Presentation is loading. Please wait.

Presentation is loading. Please wait.

CS480 Cryptography and Information Security Huiping Guo Department of Computer Science California State University, Los Angeles 4. Traditional and Modern.

Published byAlfred May Modified over 7 years ago

Similar presentations

Presentation on theme: "CS480 Cryptography and Information Security Huiping Guo Department of Computer Science California State University, Los Angeles 4. Traditional and Modern."— Presentation transcript:

1 CS480 Cryptography and Information Security Huiping Guo Department of Computer Science California State University, Los Angeles 4. Traditional and Modern Symmetric Key Ciphers

2 4-2 4. Traditional ciphers CS480_W16 Outline r Symmetric key ciphers r Substitution and transposition ciphers r Stream ciphers and block ciphers r Modern block ciphers

3 4-3 4. Traditional ciphers CS480_W16 Symmetric Cipher

4 4-4 4. Traditional ciphers CS480_W16 Symmetric Cipher (cont.) If P is the plaintext, C is the ciphertext, and K is the key We assume that Bob creates P 1 ; we prove that P 1 = P:

5 4-5 4. Traditional ciphers CS480_W16 Symmetric Cipher (cont.) Figure 3.2 Locking and unlocking with the same key

6 4-6 4. Traditional ciphers CS480_W16 Kerckhoff’s Principle Based on Kerckhoff’s principle, one should always assume that the adversary, Eve, knows the encryption/decryption algorithm. The resistance of the cipher to attack must be based only on the secrecy of the key.

7 4-7 4. Traditional ciphers CS480_W16 Categories of traditional ciphers r Substitution ciphers m Replace one symbol with another symbol r Transposition ciphers m Reorder the position of symbols in the plaintext

8 4-8 4. Traditional ciphers CS480_W16 Substitution cipher r A substitution cipher replaces one symbol with another m Monoalphabetic Ciphers m Polyalphabetic Ciphers

9 4-9 4. Traditional ciphers CS480_W16 Monoalphabetic Ciphers r A character in the plaintext is always changed to the same character in the ciphertext regardless of its position in the text r the relationship between a symbol in the plaintext to a symbol in the ciphertext is always one-to-one r categories m Additive cipher m Muliplicative cipher m Affine cipher m Mononalphabetic substitution cipher

10 4-10 4. Traditional ciphers CS480_W16 Monoalphabetic Ciphers The following shows a plaintext and its corresponding ciphertext. The cipher is probably monoalphabetic because both l’s (els) are encrypted as O’s. Example:

11 4-11 4. Traditional ciphers CS480_W16 Additive Cipher The simplest monoalphabetic cipher is the additive cipher. This cipher is sometimes called a shift cipher and sometimes a Caesar cipher, but the term additive cipher better reveals its mathematical nature.

12 4-12 4. Traditional ciphers CS480_W16 Additive Cipher r When the cipher is additive, the plaintext, ciphertext, and key are integers in Z 26

13 4-13 4. Traditional ciphers CS480_W16 Additive Cipher Use the additive cipher with key = 15 to encrypt the message “hello”. We apply the encryption algorithm to the plaintext, character by character: Solution

14 4-14 4. Traditional ciphers CS480_W16 Additive Cipher Use the additive cipher with key = 15 to decrypt the message “WTAAD”. We apply the decryption algorithm to the plaintext character by character: Solution

15 4-15 4. Traditional ciphers CS480_W16 Additive Cipher Eve has intercepted the ciphertext “UVACLYFZLJBYL”. Show how she can use a brute-force attack to break the cipher. Eve tries keys from 1 to 7. With a key of 7, the plaintext is “not very secure”, which makes sense. Solution

16 4-16 4. Traditional ciphers CS480_W16 Multiplicative Ciphers r The plaintext and ciphertext are integers in Z 26 r The key is an integer in Z 26* P C

17 4-17 4. Traditional ciphers CS480_W16 Multiplicative Ciphers What is the key domain for the multiplicative cipher? The key needs to be in Z 26 *. This set has only 12 members: 1, 3, 5, 7, 9, 11, 15, 17, 19, 21, 23, 25. We use a multiplicative cipher to encrypt the message “hello” with a key of 7. The ciphertext is “XCZZU”.

