7/31/2014

cryptography5

Cryptography 5



Classical Encryption Techniques:

2- Transposition Cipher:

Transposition Cipher is an encryption method which elements are rearranged.
There are many types of Transposition Cipher such as (Rail Fence, Columnar Transposition  and Double Transposition).

Rail Fence:

Rail Fence is the simplest form of Transposition Cipher which the plaintext is written down as a sequence of diagonals and read off as a sequence of rows.

For Example :

The plaintext = WELCOME TO CRYPTOGRAPHY
Then the encryption algorithm will be

W   L   O   E   O   R   P   O   R   P   Y
  E   C   M   T   C   Y   T   G   A   H

So, the ciphertext = WLOEORPORPYECMTCYTGAH

We can make the encryption algorithm 3 rows

W  C  E  C  P  G  P
 E  O  T  R  T  R  H
  L  M  O  Y  O  A  Y

So, the Ciphertext = WCECPGPEOTRTRHLMOYOAH

Columnar Transposition:

In Columnar Transposition the plaintext is written down in rows and the read off by the order of columns.
The order of columns is the secret key to Columnar Transposition algorithm, any spare spaces are filled with null or blank.

For Example :

The plaintext     = WELCOME TO CRYPTOGRAPHY
The secret key    = 615342

Then the encryption algorithm


Note : I filled the spaces here with "ABC".

Now we read columns by it's order (secret key)

The ciphertext    =  ETTHMYACCCGAORRBLOOYWEPP

previous types are easy to break because the ciphertext has the same letters frequency as the plaintext, and cryptanalysis can put the ciphertext in a matrix and playing with column positions.

Double Transposition:

Double Transposition is the same as Columnar Transposition but twice, this one is more secure.

For Example:

As the previous example
The plaintext     = WELCOME TO CRYPTOGRAPHY
The secret key    = 615342
Then the encryption algorithm (first round)




The ciphertext    =  ETTHMYACCCGAORRBLOOYWEPP

And again

The plaintext    =  ETTHMYACCCGAORRBLOOYWEPP
The secret key    = 615342
Then the encryption algorithm (Second round)


The ciphertext   =  TCRYYAOPHCBEMGLPTCRWEAOO

Note : The ciphertext here has also the same letters frequency but playing with column positions now is harder.

7/11/2014

cryptography4

Cryptography 4


Classical Encryption Techniques 2:

B- Polyalphabetic Cipher:

Polyalphabetic Cipher is an encryption method to improve the simple substitution cipher techniques by using a larger key space and making the frequency of letters analysis harder.
Polyalphabetic Cipher is a block cipher with the following properties
1- The key space consists of all order of K = (k1, k2, k3, ... ki) i= block length.
2- Encryption of plaintext P = (p1, p2, p3 ... pi).

Encryption algorithm
E(p+k) = (k1(p1).k2(p2).k3(p3). ,,,, ki(pi))

Let's drive an example of Polyalphabetic Cipher called Vigenère Cipher

Vigenère Cipher:

Vigenère Cipher is Polyalphabetic Cipher technique and it's uses 26 letters with shifting from 1 to 25 similar to Caesar Cipher but with a dynamic key which changes every time on i interval.
The encryption algorithm for Vigenère Cipher to produce a ciphertext C
Ci = (Pi+Ki)
The decryption algorithm for Vigenère Cipher to produce a plaintext P
Pi = (Ci-Ki)

Example :

Let key K= HAMZA and plaintext = WELCOME TO CRYPTOGRAPHY



key          =   HAMZAHAMZAHAMZAHAMZAH
Plaintext   =   WELCOMETOCRYPTOGRAPHY
ciphertext =   ZEUBOTEFNCYYBSONRMOHF

simply we do addition operation on each element or by using the next table


Ci = (Pi+Ki)

Note :  If we look at letter frequencies
o : 3
n : 2
e : 2
f : 2
y : 2
b : 2
s : 1
r : 1
t : 1
z : 1
u : 1
m : 1
h : 1
c : 1

We reduced the frequency of letters analysis.


Vernam Cipher :

Vernam Cipher works on binary data rather than letters, that give us a defense against frequency letters analysis because there is no statistical relationship between the plaintext and the ciphertext.

The encryption algorithm in Vernam Cipher can be expressed as

Ci = Pi ⊕ Ki


Ci = ith binary digit of ciphertext.
Pi = ith binary digit of plaintext.
 = exclusive-OR (XOR) operation.
Ki = ith binary digit of key.

