1 / 70

Session 1: Introduction to cryptology

Session 1: Introduction to cryptology. Cryptology. Cryptology: criptos=secret + logos=science Cryptology = Cryptography + Cryptanalysis Opposite and complementary at the same time Cryptography: develops methods of encipherment in order to protect information.

zelda
Download Presentation

Session 1: Introduction to cryptology

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Session 1: Introduction to cryptology

  2. Cryptology • Cryptology: criptos=secret + logos=science • Cryptology = Cryptography + Cryptanalysis • Opposite and complementary at the same time • Cryptography: develops methods of encipherment in order to protect information. • Cryptanalysis: breaks these methods in order to reconstruct the original information.

  3. KEY KEY encipher Ciphertext decipher Plaintext Plaintext A B Cryptanalysis decrypt Cryptographic Procedure : The General Scheme

  4. General classification : • Secret key cryptography (symmetric) • Shared key (secret), delivered to both parties in advance via a secure channel. • Public key cryptography (asymmetric) • The key is reconstructed from the secret part and the public part. The secure channel is not needed.

  5. Secret key cryptography • Stream ciphers The transformation is applied to every symbol of the original message. Example: to every bit of the message. • Block ciphers The transformation is applied to a group of symbols of the original message Example : to groups of 64 bits (DES).

  6. Secret key cryptography • Stream ciphers Prof. Simon John Shepherd: “Every high-grade military cipher is a stream cipher” http://www.simonshepherd.supanet.com/sjsacad.htm Consequence: limitations introduced by governments. • Block ciphers Slower and less secure (in general), but there are no implementation and export limitations. Because of that, they are used a lot in practice.

  7. Classical cipher systems • Substitution Example:

  8. Classical cipher systems • Transposition Example:

  9. Classical cipher systems • Monoalphabetic substitution • Equal symbols of the plaintext are always substituted with the same symbol. • Polialphabetic substitution • Equal symbols of the plaintext are substituted with different symbols, depending on the key.

  10. Classical cipher systems • Caesar’s cipher (monoalphabetic) (1st century B.C.)

  11. Classical cipher systems • Vigenère’s cipher (polialphabetic) (1586) Key:Zi = L, O, U, P • Encipherment: • Decipherment:

  12. Classical cipher systems Blaise de Vigenère (1523-1596)

  13. VIGENÈRE’S TABLE (1586) A B C D E F G H I J K L M N O P Q R S T U V W X Y Z 0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 Note that the modulus of a negative value is computed by repeatedly adding the base until a positive value is obtained.

  14. Vigenère’s table

  15. Classical cipher systems • Beaufort’s cipher (polialphabetic) (1857) Key:Zi = W, I, N, D • Encipherment: • Decipherment: Sir Francis Beaufort (1774-1857) Encipherment and decipherment are the same(involution)

  16. Beaufort’s table

  17. Classical systems – electromechanical devices • The principal drawback of the systems that used tables was their inefficiency at enciphering/deciphering long texts. • At the same time, the need to process long texts increased. • In the beginning of the 20th century, technology advanced enough to enable design of electromechanical cryptographic devices.

  18. Classical systems – ENIGMA • One of the most famous ones was the ENIGMA machine, used extensively by the Germans in the World War II. • The machine was patented in 1918 by Arthur Scherbius, a German engineer. • Essentially, this was a multiple Vigenère’s cipher that achieved a considerably higher number of possible combinations to search in the process of cryptanalysis than the older ciphers.

  19. M Q Classical systems - ENIGMA ENIGMA – principle of operation ENIGMA – one of the rotors

  20. Classical systems - ENIGMA • All the machines of this kind consisted of wheels. • Some were fixed (stators) and some were mobile (rotors). • ENIGMA consisted of two fixed wheels (the entry wheel and the reflector) and 3 or 4 rotors. • Rotors could be selected out of a number of rotors (usually 3 out of five).

  21. Classical systems - ENIGMA • The choice of the rotors, as well as their ordering constituted a part of the key. • All the rotors had contacts on both sides, through which current was flowing. • Each contact corresponded to a letter of the alphabet and the contacts on both sides of a rotor were connected by a special wiring. • Thus each rotor realized a monoalphabetic substitution cipher.

  22. Classical systems - ENIGMA • Due to a special kind of stepping motion of the wheels, not all the wheels rotated the same number of shifts at enciphering different letters. • There was one wheel that moved with every single letter to be enciphered, and the other wheels moved more slowly. • Current positions of the contacts on the wheels determined the substitution of the given (typed) letter on the machine. • In such a way, long period of the output letter sequence was achieved.

  23. Classical systems - ENIGMA • Some variants of ENIGMA also included a permutation (’plugboard’) that was realized through wiring, and that permutation occasionally changed. • The role of the plugboard was to change the letter that was actually typed to some other letter (depending on the permutation) before and after the current entered the wheels.

  24. Classical systems - ENIGMA • What distinguished the ENIGMA machine from the other electromechanical cryptographic machines was the use of the reflector - a special stator that was redirecting the flow of the current back through the rotors by a different route. • The reflector ensures that the ENIGMA machine is self-reciprocal, i.e. the enciphering and the deciphering transformations are the same.

  25. Classical systems - ENIGMA • However, by introducing the reflector, substituting the given letter with itself was disabled. • That introduced a small bias in the statistics of the letter sequence produced by the machine that enabled the cryptanalysis.

