NT219- Cryptography

Chapter 2: Cryptology overviews

PhD. Ngoc-Tu Nguyen
[email protected]

09-2020 NT133–System architecture security Chapter 2: 1

 Outline
 What is cryptograph?
• Existing cipher systems and terminologies
 Some classical cipher systems

09-2020 NT133–System architecture security Chapter 2: 2

 Textbooks and References
 Text books

[1] Chapter 1,3 [2] Chapter 1, 4

09-2020 NT133–System architecture security Chapter 2: 3

 What is cryptograph?
 Cryptology= Cryptography + Cryptanalysis

Secret writing Try to analysis the codes

to reveal secrets

Why? How?

09-2020 NT133–System architecture security Chapter 2: 4

 What is cryptograph?
 Cryptology= Cryptography + Cryptanalysis
Why?

 Confidentiality  Non-repudiation (Accountability)

 Authentication  Availability
 Integrity  Privacy

09-2020 NT133–System architecture security Chapter 2: 5

 What is cryptograph?
 Cryptology= Cryptography + Cryptanalysis
Secret writing
How?
“One-way function”
“Readable data” “Unreadable data”
Plaintext Ciphertext
Easy to compute

“Hard” to compute

09-2020 NT133–System architecture security Chapter 2: 6

 What is cryptograph?
Cryptographic hash function family

“One-way function”
“Readable data” “Unreadable data”
Plaintext Ciphertext

Easy to compute

“Very hard” to compute

All sides

https://emn178.github.io/online-tools/sha3_512.html

09-2020 NT133–System architecture security Chapter 2: 7

 What is cryptograph?
Cipher systems
“One-way function”
“Readable data” “Unreadable data”
Plaintext Ciphertext
Encryption: Easy to compute

Decryption
 Hard if user don’t know some special values
 Easy if user know the special values (secret values)
https://codebeautify.org/encrypt-decrypt
https://www.cryptool.org/en/cto/aes-step-by-step
09-2020 NT133–System architecture security Chapter 2: 8
 What is cryptograph?
Digital signature systems

“Readable data” “Unreadable data”

Message Signature

All other users

09-2020 NT133–System architecture security Chapter 2: 9

 What is cryptograph?
Authentication

“Readable data” “Users, devices”

HMAC, Signature

09-2020 NT133–System architecture security Chapter 2: 10

 What is cryptograph?

Secret values
= secret keys

Cipher Authentication

09-2020 NT133–System architecture security Chapter 2: 11

 Classical cipher systems

 Plaintext
 An original message
 Ciphertext
 The coded message
 Enciphering/encryption
 The process of converting from plaintext to
ciphertext
 Deciphering/decryption
 Restoring the plaintext from the ciphertext

09-2020 NT133–System architecture security Chapter 2: 12

 Classical cipher systems
 Symmetric cipher cryptosystems

09-2020 NT133–System architecture security Chapter 2: 13

 Classical cipher systems
 There are two requirements for secure use of
conventional encryption:

 A strong encryption algorithm

 Sender and receiver must have obtained copies of

the secret key in a secure fashion and must keep the
key secure

09-2020 NT133–System architecture security Chapter 2: 14

 Classical cipher systems

09-2020 NT133–System architecture security Chapter 2: 15

 Cryptanalysis and Brute-Force Attack

 Cryptanalysis
 Attack relies on the nature of the algorithm plus some
knowledge of the general characteristics of the plaintext
 Attack exploits the characteristics of the algorithm to
attempt to deduce a specific plaintext or to deduce the
key being used
 Brute-force attack
 Attacker tries every possible key on a piece of
ciphertext until an intelligible translation into plaintext is
obtained
 On average, half of all possible keys must be tried to
achieve success

09-2020 NT133–System architecture security Chapter 2: 16

 Attacks on Encrypted Messages
Type of Attack Known to Cryptanalyst
Ciphertext Only • Encryption algorithm
• Ciphertext
Known Plaintext • Encryption algorithm
• Ciphertext
• One or more plaintext–ciphertext pairs formed with the secret
key
Chosen Plaintext • Encryption algorithm
• Ciphertext
• Plaintext message chosen by cryptanalyst, together with its
corresponding ciphertext generated with the secret key
Chosen Ciphertext • Encryption algorithm
• Ciphertext
• Ciphertext chosen by cryptanalyst, together with its
corresponding decrypted plaintext generated with the secret key
Chosen Text • Encryption algorithm
• Ciphertext
• Plaintext message chosen by cryptanalyst, together with its
corresponding ciphertext generated with the secret key
• Ciphertext chosen by cryptanalyst, together with its
corresponding decrypted plaintext generated with the secret key
09-2020 NT133–System architecture security Chapter 2: 17
 Encryption Scheme Security
 Unconditionally secure
 No matter how much time an opponent has, it is
impossible for him or her to decrypt the ciphertext
simply because the required information is not there
 Computationally secure
 The cost of breaking the cipher exceeds the value of
the encrypted information
 The time required to break the cipher exceeds the
useful lifetime of the information

