Unlocking the Secrets of Cryptography: A Beginner’s Guide to Breaking Ciphers — Part 2
This is the second post in my breaking ciphers series. If you haven’t read the previous one, you can find it here:
In my previous post, I showed how to apply frequency analysis and break a cipher. In this post, I will make the cipher more complicated and try to break it again.
I will use the same ciphertext for this post:
Cryptanalysis of Product Cipher Composed of Porta Ciphers
As I defined previously, creating substrings and measuring their closeness to English letter characteristics after applying transformations allows us to gain insight and figure out key elements.
How about applying a Porta Cipher into the output of another Porta Cipher? Will it increase the security?
If both Porta Ciphers of that product cipher have the same key lengths, we can smoothly apply the previous approach because encrypting a letter with one key and then encrypting it again with another key is akin to using a different type of tableau. Here is an example:
When we use that ciphertext as an input of a Porta Cipher, we will get the plain text as expected:
So, to create a noteworthy product cipher, we should choose a different key than the original one.
As an example:
Even though we used different keys and created a ciphertext from a ciphertext, it is similar to using only one Porta Cipher. We can demonstrate the above product cipher as:
One may assume that obtaining Q and then K is equivalent to directly acquiring K upon initial observation. However, the reality differs from this assumption.
The character frequency of the second cipher’s ciphertext, obtained through the product cipher using MUDFOG as the key for the second cipher, is presented below.
Upon calculating the IoC for the ciphertext, we obtain the following result:
The initial hypothesis of obtaining Q and then K is equivalent to directly acquiring K holds true since the key length of 6 and the resulting output is identical to using only the first cipher. However, this initial judgment is not definitive since, as previously noted, the Porta Cipher is reciprocal such that [A-M] is mapped to [N-Z] and vice versa. Therefore, there is no direct correspondence between the composition of two Porta Ciphers and the original plaintext.
To resolve the issue of non-idempotency, I offered a solution to encrypt the output of the second Porta Cipher with another Porta Cipher of key length 6. Upon analyzing the resulting ciphertext, I obtained the following frequency distribution:
The IoC values yield the following results:
We observe that the key length is congruent, prompting an attempt to treat the cipher text as a non-product cipher and decipher it accordingly. Furthermore, we got the reciprocal versions of characters compared to using two Porta Ciphers. Below are the results of the Chi-squared Statistics when applying each key element transformation to each cluster:
So, the candidate key is all of the combinations of these letters:
I tried that as a candidate key:
Therefore, this triple encryption has become idempotent, and it is evident that iterating it does not enhance its security. In summary, we have the following:
Regardless, it is equivalent to that:
So, the key space remains 13^key length.
On the other hand, a question may arise regarding the case of having different key lengths. However, we should comprehend that having a key with a length of 6 is equivalent to having a key with a length of 12, achieved by repeating the original key once more. Therefore, if we have a sufficiently long ciphertext, we can aim for the least common multiple of the key lengths and attempt to break it accordingly as a solution.
Overall, we applied Porta Cipher twice but security did not increase. That is called as non-idempotency and mentioned by Shannon. He proposed using the product of substitution-type ciphers with permutation-type ciphers to fix that issue.
What is Next?
In the next post, I will try to break a combination of Porta Cipher and Permutation Cipher.
Don’t forget to follow me on Twitter: https://twitter.com/kamaci_furkan
Stay tuned!
References
[1] David Kahn. The Codebreakers: The Comprehensive History of Secret Communication from Ancient Times to the Internet. Scribner, 1996, p. 139. isbn: 9780684831305.
[2] Keith M. Martin. Everyday Cryptography. Oxford University Press, 2012, p. 142. isbn: 9780191625886.
[3] Berna Örs Yalçın. Lecture notes in Cryptography. Apr. 2023.
[4] William F Friedman. The index of coincidence and its applications in cryptography. Riverbank Laboratories. Department of Ciphers. Publ. OCLC, 1922.
[5] Practical Cryptography. Chi-squared Statistic. url: http://practicalcryptography.com/cryptanalysis/ text-characterisation/chi-squared-statistic/. (Accessed: 03.04.2023).
[6] Douglas R. Stinson and Maura B. Paterson. Cryptography: Theory and Practice. 4th. Boca Raton, FL: CRC Press, 2019, pp. 75–78. isbn: 9781138197015.
[7] Vittorio et. al Maniezzo. Matheuristics, Algorithms and Implementations. Springer International Pub- lishing, 2021.
[8] Bill Waggener. Pulse Code Modulation Techniques. Springer, 1995, p. 206. isbn: 9780442014360.
