t215b communication and information technologies (ii) session 4 block 4 protecting and prying arab...

T215BCommunication andinformation technologies (II)

Session 4

Block 4Protecting and prying

Arab

Ope

n U

nive

rsity

1

Session Outline

• Part 5: Encryption• Breaking a Cipher

• Linguistic Analysis• Building Stronger Ciphers• Building Blocks of modern encryption

systems

2

Arab

Ope

n U

nive

rsity

3.2 Linguistic analysis [1/8]

• The first approach to cipher breaking is Brute Force Attack• A second approach to cipher breaking is the linguistic analysis• Linguistic Analysis: to attempt to exploit any linguistic patterns

inherited from the plaintext (for only textual contexts).

• All written languages exhibit characteristic patterns. • For example, in written English

• the letter ‘q’ is almost always followed by a ‘u’ • certain pairs of letters (known as digraphs) are more likely to appear

together than others: ‘th’ is common as are ‘ea’, ‘of’, and ‘st’. • Some identical letters can often appear together, for example ‘ee’, ‘oo’, ‘tt’,

but seldom ‘uu’ or ‘hh’. • There is a higher probability of certain letters appearing than other

letters• For example , in written English

• The most common letter is ‘e’, followed by ‘t’, ‘a’ and ‘o’. • ‘etaoin’ are the six most frequent letters.

3

Arab

Ope

n U

nive

rsity


4

Arab

Ope

n U

nive

rsity


5

Arab

Ope

n U

nive

rsity


6

Arab

Ope

n U

nive

rsity


• A ciphertext sequence can also be analysed for letter frequency.

• If the analysis shows a curve similar to Figure 5.8 or Figure 5.9 then:• There is a strong possibility that the most frequently occurring

ciphertext letters will correspond to their equivalents in standard English text!

7

How linguistic analysis can help to break ciphers? Arab

Ope

n U

nive

rsity


8

Standard English letter frequency

Ciphertext letter frequency

Activity 5.7: The figure below shows the results of letter frequency analysis of a sample of ciphertext. • Does the ciphertext exhibit a pattern

similar to standard English letter frequencies?

• If so, what assumptions could you make about the cipher?

Activity 5.7 – Comments: The following similarities can be noted:

• R – Z → A – I• B – G → K – P • I – P → R – Y.

Arab

Ope

n U

nive

rsity


Activity 5.7 – Comments: • The similarities mean that the cipher was created using a

simple substitution cipher!• The ordering of the letters was preserved in the ciphertext but

their identity was changed. • In fact, if the ciphertext letter frequency plot was shifted to

the left by 17 places the result would look very similar to the standard English plot.• The guess would be that the cipher used was a simple Caesar

cipher with a key of 17.

9

Arab

Ope

n U

nive

rsity


• Linguistic patterns can prove useful for breaking simple transposition ciphers too.

• In a transposition cipher, the positions of the letters change but their identity remains the same• For example, there will be the same frequency of the letter “E” in

the ciphertext as there is in the plaintext.• Given a long enough sample of transposition ciphertext,

frequency analysis can provide a useful starting point for the cryptanalyst. • If the results indicate a match with standard letter frequencies

then the ciphertext is most likely the result of a transposition cipher.

• This knowledge points to various analytical techniques to help break the cipher, exploiting the kind of patterns we discussed.

10

Arab

Ope

n U

nive

rsity

Session Outline

• Part 5: Encryption• Breaking a Cipher• Building Stronger Ciphers

• Increasing the Key Space• Weakening the linguistic association• An unbreakable cipher

• Building Blocks of modern encryption systems

11

Arab

Ope

n U

nive

rsity

4. Building stronger ciphers [1/1]

• To combat Brute force attack we need: A very large key space

• To combat Linguistic analysis benefits we need:A weak association between the linguistic patterns in the

plaintext and ciphertext

• So, two desirable characteristics are required to build strong ciphers:• a very large key space• a weak association with the linguistic patterns in the

plaintext.12How ciphers can be designed to address

these requirements?

Arab

Ope

n U

nive

rsity

4.1 Increasing the key space [1/9]

• Using the simple Caesar cipher, the maximum key length is 26.

What if encrypt letters as pairs (digraphs) instead of singly?

