1 ch. 2 classical encryption techniques. 2 contents symmetric cipher model substitution techniques...
TRANSCRIPT
1
Ch. 2 Classical EncryptionTechniques
2
Contents
Symmetric Cipher Model
Substitution Techniques
Transposition Techniques
Rotor Machines
Steganography
3
Symmetric Cipher Model
Plaintext (or message)- The original message
Ciphertext - The coded message
Encipher (or encrypt) - Converting plaintext to ciphertext
Decipher (or decrypt) - Restoring plaintext from ciphertext
Key – Secret input to encryption and decryption.
4
Symmetric Cipher Model
Cryptography A study on creating encryption schemes
Cryptanalysis A study on breaking encryption schemes
Cryptology Cryptograph + Cryptanalysis
Cryptographic system (or a cipher) An encryption scheme
5
Symmetric Cipher Model
Two requirements for symmetric ciphers
The encryption algorithm should be strong. An opponent cannot decrypt a ciphertext and discover the key
even if the opponent knows the encryption algorithm. So, the encryption algorithm does not need to be kept secret.
This feature makes it convenient for widespread use
A secret key should be known only to sender and receiver.
Because if someone has the key, he can decrypt every ciphertext.
6
Plaintext X= [X1, X2, …, Xm]
Ciphertext Y= [Y1, Y2, …, Yn]
Formal Notations
7
Secret Key K= [K1, K2, …, Kj]
Key source may be either a sender or a third party.
Formal Notations
8
Encryption: Y= EK(X)
Decryption: X= DK(Y)
Formal Notations
9
A cryptanalyst tries to find either the plaintext or the secret key.
Formal Notations
10
Cryptography
Classification of cryptographic system
The type of encryption operations Substitution
Each element in the plaintext is mapped into another element. A C, B F, …
Transposition Elements in the plaintext are rearranged. message essgeam
11
Cryptography
Classification of cryptographic system
The number of keys Single-key or secret-key or conventional encryptions
Both sender and receiver use the same key Two-key or public-key encryptions
Sender and receiver use different keys.
12
Cryptography
Classification of cryptographic system
The way in which plaintext is processed A block cipher
Processes the input one block of elements at a time. Produces an output block for each input block.
A stream cipher Processes the input elements continuously. Produces output one element at a time.
13
Cryptanalysis
Types of cryptanalytic attacks Based on the amount of information known to the cryptanalyst
Ciphertext only Known plaintext Chosen plaintext more information Chosen ciphertext Chosen text
14
Ciphertext only Known information
Encryption algorithm Ciphertext
Known plaintext Known information.
Encryption algorithm Ciphertext One or more plaintext-ciphertext pairs
Cryptanalysis
15
Chosen plaintext Known information.
Encryption algorithm Ciphertext One or more plaintext-ciphertext pairs where the opponent can choo
se the plaintext.
Chosen ciphertext Known information.
Encryption algorithm Ciphertext One or more plaintext-ciphertext pairs where the opponent can choo
se the ciphertext.
Cryptanalysis
16
Chosen text Known information.
Encryption algorithm Ciphertext One or more plaintext-ciphertext pairs where the opponent can choo
se either the plaintext or the ciphertext.
Cryptanalysis
17
Unconditionally Secure
An encryption scheme is unconditionally secure (Stinson) If the ciphertext does not contain enough information
Ciphertext is generated by encryption scheme and information can be used to determine the uniquely corresponding to the plaintext
then opponent is impossible to decrypt the ciphertext
18
Computationally Secure
Computationally secure (stinson) The cost of breaking the cipher exceeds the value of the encrypted i
nformation The value of the contents of the encrypted original message is not bi
g enough to decrypt
The time required to break the cipher exceeds the useful lifetime of the information After the decryption, the message is no longer valuable
19
Brute-force Attack
Trying every possible key until an intelligible translation of the ciphertext into plaintext is
obtained On average, half of all possible keys must be tried to achieve
success.
