- 117 Views
- Uploaded on
- Presentation posted in: General

Cryptanalysis

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.

- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -

Cryptanalysis

Kyle Johnson

- Comprised of both Cryptography and Cryptanalysis
- Cryptography- which is the practice and study of techniques for secure communication in the presence of third parties
- Cryptanalysis -which is the art of defeating cryptographic security systems, and gaining access to the contents of encrypted messages or obtaining the key itself.

- Fialka Cipher machine
- Used by the Soviet in the cold war era.
- Uses 10 rotors each with 30 contacts and also makes use of a punch card mechanism.

http://en.wikipedia.org/wiki/File:FIALKA-rotors-in-machine.jpg

Scytale(rhymes with Italy)

Ancient Greek device used to implement a cipher.

Vigenere square used for the Vigenere Cipher.

http://www.braingle.com/brainteasers/codes/images/scytale.gif

http://en.wikipedia.org/wiki/File:Vigen%C3%A8re_square_shading.svg

- Term given by William Friedman in 1920
- First recorded explanation in the 9th century by Al-Kindi
- A manuscript

- Blaise de Vigenereused a repeating key cipher

- Mary, Queen of Scots
- World War I, Zimmerman Telegram
- World War II, German Enigma Machine

- Total Break
- Global deduction
- Instance (local) deduction
- Information Deduction
- Distinguishing algorithm

- Ciphertext-only
- Known-plaintext
- Chosen-plaintext
- Chosen-Ciphertext

- Also known as the known-ciphertext attack
- Attacker only has a set of Ciphertexts
- Successful, plaintext or key obtained
- Used in Frequency Analysis

- Attacker has both the plaintext and ciphertext.
- Goal: get the key
- WWII: German Enigma Machine
- Length, patterns, frequency

- Plaintext: “THIS IS AN EXAMPLE OF A CIPHER”
- Ciphertext: “XLMW MW ER IBEQTPI SJ E GMTLIV”
- Try Caesar Cipher: word length pattern noticed.
- Shift-1 Plaintext: “UIJT JT BO FYBNQMF PG B DJQIFS”
- Ciphertext: “XLMW MW ER IBEQTPI SJ E GMTLIV”
- Not the same. Repeat for all possible shifts(25 times)
- Shift -4 Plaintext: “XLMW MW ER IBEQTPI SJ E GMTLIV”
- Ciphertext: “XLMW MW ER IBEQTPI SJ E GMTLIV”
- Same!
- Caesar cipher: key is shift of 4.

- Choose Plaintext to get random ciphertext
- Goal: Weaken the security, get key
- Plaintext injections
- Types of chosen-plaintext
- Batch chosen-plaintext
- Adaptive chosen-plaintext

- Chooses all of the plaintexts before they are encrypted
- This is the means of an unqualified use of this type of attack on encrypted data.

- Attacker will make a series of interactive queries
- Choosing subsequent plaintexts based on the information from the previous encryptions

- Choose ciphertext, decrypt unknown key
- Enter multiple ciphertexts
- May be both adaptive and non-adaptive
- Types of chosen-ciphertext
- Lunchtime Attack
- Adaptive chosen ciphertext

- Also known as the midnight or indifferent attack
- Attacker makes adaptive chosen-ciphertext queries up to a certain point
- Can attack computer while user at lunch.

- Attack in which ciphertexts may be chosen adaptively and after a challenge ciphertext is given to the attacker
- Ciphertext can’t be used itself
- Stronger attack than lunchtime but few practical attacks are of this form

- Frequency Analysis
- Index of Coincidence
- Kasiski Test

- Frequency of letters
- Used to solve classical ciphers
- Substitution
- Caesar

- Natural Langauge properties and patterns

- Consider this ciphertext :
- “XZJZ WI RN ZDCQLSZ MO R OJZKGZNYB RNRSBIWI”

- “XZJZ WI RN ZDCQLSZ MO R OJZKGZNYB RNRSBIWI”
- A: 0
- B: 2
- C: 1
- So on down the alphabet…

- “XZJZ WI RN ZDCQLSZ MO R OJZKGZNYB RNRSBIWI”

“XZJZ WI RN ZDCQLSZ MO R OJZKGZNYB RNRSBIWI”

“XEJE WI RN EDCQLSE MO R OJEKGENYB RNRSBIWI”

Decrypted: “HERE IS AN EXAMPLE OF A FREQUENCY ANALYSIS”

Encrypted: “XZJZ WI RN ZDCQLSZ MO R OJZKGZNYB RNRSBIWI”

- Method of attacking polyalphabetic substitution ciphers
- Deduce length of Keyword
- ‘m’ number of rows
- Identical Segments of Ciphertext, length >= 3

