A HOMOPHONIC CIPHER FOR COMPUTATIONAL ..., Summaries of Cryptography and System Security

Computational cryptography deals with the storage and processing of sensitive information in computer systems by enciphering.

Typology: Summaries

2022/2023

Uploaded on 05/11/2023

weldon
weldon 🇺🇸

4.5

(10)

223 documents

1 / 20

Toggle sidebar

This page cannot be seen from the preview

Don't miss anything!

bg1
REPORT R-599 MARCH,1973 UILU-ENG 7 3-2201
S ' i l COORDINATED SC IENCE LABORATORY
A HOMOPHONIC CIPHER
FOR COMPUTATIONAL CRYPTOGRAPHY
FRED A .S TA H L
UNIVERSITY OF ILLINOIS - URBANA, ILLINOIS
APPROVE D FOR PUBLIC RELEASE. DIS TRIB UTIO N U NLIMIT ED.
pf3
pf4
pf5
pf8
pf9
pfa
pfd
pfe
pff
pf12
pf13
pf14

Partial preview of the text

Download A HOMOPHONIC CIPHER FOR COMPUTATIONAL ... and more Summaries Cryptography and System Security in PDF only on Docsity!

REPORT R -599 MARCH,19 7 3 U ILU -EN G 7 3 -2 2 0 1

S ' i l COORDINATED SCIENCE LABORATORY

A HOMOPHONIC CIPHER

FOR COMPUTATIONAL CRYPTOGRAPHY

FRED A .S T A H L

UNIVERSITY OF ILLINOIS - URBANA, ILLINOIS

APPROVED FOR PUBLIC RELEASE. DISTRIBUTION UNLIMITED.

UILU-ENG 73-
A HOMOPHONIC CIPHER FOR COMPUTATIONAL CRYPTOGRAPHY

by Fred A. Stahl

This work was supported in part by the Joint Services Electronics Program (U. S. Army, U. S. Navy, and U. S. Air Force) under Contract DAAB-07-72-C-0259.

Reproduction in whole or in part is permitted fo r any purpose o f the United States Government.

Approved fo r public release. Distribution unlimited.

A HOMOPHONIC CIPHER FOR COMPUTATIONAL CRYPTOGRAPHY*
  1. Introduction Computational cryptography deals with the storage and processing o f sensitive information in computer systems by enciphering. Sensitive information is information that for one reason or another must be protected from being disclosed to individuals without proper authorization. The need fo r systems to be secure from unauthorized access to sensitive informa- tion has been w ell documented. Cryptographic techniques appear to be one of the most simple and secure methods of providing this much needed p rotection. In the next section the requirements for computational cryptography w ill be discussed, esp ecia lly with regard to the differences from communica tion cryptography; second, a short review of the cryptographic techniques that have been suggested fo r computational cryptography; th ird , a review of some standard cryptanalysis techniques; fourth, a homophonie cipher w ill be described; and fin a lly , some additional problems associated with computa tional cryptography w ill be discussed.
  2. Requirements for Computational Cryptography Cryptography has been used for ages as a technique for concealing the informational contents of messages. The use of cryptanalytic techniques combined with the a v a ila b ility of high speed electron ic equipment have made both encipherment and cryptanalysis very sophisticated endeavors indeed. For - k The work presented here was performed at the Coordinated Science Laboratory of the University of I llin o is at Urbana-Champaign. It was supported in part by the Joint Services E lectronics Program (U,S. Army, U.S. Navy, U.S. Air Force) under Contract No, DAAB-07-72-C-0259.

this reason, simple ciphers can no longer be used to provide a great deal of secu rity. This carries over to computational cryptography also. Moreover, there are a number of desirable features that any ciphers to be used in computer systems should have. These include: 1* Encipherment and decipherment should be simple. That is , the computational complexity o f enciphering and deciphering information should be minimal.

