A cryptosystem is a 5-tuple (E, D, M, K, C), where

......

M is the set of plaintexts,

K the set of keys

C is the set of ciphertexts

E: M × K → C is the set of enciphering functions, and

D: C × K → M is the set of deciphering functions.

To keep enciphered information secret

1. In a ciphertext only attack, the adversary has only the ciphertext. Her goal is to find the corresponding plaintext. If possible, she may try to find the key, too.
2. In a known plaintext attack, the adversary has the ciphertext and the plaintext that was enciphered. Her goal is to find the key that was used.
3. In a chosen plaintext attack, the adversary may ask that specific plaintexts be enciphered. She is given the corresponding ciphertexts. Her goal is to find the key that was used.

chosen plaintext attack

known plaintext attack

ciphertext only attack

Note: Attacks use both mathematics and statistics

Are also called "single-key or symmetric" cryptosystems

-use the same key for encipherment and decipherment

It rearranges the characters in the plaintext to form the ciphertext

Note: The letters are "not" changed.

Mathematically, the key to a transposition cipher is a permutation function. Because the permutation does not alter the frequency of plaintext characters, a transposition cipher can be detected by comparing character frequencies with a model of the language.

Vigenère cipher chooses a sequence of keys, represented by a string.

The key letters are applied to successive plaintext characters, and when the end of the key is reached, the key starts over. The length of the key is called the period of the cipher

1. By examining the ciphertext for multiple repetitions and tabulate their length and the number of characters between successive repetitions.

2. From the repetitions, we establish the probable period, using the index of coincidence to check our deduction

3. We then tabulate the characters for each key letter separately and solve each as a Caesar cipher.

The key string is chosen at random, and is at least as long as the message, so it does not repeat

Note: it is a threshold scheme, and is provably impossible to break

-designed to encipher sensitive but nonclassified data.

-It is bit-oriented, unlike the other ciphers we have seen.

-It uses both transposition and substitution,referred to as a product cipher

-Its input, output, and key are each 64 bits long

Note: sets of 64 bits are referred to as blocks.

Note: cipher consists of 16 rounds, or iterations

Each round uses a separate key of 48 bits

These round keys are generated from the key block by dropping the parity bits (reducing the effective key size to 56 bits), permuting the bits, and extracting 48 bits. A different set of 48 bits is extracted for each of the 16 rounds.

Note:If the order in which the round keys is used is reversed, the input is deciphered.

What are the serveral modes used by DES?

-Using it directly is called electronic code book (ECB) mode, and is very rare

-Modes in which it can be used to generate a "pseudo-one-time pad" are cipher feed back (CFB) mode and output feed back (OFB) mode

-Its most common modes of use are cipher block chaining (CBC) mode , encrypt-decrypt-encrypt (EDE) mode, and triple DES mode

iterative mode in which a block of ciphertext depends not only on its input but also on the preceding ciphertext block

In addition to a 64-bit key, it requires a 64-bit initialization vector

It has the self-healing property. This property says that if one block of ciphertext is altered, the error propagates for at most two blocks.

-used by many financial institutions

-It requires two 64-bit keys k and k´

ciphertext c corresponding to some data m is c = DES_k(DES_k´^–1(DES_k(m)))

Triple DES uses three keys k, k´, and k´´

and the second step is an encipherment, not a decipherment: c =DES_k(DES_k´(DES_k´´(m))).

The DES is one of the most important classical cryptosystems in the history of cryptography

-Successor to DES

-Is a Product Cipher

-can use keys of 128, 192, or 256 bits and operates on    

     blocks of 128 bits. 

-designed to withstand the attacks to which the DES showed weaknesses

Other Classical Ciphers

FEAL is another block cipher, with a block size of 64 bits and a key size of 64 bits

FEAL-4 (FEAL with four rounds) and FEAL-8 (FEAL with eight rounds) fell to differential cryptanalysis with 20 and 10,000 chosen plaintexts, respectively

  LOKI89 and LOKI91

 IDEA is an eight-round cipher that uses 64-bit blocks and 128-bit    

  keys, but is too new to tell-It is used in noncommercial software—notably, in the electronic mail program PGP

Public Key Cryptography

-proposed by Diffie and Hellman

-distinguished between encipherment and decipherment keys

-One of the keys would be publicly known; the other would be kept

  private by its owner

 public key cryptosystem must meet the following three conditions.

-Provides both Secrecy and Authentication 

-is an exponentiation cipher

-Choose two large prime numbers p and q, and let n = pq

  Note: The totient φφ(n) of n is the number of numbers less

           than n with no factors in common with n.

In addition to confidentiality,  can also provide data and origin authentication

Providing both confidentiality and authentication requires enciphering with the sender's private key and the recipient's public key.

Cryptographic Checksums

also called a strong hash function or a strong one-way function

The DES in CBC mode can be used as a message authentication code if 64 bits or fewer are required.

requires a cryptographic key, this checksum function 

MD2, MD4,MD5, SHA-1(160 bit checksum),

Snefru(128 or 256),vulnerable to differential cryptanalysis if four rounds or fewer are used

HAVAL (checksums of 128, 160, 192, 224, and 256 bits

HMAC

A generic term for an algorithm that uses a keyless hash function and a cryptographic key to produce a keyed hash function

strength of HMAC depends on the strength of the hash function h. Various HMAC functions are used in Internet security protocols.

IT is methodology for "breaking" simple substitution ciphers, not just the Caesar cipher but all monoalphabetic substitution ciphers.

monoalphabetic cipher single cipher alphabet is used per message.

But in polyalphabetic cipher there are multiple ciphertext letters for each plaintext letter, one for each unique letter of keyword.

The difference between substitution and transposition is 

Subtitution: each letter retains its position but changes its identity

Transposition: each letter retains its identity but changes its position.

• uses multiple simple substitution ciphers 
• The particular one used changes with the position of each character of the plaintext 
•  There are multiple one-letter keys 
• The first key encrypts the first letter of the plaintext, 
• The second key encrypts the second letter of the plaintext, and so on 
• After all keys are used, you start over with the first key 
• The number of keys determines the period of the cipher

basically raw cipher.

For each block of input, you encrypt the block and get some output.

The problem with this transform is that any resident properties of the plaintext might well show up in the ciphertext – possibly not as clearly – that's what blocks and key schedules are supposed to protect againt, but analyzing the patterns you may be able to deduce properties that you otherwise thought were hidden