Code and ciphers: Julius Caesar, the Enigma and the internet

More documents

Recommendations

Info

184 chapter 13 (6) Forty-eight bits of the key, K, are combined with an ‘expanded’ 48-bit version of R in a non-linear way (the ‘expansion’ consists of repeating 16 of the 32 bits of R) and these 48 bits are then ‘reduced’ to a 32-bit string, X (say). (7) L is replaced by R and R is replaced by the (mod 2) sum of X and L to give a new 32-bit R. (8) Steps (6) and (7) are repeated 16 times using different 48-bit segments of K at step (6) each time. (9) The 64 bits of the final (16th) stage are subjected to the inverse of the initial permutation, i.e. to (IP) �1 . (10) The resulting 64 bits are the cipher. The decipherment procedure (11) Decipherment is carried out by using the encipherment procedure in the reverse order with the same key, K. Security of the DES It is worth noting that two people who wish to communicate using the DES need to agree upon the common key and this can be agreed between them by using the Diffie–Hellman key exchange system. Unless a third party can intercept and change their communications this should be secure. As to the DES itself: many statistical, and other, tests have been made on data encrypted with various keys using the DES and have been found to be satisfactory. One particularly important one is what is known as the avalanche test: if one of the 64 bits of the input is changed, how many of the 64 bits of the output are changed? In a weak cipher system the answer would be ‘1’; in a perfect cipher system it would be ‘about 32’ and this is what happens in the DES. (For examples see [13.5].) Nevertheless, even before the DES was brought into use there were arguments as to its level of security. Since the users specify a key of 56 bits there are ‘only’ 2 56 possible keys for an adversary to try. Now 2 56 is approximately equal to 10 16.86 and if a computer could test one key in a microsecond it could try them all in about 2300 years. This is clearly impractical but the critics of the DES have suggested that a million such computers working in parallel could find the key in under a day. Since this would cost a huge amount of money, and take a great deal of organising, it is hard to imagine that anyone would think it worthwhile unless
the message were known to relate to a vital matter of national security. It has also been suggested that perhaps there is a secret ‘trapdoor’, or Achilles heel, known to the designers of the DES that would enable those who know it to find the key in a realistic time. This could be true, but nobody has found any evidence that such a thing exists. It has also been suggested that the DES should have been based upon a longer key, 128 bits being the most popular choice. This would certainly put its security beyond question and, since then, 128-bit encipherment has been introduced in other systems, but in 1977 it was not thought to be necessary. An alternative to using 128-bit keys would seem to be using two 64-bit keys in succession, but this can be shown to be only twice as secure as using a single 64-bit key provided that a vast amount of computer memory is available. The attack assumes that a known plaintext and its cipher equivalent are available. The known plaintext is enciphered under all possible 64-bit keys and the known cipher text is independently deciphered under all possible 64-bit keys. The two sets of data are sorted and compared. This means that 2 57 tests are required rather than 2 112 . When two identical texts are found we have candidates for the two unknown keys. Many false key pairs (about 2 48 in fact; see M27) will be found and will have to be tested on further known plaintext–cipher text pairs. This ‘meet-in-the-middle’ attack is not practical at