The decryption algorithm in Vernam Cipher is3

Pi = Ci ⊕ Ki



This system works by constructing a loop that takes the plaintext and the generated key bit by bit and preform XOR operation on each bit and then generate a ciphertext and so on to the end of the plaintext.


Now we have an important concept called "Prefect Secrecy".

Prefect Secrecy:

For any encryption algorithm has a perfect secrecy when the ciphertext gives us nothing about the plaintext(such as One-Time pad).

One-Time Pad :

One-Time Pad is an encryption technique and it is UNBREAKABLE, by using a secret key as long as the plaintext, so the key will not repeated to fit the plaintext.
The key generator algorithm generates a key for each plaintext.
The secret key will be used to encrypt and decrypt for only one plaintext then the secret key will be destroyed.
The ciphertext has no statistical relationship to the plaintext , so this technique is UNBREAKABLE.

For Example :

Suppose we use Vernam Cipher but with One-Time Pad method, we we generate a secret key as long as the plaintext and only for this plaintext.
Let's try to encrypt "HELLO"

Plaintext  = HELLO
Secret key = XMCKL

by adding the values of each digit
Ciphertext = EQNVZ

If we try to crack the cipher without the secret key , and only one key can gives us the original plaintext we will get a lot of plaintexts , if we use exhaustive search we could translate this ciphertext into many plaintext, for example here we used the secret key = "XMCKL" , but if we use a secret key = "TQURI" on the same ciphertext = "EQNVZ" that gives us plaintext = "LATER" but ONLY ONE KEY IS THE RIGHT KEY.

Why One-Time Pad has a perfect secrecy?

Because of the randomness on keys and only one key use for one message(plaintext) and one ciphertext can be translated into many plaintext of same length , that makes the ciphertext gives us nothing about the plaintext.

6/04/2014

cryptography3

Cryptography 3



Classical Encryption Techniques:

As we mentioned earlier , the basic of all encryption techniques are based on 2 techniques 
1- Substitution
2- Transposition

and we can also use a combination of both of them.

1- Substitution Encryption techniques :

Substitution is an encryption technique which elements in the plaintext are replaced or mapped with another elements.
There are many types of the substitution techniques such as (Monoalphabetic Cipher and Polyalphabetic Cipher)

A- Monoalphabetic Cipher :

we will drive an example of monoalphabetic cipher called (Caesar cipher)

Caesar Cipher :

Is the simplest and the oldest known encryption techniques which elements in the plaintext are shifted with fixed number for example 3 places 


Example :

Plaintext     :   WELCOME TO CRYPTOGRAPHY
Ciphertext  :   ZHOFRPH WR FUBSWRJUDSKB

The ciphertext is produced by adding 3 position for every letter.
As we can see here the encryption algorithm for each plaintext P, and shifted by 3 places to produces a ciphertext C.
C= E(3,P) = (P+3)mod26

so, generally The encryption algorithm for Caesar cipher is
C= E(K,P) = (P+K)mod26

The decryption algorithm for Caesar cipher is
P= D(K,C) = (C-K)mod26

note : K takes a value from 1 to 25.

Caesar cipher is too easy to break because it's only uses 25 position keys, so simply try to preform a brute force using the 25 possible keys, and the language would help us in breaking this cipher.
Nowadays in modern encryption we uses a very large keys such as 2048 bits or greater key long
that gives us 2^2048 key space, it's a very wide range of possible of keys.

Caesar cipher and many of substitution ciphers can be broken by using frequency of letters analysis.

Frequency of letters analysis:

It is a method to break a cipher encrypted by a substitution techniques.
it is based on the relative of letters can be determined and compared to a standard frequency distribution for a language (English).



As we can see the previous figure , E is the most letter uses in English words by 12.7% , then T by 9.056%
Or look at the next figure

Example :


LIVITCSWPIYVEWHEVSRIQMXLEYVEOIEWHRXEXIPFEMVEWHKVSTYLXZIXLIKIIXPIJVSZEYPERRGERIM
WQLMGLMXQERIWGPSRIHMXQEREKIETXMJTPRGEVEKEITREWHEXXLEXXMZITWAWSQWXSWEXTVEPMRXRSJ
GSTVRIEYVIEXCVMUIMWERGMIWXMJMGCSMWXSJOMIQXLIVIQIVIXQSVSTWHKPEGARCSXRWIEVSWIIBXV
IZMXFSJXLIKEGAEWHEPSWYSWIWIEVXLISXLIVXLIRGEPIRQIVIIBGIIHMWYPFLEVHEWHYPSRRFQMXLE
PPXLIECCIEVEWGISJKTVWMRLIHYSPHXLIQIMYLXSJXLIMWRIGXQEROIVFVIZEVAEKPIEWHXEAMWYEPP
XLMWYRMWXSGSWRMHIVEXMSWMGSTPHLEVHPFKPEZINTCMXIVJSVLMRSCMWMSWVIRCIGXMWYMX

