Vernam Cipher Project Preliminaries CSC112 March 14, 2011 Oskars J. Rieksts Computer Science Department Kutztown University
2008Kutztown University2 Early/Simple Examples Early/Simple Examples Steganography Steganography Caesar cipher Caesar cipher Substitution cipher Substitution cipher Transposition cipher Transposition cipher Vigenere cipher Vigenere cipher Vernam cipher Vernam cipher
2008Kutztown University3 Steganography Merriam-Webster: The art or practice of concealing a message, image, or file within another message, image, or file Merriam-Webster: The art or practice of concealing a message, image, or file within another message, image, or file from Greek »steganos = covered »grafo = write Histiaeus – tyrant of Miletus Histiaeus – tyrant of Miletus shaved head of most trusted slave tattooed a message hair grew back covering message Advantage – does not draw attention to Advantage – does not draw attention to itself messenger recipient Often combined with cryptography Often combined with cryptography
2008Kutztown University4 Steganography Example You may have seen the TV show – In Plain Sight –which is based entirely on the federal witness protection program. The show is about people who have testified or will be testifying soon as witnesses in criminal cases but whose lives are in danger as a result. For their protection they are given new identities and are moved to a new community. Ergo they are all hidden “in plain sight”. And if you think this would not work, according to the U.S. Marshalls extant website, no program participant who follows security guidelines has ever been harmed while under the active protection of the Marshals Service.
2008Kutztown University5 Caesar Cipher Example of a shift cipher Example of a shift cipher Encryption – forward shift by 3 Decryption – backward shift by 3 Shift ciphers Shift ciphers Private key Symmetric key Key = shift amount Keyspace = 25 Plain text – IHAVEASECRET Plain text – IHAVEASECRET Cipher text – LKDYHDVHFUHW Cipher text – LKDYHDVHFUHW
2008Kutztown University6 Caesar Cipher – Example L KDYH D GUHDP WKDW RQH GDB WKLV QDWLRQ ZLOO ULVH XS DQG OLYH RXW WKH WUXH PHDQLQJ RI LWV FUHHG: "ZH KROG WKHVH WUXWKV WR EH VHOI-HYLGHQW: WKDW DOO PHQ DUH FUHDWHG HTXDO." L KDYH D GUHDP WKDW RQH GDB RQ WKH UHG KLOOV RI JHRUJLD WKH VRQV RI IRUPHU VODYHV DQG WKH VRQV RI IRUPHU VODYH RZQHUV ZLOO EH DEOH WR VLW GRZQ WRJHWKHU DW WKH WDEOH RI EURWKHUKRRG. L KDYH D GUHDP WKDW RQH GDB HYHQ WKH VWDWH RI PLVVLVVLSSL, D VWDWH VZHOWHULQJ ZLWK WKH KHDW RI LQMXVWLFH, VZHOWHULQJ ZLWK WKH KHDW RI RSSUHVVLRQ, ZLOO EH WUDQVIRUPHG LQWR DQ RDVLV RI IUHHGRP DQG MXVWLFH. L KDYH D GUHDP WKDW PB IRXU OLWWOH FKLOGUHQ ZLOO RQH GDB OLYH LQ D QDWLRQ ZKHUH WKHB ZLOO QRW EH MXGJHG EB WKH FRORU RI WKHLU VNLQ EXW EB WKH FRQWHQW RI WKHLU FKDUDFWHU. L KDYH D GUHDP WRGDB.
2008Kutztown University7 Substitution Cipher Randomly generated substitution Randomly generated substitution Example Example A F B K C D D J etc. Characteristics Characteristics Private & symmetric key Monoalphabetic Key = alphabet of substitutions Keyspace = 26!
