define invariant parts. Looking ahead, we can cite as an example the Enigma cipher machine (see Chapter 9), which contained several wheels; there were wires inside these wheels; the wiring inside the wheels did not change, but the order of the wheels inside the car itself changed daily. Thus, the wiring was an unchanging part, and the order of the wheels was a variable. Hacking the system is the most time-consuming part of the job; it may last for several weeks or even months and require the application of mathematical methods, the search for and use of operator errors and even information obtained by spies.

Once all the immutable parts of the system have been determined, it is necessary to determine all the variable parts (such as the initial positions of the wheels in the Enigma cipher machine, which changed for each message). This is the task opening message keys. After solving it, the messages will be decrypted.

So, cracking refers to the encryption system as a whole, and opening the keys is associated with the decryption of individual messages.

Codes and ciphers

Although the words code and cipher are often used loosely, we will make a distinction between these concepts. In code, frequently occurring text elements (which may consist of one or more letters, numbers, or words) are usually replaced by four or five letters or numbers, which are called code groups and are taken from the codebook. For especially commonly used expressions or characters, the code book may offer several code groups. This is done so that the cryptographer can vary them in order to make it difficult to identify them. So, for example, in a four-digit numeric code for the word "Monday" there can be three alternative code groups - for example, 1538, or 2951, or 7392. We will consider the codes in Chapter 6.

Codes are special case encryption systems, but not all encryption systems are codes. We will use the word cipher in relation to encryption methods that do not use code books, but ciphertext is obtained from the original plaintext according to a certain rule. Nowadays, instead of the word "rule" they prefer to use the word "algorithm", especially when it comes to computer program. The distinction between the concepts of code and cipher is sometimes not entirely clear, especially for simple systems. Perhaps we can assume that the Julius Caesar cipher uses a one-page code book, where each letter of the alphabet is associated with a letter that is three positions further in the alphabet. However, for most of the systems we'll be looking at, this distinction will be fairly clear-cut. So, for example, "Enigma", which is often

erroneously called the "Enigma code", is certainly not a code at all, but

cipher machine.

Historically, until relatively recently, cryptography has been dominated by two main ideas, and many encryption systems (including almost all of those described in the first eleven chapters of this book) were based on one or both of them. The first idea was to shuffle the letters of the alphabet (as a deck of cards is usually shuffled) in order to get something that can be considered a random order, a permutation, or an anagram of the letters. The second idea is to convert the letters of the message into numbers (for example, by setting A=0, B=1, ..., Z=25), and then add to them (number by number) other numbers, called gamma, which , in turn, can be letters converted to numbers. If the result of addition is a number greater than 25, subtract 26 from it (this method is called modulo addition 26). The result is then converted back

V letters. If the numbers added to the text are obtained by a rather difficult to predict process, then the message encrypted in this way is very difficult, or even impossible, to decipher without knowing the gamma.

It is curious to note that Julius Caesar's cipher, however simple, can be considered an example of both. In the first case, our "deck shuffle" is equivalent to simply moving the last three cards to the beginning of the deck, so that all letters are moved down three positions, and X, Y, and Z are at the beginning. In the second case, the gamma is the number 3, repeated an infinite number of times. It is impossible to imagine anything "weaker" than such a scale.

Translation of a message into another language, perhaps, could also be considered a certain type of encryption using a code book (that is, a dictionary), but this is still too loose a use of the word code. However, this way of translating into another language, when every word is climbed

V Dictionary as in a code book should definitely not be recommended. This is known to anyone who has tried to learn a foreign language.*) On the other hand, sometimes it is quite reasonable to use a little-known language to convey messages, the relevance of which is limited in time. It is said, for example, that during World War II, American troops in the Pacific sometimes used soldiers from the Navajo Indian tribe as telephone operators to transmit

*) I remember how a schoolboy wrote an essay in French about how in the Middle Ages a traveler arrives at a hotel at night and knocks on the door. In response, he hears "What Ho! Without." ("What the hell! Get out!" - approx. transl.). The student translated this expression into French word for word, substituting the French words: "Que Ho! Sans." (it turned out "What a ho! Without." - approx. transl.). Teacher French, having read this, was speechless for a moment, and then noticed; "You probably found these words in the dictionary, which is given away for free with bags of sugar."

messages on your mother tongue, quite reasonably assuming that even in the event of interception of telephone conversations, the enemy would hardly have found in his ranks a person who speaks this language and is able to understand the content of the message.

