cn Distributed Systems Except as otherwise noted, the content of this presentation is](https://reader038.vdocuments.us/reader038/viewer/2022110405/56649efc5503460f94c0fe2e/html5/thumbnails/5.jpg)
Page 5
cryptology
κρυπός
hidden
λογια
speaking
1967 D. Kahn, Codebreakers p. xvi, Cryptology is the science that embraces cryptography and cryptanalysis, but the term ‘cryptology’ sometimes loosely designates the entire dual field of both rendering signals secure and extracting information from them.
— Oxford English Dictionary
5
![Page 6: Page 1 Introduction to Cryptography Minqi Zhou mqzhou@sei.ecnu.edu.cn Distributed Systems Except as otherwise noted, the content of this presentation is](https://reader038.vdocuments.us/reader038/viewer/2022110405/56649efc5503460f94c0fe2e/html5/thumbnails/6.jpg)
Page 6
Cryptography Security
Cryptography may be a component of a secure system
Adding cryptography may not make a system secure
6
![Page 7: Page 1 Introduction to Cryptography Minqi Zhou mqzhou@sei.ecnu.edu.cn Distributed Systems Except as otherwise noted, the content of this presentation is](https://reader038.vdocuments.us/reader038/viewer/2022110405/56649efc5503460f94c0fe2e/html5/thumbnails/7.jpg)
Page 7
Terms
Plaintext (cleartext), message M
encryption, E(M)
produces ciphertext, C=E(M)
decryption: M=D(C)
Cryptographic algorithm, cipher
7
![Page 8: Page 1 Introduction to Cryptography Minqi Zhou mqzhou@sei.ecnu.edu.cn Distributed Systems Except as otherwise noted, the content of this presentation is](https://reader038.vdocuments.us/reader038/viewer/2022110405/56649efc5503460f94c0fe2e/html5/thumbnails/8.jpg)
Page 8
Terms: types of ciphers
• restricted cipher
• symmetric algorithm
• public key algorithm
8
![Page 9: Page 1 Introduction to Cryptography Minqi Zhou mqzhou@sei.ecnu.edu.cn Distributed Systems Except as otherwise noted, the content of this presentation is](https://reader038.vdocuments.us/reader038/viewer/2022110405/56649efc5503460f94c0fe2e/html5/thumbnails/9.jpg)
Page 9
Restricted cipher
Secret algorithm• Leaking• Reverse engineering
– HD DVD (Dec 2006) and Blu-Ray (Jan 2007)
– RC4– All digital cellular encryption algorithms– DVD and DIVX video compression– Firewire– Enigma cipher machine– Every NATO and Warsaw Pact algorithm during Cold War
9
![Page 10: Page 1 Introduction to Cryptography Minqi Zhou mqzhou@sei.ecnu.edu.cn Distributed Systems Except as otherwise noted, the content of this presentation is](https://reader038.vdocuments.us/reader038/viewer/2022110405/56649efc5503460f94c0fe2e/html5/thumbnails/10.jpg)
Page 10
The key
BTW, the above is a bump key. See http://en.wikipedia.org/wiki/Lock_bumping.
10
![Page 11: Page 1 Introduction to Cryptography Minqi Zhou mqzhou@sei.ecnu.edu.cn Distributed Systems Except as otherwise noted, the content of this presentation is](https://reader038.vdocuments.us/reader038/viewer/2022110405/56649efc5503460f94c0fe2e/html5/thumbnails/11.jpg)
Page 11
The key
Source: en.wikipedia.org/wiki/Pin_tumbler_lock11
![Page 12: Page 1 Introduction to Cryptography Minqi Zhou mqzhou@sei.ecnu.edu.cn Distributed Systems Except as otherwise noted, the content of this presentation is](https://reader038.vdocuments.us/reader038/viewer/2022110405/56649efc5503460f94c0fe2e/html5/thumbnails/12.jpg)
Page 12
The key
Source: en.wikipedia.org/wiki/Pin_tumbler_lock12
![Page 13: Page 1 Introduction to Cryptography Minqi Zhou mqzhou@sei.ecnu.edu.cn Distributed Systems Except as otherwise noted, the content of this presentation is](https://reader038.vdocuments.us/reader038/viewer/2022110405/56649efc5503460f94c0fe2e/html5/thumbnails/13.jpg)
Page 13
The key
• We understand how it works:– Strengths– Weaknesses
• Based on this understanding, we can assess how much to trust the key & lock.
Source: en.wikipedia.org/wiki/Pin_tumbler_lock13
![Page 14: Page 1 Introduction to Cryptography Minqi Zhou mqzhou@sei.ecnu.edu.cn Distributed Systems Except as otherwise noted, the content of this presentation is](https://reader038.vdocuments.us/reader038/viewer/2022110405/56649efc5503460f94c0fe2e/html5/thumbnails/14.jpg)
Page 14
Symmetric algorithm
Secret key
C = EK(M )
M = DK(C )
14
![Page 15: Page 1 Introduction to Cryptography Minqi Zhou mqzhou@sei.ecnu.edu.cn Distributed Systems Except as otherwise noted, the content of this presentation is](https://reader038.vdocuments.us/reader038/viewer/2022110405/56649efc5503460f94c0fe2e/html5/thumbnails/15.jpg)
Page 15
Public key algorithm
public key and private keys
C1 = Epublic(M )
M = Dprivate(C1 )
also:
C2 = Eprivate(M )
M = Dpublic(C2 )
15
![Page 16: Page 1 Introduction to Cryptography Minqi Zhou mqzhou@sei.ecnu.edu.cn Distributed Systems Except as otherwise noted, the content of this presentation is](https://reader038.vdocuments.us/reader038/viewer/2022110405/56649efc5503460f94c0fe2e/html5/thumbnails/16.jpg)
Page 16
McCarthy’s puzzle (1958)
• Two countries are at war• One country sends spies to the other
country• To return safely, spies must give the
border guards a password
• Spies can be trusted• Guards chat – information given to them
may leak
16
![Page 17: Page 1 Introduction to Cryptography Minqi Zhou mqzhou@sei.ecnu.edu.cn Distributed Systems Except as otherwise noted, the content of this presentation is](https://reader038.vdocuments.us/reader038/viewer/2022110405/56649efc5503460f94c0fe2e/html5/thumbnails/17.jpg)
Page 17
McCarthy’s puzzle
ChallengeHow can a guard authenticate a person without knowing the password?
Enemies cannot use the guard’s knowledge to introduce their own spies
17
![Page 18: Page 1 Introduction to Cryptography Minqi Zhou mqzhou@sei.ecnu.edu.cn Distributed Systems Except as otherwise noted, the content of this presentation is](https://reader038.vdocuments.us/reader038/viewer/2022110405/56649efc5503460f94c0fe2e/html5/thumbnails/18.jpg)
Page 18
Solution to McCarthy’s puzzle
Michael Rabin, 1958
Use one-way function, B=f(A)– Guards get B …
• Enemy cannot compute A
– Spies give A, guards compute f(A)• If the result is B, the password is correct.
Example function:
Middle squares• Take a 100-digit number (A), and square it• Let B = middle 100 digits of 200-digit result
18
![Page 19: Page 1 Introduction to Cryptography Minqi Zhou mqzhou@sei.ecnu.edu.cn Distributed Systems Except as otherwise noted, the content of this presentation is](https://reader038.vdocuments.us/reader038/viewer/2022110405/56649efc5503460f94c0fe2e/html5/thumbnails/19.jpg)
Page 19
One-way functions
• Easy to compute in one direction• Difficult to compute in the other
Examples:Factoring:
pq = N EASYfind p,q given N DIFFICULT
Discrete Log:ab mod c = N EASYfind b given a, c, N DIFFICULT
19
![Page 20: Page 1 Introduction to Cryptography Minqi Zhou mqzhou@sei.ecnu.edu.cn Distributed Systems Except as otherwise noted, the content of this presentation is](https://reader038.vdocuments.us/reader038/viewer/2022110405/56649efc5503460f94c0fe2e/html5/thumbnails/20.jpg)
Page 20
McCarthy’s puzzle example
Example with an 18 digit numberA = 289407349786637777A2 = 83756614110525308948445338203501729
Middle square, B = 110525308948445338
Given A, it is easy to compute BGiven B, it is extremely hard to compute A
110525308948445338
20
![Page 21: Page 1 Introduction to Cryptography Minqi Zhou mqzhou@sei.ecnu.edu.cn Distributed Systems Except as otherwise noted, the content of this presentation is](https://reader038.vdocuments.us/reader038/viewer/2022110405/56649efc5503460f94c0fe2e/html5/thumbnails/21.jpg)
Page 21
More terms
• one-way function– Rabin, 1958: McCarthy’s problem– middle squares, exponentiation, …
• [one-way] hash function– message digest, fingerprint, cryptographic
checksum, integrity check
• encrypted hash– message authentication code– only possessor of key can validate message
21
![Page 22: Page 1 Introduction to Cryptography Minqi Zhou mqzhou@sei.ecnu.edu.cn Distributed Systems Except as otherwise noted, the content of this presentation is](https://reader038.vdocuments.us/reader038/viewer/2022110405/56649efc5503460f94c0fe2e/html5/thumbnails/22.jpg)
Page 22
More terms
• Stream cipher– Encrypt a message a character at a time
• Block cipher– Encrypt a message a chunk at a time
22
![Page 23: Page 1 Introduction to Cryptography Minqi Zhou mqzhou@sei.ecnu.edu.cn Distributed Systems Except as otherwise noted, the content of this presentation is](https://reader038.vdocuments.us/reader038/viewer/2022110405/56649efc5503460f94c0fe2e/html5/thumbnails/23.jpg)
Page 23
Yet another term
• Digital Signature– Authenticate, not encrypt message– Use pair of keys (private, public)– Owner encrypts message with private key– Sender validates by decrypting with public key– Generally use hash(message).
