Cryptograph

y
Introduction
Course Outcomes
Syllabus
Continue…
Continue
Text book
MODULE -1
Introduction
 A Model Network Security
• Security aspects come into play when it is
necessary or desirable to protect the
information transmission from an opponent
who may present a threat to confidentiality,
authenticity, and so on.

• All the techniques for providing security

have two components:

• A security-related transformation on the

information to be sent

• Some secret information shared by the two

principals and, it is hoped, unknown to the
opponent
Model for Network
Security
Model for Network
Security
• General model shows that there are four basic tasks
in designing a particular security service:

• 1. Design an algorithm for performing the security-

related transformation. The algorithm should be such
that an opponent cannot defeat its purpose.

• 2. Generate the secret information to be used with

the algorithm.

• 3. Develop methods for the distribution and sharing

of the secret information.

• 4. Specify a protocol to be used by the two principals

that makes use of the security algorithm and the
secret information to achieve a particular security
service.
• Programs can present two kinds of threats:

• ■ Information access threats: Intercept or modify data

on behalf of users who should not have access to that data.

• ■ Service threats: Exploit service flaws in computers to

inhibit use by legitimate users.
 Basic Terminologies
• Encryption: The process of converting plaintext
into ciphertext to secure it from unauthorized
access.

• Decryption: The reverse process of encryption,

converting ciphertext back into plaintext using a
decryption key.

• Cipher: An algorithm used for encryption and

decryption.
 Basic Terminologies
• Key: A piece of information (a parameter) used in
conjunction with an algorithm to perform encryption or
decryption.

• Symmetric Encryption: A type of encryption where the

same key is used for both encryption and decryption.

• Asymmetric Encryption: A type of encryption where a pair

of keys (public and private) is used, and each key can only
perform one operation (encrypt or decrypt).

• Cryptanalysis: The study of analyzing and breaking

cryptographic systems.
 Basic Terminologies
• Public Key: The key in asymmetric encryption that
is shared openly and used for encryption.

• Private Key: The key in asymmetric encryption that

must be kept secret and is used for decryption.

• Hash Function: A one-way function that converts

input data (plaintext) into a fixed-size string of
characters, often for data integrity verification.

• Digital Signature: A cryptographic technique that

verifies the authenticity and integrity of a message
or document.
 Symmetric
Encryption
• Also referred to as conventional
encryption or single-key encryption

• Was the only type of encryption in use

prior to the development of public-key
encryption in the 1970s
• Remains by far the most widely used of
the two types of encryption
 Simplified Model of
Symmetric Encryption
A symmetric encryption scheme has five ingredients :

■ Plaintext: This is the original intelligible message or

data that is fed into the algorithm as input.

■ Encryption algorithm: The encryption algorithm

performs various substitutions and transformations on
the plaintext.

■ Secret key: The secret key is also input to the

encryption algorithm. The key is a value independent of
the plaintext and of the algorithm. The algorithm will
produce a different output depending on the specific key
being used at the time. The exact substitutions and
transformations performed by the algorithm depend on
the key.
 Ciphertext: This is the scrambled message
produced as output. It depends on the
plaintext and the secret key. For a given
message, two different keys will produce two
different ciphertexts. The ciphertext is an
apparently random stream of data and, as it
stands, is unintelligible.

• Decryption algorithm: This is essentially

the encryption algorithm run in reverse. It
takes the ciphertext and the secret key and
produces the original plaintext.
Model of Symmetric
Cryptosystem
• There are two requirements for secure use of
conventional encryption:

• We need a strong encryption algorithm. At a

minimum, we would like the algorithm to be such that
an opponent who knows the algorithm and has
access to one or more ciphertexts would be unable to
decipher the ciphertext or figure out the key.

• Sender and receiver must have obtained copies of

the secret key in a secure fashion and must keep the
key secure. If someone can discover the key and
knows the algorithm, all communication using this
key is readable.
 Cryptographic
Systems
• Characterized along three independent
dimensions:
The type of
operations used for The number of keys The way in which the
transforming plaintext used plaintext is processed
to ciphertext
Symmetric,
single-key,
Substitution secret-key, Block cipher
conventional
encryption

Asymmetric, two-
Transposition key, or public-key Stream cipher
encryption
 Cryptanalysis and
Brute-Force Attack

Cryptanalysis Brute-force attack

• Attack relies on the nature of the • Attacker tries every possible key
algorithm plus some knowledge of on a piece of ciphertext until an
the general characteristics of the intelligible translation into
plaintext plaintext is obtained
• Attack exploits the characteristics • On average, half of all possible
of the algorithm to attempt to keys must be tried to achieve
deduce a specific plaintext or to success
deduce the key being used
Table 2.1
Types of
Attacks
on
Encrypted
Messages
 Encryption Scheme
Security
• Unconditionally secure
• No matter how much time an opponent
has, it is impossible for him or her to
decrypt the ciphertext simply because
the required information is not there