Another way to hide the content of information is to use some kind of personal shorthand. Even in the Middle Ages, this method was used by the authors of personal diaries - for example, Samuel Pepys (Samuel Pepys). Such codes are not difficult to open if there are enough entries in the diary. Regular repetitions of certain characters (for example, signs indicating the days of the week) are a good help for reading certain words and expressions. An example of a more thorough work is the decipherment of ancient Mycenaean writing, known as "Linear B", where the signs corresponded to the syllables of the ancient Greek language; the credit for deciphering this type of writing belongs to Michael Ventris *) (see).

The widespread use of computers and the possibility of practical construction of complex electronic circuits on silicon crystals revolutionized both cryptography and cryptanalysis. As a result, some modern systems encryptions are based on advanced mathematical concepts and require a solid computing and electronic base. Therefore, in the pre-computer era, it was almost impossible to use them. Some of them are described in chapters 12 and 13.

Evaluation of the strength of the encryption system

When a new encryption system is proposed, it is very important to evaluate its resistance to all known attack methods in conditions where the cryptanalyst knows the type of encryption system used, but not in all details. You can evaluate the strength of an encryption system for three different situations:

(1) the cryptanalyst knows only ciphertexts;

(2) the cryptanalyst knows the ciphertexts and their underlying plaintexts;

(3) the cryptanalyst knows both the ciphertexts and the plaintexts that he himself has picked up.

The first case reflects a "typical" situation: if under these conditions the encryption system can be broken in a short time, then it should not be used. The second situation arises, for example, if the same messages are encrypted both according to the new system and according to the old one, which

*) Linear B is one of the most ancient systems of Greek writing. Found on clay tablets at Knossos (Crete) and Pylos. Transcribed by Michael Ventris (1922-1956), English architect and linguist.

a cryptanalyst can read. Such situations related to cases of serious violation of data protection rules occur quite often. The third situation arises mainly when a cryptographer, wishing to assess the security of the system he has created, invites his colleagues, playing the role of an adversary, to break his cipher and allows them to dictate to him the texts to be encrypted. This is one of the standard procedures for testing new systems. A very interesting task for a cryptanalyst is to compose texts in such a way that, after encryption, they obtain maximum information about the details of the system. The structure of these messages depends on how the encryption is performed. The second and third situations can also arise if the cryptanalyst has a spy in the cryptographer's organization: this is exactly what happened in the 1930s, when Polish cryptanalysts received clear and cipher texts of messages encrypted on the German Enigma cipher machine. An encryption system that cannot be broken even in this situation (3) is a really strong cipher. This is exactly what the cryptographer strives for and what the cryptanalyst fears.

Codes that detect and correct errors

Another class of codes is designed to provide error-free transmission information, and not to hide its content. Such codes are called detecting and correcting errors, they are the subject of extensive mathematical research. These codes have been used since the earliest days of computers to protect against errors in memory and data stored on magnetic tape. The earliest versions of these codes, such as the Hamming codes, are able to detect and correct a single error in a six-bit character. A more recent example is the code used on the Mariner spacecraft to transmit data from Mars. Designed to take into account the possible significant distortion of the signal on its long journey to Earth, this code was able to correct up to seven errors in each 32-bit "word". A simple code example of another level, revealing, but not correcting errors, is the ISBN code (International Standard Book Number - International Standard Book Number). It consists of ten characters (ten digits or nine digits with the letter X at the end, which indicates the number 10), and allows you to check for the absence errors in the ISBN. The check is performed as follows: calculate the sum

(first digit) 1+(second digit) 2+(third digit) 3+...+(tenth digit) 10.

My memories from childhood + imagination were enough for exactly one quest: a dozen tasks that are not duplicated.
But the children liked the fun, they asked for more quests and had to go online.
This article will not describe the scenario, legends, design. But there will be 13 ciphers to encode the tasks for the quest.

Code number 1. Picture

Drawing or photo that directly indicates the place where the next clue is hidden, or a hint of it: broom + socket = vacuum cleaner
Complication: make a puzzle by cutting the photo into several parts.

Code 2. Leapfrog.

Swap the letters in the word: SOFA \u003d NIDAV

Code 3. Greek alphabet.

Encode the message with the letters of the Greek alphabet, and give the children the key:

Code 4. On the contrary.

Write the assignment backwards:

• every word:
  Etischi dalk dop yonsos
• or the whole sentence, or even a paragraph:
  etsem morcom momas in - akzaksdop yaaschuudelS. itup monrev an yv

Code 5. Mirror.

(when I made a quest for my children, at the very beginning I gave them a "magic bag": there was a key to the "Greek alphabet", a mirror, "windows", pens and sheets of paper, and all sorts of unnecessary stuff to confuse. Finding another riddle , they had to figure out for themselves what from the bag would help to find a clue)

Code 6. Rebus.

The word is encoded in pictures:

Code 7. Next letter.

