classical cryptography 1. introduction: some simple cryptosystems
Post on 19-Dec-2015
252 views
TRANSCRIPT
Classical Cryptography
1. Introduction: Some Simple Cryptosystems
p2.
Outline [1] Introduction: Some Simple Cryptosystems
<1> The Shift Cipher <2> The Substitution Cipher <3> The Affine Cipher <4> The Vigenère Cipher <5> The Hill Cipher <6> The Permutation Cipher <7> Stream Ciphers
[2] Cryptanalysis <1> Cryptanalysis of the Affine Cipher <2> Cryptanalysis of the Substitution Cipher <3> Cryptanalysis of the Vigenère Cipher <4> Cryptanalysis of the Hill Cipher <5> Cryptanalysis of the LFSR Stream Cipher
p3.
Introduction: Some Simple Cryptosystems
[1] Introduction
Alice encrypter decrypter
Bob
Oscar
secure channel
key source
x x
K
y
p4.
Introduction: Some Simple Cryptosystems
Definition 1.1: A cryptosystem is a five-tuple (P,C,K,E,D) satisfies
P is a finite set of possible plaintexts C is a finite set of possible ciphertexts K, the keyspace, is a finite set of possible keys For each K∈K, there is an encryption rule eK∈E and
a corresponding decryption rule dK∈D
dK(eK(x))=x for every plaintext x∈P
CP :Ke
PC:Kd
p5.
Introduction: Some Simple Cryptosystems
Definition 1.2: a and b are integers, m is a positive integer
congruence: a≡b (mod m) if m divides b-a
Zm: the set {0,1,…,m-1}
with 2 operations + and ☓ 10+20=4 in Z26 (10+20 mod 26=4) 10 20=18 in Z☓ 26 (10 20 mod 26=18)☓
p6.
Introduction: Some Simple Cryptosystems
<1> Shift Cipher Cryptosystem 1.1: Shift Cipher
P = C =K = Z26
K, x, y ∈Z26
eK(x)=(x+K) mod 26 dK(y)=(y-K) mod 26
A B C D E F G H I J K L M
0 1 2 3 4 5 6 7 8 9 10 11 12
N O P Q R S T U V W X Y Z
13 14 15 16 17 18 19 20 21 22 23 24 25
p7.
Introduction: Some Simple Cryptosystems
eg.: Suppose K=11 Plaintext: student Ciphertext: DEFOPZE
plaintexts t u d e n t
18
19
20
3 413
19
+K 3 4 514
15
25
4
ciphertext D E F O P Z E
p8.
Introduction: Some Simple Cryptosystems
<2> Substitution Cipher Cryptosystem 1.2: Substitution Cipher
P=C=Z26
K: all possible permutations of the 26 symbols For each ∈K
e(x)=(x) d(y)=-1(y)
where -1 is the inverse permutation to
p9.
Introduction: Some Simple Cryptosystems
eg.:
Plaintext: student Ciphertext: VMUSHSM
x a b C d e f g h i j k l m
e(x) X N Y A H P O G Z Q W B T
x n o p q r s t u v w x y z
e(x) S F L R C V M U E K J D I
p10.
Introduction: Some Simple Cryptosystems <3> Affine Cipher
Theorem 1.1: ax≡b (mod m) has a unique solution x∈Zm for every b∈Zm iff gcd(a,m)=1
Definition 1.3: Suppose a≥1 and m≥2 are integers a and m are relatively prime if gcd(a,m)=1 (m): the number of integers in Zm that are relativel
y prime to m
Theorem 1.2: Suppose
n
i
eiipm
1
n
i
ei
ei
ii ppm1
1)()(
p11.
Introduction: Some Simple Cryptosystems
Definition 1.4: Suppose a∈Zm
a-1 mod m: the multiplicative inverse of a modulo m aa-1≡a-1a≡1 (mod m)
Cryptosystem 1.3: Affine Cipher P = C = Z26
K={(a,b) ∈Z26 Z☓ 26 : gcd(a,26)=1} For K=(a,b)∈K ; x, y∈Z26
eK(x)=(ax+b) mod 26 dK(y)=a-1(y-b) mod 26
p12.
Introduction: Some Simple Cryptosystems
e.g.: Suppose K=(7,3) 7-1 mod 26 = 15 Plaintext: student Ciphertext: ZGNYFQG
eK(x)=(7x+3) mod 26
dK(y)=15(y-3) mod 26
plaintexts t u d e n t
18 1920
3 4 13 19
eK(x) 25 613
24 5 16 6
ciphertext Z G N Y F Q G
p13.
Introduction: Some Simple Cryptosystems
<4> Vigenère Cipher Cryptosystem 1.4: Vigenère Cipher
m: a positive integer P = C = K = (Z26)m
For a key K=(k1,k2,…,km) eK(x1,x2,…,xm)=(x1+k1,x2+k2,…,xm+km) dK(y1,y2,…,ym)=(y1-k1,y2-k2,…,ym-km)
p14.
