 So the classical ciphers last week we we mentioned Caesar cipher and That led to a brute force attack. We're a brute force attack involves Not using our brains, but just trying every possible key and it works in the Caesar cipher because there are only 26 possible keys so we can try them all and This brute force attack is successful because if we take the cipher text and Decrypt using every possible key Then we'll be able to detect of all those possible Plane text which are produced so we decrypt a cipher text with a key to get a plain text value We'll get 26 possible plain text values only one of them will make sense All the others the other 25 will look like just random arrangements of English letters And that generally holds that when we decrypt something if we use the correct key We'll get plain text that we can recognize It will have some structure that we can recognize if we decrypt some cipher text using an incorrect key and By incorrect key. I mean a key that is different from what it was Used for encryption. So if we decrypt with an incorrect key, we'll get plain text, which is Random-looking it doesn't have a structure and we'll be we'll assume as the attacker we can recognize that Because we get plain text, which doesn't make sense. We use the wrong key Okay, so as we try different keys if the plain text doesn't make sense assume That's the wrong key try the next key until you decrypt the cipher text with a key that results in plain text that makes sense And it turns out in practice in most or if not all applications that that's true that Decrypting with the wrong key gives us random or Recognizably wrong results decrypting with the correct key gives something we can recognize is correct We then went on to So that introduced the concept of a brute-force attack We mentioned a different cipher where basically we have the 26 English characters and allow the the person encrypting to choose an arrangement that each of the input plain text characters will map to one of the 26 Possible English characters for example a when it's encrypted will become D in the ciphertext B will become Z and Z will become Q as one possible encryption mode but we can The people encrypting and decrypting choose that arrangement and they must let each other know what that arrangement is and We saw that in that case the number of arrangements possible Is 26 factorial in effect there are 26 factorial possible keys because From the attackers perspective, we don't know this arrangement The encryptor chooses it we need to find that arrangement that produces the correct Plaintext as the attacker and then since there are 26 factorial possible arrangements Then from a brute-force attack the attacker would need to try 26 factorial possible keys and Then we saw if we jump back we flicked between a few of these slides some of the concepts versus some of the examples If you look at the bottom line here, and it's a bit confusing someone asked me a question This 26 factorial is really this last line as a special case. It's in the wrong column 26 factorial is the key space the key space is the number of keys The key length only is only relevant for the binary keys So the first six rows in this table will return to them later means key length is 32 bits or 256 bits 26 factorial doesn't mean the key length It's the key space. So those two should be really in the same column 26 factorial is approximately 2 to the power of 88 26 factorial If we need to try all of those keys if we have a computer that can try keys at a speed of 10 to the power of 15 keys per second so What's that 1 million billion keys per second? Then it would take 10,000 years to do a brute-force attack So this shows that it's quite easy to defend against the brute-force attack brute-force attacks In theory easy try all keys But in practice we can make a system secure against a brute-force attack by just making the key large enough Make sure the key space is a size such that even with the fastest computers today And even with millions of those fastest computers Someone still won't be able to find the key because there's not enough time And we'll see that with practical keys today that the key length is such that brute-force attacks are not possible back to Some of our classical ciphers so the mono alphabetic cipher this substitution cipher brute-force attack not possible But it turns out it's very easy to break using what we say crypt analysis and We exploit the fact that the plain text has some structure in it In particular the language English language and the same with any other language has some letters that occur frequently more frequently frequently than others Some diagrams that occur more frequently Frequently than others so diagrams are pairs of letters and Trigrams and words even So what we do is we look at the cipher text look at the how the algorithm works and Try and work from the given the cipher text and back to the plain text and in the same time discovering the key It's quite hard to show in the lecture such an attack but one of your homework tasks from last week was to do some reading and If you skip forward a few pages, I give you the printout of the the web page where I give an example This is the example I'll browse through it, but it's easy to see Which page I think in the printouts Page 21 in your printouts Called classical ciphers and frequency analysis examples It's easy for you to read on paper than on the on the screen But it just steps through some simple examples of attacks on different ciphers starting with a Caesar cipher and a brute force attack so it starts with This dvvk zdc is some cipher text the attacker knows the cipher text They know Caesar cipher was used a brute force attack Really involves looping through all 26 possible keys and you'll see it on yours that all right I use just use some software to decrypt just a script to decrypt and I tried all 26 possible keys And we see one of them makes sense. Where is it 17? Meet in lobby at 10. Okay, so all the others don't make sense So this is a brute force attack on Caesar cipher The next thing is and again you should read through it in more depth than what