Caeser cipher - PowerPoint PPT Presentation

1 / 15
About This Presentation
Title:

Caeser cipher

Description:

An encryption scheme is a tuple (P,C,K, E, D) such that (1) P is a set. ... If the attacker can choose new ciphertexts dependent to obtained massages, ... – PowerPoint PPT presentation

Number of Views:158
Avg rating:3.0/5.0
Slides: 16
Provided by: cdcInform
Category:

less

Transcript and Presenter's Notes

Title: Caeser cipher


1
Caeser cipher
Example 5 letters are shifted Plaintext
CRYPTOGRAPHY Ciphertext HWDUYTLWFUMD
2
Encryption Scheme
An encryption scheme is a tuple (P,C,K, E, D)
such that (1) P is a set. It is called
plaintext space. Its elements are called
plaintexts. (2) C is a set. It is called
ciphertext space. Its elements are called
ciphertexts. (3) K is a set. It is called key
space. Its elements are called key. (4) E
Ekk?K is a family of functions Ek P?C.
Its elements are called encryption functions. (5)
D Dkk?K is a family of functions Dk C?P.
Its elements are called decryption
functions. (6) For each e ?K, there is d ?K such
that Ed(De(p)) p for all p?P.
3
Caesar cipher
Plaintext space, Ciphertext space, Key space are
alphabets SA,B,,Z.
We identify the letters A, B, , Z according to
the following table
A B C D E F G H I J K L M N O P Q R S
T U V W X Y Z 0 1 2 3 4 5 6 7 8 9
10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25
Encryption for e?Z26, Ee S?S, x ? (x e) mod
26 Decryption for d?Z26, Dd S?S, x ? (x d) mod
26
4
Attack models
  • Ciphertext Only Attack
  • - The attacker knows ciphertexts and tries to
    recover the corresponding plaintexts or the key.
  • Known Plaintext Attack
  • - The attacker knows plaintexts and the
    corresponding ciphertexts. He tries to find the
    key or to decrypt other ciphertexts.
  • Chosen Plaintext Attack (CPA)
  • - The attacker is able to encrypt
    plaintexts but does not know the key. He tries to
    find the key used or to decrypt other ciphertext.
  • Chosen Ciphertext Attack (CCA)
  • - The attacker is able to decrypt
    ciphertexts (except the target ciphertext) but
    does not know the key used. He tries to find the
    key used or to decrypt the target ciphertext.

5
Ciphertext Only Attack
m the messages (d secret key )
Ciphertext Only Attack
E(m) ciphertexts
(e public key )
The attacker can know the public key in addition
to ciphertexts for public-key cryptosystems.
6
Known Plaintext Attack
m messages
E(m) corresponding ciphertexts
the target messages (d secret key )
Known Plaintext Attack
E(m) target ciphertexts
(e public key )
7
Chosen Plaintext Attack
m the message (d secret key )
E(m) a ciphertext
Chosen Plaintext Attack
(e public key )
messages m
Ed(m) ciphertexts
Encryption Oracle
If the attacker can choose new messages dependent
to obtained ciphertexts, it is called the
adaptive chosen plaintext attack.
The chosen plaintext attack is always possible
for the public-key cryptpsystems.
8
Chosen Ciphertext Attack
E(m) A target ciphertext
m the message (d secret key )
Chosen Ciphertext Attack
(e public key )
Their decrypted messages
ciphertexts that are not the target.
Decryption Oracle
If the attacker can choose new ciphertexts
dependent to obtained massages, it is called the
adaptive chosen ciphertext attack.
9
Chosen Ciphertext Attack (CCA)
Decryption oracle
ciphertext C
Cd mod n
Cd mod n
  • An attack example
  • (1) Attacker computes A ReC mod n for a random
    R in Zn/Z, and sends A to the decryption oracle.
  • Decryption oracle computes B Ad mod n and send
    B back to the attacker.
  • The attacker computes B/R M mod n and get the
    message M.

10
Exhaustive Search
E(m) ciphertext
d the secret key
Find D(E(m)) m
all possible secret keys
The attacker tries to find the plaintext by
decrypting the ciphertext HWDUYTLWFUMD with all
the possible 26 keys.
11
Exhaustive search for RSA
RSA encryption is deterministic (CMe mod n). We
can check whether M is the message of C.
PIN (1205)
C PINe mod n
Internet banking server
An attacker tries to compute from PIN 0000 to
PIN 9999. It takes within several seconds.
12
Bit security
e public key
m message
One-way adversary
Ee(m) cipher text
e public key
mi ith bit of message
One-way bit adversary
Ee(m) cipher text
To break a bit of the message is easier than to
break the whole message.
Semantically secure cryptosystems do not leak any
information about the plaintext.
13
Semantically Secure
(1) Algorithm A1, on input pk, finds two message
m0, m1 (find stage).
m0 message
A1
e public key
m1 message
ciphertext of m0 or m1
encryption cE(mb)
random
(2) Algorithm A2, on input m0, m1, c E(mb),
guesses b (guess stage).
A2
b
14
Alphabets and Words
We identify alphabet (ASCII symbols) with the
number in Zn 0,1,,n-1.
  • Definition 3.4.4, Let S be alphabet.
  • A word or string over S is a finite sequence of
    symbols from S including
  • the empty sequence, which is denoted by e and
    is called the empty string.
  • w is the length of a word w.
  • S is the set of all words over S including the
    empty string.
  • vow is the concatenation of v and w.
  • Sn is the set of all words of length n over S.

An example of a word over S is COLA. The length
of COLA is four. Another word over S is COCA.
The concatenation of COCA and COLA is COCACOLA.
15
Der ASCII-Zeichensatz
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2024 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "Caeser cipher" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!