• Possible digraphs are:aa, ab, ac, …, ay, azThen, ba, bb, bc, …, by, bz

Then … … … za, zb, …, zy, zz• Numerical coding:

• Since each single letter represents one of 26 possibilities• each pair of letters would represent one of 26 × 26 = = 676 possibilities

13

aa ab … az ba bb … bz … … … za zb … zz

0 1 25 26 27 51 650 651 675

Arab

Ope

n U

nive

rsity


• So digraph coding provides a means of increasing the key space from 26 to 676!• Using a simple Caesar cipher: the key can take any value between 0 and 25!• Using a Caesar cipher with digraph coding: the key can take any value between 0

and 675!

Do you think it is practical to search in a table of 676 columns?

How to mathematically calculate the numerical code of a digraph?

• The numerical code of a digraph is given by:

p = p1 x 26 + p2

• Where• p is the numerical equivalent of the digraph in question.• p1 is the numerical equivalent of the first letter in the pair (on the left).

• p2 is the numerical equivalent of the second letter in the pair (on the right).

14

Arab

Ope

n U

nive

rsity


• Activity 5.10: Calculate the numerical code value for the first digraph in the word ‘zenith’.

• Sol.:• ‘zenith’ would be treated as three separate digraphs: ze ni th. • The first digraph is ‘ze’.• pz= 25 and pe = 4.

• So the digraph ‘ze’ is coded as pze = pz x 26 + pe

• So, pze = (25 × 26) + 4 = 654

15How to convert a numerical code to its equivalent digraph?

Arab

Ope

n U

nive

rsity


• Example:Convert 325 into its equivalent digraph.• Sol.:• 325 = p1 x 26 + p2 so • So, if we divide 325 by 26:

• p1 would be the quotient of the division

• p2 would be the remainder of the division

• While 325/26 = 12.5 = 12 + • p1 = 12 → this numerical code is equivalent to the letter ‘m’

• p2 = 13 → this numerical code is equivalent to the letter ‘n’

• So 325 is equivalent to the digraph ‘mn’

16How to encrypt a digraph using Caesar cipher?

Arab

Ope

n U

nive

rsity


• Activity 5.11: Using digraphs for coding and encrypting alphabetic symbols:• (a) what value would be used for the modulus?• (b) what values could be chosen for the key?Sol.• (a) A coded digraph can take one of a possible 26 × 26 = 676

different combinations. So the modulus is 676.

• (b) The key can be any number from 0 to 675. • Note that “0” can be excluded from the key space since a key of

K=0 will not change the plaintext!• The general encryption formula of a Caesar cipher with

digraph coding is:c ≡ p + K mod 676

17

Arab

Ope

n U

nive

rsity


• Example:Use a Caesar Cipher with digraph coding to encrypt the following plaintext: ‘zenith’ with a key of K=347.

• Sol.:‘zenith’ contains three digraphs: ze; ni and th.• ‘ze’ encryption :

• pze=pz x 26 + pe = (25 × 26) + 4 ; so pze= 654

• So cze ≡ pze + K mod 676 ≡ 654 + 347 mod 676 ≡ 1001 mod 676 ≡ 325 mod 676

• The next step is to convert 325 into the equivalent digraph to derive the ciphertext:

• 25/26 = 12.5 = 12 + • p1 = 12 → this numerical code is equivalent to the letter ‘M’

• p2 = 13 → this numerical code is equivalent to the letter ‘N’

• so the ciphertextdigraph for ‘ze’ is ‘MN’.18

Arab

Ope

n U

nive

rsity


• Example:Use a Caesar Cipher with digraph coding to encrypt the following plaintext: ‘zenith’ with a key of K=347.

• Sol.:‘zenith’ contains three digraphs: ze; ni and th.• ‘ni’ encryption :

• pni=pnx 26 + pi= (13 × 26) + 8 ; so pni= 346

• So cni≡ pni+ K mod 676 ≡ 346 + 347 mod 676 ≡ 693 mod 676 ≡ 17 mod 676

• The next step is to convert 17 into the equivalent digraph to derive the ciphertext:

• 17/26 = 0 +

• p1 = 0 → this numerical code is equivalent to the letter ‘a’

• p2 = 17 → this numerical code is equivalent to the letter ‘r’

• so the ciphertext digraph for ‘ni’ is ‘AR’.19

Arab

Ope

n U

nive

rsity


• Example: Use a Caesar Cipher with digraph coding to encrypt the following plaintext: ‘zenith’ with a key of K=347.

