7. The Bedrock of Cybersecurity: Cryptography 149 metric shapes for ciphertext symbols.2 The key for the pigpen cipher is easy to recreate from memory because it maps to logically laid out grids that resemble pigpens (see Figure 7.2). Sir Arthur Conan Doyle used stick figures for his ciphertext alphabet in his short Sherlock Holmes story The Adventure of the Dancing Men (see Figure 7.3). Figure 7.2 The key for the pigpen cipher. Figure 7.3 Dancing men (top) and pigpen ciphertext (bottom) for “attack at dawn.” An important security property of a cipher is its keyspace. The keyspace is the number of possible keys. If an adversary has ciphertext and knows or can guess the type of cipher being employed, he can try to decrypt it by guessing the key. This is called a brute-force key search attack. A measure of a cipher’s strength, therefore, is the amount of time it would take an attacker to guess the key. This is the advertised strength of the cryptographic technique. When designing a cryptographic algorithm, the math for brute-force key search attacks should always be considered since attackers may attempt it. When adversaries use cryptanalysis to find a quicker way to reveal ciphertext messages than a brute-force keyspace attack would take, the cryptographic technique is said to be broken, and it should no longer be used. This formula provides the worst case time for an attacker to perform a brute-force key search attack: keyspace / keys per second 2 See Figure 3.3 for an example use of the pigpen cipher.
RkJQdWJsaXNoZXIy MTM4ODY=