we can cover today is the fact that Some text some large piece of text a book or a set of books will contain Some letters occurring more frequently than others So in this example, I use some software to count the letters in an example book So I downloaded a book from a website in text format and this program crypto count letters of that book Percent sort just counts the letters and sorts them from the the the largest percent Down So returns that the letter e Occurs 12 percent of the time in the text The letter t 9% and so on and if only shows the first 10 or so 10 or 15 You can find for the rest as well Just showing that in a large text with a lot of words. You'll probably find that the letter e Was usually the most frequent letter in English t and a are up there as well Of course in different texts, especially as they're shorter those frequencies will change But if you cover a large set of texts, you'll see some pattern there q x and Say and you are quite maybe q and x especially are quite infrequent down the bottom Same with any other language in tie in other languages. There's some structure Some characters occur more often than others also, we can count the diagrams and We see that th occurs most often h e i n e r and Other diagrams pairs of letters, which are not shown are much more infrequent and Trigrams is the triples t h e a n d i n g you I think you see in in words and in phrases Those triples occur more frequently than others Just going back to letters If every letter occurred at the same frequency, what percent should we have? How much what percent of ease should we have? if every letter was Equally distributed across the text what percent of ease and or teas would we have? One divided by 26 so we have 26 letters if they're equally distributed then would have one divided by 26 as a fraction Which is about three point eight five percent so if The letter a occurred the same at the same frequency as z and q and r Then that are all occur about three point eight five percent So that all have about the same value, but of course in this case in practice some are more frequent than others That's in the plain text and the example here Another cipher text again using Caesar cipher and against hard to see on the screen, but a longer Cipher text here not just a few words, but a several sentences. I think it was Again, we could do a brute force attack So that's possible on the Caesar cipher, but we can do some form of frequency analysis. So What we do is we take that ciphertext at the top and Here I count the letters of the cipher text and I see J occurs most frequently at 13 percent Y is nine percent s is nine percent and so on From that we can almost work out What the key is using the Caesar cipher? What is it? How do we work it out? How do we work out the key in the cipher text? The most frequent character is J In the original plain text we'd expect the most frequent character to be E Because in large plain text we know from the statistics of the most frequent character is E Not always in short plain text, but it's a good guess to say okay If the most frequent letter in the cipher text is J Most likely that corresponds to E in the plain text So we find in the Caesar cipher. What would shift us from E to J? What is it? I Think it's sit here a key of five J is the most common letter in the cipher text We expect the most common letter in the plain text to be E That means if we need to map using the Caesar cipher E to J. It's a shift of five positions so a key of five and We actually try it with a key of five that is so by guessing the key of five just from that analysis We decrypt immediately. So this is not brute force. We don't try all keys We deduce the key try it and it turns out that yes, it does produce some some text that makes sense Okay, so this is crypt analysis It's not a brute force attack Instead of trying 26 keys We've cut it down to trying just one key plus a little bit of analysis of the frequency of letters It works quite well with a Caesar cipher The reason it works is because Just going back to the Caesar cipher The Caesar cipher always maps one letter of plain text to the same letter in cipher text So if there is a plain text message which has 12% ease in it Then the cipher text if we use this form of the Caesar cipher if the plain text had 12% ease Then the cipher text must have 12% h's Okay, if we use this example Caesar cipher a key of three So therefore if we count the letters in the cipher text and we get about 12% of the letter h Then we guess all right h maps to e and that gives us a key of three So Caesar cipher is both insecure with respect to brute force attack and insecure with respect to crypt analysis The next example on that web page again. I highly recommend you reading through it because it's hard to see on the screen Remember a mono alphabetic cipher Takes 10,000 years for the fastest computer to break in in brute force attack so brute force is not possible but a Crypt analysis turns out we can do in a 10 or 15 minutes by hand Okay, and this goes through the steps of doing such analysis So again, we start with some cipher text The attacker has some cipher text is listed there We know that it's the mono alphabetic cipher, but we don't know what mapping what arrangement of letters were used We need to find that out So what we do Given the cipher text count the frequency of letters And we count them when we find out t is the most frequent Zed is next and oh What's your guess now? Maybe t in cipher text maps to e in plain text because we see t is the most frequent letter in the cipher text We expect e to be the most frequent letter in the plain text. So in terms of the mapping e When it was encrypted could have become t It's not always true But usually one of those top frequent letters e t a and n map to one of the frequent letters in the cipher text So we do a little bit of trial and error Take the cipher text replace all the letter t's with a letter e and Then do that for the others that is maybe zed in the cipher text maps to If we go what? T so the top the top four or five in Expected plain text e t a oh I What we get in the cipher text Here