We write a word, replacing all the letters in it with the next ones in alphabetical order (then I is replaced by A, in a circle). Or previous, or following through 5 letters :).

CABINET = SCHLBH

Code 8. Classics to help.

I took a poem (and told the children which one) and a code of 2 digits: line number number of letters in the line.

Example:

Pushkin "Winter Evening"

A storm covers the sky with mist,
Whirlwinds of snow twisting;
Like a beast, she will howl
It will cry like a child
That on a dilapidated roof
Suddenly the straw will rustle,
Like a belated traveler
There will be a knock on our window.

21 44 36 32 82 82 44 33 12 23 82 28

did you read where is the clue? :)

Code 9. Dungeon.

In a 3x3 grid, enter the letters:

Then the word WINDOW is encrypted like this:

Code 10. Labyrinth.

My children liked this cipher, it is unlike the others, because it is not so much for brains as for attention.

So:

on a long thread / rope you hook the letters in order, as they go in the word. Then you stretch the rope, twist it and tangle it in every possible way between the supports (trees, legs, etc.). After walking along the thread, as if through a maze, from the 1st letter to the last, the children will recognize the clue word.

And imagine if you wrap one of the adult guests in this way!
Children read - The next clue is on Uncle Vasya.
And they run to feel Uncle Vasya. Eh, if he is also afraid of tickling, then everyone will have fun!

Code 11. Invisible ink.

Write the word with a wax candle. If you paint over the sheet with watercolors, then it can be read.
(there are other invisible inks.. milk, lemon, something else.. But I only had a candle in my house :))

Code 12. Rubbish.

The vowels remain unchanged, while the consonants change according to the key.
For example:
OVEK SHOMOZKO
reads like - VERY COLD, if you know the key:
D L X N H
Z M Shch K V

Code 13. Windows.

The kids loved it so much! They then encrypted messages to each other with these windows all day long.
So: on one sheet we cut out windows, as many as there are letters in the word. This is a stencil, we apply it to a blank sheet and write a hint word "in the windows". Then we remove the stencil and on the remaining clean place of the sheet we write many different other unnecessary letters. You can read the cipher if you attach a stencil with windows.
The children first fell into a stupor when they found a sheet covered with letters. Then they twisted the stencil back and forth, but you still need to attach it with the right side!

Code 14. Map, Billy!

Draw a map and mark (X) the location of the treasure.
When I made my quest for the first time, I decided that the map is very simple for them, so they need to make it more mysterious (later it turned out that just a map would be enough for the children to get confused and run in the opposite direction)...

This is our street map. The clues here are house numbers (to understand that this is our street in general) and huskies. This dog lives next door.
The children did not immediately recognize the area, they asked me leading questions ..
Then 14 children participated in the quest, so I combined them into 3 teams. They had 3 versions of this map and each had its place marked. As a result, each team found one word:
"SHOW" "TALE" "REAP"
That was the next task :). After him were hilarious photos!
On my son's 9th birthday, there was no time to invent a quest and I bought it on the MasterFuns website .. At my own peril and risk, because the description there is not very good.
But we liked it with the children, because:

1. inexpensive (analogue somewhere around $ 4 per set)
2. fast (paid - downloaded - printed - for everything about everything in 15-20 minutes)
3. a lot of tasks, with a margin. And although I didn’t like all the riddles, but there was plenty to choose from, and you could enter your task
4. everything is decorated in one monster style and this gives the holiday an effect. In addition to the tasks for the quest, the kit includes: a postcard, flags, table decorations, invitations to guests. And it's all about the monsters! :)
5. in addition to the 9-year-old birthday man and his friends, I also have a 5-year-old daughter. The tasks are beyond her strength, but she and her friend also found entertainment - 2 games with monsters, which were also in the set. Phew, in the end - everyone is happy!

Once, the elder Nastya and I avidly played detectives and detectives, came up with our own ciphers, methods of investigation. Then this hobby passed and then returned again. Nastya has a fiancé Dimka, who enthusiastically plays scouts. His passion was shared by my daughter. As you know, in order to transmit important information to each other, intelligence officers need a cipher. With the help of these games, you will also learn how to encrypt a word or even a whole text!

White spots

Any text, even without a cipher, can turn into hard-to-read abracadabra if spaces are incorrectly placed between letters and words.

For example, this is what a simple and clear sentence turns into "Meet me at the lake" - "In a meeting with Yanaber yeguozera".

Even an attentive person will not immediately notice the catch. But experienced scout Dimka says that this is the simplest type of encryption.

without vowels

Or you can use this method - write the text without vowels.

