CRYPTOGRAPHY - Brown University
Download
Report
Transcript CRYPTOGRAPHY - Brown University
CRYPTOGRAPHY
Lecture 2
Tuesday, June 27th
Caesar shift
Plain :
ROT 0 :
ROT 1 :
ROT 2 :
ROT 3 :
ROT 4 :
ROT 5 :
ROT 6 :
ROT 7 :
ROT 8 :
ROT 9 :
ROT 10 :
ROT 11 :
ROT 12 :
ROT 13 :
ROT 14 :
ROT 15 :
abcdefghijklmnopqrstuvwxyz
ABCDEFGHIJKLMNOPQRSTUVWXYZ
BCDEFGHIJKLMNOPQRSTUVWXYZA
CDEFGHIJKLMNOPQRSTUVWXYZAB
DEFGHIJKLMNOPQRSTUVWXYZABC
EFGHIJKLMNOPQRSTUVWXYZABCD
FGHIJKLMNOPQRSTUVWXYZABCDE
GHIJKLMNOPQRSTUVWXYZABCDEF
HIJKLMNOPQRSTUVWXYZABCDEFG
IJKLMNOPQRSTUVWXYZABCDEFGH
JKLMNOPQRSTUVWXYZABCDEFGHI
KLMNOPQRSTUVWXYZABCDEFGHIJ
LMNOPQRSTUVWXYZABCDEFGHIJK
MNOPQRSTUVWXYZABCDEFGHIJKL
NOPQRSTUVWXYZABCDEFGHIJKLM
OPQRSTUVWXYZABCDEFGHIJKLMN
PQRSTUVWXYZABCDEFGHIJKLMNO
Caesar shift
A Caesar shift of 20 (or 6, depending
which way you are looking at it)
gives:
ABCDEFGHIJKLMNOPQRSTUVWXYZ
UVWXYZABCDEFGHIJKLMNOPQRST
Caesar shift example
BZDRZQ'R VHED LTRS AD ZANUD RTROHBHNM
First clue: the apostrophe. The only
things that can work are a T or an S. But
S would be more common. So let’s assume
that R in the cipher text means S. This
means that every letter is the cipher is
shifted over by one. Once the rule is
clear, the whole message is easily
deciphered.
Caesar shift example
CAESAR'S WIFE MUST BE ABOVE SUSPICION
BZDRZQ'R VHED LTRS AD ZANUD RTROHBHNM
Caesar shift clues
To find what the shift is, we sometimes
have clues:
– Apostrophes tell us a lot
– Words with one letter can only be “A” or “I”
– The most common words with two letters are
OF TO IN IS IT BE BY HE AS ON AT OR AN SO
IF NO
Caesar shift problems
LWW RLFW TD OTGTOPO TYEZ ESCPP ALCED ZYP ZQ
HSTNS ESP MPWRLP TYSLMTE ESP LBFTELYT
LYZESPC ESZDP HSZ TY ESPTC ZHY WLYRFLRP LCP
NLWWPO NPWED TY ZFC RLFWD ESP ESTCO LWW
ESPDP OTQQPC QCZX PLNS ZESPC TY WLYRFLRP
NFDEZXD LYO WLHD
How many double letter combinations can we
have? Notice the LWW in the beginning of
this text.
www.simonsingh.net
http://starbase.trincoll.edu/~crypto/
http://edeca.net/site/programs:rotutil
HELPFUL FACTS (for English)
Order Of Frequency Of Single Letters
ETAOINSHRDLU
Order Of Frequency Of Digraphs
th er on an re he in ed nd ha at en es of or
nt ea
ti to it st io le is ou ar as de rt ve
Order Of Frequency Of Trigraphs
the and tha ent ion tio for nde has nce edt
tis oft sth men
HW #2a: Caesar shift problems
3 messages all with the same shift
1. PMFBP PBKA PBZOBQ JBPPXDBP.
2. QEB XOJV FP LK QEB JLSB
3. QELJXP GBCCBOPLK ABPFDKBA X
PRYPQFQRQFLK ZFMEBO
HW #2b: Caesar shift problems
1. MAX YTNEM, WXTK UKNMNL, EBXL GHM BG
HNK LMTKL UNM BG HNKLXEOXL.
