Presentation is loading. Please wait.

Presentation is loading. Please wait.

L1.1. An Introduction to Classical Cryptosystems Rocky K. C. Chang, February 2013.

Published byGeoffrey Emil Hubbard Modified over 9 years ago

Similar presentations

Presentation on theme: "L1.1. An Introduction to Classical Cryptosystems Rocky K. C. Chang, February 2013."— Presentation transcript:

1 L1.1. An Introduction to Classical Cryptosystems Rocky K. C. Chang, February 2013

2 This and the next set of slides 2

3 Outline 3  Components of a cryptosystem  Some modular arithmetic  Some classical ciphers  Shift Cipher  Substitution Cipher  Affine Cipher  Vigenère Cipher  Permutation Cipher  Stream Ciphers  Attack models and cryptanalysis

4 Elements of a secret-key cryptosystem 4

5 The Cryptosystem 5

6 A cryptosystem consists of 6  M: a finite set of possible plaintexts  C: a finite set of possible ciphertexts  K: the key space, a finite set of possible keys  E: A set of encryption rules  D: A set of decryption rules  For each K  K, there is an E K ()  E and a D K ()  D, such that  D K (E K (m)) = m for every m  M.

7 Requirements for a practical cryptosystem 7  Note that  E K () must be a 1-to-1 function.  If M = C, then E K () is a permutation.  Practically,  E K () and D K () should be efficiently computable.  An attacker, upon seeing a ciphertext, should be unable to determine the key or the plaintext.  The attack models  Cryptanalysis: attempt to compute K given some ciphertexts.

8 Several classical ciphers 8

9 First, “recall” some modular arithmetic 9  Suppose a and b are integers, and n is a positive integer (modulus).  a mod n = the remainder of a/n  {0, 1, …, n – 1}.  Congruence  a  b (mod n) iff a mod n = b mod n, i.e., same remainders.  “ a is congruent to b modulo n. ”  E.g.,  101 mod 7 = 7  14 + 3 = 3  -101 mod 7 = 7  (-15) + 4 = 4

10 The Shift Cipher 10  Let M = C = K = {0, 1, 2, …, 25}  For 0 ≤ K ≤ 25, define  E K (m) = (m + K) mod 26  D K (c) = (c – K) mod 26  For example, K = 11  m: 22 4 22 8 11 11 12 4 4 19  c: 7 15 7 19 22 22 23 15 15 4  For K = 3, the Shift Cipher is often called the Caesar Cipher.  Show that D K (E K (m)) = m for every m  M.

11 The Substitution Cipher 11  Let M = C = {0, 1, 2, …, 25}  K = {All possible permutations of the 26 numbers}  For each permutation K  K, define  E K (m) = K(m) = c  D K (c) = K -1 (c), the inverse permutation  For example, one possible K is  a b c d e f g h i j k l m n o p q r s …  X N Y A H P O G Z Q W B T S F L R C V …  E K (a) = X and D K (X) = a  Is this cipher more secure?

12 Affine Cipher 12  Let M = C = {0, 1, 2, …, 25}  K = (a, b), where a, b  {0, 1, 2, …, 25}.  Encryption and decryption functions;  E K (m) = (am + b) mod 26  D K (c) = a -1 (c - b) mod 26  E K (m) is not an one-to-one function for all a.  When a = 1, Affine Cipher is the same as a Shift Cipher.  Affine Cipher is still a special case of the Substitution Cipher.

13 The Vigenère (vee zhun AIR) Cipher 13  Monoalphabetic (e.g., Shift and Substitution) vs polyalphabetic (e.g., Vigenère)  M = C = K = (Z 26 ) n, where n is a positive integer.  For a key K (keyword) = (k 1, k 2, …, k n ), define  E K (m 1, m 2, …, m n ) = (m 1 +k 1, m 2 +k 2, …, m n +k n )  D K (c 1, c 2, …, c n ) = (c 1 – k 1, c 2 – k 2, …, c n – k n ), where  the additions and subtractions are done in mod 26.  For example, n= 6 and K = (2, 8, 15, 7, 4, 17),  m: 19 7 8 18 2 17 24 15 19 14 18 24  K: 2 8 15 7 4 17 2 8 15 7 4 17  c: 21 15 23 25 6 8 0 23 8 21 22 15  …

14 The Permutation (or Transposition) Cipher 14  All the ciphers so far involve substitution: a plaintext symbol replaced by a different symbol.  A permutation cipher keeps the plaintext symbols unchanged but to alter their positions.  M = C = (Z 26 ) n  K = {All permutations of 1, 2, …, n}.  For a key K (a given permutation), define  E K (m 1, m 2, …, m n ) = (m K(1), m K(2), …, m K(n) )  D K (c 1, c 2, …, c n ) = (c K -1 (1), c K -1 (2), …, c K -1 (n) ).