Introduction: Some Simple Cryptosystems
e.g.: Suppose m=4 and K=(2,8,15,7) Plaintext: student Ciphertext: UBJKGVI
plaintexts t u d e n t
18
19
20
3 413
19
+K 2 815
7 2 815
ciphertext 20
1 910
621
8
p15.
Introduction: Some Simple Cryptosystems
<5> Hill Cipher Definition 1.5: Suppose A=(ai,j) is an m m matrix☓
Ai,j: the matrix obtained from A by deleting the ith row and the jth column
det A: the determinant of A m=1: det A=a1,1
m>1: for any fixed i
A*=(a*i,j): the adjoint matrix of A
a*i,j=(-1)i+jdet Aj,i
m
jjiji
ji AaA1
,, det)1( det
p16.
Introduction: Some Simple Cryptosystems
Theorem 1.3: Suppose K=(ki,j) is an m m invertible mat☓rix over Zn
K-1=(det K)-1K*
e.g.:
det K=11 7-8 3 mod 26=1☓ ☓
K-1=(det K)-1K*=
73
811K
73
811 32,1 K
1123
187*K
1123
187
p17.
Introduction: Some Simple Cryptosystems
Cryptosystem 1.5: Hill Cipher M ≥ 2 is an integer P = C = (Z26)m
K = {m m invertible matrices over Z☓ 26} For a key K
eK(x)=xK dK(y)=yK-1
where K-1 is the inverse of K
p18.
Introduction: Some Simple Cryptosystems
e.g.:
Plaintext: GOD (6 14 3) Ciphertext: WTJ (22 19 9)
3425
16223
171521
,
1198
21143
125101KK
91922
1198
21143
12510
3146
p19.
Introduction: Some Simple Cryptosystems
<6> Permutation Cipher Cryptosystem 1.6: Permutation Cipher
m is a positive integer P = C = (Z26)m
K consist of all permutations of {1,…,m} For a key(a permutation)
e(x1,…,xm)=(x(1),…,x(m))
where -1 is the inverse permutation to
),...,(),...,()()1(1 11 mm yyyyd
p20.
Introduction: Some Simple Cryptosystems
e.g.: Suppose m=6 Plaintext: CYBERFORMULA Ciphertext: BRCFEYMLOAUR
x 1 2 3 4 5 6
(x)
3 5 1 6 4 2
plaintext C Y B E R F O R M U L A
ciphertext B R C F E Y M L O A U R
p21.
Introduction: Some Simple Cryptosystems <7> Stream Ciphers
Block ciphers
Plaintext string x =x1x2 … (each xi is a plaintext) Ciphertext string y =y1y2… = eK(x1)eK(x2) …
Stream ciphers
Plaintext string x =x1x2 … Generate a keystream (by using some K) z =z1z2 … Ciphertext string y =y1y2… = ez1(x1)ez2(x2) …
p22.
Introduction: Some Simple Cryptosystems
Definition 1.6: A synchronous stream cipher is a tuple (P,C,K,L,E,D) with a function g
P : a finite set of possible plaintexts C : a finite set of possible ciphertexts K : a finite set of possible keys L : a finite set called the keystream alphabet g: the keystream generator
Input: K g generates an infinite string z1z2…
p23.
Introduction: Some Simple Cryptosystems
Definition 1.6 (cont.) For each z∈L, there is an encryption rule ez∈E and
a corresponding decryption rule dZ∈D
dz(ez(x))=x for every plaintext x∈P
CP :Ke
PC:Kd
p24.
Introduction: Some Simple Cryptosystems
Vigenère Cipher can be defined as a synchronous stream cipher
K = (Z26)m
P = C = L = Z26
ez(x)=(x+z) mod 26 dz(y)=(y-z) mod 26 Keystream z1z2… = k1k2..km k1k2..km k1k2..km …
1 if
1 if
miz
mikz
mi
ii
p25.
Introduction: Some Simple Cryptosystems
Keystream can be produced efficiently in hardware using a LFSR (Linear Feedback Shift Register)
k1 would be tapped as the next keystream bet k2,…km would each be shifted 1 stage to the left The new value of km would be
this is “linear feedback“ (see Figure 1.2) This system is modulo 2
1
01
m
jjjkc
p26.
Introduction: Some Simple Cryptosystems
e.g.: in Figure 1.2,suppose K=(1,0,0,0) c0=1, c1=1, c2=0, c3=0 The keystream is
100010011010111…
k1 k2 k3 k4
+Figure 1.2
p27.
Introduction: Some Simple Cryptosystems
Non-synchronous stream cipher: Each keystream element zi depends on previous pl
aintext or ciphertext elements
Cryptosystem 1.7: Autokey Cipher P = C = K = L = Z26
z1=K, zi=xi-1 for all i>1 For x, y, z ∈Z26
ez(x)=(x+z) mod 26 dz(y)=(y-z) mod 26
p28.
Introduction: Some Simple Cryptosystems
e.g.: Suppose K=8 Plaintext: student Ciphertext: ALNXHRG
plaintexts t u d e n t
18
19
20
3 413
19
keystream 818
19
20
3 413
ciphertext0
11
13
23
717
6
A L N X H R G