2008Kutztown University8 Substitution Cipher – Analysis Keyspace = 26! = = 4.03 x Keyspace = 26! = = 4.03 x But other factors make it insecure But other factors make it insecure Letter frequency N-grams Strong elimination coefficient With patience, can be decoded by hand Plain text – BOOKKEEPINGROCKS Plain text – BOOKKEEPINGROCKS Cipher text – JXXTTZZDOYBEXATU Cipher text – JXXTTZZDOYBEXATU
2008Kutztown University9 Substitution Cipher – Example HPFAIFJZIFYTPFTUVIJFBTPHWVFTHUVGHXXZHWIEMFVJXHAIUETTPITZ EIYIFVHVNUCHTWDZIIJGIPUXJTPIWITZETPWTUKIWIXCIAHJIVTTPFT FXXYIVFZIDZIFTIJIOEFXHPFAIFJZIFYTPFTUVIJFBUVTPIZIJPHXXWUC NIUZNHFTPIWUVWUCCUZYIZWXFAIWFVJTPIWUVWUCCUZYIZWXFA IUGVIZWGHXXKIFKXITUWHTJUGVTUNITPIZFTTPITFKXIUCKZUTPIZP UUJHPFAIFJZIFYTPFTUVIJFBIAIVTPIWTFTIUCYHWWHWWHMMHFWT FTIWGIXTIZHVNGHTPTPIPIFTUCHVREWTHDIWGIXTIZHVNGHTPTPIPI FTUCUMMZIWWHUVGHXXKITZFVWCUZYIJHVTUFVUFWHWUCCZIIJU YFVJREWTHDIHPFAIFJZIFYTPFTYBCUEZXHTTXIDPHXJZIVGHXXUVIJ FBXHAIHVFVFTHUVGPIZITPIBGHXXVUTKIREJNIJKBTPIDUXUZUCTPI HZWSHVKETKBTPIDUVTIVTUCTPIHZDPFZFDTIZHPFAIFJZIFYTUJFBH PFAIFJZIFYTPFTUVIJFBJUGVHVFXFKFYFGHTPHTWAHDHUEWZFDHW TWGHTPHTWNUAIZVUZPFAHVNPHWXHMWJZHMMHVNGHTPTPIGUZ JWUCHVTIZMUWHTHUVFVJVEXXHCHDFTHUVUVIJFBZHNPTTPIZIHV FXFKFYFXHTTXIKXFDSKUBWFVJKXFDSNHZXWGHXXKIFKXITURUH VPFVJWGHTPXHTTXIGPHTIKUBWFVJGPHTINHZXWFWWHWTIZWFVJ KZUTPIZWHPFAIFJZIFYTUJFBHPFAIFJZIFYTPFTU
2008Kutztown University10 Transposition Cipher Generate permutation of n objects Generate permutation of n objects Transpose letters Transpose letters Permutation of 0 through 7 Permutation of 0 through 7 6 – 3 – 7 – 1 – 4 – 8 – 5 – 2 Yields value transposition Yields value transposition 1 6 1 6 2 3 2 3 3 7 3 7 4 1 4 1 5 4 5 4 6 8 6 8 7 5 7 5 8 2 8 2
2008Kutztown University11 Transposition Cipher – Example Cipher text Cipher text TYTSNHOAGTGERLUSHATEUAGNTIHVLBEAURRYTHHAOH UUCGLGOATHYTNSUSGHTGREGNHLATUEEATAIHLVBEOT LUAHHNERDWTAANRODESUHIEVNETAAMINYNFENNOTOR TSTIHFLAEAHAINSNTDEHBGAEVSYTREHEENFIHMNOIARS EPWDEEEEAUSRFPEALSYIBMMSAAIYTROINBNSYEOKNME CCOOLUEDRYADMECRSAOEAECSNEHEWFNTLHONRDISBA EYFOUOURTSSSPSTEOLFDHIFEELWEOHTIRETDHIWREAEIA SNVVABKLRIEYMSHNEEEGANIRONPECLHFITNUFAAOIRNG HCRBKOTAEHEUCKRGNNLSDEIAIMNTAGKSSMICELSOOTO EFDLNTGHIIENNNIDMNNAAABSOYTETNNDEWOIRYOWWN HLSLDIEAGYNECSHOCMTNETOSHIMTIIEGNHLTOHFNETRI NMSCBLUHLOSOWWSYOBSWULLWEATSRTWTOHDOEKLS NBLDRIARHEITMIGSBIEETRMTNHTGOAIEIAMNDREAGBIA OSNSFTYLEIOONTNGHTIOAIEDTIRESRWAYVAMDEBTFIAL EAONNGRENSDTEHIONRCDLWOIANDRSWWUNRTCCHOAL SHLRWIGDAEIPNAYMNOSOAETHRTEUSTALUGEGNGIALHV EATRBTTYHAHUCGULHORNRACDLIACRMCMUAOCHORYN OPCRONYNOO TYTSNHOAGTGERLUSHATEUAGNTIHVLBEAURRYTHHAOH UUCGLGOATHYTNSUSGHTGREGNHLATUEEATAIHLVBEOT LUAHHNERDWTAANRODESUHIEVNETAAMINYNFENNOTOR TSTIHFLAEAHAINSNTDEHBGAEVSYTREHEENFIHMNOIARS EPWDEEEEAUSRFPEALSYIBMMSAAIYTROINBNSYEOKNME CCOOLUEDRYADMECRSAOEAECSNEHEWFNTLHONRDISBA EYFOUOURTSSSPSTEOLFDHIFEELWEOHTIRETDHIWREAEIA