• Sol.: ‘zenith’ contains three digraphs: ze; ni and th.• ‘th’ encryption :

• Using the same method described previously, the ciphertext digraph for ‘th’ is ‘GQ’.

• So, using a Caesar cipher with digraph coding, ‘zenith’ is encrypted as ‘MNARGQ’

20Can we further increase the key space?

Arab

Ope

n U

nive

rsity


• Activity 5.13: What key space is possible by encoding the letters as blocks of:• (a) 3 (or trigraph)?• (b) 5?• (c) 10?

• Sol.:• (a) a block of 3 (or trigraph) would result in 263 = 17576

possible keys.• (b) a block of 5 would result in 265 = 11881376 possible

keys.• (c) a block of 10 would result in 2610 = 1.41 x 1014 (to 2

decimal places) possible keys. 21

Arab

Ope

n U

nive

rsity

Session Outline




22

Arab

Ope

n U

nive

rsity

4.2 Weakening the linguistic association [1/5]

• The Caesar cipher uses a monoalphabetic substitution. • The key remains constant • For example, the plaintext letter ‘e’ will always be encrypted as the

same ciphertext symbol. • The ciphertext inherits the linguistic patterns of the plaintext• The ciphertext is susceptible to letter frequency and other linguistic

analysis!

How to decouple from the linguistic patterns of the plaintext?

• One way to do so is to encrypt with a cipher that uses a succession of different keys. • The Vigenère cipher provides an example of how this can be achieved.

23

Arab

Ope

n U

nive

rsity


• The Vigenère cipher uses a key known as a running key, which is generated by a keyword.

• Example: Use the Vigenère cipher with the keyword ‘jupiter’ to encrypt the following sentence: “A stitch in time saves nine”

• Solution:• Using the convention of assigning a numerical value to each

letter, ‘jupiter’ would produce a key sequence of 9, 20, 15, 8, 19, 4, 17.

• This provides a succession of different keys that can be used over and over again in the same sequence.

• Each symbol in the plaintext is encrypted using the next key in the sequence.

24

Arab

Ope

n U

nive

rsity


25

• Example: Use the Vigenère cipher with the keyword ‘jupiter’ to encrypt the following sentence: “A stitch in time saves nine

• Solution:• The following Caesar Cipher’s formula is used to determine

the numerical code of the ciphertext of each letter:c ≡ p + K mod 26

Where K takes sequentially the following values : {9, 20, 15, 8, 19, 4, 17}

Arab

Ope

n U

nive

rsity


• Weakness of a Vigenère cipher:• Where similar letters appear at distances corresponding to the

keyword length, their ciphertext letters will match each other!• For example, the letter pair ‘ti‘ in the plaintext word ‘stitch’ and the

letter pair ‘ti’ in ‘time’ are both encrypted as ‘IQ’.

26

7 steps = keyword

length Arab

Ope

n U

nive

rsity


• Weakness of a Vigenère cipher:• Given a large enough sample of ciphertext the probability of such

an issue to appear increases• A cryptanalyst can hence determine the length of the running key ‘n’• Every nth symbol can then be treated and analyzed as one strand• The cipher can then be easily solved!

27

Solution? Arab

Ope

n U

nive

rsity

Session Outline




28

Arab

Ope

n U

nive

rsity

4.3 An unbreakable cipher [1/2]

• The idea is to use a key that is identical in length to the plaintext, and to use it only once.

• Encryption based on this method is known as one-time pad encryption.

• A One Time Pad Encryption:1. A random key – the pad – is generated that is at least as long

as the plaintext message• Two copies of the pad are required

• one is used by the sender to encrypt the message.• one is used by the recipient to decrypt the message.

2. Once it has been used both copies must be destroyed.

29

Arab

Ope

n U

nive

rsity

4.3 An unbreakable cipher [2/2]

• The random nature of the pad (key) means that:• The ciphertext has no linguistic association with the original plaintext• The ciphertext cannot be broken by analysis or brute force.