18 4-18 4. Traditional ciphers CS480_W16 Affine ciphers

19 4-19 4. Traditional ciphers CS480_W16 Affine ciphers The affine cipher uses a pair of keys in which the first key is from Z 26 * and the second is from Z 26. The size of the key domain is 26 × 12 = 312. Use an affine cipher to encrypt the message “hello” with the key pair (7, 2).

20 4-20 4. Traditional ciphers CS480_W16 Affine ciphers Use the affine cipher to decrypt the message “ZEBBW” with the key pair (7, 2) in modulus 26. Solution

21 4-21 4. Traditional ciphers CS480_W16 Monoalphabetic Substitution Cipher r Because additive, multiplicative, and affine ciphers have small key domains, they are very vulnerable to brute-force attack m Brute-force attack: an attacker tries all possible keys to find the correct one. r A better solution is to create a mapping between each plaintext character and the corresponding ciphertext character m Alice and Bob can agree on a table showing the mapping for each character.

22 4-22 4. Traditional ciphers CS480_W16 Monoalphabetic Substitution Cipher Figure 3.12 An example key for monoalphabetic substitution cipher We can use the key in Figure 3.12 to encrypt the message The ciphertext is

23 4-23 4. Traditional ciphers CS480_W16 Monoalphabetic Substitution Cipher Security r now have a total of 26! keys r with so many keys, might think is secure r but would be !!!WRONG!!! r problem is language characteristics

24 4-24 4. Traditional ciphers CS480_W16 Statistics attacks r Human languages are redundant r Letters are not equally commonly used r In English E is by far the most common letter m followed by T,R,N,I,O,A,S r Other letters like Z,J,K,Q,X are fairly rare r Attackers can make use of the statistic information to launch attacks

25 4-25 4. Traditional ciphers CS480_W16 English Letter Frequencies

26 4-26 4. Traditional ciphers CS480_W16 Statistics attacks Eve has intercepted the following ciphertext. Using a statistical attack, find the plaintext. When Eve tabulates the frequency of letters in this ciphertext, she gets: I =14, V =13, S =12, and so on. The most common character is I with 14 occurrences. Solution

27 4-27 4. Traditional ciphers CS480_W16 Polyalphabetic Ciphers r Each occurrence of a character may have a different substitute r The relationship between a character in the plaintext to a character in the ciphertext is one- to-many

28 4-28 4. Traditional ciphers CS480_W16 Polyalphabetic Ciphers r AutoKey cipher r Playfair cipher

29 4-29 4. Traditional ciphers CS480_W16 AutoKey cipher r Key is concatenated with the plaintext itself to provide a running key r knowing keyword can recover the first few letters r use these in turn on the rest of the message

30 4-30 4. Traditional ciphers CS480_W16 AutoKey cipher r Assume that Alice and Bob agreed to use an autokey cipher with initial key value k1 = 12. r Now Alice wants to send Bob the message “Attack is today” r Enciphering is done character by character.

31 4-31 4. Traditional ciphers CS480_W16 Playfair Key Matrix r a 5X5 matrix of letters based on a keyword r fill in letters of keyword (minus duplicates) r fill rest of matrix with other letters in alphabetical order r eg. using the keyword MONARCHY MONAR CHYBD EFGI/JK LPQST UVWXZ

32 4-32 4. Traditional ciphers CS480_W16 Encrypting and Decrypting r plaintext is encrypted two letters at a time – if a pair is a repeated letter, insert filler like 'X’ – e.g balloon is treated as ba lx lo on – if both letters fall in the same row, replace each with letter to right(wrapping back to start from end) – e.g ar is encrypted as RM – if both letters fall in the same column, replace each with the letter below it (again wrapping to top from bottom) – e.g mu is encrypted as CM – otherwise each letter is replaced by the letter in the same row and in the column of the other letter of the pair – e.g hs is encrytped as BP, ea is encrypted as IM(or JM)

