Presentation is loading. Please wait.

Presentation is loading. Please wait.

Traditional Symmetric-Key Ciphers

Published byDarleen Turner Modified over 6 years ago

Similar presentations

Presentation on theme: "Traditional Symmetric-Key Ciphers"— Presentation transcript:

1 Traditional Symmetric-Key Ciphers

2 Objectives To understand the concepts of symmetric-key ciphers
To learn traditional ciphers Categories of Cryptanalysis used to break the ciphers

3 Topics Introduction Substitution Ciphers Transposition Ciphers
Stream and Block Ciphers (SLE)

4 Introduction General idea of symmetric-key ciphers

5 Alice sends a message to Bob over an insecure channel with the assumption that an adversary, Eve, cannot understand the contents of the message by eavesdropping. Original message is called as the plaintext; the secret message sent is called as the ciphertext. To create the ciphertext, Alice uses an encryption algorithm and a shared secret key. To create the plaintext from ciphertext, Bob uses an decryption algorithm and the same secret key.

6 Encryption: C = Ek(P) Decryption: P = Dk(C) Dk(Ek(x)) = Ek(Dk(x)) = x
Encryption and decryption algorithms are referred as ciphers and key is a set of values (numbers) that the ciphers operate on. If P is the plaintext , C is the ciphertext, and K is the key, then the encryption algorithm Ek(x) creates the ciphertext and the decryption algorithm Dk(x) creates the plaintext. Note: These two algorithms are inverse of each other. Encryption: C = Ek(P) Decryption: P = Dk(C) Dk(Ek(x)) = Ek(Dk(x)) = x

7 Alice and bob need another channel, a secured one, to exchange the secret key.
They can meet once and agree upon a key. Secure channel in this case would be face-to-face key exchange. They can use temporary keys using other cryptographic techniques (asymmetric) to exchange the keys. Alice and Bob can use the same key for communication on the other direction, Bob to Alice. This is why we call it symmetric. If there are n people in a group then we need n-1 keys with a single person in the group.

8 Encryption can be viewed as locking a message in a box with a key and decryption is unlocking the box with the same key. In asymmetric, two keys are used, one more locking and one for unlocking.

9 Kerchhoff's Principle One should always assume that the adversary knows the encryption/decryption algorithm. The resistance of cipher to attack must be based on the secrecy of the key. Guessing the key should be so difficult that there is no need to hide the algorithms. Key domain for modern ciphers are so large that it makes it very difficult for the adversary to find the key.

10 Cryptanalysis Cryptography is the science and art of creating secret codes, cryptanalysis is the science and art of breaking the codes. Cryptanalysis is required to check how vulnerable is our cryptosystem and hence helps us to create better secret codes.

11 Ciphertext-Only Attack
Eve has access only to ciphertext, she tries to find out the key and the plaintext (assuming she knows the algorithm). Most probable attack since, it requires only ciphertext.

12 Types of Ciphertext-Only Attacks,
Brute-Force Attack (Exhaustive-key-search) Eve uses all possible keys. Assume that eve knows the algorithm and knows the key domain. Tries decrypting the message until a plaintext makes sense. In past using brute-force attack was difficult, but with faster computers this is easy. Prevention: Number of possible keys must be very large.

13 Statistical Attacks Uses some inherent characteristics of the plaintext language to launch a statistical attack. Example: Letter ‘E’ is the most-frequently used letter in English text. Cryptanalyst assumes that the most- frequently used character in ciphertext as letter ‘E’. After finding a few pairs, analyst finds the key and decrypts the message. Prevention: Cipher should hide the characteristics of the language.

14 Pattern Attacks Even if the characteristics of the language is hidden, there may be patterns in the ciphertext. Cryptanalyst may use pattern attack to break the cipher. Prevention: Keep the ciphertexts as random as possible

15 Known-Plaintext Attack
In this kind of attack, Eve has access to some plaintext/ciphertext pairs in addition to an newly intercepted ciphertext that she wants to break.

16 Assumption is that the plaintext/ciphertext pair is collected earlier.
Example: Alice sent a secret message to bob, but she later she made the message public. The newly intercepted ciphertext can be interpreted only if Alice has not changed the key while sending it. Chances of these kind of attacks are less (message is usually not made public and the key is frequently changed).

17 Chosen-Plaintext Attack
Similar to known-Plaintext attack, but the plaintext/ciphertext pairs are chosen by the attacker. Possible only if Eve, has access to Alice’s computer. Key is not revealed as it is part of the software. It is very easy to implement but chances are less

18 Chosen-Ciphertext Attack
Similar to chosen-Plaintext attack, except that this time ciphertext is chosen. Eve has access to Bob’s computer and wait until bob decrypts the ciphertext. Uses the plaintext at bob’s end.