For example, here is a sentence: "The note lies in the hollow of an oak, which stands at the edge of the forest". The encrypted text looks like this: "Zpska lie in dpl db, ktr stt n pshke ls".

It will require both ingenuity, and perseverance, and, possibly, the help of adults (who also sometimes do not hurt to train their memory and remember their childhood).

Read the other way around

This encryption combines two methods at once. The text must be read from right to left (that is, vice versa), and spaces between words can be placed at random.

Here, read and decipher: "Neleta minv oak, manoro tsop irtoms".

Second for first

Or each letter of the alphabet can be denoted by the letter following it. That is, instead of "a" we write "b", instead of "b" we write "c", instead of "c" - "d" and so on.

Based on this principle, you can create an unusual cipher. In order not to get confused, we made mini-cheats for all participants in the game. With them it is much more convenient to use this method.

Guess what phrase we encrypted for you: "T'ilb g tzhsibmzh fiobue mzhdlp - according to ojlpdeb oj toynbzhu schmarf".

Deputies

By the same principle as the previous cipher, the "Replacement" method is used. I read that it was used to encrypt sacred Jewish texts.

Instead of the first letter of the alphabet, we write the last one, instead of the second - the penultimate one, and so on. That is, instead of A - Z, instead of B - Yu, instead of C - E ...

To make it easier to decipher the text, you need to have an alphabet and a piece of paper with a pen at hand. You look at the correspondence of the letter and write it down. It will be difficult for a child to estimate by eye and decipher.

tables

You can encrypt the text by first writing it to the table. You just need to agree in advance which letter you will mark spaces between words.

A little hint - it should be a common letter (such as p, k, l, o), because letters that are rarely found in words immediately catch the eye and because of this the text is easily deciphered. You also need to discuss how large the table will be and how you will enter the words (left to right or top to bottom).

Let's encrypt the phrase together using the table: At night we go to catch carp.

The space will be denoted by the letter "r", the words are written from top to bottom. Table 3 by 3 (we draw in the cells of a regular notebook sheet).

Here's what we get:
N I M O T K A Y
O YU D R V A S R
CH R E L I R R E.

Lattice

In order to read the text encrypted in this way, you and your friend will need the same stencils: sheets of paper with squares cut out on them in random order.

Encryption must be written on a sheet of exactly the same format as the stencil. Letters are written in cells-holes (and you can also write, for example, from right to left or top to bottom), the remaining cells are filled with any other letters.

Key in the book

If in the previous cipher we prepared two stencils, now we need the same books. I remember back in the days of my childhood, boys at school used Dumas' novel "The Three Musketeers" for this purpose.

The notes looked like this:
"324 s, 4 a, c, 7 sl.
150 s, 1 a, n, 11 w…."

First digit indicated the page number
second- paragraph number
third letter- how should paragraphs be counted from above (c) or below (n),
fourth letter- word.

In my example, the desired words need to be searched:
First word: on page 324, in the 4th paragraph from the top, the seventh word.
Second word: on page 150, 1 paragraph from bottom, eleventh word.

The decryption process is not fast, but none of the outsiders will be able to read the message.

Use an old and little known recording system. Even Roman numerals are not always easy to read, especially at a glance and without a reference book. Few people will be able to determine “on the fly” that the number 3489 is hidden in the long line MMMCDLXXXIX.

Many people are familiar with the Roman numeral system, so it cannot be called reliable for encryption. It is much better to resort, for example, to the Greek system, where the numbers are also indicated by letters, but there are much more letters used. In the inscription OMG, which can easily be mistaken for an expression of emotions common on the Internet, the number 443 written in Greek can be hidden. The letter “O micron” corresponds to the number 400, the letter “Mu” denotes 40, and “Gamma” replaces the three.

The disadvantage of such letter systems is that they often require exotic letters and signs. This is not difficult if your cipher is written in pen and paper, but becomes a problem if you want to send it, say, by e-mail. Computer fonts include Greek characters, but they can be difficult to type. And if you chose something even more unusual, like an old Cyrillic notation or Egyptian numbers, then the computer simply cannot transmit them.

For such cases, we can recommend a simple method that in Russia in the old days was used by all the same itinerant merchants - peddlers and ofen. For successful trading, it was vital for them to coordinate prices among themselves, but in such a way that no outsider would know about it. Therefore, pedlars have developed many ingenious encryption methods.

They dealt with numbers in the following way. First you need to take a word that has ten different letters, for example, "justice." The letters are then numbered from one to zero. "P" becomes the sign for one, "v" for four, and so on. After that, any number can be written in letters instead of numbers in the usual decimal system. For example, the year 2011 is written in the ofene system as "repp". Try it yourself, hidden in the line "a, pvpoirs".

