Basic Encryption Terminology
- Encryption
- process of encoding information (encode, encipher)
- Decryption
- process of transforming encrypted information back to its original form (decode, decipher)
- Cleartext
- easily human-readable without cryptographic mechanisms or procedures
More Terminology
- Plain text
- Cryptography
- Cryptosystem
- Ciphertext
- Cryptology
- Cryptanalyst
Encryption and Decryption Algorithms
- Encryption is denoted by functions E
- where E(cleartext) = ciphertext
- Decryption is denoted by functions D
- where D(ciphertext) = cleartext
- Usually D is the inverse of E so that
- the following is true D(E(clear)) = clear
- A key is an additional piece of information that must be known in order to encrypt or decrypt data
Use of Keys
- Use of a key is denoted as
- E(clear, K) = cipher
- D(cipher, K) = clear
- Different keys for encryption and decryption are denoted as KE (for encryption) and KD (for decryption)
- Another denotation is
- cipher = [clear]KE or clear = [cipher]KD
"Secret" Algorithms
- Algorithm should not be easily breakable
- even when the algorithm and the cipher text are known
- The ideal algorithm is difficult to break even if it is known
- Most algorithms are breakable, but practicality is a big issue
- Ideal algorithms are openly known and impractical to break
Cryptanalysis
- Tools (main tool is computer)
- encrypted messages
- encryption algorithms
- mathematical tools
- known properties of language and the cleartext
- Techniques
- recognizing patterns
- finding weaknesses in encryption algorithms
Two Strategies for Encryption
- Substitution
- each cleartext character is replaced with some other character
- famous example: Caesar Cipher
- Transposition
- sequence of cleartext characters are rearranged
- example: the matrix approach
Advantages and Disadvantages of Simple Strategies
- Strengths
- Easy to encode
- Easy to remember the algorithm
- practical for short periods of time
- Weaknesses
- Easy to decode
- impractical for data that needs protection for long periods
Monoalphabetic Vs. Polyalphabetic Substitution
- Monoalphabetic ciphertext is easily attacked by statistical techniques
- studying the frequency distribution of the characters in the ciphertext
- certain characters appear more often in the realtext
- Using more than one alphabet for substitution flattens the distribution curve
Polyalphabetic Substitution Ciphers
- Two Distributions using two different substitution tables
- Use one table for even positioned characters and the other for characters in odd positions
- Vigenere Tableaux
- A collection of 26 permutations allows for up to 26 systemized substitutions in the same cipher
- Substitutions depend on a key word
Other Good Polyalphabetic Substitution Ciphers
- One-Time Pads
- provides a large non-repeating set of keys
- sender and receiver need identical pads
- Long Random Number Sequences
- computerized one-time pads
- Vernam Cipher
and Binary Vernam Cipher
- Books as sources of one-time pads
Cryptanalysis of Polyalphabetic Substitutions
- Kasiski
Method
- helps find the number of different substitutions
- brings frequency distribution back into play
- Index of Coincidence
- Measure the variation of frequencies in a distribution
- Function of observed frequencies of characters
Stream Vs. Block Ciphers
- Substitutions are stream ciphers
- Individual characters of plaintext are encrypted immediately into characters of ciphertext
- Transpositions are block ciphers
- A group of plaintext characters are encrypted as a block
- the block can be the entire message
Shannon Characteristics of a Good Cipher
- The amount of protection needed should determine the costs
- Complexity is not a virtue
- Simple implementation is a virtue
- Errors should not cause further errors
- The cipher text should not be longer than the original real text
Summary of Characteristics of Good Ciphers
- Confusion
- Diffusion
- Effectively secure, i.e. p(h(C) = P) < e when C = E(P)