19 Categories of Traditional Ciphers Substitution ciphers
Replace a symbol with other symbol Transposition ciphers Reorder the position of symbols in plaintext

20 Substitution Ciphers A substitution cipher replaces one symbol with another. Example: If alphabets: then replacing ‘A’ with ‘D’, if digits then replacing 3 with 6. Substitution ciphers can be categorized as either monoalphabetic ciphers or polyalphabetic ciphers.

21 Monoalphabetic ciphers
A character in plaintext is always changed to the same character in the ciphertext regardless of the position. Example 1: If algorithm changes ‘A’ to ‘D’. Then this is done for all the occurrences of ‘A’. Relationship between letters of plaintext and ciphertext is always one-to-one. Example 2: (Monoalphabetic) Plaintext: hello Ciphertext: KHOOR Example 3: (Not monoalphabetic) Plaintext: hello Ciphertext: ABNZF

22 Additive Cipher (shift cipher or Caesar cipher)
Each character is assigned a unique integer value to the selected key value and perform modulo operation (Z26)

23 C = (P + k) mod 26 P = (C - k) mod 26
Encryption algorithm adds the key to the plaintext and decryption subtracts the key from the ciphertext. C = (P + k) mod 26 P = (C - k) mod 26 Assume key as 15 and Plaintext characters as “hello”. This will be encrypted as “WTAAD”

24 Shift Ciphers Historically additive ciphers are called shift ciphers (Shift key characters down) If key is 15, then encryption algorithm shifts 15 characters down (towards the end of the alphabet) During decryption, 15 characters are shifted up (towards beginning) If end or beginning is reached then we have wrap around.

25 Caesar Cipher Cryptanalysis
Julius Caesar used additive ciphers to communicate with his officers. He used 3 as the key value. Cryptanalysis Additive ciphers are vulnerable to ciphertext- only attacks using exhaustive key searches. The key domain is very small. (Example: 26 keys, excluding ZERO, we have 25 keys) Eve can launch a brute-force attack on the ciphertext using these 25 keys.

26 Additive ciphers can also be subjected to statistical attacks.
If Eve, gets hold of a long text then the commonly repeated words can be identified and analysed.

27 If the intercepted message is as shown below, then Eve will find the count most commonly used letter. Frequency of letters: I =14, V =13, S =12, and so on. The most common character is I with 14 occurrences. This means key = 4.

28 Multiplicative Cipher
In multiplicative cipher, encryption algorithm specifies multiplication of the plaintext by the key. Decryption algorithm specifies division of the ciphertext by key. Since modulo operation, we consider the number and its multiplicative inverse.

29 If Z26 is being used then key needs to be in Z26
Since the key is 7, its multiplicative inverse, 15 is used for decryption

30 Affine Cipher Combine additive and multiplicative ciphers
Two keys are used in Affine ciphers If addition is the last operation during encryption then subtraction will be the first operation during decryption.

31

32 Monoalphabetic Substitution Cipher
Additive, multiplicative, affine ciphers are vulnerable to brute-force attacks (because of small key domain) Alice and Bob can agree upon a table showing the mapping of characters. This makes brute-force very difficult but it is still vulnerable to statistical attacks (no change in frequency).

33 Polyalphabetic Cipher
Each occurrence of the character may have different substitute (one-to-many relation). Hides the frequency of characters of the language used. Ciphertext depends on both plaintext character and position of the plaintext character. A stream of keys k={k1,k2,k3,…..} are used.

34 Autokey Cipher Stream of keys are used, but first value will be agreed upon by Alice and Bob. Second subkey will be the first character in the plaintext, third will be the second character in plaintext and so on. Autokey- subkeys are automatically created during encryption. Frequency attacks are hidden but vulnerable to brute-force attacks (small key domain)

35

36 Playfair Cipher (British army- World war I)
Key is 25 alphabet letters arranged in a 5 x 5 matrix. If two letters in a pair are same, then a bogus character is used to separate them. If no. of characters is odd then a bogus character is added at the end to make it even.

37 Three rules If the 2 letters in a pair are located in the same row of the secret key, the corresponding encrypted character for each letter is the next character in the same row. (Right) If the 2 letters in a pair are located in the same column of the secret key, the corresponding encrypted character for each character is the next character in the same column. (Beneath) If the 2 letters in a pair are not in the same row or column of the secret key, the corresponding encrypted character is the letter in its own row but in the same column as the other letter.

38 Plaintext: hello Pairs: he lx lo
x – bogus character added to avoid pairing of l with l

39 Vigenere Cipher Uses a different strategy to create the key stream.
Key stream is a repetition of an initial secret key stream of length m, 1 ≤ m ≤ 26 It doesn’t depend on plaintext characters but only its position.

