S. Erfani, ECE Dept., University of Windsor Network Security. 2.3-Cipher Block Modes of operation

Similar documents
PART I Symmetric Ciphers

Cryptography and Network Security 2. Symmetric Ciphers. Lectured by Nguyễn Đức Thái

Introduction to Network Security Missouri S&T University CPE 5420 Cryptology Overview

Lecture IV : Cryptography, Fundamentals

Cryptography. What is Cryptography?

10/3/2017. Cryptography and Network Security. Sixth Edition by William Stallings

Cryptographic Techniques. Information Technologies for IPR Protections 2003/11/12 R107, CSIE Building

Sankalchand Patel College of Engineering, Visnagar B.E. Semester V (CE/IT) INFORMATION SECURITY Practical List

The Hill Cipher. In 1929 Lester Hill, a professor at Hunter College, published an article in the American

Classical Encryption Techniques

Classical Encryption Techniques. CSS 322 Security and Cryptography

Substitution Ciphers, continued. 3. Polyalphabetic: Use multiple maps from the plaintext alphabet to the ciphertext alphabet.

Cryptosystems. Truong Tuan Anh CSE-HCMUT

Basic Concepts and Definitions. CSC/ECE 574 Computer and Network Security. Outline

CRYPTOLOGY KEY MANAGEMENT CRYPTOGRAPHY CRYPTANALYSIS. Cryptanalytic. Brute-Force. Ciphertext-only Known-plaintext Chosen-plaintext Chosen-ciphertext

Overview of Conventional Encryption Techniques

Information Systems Security

CLASSICAL CRYPTOGRAPHY. A Brief Reference for Self Build Crypto assignment

Classical Cryptography

EE 595 (PMP) Introduction to Security and Privacy Homework 1 Solutions

Traditional Symmetric-Key Ciphers. A Biswas, IT, BESU Shibpur

Conventional Encryption: Modern Technologies

Math236 Discrete Maths with Applications

Classical Encryption Techniques

2/7/2013. CS 472 Network and System Security. Mohammad Almalag Lecture 2 January 22, Introduction To Cryptography

JNTU World JNTU World. JNTU World. Cryptography and Network Security. Downloaded From JNTU World ( )( )JNTU World

CSCI 454/554 Computer and Network Security. Topic 2. Introduction to Cryptography

Chapter 3 Traditional Symmetric-Key Ciphers 3.1

UNIT - II Traditional Symmetric-Key Ciphers. Cryptography & Network Security - Behrouz A. Forouzan

A Modified Playfair Encryption Using Fibonacci Numbers

ICT 6541 Applied Cryptography. Hossen Asiful Mustafa

7. Symmetric encryption. symmetric cryptography 1

Introduction to Cryptography CS 136 Computer Security Peter Reiher October 9, 2014

P2_L6 Symmetric Encryption Page 1

Chapter 2: Classical Encryption Techniques

Nature Sunday Academy Lesson Plan

Introduction to Cryptology Dr. Sugata Gangopadhyay Department of Computer Science and Engineering Indian Institute of Technology, Roorkee

Outline. Cryptography. Encryption/Decryption. Basic Concepts and Definitions. Cryptography vs. Steganography. Cryptography: the art of secret writing

Outline Basics of Data Encryption CS 239 Computer Security January 24, 2005

ENGR/CS 101 CS Session Lecture 5

OVE EDFORS ELECTRICAL AND INFORMATION TECHNOLOGY

Encryption à la Mod Name

CSC 474/574 Information Systems Security

LECTURE 4: Cryptography

Science & Technology (DCRUST), Sonepat

Keywords Security, Cryptanalysis, RSA algorithm, Timing Attack

Cryptanalysis of Homophonic Substitution- Transposition Cipher

Cryptanalysis. Ed Crowley

Cryptography ThreeB. Ed Crowley. Fall 08

2

A Block Cipher Basing Upon a Revisit to the Feistel Approach and the Modular Arithmetic Inverse of a Key Matrix

CPSC 467b: Cryptography and Computer Security

Multi-Level Encryption using SDES Key Generation Technique with Genetic Algorithm

Block Encryption and DES

INTERNATIONAL JOURNAL FOR ADVANCE RESEARCH IN ENGINEERING AND TECHNOLOGY WINGS TO YOUR THOUGHTS.. Design of a Cryptosystem Using Two-Level Hill Cipher

Secret Key Cryptography

CPSC 467b: Cryptography and Computer Security

Chapter 1. Introduction

Module 1: Classical Symmetric Ciphers

CIS 3362 Final Exam 12/4/2013. Name:

Cryptography Worksheet

Cryptography and Network Security. Lecture 02 Symmetric Encryption. Ediz ŞAYKOL

Computer Security. 08. Cryptography Part II. Paul Krzyzanowski. Rutgers University. Spring 2018

1-7 Attacks on Cryptosystems

Cryptography (DES+RSA) by Amit Konar Dept. of Math and CS, UMSL

Conventional Encryption Principles Conventional Encryption Algorithms Cipher Block Modes of Operation Location of Encryption Devices Key Distribution

LECTURE NOTES ON COMPUTER AND DATA SECURITY

Computer Security 3/23/18

A Block Cipher Involving A Key Matrix And A Key Bunch Matrix, Supplemented With Permutation

ENCRYPTION USING LESTER HILL CIPHER ALGORITHM

Classic Cryptography: From Caesar to the Hot Line

Dr. V.U.K.Sastry Professor (CSE Dept), Dean (R&D) SreeNidhi Institute of Science & Technology, SNIST Hyderabad, India

Lecture 02: Historical Encryption Schemes. Lecture 02: Historical Encryption Schemes

UNIT 2 CLASSICAL ENCRYPTION TECHNIQUES

Modern Cryptography Activity 1: Caesar Ciphers

L2. An Introduction to Classical Cryptosystems. Rocky K. C. Chang, 23 January 2015

Foundations of Cryptology

Public Key Cryptography and RSA

Principles of Information Security, Fourth Edition. Chapter 8 Cryptography

BYTE ROTATION WITH CBC ENCRYPTION ALGORITHM

Innovation and Cryptoventures. Cryptology. Campbell R. Harvey. Duke University and NBER

CPSC 467b: Cryptography and Computer Security

CRYPTOGRAPHY & DIGITAL SIGNATURE

Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2010

Lecture 4: Symmetric Key Encryption

Solve the matrix equation AX B for X by using A.(1-3) Use the Inverse Matrix Calculator Link to check your work

Symmetric Key Algorithms. Definition. A symmetric key algorithm is an encryption algorithm where the same key is used for encrypting and decrypting.

Public Key Cryptography

Senior Math Circles Cryptography and Number Theory Week 1

A New variant of Hill Cipher Algorithm for Data Security

CSC 580 Cryptography and Computer Security

T H E U N I V E R S I T Y O F B R I T I S H C O L U M B I A. Introduction to Cryptography

Introduction to cryptography

Cryptography Symmetric Cryptography Asymmetric Cryptography Internet Communication. Telling Secrets. Secret Writing Through the Ages.

Cryptography Introduction to Computer Security. Chapter 8

B) Symmetric Ciphers. B.a) Fundamentals B.b) Block Ciphers B.c) Stream Ciphers

Cryptography and Network Security Chapter 2

A Block Cipher using Feistal s Approach Involving Permutation and Mixing of the Plaintext and the Additive Inverse of Key Matrix

Introduction to Cryptography

The inverse of a matrix

Transcription:

2.3-Cipher Block Modes of operation 2.3-1 Model of Conventional Cryptosystems The following figure, which is on the next page, illustrates the conventional encryption process. The original plaintext is converted into apparently random nonsense, called ciphertext. The encryption process consists of an algorithm and a key. The key is a value independent of the plaintext. The algorithm will produce a different output depending on the specific key being used at the time. Changing the key changes the output of the algorithm, i.e., the ciphertext. Once the ciphertext is produced, it may be transmitted. Upon reception, the ciphertext can be transformed back to the original plaintext by using a decryption algorithm and the same key that was used for encryption. Cryptanalyst X^ Y^ Message Source X Encryption Algorithm Y Decryption Algorithm Destination K Key Source Secure Channel Figure. 1: Model of Conventional Cryptosystem The security of conventional encryption depends on several factors: The Encryption Algorithm- It must be powerful enough that it is impractical to decrypt a message on the basis of the ciphertext alone. Sep. 23.2003

Secrecy of the key- It was shown that the security of conventional encryption depends on the secrecy of the key, not the secrecy of the algorithm. Referring to Fig. 1 above, with the message X and the encryption key K as input, the encryption algorithm forms the ciphertext. Y=E k (X) The intended receiver, in possession of the key is able to invert the transformation X=D k (Y) An opponent, observing Y but not having access to K or X, may attempt to recover X or K or both X and K. It is assumed that the opponent knows the encryption (E) and decryption (D) algorithms. If the opponent is interested in only this particular message, then the focus of the effort is to recover X by generating a plaintext estimate X^. Often, however, the opponent is interested in being able to read future messages as well, in which case an attempt is made to recover K by generating an estimate K^. 2.3-2 Cryptanalysis The process of attempting to discover X or Y or both is known as cryptanalysis. The strategy used by the cryptanalysis depends on the nature of the encryption scheme and the information available to the cryptanalyst. The following table summarizes the various types of cryptanalytic attacks based on the amount of information known to the cryptanalyst. Table 1: Types of Attacks on Encrypted Message Attack Type Knowledge Known to Cryptanalyst Ciphertext only Encryption algorithm Ciphertext to be decoded Known Plaintext Encryption algorithm Ciphertext to be decoded One or more plaintext-ciphertext pairs formed with the same secret key Chosen Plaintext Encryption algorithm Ciphertext to be decoded Plaintext message chosen by cryptanalyst, together with its corresponding ciphertext generated with Sep. 23.2003 2