is t z o lg. So we could try those mappings and Then look at the cipher text and start replacing the letter t with e Replace the letter z with t and see if we start to see some words appear in the cipher text from decrypting to get the plain text Sometimes it works quickly that is t does map to e sometimes we we find it doesn't make sense We need to try something else But with a computer that you can do that quite easily we can also do it with diagrams What was the most frequent expected diagram? remind me Th, okay, we measure in the cipher text we get o f Maybe you pairs of letters in the cipher text o f Correspond to th so try and replace them and see if we start to build up words in the cipher text And that's what we do here. We It's hard to see but this is the cipher text But I've replaced some letters with uppercase letters Which are the corresponding plain text if I map according to our frequency statistics that is the letter here of Which was I think t in cipher text I've written it as e in plain text Doesn't give us much clue as to what the message means yet That was just replacing t with e but we do it with the other letters And we keep trying We map t to z Or what was input as it becomes t and I go through you can go through a few steps try some others and Then you may start see if you know what you're looking for at least some patterns thi Int they are common things we'd expect to see in English text te I Nte something n e t What's that? Internet Okay, so if you have some context that well you can guess what the message may be about you can start to detect words So that suggests Maybe the letter K Maps to R and we can try that and replace all the K's with ours and and keep going through a few iterations and we see Something this something something and so on you see the word internet there Return and try some of the more frequent letters and if you keep going it doesn't take long a few more steps And you get to hear this course something Introduce okay to the Secure it Okay, so you basically have it now because you're starting to see words and because you've got Most letters in a word you can start to work out quite quickly what the remaining letters are and the next couple of steps you you've almost completed and You get to the end so some our original plain text All right on pen and paper. It takes a few steps It takes more than 10 or 15 minutes But with a computer it's almost instantaneous because a computer can do that quite well as well it looks for It tries different mappings and it looks for common words So if we do a mapping and we get words which are in the dictionary, then it's most likely the correct mapping if we get words that are We get sequences of letters which are not words and it's likely an incorrect mapping so we can program a computer to do that for us So a mono-alphabetic cipher brute force impossible crypt analysis easy trivial really a game Have a look read through that one in more depth As homework mono-alphabetic is not secure Despite brute force attack not being possible the problem with it is that The frequency of the plain text so the fact that he is the most frequent character in the plain text Maps directly to the cipher text so if there's one Character is the most frequent in the plain text then there'll be one character in the cipher text which is the most frequent So we just need to find out which one and then we can start trial for the other frequent characters So the cipher text when we encrypt our plain text Contains the frequency statistics which are present in this plain text and that's bad So there are ways to improve it Encrypt multiple letters of plain text at a time So instead of take one letter letter a and map it to a queue for example take a pair of letters th encrypts to zf or Take a triple of letters and map it to another triple of letters that starts to spread out the statistics in the cipher text or To as we'll see in another approach use multiple alphabets So instead of a mono alphabetic cipher a poly alphabetic cipher, so we'll see both of them in the next few examples This just gives another viewpoint of the most frequent letters. I think this was taken from many legal texts so Hundreds of thousands of words of text and they count the letters We'll come back to this one to compare some of these ciphers later So let's look at a cipher that doesn't operate on a each letter at a time Like the last two we saw it operates on a pair of letters and that can help to spread the statistics in the cipher text so that One letter which is frequent in the plain text doesn't map to one letter which has the same frequency in the Ciphertext it's called the play for a cipher. Let's go through it. There's two steps We do some initialization where we create a matrix. So again, we use English letters. How many English letters are we? How many do we have? 26 we create a five by five matrix gives us 25 characters. So we need a special case We've only got space for 25 letters. Which one are we going to remove in this? so we need to agree on which one will remove and Typically or the original version of play fair said let's treat i and j is the same letter Because often in plain text you'll be able to recognize that Okay, by the context of the word whether that letter is supposed to be an i or a j So this is part of the algorithm saying in our plain text if we see the letter j Let's just change it to i and we'll see it still works quite well So what we do is we write down a five by five matrix and we choose a key word in this case not a number Not a single character, but a word and we write that word row by row and Then so if our word is four letters long It's the first four columns on the first row then the remaining 21 entries in our matrix are the alphabet and We make sure that we do not repeat any letters Let's try and you'll see that's not so hard. So just the initialization step first so the The two people communicating they must have a keyword. So that's the secret that they share They both must know that keyword. No one else knows that keyword. So we start What have we got the keyword in this case? And maybe it's on the election