40 Message: “she is listening”, Keyword: “PASCAL” (15,0,18,2,0,11)

41

42 Cryptanalysis of Vigenere Ciphers
Two parts: Finding the length of the key and finding the key itself. Kasiski test: Search for the repeated text segment and find the length of the key. Index of co-incidence (IC) is used to cross verify the value obtained by kasiski test IC of standard English language is If the letters are equally likely then IC is 0.038

43 Kasiski test for three character segments is as shown below
Since all the values in differences (100,48,60,8) have gcd as 4. The length of the key is 4. This can also be confirmed using IC test

44 Hill Cipher Invented by Lester S. Hill, divides the plaintext into equal-size blocks. Blocks are encrypted one at a time such that each block contributes to the encryption of the next block. Key is a square matrix of size m x m, where m is the size of the block.

45 Plaintext “code is ready” can make a 3 × 4 matrix when adding extra bogus character “z” to the last block and removing the spaces. The ciphertext is “OHKNIHGKLISS”.

46 One-Time Pad Shannon has shown that perfect secrecy can be achieved if each plaintext symbol is encrypted with a key randomly chosen from a key domain. Additive cipher: First character with key 4, second with key 20, third with key 9 and so on. This idea is used in one-time pad (by vernam) wherein key and plain text have same length and key is randomly selected. Implementation is commercially impossible.

47 Rotor Cipher Uses the idea of monoalphabetic ciphers but changes the mapping between plaintext and ciphertext for each character. In this example it uses 6 characters: Initial position (Key) will be agreed upon by Alice and Bob;: bee will be encrypted as BCA

48 Enigma Machine (based on rotor)
Invented by sherbius, but modified and used by German army during world war II. Components Keyboard- entering plaintext during encryption and ciphertext during decryption Lampboard- 26 lamps that shows ciphertext during encryption and plaintext during decryption Plugboard- 26 plugs connected manually by 13 wires, changed daily Three wired rotors- Out of the five available rotors Reflector- Stationary and wired

49 Code book- Settings for each day
3 rotors to be chosen out of 5 available The order in which rotors are installed Setting for the plugboard Three letter code for the day v

50 Procedure for Encryption
Set the starting position of the rotors to the code of the day. Example: if code is “HUA”, the rotors will be initialized to “H”,”U”, and ”A” Choose a three letter code such as “ACF”, encrypt the text “ACFACF” using initial setting of rotors. Assume we get “OPNABT” Set the starting positions of the rotors to OPN (half of the code) Append the encrypted six letter (OPNABT) to the beginning of the message Encrypt the message using 6-letter code and send it.

51 Procedure for Decryption
Receive the message and separate the first 6 letters Set the starting point of the rotors to the code of the day Decrypt the first 6 letters using the initial setup Set the positions of the rotors to the first half of the decrypted code. Decrypt the message without first six letters

52 Transposition Ciphers
Transposition ciphers doesn’t substitute the characters but changes the locations (reorders). Example: First symbol appearing in 10th position. Keyless Transposition Ciphers Two methods of permutation of characters: Write column by column and transmit row by row Write row by row and transmit column by column

53 The Plaintext “meet me at the park” is arranged in 2 rows
The Plaintext “meet me at the park” is arranged in 2 rows. The ciphertext will be send row by row. The Ciphertext would be “MEMATEAKETETHPR” Bob receives it, divides it to 2 equal parts. First half is set as row1 and second half is row2. Then he reads it in zig-zag pattern. This is known as “rail fence cipher”.

54 Arrange plaintext row by row and send it column wise
Arrange plaintext row by row and send it column wise. Number of columns should be agreed upon by Bob and Alice. Ciphertext would be “MMTAEEHREAEKTTP”.

55 2nd character in the plaintext is moved to the 5th position.
Pattern: (1,5,9,13), (2,6,10,13), (3,7,11,15) (4,8,12)

56 Keyed Transposition Ciphers
Divide the plaintext into groups of predetermined size (blocks) and use a key to permute the characters in each block. Consider the plaintext “enemy attacks tonight”. First, we divide the plaintext into agreed upon size, say 5. enemy attac kston ightz Permutation key is used by both Alice and Bob, say the key is as shown below.

57 enemy attac kston ightz EEMYN TAACT TKONS HITZG
Ciphertext is “EEMYNTAACTTKONSHITZG” Bob performs the reverse operation to get the paintext.

58 Combining Two Approaches
Combine two approaches for better scrambling 3 Steps: Write text into a table row by row Permutation is done by reordering (Keyed) New table is read column by column. Known as Keyed columnar transposition or columnar transposition ciphers

59

60 Keys Single key was used for both encryption and decryption.
2 keys can be used: one for encryption and one for decryption. If encryption key is given decryption key can be known.

