Introduction CS 303 Algorithmic Number Theory and Cryptography September 4, 1997 Introduction CS 303 Algorithmic Number Theory and Cryptography Jeremy R. Johnson
KHOOR
HELLO
Introduction to Classical Cryptography September 4, 1997 Introduction to Classical Cryptography Objective: Introduction to Cryptography and Cryptanalysis Shift Cipher Substitution Cipher Attacks and adversaries Frequency analysis
Classical Cryptography Basic problem: Secure communication over an insecure channel Solution: private key encryption m E(k,m) = c D(k,c) = m Shannon provided a rigorous theory of perfect secrecy based on information theory Adversary has unlimited computational resources, but key must be as long as message
Communication Scenario Encryption key Decryption key ciphertext Alice Encrypt Decrypt Bob plaintext Eve
Shift Cipher hello all hail ceasar September 4, 1997 Shift Cipher hello all hail ceasar If he had anything confidential to say, he wrote it in cipher, that is, by so changing the order of the letters of the alphabet, that not a word could be made out. If anyone wishes to decipher these, and get at their meaning, he must substitute the fourth letter of the alphabet, namely D, for A, and so with the others. — Suetonius, Life of Julius Caesar 56
Shift Cipher m E(k,m) = c = m+k mod 26 c D(k,c) = c-k mod 26 KHOOR September 4, 1997 Shift Cipher KHOOR DOO KDLO FHDVDU a b c d e f g h i j k l m n o p q r s t u v w x y z D E F G H I J K L M N O P Q R S T U V W X Y Z A B C Key = 3 m E(k,m) = c = m+k mod 26 c D(k,c) = c-k mod 26
Possible Attacks Kerchoff’s Principle Ciphertext only Known plaintext Chosen plaintext Chosen ciphertext
Cryptanalysis of Shift Ciphers Number of keys = size of alphabet Ciphertext only Brute force Look for most frequently occurring symbol Known plaintext m + k = c (mod 26) Chosen plaintext 1 + k = c (mod 26) Chosen ciphertext m + k = 1 (mod 26)
September 4, 1997 Frequency Analysis en.wikipedia.org/wiki/Frequency_analysis_(cryptanalysis) scottbryce.com/cryptograms
War and Peace 3,223,402 Characters http://www.gutenberg.org/ebooks/2600
freq.pl infile = file(filename,'r') freq = {} count = 0 for c in string.ascii_lowercase: freq[c] = 0 for line in infile: for c in line.lower(): if c.isalpha(): freq[c] = freq[c] + 1 count = count + 1 keys = freq.keys() keys.sort() for c in keys: print "freq[" + c + "] = ",float(freq[c])/count
Substitution Cipher m E(k,m) = c = (m) c D(k,c) = -1(c) NYVVZ September 4, 1997 Substitution Cipher NYVVZ JVV NJSV RYJDJC a b c d e f g h i j k l m n o p q r s t u v w x y z J E R M Y O H N S T U V W X Z A B C D F G I K L P Q Key – bijection from {0..25} {0..25}: i (i) m E(k,m) = c = (m) c D(k,c) = -1(c)
Cryptanalysis of Substitution Ciphers Number of keys = n! where n is the size of the alphabet Ciphertext only Brute force (too expensive) Frequency analysis Known plaintext m (m) = c, for known (m,c). Partial permutation Chosen plaintext m (m) = c, m = 0..n-1 Chosen ciphertext -1(c) m, c = 0..n-1
One Time Pad Pad = b1 bn {0,1}* chosen randomly m = m1 mn E(Pad,m) = c = m Pad D(Pad,c) = c Pad = (m Pad) Pad = m m,c PrPad[E(Pad,m) = c] = 1/2n No information gained from seeing c However, E(Pad,m) E(Pad,m’) = m m’