present and is unlikely to be so in the foreseeable future. The security of the DES is enormously increased however if we use triple encipherment. Only two keys are required but they are employed as follows: (1) encipher with key 1; (2) decipher with key 2; (3) encipher with key 1. Encipherment and the internet 185 The adversary now will have to try 2 112 possible pairs of keys and this is considered to be impossible in any realistic time. This triple DES encipherment is regarded as secure and is currently in use. This form of triple encipherment has the additional advantage that it becomes identical to single encipherment DES if the two keys are the same, for it would allow a user with triple encipherment to communicate with a single encipherment user, and vice versa. Another form of triple encipherment uses three different keys in the three stages above. Once again compatibility with the other forms is achieved by making two or more of the keys the same.
Page 2 and 3:
This page intentionally left blank
Page 5 and 6:
R. F. Churchhouse Codes and ciphers
Page 7 and 8:
Contents Preface ix 1 Introduction
Page 9 and 10:
Cryptanalysisofalinearrecurrence 10
Page 11 and 12:
Preface Virtually anyone who can re
Page 13 and 14:
1 Introduction Some aspects of secu
Page 15 and 16:
Not a very sophisticated method, pa
Page 17 and 18:
change. As an example, anticipating
Page 19 and 20:
Another form of encryption is the u
Page 21 and 22:
and so is valid. On the other hand
Page 23 and 24:
When the modulus is 10 only the num
Page 25 and 26:
2 From Julius Caesar to simple subs
Page 27 and 28:
Table 2.3 Shift Message 12 OUI 12 Y
Page 29 and 30:
worry about but, on the other hand,
Page 31 and 32:
then it is probably THE and the unk
Page 33 and 34:
From Julius Caesar to simple substi
Page 35 and 36:
Page 37 and 38:
Table 2.6 From Julius Caesar to sim
Page 39 and 40:
Page 41 and 42:
and the key which provides the enci
Page 43 and 44:
Further examination reveals that th
Page 45 and 46:
ALTHOUGH I AM AN OLD MAN NIGHT IS G
Page 47 and 48:
Polyalphabetic systems 35 messages
Page 49 and 50:
Before leaving Vigenère try the fo
Page 51 and 52:
Polyalphabetic systems 39 blocks of
Page 53 and 54:
eginning at the top, but it is then
Page 55 and 56:
first row above, for example, we fi
Page 57 and 58:
Table 4.4 Key 3 1 5 2 4 1 2 3 4 5 6
Page 59 and 60:
giving B G L D I N A F K E J O C H
Page 61 and 62:
then the cipher text is HORUX SXSEO
Page 63 and 64:
The plaintext digraphs are now sepa
Page 65 and 66:
ox increases. By enumerating the po
Page 67 and 68:
Example 5.1 HAPPY BIRTHDAY encipher
Page 69 and 70:
Encryption The ‘plaintext’ is A
Page 71 and 72:
plaintext digraphs according to som
Page 73 and 74:
Cryptanalytic aspects of Playfair P
Page 75 and 76:
OURXSITUATI ONXISXDESPE RATEXSENDXS
Page 77 and 78:
the alphabet are represented by up
Page 79 and 80:
From a cryptographic point of view
Page 81 and 82:
3 7 0 7 7 4 1 5 6 1 7 8 5 3 8 1 9 0
Page 83 and 84:
If we generate the same sequence (m
Page 85 and 86:
Stencil ciphers The example above i
Page 87 and 88:
Book ciphers A spy must avoid arous
Page 89 and 90:
Table 7.2 Encipher table for a book
Page 91 and 92:
Letter frequencies in book ciphers
Page 93 and 94:
If then we try subtracting THE from
Page 95 and 96:
where row F (the row of the cipher
Page 97 and 98:
Ciphers for spies 85 that were nece
Page 99 and 100:
mistake can occur if the sender lea
Page 101 and 102:
inks and ciphers were provided by h
Page 103 and 104:
Example 7.6 Encipher the message AG
Page 105 and 106:
Ciphers for spies 93 simply a ‘ra
Page 107 and 108:
going into the mathematical criteri
Page 109 and 110:
numbers, 0 to 31 inclusive, into bi
Page 111 and 112:
Linear recurrences The sequences lo
Page 113 and 114:
Having converted the characters of