Key Size (bit) Number of Alternative Keys
Time required at
1 encryption/ ㎲Time required at
106 encryptions/ ㎲32 232=4.3×109 231 ㎲ =35.8 minutes 2.15 milliseconds
56 (DES) 256=7.2×1016 255 ㎲ =1142 years 10.01 hours
128 (AES) 2128=3.4×1038 2127 ㎲ =5.4×1024years 5.4×1018 years
168 (Triple DES) 2168=3.7×1050 2167 ㎲ =5.9×1036years 5.9×1030 years
26characters
(permutation)
26!=4×1026 2×1026 ㎲ =6.4×1012years 6.4×106 years
20
Contents
Symmetric Cipher Model
Substitution Techniques Shift Cipher (Caesar Cipher) Monoalphabetic Ciphers Playfair Cipher Hill Cipher Polyalphabetic Ciphers One-Time Pad
Transposition Techniques
Rotor Machines
Steganography
21
Shift Cipher
A simple substitution cipher
Substitution rule Circular right shift by k alphabets where k is the key. When k = 4, A E, B F, … X B, Y C, Z D Encryption of plaintext baby with k = 4
When k = 3, the shift cipher is called Caesar Cipher.
22
Shift Cipher
Decryption of ciphertext FEFC Inverse of encryption
Cryptanalysis of shift cipher Brute-force approach
The key space is too small: only 26 possible keys
JBCRCLQRWCRVNBJENBWRWN
0 Jbcrclqrwcrvnbjenbwrwn
1 Iabqbkpqvbqumaidmavqvm
… …
9 astitchintimesavesnine
23
Three important characteristics of to use a brute-force cryptanalysis
What generally makes brute-force cryptanalysis impractical is the use of an algorithm that employs a large number of keys
1. The encryption and decryption algorithms are known.2. There are only 25 keys to try.3. The language of the plaintext is known and easily
recognizable.
24
Monoalphabetic Cipher
Encryption Substitute each symbol in a plaintext using a permutation.
a b c d e f g h i j k l m
X N Y A H P O G Z Q W B T
n o p q r s t u v w x y z
S F L R C V M U E K J D I
25
Monoalphabetic Cipher
Decryption Substitute each symbol in a ciphertext using the inverse permutatio
n.
Quiz MGZVYZLGHCMHJMYXSSFMNHAHYCDLMHA ?
The Shift Cipher is a special case of monoalphabetic cipher.
26
Monoalphabetic Cipher
Brute-force attack is impossible.
26! possible permutation is available 4 × 1026 possible keys
Key Size (bit) Number of Alternative Keys
Time required at
1 encryption/ ㎲Time required at
106 encryptions/ ㎲32 232 = 4.3×109 231 ㎲ =35.8 minutes 2.15 milliseconds
56 (DES) 256 = 7.2×1016 255 ㎲ =1142 years 10.01 hours
128 (AES) 2128 = 3.4×1038 2127 ㎲ =5.4×1024years 5.4×1018 years
168 (Triple DES) 2168 = 3.7×1050 2167 ㎲ =5.9×1036years 5.9×1030 years
26 characters 26! = 4×1026 2×1026 ㎲ =6.4×1012years 6.4×106 years
27
Attack with frequency information
If the cryptanalyst knows the nature of the plaintext,
the analyst can exploit the regularities of the language. Using a standard frequency distribution for English.
28
The 1st step Determine the relative frequency of the letters in ciphertext and
compare them to a standard frequency distribution for English
<Ciphertext>
UZQSOVUOHXMOPVGPOZPEVSGZWSZOPFPESXUDBMETSXAIZ
VUEPHZHMDZSHZOWSFPAPPDTSVPQUZWYMXUZUHSX
EPYEPOPDZSZUFPOMBZWPFUPZHMDJUDTMOHMQ
Attack with frequency information
P 13.33 H 5.83 F 3.33 B 1.67 C 0.00
Z 11.67 D 5.00 W 3.33 G 1.67 K 0.00
S 8.33 E 5.00 Q 2.50 Y 1.67 L 0.00
U 8.33 V 4.17 T 2.50 I 0.83 N 0.00
O 7.50 X 4.17 A 1.67 J 0.83 R 0.00
M 6.67
29
English Letter Frequencies
Relative Frequency of Letters in English Text
P 13.33 H 5.83 F 3.33 B 1.67 C 0.00
Z 11.67 D 5.00 W 3.33 G 1.67 K 0.00
S 8.33 E 5.00 Q 2.50 Y 1.67 L 0.00
U 8.33 V 4.17 T 2.50 I 0.83 N 0.00
O 7.50 X 4.17 A 1.67 J 0.83 R 0.00
M 6.67
30
Comparing this breakdown with Figure 2.5 Cipher text letters P plain letters e and Z are the equivalent of and t
But it is not certain which is which The letter S,U,O,M and H plain letters from the set {a, h, i, n, o, r, s}⇒
Attack with frequency information
31
A powerful tool is to look at the frequency of two-letter combinations (as diagram) The most common such diagram is th In our ciphertext, the most common diagram is ZW Guess ZW ⇒ th
Most frequent trigrams (three-letter combination) ZWP appears in the ciphertext, and translate that we sequence as “t
he”
Attack with frequency information
32
2nd step Notice the sequence ZWSZ in the first line. it is of the form th_t.
