Scribd
Upload
7 views

Lecture5-Confidentiality

The document discusses confidentiality in information security, focusing on classical and modern cryptographic systems, including the Vigenere cipher. It explains various encryption methods, such as shift and substitution ciphers, and highlights their vulnerabilities to brute force attacks and frequency analysis. Additionally, it covers techniques like the Kasiski test for breaking the Vigenere cipher by determining the length of the keyword used in encryption.

Uploaded by

Jaideep Singh
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
7 views

Lecture5-Confidentiality

The document discusses confidentiality in information security, focusing on classical and modern cryptographic systems, including the Vigenere cipher. It explains various encryption methods, such as shift and substitution ciphers, and highlights their vulnerabilities to brute force attacks and frequency analysis. Additionally, it covers techniques like the Kasiski test for breaking the Vigenere cipher by determining the length of the keyword used in encryption.

Uploaded by

Jaideep Singh
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 71

Foundations of Information

Security
Lecture-5: Confidentiality
Today’s Content…

• Confidentiality
• Classical Cryptosystem
• Vigenere Cipher
• Modern Cryptography
• Block Cipher
Basic Setup:
• Communication over an insecure channel
• Types of insecure channel
• Internet (unprotected network of computers)
• Wifi (not password protected)
• Air Waves (GSM connection) etc.
Confidentiality can be achieved using
encryption/decryption

Encryption Decryption
Secure Network

E ^d@#*^

D
&!h^*hi ^d@#*^
&!h^*hi

Message
(I love you) Message
(I love you)

E: Encryption- Charlie cannot see what is being sent over the channel
D: Decryption- Bob can successfully decrypt the message
Some Traditional
Cryptosystems
Shift Cipher
• Let 𝒫 = 𝒞 = 𝒦 = {Set of English Alphabets}
• i.e., 𝒫 = 𝒞 = 𝒦 = 26
• Algorithm - Shift each letter in the plaintext by a position specified by
the key to form the ciphertext
• Let k = 5
• i.e., shift each letter in the plaintext by 5 letters to the right
• E.g., Plaintext = I AM BOND
Ciphertext = N FR GTSI
How did we Cryptanalyze ?
• Try “shift of 1” to check if a valid plaintext is produced
• Else, try shift of 2, 3 etc.
• Only 26 key choices to test and try, breaking is super easy !!
• What we did here was to exhaustively search the keyspace
• Attack is known as BRUTE FORCE ATTACK

• BUT IS BRUTE FORCE ATTACK ALWAYS POSSIBLE ??


Substitution Cipher
• Algorithm
• Substitute each letter in the plaintext by another letter specified by the key
m A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
k G Q B T X U L C H S R W V Z D E Y O K A M N J I F P

 Plaintext : elementary dear watson


Ciphertext : xwxvxzagof txgo jgakdz

• Here, one mapping is one key itself !!!


Substitution Cipher
• Frequency Analysis Technique
• Cipher is a monoalphabetic cipher
• Each plaintext letter is always going
to be replaced by the same ciphertext
letter
• Frequency of letters in plaintext is
preserved in the ciphertext
• E.g., if E(plaintext) -> D (ciphertext), then
D will be the most frequently occurring
letter in the ciphertext
• Analyze these mappings to find potential
substitutions
Substitution Cipher
• Frequency Analysis Technique

Frequently occurring 2-letter words th, he, er, on, an, of, to, in, it, is, be, as, at,
so, we, he, by, or, do, if, me, my, up, an,
go, no, us, am
Frequently occurring 3-letter words the, and, for, are, but, not, you, all, any,
can, had, her, was, one, our, out, day, get,
has, him, his, how, man, new, now, old,
see, two, way, who, boy, did, its, let, put,
say, she, too, use

Frequently occurring 4-Letter Words that, with, have, this, will, your, from,
they, know, want, been, good, much,
some, time
Substitution Cipher
• Frequency Analysis Technique
• Correlate most frequently observed letter in ciphertext with most
frequent letter in english language , then second most frequent and
so on …
LIVITCSWPIYVEWHEVSRIQMXLEYVEOIEWHRXEXIPFE Frequency Analysis of Ciphertext:
MVEWHKVSTYLXZIXLIKIIXPIJVSZEYPERRGERIMWQL
MGLMXQERIWGPSRIHMXQEREKIETXMJTPRGEVEKEITR I – Most common letter
EWHEXXLEXXMZITWAWSQWXSWEXTVEPMRXRSJGSTVRI XL – Most common bigram
EYVIEXCVMUIMWERGMIWXMJMGCSMWXSJOMIQXLIVIQ
IVIXQSVSTWHKPEGARCSXRWIEVSWIIBXVIZMXFSJXL XLI – Most common trigram
IKEGAEWHEPSWYSWIWIEVXLISXLIVXLIRGEPIRQIVI E – Third most common letter
IBGIIHMWYPFLEVHEWHYPSRRFQMXLEPPXLIECCIEVE
WGISJKTVWMRLIHYSPHXLIQIMYLXSJXLIMWRIGXQER
OIVFVIZEVAEKPIEWHXEAMWYEPPXLMWYRMWXSGSWRM By Frequency Mapping:
HIVEXMSWMGSTPHLEVHPFKPEZINTCMXIVJSVLMRSCM I→E
WMSWVIRCIGXMWYMX
XL → TH
XLI → THE
E→A
Substitution Cipher
• Frequency Analysis Technique
• Correlate most frequently observed letter in ciphertext with most
frequent letter in english language , then second most frequent and
so on …
heVeTCSWPeYVaWHaVSReQMthaYVaOeaWHRtatePF Other Possibilities:
aMVaWHKVSTYhtZetheKeetPeJVSZaYPaRRGaReM heVe → here
WQhMGhMtQaReWGPSReHMtQaRaKeaTtMJTPRGaVaK
aeTRaWHatthattMZeTWAWSQWtSWatTVaPMRtRSJ Rtate → State
GSTVReaYVeatCVMUeMWaRGMeWtMJMGCSMWtSJOMe atthattMZe → at that time
QtheVeQeVetQSVSTWHKPaGARCStRWeaVSWeeBtV
eZMtFSJtheKaGAaWHaPSWYSWeWeaVtheStheVthe
RGaPeRQeVeeBGeeHMWYPFhaVHaWHYPSRRFQMtha By Frequency Mapping:
PPtheaCCeaVaWGeSJKTVWMRheHYSPHtheQeMYhtS
JtheMWReGtQaROeVFVeZaVAaKPeaWHtaAMWYaPP I→E V -> R
thMWYRMWtSGSWRMHeVatMSWMGSTPHhaVHPFKPaZe XL → TH R -> S
NTCMteVJSVhMRSCMWMSWVeRCeGtMWYMt
XLI → THE M -> I
E→A Z -> M
Monoalphabetic Ciphers
• Shift and Substitution ciphers are mono-alphabetic ciphers
• One-to-one mapping between plaintext and ciphertext
• Preserve language properties !!

