COMSATS INSTITUTE OF INFORMATION TECHNOLOGY, ISLAMABAD

Decryption of Encrypted data over LDI Links

SUBMITTED BY:-

JAWAD BASHIR ARIF HUSSAIN SHOAIB ABID

FA08-BCE-062 FA08-BCE-079 FA08-BCE-049

SUBMITTED TO:-

DR MAHMOOD ASHRAF

DATE: 29th-Dec-2011
1

CLASSICAL ENCRYPTION TECHNIQUE

Plaintext- original message Cipher text coded message Enciphering, encryption process of converting from plaintext to cipher text Deciphering, decryption restoring the plaintext from the cipher text Cryptography area of study schemes for enciphering Cryptographic system, cipher scheme of enciphering Cryptanalysis techniques for deciphering a message without knowledge of the enciphering details Cryptology areas of cryptography and cryptanalysis

OUTLINE
1. 2. 3. 4.
5.

SYMMETRIC CIPHER MODEL SUBSTITUTION TECHNIQUES TRANSPOSITION TECHNIQUES ROTOR MACHINES STEGANOGRAPHY

SYMMETRIC CIPHER MODEL

Symmetric (conventional) encryption scheme has the following ingredients

There are 2 requirements for secure use of conventional encryption:

1. We need a strong encryption algorithm the opponent should be

unable to decrypt cipher text or to discover the key even if s/he is in the possession of a number of cipher texts together with the plaintext that produced each cipher text 2. Sender and receiver must have obtained copies of the secret key in a secure fashion and must keep the key secure. If someone can discover the key and knows the algorithm, all communication using this key is readable We assume that it is impractical to decrypt a message on the basis of the cipher text plus knowledge of the encryption/decryption algorithm, i.e. we do not need to keep the algorithm secret; we need to keep only the key secret. Lets consider essential elements of a symmetric encryption scheme:

SYMMETRIC CIPHER MODEL (CONT 1)

We can write: Y=EK(X) X= DK(Y) Opponent knows Y, E, D. He may be interested to recover X or/and K. Knowledge of K gives him opportunity to read future messages.

CRYPTOGRAPHY
Cryptographic systems are characterized by
1. The type of operations used for transforming plaintext to cipher

text (substitution, transposition). Fundamental requirement no information be lost 2. The number of keys used (1 key symmetric, single-key, secretkey; 2 keys asymmetric, two-key, public-key)
3. The way in which the plaintext is processed (block cipher, stream

cipher). Stream cipher may be viewed as a block cipher with block size equal to 1 element.

CRYPTANALYSIS
There are two general approaches to attacking a conventional encryption scheme:
1. Cryptanalysis: attempts to use characteristics of the plaintext or

even some plaintext-cipher text pairs to deduce a specific plaintext or key being used
2. Brute-force attack: every possible key is tried until an intelligible

translation into plaintext is obtained. On average, half of all possible keys should be tried to achieve success.

CRYPTANALYSIS (CONT 1)
Unconditionally secure encryption scheme cipher text generated by the scheme does not contain enough information to determine uniquely the corresponding plaintext, no matter how much cipher text is available. Excepting a scheme known as one-time pad, there is no encryption algorithm that is unconditionally secure. Therefore, encryption algorithm should meet one or both of the following criteria: The cost of breaking the cipher exceeds the value of the encrypted The time required to break the cipher exceeds the useful lifetime of information the information Such algorithm is called computationally secure. Table below shows how much time is involved for various key sizes. The 56-bit key size is used with the DES (Data Encryption Standard), 168-bit for triple DES, 128-bit for AES (Advanced Encryption Standard). Results are also shown for substitution codes that use 26-character key, in which all possible permutations of the 26 characters serve as keys. It is assumed that it take 1 s to perform a single decryption or encryption (in last column 106 decryptions per 1 s)

CRYPTANALYSIS (CONT 2)
All forms of cryptanalysis for symmetric encryption try to exploit the fact that traces of structure or pattern in the plaintext may survive encryption and be discernible in the cipher text. Cryptanalysis for public-key schemes tries to use mathematical properties of pair of keys to deduce one from the other.

