Cryptographic Attacks on Scrambled LZ-Compression and Arithmetic Coding - PowerPoint PPT Presentation

About This Presentation
Title:

Cryptographic Attacks on Scrambled LZ-Compression and Arithmetic Coding

Description:

Cryptographic Attacks on Scrambled LZ-Compression and Arithmetic Coding By: RAJBIR SINGH BIKRAM KAHLON – PowerPoint PPT presentation

Number of Views:107
Avg rating:3.0/5.0
Slides: 24
Provided by: bik79
Category:

less

Transcript and Presenter's Notes

Title: Cryptographic Attacks on Scrambled LZ-Compression and Arithmetic Coding


1
Cryptographic Attacks on Scrambled LZ-Compression
and Arithmetic Coding
  • By

  • RAJBIR SINGH

  • BIKRAM KAHLON

2
Outline
  • LZ Compression
  • Arithmetic Coding
  • Scrambled Input LZ Compression
  • Scrambled Input Arithmetic Coding
  • Attacks
  • Conclusions
  • References

3
LZ Compression
  • Algorithm
  • Find the longest substring in the codebook.
  • Output its code.
  • Append the very next character from the input and
    create a new codebook entry for the resulting
    string.
  • Advance past the end of the substring just
    encoded.
  • Until no more character.

4
LZ Compression
  • Example
  • abbaabbaababbaaaabaabba
  • Dictionary

Index Entry Index Entry
0 1 2 3 4 5 6 a b ab bb ba aa abb 7 8 9 10 11 12 13 baa aba abba aaa aab baab bba
5
Scrambled LZ Compression
  • Algorithm
  • Initialize the pseudo random number generator
    with encryption key.
  • Add null characters in dictionary.
  • Shuffle the initial values of dictionary.
  • Perform LZ Compression

6
Arithmetic Coding
  • It takes a stream of input symbols and replaces
    it with a single floating point output number
    greater than 0 less than 1.
  • Algorithm
  • Set low to 0.0
  • Set high to 1.0
  • While there are still input symbols do
  • Get an Input symbol
  • Code_range high - low.
  • high low rangehigh_range(symbol)
  • low low rangelow_range(symbol)
  • End of While
  • Output low

7
Scrambled Arithmetic Coding
  • Algorithm
  • Initialize the pseudo random number with
    encryption key
  • Shuffle the probability table
  • Perform Arithmetic Coding

8
Ciphertext-Only Attack
  • Attack model, in which access to a set of
    different ciphertexts is provided.
  • Success If
  • Plaintext corresponding to the ciphertext being
    analyzed.
  • The encryption key is revealed.
  • Any information about the plaintext pattern.

9
Chosen-Ciphertext Attack
  • In this case, cryptanalyst chooses ciphertext of
    his choice.
  • One of the ciphertext(LZ) taken for analysis
  • ?    Ö    ?    r    ?    æ    ?        ?    Ç   
    ?      ?   ?    ?    ?        ?    m    ?   
    O    ?        ?        ?     -    ?       
    ?    ?    ?        ?    )    ?    ?    ?    x   
    ?

10
ADAPTIVE-CHOSEN-CIPHERTEXT ATTACK
  • Attacker sends a number of cipher texts to be
    decrypted and use these decrypted cipher texts to
    select subsequent cipher texts.
  • Most advanced version of cipher text attacks.

11
Linear Cryptanalysis
  • A linear relation between bits of plaintext, the
    ciphertext and the bits of key is determined.
  • The basic idea is to approximate the operation of
    the cipher with an expression that is linear.
  • Xi1 Xi2 ..Xiu Yj1 Yj2 ..Yjv
    0                      
  • where Xi represents the i-th bit of the input
    and
  • Yj represents the j-th bit of the output and
  • represents the exclusive-OR

12
Conclusions On LZ-Compression
  • Null characters are part of cipher text, so its
    hard to distinguish between messages and null
    strings for traffic flow security.
  • The same encoded strings even within same message
    bear no resemblance to each other i.e. output is
    completely random.
  • A part of message can not be treated as separate
    and every part of message is completely dependant
    on what came prior to it.