• Can polyalphabetic cipher work better ?


• One letter will map to different letter at different instants
• Vigenere cipher
Vigenere Cipher
• Encrypt alphabetic text by using a series of interwoven shift
ciphers based on the letters of a keyword
• The keyword is repeated again and again so that the total length of
the secret key is equal to that of the plaintext
• Uses a 26×26 table with A to Z as the row and column headings
• Called as the Vigenere Table
Plaintext Letters

Shift by 0
Shift by 1
Shift by 2

Shift by 25
Shift by 25
Shift by 1
Shift by 2
Shift by 0
For Example,

Keyword - hope

Plaintext - elementary dear watson


Key - hopehopeho peho pehope
Plaintext Letters

Ciphertext - lztqlbieym …….


Shift by 25
Shift by 1
Shift by 2
Shift by 0
For Example,

Keyword - hope

Plaintext - elementary dear watson


Key - hopehopeho peho pehope
Plaintext Letters

Ciphertext - lztqlbieym …….

Keyword - tree

Plaintext – Information Technology

Ciphertext- ??
Shift by 25
Shift by 1
Shift by 2
Shift by 0
For Example,

Keyword - hope

Plaintext - elementary dear watson


Key - hopehopeho peho pehope
Plaintext Letters

Ciphertext - lztqlbieym …….

Keyword - tree

Plaintext – information technology

Ciphertext- bejskdexbfr xxtlrhcskr


Vigenere Cipher
• Same plaintext letter maps to different ciphertext letters
• Language structure is not preserved
Vigenere Cipher
• Same plaintext letter maps to different ciphertext letters
• Language structure is not preserved
• Is there still some loophole ??
Vigenere Cipher
• Same plaintext letter maps to different ciphertext letters
• Language structure is not preserved
• Is there still some loophole ??

• Weakness – Keyword is repeated


• E.g., if Keyword = key
• Key = keykeykeykeykey ….
Vigenere Cipher
• Same plaintext letter maps to different ciphertext letters
• Language structure is not preserved
• Is there still some loophole ??

• Weakness – Keyword is repeated


• E.g., if Keyword = key
• Key = keykeykeykeykey ….
• Every third letter is encrypted using the same shift
• Essentially we have, 3 interwoven shift ciphers, which can each
individually be broken by frequency analysis
Vigenere Cipher
• Same plaintext letter maps to different ciphertext letters
• Language structure is not preserved
• Is there still some loophole ??

• Weakness – Keyword is repeated


• E.g., if Keyword = key
• Key = keykeykeykeykey ….
• Every third letter is encrypted using the same shift
• Essentially we have, 3 interwoven shift ciphers, which can each individually be
broken by frequency analysis

• So aim is to find the length of the keyword first ..


Vigenere Cipher
• 2 tests
• Kasiski Test
• Index of coincidence
• Using these tests, the length of the keyword can be uniquely
determined
• Once keyword length is determined, apply frequency analysis to find
the secret keyword
Kasiski Test
• If two identical sequences of plaintext letters occur at a distance that
is an integer multiple of the keyword, they will generate identical
ciphertext sequences
• As same key letters will appear under the same plaintext letters then
Kasiski Test
• If two identical sequences of plaintext letters occur at a distance that
is an integer multiple of the keyword, they will generate identical
ciphertext sequences
• As same key letters will appear under the same plaintext letters then
• Example,

• "math" is encrypted in the same way to "WERR“


• Distance between first occurrence of “math” and second occurrence of “math” is 15
• Length of the keyword must be a factor of this distance
Kasiski Test