  1. The e ffe ctiv e a b ility to not be broken should be high. As the se n sitiv ity of the information increases a cipher that is more d iffic u lt to break should be available for use.
  2. The cipher should be independent of message length. Messages can be even one character in length.
  3. Small errors should not cause large losses of information. I f a small amount is ciphered in correctly it should not make a large block of information undecipherable.
  4. Information should remain integral through editing o f the ciphered text. The cipher should be such that the normal editing functions of deletin g, inserting and moving strings of information (such as would occur in a dynamic data-base) can be performed without destroying the information contained in the ciphered text.
  5. The cipher should not increase the length of the message excessively.
  6. The cipher should be o f such a nature that security can be main tained even though the cryptanalyst knows the ciphering system but not the key.

which is extremely hard to remove. Simple substitution , for example, leaves for easy analysis a l l single le t t e r , and multiple le tte r frequencies, doublet and reversal frequencies, as w ell as contact variety information. Figure 1 is representative of this information for a standard text.

  1. Homophonic Ciphers A homophonic cipher is a substitution cipher in which a given character may have any of a number o f d ifferen t representations. Figure 2 gives one such cipher and a sample message using i t. Note that the cipher- text for E, for instance, varies from substitution to substitution, Kahn notes that the fi r s t known Western instance "occurs in a cipher that the Duchy of Mantua prepared in 1401 for correspondence with one Simone de Crema. Each of the plaintext vowels has several possible equivalents.. .That the homophones were applied to vowels, and not just indiscrim inately, indicates a knowledge of at least the outlines o f frequency an a ly sis." Obviously, the more ciphertext symbols relative to plaintext symbols the easier it is to disguise the structural properties of the plain text through enciphering. Each plaintext symbol could have many ciphertext encipherings, in order to illu stra te this consider a plaintext alphabet of 26 symbols and a ciphertext alphabet of 1024 symbols (10 b i t s ). I n it ia lly each plaintext symbol would have as many ciphers inversely propostional to its frequency in the language (see Figure 3 ). Notice that the single le tte r frequency o f the ciphertext is nearly constant (compare Figure 4 to Figure la) relative to its frequency in the plaintext thereby not providing any single le tte r frequency information for the cryptanalyst.

Linear Scale

Linear Scale

Log Scale

Log Scale

b) Digram Frequency

ETOANIRSHDLCFUMPYWGBVKX JQZ

T I A I E F T E H A V T T A H E H R I A C N A E I TH N N O NO IR E T EE H TA RI E LR OC LV T EE GD NT RO ER ER RAI TS SSL EN EL EHD

FP-

Figure 1. Various Frequency D istributions for English

Linear Scale

A Homophonic Substitution Cipher Generated in

Inverse Proportion to Frequency in Plaintext

Plaintext Symbol; A B C D E F G H I J K L M Number of Cipher Symbols: 81 13 31 4 3 1 3 3 2 9 14 61 71 2 5 38 27 N O P Q R S T U V W X Y Z 15 85 22 2 70 65 93 28 10 15 3 15 1 Figure 3

Single Cipher Frequency

for Homophonic Cipher

E T O A N I R S H D L C F U M P Y W G B V K X J Q Z F P -3 4 4 9 Figure 4

However, as noted above, the cryptanalyst uses other techniques for breaking codes. The cryptanalyst looks fo r the most deviant structural features f i r s t. Consider, for example, the abnormal reversal frequency of ER in Figure l e. I f this reversal can be located in the ciphertext the cryptanalyst is much closer to breaking the code. In contrast, he would not look for the reversal OF since there are many other reversals with nearly the same frequency occurrence. The cru cia l point to remember is that it is only the abnormal or deviant frequencies that can be used for clu es. C learly, i f a l l measurements of the ciphertext yielded nearly fla t distribu tions as in Figure 4 there would be no information gained from those measurements. Now let us generalize the homophonic technique to fla tten the other curves illu stra ted in Figure 1. This is easier said than accomplished, s since adjusting one curve to be fla t t e r w ill generally resu lt in making another one more curved. Let us return to the e a rlie r generalized homophonic enciphering hypothesis and modify it somewhat to allow for more f l e x i b i l i t y. Before we wanted the curve resulting from single le tte r enciphering to be nearly f l a t. I f we lessen this r e strictio n somewhat and allow for some d istrib u tion but not nearly as much we can avoid the abnormal or deviant frequencies that are normally used for clues on a ll the measurements found in Figure 1. Figure 5 gives one such homophonic cipher. The technique used to generate this code is fa ir ly simple. The frequencies are adjusted as for the code in Figure 3, and the corresponding frequency charts can be generated for the other measurement of the cipher- text. Next, the most deviant frequency in any measurement is examined. I f ,

