Introduction to Hill cipher



Similar documents
Solutions to Problem Set 1

Hill s Cipher: Linear Algebra in Cryptography

An Introduction to Hill Ciphers Using Linear Algebra

Multiplicative Ciphers. Cryptography of Multiplicative Ciphers

Cryptography and Network Security Department of Computer Science and Engineering Indian Institute of Technology Kharagpur

Number Theory. Proof. Suppose otherwise. Then there would be a finite number n of primes, which we may

K80TTQ1EP-??,VO.L,XU0H5BY,_71ZVPKOE678_X,N2Y-8HI4VS,,6Z28DDW5N7ADY013

Chapter 2 Homework 2-5, 7, 9-11, 13-18, 24. (9x + 2)(mod 26) y 1 1 (x 2)(mod 26) 3(x 2)(mod 26) U : y 1 = 3(20 2)(mod 26) 54(mod 26) 2(mod 26) c

Advanced Cryptography

An Introduction to the RSA Encryption Method

FAREY FRACTION BASED VECTOR PROCESSING FOR SECURE DATA TRANSMISSION

CS 758: Cryptography / Network Security

Cryptography and Network Security Prof. D. Mukhopadhyay Department of Computer Science and Engineering Indian Institute of Technology, Karagpur

Symmetric Key cryptosystem

Introduction To Security and Privacy Einführung in die IT-Sicherheit I

Cryptography and Network Security Prof. D. Mukhopadhyay Department of Computer Science and Engineering Indian Institute of Technology, Kharagpur

Hill Ciphers and Modular Linear Algebra

Question 2: How do you solve a matrix equation using the matrix inverse?

Computer Networks. Network Security 1. Professor Richard Harris School of Engineering and Advanced Technology

Cyber Security Workshop Encryption Reference Manual

Cryptography and Network Security. Prof. D. Mukhopadhyay. Department of Computer Science and Engineering. Indian Institute of Technology, Kharagpur

Security in Distributed Systems. Network Security

IT Networks & Security CERT Luncheon Series: Cryptography

Network Security. Computer Networking Lecture 08. March 19, HKU SPACE Community College. HKU SPACE CC CN Lecture 08 1/23

Public Key Cryptography: RSA and Lots of Number Theory

Use of Linear Algebra in Cryptography

1. Define: (a) Variable, (b) Constant, (c) Type, (d) Enumerated Type, (e) Identifier.

The Advanced Encryption Standard (AES)

Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2010

Network Security: Cryptography CS/SS G513 S.K. Sahay

RSA Encryption. Tom Davis October 10, 2003

Typical Linear Equation Set and Corresponding Matrices

The application of prime numbers to RSA encryption

1 Solving LPs: The Simplex Algorithm of George Dantzig

= = 3 4, Now assume that P (k) is true for some fixed k 2. This means that

Some practice problems for midterm 2

A short primer on cryptography

Lecture 3: One-Way Encryption, RSA Example

RSA and Primality Testing

Public Key Cryptography and RSA. Review: Number Theory Basics

Network Security. Security Attacks. Normal flow: Interruption: 孫 宏 民 Phone: 國 立 清 華 大 學 資 訊 工 程 系 資 訊 安 全 實 驗 室

Network Security. Security. Security Services. Crytographic algorithms. privacy authenticity Message integrity. Public key (RSA) Message digest (MD5)

Sequences. A sequence is a list of numbers, or a pattern, which obeys a rule.

Network Security. HIT Shimrit Tzur-David

Students will operate in pairs and teams of four to decipher and encipher information.

Overview/Questions. What is Cryptography? The Caesar Shift Cipher. CS101 Lecture 21: Overview of Cryptography

Principles of Public Key Cryptography. Applications of Public Key Cryptography. Security in Public Key Algorithms

Applied Cryptography Public Key Algorithms

Mathematics of Internet Security. Keeping Eve The Eavesdropper Away From Your Credit Card Information

CSCE 465 Computer & Network Security

Bits Superposition Quantum Parallelism

Introduction to Encryption

Cryptography Exercises

Caesar Ciphers: An Introduction to Cryptography

Cryptography and Network Security Chapter 9

AC76/AT76 CRYPTOGRAPHY & NETWORK SECURITY DEC 2014

Enhancing Advanced Encryption Standard S-Box Generation Based on Round Key

IJESRT. [Padama, 2(5): May, 2013] ISSN:

Cryptography and Network Security Prof. D. Mukhopadhyay Department of Computer Science and Engineering Indian Institute of Technology, Kharagpur

Homework 2. A 4*4 image with 16 pixels Borders unaltered. Color of B2 = Average color of (B1,A2,B3,C2) A1 A2 A3 A4 B1 B2 B3 B4 C1 C2 C3 C4 D1 D2 D3 D4