61

62 Using Matrices Plaintext and ciphertext are l x m matrices and keys are square matrices of size m x m. In a permutation matrix, every row and every column has exactly one 1 and rest are 0s. Encryption: Multiply plaintext matrix with encryption key. Decryption: Multiply ciphertext with inverse of key matrix

63 Cryptanalysis of Transposition Ciphers Statistical Attacks
Transposition ciphers do not change the frequency of letters in the ciphertexts, it only reorders the letters. Useful only if the ciphertext is long enough Brute-Force Attacks If L is the length of the ciphertext then number of keys could by (1!+2!+3!+….+L!) Eve can find the number of column that divides L. (If L is 20 then 20=1 x 2 x 2 x 5) 1,2,4,5,10,20

64

Download ppt "Traditional Symmetric-Key Ciphers"

Similar presentations

CLASSICAL ENCRYPTION TECHNIQUES

CLASSICAL ENCRYPTION TECHNIQUES
Cryptography encryption authentication digital signatures

Cryptography encryption authentication digital signatures
Using Cryptography to Secure Information. Overview Introduction to Cryptography Using Symmetric Encryption Using Hash Functions Using Public Key Encryption.

Using Cryptography to Secure Information. Overview Introduction to Cryptography Using Symmetric Encryption Using Hash Functions Using Public Key Encryption.
Classical Encryption Techniques Week 6-wend. One-Time Pad if a truly random key as long as the message is used, the cipher will be secure called a One-Time.

Classical Encryption Techniques Week 6-wend. One-Time Pad if a truly random key as long as the message is used, the cipher will be secure called a One-Time.
Cryptology Terminology and Early History. Cryptology Terms Cryptology –The science of concealing the meaning of messages and the discovery of the meaning.

Cryptology Terminology and Early History. Cryptology Terms Cryptology –The science of concealing the meaning of messages and the discovery of the meaning.
Computer Science CSC 474By Dr. Peng Ning1 CSC 474 Information Systems Security Topic 2.1 Introduction to Cryptography.

Computer Science CSC 474By Dr. Peng Ning1 CSC 474 Information Systems Security Topic 2.1 Introduction to Cryptography.
McGraw-Hill©The McGraw-Hill Companies, Inc., 2004 1 Security PART VII.

McGraw-Hill©The McGraw-Hill Companies, Inc., Security PART VII.
Overview of Cryptography and Its Applications Dr. Monther Aldwairi New York Institute of Technology- Amman Campus INCS741: Cryptography.

Overview of Cryptography and Its Applications Dr. Monther Aldwairi New York Institute of Technology- Amman Campus INCS741: Cryptography.
CS426Fall 2010/Lecture 21 Computer Security CS 426 Lecture 2 Cryptography: Terminology & Classic Ciphers.

CS426Fall 2010/Lecture 21 Computer Security CS 426 Lecture 2 Cryptography: Terminology & Classic Ciphers.
CS526Topic 2: Classical Cryptography1 Information Security CS 526 Topic 2 Cryptography: Terminology & Classic Ciphers.

CS526Topic 2: Classical Cryptography1 Information Security CS 526 Topic 2 Cryptography: Terminology & Classic Ciphers.
Chapter 8.  Cryptography is the science of keeping information secure in terms of confidentiality and integrity.  Cryptography is also referred to as.

Chapter 8.  Cryptography is the science of keeping information secure in terms of confidentiality and integrity.  Cryptography is also referred to as.
Chapter 2 – Classical Encryption Techniques

Chapter 2 – Classical Encryption Techniques
Encryption. Introduction Computer security is the prevention of or protection against –access to information by unauthorized recipients –intentional but.

Encryption. Introduction Computer security is the prevention of or protection against –access to information by unauthorized recipients –intentional but.
3.1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 3 Traditional Symmetric-Key Ciphers.

3.1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 3 Traditional Symmetric-Key Ciphers.
3.1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 3 Traditional Symmetric-Key Ciphers.

3.1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 3 Traditional Symmetric-Key Ciphers.
Cryptography Week-6.

Cryptography Week-6.
Cryptanalysis. The Speaker  Chuck Easttom  

Cryptanalysis. The Speaker  Chuck Easttom  
History and Background Part 1: Basic Concepts and Monoalphabetic Substitution CSCI 5857: Encoding and Encryption.

History and Background Part 1: Basic Concepts and Monoalphabetic Substitution CSCI 5857: Encoding and Encryption.
Chapter 1 Introduction.

Chapter 1 Introduction.
Chapter 2 Basic Encryption and Decryption. csci5233 computer security & integrity 2 Encryption / Decryption encrypted transmission AB plaintext ciphertext.

Chapter 2 Basic Encryption and Decryption. csci5233 computer security & integrity 2 Encryption / Decryption encrypted transmission AB plaintext ciphertext.

Similar presentations

Ads by Google