Security(lt2)

some basic terminology

• plaintext - original message
• ciphertext - coded message
• cipher - algorithm for transforming plaintext to ciphertext
• key - info used in cipher known only to sender/receiver
• encipher (encrypt) - converting plaintext to ciphertext
• decipher (decrypt) - recovering ciphertext from plaintext
• cryptography - study of encryption principles/methods
• cryptanalysis (codebreaking) - study of principles/ methods of deciphering ciphertext without knowing key
• cryptology - field of both cryptography and cryptanalysis

Symmetric cipher model

• Symmetric Encryption
  • AKA conventional / private-key / single-key
  • Sender and recipient share a common key
  • All classical encryption algorithms are private-key
  • Was only type prior to invention of public-key in 1970’s
  • By far most widely used
  1. Requirements
     • Two requirements for secure use of symmetric encryption
       one: a strong encryption algorithm
       two: a secret key known only to sender and receiver
     • Mathematically have: Y = EK(X) and X = DK(Y)
     • Assume encryption algorithm is known
     • Implies a secure channel to distribute key

cryptography(characterize the system by three items)

1. type of encryption operations used(substitution/transposition/used)
2. the number of key used(privacy-single, and public-two)
3. way in which plaintext Is processed(block/stream)

Crptanalysis(to recover key not just message)

• two approaches:

1. Crptanalytic attack(解密)(with the below title’s information)
2. brute-force attack(暴力破解）

Classical Encryption Techniques

• Crptanalytic Attacks
  ➢ ciphertext only
  only know algorithm & ciphertext, is statistical, know or can identify plaintext
  ➢ known plaintext
  know/suspect plaintext & ciphertext
  ➢ chosen plaintext
  select plaintext and obtain ciphertext
  ➢ chosen ciphertext
  select ciphertext and obtain plaintext
  ➢ chosen text
  select plaintext or ciphertext to en/decrypt
  More definitions:

1. unconditional security(whatever happened ,the cipher can’t be broken since the cipher text provides insufficient information to uniquely determine the corresponding plaintext)
2. Computational security(given limited computing resources (eg time needed for calculations is greater than age of universe), the cipher cannot be broken)

Classical ciphers(convert plain text to cipher text)

• Transposition(Rearrange plaintext)
• Substitution
  • Substitute letters of the plain text with other letters/symbol
  1. monoalphabetic unique mapping of plaintext alphabet to ciphertext alphabet
  • Caesar, Hill, Playfair
  2. polyalphabetic plaintext mapped to ciphertext based on key to select alphabet
  • Vigenere, enigma
  3. stream keystream is generated and used to map plaintext to ciphertext
  • One-time pad(一次性)
  • Mono/polyalphabetic ciphers
  • One-time pad

Caesar Cipher(A brute force search)

1. Replaces each letter by 3rd letter on
   
   some information about it:
   only have 26 possible ciphers(A maps to A,B,…Z) could simply try each in turn
   a brute force search
   given ciphertext, just try all shifts of letters
   do need to recognize when have plaintext

Monoalphabetic cipher

1. not just shifting the alphabet
2. shuffle(jumble)the letters arbitrarily
3. Each plaintext letter maps to a different random ciphertext letter
4. hence key is 26 letters long

Monoalphabetic cipher Security(some artributes)

1. with so many keys, might think is secure
2. But would be wrong

Playfair Cipher

if pair in same row, replace with letter to right(OA->NR)
pair in same column, replace with one beneath(DT->KZ)
replace row letter with letter in row of other letter’s column(组成矩形的另外俩）

Security of playfair Cipher

• security much improved over monoalphabetic
• 26x26=676 digrams
• correspondingly more ciphertext
• it can be broken.still has much of plaintext structure

Polyalphabetic Ciphers(eg:Vigenère Cipher)

• Polyalphabetic substitution ciphers
• improve security using multiple cipher alphabets
• make cryptanalysis harder with more alphabets to guess and flatter frequency distribution
• use a key to select which alphabet is used for each letter of the message
• use each alphabet in turn
• repeat from start to end

(Vigenère Cipher)维吉尼亚密码：取明文第一个字符为row，取第一个密钥字符为column来查
some information about it:
Decryption simply works in reverse

Security of Vigenere ciphers:

• Have multiple ciphertext letters for each plaintext letter
• Hence letter frequencies are obscured
• But not totally lost
• Start with letter frequencies
• See if look monoalphabetic or not
• If not, then need to determine number of alphabets, since then can attach each
  one-time pad（一次性密码本）

栅栏密码（rail fence ciper）：上下依次取一个字母组合而成

row Transposition Ciphers->置换密码（重新排列成行，每行letter的个数是由明文决定，然后按照列来读）