15 The Permutation Cipher (cont’d) 15  For example, n = 6  i: 1 2 3 4 5 6  K(i): 3 6 1 5 2 4  m : s h e s e l l s s e a s  c : e e s l s h s a l s e s

16 The Stream Cipher 16  The cryptosystems considered so far are known as block ciphers.  The plaintexts are encrypted using the same key.  An alternative is to generate a key stream y 1 y 2 y 3, ….  c = E y 1 (m 1 )E y 2 (m 2 )E y 3 (m 3 ) ….  M, C, and K are the same as before.  g, the keystream generator, takes a key K to generate y 1 y 2 y 3, …, where y i  L.  For each y in the keystream, there is an encryption rule E y () and a corresponding decryption rule D y (), such that  D y (E y (m)) = m for every m  M.

17 The Vigenère Cipher and the Stream Cipher 17  Define Vigenère Cipher as a Stream Cipher:  M = C = L = Z 26 (note the difference here)  K = (Z 26 ) n  For each y  L,  E y (m) = (m + y) mod 26  D y (m) = (c  y) mod 26  The keystream: y i = k i if 1 ≤ i ≤ n; y i = k i-n, else.

18 Block cipher vs stream cipher 18  Stream ciphers are typically faster than block.  Block ciphers typically require more memory as their operations are based on blocks.  Stream ciphers are more difficult to implement correctly.  Block ciphers are more susceptible to noise in transmission.  Stream ciphers do not provide integrity protection or authentication, whereas some block ciphers could provide them.

19 Attack models 19  What kind of information available to the attacker?  Kerckhoff’s principle: a cryptosystem should be secure even if everything about the system, except the key, is public knowledge.  The attack’s objective is to determine the key in use.  Different attack models:  Ciphertext-only attack: Eve possesses ciphertexts.  Known-plaintext attack: Eve possesses plaintexts and the corresponding ciphertexts.  Chosen-plaintext attack: Eve can temporarily choose a plaintext and construct the corresponding ciphertext.  Chosen-ciphertext attack: Eve can temporarily choose a ciphertext and construct the corresponding plaintext.

20 Cryptanalysis 20  The Shift, Substitution, and Vigenère Ciphers are vulnerable to ciphertext-only attacks.  The Permutation and Stream Ciphers are vulnerable to known-plaintext attacks.  Most of the cryptanalysis are based on statistical properties of the English language.  E has the highest occurrence rate (0.12)  T, A, O, I, N, S, H, R (0.06-0.09)  …  V, K, J, X, Q, Z (< 0.01)  Popular digrams: TH, HE, IN, ER, …  Popular trigrams: THE, ING, AND, HER, …

21 Cryptanalysis of the Vigenère Cipher 21  The first step is to determine n, the keyword length using Kasiski test.  The method is based on  2 identical segments of plaintext will be encrypted to the same ciphertext if they are d positions apart, where d  0 (mod n).  If 2 identical segments of ciphertext found and each length ≥ 3, it is “likely” that they correspond to identical segments of plaintext.  The test:  Search the ciphertext for pairs of identical segments of length ≥ 3.  If exists, record the distance between them, say d 1, d 2, ….  n must divide the greatest common divisor of d 1, d 2, ….

22 Conclusions 22  Classical ciphers can be classified as  Substitution vs permutation  Monoalphabetic vs polyalphabetic  Stream ciphers (e.g., JK Flip-Flop, A5, SEAL, RC4) vs block ciphers (e.g., DES, IDEA, AES, RC2)  Various stream ciphers: http://en.wikipedia.org/wiki/Stream_cipher#Usage  Ciphers’ security  The size of the key space  Vulnerability under cryptanalysis

23 Acknowledgments 23  This set of slides is prepared mainly based on  D. Stinson, Cryptography: Theory and Practice, Chapman & Hall/CRC, Second Edition, 2002.  Some of the book’s materials can be found at http://www.maths.uwa.edu.au/~praeger/teaching/3CC/WWW/ chapter2.html http://www.maths.uwa.edu.au/~praeger/teaching/3CC/WWW/ chapter2.html  The slide on block cipher vs stream cipher is based on http://security.stackexchange.com/questions/334/advantages- and-disadvantages-of-stream-versus-block-ciphers http://security.stackexchange.com/questions/334/advantages- and-disadvantages-of-stream-versus-block-ciphers  Cryptool portal: http://www.cryptool.org/en/http://www.cryptool.org/en/

Download ppt "L1.1. An Introduction to Classical Cryptosystems Rocky K. C. Chang, February 2013."

