Presentation is loading. Please wait.

Presentation is loading. Please wait.

CSE331: Introduction to Networks and Security Lecture 17 Fall 2002.

Published by Modified over 8 years ago

Similar presentations

Presentation on theme: "CSE331: Introduction to Networks and Security Lecture 17 Fall 2002."— Presentation transcript:

1 CSE331: Introduction to Networks and Security Lecture 17 Fall 2002

2 CSE331 Fall 20022 Announcements Informal Midterm Course Evaluation –Anonymous –Return at the end of class

3 CSE331 Fall 20023 Recap Primitive Cryptosystems –Monoalphabetic Substitutions –Polyalphabetic Substitutions Today: –Cryptanalysis of Polyalphabetic Ciphers –Intro to Industrial Strength Encryption

4 CSE331 Fall 20024 Polyalphabetic Substitutions Pick k substitution ciphers –  1  2  3 …  k –Encrypt the message by rotating through the k substitutions Same letter can be mapped to multiple different ciphertexts –Helps smooth out the frequency distributions –Diffusion m e s s a g e  1 ( m )  2 ( e )  3 ( s )  4 ( s )  1 ( a )  2 ( g )  3 ( e ) q a x o a u v

5 CSE331 Fall 20025 Kasiski Method Identify key length of polyalphabetic ciphers –If pattern appears k times and key length is n then it will be encoded k/n times by the same key 1. Identify repeated patterns of  3 chars. 2. For each pattern –Compute the differences between starting points of successive instances –Determine the factors of those differences 3. Key length is likely to be one of the frequently occurring factors

6 CSE331 Fall 20026 Cryptanalysis Continued Once key length is guessed to be k… Split ciphertext into k slices –Single letter frequency distribution for each slice should resemble English distribution How do we tell whether a particular distribution is a good match for another? –Let prob(  ) be the probability for letter  –In a perfectly flat distribution prob(  ) = 1/26  0.0384

7 CSE331 Fall 20027 Variance: Measure of “roughness” Measure distance from “flat” dist. Var = (prob(  ) – 1/26) 2   = a  = z = … = prob(  ) 2 – 1/26   = a  = z

8 CSE331 Fall 20028 Estimate Variance From Frequency prob(  ) 2 is probability that any two characters drawn from the text will be  Suppose there are n ciphertext letters total Suppose freq(  ) is the frequency of  What is likelihood of picking  twice at random? – freq(  ) ways of picking the first a – (freq(  ) – 1) ways of picking the second a – But this counts twice because ( ,  ) = ( ,  ) – So freq(  ) x (freq(  ) – 1) 2

9 CSE331 Fall 20029 Index of Coincidence But there are pairs of letters …so prob(  ) is roughly Index of coincidence: approximates variance from frequencies 2 n x (n-1) freq(  ) x (freq(  ) – 1) n x (n-1)   = a  = z n x (n-1) freq(  ) x (freq(  ) – 1) IC =

10 CSE331 Fall 200210 What’s it good for? If the distribution is flat, then IC  0.0384 If the distribution is like English, then IC  0.068 Can verify key length: IC 0.068 0.052 0.047 0.044 0.044 … 0.038 keylen 1 2 3 4 5 many

11 CSE331 Fall 200211 Summary: Cracking Polyalphabetics Use Kasiski method to guess likely key lengths Compute the Index of Coincidence to verify key length k k-Slices should have similar IC to English Note: digram information harder to use for polyalphabetic ciphers… –May want to consider “split digrams” –Example: if tion is a common sequence k=2 then “t?o” and “i?n” are likely “split digrams”

12 CSE331 Fall 200212 Perfect Substitution Ciphers Choose a string of random bits the same length as the plaintext, XOR them to obtain the ciphertext. Perfect Secrecy –Probability that a given message is encoded in the ciphertext is unaltered by knowledge of the ciphertext –Proof: Give me any plaintext message and any ciphertext and I can construct a key that will produce the ciphertext from the plaintext. p 1 p 2 p 3 … p n b 1 b 2 b 3 … b n c 1 c 2 c 3 … c n 

13 CSE331 Fall 200213 One-time Pads Another name for Perfect Substitution Actually used by US agents in Russia –Physical pad of paper –List of random numbers –Pages were torn out and destroyed after use Vernam Cipher –Used by AT&T –Random sequence stored on punch tape Not practical for computer security…

14 CSE331 Fall 200214 Problems with “Perfect” Substitution Key is the same length as the plaintext –Sender and receiver must agree on the same random sequence –Not any easier to transmit key securely than to transmit plaintext securely Need to be able to generate many truly random bits –Pseudorandom numbers generated by an algorithm aren’t good enough for long messages Can’t reuse the key

15 CSE331 Fall 200215 Computational Security Perfect Ciphers are unconditionally secure –No amount of computation will help crack the cipher In practice, strive for computationally secure –Given enough power, the attacker could crack the cipher (example: brute force attack) –But, an attacker with only bounded resources is extremely unlikely to crack it –Example: Assume attacker has only polynomial time, then encryption algorithm that can’t be inverted in less than exponential time is secure.