Page 115 and 116:
What about sequences of higher orde
Page 117 and 118:
combining the keys of two or more l
Page 119 and 120:
Example 8.3 (1) Use the mid-square
Page 121 and 122:
Problem 8.3 Starting with U 0 �1
Page 123 and 124:
The Enigma cipher machine 111 syste
Page 125 and 126:
The Enigma cipher machine 113 Plate
Page 127 and 128:
The Enigma cipher machine 115 Plate
Page 129 and 130:
Figure 9.2. wheel. For example, if
Page 131 and 132:
wheel and then through the three wh
Page 133 and 134:
first day of usage and so the asses
Page 135 and 136:
The Enigma cipher machine 123 The m
Page 137 and 138:
show how, in a typical encipherment
Page 139 and 140:
interested reader can find it in [9
Page 141 and 142:
great deal of data and many pages o
Page 143 and 144:
It should be realised, of course, t
Page 145 and 146: 10 The Hagelin cipher machine Histo
Page 147 and 148: ut there was no cryptographic advan
Page 149 and 150: of each cipher period, to which sid
Page 151 and 152: value can be expected to occur two
Page 153 and 154: Since some cages are obviously very
Page 155 and 156: 2, there are 26! possible simple su
Page 157 and 158: The Hagelin cipher machine 145 Exam
Page 159 and 160: values are repeating at the appropr
Page 161 and 162: Overlapping will obviously affect t
Page 163 and 164: Table 10.6 The Hagelin cipher machi
Page 165 and 166: 11 Beyond the Enigma The SZ42: a pr
Page 167 and 168: Description of the SZ42 machine The
Page 169 and 170: P1 41 43 Z1 (4) the five bits from
Page 171 and 172: which is approximately 1.6�10 19
Page 173 and 174: 12 Public key cryptography Historic
Page 175 and 176: part of the story of what has been
Page 177 and 178: Public key cryptography 165 graphic
Page 179 and 180: (4) Now (k x ) y �(k y ) x �m x
Page 181 and 182: Public key cryptography 169 Despite
Page 183 and 184: If the cryptographer were prepared
Page 185 and 186: number of tests increased by a fact
Page 187 and 188: In this case the remainder is 4, no
Page 189 and 190: key, d, we use the Euclidean Algori
Page 191 and 192: the decipher key, d, is used instea
Page 193 and 194: and and, since Table 13.1 n N�2 n
Page 195: The Data Encryption Standard (DES)
Page 199 and 200: whereas in block cipher systems, su
Page 201 and 202: (1) X precedes M with information w
Page 203 and 204: ways, since choosing to pair, say,
Page 205 and 206: For example; if someone claims that
Page 207 and 208: depth, mentioned in Chapter 3. If w
Page 209 and 210: M9 Combining two biased streams of
Page 211 and 212: and so 2�4�6�12 �(4095)�4
Page 213 and 214: Verification Let the recurrence be
Page 215 and 216: the lettersatsetting2ofthewheel,and
Page 217 and 218: M16 Probability of a ‘depth’ in
Page 219 and 220: (2) In how many ways can N be repre
Page 221 and 222: Chapter 13 M21 (Rate of increase of
Page 223 and 224: Multiply each of these by M: M, 2M,
Page 225 and 226: If x 3 �0 divide x 2 by x 3 to gi
Page 227 and 228: then k�[ log 2 n], where [z] deno
Page 229 and 230: Mathematical aspects 217 problem un
Page 231 and 232: RHAPSODY and SYMPHONY agree in posi
Page 233 and 234: 4.2 (Number of possible transpositi
Page 235 and 236: Table S.5 R H A P S O D Y B C E F G
Page 237 and 238: Chapter 8 8.1 (Recurrences of order
Page 239 and 240: columns in each case, are full of c
Page 241 and 242: Chapter 11 11.1 (Pin-setting errors
Page 243 and 244: [2.4] Moroney, M.J.: Facts from Fig
Page 245 and 246: [10.3] Almost any elementary book o
Page 247 and 248:
Name index Adelman, L. 171, 234 And
Page 249 and 250:
Subject index Abwehr Enigma 124, 13
Page 251 and 252:
active pin 136 cage:‘good’ 141;
show all

Code and ciphers: Julius Caesar, the Enigma and the internet

You also want an ePaper? Increase the reach of your titles

Delete template?

Save as template?