security in computing cryptography (traditional ciphers)

Security in ComputingSecurity in Computing

Cryptography (Traditional Ciphers)

I.I. Substitution CiphersSubstitution CiphersA. Monoalphabetic Substitution Ciphers

1. An improvement over the Caesar cipher

2. Change/replace one symbol with another -

3. Obscures the meaning of a symbol (confusion)

4. P { a b c d e f g ……. z }C { Q W E R T Y U ……. M }

5. Each symbol in the plain alphabet P maps onto some other symbol in the cipher alphabet C

6. Effectively, we are using a 26-character key (26-letter string) corresponding to the alphabet

7. In how many ways can all the 26-character be rearranged (permutation)?

B. Brute force attack 1. Not feasible: 26! (4 x 1026 ) –

Enormous the key space;

2. At 1 nsec (billionth of a second) per solution, a computer would take ~10 billion years (1010) to try all the keys

I.I. Substitution CiphersSubstitution Ciphers

Name Number How manyMillion 1,000,000 (a thousand thousands)Billion 1,000,000,000 (a thousand millions)Trillion 1 with 12 zeros (a thousand billions)Quadrillion 1 with 15 zeros (a thousand trillions)Quintillion 1 with 18 zeros (a thousand quadrillions)Sextillion 1 with 21 zeros (a thousand Quintillions)Septillion 1 with 24 zeros (a thousand Sextillions)10 Septillion 1 with 25 zeros (10 thousand Sextillions)100 Septillion 1 with 26 zeros (100 thousand Sextillions)Octillion 1 with 27 zeros . . .Googol 1 with 100 zeros . . .

I.I. Substitution CiphersSubstitution Ciphers4 x 1026 Incomprehensible!

B. Cryptanalysis Attack

1. Basic attack takes advantage of statistical properties of English:

2. In English, e (most common letter) followed by t, o, a, n, i, etc.

3. Common two-letter combinations (digrams): th, in, er, re, an

4. Common three-letter combinations (trigrams): the, ing, and, ion


1. First, count relative frequencies of all letters in the ciphertext

2. Second, tentatively assign most common letter to e, next common one to t and so on

3. Third, find common trigrams of the form

[t ? e], strongly suggesting that ? is h

4. Fourth, check if [t h ? t] occurs frequently, suggesting that ? stands for a


C. Multiple substitutions

1. Two or more substitution ciphers used in series

2. Letters 1, 3, 5 .. encrypted under cipher (or key) 1; letter 2, 4, 6 encrypted cipher (or key) 2 etc.


3. Example

a) I THINK THAT I SHALL NEVER SEE

b) Under cipher 1: I H N T A I H L N V R E

c) Under cipher 2: T I K H T S A L E E S E

d) Cipher 1 = n + 3; cipher 2 = n + 5

e) Ciphertext 1 : L K Q W D L K O Q Y U H

f) Ciphertext 2 : Y N P M Y X F Q J J X J

g) Result: LYKNQPWMDYLXKFOQQJYJUXHJ


II.II. Transposition CiphersTransposition CiphersA. Various Types

1. Plaintext symbols are simply reordered and not replaced like substitution cipher (diffusion)

2. Each letter represents itself keeping the frequency distribution intact

3. Simple Example

a) Plaintext : CAT

b) Possible Ciphertext: { CTA, ACT, ATC, TCA, TAC }

II.II. Transposition CiphersTransposition Ciphers

B. Columnar Transposition Simple Example

1. Plaintext written in fixed-length rows, read off by columns

2. Example: SAM PLEbecomes SPALME

C. Other more complex Examples

1. Use of a key to number the columns ....

III.III. One-Time PadOne-Time Pad1. The only unbreakable cipher

(Theoretically)

2. Example

1. First, convert the plaintext message into a bit string (7-bit ASCII) e.g. “ I love you.”

I <space> l o .......

1001001 0100000 1101100 1101100 .......

III.III. One-Time PadOne-Time Pad2. Second, choose random bit string key

(key pad) with same length as the plaintext

3. Third, compute XOR (eXclusive OR) of the two strings, bit by bit

plaintext: 1 0 0 1 0 0 1 …

key pad: 1 0 1 0 0 1 0 …

Ciphertext: 0 0 1 1 0 1 1 …

IV.IV. Book CipherBook Cipher1. Similar to one-time pad

2. Uses book (poem, piece of music, newspaper) to which both sender and receiver have access

3. Starting at a predetermined place in the shared object, use the element of the object as random numbers for a on-time pad

4. Weaknesses due to predictability in written objects, possible availability of shared objects to third party

V.V. Hardware Hardware ImplementationImplementation

A. Transposition1. P-Box (Permutation Box or P-Box)

device

B. Substitution1. S-Box (Substitution Box or S-Box)

device

C. Product Cipher1. Combines P-Boxes and S-Boxes

security in computing cryptography (traditional ciphers)

Documents