S => a
The completed plaintext it was disclosed yesterday that several informal but direct contact
s have been made with political representatives of the viet cong in moscow
U Z Q S O V U O H X M O P V G P O Z P E V S G Z WS Z O P F P E S X U D B M E T S X A I Zt a e e t e a t h a t e e a a
V U E P H Z H M D Z S H Z O WS F P A P P D T S V P Q U Z WY M X U Z U H S Xe t t a t h a e e e a e t h t a
E P Y E P O P D Z S Z U F P O M B Z WP F U P Z H M D J U D T M O H M Qe e e t a t e t h e t
Attack with frequency information
33
A countermeasure by Carl Friedrich Gauss Homophones
The number of symbols assigned to each letter is proportional to the relative frequency of that letter.
The letter e 16, 74, 35 and 21⇒ Frequency of each letter is ideal. But multiple-letter patterns still survive in the ciphertext
Attack with frequency information
34
Playfair cipher
Two methods to lessen the extent to which the structure of the plaintext survives in the ciphertext.
One is to encrypt multiple letters of plaintext. The other is to use multiple cipher alphabets.
35
Playfair cipher
Key is a 5 x 5 matrix. Key : MONARCHY Filling in the letters of the keyword from
(minus duplicates) left to right and from top to bottom.
Filling in the remainder of the matrix with the remaining letters in alphabetic order.
The letter I and J count as one letter.
M O N A R
C H Y B D
E F G I/J K
L P Q S T
U V W X Z
Treats diagrams (two letter) in the plaintext as single units and translates these units into ciphertext.
36
Playfair cipher
Encryption Each plaintext letter is replaced by the letter that lie
s in its own row and the column of its pair. hs : BP ea ?
IM or JM
If two letters are in the same column or row? rm ?
M O N A R
C H Y B D
E F G I/J K
L P Q S T
U V W X Z
37
Playfair cipher
Two letters in the same row Replace each letter by the letter to the righ
t, circularly. ar : RM
Two letters in the same column. Replace each letter by the letter beneath, ci
rcularly. mu : CM
Two letters in the pair are the same. Separate them with a filler letter. balloon : ba lx lo on
M O N A R
C H Y B D
E F G I/J K
L P Q S T
U V W X Z
38
Playfair cipher
The strength of playfair cipher A great advance over simple Monoalphabetic cipher 26 × 26 =676 diagrams Making frequency analysis much more difficult. However, it still leaves much of the structure of the plaintext language. A few hundred letters of ciphertext are generally sufficient to break Pla
yfair cipher.
39
Playfair cipher
40
Playfair cipher
Let know the meaning of the horizontal axis and vertical axis The number of occurrences of each letter in the text was counter And the value of each letter was divided by the number of occurrences of
the letter e (the most frequently used letter)
LetterFrequencydistribution
LetterFrequencydistribution
LetterFrequencydistribution
E 1 D 0.33482916 P 0.15186585T 0.71295859 L 0.31687923 B 0.11746182A 0.64296961 C 0.21902063 V 0.07699575O 0.59100929 U 0.21713116 Q 0.07124862I 0.5507794 M 0.18941899 K 0.06077783N 0.53133365 W 0.18579751 J 0.01204535S 0.49811053 F 0.17540545 X 0.01180916H 0.47976697 G 0.15863644 Z 0.00582585R 0.4713431 Y 0.1554086
41
Hill Cipher
Take m successive plaintext letters and substitutes for them m ciphertext letters.
42
Hill Cipher
Encryption key: m x m matrix
1,11,10,1
1,11.10,1
1,01,00,0
11,0110
...
