Recall: Ciphers

A cipher is an algorithm that inputs a plaintext string and outputs a ciphertext string, according to some given key.

Mathematically, a substitution cipher is a one-to-one and onto function on the alphabet set \(X\).

\[ c : X \longrightarrow X \]

Shift and Affine Ciphers

Suppose that a plaintext message is composed from an alphabet set \(X\). If \(c : X \longrightarrow X\) is a one-to-one correspondence, then \(c\) defines a cipher that can be applied to the plaintext. Such a cipher is a substitution cipher.

Examples:

• Shift cipher
• Affine cipher

Brute force attacks

The time required for a brute force attack (trying all the keys) is proportional to the number of possible keys.

Warm-up question: How many different keys are there for the following ciphers on \(\mathbb{Z}_{26}\)?

1. The shift cipher \(x \mapsto x+h\), where \(h\) is a chosen element of \(\mathbb{Z}_{26}\).
2. The affine cipher \(x \mapsto \alpha x + \beta\), where \(\alpha, \beta\) are chosen elements of \(\mathbb{Z}_{26}\).
3. A general substitution cipher \(x \mapsto \sigma(x)\), where \(\sigma\) is a chosen permutation of the elements of \(\mathbb{Z}_{26}\).

Example

Suppose that the following ciphertext is the result of a substitution cipher:

ciphertext

[1] "rwqhthkxebrxihnbkhshlxibkhiirhqviewblhibxbobhwarxioiovmivuvjxbzcobbkoibxeurxsihmabwbrhpkwtxlhejhwauwlrhpobrximxahxebwrvfvklxebrhsveehkawmmwqxeuvelewqivxlrhixejhxbxikhiwmthlvsweuzwobrvbzwoqxmmlxhjwshwemhboijwssxbwoksobovmlhvbribwlhbhksxevbxweczmwbrhqrwsbrhmwbavmmibwaxkibmhbrxschdxmmhlczrxsbrvbrvbrbrhihjwelmwbvelbroiawkboehirvmmsvdhxbipkwukhiibrkwouroivmmewkirvmmvezwaoiphkxirczrxiwqekxurbrvelawkxbqwomlchoeavxkxaqrhebrhkhibvkhuwehiwshcwlzirwomlkhphebvelivthrxsihmabrxipkwpwivmvpphvkhlbwbrhsbwchthkzyoibvelqrherhrvlpkhtvxmhlqxbrbrhsbwlhbhksxehbrxisvbbhkczmwbirhlkhqwehwabrhmwbiawkrxsihmavmiwrhqrwrvlbrhaxkibmwbmvxlrxiehjdcvkhbwrxsbrvbrvlbrhehnbviioppwixeubrvbbrhuhehkvmqwomllxhvsweubrhsxsshlxvbhmzawkbrhzbrwourblhvbrxaywihproisxurbcoblxhqxbrbrhsqviiqhhbhkbrvemxahzhbqvirhqxbrvewbrhkmhabbwbrhmvibqrhbrhkqhsoibivzxbrvpphehliwczjrvejhwkqrhbrhkczbrhpkwtxlhejhwauwlvelvirhqvithkzlhixkwoiehxbrhkbwchjwelhsehlczbrhmwbewkxarhrvlchhemhabbwbrhmvibbwxsckohrxikxurbrvelxebrhcmwwlwarxijwoebkzsherhphkiovlhlrxsbwbkoibrxiaxlhmxbzbwrxsvelbwmxthviqhmmvirxsihma"

Count the letters

letterCounts <- function(txt)
{
  return(sort(table(unlist(strsplit(txt,""))),decreasing=TRUE))
}
letterCounts(ciphertext)

  h   b   r   w   x   i   v   e   k   m   l   s   o   a   q   z   c   p   u   j   t   d   n   y   f 
130 114  94  80  72  71  65  53  50  50  47  34  32  27  24  20  18  17  16  12   9   3   2   2   1 

Assuming that the plaintext is in English, what do you conclude?

Look at digrams

digramTable <- function(txt)
  # returns a table with the numbers of digrams of each possible type
{
  l <- unlist(strsplit(txt,""))
  dgs <- data.frame(l,c(l[2:length(l)],NA))
  names(dgs) <- c("first","second")
  table(dgs)
}

The most common digrams in English are TH HE IN ER AN RE ED ON ES.

