1 ch. 2 classical encryption techniques. 2 contents symmetric cipher model substitution techniques...

1

Ch. 2 Classical EncryptionTechniques

2

Contents

Symmetric Cipher Model

Substitution Techniques

Transposition Techniques

Rotor Machines

Steganography

3

Symmetric Cipher Model

Plaintext (or message)- The original message

Ciphertext - The coded message

Encipher (or encrypt) - Converting plaintext to ciphertext

Decipher (or decrypt) - Restoring plaintext from ciphertext

Key – Secret input to encryption and decryption.

4

Symmetric Cipher Model

Cryptography A study on creating encryption schemes

Cryptanalysis A study on breaking encryption schemes

Cryptology Cryptograph + Cryptanalysis

Cryptographic system (or a cipher) An encryption scheme

5

Symmetric Cipher Model

Two requirements for symmetric ciphers

The encryption algorithm should be strong. An opponent cannot decrypt a ciphertext and discover the key

even if the opponent knows the encryption algorithm. So, the encryption algorithm does not need to be kept secret.

This feature makes it convenient for widespread use

A secret key should be known only to sender and receiver.

Because if someone has the key, he can decrypt every ciphertext.

6

Plaintext X= [X1, X2, …, Xm]

Ciphertext Y= [Y1, Y2, …, Yn]

Formal Notations

7

Secret Key K= [K1, K2, …, Kj]

Key source may be either a sender or a third party.

Formal Notations

8

Encryption: Y= EK(X)

Decryption: X= DK(Y)

Formal Notations

9

A cryptanalyst tries to find either the plaintext or the secret key.

Formal Notations

10

Cryptography

Classification of cryptographic system

The type of encryption operations Substitution

Each element in the plaintext is mapped into another element. A C, B F, …

Transposition Elements in the plaintext are rearranged. message essgeam

11

Cryptography

Classification of cryptographic system

The number of keys Single-key or secret-key or conventional encryptions

Both sender and receiver use the same key Two-key or public-key encryptions

Sender and receiver use different keys.

12

Cryptography

Classification of cryptographic system

The way in which plaintext is processed A block cipher

Processes the input one block of elements at a time. Produces an output block for each input block.

A stream cipher Processes the input elements continuously. Produces output one element at a time.

13

Cryptanalysis

Types of cryptanalytic attacks Based on the amount of information known to the cryptanalyst

Ciphertext only Known plaintext Chosen plaintext more information Chosen ciphertext Chosen text

14

Ciphertext only Known information

Encryption algorithm Ciphertext

Known plaintext Known information.

Encryption algorithm Ciphertext One or more plaintext-ciphertext pairs

Cryptanalysis

15

Chosen plaintext Known information.

Encryption algorithm Ciphertext One or more plaintext-ciphertext pairs where the opponent can choo

se the plaintext.

Chosen ciphertext Known information.

Encryption algorithm Ciphertext One or more plaintext-ciphertext pairs where the opponent can choo

se the ciphertext.

Cryptanalysis

16

Chosen text Known information.

Encryption algorithm Ciphertext One or more plaintext-ciphertext pairs where the opponent can choo

se either the plaintext or the ciphertext.

Cryptanalysis

17

Unconditionally Secure

An encryption scheme is unconditionally secure (Stinson) If the ciphertext does not contain enough information

Ciphertext is generated by encryption scheme and information can be used to determine the uniquely corresponding to the plaintext

then opponent is impossible to decrypt the ciphertext

18

Computationally Secure

Computationally secure (stinson) The cost of breaking the cipher exceeds the value of the encrypted i

nformation The value of the contents of the encrypted original message is not bi

g enough to decrypt

The time required to break the cipher exceeds the useful lifetime of the information After the decryption, the message is no longer valuable

19

Brute-force Attack

Trying every possible key until an intelligible translation of the ciphertext into plaintext is

obtained On average, half of all possible keys must be tried to achieve

success.

