# ICOM6045 Fundamentals of E-Commerce Security

## Definition

• Process of transforming information to make it unreadable to anyone except those possessing the key

## Purpose

• Data confidentiality

## Transpositions/Permutations

• An encryption in which the letters of the message are rearranged
• Function
• Try to break established patterns
• Example
• Columnar transposition
• Rearrangement of the characters of the plaintext into columns
• Based on characteristic patterns of pairs of adjacent letters, called digrams
• Analysis
• Compute the letter frequencies
• Break the text into columns by compare a block of ciphertext characters against characters successively farther away in the ciphertext.
1. Do common digrams appear.
1. Do most of the digram look reasonable
• Complexity
• Require storage for all characters of the message
• Not good for long message
• Alternative
• Permute the characters of the plaintext with a fixed period d

## Confusion

• Cipher that makes relationship between the plaintext/key pair and the ciphertext as complex as possible
• Good confusion
• poly-alphabetic substitution with a long key
• Caesar cipher

## Diffusion

• Cipher that spreads the information from the plaintext over the entire ciphertext
• Change in the plaintext should affect many parts of the ciphertext
• Good diffusion
• DES
• Transposition cipher
• Substitutin cipher

## Cryptanalysis

• Index of coincidence (A tool to rate how wella particular distribution matches the distribution of letter in English)
• Procedure
• Measure of roughness(variance)
• If the distribution is perfectly flat
• Examine
• Is it encrypted
• How is it encrypted
• What is the key

## Types

### Symmetric Key Encryption

• Procedure (Single key)
• Original message
• Key -> Encryption algorithm
• Encrypted message
• Encrypted message sent over Internet
• Encrypted message arrives destination
• Key -> Decryption algorithm
• Original message
• Algorithms
• DES(Data Encryption Standard)
• Most commonly used block cipher
• Purpose
• Facilitate hardware implementation
• Form
• A block cipher with 56-bit key (64-bit including parity bits)
• “Feistel” network structure
• RC4
• Stream cipher
• Definition
• Convert one symbol of plaintext immediately into a symbol of ciphertext
• Speed of transformation
• Low error propagation
• Low diffusion
• Possible for malicious insertions and modifications
• Block cipher
• Definition
• Encrypt a group of plaintext symbol as one block
• Diffusion
• Immunity to insertion
• Slowness of encryption
• Error propagation
• Kasiski method
• Search for repeated sequence of characters
• Example
• 3 occurrences of the 11-character sequence
• Distance between first 2 sequence = 141- 90 = 51
• Distance between second 2 sequences = 213 - 141 = 72
• The common divisor between 51 and 72 is 3
• Estimated key length is 3
• “Perfect” substitution cipher
• Definition
• Many alphabets for an unrecognizable distribution
• No apparent pattern for the choice of an alphabet at a particular point
• Function
• Confuse the Kasiski method
• Index of coincidence would be close to 0.038
• Application
• Caesar cipher
• Definition
• The message is enciphered with a 27-symbol alphabet (A->Z) and the blank, the blank is translated to itself
• Permutation
• Each letter is translated to a fixed number of letters after it in the alphabet
• The “real” Caessar cipher by Julius Caesar used a shift of 3
• Mono-alphabetic substitutions
• Definition
• The alphabet is scrambled, and each plaintext letter maps to a unique ciphertext letter
• Permutation
• A permutation is a recording of the elements of a series
• A permutation can be a function
• Some permutations can’t be represented as simple equation
• Weakness
• Frequency distribution
• Polyalphabetic substitutions
• Definition
• Combine distributions that are high with ones that are low
• Analysis
• Use Kasiski method to predict likely numbers of enciphering alphabets
• If no numbers emerge fairly regularly, may not a poly-alphabetic substitution
• Compute the index of coincidence to validate the predictions from step 1
• When step 1 and 3 indicate a promising value, separate the ciphertext into appropriate subsets and independently compute index of coincidence of each subset
• Example
• Rotor Machines
• Vigenere cipher
• Definition
• Vigenere tableau
• A collection of 26 permutations
• Written in a 26*26 matrix
• Permutation
• Use a key (keyword) -> select particular permutaion
• Definition
• Based on a large nonrepeating set of keys (written on paper and glued together into a pad)
• Procedure
• Sender writes key one time above the letters of the plaintext
• Encipher the plaintext with a chart like Vigenere tableau
• Sender destroys the key
• Receiver takes the appropriate number of keys
• Decipher the message
• Example
• Vernam cipher
• Involves an arbitrarily long nonrepeating sequence of numbers that are combined with the plaintext
• Possible attack
• Random number generator

### Public Key Encryption

• Procedure (Everyone has 2 keys)
• Original message
• Encryption key -> Encryption algorithm
• Plaintext <- Encryption
• The original form of a message
• Ciphertext <- Decryption
• The encrypted form a message
• Original plaintext
• Encrypted message
• Encrypted message sent over Internet
• Encrypted message arrives destination
• Decryption key -> Decryption algorithm
• Original message
• Algorithms
• RSA

## 相关文章

2020-10-20
ICOM6012 Topic 4 Transport Layer
2020-10-19
ICOM6012 Topic 3 Application Layer
2020-10-05
ICOM6012 Topic 2 The Big Picture
2020-09-09
ICOM6012 Topic 1 Overview

pseudoyu