t215b communication and information technologies (ii) session 3 block 4 protecting and prying arab...

Arab

Ope

n U

nive

rsity

- Sp

ring

2013

T215BCommunication andinformation technologies (II)

Session 3

Block 4Protecting and prying 1

Arab

Ope

n U

nive

rsity

- Sp

ring

2013

Session Outline

• Part 5: Encryption• Introduction • Encryption: basic concepts • Breaking a cipher• Building stronger ciphers

2

Arab

Ope

n U

nive

rsity

- Sp

ring

2013

1. Introduction [1]• This part of the block is about the encryption of data and how

it can be used to prevent unauthorised people from having access to private information so both the ‘protecting’ and ‘prying’ themes of this block are featured here.

• The data that we need to protect and the opportunities available for prying into that data have already undergone a dramatic change over the last three or four decades and are likely to continue to do so at an accelerated rate.

• We live in a world where it becomes increasingly difficult to conduct many legal, financial or commercial transactions without sending personal details over electronic communication links.

3

Arab

Ope

n U

nive

rsity

- Sp

ring

2013

1. Introduction [2]• For many people online transactions are an increasingly

important means of conducting normal ‘citizenship’ activities such as renewing a television or motor vehicle licence and transferring bank or building society funds.

• It’s also become much quicker, easier and cheaper to collect, store, analyse and transmit data, but it’s all too easy to allow this data to ‘leak’ – sometimes with serious consequences.

• High-profile security breaches that may occur could be prevented by implementing appropriate protection measures.• ONE SUCH MEASURE IS ENCRYPTION. • Encryption is a method of altering data in a systematic way

such that it can be restored to its original form by those ‘in the know’.

4

Arab

Ope

n U

nive

rsity

- Sp

ring

2013

1. Introduction [3]

• Some encryption techniques have been around for hundreds, even thousands, of years the Caesar cipher • But the real shift in encryption techniques over the last

few decades has come about because now we have computers that can do the hard work of trying to break a code and, of course, they can do it much more quickly than a human can. • This means that the encryption techniques employed

have had to become far more complex and sophisticated.

5

Arab

Ope

n U

nive

rsity

- Sp

ring

2013

1. Introduction [4]

• The fundamental building block of all modern security systems is encryption. • Encryption provides mechanisms for:• confidentiality – keeping things secret• authentication – ensuring that the identities of people

and things are correct• integrity – ensuring that data has not been tampered

with

• This part of the block is designed to give an insight into encryption methods. 6

Arab

Ope

n U

nive

rsity

- Sp

ring

2013

2. Encryption: basic concepts [1]

• Reminder: Encryption is a process by which information is changed in some systematic way so as to hide its content from everyone except its intended recipient.

• The branch of science concerned with this concealment of information is known as cryptology, a word that has its roots in Greek from kryptos (hidden) and logos (word).

• Cryptology is the study of codes and ciphers, and divides into two branches: cryptography, the science of creating codes and ciphers, and cryptanalysis, the science of breaking them.

• Cryptographers make a distinction between the terms ‘codes’ and ‘ciphers’, though in practice the two are often used interchangeably.

7

Arab

Ope

n U

nive

rsity

- Sp

ring

2013


• In its pure sense, a code replaces whole words, phrases or groups of symbols with alternatives (or code words).

• The purpose of creating a code is not always for secrecy. • Often a code is used simply as an abbreviation or used to

provide an alternative way of communicating information.• Two examples are ASCII and Morse code:• ASCII: (American Standard Code for Information Interchange)

• This is used when storing and transmitting data, and uses only two different coding symbols (usually referred to as 1 and 0).

• Morse code: a standard for substituting groups of long and short pulses (or groups of dots and dashes) for letters• It has been used extensively in telegraphy because of its resistance to

corruption from other signals during transmission, and because of its efficiency.

8

Arab

Ope

n U

nive

rsity

- Sp

ring

2013


• A code is the output of an encoding process (the reverse is decoding) and generally relies on sets of look-up tables (codebooks) for the conversion processes. • When used for secrecy, the code becomes

useless if the look-up tables fall into the wrong hands.

9

Arab

Ope

n U

nive

rsity

- Sp

ring

2013


• A cipher, on the other hand, is the output of an operation that either replaces data symbols with alternative symbols, or rearranges existing symbols.

