2

So while I knew hill ciphers were a form of block cipher (I'm assuming all the ones I have solved to date were ECB or something similar), so that got me thinking. Is it possible to use hill ciphers in other modes (ctr, ecb, cbc etc) on a binary alphabet?

  • A) Could you provide formula/examples of how it would work?

  • B) How would one launch a plain text attack against these?

  • C) How would I protect against this attack?

    1. CTR. Assuming d is even (for the nonce and counter), and the nonce and counter are d/2

    2. CBC.

    3. Any other relevant block cipher it could function as

Anan
  • 65
  • 1
  • 7

1 Answers1

1

Yes, you can convert the Hill Cipher into almost any mode of operation. For simplicity, assume that $M$ represent the key matrix and $P$ represent the plaintext vector and $C$ is the corresponding ciphertext vector with $C = M\cdot P \pmod{26}$. For simplicity, we omit $\bmod 26$ for the rest.

  • ECB mode: we can assume that Hill cipher is already in ECB mode. As usual, divide the message into the correct matrix size, you also need a padding scheme.

  • CBC mode: generate a random $IV$ which must be unpredictable, however, this is your least concern, as usual, $ C_0 = M\cdot(P_0\oplus IV) \text{ and } C_i = M\cdot(P_0\oplus C_{i-1})$. You also need a padding scheme.

  • CTR mode: $C=P \oplus [M \cdot (\text{nonce || Counter})]$. Here one may need to take care of the counter since it is a Matrix. One can consider each cell of the Matrix as a $\bmod 26$ counter. No need to padding.

  • CMC-MAC: Since you have CBC mode, you have it, now. Remember, in CMC-MAC the IV is all zero.

Note 1: For CBC-MAC we don't need just AES, we can use any secure block cipher.

Note 2: the $\oplus$ can generate a number greater than 26. You need to use $+ \bmod26$

And a final note: The Hill cipher is vulnerable to known-plaintext attack which means that it is broken! You cannot build a secure mode of operation from a broken cipher!

kelalaka
  • 49,797
  • 12
  • 123
  • 211