Key Size (bit) Number of Alternative Keys

Time required at

1 encryption/ ㎲Time required at

106 encryptions/ ㎲32 232=4.3×109 231 ㎲ =35.8 minutes 2.15 milliseconds

56 (DES) 256=7.2×1016 255 ㎲ =1142 years 10.01 hours

128 (AES) 2128=3.4×1038 2127 ㎲ =5.4×1024years 5.4×1018 years

168 (Triple DES) 2168=3.7×1050 2167 ㎲ =5.9×1036years 5.9×1030 years

26characters

(permutation)

26!=4×1026 2×1026 ㎲ =6.4×1012years 6.4×106 years

20

Contents

Symmetric Cipher Model

Substitution Techniques Shift Cipher (Caesar Cipher) Monoalphabetic Ciphers Playfair Cipher Hill Cipher Polyalphabetic Ciphers One-Time Pad

Transposition Techniques

Rotor Machines

Steganography

21

Shift Cipher

A simple substitution cipher

Substitution rule Circular right shift by k alphabets where k is the key. When k = 4, A E, B F, … X B, Y C, Z D Encryption of plaintext baby with k = 4

When k = 3, the shift cipher is called Caesar Cipher.

22

Shift Cipher

Decryption of ciphertext FEFC Inverse of encryption

Cryptanalysis of shift cipher Brute-force approach

The key space is too small: only 26 possible keys

JBCRCLQRWCRVNBJENBWRWN

0 Jbcrclqrwcrvnbjenbwrwn

1 Iabqbkpqvbqumaidmavqvm

… …

9 astitchintimesavesnine

23

Three important characteristics of to use a brute-force cryptanalysis

What generally makes brute-force cryptanalysis impractical is the use of an algorithm that employs a large number of keys

1. The encryption and decryption algorithms are known.2. There are only 25 keys to try.3. The language of the plaintext is known and easily

recognizable.

24

Monoalphabetic Cipher

Encryption Substitute each symbol in a plaintext using a permutation.

a b c d e f g h i j k l m

X N Y A H P O G Z Q W B T

n o p q r s t u v w x y z

S F L R C V M U E K J D I

25

Monoalphabetic Cipher

Decryption Substitute each symbol in a ciphertext using the inverse permutatio

n.

Quiz MGZVYZLGHCMHJMYXSSFMNHAHYCDLMHA ?

The Shift Cipher is a special case of monoalphabetic cipher.

26

Monoalphabetic Cipher

Brute-force attack is impossible.

26! possible permutation is available 4 × 1026 possible keys

Key Size (bit) Number of Alternative Keys

Time required at

1 encryption/ ㎲Time required at

106 encryptions/ ㎲32 232 = 4.3×109 231 ㎲ =35.8 minutes 2.15 milliseconds

56 (DES) 256 = 7.2×1016 255 ㎲ =1142 years 10.01 hours

128 (AES) 2128 = 3.4×1038 2127 ㎲ =5.4×1024years 5.4×1018 years

168 (Triple DES) 2168 = 3.7×1050 2167 ㎲ =5.9×1036years 5.9×1030 years

26 characters 26! = 4×1026 2×1026 ㎲ =6.4×1012years 6.4×106 years

27

Attack with frequency information

If the cryptanalyst knows the nature of the plaintext,

the analyst can exploit the regularities of the language. Using a standard frequency distribution for English.

28

The 1st step Determine the relative frequency of the letters in ciphertext and

compare them to a standard frequency distribution for English

<Ciphertext>

UZQSOVUOHXMOPVGPOZPEVSGZWSZOPFPESXUDBMETSXAIZ

VUEPHZHMDZSHZOWSFPAPPDTSVPQUZWYMXUZUHSX

EPYEPOPDZSZUFPOMBZWPFUPZHMDJUDTMOHMQ

Attack with frequency information

P 13.33 H 5.83 F 3.33 B 1.67 C 0.00

Z 11.67 D 5.00 W 3.33 G 1.67 K 0.00

S 8.33 E 5.00 Q 2.50 Y 1.67 L 0.00

U 8.33 V 4.17 T 2.50 I 0.83 N 0.00

O 7.50 X 4.17 A 1.67 J 0.83 R 0.00

M 6.67

29

English Letter Frequencies

Relative Frequency of Letters in English Text

P 13.33 H 5.83 F 3.33 B 1.67 C 0.00

Z 11.67 D 5.00 W 3.33 G 1.67 K 0.00

S 8.33 E 5.00 Q 2.50 Y 1.67 L 0.00

U 8.33 V 4.17 T 2.50 I 0.83 N 0.00

O 7.50 X 4.17 A 1.67 J 0.83 R 0.00

M 6.67

30

Comparing this breakdown with Figure 2.5 Cipher text letters P plain letters e and Z are the equivalent of and t

