Phishing
Microsoft Vulnerabilities
• Sharp increase in attacks on Windows based
PCs in 1st half of 2004
– 1237 new vulnerabilities or 48/week
• Increase in number of bot networks
– 30,000 from 2,000 in previous 6 months
• Increase in percent of e-commerce attacks
from 4% to 16%
• 450% increase in new Windows viruses –
4,496
Spam and E-commerce
• Tim Pigot, Pfizer’s men’s sexual health division –
Pfizer is not the source of Viagra spam
– “I, unfortunately get a lot of Viagra spam myself… We’d love
to be able to talk more intimately with the people who are
interested in engaging with us that way. If we didn’t live in
a world full of Viagra spam it would be easier.”
• DoubleClick survey – the rate at which customers
open commercial e-mail attached adverts is on the
decline. Possible causes?
– Spam fatigue
– Fear of phishing
Introduction to Cryptography
Cryptography
• Why is cryptography used?
• What applications make use of
cryptography?
• What skills make a good crypto-analyst?
Anagrams
Conversation
Voices rant on
Desperation
A rope ends it
Militarism
I limit arms
Eric Clapton
Narcoleptic
Madonna Louise Ciccone
Occasional nude income
George Bush
He bugs Gore
Terms
•
•
•
•
•
Cryptography
Plaintext
Ciphertext
Algorithm
Key
Symmetric Encryption
• Plaintext + algorithm = ciphertext
Ciphertext + algorithm = plaintext
• Problems – 1. The algorithm must be
good, and 2. What do you do about
people entering and leaving the
cryptogroup
Use of a Key
• Plaintext + algorithm + key =
ciphertext
Ciphertext + algorithm – key =
plaintext
• Algorithms are symmetric because both
parties share the same key
Vigenére’s Cipher
1) Select a key – say 1, 23, 14, 6
2) The 1st letter of the plaintext message is
encrypted finding the plaintext letter in row
1 and reading the ciphertext letter as the
column heading, the 2nd letter using row
23, the 3rd using row 14, the 4th using row
6, the 5th using row 1, etc.
3) To decrypt, find the ciphertext letter in the
column heading of the appropriate row and
read the plaintext letter in the cell below.
Vigenére’s Cipher Example
Using the key 1, 23, 14, 6
EVERYONE is encrypted as
DZQLXRAZ
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
A
B
C
D
E
F
G
H
I
J
K
L
M
N
O
P
Q
R
S
T
U
V
W
X
Y
Z
B
C
D
E
F
G
H
I
J
K
L
M
N
O
P
Q
R
S
T
U
V
W
X
Y
Z
A
C
D
E
F
G
H
I
J
K
L
M
N
O
P
Q
R
S
T
U
V
W
X
Y
Z
A
B
D
E
F
G
H
I
J
K
L
M
N
O
P
Q
R
S
T
U
V
W
X
Y
Z
A
B
C
E
F
G
H
I
J
K
L
M
N
O
P
Q
R
S
T
U
V
W
X
Y
Z
A
B
C
D
F
G
H
I
J
K
L
M
N
O
P
Q
R
S
T
U
V
W
X
Y
Z
A
B
C
D
E
G
H
I
J
K
L
M
N
O
P
Q
R
S
T
U
V
W
X
Y
Z
A
B
C
D
E
F
H
I
J
K
L
M
N
O
P
Q
R
S
T
U
V
W
X
Y
Z
A
B
C
D
E
F
G
I
J
