Real scripts backgrounder 3 - Polyalphabetic encipherment - XOR as a cipher - RSA algorithm. David Morgan

Similar documents
Final Exam Math 105: Topics in Mathematics Cryptology, the Science of Secret Writing Rhodes College Tuesday, 30 April :30 11:00 a.m.

NET 311D INFORMATION SECURITY

Classical Cryptography

1/16 2/17 3/17 4/7 5/10 6/14 7/19 % Please do not write in the spaces above.

COMP424 Computer Security

Number theory (Chapter 4)

Integers and Division

Public Key Cryptography

CPE 776:DATA SECURITY & CRYPTOGRAPHY. Some Number Theory and Classical Crypto Systems

Discrete Mathematics GCD, LCM, RSA Algorithm

Lemma 1.2. (1) If p is prime, then ϕ(p) = p 1. (2) If p q are two primes, then ϕ(pq) = (p 1)(q 1).

CIS 551 / TCOM 401 Computer and Network Security

Cryptography. pieces from work by Gordon Royle

The Vigenère cipher is a stronger version of the Caesar cipher The encryption key is a word/sentence/random text ( and )

CPSC 467b: Cryptography and Computer Security

An Introduction to Cryptography

5199/IOC5063 Theory of Cryptology, 2014 Fall

Cryptography. P. Danziger. Transmit...Bob...

10 Modular Arithmetic and Cryptography

Implementation Tutorial on RSA

Lecture Notes. Advanced Discrete Structures COT S

Encryption: The RSA Public Key Cipher

University of Regina Department of Mathematics & Statistics Final Examination (April 21, 2009)

Security Issues in Cloud Computing Modern Cryptography II Asymmetric Cryptography

Sol: First, calculate the number of integers which are relative prime with = (1 1 7 ) (1 1 3 ) = = 2268

Introduction to Cybersecurity Cryptography (Part 5)

Public Key Algorithms

CODING AND CRYPTOLOGY III CRYPTOLOGY EXERCISES. The questions with a * are extension questions, and will not be included in the assignment.

Asymmetric Encryption

ECE 646 Lecture 5. Motivation: Mathematical Background: Modular Arithmetic. Public-key ciphers. RSA keys. RSA as a trap-door one-way function

Number Theory & Modern Cryptography

RSA RSA public key cryptosystem

19. Coding for Secrecy

Jay Daigle Occidental College Math 401: Cryptology

Ti Secured communications

Public Key Cryptography. All secret key algorithms & hash algorithms do the same thing but public key algorithms look very different from each other.

Public-key Cryptography and elliptic curves

Chapter 8 Public-key Cryptography and Digital Signatures

Written examination. Tuesday, August 18, 2015, 08:30 a.m.

Cryptography CS 555. Topic 2: Evolution of Classical Cryptography CS555. Topic 2 1

Theme : Cryptography. Instructor : Prof. C Pandu Rangan. Speaker : Arun Moorthy CS

CSCI3381-Cryptography

RSA. Ramki Thurimella

Public Key 9/17/2018. Symmetric Cryptography Review. Symmetric Cryptography: Shortcomings (1) Symmetric Cryptography: Analogy

monoalphabetic cryptanalysis Character Frequencies (English) Security in Computing Common English Digrams and Trigrams Chapter 2

1 Number Theory Basics

Mathematical Foundations of Public-Key Cryptography

8.1 Principles of Public-Key Cryptosystems

Powers in Modular Arithmetic, and RSA Public Key Cryptography

Public Key Cryptography

CRYPTOGRAPHY AND NUMBER THEORY

Public-key Cryptography and elliptic curves

MATH3302 Cryptography Problem Set 2

Polyalphabetic Ciphers

ECE 646 Lecture 5. Mathematical Background: Modular Arithmetic

Great Theoretical Ideas in Computer Science

Number Theory. Modular Arithmetic

Public-Key Encryption: ElGamal, RSA, Rabin

Number Theory in Cryptography

Exam Security January 19, :30 11:30

Introduction to Cybersecurity Cryptography (Part 4)

THE UNIVERSITY OF CALGARY FACULTY OF SCIENCE DEPARTMENT OF COMPUTER SCIENCE DEPARTMENT OF MATHEMATICS & STATISTICS MIDTERM EXAMINATION 1 FALL 2018

Introduction to Cybersecurity Cryptography (Part 4)

A block cipher enciphers each block with the same key.