23
![Page 24: Page 1 Introduction to Cryptography Minqi Zhou mqzhou@sei.ecnu.edu.cn Distributed Systems Except as otherwise noted, the content of this presentation is](https://reader038.vdocuments.us/reader038/viewer/2022110405/56649efc5503460f94c0fe2e/html5/thumbnails/24.jpg)
Page 24
Cryptography: what is it good for?
• Authentication– determine origin of message
• Integrity– verify that message has not been modified
• Nonrepudiation– sender should not be able to falsely deny that
a message was sent
• Confidentiality– others cannot read contents of the message
24
![Page 25: Page 1 Introduction to Cryptography Minqi Zhou mqzhou@sei.ecnu.edu.cn Distributed Systems Except as otherwise noted, the content of this presentation is](https://reader038.vdocuments.us/reader038/viewer/2022110405/56649efc5503460f94c0fe2e/html5/thumbnails/25.jpg)
Page 25
Cryptographic toolbox
• Symmetric encryption• Public key encryption• One-way hash functions• Random number generators
25
![Page 26: Page 1 Introduction to Cryptography Minqi Zhou mqzhou@sei.ecnu.edu.cn Distributed Systems Except as otherwise noted, the content of this presentation is](https://reader038.vdocuments.us/reader038/viewer/2022110405/56649efc5503460f94c0fe2e/html5/thumbnails/26.jpg)
Page 26Page 26
Classic Cryptosystems
![Page 27: Page 1 Introduction to Cryptography Minqi Zhou mqzhou@sei.ecnu.edu.cn Distributed Systems Except as otherwise noted, the content of this presentation is](https://reader038.vdocuments.us/reader038/viewer/2022110405/56649efc5503460f94c0fe2e/html5/thumbnails/27.jpg)
Page 27Page 27
Substitution Ciphers
![Page 28: Page 1 Introduction to Cryptography Minqi Zhou mqzhou@sei.ecnu.edu.cn Distributed Systems Except as otherwise noted, the content of this presentation is](https://reader038.vdocuments.us/reader038/viewer/2022110405/56649efc5503460f94c0fe2e/html5/thumbnails/28.jpg)
Page 28
Cæsar cipher
Earliest documented military use of cryptography– Julius Caesar c. 60 BC– shift cipher: simple variant of a substitution cipher– each letter replaced by one n positions away
modulo alphabet sizen = shift value = key
Similar scheme used in India– early Indians also used substitutions based on phonetics
similar to pig latin
Last seen as ROT13 on usenet to keep the reader from seeing offensive messages unwillingly
28
![Page 29: Page 1 Introduction to Cryptography Minqi Zhou mqzhou@sei.ecnu.edu.cn Distributed Systems Except as otherwise noted, the content of this presentation is](https://reader038.vdocuments.us/reader038/viewer/2022110405/56649efc5503460f94c0fe2e/html5/thumbnails/29.jpg)
Page 29
Cæsar cipher
A B C D E F GH I J K L MNO P Q R S T U VWX Y Z
A B C D E F GH I J K L MNO P Q R S T U VWX Y Z
29
![Page 30: Page 1 Introduction to Cryptography Minqi Zhou mqzhou@sei.ecnu.edu.cn Distributed Systems Except as otherwise noted, the content of this presentation is](https://reader038.vdocuments.us/reader038/viewer/2022110405/56649efc5503460f94c0fe2e/html5/thumbnails/30.jpg)
Page 30
Cæsar cipher
A B C D E F GH I J K L MNO P Q R S T U VWX Y Z
U VWX Y Z A B C D E F GH I J K L MNO P Q R S T
shift alphabet by n (6)
30
![Page 31: Page 1 Introduction to Cryptography Minqi Zhou mqzhou@sei.ecnu.edu.cn Distributed Systems Except as otherwise noted, the content of this presentation is](https://reader038.vdocuments.us/reader038/viewer/2022110405/56649efc5503460f94c0fe2e/html5/thumbnails/31.jpg)
Page 31
Cæsar cipher
A B C D E F GH I J K L MNO P Q R S T U VWX Y Z
A B C D E F GH I J K L MNO P Q R S TU VWX Y Z
MY CAT HAS FLEAS
31
![Page 32: Page 1 Introduction to Cryptography Minqi Zhou mqzhou@sei.ecnu.edu.cn Distributed Systems Except as otherwise noted, the content of this presentation is](https://reader038.vdocuments.us/reader038/viewer/2022110405/56649efc5503460f94c0fe2e/html5/thumbnails/32.jpg)
Page 32
Cæsar cipher
A B C D E F GH I J K L MNO P Q R S T U VWX Y Z
A B C D E F GH I J K L MNO P Q R S TU VWX Y Z
MY CAT HAS FLEAS
G
32
![Page 33: Page 1 Introduction to Cryptography Minqi Zhou mqzhou@sei.ecnu.edu.cn Distributed Systems Except as otherwise noted, the content of this presentation is](https://reader038.vdocuments.us/reader038/viewer/2022110405/56649efc5503460f94c0fe2e/html5/thumbnails/33.jpg)
Page 33
Cæsar cipher
A B C D E F GH I J K L MNO P Q R S T U VWX Y Z
A B C D E F GH I J K L MNO P Q R S TU VWX Y Z
MY CAT HAS FLEAS
GS
33
![Page 34: Page 1 Introduction to Cryptography Minqi Zhou mqzhou@sei.ecnu.edu.cn Distributed Systems Except as otherwise noted, the content of this presentation is](https://reader038.vdocuments.us/reader038/viewer/2022110405/56649efc5503460f94c0fe2e/html5/thumbnails/34.jpg)
Page 34
Cæsar cipher
A B C D E F GH I J K L MNO P Q R S T U VWX Y Z
A B C D E F GH I J K L MNO P Q R S TU VWX Y Z
MY CAT HAS FLEAS
GSW
34
![Page 35: Page 1 Introduction to Cryptography Minqi Zhou mqzhou@sei.ecnu.edu.cn Distributed Systems Except as otherwise noted, the content of this presentation is](https://reader038.vdocuments.us/reader038/viewer/2022110405/56649efc5503460f94c0fe2e/html5/thumbnails/35.jpg)
Page 35
Cæsar cipher
A B C D E F GH I J K L MNO P Q R S T U VWX Y Z
A B C D E F GH I J K L MNO P Q R S TU VWX Y Z
MY CAT HAS FLEAS
GSWU
35
![Page 36: Page 1 Introduction to Cryptography Minqi Zhou mqzhou@sei.ecnu.edu.cn Distributed Systems Except as otherwise noted, the content of this presentation is](https://reader038.vdocuments.us/reader038/viewer/2022110405/56649efc5503460f94c0fe2e/html5/thumbnails/36.jpg)
Page 36
Cæsar cipher
A B C D E F GH I J K L MNO P Q R S T U VWX Y Z
A B C D E F GH I J K L MNO P Q R S TU VWX Y Z
MY CAT HAS FLEAS
GSWUN
36
![Page 37: Page 1 Introduction to Cryptography Minqi Zhou mqzhou@sei.ecnu.edu.cn Distributed Systems Except as otherwise noted, the content of this presentation is](https://reader038.vdocuments.us/reader038/viewer/2022110405/56649efc5503460f94c0fe2e/html5/thumbnails/37.jpg)
Page 37
Cæsar cipher
A B C D E F GH I J K L MNO P Q R S T U VWX Y Z
A B C D E F GH I J K L MNO P Q R S TU VWX Y Z
MY CAT HAS FLEAS
GSWUNB
37
![Page 38: Page 1 Introduction to Cryptography Minqi Zhou mqzhou@sei.ecnu.edu.cn Distributed Systems Except as otherwise noted, the content of this presentation is](https://reader038.vdocuments.us/reader038/viewer/2022110405/56649efc5503460f94c0fe2e/html5/thumbnails/38.jpg)
Page 38
Cæsar cipher
A B C D E F GH I J K L MNO P Q R S T U VWX Y Z
A B C D E F GH I J K L MNO P Q R S TU VWX Y Z
MY CAT HAS FLEAS
GSWUNBU
38
![Page 39: Page 1 Introduction to Cryptography Minqi Zhou mqzhou@sei.ecnu.edu.cn Distributed Systems Except as otherwise noted, the content of this presentation is](https://reader038.vdocuments.us/reader038/viewer/2022110405/56649efc5503460f94c0fe2e/html5/thumbnails/39.jpg)
Page 39
Cæsar cipher
A B C D E F GH I J K L MNO P Q R S T U VWX Y Z
A B C D E F GH I J K L MNO P Q R S TU VWX Y Z
MY CAT HAS FLEAS
GSWUNBUM
39
![Page 40: Page 1 Introduction to Cryptography Minqi Zhou mqzhou@sei.ecnu.edu.cn Distributed Systems Except as otherwise noted, the content of this presentation is](https://reader038.vdocuments.us/reader038/viewer/2022110405/56649efc5503460f94c0fe2e/html5/thumbnails/40.jpg)
Page 40
Cæsar cipher
A B C D E F GH I J K L MNO P Q R S T U VWX Y Z
