Transcript No Slide Title

Applied Cryptology
– The Science of
Secrecy
Dr. Victor Ralevich
Sheridan Institute
Credit for some of the slides goes to Dr. Richard J.Spillman
Basic Terminology

Encryption:
Encryption key
– Plaintext

Ciphertext
Decryption:
Decryption key
– Ciphertext

Plaintext
Cipher = Encryption algorithm
Cryptology

Cryptology is the science of building and
analyzing encryption-decryption methods.
CRYPTOLOGY
CRYPTOGRAPHY
CRYPTOANALYSIS
Secure Systems
A Good Cipher


The strength of the system should not lie in
the secrecy of the algorithms.
The strength of the system should only
depend the secrecy of the key.
Fundamental Principle of Cryptology
Cipher Evaluation
 We
can never be sure that a cipher is
secure.
 The
best way to gain some confidence
in a new cipher is to allow the security
community to test it.
Cipher Classification
Ciphers
Symmetric
Key
Public Key
PublicKey
Signature
ID
Random
Unkeyed
Random
Signature
MAC
Hash
Symmetric
Classical
Transposition
OneWay
Stream
Substitution
Block
Classical Ciphers
 Further subdivisions:
...
Classical
Transposition
Block
Substitution
polyalphabetic
Each plaintext character
is substituted by
different characters
dependant on the
key used for encryption
Stream
monoalphabetic
Each plaintext character
is always substituted by the
same other character.
Substitution Ciphers

General substitution algorithm permits
the cipher alphabet to be any
rearrangement of the plain alphabet.

That gives
26! = 403,291,461,126,605,635,584,000,000
possible keys from which to choose.
Frequency Analysis

Every letter of a given language has
characteristics of its own such as:
– Frequency of occurrence
– Relation to the other letters
– Position within words

These and other similar characteristics are used to
break substitution monoalphabetic ciphers by
letter frequency analysis
Letter Frequency in
English Language
0.140
0.001
0.001
0.002
0.008
0.010
0.015
0.019
0.020
0.022
0.023
0.024
0.028
0.028
0.043
0.063
0.067
0.060
0.001
0.000
0.020
0.020
0.040
0.040
0.061
0.060
0.070
0.080
0.075
0.100
0.082
0.120
0.091

In order: ETAONIRSHDLUCMPFYWGBVJKQXZ
Four vowels A, E, I, O and four consonants N, R, S, T
form 2/3 of the normal English plain text.
0.127

E T A O I N S H R D L C U MW F G Y P B V K J Q X Z
Word of Advice

Note: The longer texts are more likely to follow the
standard frequencies, but it is not always the case.

In 1969, the French author George Perec wrote “La
Disparation”, a 200-page novel that did not use words
that contain letter “E”.

Gilbert Adair translated the novel in English respecting
the same restriction.

See also similar book “Gadsby” a story of over 50,000
words without using the letter “E” by Ernest Vincent
Wright
Polyalphabetic Ciphers
Vigenère’s
cipher
Vigenère Cipher

Vigenère’s most important work was his
“Traicté des Chiffres” (“A Treatise on
Secret Writing”) published in 1586.

Vigenère’s cipher is resistant to letter
frequency analysis.
Vigenère Operation

A keyword is selected and it is
repeatedly written above the plaintext
– EXAMPLE: using the keyword “hold”
KEY
plaintext
ciphertext
H
O
L
D
H
O
L
D
H
O
L
D
H
O
L
D
H
O
T
H
I S
I
S
T
H
E
P
L
A
I
N
T
E
X
T
A
V
T
V Q
G
E
K
L
D
W
D
Q
B
E
H
E
H
a
b
n
d
e
f
g
h
i
j
k
l
m
n
o
p
q
r
s
t
u
a
a
b
c
d
e
f
g
h
i
j
k
l
m
n
o
p
q
r
s
t
u
b
b
c
d
e
f
g
h
i
j
k
l
m
n
o
p
q
r
s
t
u
v
c
c
d
e
f
g
h
i
j
k
l
m
n
o
p
q
r
s
t
u
v
w
d
d
e
f
g
h
i
j
k
l
m
n
o
p
q
r
s
t
u
v
w
x
e
e
f
g
h
i
j
k
l
m
n
o
p
q
r
s
t
u
v
w
x
y
f
f
g
h
i
j
k
l
m
n
o
p
q
r
s
t
u
v
w
x
y
z
g
g
h
i
j
k
l
m
n
o
p
q
r
s
t
u
v
w
x
y
z
a
h
h
i
j
k
l
m
n
o
p
q
r
s
t
u
v
w
x
y
z
a
b
i
i
j
k
l
m
n
o
p
q
r
s
t
u
v
w
x
y
z
a
b
c
. . .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
Breaking Vigenère’s
Cipher

