1 Chapter 2 Advanced Cryptography (Part A) Overview History of cryptography Cryptanalysis

2 What is Cryptography? (review) Cryptography is the process of converting plaintext into ciphertext to hide information from unauthorized users Plaintext: readable text (also called cleartext) Ciphertext: unreadable or encrypted text Decryption is the process of converting ciphertext back to plaintext

3 Cryptosystems (review) Cryptosystems provide the following services: Confidentiality: denies unauthorized parties access to information. Authenticity: validates the source of the message, to ensure that the sender is properly identified. Integrity: provides assurance that the message was not modified, accidentally or intentionally. Nonrepudiation: establishes that a particular sender has sent the message so that they cannot deny having sent the message at a later date. Different types of messages require higher or lower degrees of one or all of the services. For example …

4 Strength of Cryptosystem (review) The strength of the algorithm and the secrecy of the key determine how secure the encrypted data is E.g.: breaking a cryptosystem can be accomplished by a brute force attack Trying every possible key value until the resulting plaintext is meaningful. If a key can be broken with a Pentium processor in three hours, the cipher is not strong at all. If the key can only be broken with the use of a thousand multiprocessing systems over 1.2 million years, then it is pretty strong.  Security is relative

5 Chapter 2 Advanced Cryptography (Part A) Overview History of cryptography Cryptanalysis

6 History of cryptography The first encryption methods date back to 4000 years ago. Some Egyptian hieroglyphics were encrypted Atbash Cipher a Hebrew cryptographic method the alphabet to be flipped so that each letter in the original alphabet was mapped to a different letter in the flipped, alphabet. ABCDEFGHIJKLMNOPQRSTUVWXYZ ZYXWVUTSRQPONMLKJIHGFEDCBA e.g.: Encypt “atbash”  ? Decrpt “hvxfirgb”  ?

7 Scytale Cipher (review) Scytale cipher 400 B.C. the Spartans Write a message on a sheet of papyrus that was wrapped around a staff; The papyrus was delivered and wrapped around a different staff by the recipient; The message was only readable if it was wrapped around the correct size staff, which would make the letters properly match up

8 Caesar Cipher (review) Julius Caesar (100–44 B.C.) developed a simple encryption method -- shifted the alphabet by three positions Standard Alphabet: ABCDEFGHIJKLMNOPQRSTUVWXYZ Cryptographic Alphabet: DEFGHIJKLMNOPQRSTUVWXYZABC Example: Encypt “caesar”  ? Decrpt “vhfxulwb”  ?

9 Substitution Cipher (review) Both Atbash cipher and Caesar Cipher are substitution cipher, because each character is replaced with another character. Monoalphabetic substitution cipher: uses only one alphabet, Polyalphabetic substitution cipher: uses multiple alphabets Q1. Can you formulate them use mathematically? Hint: integers 0 – 25 represent 26 characters; m: message / plaintext, c: cipher text; encryption: c = E(m) = ? decryption: m = D(c) = ? Q2. Is Scytale cipher a substitution cipher?

10 Transposition Cipher (review) Transposition Cipher: rearrange letters in plaintext to produce cipher text Scytale cipher is a transposition cipher Rail-Fence cipher is another transposition cipher Plaintext is HELLO WORLD Encryption: c = E(m)HLOOL ELWRD  HLOOLELWRD Describe decryption process: m = D(c) = ?

11 Vigenère Cipher The Vigenère cipher is a method of encryption that uses a series of different Caesar ciphers based on the letters of a keyword. Appears to be unbreakable. The Vigenère cipher has been reinvented many times. The method was originally described by Giovan Batista Belaso in his 1553 book La cifra del. Sig. Giovan Batista Belaso However, the scheme was later misattributed to Blaise de Vigenère in the 19th century, and is now widely known as the "Vigenère cipher".

