Skip to main content

Introduction

Kerckhoff's Principle

Kerckhoff's Principle is a fundamental concept in the field of cryptography and security systems, articulated by the 19th-century Dutch cryptographer Auguste Kerckhoff. The core idea of this principle is that the security of a cryptographic system should not depend on the secrecy of the algorithm, but rather on the secrecy of the key used with the algorithm. According to Kerckhoff, a cryptographic system should be secure even if everything about the system, except the key, is public knowledge. This principle has profound implications for the design of encryption algorithms and systems. It encourages the development of cryptographic systems that are robust and can withstand scrutiny, as opposed to relying on obscurity for security. This concept is foundational in modern cryptography, influencing practices such as open-source cryptography, where algorithms are made public for evaluation and scrutiny, ensuring their robustness and security.

Plaintext and Ciphertext

Plaintext refers to the original, readable, and unencrypted message or data. It's the information that needs to be protected or secured through encryption to prevent unauthorized access or interception.

When plaintext is subjected to encryption using cryptographic algorithms, it transforms into ciphertext, which is the encrypted and unreadable form of the original message.

Note: For some ciphers, the ciphertext is the same size as the plaintext; for some others, the ciphertext is slightly longer. However, ciphertext can never be shorter than plaintext.

Example of Plaintext and corresponding Ciphertext

Plaintext:
I shall be telling this with a sigh
Somewhere ages and ages hence:
Two roads diverged in a wood, and
I took the one less traveled by,
And that has made all the difference

Ciphertext:
M wlepp fi xippmrk xlmw amxl e wmkl
Wsqialivi ekiw erh ekiw lirgi:
Xas vsehw hmzivkih mr e assh, erh
M xsso xli sri piww xvezipih fc,
Erh xlex lew qehi epp xli hmjjivirgi

Cipher

A Cipher is an algorithm for performing encryption or decryption—a series of well-defined steps that can be followed as a procedure.

Mathematically:

A Cipher defined over (K,M,C)(\mathcal{K},\mathcal{M},\mathcal{C}) is a pair of “efficient” algorithms E(.)\textit{E}(.) and D(.)\textit{D}(.) where

E:K×MC and D:K×CMs.tmM,kK:D(k,E(k,m))=m.\textit{E}:\mathcal{K} \times \mathcal{M} \rightarrow \mathcal{C} \text{ and } \textit{D}:\mathcal{K} \times \mathcal{C} \rightarrow \mathcal{M}\hspace{5px}s.t \hspace{5px} \forall m \in \mathcal{M},\hspace{3px}k \in \mathcal{K}:\hspace{3px}\textit{D}(k,\textit{E}(k,m))=m.

D(k,E(k,m))=m\textit{D}(k,\textit{E}(k,m))=m is known as correctness requirement.

Notations:

m:m: Plaintext
E:\textit{E}: Encryption algorithm, often randomized
D:\textit{D}: Decryption algorithm, always deterministic
k:k: Key
E(k,m):\textit{E}(k,m): Ciphertext
K:\mathcal{K}: Key space
M:\mathcal{M}: Message (plaintext) space
C:\mathcal{C}: Ciphertext space

Symmetric Ciphers

Symmetric ciphers are cryptographic algorithms that use the same key for both encryption and decryption of data. This means that the sender and the receiver must have access to the same secret key.

Substitution Ciphers

In its simplest form, this cipher replaces each letter of the plaintext with another letter. For example, every 'A' in the plaintext might be replaced with 'D', every 'B' might be replaced with 'E', and so on. Two common substitution ciphers are Caeser Cipher and Vigenère Cipher.

Caesar Cipher

One of the earliest and simplest forms of substitution cipher, named after Julius Caesar, who reportedly used it. It involves "shifting" the alphabet a certain number of places down or up. For example, with a shift of 3, 'A' would be replaced by 'D', 'B' would become 'E', and so forth.

Here is an example with a shift of 3

Plaintext:
Out of the night that covers me,
Black as the pit from pole to pole,
I thank whatever gods may be
For my unconquerable soul.

Ciphertext:
Rxw ri wkh qljkw wkdw fryhuv ph,
Eodfn dv wkh slw iurp sroh wr sroh,
L wkdqn zkdwhyhu jrgv pdb eh
Iru pb xqfrqtxhudeoh vrxo.

The Caesar cipher is inherently limited in its security due to its small key space of just 25 possible shifts, not counting the non-effective shift of 0. Such a limited range of options makes it highly susceptible to brute-force attacks, where an attacker systematically tests each possible key. Additionally, the cipher's fundamental flaw lies in its preservation of letter frequency. In languages such as English, certain letters and letter pairs occur with notable regularity. This characteristic allows an attacker to perform frequency analysis on the ciphertext, comparing the observed frequencies to those typically found in the language, thereby revealing the shift used in the encryption. This predictable vulnerability significantly undermines the cipher's effectiveness against even basic cryptanalytic efforts.

Vigenère Cipher

The Vigenère cipher is a method of encrypting alphabetic text by using a simple form of polyalphabetic substitution. It's a significant advancement from simple monoalphabetic ciphers like the Caesar cipher. The key features of the Vigenère cipher are the following:

  • Polyalphabetic Substitution: Unlike monoalphabetic ciphers that use a single substitution for all letters, the Vigenère cipher uses multiple substitutions at different positions in the message, making it much more secure against basic frequency analysis.

  • Key: The Vigenère cipher uses a keyword, where each letter of the keyword refers to a shift used in the substitution process. The keyword is repeated or truncated as needed to fit the length of the plaintext.

  • Tabula Recta: The cipher is often depicted using a Vigenère square or Vigenère table, known as a "tabula recta," which consists of the alphabet written out 26 times in different rows, each alphabet shifted cyclically to the left compared to the previous alphabet.

  • Encryption Process:

    • The plaintext is written out.
    • The keyword is written below the plaintext, repeated as often as necessary.
    • Each letter of the plaintext is shifted along the alphabet by a number of places defined by the corresponding letter in the keyword. For example, if the plaintext letter is 'B', and the keyword letter is 'E', the ciphertext letter would be 'F', because 'E' is the fifth letter of the alphabet, so the shift is by 4 places.
  • Decryption Process: The receiver, who knows the keyword, can perform the reverse process. Each letter of the ciphertext is shifted back through the alphabet by the number defined by the corresponding letter in the keyword.

  • Security: The Vigenère cipher was considered secure for many centuries, but it can be broken, especially when the length of the keyword is known or can be guessed. Techniques like Kasiski examination or Friedman test can be used to estimate the keyword length.

  • Historical Context: Named after Blaise de Vigenère, a 16th-century French diplomat, the cipher has a rich history in cryptography. Despite its name, it was actually developed by Giovan Battista Bellaso.

The Vigenère cipher represents an important step in the development of modern cryptography and is a classic example used in teaching the concepts of encryption.

Question: What is the size of key space in the Vigenère cipher assuming the keyword has 26 letters?

CT-Only Attack

A "Ciphertext-Only Attack" (CT-Only Attack) refers to a scenario where an attacker attempts to decrypt a message based solely on having access to the ciphertext, without any knowledge of the corresponding plaintext or the encryption key. This type of attack is one of the most basic and challenging forms of cryptanalysis, as the attacker has very limited information to work with.