In 1863, a Polish Infantry officer, Friedrich W.
Kasiski, published a short book which changed
the nature of cryptography. He noticed that:
The conjuction of a repeated portion of
the key with a repetition in the plaintext
produces a repetition in the ciphertext.
So, the size of the keyword can be determined by the
nature of repeated ciphertext character strings.
Shannon Criteria

Claude Shannon (in the late 1940s) defined
additional design criteria for ciphers:
– Confusion – cipher should hide local
patterns in language from an attacker.
– Diffusion – cipher should mix around
different parts of the plaintext, so that
nothing is left in its original position.
Computer Based Ciphers
Security Requirements

Confidentiality
– Protection from disclosure to unauthorised persons
 Integrity
– Maintaining data consistency
 Authentication
– Assurance of identity of person or originator of data
 Non-repudiation
– Originator of communications can’t deny it later
Binary Numbers

Data in computer systems is stored, processed, and
transmitted in binary form (as 0’s and 1’s)

All numerical values are represented and manipulated as
binary numbers
decimal
0
1
2
3
4
binary
0
1
10
11
100
decimal
5
6
7
8
9
binary
101
110
111
1000
1001
Characters

There is no natural way to express characters
(as there is with numbers) so computer
manufactures have developed standard codes
such as ASCII and UNICODE.

ASCII assigns 8 bits per character:
28 = 226 characters

UNICODE assigns 16 bits per character:
216 = 65536 different characters
Symmetric Key Ciphers
Stream
Ciphers
Block Ciphers
Symmetric Ciphers
Encryption
Transmission
Decryption
Symmetric Encryption Scheme

The same key is used for both: encryption and
decryption.
Bit Level Ciphers

Using computers, ciphers are implemented at the bit
level. We can now substitute or transpose 0’s and 1’s

The problem is, how can we seem to randomly change
bits and yet still be able to recover the plaintext?

To do this we use the exclusive-OR (XOR) binary
function
XOR Function
A
B
XOR
F
A
0
0
1
1
B
0
1
0
1
F
0
1
1
0
A will be the plaintext and B the key
Simple Stream Cipher
ciphertext
plaintext
XOR
Key stream
Key stream
XOR
plaintext
Some Stream Ciphers






RC4
Pike
SOBER-128
SEAL (Software-Optimized Encryption
Algorithm)
Turing
A5/1 and A5/2
Block Ciphers
Block Cipher

Today’s most widely used ciphers
– Define a block of computer bits which represent several
characters
– Encipher the complete block at one time
Block of Bits
KEY
Algorithm
Block of Bits
Electronic Code Book
 Simplest mode of operation
– each block is enciphered into a ciphertext
block using one key
M1
Key
Ek
C1
M2
Ek
C2
Mm
Ek
Cm
Problem:
if Mi = Mj then
Ci = C j
Cipher Block Chaining

The input to each block stage is the
current block XOR-ed with the previous
stage cipher block
M1
Key
Ek
C1
M2
Ek
C2
Mm
Ek
Cm
Some Block Ciphers








AES
DES (obsolete)
IDEA
Blowfish
Skipjack
RC5
RC6
Twofish
Asymmetric Key Ciphers
Cipher Classification
Ciphers
Asymmetric
Key
PublicKey
Signature
Symmetric
Key
Unkeyed
ID
Asymmetric ciphers have two
different keys: one to encipher
and one to decipher
Public Key Ciphers

They are usually based on number theory
rather than substitution or permutation
operations

There are two different keys:
– one for encryption, and
– one for decryption

Knowing one key cannot compromise the other
Public Key Transaction
Asymmetric algorithms use matched public/private key pairs
RSA
Named after researchers at MIT who
developed the cipher:
Rivest – Shamir – Adleman Cipher
(1978)
RSA Key Generation
1.
2.
3.
4.
5.
Select two 100 digit (or more) prime
numbers, p and q
Multiply them to obtain n = p∙q
Select another number d such that
gcd(d, (p-1)∙(q-1)) = 1 (relatively prime)
Find integer e such that:
e∙d ≡ 1 mod ((p-1)∙(q-1))
Par (e, n) is public key, and pair (d, n) is
private key.
RSA Encryption


Divide the message into blocks M all of the
same size x. The bit string M can be
viewed as an x digit binary number.
Calculate ciphertext as:
C ≡ Me mod n

Remember (e, n) is public key (so anyone
can do this)
RSA Decryption

To obtain plaintext form ciphertext
calculate:
Cd = (Me)d ≡ M1 mod n


Remember d is private and remains
private .
To find d you must discover p and q but
the only way to do that is to factor n
Aside: Characters to
Numbers

Process: to translate a collection of characters
to a number
– convert the characters to ASCII
– treat the ASCII code like a binary number and
convert it to decimal
it
0110100101110100
214 + 213 + 211 + 28 + 26 + 25 + 24 + 22
26996
Aside: Numbers to
Characters