Download ppt "CSE331: Introduction to Networks and Security Lecture 17 Fall 2002."

Similar presentations

CLASSICAL ENCRYPTION TECHNIQUES

CLASSICAL ENCRYPTION TECHNIQUES
Classical Encryption Techniques Week 6-wend. One-Time Pad if a truly random key as long as the message is used, the cipher will be secure called a One-Time.

Classical Encryption Techniques Week 6-wend. One-Time Pad if a truly random key as long as the message is used, the cipher will be secure called a One-Time.
CS 6262 Spring 02 - Lecture #7 (Tuesday, 1/29/2002) Introduction to Cryptography.

CS 6262 Spring 02 - Lecture #7 (Tuesday, 1/29/2002) Introduction to Cryptography.
1 Introduction CSE 5351: Introduction to cryptography Reading assignment: Chapter 1 of Katz & Lindell.

1 Introduction CSE 5351: Introduction to cryptography Reading assignment: Chapter 1 of Katz & Lindell.
Lecture 2.1: Private Key Cryptography -- I CS 436/636/736 Spring 2013 Nitesh Saxena.

Lecture 2.1: Private Key Cryptography -- I CS 436/636/736 Spring 2013 Nitesh Saxena.
Announcements: Please pass in Assignment 1 now. Please pass in Assignment 1 now. Assignment 2 posted (when due?) Assignment 2 posted (when due?)Questions?

Announcements: Please pass in Assignment 1 now. Please pass in Assignment 1 now. Assignment 2 posted (when due?) Assignment 2 posted (when due?)Questions?
EEC 688/788 Secure and Dependable Computing Lecture 4 Wenbing Zhao Department of Electrical and Computer Engineering Cleveland State University

EEC 688/788 Secure and Dependable Computing Lecture 4 Wenbing Zhao Department of Electrical and Computer Engineering Cleveland State University
CSE331: Introduction to Networks and Security Lecture 18 Fall 2002.

CSE331: Introduction to Networks and Security Lecture 18 Fall 2002.
Intro To Encryption Exercise 1. Monoalphabetic Ciphers Examples:  Caesar Cipher  At Bash  PigPen (Will be demonstrated)  …

Intro To Encryption Exercise 1. Monoalphabetic Ciphers Examples:  Caesar Cipher  At Bash  PigPen (Will be demonstrated)  …
CryptographyPerfect secrecySlide 1 Today What does it mean for a cipher to be: –Computational secure? Unconditionally secure? Perfect secrecy –Conditional.

CryptographyPerfect secrecySlide 1 Today What does it mean for a cipher to be: –Computational secure? Unconditionally secure? Perfect secrecy –Conditional.
Chapter 2 Basic Encryption and Decryption (part B)

Chapter 2 Basic Encryption and Decryption (part B)
Announcements: Assignment 1 due tomorrow in class. Assignment 1 due tomorrow in class.Questions? Roll Call Today: Vigenere ciphers Pronunciation? DTTF/NB479:

Announcements: Assignment 1 due tomorrow in class. Assignment 1 due tomorrow in class.Questions? Roll Call Today: Vigenere ciphers Pronunciation? DTTF/NB479:
CS526Topic 2: Classical Cryptography1 Information Security CS 526 Topic 2 Cryptography: Terminology & Classic Ciphers.

CS526Topic 2: Classical Cryptography1 Information Security CS 526 Topic 2 Cryptography: Terminology & Classic Ciphers.
Computer Security CS 426 Lecture 3

Computer Security CS 426 Lecture 3
Chapter 2 – Classical Encryption Techniques

Chapter 2 – Classical Encryption Techniques
CMSC 414 Computer and Network Security Lecture 3 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 3 Jonathan Katz.
Cryptography Week-6.

Cryptography Week-6.
Cryptanalysis. The Speaker  Chuck Easttom  

Cryptanalysis. The Speaker  Chuck Easttom  
History and Background Part 1: Basic Concepts and Monoalphabetic Substitution CSCI 5857: Encoding and Encryption.

History and Background Part 1: Basic Concepts and Monoalphabetic Substitution CSCI 5857: Encoding and Encryption.
Chapter 2 Basic Encryption and Decryption. csci5233 computer security & integrity 2 Encryption / Decryption encrypted transmission AB plaintext ciphertext.

Chapter 2 Basic Encryption and Decryption. csci5233 computer security & integrity 2 Encryption / Decryption encrypted transmission AB plaintext ciphertext.

Similar presentations

Ads by Google