# ISS_Lecture_2 by hedongchenchen

VIEWS: 12 PAGES: 32

• pg 1
```									Information System Security

Lecture 2

Classical Cryptography
Outline

   Basic mathematical concepts
   Cipher systems
   Historical ciphers
   Transposition ciphers
   Substitution ciphers
   Product ciphers

ISS/Faculty of IT/2005   2
Basic Mathematical Concepts

   A function (or transformation) is defined on 2 sets X
and Y and a rule f which assigns to each element in X one
element in Y.

   A function f is injective if each element in Y is the image
of at most one element in X

   A function f is surjective if each element in Y is the
image of at least one element in X

   A function f is bijective if it is injective and surjective
ISS/Faculty of IT/2005               3
Basic Mathematical Concepts
   Inverse function: if f is bijective from X to Y,
– The inverse function of f is g fromY to X : g(y)=x and f(x)=y
– g(f(x)) = x
– g is the denoted f 1
   One-way function: a function f from X to Y where for
each xX it’s easy to compute f(x) but it’s difficult
(computationally infeasible) to compute xX such that
y=f(x)
   A permutation p on S is a bijection from S to itself
– S is finite set of elements
– Since p is bijective then p has an inverse p 1
   Involutions: a bijective function is called an involution
if f  f 1
ISS/Faculty of IT/2005            4
Cipher system

   Encryption domains and codomains
– A denotes a finite set called alphabet of definition.
   Example: A= {o,1}

– M denotes a set called message space.
   M consists of strings of symbols from an alphabet of definition
   An element of M is called a plaintext message (or a plaintext)
   Example: M may consist of binary strings, English text, etc.

– C denotes a set called ciphertext space.
   C consists of strings of symbols from an alphabet definition
   C may differ from the alphabet of definition for M
   An element of M is called a ciphertext

ISS/Faculty of IT/2005                     5
Cipher system

   Encryption and decryption transformations
– K denotes a set called the key space, an element of K is called a key
– Each e  K uniquely determines a bijection from M to C, denoted
by Ee(called encryption function or encryption transformation)
– Ee must be a bijection if the process to be reversed and a unique
plaintext recovered from each distinct ciphertext
– Each d  K, Dd (decryption function or decryption transformation)
denotes a bijection from C to M
– The process of applying the transformation Ee to a plaintext m
 M, is referred to as the encryption of m
– The process of applying the transformation Dd to a ciphertext c
 C, is referred to as decryption of c

ISS/Faculty of IT/2005                 6
Cipher system

   An encryption scheme consists of (in addition to M,C,K):
– A set {Ee : e  K } encryption transformations
of
– A correspondent set {Dd : d  K } of decryption
transformations with the property that for each e  K there is
1
a unique key d K such that D  E  D ( E (m))                  m
d      e        d     e
– An encryption scheme is also referred to as a cipher
– e and d are referred to as a key pair denoted by (e,d)

– Encryption achieves Confidentiality

ISS/Faculty of IT/2005              7
Example

   Trivial shift cipher: (M, C, K, E, D)
– M = { sequences of letters }
– C=M
– K = { i | i is an integer and 0 ≤ i ≤ 25 }
– E = { Ek | k  K and for all letters m,
Ek(m) = (m + k) mod 26}
– D = { Dk | k  K and for all letters c,
Dk(c) = (26 + c – k) mod 26}
   Example

ISS/Faculty of IT/2005   8
Example

    Let k = 9, m = “VELVET” (21 4 11 21 4 19)
– Ek(m)    = (m + k) mod 26
= (30 13 20 30 13 28) mod 26
= “4 13 20 4 13 2” = “ENUENC”
– Dk(c)    = (26 + c – k) mod 26
= (21 30 37 21 30 19) mod 26
= “21 4 11 21 4 19” = “VELVET”

A      B    C    D    E    F           G          H     I    J    K    L        M
0      1    2    3    4    5           6           7    8    9    10   11       12

N      O    P    Q    R    S           T          U     V    W    X    Y        Z

13     14   15   16   17   18         19          20    21   22   23   24       25

ISS/Faculty of IT/2005                       9
Historical Ciphers
   Please note that all the ciphers in this unit are:
–   Created prior to the 2nd half of the 20th century
–   Symmetric
–   Operate on alphabetic characters
–   Are not suitable for general modern use
   However, they allow us to:
– Illustrate basic principles and common pitfalls

   Historical (classical) cryptography:
– Two basic types
   Transposition ciphers
   Substitution ciphers
– Product ciphers
   Combinations of the two basic types
ISS/Faculty of IT/2005   10
Transposition Ciphers
   A simple transposition cipher with fixed period t:
– Consists of grouping the plaintext into blocks of t characters, and
applying to each block a single permutation e on the numbers 1
through t.
