Sei sulla pagina 1di 32

Introduction to

Cryptography and Security


Mechanisms

Dr Keith Martin
McCrea 349 01784 443099
keith.martin@rhul.ac.uk
Before we start…
Quiz 1
Which of the following activities can cryptography not be
used to provide in the electronic world?
A Ensuring that only an intended recipient can
obtain some information
B Ensuring that information cannot be altered
before it reaches an intended recipient
C Ensuring that a sender of some information
cannot later deny having sent the information
D Ensuring that some received information was sent
by the claimed sender

Introduction to Cryptography and Security 3


Quiz 2
Which of the following attacks is the odd one out?
A Sending a forged message
B Deleting the opening phrase of a message
C Reading a message that was not intended for you
D Intercepting a message and destroying it before it
gets to the intended recipient

Introduction to Cryptography and Security 4


Quiz 3
Under the worst-case conditions for a symmetric cipher
system, we assume that the attacker of a cipher system
has access to:
A The encryption algorithm, the encryption key, all
ciphertexts
B All ciphertexts, some plaintext/ciphertext pairs,
the decryption key
C Some plaintext/ciphertext pairs, the encryption
algorithm, all previously used decryption keys
D The encryption algorithm, all ciphertexts, some
plaintext/ciphertext pairs

Introduction to Cryptography and Security 5


Introduction to Cryptography and Security Mechanisms:

Unit 4

Historical algorithms
Dr Keith Martin
McCrea 349 01784 443099
keith.martin@rhul.ac.uk
Learning Outcomes
• Describe a number of simple historical cipher systems
• Relate a number of historical cipher system to the
basic model of a cipher system
• Appreciate the direction of historical advances in
cipher system design
• Illustrate the properties of these historical cipher
systems that make them unsuitable for modern use
• Formulate some essential basic design features for a
modern cipher system

Introduction to Cryptography and Security 7


Sections

1. Monoalphabetic ciphers
2. Historical advances

Introduction to Cryptography and Security 8


1. Monoalphabetic ciphers
Ciphers in this unit
Please note that all the ciphers in this unit are:
• Symmetric
• Operate on alphabetic characters
• Are not suitable for general modern use

However, they allow us to:


• Illustrate the basic model of a cipher system
• Learn some basic design principles

Introduction to Cryptography and Security 10


The Caesar Cipher

The Caesar Cipher is clearly unsuitable for modern


use!

Identify at least three cryptographic


weaknesses that result in the Caesar
Cipher being regarded as insecure.

Introduction to Cryptography and Security 11


The Simple Substitution Cipher

The Simple Substitution Cipher is a considerable


improvement on the Caesar Cipher

What is the main improvement?

Introduction to Cryptography and Security 12


Keyspace of the Substitution Cipher

The key space of the Simple Substitution Cipher is


approximately 4 x 1026, that is:
400 000 000 000 000 000 000 000 000
Just how big is that?

There are an estimated 10 sextillion (that’s 1022) stars in our


universe. That means that the Simple Substitution Cipher has
about 40 000 times the number of keys than there are stars in
our universe.
The key space of DES is somewhere between 1016 and 1017.
That’s a much smaller number – it’s only about 100 000 times
the number of stars in our galaxy!

Introduction to Cryptography and Security 13


Wise words

Having a large key space is necessary to prevent


an exhaustive key search, but it is not sufficient
to guarantee the security of a cipher system.

In other words (Martin Hellman’s, to be precise…)

A large key is not a guarantee of security but a


small key is a guarantee of insecurity.

Introduction to Cryptography and Security 14


Letter frequency analysis

The Substitution Cipher is broken very effectively by


letter frequency analysis

You obviously need to know some


ciphertext to conduct this attack.
Identify at least two other pieces of
information that it would be useful to know
in order to conduct an effective letter
frequency analysis of the Simple
Substitution Cipher.

Introduction to Cryptography and Security 15


Four lessons
The following four lessons can be learnt if you conduct
Exercises 2, 3, 4 and 5 for this unit.

1. The Simple Substitution Cipher leaks information


about the plaintext even before detailed letter
frequency analysis has been conducted.
2. Knowing the context of the plaintext can be
extremely important when conducting letter
frequency analysis.
3. Letter frequency analysis really works!
4. It is not necessary to determine the entire key
before being able to decrypt the ciphertext.