8 Primes and Modular Arithmetic

Cryptography and Network Security Block Cipher

CS 4476/5413 Lecture Notes INTRODUCTION TO NETWORK SECURITY. Ruizhong Wei. Department of Computer Science Lakehead University

Forward Secrecy: How to Secure SSL from Attacks by Government Agencies

CSE331: Introduction to Networks and Security. Lecture 20 Fall 2006

SAMPLE EXAM QUESTIONS MODULE EE5552 NETWORK SECURITY AND ENCRYPTION ECE, SCHOOL OF ENGINEERING AND DESIGN BRUNEL UNIVERSITY UXBRIDGE MIDDLESEX, UK

Factoring A Quadratic Polynomial

A PPENDIX G S IMPLIFIED DES

SYSTEMS OF EQUATIONS AND MATRICES WITH THE TI-89. by Joseph Collison

1.4. Arithmetic of Algebraic Fractions. Introduction. Prerequisites. Learning Outcomes

CrypTool Claudia Eckert / Thorsten Clausius Bernd Esslinger / Jörg Schneider / Henrik Koy

Overview of Symmetric Encryption

Modes of Operation of Block Ciphers

CHAPTER 5. Number Theory. 1. Integers and Division. Discussion

Design and Verification of Area-Optimized AES Based on FPGA Using Verilog HDL

Solving simultaneous equations using the inverse matrix

1 Data Encryption Algorithm

Operation Count; Numerical Linear Algebra

Table of Contents. Bibliografische Informationen digitalisiert durch

The Advanced Encryption Standard: Four Years On

Diffusion and Data compression for data security. A.J. Han Vinck University of Duisburg/Essen April 2013

Application Layer (1)

Overview of Cryptographic Tools for Data Security. Murat Kantarcioglu

An Efficient Data Security in Cloud Computing Using the RSA Encryption Process Algorithm

SECURITY EVALUATION OF ENCRYPTION USING RANDOM NOISE GENERATED BY LCG

Chapter 3. if 2 a i then location: = i. Page 40

CIS433/533 - Computer and Network Security Cryptography

Message Authentication Code

ECE 842 Report Implementation of Elliptic Curve Cryptography

Tom wants to find two real numbers, a and b, that have a sum of 10 and have a product of 10. He makes this table.

Effective Secure Encryption Scheme [One Time Pad] Using Complement Approach Sharad Patil 1 Ajay Kumar 2

Basic Algorithms In Computer Algebra

CIS 6930 Emerging Topics in Network Security. Topic 2. Network Security Primitives

Cryptographic hash functions and MACs Solved Exercises for Cryptographic Hash Functions and MACs

A New Efficient Digital Signature Scheme Algorithm based on Block cipher

Here are some examples of combining elements and the operations used:

Application Layer (1)

Cryptography Worksheet Polybius Square

Transcription:

Introduction to Hill cipher We have explored three simple substitution ciphers that generated ciphertext C from plaintext p by means of an arithmetic operation modulo 26. Caesar cipher: The Caesar cipher is an additive cipher. C = p + ( key)mod 26. The number of keys is 26 one of which produces plaintext. Decryption is accomplished by adding the additive inverse of the key to ciphertext p = C + ( key)mod 26. Multiplicative cipher: C = ( key) p mod 26. The number of keys is 12 one of which produces plaintext. Decryption is accomplished by multiplying ciphertext by the multiplicative inverse of the key p = C ( key) 1 mod 26. Affine cipher: The affine cipher composes the multiplicative cipher and the Caesar cipher. (We will do the multiplicative cipher first and the Caesar cipher second.) C = ( multiplicative key) p + ( additive key)mod 26. The number of keys is 12 26 = 312 -- one of which produces plaintext. Each of these can be attacked by frequency analysis each ciphertext letter inherits all the frequency characteristics of the plaintext letter it replaces. It is easy to spot high frequency letters (e, t, a, o, i, n, s). a standard guess if that the highest frequency ciphertext letter corresponds to plaintext e and the next highest to plaintext t. For the Caesar cipher or the multiplicative cipher, it is only necessary to know one plaintext/cipehrtext correspondence (e?) to solve for the key. For the affine cipher, only two plaintext/ciphertext correspondences are necessary to multiplicative key, additive key. A bit of trial and error solve for the keypair ( ) usually produces the key. One way to destroy the value of frequency analysis is to encrypt a string of letters as one block.

Here is an additive cipher that encrypts a block of four letters. Our plaintext messages split into blocks of four is n o r t h e r n k e n t u c k y Numbers are substituted for letters by a = 1, b = 2,, z = 26. n o r t h e r n k er n t u c k y 14 15 18 20 8 5 18 14 11 5 14 20 21 3 11 25 The key adds to each component of the block thought of as a column vector component-wise. For example, if the key were The block nort encrypts as QJAK. Our message encrypts as: 3 21 : 9 17 n 14 3 17 Q o 15 21 10 J + = mod 26 r 18 9 1 A t 20 17 11 K n o r t h e r n k e n t u c k y Q J A K K Z A E N Z W K X X T P Decryption is accomplished by adding the additive inverse of the (vector) key to the ciphertext. 3 21 + 9 17 plaintext CIPHERTEXT 23 5 + 17 9 4 To encrypt a four-letter block, the key is a 4 1 matrix. There are 26 = 456076 possible keys one of which produces plaintext.