• As repeating sequences are 15 letters apart,


• Length of the key must be a factor of 15
• That is, keyword must be one of the lengths 15, 5, 3 or 1
• Definitely, cannot be 1 – easy to analyse otherwise
Kasiski Test
• If a repeated substring in a plaintext is encrypted by the same substring in the
keyword, then the ciphertext contains a repeated substring and the distance of the
two occurrences is a multiple of the keyword length
Kasiski Test
• If a repeated substring in a plaintext is encrypted by the same substring in the
keyword, then the ciphertext contains a repeated substring and the distance of the
two occurrences is a multiple of the keyword length
• Not every repeated string in the ciphertext arises in this way but the probability of a
repetition by chance is noticeably smaller
• Long repeated substrings in a ciphertext are not likely to be by chance
• But, short repeated substrings may appear more often and some of them may be
purely by chance
• Better to analyse repeated substrings of length 3 or more
• E.g., Plaintext: …. THE…………… THE.…………. NIJ…………
Keyword: …. ION…………… ION………….. ION…………
Ciphertext: …. BVR…………...BVR…………..BVR…………
Kasiski Test
• Search the ciphertext for pairs of identical segments of atleast length
three
• Record the distance between the starting positions of each of the
two segments, say ∆1 , ∆2 , ∆3 𝑒𝑡𝑐.
• Find the GCD of all the ∆𝒊 and output it as keyword length m
• Because GCD will divide all the distances
Kasiski Test
CVJTNAFENMCDMKBXFSTKLHGSOJWHOFUISFYFBEXEINFIMAYSSDY
YIJNPWTOKFRHWVWTZFXHLUYUMSGVDURBWBIVXFAFMYFYXPIGBH
WIFHHOJBEXAUNFIYLJWDKNHGAOVBHHGVINAULZFOFUQCVFBYNF
TYGMMSVGXCFZFOKQATUIFUFERQTEWZFOKMWOJYLNZBKSHOEBP
NAYTFKNXLBVUAXCXUYYKYTFRHRCFUYCLUKTVGUFQBESWYSSWLB
YFEFZVUWTRLLNGIZGBMSZKBTNTSLNNMDPMYMIUBVMTLOBJHHFW
TJNAUFIZMBZLIVHMBSUWLBYFEUYFUFENBRVJVKOLLGTVUZUAOJNV
UWTRLMBATZMFSSOJQXLFPKNAULJCIOYVDRYLUJMVMLVMUKBTNA
MFPXXJPDYFIJFYUWSGVIUMBWSTUXMSSNYKYDJMCGASOUXBYSMC
MEUNFJNAUFUYUMWSFJUKQWSVXXUVUFFBPWBCFYLWFDYGUKDRY
LUJMFPXXEFZQXYHGFLACEBJBXQSTWIKNMORNXCJFAIBWWBKCM
UKIVQTMNBCCTHLJYIGIMSYCFVMURMAYOBJUFVAUZINMATCYPBAN
KBXLWJJNXUJTWIKBATCIOYBPPZHLZJJZHLLVEYAIFPLLYIJIZMOU
DPLLTHVEVUMBXPIBBMSNSCMCGONBHCKIVLXMGCRMXNZBKQHOD
ESYTVGOUGTHAGRHRMHFREYIJIZGAUNFZIYZWOUYWQZPZMAYJFJI
KOVFKBTNOPLFWHGUSYTLGNRHBZSOPMIYSLWIKBANYUOYAPWZXH
VFUQAIATYYKYKPMCEYLIRNPCDMEIMFGWVBBMUPLHMLQJWUGSKQ
VUDZGSYCFBSWVCHZXFEXXXAQROLYXPIUKYHMPNAYFOFHXBSWVC
HZXFEXXXAIRPXXGOVHHGGSVNHWSFJUKNZBESHOKIRFEXGUFVKOL
VJNAYIVVMMCGOFZACKEVUMBATVHKIDMVXBHLIVWTJAUFFACKHCI
KSFPKYQNWOLUMYVXYYKYAOYYPUKXFLMBQOFLACKPWZXHUFJYG
ZGSTYWZGSNBBWZIVMNZXFIYWXWBKBAYJFTIFYKIZMUIVZDINLFFU
VRGSSBUGNGOPQAILIFOZBZFYUWHGIRHWCFIZMWYSUYMAUDMIYVY
AWVNAYTFEYYCLPWBBMVZZHZUHMRWXCFUYYVIENFHPYSMKBTMO
IZWAIXZFOLBSMCHHNOJKBMBATZXXJSSKNAULBJCLFWXDSUYKUCI
OYJGFLMBWHFIWIXSFGXCZBMYMBWTRGXXSHXYKZGSDSLYDGNBX
HAUJBTFDQCYTMWNPWHOFUISMIFFVXFSVFRNA
Observed distance
in ciphertext
Possible keyword lengths
Kasiski Test
CVJTNAFENMCDMKBXFSTKLHGSOJWHOFUISFYFBEXEINFIMAYSSDYY
IJNPWTOKFRHWVWTZFXHLUYUMSGVDURBWBIVXFAFMYFYXPIGBHW
IFHHOJBEXAUNFIYLJWDKNHGAOVBHHGVINAULZFOFUQCVFBYNFTY
GMMSVGXCFZFOKQATUIFUFERQTEWZFOKMWOJYLNZBKSHOEBPNAY
TFKNXLBVUAXCXUYYKYTFRHRCFUYCLUKTVGUFQBESWYSSWLBYFEF
ZVUWTRLLNGIZGBMSZKBTNTSLNNMDPMYMIUBVMTLOBJHHFWTJN
AUFIZMBZLIVHMBSUWLBYFEUYFUFENBRVJVKOLLGTVUZUAOJNVUWT
RLMBATZMFSSOJQXLFPKNAULJCIOYVDRYLUJMVMLVMUKBTNAMFP
XXJPDYFIJFYUWSGVIUMBWSTUXMSSNYKYDJMCGASOUXBYSMCMEU
NFJNAUFUYUMWSFJUKQWSVXXUVUFFBPWBCFYLWFDYGUKDRYLUJ
MFPXXEFZQXYHGFLACEBJBXQSTWIKNMORNXCJFAIBWWBKCMUKIV
QTMNBCCTHLJYIGIMSYCFVMURMAYOBJUFVAUZINMATCYPBANKBXL
WJJNXUJTWIKBATCIOYBPPZHLZJJZHLLVEYAIFPLLYIJIZMOUDPLLT
HVEVUMBXPIBBMSNSCMCGONBHCKIVLXMGCRMXNZBKQHODESYTV
GOUGTHAGRHRMHFREYIJIZGAUNFZIYZWOUYWQZPZMAYJFJIKOVFK
BTNOPLFWHGUSYTLGNRHBZSOPMIYSLWIKBANYUOYAPWZXHVFUQAI
ATYYKYKPMCEYLIRNPCDMEIMFGWVBBMUPLHMLQJWUGSKQVUDZGS
YCFBSWVCHZXFEXXXAQROLYXPIUKYHMPNAYFOFHXBSWVCHZXFEX
XXAIRPXXGOVHHGGSVNHWSFJUKNZBESHOKIRFEXGUFVKOLVJNAYI
• Common factors to all – 2, 3 and 6
VVMMCGOFZACKEVUMBATVHKIDMVXBHLIVWTJAUFFACKHCIKSFPKY • GCD – 6
QNWOLUMYVXYYKYAOYYPUKXFLMBQOFLACKPWZXHUFJYGZGSTYW
ZGSNBBWZIVMNZXFIYWXWBKBAYJFTIFYKIZMUIVZDINLFFUVRGSSBU
• Hence, likely keyword length = 6
GNGOPQAILIFOZBZFYUWHGIRHWCFIZMWYSUYMAUDMIYVYAWVNAY
TFEYYCLPWBBMVZZHZUHMRWXCFUYYVIENFHPYSMKBTMOIZWAIXZ
FOLBSMCHHNOJKBMBATZXXJSSKNAULBJCLFWXDSUYKUCIOYJGFL
MBWHFIWIXSFGXCZBMYMBWTRGXXSHXYKZGSDSLYDGNBXHAUJBTF
DQCYTMWNPWHOFUISMIFFVXFSVFRNA