Process: to translate a number to a collection
of characters
– convert the number to binary
– treat the binary number like an ASCII code
26995
0110100101110011
is
RSA Example

Select p and q to be two digit primes: p = 41, q = 53

Then n = p*q = 2173 and (p-1)*(q-1) = 40*52 = 2080

Select any d between 54 and 2079 which does not share
any factors with 2080, say d = 623

Now, compute e so that e∙d = 1 mod 2080

It turns out that e = 207 works since 207*623 = 128961
which when divided by 2080 leaves a remainder of 1
Message

Now we need to divide the message into blocks of
bits
– RULE: find the highest power of 2 less than n
– In our case, n = 2173 and 211 = 2048 but 212 = 4096
– So, divide the plaintext into blocks of 11 bits

Encrypt the message “JABBERWOCKY”
01011010
01010010
01011001
01000001
01010111
01000010
01001111
01000010
01000011
01000101
01001011
Blocks

The 11 bit blocks and their decimal equivalent
are:
binary
01011010010
00001010000
10010000100
10001010101
00100101011
10100111101
00001101001
01101011001
decimal
722
80
1156
1109
299
1341
105
857
This represents the 8 message blocks, m1 through m8 which
will be transformed into 8 ciphertext blocks c1 through c8
Ciphertext

Public key is (e, n) = (207, 2173) and the
ciphertext is generated by:
722207
80207
1156207
1109207
299207
1342207
105207
857207
=
=
=
=
=
=
=
=
1794
1963
1150
702
145
593
2013
1861
=
=
=
=
=
=
=
=
c1
c2
c3
c4
c5
c6
c7
c8
mod
mod
mod
mod
mod
mod
mod
mod
2173
2173
2173
2173
2173
2173
2173
2173
So the transmitted message is
1794 1963 1150 702 145 593 2013 1861
Decipher

To decipher the message use private key
n) = (623, 2173):
1794623
1963623
1150623
702623
145623
593623
2013623
1861623
= 722 = m1
=
80 = m2
= 1156 = m3
= 1109 = m4
= 299 = m5
= 1341 = m6
= 105 = m7
= 857 = m8
mod
mod
mod
mod
mod
mod
mod
mod
(d,
2173
2173
2173
2173
2173
2173
2173
2173
Convert these numbers back to binary, the binary back to
characters and the plaintext message reappears
RSA Performance

Key generation is slow

Ciphertext generation is about 1000
times slower than AES (standard for
symmetric block cipher)

Often times, RSA is used to protect
session keys which are used with AES
Symmetric Session Key
Sender
Recipient
Factoring Algorithm

Strength of RSA is entirely based on difficulty of
prime factoring of large integers.

PROBLEM: How to decompose a large integer
into its prime factors? For example:
7105593510097261

The largest known prime number today is
7,816,230 digit Mersenne prime 225964951 – 1
RSA Challenge

In December 1977, the challenge was given to break
RSA-129 where:
n (RSA-129) = 1 1438 1625 7578 8886 7669 2357 7997 6146
6120 1021 8296 7212 4236 2562 5618 4293 5706 9352 4573
3897 8305 9712 3563 9587 0505 8989 0751 4759 9290 0268
7954 3541
e = 9007
The best known algorithm at the time would have
required 40,000 trillion years if multiplications of 129
digit numbers could run as fast as 1 ns
Challenge Met

It only took 17 years
Derek Atkins (April 1994) announced that:
RSA-129 = 3490 5295 1084 7650 9491 4784 9619 9038 9813
3417 7646 3849 3387 8439 9082 0577 * 3 2769 1329 9326 6709
5499 6198 8190 8344 6141 3177 6429 6799 2942 5397 9828 8533
Process

When: August 1993 - 1 April 1994, 8 months

Who: D. Atkins, M. Graff, A. K. Lenstra, P.
Leyland
– + 600 volunteers from the entire world

How: 1600 computers
– from Cray C90, through 16 MHz PC, to fax
machines
Now, RSA-155 has been broken as well, so the new
standard for keys is 231 digits
Other Public Key
Systems

ElGamal Cipher – It relies on the difficulty of
solving the discrete logarithm problem
b = ax mod p,
by finding integer x if p is prime, a and b are
integers.

Elliptic Curve Cipher
Further Readings
Richard J. Spillman “Classical and Contemporary
Cryptology”, Prentice Hall, 2005
 Richard J. Spillman – Lecture notes for Cryptology course,
Pacific Lutheran University
 Bruce Scheneier “Applied Cryptography”, J.Wiley&Sons,
1996
 Simon Singh “Code Book”, Anchor, 2000
 Prime Pages (http://www.utm.edu/research/primes/)
 And many more ….

That’s All – Thanks!
 Questions?