• In both cases the operation is done in a systematic way, following some set rules.

• A cipher is almost always created for reasons of secrecy. • Encryption is the process of transforming data (known as

plaintext) into a cipher (known as ciphertext). • Decryption reverses the process by transforming ciphertext

back into plaintext.

10

Arab

Ope

n U

nive

rsity

- Sp

ring

2013


• There are two basic methods for creating a cipher:• One is to take a symbol (or a group of symbols) in the plaintext

and manipulate it in a systematic way to produce a different symbol (or group of symbols), which becomes the ciphertext. • The substituted symbols in the ciphertext appear in exactly the same

order as the original versions in the plaintext. A cipher created using this approach is known as a substitution cipher.

• The second method is to ‘scramble’ the order of the symbols in some systematic way. • Using this approach, the symbols remain unchanged between

plaintext and ciphertext, but the ordering of those symbols changes. A cipher created using this approach is known as a transposition cipher. In effect, the ciphertext is an anagram of the plaintext. 11

Arab

Ope

n U

nive

rsity

- Sp

ring

2013

2.1 A simple substitution cipher: the Caesar cipher [1]• One of the earliest recorded and best known ciphers was used

by Julius Caesar in the 1st century BC and has since become known as the Caesar cipher.

• This is also one of the simplest of substitution ciphers.• One of the methods Caesar used to preserve the

confidentiality of a message was to substitute each letter in his message with the letter three places further forward in the alphabet. • This is an example of the systematic manipulation.

• Thus the letter ‘a’ would be substituted by the letter ‘d’, the letter ‘b’ by the letter ‘e’, and so on.

12

Arab

Ope

n U

nive

rsity

- Sp

ring

2013

2.1 A simple substitution cipher: the Caesar cipher [2]• Example: using this method, the word ‘acme’ becomes

DFPH. • But what if I wanted to encrypt the word ‘zenith’ using

the Caesar cipher? • The letter ‘z’ is the final letter of the alphabet.

• The solution is to jump back to the letter ‘a’ and continue the count as if the letters of the alphabet were arranged in a circle ‘zenith’ then becomes CHQLWK.• Study note: When giving examples of encryption, a

convention often used is to show plaintext in lower case and ciphertext in UPPER CASE. 13

Arab

Ope

n U

nive

rsity

- Sp

ring

2013

2.1 A simple substitution cipher: the Caesar cipher [3]• When Augustus Caesar succeeded Julius Caesar, he

changed the shift from 3 to 2, producing different ciphertext from a given plaintext. • Indeed the choice of the shift is arbitrary; any shift of 1

to 25 would work equally as well, though of course the intended recipient for the encrypted text would need to know the choice in order to carry out the decryption process.• The circular nature of the Caesar cipher can be exploited

to produce a simple encryption tool known as a cipher wheel.

14

Arab

Ope

n U

nive

rsity

- Sp

ring

2013

2.1 A simple substitution cipher: the Caesar cipher [4]

15

Arab

Ope

n U

nive

rsity

- Sp

ring

2013

2.1 A simple substitution cipher: the Caesar cipher [5]• The wheel is made up of two discs, one slightly smaller than

the other.• The alphabet is written around the circumference of both discs

and the discs are fitted together at their centres in such a way that one can be rotated relative to the other, so any letter on the outer wheel can be aligned with any letter on the inner wheel.

• Both the sender and the recipient need their own cipher wheel.

• The starting point for its use is with the wheels set so that each letter on the outer wheel is aligned with the corresponding letter on the inner wheel.

• The sender and recipient first agree on the number of shifts.16

Arab

Ope

n U

nive

rsity

- Sp

ring

2013

2.1 A simple substitution cipher: the Caesar cipher [6]• When an encryption method can be carried out

systematically by following some sort of set pattern or procedure, such a procedure is known as an algorithm. • When the algorithm includes a variable that can be

altered to produce a different outcome, the variable is called a key. • So here we can say that Julius Caesar used a key of 3 and

Augustus Caesar a key of 2. • Figure 5.3 (next slide) gives a graphical representation of

the use of the encryption algorithm and the encryption key in the encryption process.

