chapter 2 basic encryption and decryption. csci5233 computer security & integrity 2 encryption /...

Chapter 2

Basic Encryption and Decryption

csci5233 computer security & integrity

2

Encryption / Decryption

encrypted transmission

A B

plaintextplaintext

ciphertext

encryption

decryption

A: sender; B: receiver Transmission medium An interceptor (or intruder) may block, intercept,

modify, or fabricate the transmission.


3

Encryption / Decryption Encryption: A process of encoding a

message, so that its meaning is not

obvious. (= encoding, enciphering)

Decryption: A process of decoding an

encrypted message back into its original

form. (= decoding, deciphering)

A cryptosystem is a system for encryption

and decryption.


4

Plaintext / ciphertext

P: plaintext C: ciphertext E: encryption D: decryption C = E (P) P = D (C) P = D ( E(P) )


5

Cryptosystems Symmetric encryption:

P = D (Key, E(Key,P) ) Asymmetric encryption:

P = D (KeyD, E(KeyE,P) ) Symmetric cryptosystem: A

cryptosystem that uses symmetric encryption.

Asymmetric cryptosystem See Fig. 2-2 (p.23)


6

Keys

Use of a key provides additional security.

Exposure of the encryption algorithm does not expose the future messages< as long as the key(s) are kept secret.

c.f., keyless cipher


7

Terminology Cryptography: The practice of using

encryption to conceal text. (cryptographer)

Cryptanalysis: The study of encryption and encrypted messages, with the goal of finding the hidden meanings of the messages. (cryptanalyst)

Cryptology = cryptography + cryptanalysis


8

Cryptanalysis A cryptanalyst may work with various data

(intercepted messages, data items known or suspected to be in a ciphertext message), known encryption algorithms, mathematical or statistical tools and techniques, properties of languages, computers, and plenty of ingenuity and luck.

1. Attempt to break a single message2. Attempt to recognize patterns in encrypted

messages3. Attempt to find general weakness in an

encryption algorithm


9

Breakability of an encryption

An encryption algorithm may be breakable, meaning that given enough time and data, an analyst could determine the algorithm.

Suppose there exists 1030 possible decipherments for a given cipher scheme. A computer performs 1010 operations per second. Finding the decipherment would require 1020 seconds (or roughly 1012 years).


10

Modular arithmetic

A .. Z: 0 .. 25

Example: p.24C = P mod 26


11

Two forms of encryption

SubstitutionsOne letter is exchanged for another

Examples: monoalphabetic substitution ciphers, polyalphabetic substitution ciphers

Transpositions (= permutations)The order of the letters is rearranged

Examples: columnar transpositions


12

Substitutions

Caesar cipher: Each letter is translated to the letter a fixed number of letters after it in the alphabet.Ci = E(Pi) = Pi + 3

Advantage: simple

Weakness


13

Cryptanalysis of the Caesar Cipher Exercise (p.26): Decrypt the encrypted

message. Deduction based on guesses versus

frequency distribution (p.28)


14

Other monoalphabetic substitutions Using permutation

Pi (lambda) = 25 – lambda Weakness: Double correspondence

E(F) = u and D(u) = F Using a key

A key is a word that controls the ciphering.

p.27


15

Complexity of monoalphabetic substitutions Monoalphabetic substitutions amount to

table lookups. The time to encrypt a message of n

characters is proportional to n.


16

Frequency distribution

Table 2-1 (p.29) shows the counts and relative frequencies of letters in English.

Frequencies in a sample cipher: Table 2-2 (p.30)

Compare the sample cipher against the normal frequency distribution: Fig. 2-4


17

Polyalphabetic substitutions

By combining distributions that are high with the ones that are low

Using multiple substitution tables Example (p.32): table for odd positions,

table for even positions


18

Vigenère Tableaux Table 2-5: p.34 Example: p.35 Exercise: Complete the encryption of

the original message. Exercise: Decipher the encrypted

message using the key (‘juliet’)


19

Cryptanalysis of Polyalphabetic substitutions The Kasiski method: a method to find

the number of alphabets used for encryption

Works on duplicate fragments in the ciphertext

The distance between the repeated patterns must be a multiple of the keyword length


20

Steps for the Kasiski method

p.36 Initial find + verification using frequency

distribution


21

Index of coincidence A measure of the variation between

frequencies in a distribution To measure the nonuniformity of a distribution To rate how well a particular distribution

matches the distribution of letters in English

RFreq versus Prob (p.38) Example:

– In the English language, RFreqa = Proba = 7.49 (from Table 2.1)

– In the sample cipher in Table 2-2 (p.30): RFreqa = 0 Proba


22

Index of Coincidence Measure of roughness (or the variance): a

measure of the size of the peaks and valleys (See Fig. 2-6, p.38)

The var of a perfectly flat distribution = 0. The variance can be estimated by counting

the number of pairs of identical letters and dividing by the total number of pairs possible

– Example (Given 200 letters): 60 / 100


23

Index of Coincidence

IC (index of coincidence): a way to approximate variance from observed data (p.39)

0.0384 (perfect) IC 0.068 (English)


24

Combined use of IC with Kasiski method Bottom of p.39 All the subsets from the Kasiski method,

if the key length was correct, should have distributions close to 0.068.


25

Analyzing a polyalphabetic cipher

1. Use the Kasiski method to predict the likely numbers of enciphering alphabets.

2. Compute the IC to validate the predictions

3. (When 1 and 2 show promises) Generate subsets and calculate IC’s for the subsets


26

The “Perfect” Substitution Cipher Use an infinite nonrepeating sequence

of alphabets A key with an infinite number of

nonrepeating digits Examples: one-time pads, the Vernam

cipher, …


27

Vernam Cipher Sample function:

c = ( p + random( ) ) mod 26 Example: p.42 Binary Vernam Cipher

p.43: How would you decipher a ciphertext encrypted by Binary Vernam Cipher?

Ans.: p = (c – random( ) ) mod 26

Example (p.42): c = 19 (‘t’), random( ) = 76

p = (19-76) mod 26 = 21


28

Random Number Generators A pseudo-random number generator is a computer

program that generates numbers from a predictable, repeating sequence.

Example: The linear congruential random number generator

ri+1 = (a * ri + b) mod n

Note: 12 is congruent to 2 (modulo 5), since (12-2) mod 5 = 0

Problem? Its dependability; probable word attack


29

The six frequent letters

P.45 A correction: (E, e) i How to use the table ‘inside out’?


30

Dual-Message Entrapment

P.46 Encipher two messages at once One message is real; the other is the

dummy. Both the sender and the receiver know

the dummy message (the key). The key cannot be distinguished from

the real message.


31

Summary

Substitutions and permutations together form a basis for the most widely used encryption algorithms Chap. 3.

Next: Pf, Ch 2 (part b)

chapter 2 basic encryption and decryption. csci5233 computer security & integrity 2 encryption /...

Documents

encryption algorithm

p asymmetric encryption

decryption slide

encryption algorithms

study of encryption

basic encryption

additional security

d ep slide