A B C D E F GH I J K L MNO P Q R S TU VWX Y Z
MY CAT HAS FLEAS
GSWUNBUMZ
40
![Page 41: Page 1 Introduction to Cryptography Minqi Zhou mqzhou@sei.ecnu.edu.cn Distributed Systems Except as otherwise noted, the content of this presentation is](https://reader038.vdocuments.us/reader038/viewer/2022110405/56649efc5503460f94c0fe2e/html5/thumbnails/41.jpg)
Page 41
Cæsar cipher
A B C D E F GH I J K L MNO P Q R S T U VWX Y Z
A B C D E F GH I J K L MNO P Q R S TU VWX Y Z
MY CAT HAS FLEAS
GSWUNBUMZF
41
![Page 42: Page 1 Introduction to Cryptography Minqi Zhou mqzhou@sei.ecnu.edu.cn Distributed Systems Except as otherwise noted, the content of this presentation is](https://reader038.vdocuments.us/reader038/viewer/2022110405/56649efc5503460f94c0fe2e/html5/thumbnails/42.jpg)
Page 42
Cæsar cipher
A B C D E F GH I J K L MNO P Q R S T U VWX Y Z
A B C D E F GH I J K L MNO P Q R S TU VWX Y Z
MY CAT HAS FLEAS
GSWUNBUMZFY
42
![Page 43: Page 1 Introduction to Cryptography Minqi Zhou mqzhou@sei.ecnu.edu.cn Distributed Systems Except as otherwise noted, the content of this presentation is](https://reader038.vdocuments.us/reader038/viewer/2022110405/56649efc5503460f94c0fe2e/html5/thumbnails/43.jpg)
Page 43
Cæsar cipher
A B C D E F GH I J K L MNO P Q R S T U VWX Y Z
A B C D E F GH I J K L MNO P Q R S TU VWX Y Z
MY CAT HAS FLEAS
GSWUNBUMZFYU
43
![Page 44: Page 1 Introduction to Cryptography Minqi Zhou mqzhou@sei.ecnu.edu.cn Distributed Systems Except as otherwise noted, the content of this presentation is](https://reader038.vdocuments.us/reader038/viewer/2022110405/56649efc5503460f94c0fe2e/html5/thumbnails/44.jpg)
Page 44
Cæsar cipher
A B C D E F GH I J K L MNO P Q R S T U VWX Y Z
A B C D E F GH I J K L MNO P Q R S TU VWX Y Z
MY CAT HAS FLEAS
GSWUNBMUFZYUM
44
![Page 45: Page 1 Introduction to Cryptography Minqi Zhou mqzhou@sei.ecnu.edu.cn Distributed Systems Except as otherwise noted, the content of this presentation is](https://reader038.vdocuments.us/reader038/viewer/2022110405/56649efc5503460f94c0fe2e/html5/thumbnails/45.jpg)
Page 45
Cæsar cipher
• Convey one piece of information for decryption: shift value
• trivially easy to crack (26 possibilities for a 26 character alphabet)
A B C D E F GH I J K L MNO P Q R S T U VWX Y Z
A B C D E F GH I J K L MNO P Q R S TU VWX Y Z
MY CAT HAS FLEAS
GSWUNBMUFZYUM
45
![Page 46: Page 1 Introduction to Cryptography Minqi Zhou mqzhou@sei.ecnu.edu.cn Distributed Systems Except as otherwise noted, the content of this presentation is](https://reader038.vdocuments.us/reader038/viewer/2022110405/56649efc5503460f94c0fe2e/html5/thumbnails/46.jpg)
Page 46
Ancient Hebrew variant (ATBASH)
• c. 600 BC• No information (key) needs to be conveyed!
A B C D E F GH I J K L MNO P Q R S T U VWX Y Z
T S R Q P ONM L K J I HG F E D C B AZ Y XWV U
MY CAT HAS FLEAS
NBXZGSZHUOVZH
46
![Page 47: Page 1 Introduction to Cryptography Minqi Zhou mqzhou@sei.ecnu.edu.cn Distributed Systems Except as otherwise noted, the content of this presentation is](https://reader038.vdocuments.us/reader038/viewer/2022110405/56649efc5503460f94c0fe2e/html5/thumbnails/47.jpg)
Page 47
Substitution cipher
• General case: arbitrary mapping• both sides must have substitution alphabet
A B C D E F GH I J K L MNO P Q R S T U VWX Y Z
E A J T N C I F ZWO Y B X G K U D V HMP S R L Q
MY CAT HAS FLEAS
IVSMXAMBQCLMB
47
![Page 48: Page 1 Introduction to Cryptography Minqi Zhou mqzhou@sei.ecnu.edu.cn Distributed Systems Except as otherwise noted, the content of this presentation is](https://reader038.vdocuments.us/reader038/viewer/2022110405/56649efc5503460f94c0fe2e/html5/thumbnails/48.jpg)
Page 48
Substitution cipher
Easy to decode:– vulnerable to frequency analysis
Moby Dick Shakespeare(1.2M chars) (55.8M chars)
e 12.300% e 11.797%o 7.282% o 8.299%d 4.015% d 3.943%b 1.773% b 1.634%x 0.108% x 0.140%
48
![Page 49: Page 1 Introduction to Cryptography Minqi Zhou mqzhou@sei.ecnu.edu.cn Distributed Systems Except as otherwise noted, the content of this presentation is](https://reader038.vdocuments.us/reader038/viewer/2022110405/56649efc5503460f94c0fe2e/html5/thumbnails/49.jpg)
Page 49
Statistical Analysis
Letter frequenciesE: 12%A, H, I, N, O, R, S, T: 6 – 9% D, L: 4%B, C, F, G, M, P, U, W, Y: 1.5 – 2.8%J, K, Q, V, X, Z: < 1%
Common digrams:TH, HE, IN, ER, AN, RE, …
Common trigramsTHE, ING, AND, HER, ERE, …
49
![Page 50: Page 1 Introduction to Cryptography Minqi Zhou mqzhou@sei.ecnu.edu.cn Distributed Systems Except as otherwise noted, the content of this presentation is](https://reader038.vdocuments.us/reader038/viewer/2022110405/56649efc5503460f94c0fe2e/html5/thumbnails/50.jpg)
Page 50
Polyalphabetic ciphers
Designed to thwart frequency analysis techniques– different ciphertext symbols can represent the
same plaintext symbol• 1 many relationship between
letter and substitute
Leon Battista Alberti: 1466: invented key– two disks– line up predetermined letter on
inner disk with outer disk– plaintext on inner ciphertext on
outer– after n symbols, the disk is rotated to
a new alignment
AJBMC
Q
DSZ
G
YP
encrypt: AJdecrypt: J A
50
![Page 51: Page 1 Introduction to Cryptography Minqi Zhou mqzhou@sei.ecnu.edu.cn Distributed Systems Except as otherwise noted, the content of this presentation is](https://reader038.vdocuments.us/reader038/viewer/2022110405/56649efc5503460f94c0fe2e/html5/thumbnails/51.jpg)
Page 51
Vigenère polyalphabetic cipher
• Blaise de Vigenère, court of Henry III of France, 1518
• Use table and key word to encipher a message• repeat keyword over text: (e.g. key=FACE)
FA CEF ACE FACEF ....MY CAT HAS FLEAS
• encrypt: find intersection:row = keyword lettercolumn = plaintext letter
• decrypt: column = keyword letter, search for intersection = ciphertext letter
• message is encrypted with as many substitution ciphers as there are letters in the keyword
51
![Page 52: Page 1 Introduction to Cryptography Minqi Zhou mqzhou@sei.ecnu.edu.cn Distributed Systems Except as otherwise noted, the content of this presentation is](https://reader038.vdocuments.us/reader038/viewer/2022110405/56649efc5503460f94c0fe2e/html5/thumbnails/52.jpg)
Page 52
Vigenère polyalphabetic cipher
A B C D E F GH I J K L MNO P Q R S TA B C D E F GH I J K L MNO P Q R S TB C D E F GH I J K L MNO P Q R S T UC D E F GH I J K L MNO P Q R S T U VD E F GH I J K L MNO P Q R S T U VWE F GH I J K L MNO P Q R S T U VWXF GH I J K L MNO P Q R S T U VWX Y
plaintext letter
keytextletter
ciphertext letter
52
![Page 53: Page 1 Introduction to Cryptography Minqi Zhou mqzhou@sei.ecnu.edu.cn Distributed Systems Except as otherwise noted, the content of this presentation is](https://reader038.vdocuments.us/reader038/viewer/2022110405/56649efc5503460f94c0fe2e/html5/thumbnails/53.jpg)
Page 53
Vigenère polyalphabetic cipher
A B C D E F GH I J K L MNO P Q R S T U VWX Y ZAB C D E F GH I J K L MNO P Q R S T U VWX Y Z
A BC D E F GH I J K L MNO P Q R S T U VWX Y ZA B CD E F GH I J K L MNO P Q R S T U VWX Y Z
A B C DE F GH I J K L MNO P Q R S T U VWX Y ZA B C D EF GH I J K L MNO P Q R S T U VWX Y Z
A B C D E FGH I J K L MNO P Q R S T U VWX Y ZA B C D E F GH I J K L MNO P Q R S T U VWX Y Z
FA CEF ACE FACEFMY CAT HAS FLEASR
53