09-2020 NT133–System architecture security Chapter 2: 18

 Strong Encryption

 The term strong encryption refers to encryption schemes

that make it impractically difficult for unauthorized
persons or systems to gain access to plaintext that has
been encrypted
 Properties that make an encryption algorithm strong are:
 Appropriate choice of cryptographic algorithm
 Use of sufficiently long key lengths
 Appropriate choice of protocols
 A well-engineered implementation
 Absence of deliberately introduced hidden flaws

09-2020 NT133–System architecture security Chapter 2: 19

 Substitution Technique

 Is one in which the letters of plaintext are replaced

by other letters or by numbers or symbols
 If the plaintext is viewed as a sequence of bits, then
substitution involves replacing plaintext bit patterns
with ciphertext bit patterns

09-2020 NT133–System architecture security Chapter 2: 20

Plaintext: THE QUICK BROWN FOX JUMPS OVER THE LAZY DOG Ciphertext: QEB NRFZH YOLTK CLU GRJMP LSBO QEB IXWV ALD

Substitution Technique
(1) Caesar Cipher
 Simplest and earliest known use of a substitution cipher
 Used by Julius Caesar
Key

plain: MEET ME AFTER THE TOGA PARTY

cipher: JBBQ JB XCQBO QEB QLDX MXOQV

09-2020 NT133–System architecture security Chapter 2: 21

 Caesar Cipher Algorithm
 Can define transformation as:
abcdefghijklmnopqrstuvwxyz
DEFGHIJKLMNOPQRSTUVWXYZABC
 Mathematically give each letter a number
abcdef g hi j k l m n o p q r s t u v w x y z
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25
 Algorithm can be expressed as:
c = E(3, p) = (p + 3) mod (26)
 A shift may be of any amount, so that the general Caesar algorithm
is:
C = E(k , p ) = (p + k ) mod 26
 Where k takes on a value in the range 1 to 25; the decryption
algorithm is simply:
p = D(k , C ) = (C − k ) mod 26
09-2020 NT133–System architecture security Chapter 2: 22
 Brute-Force Cryptanalysis of Caesar Cipher

Need large
number
of keys!

09-2020 NT133–System architecture security Chapter 2: 23

 Monoalphabetic Cipher
 Permutation
 Of a finite set of elements S is an ordered sequence
of all the elements of S , with each element appearing
exactly once
 If the “cipher” line can be any permutation of the 26
alphabetic characters, then there are 26! or greater than
4 x 1026 possible keys
 This is 10 orders of magnitude greater than the key
space for DES
 Approach is referred to as a monoalphabetic
substitution cipher because a single cipher alphabet
is used per message

09-2020 NT133–System architecture security Chapter 2: 24

 Relative Frequency of Letters in English Text

09-2020 NT133–System architecture security Chapter 2: 25

 Monoalphabetic Ciphers
 Easy to break because they reflect
the frequency data of the original
alphabet
 Countermeasure is to provide
multiple substitutes (homophones)
for a single letter
 Digram
 Two-letter combination
 Most common is th
 Trigram
 Three-letter combination
 Most frequent is the

09-2020 NT133–System architecture security Chapter 2: 26

 Playfair Cipher
 Best-known multiple-letter encryption cipher
 Treats digrams in the plaintext as single units and
translates these units into ciphertext digrams
 Based on the use of a 5 × 5 matrix of letters constructed
using a keyword
 Invented by British scientist Sir Charles Wheatstone in
1854
 Used as the standard field system by the British Army in
World War I and the U.S. Army and other Allied forces
during World War II

09-2020 NT133–System architecture security Chapter 2: 27

 Playfair Key Matrix
 Fill in letters of keyword (minus duplicates) from left to
right and from top to bottom, then fill in the remainder of
the matrix with the remaining letters in alphabetic order
 Using the keyword MONARCHY:
M O N A R
C H Y B D
E F G I/J K
L P Q S T
U V W X Z

09-2020 NT133–System architecture security Chapter 2: 28

 Playfair Key Matrix
M O N A R
C H Y B D
E F G I/J K
L P Q S T
U V W X Z

 Plaintext: "Hide the gold in the tree stump"

Plaintext diagram:
HI DE TH EG OL DI NT HE TR EX ES TU MP
Ciphertext diagram:
BF CK …… AS