13
Conclusions On LZ-Compression
  • In case of linear attack on LZ compression, it
    involves big numbers for computation.
  • For 1076 bytes or 210890 possible sequences will
    generate 29372 possible enciphering permutations.
    The number of possible permutations is huge and
    hides the plaintext.

14
Conclusions on Arithmetic Coding
  • No two messages M M produce same ciphertext
    file.
  • Arithmetic Coding does not use fixed codewords to
    represent symbols.
  • A large keyspace i.e. around 2048 bit encryption
    key makes it difficult to attack the algorithms
    introduced by Dr. Wang.
  • In case of linear attack, it requires 247
    known-plaintext blocks and will result in one key
    bit.

15
Chosen-Plaintext Attack
  • A chosen-plaintext attack (CPA) is an attack
    model for cryptanalysis which presumes that the
    attacker has the capability to choose arbitrary
    plaintexts to be encrypted and obtain the
    corresponding cipher texts.

16
Adaptive Chosen-Plaintext Attacks
  • This attack is similar to chosen-plaintext attack
    except that in this case, the cryptanalyst makes
    an nth query based on output of last (n-1)
    queries.

17
Differential Attacks
  • In this kind of cryptanalysis, certain fixed
    differences between the plaintext and the cipher
    text are exploited till the last round of the
    cipher. Certain differences, called
    "characteristics," in plaintext pairs have a high
    probability of causing certain differences in the
    resulting cipher text pairs. To find the correct
    round key, simply collect enough guesses so that
    one sub key is suggested more often than all the
    others.

18
Conclusions
  • Unicity Distance
  • n H(K)/M - H(M)
  • H (K) entropy of keys used in encryption
  • M maximum possible entropy for the
    plaintext
  • H (M) entropy of message

19
Conclusions
  • Case1 Plaintext is ASCII characters
  • Unicity Distance comes out to be 1432.16
    characters (very
    large).
  • Case2 Plaintext is English Language
  • Unicity Distance is 301.17 characters.
  • HM is only value that changes.

20
Conclusions
  • Large Keyspace 2048 bit encryption key.
  • Cipher text Randomness.
  • Regularities Reduction.
  • Increased Entropy.
  • Differential Attacks Impractical. For m
    chosen-plaintext pairs, the corresponding
    known-plaintext will need about 2w/2(2m1/2) known
    plaintexts (w is the block size (in bits)). With
    64-bit block using only eight chosen-plaintext
    pairs (very small number practically) ,the
    corresponding known-plaintext attack will require
    234 plaintext-cipher text pairs, a large number.
    On DES,1.5MB/Sec. data stream of plaintexts for
    three years to get the data. Less efficient than
    brute force in DES(255 v/s 255.1)

21
Conclusions
  • According to sci.crypt FAQ strong encryption
    should have following characterstics
  • Large keyspace.
  • Reasonably Large unicity distance.
  • Randomness in cipher text.
  • Resistant to all known attacks.
  • Dr. Wangs Algorithm is very strong and
    resistant to above defined attacks.

22
References
  • Wang, Chung-E Research paper http//gaia.ecs.csus
    .edu/7Ewang/cbj.pdf
  • Arithmetic Coding Source Code www.cipr.rpi.edu/w
    heeler/ac, accessed 12-07-06
  • Dr. Dobbs Journal http//www.dogma.net/markn/art
    icles/arith/part1.htm, accessed 12-07-06
  • Handbook of Applied Cryptography
    http//www.cacr.math.uwaterloo.ca/hac/about/chap1
    .pdf
  • RSA Laboratories http//www.rsasecurity.com/rsala
    bs/node.asp?id2167, accessed 12-07-06
  • Sci.Crypt FAQ http//www.contrib.andrew.cmu.edu/
    shadow/crypt.html, accessed 12-07-06

23
  • ANY QUESTIONS???
Write a Comment
User Comments (0)
About PowerShow.com