![Page 54: Page 1 Introduction to Cryptography Minqi Zhou mqzhou@sei.ecnu.edu.cn Distributed Systems Except as otherwise noted, the content of this presentation is](https://reader038.vdocuments.us/reader038/viewer/2022110405/56649efc5503460f94c0fe2e/html5/thumbnails/54.jpg)
Page 54
Vigenère polyalphabetic cipher
A B C D E F GH I J K L MNO P Q R S T U VWX Y ZAB C D E F GH I J K L MNO P Q R S T U VWX Y Z
A BC D E F GH I J K L MNO P Q R S T U VWX Y ZA B CD E F GH I J K L MNO P Q R S T U VWX Y Z
A B C DE F GH I J K L MNO P Q R S T U VWX Y ZA B C D EF GH I J K L MNO P Q R S T U VWX Y Z
A B C D E FGH I J K L MNO P Q R S T U VWX Y ZA B C D E F GH I J K L MNO P Q R S T U VWX Y Z
FA CEF ACE FACEFMY CAT HAS FLEASRY
54
![Page 55: Page 1 Introduction to Cryptography Minqi Zhou mqzhou@sei.ecnu.edu.cn Distributed Systems Except as otherwise noted, the content of this presentation is](https://reader038.vdocuments.us/reader038/viewer/2022110405/56649efc5503460f94c0fe2e/html5/thumbnails/55.jpg)
Page 55
Vigenère polyalphabetic cipher
A B C D E F GH I J K L MNO P Q R S T U VWX Y ZAB C D E F GH I J K L MNO P Q R S T U VWX Y Z
A BC D E F GH I J K L MNO P Q R S T U VWX Y ZA B CD E F GH I J K L MNO P Q R S T U VWX Y Z
A B C DE F GH I J K L MNO P Q R S T U VWX Y ZA B C D EF GH I J K L MNO P Q R S T U VWX Y Z
A B C D E FGH I J K L MNO P Q R S T U VWX Y ZA B C D E F GH I J K L MNO P Q R S T U VWX Y Z
FA CEF ACE FACEFMY CAT HAS FLEASRY E
55
![Page 56: Page 1 Introduction to Cryptography Minqi Zhou mqzhou@sei.ecnu.edu.cn Distributed Systems Except as otherwise noted, the content of this presentation is](https://reader038.vdocuments.us/reader038/viewer/2022110405/56649efc5503460f94c0fe2e/html5/thumbnails/56.jpg)
Page 56
Vigenère polyalphabetic cipher
A B C D E F GH I J K L MNO P Q R S T U VWX Y ZAB C D E F GH I J K L MNO P Q R S T U VWX Y Z
A BC D E F GH I J K L MNO P Q R S T U VWX Y ZA B CD E F GH I J K L MNO P Q R S T U VWX Y Z
A B C DE F GH I J K L MNO P Q R S T U VWX Y ZA B C D EF GH I J K L MNO P Q R S T U VWX Y Z
A B C D E FGH I J K L MNO P Q R S T U VWX Y ZA B C D E F GH I J K L MNO P Q R S T U VWX Y Z
FA CEF ACE FACEFMY CAT HAS FLEASRY EE
56
![Page 57: Page 1 Introduction to Cryptography Minqi Zhou mqzhou@sei.ecnu.edu.cn Distributed Systems Except as otherwise noted, the content of this presentation is](https://reader038.vdocuments.us/reader038/viewer/2022110405/56649efc5503460f94c0fe2e/html5/thumbnails/57.jpg)
Page 57
Vigenère polyalphabetic cipher
A B C D E F GH I J K L MNO P Q R S T U VWX Y ZAB C D E F GH I J K L MNO P Q R S T U VWX Y Z
A BC D E F GH I J K L MNO P Q R S T U VWX Y ZA B CD E F GH I J K L MNO P Q R S T U VWX Y Z
A B C DE F GH I J K L MNO P Q R S T U VWX Y ZA B C D EF GH I J K L MNO P Q R S T U VWX Y Z
A B C D E FGH I J K L MNO P Q R S T U VWX Y ZA B C D E F GH I J K L MNO P Q R S T U VWX Y Z
FA CEF ACE FACEFMY CAT HAS FLEASRY EEY
57
![Page 58: Page 1 Introduction to Cryptography Minqi Zhou mqzhou@sei.ecnu.edu.cn Distributed Systems Except as otherwise noted, the content of this presentation is](https://reader038.vdocuments.us/reader038/viewer/2022110405/56649efc5503460f94c0fe2e/html5/thumbnails/58.jpg)
Page 58
A B C D E F GH
Vigenère polyalphabetic cipher
I J K L MNO P Q R S T U VWX Y ZAB C D E F GH I J K L MNO P Q R S T U VWX Y Z
A BC D E F GH I J K L MNO P Q R S T U VWX Y ZA B CD E F GH I J K L MNO P Q R S T U VWX Y Z
A B C DE F GH I J K L MNO P Q R S T U VWX Y ZA B C D EF GH I J K L MNO P Q R S T U VWX Y Z
A B C D E FGH I J K L MNO P Q R S T U VWX Y ZA B C D E F GH I J K L MNO P Q R S T U VWX Y Z
FA CEF ACE FACEFMY CAT HAS FLEASRY EEY H
58
![Page 59: Page 1 Introduction to Cryptography Minqi Zhou mqzhou@sei.ecnu.edu.cn Distributed Systems Except as otherwise noted, the content of this presentation is](https://reader038.vdocuments.us/reader038/viewer/2022110405/56649efc5503460f94c0fe2e/html5/thumbnails/59.jpg)
Page 59
Vigenère polyalphabetic cipher
A B C D E F GH I J K L MNO P Q R S T U VWX Y ZAB C D E F GH I J K L MNO P Q R S T U VWX Y Z
A BC D E F GH I J K L MNO P Q R S T U VWX Y ZA B CD E F GH I J K L MNO P Q R S T U VWX Y Z
A B C DE F GH I J K L MNO P Q R S T U VWX Y ZA B C D EF GH I J K L MNO P Q R S T U VWX Y Z
A B C D E FGH I J K L MNO P Q R S T U VWX Y ZA B C D E F GH I J K L MNO P Q R S T U VWX Y Z
FA CEF ACE FACEFMY CAT HAS FLEASRY EEY HC
59
![Page 60: Page 1 Introduction to Cryptography Minqi Zhou mqzhou@sei.ecnu.edu.cn Distributed Systems Except as otherwise noted, the content of this presentation is](https://reader038.vdocuments.us/reader038/viewer/2022110405/56649efc5503460f94c0fe2e/html5/thumbnails/60.jpg)
Page 60
Vigenère polyalphabetic cipher
A B C D E F GH I J K L MNO P Q R S T U VWX Y ZAB C D E F GH I J K L MNO P Q R S T U VWX Y Z
A BC D E F GH I J K L MNO P Q R S T U VWX Y ZA B CD E F GH I J K L MNO P Q R S T U VWX Y Z
A B C DE F GH I J K L MNO P Q R S T U VWX Y ZA B C D EF GH I J K L MNO P Q R S T U VWX Y Z
A B C D E FGH I J K L MNO P Q R S T U VWX Y ZA B C D E F GH I J K L MNO P Q R S T U VWX Y Z
FA CEF ACE FACEFMY CAT HAS FLEASRY EEY HCW
60
![Page 61: Page 1 Introduction to Cryptography Minqi Zhou mqzhou@sei.ecnu.edu.cn Distributed Systems Except as otherwise noted, the content of this presentation is](https://reader038.vdocuments.us/reader038/viewer/2022110405/56649efc5503460f94c0fe2e/html5/thumbnails/61.jpg)
Page 61
Vigenère polyalphabetic cipher
A B C D E F GH I J K L MNO P Q R S T U VWX Y ZAB C D E F GH I J K L MNO P Q R S T U VWX Y Z
A BC D E F GH I J K L MNO P Q R S T U VWX Y ZA B CD E F GH I J K L MNO P Q R S T U VWX Y Z
A B C DE F GH I J K L MNO P Q R S T U VWX Y ZA B C D EF GH I J K L MNO P Q R S T U VWX Y Z
A B C D E FGH I J K L MNO P Q R S T U VWX Y ZA B C D E F GH I J K L MNO P Q R S T U VWX Y Z
FA CEF ACE FACEFMY CAT HAS FLEASRY EEY HCW K
61
![Page 62: Page 1 Introduction to Cryptography Minqi Zhou mqzhou@sei.ecnu.edu.cn Distributed Systems Except as otherwise noted, the content of this presentation is](https://reader038.vdocuments.us/reader038/viewer/2022110405/56649efc5503460f94c0fe2e/html5/thumbnails/62.jpg)
Page 62
Vigenère polyalphabetic cipher
A B C D E F GH I J K L MNO P Q R S T U VWX Y ZAB C D E F GH I J K L MNO P Q R S T U VWX Y Z
A BC D E F GH I J K L MNO P Q R S T U VWX Y ZA B CD E F GH I J K L MNO P Q R S T U VWX Y Z
A B C DE F GH I J K L MNO P Q R S T U VWX Y ZA B C D EF GH I J K L MNO P Q R S T U VWX Y Z
A B C D E FGH I J K L MNO P Q R S T U VWX Y ZA B C D E F GH I J K L MNO P Q R S T U VWX Y Z
FA CEF ACE FACEFMY CAT HAS FLEASRY EEY HCW KL
62
![Page 63: Page 1 Introduction to Cryptography Minqi Zhou mqzhou@sei.ecnu.edu.cn Distributed Systems Except as otherwise noted, the content of this presentation is](https://reader038.vdocuments.us/reader038/viewer/2022110405/56649efc5503460f94c0fe2e/html5/thumbnails/63.jpg)
Page 63
Vigenère polyalphabetic cipher
A B C D E F GH I J K L MNO P Q R S T U VWX Y ZAB C D E F GH I J K L MNO P Q R S T U VWX Y Z
A BC D E F GH I J K L MNO P Q R S T U VWX Y ZA B CD E F GH I J K L MNO P Q R S T U VWX Y Z
A B C DE F GH I J K L MNO P Q R S T U VWX Y ZA B C D EF GH I J K L MNO P Q R S T U VWX Y Z
A B C D E FGH I J K L MNO P Q R S T U VWX Y ZA B C D E F GH I J K L MNO P Q R S T U VWX Y Z
