Cryptography

Cryptography comes from the two Greek words meaning “secret writing” and and is the art and science of
concealing meaning. Cryptanalysis is the breaking of codes. Basically, what we have is

Def: A cryptosystem is a 5-tuple (E, D, M, K, C), where

M is the set of plaintexts,
K is the set of keys,
C is the set of ciphertexts,
E: M K C is the set of enciphering functions, and
D: C K M is the set of deciphering functions

A classical example of a cryptosystem is the Caesar cipher where letters in the plaintext are shifted to get
the ciphertext. Suppose that we have the message “GO CLEMSON”, and we want to encrypt that message
using the Caesar cipher. Our key might be 2. The plaintext “GO CLEMSON” would turn into the ciphertext
“IQ ENGOUQP”. Our cryptosystem would be:

M = { all sequences of letters }

K = { integers from 1 to 25 }

C = { all sequences of letters }

E = { Ek | k K and m M Ek(m) = (m+k) mod 26 }

D = { Dk | k K and c C Dk(c) = (26+c-k) mod 26 }

The goal of cryptography is to keep enciphered information secret. We assume that an adversary wishes to
break a ciphertext. Standard cryptographic practice is to assume that the adversary knows the algorithm
used to encipher the plain text. The adversary does not know the specific cryptographic key. Hence, D and
E are known.

Key Dates

800 AD
Al-Kindi, an Arab scholar and mathematician living in Baghdad, writes Manuscript for Deciphering
Cryptographic Messages. It has the first known description of frequency analysis and other
cryptanalysis techniques.

1586
Thomas Phelippes uses frequency analysis to decrypt messages between Mary I of Scotland and
conspirators against Elizabeth I of England. Mary and the conspirators are all executed.
1918
Major Joseph O. Mauborgne of the U.S. Army and Gilbert Vernam of AT&T Bell Laboratories invent
the one-time pad, in which the random, secret key is as long as the message itself and is only ever
used once.

1944
At Bietchley Park in England, Colossus (the first vacuum-tube-based, programmable computing
machine) decrypts German High Command messages, providing invaluable information prior to the
D-day invasion of Normandy.

1945
Claude Shannon of AT&T Bell Laboratories proves that the one-time pad is unbreakable even
against an adversary with unlimited computational power. This definition of secrecy is so strong,
however, that he also proves that the one-time pad is the only possible cryptosystem satisfying it.

1976
Whitfield Diffie and Martin E. Hellman, both at Stanford University, propose public-key encryption
and authentication.

1977
Ronald L. Rivest, Adi Shamir, and Leonard M. Adleman, all at the Massachusetts Institute of
Technology, construct the first public-key cryptosystem, the RSA algorithm.

August 1977
In Martin Gardner’s Scientific American column, Rivest et al. challenge readers to decrypt a
message encrypted by the RSA algorithm with a 129-digit key (RSA-129). They estimate that doing
so may take 40 quadrillion years.

1982
Shafi Goldwasser and Silvio Micali, then PhD students at the University of California, Berkeley,
developed the definitional foundations of modern cryptography, including a practical definition of
security.

1985
Goldwasser, Micali, and Charles Rackoff of the University of Toronto invent zero-knowledge proofs.
A year late Oded Goldrecih of Technion Israel Institute of Technology in Haifa, Avi Wigderson of the
Hebrew University of Jerusalem, and Micali devise the zero-knowledge proof for graph three-
colorability

1987
Goldreich, Wigderson, and Micali construct protocols for multiparty computation, or secure function
evaluation, building on a two-party protocol developed by Andrew C. Yao of Princeton University.

1994
Netscape Communications releases the Secure Sockets Layer protocol, which employs public-key
encryption to provide security for transaction on the World Wide Web.

1994
Arjen K. Lenstra of Bell Communications Research and more than 600 volunteers on the internet,
using about 1,600 computers running recently developed factoring algorithms, take eight months to
factor RSA-129. They reveal the message, “THE MAGIC WORDS ARE SQUEAMISH
OSSIFRAGE.”

2008
An RSA key of recommended length (2,048) would take more than a quadrillion years to break on a
modern PC.
Attacks

There are 3 attacks methods:

1. In a ciphertext only attack, the adversary has only the ciphertext

a. The goal is to find the corresponding plaintext
b. The adversary may also try to find the key

2. In a know plaintext attack, the adversary has the ciphertext and the plaintext that was enciphered.
a. The goal is to find the key

3. In a chosen plaintext attack, the adversary may specify specific plaintexts to be enciphered. The
adversary then has specific plaintexts and their corresponding ciphertexts.
a. The goal is to find key that was used to encipher the plaintexts.

A good cryptosystem protects against all three types of attacks. Attacks can use both mathematical and
statistical techniques.

Confusion and Diffusion

Two additional important concepts are related to the amount of work required to perform an encryption. An
encrypting algorithm should take the information from the plaintext and transform it so that the interceptor
cannot readily recognize the message. The interceptor should not be able to predict what will happen to the
ciphertext by changing one character in the plaintext. We call this characteristic confusion. An algorithm
providing good confusion has a complex function relationship between the plaintext/key pair and the
ciphertext.

The cipher should also spread the information from the plaintext over the entire ciphertext so that changes
in the plaintext affect many parts of the ciphertext. This principle is called diffusion, the characteristic of
distributing the information from single plaintext letters over the entire ciphertext. Good diffusion means that
the interceptor needs access to much of the ciphertext to be able to infer the algorithm.

Symmetric Cryptosystems

Symmetric or single-key cryptosystems are most common. They have been in use for centuries and are
significantly used by the military. Consider the following picture.