fo r example, it is a reversal frequency the corresponding number o f cipher symbols used fo r each of the constituent symbols is raised accordingly. The process is repeated u n til the frequency curves are sa tisfa cto ry. I f there is no convergence the process can be started over again taking care to choose d ifferen t measurements f i r s t , I f a fter a number o f attempts are made appropriate curves cannot be gotten, it might be necessary to increase the number of ciphertext symbols by increasing the number o f b its used to represent each symbol. A cipher su ccessfu lly generated in the manner described has a ll the desirable features for computational cryptography set forth above. An extremely simple enciphering and deciphering scheme can be used since this is a substitution type cipher. A sample scheme w ill be given. With regard to the a b ility to adjust the cipher to meet security needs one need only increase the number o f b its used to represent each ciphertext symbol (e ffe c t iv e ly , increasing the ciphertext alphabet). Since there is one ciphertext symbol for each plaintext symbol the messages can be of arbitrary length. An error in one symbol does not extend errors even to adjacent symbols of the message; thereby keeping losses of information to a minimum. Note in particular that since i t is a substitution cipher the 'in te g rity through e d itin g ' condition is met. That is , strings (including individual characters) of enciphered message may be moved with respect to each other without going through a deciphering and reenciphering process. This property makes it invaluable for large dynamic data-bases. The length of the message only increases with the security needed. For a typ ical low security cipher 8-bits should be su fficie n t for a 64

symbol plaintext alphabet. A homophonie cipher can e ffe c t iv e ly destroy a l l standard language frequency information as shown in Figure 1. In addition, information in ciphered form may be received by the computer from a terminal and be edited without it ever being deciphered at the central f a c i l i t y. As mentioned e a rlie r the device to encipher the plain text message need not be very complex. Consider a key of 256 characters; each o f the 64 characters appears in the key the number of times desired fo r the particular application (see Figure 6 ). The key is loaded into a 256 word memory. Deciphering consists of returning the contents of the address sp ecified by the 8 -b it cipher. Enciphering involves generating an address randomly and then searching sequentially u n til a matching character is found and then transmitting its address (see Figure 7). The amount of secrecy needed can be con trolled by the number of b it s. So, fo r instance with 9 b its there would be 418 remaining b it patterns; with 10 b its it would be 984, e tc. Each additional b it increases the secu rity.

6, Additional Problems Associated With Computational Cryptography There are a number of additional problems associated with keeping sensitive information secure in computer systems. These include the follow ing: 1« The decoded message problem. This comes about when a block of decoded or unenciphered message is known by the analyst. With this type o f information available very few cipher systems are s a fe. The limited syntax problem. When dealing with limited languages such as programming languages the analyst can break the cipher

Enciphering the Homophonie Cipher

Address Memory O O O O O O O O

  1. Generate Random Address-.

Search sequentially for Plaintext Character s ' P

  1. C iphertext is the address of m atch

i l i u m 0

F P -3 4 4 7 Figure 7

by knowing the r e strictiv e properties of the language involved.