SUBSTITUTION TECHNIQUE
A substitution technique is one in which the letters of plaintext are replaced by other letters or by numbers. If the plaintext is viewed as a sequence of bits, then substitution involves replacing plaintext bit patterns with cipher text bit patterns

CAESAR CIPHER
It was used by Julius Caesar. The Caesar cipher involves replacing each letter of the alphabet with the letter standing three places further down the alphabet For example Plain: meet me after the toga party Cipher: PHHW PH DIWHU WKH WRJD SDUWB Transformation is made using the following mapping: Plain: a bc d efgh I j k l mno pq r s t u v wxy z Cipher: D E F G H I J K L M N O P Q R S T U V W X Y Z A B C Let us assign a numerical equivalent to each letter from 0 to 25. Then the algorithm may be expressed as follows. For each plaintext letter p, substitute the cipher text letter C: C=E(p)=(p+3) mod 26 A shift may be of any amount, so that general Caesar algorithm is
7

CAESAR CIPHER (CONT 1)

C=E(p)=(p+k) mod 26, where k takes on a value in the range 1 to 25. The decryption algorithm is simply p=D(C)=(C-k) mod 26 If it is known that a given cipher text is a Caesar cipher, then a bruteforce cryptanalysis is easily performed: simply try all possible 25 keys. Three important characteristics of this problem enable us to use bruteforce cryptanalysis: 1. The encryption and decryption algorithms are known 2. There are only 25 keys to try 3. The language of the plaintext is known and easily recognizable In most networking situations algorithms are assumed to be known. Brute-force analysis is impractical when algorithm employs large of keys. The 3rd characteristic is also significant. If the language of the plaintext is not known, then the plaintext output may not be recognizable.

CAESAR CIPHER (CONT 2)

CAESAR CIPHER (CONT 3)

Furthermore, if the input is compressed in some manner, again recognition is difficult. Below is example of compression by ZIP:

If this file is then encrypted with a simple substitution cipher (expanded to include more than just 26 characters), then the plaintext may not be recognized

MONOALPHABETIC CIPHERS
With only 25 keys Caesar cipher is far from secure. A dramatic increase in the key space may be achieved by allowing an arbitrary substitution. If instead of Plain: a bc d e fgh I j k l mno pq r s t u vwxy z Cipher: D E F G H I J K L M N O P Q R S T U V W X Y Z A B C the cipher line can be any permutation of the 26 alphabetic symbols, then there are 26! or greater than 4*1026 possible keys. There is however another line of attack. If the cryptanalyst knows the nature of the plaintext (e.g., noncompressed English text), then the analyst can exploit the regularities of the language.

10

MONOALPHABETIC CIPHERS (CONT 1)

Lets consider example of cipher text: UZQSOVUOHXMOPVGPOZPEVSGZWSZOPFPESXUDBMETSXAIZ VUEPHZHMDZSHZOWSFPAPPDTSVPQUZWYMXUZUHSX EPYEPOPDZSZUFPOMBZWPFUPZHMDJUDTMOHMQ As a first step, relative frequency of the letters can be determined and compared to a standard frequency distribution for English:

The relative frequencies of the letters in the cipher text (in percentages):

11

MONOALPHABETIC CIPHERS (CONT 2)

P 13.33 Z 11.67 S 8.33 U 8.33 O 7.50 H 5.83 D 5.00 E 5.00 V 4.17 X 4.17 F 3.33 W 3.33 Q 2.50 T 2.50 A 1.67 B 1.67 G 1.67 Y 1.67 I 0.83 J 0.83 C 0.00 K 0.00 L 0.00 N 0.00 R 0.00