17

Arab

Ope

n U

nive

rsity

- Sp

ring

2013

2.1 A simple substitution cipher: the Caesar cipher [7]

18

Arab

Ope

n U

nive

rsity

- Sp

ring

2013

2.2 Mathematical representation [1]

• Modern communication systems use computers to process messages and computers do not work with letters but with numbers.

• In this section, we show how the Caesar cipher can be represented as a numerical algorithm that can be processed by a computer.

• Another way of looking at Caesar cipher (cipher wheel) is that the alphabet on each disc is arranged rather like the numbers on a clock face but using letters instead.

• In fact, if we were to represent each letter of the alphabet as a number, it would look a little like a clock with 26 different numbers rather than the 12 we’re used to.

19

Arab

Ope

n U

nive

rsity

- Sp

ring

2013


• To represent this mathematically we use “Modular arithmetic” • Modular arithmetic operates with a limited set of integers

(integers are all the positive and negative whole numbers, including zero).

• The number of integers in the set is known as the modulus.• Using the clock example, with a conventional 12-hour clock

the modulus is 12; for a 24-hour clock, the modulus would be 24; in our alphabet example for the Caesar cipher, the modulus is 26.

• Whatever mathematical operation we perform on these integers, the result must always be less than the modulus. 20

Arab

Ope

n U

nive

rsity

- Sp

ring

2013


• Explanation of Modular Arithmetic:• Let’s assume we want to move forward eight hours from ten o’clock

using the 12-hour clock, how can we implement this?• Mathematicians have a special way of expressing a calculation like this

by saying that:10 + 8 modulus 12 is congruent to 6 modulus 12.

• In other words: First add the two left-hand integers together in the conventional way:

10 + 8 = 18• If the result is equal to or greater than the modulus, subtract the

modulus from the result, repeating the subtraction as necessary until the result is less than the modulus

18 − 12 = 6• Now express the answer as a congruence modulus 12:

10 + 8 ≡ 6 mod 12

21

Arab

Ope

n U

nive

rsity

- Sp

ring

2013


• Now we apply the same method to calculations for encryption using the Caesar cipher.

• First we convert the letters of the alphabet to numbers so that we can operate on them mathematically.

• We convert ‘a’ to 0, ‘b’ to 1, ‘c’ to 2 right through to ‘z’ to 25 as shown below.

22

Arab

Ope

n U

nive

rsity

- Sp

ring

2013


• Why we have chosen to set ‘a’ to 0 rather than to 1?• This is because the result of any calculation in modular

arithmetic must always be less than the modulus. So if we had set ‘a’ to 1 and therefore ‘z’ to 26, 26 would be an invalid result.

• NOW, to encrypt the letter ‘z’ with a Caesar cipher using a key (shift) of 3 would give:

25 + 3 ≡ 2 mod 26• The letter ‘c’ is represented by the number 2, so ‘z’ encrypts

to C.

23

Arab

Ope

n U

nive

rsity

- Sp

ring

2013


• Modular arithmetic can be expressed in general terms by using letters in place of numbers.

• Conventionally the modulus is expressed as n, and within the context of encryption:• p is used to represent the plaintext (the unencrypted text)• c is used to represent the ciphertext (the encrypted text)• K is used to represent the key.

• So, the general algorithm for the encryption process using modular addition becomes:

p + K ≡ c mod n24

Arab

Ope

n U

nive

rsity

- Sp

ring

2013

2.3 Decrypting the Caesar cipher [1]

• Using the cipher wheel the decryption process simply involves displacing the outer wheel clockwise a number of places corresponding to the agreed key and translating each ciphertext letter shown on the inner wheel to its equivalent plaintext letter on the outer wheel.• Using Julius Caesar’s version of the cipher this would require a

clockwise displacement of three places. • This would be just the same as displacing the outer wheel 23

places in an anticlockwise direction.an anticlockwise displacement of 23 (or 26 − 3) is the equivalent

of a clockwise displacement of 3.Thus 3 and 23 form a complementary pair

25

Arab

Ope

n U

nive

rsity

- Sp

ring

2013


• In general terms, keys are signified by K for the encryption key and (read as K bar) for the decryption key.

