Cryptography Reference
In-Depth Information
Although there is no simple answer to this question, an important observation
is that as the number of ciphertext letters increases, the number of possible
plaintexts that could have resulted in that ciphertext must decrease. At some
point this number will decrease to the point where only one plaintext is possible.
The obvious question is:
how many letters do we need before only one plaintext is
possible?
For the Simple Substitution Cipher applied to English plaintexts, this number
is usually regarded as being around 28 ciphertext letters. This means that:
1. If we have significantly less than 28 ciphertext letters then there are probably
many meaningful plaintexts that could have resulted in the ciphertext.
2. As we approach 28 ciphertext letters then the number of possible meaningful
plaintexts that could have resulted in the ciphertext steadily decreases.
3. Once we have 28 ciphertext letters we can be fairly sure that there is only one
meaningful plaintext that could have resulted in the ciphertext.
4. If we have hundreds of ciphertext letters then it is virtually a certainty that there
is only one meaningful plaintext that results in the ciphertext.
PRACTICE: STATISTICAL INFORMATION
Our previous discussion is all about what is possible in theory. It does not
necessarily tell us about what can happen in practice. If we have 28 ciphertext
characters generated by a Simple Substitution Cipher with underlying plaintext
language English, then there is probably only one possible plaintext that could
have resulted in this ciphertext. But can it be found in practice?
The answer is, frustratingly, probably not. The effectiveness of letter frequency
analysis increases with the amount of ciphertext available, but 28 letters is generally
not enough statistical information. In practice, some people suggest that, for
English plaintexts, at least 200 ciphertext letters are needed in order to be fairly
confident that the letter frequency statistics will be reliable enough to conduct an
effective letter frequency analysis, although it will often work with fewer letters
than this.
THE GAP BETWEEN THEORY AND PRACTICE
There is thus a significant 'gap' between theory and practice. If we have between
28 and 200 ciphertext characters then there will almost certainly only be one
meaningful plaintext that results in the target ciphertext, but it will probably be
difficult to determine. The situation we have just discussed is summarised in
Table 2.2.
This type of discussion will not prove particularly useful in our exploration of
modern cryptosystems. Nor will we be discussing monoalphabetic ciphers in the
remainder of this topic, although it should be noted that
substitution
is widely
used as a component of modern cryptographic algorithms. The point in having
this discussion is to demonstrate that sometimes there is a significant gap between
the theory of cryptanalysis and the practice of breaking cryptosystems. In this case,