Make more substitutions based on digrams

dct <- gsub("r", "H", dct)
dct <- gsub("k", "R", dct)
dct

[1] "HwqEtERxeTHxiEnTREsElxiTREiiHEqviewTlEiTxToTEwaHxioiovmivuvjxTzcoTTRoiTxeuHxsiEmaTwTHEpRwtxlEejEwauwlHEpoTHximxaExeTwHvfvRlxeTHEsveeERawmmwqxeuvelewqivxlHEixejExTxiREiwmtElvsweuzwoTHvTzwoqxmmlxEjwsEwemEToijwssxTwoRsoTovmlEvTHiTwlETERsxevTxweczmwTHEqHwsTHEmwTavmmiTwaxRiTmETHxscEdxmmElczHxsTHvTHvTHTHEiEjwelmwTvelTHoiawRToeEiHvmmsvdExTipRwuREiiTHRwouHoivmmewRiHvmmvezwaoipERxiHczHxiwqeRxuHTHvelawRxTqwomlcEoeavxRxaqHEeTHEREiTvREuweEiwsEcwlziHwomlREpEeTvelivtEHxsiEmaTHxipRwpwivmvppEvRElTwTHEsTwcEtERzyoiTvelqHEeHEHvlpREtvxmElqxTHTHEsTwlETERsxeETHxisvTTERczmwTiHElREqweEwaTHEmwTiawRHxsiEmavmiwHEqHwHvlTHEaxRiTmwTmvxlHxieEjdcvRETwHxsTHvTHvlTHEeEnTviioppwixeuTHvTTHEuEeERvmqwomllxEvsweuTHEsxssElxvTEmzawRTHEzTHwouHTlEvTHxaywiEpHoisxuHTcoTlxEqxTHTHEsqviiqEETERTHvemxaEzETqviHEqxTHvewTHERmEaTTwTHEmviTqHETHERqEsoiTivzxTHvppEeEliwczjHvejEwRqHETHERczTHEpRwtxlEejEwauwlvelviHEqvitERzlEixRwoieExTHERTwcEjwelEseElczTHEmwTewRxaHEHvlcEEemEaTTwTHEmviTTwxscRoEHxiRxuHTHvelxeTHEcmwwlwaHxijwoeTRzsEeHEpERiovlElHxsTwTRoiTHxiaxlEmxTzTwHxsvelTwmxtEviqEmmviHxsiEma"

Make more substitutions ad hoc

See R console.

Check your answer; see the key

letterCounts(ciphertext)
letterCounts(dct)

Types of Attack

A letter-frequency analysis is a Ciphertext only attack.

• Ciphertext only attacks are always possible, because the ciphertext is what gets sent over public channels.
• Known plaintext: If you have the plaintext and the ciphertext, how could you obtain the key?
• Chosen plaintext/ciphertext attack:
  • If you got access to the encryption (or decryption) machine for a substitution cipher, how could you obtain the key?

Passphrase encryption

Some systems, like PassPack, encrypt data using a key based on a passphrase you provide. They don’t store the key/passphrase; they only store the encrypted data, so if you forget your passphrase you are out of luck.

Vigenère cipher

In 1553, Giovan Battista Bellaso published a paper describing a passphrase-based encryption method.

The system was later attributed (falsely) to Blaise de Vigenère, so that’s what everyone calls it now.

Discuss: Think/group/share:

1. How would you decrypt the Vigenère cipher, given the key?
2. Is the Vigenère cipher a substitution cipher? Why or why not?

Step 1: Take a moment to just think about the answers to these questions.

Discuss in groups of 2 or 3

1. How would you decrypt the Vigenère cipher, given the key?
2. Is the Vigenère cipher a substitution cipher? Why or why not?

Step 2: Form groups of 2 or 3 and discuss your thoughts.

Discuss as a large group

1. How would you decrypt the Vigenère cipher, given the key?
2. Is the Vigenère cipher a substitution cipher? Why or why not?

Step 3: Share what we discussed in a large group.

Vigenère cipher in math

Passphrase: A vector \(\mathbf{v} = (k_1, k_2, \ldots, k_n) \in \mathbb{Z}_{26}^n\).

Plaintext: a vector \(\mathbf{p} \in \mathbb{Z}_{26}^{N}\), where \(N\) is the number of characters in the plaintext.

For simplicity, assume that \(N=nk\) for some \(k\). We could then break the plaintext \(\mathbf{p}\) into blocks \(\mathbf{p}_1, \mathbf{p}_2, \ldots, \mathbf{p}_k\), where each of these blocks \(\mathbf{p}_i\) is in \(\mathbb{Z}_{26}^n\).

Then the encryption process is represented by a function \(\mathbb{Z}_{26}^{n} \longrightarrow \mathbb{Z}_{26}^{n}\), given by \[ \mathbf{p}_i \longmapsto \mathbf{p}_i + \mathbf{v} \] where the addition is componentwise, modulo 26.

Terminology

Vigenère cipher in code

stringToMod26 <- function(x) {utf8ToInt(x)-utf8ToInt("a")}
mod26ToString <- function(x) {intToUtf8(x+utf8ToInt("a"))}

vigenere <- function(txt, keyVector)
{
  pt <- stringToMod26(txt)
  suppressWarnings( 
    ct <- (pt + keyVector) %% 26
  )                               
  return(mod26ToString(ct))
}

plaintext <- "thisistheplaintextthatwewouldliketoencryptusingthevigenerecipher"
keyAsVector <- stringToMod26("mypassphrase")
vigenere(plaintext, keyAsVector)

[1] "ffxsakiovpdeuliepliortoiimjlvdxrvtgizagyhljzznyxtckiywclieumbftr"

Written Assignment: Due Wednesday, 11:59pm

Substitution and Vigenère Ciphers