M 6.67 Comparing this with Fig.2.5, it seems likely that cipher letters P and Z are the equivalents of plain letters e and t, but it is not certain which is which. The letters S,U,O,M, and H are all of the relatively high frequency and probably correspond to plain letters from the set {a,h,i,n,o,r,s}. The letters with the lowest frequencies (A,B,G,Y,I,J) are likely included in the set {b,j,k,q,v,x,z}. Now we could make some tentative assignments and start to fill plaintext to see if it looks like a reasonable skeleton of a message. Another way, to consider frequency of two-letter combinations, is known as diagrams. The most common diagram is the In our cipher text, the most common diagram is ZW, which appears 3 times. So, we make correspondence: Z t, W h. Then, P is equated with e. Now notice that sequence ZWP appears in the cipher text, and we can translate it as the. Next, notice ZWSZ in the first line. If they form a complete word, it will be th_t. If so, S equates with a. So far, then, we have

12

MONOALPHABETIC CIPHERS (CONT 3)

UZQSOVUOHXMOPVGPOZPEVSGZWSZOPFPESXUDBMETSXAIZ t a e t e e e ta tat t e e e te a t h at a et e e e a th t a a VUEPHZHMDZSHZOWSFPAPPDTSVPQUZWYMXUZUHSX ha e ee t he EPYEPOPDZSZUFPOMBZWPFUPZHMDJUDTMOHMQ Continued analysis of frequencies plus trial and error may lead us to the solution: it was disclosed yesterday that several informal but direct contacts have been made with political representatives of the viet cong in Moscow Two principal methods are used in substitution ciphers to lessen the extent to which the structure of the plaintext survives in the cipher text: One approach is to encrypt multiple letters of the plaintext (Play air Cipher, Hill Cipher), and the other is to use multiple cipher alphabets (Polyalphabetic Ciphers)

PLAYFAIR CIPHER
The best-known multiple-letter encryption cipher is the Play air (invented in 1854 by Sir Charles Wheatstone, but it bears the name of his friend Baron Play air of St. Andrews, who championed the cipher at the British foreign office), which treats diagrams in the plaintext as single units and translates these units into cipher text diagrams.

13

PLAYFAIR CIPHER (CONT 1)

The Play air algorithm is based on the use of a 5x5 matrix of letters constructed using a keyword. In the case of keyword monarchy, matrix is as follows: M C E L U O H F P V N Y G Q W A B I/J S X R D K T Z

The matrix is constructed by filling in the letters of the keyword (minus duplicates) from left to right and from top to bottom, and then filling in the remainder of the matrix with the remaining letters in alphabetic order. The letters I and J count as one letter. Plaintext is encrypted two letters at a time, according to the following rules:
1. Repeating plaintext letters that would fall in the same pair are

separated with a filler letter, such as x, so that balloon will be treated as be lx lo on

2. Plaintext letters that would fall in the same row of matrix are each

replaced with the letter to the right, with the first element of the row circularly following the last. For example, are is encrypted as RM.
3. Plaintext letters that fall in the same column are each replaced by

the letter beneath, with the top element of the row circularly following the last. For example, mu is encrypted as CM.

14

PLAYFAIR CIPHER (CONT 2)

4. Otherwise, each plaintext letter is replaced by the letter that lies in

its own row and the column occupied by the other plaintext letter. Thus, has becomes BP, and ea becomes IM (or JM, as the enciphered wishes). As far as number of diagrams is 26x26=676 is significantly greater than number of letters, frequency analysis becomes much more difficult. For these reasons, Play air cipher was for a long time considered unbreakable. It was used as standard field system by the British Army in World War I and still enjoyed considerable use by U.S.Army and other Allied forces during World War II. Despite this level of confidence in its security, the Play air cipher is relatively easy to break because it still leaves much of the structure of the plaintext language intact. A few hundred letters of cipher text are generally sufficient.