the same secret key Chosen Ciphertext Encryption algorithm Ciphertext to be decoded Purported ciphertext chosen by cryptanalyst, together with its corresponding decrypted plaintext generated with the secret key Chosen text Encryption algorithm Ciphertext to be decoded Plaintext message chosen by cryptanalyst, together with its corresponding ciphertext generated with the secret key Purported ciphertext chosen by cryptanalyst, together with its corresponding decrypted plaintext generated with the secret key 2.3-3 -Transposition Ciphers: Moving around Changing the positions of plaintext letters is another enciphering technique. It is called transposition, as in transferring position. Please note that many newspapers have transposition puzzles called jumbles. To illustrate this technique, let s do the following example. Example 1: Plaintext: last nite was heaven please marry me We use a 5x6 grid to write the plaintext as: Read down L A S T N I T E W A S H E A V E N P L E A S E M A R R Y M E To encipher the text, we only read letters down the first column, then letters down from the second column, and so on. The ciphered letters are the same as the plaintext letters except that they are positioned to form a new pattern, as given below. Ciphertext: LTELA AEAER SWVAR TAESY NSNEM IHPME To decipher the received ciphertext, the receiver must know two things: the length and width of the grid and the way letters are read from the grid. Sep. 23.2003 3

Note 1: The transposition cipher is also known as permutation cipher. We know give the mathematical description of the permutation cryptosystem as follows: Def: Permutation Cipher Let m be a positive integer. Let P =C = (Z 26 ) m and let K consist of all permutations of {1,, m}. For a key (i.e., a permutation) π, we define e π (x 1,, x m )=( x π(1),, x π(m) ) and d π (y 1,, y m )=( y π -1 (1),, y π -1 (m)), where π -1 is the inverse permutation to π. Example 2: Suppose m = 6 and the key is the following permutation π: x 1 2 3 4 5 6 π(x) 3 6 1 5 2 4 Note that the first row of this diagram lists the values of x, 1 x 6, and the 2 nd row lists the corresponding values of π(x). The inverse permutation π -1 can be constructed by interchanging the two rows in this diagram, and rearranging the columns so that the first row is in increasing order. Thus, carrying out these operations, we get the following decryption permutation π -1 as: x 1 2 3 4 5 6 π -1 (x) 3 5 1 6 4 2 Now, suppose we are given the plaintext Plaintext: she sells seashells by the seashore We first partition the plaintext into groups of six letters, and then rearrange each group of six letters according to permutation π. The result is shown in the following 6x6 grid. x 1 2 3 4 5 6 π(x) E E S L S H S A L S E S L S H B L E H S Y E E T Sep. 23.2003 4

H R A E O S 2.3-4 Hill Cipher Another interesting multi-alphabetic cipher is the Hill cipher, developed by the mathematician Lester Hill in 1929. The idea is based on linear transposition. In fact, permutation cipher is a special case of the Hill cipher. In this scheme, we take m linear combinations of the m successive plaintext alphabetic characters and produce an m ciphertext letters for them. The substitution is determined by m linear equations in which each letter is assigned its numerical value; i.e. {0, 1, 2, 25} = Z 26. For m = 3, the system can be described as follows: y = ( k x + k x + k x ) mod26 1 11 1 12 2 13 3 y = ( k x + k x + k x ) mod26 2 21 1 22 2 23 3 y = ( k x + k x + k x ) mod26 3 31 1 32 2 33 3 This can be expressed in terms of column vectors and matrices: or in a compact form y1 k11 k12 k13 x1 y = k k k x 2 21 22 23 2 y 3 k31 k32 k 33 x 3 Y=KX Where Y and X are column vectors of length 3, representing the ciphertext and plaintext letters, and K is a 3 3 matrix, representing the encryption key. Operations are performed mod26. Decryption requires using the inverse of matrix K. Example 1: Consider the plaintext paymoremoney, and use the encryption key Sep. 23.2003 5

