Today's Topics

• Frequency Analysis
• Primitive Cryptosystems
• Types of Attacks

Frequency Analysis

Primitive Cryptosystems

• Caesar Cipher
  • method: replace each letter with the one that comes 3 letters after it in the alphabet
  • example: 'az' is encrypted as 'dc'
  • the key is the algorithm
  • vulnerability: relative freq. of the letters in the cipher text are not equal
  • attack: freq. analysis
  • the BIG problem is that the Caesar Cipher violates Keckhoff's Principle (The security of a cryptosystem must not depend on keeping the algorithm secret.) Once the enemy knows the algorithm, a new algorithm must be developed and deployed.
• Monoalphabetic Substitution Cipher
  • method: map each letter to a different letter of the alphabet
  • the key is the table of what each letter is mapped to
  • vulnerability: relative freq. of the letters in the cipher text are not equal
  • attack: freq. analysis
  • applying method twice is equivalent to applying once with a different key
  • a brute force attack (try all possibilities) would try 26! keys => testing a key every microsecond, attack succeeds within 10 trillion yrs.
• Polyalphabetic Substitution Cipher
  • method: create a table where each row corresponds to a mapping of each letter to another one. The key is a sequence of numbers where each number corresponds to a row in the table. To encrypt a message using the key 1,4; encrypt the first letter according to row 4 of the table, encrypt the second letter using row 1, the third using row 4 etc.
  • vulnerability: within the set of letters that are a factor of the key length apart the relative freq. of the letters are not equal
  • attack
    • determine the key length
      1. find groups of letters that are repeated several times in a message
      2. calculate the number of letters from 1 group to the next
      3. a factor of these numbers is likely to be the key length
      
      

      This works, because certain letter combinations are so common that they will be repeatedly encrypted with the same rows of the table. In other words, there are only key length ways to encrypt a group of letters. If the group occurs in the plaintext more than the key length number of times, then the cipher text has a repeated pattern that is a factor of the key length apart.

      
      
    • perform freq. analysis on the letters that are a factor of the key length apart (the letters that resulted from encrypting with the same row of the table.)
    
    
  • freq. analysis on the cipher text as a whole fails, since common and uncommon letters in the plaintext can be mapped to the same letter in the cipher text.
  • finding the table is of minimal help to the cryptoanalyst, particularly compared to the usefulness of discovering the key length
  • if the enemy learns to decrypt the cipher text, then a reasonable fix would be to change the key without changing the table or the algorithm

• attacks do not try to find the key, but instead look for statistical properties that can be exploited. (Cryptosystems are also broken by exploiting on oddity, such as all messages beginning with 'Hiel Hitler')
• the algorithm should be separate from the key
• applying a method twice may or may not increase security
• the freq. differences between letters in cipher text provide valuable clues to cryptoanalysts.
• brute force is rarely a good attack strategy for encryption or for cryptoanalysis

Types of Attack

• ciphertext-only attack - attack relies solely on the cipher text
• known plaintext attack - analyst has some plaintext and the corresponding cipher text
• chosen plaintext attack - analyst can ask for a message to be encrypted and returned to him
• chosen ciphertext attack (aka dictionary attack) - analyst has the encryption algorithm