Similar presentations

Using Cryptography to Secure Information. Overview Introduction to Cryptography Using Symmetric Encryption Using Hash Functions Using Public Key Encryption.

Using Cryptography to Secure Information. Overview Introduction to Cryptography Using Symmetric Encryption Using Hash Functions Using Public Key Encryption.
CS 483 – SD SECTION BY DR. DANIYAL ALGHAZZAWI (3) Information Security.

CS 483 – SD SECTION BY DR. DANIYAL ALGHAZZAWI (3) Information Security.
Computer Science CSC 474By Dr. Peng Ning1 CSC 474 Information Systems Security Topic 2.1 Introduction to Cryptography.

Computer Science CSC 474By Dr. Peng Ning1 CSC 474 Information Systems Security Topic 2.1 Introduction to Cryptography.
Fubswrjudskb Frxuvh qxpehu:4003-482 / 4005-705 Lqvwuxfwru:Lyrqd Ehcdnryd Wrgdb’v Wrslfv: 1.Orjlvwlfv: -Fodvv olvw -Vboodexv 2. Wkh Pdwk 3. Zkdw lv Fubswrjudskb.

Fubswrjudskb Frxuvh qxpehu: / Lqvwuxfwru:Lyrqd Ehcdnryd Wrgdb’v Wrslfv: 1.Orjlvwlfv: -Fodvv olvw -Vboodexv 2. Wkh Pdwk 3. Zkdw lv Fubswrjudskb.
Lecture 2.1: Private Key Cryptography -- I CS 436/636/736 Spring 2013 Nitesh Saxena.

Lecture 2.1: Private Key Cryptography -- I CS 436/636/736 Spring 2013 Nitesh Saxena.
Classical Cryptography 1. Introduction: Some Simple Cryptosystems.

Classical Cryptography 1. Introduction: Some Simple Cryptosystems.
Cryptography Kinder Garden Number theory and Classical Cryptosystems Dr. Monther Aldwairi New York Institute of Technology- Amman Campus 10/10/2010 INCS.

Cryptography Kinder Garden Number theory and Classical Cryptosystems Dr. Monther Aldwairi New York Institute of Technology- Amman Campus 10/10/2010 INCS.
McGraw-Hill©The McGraw-Hill Companies, Inc., 2004 1 Security PART VII.

McGraw-Hill©The McGraw-Hill Companies, Inc., Security PART VII.
ICS 454: Principles of Cryptography

ICS 454: Principles of Cryptography
Introduction to Symmetric Block Cipher Jing Deng Based on Prof. Rick Han’s Lecture Slides Dr. Andreas Steffen’s Security Tutorial.

Introduction to Symmetric Block Cipher Jing Deng Based on Prof. Rick Han’s Lecture Slides Dr. Andreas Steffen’s Security Tutorial.
Chapter 2 Basic Encryption and Decryption (part B)

Chapter 2 Basic Encryption and Decryption (part B)
Lecture 23 Symmetric Encryption

Lecture 23 Symmetric Encryption
CS526Topic 2: Classical Cryptography1 Information Security CS 526 Topic 2 Cryptography: Terminology & Classic Ciphers.

CS526Topic 2: Classical Cryptography1 Information Security CS 526 Topic 2 Cryptography: Terminology & Classic Ciphers.
Cryptographic Algorithms Course information General Concepts Introductory examples Terminology Classical cryptography Cryptanalysis.

Cryptographic Algorithms Course information General Concepts Introductory examples Terminology Classical cryptography Cryptanalysis.
Computer Security CS 426 Lecture 3

Computer Security CS 426 Lecture 3
Classical Encryption Techniques

Classical Encryption Techniques
3.1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 3 Traditional Symmetric-Key Ciphers.

3.1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 3 Traditional Symmetric-Key Ciphers.
3.1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 3 Traditional Symmetric-Key Ciphers.

3.1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 3 Traditional Symmetric-Key Ciphers.
Chapter 2 Basic Encryption and Decryption. csci5233 computer security & integrity 2 Encryption / Decryption encrypted transmission AB plaintext ciphertext.

Chapter 2 Basic Encryption and Decryption. csci5233 computer security & integrity 2 Encryption / Decryption encrypted transmission AB plaintext ciphertext.
Section 2.2: Affine Ciphers; More Modular Arithmetic Practice HW (not to hand in) From Barr Textbook p. 80 # 2a, 3e, 3f, 4, 5a, 7, 8 9, 10 (Use affinecipherbreaker.

Section 2.2: Affine Ciphers; More Modular Arithmetic Practice HW (not to hand in) From Barr Textbook p. 80 # 2a, 3e, 3f, 4, 5a, 7, 8 9, 10 (Use affinecipherbreaker.

Similar presentations

Ads by Google