Presentation is loading. Please wait.

Presentation is loading. Please wait.

CS 5950/6030 Network Security Class 6 (W, 9/14/05) Leszek Lilien Department of Computer Science Western Michigan University [Using some slides prepared.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "CS 5950/6030 Network Security Class 6 (W, 9/14/05) Leszek Lilien Department of Computer Science Western Michigan University [Using some slides prepared."— Presentation transcript:

1 CS 5950/6030 Network Security Class 6 (W, 9/14/05) Leszek Lilien Department of Computer Science Western Michigan University [Using some slides prepared by: Prof. Aaron Striegel, U. of Notre Dame Prof. Barbara Endicott-Popovsky, U. Washington, Prof. Deborah Frincke, U. Idaho and Prof. Jussipekka Leiwo, Vrije Universiteit, Amsterdam, The Netherlands]

2 2 Section 2 – Class 6 Class 5: 2A.2-cont. - Basic Terminology and Notation Cryptanalysis Breakable Encryption 2A.4. Representing Characters 2B. Basic Types of Ciphers 2B.1. Substitution Ciphers a. The Ceasar Cipher b. Other Substitution Ciphers — PART 1 Class 6: b. Other Substitution Ciphers — PART 2 c. One-Time Pads 2B.2. Transposition Ciphers 2B.3. Product Ciphers 2C. Making „Good” Ciphers 2C.1. Criteria for „Good” Ciphers

3 3 2A.2.-CONT- Basic Terminology and Notation (2A.2 addendum)  Cryptanalysis  Breakable Encryption

4 4 2A.4. Representing Characters Letters (uppercase only) represented by numbers 0-25 (modulo 26). A B C D... X Y Z 0 1 2 3... 23 24 25 Operations on letters: A + 2 = C X + 4 = B (circular!)...

5 5 2B. Basic Types of Ciphers Substitution ciphers—PART 1 Substitution ciphers—PART 2 Transposition (permutation) ciphers Product ciphers

6 6 2B.1. Substitution Ciphers Substitution ciphers: Letters of P replaced with other letters by E Outline: a. The Caesar Cipher b. Other Substitution Ciphers — PART 1 b. Other Substitution Ciphers — PART 2 c. One-time Pads

7 7 a. The Caesar Cipher (1)  c i =E(p i )=p i +3 mod 26 (26 letters in the English alphabet) Change each letter to the third letter following it (circularly) A  D, B  E,... X  A, Y  B, Z  C  Can represent as a permutation  :  (i) = i+3 mod 26  (0)=3,  (1)=4,...,  (23)=26 mod 26=0,  (24)=1,  (25)=2  Key = 3, or key = ‘D’ (bec. D represents 3)

8 8 Attacking a Substitution Cipher  Exhaustive search  If the key space is small enough, try all possible keys until you find the right one  Cæsar cipher has 26 possible keys from A to Z OR: from 0 to 25  Statistical analysis (attack)  Compare to so called 1-gram (unigram) model of English  It shows frequency of (single) characters in English [cf. Barbara Endicott-Popovsky, U. Washington]

9 9 Cæsar’s Problem  Conclusion: Key is too short  1-char key – monoalphabetic substitution  Can be found by exhaustive search  Statistical frequencies not concealed well by short key  They look too much like ‘regular’ English letters  Solution: Make the key longer  n-char key (n  2) – polyalphabetic substitution  Makes exhaustive search much more difficult  Statistical frequencies concealed much better  Makes cryptanalysis harder [cf. Barbara Endicott-Popovsky, U. Washington]

10 10 b. Other Substitution Ciphers n-char key Polyalphabetic substitution ciphers Vigenère Tableaux cipher — PART 1 Vigenère Tableaux cipher — PART 2

11 11 Vigenère Tableaux (1) P [cf. J. Leiwo, VU, NL] Note:Row A – shift 0 (a->a) Row B – shift 1 (a->b) Row C – shift 2 (a->c)... Row Z – shift 25 (a->z)

12 12 Class 5 Ended Here

13 13 Vigenère Tableaux (2) Example Key: EXODUS Plaintext P: YELLOW SUBMARINE FROM YELLOW RIVER Extended keyword (re-applied to mimic words in P): YELLOW SUBMARINE FROM YELLOW RIVER EXODUS EXODUSEXO DUSE XODUSE XODUS Ciphertext: cbxoio wlppujmks ilgq vsofhb owyyj  Question: How derived from the keyword and Vigenère tableaux? [cf. J. Leiwo, VU, NL]