K
L
M
N
O
P
Q
R
S
T
U
V
W
X
Y
Z
A
B
C
D
E
F
G
H
J
K
L
M
N
O
P
Q
R
S
T
U
V
W
X
Y
Z
A
B
C
D
E
F
G
H
I
K
L
M
N
O
P
Q
R
S
T
U
V
W
X
Y
Z
A
B
C
D
E
F
G
H
I
J
L
M
N
O
P
Q
R
S
T
U
V
W
X
Y
Z
A
B
C
D
E
F
G
H
I
J
K
M
N
O
P
Q
R
S
T
U
V
W
X
Y
Z
A
B
C
D
E
F
G
H
I
J
K
L
N
O
P
Q
R
S
T
U
V
W
X
Y
Z
A
B
C
D
E
F
G
H
I
J
K
L
M
O
P
Q
R
S
T
U
V
W
X
Y
Z
A
B
C
D
E
F
G
H
I
J
K
L
M
N
P
Q
R
S
T
U
V
W
X
Y
Z
A
B
C
D
E
F
G
H
I
J
K
L
M
N
O
Q
R
S
T
U
V
W
X
Y
Z
A
B
C
D
E
F
G
H
I
J
K
L
M
N
O
P
R
S
T
U
V
W
X
Y
Z
A
B
C
D
E
F
G
H
I
J
K
L
M
N
O
P
Q
S
T
U
V
W
X
Y
Z
A
B
C
D
E
F
G
H
I
J
K
L
M
N
O
P
Q
R
T
U
V
W
X
Y
Z
A
B
C
D
E
F
G
H
I
J
K
L
M
N
O
P
Q
R
S
U
V
W
X
Y
Z
A
B
C
D
E
F
G
H
I
J
K
L
M
N
O
P
Q
R
S
T
V
W
X
Y
Z
A
B
C
D
E
F
G
H
I
J
K
L
M
N
O
P
Q
R
S
T
U
W
X
Y
Z
A
B
C
D
E
F
G
H
I
J
K
L
M
N
O
P
Q
R
S
T
U
V
X
Y
Z
A
B
C
D
E
F
G
H
I
J
K
L
M
N
O
P
Q
R
S
T
U
V
W
Y
Z
A
B
C
D
E
F
G
H
I
J
K
L
M
N
O
P
Q
R
S
T
U
V
W
X
Z
A
B
C
D
E
F
G
H
I
J
K
L
M
N
O
P
Q
R
S
T
U
V
W
X
Y
Polybius Square
1) Put the letters of the alphabet in a
5X5 matrix.
2) The code for a letter is its
(row,column)
3) To decode a letter look at the cell with
the (row,column). For example, 23
means row 2, column 3.
Example
1
2
3
4
5
1
a
b
c
d
e
2
f
g
h
i
j
3
k
l
m
n
o
4
p
q
r
s
t
5
u
v
w
x
y/z
Encode EVERYONE
15 52 15 43 55 35 34 15
Letter frequencies in English
Letter
A
B
C
D
E
F
G
H
I
J
K
L
M
Frequency
8.04%
1.54
3.06
3.99
12.51
2.30
1.96
5.49
7.26
0.16
0.67
4.14
2.53
Letter
N
O
P
Q
R
S
T
U
V
W
X
Y
Z
Frequency
7.09%
7.60
2.00
0.11
6.12
6.54
9.25
2.71
0.99
1.92
0.19
1.73
0.09
To add complexity
1) Add a key phrase to change the
ordering of the letters in the matrix.
2) Separate the plaintext into 8 letter
groups removing blanks.
3) Encode by making the numbers for
each 8 letter group as follows: r(1,2),
r(3,4), r(5,6), r(7,8), c(1,2), c(3,4),
c(5,6), c(7,8)
Example showing transposition
1
2
3
4
5
1
a
b
c
d
e
2
f
g
h
i
j
3
k
l
m
n
o
4
p
q
r
s
t
5
u
v
w
x
y/z
Encode EVERYONE
15 14 53 31 52 53 55 45
Example of using a key phrase to
create a Polybius square
Lazy grey fox jumps over the quick brown dog
1
2
3
4
5
1
l
a
z
y
g
2
r
e
f
o
x
3
j
u
m
p
s
4
v
t
h
q
i
5
c
k
b
w
n/d
The Problem of Key Distribution
• Keys must be distributed securely and
changed regularly
• Keys must also be used securely and
destroyed securely
Recognizing Plaintext
• How do you recognize plaintext? It looks like
it is supposed to, e.g. English, an image
• Unicity distance – the amount of ciphertext
required that reasonable appearing plaintext
is the true plaintext
• Unicity distance for standard English = K/6.8
where K = key length in bits and 6.8 is the
natural redundancy in English