.........
...
...
),...,(),...,,(
mmmm
m
m
mm
kkk
kkk
kkk
xxxyyy
1,11,10,1
1,11.10,1
1,01,00,0
...
.........
...
...
mmmm
m
m
kkk
kkk
kkk
43
Hill Cipher
Encrypt the plaintext july with k =
We partition july into ju and ly. ju: (9, 20)
ly: (11, 24)
73
811
(3,4)(159,212)140)60,72(9973
811(9,20)
(11,22)(84,256)168)72,88(1273
811(11,24)
44
Hill Cipher
Decryption Use the inverse of key matrix
),...,(
1
...
.........
...
...
),...,,( 11,0
1,11,10,1
1,11.10,1
1,01,00,0
110
m
mmmm
m
m
m xxx
kkk
kkk
kkk
yyy
45
Hill Cipher
The hill cipher can be difficult to break with a ciphertext-only attack
But it succumbs to a known plaintext attack. Assume that the opponent know the value of m.
46
Suppose he has m distinct plaintext-ciphertext pairs
, for 0 ≤ j ≤ m-1.
Hill Cipher
),...,,( ,1,1,0 jmjjj xxxx ),...,,( ,1,1,0 jmjjj yyyy
Kxxxyyy mm ),...,(),...,,( 0,10,1,0,00,10,10,0
Kxxxyyy mm ),...,(),...,,( 1,11,1,1,01,11,11,0
1,11,10,1
1,11.10,1
1,01,00,0
1,11,11,0
1,11,11,0
0,10,10,0
1,11,11,0
1,11,11,0
0,10,10,0
...
.........
...
...
...
.........
...
...
...
.........
...
...
mmmm
m
m
mmmm
m
m
mmmm
m
m
kkk
kkk
kkk
xxx
xxx
xxx
yyy
yyy
yyy
· ·
· ·
47
Hill Cipher
1,11,10,1
1,11.10,1
1,01,00,0
1,11,10,1
1,11.10,1
1,01,00,0
1,11,10,1
1,11.10,1
1,01,00,0
...
.........
...
...
...
.........
...
...
...
.........
...
...
mmmm
m
m
mmmm
m
m
mmmm
m
m
kkk
kkk
kkk
xxx
xxx
xxx
yyy
yyy
yyy
1,11,10,1
1,11.10,1
1,01,00,0
1,11,10,1
1,11.10,1
1,01,00,0
1,11,10,1
1,11.10,1
1,01,00,0
...
.........
...
...
...
.........
...
...1
...
.........
...
...
mmmm
m
m
mmmm
m
m
mmmm
m
m
kkk
kkk
kkk
yyy
yyy
yyy
xxx
xxx
xxx
48
Hill Cipher
Suppose the plaintext Friday is encrypted to the ciphertext PQCFKU using a Hill Cipher with m = 2. eK(5, 17) = (15, 16), eK(8, 3) = (2, 5), eK(0, 24) = (10, 20) We get the matrix equation
So
K
38
175
52
1615
152
19
38
173det)1(
38
1751,1
11
1
A
38
197
52
1615
152
19K
49
What would the opponent do if he does not know m? Assuming that m is not too big, he could simply try m = 2, 3, …. ,
untill the key found.
Hill Cipher
50
Polyalphabetic Ciphers
Another way to improve monoalphabetic ciphers To use multiple cipher alphabets Vigenère cipher
A set of shift ciphers are used.
51
Vigenère Cipher
Encryption m = 6, K = (2,8,15,7,4,7)
Decryption Inverse of encryption
19 7 8 18 2 17 24 15 19 14 18 24
2 8 15 7 4 17 2 8 15 7 4 17
21 15 23 25 6 8 0 23 8 21 22 15
plaintext
key
ciphertext
52
Vigenère Cipher
Formal Definition Let m be a positive integer. For a key K = (k0, k1, … , km-1), we define
eK(x0, x1, … , xm-1) = ( x0 + k0 , x1 + k1, … , xm-1 + km-1)
dK(y0, y1, … , ym-1) = ( y0 - k0 , y1 - k1, … , ym-1 – km-1)
Where all operations are performed in Z26
53
Vigenère Cipher
Cryptanalysis
The number of possible keys 26m
Exhaustive key search is infeasible if m is not too small.
