Encryption and Decryption

Speaker:Tsung Ray Wang

Advisor:Prof.Li-Chun Wang
Contents

MODELS,GOALS,AND EARLY
CIPHER SYSTEMS

THE SECRECY OF A CIPHER
SYSTEM

PRACTICAL SECURITY

STREAM ENCRYPTION

PUBLIC KEY CRYPTOSYSTEMS
Model of a cryptographic channel
Cryptanalyst
Plaintext
Plaintext
Encipher C  E k (M ) Public Decipher
M channel M  Dk (C )
K Ciphertext
K

Key Secure channel

The two primary reasons for using
cryptosystems in communications


(1)privacy,to prevent unauthorized
persons from exacting information
from the channel

(2)authentication,to prevent
unauthorized persons from
injecting information into the
channel
System Goals
The major requirements for a cryptosystem
1.To provide an easy and inexpensive means of
encryption and decryption to authorized users in
possession of the appropriate key
2.To ensure that the cryptanalyst’s task of producing an
estimate of the plaintext without benefit of the key is
made difficult and expensive
Classic Threats

Ciphertext-Only Attack

Known-Plaintext Attack

Chosen-Text Attack
Classic Ciphers

Caesar Cipher
ex. Plaintext : NOWI S TH ETIME
: Ciphertext : Q R Z L V
WKHWLPH

Polybius square .
Plaintext : NOWI S T H E T I M E
Ciphertext: 33 43 25 42 34 44 32 51 44 42 23 51

Polyalphabetic cipher .
Plaintext: NOWI S T H E T I M E
Ciphertext: OQZMXZ O M CS X Q
 Caesar’s alphabet with a shift of 3

Plaintext: ABCDEFGHIJKLMNOPQRSTUVWXYZ
CHIPHERTEXT: DEFGHIJKLMNOPQRSTUVWXYZABC

Polybius square

1 2 3 4 5
ABCDE
1 2 3 4 5

F G H IJ K
LMNOP
QR S TU
VWXYZ
Trithemius progressive key
THE SECRECY OF A CIPHER SYSTEM
•What is Perfect Secrecy??

• Entropy and Equivocation

• Rate of a language and Redunancy

• Unicity Distance and Ideal Secrecy

Example of perfect secrecy Key
P(Mo)=1/4 M0 0 C0
1

P(M1)=1/4 2 C1
M1

P(M2)=1/4
M2 3 C2

P(M3)=1/4 M
3 C3

Plaintext Ciphertext

Cs=Tkj(Mi)

S=( i  j ) modulo-N
PRACTICAL SECURITY


Substitution

Permutation

Product Cipher System

The Data Encryption Standard
 Substitution box
2n=8 2n=8
n=3 0 0
0 1 1
1
2

output
2
input

3 3
1 4 1
4
5 5
6 0
1 6
7
7

input 000 001 010 011 100 101 110 111

output 011 111 000 110 010 100 101 001

 Permutation box
0
1

0 1

input output
0 0

1 0

0 1
Individual keying capability

Example of binary key

1010001011111011010111010
Initial Permutation (IP)

58 50 42 34 26 18 10 2
60 52 44 36 28 20 12 4 6
2 54 46 38 30 22 14 6 6
4 56 48 40 32 24 16 8 5
7 49 41 33 25 17 9 1 5
9 51 43 35 27 19 11 3 6
1 55 45 37 29 21 13 5 6
3 55 47 39 31 23 15 7
E-Table Bit Selection

32 1 2 3 4 5
4 5 6 7 8 9
8 9 10 11 12 13
12 13 14 15 16 17
16 17 18 19 20 21
20 21 22 23 24 25
24 25 26 27 28 29
28 29 30 31 32 1
P-Table Permutation

16 7 20 21
29 12 28 17
1 15 23 26
5 18 31 10
2 8 24 14
32 27 3 9
19 13 30 6
22 11 4 25
Final Permutation (IP-1)

40 8 48 16 56 24 64 32
39 7 47 15 55 23 63 31
38 6 46 14 54 22 62 30
37 5 45 13 53 21 61 29
36 4 44 12 52 20 60 28
35 3 43 11 51 19 59 27
34 2 42 10 50 18 58 26
33 1 41 9 49 17 57 25
Key Permutation PC-1

57 49 41 33 25 17 9
1 58 50 42 34 26 18 1
0 2 59 51 43 35 27
19 11 3 60 52 44 36
63 55 47 39 31 23 15
7 62 54 46 38 30 22
14 6 61 53 45 37 29
21 13 5 28 20 12 4
Key Schedule of Left Shifts
Iteration Number of left shifts
i
1 1
2 1
3 2
4 2
5 2
6 2
7 2
8 2
9 1
10 2
11 2
12 2
13 2
14 2
15 2
16 1
Key Permutation PC-2

14 17 11 24 1 5
3 28 15 6 21 10
23 19 12 4 26 8
16 7 27 20 13 2
41 52 31 45 33 48
30 40 51 45 33 48
44 49 39 56 34 53
46 42 50 36 29 32
STREAM ENCRYPTION