• Mathematically the decryption algorithm would be expressed as:

p ≡ c + mod 26

• Activity 5.3 (self-assessment): What are the decryption keys for the Caesar cipher with encryption keys of:• 10• 15• 7

26

Arab

Ope

n U

nive

rsity

- Sp

ring

2013


• Note that in practice one key is so easy to derive from the other that effectively they can be regarded as a single key. • So if we know the encryption key we also know the

decryption key, or we can decrypt the ciphertext by reversing the encryption algorithm. • Encryption systems like this are known as symmetric key

systems because effectively only a single key is involved in the encryption and decryption processes.

27

Arab

Ope

n U

nive

rsity

- Sp

ring

2013

2.4 A simple transposition cipher [1]

• A transposition cipher is, in effect, an anagram of the plaintext. • But for an anagram to be classed as a cipher, it must have been

created in some systematic way using a method that can be shared with the intended recipient so that it can be decrypted.

• There are many ways this systematic process can be done.• One way to create the transposition is to use a matrix of cells and

to write the message a letter at a time in sequential cells across the matrix.

• Encryption is performed by reordering the columns of the matrix in some systematic way and then reading off the result to produce the ciphertext.

• This kind of cipher is known as a columnar transposition cipher.28

Arab

Ope

n U

nive

rsity

- Sp

ring

2013


• A possible approach to this task is for the sender and receiver to agree on a codeword and a way to reorder the letters in the keyword into an anagram.

• Let’s say that the codeword is Tuesday and the agreed transposition is to reverse the order of the letters (YADSEUT) and then swap pairs of letters, starting at the right-hand end to produce the anagram YDAESTU.

• The number of letters in the keyword dictates the number of columns in the matrix, and the plaintext is entered into each of the columns (with the keyword at the top) a letter at a time working across the rows.

• Any empty places in a row can be padded with redundant letters (the ‘x’ in my example).

29

Arab

Ope

n U

nive

rsity

- Sp

ring

2013


• Columnar Transposition Cipher:

30

Arab

Ope

n U

nive

rsity

- Sp

ring

2013


• The columns are then reordered according to the keyword anagram.

• The ciphertext is given by reading back the letters from the reordered matrix.

31

Arab

Ope

n U

nive

rsity

- Sp

ring

2013


• Thus, in example, the message: “Mary had a little lamb its fleece was white as snow” is encrypted as: “DHARYMAETLITALSITMBLAWCEEEFLEITWHASXOWSNAS”

32

Arab

Ope

n U

nive

rsity

- Sp

ring

2013


• There are many variations of transposition ciphers. • One of the earliest recorded originated in Sparta in the 5th century

BC. • It used a wooden pole (or staff) known as a “scytale” • A strip of parchment or leather was wound around the pole so that

it formed a sleeve. • The message was written in rows along the length of the sleeve so

that when it was unwound the letters of the message were transposed into a different order.

• To reconstruct the original message a pole of the correct diameter was needed.

33

Arab

Ope

n U

nive

rsity

- Sp

ring

2013

3. Breaking a cipher [1]• The act of breaking (or cracking) a cipher is to derive the

plaintext from the ciphertext without knowledge of the key (and often without knowledge of the encryption algorithm).

• The strength of a cipher is measured by how long it takes to break it.

• Notice that we said ‘how long it takes to break it’ and NOT ‘whether it can be broken’.

• Potentially all known ciphers except one are thought to be breakable ! (We will talk about the one exception later)

• Often, though, the time and effort required to break a cipher is not justified by the value of the information retrieved.

• Also, the cipher may take so long to break that by the time the information is retrieved it has lost its value, for example by being out of date.

34

Arab

Ope

n U

nive

rsity

- Sp

ring

2013

3. Breaking a cipher [2]• Ciphers that are described as strong are those that take a long

time to break, but they also tend to be more difficult to use. • Weak ciphers, on the other hand, are quicker to break but are

usually also quite easy to use. • It’s worth bearing in mind that the use of any cipher has an

overhead in terms of time and processing demands, so the choice of cipher will usually be determined by the value of the information it is designed to protect.

• In this section, we will describe two of the main approaches to breaking a cipher: • Brute force attack • Linguistic analysis 35

Arab

Ope

n U

nive

rsity

- Sp

ring

2013

3.1 Brute force attack [1]• Imagine that you have a bunch of keys and you know that one of

them (but not which one) will unlock the door to a room you wish to enter.