But it is not certain which is which The letter S,U,O,M and H plain letters from the set {a, h, i, n, o, r, s}⇒

Attack with frequency information

31

A powerful tool is to look at the frequency of two-letter combinations (as diagram) The most common such diagram is th In our ciphertext, the most common diagram is ZW Guess ZW ⇒ th

Most frequent trigrams (three-letter combination) ZWP appears in the ciphertext, and translate that we sequence as “t

he”

Attack with frequency information

32

2nd step Notice the sequence ZWSZ in the first line. it is of the form th_t.

S => a

The completed plaintext it was disclosed yesterday that several informal but direct contact

s have been made with political representatives of the viet cong in moscow

U Z Q S O V U O H X M O P V G P O Z P E V S G Z WS Z O P F P E S X U D B M E T S X A I Zt a e e t e a t h a t e e a a

V U E P H Z H M D Z S H Z O WS F P A P P D T S V P Q U Z WY M X U Z U H S Xe t t a t h a e e e a e t h t a

E P Y E P O P D Z S Z U F P O M B Z WP F U P Z H M D J U D T M O H M Qe e e t a t e t h e t

Attack with frequency information

33

A countermeasure by Carl Friedrich Gauss Homophones

The number of symbols assigned to each letter is proportional to the relative frequency of that letter.

The letter e 16, 74, 35 and 21⇒ Frequency of each letter is ideal. But multiple-letter patterns still survive in the ciphertext

Attack with frequency information

34

Playfair cipher

Two methods to lessen the extent to which the structure of the plaintext survives in the ciphertext.

One is to encrypt multiple letters of plaintext. The other is to use multiple cipher alphabets.

35

Playfair cipher

Key is a 5 x 5 matrix. Key : MONARCHY Filling in the letters of the keyword from

(minus duplicates) left to right and from top to bottom.

Filling in the remainder of the matrix with the remaining letters in alphabetic order.

The letter I and J count as one letter.

M O N A R

C H Y B D

E F G I/J K

L P Q S T

U V W X Z

Treats diagrams (two letter) in the plaintext as single units and translates these units into ciphertext.

36

Playfair cipher

Encryption Each plaintext letter is replaced by the letter that lie

s in its own row and the column of its pair. hs : BP ea ?

IM or JM

If two letters are in the same column or row? rm ?

M O N A R

C H Y B D

E F G I/J K

L P Q S T

U V W X Z

37

Playfair cipher

Two letters in the same row Replace each letter by the letter to the righ

t, circularly. ar : RM

Two letters in the same column. Replace each letter by the letter beneath, ci

rcularly. mu : CM

Two letters in the pair are the same. Separate them with a filler letter. balloon : ba lx lo on

M O N A R

C H Y B D

E F G I/J K

L P Q S T

U V W X Z

38

Playfair cipher

The strength of playfair cipher A great advance over simple Monoalphabetic cipher 26 × 26 =676 diagrams Making frequency analysis much more difficult. However, it still leaves much of the structure of the plaintext language. A few hundred letters of ciphertext are generally sufficient to break Pla

yfair cipher.

39

Playfair cipher

40

Playfair cipher

Let know the meaning of the horizontal axis and vertical axis The number of occurrences of each letter in the text was counter And the value of each letter was divided by the number of occurrences of

the letter e (the most frequently used letter)

LetterFrequencydistribution

LetterFrequencydistribution

LetterFrequencydistribution

E 1 D 0.33482916 P 0.15186585T 0.71295859 L 0.31687923 B 0.11746182A 0.64296961 C 0.21902063 V 0.07699575O 0.59100929 U 0.21713116 Q 0.07124862I 0.5507794 M 0.18941899 K 0.06077783N 0.53133365 W 0.18579751 J 0.01204535S 0.49811053 F 0.17540545 X 0.01180916H 0.47976697 G 0.15863644 Z 0.00582585R 0.4713431 Y 0.1554086

41

Hill Cipher

Take m successive plaintext letters and substitutes for them m ciphertext letters.

42

Hill Cipher

Encryption key: m x m matrix

1,11,10,1

1,11.10,1

1,01,00,0

11,0110

...

