fnnc dudmhmf !

October 27, 2008October 27, 2008 Harvard CSCI E-2aHarvard CSCI E-2a 11

FNNC DUDMHMF !

FNNC DUDMHMF !Sghr kdbstqd hr

zants dmbqxoshnm

Sghr kdbstqd hr zants

dmbqxoshnm


The Caesar Cipher (Suetonius)

The Caesar Cipher (Suetonius)“If Caesar had anything

confidential to say, he wrote it in cipher, that is, by so changing the order of the letters of the alphabet, that not a word could be made out. If anyone wishes to decipher these, and get at their meaning, he must substitute the fourth letter of the alphabet, namely D, for A, and so with the others.”

“If Caesar had anything confidential to say, he wrote it in cipher, that is, by so changing the order of the letters of the alphabet, that not a word could be made out. If anyone wishes to decipher these, and get at their meaning, he must substitute the fourth letter of the alphabet, namely D, for A, and so with the others.”


Caesar cipherCaesar cipher

a b c d e f g h i j k l mn o p q r s t u v w x y z

X Y Z A B C D E F G H I J K L MN O P Q R S T U V W

Replace each letter by the letter that comes some fixed distance before or after it in the alphabet.

Replace each letter by the letter that comes some fixed distance before or after it in the alphabet.

Shift = 3

Gallia est omnis divisa in partes tres

JDOOLD HVW RPQLV GLYLVD LQ SDUWHV WUHV

Cryptography and National Security


Unless the issue of encryption is resolved soon, criminal conversations over the telephone … will become indecipherable by law enforcement. This, as much as any issue, jeopardizes the public safety and national security of this country.

FBI Director Louis Freeh, March 30, 1995


The Stakes Rise After 9/11

The Stakes Rise After 9/11

Sept. 13, 2001: Sen. Judd Gregg (NH) calls for encryption regulations, saying encryption makers should be required to include decryption methods for government agents.

US market force would be used to constrain foreign makers of encryption products

Sept. 13, 2001: Sen. Judd Gregg (NH) calls for encryption regulations, saying encryption makers should be required to include decryption methods for government agents.

US market force would be used to constrain foreign makers of encryption products


A month later, encryption is OK!

A month later, encryption is OK!

October 24, 2001: USA PATRIOT Act passes

Vastly enhanced authorization for government surveillance in the interest of national security

Not one word about encryption!Why did US Congress drop its

efforts to control encryption, barely a month after the attack on the US?

October 24, 2001: USA PATRIOT Act passes

Vastly enhanced authorization for government surveillance in the interest of national security

Not one word about encryption!Why did US Congress drop its

efforts to control encryption, barely a month after the attack on the US?


Electronic Commerce!Electronic Commerce!

Treatise on the Astrolabe, 1391


Letter Frequencies Letter Frequencies

Source: Wikipedia


ee

ee

e

e

e

e

e

ee

e


ee

ee

e

e

e

e

e

ee

t

t

tt

t

t

t

t

t

e t


ee

ee

e

e

e

e

e

ee

t

t

tt

t

t

t

t

t

te

h

h

h

h

h


ee

ee

e

e

e

e

e

ee

t

t

tt

t

t

t

t

t

te

h

h

h

h

h

oo

o

o

oo

o

o


ee

ee

e

e

e

e

e

ee

t

t

tt

t

t

t

t

t

te

h

h

h

h

h

oo

o

o

oo

o

o

isi

i

i

i

s

si


ee

ee

e

e

e

e

e

ee

t

t

tt

t

t

t

t

t

t

h

eh

h

h

h

oo

o

o

oo

o

o

isi

i

i

i

s

si

r

r

r

r


ee

ee

e

e

e

e

e

ee

t

t

tt

t

t

t

t

t

t

h

eh

h

h

oo

o

o

oo

o

o

isi

i

i

i

s

si

r

r

r

r

h

f aa b

a b

l

l

f

v

nn

nn

n

fc

uq

d

m


Substitution cipherSubstitution cipher

Replace each character of the message by another character

In generalOriginal message is called the plaintextEncrypted result is called the ciphertext

Substitution ciphers easily cracked by frequency analysis

Replace each character of the message by another character

In generalOriginal message is called the plaintextEncrypted result is called the ciphertext

Substitution ciphers easily cracked by frequency analysis


CryptosystemsCryptosystems

ATTACKER

key

encrypt plaintext message

retreat at dawn

key

decrypt

ciphertext

plaintext message

retreat at dawn

SENDERciphertext

sb%6x*cmf

RECEIVER

Alice Bob

Eve


Yaqub Ibn Ishaq al-Kindi (801-873)

Cracking ciphersCracking ciphers

Frequency analysis has been known since the 9th century.

Al Kindi’s Manuscript on Deciphering Cryptographic Messages

Frequency analysis has been known since the 9th century.

Al Kindi’s Manuscript on Deciphering Cryptographic Messages


Mary Stuart, 1587Mary Stuart, 1587


The Koan of the YogiThe Koan of the Yogi

“In theory there is no difference between theory and practice. In practice, there is.”

“In theory there is no difference between theory and practice. In practice, there is.”