Introduction to Cryptography and Security 16


Unicity distance
The unicity distance of a cipher system is the number
of ciphertext letters that you need before, given a
ciphertext of that length, you can expect there to be
only one meaningful plaintext and encryption key that
could have been used to obtain that ciphertext.
The unicity distance is a value that can be calculated
from the statistical properties of the underlying plaintext
language.
For a Simple Substitution Cipher applied to English
plaintexts, the unicity distance is usually regarded as
being around 28 ciphertext letters.

Introduction to Cryptography and Security 17


Unicity distance
That’s the theory, so what about the practice?

If you have 28 ciphertext characters from a


Simple Substitution Cipher then you can be
fairly sure that there is only one matching
plaintext out there.
Can you actually find it?

Introduction to Cryptography and Security 18


Unicity distance
In theory Number of ciphertext In practice
letters

Less than about


5

Between about
5 and 27

Around 28
= unicity distance

Between
28 and about 200

More than about


200

Introduction to Cryptography and Security 19


2. Historical advances
Advances on Simple Substitution

Bearing in mind the lessons of the previous


section, identify three types of cipher
system design improvement that would
make it harder to conduct single letter
frequency analysis?

Introduction to Cryptography and Security 21


Playfair Cipher
The Playfair Cipher operates on pairs of letters (bigrams).
The key is a 5x5 square consisting of every letter except J.

Before encrypting, the plaintext must be transformed:


• Replace all J’s with I’s
• Write the plaintext in pairs of letters…
• …separating any identical pairs by a Z
• If the number of letters is odd, add a Z to the end

Introduction to Cryptography and Security 22


Playfair Cipher: Encryption
• If two plaintext letters lie in the same row then
replace each letter by the one on its “right” in
the key square
• If two plaintext letters lie in the same column
then replace each letter by the one “below” it
in the key square
• Else, replace:
– First letter by letter in row of first letter and column
of second letter in the key square
– Second letter by letter in column of first letter and
row of second letter in the key square

Introduction to Cryptography and Security 23


Playfair Cipher: Example
GLOW WORM
S T A N D
E R C H B
K F G I L GL OW WO RM
M O P Q U
V W X Y Z
IK WT TW EO

Introduction to Cryptography and Security 24


Playfair Cipher

In what way has the Playfair Cipher


defeated single letter frequency analysis?

How might you try to decrypt a ciphertext


that was encrypted using a Playfair Cipher,
without knowing the key?

Introduction to Cryptography and Security 25


English letter frequencies

Letter Number Letter Number Letter Number

A 8.167 B 1.492 C 2.782


D 4.253 E 12.702 F 2.228
G 2.015 H 6.094 I 6.966
J 0.153 K 0.772 L 4.025
M2.406 N 6.749 O 7.507
P 1.929 Q 0.095 R 5.987
S 6.327 T 9.056 U 2.758
V 0.978 W 2.360 X 0.150
Y 1.974 Z 0.074

Introduction to Cryptography and Security 26


Histogram of letter frequencies

Introduction to Cryptography and Security 27


Homophonic Coding

A modification of the Simple Substitution Cipher

The idea is to replace some plaintext letters with


different ciphertext characters in order to confuse the
ciphertext character frequency statistics.

Introduction to Cryptography and Security 28


Homophonic Coding
• A possible homophonic code is as follows:
• Use a character alphabet of 1000.
• Use our table of letter frequencies:
use 82 different characters to encode A
use 15 different characters to encode B
use 1 character to encode J, Q, Y and Z
etc.

How well do you think such a code will hold out


against single letter frequency analysis?

Do you think that such a code is suitable for adoption


in a practical environment?

Introduction to Cryptography and Security 29


Vigenère Cipher

The Vigenère Cipher illustrates another


important technique for defeating letter
frequency analysis.

What is it?

Introduction to Cryptography and Security 30


Vigenère Cipher

Make sure you understand how the Vigenère Cipher


works by conducting Exercises 6, 7, 8 and 9 for this
unit.

How would you go about breaking the


Vigenère Cipher?

Introduction to Cryptography and Security 31


Summary
• A large key space alone does not guarantee security.
• It is possible to break a cipher system without first
determining the key.
• The ciphertext produced by a cipher system should
disguise the statistics of the plaintext alphabet.
• Effective techniques for disguising plaintext statistics
include:
– Increasing the size of the plaintext alphabet
– Replacing plaintext characters with more than one different
ciphertext character
– Introducing positional dependence
but these properties alone do not guarantee security.

Introduction to Cryptography and Security 32