"Justice" is not the only Russian word suitable for this method. "Industriousness" is no worse: it also contains ten non-repeating letters. You may well look for other possible bases on your own.

Data encryption is one of the ways to protect information from unauthorized access. There are many different encryption methods, you just need to choose the one that suits you.

You will need

• - computer.

Instruction

Use simple encryption techniques if you need to transfer a small amount of information. Write down the original message, then you can shift the alphabet by one letter. To do this, rewrite the text, but instead of each letter, enter the next one after it in alphabetical order. For example, the text “Information” encrypted using this method will look like this: “Yohpsnbchya”. You can do it differently - instead of the letter of the alphabet, enter the letter opposite to it, for example, instead of "A", enter "I". To do this, write the letters of the alphabet, divide in half and each half.

Use compound substitution ciphers to encrypt texts. This uses polyalphabetic substitution, which swaps and substitutes the alphabets used for encryption. You can encrypt a message using the Gronsfeld cipher. To do this, write down the text of the message, come up with a digital key, that is, a combination of numbers for encryption. Write this key under the letters of the message. If the key is shorter than the text, repeat it. Next, encrypt the message in this way: for example, the first letter of the message is L. The key you used looks like 35399. Accordingly, you have the number “3” under the first letter. So, under this number, enter the letter, the third in order after "L". Get the letter "O". Encrypt the rest of the letters in the same way. Anyone who knows the digital code and has the cipher text, as well as the encryption method, will easily decipher this text.

Use a data encryption program if you do not have time to invent ciphers and encode texts. Download it from the link http://zimagec.narod.ru/main/Section/Bez/FixTC0.html. Run the program, enter the password (key), which will be the basis for data encryption. Decryption will be possible only after entering this password. Enter the text to be encrypted into the program window, click the "Encode" button, and to decrypt - "Decode".

Related videos

Sources:

• encrypted alphabet

The need to encrypt a string variable in web programming arises quite often. It may be necessary not only to work with passwords or other private data. For example, it is often easier to encrypt an html code that needs to be saved to a file, database or cookies than to organize its cleaning of all prohibited characters before writing, and then restoring them after reading. Below is one of the options for encrypting a string variable using the PHP language.

Instruction

Use PHP's built-in base64_encode function to encode string variables. It has one parameter that must be passed - the value of the encrypted variable. For example, PHP code that outputs "encrypted string" encoded by the MIME base64 method might look like this:

The encoded text will be: "5+D46PTw7uLg7e3g/yDx8vDu6uA=".

Use the base64_decode built-in function to decode string variables encrypted with the MIME base64 method. This function also has only one required parameter. For example, to display the code obtained in the previous step on the page, use the following line in PHP:

Use some web service if you need to encode a word or a test once or if you cannot execute PHP scripts. For example, going to the page http://tools4noobs.com/online_php_functions/base64_encode enter the desired word or text in the only field and click on the button labeled Base 64 encode. The script on the server will receive the entered data, apply the base64_encode function to it, and place the encoded value in an additional input field. In it, the encrypted string can be copied and used at your discretion. If you need to decrypt, you can use a similar web service that will apply the base64_decode function to the value you enter. The corresponding page on this site is located at http://tools4noobs.com/online_php_functions/base64_decode.

Deciphering is one of the most exciting activities. After all, it is always so curious to find out what exactly is hidden behind this or that encoding. Moreover, there are a lot of different types of ciphers. Therefore, there are also plenty of ways to recognize and translate them. The most difficult task is to correctly determine exactly how to decipher this or that riddle.

Instruction

If you are going to decrypt a certain encoding, remember that in most cases the information is encrypted by spoofing. Try to identify the most common letters in the language and match them with the ones you have in the cipher. Researchers have made it easy for you and some of them have already been summarized in a specific table. If you use it, it will greatly speed up the decryption process. In a similar way, the ciphers of Polybius and Caesar were deciphered at one time.

Solving the problem of determining the key by simply enumerating all options, is generally impractical, except for using a very short key. Therefore, if a cryptanalyst wants to have a real chance of cracking a cipher, he must abandon the "brute force" methods of enumeration and apply a different strategy. In the disclosure of many encryption schemes, statistical analysis can be applied using the frequency of occurrence of individual characters or their combinations. To complicate the solution of the problem of breaking the cipher using statistical analysis, K. Shannon proposed two concepts of encryption, called confusion (confusion) And diffusion (diffusion). Confusion is the application of substitution such that the relationship between the key and the ciphertext is made as complex as possible. The application of this concept complicates the use of statistical analysis, which narrows the key search area, and the decryption of even a very short sequence of a cryptogram requires a search of a large number of keys. In turn, diffusion is the application of such transformations that smooth out statistical differences between symbols and their combinations. As a result, the use of statistical analysis by a cryptanalyst can lead to a positive result only if a sufficiently large piece of ciphertext is intercepted.