HILL CIPHER
It was developed by the mathematician Lester Hill in 1929. The encryption algorithm takes m successive plaintext letters and substitutes for them m cipher text letters. The substitution is determined by m linear equations in which each character is assigned a numerical value:
a b c d e f g h I j k 0 1 2 3 4 5 6 7 8 9 1 0 l 1 1 m 1 2 n 1 3 o 1 4 p 1 5 q 1 6 r 1 7 s 1 8 t 1 9 u 2 0 v 2 1 w 2 2 x 2 3 y 2 4 z 25

For m=3, the system can be described as follows: C1=(k11p1+k12p2+k13p3) mod 26 C2=(k21p1+k22p2+k23p3) mod 26 C3=(k31p1+k32p2+k33p3) mod 26

15

HILL CIPHER (CONT 1)

This can be expressed in terms of column vectors and matrices: C=KP mod 26, where C and P are column vectors of length 3, representing the plaintext and cipher text, and K is 3x3 matrix, representing the encryption key. Operations are performed mod 26. For example, consider the plaintext payformoney, and use the encryption key K= 17 21 2 17 18 2 5 21 19

The first 3 letters of the plaintext are represented by the vector (15 0 24). Then K(15 0 24) = (375 819 486) mod 26 = (11 13 18) = LNS. Continuing in this fashion, the cipher text for the entire plaintext is LNSHDLEWMTRW. Decryption requires using the inverse of the matrix K. The inverse K-1 of a matrix K is defined by K K-1 = K-1 K=I, where I is the unit matrix (1-s on the diagonal, other elements zeroes). The inverse of the matrix does not always exist, but when it does, it satisfies the preceding equation. In this case, the inverse is

16

HILL CIPHER (CONT 2)

K-1= 4 15 24 9 17 0 15 6 17

This is demonstrated as follows: K K-1 = 443 858 494 442 2 495 0 52 36 5 And after taking mod 26 of the elements above, unit matrix is obtained. In general terms, the Hill system can be expressed as follows: C=EK(P)=KP mod 26 P= DK(C)=K-1C mod 26 = K-1KP = P As with Play air, the strength of the Hill cipher is that it completely hides single-letter frequencies. Although the Hill cipher is strong against a cipher text-only attack (opponent has only cipher text), it is easily broken with a known plaintext attack (opponent has pairs plaintext cipher text). For an m*m Hill cipher, suppose we have m plaintext-cipher text pairs, each of length m. We label the pairs Pj=(p1j, p2j,, pomp) and Co=(c1j, c2j,, cam) such that Co=Kopje for 78 44

17

1<=j<=m and for some unknown key matrix K. Now define two m*m matrices X=( pig) and Y=( can).

18

HILL CIPHER (CONT 3)

Then we can form matrix equation Y=KX. If X has an inverse, then we can determine K=YX-1. If X is not invertible, then a new version of X can be formed until an invertible X is obtained. Suppose that the plaintext Friday is encrypted using a 2*2 Hill cipher to yield the cipher text PQCFKU. Thus, we know that K(5 17) = (15 16); K(8 3) = (2 5); K(0 24) = (10 20). Using the first 2 plaintext-cipher text pairs, we have

1 5 2 5 8 = K m o2d6 1 6 5 1 7 3
The inverse of X can be computed:

5 8 9 2 = 1 7 3 1 1 5

1 5 2 9 2 1 3 7 6 0 7 8 = m o2 d6= K = 1 6 5 1 1 5 1 4 9 1 0 7 1 9 3
Lets check now that this key matrix produces required transformation:

7 8 5 3 5+ 1 3 6 1 7 1 1 5 = = m o 2d 6= 1 9 3 1 7 9 5+ 5 1 1 4 6 1 6
19

 7 8 8 5 6+ 2 4 8 0 2 = = m o 2d 6= + 1 9 3 3 1 5 2 9 1 6 1 5 7 8 0 1 9 2 1 0 = m o 2d 6= 1 9 3 2 4 7 2 2 0

20