– Decryption consists of the permutation d which inverts e
   simple transposition cipher rearrange letters in plaintext to produce
ciphertext
   Example:
– m = CAESAR, t=6
– e = (6 4 1 3 5 2) => c = RSCEAA
– d = (3 6 4 2 5 1)

   Compound transposition is a sequential composition of
2 or more simple transpositions with respective periods t1,
…,ti <=> simple transposition IT/2005period t = lcm(t1,…,ti)11
ISS/Faculty of
of
Transposition Ciphers
   A simple transposition cipher with fixed period t,
– ( M , C , K , Ee , Dd ) :
– K is the set of all permutations on {1,2, …,t}
– For each e  K, the encryption function Ee is defined as
follows:
–   Ee (m)  (me (1) ,..., me (t ) )     // m=(m1, …,mt)  M, the
message space
– The decryption key        d  e 1 // the inverse permutation of e
– To decrypt the message c=(c1,...,c2), compute
m  Dd (c)  (cd (1) ,..., cd (t ) )

ISS/Faculty of IT/2005                    12
Attacks

   Ciphertext only:
– goal is to find plaintext, possibly key

   Known plaintext:
– goal is to find k

   Chosen plaintext:
– adversary may gets a specific plaintext enciphered;
– goal is to find key

ISS/Faculty of IT/2005      13
Basis for Cryptanalysis
   Cryptanalysis of classical ciphers relies on redundancy
in the source language (plaintext)
–   E appears far more frequently than Z
–   Q is followed by U
–   TH is a common digram
–   Repeated letters in pattern words (e.g., three, soon, etc.)

   It’s called statistical attacks, i.e., based on language
statistics

   Brute force (exhaustive search): Tries all possible
keys on a piece of ciphertext
– If the number of keys is small, then it’s easy to
break the encryptionISS/Faculty of IT/2005                     14
English letter frequency (%)

Letter frequency Letter frequency Letter frequency

A     8.04      B         1.54                C   3.06
D     3.99      E         12.51               F   2.30
G     1.96      H          5.49               I   7.26
J     0.16      K          0.67               L   4.14
M     2.53      N          7.09               O   7.60
P     2.00      Q          0.11               R   6.12
S     6.54      T          9.25               U   2.71
V     0.99      W          1.92               X   0.19
Y     1.73      Z          0.09
ISS/Faculty of IT/2005              15
Frequency of digrams in English
text (%)
di-gram   frequency       di-gram              frequency

AN        1.81             ON                 1.83
AT        1.51             OR                 1.28
ED        1.32             RE                 1.90
EN        1.53             ST                 1.22
ER        2.31             TE                 1.30
ES        1.36             TH                 3.21
HE        3.05             TI                 1.28
IN        2.30
ISS/Faculty of IT/2005               16
Attacking Transposition Ciphers

   Simple transposition cipher alter dependencies between
consecutive characters, but
    Preserves the frequency distribution of each letter

   Anagramming
– If 1-gram frequencies match English frequencies, but other n-gram
frequencies do not, probably transposition

– Rearrange letters to form n-grams (1st digram then trigram) with
highest frequencies

ISS/Faculty of IT/2005              17
Attacking Transposition Ciphers
   Example:
– Plaintext is “HELLO WORLD”
– Encryption key is e=(1 3 5 7 4 2 9 6 8 10)
– Ciphertext is HLOOL ELWRD

   Frequencies of 2-grams beginning with H
– HE 0.0305
– HO 0.0043
– HL, HW, HR, HD < 0.0010
   Frequencies of 2-grams ending in H
– WH 0.0026
– EH, LH, OH, RH, DH ≤ 0.0002
   Implies E follows H
ISS/Faculty of IT/2005   18
Substitution Ciphers

   Simple substitution cipher ( M , C , K , Ee , Dd ):
–   A plaintext and ciphertext character sets
–   K is the set of all permutations on A
–   M = {m = m1,m2, ...}
–   For each e  K, the encryption function Ee is defined as follows:
– Ee (m)  e(m1 ), e(m2 )
– ci  e(mi ) // the character to which mi is mapped by e
–   The decryption key d  e 1 // the inverse permutation of e
– To decrypt the message c=(c1,...,c2), compute
Dd (c)  d (c1 ), d (c2 ) 

ISS/Faculty of IT/2005                  19
Substitution Ciphers

   Simple substitution cipher changes letters in plaintext to
produce ciphertext

   Simple substitution cipher is called also mono-alphabetic
substitution

   Example - Cæsar cipher (Trivial shift cipher with k =3)
– Plaintext is HELLO WORLD;
– Key is 3, usually written as letter ‘D’
– Ciphertext is KHOOR ZRUOG

ISS/Faculty of IT/2005           20
Attacking simple substitution
ciphers
   Brute Force: Exhaustive search
– If the key space is small enough, try all possible keys until you find
the right one
– The key space of simple substitution on English alphabet (26
letters) is: 26! ≈ 4 x 10^26 (400 000 000 000 000 000 000 000 000)
– Cæsar cipher has 26 possible keys

   Statistical analysis
– Simple substitution cipher alter the frequency of the individual
plaintext characters, but
– Doesn’t alter the frequency distribution of the overall character set

– Thus, letter frequency analysis helps breaking the cipher
ISS/Faculty of IT/2005                21
Attacking simple substitution
ciphers
   Ciphertext: KHOOR ZRUOG            (KHOOR ZRUOG)

   Compute frequency of each letter in ciphertext:
G         0.1       H        0.1      K        0.1         O   0.3
R         0.2       U        0.1      Z        0.1

   Apply 1-gram model of English

   Conclusion
– Simple substitution ciphers are easy to recognize and analyze
– How to improve simple substitution ciphers? In other words, how
to defeat letter frequency analysis?