.........

...

...

),...,(),...,,(

mmmm

m

m

mm

kkk

kkk

kkk

xxxyyy

1,11,10,1

1,11.10,1

1,01,00,0

...

.........

...

...

mmmm

m

m

kkk

kkk

kkk

43

Hill Cipher

Encrypt the plaintext july with k =

We partition july into ju and ly. ju: (9, 20)

ly: (11, 24)

73

811

(3,4)(159,212)140)60,72(9973

811(9,20)

(11,22)(84,256)168)72,88(1273

811(11,24)

44

Hill Cipher

Decryption Use the inverse of key matrix

),...,(

1

...

.........

...

...

),...,,( 11,0

1,11,10,1

1,11.10,1

1,01,00,0

110

m

mmmm

m

m

m xxx

kkk

kkk

kkk

yyy

45

Hill Cipher

The hill cipher can be difficult to break with a ciphertext-only attack

But it succumbs to a known plaintext attack. Assume that the opponent know the value of m.

46

Suppose he has m distinct plaintext-ciphertext pairs

, for 0 ≤ j ≤ m-1.

Hill Cipher

),...,,( ,1,1,0 jmjjj xxxx ),...,,( ,1,1,0 jmjjj yyyy

Kxxxyyy mm ),...,(),...,,( 0,10,1,0,00,10,10,0

Kxxxyyy mm ),...,(),...,,( 1,11,1,1,01,11,11,0

1,11,10,1

1,11.10,1

1,01,00,0

1,11,11,0

1,11,11,0

0,10,10,0

1,11,11,0

1,11,11,0

0,10,10,0

...

.........

...

...

...

.........

...

...

...

.........

...

...

mmmm

m

m

mmmm

m

m

mmmm

m

m

kkk

kkk

kkk

xxx

xxx

xxx

yyy

yyy

yyy

· ·

· ·

47

Hill Cipher

1,11,10,1

1,11.10,1

1,01,00,0

1,11,10,1

1,11.10,1

1,01,00,0

1,11,10,1

1,11.10,1

1,01,00,0

...

.........

...

...

...

.........

...

...

...

.........

...

...

mmmm

m

m

mmmm

m

m

mmmm

m

m

kkk

kkk

kkk

xxx

xxx

xxx

yyy

yyy

yyy

1,11,10,1

1,11.10,1

1,01,00,0

1,11,10,1

1,11.10,1

1,01,00,0

1,11,10,1

1,11.10,1

1,01,00,0

...

.........

...

...

...

.........

...

...1

...

.........

...

...

mmmm

m

m

mmmm

m

m

mmmm

m

m

kkk

kkk

kkk

yyy

yyy

yyy

xxx

xxx

xxx

48

Hill Cipher

Suppose the plaintext Friday is encrypted to the ciphertext PQCFKU using a Hill Cipher with m = 2. eK(5, 17) = (15, 16), eK(8, 3) = (2, 5), eK(0, 24) = (10, 20) We get the matrix equation

So

K

38

175

52

1615

152

19

38

173det)1(

38

1751,1

11

1

A

38

197

52

1615

152

19K

49

What would the opponent do if he does not know m? Assuming that m is not too big, he could simply try m = 2, 3, …. ,

untill the key found.

Hill Cipher

50

Polyalphabetic Ciphers

Another way to improve monoalphabetic ciphers To use multiple cipher alphabets Vigenère cipher

A set of shift ciphers are used.

51

Vigenère Cipher

Encryption m = 6, K = (2,8,15,7,4,7)

Decryption Inverse of encryption

19 7 8 18 2 17 24 15 19 14 18 24

2 8 15 7 4 17 2 8 15 7 4 17

21 15 23 25 6 8 0 23 8 21 22 15

plaintext

key

ciphertext

52

Vigenère Cipher

Formal Definition Let m be a positive integer. For a key K = (k0, k1, … , km-1), we define

eK(x0, x1, … , xm-1) = ( x0 + k0 , x1 + k1, … , xm-1 + km-1)

dK(y0, y1, … , ym-1) = ( y0 - k0 , y1 - k1, … , ym-1 – km-1)

Where all operations are performed in Z26

53

Vigenère Cipher

Cryptanalysis

The number of possible keys 26m

Exhaustive key search is infeasible if m is not too small.