However, the Vigenère cipher can be cryptanalyzed using the frequency of letters.
54
Vigenère Cipher
55
Vigenère Cipher
Encryption m = 6, K = (2,8,15,7,4,7)
We first compute m and then compute K. Techniques used
Kasiski test The index of coincidence
19 7 8 18 2 17 24 15 19 14 18 24
2 8 15 7 4 17 2 8 15 7 4 17
21 15 23 25 6 8 0 23 8 21 22 15
plaintext
key
ciphertext
56
Vigenère Cipher
Observation: Two identical segments of plaintext will be encrypted to the same ciphertext whenever their occurrence in the plaintext is δ positions apart, where .
Kasiski test
Search the ciphertext for pair of identical segments of length at least three.
Record the distance between the starting positions of the two segments If we obtain several such distances, sayδ1,δ2, … ,
Then we would conjecture that m divides all of the δi’s Hence m divides the greatest common divisor of theδi’s
)(mod 0 m
57
Vigenère Cipher
The distances from the first occurrence to other four occurrences are 165, 235, 275, 285.
The greatest common divisor of these four integers is 5. (very likely keyword length)
CHREEVOAHMAERATBIAXXWTNXBEEOPHBSQMQEQERBWRVXUOAKXAOSXXWEAHBWGJMMQMNKGRFVGXWTRZXWIAKLXFPSKAUTEMNDCMGTSXMXBTUIADNGMGPSRELXNJELXVRVPRTULHDNQWTWDTYGBPHXTFALJHASVBFXNGLLCHRZBWELEKMSJIKNBHWRJGNMGJSGLXFEYPHAGNRBIEQJTAMRVLCRREMNDGLXRRIMGNSNRWCHRQHAEYEVTAQEBBIPEEWEVKAKOEWADREMXMTBHHCHRTKDNVRZCHRCLQOHPWQAIIWXNRMGWOIIFKEE
58
Vigenère Cipher
The index of coincidence
Observe that a completely random string will have
The two values 0.065 and 0.038 are quite apart.
letterprobabilit
ylette
rprobabilit
y
A .082 N .067
B .015 O .075
C .028 P .019
D .043 Q .001
E .127 R .060
F .022 S .063
G .020 T .091
H .061 U .028
I .070 V .010
J .002 W .023
K .008 X .001
L .040 Y .020
M .024 Z .001
065.0)(25
0
2 i
ic pI x
038.026
1)
26
1(26 2 cI
59
Vigenère Cipher
Using index of coincidence Define m substring of y, denoted y1, y2, … , ym,
y1 = y1ym+1y2m+1 … y2 = y2ym+2y2m+2 …
…ym= ymy2my3m …
If m is indeed the keyword length Each value Ic(yi) ≈ 0.065.
If m is not the keyword length The substrings yi will look much more random. Each value Ic(yi) ≈ 0.038.
60
Vigenère Cipher
Computation of indices of coincidence m = 1, index of coincidence is 0.045 m = 2, we get 0.046 and 0.041 m = 3, we get 0.043, 0.050, and 0.047 m = 4, we get 0.042. 0.039. 0.046, and 0.040 m = 5, we get 0.063, 0.068, 0.069, 0.061, and 0.072
61
Vigenère Cipher
How to determine the key K = (k1, k2, … , km).
Let p’0, … , p’25 denote the probabilities of A, B, …, Z in the string yi.
Since substring yi is obtained by shift encryption of a subset of the plaintext using a shift ki ,
p0 ≈ p’0+k , p1 ≈ p’1+k , …
62
Vigenère Cipher
Compute
for all 0 ≤ k ≤ 25.
If k = ki, I ≈ 0.065.
If k ≠ ki, I ≈ 0.038.