It's a classic encryption technique , we try to apply the relative frequency analysis. 

letter frequencies :

i : 58
e : 48
x : 41
w : 35
m : 34
v : 31
s : 30
r : 27
l : 22
p : 21
g : 16
h : 16
y : 13
t : 12
q : 12
c : 9
k : 9 
j : 9
z : 6
f : 6
a : 5
o : 3
b : 2
u : 1
n : 1
d : 0



With this numbers and with some good guessing some words we can solve it.

let's try I=e and L=H ,let's guessing X=t and E=a and we get the following 

heVeTCSWPeYVaWHaVSReQMthaYVaOeaWHRtatePFaMVaWHKVSTYhtZetheKeetPeJVSZaYPaRRGaReM
WQhMGhMtQaReWGPSReHMtQaRaKeaTtMJTPRGaVaKaeTRaWHatthattMZeTWAWSQWtSWatTVaPMRtRSJ
GSTVReaYVeatCVMUeMWaRGMeWtMJMGCSMWtSJOMeQtheVeQeVetQSVSTWHKPaGARCStRWeaVSWeeBtV
eZMtFSJtheKaGAaWHaPSWYSWeWeaVtheStheVtheRGaPeRQeVeeBGeeHMWYPFhaVHaWHYPSRRFQMtha
PPtheaCCeaVaWGeSJKTVWMRheHYSPHtheQeMYhtSJtheMWReGtQaROeVFVeZaVAaKPeaWHtaAMWYaPP

we can substitute V=r in "heVe" to be "here" and R=s in "Rtate" to be "state"
M=i , Z=m from "atthattMZe" to be "atthattime"

we apply this change and get 

hereTCSWPeYraWHarSseQithaYraOeaWHstatePFairaWHKrSTYhtmetheKeetPeJrSmaYPassGasei
WQhiGhitQaseWGPSseHitQasaKeaTtiJTPsGaraKaeTsaWHatthattimeTWAWSQWtSWatTraPistsSJ
GSTrseaYreatCriUeiWasGieWtiJiGCSiWtSJOieQthereQeretQSrSTWHKPaGAsCStsWearSWeeBtr
emitFSJtheKaGAaWHaPSWYSWeWeartheStherthesGaPesQereeBGeeHiWYPFharHaWHYPSssFQitha
PPtheaCCearaWGeSJKTrWisheHYSPHtheQeiYhtSJtheiWseGtQasOerFremarAaKPeaWHtaAiWYaPP
thiWYsiWtSGSWsiHeratiSWiGSTPHharHPFKPameNTCiterJSrhisSCiWiSWresCeGtiWYit

We go to deduce the substitution until we get a right message 

hereuponlegrandarosewithagraveandstatelyairandbroughtmethebeetlefromaglasscasei
nwhichitwasencloseditwasabeautifulscarabaeusandatthattimeunknowntonaturalistsof
courseagreatprizeinascientificpointofviewthereweretworoundblackspotsnearoneextr
emityofthebackandalongoneneartheotherthescaleswereexceedinglyhardandglossywitha
lltheappearanceofburnishedgoldtheweightoftheinsectwasveryremarkableandtakingall
thingsintoconsiderationicouldhardlyblamejupiterforhisopinionrespectingit

After adding spaces 

Hereupon Legrand arose, with a grave and stately air, and brought me the beetle
from a glass case in which it was enclosed. It was a beautiful scarabaeus, and, at
that time, unknown to naturalists—of course a great prize in a scientific point
of view. There were two round black spots near one extremity of the back, and a
long one near the other. The scales were exceedingly hard and glossy, with all the
appearance of burnished gold. The weight of the insect was very remarkable, and,
taking all things into consideration, I could hardly blame Jupiter for his opinion
respecting it.

NoteFrequency of letters analysis works better as long as the cipher text is large.

5/01/2014

cryptography2

Cryptography 2


Symmetric Encryption

Symmetric encryption or symmetric key or single-key encryption is an encryption system which the encryption and the decryption processes are preforms using the same key.

