Making “Good” Encryption Algorithms Substitution algorithms “hide” the plaintext and dissipate high letter frequencies Transposition algorithms scramble text Many “good” algorithms combine both techniques

Shannon’s Characteristics of “Good” Ciphers Amount of secrecy needed should determine the amount of labor appropriate for encryption/decryption. Set of keys and enciphering algorithm should be free from complexity. Implementation should be simple Errors in ciphering should not propogate. Size of ciphertext should be no larger than the size of the plaintext

Properties of “Trustworthy” Encryption Systems Based on sound mathematics Been analyzed by competent experts and found to be sound Stood the “test of time” Three Examples: DES (data encryption standard) RSA (Rivest-Shamir-Adelman) AES (Advanced Encryption Standard)

Symmetric and Asymmetric Encryption Systems Symmetric requires one “secret” key that is used for encryption AND decryption (e.g. Caesar cipher might use a “key” of 3 to indicate shift by 3) As long as key remains secret, authentication is provided Problem is key distribution; if there are n users, we need n * (n-1)/2 unique keys

Symmetric and Asymmetric Encryption Systems Asymmetric requires two keys one of which is a “public key” The public key is used for encryption and the “private” key is used for decryption If there are n users, there are n public keys that everyone knows and n private keys known only to the user

Stream and Block Ciphers Stream ciphers – convert one symbol of plaintext immediately into a symbol of ciphertext Transformation depends on the plaintext symbol, the key, and the algorithm Error can affect all text after the error

Stream and Block Ciphers Block cipher encrypts a group of plaintext symbols as one block (e.g. columnar transposition) Stream Block Advantages Speed of transformation Low error propagation High diffusion Immunity to insertation of symbols disadvantages Low diffusion Susceptibility to malicious insertations and modifications Slowness of encryption Error propagation

Confusion and Diffusion Confusion – interceptor cannot predict what will happen to the ciphertext by changing one character in the plaintext Diffusion – information from single plaintext is distributed over the entire ciphertext

Cryptanalysis Ciphertext Only – requires analysis using probabilities, distributions, and characteristics of the available ciphertext, plus any publicly known information Full or Partial Plaintext – knows some plaintext and ciphertext (C & P in C = E(P) ); only needs to determine the algorithm; can use probable plaintext analysis Ciphertext of Any Plaintext – analyst can insert data into plaintext to be encrypted

Cryptanalysis Algorithm and Ciphertext – analyst runs the algorithm on massive amounts of plaintext to try and match one with the ciphertext and deduce the sender’s encryption key Ciphertext and Plaintext – try and determine the encryption key Weaknesses – cryptanalysis often succeeds because of human error and/or carelessness

Elementary Tips for Frequency Analysis Count frequencies j,k,q,x,z have frequency less than 1% e should have frequency greater than 10% (19% in German) Italian has 3 letters with frequency > 10% and 9 letters with frequency < 1% In English, look for repeated letters (ss, ee, tt, ff, ll, mm, oo) If ciphertext contains spaces, look for one, two, three letter words (a, I, of, to, in, it, is, be, as, at, so, we, he, by, or, on, do, if, me, my, up, an, go, no, us, am, the, and) Tailor table of frequencies to message you are trying to decipher (e.g. military messages omit pronouns and articles) Be willing to guess and use experience If the frequency of the ciphertext matches frequency table, the cipher is transpositon Taken from Appendix B of The Code Book by Simon Singh, Doubleday, 1999.