  26. Classical systems (Enigma) Source: http://en.wikipedia.org/wiki/Enigma_machine

  27. Classical systems • Electromechanical cryptographic devices of the ENIGMA type had an additional drawback - the machine itself constituted (a part of) the key. • Replacing compromised machines, especially during the war, was a very difficult and often impossible task.

  28. Classical systems • The goal of the next generation of cryptographic machines was to implement a system whose security lied only in the key that was used, not on the enciphering transformation. • The Vernam cipher, patented in 1917 in the U.S.A., was such a cipher. • This concept was also proved to be the best from the theoretical point of view in 1949 by C. Shannon.

  29. Classical systems • The Vernam cipher (1917) (One-time pad) Key:Binary random sequence used only once. • Encipherment: • Decipherment: Message: COME SOON (Encoding ITA-2)

  30. Classical systems • The Vernam cipher was a cipher intended to be used on teletype writers. • Because of that, the key storage medium was a paper tape of the same type as the tape that was used for storing the messages. • The message had to be encoded first, and the teletype writer itself performed this transformation. • Every teletype writer implemented some encoding and the most widespread one was International Telegraph Alphabet No 2 (ITA-2).

  31. Classical systems – ITA 2 Binary DecimalLETTERSNUMBERSBinary DecimalLETTERSNUMBERS----------------------------------------------------- ---------------------------------------------------- 00000    0  BLANK BLANK 10000       16  T     5 00001        1  E     3 10001       17  Z     " 00010        2  LF    LF 10010       18  L     ) 00011        3  A     - 10011       19  W     2 00100        4  SP    SP 10100       20  H     # 00101        5  S     BELL 10101       21  Y     6 00110        6  I     8 10110       22  P     0 00111        7  U     7 10111       23  Q     1 01000        8  CR    CR 11000       24  O     9 01001        9  D     $ 11001       25  B     ? 01010      10  R     4 11010       26  G     & 01011      11  J     ‘ 11011       27  FIGS  FIGS 01100      12  N     , 11100       28  M     . 01101      13  F     ! 11101       29  X     / 01110      14  C     : 11110       30  V     ; 01111      15  K     ( 11111       31  LTRS  LTRS

  32. Cryptographic Security • Unconditionalsecurity (THEORETICAL) (Perfect secrecy – Shannon) – the system is secure against an attacker with unlimited time and computational resources. Example: The Vernam cipher (One-time pad). • Computationalsecurity (PRACTICAL)– the system is secure against an attacker with limited time and computational resources. Example: The RSA cryptosystem.

  33. Perfect secrecy conditions (Shannon) • Application conditions: • The key is used only once • The cryptanalyst has access only to the cryptogram. • Perfect secrecy : “The plaintext X is statistically independent on the cryptogram Y for all the possible plaintexts and all the possible cryptograms” P(X = x | Y = y) = P(X = x)

  34. Entropy • Entropy is a measure of uncertainty. • It is a function of probability distribution of a random variable. • Shannon’s entropy of the (discrete) random variable X:

  35. Entropy • Example 1: • H(X) reaches its maximum for p=0.5.

  36. Entropy

  37. Entropy • Example 2: n-sided fair die. n outcomes, each with probability 1/n.

  38. Entropy • For two random variables, X and Y, the joint entropy H(X,Y) is defined as • Conditional entropy • Theorem (chain rule)

  39. Entropy • Theorem • where the equality holds iff all elements of are equally likely. • where the equality holds iff X and Y are independent.

  40. Entropy • Thus, the fact that X and Y are independent random variables causes the same uncertainty of the plaintext regardless of the knowledge of the cryptogram.

  41. Is perfect secrecy practically achievable? • The cipher with X, Y, Z {0,1,…,L-1}K • The key is selected at random • The ciphering transformation: • The number of keys/plaintexts/ciphertexts is LK. • With a fixed plaintext, since the key is selected at random, a unique cryptogram corresponds to every possible value of the key.

  42. Then, any of the LK possible cryptograms corresponds to any plaintext with equal probability. Then P(X = x | Y = y) = P(X = x) . • L=2, the Vernam cipher.

  43. Security of classical systems • Monoalphabetic ciphers • The statistical properties of the plaintext are reflected exactly in the ciphertext. • The statistical methods of cryptanalysis use the statistical properties of the language in which the message has been written.

  44. Letter statistics - English

  45. Letter statistics - English

  46. Letter statistics - Norwegian Source: Kryptografi – Ben Johnsen, Tapir Akademisk Forlag, Trondheim, 2005.

  47. Security of classical systems • The Vigenère cipher (polialphabetic) • The Kasiski Cryptanalysis (The incidence of the coincidences) (1863) • The repetition of certain group of letters in the cryptogram originating from the same group of letters in the plaintext takes place at a distance equal to a multiple of the length of the key word (30=6*5).

  48. Security of classical systems • The Vigenère cipher (polialphabetic) • By studying these repetitions, it is possible to determine the length K of the key word. • Then the original cryptogram can be decomposed into simple cryptograms.

  49. Security of classical systems • The Vernam cipher • Meets the conditions of perfect secrecy. • One key bit for every plaintext bit.

  50. Unicity distance • Given a ciphertext, if we try all the possible keys, how many keys will decrypt it to something meaningful? • The unicity distance n0 is the length of ciphertext at which one expects that there is a unique meaningful plaintext. • If the text is long enough, there will be a unique key and a unique corresponding plaintext. • R is redundancy of the text (0.75 for English), K is the key space and L is the alphabet.

More Related