Source: http://crypto.interactive-maths.com/kasiski-analysis-breaking-the-code.html
Index of Coincidence
• Appearance of repeated segments could be by chance
• To confirm the keyword size obtained by kasiski, we calculate index of
coincidence
• Is a statistical measure which helps distinguish text encrypted with a vigenere
cipher from a random text
Index of Coincidence
• A statistical measure which helps distinguish text encrypted with a vigenere
cipher from a random text
• Coincidence: Given an English text
• If we pick 2-letters from the text at random
• Both different (most of the time)
• Both same (in some cases)
Index of Coincidence
• A statistical measure which helps distinguish text encrypted with a vigenere
cipher from a random text
• Coincidence: Given an English text
• If we pick 2-letters from the text at random
• Both different (most of the time)
• Both same (in some cases)

• English language: 6.8% of the randomly chosen letters are identical


• When occurrence of all letters is equally likely, it’s 3.8%
Index of Coincidence
• The probability that two randomly selected letters from a given string of letters
will be identical
• E.g., What is the probability that two randomly drawn letters from the string X are A ?
• When the string X is Vigenere encryption of a proper English text ?
• When the string X is just a random string of English alphabets ?

X=
LACEBJBXQSTWIKNMORNXCJFAIBWWBKCMUKIVQTMNBCCTHLJYIGIMSYCFVMURMA
YOBJUFVAUZINMATCYPBANKBXLWJJNXUJTWIKBATCIOYBPPZHLZJJZHLLVEYAIFPL
LYIJIZMOUDPLL …..
Index of Coincidence of a Proper English Plaintext
• Suppose we have a long string X (length n) of English language
• The number of occurrence of each letter corresponds to the average frequency of
that letter in the English language, i.e., 8 A’s, 3 C’s, 13 E’s etc.
• Let the frequency of each letter A, B, C … Z in the given string be 𝑓0 , 𝑓1 , 𝑓2 … 𝑓25
Index of Coincidence of a Proper English Plaintext
• Suppose we have a long string X (length n) of English language
• The number of occurrence of each letter corresponds to the average frequency of that
letter in the English language, i.e., 8 A’s, 3 C’s, 13 E’s etc.
• Let the frequency of each letter A, B, C … Z in the given string be 𝑓0 , 𝑓1 , 𝑓2 … 𝑓25
n
• We can choose any two elements of string X in C2 ways
Index of Coincidence of a Proper English Plaintext
• Suppose we have a long string X (length n) of English language
• The number of occurrence of each letter corresponds to the average frequency of
that letter in the English language, i.e., 8 A’s, 3 C’s, 13 E’s etc.
• Let the frequency of each letter A, B, C … Z in the given string be 𝑓0 , 𝑓1 , 𝑓2 … 𝑓25
n
• We can choose any two elements of string X in C2 ways
f
• Number of ways of choosing two A’s from string X is: 0 C2
• Similarly, for each letter 𝑖 𝑤ℎ𝑒𝑟𝑒, 0 ≤ 𝑖 ≤ 25, no. of ways of choosing both elements
fi
to be i is: C2
Index of Coincidence of a Proper English Plaintext
• Suppose we have a long string X (length n) of English language
• The number of occurrence of each letter corresponds to the average frequency of that
letter in the English language, i.e., 8 A’s, 3 C’s, 13 E’s etc.
• Let the frequency of each letter A, B, C … Z in the given string be 𝑓0 , 𝑓1 , 𝑓2 … 𝑓25
n
• We can choose any two elements of string X in C2 ways
f
• Number of ways of choosing two A’s from string X is: 0 C2
• Similarly, for each letter 𝑖 𝑤ℎ𝑒𝑟𝑒, 0 ≤ 𝑖 ≤ 25, no. of ways of choosing both elements to
fi
be i is: C2