12 Terms in Vigènere Cipher Vigènere table: a table used to encipher and decipher Vigènere cipher has key letters on top, plaintext letters on the left. There are 27 shift alphabets Vigènere cipher is a polyalphabetic substitution cipher. In contrary, Caesar cipher is a monoalphabetic substitution cipher Key is used with Vigènere table in encryption / decryption

13 The Vigènere Table G I V A G I V B H J W E L M Z H N P C L R T G O U W J S Y A N T Z B O Y E H T A mini example Encryption: A key letter V, and a plaintext letter T  follow V column down to T row  “O” Decryptioin: A key letter V, and a ciphertext letter O  “T”

14 Vigènere Cipher Example If the message is longer than the key, the key repeats itself E.g. 1: Key: LEMON Encrypt plaintext:ATTACKATDAWN KeyLEMONLEMONLE mATTACKATDAWN c E.g.2, Decrypt ciphertext: P R U U Z L Q: How to represent Vigènere Cipher in formula? (Hint: encryption / decryption is done character by character)

15 Exercise 1) Encrypt a plaintext with the key “lucky” c o m p u t i n g g i v e s i n s i g h t 2) Decrypt a ciphertext with the key “vector” o l k l w j v r g q o d k p g h t k c i x b u v i i t x q z k l g k

16 Chapter 2 Advanced Cryptography (Part A) Overview History of cryptography Cryptanalysis

17 Cryptanalysis Cryptanalysis is the science of studying and breaking the secrecy of encryption processes, compromising authentication schemes, and reverse-engineering protocols. All previously introduced ciphers have been broken. Basic methods: Statistical analysis Exhaustive search key space

18 Statistical analysis Each character has a certain frequency. A.k.a. 1-gram model of English a0.080h0.060n0.070t0.090 b0.015i0.065o0.080u0.030 c j0.005p0.020v0.010 d0.040k0.005q0.002w0.015 e0.130l0.035r0.065x0.005 f0.020m0.030s0.060y0.020 g0.015z0.002

19 Statistical Analysis (1) f(c) frequency of character c in ciphertext p(x) is frequency of character x in English  (i) correlation of frequency of letters in ciphertext with corresponding letters in English, assuming key is i  (i) =  0 ≤ c ≤ 25 f(c)p(c – i)

20 Statistical Attack (2) E.g., a Caesar cipher : KHOOR ZRUOG step 1: Compute frequency of each letter in ciphertext: G0.1H0.1K0.1O0.3 R0.2U0.1Z0.1 Step 2: Compute correlation  for key i  (i) = 0.1p(6 – i) + 0.1p(7 – i) + 0.1p(10 – i) + 0.3p(14 – i) + 0.2p(17 – i) + 0.1p(20 – i) + 0.1p(25 – i)

21 Correlation:  (i) for 0 ≤ i ≤ 25 i (i)(i) i (i)(i) i (i)(i) i (i)(i)

22 The Result Step 3: find the most probable keys, based on  : i = 6,  (i) = plaintext EBIIL TLOLA i = 10,  (i) = plaintext AXEEH PHKEW i = 3,  (i) = plaintext HELLO WORLD i = 14,  (i) = plaintext WTAAD LDGAS The only valid English phrase is for i = 3. That’s the key (3 or ‘D’)

23 Exhaustive search If the key space is small enough, try all possible keys until you find the right one Q 1: How large is the key space in Caesar cipher ? Q2: If we use exhaustive search, what is the expected number of trials when breaking Caesar cipher? Q3: How about the key space of Vigènere Cipher? Q4: How to break Vigènere Cipher?

24 Attacking Vigènere Cipher – Vigenere ciphers were regarded by many as practically unbreakable for 300 years. – In 1863, a Prussian major named Kasiski proposed a method for breaking it. – This method was not in fact invented by Kasiski but instead by Charles Babbage; – Babbage's discovery was used to aid English military campaigns, and was not published until several years later; as a result credit for the development was instead given to Friedrich Kasiski

25 Statistical analysis of Vigènere Cipher 1. Establish period n (the length of key) 2. Break cipher into n parts, each part being enciphered using the same key letter 3. Solve each part  leverage one part from another We want to break this cipher: ADQYS MIUSB OXKKT MIBHK IZOOO EQOOG IFBAG KAUMF VVTAA CIDTW MOCIO EQOOG BMBFV ZGGWP CIEKQ HSNEW VECNE DLAAV RWKXS VNSVP HCEUT QOIOF MEGJS WTPCH AJMOC HIUIX

26 Step 1. Establish Period n Important observation: Repetitions in the ciphertext occur when characters of the key appear over the same characters in the plaintext e.g. Key VIGVIGVIGVIGVIGV plain THEBOYHASTHEBALL cipher OPKWWECIYOPKWIRG

