Introduction to Information Security

Transcription

1 Introuction to Inforation Security Lecture : Classical Ciphers Prof. Byoungcheon Lee sultan (at) joongbu. ac. kr Inforation an Counications University

2 Contents 1. History of cryptographic research. Substitution ciphers Caesar ciphers Affine ciphers Monoalphabetic substitution cipher Hoophonic substitution cipher Polyalphabetic substitution cipher Vigenere cipher Hill cipher One-tie pa 3. Transposition ciphers Transposition cipher scytale cipher 4. Prouct ciphers

3 1. History of Cryptologic Research 3

4 History of Cryptologic Research 1900BC : Non-stanar hieroglyphics 1500BC : Mesopotaian pottery glazes 50BC : Caesar cipher 1518 : Tritheius cipher book 1558 : Keys invente 1583 : Vigenere s book 1790 : Jefferson wheel 1854 : Playfair cipher 1857 : Beaufort s cipher 1917 : Friean s Riverbank Labs 1917 : Verna one-tie pas 4

5 History of Cryptologic Research 1919 : Hegelin achines 191 : Hebern achines 199 : Hill cipher 1973 : Feistel networks 1976 : Public key cryptography 1979 : Secret sharing 1985 : Zero knowlege 1990 : Differential cryptanalysis 1994 : Linear cryptanalysis 1997 : Triple-DES 1998 ~ 001 : AES 5

6 History of Cryptologic Research Perio Features Exaples Manual Crypto ancient ~ 190 Substitution Transposition Scytale Caesar Vigenere Beaufort (USA) Machine Crypto 190 ~ 1950 Using coplex achine Eniga (Gerany in n WW) M-09 (USA in n WW) Moern Crypto Coputer Crypto 1950 ~ current Using coputer Shannon s theory DES SEED AES RSA ECC KCDSA 6

7 Using Cryptologic Technology Before oern crypto : liite usage National security iploatic war Use by liite people Researche by liite people Current crypto : wiely open stanarize coerce Internet e-coerce Anyboy is using Research an evelopent by anyone 7

8 Scytale a s b c c y t e a f l g e as bc cy t ea fl ge 8

9 Eniga 9

10 Lorenz SZ4 Cipher Machine 10

11 Classical Encryption Techniques Basic builing blocks of all encryption techniques Substitution: replaceent Transposition: relocation Substitution ciphers Caesar cipher Monoalphabetic ciphers Playfair cipher Hill cipher Polyalphabetic ciphers: Vigenere cipher Verna cipher/one-tie pa: perfect cipher Transposition techniques Rotor achines: Eniga Purple 11

12 . Substitution Cipher Caesar ciphers Affine ciphers Hill cipher Monoalphabetic substitution cipher Hoophonic substitution cipher Polyalphabetic substitution cipher Vigenere cipher One-tie pa 1

13 Caesar Ciphers Julius Caesar the Roan eperor Also known as shift cipher Matheatically assign nubers to each alphabet a b c e f g h i j k... z Caesar cipher : C = E K (M) = M + K o 6 K = 3 M = D K (C) = C - K o 6 K = 3 13

14 Caesar Ciphers Define transforation as: a b c e f g h i j k... z D E F G H I J K L M N C Encryption exaple i n f o r a t i o n L Q I R U P D W L R Q Weakness Key space is too short only 6 possible keys Brute force search Exaple: Break ciphertext L ORYH LFX" 14

15 Affine Ciphers Generalization of Caesar cipher Encryption C E K gc( K 1 ( M ) K M 6) 1 1 K o 6 Decryption M D K ( C) ( C K ) K 1 1 o 6 Exaple: ecrypt the following ciphertext WZDUY ZZYQB OTHTX ZDNZD KWQHI BYQBP WZDUY ZXZDSS How? Using English character frequency analysis 15

16 English Character Frequencies Letter Frequency(%) Letter Frequency(%) Letter Frequency(%) e p 1.9 t 9.1 l 4.0 b 1.5 a 8. c.8 v 1.0 o 7.5 u.8 k 0.8 i j 0. n 6.7 w.3 x 0.1 s 6.3 f. q 0.1 h 6.1 g.0 z 0.1 r 6.0 y.0 (1) Pr(e)=0.1 () Pr(taoinshr) = 0.06 ~0.09 (3) Pr(l)=0.04 (4) Pr(cuwfgypb)= 0.015~0.03 (5) Pr(vkjxqz) <=

17 Affine Ciphers Z occurs 8 ties ETAOI??? D occurs 5 ties ETAOI??? Y occurs 4 ties ETAOI??? WQB occur 3 ties ETAOI??? Z E D T : try to solve 5 4K 3 19K K K K K 17 o 6 o 6 reject Try possible solutions until you get eaningful plaintext Exercise: try yourself 17