SNVVABKLRIEYMSHNEEEGANIRONPECLHFITNUFAAOIRNG HCRBKOTAEHEUCKRGNNLSDEIAIMNTAGKSSMICELSOOTO EFDLNTGHIIENNNIDMNNAAABSOYTETNNDEWOIRYOWWN HLSLDIEAGYNECSHOCMTNETOSHIMTIIEGNHLTOHFNETRI NMSCBLUHLOSOWWSYOBSWULLWEATSRTWTOHDOEKLS NBLDRIARHEITMIGSBIEETRMTNHTGOAIEIAMNDREAGBIA OSNSFTYLEIOONTNGHTIOAIEDTIRESRWAYVAMDEBTFIAL EAONNGRENSDTEHIONRCDLWOIANDRSWWUNRTCCHOAL SHLRWIGDAEIPNAYMNOSOAETHRTEUSTALUGEGNGIALHV EATRBTTYHAHUCGULHORNRACDLIACRMCMUAOCHORYN OPCRONYNOO
2008Kutztown University12 Vigenere Cipher Polyalphabetic substitution Polyalphabetic substitution Use n randomly generated substitutions Use n randomly generated substitutions 1 st letter is encoded by 1 st substitution alphabet 2 nd letter is encoded by 2 nd substitution alphabet ... n th letter is encoded by n th substitution alphabet n+1 st letter is encoded by 1 st substitution alphabet etc.
2008Kutztown University13 Vigenere – Simple Example Key = 3752 Key = 3752 Successive letters are shifted by 3, 7, 5, 2 Successive letters are shifted by 3, 7, 5, 2 Plain text – BOOKKEEPINGROCKS Plain text – BOOKKEEPINGROCKS Cipher text – EVTMNLJRLULTRJPU Cipher text – EVTMNLJRLULTRJPU Eliminates double letters Eliminates double letters Scatters N-grams Scatters N-grams
2008Kutztown University14 Vigenere Cipher Advantages Advantages Creates confusion Same letter can be encoded n different ways Pretty much eliminates n-grams Keyspace > 26!
2008Kutztown University15 Vigenere Cipher le chiffre indéchiffrable le chiffre indéchiffrable Named for Blaise de Vigenère Named for Blaise de Vigenère Invented by Giovan Battista Bellaso ca Invented by Giovan Battista Bellaso ca Broken by Broken by Charles Babbage in 1854 (unpublished) Major Friedrich Kasiski in 1863 »Prussian infantry office
2008Kutztown University16 Vigenere Cipher – Example T KRCS L GILOX WYHH ZQV KOJ WYPG YDKPCY ZZSZ CLJL IA DEK ZTYV VIE WYL HCXV TSLQZUU ZI ZAG NUVLR: "HH YVZO WYLGP WIBHSV KV PP VVST-PYZKSYW: KOOE DCS APQ RYS NUVHHPG VXILO." Z OOGH R KFPDD AVLW FUS ODP VB EKV YSO KZSZD RW NSZUXPO EKV ZCYV FM TZUDLF DORCSD DEK HSH JVBD RW MCCPVY GWDML CHQVYG HLCS PP DSSS ER JPH ORNU HZJVAVPU RA HSH KHPWH FM PCRKOSCKFVR. T KRCS L GILOX WYHH ZQV KOJ HMLB EKV ZHLWV VT XLJZWDVZWDT, D JAOEH JDSWWVYWYJ NPHS WYL VPDK VT TQABGELTL, GHHCASCLEN KTWY AVP KVHH ZI FWDCHJZWZQ, NPZW EV AFLQJMCCPVK WYWF HB ZDJPG ZI WYSPGFT OYG ABGELTL. W SDML O OUVHA EKRA AJ IFBF WLKAZP FYPZOUVU KTOC VBP GRF ZTYV PB L QRAWZQ NOSCH KOSJ ZZSZ YRK IS UXUNSO EP AVP FFSCC RW AVPLI ZYTQ SBH MB KOS NREASYW FM HSHZY QSDIHQEHI. P VLYV H RCHRT HZGRF. W SDML O OUVHA EKRA CYH UHM, ORNU WY DCHPLPR, DWEK ZAG GLTPCFV IHQTVKZ, KTWY PHD JFCSCQFY VLYZUU SLJ SWAV UYWASZUU HLKO HSH NVFOV FM WYWVYDZVZAWZQ RUR YXCSWQLTHHTRE; VBP GRF FTJYA HSHIL WY DCHPLPR, SWEWCL PWDTR PZBJ HBO ECHQV JZYZD ZZSZ MH RIZP WF QCTQ YHBOV NPHS OZAHWH NOWEH SVMD DEK KSLKL UTUCZ OD VZZHPUJ HBO EIVHSHIZ. W SDML O OUVHA ERUHM. T KRCS L GILOX WYHH ZQV KOJ HMLFJ YRSZPB JOOWO SL SIDCASO, HMLFJ KZSZ LQU TCFQKHWY VYHZW EV TOOH