FA CEF ACE FACEFMY CAT HAS FLEASRY EEY HCW KLG
63
![Page 64: Page 1 Introduction to Cryptography Minqi Zhou mqzhou@sei.ecnu.edu.cn Distributed Systems Except as otherwise noted, the content of this presentation is](https://reader038.vdocuments.us/reader038/viewer/2022110405/56649efc5503460f94c0fe2e/html5/thumbnails/64.jpg)
Page 64
Vigenère polyalphabetic cipher
A B C D E F GH I J K L MNO P Q R S T U VWX Y ZAB C D E F GH I J K L MNO P Q R S T U VWX Y Z
A BC D E F GH I J K L MNO P Q R S T U VWX Y ZA B CD E F GH I J K L MNO P Q R S T U VWX Y Z
A B C DE F GH I J K L MNO P Q R S T U VWX Y ZA B C D EF GH I J K L MNO P Q R S T U VWX Y Z
A B C D E FGH I J K L MNO P Q R S T U VWX Y ZA B C D E F GH I J K L MNO P Q R S T U VWX Y Z
FA CEF ACE FACEFMY CAT HAS FLEASRY EEY HCW KLGE
64
![Page 65: Page 1 Introduction to Cryptography Minqi Zhou mqzhou@sei.ecnu.edu.cn Distributed Systems Except as otherwise noted, the content of this presentation is](https://reader038.vdocuments.us/reader038/viewer/2022110405/56649efc5503460f94c0fe2e/html5/thumbnails/65.jpg)
Page 65
Vigenère polyalphabetic cipher
A B C D E F GH I J K L MNO P Q R S T U VWX Y ZAB C D E F GH I J K L MNO P Q R S T U VWX Y Z
A BC D E F GH I J K L MNO P Q R S T U VWX Y ZA B CD E F GH I J K L MNO P Q R S T U VWX Y Z
A B C DE F GH I J K L MNO P Q R S T U VWX Y ZA B C D EF GH I J K L MNO P Q R S T U VWX Y Z
A B C D E FGH I J K L MNO P Q R S T U VWX Y ZA B C D E F GH I J K L MNO P Q R S T U VWX Y Z
FA CEF ACE FACEFMY CAT HAS FLEASRY EEY HCW KLGEX
65
![Page 66: Page 1 Introduction to Cryptography Minqi Zhou mqzhou@sei.ecnu.edu.cn Distributed Systems Except as otherwise noted, the content of this presentation is](https://reader038.vdocuments.us/reader038/viewer/2022110405/56649efc5503460f94c0fe2e/html5/thumbnails/66.jpg)
Page 66
Vigenère polyalphabetic cipher
"The rebels reposed their major trust, however, in the Vigenere, sometimes using it in the form of a brass cipher disc. In theory, it was an excellent choice, for so far as the South knew the cipher was unbreakable. In practice, it proved a dismal failure. For one thing, transmission errors that added or subtracted a letter ... unmeshed the key from the cipher and caused no end of difficulty. Once Major Cunningham of General Kirby-Smith's staff tried for twelve hours to decipher a garbled message; he finally gave up in disgust and galloped around the Union flank to the sender to find out what it said."
http://rz1.razorpoint.com/index.html66
![Page 67: Page 1 Introduction to Cryptography Minqi Zhou mqzhou@sei.ecnu.edu.cn Distributed Systems Except as otherwise noted, the content of this presentation is](https://reader038.vdocuments.us/reader038/viewer/2022110405/56649efc5503460f94c0fe2e/html5/thumbnails/67.jpg)
Page 67Page 67
Transposition Ciphers
![Page 68: Page 1 Introduction to Cryptography Minqi Zhou mqzhou@sei.ecnu.edu.cn Distributed Systems Except as otherwise noted, the content of this presentation is](https://reader038.vdocuments.us/reader038/viewer/2022110405/56649efc5503460f94c0fe2e/html5/thumbnails/68.jpg)
Page 68
Transposition ciphers
• Permute letters in plaintext according to rules
• Knowledge of rules will allow message to be decrypted
• Earliest version used by the Spartans in the 5th century BC – staff cipher
68
![Page 69: Page 1 Introduction to Cryptography Minqi Zhou mqzhou@sei.ecnu.edu.cn Distributed Systems Except as otherwise noted, the content of this presentation is](https://reader038.vdocuments.us/reader038/viewer/2022110405/56649efc5503460f94c0fe2e/html5/thumbnails/69.jpg)
Page 69
Transposition ciphers: staff cipher
MYCATHASFLEAS
MYCHASEAS
MHE
MHE
69
![Page 70: Page 1 Introduction to Cryptography Minqi Zhou mqzhou@sei.ecnu.edu.cn Distributed Systems Except as otherwise noted, the content of this presentation is](https://reader038.vdocuments.us/reader038/viewer/2022110405/56649efc5503460f94c0fe2e/html5/thumbnails/70.jpg)
Page 70
Transposition ciphers: staff cipher
MYCATHASFLEAS
MYCHASEAS
MHE YAA
YAA
70
![Page 71: Page 1 Introduction to Cryptography Minqi Zhou mqzhou@sei.ecnu.edu.cn Distributed Systems Except as otherwise noted, the content of this presentation is](https://reader038.vdocuments.us/reader038/viewer/2022110405/56649efc5503460f94c0fe2e/html5/thumbnails/71.jpg)
Page 71
Transposition ciphers: staff cipher
MYCATHASFLEAS
MYCHASEAS
MHE YAA CSS
CSS
71
![Page 72: Page 1 Introduction to Cryptography Minqi Zhou mqzhou@sei.ecnu.edu.cn Distributed Systems Except as otherwise noted, the content of this presentation is](https://reader038.vdocuments.us/reader038/viewer/2022110405/56649efc5503460f94c0fe2e/html5/thumbnails/72.jpg)
Page 72
Transposition ciphers: staff cipher
MYCATHASFLEAS
CATSFLSxy
MHE YAA CSS AFx
AFx
Pad out the text. This is a block cipher versus a stream cipher
72
![Page 73: Page 1 Introduction to Cryptography Minqi Zhou mqzhou@sei.ecnu.edu.cn Distributed Systems Except as otherwise noted, the content of this presentation is](https://reader038.vdocuments.us/reader038/viewer/2022110405/56649efc5503460f94c0fe2e/html5/thumbnails/73.jpg)
Page 73
Transposition ciphers: staff cipher
MYCATHASFLEAS
CATSFLSxy
MHE YAA CSS Afx TLy
TLy
73
![Page 74: Page 1 Introduction to Cryptography Minqi Zhou mqzhou@sei.ecnu.edu.cn Distributed Systems Except as otherwise noted, the content of this presentation is](https://reader038.vdocuments.us/reader038/viewer/2022110405/56649efc5503460f94c0fe2e/html5/thumbnails/74.jpg)
Page 74
Transposition cipher
Table version of staff cipher– enter data horizontally, read it vertically– secrecy is the width of the table
M Y C AT H A SF L E AS x y z
MYCATHASFLEAS
74
![Page 75: Page 1 Introduction to Cryptography Minqi Zhou mqzhou@sei.ecnu.edu.cn Distributed Systems Except as otherwise noted, the content of this presentation is](https://reader038.vdocuments.us/reader038/viewer/2022110405/56649efc5503460f94c0fe2e/html5/thumbnails/75.jpg)
Page 75
Transposition cipher
Table version of staff cipher– enter data horizontally, read it vertically– secrecy is the width of the table
M Y C AT H A SF L E AS x y z
MYCATHASFLEAS MTFS
75
![Page 76: Page 1 Introduction to Cryptography Minqi Zhou mqzhou@sei.ecnu.edu.cn Distributed Systems Except as otherwise noted, the content of this presentation is](https://reader038.vdocuments.us/reader038/viewer/2022110405/56649efc5503460f94c0fe2e/html5/thumbnails/76.jpg)
Page 76
Transposition cipher
Table version of staff cipher– enter data horizontally, read it vertically– secrecy is the width of the table
M Y C AT H A SF L E AS x y z
MYCATHASFLEAS MTFSYHLx
76
![Page 77: Page 1 Introduction to Cryptography Minqi Zhou mqzhou@sei.ecnu.edu.cn Distributed Systems Except as otherwise noted, the content of this presentation is](https://reader038.vdocuments.us/reader038/viewer/2022110405/56649efc5503460f94c0fe2e/html5/thumbnails/77.jpg)
Page 77
Transposition cipher
Table version of staff cipher– enter data horizontally, read it vertically– secrecy is the width of the table
M Y C AT H A SF L E AS x y z
MYCATHASFLEAS MTFSYHLxCAEy
77
![Page 78: Page 1 Introduction to Cryptography Minqi Zhou mqzhou@sei.ecnu.edu.cn Distributed Systems Except as otherwise noted, the content of this presentation is](https://reader038.vdocuments.us/reader038/viewer/2022110405/56649efc5503460f94c0fe2e/html5/thumbnails/78.jpg)