  1. The arithmetic problem. I f the ciphered text is not to be decoded inside the computer arithmetic operations cannot be performed. 4« The overlapping access problem. When d ifferen t individuals have access to the same ciphered data and yet do not want common access to other enciphered data. It is hoped that this paper w ill influence in some way the designers of future computer systems by showing that simple techniques can be used for e ffe c tiv e ly lim iting the access of information to only those who should have access to i t. A ju s t ific a tio n of the effectiven ess of this homophonic cipher system on a mathematical basis using techniques developed by Shannon 13 w ill be described in a subsequent paper.
  2. Acknowledgements The author wishes to thank Chung Laung Liu and James Studier for their suggestions and criticism s of the manuscript during its preparation and Greg Michael for his program to compute the various frequencies for the figures that appear.
  3. References
  4. W. H. Ware, "Security and Privacy in Computer Systems," Proceedings 1967 Spring jo in t Computer Conference, pp. 279-282*
  5. W. H. Ware, "Security and Privacy: S im ilarities and D ifferen ces," Proceedings 1967 Spring Joint Computer Conference* pp. 287-290.
  6. B. Peters, "Security Considerations in a Multi-programmed Computer System," Proceedings 1967 Spring Joint Computer Conference, pp, 283-286. ~

Security Classification ( S e c u r i t y c l a s s i f i c a t i o n o f t i t l e , bo'dy o f^ DOCUMENT CONTROL DATA ■ a b s t r a c t a n d i n d e x i n g a n n o t a t i o n m u s t be^ R & D e n t e r e d w h e n the o v e r a l l r e p o r t is c l a s s i f i e i

  1. O R I G I N A T I N G a c t i v i t y ( C o r p o r a t e a u t h o r ) Coordinated Science Laboratory University of I llin o is Urbana, I llin o is 61§

2 a. R E P O R T S E C U R I T Y C L A S S I F I C A T I O N 2 b. G R O U P^ UNCLASSIFIED

  1. R E P O R T T I T L E A H0M0PH0NIC CIPHER FOR COMPUTATIONAL CRYPTOGRAPHY
    1. D E S C R I P T I V E N O T E S ( T y p e o f r e p o r t a n d i n c l u s i v e d a t e s ) 5- A U T H O R ( S ) ( F i r s t na m e , m i d d l e i n i t i a l , l a s t n a m e ) Fred A. Stahl
  2. R E P O R T D A T E March. 1973

7 a. T O T A L N O. O F P A G E S 15

7 b. N O. O F R E F S 8a. C O N T R A C T O R G R A N T N O. (^) 9 a. O R I G I N A T O R ’ S R E P O R T N U M B E R ( S )^13 b. P R O J E C T N O.^ DAAB-07-72-C- R- c. (^) 9 b. (^) t h is O T H E R r e p o r t ) R E P O R T N O ( S ) ( A n y o t h e r n u m b e rs t h a t m a y be a s s i g n e d d. UILU-ENG 73-

  1. D I S T R I B U T I O N S T A T E M E N T Approved fo r public release.
  2. S U P P L E M E N T A R Y N O T E S
  3. A B S T R A C T

D istribution unlimited.

  1. S P O N S O R I N G M I L I T A R Y A C T I V I T Y Joint Services Electronics Program through U. 3 k>rt Monmouth, S. Army ElectronicsNew Jersey _______________ Command,

A simple enciphering technique that can be used to encode sen sitive data in computer systems is described. This cipher has properties that make i t possible to do editing on data within the computer without decoding. Thus, the key need not be available to the computer nor anyone who has access to the computer system since the data can easily enter and leave the system in ciphered form. It need only appear decipheredprocedure. at it s origin or it s destination by use of a very simple ciphering Requirements for computational cryptography are also discussed along with a short reviewFinally, of some problemscryptographic thattechniques s t i l l remain unsolved w illthat have already been be usedillu stra te d. for computer systems.

DD A”™, Security Classification

Security Classification 1 4 K E Y W O R D S L I N K A L I N K B L I N K^ C R O L E. W T^ R O L E^ W T^ R O L E^ W T

Homophonic substitution cipher Computational cryptography Data-base security Text-editing System security Cryptography

Security Classification