Key Generation Using a Linear
Feedback Shift Register

Vulnerabilities of Linear Feedback Shift
Registers
Linear feedback shift register example

output
x4 x3 x2 x1

Modulo-2
feedback  adder
PUBLIC KEY CRYPTOSYSTEMS


Signature Authentication Using a Public Key
Cryptosystem

A Trapdoor One-Way Function

The Rivest-Shamir-Adelman Scheme

The Knapsack Problem

A Public Key Cryptosystem Based on a Trapdoor
Knapsack
The important features of a public key
cryptosystem

 E
The encryption algorithm, k ,and the
decryption algorithm, D k
,are invertible
transformations on the plaintext ,M,or the
ciphertext ,C,defined by the key K. That is,for

each K and M, C  E k ( M ), M  Dk (C )  Dk E k ( M ) 

D E
For each K, k and k are easy to compute.

For each K,the computation of
computa-tionally intractable.
k D
from k is E
 Public Key cryptosystem

Subscriber A Subscriber B
M
C E B
(M )
Crypto M
Crypto
machine machine

Directory
E B
A- E A
B- E B
D B

C- EC
. .
. .
Signature authenticaton using a public key cryptosystem
A 1
A 1
C  E B ( E A ( M ))
Crypto S  E A ( M ) Crypto Public channel
M machine machine
Date
DA EB
Directory
C
1
E B ( E A (M )) B 1

Crypto
S E A
(M ) B
Crypto
machine M
machine
Signature
storage
DB
E A

Directory
The Rivest-Shamir-Adelman Scheme RSA

1.Each user chooses his own value of n and another pair of positive
integers (e,d) ,and n=pq, (n) =(p-1)(q-1),gcd[ (n),d]=1,
ed modulo- (n) =1,and p,q are prime numbers.
2..The user places his encryption key the number pair (n,e),in the
public directory.
3. The decryption key consists of the number pair (n,d),of which d is
kept secret.
4.messages are first represented as integers in the range (0,n-1)
5.Encryption: M  D(C )  (C ) d modulo-n
Decryption: C  E ( M )  ( M ) e
modulo-n
How to Compute e

A variation of Euclid’s algorithm for computing the

gcd of (n) and d is to compute e

1.First,compute a series x0 , x1 , x 2 ,.....,…... where x0 = (n)

, x1 =d ,and xi 1 = xi 1 modulo- xi ,until an x k =0 is found.
than the gcd ((n) , d )= x k 1
2.For each xi compute numbers ai and bi such that
xi = ai x 0
bi x1
+
3.If x k 1 =1,then bk 1 is the multiplicative inverse of
modulo-x .If bk 1 is a negative number, the solution is
0

bk 1 + (n)
The Knapsack problem

1.Let us express the knapsack problem in terms of a knapsack

vector ‘a’ and a data vector ’ x’.
a  a1 , a 2 ,........, a n
x  x1 , x 2 ,........., x n
2.The knapsack,S,is the sum of a subset of the components of the
n
knapsack vector S  a x i i where xi  0,1
i 1

= ax
Super-increasing and how to slove “x”

ai   j 1 a j
i 1
1.super-increasing is i  2,3,......, n

2.When a is super-incresing,the solution of x is found by starting

with x n  1 if S  a n (otherwise x n  0 ) ,and continuing
n

 1 if S  j
as follows: x j a j  ai
xi =
i 1

0 otherwise

where i  n  1, n  2,...........,1
A Public key Cryptosystem Based on a Trapdoor Knapsack

-this scheme,also known as the Merkle-Hellman scheme

method:
1.we form a super-increasing
n
n-tuple a’,and select a prime number

M   ai
M such that i 1
,also select a random number,W, where
1<W<M,and we form W 1 to satisfy the following relationship:
1 1
W W modulo -M =1,note:the vector a’ and the number M,W, W
are all kept hidden.

2.we form a with the elements from a’ as: a i  Wa i modulo-M
3.When a data vector x is to be transmitted ,we multiply x by a,
yielding the number S,which is sent on the public channel.
n n

S  ax   ai xi   (Wa i mod ulo  M ) xi
i 1 i 1

4.The authorized user receives S and converts it to S’ :

n

S   W S mod ulo  M  W
1 1
 (Wa
i 1
i mod ulo  M ) xi mod ulo  M
n n
 
=  (W
i 1
1
Wa i mod ulo  M ) xi mod ulo  M =  i xi mod ulo  M
a
i 1

n

  ai xi
i 1

5.Since the authorized user knowns the secretly held super-increasing

vector a’ ,he can use S’ to find x.
CONCLUSION

1.We have presented the basic models and goals of the cryptographic
process,and looked at some early cipher systems.
2.We defined a system that can exhibit perfect secrecy .
3.We outlined the DES algorithm in detail,and we also considered
the use of linear feedback shift registers(LFSR) for stream
encryption systems.
4.RSA scheme ,based on the product of two large prime numbers,
and the Merkle-Hellman scheme,based on the classical knapsack
problem.