notes. I can't remember but Thailand So that's our secret that the two users choose the attacker doesn't know that So what we do is you write that and a five by five matrix T H I THA I L and We make sure we don't repeat any letters So we've already got an a the next letter is an a but we've already written it in the matrix So we skip this next a and go to n D So there's our keyword written in the matrix Don't repeat letters and the rest of that five by five matrix We fill out with the rest of the alphabet in order. We've already got a so we go through a b All right, we need to make sure we skip the letters that we've already got in there So we don't do d again. I've got h so we go to K We've got J Here's our special case I and J think of them as the same letter So we that we don't write a J here Because we can only fit 25 letters in our matrix. Okay? This is the way the algorithm works. We we're going to use the matrix to encrypt in a moment so we need to Really remove one letter and the decision one decision is to say, okay, let's remove the letter Or let's join the letter I and J So if we'll see later if we want to encrypt the word Which has an I in it then we Will use the I in the matrix if we want to encrypt the word which has the J in it We think of it as the letter I in the matrix and when we decrypt The user will be able to recognize whether the letter that we get in the plain text is supposed to be an I or a J Because there are not many words where it would be confusing whether the letter is I or J If you replace a word which has an I with a J that word won't make sense If you replace a word which has a J with an I that word will most likely not make sense So you'll be able to use the context of that word to distinguish which one is which We'll see in some examples Let's fill in the matrix. What do we get to oh? almost there V So there's our what we call our play fair matrix play fair is it's named after some guy who I Think it was some general that they named it after That's the initialization Now when we want to encrypt something we use this matrix to encrypt so The person who's encrypting can create the matrix and when someone wants to decrypt they create the same matrix Okay, so the person who decrypts knows the key word is Thailand they create the matrix in exactly the same manner so as a simple example we'll Start with the plain text of The word hello We want to encrypt hello and get some ciphertext just to show you how the algorithm works The play fair cipher operates on pairs of letters That is we look at a pair of letters of the plain text at a time How many letters in our plain text in this case? Five we don't have an even number if we're going to have a pair of letters at a time We actually needed an even number of letters So we need some special cases in this algorithm to say if our plain text has an odd number of letters add some padding To make it an even number of letters and a common way to add padding is to add a letter on the end Such that someone will still understand the message Maybe add the letter X on the end and you get hello X as the plain text Still someone who receives that will most likely understand that it means hello And when you have much longer plain text It's not a problem if you add one letter at the end because someone will still be able to read the entire message But the algorithm works on pairs of letters, so we must make sure the plain text has an Even number of letters But there's another special case which we'll see in a moment, but let's let's show the general case what we do is we take a pair of letters at a time and Our first pair is he so the first pair is he We look up those letters in the matrix and we find the positions of h and e and To encrypt that pair of letters we Find so for h we find the letter which is on the same row and As h and the same column as its partner So the same row as h and the same column as e is the letter L so it's going to Encrypt and I'll write it as uppercase here because often we Write ciphertext is uppercase just to make it clear. This is ciphertext. This is plain text H e Maps the LD so look at the pair of letters of plain text and The one on the same row as ours and The same column as our partner Becomes the output ciphertext the same row as H or the first letter H and the same column as the second letter the output is L Then for the second letter output the same row as e and the same column as h outputs D So that's the first We encrypt pair of letters at a time. So we encrypted the first pair try the next pair What happens? What is the next pair of plain text letters? LL That rule doesn't work Okay, because the same row as L and the same column as L is L And we'd encrypt LL to LL which is not very good encryption not to change the plain text So in fact, we have another special case if we have a pair of letters which are the same separate them and We separate them by introducing some padding So in this case the first pair was he the second pair would be LL We recognize well, we can't do that. So let's introduce some padding here Let's introduce another letter a special letter. Let's say X So become he L x L o And that's nice because it also gives us our even number of letters. So we've got three pairs So that's needed if we have in a pair of the same two letters because If we used our rule on the same two letters, we'd get the same output ciphertext so in fact To encrypt. Hello. The next step we do is We take LX So we had LL we introduced the X there and encrypt that What does it become? All right L? X same row as L is a and same column and as X so it becomes Cypher text a and The same row as X the same column as L. We get Z and the last one. What have we got? Lo What do we get? Here we need a special case Lo is the next pair the last pair of plain text letters When and we look at the matrix and we see L and O are on the same on the same column In that case just move down Wrap around if necessary so Lo What's down from L E? What's down from O? You becomes EU If our two input plain text letters are on the same row move to the right If they're on the same column move down if not find on the