CRYPTOGRAPHY Lecture 5

A B C D E F G H I J K L M N O P Q R S T U V W X Y Z B C D E F G H I J K L M N O P Q R S T U V W X Y Z A C D E F G H I J K L M N O P Q R S T U V W X Y Z A B D E F G H I J K L M N O P Q R S T U V W X Y Z A B C E F G H I J K L M N O P Q R S T U V W X Y Z A B C D F G H I J K L M N O P Q R S T U V W X Y Z A B C D E G H I J K L M N O P Q R S T U V W X Y Z A B C D E F H I J K L M N O P Q R S T U V W X Y Z A B C D E F G I J K L M N O P Q R S T U V W X Y Z A B C D E F G H J K L M N O P Q R S T U V W X Y Z A B C D E F G H I K L M N O P Q R S T U V W X Y Z A B C D E F G H I J L M N O P Q R S T U V W X Y Z A B C D E F G H I J K M N O P Q R S T U V W X Y Z A B C D E F G H I J K L N O P Q R S T U V W X Y Z A B C D E F G H I J K L M O P Q R S T U V W X Y Z A B C D E F G H I J K L M N P Q R S T U V W X Y Z A B C D E F G H I J K L M N O Q R S T U V W X Y Z A B C D E F G H I J K L M N O P R S T U V W X Y Z A B C D E F G H I J K L M N O P Q S T U V W X Y Z A B C D E F G H I J K L M N O P Q R T U V W X Y Z A B C D E F G H I J K L M N O P Q R S U V W X Y Z A B C D E F G H I J K L M N O P Q R S T V W X Y Z A B C D E F G H I J K L M N O P Q R S T U W X Y Z A B C D E F G H I J K L M N O P Q R S T U V X Y Z A B C D E F G H I J K L M N O P Q R S T U V W Y Z A B C D E F G H I J K L M N O P Q R S T U V W X Z A B C D E F G H I J K L M N O P Q R S T U V W X Y SAVEMEPLEASE plain text CRYPTOGRAMCR keyword URTTFSVCEMUV enciphered The first letter, S is encrypted using the row beginning with C The second letter, A is encryted using the row beginning with R The third letter, V is encrypted using the row beginning with Y The fourth letter, E, is encrypted using the row beginning with P. And so on... You can use

Breaking the Vigenere cipher It wasn't until 1854, over two hundred years later, that the Vigenère Cipher was finally cracked by the British cryptographer Charles Babbage. Babbage employed a mix of cryptographic genius, intuition and sheer cunning to break the Vigenère Cipher. Amazingly, his work was never published in his lifetime, and it was over a hundred years later, in the 1970's, that his technique was finally made public. This slide and the next few copied directly from Simon Singh’s website.

Vigenere cipher: the unbreakable code The strength of the Vigenère Cipher is that the same letter can be encrypted in different ways. For example, if the keyword is KING, then every plaintext letter can be encrypted in 4 ways, because the keyword contains 4 letters. Each letter of the keyword defines a different cipher alphabet in the Vigenère Square. Whole words will be enciphered in different ways - the word 'the' could be enciphered as DPR, BUK, GNO and ZRM depending on its position relative to the keyword. Although this makes cryptanalysis difficult, it is not impossible. This slide and the next few copied directly from Simon Singh’s website.

Breaking the Vigenere cipher: the unbreakable code The important point to note is that if there are only four ways to encipher the word 'the', and the original message contains several uses of the word 'the', then it is inevitable that some of the four possible encipherments will be repeated in the ciphertext. This is demonstrated in the following example, in which the line "The Sun and the Man in the Moon", has been enciphered using the Vigenere cipher and the keyword KING. This slide and the next few copied directly from Simon Singh’s website.

Breaking the Vigenere cipher KINGKINGKINGKINGKINGKING keyword THESUNANDTHEMANINTHEMOON plaintext DPRYEVNTNBUKWIAOXBUKWWBT cipher The letters BUK repeat after 8 letters. This suggests that the number of letters in the keyword is a factor of 8. So, the keyword has 2, 4, or 8 letters.

