1. CMSC 414 Computer (and Network) Security Lecture 3 Jonathan Katz

2. Confidentiality

3. In more detail…  Alice and Bob share a key K –Must be shared securely –Must be completely random –Must be kept completely secret from attacker –We don’t discuss (for now) how they do this  Plaintext - encryption - ciphertext - decryption  Decryption must recover the message!

4. Notes…  Can also be used to encrypt files (i.e., secure storage)  We have not said anything yet about security…

5. Some examples  (Shift cipher)  (Substitution cipher)  (Vigenere cipher)

6. Attacks?  Shift cipher –Key space is too small! –Insecure against ciphertext-only attack Frequency analysis Index of coincidence –If an attacker can recover they key, a scheme is clearly insecure What about the converse? –Multiple other attacks and problems

7. Attacks?  Substitution cipher –Much larger key space –Still not secure against ciphertext-only attack (frequency analysis, digrams, trial and error) –Having a large key space is necessary, but not sufficient, to guarantee security… (Note that adversary can still recover the key)

8. Attacks?  Vigenere cipher –Index of coincidence Random text has index:  (26) -2 = 0.038 English text has index:  (p i ) 2 = 0.065 –Can distinguish substitution and Vigenere ciphers; if the latter, can determine key length –Can further use this to determine key

9. Moral of the story?  Don’t use “simple” schemes  Thoroughly analyze schemes before using –Better yet, use schemes that other, smarter people have already analyzed…