18 Hill Cipher e K (x) : (y 1 y y ) =(x 1 x x ) K where K is x atrix an gc(et K 6) =1 K (y) = y K -1 (Ex) K = 11 8 K -1 = x : july (ju)= (90) (ly) = (114) (90) K = (34) = (DE) (114) K = (11) = (LW) 18

19 Monoalphabetic Substitution Ciphers Exaple : 1-1 Substitution rule a b c e f g h i j k l n o p q r s t u v w x y z E G L T B N M Q P A O W C R X H I Y Z D S F J K U V Exaple : Encryption i n f o r a t i o n P R N X Y C E D P X R Key space : 6! Cryptanalysis: Using English character frequency analysis 19

20 Hoophonic Substitution Ciphers Letters which occur frequently ay be appe into ore than one letter in the ciphertext to flatten the frequency istribution. Alphabet is appe into the nubers 0 to 99 For exaple E(1.7%) A(8.%) R(6.0%) T(9.1%)

21 1 Polyalphabetic Substitution Ciphers Hie the frequency istribution by aking ultiple substitutions. Apply ifferent perutations. ) ( ) ( ) ( ) ( ) ( ) ( ) ( K E Vigenere cipher Beaufor cipher

22 Polyalphabetic Substitution Ciphers Vigenère Ciphers Multiple caesar cipher i k c c c c D i k c c c E c k k k k k i i k i i k 1 for o 6 ) ( ) ( 1 for o 6 ) ( ) ( 6 ) ( i c k c c c D i k c c c E c k k k k k i i k i i k 1 for o 6 ) ( ) ( 1 for o 6 ) ( ) ( 6 ) ( Beaufor ciphers (use in US civil war)

23 Vigenère Ciphers Look-up table for Vigenère Ciphers 평문 a b c e f g h i j k l n o p q r s t u v w x y z 키워드 A A B C D E F G H I J K L M N O P Q R S T U V W X Y Z B B C D E F G H I J K L M N O P Q R S T U V W X Y Z A C C D E F G H I J K L M N O P Q R S T U V W X Y Z A B D D E F G H I J K L M N O P Q R S T U V W X Y Z A B C E E F G H I J K L M N O P Q R S T U V W X Y Z A B C D F F G H I J K L M N O P Q R S T U V W X Y Z A B C D E G G H I J K L M N O P Q R S T U V W X Y Z A B C D E F H H I J K L M N O P Q R S T U V W X Y Z A B C D E F G I I J K L M N O P Q R S T U V W X Y Z A B C D E F G H J J K L M N O P Q R S T U V W X Y Z A B C D E F G H I K K L M N O P Q R S T U V W X Y Z A B C D E F G H I J L L M N O P Q R S T U V W X Y Z A B C D E F G H I J K M M N O P Q R S T U V W X Y Z A B C D E F G H I J K L N N O P Q R S T U V W X Y Z A B C D E F G H I J K L M O O P Q R S T U V W X Y Z A B C D E F G H I J K L M N P P Q R S T U V W X Y Z A B C D E F G H I J K L M N O Q Q R S T U V W X Y Z A B C D E F G H I J K L M N O P R R S T U V W X Y Z A B C D E F G H I J K L M N O P Q S S T U V W X Y Z A B C D E F G H I J K L M N O P Q R T T U V W X Y Z A B C D E F G H I J K L M N O P Q R S U U V W X Y Z A B C D E F G H I J K L M N O P Q R S T V V W X Y Z A B C D E F G H I J K L M N O P Q R S T U W W X Y Z A B C D E F G H I J K L M N O P Q R S T U V X X Y Z A B C D E F G H I J K L M N O P Q R S T U V W Y Y Z A B C D E F G H I J K L M N O P Q R S T U V W X Z Z A B C D E F G H I J K L M N O P Q R S T U V W X Y 3

24 Vigenère Ciphers Plaintext Keywor Ciphertext t h i s c r y p t o s y s t e i s n o t s e c S E C U R I T Y S E C U R I T Y S E C U R I T Y L L K M T Z R N L S U S J B X K A W P I K A X A M V G u S r E e C 4

25 Polyalphabetic Substitution Ciphers Cryptanalysis of polyalphabetic substitution ciphers 1. Deterine the perio. Deterine each substitution keys How to eterine the perio? 1. Kasiski etho : use repetitions in the ciphertext. Inex of coincience by Friean: copute the inex of coincience an estiate the perio Refer to 5

26 Kasiski Metho Exaple: Vigenère Ciphers key: eceptiveeceptiveeceptive plaintext: weareiscoveresaveyourself ciphertext:zicvtwqngrzgvtwavzhcqyglmgj Metho evelope by Kasiski Letter groups in ciphertext are repeate because repeate letter groups in the plaintext line up with the keywor. If letter groups repeate in ciphertext then keywor length ay be a ivisor of their separations. - in this exaple VTW is repeate in 9 letters apart - suggests size of is 3 or 9 6