33 4-33 4. Traditional ciphers CS480_W16 In class exercise r Encrypt the plaintext “hello” using the key in the above Figure

34 4-34 4. Traditional ciphers CS480_W16 One-Time Pad r if a truly random key as long as the message is used, the cipher will be secure r called a One-Time pad r is unbreakable since ciphertext bears no statistical relationship to the plaintext r since for any plaintext & any ciphertext there exists a key mapping one to other r can only use the key once though r problems in generation & safe distribution of key

35 4-35 4. Traditional ciphers CS480_W16 Transposition cipher r A transposition cipher does not substitute one symbol for another r Instead it changes the location of the symbols m Reorder the symbols r Category m Keyless Transposition Ciphers m Keyed Transposition Cipher m Combining Two Approaches

36 4-36 4. Traditional ciphers CS480_W16 Keyless Transposition Ciphers There are two methods: 1. The text is written into a table column by column and then transmitted into the table row by row 2. The text is written into the table row by row and then transmitted column by column

37 4-37 4. Traditional ciphers CS480_W16 Rail fence cipher r The plaintext is arranged in two lines as a zigzag pattern (column by column) r Then read off cipher row by row r For example, to send the message “Meet me at the park” to Bob Alice writes: She then creates the ciphertext “MEMATEAKETETHPR”

38 4-38 4. Traditional ciphers CS480_W16 Rail fence cipher r Alice and Bob can also agree on the number of columns and. Alice writes the same plaintext, row by row, in a table of four columns. She then creates the ciphertext “MMTAEEHREAEKTTP”.

39 4-39 4. Traditional ciphers CS480_W16 Keyed Transposition Ciphers r The keyless ciphers permute the characters by writing plaintext in one way and reading it in another way m The permutation is done on the whole plaintext to create the whole ciphertext r Keyed transposition cipher m Divide the plaintext into groups of predetermined size, called blocks m and then use a key to permute the characters in each block separately

40 4-40 4. Traditional ciphers CS480_W16 Keyed Transposition Ciphers Alice needs to send the message “Enemy attacks tonight” to Bob.. The key used for encryption and decryption is a permutation key, which shows how the character are permuted. The permutation yields

41 4-41 4. Traditional ciphers CS480_W16 Combining two approaches

42 4-42 4. Traditional ciphers CS480_W16 Stream cipher Call the plaintext stream P, the ciphertext stream C, and the key stream K

43 4-43 4. Traditional ciphers CS480_W16 Stream cipher r Additive ciphers can be categorized as stream ciphers r The key stream is the repeated value of the key r In other words, the key stream is considered as a predetermined stream of keys or K = (k, k, …, k) r In this cipher, however, each character in the ciphertext depends only on the corresponding character in the plaintext m because the key stream is generated independently.

44 4-44 4. Traditional ciphers CS480_W16 Stream cipher r The monoalphabetic substitution ciphers are also stream ciphers r However, each value of the key stream in this case is the mapping of the current plaintext character to the corresponding ciphertext character in the mapping table.

45 4-45 4. Traditional ciphers CS480_W16 Block cipher r In a block cipher, a group of plaintext symbols of size m (m > 1) are encrypted together creating a group of ciphertext of the same size. r A single key is used to encrypt the whole block even if the key is made of multiple values.

46 4-46 4. Traditional ciphers CS480_W16 Block cipher r Playfair ciphers are block ciphers. The size of the block is m = 2. Two characters are encrypted together r From the definition of the block cipher, it is clear that every block cipher is a polyalphabetic cipher because each character in a ciphertext block depends on all characters in the plaintext block.

47 4-47 4. Traditional ciphers CS480_W16 Modern block cipher r A symmetric-key modern block cipher encrypts an n-bit block of plaintext or decrypts an n-bit block of ciphertext r The encryption or decryption algorithm uses a k-bit key r The decryption algorithm must be the inverse of the encryption algorithm

48 4-48 4. Traditional ciphers CS480_W16 Modern block cipher r If the message has fewer than n bits, padding must be added to make it an n-bit block r If the message has more than n bits, it should be divided into n bit blocks and the appropriate padding must be added to the last block if necessary

49 4-49 4. Traditional ciphers CS480_W16 Example How many padding bits must be added to a message of 100 characters if 8-bit ASCII is used for encoding and the block cipher accepts blocks of 64 bits? Encoding 100 characters using 8-bit ASCII results in an 800- bit message. The plaintext must be divisible by 64. If | M | and |Pad| are the length of the message and the length of the padding, Solution

Download ppt "CS480 Cryptography and Information Security Huiping Guo Department of Computer Science California State University, Los Angeles 4. Traditional and Modern."