14 14 Vigenère Tableaux (3) Example... Extended keyword (re-applied to mimic words in P): YELLOW SUBMARINE FROM YELLOW RIVER EXODUS EXODUSEXO DUSE XODUSE XODUS Ciphertext: cbzoio wlppujmks ilgq vsofhb owyyj  Answer: c from P indexes row c from extended key indexes column e.g.: row Y and column e  ‘c’ row E and column x  ‘b’ row L and column o  ‘z’... [cf. J. Leiwo, VU, NL]

15 15 c. One-Time Pads (1) OPT - variant of using Vigenère Tableaux Fixes problem with VT: key used might be too short Above: ‘ EXODUS ’ – 6 chars Sometimes considered a perfect cipher Used extensively during Cold War One-Time Pad: Large, nonrepeating set of long keys on pad sheets/pages Sender and receiver have identical pads Example: 300-char msg to send, 20-char key per sheet => use & tear off 300/20 = 15 pages from the pad

16 16 One-Time Pads (2) Example – cont.:  Encryption:  Sender writes letters of consecutive 20-char keys above the letters of P (from the pad 15 pages)  Sender encipher P using Vigenère Tableaux (or other prearranged chart)  Sender destroys used keys/sheets  Decryption:  Receiver uses Vigenère Tableaux  Receiver uses the same set of consecutive 20-char keys from the same 15 consecutive pages of the pad  Receiver destroys used keys/sheets

17 17 One-Time Pads (3) Note: Effect: a key as long as the message If only key length ≤ the number of chars in the pad The key is always changing (and destroyed after use) Weaknesses Perfect synchronization required between S and R Intercepted or dropped messages can destroy synchro Need lots of keys Needs to distribute pads securely No problem to generate keys Problem: printing, distribution, storing, accounting Frequency distribution not flat enough Non-flat distribution facilitates breaking

18 18 Types of One-Time Pads Vernam Cipher = (lttr + random nr) mod 26 (p.48) Need (pseudo) random nr generator E.g., V = 21; (V +76) mod 26 = 97 mod 26 = 19; 19 = t Book Ciphers (p.49) Book used as a pad need not destroy – just don’t reuse keys Use common Vigenère Tableaux Details: textbook Incl. example of breaking a book cipher Bec. distribution not flat

19 19 Question: Does anybody know other ciphers using books? Or invent your own cipher using books?

20 20 Question:...other ciphers using books? My examples: Use any agreed upon book P: SECRET  Example 2: Use: (page_nr, line_nr, word_nr) C: 52 2 4 Computer can help find words in a big electronic book quickly!  Example 1: Use: (page_nr, line_nr, letter_in_line) C: 52 2 1 52 1 1 52 1 16... Better: use different pages for each char in P 52 ever, making predictions in ten letter seven of those secret positi gorithm Page 52 from a book:

21 21 2B.2. Transposition Ciphers (1)  Rearrange letters in plaintext to produce ciphertext  Example 1a and 1b: Columnar transposition  Plaintext: HELLO WORLD  Transposition onto: (a) 3 columns: HEL LOW ORL DXX XX - padding  Ciphertext (read column-by column): (a) hlodeorxlwlx (b) hloolelwrd  What is the key?  Number of columns: (a) key = 3 and (b) key = 2 (b) onto 2 columns: HE LL OW OR LD

22 22 Transposition Ciphers (2)  Example 2: Rail-Fence Cipher  Plaintext: HELLO WORLD  Transposition into 2 rows (rails) column-by-column: HLOOL ELWRD  Ciphertext: hloolelwrd (Does it look familiar?)  What is the key?  Number of rails key = 2 [cf. Barbara Endicott-Popovsky, U. Washington]

23 23 Attacking Transposition Ciphers  Anagramming  n-gram – n-char strings in English  Digrams (2-grams) for English alphabet are are: aa, ab, ac,...az, ba, bb, bc,..., zz (26 2 rows in digram table)  Trigrams are: aaa, aab,... (26 3 rows)  4-grams (quadgrams?) are: aaaa, aaab,... (26 4 rows)  Attack procedure:  If 1-gram frequencies in C match their freq’s in English but other n-gram freq’s in C do not match their freq’s in English, then it is probably a transposition encryption  Find n-grams with the highest frequencies in C  Start with n=2  Rearrange substrings in C to form n-grams with highest freq’s [cf. Barbara Endicott-Popovsky, U. Washington]