09-2020 NT133–System architecture security Chapter 2: 29

 Relative Frequency of Occurrence of
Letters

09-2020 NT133–System architecture security Chapter 2: 30

 Hill Cipher
 Developed by the mathematician Lester Hill in 1929
 Strength is that it completely hides single-letter frequencies
 The use of a larger matrix hides more frequency
information
 A 3 x 3 Hill cipher hides not only single-letter but also
two-letter frequency information
 Strong against a ciphertext-only attack but easily broken
with a known plaintext attack
 k1,1 k1,2 k1,3   x1   c1 
    
 k2,1 k2,2 k2,3  x2  c2 mod 26
C  K .P mod 26    
k
 3,1 k3,2 k3,3   x3   c3 

09-2020 NT133–System architecture security Chapter 2: 31

 Polyalphabetic Ciphers

 Polyalphabetic substitution cipher

 Improves on the simple monoalphabetic technique by
using different monoalphabetic substitutions as one
proceeds through the plaintext message

 All these techniques have the following features in

common:
 A set of related monoalphabetic substitution rules is
used
 A key determines which particular rule is chosen for a
given transformation

09-2020 NT133–System architecture security Chapter 2: 32

 Vigenère Cipher
 Best known and one of the simplest polyalphabetic
substitution ciphers
 In this scheme the set of related monoalphabetic
substitution rules consists of the 26 Caesar ciphers with
shifts of 0 through 25
 Each cipher is denoted by a key letter which is the
ciphertext letter that substitutes for the plaintext letter a

09-2020 NT133–System architecture security Chapter 2: 33

 Example of Vigenère Cipher

 To encrypt a message, a key is needed that is as long as

the message
 Usually, the key is a repeating keyword
 For example, if the keyword is deceptive, the message
“we are discovered save yourself” is encrypted as:

key: deceptivedeceptivedeceptive
plaintext: wearediscoveredsaveyourself
ciphertext: ZICVTWQNGRZGVTWAVZHCQYGLMGJ

09-2020 NT133–System architecture security Chapter 2: 34

 Vigenère Autokey System
 A keyword is concatenated with the plaintext itself to
provide a running key
 Example:

key: deceptivewearediscoveredsav
plaintext: wearediscoveredsaveyourself
ciphertext: ZICVTWQNGKZEIIGASXSTSLVVWLA
 Even this scheme is vulnerable to cryptanalysis
 Because the key and the plaintext share the same
frequency distribution of letters, a statistical technique
can be applied

09-2020 NT133–System architecture security Chapter 2: 35

 Vernam Cipher

09-2020 NT133–System architecture security Chapter 2: 36

 One-Time Pad
 Improvement to Vernam  Scheme is unbreakable
cipher proposed by an Army  Produces random output
Signal Corp officer, Joseph that bears no statistical
Mauborgne relationship to the
 Use a random key that is as plaintext
long as the message so that  Because the ciphertext
the key need not be contains no information
repeated whatsoever about the
 Key is used to encrypt and plaintext, there is simply
decrypt a single message no way to break the code
and then is discarded
 Each new message requires
a new key of the same
length as the new message

09-2020 NT133–System architecture security Chapter 2: 37

 Difficulties
 The one-time pad offers complete security but, in practice, has two
fundamental difficulties:
 There is the practical problem of making large quantities of
random keys
• Any heavily used system might require millions of random
characters on a regular basis
 Mammoth key distribution problem
• For every message to be sent, a key of equal length is
needed by both sender and receiver
 Because of these difficulties, the one-time pad is of limited utility
 Useful primarily for low-bandwidth channels requiring very high
security
 The one-time pad is the only cryptosystem that exhibits perfect
secrecy (see Appendix F)

09-2020 NT133–System architecture security Chapter 2: 38

 Rail Fence Cipher
 Simplest transposition cipher
 Plaintext is written down as a sequence of diagonals and
then read off as a sequence of rows
 To encipher the message “meet me after the toga party”
with a rail fence of depth 2, we would write:
mematrhtgpry
etefeteoaat
Encrypted message is:
MEMATRHTGPRYETEFETEOAAT

09-2020 NT133–System architecture security Chapter 2: 39

 Row Transposition Cipher
 Is a more complex transposition
 Write the message in a rectangle, row by row, and read
the message off, column by column, but permute the
order of the columns
 The order of the columns then becomes the key to
the algorithm
Key: 4312 5 67
Plaintext: atta c kp
ostpone
dunt i l t
w o a mx y z
Ciphertext: TTNAAPTMTSUOAODWCOIXKNLYPETZ

09-2020 NT133–System architecture security Chapter 2: 40

 Summary

 Present an overview of the main concepts of symmetric

cryptography
 Explain the difference between cryptanalysis and brute-
force attack
 Understand the operation of a monoalphabetic
substitution cipher
 Understand the operation of a polyalphabetic cipher
 Present an overview of the Hill cipher

09-2020 NT133–System architecture security Chapter 2: 41