2. UHWXUA WR URPH
3. VJGEC GUCTU JKHVE KRJGT KUXGT APKEG
DWVQP EGAQW JCXGV JGUJK HVHKI
WTGFQ WVVJG YJQNG OGUUC IG DG
EQOGU QDXKQ WU.
HW #2c: Caesar shift problems
(different shift, and hard: why?).
1.
KENKMOC PYBDEXK TEFKD
2.
MHILYLZAZBHLXBPZXBLMVYABUHLHWWPBZJSHBKPBZJHLJBZKPJAB
THYJHUBTLZA
HW #2d: Analysis
1. What makes a Caesar shift cipher easier
or harder to break?
2. What techniques did you take advantage
of?
3. How would you design a better cipher?
Reading
1. Read the code book p 14-44
2. Look online at sites that help decipher
Caesar shift ciphers
3. Look around www.simonsingh.net
4. Start thinking about what you’d like to
do for your final project.
Secure transmission
Steganography
cryptography
Transposition
Monoalphabetic
Substitution
The difference between
substitution and transposition is
that in:
Subtitution: each letter retains its
position but changes its identity,
Transposition: each letter retains
its identity but changes its
position.
Example 3
Weakness of Caesar shift
If you figured out the shift, the whole message
quickly unravels.
If there are spaces, or punctuation, you can get
a “handle” on the message.
If the message is long enough, or if you have
enough messages with the same shift, you can
solve by frequency analysis
If all else fails, try all 26 possibilities. This may
take a while by hand, but it is not inherently
difficult.
What makes the Caesar cipher so
convenient?
The key is easy – everyone can decrypt it just by
knowing one small bit of information.
How do you transmit the key? Maybe you can
agree on something in advance, e.g. that every
day of the month you shift over by that
number of days (this has to be modified a
little to work), or that the name of the month
is the letter that A shifts to . . . Some agreed
upon way of shifting.
The problem of the key will recur in many of
the ciphers we see.
Tips for a more secure code
No spaces
No punctuation
Foreign language
Maybe we can change letters in a way that
does not have a “chain reaction”
solution? It will still be a monoalphabetic cipher but each letter can be
independently determined.
Mono-alphabetic
Substitution Cipher
• Allow any permutation of the alphabet
• Each letter is replaced by a different letter
or symbol
• Key = permutation (still need to decide on a
key and exchange this information in a
secure way).
• 26! Possibilities
– What does this mean?
How many possibilities?!
• If my alphabet has 3
letters, I have the
following ways of
arranging it:
ABC
ACB
BCA
BAC
CBA
CAB
There are 3 ways of
choosing the first
letter: either A B or C.
Once the first letter
is chosen, there are
only 2 letters left,
they can only be
arranged in 2
different ways.
How many possibilities?!
• If my alphabet has 4 letters, I have the
following ways of arranging it:
ABCD
ABDC
ACBD
ACDB
ADBC
ADCD
BCDA
BCAD
BACD
BADC
BDAC
BDCA
CDBA
CDAB
CADB
CABD
CBAD
CBDA
DABC
DACB
DBAC
DBCA
DCAB
DCBA
How many possibilities?!
• If my alphabet has 4 letters,
– there are 4 ways of arranging the first letter
– For each of those choices there are only 3 ways to
arrange the remaining 3 letters
– For any given arrangement of the first 2 letters,
there are 2 ways of arranging the next 2 letters
– For any given arrangement of the first 3 letters,
there’s only one way to pick the last letter.
– So there are 4*3*2*1 possibilities.
– This is called 4! = 4*3*2*1=24
How many possibilities?!