27 Repetitions in this example cipher LettersStartEndDistanceFactors MI , 5 OO OEQOOG , 3, 5 FV , 2, 2, 3 AA , 2, 11 MOC , 2, 2, 3, 3 QO , 7 PC , 2, 2, 2, 3 NE , 3 SV CH , 3

28 Estimate of Period n A long repetition “OEQOOG” and “MOC” are probably not coincidence Their distances are 30 and 72. The greatest common divisor of 30 and 72 is 6. many other shorter repetitions have 2 and 3 in their factors Thus the estimate period n = 6 Verify Period n by Friedman test (we skip this part)

29 Step 2: Break cipher into n parts Key-1: AIKHOIATTOBGEEERNEOSAI Key-2: DUKKEFUAWEMGKWDWSUFWJU Key-3: QSTIQBMAMQBWQVLKVTMTMI Key-4: YBMZOAFCOOFPHEAXPQEPOX Key-5: SOIOOGVICOVCSVASHOGCC Key-6: MXBOGKVDIGZINNVVCIJHH

30 Statistical Analysis each part Counting characters in each part ABCDEFGHIJKLMNOPQRSTUVWXYZ      Compare with unshifted alphabet frequencies in English: HMMMHMMHHMMMMHHMLHHHMLLLLL

31 Solve each part (2) First part: matches characteristics of unshifted alphabet A  A Third part : I  A Sixth part : V  A Substitute into ciphertext: ADIYS RIUKB OCKKL MIGHKAZOTO EIOOL IFTAG PAUEF VATAS CIITW EOCNO EIOOL BMTFV EGGOP CNEKIHSSEW NECSE DDAAA RWCXS ANSNPHHEUL QONOF EEGOS WLPCM AJEOC MIUAX

32 Solve each part (3) further analysis AJE in last line suggests “ARE”, meaning second alphabet maps A into S: ALIYS RICKB OCKSL MIGHS AZOTO MIOOL INTAG PACEF VATIS CIITE EOCNO MIOOL BUTFV EGOOP CNESI HSSEE NECSE LDAAA RECXS ANANP HHECL QONON EEGOS ELPCM AREOC MICAX

33 Solve each part (4) further analysis MICAX in last line suggests “mical” (a common ending for an adjective), meaning fourth alphabet maps O into A: QI means that U maps into I, as Q is always followed by U: ALIMS RICKP OCKSL AIGHS ANOTO MICOL INTOG PACET VATIS QIITE ECCNO MICOL BUTTV EGOOD CNESI VSSEE NSCSE LDOAA RECLS ANAND HHECL EONON ESGOS ELDCM ARECC MICAL

34 Got It! ALIME RICKP ACKSL AUGHS ANATO MICAL INTOS PACET HATIS QUITE ECONO MICAL BUTTH EGOOD ONESI VESEE NSOSE LDOMA RECLE ANAND THECL EANON ESSOS ELDOM ARECO MICAL Note that: Vigenere cipher is easy to break by hand. However, the principle of cryptanalysis hold for more complex ciphers that can be implemented only by computer.

35 The War Machines: The Purple Machine The Purple Machine is developed and used by the Japanese during World War II Employed techniques discovered by Herbert O. Yardley The code was broken by William Frederick Friedman Known as the “Father of U.S. Cryptanalysis”

36 The War Machines: Enigma Enigma is developed by Arthur Scherbius Used by the Germans during World War II Enigma substituted each letter typed by an operator Substitutions were computed using a key and a set of switches or rotors The code was broken first by a group of Polish cryptographers The machine for breaking the code was called the “Bombe”

37 Design of Enigma Machine An electrical voltage applied to the Q terminal on the top row will appear at the L terminal on the bottom row.

38 How to use the Enigma machine? 1. The originator configures the Enigma machine to its initial settings; 1. Type in the first letter of the message, and the machine would substitute the letter with a different letter; The encryption was done by moving the rotors a predefined number of times 2. Advance the rotors and enter the next letter. Each time a new letter was to be encrypted, the operator would advance the rotors to a new setting.

39 Mechanism of the Enigma Machine The chosen substitution for each letter was dependent upon the rotor setting Assumption: the operators at each end needed to know the key - the initial setting, which is the crucial and secret part of this process And how to advanced the rotors when encrypting and decrypting a message