Cryptography Lecture 4 - PowerPoint PPT Presentation

1 / 23
About This Presentation
Title:

Cryptography Lecture 4

Description:

Capture text in transit and try a ciphertext-only attack to obtain plaintext. CSCE 522 - Farkas ... beginnings: im-, in-, re-, un-, ... patterns: -eek-, -oot-, -our ... – PowerPoint PPT presentation

Number of Views:131
Avg rating:3.0/5.0
Slides: 24
Provided by: far1
Category:
Tags: cryptography | in | lecture | re

less

Transcript and Presenter's Notes

Title: Cryptography Lecture 4


1
CryptographyLecture 4
  • Substitution
  • Transposition

2
Reading Assignment
  • Reading assignments for Lecture 4
  • Required
  • Pfleeger Ch. 2.2, 2.3, 2.4
  • Reading assignments for next class
  • Required
  • Pfleeger Ch 2.5

3
Encryption and Decryption
Plaintext
Ciphertext
Plaintext
Encryption
Decryption
4
Cryptanalysis
  • Cryptanalysts goal
  • Break message
  • Break key
  • Break algorithm

5
Taxonomy of Attacks
  • Ciphertext-only attack attacker has ciphertext
    for messages encrypted with E. Deduce keys
    and/or plaintext messages.
  • Known plaintext attack attacker additionally
    knows the plaintext of the messages. Deduce keys
    or a decryption algorithm.
  • Chosen plaintext attack attacker can obtain the
    ciphertext for selected plaintext messages.
    Deduce as above.
  • Chosen ciphertext attack attacker can obtain
    decrypted (plaintext) versions of selected
    ciphertext. Deduce as above.

6
Breakable versus Practically breakable
  • Unconditionally secure impossible to
    decrypt. No amount of ciphertext will enable a
    cryptanalyst to obtain the plaintext
  • Computationally secure an algorithm that is not
    breakable in practice based on worst case
    scenario
  • Breakable all algorithms (except one-time pad)
    are theoretically breakable

7
What makes a good cryptosystem?
  • A good cryptosystem is one whose security does
    not depend upon the secrecy of the algorithm.
  • From Bruce Schneier
  • Good cryptographers rely on peer review to
    separate the good algorithms from the bad.''

8
Secret Key Cryptosystem
Plaintext
Ciphertext
Plaintext
Encryption
Decryption
Sender
Recipient
K
CE(K,M) MD(K,C)
K needs secure channel
9
Secret Key Cryptosystem Vulnerabilities (1)
  • Passive Attacker (Eavesdropper)
  • Obtain and/or guess key and cryptosystem use
    these to decrypt messages
  • Capture text in transit and try a ciphertext-only
    attack to obtain plaintext.

10
Secret Key Cryptosystem Vulnerabilities (2)
  • Active Attacker
  • Break communication channel (denial of service)
  • Obtain and/or guess key and cryptosystem and use
    these to send fake messages
  • No third party authentication

11
Inherent Weaknesses of Symmetric Cryptography
  • Key distribution must be done secretly (difficult
    when parties are geographically distant, or don't
    know each other)
  • Need a key for each pair of users
  • n users need n(n-1)/2 keys
  • If the secret key (and cryptosystem) is
    compromised, the adversary will be able to
    decrypt all traffic and produce fake messages

12
Basic Encryption Techniques
  • Substitution (confusion)
  • Permutation (diffusion)
  • Combinations and iterations of these

13
Simple Alphabetic Substitution
  • Assign a new symbol to each plain text symbol
    randomly or by key, e.g.,
  • C ?K, A ?H, B ? L
  • MCAB
  • C KHL
  • Advantages large key space 26!
  • Disadvantages trivially broken for known
    plaintext attack, repeated pattern, letter
    frequency distributions unchanged

14
Polyalphabetic Substitution
  • Frequency distribution reflects the distribution
    of the underlying alphabet ? cryptanalysts find
    substitutions
  • E.g., English e 14 , t 9.85, a 7.49, o-
    7.37,
  • Need flatten the distribution
  • E.g., combine high and low distributions
  • t ? a (odd position), b (even position)
  • x ? a (even position) , b (odd position)

15
Cryptanalysis of Polyalphabetic Substitution
  • Determine the number of alphabets used
  • Solve each piece as monoalphabetic subst.
  • Kasiski Method
  • Uses regularity of English letters, letter
    groupings, full words
  • e.g., endings -th, -ing, -ed, -ion, -ation,
    -tion,
  • beginnings im-, in-, re-, un-, ...
  • patterns -eek-, -oot-, -our-,
  • words of, end, to, with, are, is,

16
One-Time Pad
  • Perfect Secrecy!
  • Large, non-repeating set of keys
  • Key is larger than the message
  • Advantages immune to most attacks
  • Disadvantages
  • Need total synchronization
  • Need very long, non-repeating key
  • Key cannot be reused
  • Key management printing, storing, accounting for

17
Transposition
  • Letters of the message are rearranged
  • Break patterns, e.g., columnar transposition
  • Plaintext this is a test
  • t h i s
  • i s a t tiehssiatst!
  • e s t !
  • Advantages easy to implement
  • Disadvantages
  • Trivially broken for known plaintext attack
  • Easily broken for cipher only attack

18
Cryptanalysis
  • Rearrange the letters
  • Digrams, Trigrams, Patterns
  • Frequent digrams -re-, -th-, -en-, -ed-,
  • Cryptanalysis
  • Compute letter frequencies ? subst. or perm.
  • Compare strings of ciphertext to find reasonable
    patterns (e.g., digrams)
  • Find digram frequencies

19
Double Transposition
  • Two columnar transposition with different number
    of columns
  • First transposition breaks up adjacent letters
  • Second transposition. breaks up short patterns

20
Product Ciphers
  • One encryption applied to the result of the other
    En(En-1((E1(M)))), e.g.,
  • Double transposition
  • Substitution followed by permutation, followed by
    substitution, followed by permutation
  • Broken for
  • Chosen plaintext

21
Steam Ciphers
  • Convert one symbol of plain text into a symbol of
    ciphertext based on the symbol (plain), key, and
    algorithm
  • Advantages
  • Speed of transformation
  • Low error propagation
  • Disadvantages
  • Low diffusion
  • Vulnerable to malicious insertion and
    modification

22
Block Ciphers
  • Encrypt a group of plaintext as one block and
    produces a block of ciphertext
  • Advantages
  • Diffusion
  • Immunity to insertions
  • Disadvantages
  • Slowness of encryption
  • Error propagation

23
Next Class
Data Encryption Standard
Write a Comment
User Comments (0)
About PowerShow.com