INVITATION TO CYBERSECURITY 150 For example, for the alphabetic shift cipher, which has a keyspace of twenty-six, if we estimate that each key takes a person one minute to check by hand, then the worst case time to crack the ciphertext by hand is: 26 keys / 1/60 keys per second = 1560 seconds This is twenty-six minutes. This math assumes that the attacker will find the key on his last guess. However, it is just as likely that he will find the key on his first guess. For this reason, to provide a more realistic estimate, we assume that the attacker will succeed after trying half the keys—this is the average case. Therefore, this is the formula used to determine a cipher’s key strength: keyspace / keys per second / 2 For the alphabetic shift cipher given our assumptions, this is: 26 keys / 1/60 keys per second / 2 = 780 seconds As we saw above, the keyspace for the general monoalphabetic substitution cipher that uses the English alphabet for ciphertext characters is approximately 4 × 1026. If this cipher were attacked with a supercomputer, we can estimate that it might be possible to test one trillion (1012) keys per second. Therefore, it would take: 4 × 1026 keys / 1012 keys per second / 2 = 2 × 1014 seconds This many seconds is bigger than it looks—it exceeds six million years! Needless to say, the ancient monoalphabetic substitution cipher is secure against a brute-force key search attack even in the modern computer era. However, the Arabs figured out a way in the 10th century AD to successfully attack the monoalphabetic substitution without resorting to a brute-force key search. For example, all of the ciphertexts for attack at dawn above share a pattern regardless of the key. In Figure 7.4, the digits represent unique characters. In these twelve characters of ciphertext, seven unique characters are used, and two characters appear multiple times. What emerges is a pattern, and this pattern can be analyzed to narrow down and possibly even reveal the plaintext message. The ciphertext symbols disguise the original letters, but the distinctive characteristics of the letters still shine through their disguises. Figure 7.4 Monoalphabetic ciphertext pattern for “attack at dawn.”
RkJQdWJsaXNoZXIy MTM4ODY=