Breaking the Vigenere cipher The word 'the' is enciphered as DPR in the first instance, and then as BUK on the second and third occasions. The reason for the repetition of BUK is that the second 'the' is displaced by 8 letters with respect to the third 'the', and 8 is a multiple of the length of the keyword. In other words, the second 'the' was enciphered according to its relationship to the keyword, and by the time we reach the third 'the', the keyword has cycled round exactly twice, to repeat the relationship. This slide and the next few copied directly from Simon Singh’s website.

Breaking the Vigenere cipher Babbage's vital breakthrough was to realize that repetitions in the ciphertext indicated repetitions in the plaintext and that the space between such repetitions hinted at the length of the keyword.

Breaking the Vigenere cipher Once the length of the keyword is determined, the message can be broken up into the corresponding number of messages, each one is a caesar shifted cipher, and amenable to frequency analysis. This is how Babbage cracked the Vigènere Cipher.

Breaking the Vigenere cipher This slide and the next few copied directly from Simon Singh’s website. Babbage defined a series of steps to crack the Vigenère Cipher. Let us try to decipher a sample ciphertext. We know that it is enciphered using the Vigenère Cipher, but we know nothing about the original message or the keyword.

Breaking the Vigenere cipher RIKVBIYBITHUSEVAZMMLTKASRNHPNPZICSWDSVMBIYFQEZUBZPBRGY NTBURMBECZQKBMBPAWIXSOFNUZECNRAZFPHIYBQEOCTTIOXKUNOH MRGCNDDXZWIRDVDRZYAYYICPUYDHCKXQIECIEWUICJNNACSAZZZGA CZHMRGXFTILFNNTSDAFGYWLNICFISEAMRMORPGMJLUSTAAKBFLTIBY XGAVDVXPCTSVVRLJENOWWFINZOWEHOSRMQDGYSDOPVXXGPJNRVI LZNAREDUYBTVLIDLMSXKYEYVAKAYBPVTDHMTMGITDZRTIOVWQIECEY BNEDPZWKUNDOZRBAHEGQBXURFGMUECNPAIIYURLRIPTFOYBISEOED ZINAISPBTZMNECRIJUFUCMMUUSANMMVICNRHQJMNHPNCEPUSQDMIV YTSZTRGXSPZUVWNORGQJMYNLILUKCPHDBYLNELPHVKYAYYBYXLER MMPBMHHCQKBMHDKMTDMSSJEVWOPNGCJMYRPYQELCDPOPVPBIEZ ALKZWTOPRYFARATPBHGLWWMXNHPHXVKBAANAVMNLPHMEMMSZHM TXHTFMQVLILOVVULNIWGVFUCGRZZKAUNADVYXUDDJVKAYUYOWLVBE OZFGTHHSPJNKAYICWITDARZPVU

Breaking the Vigenere cipher RIKVBIYBITHUSEVAZMMLTKASRNHPNPZICSWDSVMBIYFQEZUBZPBRGY NTBURMBECZQKBMBPAWIXSOFNUZECNRAZFPHIYBQEOCTTIOXKUNOH MRGCNDDXZWIRDVDRZYAYYICPUYDHCKXQIECIEWUICJNNACSAZZZGA CZHMRGXFTILFNNTSDAFGYWLNICFISEAMRMORPGMJLUSTAAKBFLTIBY XGAVDVXPCTSVVRLJENOWWFINZOWEHOSRMQDGYSDOPVXXGPJNRVI LZNAREDUYBTVLIDLMSXKYEYVAKAYBPVTDHMTMGITDZRTIOVWQIECEY BNEDPZWKUNDOZRBAHEGQBXURFGMUECNPAIIYURLRIPTFOYBISEOED ZINAISPBTZMNECRIJUFUCMMUUSANMMVICNRHQJMNHPNCEPUSQDMIV YTSZTRGXSPZUVWNORGQJMYNLILUKCPHDBYLNELPHVKYAYYBYXLER MMPBMHHCQKBMHDKMTDMSSJEVWOPNGCJMYRPYQELCDPOPVPBIEZ ALKZWTOPRYFARATPBHGLWWMXNHPHXVKBAANAVMNLPHMEMMSZHM TXHTFMQVLILOVVULNIWGVFUCGRZZKAUNADVYXUDDJVKAYUYOWLVBE OZFGTHHSPJNKAYICWITDARZPVU

Breaking the Vigenere cipher  Figure out the frequency tables for this message (show file)(show file)  See what length the keyword is: 7 is a good guess.7 is a good guess.

