chapter 2 basic encryption and decryption. csci5233 computer security & integrity 2 encryption /...
TRANSCRIPT
Chapter 2
Basic Encryption and Decryption
csci5233 computer security & integrity
2
Encryption / Decryption
encrypted transmission
A B
plaintextplaintext
ciphertext
encryption
decryption
A: sender; B: receiver Transmission medium An interceptor (or intruder) may block, intercept,
modify, or fabricate the transmission.
csci5233 computer security & integrity
3
Encryption / Decryption Encryption: A process of encoding a
message, so that its meaning is not
obvious. (= encoding, enciphering)
Decryption: A process of decoding an
encrypted message back into its original
form. (= decoding, deciphering)
A cryptosystem is a system for encryption
and decryption.
csci5233 computer security & integrity
4
Plaintext / ciphertext
P: plaintext C: ciphertext E: encryption D: decryption C = E (P) P = D (C) P = D ( E(P) )
csci5233 computer security & integrity
5
Cryptosystems Symmetric encryption:
P = D (Key, E(Key,P) ) Asymmetric encryption:
P = D (KeyD, E(KeyE,P) ) Symmetric cryptosystem: A
cryptosystem that uses symmetric encryption.
Asymmetric cryptosystem See Fig. 2-2 (p.23)
csci5233 computer security & integrity
6
Keys
Use of a key provides additional security.
Exposure of the encryption algorithm does not expose the future messages< as long as the key(s) are kept secret.
c.f., keyless cipher
csci5233 computer security & integrity
7
Terminology Cryptography: The practice of using
encryption to conceal text. (cryptographer)
Cryptanalysis: The study of encryption and encrypted messages, with the goal of finding the hidden meanings of the messages. (cryptanalyst)
Cryptology = cryptography + cryptanalysis
csci5233 computer security & integrity
8
Cryptanalysis A cryptanalyst may work with various data
(intercepted messages, data items known or suspected to be in a ciphertext message), known encryption algorithms, mathematical or statistical tools and techniques, properties of languages, computers, and plenty of ingenuity and luck.
1. Attempt to break a single message2. Attempt to recognize patterns in encrypted
messages3. Attempt to find general weakness in an
encryption algorithm
csci5233 computer security & integrity
9
Breakability of an encryption
An encryption algorithm may be breakable, meaning that given enough time and data, an analyst could determine the algorithm.
Suppose there exists 1030 possible decipherments for a given cipher scheme. A computer performs 1010 operations per second. Finding the decipherment would require 1020 seconds (or roughly 1012 years).
csci5233 computer security & integrity
10
Modular arithmetic
A .. Z: 0 .. 25
Example: p.24C = P mod 26
csci5233 computer security & integrity
11
Two forms of encryption
SubstitutionsOne letter is exchanged for another
Examples: monoalphabetic substitution ciphers, polyalphabetic substitution ciphers
Transpositions (= permutations)The order of the letters is rearranged
Examples: columnar transpositions
csci5233 computer security & integrity
12
Substitutions
Caesar cipher: Each letter is translated to the letter a fixed number of letters after it in the alphabet.Ci = E(Pi) = Pi + 3
Advantage: simple
Weakness
csci5233 computer security & integrity
13
Cryptanalysis of the Caesar Cipher Exercise (p.26): Decrypt the encrypted
message. Deduction based on guesses versus
frequency distribution (p.28)
csci5233 computer security & integrity
14
Other monoalphabetic substitutions Using permutation
Pi (lambda) = 25 – lambda Weakness: Double correspondence
E(F) = u and D(u) = F Using a key
A key is a word that controls the ciphering.
p.27
csci5233 computer security & integrity
15
Complexity of monoalphabetic substitutions Monoalphabetic substitutions amount to
table lookups. The time to encrypt a message of n
characters is proportional to n.
csci5233 computer security & integrity
16
Frequency distribution
Table 2-1 (p.29) shows the counts and relative frequencies of letters in English.