Review. CS311H: Discrete Mathematics. Number Theory. Computing GCDs. Insight Behind Euclid s Algorithm. Using this Theorem. Euclidian Algorithm

Introduction. What is RSA. A Guide To RSA by Robert Yates. Topics

CSc 466/566. Computer Security. 5 : Cryptography Basics

MONOALPHABETIC CIPHERS AND THEIR MATHEMATICS. CIS 400/628 Spring 2005 Introduction to Cryptography

Cosc 412: Cryptography and complexity Lecture 7 (22/8/2018) Knapsacks and attacks

Mathematical Foundations of Cryptography

ICS141: Discrete Mathematics for Computer Science I

Number Theory: Applications. Number Theory Applications. Hash Functions II. Hash Functions III. Pseudorandom Numbers

1/18 2/16 3/20 4/17 5/6 6/9 7/14 % Please do not write in the spaces above.

Cryptography 2017 Lecture 2

Introduction to Modern Cryptography. Benny Chor

Lecture Notes. Advanced Discrete Structures COT S

MATHEMATICS EXTENDED ESSAY

Clock Arithmetic and Euclid s Algorithm

Introduction to Cryptography

Private-key Systems. Block ciphers. Stream ciphers

Discrete mathematics I - Number theory

5. Classical Cryptographic Techniques from modular arithmetic perspective

The RSA cryptosystem and primality tests

Candidates must show on each answer book the type of calculator used. Only calculators permitted under UEA Regulations may be used.

10 Public Key Cryptography : RSA

Week 7 An Application to Cryptography

Akelarre. Akelarre 1

CS March 17, 2009

Solutions for week 1, Cryptography Course - TDA 352/DIT 250

Chapter 11 : Private-Key Encryption

CSCI3390-Lecture 16: Probabilistic Algorithms: Number Theory and Cryptography

Asymmetric Cryptography

Chapter 4 Asymmetric Cryptography

Topics in Cryptography. Lecture 5: Basic Number Theory

Notes. Number Theory: Applications. Notes. Number Theory: Applications. Notes. Hash Functions I

CS483 Design and Analysis of Algorithms

Lecture 12: Block ciphers

An Introduction to Probabilistic Encryption

Cryptography and RSA. Group (1854, Cayley) Upcoming Interview? Outline. Commutative or Abelian Groups

Cryptanalysis on An ElGamal-Like Cryptosystem for Encrypting Large Messages

Transcription:

Real scripts backgrounder 3 - Polyalphabetic encipherment - XOR as a cipher - RSA algorithm David Morgan

XOR as a cipher

Bit element encipherment elements are 0 and 1 use modulo-2 arithmetic Example: 1 0 0 0 1 1 0 1 1 1 0 0 1 1 1 0 0 1 1 0 1 1 1 0 message stream key stream 0 1 1 0 1 0 1 1 0 0 1 0 resulting ciphertext

XOR - frequent appearances http://en.wikipedia.org/wiki/xor_cipher XOR is often the operation when the data is binary

Binary XOR operation XORing a bit with 1 inverts it XORing a bit with 0 leaves it alone XORing with 1: 1 XOR 1 is 0 0 XOR 1 is 1 XORing with 0: 1 XOR 0 is 1 0 XOR 0 is 0

XOR is mod2 addition XORing with 1: 1 XOR 1 is 0 0 XOR 1 is 1 XORing with 0: 1 XOR 0 is 1 0 XOR 0 is 0 same thing adding 1 mod2: 1 + 1 = 10 0 0 + 1 = 1 adding 0 mod2: 1 + 0 = 1 0 + 0 = 0

XOR twice with same bit leaves input as is by inverting twice (if XORing with 1) changes it, changes it back, or by inverting never (if XORing with 0) XORing twice with 1: 1 XOR 1 is 0 0 XOR 1 is 1 0 XOR 1 is 1 1 XOR 1 is 0 XORing twice with 0: 1 XOR 0 is 1 1 XOR 0 is 1 0 XOR 0 is 0 0 XOR 0 is 0 or: ( A XOR B ) XOR B = A

double XOR = alteration & restoration input: 11000000 10101000 00000100 00000001 XOR with: 10111110 01001010 10111001 00001101 result: 01111110 11100010 10111101 00001100 above result: 01111110 11100010 10111101 00001100 again with: 10111110 01001010 10111001 00001101 above input: 11000000 10101000 00000100 00000001

XOR becomes a symmetric stream cipher plaintext: 11000000 10101000 00000100 00000001 key: 10111110 01001010 10111001 00001101 ciphertext: 01111110 11100010 10111101 00001100 ciphertext: 01111110 11100010 10111101 00001100 same key: 10111110 01001010 10111001 00001101 plaintext: 11000000 10101000 00000100 00000001

XOR operation XORing key with plaintext yields ciphertext (that s called encryption) XORing key with ciphertext yields plaintext (that s called decryption) and also XORing plaintext and ciphertext yields key

If key is random, so is ciphertext plaintexta: 11000000 10101000 00000100 00000001 keya: 10111110 01001010 10111001 00001101 ciphertext: 01111110 11100010 10111101 00001100 plaintextb: 01010110 11101010 00100001 01101001 keyb: 00101000 00001000 10011100 01100101 ciphertext: 01111110 11100010 10111101 00001100 The (single) ciphertext shown is representative of both plaintexts, given the corresponding key. A key can be constructed to convert any plaintext to this same ciphertext. Attacker must ask which key was actually used, to arrive at the actual plaintext. If key is produced randomly, he has no basis to choose any particular key therefore none to choose the actual one.

