Lecture 6: Classical Encryption Part 2 (polyalphabetic substitution ciphers, Vigenere cipher, other polyalphabetic ciphers, Hill cipher) Flashcards
Define polyalphabetic substitution
- Using multiple mappings from plaintext to ciphertext
- Given d ciphertext alphabets C0, C1, … Cd-1, let fi: A→ Ci be a mapping from plaintext alphabet A to ith ciphertext alphabet Ci for 0 <= i <= d - 1
What is the point of using multiple alphabets in polyalphabetic substitution
smooths frequency distribution → direct frequency analysis not effective
What are typical polyalphabetic ciphers?
periodic substitution ciphers based on period d
What is the encryption process for polyalphabetic ciphers?
Plaintext message M = M0 … Md-1Md … M2d-1Md …
encrypted to
E(K,M) = f0(M0)…fd-1(Md-1)f0(Md)…fd-1(M2d-1)f0(M2d)…,
where d ≡ 0 mod d
In terms of polyalphabetic ciphers’ encryption process, what is the special case?
When d = 1 Monoalphabetic cipher (simple substitution cipher)
Briefly outline the key generation process for a random polyalphabetic substitution cipher
1) select block length d
2) generate d random simple substitution tables
Briefly outline the encryption process for a random polyalphabetic substitution cipher
encrypt ith char using substitution table number j s.t. i ≡ j (mod d)
Briefly outline the decryption process for a random polyalphabetic substitution cipher
using same substitution table as in encryption to reverse simple substitution
Explain the example of the polyalphabetic substitution encryption in slide 8 of set 6.
TODO
let X be number of value
then X mod 3 ≡ Y
Cy is the value it corresponds to
What is the Vigenere Ciphers based on?
shifted alphabets
What is the key K in the Vigenere Cipher?
seq of chars
How do you compute the amount of shift in the ith alphabet in the Vigenere Cipher?
For 0 <= i <= d-1, K gives amount of shift in ith alphabet, i.e. fi(M) = (M+Ki) mod n
Explain the example of the Vigenere Cipher on slide 10, set 6
Use a word as the period and repeat for each section of the message M.
Use the word’s char’s corresponding number as the shift amount for each ith char
How you can identify the period length during cryptanalysis of the Vigenere Cipher?
1) Kasiski method
2) CrypTool uses autocorrection to estimate period
How you can attack separately d substitution tables during cryptanalysis of the Vigenere Cipher?
Each substitution is a shift (Caesar cipher) → if there is sufficient ciphertext then straightforward
What do you determine from cryptanalysis for Vigenere Cipher?
1) Identify period length
2) Attack separately d substitution tables
What is the purpose of identifying the period using autocorrelation?
Method used to find period length d of any periodic polyalphabetic cipher
Explain what identifying the period using autocorrelation is
Given ciphertext C, computing correlation between C and its shift Ci for all vals i of period
Plotting results on histogram and identifying period
When do we see peaks in value Ci when doing period identification using autocorrelation for a periodic polyalphabetic cipher?
when i is multiple of period
Explain the Kasiski method used in identifying period length d
1) note which sequences of letters appear multiple times
2. guage the number of chars that separate these pairs of strings
3. check common divsors of these numbers –> period is likely one of these common divisors
Explain the crytanalysis example for polyalphabetic cipher on slides 13-15 in set 6
TODO - note sure about part 2
Briefly outline the beaufort cipher
polyalphabetic cipher similar to Vignere cipher but using substitution fi(M) = (Ki - M) mod n
Briefly outline the autokey cipher
polyalphabetic cipher starting off as Vigenere cipher but using plaintext to define subsequent alphabets once the alphabets defined by the key have been used → not periodic cipher as change key
Briefly outline the running key cipher
polyalphabetic cipher using (practically) infinite set of alphabets from shared key → in practice, shared key is extract from book (book cipher)
Briefly outline rotor machines’ purpose
electromechanical machines developed for encryption using rotors as moving alphabets
What type of cipher is Hill cipher?
Polygram cipher (aka polygraphic cipher) → simple substitution cipher on extended alphabet consisting of multiple characters
What is the major weakness of the Hill cipher?
linearity so known plaintext attacks are easy
Briefly outline the encryption in the Hill cipher
Encryption involves multiply d x d matrix K by block of plaintext M → C = KM
linear transformation of d plaintext chars to get d ciphertext chars
Briefly outline the decryption in the Hill cipher
Decryption involves multiplying matrix K^(-1) by block of ciphertext C → M = K^(-1)*C
linear transformation of d ciphertext chars to get d plaintext chars
How are plaintext pairs represented in the Hill cipher?
Plaintext pairs written as col vector, letters encoded as numbers
What do we do if there are insufficicent numbers to fill block?
Pad
What is n in Hill cipher?
27 –> mod 27
What should K*(K^(-1)) give for the Hill cipher?
identity matrix
How is the size of a matrix written? What must be satisfied when multiplying matrices?
cols * # rows
inner values same
Do the encryption and decryption example for the Hill cipher on slide 22 of set 6
TODO
What attack is possible on Hill cipher?
Known plaintext attacks possible given d plaintext-ciphertext matching blocks → since linear function and need enough elements to solve eqn and get K
How can you perform a known plaintext attack on the Hill cipher?
Given blocks (col vectors) Mi and Ci for 0 <= i <= d-1
C = [C0C1…Cd-1]
M = [M0M1…Md-1]
Solving C = KM for K
M = K-1C
Explain the cryptanalysis example of the Hill cipher on slides 24-27 of set 6
TODO
What attack follows from the known plaintext attack on Hill cipher?
ciphertext only attack
What else needs to be done to do a ciphertext only attack on the Hill cipher, knowing that known plaintext attacks are possible?
extra task of finding probable blocks of matching plaintext-ciphertext