The implementation of the goals proclaimed by these concepts is achieved through the repeated use of elementary encryption methods such as the method of substitution, permutation and scrambling.

10.4.1. Substitution method.

The simplest and having greatest story is a substitution method, the essence of which is that the character of the source text is replaced by another selected from this or another alphabet according to the rule specified by the encryption key. The location of the character in the text does not change. One of the earliest examples of the use of the staging method is caesar cipher, which was used by Gaius Julius Caesar during his Gallic campaigns. In it, each letter of the plaintext was replaced by another, taken from the same alphabet, but cyclically shifted by a certain number of characters. The application of this encryption method is illustrated by the example shown in Figure 10.3, in which the encryption transformation is based on the use of an alphabet with a cyclic shift of five positions.

Rice. 10.3, A )

Original text

Cryptogram

Rice. 10.3, b )

Obviously, the cipher key is the value of the cyclic shift. If you choose a different key than specified in the example, the cipher will change.

Another example of a classical scheme based on the substitution method is the encryption system called polybius square. With regard to the Russian alphabet, this scheme can be described as follows. Initially combined into one letter E, Yo; I, Y and b, b, the true meaning of which in the deciphered text is easily restored from the context. Then 30 symbols of the alphabet are placed in a table of size 65, an example of filling which is shown in Fig. 10.4.

Rice. 10.4.

Encryption of any plaintext letter is done by specifying its address (i.e. row and column number or vice versa) in the given table. So, for example, the word CAESAR is encrypted using the Polybius square as 52 21 23 11 41 61. It is quite clear that the code can be changed as a result of permutations of the letters in the table. It should also be noted that those who attended a tour of the casemates of the Peter and Paul Fortress should remember the words of the guide about how the prisoners were knocking among themselves. Obviously, their way of communicating is completely covered by this encryption method.

An example of a polyalphabetic cipher is a scheme based on the so-called. progressive key of Trithemius. The basis of this encryption method is the table shown in Fig. 10.5, whose lines are cyclically shifted by one position copies of the original alphabet. Thus, the first line has a zero shift, the second is cyclically shifted one position to the left, the third is two positions relative to the first line, and so on.

Rice. 10.5.

One of the encryption methods using such a table is to use, instead of the first character of the plaintext, the character from the first cyclic shift of the source alphabet, standing under the encrypted character, the second character of the plaintext - from the string corresponding to the second cyclic shift, etc. An example of encrypting a message in this way is shown below (Figure 10.6).

plain text

Ciphertext

Rice. 10.6.

Several interesting variants of ciphers based on the Trithemius progressive key are known. In one of them, called Vigenere key method, a keyword is used that specifies the strings to encrypt and decrypt each subsequent character of the plaintext: the first letter of the key specifies the row of the table in fig. 10.5, with which the first character of the message is encrypted, the second letter of the key specifies the row of the table that encrypts the second character of the plaintext, and so on. Let the word “THROMB” be chosen as the key, then the message encrypted using the Vigenere key can be represented as follows (Fig. 10.7). It is obvious that the opening of the key can be carried out on the basis of a statistical analysis of the ciphertext.

plain text

Ciphertext

Rice. 10.7.

A variation of this method is the so-called. automatic method (open) key Viginera, in which as generating key a single letter or word is used. This key gives the initial string or strings to encrypt the first or first few characters of the plaintext, similar to the previously discussed example. The plaintext characters are then used as the key to select the encryption string. In the example below, the letter "I" is used as the generating key (Fig. 10.8):

plain text

Ciphertext

Rice. 10.8.

As the example shows, the choice of cipher strings is completely determined by the content of the plaintext, i.e. feedback on the plaintext is introduced into the encryption process.

Another version of the Vigenere method is automatic method (encrypted) Vigenère's key. It, like public key encryption, also uses a generating key and feedback. The difference is that after encryption with a generating key, each subsequent key character in the sequence is not taken from the plaintext, but from the resulting cryptogram. Below is an example explaining the principle of applying this encryption method, in which, as before, the letter “I” is used as a generating key (Fig. 10.9):

plain text

Ciphertext

Rice. 10.9.

As can be seen from the above example, although each subsequent key symbol is determined by the cryptogram symbol preceding it, it is functionally dependent on all previous symbols of the clear message and the generating key. Consequently, there is a scattering effect of the statistical properties of the source text, which makes it difficult for a cryptanalyst to apply statistical analysis. The weak link of this method is that the ciphertext contains the characters of the key.