Frequencies in a sample cipher: Table 2-2 (p.30)
Compare the sample cipher against the normal frequency distribution: Fig. 2-4
csci5233 computer security & integrity
17
Polyalphabetic substitutions
By combining distributions that are high with the ones that are low
Using multiple substitution tables Example (p.32): table for odd positions,
table for even positions
csci5233 computer security & integrity
18
Vigenère Tableaux Table 2-5: p.34 Example: p.35 Exercise: Complete the encryption of
the original message. Exercise: Decipher the encrypted
message using the key (‘juliet’)
csci5233 computer security & integrity
19
Cryptanalysis of Polyalphabetic substitutions The Kasiski method: a method to find
the number of alphabets used for encryption
Works on duplicate fragments in the ciphertext
The distance between the repeated patterns must be a multiple of the keyword length
csci5233 computer security & integrity
20
Steps for the Kasiski method
p.36 Initial find + verification using frequency
distribution
csci5233 computer security & integrity
21
Index of coincidence A measure of the variation between
frequencies in a distribution To measure the nonuniformity of a distribution To rate how well a particular distribution
matches the distribution of letters in English
RFreq versus Prob (p.38) Example:
– In the English language, RFreqa = Proba = 7.49 (from Table 2.1)
– In the sample cipher in Table 2-2 (p.30): RFreqa = 0 Proba
csci5233 computer security & integrity
22
Index of Coincidence Measure of roughness (or the variance): a
measure of the size of the peaks and valleys (See Fig. 2-6, p.38)
The var of a perfectly flat distribution = 0. The variance can be estimated by counting
the number of pairs of identical letters and dividing by the total number of pairs possible
– Example (Given 200 letters): 60 / 100
csci5233 computer security & integrity
23
Index of Coincidence
IC (index of coincidence): a way to approximate variance from observed data (p.39)
0.0384 (perfect) IC 0.068 (English)
csci5233 computer security & integrity
24
Combined use of IC with Kasiski method Bottom of p.39 All the subsets from the Kasiski method,
if the key length was correct, should have distributions close to 0.068.
csci5233 computer security & integrity
25
Analyzing a polyalphabetic cipher
1. Use the Kasiski method to predict the likely numbers of enciphering alphabets.
2. Compute the IC to validate the predictions
3. (When 1 and 2 show promises) Generate subsets and calculate IC’s for the subsets
csci5233 computer security & integrity
26
The “Perfect” Substitution Cipher Use an infinite nonrepeating sequence
of alphabets A key with an infinite number of
nonrepeating digits Examples: one-time pads, the Vernam
cipher, …
csci5233 computer security & integrity
27
Vernam Cipher Sample function:
c = ( p + random( ) ) mod 26 Example: p.42 Binary Vernam Cipher
p.43: How would you decipher a ciphertext encrypted by Binary Vernam Cipher?
Ans.: p = (c – random( ) ) mod 26
Example (p.42): c = 19 (‘t’), random( ) = 76
p = (19-76) mod 26 = 21
csci5233 computer security & integrity
28
Random Number Generators A pseudo-random number generator is a computer
program that generates numbers from a predictable, repeating sequence.
Example: The linear congruential random number generator
ri+1 = (a * ri + b) mod n
Note: 12 is congruent to 2 (modulo 5), since (12-2) mod 5 = 0
Problem? Its dependability; probable word attack
csci5233 computer security & integrity
29
The six frequent letters
P.45 A correction: (E, e) i How to use the table ‘inside out’?
csci5233 computer security & integrity
30
Dual-Message Entrapment
P.46 Encipher two messages at once One message is real; the other is the
dummy. Both the sender and the receiver know
the dummy message (the key). The key cannot be distinguished from
the real message.
csci5233 computer security & integrity
31
Summary
Substitutions and permutations together form a basis for the most widely used encryption algorithms Chap. 3.
Next: Pf, Ch 2 (part b)