σ25 fi C σ25 2
𝑖=0 𝑓𝑖 (𝑓𝑖 −1) 25 𝑓𝑖
• Thus, IC (X) = 𝑖=0
𝑛
2
= ≈ σ𝑖=0 = σ25
𝑖=0 𝑝𝑖
2
C2 𝑛(𝑛−1) 𝑛
• Here, 𝑝𝑖 denotes the probability of occurence of each letter in English language
Index of Coincidence of a Proper English Plaintext

• Table – 1.1 presents – prob. of


occurrence of the 26 letters in a
normal English plaintext string
• In a Vigenere encrypted
ciphertext string also, the same
probabilities will occur
• As it is a combination of
interwoven shift ciphers
• Only the first column of the table
will be permuted.

Ref: D.R. Stinson, Cryptography: Theory and Practice, Third Edition, CRC Press, 2006.
Index of Coincidence of English Letters

𝐼𝑐 (𝑥) ≈

Ref: D.R. Stinson, Cryptography: Theory and Practice, Third Edition, CRC Press, 2006.
Index of Coincidence of a Random String
• Suppose we have a long string Y (length n)
• The elements of Y do not follow English letters frequency distribution
• Infact, each letter has equal probability of occurrence
• The chance of pulling out an A is 1/26
Index of Coincidence of a Random String
• Suppose we have a long string Y (length n) of random English letters
• The elements of Y do not follow English letters frequency distribution
• Infact, each letter has equal probability of occurrence
• The chance of pulling out an A is 1/26
• The probability of pulling out two As simultaneously is (1/26)*(1/26)
• The chance of drawing any pair of identical letters is: 26*(1/26)*(1/26) = (1/26) = 0.0385
Index of Coincidence of a Random String
• Suppose we have a long string Y (length n) of random English letters
• The elements of Y do not follow English letters frequency distribution
• Infact, each letter has equal probability of occurrence
• The chance of pulling out an A is 1/26
• The probability of pulling out two As simultaneously is (1/26)*(1/26)
• The chance of drawing any pair of identical letters is: 26*(1/26)*(1/26) = (1/26) = 0.0385

• So the IC of an evenly distributed set of letters is 0.0385


Index of coincidence
• Let ciphertext string 𝑦 = 𝑦1 , 𝑦2 , 𝑦3 , … . ., 𝑦𝑛
• E.g., 𝑦 = xwxvxzagof txgo jgakdz
• Let us suppose, through Kasiski test , we obtained length of keyword m = 3
• Define m substrings of y as follows:
𝑦1 = xvafggd = 𝑦1 𝑦 𝑚+1 𝑦 2𝑚+1 … .
𝑦2 = wxgtoaz = 𝑦2 𝑦 𝑚+2 𝑦 2𝑚+2 … .
𝑦3 = xzoxjk = 𝑦3 𝑦 𝑚+3 𝑦 2𝑚+3 … .





