암호학 (cryptology)

Prof. Jk LEE/security 1

암호학암호학 (Cryptology)(Cryptology)

Bob Alice

공격자

암호문평문 평문


비자카드 번호 확인

0699 0043 1313 9642

1st16th

Select odd numbers0699 0043 1313 9642

Select even numbersAfter * 2, if 9 then -9

0699 0083 2323 9682

0+6+9+9+0+0+8+3+2+3+2+3+9+6+8+2= 70

*10*10


암호학암호학 (Cryptology)(Cryptology) 이란이란 ??

암호화 기법과 암호분석기법에 관한 원리 , 수단 ,방법을 연구하는 학문

평문의 해독 불가하도록 하는 방법과 해독 불가능한 메시지를 해독 가능하도록 형태를 바꾸는 방법으로 구성


Basic Encryption and Basic Encryption and DecryptionDecryption

S R sender message receiver

S T R sender transmission medium receiver

S R sender access receiver O interceptor/intruder


S T R sender access receiver O interceptor/intruder

- block- intercept- modify- fabricate


TerminologyTerminology

Encryption Decryption Cryptosystem: system for encryption and decryption

Plaintext Ciphertext


Encryption AlgorithmsEncryption Algorithms

Encryption

encryption decryptionplaintext ciphertext

Originalplaintext



Originalplaintext

key key

Symmetric cryptosystem


Originalplaintext

Encryption Key:KE

DecryptionKey:KD

Asymmetric cryptosystem


CryptanalysisCryptanalysis

Cryptography: hidden writing cryptanalyst: studies

encryption,encryption message cryptology: research of encryption

and decryption


- attempt to break a single message- attempt to recognize patterns in encrypted

message- attempt to find general weaknesses in an

encryption algorithm

Cryptanalyst’s chore:

break an encryption !


암호시스템의 설계요건암호시스템의 설계요건

난이도가 클 것 키의 크기가 작을 것 암 . 복호화 여건의 간결성과 처리속도의 효율성 에러 전파율이 적을 것


암호시스템의 분류암호시스템의 분류

시대별 분류 : 고전 암호시스템 :19 세기이전 근대 암호시스템 :1,2 차 대전 현대암호화 시스템 :1950 년이후

평문의 암호화 단위분류 : 블록 암호시스템 스트림 암호시스템

암호화 형식에 의한 분류 : 비밀키 ( 대칭형 ) 암호시스템 : 비밀키 공개키 ( 비대칭형 ) 암호시스템 : 공개키와 비공개키


스트림 암호 : stream cipher


Originalplaintext

키 생성 알고리즘비밀키 기밀성과 무결성이 보장되는 채널

암호화의 속도가 빠르다

오류의 영향이 적다

비트가 독립적인 관계로 각각의 비트를 암호의 개별적인 개체로 취급이 가능

암호키에 대한 엄격한 동기화 요구

Synchronization!

키 생성 알고리즘이 중요 !

평문 길이 최소 단위 : 한 개 단위의

비트나 문자


블록 암호블록 암호 :Block cipher:Block cipher

encryption decryptionplaintext

Bolckciphertext

Originalplaintext

비밀키 기밀성과 무결성이 보장되는 채널

평문의 길이가 한개이상

DES,RSA 등

암호화 , 블럭화에 대한 처리 시간이 요구

오류시 다른 비트등에 영향

스트림 암호와 대칭성


관용암호시스템 :conventional cryptosystem

대칭형암호시스템 :symmetric cryptosystem

Ex) DES

송수신자간에 대칭키 ( 비밀 키 ) 공유

or

암호화 ,복호화 키가

동일


공개키암호시스템 :Public-key cryptosystem

비대칭형암호시스템 :Asymmetric cryptosystem

Ex) 디지털 서명 , 개인신분확인등에 활용

송신자 : 공개키 , 수신자 : 개인키

or

암호화 ,복호화 키가 다를 경우


Representation of Representation of CharactersCharacters

Letter/code A 0 B 1 C 2 D 3 E 4 F 5 G 6 H 7 I 8 J 9

K 10 L11 M12 N13 O14 P15 Q16 R17 S18 T19

U20 V21 W22 X23 Y24 Z25

A + 3 =D or K -1 = J :modular arithmetic


Monoalphabetic ciphersMonoalphabetic ciphers

The Caesar cipher:

Ci =E(pi) =pi +3

Plaintext: A B C D E F G H I J K L M N O P Q R S T U V W X Y ZCiphert.: D E F G H I J K L M N O P Q R s T U V W X Y Z A B CEx) TREATY IMPOSSIBLE WUHDWB LPSRVVLEOH


ExampleExampleL FDPH L VDZ L FRQTXHUHG

I I+3I I+3

L I ??L I ??

