ISS_Lecture_2

Document Sample
ISS_Lecture_2 Powered By Docstoc
					Information System Security

            Lecture 2

      Classical Cryptography
    Outline

   Basic mathematical concepts
   Cipher systems
   Historical ciphers
   Transposition ciphers
   Substitution ciphers
   Product ciphers




                          ISS/Faculty of IT/2005   2
    Basic Mathematical Concepts

   A function (or transformation) is defined on 2 sets X
    and Y and a rule f which assigns to each element in X one
    element in Y.

   A function f is injective if each element in Y is the image
    of at most one element in X

   A function f is surjective if each element in Y is the
    image of at least one element in X

   A function f is bijective if it is injective and surjective
                             ISS/Faculty of IT/2005               3
    Basic Mathematical Concepts
   Inverse function: if f is bijective from X to Y,
    – The inverse function of f is g fromY to X : g(y)=x and f(x)=y
    – g(f(x)) = x
    – g is the denoted f 1
   One-way function: a function f from X to Y where for
    each xX it’s easy to compute f(x) but it’s difficult
    (computationally infeasible) to compute xX such that
    y=f(x)
   A permutation p on S is a bijection from S to itself
    – S is finite set of elements
    – Since p is bijective then p has an inverse p 1
   Involutions: a bijective function is called an involution
    if f  f 1
                                ISS/Faculty of IT/2005            4
    Cipher system

   Encryption domains and codomains
    – A denotes a finite set called alphabet of definition.
           Example: A= {o,1}


    – M denotes a set called message space.
           M consists of strings of symbols from an alphabet of definition
           An element of M is called a plaintext message (or a plaintext)
           Example: M may consist of binary strings, English text, etc.


    – C denotes a set called ciphertext space.
           C consists of strings of symbols from an alphabet definition
           C may differ from the alphabet of definition for M
           An element of M is called a ciphertext

                                   ISS/Faculty of IT/2005                     5
    Cipher system

   Encryption and decryption transformations
    – K denotes a set called the key space, an element of K is called a key
    – Each e  K uniquely determines a bijection from M to C, denoted
      by Ee(called encryption function or encryption transformation)
    – Ee must be a bijection if the process to be reversed and a unique
      plaintext recovered from each distinct ciphertext
    – Each d  K, Dd (decryption function or decryption transformation)
      denotes a bijection from C to M
    – The process of applying the transformation Ee to a plaintext m
       M, is referred to as the encryption of m
    – The process of applying the transformation Dd to a ciphertext c
       C, is referred to as decryption of c


                               ISS/Faculty of IT/2005                 6
    Cipher system

   An encryption scheme consists of (in addition to M,C,K):
    – A set {Ee : e  K } encryption transformations
                               of
    – A correspondent set {Dd : d  K } of decryption
      transformations with the property that for each e  K there is
                                              1
      a unique key d K such that D  E  D ( E (m))                  m
                                       d      e        d     e
    – An encryption scheme is also referred to as a cipher
    – e and d are referred to as a key pair denoted by (e,d)

    – Encryption achieves Confidentiality




                              ISS/Faculty of IT/2005              7
    Example

   Trivial shift cipher: (M, C, K, E, D)
     – M = { sequences of letters }
     – C=M
     – K = { i | i is an integer and 0 ≤ i ≤ 25 }
     – E = { Ek | k  K and for all letters m,
                       Ek(m) = (m + k) mod 26}
    – D = { Dk | k  K and for all letters c,
                       Dk(c) = (26 + c – k) mod 26}
   Example



                              ISS/Faculty of IT/2005   8
     Example

    Let k = 9, m = “VELVET” (21 4 11 21 4 19)
      – Ek(m)    = (m + k) mod 26
                 = (30 13 20 30 13 28) mod 26
                 = “4 13 20 4 13 2” = “ENUENC”
      – Dk(c)    = (26 + c – k) mod 26
                 = (21 30 37 21 30 19) mod 26
                 = “21 4 11 21 4 19” = “VELVET”


A      B    C    D    E    F           G          H     I    J    K    L        M
0      1    2    3    4    5           6           7    8    9    10   11       12

N      O    P    Q    R    S           T          U     V    W    X    Y        Z

13     14   15   16   17   18         19          20    21   22   23   24       25

                               ISS/Faculty of IT/2005                       9
    Historical Ciphers
   Please note that all the ciphers in this unit are:
    –   Created prior to the 2nd half of the 20th century
    –   Symmetric
    –   Operate on alphabetic characters
    –   Are not suitable for general modern use
   However, they allow us to:
    – Illustrate basic principles and common pitfalls

   Historical (classical) cryptography:
    – Two basic types
            Transposition ciphers
            Substitution ciphers
    – Product ciphers
            Combinations of the two basic types
                                     ISS/Faculty of IT/2005   10
     Transposition Ciphers
   A simple transposition cipher with fixed period t:
     – Consists of grouping the plaintext into blocks of t characters, and
        applying to each block a single permutation e on the numbers 1
        through t.
     – Decryption consists of the permutation d which inverts e
   simple transposition cipher rearrange letters in plaintext to produce
    ciphertext
   Example:
     – m = CAESAR, t=6
     – e = (6 4 1 3 5 2) => c = RSCEAA
     – d = (3 6 4 2 5 1)