same Row as our letter and the same Column as our partner letter Le then it will become what? EO so le we think of if we have le L becomes e e becomes O if we're encrypting Q you Q would become R you would become P it wraps around U Z Z L Wrap around on the columns and on the rows and we have our we have our Ciphertext so that's our ciphertext we send to our friend our friend receives LD AZ EU our friend knows the keyword is Thailand and creates the same matrix and Applies almost the same rules to decrypt The same rules except when we're on the same row on Or column instead of moving down from what? EU To decrypt will move up EU will become LO When we decrypt We need to get the original plain text back which was he LX LO in these simple ciphers Oh, usually we're not go through the decryption But you should try them Decryption is easy to test if you decrypt and get the original plain text back It's correct if you don't get the original plain text. You've made a mistake Especially in your quizzes or in the exam It very easy to test if you've got it zero marks or full marks Just encrypt it and decrypt it and if you get the same answer you are okay With these ciphers at least What's important in this cypher what's different from the others is it's operating on a pair of letters at a time and We'll just write it again our plain text We needed this X to make it to separate yell So think of the plain text like this, but we know it means hello because there's no word hell X LO so we can guess X is a special character and We got cypher text LD AZ EU Look at the mapping from one letter of plain text to one letter of cypher text Look at the elves The first time we encrypt the L the output is a The second time we encrypt the L we get an output of E That's important and that's an important characteristic of this cypher And then it makes it harder to do that frequency analysis of letters L occurs. I'm not sure if it's it's on one of the slides. Let's go back L occurs about 4% of the time in plain text With a mono-alphabetic cypher Caesar cypher L would map to the same letter each time and that same letter would occur about 4% of the time in the cypher text but in the play fair cypher Even though L may occur 4% of the time in the plain text All right, here's it's quite short so we can't look at percentages But in a long plain text if L occurs 4% of the time The letter we get out from encrypting L Doesn't necessarily occur 4% of the time because L maps to multiple different letters And that makes it better to withstand Someone doing an attack that looks at the frequency of letters because now we really spread out the frequency of letters One letter doesn't always map to the same letter. It maps to different letters and the same concepts can be applied by Applying applying our encryption across different lengths of characters two three and so on It works better when our plain text is much longer So that's the strength of the play fair cypher but We still have the frequency of diagrams diagrams or pairs of letters So if later we have HE we have a very long plain text later. There's a HE here It will still become LD If later we have an LO we'll get ciphertext EU So diagrams still map to the same ciphertext, but single letters do not and an attacker can use the fact that some diagrams occur more frequently than others TH EN IN and so on and again can break the play fair cypher With a little bit more effort than the mono alphabetic, but nothing that a computer cannot do so it's better because it doesn't map One letter of plain text always to the same letter of ciphertext But it still has limitations because pairs of letters always map to the same output We did that It's better than mono alphabetic, but for computers once you look at diagrams trigrams expected words It's very easy to break still So what we need for a strong cipher is to make sure the ciphertext contains no statistics That make it easy for the attacker to work out the original plain text and that's what we're moving towards now We saw with the mono alphabetic cipher With the mono alphabetic cipher and I'll jump back to it. We map one letter Always to the same ciphertext letter a always maps to D in this example y always to F so if our plain text has 12% ease our ciphertext will have 12% s's in this case and that's bad from The strength of the cipher. It's easy for the attacker to use that frequency of letters what we want is that The letter e even though it occurs 12% on the plain text Then it doesn't map to the the same letter each time and in fact That it distributes the letters amongst those 26 so sometimes e maps to a sometimes it maps to be sometimes through to z So that there's an even distribution of the letters in the ciphertext Ideally the ciphertext should have Letters no letter occurring more frequently than any other letter and That would be a perfect sofa and the way to achieve that is to Allow a cipher to map to multiple different letters called a polyalphabetic cipher and we'll go through two examples Vision air cipher and the one-time pad and there's another one in the textbook where there are others But we'll just go through to demonstrate this the vision air cipher think of it as 26 different Caesar ciphers remember the Caesar cipher says take a letter Take the key and shift that letter by the key number of positions to the right to get the ciphertext Well, we've got 26 different keys we can use So what the vision air cipher does is we have instead of one key we have One key letter for each input plain text letter We actually have a key word so the example here if the plain text is internet technologies The key word in this example sir and on What we do is we repeat the key words such that we generate a key which is the same length as the plain text So I repeat it if we don't we don't have to complete the key word. So if we had And here in the plain text with the key would be si r So we just repeat it until we fill out such that the key is Just the key word repeated But the key is the length of the plain text Then to encrypt we take the plain text letter I and we apply the Caesar cipher where the key is s and If