Classical Cryptography

1
Classical Cryptography

• Chapter 2

2
Cryptography
Ciphertext
Plaintext
Plaintext
Decryption
Encryption

• Secret Writing
• Enciphering (Encryption) Process to conceal the
  meaning of message
• Deciphering (Decryption) Process to transform an
  encrypted message to its original form
• Plaintext Original message
• Ciphertext Message being transformed to an
  unreadable form
• Algorithm vs. key
• Cryptography the area of study constitute
  schemes used for enciphering
• Cryptographic system (cipher) the scheme as
  described above
• Cryptanalysis techniques used for deciphering a
  message without any knowledge of the enciphering
  details
• Cryptology the study of cryptography and
  cryptanalysis

3
Why Cryptography?

• It is a way of secure communication
• Protect your information from being disclosed or
  modified
• Intruders are interested in it
• Important to todays Internet commerce
• Need to keep up-to-date on the weakness found
• Part of your defense strategy never use just
  one mechanisms, but combined with several
  protection mechanism

4
Cryptography Purposes

• Confidentiality
• Integrity checking
• Authentication
• Non-repudiation
• Cryptography is about communications in the
  presence of Adversaries (Rivest, 1990)

5
Simplified Model of Symmetric Encryption
Plaintext Input
Plaintext Output
Ciphertext
Decryption algorithm
Encryption algorithm
Secret key shared by sender and recipient
Secret key shared by sender and recipient
Alice
Bob
6
Symmetric Encryption

• Also known as conventional encryption or
  single-key encryption, Private Key Cryptography
  or Secret Key Cryptography
• Was the only type of encryption in use prior to
  the development of public-key encryption
• Still the far the most widely used
• Use of single key, usually called secret key for
  encryption and decryption
• Decryption algorithm is the reverse of the
  encryption algorithm

7
Symmetric Encryption (cont.)

• Use the same key for encryption and decryption
• Primary application is secrecy
• Assuming that it is impractical to decrypt a
  message on the basis of ciphertext plus
  knowledge of the encryption/decryption algorithm
• Faster implementation with lower cost (publicly
  available algorithm)
• The principal security problem is maintaining the
  secrecy of the key (distribute key through a
  secure channel)
• Issue avoid key compromise, required a strong
  key creation and exchange

8
Model of Convention Cryptosystem
Cryptanalyst
Message Source
Ciphertext
Destination
Decryption algorithm
Encryption algorithm
Alice
Bob
Secure Channel
Key Source
9
Requirements

• For a plaintext X, with a key K, the encryption
  transformation EK to produce a ciphertext Y is
  denoted by
• Y EK(X) Y is produced by encrypting message X
  under key K
• Similarly, the decryption algorithm DK is
  denoted by
• X DK(Y) Y is produced by decrypting message
  X under key K
• Two requirements for secure use of symmetric
  encryption
• A strong encryption algorithm
• A secret key known only to sender/receiver

10
Use of Private Key System

• Transmit message over insecure channel
• Both Alice and Bob share the same secret share
  key
• The secret share key is securely distributed
  prior to the communication
• Message is encrypted with this share key
• Secure Storage on Insecure Media
• Use a key to encrypt the data in the storage
  media, only the key holder can decrypt the data

11
Use of Private Key system for Authentication

• Suppose Alice and Bob share a share key, KAB, and
  they want to ensure the other partys identity
• Alice pick a random number RA and Bob pick a
  random number RB (Challenge)
• The encrypted message of each random number with
  the share key is called the response

12
Use of Private Key System for Authentication
Encryption
Decryption
RA
RA
Alice
Bob
KAB
KAB
Encryption
RB
Decryption
RB
Alice
Bob
KAB
KAB
13
Use of Private Key System for Integrity Check

• A Secret key scheme can be used to generate a
  fixed-length cryptographic checksum associate to
  a message
• Checksum is used to protect against accidental
  corruption of a message.
• Generate by the sender and append to the end of
  the message. Receiver re-calculate with the
  message and compare with the checksum received
• Cryptographic checksum using the secret
  checksum algorithm with the key on the message to
  generate a fixed-length message integrity code
  (MIC)
• A typical MIC is at least 48 bits long (1 in 280
  trillion chances)

14
Cryptography

• Can be characterized by three independent
  dimensions
• Type of operations used for transforming
  plaintext to ciphertext
• Substitution each element in the plaintext
  (bit, letter, group of bits or letters) is mapped
  into another element
• Transposition elements in the plaintext are
  rearranged
• Fundamental requirement is that no information
  will be lost
• The product systems involve multiple stages of
  substitutions and transposition
• Number of keys used
• Use the same key Symmetric, single-key,
  secret-key, conventional encryption
• Use different key Asymmetric, two-key, or
  public-key encryption
• Ways in which plaintext is produced
• Block cipher input one block at a time,
  producing an output block
• Stream cipher processes the input elements
  continuously, producing output one element at a
  time