Index of coincidence
• If m is the right option, then
𝐼𝐶 𝑦 ≈ 0.065
since, each 𝑦𝑖 is just a shifted version of the proper English plaintext
substrings
• If not, value of m obtained is not right
• For a totally random ciphertext string
1 2
𝐼𝐶 𝑦 = 26 = 0.038
26
EXAMPLE
CVJTNAFENMCDMKBXFSTKLHGSOJWHOFUISFYFBEXEINFIMAYSSDYYI
cvjtna fiyljw uycluk tvuzua
JNPWTOKFRHWVWTZFXHLUYUMSGVDURBWBIVXFAFMYFYXPIGBHWIF fenmcd dknhga tvgufq ojnvuw
HHOJBEXAUNFIYLJWDKNHGAOVBHHGVINAULZFOFUQCVFBYNFTYGM
MSVGXCFZFOKQATUIFUFERQTEWZFOKMWOJYLNZBKSHOEBPNAYTFK
mkbxfs ovbhhg beswys trlmba
NXLBVUAXCXUYYKYTFRHRCFUYCLUKTVGUFQBESWYSSWLBYFEFZVU tklhgs vinaul swlbyf tzmfss
WTRLLNGIZGBMSZKBTNTSLNNMDPMYMIUBVMTLOBJHHFWTJNAUFIZ
MBZLIVHMBSUWLBYFEUYFUFENBRVJVKOLLGTVUZUAOJNVUWTRLMB
ojwhof zfofuq efzvuw ojqxlf
ATZMFSSOJQXLFPKNAULJCIOYVDRYLUJMVMLVMUKBTNAMFPXXJPD uisfyf cvfbyn trllng pknaul
YFIJFYUWSGVIUMBWSTUXMSSNYKYDJMCGASOUXBYSMCMEUNFJNAU
FUYUMWSFJUKQWSVXXUVUFFBPWBCFYLWFDYGUKDRYLUJMFPXXEFZ
bexein ftygmm izgbms jcioyv
QXYHGFLACEBJBXQSTWIKNMORNXCJFAIBWWBKCMUKIVQTMNBCCT fimays svgxcf zkbtnt dryluj
HLJYIGIMSYCFVMURMAYOBJUFVAUZINMATCYPBANKBXLWJJNXUJT
WIKBATCIOYBPPZHLZJJZHLLVEYAIFPLLYIJIZMOUDPLLTHVEVUMBXP
sdyyij zfokqa slnnmd mvmlv
IBBMSNSCMCGONBHCKIVLXMGCRMXNZBKQHODESYTVGOUGTHAGRH npwtok tuifuf pmymiu m
RMHFREYIJIZGAUNFZIYZWOUYWQZPZMAYJFJIKOVFKBTNOPLFWHGU
SYTLGNRHBZSOPMIYSLWIKBANYUOYAPWZXHVFUQAIATYYKYKPMCE
frhwvw erqtew bvmtlo ukbtna
YLIRNPCDMEIMFGWVBBMUPLHMLQJWUGSKQVUDZGSYCFBSWVCHZX tzfxhl zfokmw bjhhfw mfpxxj
FEXXXAQROLYXPIUKYHMPNAYFOFHXBSWVCHZXFEXXXAIRPXXGOVH
HGGSVNHWSFJUKNZBESHOKIRFEXGUFVKOLVJNAYIVVMMCGOFZACKE
uyumsg ojylnz tjnauf pdyfij
VUMBATVHKIDMVXBHLIVWTJAUFFACKHCIKSFPKYQNWOLUMYVXYYK vdurbw bkshoe izmbzl fyuwsg
YAOYYPUKXFLMBQOFLACKPWZXHUFJYGZGSTYWZGSNBBWZIVMNZX
FIYWXWBKBAYJFTIFYKIZMUIVZDINLFFUVRGSSBUGNGOPQAILIFOZBZF
bivxfa bpnayt ivhmbs viumbw
YUWHGIRHWCFIZMWYSUYMAUDMIYVYAWVNAYTFEYYCLPWBBMVZZH fmyfyx fknxlb uwlbyf stuxms
ZUHMRWXCFUYYVIENFHPYSMKBTMOIZWAIXZFOLBSMCHHNOJKBMB
ATZXXJSSKNAULBJCLFWXDSUYKUCIOYJGFLMBWHFIWIXSFGXCZBMY
pigbhw vuaxcx euyfuf snykyd
MBWTRGXXSHXYKZGSDSLYDGNBXHAUJBTFDQCYTMWNPWHOFUISMI ifhhoj uyykyt enbrvj jmcgas
FFVXFSVFRNA
bexaun frhrcf vkollg ouxbys
mcmeu
EXAMPLE
• cfmtoubfsnftuvbfpibfdovzcfsztezobbfvufutbsetizspbbtiiueevtottopjdmumpfvssjomfufsubfdmfgbtof
bibjsubutnjttpjvpipepnoicbeogfifopffpunolnpftpimwpjqswfqpmowfiosfbiuvvoetmiuhpoxoxopfssifb
fizfsoifiiumwfpzmunmizmjtsbxughsbthsguqnuff
• vekkjieidprzydimifeikvifvtvfurfjkpkuyryvewfrzklmvjjzvwunkvjrzjkcrvkfdyitnmucjyjvfcdrfzfjwrakvcyy
rjzckjwcpjelzlvisnvrksurrzzuzjklsrpwywuymrevlwvyveripfvervvjerfjvfvvvvfcklyyffwjtnviktzdubpfyrzy
ivewzryfkzfckzkjdcfffmrxdnjcpivr
• jnblwsxmywhfuuvyghxynbnofygoiqoysnnayhcgslzlgbnymhnmhlybounlmqniymbpyuuuycxmnuuxffy
ypqlbinicqcicmuiybniizzylmlubcblmqyghegiymibfyhmiuzqycnibhuuccxounhcxphnusfvnmzuhxwfiyu
yyllzyybmybimivuqouhmmynybhwyhbwohbxncsiligygysbbywsxn
• tmxhhfeaytwxmrxfbhalhhafbgxkftklhaxxkrluwbvlbtnmthabmbfrlzvmfxaolltxfwmxkgbeamkxbyglxxa
xkxbmttgfafnpxxkohhayotmbmhxxhttryaywaktwtbikoxakepmbmgdfhxlkaxhxxhhkhekamamkbtakq
mkpmaxgwbnwafunrgazwwwavaybzxvptalhmxaluomwxmxklxtthmfa
• ncfgoyiyiovhsbfyhoujghuuymcquemnoylcycufyyunmnmilfuzbyuvluubsluyuvnxisbmyayuuwqupluux
ycqncwumhivyvmblubylliiuhbmccmnovhmiuzqyonhlzybyhiyycfmlszbzxyyybzxxgwnoxoyccbihjcsnyy
ubchzzwzxyyilgnibhcyuyycmuciymibnbjufyybicbxzyhfmois
• adssffnsjkwlgwaxwjnwaglqnmfafwwzetbxtfkqsfwgstduowflsffjgawasflvjmajjgwsdssnfswvwwkjehes
mjwknlmmoaaawjabzlfjdvxsgkgzdgahjnwzjvoggssaavakldguqkgsxaxhfsxaggszkgligkadlakfwvakqkug
gzxwjkvfsglzgfsdatlvhfesoxsoaslwkjwxzwsgdadwffv
EXAMPLE
• cfmtoubfsnftuvbfpibfdovzcfsztezobbfvufutbsetizspbbtiiueevtottopjdm
umpfvssjomfufsubfdmfgbtofbibjsubutnjttpjvpipepnoicbeogfifopffpun
olnpftpimwpjqswfqpmowfiosfbiuvvoetmiuhpoxoxopfssifbfizfsoifiium
wfpzmunmizmjtsbxughsbthsguqnuff
• IC(Str1) = .065
• vekkjieidprzydimifeikvifvtvfurfjkpkuyryvewfrzklmvjjzvwunkvjrzjkcrvkfdyitn
mucjyjvfcdrfzfjwrakvcyyrjzckjwcpjelzlvisnvrksurrzzuzjklsrpwywuymrevlwvy
veripfvervvjerfjvfvvvvfcklyyffwjtnviktzdubpfyrzyivewzryfkzfckzkjdcfffmrxdnj
cpivr
• IC(Str2) = .063
EXAMPLE
• IC(str 3) : 0.065
• IC(str 4) : 0.068
• IC(str 5) : 0.068
• IC(str 6) : 0.065
EXAMPLE
• IC(str 3) : 0.065
• IC(str 4) : 0.068
• IC(str 5) : 0.068
• IC(str 6) : 0.065