'25
0
I kii
i pp
63
Vigenère Cipher
Y1
.035 .031 .036 .037 .035 .039 .028 .028 .048
.061 .039 .035 .040 .038 .038 .044 .036 .030
.042 .043 .036 .033 .049 .043 .041 .036 .000
Y2
.069 .044 .032 .035 .044 .034 .036 .033 .030
.031 .042 .045 .040 .045 .046 .042 .037 .032
.034 .037 .032 .034 .043 .032 .026 .047 .000
Y3
.048 .029 .042 .043 .044 .034 .038 .035 .032
.049 .035 .031 .035 .065 .035 .038 .036 .045
.027 .035 .034 .034 .037 .035 .046 .040 .000
Y4
.045 .032 .033 .038 .060 .034 .034 .034 .050
.033 .033 .043 .040 .033 .028 .036 .040 .044
.037 .050 .034 .034 .039 .044 .038 .035 .000
Y5
.034 .031 .035 .044 .047 .037 .043 .038 .042
.037 .033 .032 .035 .037 .036 .045 .032 .029
.044 .072 .036 .027 .030 .048 .036 .037 .000
From the data in Table 1.4, the key is likely to be K = (9, 0, 13, 4, 19)
64
Vigenère Cipher
Decrytion of the ciphertext
The almond tree was in tentative blossom. The days were longer, often ending with magnificent evenings of corrugated pink skies. The hunting season was over, with hounds and guns put away for six months. The vineyards were busy again as the well-organized farm-ers treated their vines and the more lackadaisical neighbors hurried to do the pruning they should have done in November.
65
Autokey system
The problem of Vigenère cipher The periodic nature of the keyword
Vigenère proposed Autokey system The periodic nature is eliminated by using a nonrepeating keyword. The keyword is as long as the message itself. After key is exhausted, keyword is concatenated with the plaintext it
sself to provide a running key.
66
Autokey system
For example
Easy to break Because key and plaintext share the same frequency distribution of
letters Statistical technique can be applied.
e enciphered with e would occur with a frequency of (0.1275)2 0.0163, t enciphered with t would occur with a frequency of (0.0925)2 0.0086,
Key: deceptivewearediscoveredsavPlaintext: wearediscoveredsaveyourselfCipheretxt: ZICVTWQNGKZEIIGASXSTSLVVWLA
67
Vernam cipher
The ultimate way to prevented them choosing a keyword The keyword is as long as the plaintext And this has no statistical relationship
By AT&T engineer named Gilbert Vernam in 1918 This system works on binary data rather than letters
68
Vernam cipher
Encryption Algorithm
Decryption Algorithm
Proposed the use of a running loop of tape This is eventually repeated the key. It can be broken with sufficient ciphertext, the use of known or
probable plaintext sequences, or both
iii kcp
rationor(XOR)opeexclusive
ciphertext ofdigit binary ith c
key ofdigit binary ith k
plaintext ofdigit binary ith p
i
i
i
iii kpc
69
One-Time Pad
Use a random key that was truly as long as the message, with no repetitions
Unbreakable Because it produce random output that bears no statistical
relationship to the plaintext. And the ciphertext contains no information whatsoever about
plaintext
70
One-Time Pad
Two different decryptions using two different key Using a Vigenère cipher scheme with 27 characters
The tableau of Vigenère be expanded to 27 Х27
Suppose that cryptanalyst to find these two keys Two plausible plaintext are produced How is the cryptanalyst to decide which is the correct decryption?
If the actual key were produced A truly random fashion, Thus, there is no way to decide which key is correct
A N K Y O D K Y U R E P F J B Y O J D S P L R E Y I U N O F D O I U E R F P L U Y T S
ciphertext: A N K Y O D K Y U R E P F J B Y O J D S P L R E Y I U N O F D O I U E R F P L U Y T Skey: p x l m v m s y d o f t y r v z w c t n l e b n e c v g d u p a h f z z l m n y i hplaintext: m r m u s t a r d w i t h t h e c a n d l e s t i c k i n t h e h a l l
ciphertext: A N K Y O D K Y U R E P F J B Y O J D S P L R E Y I U N O F D O I U E R F P L U Y T Skey: m f u g p m i y d g a x g o u f h k l l l m h s q d q o g t e w b q f g y o v u h w tplaintext: m i s s s c a r l e t w i t h t h e k n i f e i n t h e l i b r a r y
71
One-Time Pad
Two fundamental difficulties: The practical problem of making large quantities of random keys
Any heavily used system might require millions of random characters on a regular basis.
The problem of key distribution and protection For every message to be sent, a key of equal length is needed by
both sender and receiver.
