| We build naturally on Shannon's implicit description of a cipher as an element of some group algebra, and elementary results from group theory and representation theory yield a powerful machinery for studying private key ciphers. Assuming subkey independence, composite cryptosystems are naturally treated as product ciphers. Techniques are developed to measure the security profile of such products as a function of the number of terms and the algebraic structure of the individual terms. We pay particular attention to the non-asymptotic behavior of this profile, focusing on double encryption and finitely iterated cryptosystems.;Fundamental lower limits to the cost of cryptanalytic attacks are quantified via a theory of guesswork. Conditional guesswork naturally occurs in the formulation of limits to known and chosen plaintext attacks. Two security indices are introduced as averages---over the number of available plaintext-ciphertext pairs---of the performances of optimal attacks. We introduce a hypothesis that if one cipher resists the best theoretical attack more than another cipher, then we may infer that the first cipher is more secure than the second. In this context, it is shown that two-key double encryption of a cipher over a simple group is strictly more secure than single encryption. Furthermore, ciphers exist such that any product with a nonuniform cipher will possess strictly more security than the original nonuniform cipher.;Finally, we draw upon a modern treatment of random walks on groups and the non-asymptotic convergence properties of their Markov chains. This facilitates a connection between the security of an iterated cryptosystem and the representation theoretic Fourier transform of its one-round function. Furthermore, we show how probabilistic arguments can be made to establish a cutoff point and thus characterize the non-asymptotic security behavior of iterated cryptosystems. |
