In this lab, we will perform a chosen-plaintext attack on the Caesar cipher. Cryptanalysis is a technique in which the target is to decrypt the cipher without the key to get the plain-text. To perform a chosen-plaintext attack on the Caesar cipher, we need to know about the Caesar cipher and the chosen-plaintext attack.
STEP 1: Understanding the Caesar Cipher
Caesar cipher is one of the oldest substitution ciphers that were used in the medieval times. Here the plain-text is shifted down the alphabet line by the offset provided by the key chosen for encryption. Since, there are 26 letters in the alphabet, a key value of 26, when used to encrypt the message, returns the same plain-text as cipher text. With a key of 2, letter A in the plain text becomes letter C, C becomes letter E and so on. For example- if we choose INFOSECINSTITUTE as the plain text and the key of 5. The cipher text is obtained by shifting I by 5 to become N, N by 5 to give S and so on. The plain-text and cipher-text are shown below:
Plain Text: INFOSECINSTITUTE
Cipher Text: NSKTXJHNSXYNYZYJ
It should be noted that in any case the shift exceeds the alphabet range it should rolled over. For example, the plain-text ZOO, when encrypted using a key of 2 becomes, BQQ in the cipher text. Here, Z is shifted by two to give B.
Step 2: Overview of Chosen-Plaintext Attack
Now that we have an idea about the Caesar cipher let us get a comprehensive overview of chosen-plaintext attack. In a chosen-plaintext attack, the cryptanalyst has access to the encryption block/ system. Here, the cryptanalyst chooses an arbitrary plaintext and obtains the cipher text for it by using the encryption algorithm. Once the cipher text is obtained, the cryptanalyst uses the plain-text, cipher-text pair for analysis and derive the information about the key. This is different from a known plain-text attack, where at least one set of plain-text, cipher-text is already known to the cryptanalyst.
Step 3: Performing Chosen Plain Text Attack on Caesar Cipher
Now, let us take some plain text and encrypt it using a random number which has a value less than 26 as key. This disguises the key.
Plain Text 1: CRYPTOGRAPHY
Now, let us assign a random number to a variable key. For this let us open Python from the terminal in Kali Linux.
Figure 1 Starting Python
After opening python, let us import random, for generation of a random integer. And assign a variable named key, a random value between 1 and 25. Let us also declare a list named plain_text. This is shown on the next page:
Figure 2 Plain text declared and random key generated
Now, let us encrypt the message using the random key. Let us declare an empty list called cipher_text. For this we need chr( ) and ord( ) functions of Python. chr( ) takes an integer as a parameter, and changes it to a character with equivalent ASCII value. ord( ) does the opposite.
Figure 3 Creating cipher text with a random key
Ethical Hacking Training – Resources (InfoSec)
Now, let us print the cipher_text to see what the cipher text is. This is shown below:
Figure 4 The Cipher Text
Now, we have a plain-text cipher text pair.
Plain Text: CRYPTOGRAPHY
Cipher Text: QFMDHCUFODVM
It should also be noted that since the cipher text is generated using a random function. It may be different for different execution times and different execution machines.
Now that we have the both plain text and cipher text arrays let us simply analyze the relationship between them to find the key. Here, we can see that the alphabet ‘C’ in the plaintext is shifted by 14 to become ‘Q’; ‘R’ is also shifted and rolled over to become ‘F’ and so on…
C (+ 14) [D-1, E-2, F-3, G-4, H-5, I-6, J-7, K-8, L-9, M-10, N-11, O-12, P-13, Q-14] = Q
R (+14) [S-1, T-2, U-3, V-4, W-5, X-6, Y-7, Z-8, A-9, B-10, C-11, D-12, E-13, F-14] = F
This gives a key length of 14. (May be different in your case)
Now, let us print the variable key to see what we have done is successful.
Figure 5 the value of key
Here, the value of the key is also 14. So, in this lab, we have completed a chosen-plaintext attack for the Caesar cipher.