you take the Caesar cipher input plain text I key of s you can check you get a is output Then the next letter and is the plain text letter in the Caesar cipher the key in the Caesar cipher is I We get V on output and we keep encrypting users in the Caesar cipher But instead of using a Caesar cipher with the same key for every letter We change the key according to the key word Everyone can decrypt Caesar cipher a vision air cipher Common quiz question quiz questions are usually not encrypt but decrypt Because they are harder a you need to know the algorithm and be Sometimes Sometimes they're harder, but you can well they're easier for you because you can check the answer Okay, if you decrypt Ciphertext and you get Random letters in the quiz the most likely you've done it wrong If you decrypt the ciphertext in the quiz and you get a word that you understand the most likely you've done it correct but In this case to decrypt we again use the Caesar cipher if we have the letter a as cipher text We know the key is s we use the Caesar cipher with a key of s and Do the shift back to the left by s positions s is what? 19 or 20 The the point of this in terms of security is that if we look at our plain text letters Look at the letter t. It occurs three times in this short plain text t here and there's two t's together and Look at the letters in the cipher text that it maps to The third letter t i and t becomes k The next t becomes h this this T becomes k again So we've changed the letters in the cipher text except here. We've got a k again And we'll see that that's a flaw in in this cipher Let's try other letters e there are four instances of e e becomes m L R and V So even though e is the most frequent letter normally in plain text using the vision air cipher It will not map to any one letter in the cipher text Meaning it's hard to work out. What is the mapping from the cipher text letters back to the plain text letters? So it's all about making sure this cipher text doesn't contain the statistics of the language It doesn't contain one letter that occurs 12 percent of the time and this starts to achieve it If we especially have a much longer plain text, we'll see that occur. We could count the letter the number of a's How many a should we get? What percent of a should we get in the cipher text? one in 26 ideally 3.85 percent and the number of B's in the cipher text should be one in 26 if it works well Okay, so that's what we want that the cipher text appears random There's no distribution of letters one doesn't occur more frequently than the other and this is starting to achieve it It's almost perfect The problem with this especially when we have large plain text Which is usually the case when we're communicating. We don't always just send small messages We usually send a sequence of messages or some long messages The problem is that we need to repeat the keyword and It can turn out as we repeat the keyword multiple times We do start to get some letters in the plain text mapping to the same letter in the cipher text and that's bad we'd like The plain text letter to always map to a different letter in the cipher text But the repeating keyword doesn't allow that especially for long plain text. So this is a much better cipher than what we've seen With the mono alphabetic cipher and even the play fair cipher, but it's still possible to break And we will not go through an example. There's some you can get software that will do it for you quite easily And you can do it manually, but you need to look for the fact that There's a keyword of a particular length that starts to repeat and Therefore you'll start to get repetitions in the output cipher text related to how long the input keyword is So it is quite easy to break using a computer The weakness is that we use a structured keyword Why did we use a keyword to make it easy for the two users to exchange a key? I just read no know the keyword and I tell my friend and it's easy to remember and to write down a Better way is do not use a keyword, but use to use a random sequence of letters and That's the next cipher the one-time pad Almost the same in this example But instead of using a keyword and then repeating that keyword choose a random sequence of letters Which are? Which is the same length as the plain text if our plain text is a thousand letters long choose a key Which is a thousand letters long? Such that those letters are chosen randomly if we do that then we get a perfect cipher The one-time pad is the only known scheme that we consider unbreakable And we'll talk more about what unbreakable means After this and when we return to some other slides, but there's no way to break it if we do it correct even a brute force Will not defeat it even if we have all the computers and all the time in in the universe We cannot break it So we'll see some reasons why later, but first how does it work? Well, we won't go through an example because it's the same as Same as this But instead of using the keyword just choose random characters here But make sure they are random okay, so you need to to Correctly choose random characters. You can't maybe just pick them from your head You need a computer to to correctly choose those random characters if you do Even if there's repetitions of letters in the plain text We will successfully spread out the frequency of letters in the cipher text for a long plain text The number of a's in the cipher text. It'll be 3.85 percent B's the same frequency 3.85 Zeds 3.85 percent that is one out of 26 of the letters will be each of those letters so what we've gone through is five different Classical ciphers to try and demonstrate some of the key concepts used in encryption even in real ciphers today The point is Try and get the cipher text which has no structure Even though the plain text has some structure get the cipher text to be appear to appear random questions It's gone through those ciphers quickly a lot of new concepts some questions You should be able to encrypt with each of those five ciphers Caesar mono alphabetic play fair vision air one-time pad and Similarly decrypt Caesar cipher. Okay, you can encrypt decrypt