Communication Theory of Secrecy Systems - Network Research Lab
Communication Theory of Secrecy Systems - Network Research Lab
Communication Theory of Secrecy Systems - Network Research Lab
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
(4) Each message in Ci can be enciphered into each cryptogram in C ′ i by<br />
exactly k<br />
ϕi<br />
different keys. Similarly for decipherment.<br />
The importance <strong>of</strong> the concept <strong>of</strong> a pure cipher (and the reason for the<br />
name) lies in the fact that in a pure cipher all keys are essentially the same.<br />
Whatever key is used for a particular message, the a posteriori probabilities<br />
<strong>of</strong> all messages are identical. To see this, note that two different keys applied<br />
to the same message lead to two cryptograms in the same residue class,<br />
say C ′ i. The two cryptograms therefore could each be deciphered by k<br />
ϕi keys<br />
into each message in Ci and into no other possible messages. All keys being<br />
equally likely the a posteriori probabilities <strong>of</strong> various messages are thus<br />
PE(M) =<br />
P (M)PM(E)<br />
P (E)<br />
= P (M)PM(E)<br />
<br />
M P (M)PM(E)<br />
= P (M)<br />
P (Ci)<br />
where M is in Ci, E is in C ′ i and the sum is over all messages in Ci. If E<br />
and M are not in corresponding residue classes, PE(M) = 0. Similarly it can<br />
be shown that the a posteriori probabilities <strong>of</strong> the different keys are the same<br />
in value but these values are associated with different keys when a different<br />
key is used. The same set <strong>of</strong> values <strong>of</strong> PE(K) have undergone a permutation<br />
among the keys. Thus we have the result<br />
Theorem 4. In a pure system the a posteriori probabilities <strong>of</strong> various messages<br />
PE(M) are independent <strong>of</strong> the key that is chosen. The a posteriori probabilities<br />
<strong>of</strong> the keys PE(K) are the same in value but undergo a permutation<br />
with a different key choice.<br />
Roughly we may say that any key choice leads to the same cryptanalytic<br />
problem in a pure cipher. Since the different keys all result in cryptograms<br />
in the same residue class this means that all cryptograms in the same residue<br />
class are cryptanalytically equivalent–they lead to the same a posteriori probabilities<br />
<strong>of</strong> messages and, apart from a permutation, the same probabilities <strong>of</strong><br />
keys.<br />
As an example <strong>of</strong> this, simple substitution with all keys equally likely is a<br />
pure cipher. The residue class corresponding to a given cryptogram E is the<br />
E. In<br />
set <strong>of</strong> all cryptograms that may be obtained from E by operations TiT −1<br />
k<br />
this case TiT −1<br />
k is itself a substitution and hence any substitution on E gives<br />
another member <strong>of</strong> the same residue class. Thus, if the cryptogram is<br />
then<br />
E = X C P P G C F Q,<br />
E1 = R D H H G D S N<br />
E2 = A B C C D B E F<br />
676