Classical Encryption

Techniques
Dr. Risala T Khan
Professor
IIT, JU

1
Symmetric Cipher Model

2
Overview
A symmetric encryption scheme has five ingredients (Figure 3.1):
■ Plaintext:
This is the original intelligible message or data that is fed into the algorithm as
input.
■ Encryption algorithm:
The encryption algorithm performs various substitutions and transformations on
the plaintext.
■ Secret key:
The secret key is also input to the encryption algorithm.
The key is a value independent of the plaintext and of the algorithm.
The algorithm will produce a different output depending on the specific key
being used at the time.
The exact substitutions and transformations performed by the algorithm
depend on the key.
3
Cont..
■ Ciphertext:
• This is the scrambled message produced as
output.
• It depends on the plaintext and the secret
key.
• For a given message, two different keys will
produce two different ciphertexts.
■ Decryption algorithm:
• This is essentially the encryption algorithm
run in reverse.
• It takes the ciphertext and the secret key and
produces the original plaintext.

4
Requirements
There are two requirements for secure use of conventional
encryption:
1. We need a strong encryption algorithm.
• At a minimum, we would like the algorithm to be such that an opponent who
knows the algorithm and has access to one or more ciphertexts would be unable
to decipher the ciphertext or figure out the key.
2. Sender and receiver must have obtained copies of the secret key in a
secure fashion and must keep the key secure.

5
Let us take a closer look at the essential elements of a symmetric encryption scheme.
• A source produces a message in plaintext, X = [X1, X2, ….. , XM].
• The M elements of X are letters in some finite alphabet.
• For encryption, a key of the form K = [K1, K2, …… , KJ] is generated.
• If the key is generated at the message source, then it must also be provided to the destination by
means of some secure channel.
• Alternatively, a third party could generate the key and securely deliver it to both source and
destination.
• With the message X and the encryption key K as input, the encryption algorithm forms the
ciphertext Y = [Y1, Y2, ……. , YN].
We can write this as:
Y = E(K, X)
This notation indicates that Y is produced by using encryption algorithm E as a function of the
plaintext X, with the specific function determined by the value of the key K.

6
•

7
8
Basic characteristics of a Cryptographic
System
Cryptographic systems are characterized along three
independent dimensions:
1. The type of operations used for transforming plaintext to
ciphertext.
• All encryption algorithms are based on two general principles:
substitution, in which each element in the plaintext (bit, letter, group of
bits or letters) is mapped into another element, and transposition, in
which elements in the plaintext are rearranged.
• The fundamental requirement is that no information be lost (i.e., that all
operations are reversible).

9
Cont…
2. The number of keys used.
• If both sender and receiver use the same key, the system is referred to
as symmetric, single-key, secret-key, or conventional encryption.
• If the sender and receiver use different keys, the system is referred to
as asymmetric, two-key, or public-key encryption.
3. The way in which the plaintext is processed.
• A block cipher processes the input one block of elements at a time,
producing an output block for each input block.
• A stream cipher processes the input elements continuously, producing
output one element at a time, as it goes along.

10
Cryptanalysis and Brute-Force Attack
■ Cryptanalysis:
• Cryptanalytic attacks rely on the nature of the algorithm plus perhaps some
knowledge of the general characteristics of the plaintext or even some
sample plaintext–ciphertext pairs.
• This type of attack exploits the characteristics of the algorithm to attempt to
deduce a specific plaintext or to deduce the key being used.
■ Brute-force attack:
• The attacker tries every possible key on a piece of ciphertext until an
intelligible translation into plaintext is obtained.
• On average, half of all possible keys must be tried to achieve success.
• If either type of attack succeeds in deducing the key, the effect
is catastrophic: All future and past messages encrypted with
that key are compromised.
11
Types of Cryptanalytic Attacks on Encrypted
Messages
• The table shows the various types of cryptanalytic attacks
based on the amount of information known to the cryptanalyst.

12
Cryptanalytic Attacks(ciphertext-only attack )
• The ciphertext-only attack is the hardest to break because the
opponent has the least amount of information to work with.
• In some cases, not even the encryption algorithm is known, but in
general, we can assume that the opponent does know the algorithm
used for encryption.
• One possible attack under these circumstances is the brute-force
approach of trying all possible keys.
• If the key space is very large, this becomes impractical.
• Thus, the opponent must rely on an analysis of the ciphertext itself,
generally applying various statistical tests to it.

