Chapter 2 Basic Encryption and Decryption

1. Chapter 2Basic Encryption and Decryption

2. csci5233 computer security & integrity 2 Encryption / Decryption A: sender; B: receiver Transmission medium An interceptor (or intruder) may block, intercept, modify, or fabricate the transmission.

3. csci5233 computer security & integrity 3 Encryption / Decryption Encryption: A process of encoding a message, so that its meaning is not obvious. (= encoding, enciphering) Decryption: A process of decoding an encrypted message back into its original form. (= decoding, deciphering) A cryptosystem is a system for encryption and decryption.

4. csci5233 computer security & integrity 4 Plaintext / ciphertext P: plaintext C: ciphertext E: encryption D: decryption C = E (P) P = D (C) P = D ( E(P) )

5. csci5233 computer security & integrity 5 Cryptosystems Symmetric encryption: P = D (Key, E(Key,P) ) Asymmetric encryption: P = D (KeyD, E(KeyE,P) ) Symmetric cryptosystem: A cryptosystem that uses symmetric encryption. Asymmetric cryptosystem See Fig. 2-2 (p.23)

6. csci5233 computer security & integrity 6 Keys Use of a key provides additional security. Exposure of the encryption algorithm does not expose the future messages< as long as the key(s) are kept secret. c.f., keyless cipher

7. csci5233 computer security & integrity 7 Terminology Cryptography: The practice of using encryption to conceal text. (cryptographer) Cryptanalysis: The study of encryption and encrypted messages, with the goal of finding the hidden meanings of the messages. (cryptanalyst) Cryptology = cryptography + cryptanalysis

8. csci5233 computer security & integrity 8 Cryptanalysis A cryptanalyst may work with various data (intercepted messages, data items known or suspected to be in a ciphertext message), known encryption algorithms, mathematical or statistical tools and techniques, properties of languages, computers, and plenty of ingenuity and luck. Attempt to break a single message Attempt to recognize patterns in encrypted messages Attempt to find general weakness in an encryption algorithm

9. csci5233 computer security & integrity 9 Breakability of an encryption An encryption algorithm may be breakable, meaning that given enough time and data, an analyst could determine the algorithm. Suppose there exists 1030 possible decipherments for a given cipher scheme. A computer performs 1010 operations per second. Finding the decipherment would require 1020 seconds (or roughly 1012 years).

10. csci5233 computer security & integrity 10 Modular arithmetic A .. Z: 0 .. 25 Example: p.24 C = P mod 26

11. csci5233 computer security & integrity 11 Two forms of encryption Substitutions One letter is exchanged for another Examples: monoalphabetic substitution ciphers, polyalphabetic substitution ciphers Transpositions (= permutations) The order of the letters is rearranged Examples: columnar transpositions

12. csci5233 computer security & integrity 12 Substitutions Caesar cipher: Each letter is translated to the letter a fixed number of letters after it in the alphabet. Ci = E(Pi) = Pi + 3 Advantage: simple Weakness

13. csci5233 computer security & integrity 13 Cryptanalysis of the Caesar Cipher Exercise (p.26): Decrypt the encrypted message. Deduction based on guesses versus frequency distribution (p.28)

14. csci5233 computer security & integrity 14 Other monoalphabetic substitutions Using permutation Pi (lambda) = 25 � lambda Weakness: Double correspondence E(F) = u and D(u) = F Using a key A key is a word that controls the ciphering. p.27

15. csci5233 computer security & integrity 15 Complexity of monoalphabetic substitutions Monoalphabetic substitutions amount to table lookups. The time to encrypt a message of n characters is proportional to n.

16. csci5233 computer security & integrity 16 Frequency distribution Table 2-1 (p.29) shows the counts and relative frequencies of letters in English. Frequencies in a sample cipher: Table 2-2 (p.30) Compare the sample cipher against the normal frequency distribution: Fig. 2-4

17. csci5233 computer security & integrity 17 Polyalphabetic substitutions By combining distributions that are high with the ones that are low Using multiple substitution tables Example (p.32): table for odd positions, table for even positions

18. csci5233 computer security & integrity 18 Vigen�re Tableaux Table 2-5: p.34 Example: p.35 Exercise: Complete the encryption of the original message. Exercise: Decipher the encrypted message using the key (�juliet�)

19. csci5233 computer security & integrity 19 Cryptanalysis of Polyalphabetic substitutions The Kasiski method: a method to find the number of alphabets used for encryption Works on duplicate fragments in the ciphertext The distance between the repeated patterns must be a multiple of the keyword length

20. csci5233 computer security & integrity 20 Steps for the Kasiski method p.36 Initial find + verification using frequency distribution

21. csci5233 computer security & integrity 21 Index of coincidence A measure of the variation between frequencies in a distribution To measure the nonuniformity of a distribution To rate how well a particular distribution matches the distribution of letters in English RFreq versus Prob (p.38) Example: In the English language, RFreqa = Proba = 7.49 (from Table 2.1) In the sample cipher in Table 2-2 (p.30): RFreqa = 0 ? Proba

22. csci5233 computer security & integrity 22 Index of Coincidence Measure of roughness (or the variance): a measure of the size of the peaks and valleys (See Fig. 2-6, p.38) The var of a perfectly flat distribution = 0. The variance can be estimated by counting the number of pairs of identical letters and dividing by the total number of pairs possible Example (Given 200 letters): 60 / 100

23. csci5233 computer security & integrity 23 Index of Coincidence IC (index of coincidence): a way to approximate variance from observed data (p.39) 0.0384 (perfect) ? IC ? 0.068 (English)

24. csci5233 computer security & integrity 24 Combined use of IC with Kasiski method Bottom of p.39 All the subsets from the Kasiski method, if the key length was correct, should have distributions close to 0.068.

25. csci5233 computer security & integrity 25 Analyzing a polyalphabetic cipher Use the Kasiski method to predict the likely numbers of enciphering alphabets. Compute the IC to validate the predictions (When 1 and 2 show promises) Generate subsets and calculate IC�s for the subsets

26. csci5233 computer security & integrity 26 The �Perfect� Substitution Cipher Use an infinite nonrepeating sequence of alphabets A key with an infinite number of nonrepeating digits Examples: one-time pads, the Vernam cipher, �

27. csci5233 computer security & integrity 27 Vernam Cipher Sample function: c = ( p + random( ) ) mod 26 Example: p.42 Binary Vernam Cipher p.43: How would you decipher a ciphertext encrypted by Binary Vernam Cipher? Ans.: p = (c � random( ) ) mod 26 Example (p.42): c = 19 (�t�), random( ) = 76 p = (19-76) mod 26 = 21

28. csci5233 computer security & integrity 28 Random Number Generators A pseudo-random number generator is a computer program that generates numbers from a predictable, repeating sequence. Example: The linear congruential random number generator ri+1 = (a * ri + b) mod n Note: 12 is congruent to 2 (modulo 5), since (12-2) mod 5 = 0 Problem? Its dependability; probable word attack

29. csci5233 computer security & integrity 29 The six frequent letters P.45 A correction: (E, e) ? i How to use the table �inside out�?

30. csci5233 computer security & integrity 30 Dual-Message Entrapment P.46 Encipher two messages at once One message is real; the other is the dummy. Both the sender and the receiver know the dummy message (the key). The key cannot be distinguished from the real message.

31. csci5233 computer security & integrity 31 Summary Substitutions and permutations together form a basis for the most widely used encryption algorithms ? Chap. 3. Next: Pf, Ch 2 (part b)