- Consider the following text:
- KCCPKBGUFDPHQTYAVINRRTMVGRKDNBVFDETDGILTXRGUDDKOTFMBPVGEGLTGCKQRACQCWDNAWCRXIZAKFTLEWRPTYCQKYVXCHKFTPONCQQRHJVAJUWETMCMSPKQDYHJVDAHCTRLSVSKCGCZQQDZXGSFRLSWCWSJTBHAFSIASPRJAHKJRJUMVGKMITZHFPDISPZLVLGWTFPLKKEBDPGCEBSHCTJRWXBAFSPEZQNRWXCVYCGAONWDDKACKAWBBIKFTIOVKCGGHJVLNHIFFSQESVYCLACNVRWBBIREPBBVFEXOSCDYGZWPFDTKFQIYCWHJVLNHIQIBTKHJVNPIST

- KCCPKBGUFDPHQTYAVINRRTMVGRKDNBVFDETDGILTXRGUDDKOTFMBPVGEGLTGCKQRACQCWDNAWCRXIZAKFTLEWRPTYCQKYVXCHKFTPONCQQRHJVAJUWETMCMSPKQDYHJVDAHCTRLSVSKCGCZQQDZXGSFRLSWCWSJTBHAFSIASPRJAHKJRJUMVGKMITZHFPDISPZLVLGWTFPLKKEBDPGCEBSHCTJRWXBAFSPEZQNRWXCVYCGAONWDDKACKAWBBIKFTIOVKCGGHJVLNHIFFSQESVYCLACNVRWBBIREPBBVFEXOSCDYGZWPFDTKFQIYCWHJVLNHIQIBTKHJVNPIST
- Trigram HJV

- KCCPKBGUFDPHQTYAVINRRTMVGRKDNBVFDETDGILTXRGUDDKOTFMBPVGEGLTGCKQRACQCWDNAWCRXIZAKFTLEWRPTYCQKYVXCHKFTPONCQQRHJVAJUWETMCMSPKQDYHJVDAHCTRLSVSKCGCZQQDZXGSFRLSWCWSJTBHAFSIASPRJAHKJRJUMVGKMITZHFPDISPZLVLGWTFPLKKEBDPGCEBSHCTJRWXBAFSPEZQNRWXCVYCGAONWDDKACKAWBBIKFTIOVKCGGHJVLNHIFFSQESVYCLACNVRWBBIREPBBVFEXOSCDYGZWPFDTKFQIYCWHJVLNHIQIBTKHJVNPIST
- Trigram HJV : differences (δ) = 18, 138, 54, 12

- Trigram HJV : differences (δ) = 18, 138, 54, 12
- Greatest common denominator: m = 6 , length of the keyword is 6.

- Comparing 2 partials of same ciphertext
- Ciphertext coincidences same in Plain Text
- Used to help solve Vigenerecipher.
- Check if two texts are in the same language, dialect

- Consider the text from the Kasiski Test:
- And the length of the keyword m = 6

- And the length of the keyword m = 6
- Index of coincidence requires one to break the ciphertext up into the m number of rows. Each with as similar number of letters as possible.

- Index of coincidence requires one to break the ciphertext up into the length (m) number of rows. Each with as similar number of letters as possible.
- y1= KGQNGVGGTGCQWAWQHNJEPJTKQFWAP…
- y2= CUTRRFIUFEKCCKRKKCVTKVRCDRSFR…
- y3= CFYRKDLDMGQWRFPYFQAMQDLGZLJSJ…
- y4= PDATDETDBLRDXTTVTQJCDASCXSTIA…
- Y5= KPVMNTXKPTANILYXPRUMYHVZGWBAH…
- Y6= BHIVBDROVGCAZECCOHWSHCSQSCHSK…
- It comes out to look something like this (not full rows)
- The index of coincidence is denoted as
- =

- Consider x = “abaaabcda”
- So as you can see there are 5:a, 2:b, 1:c, 1:d, 9 in total
- =

- Consider x = “abaaabcda”
- So as you can see there are 5:a, 2:b, 1:c, 1:d, 9 in total
- =
- Using the above equation we find that
- = =

- For English text the index of coincidences is approximately .o66
- The index of coincidence for the previous example:
- m = 1: 0.041
- m = 2: 0.038, 0.047
- m = 3: 0.056, 0.048, 0.048
- m = 4: 0.037, 0.042, 0.037, 0.050
- m = 5: 0.043, 0.043, 0.031, 0.035, 0.043
- m = 6: 0.063, 0.084, 0.049, 0.065, 0.042, 0.071
- m = 7: 0.031, 0.044, 0.043, 0.038, 0.044, 0.044, 0.041

- Since the values are closest to .066 where m = 6 it is the appropriate choice for the keyword length.

- Brute-Force Attack
- Boomerang Attack
- Linear cryptanalysis
- Brute-Force Attack
- Boomerang Attack
- Linear cryptanalysis

- Brute-Force with permutations per second
- bits takes < 1 nanosecond
- bits takes ~4.25 minutes
- bits takes ~150 trillion years
- bits takes ~ years

- The NSA has developed, due to an enormous breakthrough, the ability to cryptanalyze unfathomably complex encryption systems
- This includes those developed by other governments but as well as average computer users in the US
- The NSA is known for its mathematical breakthroughs in cryptanalysis especially differential cryptanalysis