For unbreakability keystream must be as long as the plaintext keystream elements must be random same keystream must never be re-used possession of 2 ciphertexts from same keystream facilitates recovering it same keystream must be shared by encryptor and decryptor

One-time pad this technique is called one-time pad (sometimes one-time tape or one-time key) random keystreams were written on paper pads each sheet to be used, torn off, and destroyed paper tapes were used later it is the only unbreakable cipher unless misued Soviet codes broken due to pad/keystream re-use (Venona project) http://users.telenet.be/d.rijmenants/en/onetimepad.htm

XOR based one-time pad XOR needs a random stream producer rc4 is (nearly) that

rc4 a stream cipher rc4 serves as a keystream machine, an endless font of utility data "RC4 generates a pseudorandom stream of bits (a keystream). As with any stream cipher, these can be used for encryption by combining it with the plaintext" http://en.wikipedia.org/wiki/rc4"

How to achieve keystream sharing physically secure hand delivery rc4 keystream reproducible on demand with a given key don t share the keystream, share the key that produces it shifts (and reduces) the keystream distribution problem to a key distribution problem

Polyaphabetic encipherment

Demo trying to thwart frequency analysis plain text exhibits letter frequency patterns monoalphabetic substitution preserves patterns polyalphabetic substitution destroys them

Occurrence of English letters

Occurrence of letters: Gettysburg address http://www.mtholyoke.edu/courses/quenell/s2002/crypto/js/count.html

Occurrence of letters: Gettysburg address thru Caesar cipher (monoalphabetic) Letters changed but statistical pattern preserved

Occurrence of letters: Gettysburg address thru differently sequenced* monoalphabetic cipher *the substitution mapping, unlike that of Caesar cipher, doesn t preserve the letters in the same sequence as that of the alphabet. They re all there, but in reassigned positions. This mapping was: bdfhjlnprtvxzacegikmoqsuwy e became j, t became m, etc (seen in both the mapping and the chart)

Polyalphabetic* * ciphering Vigenere table, mod26 arithmetic helper encrypt - take plaintext letter in the column header, key letter in row header. Ciphertext letter at intersection. decrypt - take key letter in the row header, find ciphertext letter in that row. Plaintext letter at that column's header. *use many alphabets-- different ones for determining what to substitute for each letter in the plaintext. Without resequencing letters, there are 25 other alphabets readily available. How many alphabets exist, altogether, if we do allow resequencing? 26*25*24* = 26! = 4.03 x 10 26 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z A A B C D E F G H I J K L M N O P Q R S T U V W X Y Z B B C D E F G H I J K L M N O P Q R S T U V W X Y Z A C C D E F G H I J K L M N O P Q R S T U V W X Y Z A B D D E F G H I J K L M N O P Q R S T U V W X Y Z A B C E E F G H I J K L M N O P Q R S T U V W X Y Z A B C D F F G H I J K L M N O P Q R S T U V W X Y Z A B C D E G G H I J K L M N O P Q R S T U V W X Y Z A B C D E F H H I J K L M N O P Q R S T U V W X Y Z A B C D E F G I I J K L M N O P Q R S T U V W X Y Z A B C D E F G H J J K L M N O P Q R S T U V W X Y Z A B C D E F G H I K K L M N O P Q R S T U V W X Y Z A B C D E F G H I J L L M N O P Q R S T U V W X Y Z A B C D E F G H I J K M M N O P Q R S T U V W X Y Z A B C D E F G H I J K L N N O P Q R S T U V W X Y Z A B C D E F G H I J K L M O O P Q R S T U V W X Y Z A B C D E F G H I J K L M N P P Q R S T U V W X Y Z A B C D E F G H I J K L M N O Q Q R S T U V W X Y Z A B C D E F G H I J K L M N O P R R S T U V W X Y Z A B C D E F G H I J K L M N O P Q S S T U V W X Y Z A B C D E F G H I J K L M N O P Q R T T U V W X Y Z A B C D E F G H I J K L M N O P Q R S U U V W X Y Z A B C D E F G H I J K L M N O P Q R S T V V W X Y Z A B C D E F G H I J K L M N O P Q R S T U W W X Y Z A B C D E F G H I J K L M N O P Q R S T U V X X Y Z A B C D E F G H I J K L M N O P Q R S T U V W Y Y Z A B C D E F G H I J K L M N O P Q R S T U V W X Z Z A B C D E F G H I J K L M N O P Q R S T U V W X Y