By current standards, Vigenere encryption is not considered secure, but the main contribution is the discovery that non-repeating key sequences can be generated using either the messages themselves or functions from the messages.

A variant of the implementation of the substitution technology, which sufficiently implements the concept of mixing, is the following example, based on a non-linear transformation. The stream of information bits is preliminarily divided into blocks of length m, with each block being represented by one of a different symbol. Then a lot of
characters are shuffled so that each character is replaced by another character from this set. After the shuffling operation, the symbol turns back into m-bit block. A device that implements the described algorithm when
, shown in Fig. 10.10, where the table specifies the rule for mixing symbols of the set from
elements.

Rice. 10.10.

It is not difficult to show that there is
various substitutions or related possible models. In connection with this, at large values m the task of the cryptanalyst becomes computationally almost impossible. For example, when
the number of possible substitutions is defined as
, i.e. is an astronomical number. Obviously, with such a value m this transformation with substitution block (substitution block, S-block) can be considered as having practical secrecy. However, its practical implementation is hardly possible, since it presupposes the existence
connections.

Let us now make sure that S is the block shown in Fig. 10.10, indeed performs a non-linear transformation, for which we use the principle of superpositions: transformation
is linear if. Let's pretend that
, A
. Then, a, whence it follows that S-block is non-linear.

10.4.2. The permutation method.

At permutation(or transpositions) in accordance with the key, the order of the plaintext characters is changed, while the meaning of the character is preserved. Permutation ciphers are block ciphers, i.e., the source text is preliminarily divided into blocks, in which the permutation specified by the key is carried out.

The simplest implementation of this encryption method can be the previously considered interleaving algorithm, the essence of which is to split the stream of information symbols into blocks of length
, writing it line by line into a memory matrix of size lines and columns and reading by columns. An example of this algorithm is
in fig. 10.11, during which a phrase is recorded X="Examination time will start soon." Then, at the output of the permutation device, a cryptogram of the form

Rice. 10.11.

The considered version of the permutation method can be complicated by introducing the keys
And
, which determine the order of writing rows and reading columns, respectively, as illustrated by the table in Fig. 10.12. The result of the transformation will look like this

Rice. 10.12.

On fig. 10.13 is an example of a binary permutation of data (linear operation), which shows that the data is simply shuffled or permuted. The transformation is carried out using the permutation block ( permutation block, P-block). The permutation technology implemented by this block has one major drawback: it is vulnerable to spoof messages. The fake message is shown in Fig. 10.13 and consists in supplying a single unit to the input with the remaining zeros, which allows you to detect one of the internal links. If a cryptanalyst needs to analyze such a scheme using a plaintext attack, he will send a sequence of such deceptive messages, shifting a single unit by one position with each transmission. As a result of such an attack, all input and output connections will be established. This example demonstrates why the security of a circuit should not depend on its architecture.

10.4.3. Gamma method.

P attempts to approach perfect secrecy are demonstrated by many modern telecommunication systems using the scrambling operation. Under scrambling is understood as the process of superimposing codes of a random sequence of numbers on the codes of plaintext characters, which is also called gamma (after the name of the letter  of the Greek alphabet, used in mathematical formulas to denote a random process). Gambling refers to streaming encryption methods, when successive plaintext characters are sequentially converted into ciphertext characters, which increases the conversion speed. So, for example, the stream of information bits arrives at one input of the modulo 2 adder shown in Fig. 10.14, while the second one has a scrambling binary sequence
. Ideally the sequence
must be a random sequence with equally likely zeros and ones. Then the output encrypted stream
will be statistically independent of the information sequence
, which means that the sufficient condition for perfect secrecy will be satisfied. In fact, it's completely random.
is not necessary because otherwise the recipient would not be able to recover the plaintext. Indeed, the recovery of the plaintext on the receiving side should be carried out according to the rule
, so that exactly the same scrambling sequence and with the same phase must be generated at the receiving side. However, due to pure chance
this procedure becomes impossible.

In practice, pseudo-random sequences (RRPs), which can be reproduced on the receiving side, have found wide use as scrambling ones. Stream encryption technology usually uses a generator based on linear shift register with feedback (linear feedback shift register(LFSR)). The typical structure of the PSP generator shown in fig. 10.15, includes a shift register, which consists of – individual delay elements or bits having possible states and storing some field element
during the clock interval, the circuit feedback, which includes multipliers of elements (states) stored in digits by constants , and adders. The formation of the PSS is described by a recursive relation of the form

where coefficients
are fixed constants belonging to
, according to which each next element of the sequence is calculated based on n previous ones.