Because of these difficulties, the one-time pad is of limited utility
72
Contents
Symmetric Cipher Model
Substitution Techniques Shift Cipher (Caesar Cipher) Monoalphabetic Ciphers Playfair Cipher Hill Cipher Polyalphabetic Ciphers One-Time Pad
Transposition Techniques
Rotor Machines
Steganography
73
Rail Fence
The simplest transposition technique Encryption
Plaintext : meet me after the toga party
Write down as a sequence of diagonals Read off as a sequence of rows
Ciphertext : mematrhtgpryetefeteoaat Depth : 2
mematrhtgpry mematrhtgpry etefeteoaatetefeteoaat
74
A more complex scheme
To write the message in a rectangle, row by row, and read the message off column by column
n ⅹm matrix
A pure transposition cipher is easily recognized It has the same letter frequencies as the original plaintext.
key : 4 3 1 2 5 6 7plaintext : a t t a c k p o s t p o n e d u n t i l t w o a m x y zciphertext: TTNAAPTMTSUOAODWCOIXKNIYPETZ
75
A more complex scheme
The transposition cipher can be made significantly more secure by performing more than one stage of transposition. Message is re-encrypted using the same algorithm.
key : 4 3 1 2 5 6 7plaintext : t t n a a p t m t s u o a o d w c o i x k n l y p e t zciphertext: NSCYAUOPTTWLTMDNAOIEPAXTTOKZ
key : 4 3 1 2 5 6 7plaintext : a t t a c k p o s t p o n e d u n t i l t w o a m x y zciphertext: TTNAAPTMTSUOAODWCOIXKNIYPETZ
76
To visualize the result of this double transposition
Designate the letters in the original plaintext message by the numbers
designating their position.
After the first transposition
Which has a somewhat regular structure
But after the second transposition
a t t a c k p o s t p o n e d u n t i l t w o a m x y z1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28
3 10 17 24 4 11 18 25 2 9 16 23 1 8 15 22 5 12 19 26 6 13 20 27 7 14 21 28+2 +3 +4
After the first trans position we have
+1base -1 -2
17 09 05 27 24 16 12 07 10 02 22 20 03 25 15 13 04 23 19 14 11 01 26 21 18 08 06 28After the second trans position we have
77
Rotor Machine
Multiple stages of substitution
The basic principle
Set of independently rotating
cylinders
Each cylinder has 26 input pins
and 26 output pins
78
Rotor Machine If we associate each input and output
with a letter of the alphabet
A single cylinder defines a monoalp
habetic substitution
The cylinder rotates one position afte
r an encryption of a letter.
The internal connection are shifted a
ccordingly
Thus, a different monoalphabetic su
bstitution cipher is defined
79
Rotor Machine
After 26 letters, the cylinder wou
ld be back to the initial
Polyalphabetic permutation algor
ithm with period of 26
The output of one cylinder are co
nnected to the input of the next
80
Rotor Machine
The one farthest rotates one pin
position with each keystroke
For every complete rotation of
the outer cylinder, the middle
cylinder rotates one pin position
For every complete rotation of
the middle cylinder, the inner
cylinder rotates one pin position
26 ⅹ26 ⅹ 26 = 17,576
81
Rotor Machine (Cont.)
82
Steganography
Steganography conceal the existence of the message
83
STEGANOGRAPHY
A simple form of steganography For example
The sequence of first letters of each word of overall message spells out the hidden message
An example in which a subset of the words of the overall message is used to convey the hidden message
84
STEGANOGRAPHY
Classic techniques Character marking : selected letters of printed or typewritten text
are overwritten in pencil (light) Invisible ink Pin punctures : small pin punctures on selected letters (light) Typewriter correction ribbon : Used between lines typed with a black
ribbon, the results of typing with correction tape are visible only under a strong light.
85
STEGANOGRAPHY
Modern techniques Using the Least Significant Bits (LSB) of frames on a CD
For example Kodak Photo CD format’s maximum resolution is 2048 by 3072 pixels Each pixel contains 24 bits of RGB color information. LSB of each 24-bit pixel can be changed without greatly affecting the
quality of the image. The result, you can hide a 2.3-megabyte message in a single digital
snapshot
86
STEGANOGRAPHY
Drawbacks of steganography A lot of overhead to hide a relatively few bits of information Once the system is discovered, it becomes virtually worthless
Alternatively, a message can be first encrypted and then hidden using steganography
Advantage of steganography To lose the fact of parties of secret communication be discovered