17 17 5 K = 21 18 21 2 2 19 Find the resulting ciphertext. Solution: Plaintext: paymoremoney 15 0 24 The first three letters of the plaintext are represented by vector (x 1, x 2, x 3 )=(15, 0, 24) Thus: y1 x1 17 17 5 15 y = K x = 21 18 21 0 2 2 19 24 2 2 y 3 x 3 That is: y1 375 11 L y2 = 819 mod 26 = 13 = N y 3 489 18 S Continuing in this fashion, the ciphertext for the entire plaintext is: Ciphertext: LNSHDLEWMTRW Q.E.D. Decryption requires using the inverse of the matrix K. The inverse K 1 of a matrix K is defined by the equation K K 1 = K 1 K =I, where I is the diagonal matrix that is all zeros except for ones along the main diagonal from upper left to lower right. Note 2: The inverse of a matrix does not always exist, but when it does, it satisfies the preceding equation. Exercise 1: Show that the inverse of matrix K used in above example is Sep. 23.2003 6

4 9 15 1 K 15 17 6 = 24 0 17 Note 3: It is easily shown that if the matrix K 1 is applied to the above resulting ciphertext, then the plaintext can be recovered. Exercise 2: A cryptanalyst receives the following ciphertext: LNSHDLEWMTRW He has also estimated the decryption matrix from some previous analysis for this Hill Cipher to be: 4 9 15 1 K = 15 17 6 24 0 17 What is the plaintext? We now give a precise description of the Hill Cipher over Z 26. Definition: Hill Cipher Cryptosystem Let m 2 be an integer, Let P=C=(Z 26 ) m and let K = {m m invertible matrix over Z 26 }. For a key K, we define: C = E K (P)=KP P = D K (C) = K 1 C= K 1 KP = P Note 1: Hill Cipher completely hides single-letter frequencies. Use of a larger matrix hides more frequency information. Sep. 23.2003 7

Note 2: The weakness of the Hill Cipher is that it is easily broken with a known plaintext attack. To show this, suppose we have m plaintext-ciphertext pairs, each of length m. Let P j =(P 1j, P 2j,, P mj ) C j =(C 1j, C 2j,, C mj ) Therefore, we can write C j =KP j 1 j m for some known key matrix K. We now define the following two m m square matrices: X = (P ij ) Y = (C ij ) Then, we can form the matrix equation Y=XK. Now, we can find the unknown key matrix K from the equation K=X -1 Y Let us illustrate the above attack by a simple example. Example 2: It is known that the plaintext friday is encrypted using a 2 2 Hill Cipher to yield the ciphertext PQCFKU. Find the key matrix K for this cryptosystem. Solution: Plaintext: f r i d a y P ij : 15 17 8 3 0 24 Ciphertext: P Q C F K U C ij : 15 16 2 5 10 20 For the unknown key matrix is K, we can write the following plaintext-ciphertext pairs: KP j = C j 1 j m Sep. 23.2003 8

Using the first two plaintext-ciphertext pairs, we can write the following matrix equation: 15 16 5 17 = 2 5 8 3 K mod 26 1 K = 5 17 15 16 8 3 2 5 mod 26 = 9 1 15 16 2 15 2 5 mod 26 = 7 19 8 3 Therefore, we obtained the key matrix! The result can be verified by testing the remaining plaintext- ciphertext pair. Note 3 : From the above example and other examples worked out so far, we may conclude that neither cipher schemes of Substitution nor Transposition are strong enough to stand cryptanalytic attacks. One may find that using the two types together creates much better concealment than either method above. In fact, using substitution and transposition cipher methods repeatedly on ciphertext provides strong disguising patterns. We will discuss this scheme in the next chapter. Exercise 2: Why transposition ciphers are used if they are so easy to crack? Answer: Transposition can be looked at a set of instructions, one instruction for each letter, easily implemented by a computer and can be difficult to crack if they are repeatedly used on the same plaintext! Exercise 3: Repeat the transposition cipher used in Exercise 1 (on page 17) twice for the plaintext used: Solution: Sep. 23.2003 9

Plaintext: lastnitewasheavenpleasemarryme 1st transposed ciphertext: LTELAAEAERSWVARTAESYNSNEMIHPME 2nd transposed ciphertext: LEVSMTAAYIEERNHLRTSPASANMAWEE last nite was heaven please marry me LTELA AEAER SWVAR TAESY NSNEM I HPME Read down L A S T N I L T E L A A T E W A S H E A E R S W E A V E N P V A R T A E L E A S E M S Y N S N E A R R Y M E M I H P M E (a) 1 st transposed cipher. (b) The ou Sep. 23.2003 10

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback