Cryptography Reference
In-Depth Information
D
FI
I
A
S
G
O
L
D
B
E
A paper strip is wrapped around a rod;
text is written longitudinally. The rod's
thickness is secret.
N
N
D
D
E
E
TS
H
I
C
H
R
O
E
Unwrapping the rod reveals
the letter sequence on
the strip.
HFD I
I
ANNSDDGEEORTLH
SD
O I
BECE
Figure 2.2:
Ciphering by use of a rod.
The frequencies of characters don't change versus the original text, but this
insight is of little use for us. Only information about the way the transpositions
were made will help us further. Unfortunately, this method is also insecure:
•
An initial clue to a vulnerability could be supplied by a sloppy user who
pads the last line with fillers (e.g., 'X') to bring it to the required length.
This reveals parts of the transposition's structure.
•
Short messages could contain only a few or none of certain letters. An
attacker can draw conclusions as to which messages had definitely
not
been sent. This may be sufficient to launch an attack.
•
Sinkov [Sinkov] explains how an attack using a 'probable word' (more
about this term in Section 3.4.1) is possible even with transpositions. The
idea is very simple, but it can be used only provided the probable word
is longer than the block length. In this context, 'block length' means the
number of characters in the group in which a transposition occurs.
Let's go back to the example with the rectangle above to be more specific.
(In this case, the block length is 6, i.e., the number of columns in the
rectangle.) Assume the word DELIVER occurs in the text, and that the
algorithm used is the 'cube' with subsequent columnar transposition. With
a block length of 3, there would have to be an 'I' underneath the 'D' in
the rectangle, i.e., the string 'DI' would have to occur in the ciphertext.
This is not the case, so assuming a block length of 3 was wrong. We
will find out by trial and error that the block length has to be 6 (since
'DR' does occur in the ciphertext). We have found the position of the