Since the number of different register states is finite (at most ), the situation is inevitable when, after a certain number of cycles, the state will repeat itself in the form of one of the previous ones. However, starting from some initial load, i.e. fixed state, diagram in fig. 10.15 will only generate a single sequence defined by the mentioned recursion. Therefore, the repetition of the state of the register leads to the repetition of all subsequent generated symbols, which means that any SRP is periodic. Moreover, in the case of the zero state of the register (the presence of zeros in all digits), an infinite degenerate sequence will always be formed, consisting of only zeros. It is obvious that such a case is absolutely unpromising, so the zero state of the register should be excluded. As a result, no more
allowed states of the register, which limits the maximum possible period of the sequence to a value not greater than
.

Example 10.4.1. On fig. 10.16, a, the implementation of the generator based on the shift register with linear feedback, which forms a binary pseudo-random sequence of the period
. Note that in the case of a binary PRS, multiplying by one is equivalent to simply connecting the bit output to an adder. Rice. 10.16, b, illustrates successive contents of the register (bit states), as well as the states of the feedback output (OS point in the diagram) when clock pulses are applied. The sequence is read in the form of successive states of the extreme p right rank. Reading the states of other bits results in copies of the same sequence shifted by one or two cycles.

At first glance, it can be assumed that the use of a long-term memory bandwidth can provide a sufficiently high security. So, for example, in a cellular mobile communication system of the IS-95 standard, the PRP of the period
among elementary chips. With a chip rate of 1.228810 6 symbols/sec, its period is:

Therefore, it can be assumed that since the sequence does not repeat for such a long period, then it can be considered random and provide perfect secrecy. However, there is a fundamental difference between a pseudo-random sequence and a truly random sequence: a pseudo-random sequence is formed according to some algorithm. Thus, if the algorithm is known, then the sequence itself will be known. As a result of this feature, an encryption scheme using a linear feedback shift register is vulnerable to a known plaintext attack.

To determine the feedback taps, the initial state of the register and the entire sequence, it is enough for a cryptanalyst to have only
bits of the plaintext and their corresponding ciphertext. Obviously, the value 2 n much less than the PSP period equal to
. Let's illustrate the mentioned vulnerability with an example.

Example 10.4.2. Let the period SRP be used as the scrambling one
, generated using recursion of the form

at the initial state of the register 0001. As a result, the sequence will be formed. Let us assume that a cryptanalyst who knows nothing about the feedback structure of the PSP generator has managed to obtain
cryptogram bit and its public equivalent:

Then, having added both sequences modulo 2, the cryptanalyst gets at his disposal a fragment of the scrambling sequence, which shows the state of the shift register at different points in time. So, for example, the first four bits of the key sequence correspond to the state of the register at some point in time . If we now shift the window that selects four bits by one position to the right, then the states of the shift register will be obtained at successive points in time
. Given the linear structure of the feedback circuit, we can write that

Where PSP symbol, which is generated by the feedback circuit and fed to the input of the first digit of the register, and
determines the presence or absence i-th connection between the bit output of the shift register and the adder, i.e. feedback scheme.

Analyzing the states of the shift register at four consecutive times, we can compose the following system of four equations with four unknowns:

The solution of this system of equations gives the following values ​​of the coefficients:

Thus, having determined the feedback circuit of the linear register and knowing its state at the moment of time , the cryptanalyst is able to reproduce the scrambling sequence at an arbitrary point in time, and therefore is able to decrypt the intercepted cryptogram.

Generalizing the considered example to the case of an arbitrary memory shift register n, the original equation can be represented as

,

and the system of equations is written in the following matrix form

,

Where
, A
.

It can be shown that the columns of the matrix are linearly independent, and hence there is an inverse matrix
. Hence

.

Matrix inversion requires order operations, so
we have
that for a computer with a speed of operation, one operation for 1 μs will require 1 second to reverse the matrix. Obviously, the weakness of the shift register is due to the linearity of the feedback.

To make it difficult for an analyst to calculate the elements of the PSP when comparing fragments of the plaintext and encryption, feedback on the output and ciphertext is used. On fig. 10.17 explains the principle of introducing ciphertext feedback.

Rice. 10.17. Stream Encryption with Feedback.

First, a preamble is transmitted, which contains information about the parameters of the generated SRP, including the value of the initial phase Z 00 . For each n generated ciphergram symbols, a new phase value is calculated and set in the generator
. Feedback makes the gamma method sensitive to cryptogram distortions. So, due to interference in the communication channel, some received symbols may be distorted, which will lead to the calculation of an erroneous value of the PRS phase and make further decoding difficult, but after receiving n correct ciphertext characters the system is restored. At the same time, such a distortion can be explained by an attacker's attempt to impose false data.