I CAME I SAW I CONQUERED


P: I DO NOT LIKE BRUTUS

C: L GR QRW OLNH BUXWXV

F(m) = (m+?) mod 26


Advantage/disadvantage of Advantage/disadvantage of the Caesar cipherthe Caesar cipher

Quite simple cipher obvious pattern is major weakness

암호화 : C = Ek(m) = (m + k) mode 26

복호화 : m = Dk(c) = (c - k) mode 26


Ex)

UZQSOVUOHXMOPVGPOPEVSGZWSZOPFPESXUDBMETSXAIZ

VUEPHZHMDZSHZOWSFPAPPDTSVPQUZWTMXUZUHSX

EPTEPOPDZSZUFPOMBZWPFUPZHMDJUDTMOHMQ

Frequency distributionsFrequency distributions


Frequency distributionsFrequency distributions

Cipher’s frequency:

P 13.13 Z 11.67 S 8.33 U 8.33 O 7.50 M 6.67

H 5.83 D 5.00 E 5.00 V 4.17 X 4.17 F 3.33

W 3.33 Q 2.50 T 2.50 A 1.67 B 1.67 G 1.67

Y 1.67 I 0.83 J 0.83 C 0 K 0 L 0

N 0 R 0


E 12.75 T 9.25 R 8.50 N 7.75 I 7.75 O 7.50 A 7.25S 6.00 D 4.25 L 3.75 H 3.50 C 3.50 F 3.00 U 3.00M 2.75 P 2.75 Y 2.25 G 2.00 W 1.50 V1.50 B 1.25K 0.50 X 0.50 Q 0.50 J 0.25 Z 0.25

Frequencies of English letters


P:e, Z:t {S,U,O,M,H} {r,n,I,o,a,s} {A,B,G,Y,I,J} {w,v,b,k,x,q,j,z} digraph:2 문자 빈도 : “th” ZW 3times occurs: Z:t,W:h “ZWP” the : trigraph


UZQSOVUOHXMOPVGPOZPEVSGZWSZOPFPESXUDBMETSXAI

Z

t a e e t e a t h a t e e a a

VUEPHZHMDZSHZOWSFPAPPDTSVPQUZWTMXUZUHSX

e t t a t h a e e e a e t h t a

EPTEPOPDZSZUFPOMBZWPFUPZHMDJUDTMOHMQ

e e e t a t e t h e et


“ it was disclosed yesterday that several informal but

direct contacts have been made with political

representatives of the viet cong in moscow”


Other monoalphabetic substitutiOther monoalphabetic substitutionsons

Permutation: number of 1 to 10 1 = 1,3,5,7,9,10,8,6,4,2

2 = 10,9,8,7,6,5,4,3,2,1

ex) 1(3) = 5 or 2(7) = 4


Let a1,a2,…,ak be a set of the plaintext alphabet, is a permutation of 1,2,..,k in a monoalphabetic su

bstitution each ci is a(pi).

Ex) () = 25 - then A : z, B:y and Z: a

ABCDEFGHIJKLMNOPQRSTUVWXYZ ke y a bc d fg hi j l m no pq r s t u v wxz


ABCDEFGHIJKLMNOPQRSTUVWXYZ sp ec t a u l r bd f g h i j kmn oq v wxyz :spectacular

ex) ABCDEFGHIJKLMNOPQRSTUVWXYZ a dg j

permutation: () = (3* ) mod 26 (K) = (3* 10) mod 26 =30-26=4=e


Cryptanalysis of monoalphabetic Cryptanalysis of monoalphabetic ciphersciphers

Brute-force: 가능한 모든 키를 시도 Probable-word attack: 추정단어공격 ex) 계좌 화일의 전송 --> 파일 머릿부분에

키워드의 존재 원시코드 --> 표준화 된 위치에 키 문장 암호알고리즘의 특성 :

절대 안정성 계산상 안정성 : 정보가치초과 , 유효기간초과


steganographysteganography

문자 마킹 (character marking) 보이지 않는 잉크 (invisible ink) 핀 구멍 (Pin punctures) 타자수정리본 (tpewriter correction ribbo

n)


Polyalphabetic substitution ciphPolyalphabetic substitution ciphersers

If T --> a, or T --> b and X --> a or X --> b:

T:high frequency X:low frequencyE1(T) = a, E2(T) = b while E1 (X)= b and E2(X)= a

combine two distributions: odd positions even positions


Two encryption algorithmsTwo encryption algorithms

Odd positions:A B C D E F G H I J K L M N O P Q Ra d g j m o s v y b e h k n q t w zS T U V W X Y Zc f i l o r u x: () = (3* ) mod 26


