Cryptography Part 1: Classical Ciphers - PowerPoint PPT Presentation

1 / 27
About This Presentation
Title:

Cryptography Part 1: Classical Ciphers

Description:

The Affine Cipher. Cryptography, Jerzy Wojdylo, 5/4/01. Classical Cryptography ... The Affine Cipher. Let P = C = Z26, let. K = {(a, b) Z26 Z26 | gcd(a, 26) = 1} ... – PowerPoint PPT presentation

Number of Views:491
Avg rating:3.0/5.0
Slides: 28
Provided by: JerzyW8
Category:

less

Transcript and Presenter's Notes

Title: Cryptography Part 1: Classical Ciphers


1
CryptographyPart 1 Classical Ciphers
  • Jerzy Wojdylo
  • May 4, 2001

2
Overview
  • Classical Cryptography
  • Simple Cryptosystems
  • Cryptoanalysis of Simple Cryptosystems
  • Shannons Theory of Secrecy
  • Modern Encryption Systems
  • DES, Rijndel
  • RSA
  • Signature Schemes

3
Cryptosystem
  • A cryptosystem is a five-tuple (P,C,K,E,D),
    where the following are satisfied
  • P is a finite set of possible plaintexts
  • C is a finite set of possible ciphertexts
  • K, the keyspace, is a finite set of possible
    keys
  • ?K?K, ?eK?E (encryption rule), ?dK?D (decryption
    rule). Each eK P?C and dK C?P are functions
    such that ?x?P, dK(eK(x)) x.

4
Notation
  • English alphabet
  • Lower case a, b, c,, z for plaintext
  • Upper case A, B, C,, Z for ciphertext
  • For encryption and decryption algorithms, we will
    substitute letters a, b, c,, z with numbers 0,
    1, 2,, 25.

5
Classical Cryptography
  • Monoalphabetic CiphersOnce a key is chosen, each
    alphabetic character of a plaintext is mapped
    onto a unique alphabetic character of a
    ciphertext.
  • The Shift Cipher (Caesar Cipher)
  • The Substitution Cipher
  • The Affine Cipher

6
Classical Cryptography
  • Polyalphabetic CiphersEach alphabetic character
    of a plaintext can be mapped onto m alphabetic
    characters of a ciphertext. Usually m is related
    to the encryption key.
  • The Vigenère Cipher
  • The Hill Cipher
  • The Permutation Cipher

7
The Shift (Caesar) Cipher
  • Let P C K Z26.
  • ?x?P, ?y?C, ?K?K, define
  • eK(x) x K (mod 26)
  • and
  • dK(y) y - K (mod 26).
  • Example on www.

8
The Substitution Cipher
  • Let P C Z26, let K S26
  • ?x?P, ?y?C, ???K, define
  • e?(x) ?(x)
  • and
  • d?(x) ?-1(x).
  • Example on www.

9
The Affine Cipher
  • Let P C Z26, let
  • K (a, b) ? Z26 ? Z26 gcd(a, 26) 1.
  • ?x?P, ?y?C, ?K ?K, define
  • eK(x) ax b (mod 26)
  • and
  • dK(y) a-1(y b) (mod 26).
  • Example on www.

10
The Vigenère Cipher
  • Let m ? Z, let P C K (Z26)m. For a key K
    (k1, k2, ,, km),
  • we define
  • eK (x1, x2, ,, xm) (x1 k1, x2 k2,, xm km)
  • and
  • dK (x1, x2, ,, xm) (x1 k1, x1 k1,, xm
    km)
  • where all operations are modulo 26.
  • This is an example (www) of a block cipher.

11
The Hill Cipher
  • Let m ? Z, let P C (Z26)m, let
  • K m?m invertible matrices over Z26.
  • For a key K, we define
  • eK(x) Kx (mod 26)
  • and
  • dK(y) K-1y (mod 26).
  • Example MATLAB.

12
The Permutation Cipher
  • Let m ? Z, let P C (Z26)m, let K Sm.
  • For a key (i.e. a permutation) p we define
  • ep (x1, x2, ,, xm) (xp (1), xp (2),, xp (m))
  • and
  • dp (y1, y2, ,, ym)(yp-1(1), yp -1 (2),,
    yp-1(m))
  • where p-1 is the inverse permutation to p.
  • (The Hill Cipher, where K a permutation matrix.)