with Caesar cipher Yes, okay What about play fair that one made sense? All right, you may need to practice a little bit before you remember the steps But once you practice the ciphers once or twice, I think you'll work it out Vision air everyone can encrypt with vision air cipher If you can do Caesar cipher you can do vision air because it's the same It's just that we Change the key each letter. Let's try it Just to confirm just do the first one or two letters here. I and T as I are what do we do? We have plain text and we have the key s bring up the The numbering of letters so it's easy to do quickly Hard to see but we see that I is eight S is 18 So Caesar cipher. What do we get? encrypt I is 8s is 18 eyes the 8th letter s is the 18th Caesar cipher add them together and then mod by 26 8 plus 18 is 26 mod by 26 we get zero or a It's just the Caesar cipher and N Is in fact the 13th or letter 13? Just do this one I Is 8 so this is this I is the second letter in our keyword and We get what 21? Mod 26 is 21 and the 21st is V Okay, and you can keep going so it's the Caesar cipher The cipher text a V and if you keep going K M and so on so you can do the Caesar cipher Mono alphabetic we It's hard to do in practice because you need to write down all 26 letters, but it's not so hard Play fair you need to practice a little bit Vision air well if you can do Caesar cipher you can do vision air just remember. It's the keyword repeats and one time pad Exactly the same as vision air, but the keyword is no longer a repeating word. It's just a random set of characters so Exactly the same procedure Any questions before we summarize on the concepts that we've learned? Right, let's look at these these trade-offs and the security so We arrived at the one-time pad it is Very simple in fact. There are different implementations the implementation We see of using the Caesar cipher is what we use on English characters, but for a computer when you're operating on binary You can just use an exclusive or it turns out that if you take your binary plain text you exclusive or with a Random sequence of bits of the same length of the plain text you'll get the same effect as well You'll get the one-time pad. You'll get a perfect ciphertext as output So it's actually very easy to implement in hardware Xor is very fast in hardware We call it unbreakable and we'll see we're on one of our earlier slides that will define unbreakable as meaning Unconditionally secure or unconditional security Under no conditions Can we break it? We cannot use the frequency analysis to try and work back We cannot look at diagrams and trigrams because there is no No diagrams or trigrams that occur more frequently than any others and there are no letters that occur more frequently than any others in the ciphertext So there's no way to take advantage of that structure in the plain text Can we do a brute force attack though? Even I give you all the computers in the world and I give you all the time in in forever, okay As much time as you want Let's say you have an infinite a computer with infinite processing capability So it can instantly try all possible values will it work Right you you can try all possible keys. So assume you can try all possible keys and There are many many keys possible. So we need enough time, but assuming you could try all possible keys Still you would not find the plain text and the reason why is because what you'll do is you take your ciphertext decrypt and You get some potential plain text You'd recrypt with one key then you take the same plain cipher text decrypt with a second key Get the second set of potential plain text and you do it with all the possible keys. That's brute force So you'll get many possible plain text values and Then we said you need to choose the one which makes sense Okay, it's say the English words Well, it turns out that there are so many keys such that if you try all the keys Many of the possible plain text values will make sense There won't be just one that is a English phrase or an English Sequence of English words, there'll be many that make sense and Then the attacker has no way to determine which one is the true message because if you get many Say English words or English Sentences that make sense How do you know which one's the true one and there's no way to know other than guessing and in practice There'll be many such that a guess gives almost a zero chance of guessing So even if you had a brute force attack you had enough time to do a brute force attack You still wouldn't get the plain text and that's what we mean by unconditional security a brute force attack doesn't help This is an example of that concept, but just With two keys so This was the cipher text The attacker knew the cipher text the attacker did a brute force attack. They try many possible keys Two keys they tried of all of them. I only list two they tried this key To make it a little bit easier to read we introduced a 27th character space Okay, but the same concept So we take this cipher text we decrypt with this key this random sequence of letters And we get this possible plain text mr. Mustard with a candle stick in the hole Then we we keep trying if we tried all possible keys then another key this random sequence of characters We get miss scarlet with a knife in the library as a possible plain text It's the role of the attacker now to consider these plain text values and say which one was the original plain text Anyone know What can you do? The only thing you can do is guess in this case if there are only two that made sense then guessing gives you a 50% chance But in practice because there are so many keys you'll get many like in billions and billions of plain text that makes sense and the chance of guessing When you choose from billions and billions is one divided by billions and billions which is almost zero So the attacker has no way to find the true plain text Even if they do a brute force attack And it's the only known cipher that has that characteristic under conditional security for this to work Let's say I I had the original plain text I had it was mr. Mustard with a candle stick in the hole and I