Secure Digital Communication Systems: Understanding Communication Security

The world of secure digital communication systems, as explored by Prof. Maher K. Mahmood, delves into the realms of Communication Security (Comsec) and Transmission Security (Transec). Comsec involves encryption, scrambling, and ciphering to ensure information is transmitted unseen by third parties. On the other hand, Transec focuses on concealing the very existence of communication or rendering it incomprehensible. Privacy and Authentication play crucial roles, utilizing a cryptographic system with specific keys to safeguard data. Cryptanalyst attacks pose challenges, ranging from ciphertext-only to chosen text attacks. The distinction between unconditional secure systems and computationally secure ones highlights the complexity and significance of information protection in the modern era, evolving from ancient cryptographic systems developed for written text. Explore this fascinating domain to enhance your knowledge of digital security.

• Communication Security
• Encryption
• Transmission Security
• Cryptanalyst
• Cryptography

art_plo Follow

Uploaded on Mar 02, 2025 | 0 Views

Download Presentation

Please find below an Image/Link to download the presentation.

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author.If you encounter any issues during the download, it is possible that the publisher has removed the file from their server.

You are allowed to download the files provided on this website for personal or commercial use, subject to the condition that they are used lawfully. All files are the property of their respective owners.

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author.

Presentation Transcript

1. Secure Digital Communication Systems Prof. Maher K.Mahmood Communication Security: (Comsec.): This name includes titles like encryption, scrambling, ciphering ..etc. In such a case the requirement is to send information from one point to another without allowing anyone( called the 3rdparty or the enemy), to listen or change this information. The 3rdparty, receives, demodulates the signal but can not understand. Transmission Security: (Transec.): This name includes titles like jamming, antijamming, spread spectrum etc. In such a case the requirement is to make the 3rdparty do not know that there is a communication between the two points, or he knew that there is a communication but has no reception ability to receive, demodulate and understand the information.

2. COMSEC SYSTEMS Privacy and Authentication: Privacy: P C P K P=plaintext C=ciphertext K=key D=Decryption E=Encryption

3. Authentication: C C' P P K The Tx generates a plaintext P to be transmitted to the Rx over an insecure channel monitored by an eavesdropper(3rdparty). To prevent the eavesdropper from knowing the content of P, the Tx enciphers or encrypts P with an invertible transformation Skto produce the ciphertext C=Sk(P). When the friendly Rx receives C he can get P with the inverse transformation S-1kto obtain P=S-1k( C)=S-1k(Sk(P))

4. The transformation Skis chosen from the family of transformations known as cryptographic system. The parameter that selects the individual transformation is called the specific key or the key K. Cryptanalyst: The 3rdparty that tries to know P from C without knowing K. Cryptanalyst Attacks: Different ways in which the Cryptanalyst can know P from C without having K. These are: 1- ciphertext only attack: when the 3rdparty knows only C. 2- known plaintext attack: when the 3rdparty knows C and some redundant words or phrases that are usually used by the Tx( sincerely yours, please, dear sir, ..etc). 3-chosen plaintext attack: when the 3rdparty can see the ciphertext for any plaintext he chooses. 4- chosen text attack: when the 3rdparty can choose any C to find P or visa-versa.

5. Unconditional secure system: This is the case when the amount of information is not enough for the 3rdparty to determine the enciphering-deciphering transformation no matter how much computing power the cryptanalyst has. That is the 3rdparty cannot know P from C even if many high speed computers work for infinite time. Computational Secure: If the amount of information is enough for the 3rdparty to determine P from C but the computation time is so large(days, weeks, months, years) so that after this time the 3rdparty may know P from C but it becomes of no value for him, i.e. the information is kept secret for a finite time until a certain mission is finished. Old Cryptographic Systems: The concepts of cryptography were first introduced for written text information, i.e. P represents characters from a certain language. The old crypto-systems used for that purposes are:

6. Each character from the plaintext is replaced by another character to give C. The mapping between P and C is one to one, i.e. no repeated C for the same P. Discuss no of available keys: If the alphabet of the language consists of n characters, then the no of available keys will be n!. For n=26 say, then 26! is not large that the cryptanalyst can try all of them and find the correct one using nowadays computers. Note that not all the n! keys are useful. The no of bits to assign a key is given by log2(n!). Conclusion: This system is weak and cannot be used alone. 1-Substitution Plaintext ciphertext A W B M C L D O E I F B . . . . . . . . . . . . . . Z F

7. 2-Transposition The whole message is divided into blocks,each m-character long. Then the characters in each block are permutated according to a certain permutation law as shown below: Ch no in P 1 2 3 4 5 6 7 8 9 . . . . . . . . . m Ch no in C 5 3 10 1 8 2 16 4 11 . . . . . . . . . 12 i.e. the same characters are used but interchanging their positions. Discuss the no of available keys This will be m!, but here m can be very large even larger than the finite no of alphabet of the language. i.e., this will give say 100! Or 1000! no of available keys. No of bits to assign a key will be log2(m!). Homework: Discuss the possibility of cascading the substitution and transposition cryptosystems to increase system security.

8. Character frequency analysis: One of the drawbacks of previous two systems is " frequency analysis". It is known that for any language consisting of characters, then each character has a specific frequency, or probability, i.e. not all characters are equiprobable, some characters appear more than others, for example character 't' or 'i' or 'e' appear more than others. This can help the cryptanalyst to count for these probabilities and guess the corresponding substitution or transposition used. 3-Polyalphabetic ciphers: This method is used to solve the problem of frequency analysis. In such a case, not only one substitution is used, but in stead say 'b' substitutions are used periodically to cipher the plaintext. Hence each character may be substituted by different characters. This makes the cryptanalyst unable to use frequency analysis.