Cryptologic lessonsCryptologic lessons

Breakthroughs can render previously reliable cryptographic methods insecure

News of cryptanalytic breakthroughs travels slowly

Making strong encryption systems available does not guarantee they will be used

Breakthroughs can render previously reliable cryptographic methods insecure

News of cryptanalytic breakthroughs travels slowly

Making strong encryption systems available does not guarantee they will be used


Vigenère EncryptionVigenère Encryption Use several

Caesar substitutions and cycle through them

Sequence of substitutions determined by a secret key

Use several Caesar substitutions and cycle through them

Sequence of substitutions determined by a secret key

Blaise de Vigenere (1523-1596)

a b c d e f g h i j k l m n o p q r s t u v w x y z

S T U V W X Y Z A B C D E F G H I J K L M N O P Q R

O P Q R S T U V W X Y Z A B C D E F G H I J K L M N

N O P Q R S T U V W X Y Z A B C D E F G H I J K L M

G H I J K L M N O P Q R S T U V W X Y Z A B C D E F

B C D E F G H I J K L M N O P Q R S T U V W X Y Z A

I J K L M N O P Q R S T U V W X Y Z A B C D E F G H

R S T U V W X Y Z A B C D E F G H I J K L M N O P Q

D E F G H I J K L M N O P Q R S T U V W X Y Z A B C

Fight fiercely, Harvard! Fight! Fight! Fight!

H JQRR ZPRU NOEJ GQXK LTVM IBWL YVGXWTNU NZ


Breaking Vigenère – (1)Breaking Vigenère – (1)

If the key has length K, then the ciphertext letters K positions apart are specified by the same character in the key …

And thus is the result of a simple substitution And thus can be attacked by frequency

analysis Example: Suppose the key length is three:

If the key has length K, then the ciphertext letters K positions apart are specified by the same character in the key …

And thus is the result of a simple substitution And thus can be attacked by frequency

analysis Example: Suppose the key length is three:

DJBK FJWO VJSW FKDS GFJD RKEM CNEJ JKSJ FKDJ SJSS

So the decryption reduces to doing frequency analysis K times – provided we know K


Breaking Vigenère – (2)Breaking Vigenère – (2)

To find the length of the key: Try different values for K, looking at every Kth

letter of the ciphertext, and pick the one for which the frequency distribution looks like the frequency distribution for English.

Clever methods to do this by hand: Babbage, Kasiski: counting double letters

(1850s, 1860s) Friedman: Index of Coincidence (1920s)

With computers, we don’t need to be clever: Can do brute-force statistics

To find the length of the key: Try different values for K, looking at every Kth

letter of the ciphertext, and pick the one for which the frequency distribution looks like the frequency distribution for English.

Clever methods to do this by hand: Babbage, Kasiski: counting double letters

(1850s, 1860s) Friedman: Index of Coincidence (1920s)

With computers, we don’t need to be clever: Can do brute-force statistics


Theory vs.

Practice

1917

Theory vs.

Practice

1917


One-Time Pad: Key as long as plaintext

One-Time Pad: Key as long as plaintext

The Only Provably Secure CryptosystemNo patterns, so nothing to analyzeBut getting the keys from Alice to Bob

securely is just as hard as getting an unencrypted message!

Unsuitable for e-commerceWhat would it mean to “meet” Amazon to get a key?

The Only Provably Secure CryptosystemNo patterns, so nothing to analyzeBut getting the keys from Alice to Bob

securely is just as hard as getting an unencrypted message!

Unsuitable for e-commerceWhat would it mean to “meet” Amazon to get a key?


Beware Security Through Obscurity

Beware Security Through Obscurity

Kerckhoffs Principle (1883): “The system must not require secrecy, and it

could fall into the hands of the enemy without causing trouble. If a system requiring secrecy were to find itself in the hands of too many individuals, it could be compromised upon each engagement in which any of them take part.”

Still regularly violated by Internet security start-ups and their credulous investors

Kerckhoffs Principle (1883): “The system must not require secrecy, and it

could fall into the hands of the enemy without causing trouble. If a system requiring secrecy were to find itself in the hands of too many individuals, it could be compromised upon each engagement in which any of them take part.”

Still regularly violated by Internet security start-ups and their credulous investors


DES: The Data Encryption Standard

DES: The Data Encryption Standard

A 1976 public standard 56 bit keyLong enough in 1976With today’s more powerful computers a brute

force search through possible keys takes only a day

Superceded by Advanced Encryption Standard or “AES”: 128, 192, or 256 bit key

AES has not been cracked as far as we know

A 1976 public standard 56 bit keyLong enough in 1976With today’s more powerful computers a brute

force search through possible keys takes only a day

Superceded by Advanced Encryption Standard or “AES”: 128, 192, or 256 bit key

AES has not been cracked as far as we know


But the Big Problem Remains:

But the Big Problem Remains:

How to Get the Key securely from Alice to Bob?

How to Get the Key securely from Alice to Bob?

??

fnnc dudmhmf !

Documents

acryptosystemsharvard

wikipediaharvard csci

eeeeeeeeeeeeharvard

encryption makers

issue of encryption

encryption regulations

athe koan

national securitynot