15
Cryptanalysis

• An individual whose job is to break an encryption
  scheme
• Two general approaches to attacking a
  conventional encryption scheme
• Cryptanalysis
• Relay on the nature of the algorithm
• Some knowledge of the general characteristics of
  the plaintext or some sample of
  plaintext-ciphertext pairs
• Exploits the characteristics of the algorithm to
  deduce a specific plaintext of to deduce the key
  being used
• Brute-force attack
• Try every possible key on a piece of ciphertext
  until a intelligent translation into plaintext is
  obtained

16
Ciphertext Only Attack

• Known to Cryptanalyst
• Encryption algorithm
• Ciphertext to be decoded
• Search through a lot of keys to obtain a
  recognizable text with some common English words
• Does not have to search all possible keys
• Also called Recognizable Plaintext attacks
• Need a large size of key
• If a password is used to generate a key, the
  password must be strong

17
Known Plaintext Attacks

• Known to Cryptanalyst
• Encryption algorithm
• Ciphertext to be decoded
• One or more plaintext-ciphertext pairs formed
  with the secret key
• Obtain ciphertext, plaintext pairs
• Mapping of some plaintext to the ciphertext
• Cryptography algorithm that prevent ciphertext
  attack may not secure enough for this attack
• Prevent Attackers to obtain portion of the
  plaintext

18
Chosen Plaintext Attacks

• Known to Cryptanalyst
• Encryption algorithm
• Ciphertext to be decoded
• Purported ciphertext chosen by cryptanalyst,
  together with its corresponding decrypted
  plaintext generated with the secret key
• Less commonly employed
• Still a possible avenue of attack

19
Chosen Ciphertext Attacks

• Known to Cryptanalyst
• Encryption algorithm
• Ciphertext to be decoded
• Plaintext message chosen by cryptanalyst,
  together with its corresponding ciphertext
  generated with the secret key
• Purported ciphertext chosen by cryptanalyst,
  together with its corresponding decrypted
  plaintext generated with the secret key
• Less commonly employed
• Still a possible avenue of attack

20
Chosen Text Attacks

• Known to Cryptanalyst
• Encryption algorithm
• Ciphertext to be decoded
• Plaintext message chosen by cryptanalyst,
  together with its corresponding ciphertext
  generated with the secret key
• Selectively choose some plaintext
• Use it to compare the ciphertext received and do
  the comparison
• Cryptography algorithm that prevent Ciphertext
  and known plaintext attacks may not secure enough
  for this attack
• Prevent generating the same ciphertext from the
  same plaintext
• A cryptosystem must be strong to resist these
  three attacks

21
Two More Definition

• Unconditional Secure
• No matter how much computing power and ciphertext
  is available, the encryption scheme cannot be
  broken since the ciphertext generated by the
  scheme does not contain enough information to
  uniquely determine the corresponding plaintext
• There is no encryption scheme that is
  unconditionally secure (except one-time pad)
• Computational Secure
• If the algorithm meets these two criteria
• The cost of breaking the cipher exceeds the value
  of the encrypted information
• The time required to break the cipher exceeds the
  useful lifetime of the information
• How do you determine to estimate the amount of
  efforts required to cryptanalyze ciphertext
  successfully

22
Computational Difficulty

• Cryptographic algorithm should be reasonably
  efficient for good guy to compute
• The security of algorithm depends on how much
  work for bad guy
• Increase the length of keys, the length of
  combination will increase the time to break
• Should cryptographic algorithm be publishes?
• Proprietary algorithms vs. standard algorithms
• Is there any thing about Tamper-proof hardware?
• Technical Solutions do not always work

23
Average Time Required for Exhaustive Key Search
24
Substitution Techniques

• The letters of plaintext are replaced by other
  letters or by numbers or symbols.
• If the plaintext is viewed as a sequence of bits,
  then substitution involves replacing plaintext
  bit patterns with ciphertext bit pattern
• Rotational Substitution Caesar Cipher
• Arbitrary Substitution Monoalphabetic Ciphers

25
Caesar Cipher

• The earliest known use of substitution cipher by
  Julius Caesar
• Use a one-to-one substitution
• Also known as Rotational Substitution
• Substitute each letter with the letter 3 position
  away
• So the replacement of the following plaintext
  would become
• plaintext meet me after the toga party
• ciphertext PHHW PH DIWHU WKH WRJD SDUWB

26
Caesar Cipher

• Define Transformation as
• a b c d e f g h i j k l m n o p q r s t u v w x
  y z
• D E F G H I J K L M N O P Q R S T U V W X Y Z A
  B C
• Assign a numerical equivalent to each letter
• a b c d e f g h i j k l m n
• 0 1 2 3 4 5 6 7 8 9 10 11 12 13
• o p q r s t u v w x y z
• 14 15 16 17 18 19 20 21 22 23 24 25
• Then the Caesar algorithm can be expressed as
• C E(p) (p k) mod (26) encryption shift
  cipher by k
• p D(C) (C - k) mod (26) decryption shift
  cipher by k