• As all the substrings have IC values close to 0.065, this shows our
keyword length guess = 6 is correct
• Frequency analysis of each of the 6 substrings lead us to the keyword
EXAMPLE
• IC(str 3) : 0.065
• IC(str 4) : 0.068
• IC(str 5) : 0.068
• IC(str 6) : 0.065

• As all the substrings have IC values close to 0.065, this shows our keyword
length guess = 6 is correct
• Frequency analysis of each of the 6 substrings lead us to the keyword –
“BRUTUS”
MAPPING UNDER THE KEYWORD – “BRUTUS”
CVJTNAFENMCDMKBXFSTKLHGSOJWHOFUISFYFBEXEINFIMAYSSDYY Be patient till the last. Romans, countrymen, and lovers! hear me for my cause,
IJNPWTOKFRHWVWTZFXHLUYUMSGVDURBWBIVXFAFMYFYXPIGBHWI and be silent, that you may hear: believe me for mine honour, and have respect
FHHOJBEXAUNFIYLJWDKNHGAOVBHHGVINAULZFOFUQCVFBYNFTYG to mine honour, that you may believe: censure me in your wisdom, and awake
MMSVGXCFZFOKQATUIFUFERQTEWZFOKMWOJYLNZBKSHOEBPNAYT your senses, that you may the better judge. If there be any in this assembly, any
FKNXLBVUAXCXUYYKYTFRHRCFUYCLUKTVGUFQBESWYSSWLBYFEFZV dear friend of Caesar's, to him I say, that Brutus' love to Caesar was no less
UWTRLLNGIZGBMSZKBTNTSLNNMDPMYMIUBVMTLOBJHHFWTJNAUF than his. If then that friend demand why Brutus rose against Caesar, this is my
IZMBZLIVHMBSUWLBYFEUYFUFENBRVJVKOLLGTVUZUAOJNVUWTRLM answer: —Not that I loved Caesar less, but that I loved Rome more. Had you
BATZMFSSOJQXLFPKNAULJCIOYVDRYLUJMVMLVMUKBTNAMFPXXJP rather Caesar were living and die all slaves, than that Caesar were dead, to live
DYFIJFYUWSGVIUMBWSTUXMSSNYKYDJMCGASOUXBYSMCMEUNFJN all free men? As Caesar loved me, I weep for him; as he was fortunate, I rejoice
AUFUYUMWSFJUKQWSVXXUVUFFBPWBCFYLWFDYGUKDRYLUJMFPXX at it; as he was valiant, I honour him: but, as he was ambitious, I slew him.
EFZQXYHGFLACEBJBXQSTWIKNMORNXCJFAIBWWBKCMUKIVQTMNB There is tears for his love; joy for his fortune; honour for his valour; and death
CCTHLJYIGIMSYCFVMURMAYOBJUFVAUZINMATCYPBANKBXLWJJNX for his ambition. Who is here so base that would be a bondman? If any, speak;
UJTWIKBATCIOYBPPZHLZJJZHLLVEYAIFPLLYIJIZMOUDPLLTHVEVUM for him have I offended. Who is here so rude that would not be a Roman? If
BXPIBBMSNSCMCGONBHCKIVLXMGCRMXNZBKQHODESYTVGOUGTHA any, speak; for him have I offended. Who is here so vile that will not love his
GRHRMHFREYIJIZGAUNFZIYZWOUYWQZPZMAYJFJIKOVFKBTNOPLF country? If any, speak; for him have I offended. I pause for a reply. Then none
WHGUSYTLGNRHBZSOPMIYSLWIKBANYUOYAPWZXHVFUQAIATYYKYK have I offended. I have done no more to Caesar than you shall do to Brutus.
PMCEYLIRNPCDMEIMFGWVBBMUPLHMLQJWUGSKQVUDZGSYCFBSWV The question of his death is enrolled in the Capitol; his glory not extenuated,
CHZXFEXXXAQROLYXPIUKYHMPNAYFOFHXBSWVCHZXFEXXXAIRPXX wherein he was worthy, nor his offences enforced, for which he suffered death.
GOVHHGGSVNHWSFJUKNZBESHOKIRFEXGUFVKOLVJNAYIVVMMCGOF Here comes his body, mourned by Mark Antony: who, though he had no hand in
ZACKEVUMBATVHKIDMVXBHLIVWTJAUFFACKHCIKSFPKYQNWOLUMY his death, shall receive the benefit of his dying, a place in the commonwealth;
VXYYKYAOYYPUKXFLMBQOFLACKPWZXHUFJYGZGSTYWZGSNBBWZI as which of you shall not? With this I depart,—that, as I slew my best lover for
VMNZXFIYWXWBKBAYJFTIFYKIZMUIVZDINLFFUVRGSSBUGNGOPQAILI the good of Rome, I have the same dagger for myself, when it shall please my
FOZBZFYUWHGIRHWCFIZMWYSUYMAUDMIYVYAWVNAYTFEYYCLPWB country to need my death.
BMVZZHZUHMRWXCFUYYVIENFHPYSMKBTMOIZWAIXZFOLBSMCHHN
OJKBMBATZXXJSSKNAULBJCLFWXDSUYKUCIOYJGFLMBWHFIWIXSFG
XCZBMYMBWTRGXXSHXYKZGSDSLYDGNBXHAUJBTFDQCYTMWNPW
HOFUISMIFFVXFSVFRNA
Takeaway ….
• Large key size is a necessary condition but not a sufficient condition to
provide security.
• As long as statistical relationship between plaintext and ciphertext or
plaintext and key remains, cipher is not secure.
Conclusions

