Modern Cryptanalysis - Semantic Scholar
Modern Cryptanalysis Techniques for Advanced Code Breaking Christopher Swenson
® WILEY
Wiley Publishing, Inc.
Contents
Acknowledgments
ix xix
Introduction Chapter 1
Simple Ciphers Monoalphabetic Ciphers Keying Keyed Alphabets ROT13 Klingon Polyalphabetic Ciphers Vigenere Tableau Transposition Ciphers Columnar Transpositions Double Columnar Transpositions Cryptanalysis Breaking Monoalphabetic Ciphers Frequency Analysis Index of Coincidence Other Issues Breaking Polyalphabetic Ciphers Breaking Columnar Transposition Ciphers Breaking Double Columnar Transposition Ciphers Summary Exercises
1 2 4 4 5 6 7 7 9 9 10 11 11 11 12 15 15 18 21 23 23
Chapter 2
Number Theoretical Ciphers Probability Permutations and Choices
25 25 26
xiii
xiv
Contents
Chapter 3
Dependence Fun with Poker The Birthday Paradox Cryptographic Hashes Number Theory Refresher Course Divisibility and Prime Numbers Congruences Algebra Refresher Course Definitions Finite Field Inverses Factoring-Based Cryptography The RSA Algorithm Discrete Logarithm-Based Cryptography The Diffie-Hellman Algorithm Elliptic Curves Addition of Points Elliptic Curve Cryptography Elliptic Curve Diffie-Hellman Summary Exercises
27 28 32 37 38 39 39 43 43 46 49 49 51 51 52 53 57 59 59 59
Factoring and Discrete Logarithms Factorization Algorithm Theory Notation A Crash Course in Python Exponential Factoring Methods Brute-Force Analysis Fermat's Difference of Squares Analysis of Fermat's Difference of Squares Pollard's p Analysis of Pollard's p Pollard's p - 1 Analysis of Pollard's p — 1 Square Forms Factorization Analysis of SQUFOF Elliptic Curve Factorization Method Analysis ofECM Subexponential Factoring Methods Continued Fraction Factorization Analysis of CFRAC Sieving Methods Discrete Logarithms Brute-Force-Methods Baby-Step Giant-Step Method Baby-Step Giant-Step Analysis
61 61 62 64 65 67 68 69 70 72 71 73 75 75 76 77 77 78 78 79 80 80 81 82 82 83
Contents PoUard's p for Discrete Logarithms Analysis of PoUard's p for Discrete Logarithms PoUard's X for Discrete Logarithms Analysis of PoUard's X Index Calculus Mcthod Summary Exercises
Chapter 4
Block Ciphers Operations on Bits, Bytes, Words Operations Code Product Ciphers Substitutions and Permutations S-Box P-Box Shift Registers Substitution-Permutation Network EASY1 Cipher Python Implementation Feistel Structures DES DES Key Schedule DES Round Function Triple DES DESX FEAL S-function Key-Generating Function: f^ Round Function: f Key Scheduling Blowfish Blowfish Key Schedule Blowfish Algorithm Blowfish Round Function Notes on Blowfish AES / Rijndael Rijndael Encryption Algorithm SubBytes ShiftRows MixColumns AddRoundKey Rijndael Decryption Algorithm Key Expansion Notes on Rijndael Block Cipher Modes Electronic Code Book
83 85 85 86 86 86 87 91 92 93 95 95 96 96 98 100 100 102 102 106 110 111 111 112 113 114 114 116 117 119 120 120 121 121 122 122 123 124 125 125 127 127 128 129 129 129
xv
xvi
Contents Cipher Block Chaining Cipher Feedback Output Feedback Counter Mode Skipjack Skipjack Encryption Algorithm Skipjack Decryption Algorithm Permutations Message Digests and Hashes Checksums Cyclic Redundancy Checks MD5 SHA-1 Random Number Generators Bias Linear Congruential Random Number Generator One-Time Päd Summary Exercises
131 132 133 134 134 134 136 136 136 139 139 140 141 143 143 144 145 147 147
Chapter 5
General Cryptanalytic Methods Brute-Force Time-Space Trade-offs Meet-in-the-Middle Attack Hellman Time-Space Trade-off Time-Space Trade-off Success Flaws Multi-Table Trade-off Rivest's Distinguished Endpoints Rainbow Tables Advantages of Rainbow Tables Microsoft LAN Manager Password Hash Slide Attacks Slide Attacks on Feistel Ciphers Advanced Slide Attacks Cryptanalysis of Hash Functions Cryptanalysis of Random Number Generators Summary Exercises
149 150 151 151 153 154 155 155 156 156 157 158 158 160 161 162 163 165 165
Chapter 6
Linear Cryptanalysis Overview Matsui's Algorithms Linear Expressions for S-Boxes Matsui's Piling-up Lemma Easyl Cipher Linear Expressions and Key Recovery
167 168 169 171 174 175 179
Contents Linear Cryptanalysis of DES Multiple Linear Approximations Finding Linear Expressions Linear Cryptanalysis Code Summary Exercises
181 184 185 187 191 192
Differential Cryptanalysis
195 195 196 197 200 202 203 206 207 207 210 211 212 214 216 217 220 222 223 224 225 226 226
Overview Notation S-Box Differentials Combining S-Box Characteristics Key Derivation Differential Cryptanalysis Code Differential Cryptanalysis of Feistel Ciphers Differential Cryptanalysis of FEAL Differential Cryptanalysis of DES Analysis Differential-Linear Cryptanalysis Conditional Characteristics Higher-Order Differentials Truncated Differentials Impossible Differentials Boomerang Attack Interpolation Attack Related-Key Attack Related-Key Attack on GOST Related-Key Attack on 3DES Summary Exercises Index
229
xvii
® WILEY
Wiley Publishing, Inc.