13
Cryptanalytic Attacks(known plaintext)
• In many cases, however, the analyst has more information.
• The analyst may be able to capture one or more plaintext messages
as well as their encryptions.
• Or the analyst may know that certain plaintext patterns will appear in a
message.
• For example, a file that is encoded in the Postscript format always
begins with the same pattern, or there may be a standardized header
or banner to an electronic funds transfer message, and so on.
• All these are examples of known plaintext.
• With this knowledge, the analyst may be able to deduce the key on the
basis of the way in which the known plaintext is transformed.

14
Cryptanalytic Attacks(Cont..)
• Closely related to the known-plaintext attack is what might be
referred to as a probable-word attack.
• If the opponent is working with the encryption of some general prose
message, he or she may have little knowledge of what is in the
message.
• However, if the opponent is after some very specific information, then
parts of the message may be known.
• For example, if an entire accounting file is being transmitted, the
opponent may know the placement of certain key words in the header
of the file.
• As another example, the source code for a program developed by
Corporation X might include a copyright statement in some
standardized position.

15
Cryptanalytic Attacks(chosen-plaintext
attack)
• If the analyst is somehow being able to get into the source
system to insert a message chosen by the analyst into the
system, then a chosen-plaintext attack is possible.
• The idea is if the analyst is able to choose the plaintext messages to
encrypt, submit those messages into the encryption system and after
getting the cipher text the attacker tries to find the pattern or correlation
between the plain text and cipher text to reveal the secret key.

16
Brute-force Attack
• A brute-force attack involves trying every possible key until an intelligible
translation of the ciphertext into plaintext is obtained.
• On average, half of all possible keys must be tried to achieve success.
• That is, if there are X different keys, on average an attacker would discover the actual key
after X/2 tries.
• It is important to note that there is more to a brute-force attack than simply running through
all possible keys.
• Unless known plaintext is provided, the analyst must be able to recognize plaintext as
plaintext.
• If the message is just plain text in English, then the result pops out easily, although the task
of recognizing English would have to be automated.
• If the text message has been compressed before encryption, then recognition is more
difficult.
• And if the message is some more general type of data, such as a numerical file, and this
has been compressed, the problem becomes even more difficult to automate.
• Thus, to supplement the brute-force approach, some degree of knowledge about the
expected plaintext is needed, and some means of automatically distinguishing plaintext from
garble is also needed.

17
SUBSTITUTION TECHNIQUE

18
Overview
• A substitution technique is one in which the letters of plaintext
are replaced by other letters or by numbers or symbols.
• If the plaintext is viewed as a sequence of bits, then
substitution involves replacing plaintext bit patterns with
ciphertext bit patterns.
• Traditional symmetric-key ciphers can be classified into two
broad categories:
1. Substitution Cipher
2. Transposition Cipher

19
Monoalphabetic Cipher
• In monoalphabetic substitution, the relationship between a symbol in
the plaintext to a symbol in the ciphertext is always one-to-one.
• That is, a character or symbol in the plaintext is always changed to
the same character or symbol in the ciphertext regardless of its
position in the text.
• For example, if letter A in the plaintext is changed to letter D, every
letter A is changed to letter D.
Example:
Additive cipher, Caesar cipher, multiplicative cipher, affine cipher
etc. are some examples of monoalphabetic ciphers.

20
Additive Cipher
• The simplest monoalphabetic cipher is the additive cipher.
• This cipher is sometimes called a shift cipher and sometimes a Caesar
cipher, but the term additive cipher better reveals its mathematical nature.
• The Caesar cipher involves replacing each letter of the alphabet with the
letter standing three places further down the alphabet.
• For example:
plain: meet me after the toga party
cipher: PHHW PH DIWHU WKH WRJD SDUWB
• We can define the transformation by listing all possibilities, as follows:

21
• Let us assign a numeric equivalent to each letter:

• Then the algorithm can be expressed as follows.

For each plaintext letter p, substitute the ciphertext letter C:
C = E(3, p) = (p + 3) mod 26
A shift may be of any amount, so that the general Caesar algorithm is:
C = E(k, p) = (p + k) mod 26
The decryption algorithm is simply
p = D(k, C) = (C- k) mod 26 22
• If it is known that a given
ciphertext is a shift cipher,
then a brute-force attack is
easily performed: simply try all
the 25 possible keys.
• Figure shows the results of
applying this strategy to the
example ciphertext.
• In this case, the plaintext
leaps out as occupying the
third line.
23
NOTE:
1. Each character (uppercase or
lowercase) is assigned an integer in
Z26 . The secret key between Alice
and Bob is also an integer in Z26 .
2. When the cipher is additive, the
plaintext, ciphertext, and key are
integers in Z26 .
3. The encryption algorithm adds the
key to the plaintext character; the
decryption algorithm subtracts the
key from the ciphertext character.
That is, encryption and decryption
are inverse of each other.

24
Ideal case for Brute Force attack
Three important characteristics of this problem enabled us to use
a brute force cryptanalysis:
1. The encryption and decryption algorithms are known.
2. There are only 25 keys to try.
3. The language of the plaintext is known and easily
recognizable.

25
Example
Use the additive cipher with key = 15 to encrypt the message
“hello”.

26
27
Shift and Caesar Cipher
Shift Cipher:
• Historically, additive ciphers are called shift ciphers.
• Because, the encryption algorithm can be interpreted as “shift key character
down” and the decryption algorithm can be interpreted as “shift key character
up” .
• For example, if the key=15, the encryption algorithm shifts 15 character
down. The decryption algorithm shifts 15 character up.
Caesar Cipher:
• Additive ciphers are also called Caesar cipher. Because, Julius Caesar used
this cipher to communicate with his officers.
• Caesar used a key of 3 for his communications.
• That is, the cipher involves replacing each letter of the plaintext with the letter
standing three places further down the alphabet.
• For example:

28
Multiplicative Cipher
• In a multiplicative cipher The
encryption algorithm specifies
multiplication of the plaintext by the
key.
• The decryption algorithm specifies
division of the ciphertext by the key.
• In other words, decryption algorithm
means multiplication of the ciphertext
by the multiplicative inverse of the key.
• The plaintext and ciphertext are
integers in Z26 , but the key is an
integer in Z26 *.
• Encryption and decryption are inverse
of each other. Figure shows the
process of multiplicative cipher.

29
EXAMPLE

30
The result is ‘hello’. 31
Affine Cipher
• It is the combination of additive and multiplicative ciphers with a
pair of keys.
• The first key is used with the multiplicative cipher which comes
from Z26 *.
• This set has only 12 members: 1, 3, 5, 7, 9, 11, 15, 17, 19, 21, 23, 25.
• The second key is used with the additive cipher which comes
from Z26 .
• This set has only 26 members: 0, 1, 2, 3, 4, 5, ……, 25.
• Therefore, the size of the key domain for any Affine cipher is
26 × 12 = 312

32
33
34
35
Polyalphabetic Ciphers
• In polyalphabetic substitution, each occurrence of a character may
have a different substitute.
• The relationship between a character in the plaintext to a character in
the ciphertext is one-to-many.
• For example, if letter “a” could be enciphered as “D” in the beginning
of the text, but as “N” at the middle.
• Polyalphabetic ciphers have the advantage of hiding the letter
frequency of the undelying language.
• Eve cannot use the single-letter frequency statistics to break the
ciphertext.
• Autokey cipher, playfair cipher, vigenere cipher, Hill cipher etc. are
some examples of polyalphabetic ciphers.

36
Autokey Cipher
• In autokey cipher, the key is a stream of subkeys, in which each subkey is used
to encrypt the corresponding plaintext character.
• The first subkey is a predetermined value secretly agreed upon by Alice and
Bob.
• The second subkey is the value of the first plaintext character (between 0 to 25).
• The third subkey is the value of the second plaintext character. And so on.
• The name of this cipher as ‘autokey’ implies that the subkeys are automatically
created from the plaintext cipher characters during the encryption process.
• Encryption and decryption is done using the following formulas.

37
38
39
40
41
42
43
44
45
46
47
48
49
TRANSPOSITION CIPHERS

50
Transposition Cipher
• A transposition cipher does not substitute one symbol for
another, instead it changes the location of the symbols.
• A symbol in the first position of the plaintext may appear in the
ninth position of the ciphertext.
• A symbol in the eighth position of the plaintext may appear in
the first position of the ciphertext.
Types of Transposition Cipher:
• There are three types of transposition cipher:
-Keyless Transposition Ciphers
-Keyed Transposition Ciphers
-Keyed Columnar Transposition Ciphers or Columnar Transposition Ciphers

51
Keyless Transposition Cipher
• These are simple transposition ciphers and were used in the
past.
• There are two methods for permutation of characters:
• In the first method, the text is written into a table column by column and
then transmitted row by row.
• In the second method, the text is written into a table row by row and
then transmitted column by column.

52
53
54
55
Keyed Transposition Cipher
• The Keyed Transposition Cipher is a type of transposition
cipher where the letters of the plaintext are rearranged
according to a specific key.
• The Keyed Transposition Cipher uses a keyword to determine
the order in which to rearrange the columns of the text.

