Cryptanalyzing ADFGVX Ciphers
Lab Report due Tuesday, October 9
Introduction
(Review Singh, Appendix F) The goal of this lab is to
demonstrate that the ADFGVX cipher, while difficult, is not impregnable.
Example: (The example used in Singh, Appendix F). Use the ADFGVX
substitution and transposition tools to encrypt and decrypt the "attack at
10 pm" example from the book.
Cryptograms for your puzzling pleasure
-
Known key-length attack. Consider this ciphertext. Suppose you know that the
keyword used for transposition is four letters long. Use the frequency
counter, and the ADFGVX substitution and transposition tools to find the
plaintext and ADFGVX keys.
- Chosen-plaintext attack. Consider this ciphertext. Imagine that you have access to a
machine that implements the same ADFGVX encryption of unknown
substitution key grid and transposition keyword used to generate this
ciphertext. Use the machine to help
you determine the ADFGVX keys and recover the plaintext corresponding the
given ciphertext.
- Known-plaintext (crib) attack. Consider this ciphertext. You know that this was generated
by the same ADFGVX encryption that generated the following pieces of
ciphertext:
FXGAGAGDAGFAFGGGDGGDGVAVGDVGFGAXFGAFVAXFAFFFXGAGAFGGGAVGFAADGGDGVGFGAXGVVVAFGAFV
FXGAGGVVDGVAFGGGDGGDGADGGDVGFGAXFGAFVAVGFDFFXGAGAFGGGAADXAVDGGDGVGFGAXAXAGAFGAFV
FXGAGXAAGGVAFGGGDGGDGGDGAAVGFGAXFGAFVGAFVGVFXGAGAFGGGFFGXGGDGGDGVGFGAXVXGVGFGAFV
FXGAGFDVVAGAFGGGDGGDGDVFGAVGFGAXFGAFVVFGVAAFXGAGAFGGGAXAFFXDGGDGVGFGAXAVAVFFGAFV
FXGAGAGGDAFAFGGGDGGDGGFAGAVGFGAXFGAFVFVGVFXFXGAGAFGGGDXAVFADGGDGVGFGAXGAVGVFGAFV
FXGAGVGADXGAFGGGDGGDGGGGGGVGFGAXFGAFVGGFAGGFXGAGAFGGGAXGXDVDGGDGVGFGAXDXFVGFGAFV
FXGAGAFAFAFAFGGGDGGDGAFAFAVGFGAXFGAFVFAFAFAFXGAGAFGGGFAFAFADGGDGVGFGAXFAFAFFGAFV
Each of these small ciphertexts is known to correspond to plaintext that
begins and ends with the same plaintext: "weatherreport". An example
plaintext might be:
weather report beautiful day weather report
(of course, with spaces removed)
Answer the following questions in your lab report:
- For all three of the above cryptograms, you should submit the ADFGVX
substitution key grids, the ADFGVX transposition keywords and
what the plaintext is, but not the complete plaintext (that'd be a waste
of paper). Instead, use the following technique. Consider the first letter
of your first name. Treat it as a number from 0-25. Count that many words
in from the last word of the plaintext and submit that word. (If your name
is Alfred, you would submit the last word of the plaintext. If your name is
Beena, you would submit the second to last word of the plaintext. If your
name is Zeno, you would submit the 26th-to-last word - the word that occurs
with exactly 25 words after it in the plaintext.)
- Try using the frequency tool on both plaintext
and ADFGVX substitutions, using group sizes greater than 1. Observe the
effect of whether the "include overlapping groups" box is checked. Describe
what this box does. Is it useful to have it checked for solving ADFGVX
ciphers? Why or why not? Are there other ciphers for which you answer would
differ?
- ADFGVX has both a monoalphabetic substitution component and a
transposition component. Suppose someone proposes using a simpler, more
compact version that works as follows: Take the plaintext, and first
encrypt it according to:
a b c d e f g h i j k l m n o p q r s t u v w x y z
M N B V C X Z L K J H G F D S A P O U I Y T R E W Q
Next, the ciphertext is encrypted again, this time using a two-level
railfence transposition.
How does the security of this system compare to that of ADFGVX?
- Explain what you think the main advantages and disadvantages of
working in teams to cryptanalyze ADFGVX ciphers. Do you think all
cryptanalysis lends itself well to teamwork? Are some ciphers more likely
to be broken using a team of cryptanalysts than others? Explain.
- Comment on how secure you think the ADFGVX cipher is.
- If you were using ADFGVX to send a secret message, what might you do to
make it more difficult for an eavesdropper to use the tools employed in this
lab to cryptanalyze your message?