However, the Vigenère cipher can be cryptanalyzed using the frequency of letters.

54

Vigenère Cipher

55

Vigenère Cipher

Encryption m = 6, K = (2,8,15,7,4,7)

We first compute m and then compute K. Techniques used

Kasiski test The index of coincidence

19 7 8 18 2 17 24 15 19 14 18 24

2 8 15 7 4 17 2 8 15 7 4 17

21 15 23 25 6 8 0 23 8 21 22 15

plaintext

key

ciphertext

56

Vigenère Cipher

Observation: Two identical segments of plaintext will be encrypted to the same ciphertext whenever their occurrence in the plaintext is δ positions apart, where .

Kasiski test

Search the ciphertext for pair of identical segments of length at least three.

Record the distance between the starting positions of the two segments If we obtain several such distances, sayδ1,δ2, … ,

Then we would conjecture that m divides all of the δi’s Hence m divides the greatest common divisor of theδi’s

)(mod 0 m

57

Vigenère Cipher

The distances from the first occurrence to other four occurrences are 165, 235, 275, 285.

The greatest common divisor of these four integers is 5. (very likely keyword length)

CHREEVOAHMAERATBIAXXWTNXBEEOPHBSQMQEQERBWRVXUOAKXAOSXXWEAHBWGJMMQMNKGRFVGXWTRZXWIAKLXFPSKAUTEMNDCMGTSXMXBTUIADNGMGPSRELXNJELXVRVPRTULHDNQWTWDTYGBPHXTFALJHASVBFXNGLLCHRZBWELEKMSJIKNBHWRJGNMGJSGLXFEYPHAGNRBIEQJTAMRVLCRREMNDGLXRRIMGNSNRWCHRQHAEYEVTAQEBBIPEEWEVKAKOEWADREMXMTBHHCHRTKDNVRZCHRCLQOHPWQAIIWXNRMGWOIIFKEE

58

Vigenère Cipher

The index of coincidence

Observe that a completely random string will have

The two values 0.065 and 0.038 are quite apart.

letterprobabilit

ylette

rprobabilit

y

A .082 N .067

B .015 O .075

C .028 P .019

D .043 Q .001

E .127 R .060

F .022 S .063

G .020 T .091

H .061 U .028

I .070 V .010

J .002 W .023

K .008 X .001

L .040 Y .020

M .024 Z .001

065.0)(25

0

2 i

ic pI x

038.026

1)

26

1(26 2 cI

59

Vigenère Cipher

Using index of coincidence Define m substring of y, denoted y1, y2, … , ym,

y1 = y1ym+1y2m+1 … y2 = y2ym+2y2m+2 …

…ym= ymy2my3m …

If m is indeed the keyword length Each value Ic(yi) ≈ 0.065.

If m is not the keyword length The substrings yi will look much more random. Each value Ic(yi) ≈ 0.038.

60

Vigenère Cipher

Computation of indices of coincidence m = 1, index of coincidence is 0.045 m = 2, we get 0.046 and 0.041 m = 3, we get 0.043, 0.050, and 0.047 m = 4, we get 0.042. 0.039. 0.046, and 0.040 m = 5, we get 0.063, 0.068, 0.069, 0.061, and 0.072

61

Vigenère Cipher

How to determine the key K = (k1, k2, … , km).

Let p’0, … , p’25 denote the probabilities of A, B, …, Z in the string yi.

Since substring yi is obtained by shift encryption of a subset of the plaintext using a shift ki ,

p0 ≈ p’0+k , p1 ≈ p’1+k , …

62

Vigenère Cipher

Compute

for all 0 ≤ k ≤ 25.

If k = ki, I ≈ 0.065.

If k ≠ ki, I ≈ 0.038.