   Compound transposition is a sequential composition of
    2 or more simple transpositions with respective periods t1,
    …,ti <=> simple transposition IT/2005period t = lcm(t1,…,ti)11
                           ISS/Faculty of
                                          of
    Transposition Ciphers
   A simple transposition cipher with fixed period t,
     – ( M , C , K , Ee , Dd ) :
     – K is the set of all permutations on {1,2, …,t}
     – For each e  K, the encryption function Ee is defined as
        follows:
             –   Ee (m)  (me (1) ,..., me (t ) )     // m=(m1, …,mt)  M, the
                 message space
     – The decryption key        d  e 1 // the inverse permutation of e
     – To decrypt the message c=(c1,...,c2), compute
        m  Dd (c)  (cd (1) ,..., cd (t ) )



                                       ISS/Faculty of IT/2005                    12
    Attacks

   Ciphertext only:
    – adversary has only c;
    – goal is to find plaintext, possibly key

   Known plaintext:
    – adversary has m, c;
    – goal is to find k

   Chosen plaintext:
    – adversary may gets a specific plaintext enciphered;
    – goal is to find key


                                ISS/Faculty of IT/2005      13
    Basis for Cryptanalysis
   Cryptanalysis of classical ciphers relies on redundancy
    in the source language (plaintext)
    –   E appears far more frequently than Z
    –   Q is followed by U
    –   TH is a common digram
    –   Repeated letters in pattern words (e.g., three, soon, etc.)

   It’s called statistical attacks, i.e., based on language
    statistics

   Brute force (exhaustive search): Tries all possible
    keys on a piece of ciphertext
     – If the number of keys is small, then it’s easy to
       break the encryptionISS/Faculty of IT/2005                     14
English letter frequency (%)

Letter frequency Letter frequency Letter frequency

 A     8.04      B         1.54                C   3.06
 D     3.99      E         12.51               F   2.30
 G     1.96      H          5.49               I   7.26
 J     0.16      K          0.67               L   4.14
 M     2.53      N          7.09               O   7.60
 P     2.00      Q          0.11               R   6.12
 S     6.54      T          9.25               U   2.71
 V     0.99      W          1.92               X   0.19
 Y     1.73      Z          0.09
                      ISS/Faculty of IT/2005              15
Frequency of digrams in English
text (%)
di-gram   frequency       di-gram              frequency

 AN        1.81             ON                 1.83
 AT        1.51             OR                 1.28
 ED        1.32             RE                 1.90
 EN        1.53             ST                 1.22
 ER        2.31             TE                 1.30
 ES        1.36             TH                 3.21
 HE        3.05             TI                 1.28
 IN        2.30
                      ISS/Faculty of IT/2005               16
     Attacking Transposition Ciphers

   Simple transposition cipher alter dependencies between
    consecutive characters, but
    Preserves the frequency distribution of each letter

   Anagramming
    – If 1-gram frequencies match English frequencies, but other n-gram
      frequencies do not, probably transposition

    – Rearrange letters to form n-grams (1st digram then trigram) with
      highest frequencies




                               ISS/Faculty of IT/2005              17
     Attacking Transposition Ciphers
   Example:
    – Plaintext is “HELLO WORLD”
    – Encryption key is e=(1 3 5 7 4 2 9 6 8 10)
    – Ciphertext is HLOOL ELWRD

   Frequencies of 2-grams beginning with H
    – HE 0.0305
    – HO 0.0043
    – HL, HW, HR, HD < 0.0010
   Frequencies of 2-grams ending in H
    – WH 0.0026
    – EH, LH, OH, RH, DH ≤ 0.0002
   Implies E follows H
                               ISS/Faculty of IT/2005   18
    Substitution Ciphers

   Simple substitution cipher ( M , C , K , Ee , Dd ):
    –   A plaintext and ciphertext character sets
    –   K is the set of all permutations on A
    –   M = {m = m1,m2, ...}
    –   For each e  K, the encryption function Ee is defined as follows:
             – Ee (m)  e(m1 ), e(m2 )
             – ci  e(mi ) // the character to which mi is mapped by e
    –   The decryption key d  e 1 // the inverse permutation of e
    – To decrypt the message c=(c1,...,c2), compute
        Dd (c)  d (c1 ), d (c2 ) 



                                 ISS/Faculty of IT/2005                  19
     Substitution Ciphers

   Simple substitution cipher changes letters in plaintext to
    produce ciphertext

   Simple substitution cipher is called also mono-alphabetic
    substitution

   Example - Cæsar cipher (Trivial shift cipher with k =3)
     – Plaintext is HELLO WORLD;
    – Key is 3, usually written as letter ‘D’
    – Ciphertext is KHOOR ZRUOG