24 24 Example: Step 1 Ciphertext C: hloolelwrd (from Rail-Fence cipher)  N-gram frequency check  1-gram frequencies in C do match their frequencies in English  2-gram ( hl, lo, oo,... ) frequencies in C do not match their frequencies in English  Question: How frequency of „ hl ” in C is calculated?  3-gram ( hlo, loo, ool,... ) frequencies in C do not match their frequencies in English ... => it is probably a transposition  Frequencies in English for all 2-grams from C starting with h  he 0.0305  ho 0.0043  hl, hw, hr, hd < 0.0010  Implies that in hloolelwrd e follows h [cf. Barbara Endicott-Popovsky, U. Washington] as table of freq’s of English digrams shows

25 25 Example: Step 2  Arrange so the h and e are adjacent Since 2-gram suggests a solution, cut C into 2 substrings – the 2nd substring starting with e : hlool elwrd Put them in 2 columns: he ll ow or ld  Read row by row, to get original P: HELLO WORLD [cf. Barbara Endicott-Popovsky, U. Washington]

26 26 2B.3. Product Ciphers A.k.a. combination ciphers Built of multiple blocks, each is: Substitution or: Transposition Example: two-block product cipher E 2 (E 1 (P, K E1 ), K E2 ) Product cipher might not be stronger than its individual components used separately! Might not be even as strong as individual components

27 27 Survey of Students’ Background and Experience (1) Background Survey CS 5950/6030 Network Security - Fall 2005 Please print all your answers. First name: __________________________Last name: _____________________________ Email_____________________________________________________________________ Undergrad./Year ________ OR: Grad./Year or Status (e.g., Ph.D. student) ________________ Major_____________________________________________________________________ PART 1. Background and Experience 1-1)Please rate your knowledge in the following areas (0 = None, 5 = Excellent). UNIX/Linux/Solaris/etc. Experience (use, administration, etc.) 0 12 3 4 5 Network Protocols (TCP, UDP, IP, etc.) 0 12 3 4 5 Cryptography (basic ciphers, DES, RSA, PGP, etc.) 0 12 3 4 5 Computer Security (access control, security fundamentals, etc.) 0 12 3 4 5 Any new students who did not fill out the survey?

28 28 2C. Making „Good” Ciphers Cipher = encryption algorithm Outline 2C.1. Criteria for „Good” Ciphers 2C.2. Stream and Block Ciphers 2C.3. Cryptanalysis 2C.4. Symmetric and Asymmetric Cryptosystems

29 29 2C.1. Criteria for „Good” Ciphers (1) „Good” depends on intended application Substitution C hides chars of P If > 1 key, C dissipates high frequency chars Transposition C scrambles text => hides n-grams for n > 1 Product ciphers Can do all of the above What is more important for your app? What facilities available to sender/receiver? E.g., no supercomputer support on the battlefield

30 30 Criteria for „Good” Ciphers (2) Claude Shannon’s criteria (1949): 1. Needed degree of secrecy should determine amount of labor How long does the data need to stay secret? (cf. Principle of Adequate Protection) 2. Set of keys and enciphering algorithm should be free from complexity Can choose any keys or any plaintext for given E E not too complex (cf. Principle of Effectiveness) 3. Implementation should be as simple as possible Complexity => errors (cf. Principle of Effectiveness) [cf. A. Striegel]

31 31 Criteria for „Good” Ciphers (3) Shannon’s criteria (1949) – cont. 4. Propagation of errors should be limited Errors happen => their effects should be limited One error should not invlidate the whole C (None of the 4 Principles — Missing? — Invent a new Principle?) 5. Size / storage of C should be restricted Size (C) should not be > size (P) More text is more data for cryptanalysts to work with Need more space for storage, more time to send (cf. Principle of Effectiveness) Proposed at the dawn of computer era – still valid! [cf. A. Striegel]

32 32 Criteria for „Good” Ciphers (4) Characteristics of good encryption schemes Confusion: interceptor cannot predict what will happen to C when she changes one char in P E with good confusion: hides well relationship between P”+”K, and C Diffusion: changes in P spread out over many parts of C Good diffusion => attacker needs access to much of C to infer E

33 33 Criteria for „Good” Ciphers (5) Commercial Principles of Sound Encryption Systems 1. Sound mathematics  Proven vs. not broken so far 2. Verified by expert analysis  Including outside experts 3. Stood the test of time  Long-term success is not a guarantee  Still. Flows in many E’s discovered soon after their release Examples of popular commercial E’s: DES / RSA / AES [cf. A. Striegel] DES = Data Encryption Standard RSA = Rivest-Shamir-Adelman AES = Advanced Encryption Standard (rel. new)

34 Continued - Class 7

Download ppt "CS 5950/6030 Network Security Class 6 (W, 9/14/05) Leszek Lilien Department of Computer Science Western Michigan University [Using some slides prepared."