2008Kutztown University17 Vigenere Cipher – Example Analysis TKRCSLGILOXWYHHZQVKOJWYPGYDKPCYZZSZCLJLIADEKZTYVVI EWYLHCXVTSLQZUUZIZAGNUVLRHHYVZOWYLGPWIBHSVKVPPVVSTPYZKSYWKOOEDCSAPQRYSNUVHHPGVXILOZOOGHRKFPDDAVLWFUSODPVBEKVYSOKZSZDRWNSZUXPOEKVZCYVFMTZUDLFDORCSDDEKHSHJVBDRWMCCPVYGWDMLCHQVYGHLCSPPDSSSERJPHORNUHZJVAV PURAHSHKHPWHFMPCRKOSCKFVRTKRCSLGILOXWYHHZQVKOJHMLB EKVZHLWVVTXLJZWDVZWDTDJAOEHJDSWWVYWYJNPHSWYLVPDKVTTQABGELTLGHHCASCLENKTWYAVPKVHHZIFWDCHJZWZQNPZWEVAF LQJMCCPVKWYWFHBZDJPGZIWYSPGFTOYGABGELTLWSDMLOOUVHA EKRAAJIFBFWLKAZPFYPZOUVUKTOCVBPGRFZTYVPBLQRAWZQNOSCHKOSJZZSZYRKISUXUNSOEPAVPFFSCCRWAVPLIZYTQSBHMBKOS NREASYWFMHSHZYQSDIHQEHIPVLYVHRCHRTHZGRFWSDMLOOUVHA EKRACYHUHMORNUWYDCHPLPRDWEKZAGGLTPCFVIHQTVKZKTWYPHDJFCSCQFYVLYZUUSLJSWAVUYWASZUUHLKOHSHNVFOVFMWYWVYDZVZAWZQRURYXCSWQLTHHTREVBPGRFFTJYAHSHILWYDCHPLPRSWEWCLPWDTRPZBJHBOECHQVJZYZDZZSZMHRIZPWFQCTQYHBOVNPHSOZAHWHNOWEHSVMDDEKKSLKLUTUCZODVZZHPUJHBOEIVHSHIZW SDMLOOUVHAERUHMTKRCSLGILOXWYHHZQVKOJHMLFJYRSZPBJOO WOSLSIDCASOHMLFJKZSZLQUTCFQKHWYVYHZWEVTOOHCVKEKVYCFJYWZLFVZKTOCISXDULDWDZUOYGKOSNUFVYPGGSONHJDWWOSLALGVZHCDZNVEDEKHSHXSCCBFMHSHCVFOVYHZWEVYSGHRSSODEKO
2008Kutztown University18 Vigenere Cipher – Example Analysis TKRCSLGILO XWYHHZQVKOJWYPGYDKPCYZZSZCLJLIADEKZTYVVIEWYLHCXVTSLQZUUZIZAGNUVLRHHYVZOWYLGPWIBHSVKVPPVVSTPYZKSYWKOOEDCSAPQRYSNUVHHPGVXILOZOOGHRKFPDDAVLWFUSODPVBEKVYSOKZSZDRWNSZUXPOEKVZCYVFMTZUDLFDORCSDDEKHSHJVBDRWMCCPVYGWDMLCHQVYGHLCSPPDSSSERJPHORNUHZJVAVPURAHSHKHPWHFMPCRKOS CKFVRTKRCS LGILOXWYHHZQVKOJHMLBEKVZHLWVVTXLJZWDVZWDTDJAOEHJDSWWVYWYJNPHSWYLVPDKVTTQABGELTLG
2008Kutztown University19 Vigenere Cipher – Example Analysis HHCASCLENKTWYAVPKVHHZIFWDCHJZWZQNPZWEVAFLQJMCCPVKWYWFHBZDJPGZIWYSPGFTOYGABGELTLW SDMLOOUVHA EKRAAJIFBFWLKAZPFYPZOUVUKTOCVBPGRFZTYVPBLQRAWZQNOSCHKOSJZZSZYRKISUXUNSOEPAVPFFSCCRWAVPLIZYTQSBHMBKOSNREASYWFMHSHZYQSDIHQEHIPVLYVHRCHRTHZGRFW
2008Kutztown University20 Deciphering Vigenere Determine the number of alphabets Determine the number of alphabets Compute distances between matching sequences Compute GCD of distances Treat cipher text as n separate texts Treat cipher text as n separate texts For each separate text & each of 25 possible shifts For each separate text & each of 25 possible shifts Compute Index of Coincidence based on frequencies found in cipher text using table of frequencies of letters in English Index of Coincidence formula Index of Coincidence formula fee = {relFreqTab(k, ciphLet) * charFreq(ciphLet)}
2008Kutztown University21 Frequency Table – English A 0.08; B 0.015; C 0.03; D 0.04; E 0.13; F 0.02; G 0.015; H 0.06; I 0.065; J K 0.005; L 0.035; M 0.03; N 0.07; O 0.08 P 0.02; Q 0.002; R 0.065; S 0.06; T 0.09 U 0.03; V 0.01; W 0.015; X 0.005; Y 0.02 Z 0.002