'25

0

I kii

i pp

63

Vigenère Cipher

Y1

.035 .031 .036 .037 .035 .039 .028 .028 .048

.061 .039 .035 .040 .038 .038 .044 .036 .030

.042 .043 .036 .033 .049 .043 .041 .036 .000

Y2

.069 .044 .032 .035 .044 .034 .036 .033 .030

.031 .042 .045 .040 .045 .046 .042 .037 .032

.034 .037 .032 .034 .043 .032 .026 .047 .000

Y3

.048 .029 .042 .043 .044 .034 .038 .035 .032

.049 .035 .031 .035 .065 .035 .038 .036 .045

.027 .035 .034 .034 .037 .035 .046 .040 .000

Y4

.045 .032 .033 .038 .060 .034 .034 .034 .050

.033 .033 .043 .040 .033 .028 .036 .040 .044

.037 .050 .034 .034 .039 .044 .038 .035 .000

Y5

.034 .031 .035 .044 .047 .037 .043 .038 .042

.037 .033 .032 .035 .037 .036 .045 .032 .029

.044 .072 .036 .027 .030 .048 .036 .037 .000

From the data in Table 1.4, the key is likely to be K = (9, 0, 13, 4, 19)

64

Vigenère Cipher

Decrytion of the ciphertext

The almond tree was in tentative blossom. The days were longer, often ending with magnificent evenings of corrugated pink skies. The hunting season was over, with hounds and guns put away for six months. The vineyards were busy again as the well-organized farm-ers treated their vines and the more lackadaisical neighbors hurried to do the pruning they should have done in November.

65

Autokey system

The problem of Vigenère cipher The periodic nature of the keyword

Vigenère proposed Autokey system The periodic nature is eliminated by using a nonrepeating keyword. The keyword is as long as the message itself. After key is exhausted, keyword is concatenated with the plaintext it

sself to provide a running key.

66

Autokey system

For example

Easy to break Because key and plaintext share the same frequency distribution of

letters Statistical technique can be applied.

e enciphered with e would occur with a frequency of (0.1275)2 0.0163, t enciphered with t would occur with a frequency of (0.0925)2 0.0086,

Key: deceptivewearediscoveredsavPlaintext: wearediscoveredsaveyourselfCipheretxt: ZICVTWQNGKZEIIGASXSTSLVVWLA

67

Vernam cipher

The ultimate way to prevented them choosing a keyword The keyword is as long as the plaintext And this has no statistical relationship

By AT&T engineer named Gilbert Vernam in 1918 This system works on binary data rather than letters

68

Vernam cipher

Encryption Algorithm

Decryption Algorithm

Proposed the use of a running loop of tape This is eventually repeated the key. It can be broken with sufficient ciphertext, the use of known or

probable plaintext sequences, or both

iii kcp

rationor(XOR)opeexclusive

ciphertext ofdigit binary ith c

key ofdigit binary ith k

plaintext ofdigit binary ith p

i

i

i

iii kpc

69

One-Time Pad

Use a random key that was truly as long as the message, with no repetitions

Unbreakable Because it produce random output that bears no statistical

relationship to the plaintext. And the ciphertext contains no information whatsoever about

plaintext

70

One-Time Pad

Two different decryptions using two different key Using a Vigenère cipher scheme with 27 characters

The tableau of Vigenère be expanded to 27 Х27

Suppose that cryptanalyst to find these two keys Two plausible plaintext are produced How is the cryptanalyst to decide which is the correct decryption?

If the actual key were produced A truly random fashion, Thus, there is no way to decide which key is correct

A N K Y O D K Y U R E P F J B Y O J D S P L R E Y I U N O F D O I U E R F P L U Y T S

ciphertext: A N K Y O D K Y U R E P F J B Y O J D S P L R E Y I U N O F D O I U E R F P L U Y T Skey: p x l m v m s y d o f t y r v z w c t n l e b n e c v g d u p a h f z z l m n y i hplaintext: m r m u s t a r d w i t h t h e c a n d l e s t i c k i n t h e h a l l

ciphertext: A N K Y O D K Y U R E P F J B Y O J D S P L R E Y I U N O F D O I U E R F P L U Y T Skey: m f u g p m i y d g a x g o u f h k l l l m h s q d q o g t e w b q f g y o v u h w tplaintext: m i s s s c a r l e t w i t h t h e k n i f e i n t h e l i b r a r y

71

One-Time Pad

Two fundamental difficulties: The practical problem of making large quantities of random keys

Any heavily used system might require millions of random characters on a regular basis.

The problem of key distribution and protection For every message to be sent, a key of equal length is needed by

both sender and receiver.