P = D ( K, E( K, P ) )
Public Key Cryptosystems

In 1976 a new approach to cryptosystem was proposed where there was one key to encrypt the plaintext
and a different key used to decrypt the ciphertext. The key used to encode the message is public, i.e. it is
know to the world. The key that is used to decode the encoded message is private, i.e. this key is only
known to the individual. Pictorially we have

P = D ( KD, E ( KE, P ) )

3 Characteristics

1. It must be computationally easy to encipher and decipher a message given the appropriate key.

2. It must be computationally infeasible to derive the private key from the public key

3. It must b e computationally infeasible to determine the private key from a chosen plaintext attack.

The above depiction of encoding and decoding a message using public and private keys can be expressed
as

P = D ( KPub, E(KPri, P))

where KPri is the private key and KPub is the public key.

Note: The Public & Private key can be applied in either order.

Classical Cryptosystems

There are two classical symmetric key ciphers: transposition ciphers and substitution ciphers. We will look
at both of these examples.

Transposition Cipher
Rearrange the characters in the plaintext to form the ciphertext. The letters are not changed. This
is really a permutation function. The best attack is a statistical frequency attack. An example of a
transposition cipher is the rail fence cipher.
Rail Fence Cipher

P: H E L L O W O R L D

H L W L
E O O D
L R

C: H L W L E O O D L R

Susceptible to a frequency of occurrence to discover the transposition

Substitution Cipher
A substitution cipher changes the characters in the plaintext to produce the ciphertext. The Caesar
cipher is an example of a substitution cipher and is shown below.

Caesar Cipher
The idea again with the Caesar cipher is to shift letters n characters with wrap around.

ABCDEFGHIJKLMNOPQRSTUVWXYZ

Let’s do a 4 shift

P H E L L O

C L I P P S

P = C = { all sequences of letters }

K = { I | I is an integer o I 25 }

E = { Ek | k K and p P, Ek(p) = (p + k) mod 26 }

D = { Dk | k K and c C, Dk(p) = (26 + c - k) mod 26 }

Caesar ciphers are susceptible to statistical attacks.

Good Cipher Characteristics

In 1949 Shannon proposed the following characteristics for a good cipher:

1. The amount of secrecy needed should determine the amount of labor appropriate for the encryption
and decryption

This is just common sense in that why spend tons of money on protecting something that has
little value?

2. The set of keys and the enciphering algorithm should be free from complexity

This implies that we should restrict neither the choice of keys nor the types of plaintext on
which the algorithms can work. If the process is too complex, it will not be used.
Furthermore, the key must be transmitted, stored, and remembered, so it must be short.
 3. The implementation of the process should be as simple as possible.

This principle reflects the date when the characteristics were proposed. It references a hand
implementation of an encryption algorithm. Today with the computational power that we
have, we have very complex encryption algorithms. Still keeping it as simple as possible is a
good idea.

4. Errors in ciphering should not propagate and cause corruption of further information in the message.

Principle 4 acknowledges that there are errors in the enciphering process, errors in
computing, transmission, or human entry. One early error in the process should not throw off
the entire remaining cipher.

5. The size of the enciphered text should be no larger than the text of the original message.

A ciphertext that expands dramatically in size cannot possibly carry more information than
the plaintext, yet it gives the cryptanalyst more data from which to infer a pattern. Also a
longer ciphertext implies more space for storage and more time to communicate.

Properties of Trustworthy Encryption Systems

1. It is based on sound mathematics

Good cryptographic algorithms are not just invented. They are derived from solid principles.

2. It has been analyzed by competent experts and found to be sound

Even the best cryptographic experts can think of only so many possible attacks. The
developers may become too convinced of the strength of their own algorithm. A review by
critical outside experts is essential.

3. It has stood the “test of time”.

As a new algorithm gains popularity, people continue to review both its mathematical
foundations and the way that it builds upon those foundations. Although a long period of
successful use and analysis is not a guarantee of a good algorithm, the flaws in many
algorithms are discovered relative soon after their release.

We will be talking about several commercial grade data encryption algorithms later. Three algorithms are
popular in the commercial world, namely DES (data encryption standard), RSA (Rivest-Shamir-Adelman),
and AES (advanced encryption standard).

The table below compares the symmetric and public key approaches to encryption.

Symmetric Key Public (Asymmetric) Key

Number of Keys 1 2

Protection of Key Must be kept secret One key must be kept

secret; the other can be
freely exposed

Best Uses Cryptographic workhorse; secrecy Key exchange,

and integrity of data – single authentication
characters to blocks of data,
messages, files
 Key Distribution Must be out-of-band Public key can be used to
distribute other keys

Speed Fast Slow; typically, 10,000

times slower than
symmetric key

Data & Origin Authentication

Sender encrypts with her private key.

Receiver decrypts with the sender’s public key.

Alice encrypts with her private key. Only she knows her private key.

Bob decrypts with Alice’s public key and knows that the message is authenticate because only Alice
knows her private key.

Therefore, the message has been authenticated as being sent by Alice.

Confidentiality and Authentication

Sender encrypts sender’s private key and recipient’s public key

Alice encrypts with her private key and again with Bob’s public key

C = (KBPub, ( KAPri, P))

Bob decrypts with his private key and Alice’s public key.

P = (KAPub, (KBPri, C))

Note:

In practice n is very large ~ 1024, 2048, or 4096 bytes

Note:
Symmetric encryption is the work horse
x Very fast
Addition, Xor, substitution, shifting

Public Key Encryption is used for special applications

10,000x slow
multiplication, division