Breaking the Vigenere cipher It seems probable that the keyword is 7 letters long. For the time being let us call the keyword L1-L2-L3-L4-L5-L6-L7. The letter L1 defines one row of the Vigenère square, and effectively provides a monoalphabetic substitution cipher alphabet for the first letter of the plaintext, and also the 8th 15th 22nd letters, etc. So if we take the corresponding letters in the ciphertext, we know they have been encrypted using the same row of the Vigenère square, and we can work out which row by using frequency analysis, because each row of the square is equivalent to one monoalphabetic cipher. This polyalphabetic cipher consists of cycling between 7 monoalphabetic ciphers.

Breaking the Vigenere cipher Now we perform a frequency analysis of the portion of the ciphertext corresponding to each of the shifts. This should give us a good idea of the keyword.

HW#5a: breaking a Vigenere cipher message Use the Vigenere cipher to encrypt a longish message. Then swap with other groups and try to break the code. Remember that you will need some computational help... Or a lot of time and brain power.

Ciphers Monoalphabetic ciphers are easy to encode, but also easy to break. Polyalphabetic ciphers are hard to break, but also hard to use. Something in the middle: –Homophonic substitution ciphers

Ciphers Monoalphabetic ciphers: each letter in the plaintext is encoded by only one letter from the cipher alphabet, and each letter in the cipher alphabet represents only one letter in the plaintext. Polyalphabetic ciphers: each letter in the plaintext can be encoded by any letter in the cipher alphabet, and each letter in the cipher alphabet may represent different letters from the plaintext each time it appears.

Example: Homophonic Ciphers A B C D E F G H I J K L M N O P Q R S T U V W X Y Z Encode letters which are more frequent by more possible numbers. We therefore need more than 26 cipher symbols. Each letter in plaintext has several ciphertext representations, but each ciphertext letter only represents one plaintext letter. So this is still a type of monoalphabetic cipher, but it is not amenable to frequency analysis.

Homophonic Ciphers The homophonic cipher is still a type of monoalphabetic cipher, mainly because once the cipher alphabet is set, it does not change. It is not amenable to frequency analysis, but it is breakable by digraph analysis. For example, the letter Q is a funny letter – in English it always appears in combination with a u QU, so if we find a letter which is only ever followed by a small number (2-4) of letters, we can assume they make a QU pair.

HW#6b: Homophonic Ciphers

Digraph ciphers A digraph cipher encrypts by substituting each digraph (i.e. pair of letters) in the message with a different digraph or symbol. In the digraph cipher shown here, each plaintext digraph is substituted with a digraph from the square. For example, 'as' is encrypted by finding the intersection of the column headed by 'a' with the row headed by 's', which gives us NO. So, the plaintext digraph 'as' is substituted with the ciphertext digraph NO. This digraph cipher much harder to break than a single letter cipher, because the codebreaker has to identify the true value of 676 digraphs, as opposed to struggling with just 26 letter substitutions.

Digraph ciphers The Great Cipher of the Rossingols A digraph cipher encrypts by substituting each digraph (i.e. pair of letters) in the message with a different digraph or symbol. In the digraph cipher shown here, each plaintext digraph is substituted with a digraph from the square. For example, 'as' is encrypted by finding the intersection of the column headed by 'a' with the row headed by 's', which gives us NO. So, the plaintext digraph 'as' is substituted with the ciphertext digraph NO. This digraph cipher much harder to break than a single letter cipher, because the codebreaker has to identify the true value of 676 digraphs, as opposed to struggling with just 26 letter substitutions.

Digraph ciphers The Great Cipher of the Rossingols This cipher was only broken 200 years later, by Etiemme Bazeries. He used frequency analysis to figure out what the most common digraphs were in the messages and compared them to the most common digraphs. But this did not lead him far. The code was not all digraphs, some letters were used too. And the Rossingols were sneaky – they introduced pitfalls such as a number that represented neither a letter nor a digraph, only an instruction to delete the previous letter. Bazeries managed to make headway by identifying the cluster several times and postulating that this represented les-en-ne-mi-s. This crucial breakthough allowed him to complete new words by knowing parts, thus identifying more symbols and in turn figuring out more words.