Even positions:A B C D E F G H I J K L M N O P Q Rn s x c h m r w bg l q v a f k p u S T U V W X Y Zz e j o t y d i: () = ((5* )+ 13) mod 26


exampleexample

TREATY IMPOSSIBLE

TREAT YIMPO SSIBL E encryption

fumnf dyvtv czysh h


Vigenere tableauxVigenere tableaux

“but soft what light through yonder window breaks”

juliet : key words

julie tjuli etjul ietju lietj uliet julie tjuli BUTSO FTWHA TLIGH TTHRO UGHYO NDERW INDOW BREAK

En

KOEAS YCQSI …..


Cryptanalysis of polyalphabetic Cryptanalysis of polyalphabetic substitutionsubstitution

Kasiski method for repeated patterns:use repetions in the ciphertext to give cluses to the dryptanalyst of the period

P : TOBEO RNOTT OBEK: NOWNO WNOWN OWNC: GCXRC NACPG CXR


Index of coincidence(IC): introduced in 1920 by W. Friedman

measures the variation in the frequencies of the letters in a cipheretext


exampleexample

Dcrypt using vigenere ciper: TSMVM MPPCW CZUGX HPECP RFAUE IOBQW PPIMS FXIPC TSQPK SZNUL OPACR DDPKT SLVFW ELTKR GHIZS FNIDF ARMUE NOSKR GDIPH WSGVL EDMCM SMWKP IYOJS TLVFA HPBJI RAQIW HLDGA IYOU


Ic =0.04066 : (P(ai)) split the ciper text into 5 ection gettings:

a->6 g->5 I->6 q->3 v->4b->2 h->5 m->8 r->6 w->6c->6 I->10 n->3 s->10 x->2d->6 j->2 o->5 t->5 y->2e->5 k->5 p->l3 u->5 z->3f->6


We split the cipher text into five sections getting:

TMCHRIPFTSODSEGFANGWESITHRHI from text positions 51, l = 0, I, ...,27. SPZPFOPXSZPDLLHNRODSDMYLPALY from text positions 51+1, l " 0,1,...,27. MPHEABIIQNAPVTIIMSIGMWOVBQDO from text positions 51+2, l = 0,1,...,27. VCGCUQMPPUCKFKZDUKPVCKJFJIGU from text positions 51+3, l = 0,1,..., 27. MWXPEWSCKLRTWRSFERHLMPSAIWA from text positions 51+4, l = 0,1,..., 27.

5i=0.04233 5i+1=0.06614 5i+2=0.05026

5I+3=0.06614 5I+4=0.04843


The second section is:

SPZPFOPXSZPDLLHNRODSDMYLPALY

P-> E, Q-> F:

HEOEUDEMHOESAAWCGDSHSBNAEPAN

The fourth section is:

VCGCUQMPPUCKFKZDUKPVCKJFJIGU

U->A,V-> B:

BIMIAWSVVAIQLQFJAQVBIQPLFOMA


C-> A or K-> A. Trying these gives respectively:

TAEASOKNNSAIDIXBSINTAIHDHGES

CGCEGCFFECAFAJDEAFFCADFDCGE

Of these two the first looks the most promising so we look at what we have for our five sections as rows:

………………………………………………...

HEOEUDEMHOESAAWCGDSHSBNAEPAN

………………………………………………...

TAEASOKNNSAIDIXBSINTAIHDHGES

………………………………………………...


M -> E, N-> F,... in the third row giving:

TMCHRIPFTSODSEGFANGWES ITHRHIHEOEUDEMHOESAAWCGDSHSBNAEPANE H M WSTAAIFSHN L A AE K A YEOGN T IVGTAEASOKNNSAIDIXBS INTAIHDHGES

Hence we decide that the plaintext is:

THE TIME HAS COME THE WALRUS SAID TO SPEAK OFMANY THINGS OF SHOES AND SHIPS AND SEALING WAX OF CABBAGES AND KINGS AND WHY THE SEA IS BOLLING HOT AND WHETHER PIGS HAVE WINGS


EXAMPLEEXAMPLE

“STAR WARS”

I KNOW ONLY THAT I KNOW NOTHING

H UINF NIAP OCSO H UINF INOCHIT


VERNAM CIPHERVERNAM CIPHER

VERNAMCIPHER 21417130122 8157 417 76 48 16 82 44 03 58 II 60 05 48 8

Plaintext VERNAMCIPHE RNumeric Equivalent 21 4 17 13 0 12 2 8 15 7 4 17

+ Random Number 76 48 16 82 44 3 58 II 60 5 48 88

=Sum 97 52 33 95 44 15 60 19 75 12 52 105

= mod 26 19 0 7 17 18 15 8 19 23 12 0 1

Ciphertext : tahrsp itxma


LONG SEQUENCE FROM LONG SEQUENCE FROM BOOKSBOOKS

“What of thinking? I am,Iexist,that is certain”