Occurrence of letters: Gettysburg address thru polyalphabetic ciphers Each time you remap a letter: shift mapping alphabet fwd 1 letter, or shift mapping alphabet back 1 letter, or randomly generate a whole new one Letters changed and statistical pattern destroyed

RSA

Several algorithms with public-key properties RSA ElGamal DSA Rivest, Shamir, Adelman; MIT Taher ElGamal, Netscape NSA, NIST

RSA key generation steps 1. choose 2 primes call them p, q 2. multiply them call product n 3. multiply their predecessors (p-1,q-1) call product φ 4. pick some integer call it e between 1 and φ (exclusive) sharing no prime factor with φ 5. find the integer (there s only one) that call it d times e divided by φ leaves 1 then your keys are: public: e together with n (e is for encryption ) private: d together with n (d is for decryption )

Encrypting with public key {e,n} ( c = m e mod n ) 1. choose a cleartext message call it m in the form of a number less than n 2. raise it to power e 3. divide that by n call remainder c then your ciphertext result is c

Decrypting with private key {d,n} ( m = c d mod n ) 1. take ciphertext c 2. raise it to power d 3. divide that by n call remainder r then your recovered result is r r is identically the original cleartext message m

How will we do keygen step 4? 1. choose 2 primes easy 2. multiply them easy 3. multiply their predecessors (p-1,q-1) easy 4. pick some integer e not easy between 1 and φ (exclusive) sharing no prime factor with φ 5. find the integer d (there s only one) that not easy times e divided by φ leaves 1 then your keys are: public: e together with n (e is for encryption ) private: d together with n (d is for decryption )

Numbers sans common prime factor numbers whose gcd * is 1 will do find x such that gcd(x, φ)=1 how do we find gcd of 2 numbers Euclid s algorithm * greatest common divisor

How will we do keygen step 5? 1. choose 2 primes easy 2. multiply them easy 3. multiply their predecessors (p-1,q-1) easy 4. pick some integer e not easy between 1 and φ (exclusive) sharing no prime factor with φ 5. find the integer d (there s only one) that not easy times e divided by φ leaves 1 then your keys are: public: e together with n (e is for encryption ) private: d together with n (d is for decryption )

Successively test candidates multiply each integer, from 1, by e divide by φ check if remainder is 1 keep going till you find the one that is

RSA key generation example 1. choose 2 primes p=5 q=11 2. multiply them n=55 3. multiply their predecessors (p-1,q-1) φ=40 4. pick some integer e=3 between 1 and φ (exclusive) sharing no prime factor with φ 5. find the integer (there s only one) that d=27 times e divided by φ leaves 1 then your keys are: public: e together with n 3, 55 private: d together with n 27, 55

Encrypting with public key {e,n} ( c = m e mod n ) e = 3 n = 55 1. choose a cleartext message m=7 in the form of a number less than n 2. raise it to power e 7 3 =343 3. divide that by n 343 = 55x6+13 then your ciphertext result is c c=13

Decrypting with private key {d,n} ( m = c d mod n ) d = 27 n = 55 1. take ciphertext c 13 2. raise it to power d 13 27 =1192533292512492016559195008117 3. divide that by n 1192533292512492016559195008117 = 55 x 2497646399408352339319763167 + 7 then your recovered result is r r=7 r is identically the original cleartext message m

How to encrypt messages? RSA doesn t encrypt messages only individual numbers but all digital data is numeric so split arbitrary data into small-enough bit blocks, then treat them individually how? any way it can be done, doesn t matter in theory up to you

Blocking data - possibility 1 RED APPLE = 826968326580807669 use 3-decimal-digit blocks separately encrypt: 826 968 326 580 807 669 be prepared for maximum ~ 999 minimum φ 1000, eg p=31 q=37

Blocking data - possibility 2 ABC = 01000001 01000010 01000011 use 12-bit blocksize separately encrypt: 010000010100 001001000011 be prepared for maximum 4096 minimum φ 4097, eg p=67 q=71

Some considerations RSA key size refers to n p and q should be about equal length but not extremely close (eg avoid successive primes) larger key, slower operation double n pubkey ops 2x slower, privkey 4x e can stay fixed while n rises, but d up proportionately practical keylengths, 1024 or 2048 bits RSA and DES per-keylength security comparisons apples and oranges http://www.emc.com/emc-plus/rsa-labs/standards-initiatives/how-large-a-key-should-be-used.htm

Info sources - RSA RSA and A Miniature RSA Example http://www.informit.com/articles/article.aspx?p=102212&seqnum=4 Exploring RSA Encryption, Linux Journal http://www.linuxjournal.com/article/6695

2024 © sciencedocbox.com Privacy Policy | Terms of Service | Feedback