encrypted I chose this key To send my cipher text to you so you can decrypt. I must somehow get the key to you That's a challenge Now consider if my plain text was maybe 10 gigabytes My key must be the exact same length 10 10 gigabytes So to get a 10 gigabyte message to you first I must somehow get a 10 gigabyte key to you And we must do that manually write it down on a piece of paper Encoder on a CD or a multiple DVDs on a USB drive That's very hard to distribute keys of such a size So the problem with the one-time pad is if you want to encrypt large messages you need a very large key and Distributing large keys is hard That's the first problem The other problem the key must be random It turns out creating random sequences Many long random sequences is not easy even for computers so It's hard to generate many many different random sequences such that we can have a key That is truly random so the one-time pad is Perfect in terms of security But has two practical limitations It's hard to create Random keys especially many different random keys, and it's hard to distribute random keys or long keys Hence, it's not used much It was said to be used by the Russians during the Cold War to to send short messages to each other Because with short messages, it's possible because you only need a shorter key But once you want to encrypt data streams of data or large data files it becomes impractical So we've arrived at the perfect cypher But because it's not practical we need other ways to make cyphers secure. They may not be perfect but they need to be both practical and Secure enough so later we'll talk about what do we mean by secure enough All of these cyphers are what we call substitution cyphers replace one letter with another letter in the alphabet Transposition is simply rearranging letters a quick one or two examples rail fence transposition Let's try it. We take the plain text and we write it across rows So on the slide we had our plain text and I'll write that plain text The key is the depth. It makes sense when we go through the example. We're going to write it across three rows so Three rows row one two three Internet technologies and applications we'll get their technologies someone tell me when I make a mistake and applications Now all we do to encrypt or to obtain the cypher text is read row by row I'll write it in lower case. It's easier read the first row and Then read the second row and then the third row and add a space, but let's try it a transposition cypher So the key is the depth or the number of rows If I had a four rows or a key of four then I'd write INTE across those four rows and then come back to the first row So we write our plain text in rows and then read row by row to obtain the cypher text That's it. It's a transposition cypher. It rearranges the letters Each letter in the plain text exists in the cypher text. We haven't substituted any In the plain text there is no letter Q in the cypher text, there's no letter Q In the plain text E occurs four times In the cypher text it occurs four times. So we're just rearranging in this case Again, very easy to break given cypher text Basically, if you start to try different depths Then you can again look at possible or expected words and see if you if you try a depth of If this is the cypher text given to you you'd maybe try a depth of two and Write it using a depth of two and see if you'd make words If not, you'll soon discover you can't make words with a depth of two You try a depth of three if that doesn't work four or five and so on and It's not so hard to automate breaking such a cypher. This is an example of a transposition cypher Rows columns a different transposition and it's slightly better We write we have a key which indicates a number of num at number of columns Plain text and key So this one the key was a depth of three and the next example that key is there's a three one five Six to four. They're in fact the numbers one to six Just mixed up We'll see the significance what we do is we write our plain text in columns So we had security The number of columns is determined by the key the key has numbers one to six. So we'll write it in six columns security and Cryptography We'll pad this out so that we have an equal number of Entries in each row. Let's just add an X at the end just to fill it out So it's actually security and cryptography X We need to have the same or each row filled out to get the cypher text. We read The columns but according to the ordering So we'll read the columns like st r r But we don't read this column first. We read the column which is number one E y y a So the cypher text Write it below e y y a this column Then r do y The sec the the key tells us which column to read then s t r r icg x x C a p p and UN th There's our cypher text Just a different transposition cypher Write our plain text in Across a set of columns and then to get the cypher text read the columns as as indicated by the key the key is in must be If we want six columns one to six rearranged if we can have a different length key it can be seven five three That's up to whoever chooses the key again The plain text letters appear in the cypher text frequency analysis We haven't changed the frequency of letters if there were 12% of ease in the plain text there are 12% of ease in the cypher text So that doesn't help the transposition doesn't change the frequency statistics But it turns out applying transpositions combined with substitutions Can be used to build very secure cypher's and we'll see that in the next lecture will return and see that two concepts one is that This one's easy to break. It's not so hard to break if you have just the cypher text but if you apply that same encryption again on e y y r do y that is write that in a sequence of columns and Rearrange Then it will be harder to break Multiple operations multiple applications of the same simple cypher makes us cypher secure and Combinations of transpositions and substitutions can make a cypher secure. So we'll get to that next lecture. So Make sure you can do the seven Classical cypher's that we've gone through today and last week We'll continue next lecture