• All secure cipher needs sufficient key-space


• Complexity of design does not mean security
• Designing secure ciphers is hard
• Classical ciphers are broken
Modern Cryptography

Symmetric Cipher

Block Cipher Stream Cipher


Watch neso's cryptography and network security,
Block Cipher videos 57-60
• Encrypts data in blocks
• Message 𝑃 = 𝑃1 , 𝑃2 , … . , 𝑃𝑛
• Each 𝑃𝑖 is encrypted separately
Plaintext (n bits)

Key (k bits) E Ciphertext (n bits)


Block Cipher
• Encrypts data in blocks
• Message 𝑃 = 𝑃1 , 𝑃2 , … . , 𝑃𝑛
• Each 𝑃𝑖 is encrypted separately
Plaintext (n bits)

Key (k bits) E Ciphertext (n bits)

• Popular block ciphers: DES, AES, RC5, Blowfish, FEAL etc.


Typical block size – 64-, 128-bits
Typical key size – 128, 192, 256-bits
Block Cipher
• Encrypts data in blocks
• Message P = 𝑃1 , 𝑃2 , … . , 𝑃𝑛
Iterative Block Cipher
• Constructed by repeating a simple function
called the round function (F) multiple times
• Parameters
• No. of rounds
• Block size n
• Keysize k
• Idea is to make a strong encryption function
out of a weaker round function (that is easy
to implement ) by repeatedly using it
• Iterated block cipher is represented as:
• 𝐸𝑘 ⋅ = 𝐹𝑖 𝐾𝑖 ,⋅ ∘ 𝐹𝑖−1 𝐾𝑖−1 ,⋅ ∘ … .∘ 𝐹1 (𝐾1 )
Inside the Block Cipher
• Key Schedule algorithm (KSA)
• Round keys (k i ) are generated from the
master secret key using KSA
• E.g., Master Key – 128 bits
Round keys – 64-bits
• For every subkey, the round function should
be invertible, otherwise decryption is not
possible
DES and Triple-DES
• Data Encryption Standard (DES) is the most widely used encryption
scheme adopted in 1977
- uses 64 bit plaintext block and 56 bit key to produce a 64 bit
ciphertext block
• key size 56 bits (vulnerable to brute-force attacks) is not sufficient!!!

Triple DES (3DES)


• Repeats basic DES algorithm three times using 2 or 3 unique keys,
• Effective key length= 112 bits
• Much more secure but much slow on software
The Feistel
Structure of
DES
The Feistel
Structure of
DES
Advanced Encryption Standard(AES)
• In 1997, NIST (National Institute of Standards and Technology) issued
a call for a new proposal
Neso's video 65
• Security strength ≥ Triple DES You may skip the video if not really
• Block length of 128-bits interested

• Means better replacement for DES


• 2001: Rijndael selected as the winner
- Designed by Belgian researchers Joan Daemen and Vincent Rijmen
• uses 128 bit data & 128/192/256 bit keys
• Now widely available commercially
Advanced Encryption Standard(AES)
• None of the attacks break AES much better than brute force
• Except side channel attack (SCA)
• However, it is applicable to specific scenario only
• Intel chips have special instruction sets for AES. Allows extremely
efficient implementation. Can resist many SCA as well.
• Every famous Cryptographic library used on the web has an
implementation of AES in it.
• OpenSSL, cryptlib, Crypto++, etc.
Stream Ciphers
• Type of symmetric encryption in which input data is encrypted one bit
(sometimes one byte) at a time
Stream Ciphers
• Type of symmetric encryption in which input data is encrypted one bit
(sometimes one byte) at a time

BLOCK CIPHER vs. STREAM CIPHER


Block Cipher Stream Cipher
1. In one process cycle, a whole block of 1. In one process cycle, a single bit of
data (e.g., 128-bits) is encrypted together data (i.e., 1-bit) is only encrypted
2. The same key is used to encrypt 2. Different key is used to encrypt each of
different blocks the bit
3. Usually more complex and slower in 3. Much simpler in design and faster
speed speed
4. Same key can be used to encrypt one 4. Different keys have been used to
or more plaintexts encrypt more than one plaintext
Stream Ciphers
• E.g., RC4, A5, SEAL etc.

• Encryption
𝑌𝑖 = 𝑋𝑖 ⊕ 𝑠𝑖
• Decryption
𝑋𝑖 = 𝑌𝑖 ⊕ 𝑠𝑖
Stream Ciphers
• E.g., RC4, A5, SEAL etc.

• Encryption
𝑌𝑖 = 𝑋𝑖 ⊕ 𝑠𝑖
• Decryption
𝑋𝑖 = 𝑌𝑖 ⊕ 𝑠𝑖
• The keystream is denoted by the symbol “s”

You might also like