Codes and Ciphers: An Introduction to Cryptography and Secret

Communication

These hieroglyphics have evidently a meaning. If it is a purely arbitrary one, it may be

impossible for us to solve it. If, on the other hand, it is systematic, I have no doubt that
we shall get to the bottom of it.
-Sherlock Holmes in The Dancing Men, by Arthur Conan Doyle
Outline for Today
1. Early cryptography
2. Mathematical prereqs
3. public key cryptography

Some Useful Definitions

plain alphabet - alphabet used to write original message
cipher alphabet - letters that are substituted for the plain letters
cipher - a means of hiding a message by replacing each letter with another letter or
symbol
cryptography - The science of developing and using methods to conceal the meaning of
a message
cryptanalysis - Breaking a message concealment method
cryptology - cryptography + cryptanalysis

Transposition Ciphers - Anagrams

Letters of message rearranged, not changed.
Example: Rail Fence Cipher
Write message so alternate letters are written on separate upper and lower lines.
Form ciphertext by appending string on lower line to end of string on upper line.
Example: i came i saw i left
Upper: i a e s w l f
Lower: c m i a i e t
ciphertext: IAESWLFCMIAIET

Substitution Ciphers - Cryptograms

Replace each letter in plaintext with another letter or symbol.
Example: Caesar Shift Cipher
Replace each letter in plaintext with the letter 3 places down in the alphabet (with wrap-around)
plain a b c d e f g h i j k l m n o p q r s t u v w x y z
cipher D E F G H I J K L M N 0 P Q R S T U V W X Y z A B C
Plaintext: i came, i saw, i left.
Ciphertext: L FDPH, L VDZ, L OHIW.
In this case, the key = 3.

Secure Communication
Earlier we discussed the problems with XORing the data with a random secret key
Need a secure method to exchange keys
Should use a new secret key for each communication (one-time pad)
Simple encryption schemes such as substitution ciphers easily broken.
letter frequencies enable decrypting messages
Public key cryptography is a better solution

Public Key Cryptography (Diffie and Hellman)

Many schemes are symmetric - given the encryption method, its easy to determine how to
decrypt the message.
We now discuss assymetric methods.
A user Bob has a public key, which is available to everyone, and a private key (known only to
Bob).
Bobs public key is an encryption function f that is applied to every message x before it is
sent to him.
Bobs private key is f 1 - Bob can decrypt messages using this function.
This scheme avoids the key exchange problem.
The function f needs to be one-way.
Given any message x, it is easy to compute f (x).
But given f (x), it is hard (computationally intractable) to compute x

Public Key Cryptography: RSA (Rivest, Shamir, and Adelman)

The encryption function is chosen from a family of functions that are conjectured to be difficult
to invert.
If a fast algorithm for factoring were to be found, this family of functions would no longer be
one-way.

Factoring is Hard
Fact: Every positive integer has a unique prime factorization
Question: How hard is it to determine the factorization, given an integer?
An algorithm runs in polynomial time if its running time is bounded from above by some
polynomial in the input size (measured in bits)
If the input to a factoring algorithm is an integer n, then input size is about log2n bits

Given a positive integer n, we can determine if n has a non-trivial factor in O( n) integer

divisions

1
Note that n is exponential in the input size, since n = 2 2 log2 n.
Factoring a 100-digit number might take something like 1050 operations.
Suppose a computer can perform 109 such operations per second
There are approximately 3 107 < 108 seconds in a year

So we would need about 1033 computers to perform such a computation within a year

Factoring: State of the Art

The fastest, general-purpose factoring algorithm that is known is the number field sieve algorithm.
1

For d-bit numbers, the running time is 2

O(d 3 (log2 d) 3 )

More information is available at

http://en.wikipedia.org/wiki/Integer_factorization

Mathematical Preliminaries for RSA

Definition: For all integers x and y, we say that x divides y, denoted x|y, if y = kx for
some integer k.
Definition: For positive integers a, b and n, we say that a is congruent to b mod n,
denoted a n b or a b(mod n), if n|(a b).
Examples: 28 and 37 are congruent mod 9, since 37 28 = 9 = 1(9), i.e., 9|(37 28).
Note: Two integers a and b are congruent mod n if a and b have the same remainder when
divided by n. (Exercise: prove!)
Recall: (modn) is an equivalence relation over Z. (Exercise: prove!)

10

Properties of Congruence mod n

Theorem: Let u, v, p, x and y be positive integers. If u v(mod n) and x y(mod n),
then u + x v + y(mod n) and ux n vy.
Proof: in-class
Exercise: Let u, v, p be positive integers. Then for all integers n 0, if x p y, then
xn p y n .

11

Fermats Little Theorem

I would send you the demonstration, if I did not fear its being too long.
-Fermat (in a comment explaining why he did not provide a proof in his notes)
Theorem: For any prime p and any positive integer a such that p6 |a, ap1 1(modp).
Proof: Assume p is prime, a Z+, and p does not divide a. The first p 1 multiples of a are
a, 2a, 3a, ..., (p 1)a. Suppose that ra p sa, for some integers r, s {1, 2, ..., p 1}. Then
since p is prime and p6 |a, p|(r s), since p|a(r s). Thus r p s. Since 1 r, s p 1,
r = s. Therefore, no two distinct values in the collection a, 2a, ..., (p 1)a are congruent.
Therefore, in some order, these values must be congruent to 1, 2, ..., p 1. Therefore
a(2a)(3a)...(p 1)a 1(2)(3)...(p 1)(mod p), or ap1(p 1)! (p 1)!(mod p).
So p|(ap1(p 1)! (p 1)!, or equivalently, p|(p 1)!(ap1 1). Since p does not divide
(p 1)!, it follows that p|(ap1 1). 

12