• When properly applied, the one-time pad is the only known truly unbreakable cipher. • One-time pads have been successfully used in the past, mostly for

high-level diplomatic exchanges. • But a one-time pad is not a practical cipher for use in modern

communication technologies.

30Example of a one time pad

(wikimedia commons, 2009)

Arab

Ope

n U

nive

rsity

Session Outline

• Part 5: Encryption• Breaking a Cipher• Building Stronger Ciphers• Building Blocks of modern encryption

systems• Introduction• Block Ciphers• Stream Ciphers• Symmetric Key System 31

Arab

Ope

n U

nive

rsity

5. Building blocks of modern encryption systems [1/4]

• The ciphers discussed in the preceding sections were developed to protect the privacy of text-based communications.• These were usually written on paper or, in later years, transmitted

by wireless telegraphy.• Many profound changes have occurred in the last few decades

in the technologies we use to communicate, store and process data.

• The old encryption methods are no longer practical • The old encryption methods cannot provide the level of protection

needed today.

32

Arab

Ope

n U

nive

rsity


• Modern encryption systems are classified according to some general characteristics: • They are block ciphers or stream ciphers?• They use symmetric or asymmetric key systems?

• All are based on complex mathematical algorithms that rely on powerful processing capabilities.

• These processes are generally implemented by operating at the bit level in the plaintext input, either:• physically in hardware using electronic devices known as logic gates,• or in software programming using computational logic.

• A key point to bear in mind here is that the data to be encrypted is not always text.• Though, the ‘ciphertext’ and ‘plaintext’ notations are commonly

used when encryption is discussed.33

Arab

Ope

n U

nive

rsity


• Encryption frequently involves an operation known as the exclusive-or (XOR).

• The exclusive-or (XOR) takes two binary input bits and combines them to form an output bit.

• XOR is a logical operation, its truth table is given below:

34

Truth table of an XOR operation

Arab

Ope

n U

nive

rsity


• Example: What would be the output of combining the 7-bit ASCII code for the letter ‘N’ (‘1001110’) with the randomly generated coding data 0011101 using the XOR process.

• Solution:

• What if we XOR the same random coding data with the output data?• The result is the original data stream!

35

Arab

Ope

n U

nive

rsity

Session Outline



Arab

Ope

n U

nive

rsity

5.1 Block ciphers [1/9]

• A block cipher breaks the plaintext into equal-sized blocks, usually of 64 or 128 bits, and encrypts each block separately to produce a ciphertext output exactly equal in length to the input.

• The next figure shows a simplified version for blocks of 8 bits.

• For plaintext inputs smaller than the block size:• the empty spaces are padded with recognisable additional bits• Those additional bits are stripped off during the decryption

process. 37

Arab

Ope

n U

nive

rsity


38

Arab

Ope

n U

nive

rsity


• There are two basic approaches to block encryption:• One is to encrypt each block independently of any other,• The other is to encrypt each block so that its output ciphertext is

dependent on the output of the previous block. • Electronic Codebook (ECB): An independent encryption approach

39

Arab

Ope

n U

nive

rsity


• Electronic Codebook (ECB):• The same key will be used for each block.• The encryption of each block is completely independent from

the other blocks.• Drawbacks of ECB:• Two similar blocks of plaintext will result in similar blocks of

ciphertext • Since the position of the ciphertext blocks remains fixed

relative to the plaintext blocks this introduces a vulnerability.• ECB is not practical when data involves long repetitive strings

of 1s and 0s, such as a picture data.40

Arab

Ope

n U

nive

rsity


• Example:• Consider the below penguin picture

• The white color background pixels are all coded with the same binary number.

• Hence, the picture file involves long repetitive strings of 1s and 0s • When coded with ECB, the data pattern in the plaintext can

still be clearly discerned in the ciphertext.

41

Arab

Ope

n U

nive

rsity


• Cipher-block chaining (CBC): A dependent encryption approach

42

Arab

Ope

n U

nive

rsity

5.1 Block ciphers [7/9]• Cipher-block chaining (CBC):• An XOR process is used to combine the ciphertext output from

one block with the plaintext input of the following block.• Every ciphertext block is dependent on the ciphertext output

from the preceding block as well as its own plaintext input• An encryption of identical input blocks will produce different

results.• CBC mode requires an additional extra input, known as an

initialisation vector (IV), to the first block.• The initialisation vector (IV) is a pseudo-random binary

sequence that is used in the XOR process for the first block only.