   Polygram ciphers: Playfair cipher
   Polyalphabetic substitution ciphers: Vigenere cipher
ISS/Faculty of IT/2005               22
Polygram substitution ciphers

   Simple substitution cipher substitutes one character by
other character
   Polygram substitution cipher substitutes groups of
characters by other groups of characters
   Examples
– Sequences of 2 plaintext characters (digrams) may be replaced by
other digrams
– Sequences of 3 plaintext characters (trigrams) may be replaced by
other trigrams

   Playfair cipher is an example of polygram substitution
ciphers
ISS/Faculty of IT/2005              23
Playfair cipher

   The Playfair Cipher operates on digrams (pairs of letters)
   The key is a 5x5 square consisting of every letter except J.

   Before encrypting, the plaintext must be transformed:
–   Replace all J’s with I’s
–   Write the plaintext in pairs of letters…
–   …separating any identical pairs by Z
–   If the number of letters is odd, add a Z to the end

ISS/Faculty of IT/2005        24
Playfair cipher

   If two plaintext letters lie in the same row then replace
each letter by the one on its “right” in the key square
   If two plaintext letters lie in the same column then replace
each letter by the one “below” it in the key square
   Else, replace:
– First letter by letter in row of first letter and column of second
letter in the key square
– Second letter by letter in column of first letter and row of second
letter in the key square

ISS/Faculty of IT/2005                25
Playfair cipher: Example

GLOW WORM
S   T   A   N   D

E   R   C   H   B

K   F   G   I   L           GL OW WO RM
M   O   P   Q   U

V   W   X   Y   Z

IK WT TW EO

ISS/Faculty of IT/2005   26
Attacking Playfair cipher

   Playfiar cipher alters the frequency of the individual
plaintext characters and alters the frequency distribution of
the overall character set because each letter may be
replaced by other.
   However, digram frequency analysis helps breaking the
cipher

ISS/Faculty of IT/2005         27
Polyalphabetic substitution
cipher
   Polyalphabetic substitution cipher is a block cipher
with block length t over an alphabet A:
– The key space consists of all ordered sets of t permutation (p1, ..,pt),
where each pi is defined on the set A
– Encryption the message m=(m1,…,mt) under the key e=(p1,…,pt) is
given by Ee (m)  e( p1 (m1 ), , pt (mt ))
1       1
– The decryption key associated with e is d  e( p1 , , p1 )

   Example: Vigenère cipher

ISS/Faculty of IT/2005                    28
Vigenère cipher
   A={A,…,Z}
   t=3
   e=(p1,p2,p3) encryption key
–   p1: maps each letter to the letter 3 positions to its right in A
–   P2: maps each letter to the letter 7 positions to its right in A
–   P3: maps each letter to the letter 10 positions to its right in A
–   This means that e= CHK
          = THI SCI PHE RIS CER RAI NLY NOT SEC URE
m

   Ee (m)=c= WOS VJS SOO UPC FLB WHS QSI QVD VLM XYO

ISS/Faculty of IT/2005                 29
Attacking Vigenère cipher

   Doesn’t preserve symbol frequencies
– In the example: E is encrypted to O and L
   However, it’s not significantly more difficult to cryptanalyze
   The approach
– determine the period t (i.e., key length)
– Ciphertext can be divided into t groups (group i consists of those
ciphertext letters derived using permutation pi )
– Letter frequency analysis to be done on each group

ISS/Faculty of IT/2005               30
Product ciphers

   Simple transposition and substitution don’t provide a very
high level of security
   product cipher is a combination of many
transformations (transposition and substitution )
   product ciphers are a way to obtain strong ciphers
   We’ll call a round a composition of a substitution and a
transposition.

ISS/Faculty of IT/2005         31
ISS/Faculty of IT/2005   32

```
To top