27
Cryptanalysis of Caesar Cipher

• Three important characteristics
• Encryption and decryption algorithms are known
• There are only 25 keys to try
• The language of the plaintext is known and easily
  recognizable
• Use brute-force cryptanalysis
• Given a ciphertext, just try all shifts of
  letters (all keys)
• Each key represents a shift of letters
• The attacks can be mount by trying every case
• The third characteristic is where the human or
  computer can recognize (English, French, Spanish,
  etc.)

28
Monoalphabetic Cipher

• Also known as Arbitrary Substitution
• Use a one-to-one substitution of character
• Replace one plaintext letter with an ciphertext
  letter arbitrarily (in random)
• The key is 26 letters long
• So the replacement of the following plaintext
  would become
• plaintext letters a b c d e f g h i j k l m n
  o p q r s t u v w x y z
• Ciphertext letters D K V Q F I B J W P E S C X
  H T M Y A U O L R G Z N
• plaintext ifwewishtoreplaceletters
• Ciphertext WIRFRWAJUHYFTSDVFSFUUFYA

29
Monoaphabetic Cipher Security

• There is a total of 26! 4 x 1026 keys
• A 10 orders of magnitude greater than the key
  space for DES
• May seem to eliminate brute-force techniques for
  cryptanalysis
• Very easy to break using character frequency
  analysis
• Problem is the language characteristics

30
Language Redundancy and Cryptanalysis

• Human languages are reduncant
• e.g., th_ n_tw_ork s_cur_ty cl_ss
• Letters are not equally commonly used
• In English e is by far the most common letter
• Then T,R,N,I,O,A,S (see next slide)
• Other letters are faily rare, such as
  B,J,K,Q,V,X,Z
• Have tables of single, double triple letter
  frequencies
• Basic idea for an attack is to count the relative
  frequencies of letters, and not the resulting
  pattern

31
Relative Frequency of Letters in English Text
32
Cryptanalysis of Monoalphabetic Cipher

• Monoalphabetic substitution cipher does not
  change relative letter frequencies
• Discovered by Arabic scientists in 9th entry
• The earliest known description is in Abu
  al-Kindis A Manuscript on Deciphering
  Cryptographic Messages, published in the 9th
  century but only rediscovered in 1987 in
  Istanbul. Other later works also attest to their
  knowledge of the field.
• Calculate letter frequencies for ciphertext
• Look at the frequency of two-letter combinations,
  known as diagram
• The most common such diagram is th
• Then look for the most common diagram in
  ciphertext
• Must identify each letter
• Tables for common double/triple letters help

33
Cryptanalysis of Monoalphabetic Cipher (example)

• Given ciphertext
• UZQSOVUOHXMOPVGPOZPEVSGZWSZOPFPESXUDBMETSZTZ
• VUEPHZHMDZSHZOWSFPAPPDTSVPQUZWYMXUZUHSX
• EPYEPOPDZSZUFPOMBZWPFUPZHMDJUDTMOHMQ
• Count relative letter frequencies (see the above
  text)
• The most common diagram in the above text is ZW
• We can make the correspondence of Z with t
  and W with h.
• Hence ZWP would be the
• Calculate letter frequencies for ciphertext since
  this is the most frequent trigram in English
• Notice the sequence ZWSZ can be guess as that
• Continued analysis of requencies plus trial and
  error, we can finally get the plaintest
• it was disclosed yesterday that several informal
  but
• direct contacts have been made with political
• representatives of the viet cong in moscow

34
Transposition Techniques

• Permutation (also called Transposition) change
  the order of the characters in the plaintext (but
  keep the same letters)
• e.g., change the order from 123456 to 416352
• MEET TONIGHT AT SEVEN
• TMOETE HNAGTI VTNEES
• Still easy to break since a few thousand or
  million combinations is nothing for a computer
• Hybrid Combine substitute and permutation

35
Steganography

• Conceal the existence of the messages, but tot
  encryption where the messages become
  unintelligible to outsiders
• Various techniques
• Character marking selected letters of printed
  or typewritten text are overwritten in pencil
• Invisible ink a number of substances can be
  used for writing but leave not visible trace
• Pin punctures small pin punctures on selected
  letters are ordinarily not visible
• Hiding in LSB in graphic image or sound file
• Hiding in the common text
• Drawbacks
• High overhead to hide relative few information
  bits

36
Summary

• Model of symmetric encryption
• Single key
• Decryption is the reverse of encryption
• Cryptography characteristics
• Cryptanalysis the different types of attacks
• Substitution technique
• Transposition technique