9. plaintext Substitution S1 Substitution S2 .. . Substitution Sb A B C D E F E F Z A M Y L T Y G F A . . . . . . . . . . . . . . . . . . . . . . . . . . . . D X V F C L . . . . . . . . . . . . . . . . . . . . . . . . . . . . Z Q U B

10. Discuss no of available keys: Note that if n is the size of the alphabet and the period of the polyaphabetic is 'b', then there are n! of substitutions and we will ( ?!)! ?! ?! ? ! (?!)? select 'b' out of them. The no of such selections will be: Cbn!= ?! And the no of bits to assign a key is log2((?!)? ?!) Home work: Carry out the polyalphabetic cipher for 26 character alphabet with b=3. The plaintext is ' communication'. 4- Running key ciphers: In order to make the key size approach infinity, the Tx selects a key K with the same size of the message. This key is usually selected from say your library by specifying a book number plus a page number plus a line number. If both the Tx and Rx agree on that protocol, both will read the same sentence from that book at that page starting from that line number. This sentence will represent the key K. Then:

11. The enciphering equation is Ci=(Pi+Ki) mod n and, The deciphering equation is Pi=(Ci-Ki)mod n, where n= alphabet size=26 for English language. Pi=a number corresponding to the plaintext character. Ci= a number corresponding to the ciphertext character. Ki=a number corresponding to the key character. Above Pi, Ciand Kinumber are obtained by numbering the characters from say A to Z as 0 to 25, i.e. Pi(Cior Ki) A B C D number 0 1 2 3 E 4 . . . . . . Z 25 The key size here is almost infinite or very large since there is no limit for the size of the number of books available at your library. Home work1: carry out a numerical example for running key cipher. Home work2: Try to think of using the running key cipher not using a library as a source of the key, but using your computer as a source of the key.

12. Classification of cryptosystems based on key management: Cryptographic systems are classified into: a-distributive key system :in such case ,it is necessary to send the new key to all station every time (daily ,weekly, .) it is changed. i.e the main station must distribute the key to all its terminals . This key "K" is used to encipher and decipher the message. The weakness here is that the key must be distributed over very very secure way (hand to hand ,with guards, .) b- public key system:In such a case, there is a certain transformation that has mathematically two keys, one for encryption "E" and one for decryption "D". "EA" is made public used by anyone wants to send a message to station A, while "DA" is kept secret at station A used to find P from C that was enciphered by EA. Here, there is no need to distribute the enciphering key E since it is made public(like a telephone number or user name).

13. Block and stream ciphers : In a block cipher, the message is divided into blocks of the same size and the same enciphering /deciphering procedures are applied for each block independently. In stream cipher, the message is enciphered/deciphered serially without the need to divide the message into blocks. Simple synchronous stream ciphering system: If the message P is reduced into its equivalent binary sequence, then this P is simply X-ORed with a random (or psedorandom) binary key K such that : C=P + K ( where + is Ex-OR). At the Rx a synchronized identical key K is generated so that P=C+K=(P+K)+K=P.

14. p c c k k p Distributed and Synchronized key The secrecy of this technique depends on the key K. This key must be as long as the message and cannot be reused. In an effort, one can think of using pseudorandom bit generator. This opens up a new subject called "Pseudonoise Sequences", (PN). This subject is very important for Comsec and Transec systems and will be studied in more details.

15. Block cipher: Suppose that the binary data representing the message is divided into blocks of size m.There are 2mof such blocks and there are (2m!) number of ways to permutate that block. Hence the key size is (2m!) and the no of bits to assign an individual key will be: log2(2m!) (m .2m) bits. This number is large even for small m, for m=8 bits, this requires about 2000bits ( about 250 ASCII characters) which is not practical. To solve this problem, different arrangements were suggested to make that number practical, one of these is the DES system explained below: DES (Data Encryption Standard): This block cipher is based on the use of substitution (S box) and Transposition (T box). The block size m is first suggested as 64 bits ( nowadays 128 bit DES system is also available).

16. 64 bit key DES system 64 bit C 64 bit P After initial fixed permutation, the 64 bit plaintext is broken into left and right halves L0and R0each 32-bit long. The algorithm then performs 16 similar rounds, each of the form: Li= Ri-1and Ri=Li -1 f(Ri-1, Ki)

18. Where represents Ex-OR, Kiis a 48-bit portion of the key used at round i, and f(R,K) is a function with 32-bit output. The idea behind DES is that the system generates 16*48=768 bit key as K1to K16from the 56-bit key. This is done by loading the 56-bit key into two 28-bit shift registers (C & D) each with 24-bit taps, these 48-bit taps will provide the current 48-bit key Kito be used in the ith round of f(Ri-1,Ki). After each round, the C &D shift registers are cyclically shifted to the left to produce the next 48-bit of the key. The locations of the shift register taps, the 8- S-boxes and other details can be found in a special publication of the NBS( national Bureau of Standards in USA). DES in cipher feedback mode:In order to use the DES to cipher data character by character NBS suggested the model shown

19. Ci Ci-8 64 bit key 64 bit key ki ki Ci Ci pi pi Each Pi, Ci, Ki, is an 8-bit character. The ith plaintext character Pi is Ex- Ored with the ith key Kithat depends on the input 64-bit key of the DES and the previous 8 ciphertext characters Ci-1, Ci-2, ,Ci-8. This system has the property of self synchronization that removes the need for special synch protocol. Home work: Discuss the error propagation of the above structure.