Jumat, 12 April 2013

Model of Conventional Cryptosystem

The following figure, which is on the next page, illustrates the conventional encryption process. The original “plaintext” is converted into apparently random nonsense, called “ciphertext”. The encryption process consists of an algorithm and a key. The key is a value independent of the plaintext. The algorithm will produce a different output depending on the specific key being used at the time. Changing the key changes the output of the algorithm, i.e., the ciphertext.

Once the ciphertext is produced, it may be transmitted. Upon reception, the ciphertext can be transformed back to the original plaintext by using a decryption algorithm and the same key that was used for encryption.





Figure. 1:      Model of Conventional Cryptosystem


The security of conventional encryption depends on several factors:

  • The Encryption Algorithm- It must be powerful enough that it is impractical to decrypt a message on the basis of the ciphertext alone
  • Secrecy of the key- It was shown that the security of conventional encryption depends on the secrecy of the key, not the secrecy of the algorithm.

    Referring to Fig. 1 above, with the message X and the encryption key K as input, the encryption algorithm forms the ciphertext.

    Y=Ek (X)

    The intended receiver, in possession of the key is able to invert the transformation
    X=Dk (Y)
    An opponent, observing Y but not having access to K or X, may attempt to recover X or K or both X and K. It is assumed that the opponent knows the encryption (E) and decryption (D) algorithms. If the opponent is interested in only this particular message, then the focus of the effort is to recover X by generating a plaintext estimate X^. Often, however, the opponent is interested in being able to read future messages as well, in which case an attempt is made to recover K by generating an estimate K^.

    2.3-2   Cryptanalysis

    The process of attempting to discover X or Y or both is known as cryptanalysis. The strategy used by the cryptanalysis depends on the nature of the encryption scheme and the information available to the cryptanalyst.

    The following table summarizes the various types of cryptanalytic attacks based on the amount of information known to the cryptanalyst.

    What is Cryptanalysis ?
    Cryptanalysis
    • Process of attempting to discover X or K or both
    • Various types of cryptanalytic attacks
     

    Cryptanalysis is the study of taking encrypted data, and trying to unencrypt it without use of the key. The other side of cryptography, it is used to break codes by finding weaknesses within them. In addition to being used by hackers with bad intentions, this discipline is also often used by the military. It is also appropriately used by designers of encryption systems to find, and subsequently correct, any weaknesses that may exist in the system under design.
    There are several types of attacks that a cryptanalyst may use to break a code, depending on how much information he or she has. A ciphertext-only attack is one where the analyst has a piece of ciphertext (text that has already been encrypted), with no plaintext (unencrypted text). This is probably the most difficult type of cryptanalysis, and calls for a bit of guesswork. In a known-plaintext attack, the analyst has both a piece of ciphertext and the corresponding piece of plaintext.
    Other types of attacks may involve trying to derive a key through trickery or theft, such as in the “man-in-the-middle” attack. In this method, the cryptanalyst places a piece of surveillance software in between two parties that communicate. When the parties’ keys are exchanged for secure communication, they exchange their keys with the attacker instead of each other.
    The ultimate goal of the cryptanalyst is to derive the key so that all ciphertext can be easily deciphered. A brute-force attack is one way of doing so. In this type of attack, the cryptanalyst tries every possible combination until the correct key is identified. Although using longer keys make the derivation less statistically likely to be successful, faster computers continue to make brute-force attacks feasible. Networking a set of computers together in a grid combines their strength, and their cumulative power can be used to break long keys. The longest keys used, 128-bit keys, remain the strongest, and less likely to be subject to this type of attack.
    At its core, cryptanalysis is a science of mathematics, probability, and fast computers. Cryptanalysts also usually require some persistence, intuition, guesswork and some general knowledge of the target. The field also has an interesting historical element; the famous Enigma machine, used by the Germans to send secret messages, was ultimately cracked by members of the Polish resistance and transferred to the British.
    What is Encryption algorithm And Decryption algorithm ?
    Encryption algorithm
    A key string is written parallel along with the plaintext. If the end of the key is reached, the key string is continued by repeating the key. This is continued toll the last plaintext character is reached. If you encounter a non-uppercase plaintext character, do not use the character from the key string, just skip that plaintext character and proceed to the next plaintext character. In other words, the non-uppercase plaintext character appears as it is in the ciphertext too. Let Pt and Kt be the uppercase characters in the plaintext and key-string respectively. Using the ASCII values of the characters Pt and Kt and the integer Vignere table to find the row index I that is mapped to the ASCII value of character Pt and the column index j that is mapped to the ASCII value of character Kt. Then the ciphertext character Ct would be simply the character whose ASCII value is mapped to integer entry in the cell [i, j].

    Decryption algorithm
    A key string is written parallel along with the ciphertext. If the end of the key is reached, the key string is continued by repeating the key. This is continued toll the last ciphertext character is reached. If you encounter a non-uppercase ciphertext character, do not use the character from the key string, just skip that ciphertext character and proceed to the next ciphertext character. In other words, the nonuppercase ciphertext character appears as it is in the plaintext too. Let Ct and Kt be the uppercase ciphertext character and the uppercase character part of the key-string respectively. Use the integer Vignere table to find the row index i that is mapped to the ASCII value of character Kt. In this row, find the cell that has the integer mapped to the ASCII value of character Ct. If such a cell is [i, j], the plaintext character Pt is the uppercase character whose ASCII value is mapped to the column index j

Tidak ada komentar:

Posting Komentar