One of the reasons the ceasar substitution cipher is so weak is there is a very small keyspace.
There are only 26 letters you can use as an offset value. The attacker can easily try all
26 possible values and see which one produces a readable result.
Even if you allow non-printing
values so characters can have values between 0 and 255, there are still only 256 possible key
values. The attacker can easily try them all.
A slightly better technique is to use a repeating keyword. You write a letter from the
keyword beneath each letter in the plaintext. If you run out of keyword letters, you
repeat them. Then you combine the letters in the plaintext and the repeating keyword
just as you would for a Ceasar substitution.
Plaintext: THISI SABIG SECRE T
Key (SECRET): SECRE TSECR ETSEC RET
Now different plaintext letters get different key letters so they have different offsets.
The attacker cannot guess a single offset value to recover every plaintext letter.
This method also provides a much bigger keyspace so it is harder for the attacker
to try every possible key. If you allow only letters in the key, then a keyword
with N letters has 26 ^ N possible values. For example, there are 141,167,095,653,376
possible 10 letter keywords. Even with a computer, it would take a while to try every possible value.
If you're worried that the attacker may have a really fast computer, use a 20 letter keyword.
There are roughly 2E+28 possible 20 letter keywords. Even if the attacker can test 1 million
keywords per seond, it would take roughly 631,917,456,088,579 years to try all possible combinations.
This system is simple and provides some security so it is very common in games and other programs
that don't need a high level of security.
Back to top
- Write a program that has three TextBoxes for plaintext, a keyword, and ciphertext.
After entering plaintext and a keyword, the user should be able to click a button
to generate the ciphertext. Similarly after entering a keyword pad and ciphertext, the
user should be able to click another button to recover the plaintext. The program should
reformat the text so it contains all capital letters in groups of five characters each.
- Modify the previous program so the user can load and save the plaintext and ciphertext
in text files with extensions .txt and .cip.
- Modify the program again so it has an option to use Visual Basic's Rnd statement to generate
a pseudo-random keyword. Be sure to use Randomize to initialize the random number
generator.
- While this system may seem secure, it is not really. It takes a little more work to break it than
it takes to break the Ceasar substitution cipher.
Write a program that takes a ciphertext value and recovers the corresponding keyword and plaintext.
Hint: this cipher is really just using separate Ceasar substitutions on different parts of the plaintext.
Email the solution to cipher@vb-helper.com before I post the solution
and I'll mention your name in the next tutorial.
Back to top
Back to main cryptography tutorial
|