• The obvious thing to do is to try every key in the lock in turn. • If you are lucky, the first one you try will open the door. • If you are unlucky it may be the last one.

The probability is that you will only have to try half of them before you find one that fits.• A similar method to this can be used to break a cipher using a

known algorithm. • For example, if you have a ciphertext message that you know has

been encrypted using the simple Caesar cipher described earlier, how many keys would you need to try before you could be certain of finding the right one?

The answer is 26, since there are 26 possible keys that could be used with this algorithm.

36

Arab

Ope

n U

nive

rsity

- Sp

ring

2013

3.1 Brute force attack [2]• The number of possible key combinations for a particular

algorithm is known as its key space.• This method of trying all possible combinations in a key

space is known as a brute force attack. • Clearly the time taken to break a cipher by this method alone

is directly proportional to the key space. • The Caesar cipher has a very small key space and so can be

broken very quickly.• This idea of a brute force attack can be applied to

transposition ciphers as well as substitution ciphers. This might require testing every permutation of the possible transpositions until the correct one is found. 37

Arab

Ope

n U

nive

rsity

- Sp

ring

2013

3.1 Brute force attack [3]

• Activity 5.5: How many different arrangements would be possible using the seven letters of the word ‘article’?• Sol: • Each letter in the word ‘article’ appears only once. • Taking one letter at a time, the first can appear in any

of the seven positions; the second in any of the 6 remaining positions; the third in any of the five remaining positions; and so on. • This gives a total possible number of combinations of

7! = 7 × 6 × 5 × 4 × 3 × 2 × 1 = 504038

Arab

Ope

n U

nive

rsity

- Sp

ring

2013

3.1 Brute force attack [4]• From Activity 5.5, working through all possible 5040

permutations using a pencil and paper would take quite a long time to do. • However, a computer would be able to yield the correct

answer in a fraction of a second!• For example: Let’s estimate this for a computer that could

perform one thousand billion calculations every second, that is 1000 × 1 000 000 000 or 1 × • So to perform 5000 = 5 × calculations would take roughly:

= 5 × Seconds = 5 nanoseconds.

39

Arab

Ope

n U

nive

rsity

- Sp

ring

2013


• Activity 5.6: Using a computer that can perform calculations a second, roughly how long would it take to try all possible permutations of:

(a) 10 different letters(b) 15 different letters(c) 20 different letters.

40

Arab

Ope

n U

nive

rsity

- Sp

ring

2013


• Activity 5.6 – Sol. :

41

Arab

Ope

n U

nive

rsity

- Sp

ring

2013


• If we were to repeat the calculation for a transposition cipher of 26 different letters , we would find that it would take the computer some 12.7million years to try all the possible combinations!

• This is not to say that it would be necessary to work through all the possible permutations until the correct one was found.

• The probability of getting the correct plaintext at the first try is 1 in 26! (or 1 in about 4 × )• Important note: the number of possible permutations

to crack a transposition cipher depends on the content of the message.

42

Arab

Ope

n U

nive

rsity

- Sp

ring

2013


• A transposition cipher is incapable of encrypting a string of identical characters and weak when there are long blocks of identical characters within the string. • This is quite a serious flaw in situations where there is a

requirement to encrypt long strings of machine code, or binary representations of non-text data (such as pictures) that can have long blocks of identical symbols. • However, given text with normal language

characteristics, a transposition cipher can be strong against a brute force attack.

43

Arab

Ope

n U

nive

rsity

- Sp

ring

2013

3.2 Linguistic analysis [1]• A second approach to cipher breaking is to attempt to exploit any

linguistic patterns inherited from the plaintext. (This, of course, is only applicable to encrypted messages with a textual content.)

• All written languages exhibit characteristic patterns. • For example, in written English the letter ‘q’ is almost always

followed by a ‘u’ and certain pairs of letters (known as digraphs) are more likely to appear together than others: ‘th’ is common as are ‘ea’, ‘of’, and ‘st’.

• Some identical letters can often appear together, for example ‘ee’, ‘oo’, ‘tt’, but seldom ‘uu’ or ‘hh’.

• Furthermore, there is a higher probability of certain letters appearing than other letters• The most common letter is ‘e’, followed by ‘t’, ‘a’ and ‘o’. Sources

disagree on the exact ordering of probability, but most will identify ‘etaoin’ as the order of the six most frequent letters.