Page 78
Transposition cipher
Table version of staff cipher– enter data horizontally, read it vertically– secrecy is the width of the table
M Y C AT H A SF L E AS x y z
MYCATHASFLEAS MTFSYHLxCAEyASAz
78
![Page 79: Page 1 Introduction to Cryptography Minqi Zhou mqzhou@sei.ecnu.edu.cn Distributed Systems Except as otherwise noted, the content of this presentation is](https://reader038.vdocuments.us/reader038/viewer/2022110405/56649efc5503460f94c0fe2e/html5/thumbnails/79.jpg)
Page 79
Transposition cipher with key
– permute letters in plaintext according to key– read down columns, sorting by key
Key: 3 1 4 2 M Y C A T H A S F L E A S x y z
MYCATHASFLEAS
79
![Page 80: Page 1 Introduction to Cryptography Minqi Zhou mqzhou@sei.ecnu.edu.cn Distributed Systems Except as otherwise noted, the content of this presentation is](https://reader038.vdocuments.us/reader038/viewer/2022110405/56649efc5503460f94c0fe2e/html5/thumbnails/80.jpg)
Page 80
Transposition cipher with key
– permute letters in plaintext according to key– read down columns, sorting by key
Key: 3 1 4 2 M Y C A T H A S F L E A S x y z
YHLx
YHLxMYCATHASFLEAS
80
![Page 81: Page 1 Introduction to Cryptography Minqi Zhou mqzhou@sei.ecnu.edu.cn Distributed Systems Except as otherwise noted, the content of this presentation is](https://reader038.vdocuments.us/reader038/viewer/2022110405/56649efc5503460f94c0fe2e/html5/thumbnails/81.jpg)
Page 81
Transposition cipher with key
– permute letters in plaintext according to key– read down columns, sorting by key
Key: 3 1 4 2 M Y C A T H A S F L E A S x y z
ASAz
YHLxASAzMYCATHASFLEAS
81
![Page 82: Page 1 Introduction to Cryptography Minqi Zhou mqzhou@sei.ecnu.edu.cn Distributed Systems Except as otherwise noted, the content of this presentation is](https://reader038.vdocuments.us/reader038/viewer/2022110405/56649efc5503460f94c0fe2e/html5/thumbnails/82.jpg)
Page 82
Transposition cipher with key
– permute letters in plaintext according to key– read down columns, sorting by key
Key: 3 1 4 2 M Y C A T H A S F L E A S x y z
MTFS
YHLxASAzMTFSMYCATHASFLEAS
82
![Page 83: Page 1 Introduction to Cryptography Minqi Zhou mqzhou@sei.ecnu.edu.cn Distributed Systems Except as otherwise noted, the content of this presentation is](https://reader038.vdocuments.us/reader038/viewer/2022110405/56649efc5503460f94c0fe2e/html5/thumbnails/83.jpg)
Page 83
Transposition cipher with key
– permute letters in plaintext according to key– read down columns, sorting by key
Key: 3 1 4 2 M Y C A T H A S F L E A S x y z
CAEy
YHLxASAzMTFSCAEyMYCATHASFLEAS
83
![Page 84: Page 1 Introduction to Cryptography Minqi Zhou mqzhou@sei.ecnu.edu.cn Distributed Systems Except as otherwise noted, the content of this presentation is](https://reader038.vdocuments.us/reader038/viewer/2022110405/56649efc5503460f94c0fe2e/html5/thumbnails/84.jpg)
Page 84
Transposition cipher with key
– permute letters in plaintext according to key– read down columns, sorting by key
Key: 3 1 4 2 M Y C A T H A S F L E A S x y z
YHLxASAzMTFSCAEYMYCATHASFLEAS
84
![Page 85: Page 1 Introduction to Cryptography Minqi Zhou mqzhou@sei.ecnu.edu.cn Distributed Systems Except as otherwise noted, the content of this presentation is](https://reader038.vdocuments.us/reader038/viewer/2022110405/56649efc5503460f94c0fe2e/html5/thumbnails/85.jpg)
Page 85
Combined ciphers
• Combine transposition with substitution ciphers– German ADFGVX cipher (WWI)
• can be troublesome to implement– may require a lot of memory– may require that messages be certain lengths
• Difficult with manual cryptography
85
![Page 86: Page 1 Introduction to Cryptography Minqi Zhou mqzhou@sei.ecnu.edu.cn Distributed Systems Except as otherwise noted, the content of this presentation is](https://reader038.vdocuments.us/reader038/viewer/2022110405/56649efc5503460f94c0fe2e/html5/thumbnails/86.jpg)
Page 86Page 86
Electro-mechanicalcryptographic engines
![Page 87: Page 1 Introduction to Cryptography Minqi Zhou mqzhou@sei.ecnu.edu.cn Distributed Systems Except as otherwise noted, the content of this presentation is](https://reader038.vdocuments.us/reader038/viewer/2022110405/56649efc5503460f94c0fe2e/html5/thumbnails/87.jpg)
Page 87
Rotor machines
1920s: mechanical devices used for automating encryptionrotor machine
– set of independently rotating cylinders through which electrical pulses flow
– each cylinder has input & output pin for each letter of the alphabet
– implements version of Vigenère cipher– each rotor implements a substitution cipher– output of each rotor is fed into the next rotor
87
![Page 88: Page 1 Introduction to Cryptography Minqi Zhou mqzhou@sei.ecnu.edu.cn Distributed Systems Except as otherwise noted, the content of this presentation is](https://reader038.vdocuments.us/reader038/viewer/2022110405/56649efc5503460f94c0fe2e/html5/thumbnails/88.jpg)
Page 88
Rotor machines
• Simplest rotor machine: single cylinder
• after a character is entered, the cylinder rotates one position– internal combinations shifted by one– polyalphabetic substitution cipher with a period of 26
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
88
![Page 89: Page 1 Introduction to Cryptography Minqi Zhou mqzhou@sei.ecnu.edu.cn Distributed Systems Except as otherwise noted, the content of this presentation is](https://reader038.vdocuments.us/reader038/viewer/2022110405/56649efc5503460f94c0fe2e/html5/thumbnails/89.jpg)
Page 89
Single cylinder rotor machine
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
A B C D E F G H I J K L M N O P Q R S T U V W X Y ZG V I L C M B Q F K D O S P Z H R E U Z N X A T W J
A B C D E F G H I J K L M N O P Q R S T U V W X Y ZK H W J M D N C R G L E P T Q Z I S F V A O Y B U X
rotate
89
![Page 90: Page 1 Introduction to Cryptography Minqi Zhou mqzhou@sei.ecnu.edu.cn Distributed Systems Except as otherwise noted, the content of this presentation is](https://reader038.vdocuments.us/reader038/viewer/2022110405/56649efc5503460f94c0fe2e/html5/thumbnails/90.jpg)
Page 90
Single cylinder rotor machine
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
MY CAT HAS FLEAS
S
90
![Page 91: Page 1 Introduction to Cryptography Minqi Zhou mqzhou@sei.ecnu.edu.cn Distributed Systems Except as otherwise noted, the content of this presentation is](https://reader038.vdocuments.us/reader038/viewer/2022110405/56649efc5503460f94c0fe2e/html5/thumbnails/91.jpg)
Page 91
Single cylinder rotor machine
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
MY CAT HAS FLEAS
SU
91
![Page 92: Page 1 Introduction to Cryptography Minqi Zhou mqzhou@sei.ecnu.edu.cn Distributed Systems Except as otherwise noted, the content of this presentation is](https://reader038.vdocuments.us/reader038/viewer/2022110405/56649efc5503460f94c0fe2e/html5/thumbnails/92.jpg)
Page 92
Single cylinder rotor machine
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
MY CAT HAS FLEAS
SUI
92
![Page 93: Page 1 Introduction to Cryptography Minqi Zhou mqzhou@sei.ecnu.edu.cn Distributed Systems Except as otherwise noted, the content of this presentation is](https://reader038.vdocuments.us/reader038/viewer/2022110405/56649efc5503460f94c0fe2e/html5/thumbnails/93.jpg)