Symmetric Encryption model:



1- Plaintext (P) : The original message or data , the plaintext is an input to the encryption algorithm .
2- Encryption algorithm (E) : This algorithm preforms various substitution and transposition on the plaintext and produces the ciphertext.
3- Ciphertext (C) : Is the output produced by the encryption algorithm , the ciphertext is scrambled message and it is appears like a random stream of data.
4- Encryption key (K) : Encryption key or secret key is a value that independent of the plaintext.
Encryption key is an input to the encryption algorithm.
The encryption algorithm will produces a different with different keys.
5- Decryption algorithm (D) : This algorithm is a reverse of the the encryption algorithm , and it takes ciphertext and the encryption key as input and produces the plaintext as output.

How Symmetric Encryption Work :





Alice want to send encrypted message to Bob and both have the secret key which generated by the encryption algorithm or by a third-party software, this process will work as the following steps

1- Encryption algorithm E (on Alice's computer) takes the plaintext P ,and the secret key K and generates a ciphertext C.
C = E(P,k)
2- The ciphertext C will be transferred via internet
3- Decryption algorithm (on Bob's computer) takes the ciphertext and the secret key K (the same key) and regenerate the original plaintext P again
P = D(C,K)

Hint #1 : The encryption key is independent of the plaintext or the encryption algorithm.
Hint #2 : The sender and receiver must have copies of the encryption key and they must secure that key.
Hint #3 : We do not need to keep the encryption algorithm secure because it is impractical to decrypt a ciphertext by only using the decryption algorithm , and that's the same for the encryption algorithm.
Hint #4 : Key exchange must be done via a secured channel.


4/18/2014

Cryptography1

Cryptography 1



Introduction to cryptography :

Now let's talk in details about 3 major concepts 
i- Computer Security , ii- OSI Security Architecture , iii- Cryptography


i - Computer security

A definition of computer security consists of 3 concepts , we can name these concepts as CIA security concept (Confidentiality, Integrity and Availability) :

1- Confidentiality : assure that confidential information is not available to unauthorized users.
2- Integrity : assure that information are only changed in a specified and authorized manner.
3- Availability : assure that services are available to authorized users.



ii - OSI Security Architecture
It is an international standard offers a systematic way of defining security requirements and characterizing the approaches to achieve these requirements.
The OSI security architecture focus on security attack, security mechanism, and security services , 

1- Security Attack : any action that compromises the security of information.
The security attack consists of 2 classes active attack and passive attack

1- Passive attack : 

The main goal of this attack is to collect information about the victim without touching the victim services or alters the data content, such as monitoring of transmission data or traffic analysis.
Passive attack is very hard to detect because there is no real communication with victim's services or alteration in the data contents.

2- Active attack :

This type of attack involve touching the victim's services or some alteration to data contents or creating a false data .
Active attack has a several forms

A- Masquerade : The attacker pretends to be someone else . 
For example : The attacker want to connect to a network with a firewall , the firewall only accepts a list of MAC address , so the attacker will masquerade his MAC address or (spoof his MAC) to get access or to be authorized use.

B- Denial of service attack (DOS) : The goal of this attack is to prevent service/s on the victim's machine  by sending or redirecting a massive amount of data stream to the victim, this may block the service/s on this server until this action stops.
Active attack is not hard to detect but it's impossible to prevent this attack absolutely because it's has a wide range of potential attacks (OSs, SW , HW , Web applications , services ... etc).






2- Security mechanism : a process that is designed to detect, prevent, recover from a security attacks such as:
A- Digital Signature : a mechanism that prove the source and the integrity of information.
B- Access Control : a mechanism that allows only authorized users with a specific privileges.
C- Data Integrity : a mechanism that assure the integrity of data.
D- Cryptography :  a mechanism that assure the secrecy of information or the secrecy of communication channels. 

3- Security Services :  a processing or communication service that enhances the security of information or information transfers.




iii - Cryptography :

Is characterized to 3 points :

1- The type of operations used for transforming plaintext to ciphertext :
    All encryption algorithms are based on 2 principles
    A- Substitution : Which the elements in the plaintext are mapped into another elements.

    B- Transposition : Which the elements in the plaintext are rearranged


2- The number of key used :
     A- If encryption and decryption algorithms use the same key , so this system is symmetric key.
     B- If encryption and decryption algorithms use different keys , so this system is asymmetric key or public-key encryption.

3- The way in which the plaintext is processed :
     A- Block Cipher : The input is one block at a time and produces one block output for each input.
     B- Stream Cipher : The input is one element at a time and produces one output for each one input.