Cryptography Reference
In-Depth Information
We know from Section 2.1.1 that the Caesar Cipher is easy to break. The
problem facing the attacker is that they do not know which Caesar Ciphers are
being used for which plaintext letter positions. This is because the attacker does
not know the keyword. However, observe that if the attacker learns the
length
of the keyword then they will at least know which positions the
same
Caesar
Cipher is being used, even if they do not know which key is being used for each
position. In our example, if the attacker learns that the keyword has length three,
then they will know that one Caesar Cipher is being used to encrypt the plaintext
letters in positions 1, 4, 7, 10, 13 and 16, a second is being used for positions
2, 5, 8, 11 and 14, and a third for positions 3, 6, 9, 12 and 15. The attacker
can then:
1. divide the Vigenère Cipher ciphertext into a sequence of component Caesar
Cipher ciphertexts, one sequence corresponding to each letter of
the
keyword;
2. break each of the component Caesar Cipher ciphertexts individually, using
single letter frequency analysis (assuming that there is sufficient length of
ciphertext to render this effective);
3. put the component plaintexts obtained in the last step back together in
sequence, to obtain the plaintext for the Vigenère Cipher.
This attack is depicted in Figure 2.6, where the ciphertext from the example in
Figure 2.5 is split into three rows, based on the knowledge that the length of
the keyword is three. The letters in each row can now be regarded as ciphertext
corresponding to a component Caesar Cipher and each can be broken separately
using single letter frequency analysis. Even though this example has too few
ciphertext letters to be very effective, the double occurrence of ciphertext letters
in each row (component Caesar Cipher) is already a useful clue. This is certainly a
more difficult analysis to conduct than for the Simple SubstitutionCipher, because
recognising the correct plaintext corresponding to the component Caesar Ciphers
is more difficult. However, it is definitely possible, and certainly a task that a
computer can make fairly routine, given enough ciphertext.
Note that without knowledge of the keyword length the attacker cannot
conduct this attack. However, there are some surprisingly simple statistical
techniques that can be applied to the ciphertext to allow the attacker to make
D
D GU
H
D
V
I
I
D
S
I
V
G
X GY
Z
Z
Figure 2.6.
Cryptanalysis of the Vigenère Cipher