Machine cannot think

iamie xistt hatis cert MACHI NESCA NNOTT HINK


USED BY VIGENERE TABLE:

Machines cannot think

uaopm kmkvt unhbl jmed


High-frequency letters: A,E,O,T : 40% and N,I: 25%

a e I n o t

A a e I n o tE e l m r s xI I m r w x cN n r w b c hO o s x c d lT t x b g h m


Ci : u a o p m k m k v t Po: ? AA ? E ? E ? ? A O I I T T T


Dual message entagementDual message entagement

Key : disregardthismessage mess: thismessageiscrucial

wpajqejvdzlqkovvmulgp


transpositiontransposition

plaintext --> rearrangement --> cipertext

ex) Cryptanalyst; 3 x4 matrix:column tr.

1 2 3 4 c r y p row 2,4,1,3 t a n a RAYPATCTLYNS

l y s t


exampleexample

Suppose d =4, f=(2 3 4 1): Ptx: cryp togr aphy

Cxt: pcry rtog yaph how identity? How to decipher?


General monoalphbetic cipersGeneral monoalphbetic cipers

“starw wars” --> starw STARW BCDEF GHIJK LMNOP QUVXY Z


ABCDEFGHIJKLMNOPQRSTUVWXYZ

SBGLQZTCHMUADINVREJOXWFKPY


EXAMPLE(report)EXAMPLE(report)

DE : BASED ON FREQUENCY

BRYH DRL R ITEEIA IRBS TEF CIAAXA NFR NDTEA RF FGKN RGL

AOAYJNDAYA EDRE BRYH NAGE EDA IRBS NRF FMYA EK ZK TE CKIIKNAL DAY EK FXDKKI KGA LRH NDTXD NRF RZRTGFE EDA YMIAF


“Mary had a little lamb its fleece was white as snow and everywhere that mary went the lamb was sure to go it followed her to school one day which was against the rules.”


ExampleExample

Columnar transpositionst hisi samessaget oshowhowacolumnartransposI tion : tssoh oaniw haaso lrsto imghwworks utpir seeoa mrook istwc nasns

c1 c2 c3 c4 c5 c6 c7 c8 c9 c10c11 c12 etc.


Most common Diagrams and Trigrams

diagrams trigramsen entre ioner andnt ingth iveon tioin fortf ouran thior one


Cryptanalysis by Diagram AnalysisCryptanalysis by Diagram Analysis

Two different strings of letters from a transposition ciphertext can represent pai

rs of adjacent letters from the plaintext.

Problems: to find where in the cipertext a pair of adjacent olumns lies where the ends of the columns are


c1 to c8, c2 to c9, …..c7 to c14. The windows of comparison shift: c1 to c9, c2 to c10….


Tssoh oaniw haaso lrsto (I(m(g(h(w (u (t (p (I (r s)e)e)o))a m)r)o)o)k istwc nasns

50ch. -> single column 10 * 5 matrix or second column -> 8*7 matrix


Double Transposition AlgorithmDouble Transposition Algorithm

Involves two columnar transpositions:


Result from the second column:

tno (m(I m)tssi l(g(rr)w xswr(h s)o) cxo hs(we)o) nxhat (ue)k)ax oao(to) isxas (I(p

a)sn x


Stream ciphers: convert one symbol of plaintext immediat

ely into a symbol of ciphertext - speed of transformation- low error propagation* low diffusion* susceptibility to malicious and

modifications


Y

Key(optional)

ISSOPMI

Plaintext

WDHUW……

Ciphertext

Encryption

Stream Encryption

Example: Monoalphabetic,Polyalphabetic Ciphers


Block ciphersBlock ciphers

Encrypt a group of plaintext symbols as one block

key plaintext po

xn ba oi encryption qc tp kb


Diffusion immunity to insertion slowness of encryption error propagation

Example: columnar transposition


GOOD ciphers?GOOD ciphers?

The amount of secrecy needed should determine the amount of labor appropriate for the encryption and decryption

The set of keys and enciphering algorithm should be free from complexity

The implementation of the process should be as simple as possible

Shannon Characteristics:


Errors in ciphering should not propagate and cause corrupton of further information in the message

The size of the enciphered text should be no larger than the text of the original message

암호학 (cryptology)

Documents