Similar presentations

Cryptography encryption authentication digital signatures

Cryptography encryption authentication digital signatures
Classical Encryption Techniques Week 6-wend. One-Time Pad if a truly random key as long as the message is used, the cipher will be secure called a One-Time.

Classical Encryption Techniques Week 6-wend. One-Time Pad if a truly random key as long as the message is used, the cipher will be secure called a One-Time.
TCP/IP Protocol Suite 1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 29 Cryptography and Network.

TCP/IP Protocol Suite 1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 29 Cryptography and Network.
CSCE 790G: Computer Network Security

CSCE 790G: Computer Network Security
McGraw-Hill©The McGraw-Hill Companies, Inc., 2004 1 Security PART VII.

McGraw-Hill©The McGraw-Hill Companies, Inc., Security PART VII.
1 Day 04- Cryptography Acknowledgements to Dr. Ola Flygt of Växjö University, Sweden for providing the original slides.

1 Day 04- Cryptography Acknowledgements to Dr. Ola Flygt of Växjö University, Sweden for providing the original slides.
Classical Encryption Techniques

Classical Encryption Techniques
CSE 651: Introduction to Network Security

CSE 651: Introduction to Network Security
Overview of Cryptographic Techniques Hector M Lugo-Cordero CIS 4361 Secure Operating System Administration 1.

Overview of Cryptographic Techniques Hector M Lugo-Cordero CIS 4361 Secure Operating System Administration 1.
Chapter 2 – Classical Encryption Techniques

Chapter 2 – Classical Encryption Techniques
3.1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 3 Traditional Symmetric-Key Ciphers.

3.1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 3 Traditional Symmetric-Key Ciphers.
3.1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 3 Traditional Symmetric-Key Ciphers.

3.1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 3 Traditional Symmetric-Key Ciphers.
History and Background Part 1: Basic Concepts and Monoalphabetic Substitution CSCI 5857: Encoding and Encryption.

History and Background Part 1: Basic Concepts and Monoalphabetic Substitution CSCI 5857: Encoding and Encryption.
Chapter 1 Introduction.

Chapter 1 Introduction.
Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.

Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.
Chapter 2 Basic Encryption and Decryption. csci5233 computer security & integrity 2 Encryption / Decryption encrypted transmission AB plaintext ciphertext.

Chapter 2 Basic Encryption and Decryption. csci5233 computer security & integrity 2 Encryption / Decryption encrypted transmission AB plaintext ciphertext.
3.1 SERVICES AND MECHANISMS SERVICES AND MECHANISMS The International Telecommunication Union- Telecommunication Standardization Section (ITU-T) provides.

3.1 SERVICES AND MECHANISMS SERVICES AND MECHANISMS The International Telecommunication Union- Telecommunication Standardization Section (ITU-T) provides.
CSCI 5857: Encoding and Encryption

CSCI 5857: Encoding and Encryption
Dr. Lo’ai Tawalbeh 2007 Chapter 2: Classical Encryption Techniques Dr. Lo’ai Tawalbeh New York Institute of Technology (NYIT) Jordan’s Campus - 2007 INCS.

Dr. Lo’ai Tawalbeh 2007 Chapter 2: Classical Encryption Techniques Dr. Lo’ai Tawalbeh New York Institute of Technology (NYIT) Jordan’s Campus INCS.
1 University of Palestine Information Security Principles ITGD 2202 Ms. Eman Alajrami 2 nd Semester 2008-2009.

1 University of Palestine Information Security Principles ITGD 2202 Ms. Eman Alajrami 2 nd Semester

Similar presentations

Ads by Google