one-time pad or vernam cipher.ppt
TRANSCRIPT
-
8/10/2019 One-Time Pad or vernam Cipher.ppt
1/19
One-Time Pad Or Vernam Cipher
Sayed Mahdi Mohammad Hasanzadeh
Spring 2004
mailto:[email protected]:[email protected] -
8/10/2019 One-Time Pad or vernam Cipher.ppt
2/19
-
8/10/2019 One-Time Pad or vernam Cipher.ppt
3/19
exclusive or Operatora b c = a b
0 0 0
0 1 1
1 0 1
1 1 0
-
8/10/2019 One-Time Pad or vernam Cipher.ppt
4/19
Example message =IF then its ASCII code =(1001001 1000110)
key = (1010110 0110001) Encryption:
1001001 1000110 plaintext 1010110 0110001 key
0011111 1110110 ciphertext Decryption:
0011111 1110110 ciphertext 1010110 0110001 key
1001001 1000110 plaintext
-
8/10/2019 One-Time Pad or vernam Cipher.ppt
5/19
Why OTP is provably secure? The security depends on the randomness of
the key.
It is hard to define randomness. In cryptographic context, we seek two
fundamental properties in a binary randomkey sequence:
Unpredictability: Balanced (Equal Distribution):
-
8/10/2019 One-Time Pad or vernam Cipher.ppt
6/19
Why OTP is provably secure? Unpredictability:
Independent of the number of the bits of
a sequence observed, the probability ofguessing the next bit is not better than. Therefore, the probability of a certainbit being 1 or 0 is exactly equal to .
Balanced (Equal Distribution): The number of 1s and 0s should be
equal.
-
8/10/2019 One-Time Pad or vernam Cipher.ppt
7/19
Mathematical Proof the probability of a key bit being 1 or 0
is exactly equal to .
The plaintext bits are not balanced. Letthe probability of 0 be x and then theprobability of 1 turns out to be 1-x.
Let us calculate the probability ofciphertext bits.
-
8/10/2019 One-Time Pad or vernam Cipher.ppt
8/19
Mathematical Proofmi
prob.ki prob. ci prob.
0 x 0 0 x0 x 1 1 x
1 1-x 0 1 (1-x)
1 1-x 1 0 (1-x) We find out the probability of a ciphertext bit being 1
or 0 is equal to ()x + ()(1-x)= . Ciphertext looks
like a random sequence.
-
8/10/2019 One-Time Pad or vernam Cipher.ppt
9/19
OTP is basic idea for stream cipher Encryption : mi: plain-text bits. ki : key (key-stream ) bits ci : cipher-text bits. Decryption : Provably Secure.
-
8/10/2019 One-Time Pad or vernam Cipher.ppt
10/19
Generator Properties Randomness
Provable security
Bit rate
Key length
Complexity of algorithm Memory
Resistant against every attack
-
8/10/2019 One-Time Pad or vernam Cipher.ppt
11/19
Drawback in OTP
Key-stream should be as long asplain-text.
Key distribution & Management
difficult.
-
8/10/2019 One-Time Pad or vernam Cipher.ppt
12/19
Solution Stream Ciphers in which key-
stream is a solution Stream cipher generated in
pseudo-random fashion fromrelatively short secret key.
-
8/10/2019 One-Time Pad or vernam Cipher.ppt
13/19
Stream Cipher Property
Randomness : Closely related to
unpredictability.Pseudo-randomness :PR sequences
appears random to a
computationally bounded adversary.Stream Ciphers can be modeled as Finite-
state machine.
-
8/10/2019 One-Time Pad or vernam Cipher.ppt
14/19
Stream Cipher Model
Si
F
G
Si+1
kimi ci
Si : state of the cipher
at time t = i.
F : state function.G : output function.
Initial state, output and state
functions are controlled by the
secret key.
-
8/10/2019 One-Time Pad or vernam Cipher.ppt
15/19
Stream Cipher Types
Synchronous Stream Cipher
Self-Synchronizing Stream Ciphers
-
8/10/2019 One-Time Pad or vernam Cipher.ppt
16/19
Synchronous Stream Ciphers Key-stream is independent of plain and
cipher-text.
Both sender &receiver must besynchronized.
Resynchronization can be needed.
No error propagation.
Active attacks can easily be detected.
-
8/10/2019 One-Time Pad or vernam Cipher.ppt
17/19
-
8/10/2019 One-Time Pad or vernam Cipher.ppt
18/19
Self-Synchronizing Stream Ciphers Key-stream is a function of fixed number t of
cipher-text
bits. Limited error propagation (up to t bits).
Active attacks cannot be detected.
At most tbits later, it resynchronizes itself
when synchronization is lost.
It helps to diffuse plain-text statistics.
-
8/10/2019 One-Time Pad or vernam Cipher.ppt
19/19
Self-Synchronizing Stream Ciphers