• If my alphabet has 5 letters, how many
possibilities do we have?
– 5! = 5*4*3*2*1 = 120
– let’s not write them out . . .
• If my alphabet has 26 letters, we have
– 26! = 26*25*24*23* . . . *3*2*1 possibilities.
Mono-alphabetic
Substitution Cipher
• 26! = 403,291,461,126,605,635,584,000,000
• For encryption, one of these is not good (the
abcdefg… one) so we have one less
possibility. Even if 26 of this are bad (the
ones that correspond to the Caesar ciphers)
that still leaves lots of good possibilities.
• Roughly 288: checking 1 billion per second,
would take 12 billion years
Mono-alphabetic
Substitution Cipher
• Too many possibilities to break by brute
force! This is a major strength of the
substitution cipher.
• But how will the recipient break it?
• You need to exchange a key, and it needs to
be a key that one can remember.
Mono-alphabetic
Substitution Cipher
• Is there a better way to break it?
• al-Kindi, ninth century: frequency
analysis
• Not a recipe, but a good set of
guidelines.
• This only works for longer messages . .
.
Frequency
Analysis
Example 1
H EKGGLHQNL KZEL AKGB PL ARHA
ARL CKSGB CHV XNGG KX UHB
VLENSTAF VFVALPV CSTAALZ UF
OLKOGL CRK SLHB HOOGTLB
ESFOAKQSHORF.
- USNEL VERZLTLS, VLESLAV HZB GTLV
E E
E T
E T T
H EKGGLHQNL KZEL AKGB PL ARHA
T E
ARL CKSGB CHV XNGG KX UHB
E
T
TE
TTE
VLENSTAF VFVALPV CSTAALZ UF
E E
E
E
OLKOGL CRK SLHB HOOGTLB
T
ESFOAKQSHORF.
E
E E
E ET
E
- USNEL VERZLTLS, VLESLAV HZB GTLV
L occurs 18 times, A occurs 10 times.
Example 1
E E
E T
E TH T
H EKGGLHQNL KZEL AKGB PL ARHA
THE
ARL CKSGB CHV XNGG KX UHB
E
T
TE
TTE
VLENSTAF VFVALPV CSTAALZ UF
E E H
E
E
OLKOGL CRK SLHB HOOGTLB
T
H
ESFOAKQSHORF.
E
H E E
E ET
E
- USNEL VERZLTLS, VLESLAV HZB GTLV
Example 1
A
EA E
E T
E THAT
H EKGGLHQNL KZEL AKGB PL ARHA
THE
A
A
ARL CKSGB CHV XNGG KX UHB
E
T
TE
TTE
VLENSTAF VFVALPV CSTAALZ UF
E E H
EA A
E
OLKOGL CRK SLHB HOOGTLB
T A H
ESFOAKQSHORF.
E
H E E
E ET A
E
- USNEL VERZLTLS, VLESLAV HZB GTLV
Example 1
A OLLEA E O E TOL E THAT
H EKGGLHQNL KZEL AKGB PL ARHA
THE O L A
LL O A
ARL CKSGB CHV XNGG KX UHB
SE
T S STE S
TTE
VLENSTAF VFVALPV CSTAALZ UF
PEOPLE HO EA APPL E
OLKOGL CRK SLHB HOOGTLB
PTO APH
ESFOAKQSHORF.
E S H E E SE ETS A L ES
- USNEL VERZLTLS, VLESLAV HZB GTLV
Example 1
A COLLEAGUE ONCE TOLD ME THAT
H EKGGLHQNL KZEL AKGB PL ARHA
THE WORLD WAS FULL OF BAD
ARL CKSGB CHV XNGG KX UHB
SECURITY SYSTEMS WRITTEN BY
VLENSTAF VFVALPV CSTAALZ UF
PEOPLE WHO READ APPLIED
OLKOGL CRK SLHB HOOGTLB
CRYPTOGRAPHY.