13
Cryptoanalysis
  • Kerchkhoffs Principle cryptosystem (the
    algorithm) is NOT secret, the key is secret.
  • Common attacks to obtain the key
  • Ciphertext-only
  • Known plaintext
  • Chosen plaintext
  • Chosen ciphertext

14
Attack on a Shift Cipher
  • Ciphertext-only
  • Exhaustive search
  • 26 cases
  • Very insecure cipher

15
Cryptoanalysis of a Monoalphabetic Cipher
  • Ciphertext-only attack
  • Letter frequencies the English language

16
Attack on a Substitution Cipher
  • Insecure cipher, even though the number of
    possible keys is 26! 40329146112660563558400000
    0(approximately 4.03291026)
  • Letter frequencies calculator
  • www

17
Attack on the Vigenère Cipher
  • Kasiski test (m, length of the key)
  • Fredrich Wilhelm Kasiski (1863)
  • Charles Babbage (1854, result remained secret)
  • Two identical segments of plaintext will be
    encrypted to the same ciphertext if their
    occurrence in the plaintext is x position apart,
    where x is a multiple of m.

18
Attack on the Vigenère Cipher
  • CHREEVOAHMAERATBIAXXWTNXBEEOPHBSBQMQEQERBWRVXUOAK
    XAOSXXWEAHBWGJMMQMNKGRFVGXWTRZXWIAKLXFPSKAUTEMNDCM
    GTSXMXBTUIADNGMGPSRELXNJELXVRVPRTULHDNQWTWDTYGBPHX
    TFALJHASVBFXNGLLCHRZBWELEKMSJIKNBHWRJGNMGJSGLXFEYP
    HAGNRBIEQJTAMRVLCRREMNDGLXRRIMGNSNRWCHRQHAEYEVTAQE
    BBIPEEWEVKAKOEWADREMXMTBHHCHRTKDNVRZCHRCLQOHPWQAII
    WXNRMGWOIIFKEE

19
Attack on the Vigenère Cipher
  • Positions of CHR 1, 166, 236, 276, 286.
  • Differences of positions 166 1 165 236
    1 235276 1 235 286 1 285
  • The gcd of these differences is 5, so the key is
    most likely of length m 5.

20
Attack on the Vigenère Cipher
  • Divide the ciphertext into 5 subsrtings
    (positions 5k, 5k1, 5k2, 5k3, 5k4)
  • Analize each substring as a monoalphabetic
    cipher.
  • Continue on http//math.ucsd.edu/crypto/java/EARL
    YCIPHERS/Vigenere.html
  • Also an insecure cipher

21
Cryptonalysis of the Hill Cipher
  • Number of keys k number of invertible m?m
    matrices with coefficients from Z26.Does anyone
    know the formula?
  • If p is prime, the alphabet is Zp then
  • If p 29 and

m 3 4 5 10
k 1.41013 2.41023 3.51036 1.710146
22
Cryptonalysis of the Hill Cipher
  • Easily broken with known plaintext attack.
  • Permutation Cipher Hill Cipher, where the key
    is a permutation matrix.
  • Both ciphers are insecure.

23
Perfect Secrecy
  • A cryptosystem is computationally secure if the
    best algorithm for breaking it requires at least
    N operations, where N is some specified , very
    large number.Problems
  • A cryptosystem is unconditionally secure if it
    cannot be broken with infinite computational
    resources.

24
Perfect Secrecy
  • None of the classical cryptosystems is even
    computationally secure.
  • However the Shift Cipher, the Substitution
    Cipher, and the Vigènere Cipher are
    unconditionally secure if only one element of
    plaintext is encrypted with a given key!REALLY???

25
Perfect Secrecy
  • Claude Shannon Communication Theory of Secrecy
    Systems, Bell Systems Technical Journal, (1949)
    .
  • A cryptosystem has perfect secrecy if pP(xy)
    pP(x) for any x?P and y?C. That is the a
    posteriori probability that the plaintext is x,
    given that the ciphertext is y, is identical to
    the a priori probability that the plaintext is x.

26
Perfect Secrecy
  • Theorem (Shannon). Suppose the 26 keys in the
    Shift Cipher are used with equal probability
    1/26. Then for any plaintext probability
    distribution, the Shift Cipher has perfect
    secrecy.
  • Consequences One-time Pad Cryptosystem (Gilbert
    Vernam, 1917). Key, plaintext, and ciphertext
    have the same length. Problems with keys very
    long, distribution. Each key can be used only
    ONCE!

27
The EndCryptography, Part 1 Classical Ciphers
  • Cryptography
  • Part 2 Modern Cryptosystems
  • Stay Tuned
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2024 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "Cryptography Part 1: Classical Ciphers" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!