Page 93
Single cylinder rotor machine
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
MY CAT HAS FLEAS
SUIU
93
![Page 94: Page 1 Introduction to Cryptography Minqi Zhou mqzhou@sei.ecnu.edu.cn Distributed Systems Except as otherwise noted, the content of this presentation is](https://reader038.vdocuments.us/reader038/viewer/2022110405/56649efc5503460f94c0fe2e/html5/thumbnails/94.jpg)
Page 94
Single cylinder rotor machine
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
MY CAT HAS FLEAS
SUIUV
94
![Page 95: Page 1 Introduction to Cryptography Minqi Zhou mqzhou@sei.ecnu.edu.cn Distributed Systems Except as otherwise noted, the content of this presentation is](https://reader038.vdocuments.us/reader038/viewer/2022110405/56649efc5503460f94c0fe2e/html5/thumbnails/95.jpg)
Page 95
Single cylinder rotor machine
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
MY CAT HAS FLEAS
SUIUVA
95
![Page 96: Page 1 Introduction to Cryptography Minqi Zhou mqzhou@sei.ecnu.edu.cn Distributed Systems Except as otherwise noted, the content of this presentation is](https://reader038.vdocuments.us/reader038/viewer/2022110405/56649efc5503460f94c0fe2e/html5/thumbnails/96.jpg)
Page 96
Single cylinder rotor machine
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
MY CAT HAS FLEAS
SUIUVAY
96
![Page 97: Page 1 Introduction to Cryptography Minqi Zhou mqzhou@sei.ecnu.edu.cn Distributed Systems Except as otherwise noted, the content of this presentation is](https://reader038.vdocuments.us/reader038/viewer/2022110405/56649efc5503460f94c0fe2e/html5/thumbnails/97.jpg)
Page 97
Single cylinder rotor machine
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
MY CAT HAS FLEAS
SUIUVAYO
97
![Page 98: Page 1 Introduction to Cryptography Minqi Zhou mqzhou@sei.ecnu.edu.cn Distributed Systems Except as otherwise noted, the content of this presentation is](https://reader038.vdocuments.us/reader038/viewer/2022110405/56649efc5503460f94c0fe2e/html5/thumbnails/98.jpg)
Page 98
Single cylinder rotor machine
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
MY CAT HAS FLEAS
SUIUVAYOI
98
![Page 99: Page 1 Introduction to Cryptography Minqi Zhou mqzhou@sei.ecnu.edu.cn Distributed Systems Except as otherwise noted, the content of this presentation is](https://reader038.vdocuments.us/reader038/viewer/2022110405/56649efc5503460f94c0fe2e/html5/thumbnails/99.jpg)
Page 99
Single cylinder rotor machine
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
MY CAT HAS FLEAS
SUIUVAYOIN
99
![Page 100: Page 1 Introduction to Cryptography Minqi Zhou mqzhou@sei.ecnu.edu.cn Distributed Systems Except as otherwise noted, the content of this presentation is](https://reader038.vdocuments.us/reader038/viewer/2022110405/56649efc5503460f94c0fe2e/html5/thumbnails/100.jpg)
Page 100
Single cylinder rotor machine
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
MY CAT HAS FLEAS
SUIUVAYOINK
100
![Page 101: Page 1 Introduction to Cryptography Minqi Zhou mqzhou@sei.ecnu.edu.cn Distributed Systems Except as otherwise noted, the content of this presentation is](https://reader038.vdocuments.us/reader038/viewer/2022110405/56649efc5503460f94c0fe2e/html5/thumbnails/101.jpg)
Page 101
Single cylinder rotor machine
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
MY CAT HAS FLEAS
SUIUVAYOINKB
101
![Page 102: Page 1 Introduction to Cryptography Minqi Zhou mqzhou@sei.ecnu.edu.cn Distributed Systems Except as otherwise noted, the content of this presentation is](https://reader038.vdocuments.us/reader038/viewer/2022110405/56649efc5503460f94c0fe2e/html5/thumbnails/102.jpg)
Page 102
Single cylinder rotor machine
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
MY CAT HAS FLEAS
SUIUVAYOINKBY
102
![Page 103: Page 1 Introduction to Cryptography Minqi Zhou mqzhou@sei.ecnu.edu.cn Distributed Systems Except as otherwise noted, the content of this presentation is](https://reader038.vdocuments.us/reader038/viewer/2022110405/56649efc5503460f94c0fe2e/html5/thumbnails/103.jpg)
Page 103
Multi-cylinder rotor machines
Single cylinder rotor machine– substitution cipher with a period = length of alphabet
(e.g., 26)
Multi-cylinder rotor machine– feed output of one cylinder as input to the next one– first rotor advances after character is entered– second rotor advances after a full period of the first– polyalphabetic substitution cipher
• period = (length of alphabet)number of rotors
• 3 26-char cylinders 263 = 17,576 substitution alphabets
• 5 26-char cylinders 265 = 11,881,367 substitution alphabets
103
![Page 104: Page 1 Introduction to Cryptography Minqi Zhou mqzhou@sei.ecnu.edu.cn Distributed Systems Except as otherwise noted, the content of this presentation is](https://reader038.vdocuments.us/reader038/viewer/2022110405/56649efc5503460f94c0fe2e/html5/thumbnails/104.jpg)
Page 104
Enigma
• Enigma machine used in Germany during WWII• Three rotor system
– 263 = 17,576 possible rotor positions
• Input data permuted viapatch panel before sending to rotor engine
• Data from last rotor reflected back throughrotors makes encryption symmetric
• Need to know initial settings of rotor– setting was f(date)– find in book of codes
• broken by group at Bletchley Park (Alan Turing)
104
![Page 105: Page 1 Introduction to Cryptography Minqi Zhou mqzhou@sei.ecnu.edu.cn Distributed Systems Except as otherwise noted, the content of this presentation is](https://reader038.vdocuments.us/reader038/viewer/2022110405/56649efc5503460f94c0fe2e/html5/thumbnails/105.jpg)
Page 105
Enigma
Keyboard(input)
Glowlamps(results)
Plugboard
RotorsReflector
105
![Page 106: Page 1 Introduction to Cryptography Minqi Zhou mqzhou@sei.ecnu.edu.cn Distributed Systems Except as otherwise noted, the content of this presentation is](https://reader038.vdocuments.us/reader038/viewer/2022110405/56649efc5503460f94c0fe2e/html5/thumbnails/106.jpg)
Page 106
One-time pads
Only provably secure encryption scheme• invented in 1917
• large non-repeating set of random key letters written on a pad
• each key letter on the pad encrypts exactly one plaintext character– encryption is addition of characters modulo 26
• sender destroys pages that have been used• receiver maintains identical pad
106
![Page 107: Page 1 Introduction to Cryptography Minqi Zhou mqzhou@sei.ecnu.edu.cn Distributed Systems Except as otherwise noted, the content of this presentation is](https://reader038.vdocuments.us/reader038/viewer/2022110405/56649efc5503460f94c0fe2e/html5/thumbnails/107.jpg)
Page 107
One-time pads
If pad containsKWXOPWMAELGHW…
and we want to encryptMY CAT HAS FLEAS
Ciphertext:
WUZOIDMSJWKHO
M + K mod 26 = WY + W mod 26 = UC + X mod 26 = ZA + O mod 26 = OT + P mod 26 = IH + W mod 26 = DA + M mod 26 = MS + A mod 26 = SF + E mod 26 = JL + L mod 26 = WE + G mod 26 = KA + H mod 26 = HS + W mod 26 = O
107
![Page 108: Page 1 Introduction to Cryptography Minqi Zhou mqzhou@sei.ecnu.edu.cn Distributed Systems Except as otherwise noted, the content of this presentation is](https://reader038.vdocuments.us/reader038/viewer/2022110405/56649efc5503460f94c0fe2e/html5/thumbnails/108.jpg)
Page 108
One-time pads
The same ciphertext can decrypt to anything depending on the key!