43What is the ciphertext of the previous penguin picture

when encrypted with a CBC technique?

Arab

Ope

n U

nive

rsity


• Penguin image of Figure 5.20, encrypted in CBC mode (Wikipedia, 2009)

44

Arab

Ope

n U

nive

rsity


• Drawbacks of CBC:• A single encryption error in one block is cascaded

through to the following blocks.• The decryption relies on knowledge of the previous

block.• Any error or loss of data in the previous block prevents that block

and all following blocks from being decrypted!

45

Arab

Ope

n U

nive

rsity

Session Outline



Arab

Ope

n U

nive

rsity

5.2 Stream ciphers [1/2] • Unlike Block Ciphers, Stream ciphers operate on very small

segments of data – usually at the bit level• Whereas block ciphers have to wait to receive the whole block

before they can start encrypting, stream ciphers can encrypt ‘on the fly’ one bit (or sometimes one byte) at a time.

• Stream ciphers use a short key that acts as a ‘seed’ to generate a much longer, apparently random, key stream.

• The key stream is then combined (usually by an XOR process) with the plaintext to produce ciphertext.

47

Arab

Ope

n U

nive

rsity

5.2 Stream ciphers [2/2]

• Decryption is also carried out ‘on the fly’ and using the same key stream as the encryption process. • The sender and the receiver must be synchronised to ensure

that the same key is used on each individual bit (or byte) of data.• Stream ciphers are generally faster than block ciphers, and

are less complex to implement in hardware. • They are often used where

• the input stream length is unpredictable (such as in telecommunications).

• the input buffering is limited. • Buffering means temporarily storing bits, as would be needed in block

ciphers where the process has to wait until all the bits in the block have been received.

• Stream ciphers can be vulnerable if used incorrectly • For example, if the input key is used more than once.

48

Arab

Ope

n U

nive

rsity

Session Outline



Arab

Ope

n U

nive

rsity

5.3 Symmetric key systems [1/4]

• In a symmetric key system:• Encryption and decryption are performed using a

single key or, two keys that are so closely related to each other mathematically.

• The inherent problem with all single key systems is secure key distribution.• To protect a message, it could be encrypted using a

private symmetric key and then sent over an insecure channel.

• But to decrypt the message the recipient must have a copy of the private key!

50How to distribute a private key over the same insecure channel?

Arab

Ope

n U

nive

rsity


• If the shared key is sent over the same insecure channel it could be intercepted by an eavesdropper and copied.• if the same eavesdropper previously intercepted

the encrypted message, he can easily decrypt it using his copy of the shared key.

• A general solution to this, known as the double-locking protocol• This protocol involves a three-way exchange before both parties

(sender and recipient) are in possession of a secret shared key. • The Diffie-Hellman key exchange protocol is a well-known

protocol that is commonly used in modern electronic transactions. • This protocol mathematically performs the same service as double-

locking protocol.

51

Arab

Ope

n U

nive

rsity


• Double-locking protocol: • Suppose that you and I need to exchange an encryption key:

• We need a box and we each need a padlock. • I put the encryption key in the box, lock the box with my padlock and send

it to you over the insecure channel. • The encryption key is safe because the box is locked with my padlock and I

am the only one with the padlock key.• Of course, when you receive the box you can’t unlock it either! Instead you

lock the box with your own padlock and return it tome over the same insecure channel.

• The box is now double locked with your padlock and with mine.• When I receive it, I unlock and remove my padlock and return the box to

you. • The encryption key is still safe because it is locked with your padlock, and

you are the only one with your padlock key.• On receipt, you unlock your padlock, open the box and retrieve the

encryption key.

52

Arab

Ope

n U

nive

rsity


531. Alice encrypts the message with her key and sends it to Bob2. Bob encrypts the message he received with his key and sends it to Alice3. Alice decrypts the message she received with her key and sends it to BobBob decrypts the message he received with his key and reads the message

Arab

Ope

n U

nive

rsity

Is there any other solution?

Yes!An Asymmetric Key System

To be discussed next week!

54

Arab

Ope

n U

nive

rsity

t215b communication and information technologies (ii) session 4 block 4 protecting and prying arab...

Documents