27 Inex of Coincience The inex of coincience for a (cipher)text is the probability that two letters selecte fro it are ientical. It is enote I. 7

28 Inex of Coincience For a typical English ocuent I=

29 Inex of Coincience For a ranoize (ieally encrypte) ocuent I=

30 Inex of Coincience We can estiate the keywor length using the inex of coincience. k : Estiate keywor length 30

31 Inex of Coincience We can estiate the keywor length using the inex of coincience. 31

32 Inex of Coincience Exaple: Estiate the keywor length of the following istribution in ciphertext Estiate keywor length is 5 3

33 One-tie Pa (Verna cipher) Use a rano key as long as the essage size an use the key only once Unbreakable Since ciphertext bears no statistical relationship to the plaintext Since for any plaintext & any ciphertext there exists a key apping one to other Have the proble of safe istribution of key Ex) Binary alphabet P : o n e t i P : K : C : Perfect Cipher : p (x y) = p(x) for all x P y C Ipossible COA 33

34 3. Transposition Ciphers Transposition cipher Scytale cipher Rotor achines 34

35 Transposition Ciphers Rearrange characters of plaintext to prouce ciphertext Frequency istribution of the characters is not change by encryption Exaple: Encryption perutation Decryption perutation plaintext ciphertext i n f o r a t i o n s e c u r i t y x y z a b F R I M O N I N A S O T U I E T R C Y A Y B Z X 35

36 Transposition Ciphers Cryptanalysis : Perio is guesse by trying possible perios A knowlege of the ost frequent pairs an triples in a language is use with anagraing. Use language characteristics Frequent pairs on a relative scale to 10 TH : HE : 9.50 IN : 7.17 ER : 6.65 RE : 5.9 Frequent triples on a relative scale to 10 THE : AND :.81 TIO :.4 ATI : 1.67 Exercise: ecrypt the following ciphertext LDWEOHETTHSESTRUHTELOBSEDEFEIVNT 36

37 Scytale Cipher a s b c c y t e a f l g e as bc cy t ea fl ge 37

38 4. Prouct Ciphers ADFGVX Shannon SP Network 38

39 ADFGVX Prouct of substitution an perutation Substitution table Substitution result A D F G V X A f x a 9 u 1 D n g 0 l o F 5 b k h z G j s y t v V e 8 i X c w q 6 r p c o n v e n t i o n a l X A D X D A G X V G D A c r y p t o g r a p h y X A X V G G X X G V D X G V D D V X X V D X A F D A X X A F F V D G G G c XA 39

40 ADFGVX Perutation table Ciphertext C I P H E R X A D X D A G X V G D A G V V X D X D A A F D G X A X V G G X X G V D X D D X V A F X X F V G G Keywor perutation XGGDXXDX DDDDGDAG XGXFVVVV AXVAAXDX DVVAXGXF AAXGFXFG 40

41 Shannon s Proposal C. Shannon Counication Theory for Secrecy Systes 1949 Copose ifferent kin of siple an insecure ciphers to create coplex an secure cryptosystes calle prouct cipher Incorporate confusion an iffusion Substitution-Perutation Network Claue Shannon 41

42 Confusion an Diffusion Confusion (substitution) : The ciphertext statistics shoul epen on the plaintext statistics in a anner too coplicate to be exploite by the eney cryptanalyst Makes relationship between ciphertext an key as coplex as possible Diffusion (perutation) : Each igit of the plaintext shoul influence any igits of the ciphertext an/or Each igit of the secret key shoul influence any igits of the the ciphertext. Dissipates statistical structure of plaintext over bulk of ciphertext 4

43 SP Network Substitution-Perutation network Substitution (S-box) : secret key is use Perutation (P-box) : no secret key fixe topology Provie confusion an iffusion S-P networks are expecte to have Avalanche property: a single input bit change shoul force the copleentation of approxiately half of the output bits Copleteness property: each output bit shoul be a coplex function of every input bits Theoretical basis of oern block ciphers 43

44 SP Network 44

45 Kerckhoff s Principle Auguste Kerckhoff 1883 A cryptosyste shoul be secure even if everything about the syste except the key is public knowlege. Eric Rayon extens this principle in support of open source software saying "Any security software esign that oesn't assue the eney possesses the source coe is alreay untrustworthy; therefore never trust close source. The ajority of civilian cryptography akes use of publiclyknown algoriths. By contrast ciphers use to protect classifie governent or ilitary inforation are often kept secret 45

46 Hoework # 1. Design an ipleent a C progra for encryption ecryption an cryptanalysis of the affine cipher. For the cryptanalysis your progra ust not use the enueration of all possible keys but shoul use the frequency of characters to ake optial guesses about the key.. Decryption of Vigenère Ciphers. Solve the proble 9 in page 61 of the textbook. 46