ESFOAKQSHORF.
BRUCE SCHNEIER, SECRETS AND LIES
- USNEL VERZLTLS, VLESLAV HZB GTLV
Example 1
A harder example
YIRLAZ MRACIRB CR PKORI CRP:
MRPPVAMQAY MRLACZRGA, VAYQAVW RA
• Shorter = less information
• R occurs 10 times, A occurs 9 times
– (all others occur 4 or fewer times)
• Telegraph style; fewer short words
Example 2
A harder example
E
E E E
E E
YIRLAZ MRACIRB CR PKORI CRP:
E
E
E
E
MRPPVAMQAY MRLACZRGA, VAYQAVW RA
E doesn’t begin any common 2-letter words
Example 2
A harder example
O
O O O
O O
YIRLAZ MRACIRB CR PKORI CRP:
O
O
O
O
MRPPVAMQAY MRLACZRGA, VAYQAVW RA
A occurs 9 times. What could it be?
Example 2
A harder example
O N ON O O
O O
YIRLAZ MRACIRB CR PKORI CRP:
O N N
O N O N N N ON
MRPPVAMQAY MRLACZRGA, VAYQAVW RA
Example 2
A harder example
O N ONT O TO
O TO
YIRLAZ MRACIRB CR PKORI CRP:
O N N
O NT O N N N ON
MRPPVAMQAY MRLACZRGA, VAYQAVW RA
Example 2
A harder example
G O N ONT O TO
O TO
YIRLAZ MRACIRB CR PKORI CRP:
O N ING O NT O N NGIN ON
MRPPVAMQAY MRLACZRGA, VAYQAVW RA
Example 2
A harder example
GROUND CONTROL TO MAJOR TOM:
YIRLAZ MRACIRB CR PKORI CRP:
COMMENCING COUNTDOWN, ENGINES ON
MRPPVAMQAY MRLACZRGA, VAYQAVW RA
Example 2
Not a good candidate for frequency analysis:
FROM ZANIBAR TO ZAMBIA AND ZAIRE
OZONE ZONES MAKE ZEBRAS
RUN MANY ZIGZAGS
The letter Z is the most common here!
Example 3
HW # 3a: Substitution cipher
Hint: use www.simonsingh.net/The_Black_Chamber/frequencypuzzle.htm
AVWJM VIPMY DPIYI WFJVB IPAVF DMIMB AJJDP KARMV IPMYM
VDPDV HQMAV DPMHI TDFLD PKMAR IBQFF AIJDP WPNMB ILIWU
IJMBW MWFIK FIIPM QFPMD HFDVP WPNMB IYVAM BIFVA MBMBI
VAPNW PNMBI YEFQR HLIAP YDQFB WPNDP EIRYB IWFMV WJTAL
LINVA MBMBI LDUID TWKAF LABIL NBIFE LDJIH QMJBI TWNIN APMBI
PAKBM LAOIW GDIRA RIWPM MDVFA MIWPN MBILI WUIJM BWMWF
IKFII PMQFP MDHFD VPWPN MBIYV AMBIF VAMBM BIVAP NWPNM
BIYEF QRHLI APYDQ FBWPN AMBFI VWGIH HLIAP WHFDD OWPNV
WMEBI NMBIF AGGLI JFQPW VWYWP NMBIY PIUIF RWNIW JDQPN
WPNMB ILIWU IJMBW MWFIK FIIPM QFPIN MDHFD VPWPN MBIYV
AMBIF VAMBM BIVAP NWPNM BIYEF QRHLI APYDQ FBWPN BILLD
BILLD BILLD BILLD KDDNH YIKDD NHYIK DDNHY IKDDN HYIMB
WMJWL LMBIF IAJWP NMBIL IWUIJ MBWMW FIKFI IPMQF PINMD
HFDVP WPNMB IYVAM BIFVA MBMBI VAPNW PNMBI YEFQR HLIAP
YDQFB WPN
Example 3