Contents
Acknowledgments
ix xix
Introduction Chapter 1
Simple Ciphers Monoalphabetic Ciphers Keying Keyed Alphabets ROT13 Klingon Polyalphabetic Ciphers Vigenere Tableau Transposition Ciphers Columnar Transpositions Double Columnar Transpositions Cryptanalysis Breaking Monoalphabetic Ciphers Frequency Analysis Index of Coincidence Other Issues Breaking Polyalphabetic Ciphers Breaking Columnar Transposition Ciphers Breaking Double Columnar Transposition Ciphers Summary Exercises
1 2 4 4 5 6 7 7 9 9 10 11 11 11 12 15 15 18 21 23 23
Chapter 2
Number Theoretical Ciphers Probability Permutations and Choices
25 25 26
xiii
xiv
Contents
Chapter 3
Dependence Fun with Poker The Birthday Paradox Cryptographic Hashes Number Theory Refresher Course Divisibility and Prime Numbers Congruences Algebra Refresher Course Definitions Finite Field Inverses Factoring-Based Cryptography The RSA Algorithm Discrete Logarithm-Based Cryptography The Diffie-Hellman Algorithm Elliptic Curves Addition of Points Elliptic Curve Cryptography Elliptic Curve Diffie-Hellman Summary Exercises
27 28 32 37 38 39 39 43 43 46 49 49 51 51 52 53 57 59 59 59
Factoring and Discrete Logarithms Factorization Algorithm Theory Notation A Crash Course in Python Exponential Factoring Methods Brute-Force Analysis Fermat's Difference of Squares Analysis of Fermat's Difference of Squares Pollard's p Analysis of Pollard's p Pollard's p - 1 Analysis of Pollard's p — 1 Square Forms Factorization Analysis of SQUFOF Elliptic Curve Factorization Method Analysis ofECM Subexponential Factoring Methods Continued Fraction Factorization Analysis of CFRAC Sieving Methods Discrete Logarithms Brute-Force-Methods Baby-Step Giant-Step Method Baby-Step Giant-Step Analysis
61 61 62 64 65 67 68 69 70 72 71 73 75 75 76 77 77 78 78 79 80 80 81 82 82 83
Contents PoUard's p for Discrete Logarithms Analysis of PoUard's p for Discrete Logarithms PoUard's X for Discrete Logarithms Analysis of PoUard's X Index Calculus Mcthod Summary Exercises
Chapter 4
Block Ciphers Operations on Bits, Bytes, Words Operations Code Product Ciphers Substitutions and Permutations S-Box P-Box Shift Registers Substitution-Permutation Network EASY1 Cipher Python Implementation Feistel Structures DES DES Key Schedule DES Round Function Triple DES DESX FEAL S-function Key-Generating Function: f^ Round Function: f Key Scheduling Blowfish Blowfish Key Schedule Blowfish Algorithm Blowfish Round Function Notes on Blowfish AES / Rijndael Rijndael Encryption Algorithm SubBytes ShiftRows MixColumns AddRoundKey Rijndael Decryption Algorithm Key Expansion Notes on Rijndael Block Cipher Modes Electronic Code Book
83 85 85 86 86 86 87 91 92 93 95 95 96 96 98 100 100 102 102 106 110 111 111 112 113 114 114 116 117 119 120 120 121 121 122 122 123 124 125 125 127 127 128 129 129 129
xv
xvi
Contents Cipher Block Chaining Cipher Feedback Output Feedback Counter Mode Skipjack Skipjack Encryption Algorithm Skipjack Decryption Algorithm Permutations Message Digests and Hashes Checksums Cyclic Redundancy Checks MD5 SHA-1 Random Number Generators Bias Linear Congruential Random Number Generator One-Time Päd Summary Exercises
131 132 133 134 134 134 136 136 136 139 139 140 141 143 143 144 145 147 147
Chapter 5
General Cryptanalytic Methods Brute-Force Time-Space Trade-offs Meet-in-the-Middle Attack Hellman Time-Space Trade-off Time-Space Trade-off Success Flaws Multi-Table Trade-off Rivest's Distinguished Endpoints Rainbow Tables Advantages of Rainbow Tables Microsoft LAN Manager Password Hash Slide Attacks Slide Attacks on Feistel Ciphers Advanced Slide Attacks Cryptanalysis of Hash Functions Cryptanalysis of Random Number Generators Summary Exercises
149 150 151 151 153 154 155 155 156 156 157 158 158 160 161 162 163 165 165
Chapter 6
Linear Cryptanalysis Overview Matsui's Algorithms Linear Expressions for S-Boxes Matsui's Piling-up Lemma Easyl Cipher Linear Expressions and Key Recovery
167 168 169 171 174 175 179
Contents Linear Cryptanalysis of DES Multiple Linear Approximations Finding Linear Expressions Linear Cryptanalysis Code Summary Exercises
181 184 185 187 191 192
Differential Cryptanalysis
195 195 196 197 200 202 203 206 207 207 210 211 212 214 216 217 220 222 223 224 225 226 226
Overview Notation S-Box Differentials Combining S-Box Characteristics Key Derivation Differential Cryptanalysis Code Differential Cryptanalysis of Feistel Ciphers Differential Cryptanalysis of FEAL Differential Cryptanalysis of DES Analysis Differential-Linear Cryptanalysis Conditional Characteristics Higher-Order Differentials Truncated Differentials Impossible Differentials Boomerang Attack Interpolation Attack Related-Key Attack Related-Key Attack on GOST Related-Key Attack on 3DES Summary Exercises Index
229
xvii