Similar presentations

CLASSICAL ENCRYPTION TECHNIQUES

CLASSICAL ENCRYPTION TECHNIQUES
Using Cryptography to Secure Information. Overview Introduction to Cryptography Using Symmetric Encryption Using Hash Functions Using Public Key Encryption.

Using Cryptography to Secure Information. Overview Introduction to Cryptography Using Symmetric Encryption Using Hash Functions Using Public Key Encryption.
Making “Good” Encryption Algorithms

Making “Good” Encryption Algorithms
Week 2 - Friday.  What did we talk about last time?  Substitution ciphers  Vigenère ciphers  One-time pad.

Week 2 - Friday.  What did we talk about last time?  Substitution ciphers  Vigenère ciphers  One-time pad.
1 Digital certificates One concern with the public key approach: must ensure that you are encrypting to the correct person’s public key  Otherwise, you.

1 Digital certificates One concern with the public key approach: must ensure that you are encrypting to the correct person’s public key  Otherwise, you.
EEC 693/793 Special Topics in Electrical Engineering Secure and Dependable Computing Lecture 4 Wenbing Zhao Department of Electrical and Computer Engineering.

EEC 693/793 Special Topics in Electrical Engineering Secure and Dependable Computing Lecture 4 Wenbing Zhao Department of Electrical and Computer Engineering.
CS 5950/6030 Network Security Class 5 (M, 9/12/05) Leszek Lilien Department of Computer Science Western Michigan University [Using some slides prepared.

CS 5950/6030 Network Security Class 5 (M, 9/12/05) Leszek Lilien Department of Computer Science Western Michigan University [Using some slides prepared.
EEC 688/788 Secure and Dependable Computing Lecture 4 Wenbing Zhao Department of Electrical and Computer Engineering Cleveland State University

EEC 688/788 Secure and Dependable Computing Lecture 4 Wenbing Zhao Department of Electrical and Computer Engineering Cleveland State University
CS 5950/6030 Network Security Class 7 (F, 9/16/05) Leszek Lilien Department of Computer Science Western Michigan University [Using some slides prepared.

CS 5950/6030 Network Security Class 7 (F, 9/16/05) Leszek Lilien Department of Computer Science Western Michigan University [Using some slides prepared.
Network Management and Security

Network Management and Security
McGraw-Hill©The McGraw-Hill Companies, Inc., 2004 1 Security PART VII.

McGraw-Hill©The McGraw-Hill Companies, Inc., Security PART VII.
1 Day 04- Cryptography Acknowledgements to Dr. Ola Flygt of Växjö University, Sweden for providing the original slides.

1 Day 04- Cryptography Acknowledgements to Dr. Ola Flygt of Växjö University, Sweden for providing the original slides.
ITIS 3200: Introduction to Information Security and Privacy Dr. Weichao Wang.

ITIS 3200: Introduction to Information Security and Privacy Dr. Weichao Wang.
EEC 693/793 Special Topics in Electrical Engineering Secure and Dependable Computing Lecture 5 Wenbing Zhao Department of Electrical and Computer Engineering.

EEC 693/793 Special Topics in Electrical Engineering Secure and Dependable Computing Lecture 5 Wenbing Zhao Department of Electrical and Computer Engineering.
Chapter 2 Basic Encryption and Decryption (part B)

Chapter 2 Basic Encryption and Decryption (part B)
Lecture 1 Overview.

Lecture 1 Overview.
CS 5950 Computer Security and Information Assurance Spring 2007 Section 3 (Ch. 2, Part 1): Introduction to Cryptology Dr. Leszek Lilien Department of Computer.

CS 5950 Computer Security and Information Assurance Spring 2007 Section 3 (Ch. 2, Part 1): Introduction to Cryptology Dr. Leszek Lilien Department of Computer.
CS526Topic 2: Classical Cryptography1 Information Security CS 526 Topic 2 Cryptography: Terminology & Classic Ciphers.

CS526Topic 2: Classical Cryptography1 Information Security CS 526 Topic 2 Cryptography: Terminology & Classic Ciphers.
Chapter 13: Electronic Commerce and Information Security Invitation to Computer Science, C++ Version, Fourth Edition SP09: Contains security section (13.4)

Chapter 13: Electronic Commerce and Information Security Invitation to Computer Science, C++ Version, Fourth Edition SP09: Contains security section (13.4)
L1.1. An Introduction to Classical Cryptosystems Rocky K. C. Chang, February 2013.

L1.1. An Introduction to Classical Cryptosystems Rocky K. C. Chang, February 2013.

Similar presentations

Ads by Google