                             ISS/Faculty of IT/2005           20
    Attacking simple substitution
    ciphers
   Brute Force: Exhaustive search
    – If the key space is small enough, try all possible keys until you find
      the right one
    – The key space of simple substitution on English alphabet (26
      letters) is: 26! ≈ 4 x 10^26 (400 000 000 000 000 000 000 000 000)
    – Cæsar cipher has 26 possible keys


   Statistical analysis
    – Simple substitution cipher alter the frequency of the individual
      plaintext characters, but
    – Doesn’t alter the frequency distribution of the overall character set

    – Thus, letter frequency analysis helps breaking the cipher
                                ISS/Faculty of IT/2005                21
    Attacking simple substitution
    ciphers
   Ciphertext: KHOOR ZRUOG            (KHOOR ZRUOG)

   Compute frequency of each letter in ciphertext:
        G         0.1       H        0.1      K        0.1         O   0.3
        R         0.2       U        0.1      Z        0.1


   Apply 1-gram model of English

   Conclusion
    – Simple substitution ciphers are easy to recognize and analyze
    – How to improve simple substitution ciphers? In other words, how
      to defeat letter frequency analysis?
           Polygram ciphers: Playfair cipher
           Polyalphabetic substitution ciphers: Vigenere cipher
                                    ISS/Faculty of IT/2005               22
    Polygram substitution ciphers

   Simple substitution cipher substitutes one character by
    other character
   Polygram substitution cipher substitutes groups of
    characters by other groups of characters
   Examples
    – Sequences of 2 plaintext characters (digrams) may be replaced by
      other digrams
    – Sequences of 3 plaintext characters (trigrams) may be replaced by
      other trigrams


   Playfair cipher is an example of polygram substitution
    ciphers
                              ISS/Faculty of IT/2005              23
    Playfair cipher

   The Playfair Cipher operates on digrams (pairs of letters)
   The key is a 5x5 square consisting of every letter except J.

   Before encrypting, the plaintext must be transformed:
    –   Replace all J’s with I’s
    –   Write the plaintext in pairs of letters…
    –   …separating any identical pairs by Z
    –   If the number of letters is odd, add a Z to the end




                                ISS/Faculty of IT/2005        24
    Playfair cipher

   If two plaintext letters lie in the same row then replace
    each letter by the one on its “right” in the key square
   If two plaintext letters lie in the same column then replace
    each letter by the one “below” it in the key square
   Else, replace:
    – First letter by letter in row of first letter and column of second
      letter in the key square
    – Second letter by letter in column of first letter and row of second
      letter in the key square




                               ISS/Faculty of IT/2005                25
Playfair cipher: Example

                             GLOW WORM
S   T   A   N   D

E   R   C   H   B

K   F   G   I   L           GL OW WO RM
M   O   P   Q   U

V   W   X   Y   Z

                               IK WT TW EO


                    ISS/Faculty of IT/2005   26
    Attacking Playfair cipher

   Playfiar cipher alters the frequency of the individual
    plaintext characters and alters the frequency distribution of
    the overall character set because each letter may be
    replaced by other.
   However, digram frequency analysis helps breaking the
    cipher




                            ISS/Faculty of IT/2005         27
    Polyalphabetic substitution
    cipher
   Polyalphabetic substitution cipher is a block cipher
    with block length t over an alphabet A:
    – The key space consists of all ordered sets of t permutation (p1, ..,pt),
      where each pi is defined on the set A
    – Encryption the message m=(m1,…,mt) under the key e=(p1,…,pt) is
      given by Ee (m)  e( p1 (m1 ), , pt (mt ))
                                                         1       1
    – The decryption key associated with e is d  e( p1 , , p1 )


   Example: Vigenère cipher




                                   ISS/Faculty of IT/2005                    28
    Vigenère cipher
   A={A,…,Z}
   t=3
   e=(p1,p2,p3) encryption key
    –   p1: maps each letter to the letter 3 positions to its right in A
    –   P2: maps each letter to the letter 7 positions to its right in A
    –   P3: maps each letter to the letter 10 positions to its right in A
    –   This means that e= CHK
          = THI SCI PHE RIS CER RAI NLY NOT SEC URE
           m

   Ee (m)=c= WOS VJS SOO UPC FLB WHS QSI QVD VLM XYO




                                     ISS/Faculty of IT/2005                 29
    Attacking Vigenère cipher

   Doesn’t preserve symbol frequencies
    – In the example: E is encrypted to O and L
   However, it’s not significantly more difficult to cryptanalyze
   The approach
    – determine the period t (i.e., key length)
    – Ciphertext can be divided into t groups (group i consists of those
      ciphertext letters derived using permutation pi )
    – Letter frequency analysis to be done on each group




                               ISS/Faculty of IT/2005               30
    Product ciphers

   Simple transposition and substitution don’t provide a very
    high level of security
   product cipher is a combination of many
    transformations (transposition and substitution )
   product ciphers are a way to obtain strong ciphers
   We’ll call a round a composition of a substitution and a
    transposition.




                           ISS/Faculty of IT/2005         31
ISS/Faculty of IT/2005   32

				
DOCUMENT INFO
Shared By:
Categories:
Tags:
Stats:
views:12
posted:8/15/2012
language:
pages:32