Same ciphertext: WUZOIDMSJWKHO
With a pad of:KWXOPWMAELGHW…
Produces:THE DOG IS HAPPY
W - D mod 26 = WU - N mod 26 = UZ - V mod 26 = ZO - L mod 26 = OI - U mod 26 = ID - X mod 26 = DM - E mod 26 = MS - A mod 26 = SJ - C mod 26 = JW - W mod 26 = WK - V mod 26 = KH - S mod 26 = HO - Q mod 26 = O
108
![Page 109: Page 1 Introduction to Cryptography Minqi Zhou mqzhou@sei.ecnu.edu.cn Distributed Systems Except as otherwise noted, the content of this presentation is](https://reader038.vdocuments.us/reader038/viewer/2022110405/56649efc5503460f94c0fe2e/html5/thumbnails/109.jpg)
Page 109
One-time pads
Can be extended to binary data– random key sequence as long as the
message– exclusive-or key sequence with message– receiver has the same key sequence
109
![Page 110: Page 1 Introduction to Cryptography Minqi Zhou mqzhou@sei.ecnu.edu.cn Distributed Systems Except as otherwise noted, the content of this presentation is](https://reader038.vdocuments.us/reader038/viewer/2022110405/56649efc5503460f94c0fe2e/html5/thumbnails/110.jpg)
Page 110
One-time pads
Problems with one-time pads– key needs to be as long as the message!– key storage can be problematic
• may need to store a lot of data
– keys have to be generated randomly • cannot use pseudo-random number generator
– cannot reuse key sequence– sender and receiver must remain
synchronized (e.g. cannot lose a message)
110
![Page 111: Page 1 Introduction to Cryptography Minqi Zhou mqzhou@sei.ecnu.edu.cn Distributed Systems Except as otherwise noted, the content of this presentation is](https://reader038.vdocuments.us/reader038/viewer/2022110405/56649efc5503460f94c0fe2e/html5/thumbnails/111.jpg)
Page 111
Digression: random numbers
• “anyone who considers arithmetical methods of producing random digits is, of course, in a state of sin”– John vonNeumann
• Pseudo-random generators– Linear feedback shift registers– Multiplicative lagged Fibonacci generators– Linear congruential generator
• Obtain randomness from:– time between keystrokes– Cosmic rays– Electrical noise– Other encrypted messages
111
![Page 112: Page 1 Introduction to Cryptography Minqi Zhou mqzhou@sei.ecnu.edu.cn Distributed Systems Except as otherwise noted, the content of this presentation is](https://reader038.vdocuments.us/reader038/viewer/2022110405/56649efc5503460f94c0fe2e/html5/thumbnails/112.jpg)
Page 112Page 112
Computer Cryptography
![Page 113: Page 1 Introduction to Cryptography Minqi Zhou mqzhou@sei.ecnu.edu.cn Distributed Systems Except as otherwise noted, the content of this presentation is](https://reader038.vdocuments.us/reader038/viewer/2022110405/56649efc5503460f94c0fe2e/html5/thumbnails/113.jpg)
Page 113
DES
• Data Encryption Standard– adopted as a federal standard in 1976
• block cipher, 64 bit blocks• 56 bit key
– all security rests with the key
• substitution followed by a permutation (transposition)– same combination of techniques is applied on
the plaintext block 16 times
113
![Page 114: Page 1 Introduction to Cryptography Minqi Zhou mqzhou@sei.ecnu.edu.cn Distributed Systems Except as otherwise noted, the content of this presentation is](https://reader038.vdocuments.us/reader038/viewer/2022110405/56649efc5503460f94c0fe2e/html5/thumbnails/114.jpg)
Page 114
DES
64 bit plaintext block64 bit plaintext block
initial permutation, IPinitial permutation, IP
left half, L1left half, L1 right half, R0
right half, R0
ff
R1 = L0 f(R0, K1)R1 = L0 f(R0, K1)L1= R0L1= R0
K116 rounds
L15= R14L15= R14 R15 = L14 f(R14, K15)R15 = L14 f(R14, K15)
48-bit subkeypermuted from key
ff
L16 = R15L16 = R15R16 = L15 f(R15, K16)R16 = L15 f(R15, K16)
K16
final permutation, IP-1final permutation, IP-1
64 bit ciphertext block64 bit ciphertext block114
![Page 115: Page 1 Introduction to Cryptography Minqi Zhou mqzhou@sei.ecnu.edu.cn Distributed Systems Except as otherwise noted, the content of this presentation is](https://reader038.vdocuments.us/reader038/viewer/2022110405/56649efc5503460f94c0fe2e/html5/thumbnails/115.jpg)
Page 115
DES: f
DATA: right 32 bits KEY: 56 bits
DATA: left 32 bitsDATA: left 32 bits New DATA:right 32 bits
New DATA:right 32 bits
48 bits48 bits
S S S S S S S S
115
![Page 116: Page 1 Introduction to Cryptography Minqi Zhou mqzhou@sei.ecnu.edu.cn Distributed Systems Except as otherwise noted, the content of this presentation is](https://reader038.vdocuments.us/reader038/viewer/2022110405/56649efc5503460f94c0fe2e/html5/thumbnails/116.jpg)
Page 116
DES: S-boxes
• After compressed key is XORed with expanded block– 48-bit result moves to substitution operation via 8
substitution boxes (s-boxes)
• Each S-box has– 6-bit input– 4-bit output
• 48 bits divided into eight 6-bit sub-blocks• Each block is operated by a separate S-box• key components of DES’s security• net result: 48 bit input generates 32 bit output
116
![Page 117: Page 1 Introduction to Cryptography Minqi Zhou mqzhou@sei.ecnu.edu.cn Distributed Systems Except as otherwise noted, the content of this presentation is](https://reader038.vdocuments.us/reader038/viewer/2022110405/56649efc5503460f94c0fe2e/html5/thumbnails/117.jpg)
Page 117
Is DES secure?
56-bit key makes DES relatively weak– 7.2×1016 keys– Brute-force attack
Late 1990’s:– DES cracker machines built to crack DES keys in a few
hours– DES Deep Crack: 90 billion keys/second– Distributed.net: test 250 billion keys/second
117
![Page 118: Page 1 Introduction to Cryptography Minqi Zhou mqzhou@sei.ecnu.edu.cn Distributed Systems Except as otherwise noted, the content of this presentation is](https://reader038.vdocuments.us/reader038/viewer/2022110405/56649efc5503460f94c0fe2e/html5/thumbnails/118.jpg)
Page 118
The power of 2
Adding an extra bit to a key doubles the search space.
Suppose it takes 1 second to attack a 20-bit key:
•21-bit key: 2 seconds•32-bit key: 1 hour•40-bit key: 12 days•56-bit key: 2,178 years•64-bit key: >557,000 years!
118
![Page 119: Page 1 Introduction to Cryptography Minqi Zhou mqzhou@sei.ecnu.edu.cn Distributed Systems Except as otherwise noted, the content of this presentation is](https://reader038.vdocuments.us/reader038/viewer/2022110405/56649efc5503460f94c0fe2e/html5/thumbnails/119.jpg)
Page 119
Increasing The Key
Can double encryption work for DES?
– Useless if we could find a key K such that:
EK(P) = EK2(EK1(P))
– This does not hold for DES
119
![Page 120: Page 1 Introduction to Cryptography Minqi Zhou mqzhou@sei.ecnu.edu.cn Distributed Systems Except as otherwise noted, the content of this presentation is](https://reader038.vdocuments.us/reader038/viewer/2022110405/56649efc5503460f94c0fe2e/html5/thumbnails/120.jpg)
Page 120
Double DES
Vulnerable to meet-in-the-middle attack
If we know some pair (P, C), then:[1] Encrypt P for all 256 values of K1
[2] Decrypt C for all 256 values of K2
For each match where [1] = [2]– test the two keys against another P, C pair– if match, you are assured that you have the
key
120
![Page 121: Page 1 Introduction to Cryptography Minqi Zhou mqzhou@sei.ecnu.edu.cn Distributed Systems Except as otherwise noted, the content of this presentation is](https://reader038.vdocuments.us/reader038/viewer/2022110405/56649efc5503460f94c0fe2e/html5/thumbnails/121.jpg)
Page 121
Triple DES
Triple DES with two 56-bit keys:
C = EK1(DK2(EK1(P)))
Triple DES with three 56-bit keys:
C = EK3(DK2(EK1(P)))
Decryption used in middle step for compatibility with DES (K1=K2=K3)
C = EK(DK(EK(P))) C = EK1(P)
121
![Page 122: Page 1 Introduction to Cryptography Minqi Zhou mqzhou@sei.ecnu.edu.cn Distributed Systems Except as otherwise noted, the content of this presentation is](https://reader038.vdocuments.us/reader038/viewer/2022110405/56649efc5503460f94c0fe2e/html5/thumbnails/122.jpg)
Page 122
Triple DES
Prevent meet-in-the-middle attack with– three stages– and two keys
Triple DES:C = EK1(DK2(EK1(P)))
Decryption used in middle step for compatibility with DES
C = EK(DK(EK(P))) C = EK1(P)
122
![Page 123: Page 1 Introduction to Cryptography Minqi Zhou mqzhou@sei.ecnu.edu.cn Distributed Systems Except as otherwise noted, the content of this presentation is](https://reader038.vdocuments.us/reader038/viewer/2022110405/56649efc5503460f94c0fe2e/html5/thumbnails/123.jpg)
Page 123
Popular symmetric algorithms
IDEA - International Data Encryption Algorithm
– 1992
– 128-bit keys, operates on 8-byte blocks (like DES)
– algorithm is more secure than DES
RC4, by Ron Rivest– 1995– key size up to 2048 bits– not secure against multiple messages encrypted with the same
key
AES - Advanced Encryption Standard– NIST proposed successor to DES, chosen in October 2000– based on Rigndael cipher– 128, 192, and 256 bit keys
123
![Page 124: Page 1 Introduction to Cryptography Minqi Zhou mqzhou@sei.ecnu.edu.cn Distributed Systems Except as otherwise noted, the content of this presentation is](https://reader038.vdocuments.us/reader038/viewer/2022110405/56649efc5503460f94c0fe2e/html5/thumbnails/124.jpg)
Page 124
AES
From NIST:Assuming that one could build a machine that could recover a DES key in a second (i.e., try 256 keys per second), then it would take that machine approximately 149 trillion years to crack a 128-bit AES key. To put that into perspective, the universe is believed to be less than 20 billion years old.
http://csrc.nist.gov/encryption/aes/
124
![Page 125: Page 1 Introduction to Cryptography Minqi Zhou mqzhou@sei.ecnu.edu.cn Distributed Systems Except as otherwise noted, the content of this presentation is](https://reader038.vdocuments.us/reader038/viewer/2022110405/56649efc5503460f94c0fe2e/html5/thumbnails/125.jpg)
Page 125Page 125
The end.