44

Arab

Ope

n U

nive

rsity

- Sp

ring

2013

3.2 Linguistic analysis [2]

45

Arab

Ope

n U

nive

rsity

- Sp

ring

2013


46

Arab

Ope

n U

nive

rsity

- Sp

ring

2013


47

Arab

Ope

n U

nive

rsity

- Sp

ring

2013

3.2 Linguistic analysis [5]• A ciphertext sequence can also be analysed for letter

frequency. • If the analysis shows a curve similar to Figure 5.8 or Figure 5.9

(depending on how the results are ordered) then there is a strong possibility that the most frequently occurring ciphertext letters will correspond to their equivalents in standard English text.

• Activity 5.7 (exploratory): Figure 5.10(a) (Next Slide) shows the results of letter frequency analysis of a sample of ciphertext. For comparison, Figure 5.10(b) shows the standard written English letter frequency. Does the ciphertext exhibit a pattern similar to standard English letter frequencies? If so, what assumptions could you make about the cipher? 48

Arab

Ope

n U

nive

rsity

- Sp

ring

2013


49

Arab

Ope

n U

nive

rsity

- Sp

ring

2013

3.2 Linguistic analysis [7]• Activity 5.7 – Comment: • We can see some very clear similarities between the two graphs. • The plots between R and Z in Figure 5.10(a) show a similar pattern to

the plots between A and I in Figure 5.10(b). • Likewise there are similarities in the sections between B and G and I

and P in Figure 5.10(a) with the corresponding sections between K and P and R and Y in Figure 5.10(b).

• In fact, if the top plot was shifted to the left by 17 places the result would look very similar to the standard English plot.

• Since the top plot exhibits a similar letter frequency pattern to standard English, it is reasonable to assume that the cipher was created using a simple substitution cipher where the ordering of the letters was preserved in the ciphertext but their identity was changed.

The guess would be that the cipher used was a simple Caesar cipher with a key of 17.

50

Arab

Ope

n U

nive

rsity

- Sp

ring

2013

3.2 Linguistic analysis [8]• We have focused on exploiting the linguistic patterns in written text

to break substitution ciphers. • But the same linguistic patterns can prove useful for breaking

simple transposition ciphers too. • In a transposition cipher, the positions of the letters change but

their identity remains the same so, for example, there will be the same frequency of the letter “E” in the ciphertext as there is in the plaintext.

• Given a long enough sample of transposition ciphertext, frequency analysis can provide a useful starting point for the cryptanalyst.

• If the results indicate a match with standard letter frequencies then the ciphertext is most likely the result of a transposition cipher.

• This knowledge points to various analytical techniques to help break the cipher, exploiting the kind of patterns we discussed.

51

Arab

Ope

n U

nive

rsity

- Sp

ring

2013

4. Building stronger ciphers [1]

• From the discussion above, two desirable characteristics emerge for strong ciphers:• a very large key space• a weak association with the linguistic patterns in the

plaintext.

• This section looks at how ciphers can be designed to address these requirements.

52

Arab

Ope

n U

nive

rsity

- Sp

ring

2013

4.1 Increasing the key space [1]

• Using the simple Caesar cipher, the maximum key length is 26. • But what if instead we modified the encryption algorithm to

encrypt letters as pairs (digraphs) instead of singly?• Since each single letter represents one of 26 possibilities, each

pair of letters would represent one of 26 × 26 = giving 676 different possibilities; • So the use of digraphs provides a means of increasing the key

space.

53

Arab

Ope

n U

nive

rsity

- Sp

ring

2013


• This is how it works: • The numerical equivalent of the first letter in the pair is multiplied

by 26 and then the numerical equivalent of the second letter in the pair is added to it.

• Thus, using the coding scheme given below, where p is set to 15 and b is set to 1, the digraph pb would be encoded as

(15 × 26) + 1 = 391

54

Arab

Ope

n U

nive

rsity

- Sp

ring

2013


• Activity 5.10: Using the method described above, calculate the coded value for the first letter pair in the word ‘zenith’.