56
How Keyed Transposition Cipher Works
1. Key: A keyword is used to determine the number of columns
and the order in which to read the columns for encryption. The
letters in the key are assigned a numerical value based on
their alphabetical order.
2. Plaintext: The plaintext is written into rows of a matrix/grid,
with each row being as long as the number of letters in the
key.
3. Rearrange the Columns: The columns are rearranged based
on the alphabetical order of the letters in the keyword.
4. Ciphertext: The ciphertext is generated by reading the
rearranged columns from top to bottom
57
Steps of the Keyed Transposition Cipher
• Choose a Keyword: The keyword defines the number of columns and the order in
which to read the ciphertext. For example, the keyword “cipher”
• Assign Numerical Values to the Keyword: Assign numbers to the letters of the
keyword based on their alphabetical order. For example:
• Keyword : C I P H E R
• Numerical Order : C(1) E(2) H(3) I(4) P(5) R(6)
• Keyword: 145326
• Write the Plaintext into Rows and Columns: Write the plaintext into a matrix
with the number of columns equal to the number of letters in the key. If the
plaintext doesn’t fill the grid completely, you can pad it with extra characters (e.g.,
"X").
• Rearrange the Columns Based on the Key: Rearrange the columns of the grid
according to the numerical order of the letters in the key.
• Read the Columns to Form the Ciphertext: Finally, the ciphertext is generated
by reading the columns from top to bottom in the rearranged order.

58
Example
• PLAINTEXT: WE ARE DISCOVERED
• PLAINTEXT(after removing spaces): WEAREDISCOVERED
• KEYWORD: CIPHER
• STEP 1:
• Assign numerical value to the keyword
• Keyword : C I P H E R
• Alphabetic Order: C E H I P R
• Numerical Order : C(1) E(2) H(3) I(4) P(5) R(6)
• Keyword: 145326

59
• STEP 2: Write the plaintext into grid :
• Write the plaintext into grid with as many columns as there are letters in
the key:
C(1) I(4) P(5) H (3) E(2) R(6)
W E A R E D
I S C O V E
R E D X X X

60
• Step 3: Rearrange the Columns Based on the Key
• Rearrange the columns based on the key's alphabetical order. So, the
columns will be rearranged according to:
• KEY ORDER: C I P H E R-- COLUMN ORDER- 1 4 5 3 2 6
• The columns will be rearranged like this:
C(1) E(2) H(3) I(4) P(5) R(6)
W E R E A D
I V O S C E
R X X E D X

61
• Step 4: Generate the Ciphertext
• Now, read the rearranged columns from top to bottom:
• Column 1: W I R
• Column 2: E V X
• Column 3: R O X
• Column 4: E S E
• Column 5: A C D
• Column 6: DEX
• The final cipher text is: WIREVXROXESEACDDEX

62
• Step 5: Decryption Process
• Create a grid with the same number of columns as the key
• Write the ciphertext into the columns based on the key's alphabetical
order
• Rearrange the columns back to their original order.
• Read the rows to retrieve the plaintext.

63
1 2 3 4 5 6
W E R E A D
I V O S C E
R X X E D X

C(1) I(4) P(5) H(3) E(2) R(6)

W E A R E D
I S C O V E
R E D X X X

64
 Columnar Transposition Ciphers

This type of transposition cipher combines the keyless and

keyed transposition ciphers to achieve better scrambling.
Encryption or decryption is done in three steps:
1. The text is written into a table row by row.
2. The permutation is done by reordering the columns.
3. The new table is read column by column.
Here, the 1st and 3rd steps provide a keyless global reordering
and the 2nd step provides a blockwise keyed reordering.

Slide- 65
 Columnar Transposition Ciphers
Example:
Encrypt the message “enemy attacks tonight” using Columnar
transposition cipher.
Solution: The encryption and decryption is illustrated in the figure below.

▪ The 1st table in the

figure is created by
Alice writing the
plaintext row by
row.
▪ The columns are
permuted using
the key mentioned.

▪ The ciphertext is
created by reading
the 2nd table
column by column.
▪ Bob does the same
three steps in the
reverse order.

Slide- 66
Figure: Combining Two Approaches
 Columnar Transposition Ciphers

Keys

In the previous example, a single key was used in two directions for
the column exchange:
❑ downward for encryption

❑ upward for decryption.

It is customary to create two keys.

Figure: Encryption/decryption keys in transpositional ciphers

Slide- 67
 Key inversion in a transposition cipher

How can the inverse of a key be created if the initial or original key is
given, or vice versa?
The process can be done manually in a few steps.
Figure below shows how to invert an encryption key, i.e. how to find the
decryption key.

Figure: Inverting a permutation table

Slide- 68