Because of these difficulties, the one-time pad is of limited utility

72

Contents

Symmetric Cipher Model

Substitution Techniques Shift Cipher (Caesar Cipher) Monoalphabetic Ciphers Playfair Cipher Hill Cipher Polyalphabetic Ciphers One-Time Pad

Transposition Techniques

Rotor Machines

Steganography

73

Rail Fence

The simplest transposition technique Encryption

Plaintext : meet me after the toga party

Write down as a sequence of diagonals Read off as a sequence of rows

Ciphertext : mematrhtgpryetefeteoaat Depth : 2

mematrhtgpry mematrhtgpry etefeteoaatetefeteoaat

74

A more complex scheme

To write the message in a rectangle, row by row, and read the message off column by column

n ⅹm matrix

A pure transposition cipher is easily recognized It has the same letter frequencies as the original plaintext.

key : 4 3 1 2 5 6 7plaintext : a t t a c k p o s t p o n e d u n t i l t w o a m x y zciphertext: TTNAAPTMTSUOAODWCOIXKNIYPETZ

75

A more complex scheme

The transposition cipher can be made significantly more secure by performing more than one stage of transposition. Message is re-encrypted using the same algorithm.

key : 4 3 1 2 5 6 7plaintext : t t n a a p t m t s u o a o d w c o i x k n l y p e t zciphertext: NSCYAUOPTTWLTMDNAOIEPAXTTOKZ

key : 4 3 1 2 5 6 7plaintext : a t t a c k p o s t p o n e d u n t i l t w o a m x y zciphertext: TTNAAPTMTSUOAODWCOIXKNIYPETZ

76

To visualize the result of this double transposition

Designate the letters in the original plaintext message by the numbers

designating their position.

After the first transposition

Which has a somewhat regular structure

But after the second transposition

a t t a c k p o s t p o n e d u n t i l t w o a m x y z1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28

3 10 17 24 4 11 18 25 2 9 16 23 1 8 15 22 5 12 19 26 6 13 20 27 7 14 21 28+2 +3 +4

After the first trans position we have

+1base -1 -2

17 09 05 27 24 16 12 07 10 02 22 20 03 25 15 13 04 23 19 14 11 01 26 21 18 08 06 28After the second trans position we have

77

Rotor Machine

Multiple stages of substitution

The basic principle

Set of independently rotating

cylinders

Each cylinder has 26 input pins

and 26 output pins

78

Rotor Machine If we associate each input and output

with a letter of the alphabet

A single cylinder defines a monoalp

habetic substitution

The cylinder rotates one position afte

r an encryption of a letter.

The internal connection are shifted a

ccordingly

Thus, a different monoalphabetic su

bstitution cipher is defined

79

Rotor Machine

After 26 letters, the cylinder wou

ld be back to the initial

Polyalphabetic permutation algor

ithm with period of 26

The output of one cylinder are co

nnected to the input of the next

80

Rotor Machine

The one farthest rotates one pin

position with each keystroke

For every complete rotation of

the outer cylinder, the middle

cylinder rotates one pin position

For every complete rotation of

the middle cylinder, the inner

cylinder rotates one pin position

26 ⅹ26 ⅹ 26 = 17,576

81

Rotor Machine (Cont.)

82

Steganography

Steganography conceal the existence of the message

83

STEGANOGRAPHY

A simple form of steganography For example

The sequence of first letters of each word of overall message spells out the hidden message

An example in which a subset of the words of the overall message is used to convey the hidden message

84

STEGANOGRAPHY

Classic techniques Character marking : selected letters of printed or typewritten text

are overwritten in pencil (light) Invisible ink Pin punctures : small pin punctures on selected letters (light) Typewriter correction ribbon : Used between lines typed with a black

ribbon, the results of typing with correction tape are visible only under a strong light.

85

STEGANOGRAPHY

Modern techniques Using the Least Significant Bits (LSB) of frames on a CD

For example Kodak Photo CD format’s maximum resolution is 2048 by 3072 pixels Each pixel contains 24 bits of RGB color information. LSB of each 24-bit pixel can be changed without greatly affecting the

quality of the image. The result, you can hide a 2.3-megabyte message in a single digital

snapshot

86

STEGANOGRAPHY

Drawbacks of steganography A lot of overhead to hide a relatively few bits of information Once the system is discovered, it becomes virtually worthless

Alternatively, a message can be first encrypted and then hidden using steganography

Advantage of steganography To lose the fact of parties of secret communication be discovered