Cryptography Reference
In-Depth Information
The result is 24 and, as we have seen before, the key length is actually 12 which
is, as expected, a divisor of 24. Now, if we apply the test to ciphertext
c2
above we
obtain:
> KasiskiTest(c2);
30
which, again, is in consonance with the fact that the key used in this case had 15
characters. Of course, for some key lengths it may happen that the Kasiski test does
not give any information (this is less likely the longer the ciphertext is in comparison
with the key length). We can look, for example, at what happens if we encrypt
plaintext
pt
with shorter keys:
> KasiskiTest(Vigenere("juliusca", pt, enc));
8
> KasiskiTest(Vigenere("juliusc", pt, enc));
0
> KasiskiTest(Vigenere("julius", pt, enc));
6
> KasiskiTest(Vigenere("juliu", pt, enc));
5
> KasiskiTest(Vigenere("juli", pt, enc));
8
> KasiskiTest(Vigenere("jul", pt, enc));
3
We see that for keys of length 3, 5, 6 and 8 the test reveals the exact length of
the key, while for a key of length 4 the test gives 8, of which 4 is a divisor. For a
key of length 7 with this plaintext, the test returns 0 and gives no information. The
Kasiski test may be used previously to applying the method based on the index of
coincidence to select the probable length(s) of the key. Once we suspect that the key
is a divisor of a given integer, we can use the index of coincidence to select which
divisor is the probable length of the key.
Exercise 1.15
Write a Maple function that combines the Kasiski test with the index
of coincidence and, given a Vigenère ciphertext, returns (with high probability if the
ciphertext is sufficiently long) the key used.
1.4 The Hill Cipher
The encryption schemes we have studied so far are easy to break, mainly because
they encrypt the alphabet characters one at a time, so that changing one letter in
the plaintext changes only one letter in the ciphertext. This fact is what makes these
systems vulnerable to attacks based on statistical frequency analysis. A powerful idea
to render statistical analysis more difficult consists of encrypting blocks of symbols
simultaneously, in such a way that changing one symbol in a plaintext block can
potentially change all the symbols in the corresponding ciphertext block. This is, in
essence, what
block ciphers
do and, in fact, things can get even more difficult for the
cryptanalyst since, as we will see, there are encryption modes in which the result of
encrypting one block also depends on the preceding ones. We study block ciphers