• Sol.:• Using digraphs the word ‘zenith’ would be treated as three

separate letter pairs: ze ni th. • The first of these is the pair ‘ze’.• Using the scheme in Figure 5.11, ‘z’ has the code 25 and ‘e’ has

the code 4.• So the letter pair ‘ze’ is coded as (25 × 26) + 4 = 654

55

Arab

Ope

n U

nive

rsity

- Sp

ring

2013


• Process of encrypting the digraph ‘ze’ using modular arithmetic: Using digraphs for coding and encrypting alphabetic symbols:• (a) what value would be used for the modulus?• SOL. - (a): As you saw earlier, a coded digraph can take one of a

possible 26 × 26 = 676 different combinations. So the modulus would be 676.

• (b) what values could be chosen for the key?• SOL. -(b): The key can be any number from 0 to 675

56

Arab

Ope

n U

nive

rsity

- Sp

ring

2013

4.1 Increasing the key space [5]• Let’s select the key 347 so for the encryption algorithm:• the plaintext p = 654 (this is the numerical value of the digraph ‘ze’)• the modulus n = 676.• So: c ≡ 654 + 347 = 1001, but this result is not permitted in modular

arithmetic with a modulus of 676. • So we need to subtract 676 from 1001 and express the result as the

remainder:c ≡ 325 mod 676

• The next step is to convert 325 into the equivalent digraph to derive the ciphertext.

• First we divide the numerical value for the ciphertext by 26:325 ÷ 26 = 12.5

• The whole number part of this is 12 which, according to the coding scheme of Figure 5.11, equates to the letter M.

• The 12 accounts for 12 × 26 = 312 of the original code of 325, leaving a remainder of 13, which equates to the letter N.

• So the plaintext digraph ‘ze’ is encrypted as MN.

57

Arab

Ope

n U

nive

rsity

- Sp

ring

2013

4.2 Weakening the linguistic association [1]• The Caesar cipher uses a monoalphabetic substitution. • This means that the key remains constant so the plaintext

letter ‘e’, for example, will always be encrypted as the same ciphertext symbol.

• This means that the ciphertext inherits the linguistic patterns of the plaintext, making it susceptible to letter frequency and other linguistic analysis.

• One way to decouple from the linguistic patterns of the plaintext is to encrypt with a cipher that uses a succession of different keys.

• The Vigenère cipher provides an example of how this can be achieved. 58

Arab

Ope

n U

nive

rsity

- Sp

ring

2013

4.2 Weakening the linguistic association [2]• The Vigenère cipher uses a key known as a running key, which

is generated by a keyword. • Example: Let’s use the keyword ‘jupiter’.• Using the convention of assigning a numerical value to each letter

following the pattern ‘a’ = 0, ‘b’ = 1, ‘c’ = 2, and so on (see Figures 5.5 and 5.11), ‘jupiter’ would produce a key sequence of 9, 20, 15, 8, 19, 4, 17.

• This provides a succession of different keys that can be used over and over again in the same sequence.

• Each symbol in the plaintext is encrypted using the next key in the sequence.

• Here we will encrypt a fragment of the proverb ‘a stitch in time saves nine’ using the simple Caesar cipher with a running key derived from the keyword ‘jupiter’

59

Arab

Ope

n U

nive

rsity

- Sp

ring

2013

4.2 Weakening the linguistic association [3]

60

Arab

Ope

n U

nive

rsity

- Sp

ring

2013

4.3 An unbreakable cipher [1]• A solution that addresses the running key length vulnerability of the

Vigenère cipher is to use a key that is identical in length to the plaintext, and to use it only once.

• Encryption based on this method is known as one-time pad encryption.

• This is how the method works:• A random key (the pad) is generated that is at least as long as the

plaintext message to be encrypted• Two copies of the pad are required – one is used by the sender to

encrypt the message and one by the recipient to decrypt it. • Once it has been used both copies must be destroyed.

• When properly applied, the one-time pad is the only known truly unbreakable cipher.

• The random nature of the pad (key) means that the ciphertext has no linguistic association whatsoever with the original plaintext and so cannot be broken by analysis or brute force.

61

Arab

Ope

n U

nive

rsity

- Sp

ring

2013

4.3 An unbreakable cipher [2]• One-time pads have been successfully used in the past, mostly

for high-level diplomatic exchanges. • But a one-time pad is not a practical cipher for use in modern

communication technologies.

62