If we know one plaintext/ciphertext block correspondence, we can solve for the key. This additive cipher is not truly a block cipher because changing one plaintext letter of a plaintext block changes only one letter of the corresponding ciphertext block. A multiplicative cipher using matrices produces a true block cipher. Consider and our message encrypts as 5 6 4 1 14 n 18 2 1 0 3 15 o 25 = 1 8 9 2 18 r 24 2 4 6 7 20 t 24 R Y mod 26 X X n o r t h e r n k e n t u c k y R Y X X Z X D H E I I F J P L I Changing one letter of the plaintext block can change the entire ciphertext block because matrix multiplication mixes plaintext. Each plaintext letter is used in the calculation of each ciphertext letter. Claude Shannon in his 1949 paper Communications Theory of Secrecy Systems called this property diffusion. Recall that for our simple substitution multiplicative cipher not all of the elements of the integers modulo 26 (i.e., 1, 2,, 26) could be used as keys. That is because only those 12 elements that are relatively prime to 26 have multiplicative inverses modulo 26 (1, 3, 5, 7, 9, 11, 15, 17, 19, 21, 23, 25). A similar problem arises here; not all 4 4matrices can be used as multiplicative encryption keys. Recall that a matrix has an inverse if and only if its determinant has an inverse. For the integers modulo 26 that means that a matrix can be a multiplicative key if and only if its determinant is one of 1, 3, 5, 7, 9, 11, 15, 17, 19, 21, 23, or 25. For the key above, the determinant is 23. The method that we have just described is called the Hill cipher. It was described in a 1929 paper Cryptography in an algebraic alphabet by Lester S. Hill, who was a member of the mathematics faculty of Hunter College in New York City. The paper appeared in The American Mathematical Monthly.

Notice that if four four-block plaintext/ciphertext correspondences are known, then the resulting system of linear equations can be solved for the 16 entries in the encryption key. How many encryption keys are there? For our example, there are 16 26 = 43,608,742,899,428,874,059,776 4 4matrices. The number of invertible matrices can be determined using results found in a paper that appeared in Cryptologia in January 2005 by Overby, Traves, and Wojdylo On the keyspace of the Hill cipher. For 4 4matrices there are possible keys. 12,303,585,972,327,392,870,400 In a 1931 paper also in the Monthly Hill extends his ideas. He suggests using involutory (self-inverse) matrices as keys. This severely restricts the size of the keyspace. (See the paper by Overby, Traves, and Wojdylo.) Why would Hill suggest involutory keys? The answer is that the calculation of the key inverse from the key is burdensome. Recall how the inverse of a matrix is constructed. Here is an example using a 2 2 encryption key. Say, the encryption key is 9 4 5 7. It is easy to verify that d b 1 a b ad bc ad bc c d =. c a ad bc ad bc

a Notice that to calculate the inverse of the matrix c b we must be able to divide d a b by the determinant of = ad bc; i.e., we must have a multiplicative inverse c d for the determinant ad bc. Because we are working modulo 26, that means that the determinant ad bc must be one of 1, 3, 5, 7, 9, 11, 15, 17, 19, 21, 23, or 25. Otherwise, the multiplication cannot be undone; encryption cannot be undone. 9 4 The determinant of 5 7 is 9 7 4 5 = 63 20 = 43 17mod 26. Because 17 has a multiplicative inverse modulo 26, this matrix has an inverse. The inverse of the matrix is 7 4 17 17 mod 26. 5 9 17 17 Dividing by 17 modulo 26 is the same as multiplying by the multiplicative inverse of 17 modulo 26. Recall that the multiplicative inverse of 17 is 23 modulo 26. So, the inverse of the matrix is 7 4 17 17 7 23 4 23 mod 26 = mod 26 5 9 5 23 9 23 17 17 161 92 5 12 = mod 26 = mod 26 115 207 15 25

9 4 For the encryption key 5 7 the decryption key is 5 12 15 25. 9 4 5 7 plaintext CIPHERTEXT 5 12 15 25 Calculating the determinant of an n n matrix with n > 2 and is more difficult, and calculating the inverse of an n n matrix with n > 2 differs from calculating the inverse of a 2 2 matrix. In his 1931 paper, Hill also extended his ideas to affine encryption. For example, Y1 3 7 x1 8 Y = + 4 11 x 3 2 2 Where the plaintext block is xx 1 2and the ciphertext block is YY 1 2.

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information