2008Kutztown University22 Vigenere – Final Step Produce possible plain texts Produce possible plain texts using combination of highest ranking fee table values Choose best plain text Choose best plain text This step can be automated This step can be automated Rate each possible plain text using n-gram information or list of 5 letter words in English
2008Kutztown University23 Vernam Cipher Gilbert Sandford Vernam – inventor Gilbert Sandford Vernam – inventor Also known as one-time pad Invented ca Proven unbreakable by Claude Shannon Proven unbreakable by Claude Shannon Communication Theory of Secrecy Systems 1949 Unbreakable if and only if Unbreakable if and only if Key is same length as plain text Key is never re-used
2008Kutztown University24 Vernam Cipher Basic operation – bitwise XOR Basic operation – bitwise XOR XOR table XOR table 0 xor 0 = 0 0 xor 1 = 1 1 xor 0 = 1 1 xor 1 = 0 Plain text is represented as bit stream Plain text is represented as bit stream Key is random bit stream of same length Key is random bit stream of same length Cipher text is produced via bitwise XOR of plain bit stream and key bit stream. Cipher text is produced via bitwise XOR of plain bit stream and key bit stream.
2008Kutztown University25 Vernam Cipher – Example Plain text :: Grade = A – Great! Plain text :: Grade = A – Great! Plain text in ASCII Plain text in ASCII Plain text as bit stream Plain text as bit stream
2008Kutztown University26 Vernam Cipher – Example Key as bit stream Key as bit stream Cipher text as bit stream Cipher text as bit stream
2008Kutztown University27 Vernam Cipher – Why Unbreakable Try attack by exhaustive search Try attack by exhaustive search Among possible keys Among possible keys Produces this recovered plain text: Produces this recovered plain text: Grade = F – Sorry! Grade = F – Sorry!
2008Kutztown University28 Vernam Cipher – Why Unbreakable Exhaustive search will produce every possible combination of 18 characters. Exhaustive search will produce every possible combination of 18 characters. And there is no way to distinguish between them And there is no way to distinguish between them Among the possible recovered texts: Among the possible recovered texts: Tickle me Elmo now Jabberwocky Rocks! Attack tomorrow am Attack tomorrow pm Grade = C++ & Java
2008Kutztown University29 Vernam Cipher – Why Look Elsewhere? Key distribution problem Key distribution problem Every sender/recipient must have same pad N sender recipient pairs require O (N 2 ) pads Pad distribution is security risk Key coordination problem Key coordination problem Sheets on pad must match exactly Messages must arrive in order sent Key generation problem Key generation problem High quality random numbers hard to generate Bottom line – has some limited use Bottom line – has some limited use