• Computationally secure
• The cost of breaking the cipher exceeds
the value of the encrypted information
• The time required to break the cipher
exceeds the useful lifetime of the
information
 Brute-Force Attack
Involves trying every possible key until an
intelligible translation of the ciphertext into plaintext
is obtained

On average, half of all possible keys must be tried

to achieve success

To supplement the brute-force approach, some

degree of knowledge about the expected plaintext
is needed, and some means of automatically
distinguishing plaintext from garble is also needed
 Substitution
Technique
• Is one in which the letters of plaintext
are replaced by other letters or by
numbers or symbols

• If the plaintext is viewed as a sequence

of bits, then substitution involves
replacing plaintext bit patterns with
ciphertext bit patterns
 Caesar Cipher
• Simplest and earliest known use of a substitution
cipher
• Used by Julius Caesar

• Involves replacing each letter of the alphabet

with the letter standing three places further down
the alphabet
• Alphabet is wrapped around so that the letter
following Z is A

plain: meet me after the toga party

cipher: PHHW PH DIWHU WKH WRJD SDUWB

 Caesar Cipher
Algorithm
• Can define transformation as:
a b c d e f g h i j k l m n o p q r s t u v w x y z
D E F G H I J K L M N O P Q R S T U V W X Y Z A B C

• Mathematically give each letter a number

a b c d e f g h i j k l m n o p q r s t u v w x y z
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25

• Algorithm can be expressed as:

c = E(3, p) = (p + 3) mod (26)

• A shift may be of any amount, so that the general Caesar

algorithm is:
C = E(k , p ) = (p + k ) mod 26
• Where k takes on a value in the range 1 to 25; the
decryption algorithm is simply:

p = D(k , C ) = (C - k ) mod 26
 Brute-Force
Cryptanalysis
of Caesar
Cipher

(This chart can be found on

page 35 in the textbook)
Sample of Compressed
Text
 Monoalphabetic
Cipher
• Permutation
• Of a finite set of elements S is an ordered
sequence of all the elements of S , with each
element appearing exactly once

• If the “cipher” line can be any permutation

of the 26 alphabetic characters, then there
are 26! or greater than 4 x 1026 possible keys
• This is 10 orders of magnitude greater than the
key space for DES
• Approach is referred to as a monoalphabetic
substitution cipher because a single cipher
alphabet is used per message
 Monoalphabetic
Ciphers
• Easy to break because they reflect the
frequency data of the original alphabet

• Countermeasure is to provide multiple

substitutes (homophones) for a single letter

• Digram
• Two-letter combination
• Most common is th

• Trigram
• Three-letter combination
• Most frequent is the
 Playfair Cipher
• Best-known multiple-letter encryption cipher

• Treats digrams in the plaintext as single units

and translates these units into ciphertext
digrams
• Based on the use of a 5 x 5 matrix of letters
constructed using a keyword
• Invented by British scientist Sir Charles
Wheatstone in 1854
• Used as the standard field system by the
British Army in World War I and the U.S. Army
and other Allied forces during World War II
 Playfair Key Matrix
• Fill in letters of keyword (minus
duplicates) from left to right and from
top to bottom, then fill in the
remainder of the matrix with the
remaining letters in alphabetic order

• Using the keyword MONARCHY:

M O N A R
C H Y B D
E F G I/J K
L P Q S T
U V W X Z
 Hill Cipher
• Developed by the mathematician Lester
Hill in 1929
• Strength is that it completely hides single-
letter frequencies
• The use of a larger matrix hides more
frequency information
• A 3 x 3 Hill cipher hides not only single-
letter but also two-letter frequency
information

• Strong against a ciphertext-only attack but

easily broken with a known plaintext attack
RRLMWBKASPDH
 Polyalphabetic
Ciphers
• Polyalphabetic substitution cipher
• Improves on the simple monoalphabetic
technique by using different
monoalphabetic substitutions as one
proceeds through the plaintext message

All these techniques have the following

features in common:
• A set of related monoalphabetic
substitution rules is used
• A key determines which particular rule is
chosen for a given transformation
 Vigenère Cipher
• Best known and one of the simplest
polyalphabetic substitution ciphers

• In this scheme the set of related

monoalphabetic substitution rules
consists of the 26 Caesar ciphers with
shifts of 0 through 25

• Each cipher is denoted by a key letter

which is the ciphertext letter that
substitutes for the plaintext letter a
• Thus, the first letter of the key is added to the first letter of the
plaintext, mod 26, the second letters are added, and so on through
the first m letters of the plaintext. For the next m letters of the
plaintext, the key letters are repeated.
• A general equation of the encryption process is:

Ci = (pi + ki mod m) mod 26

Example of Vigenère
Cipher
key: deceptivedeceptivedeceptive
plaintext: wearediscoveredsaveyourself
ciphertext:
ZICVTWQNGRZGVTWAVZHCQYGLMGJ
Vigenère Autokey System
• A keyword is concatenated with the plaintext
itself to provide a running key

• Example:
key: deceptivewearediscoveredsav
plaintext: wearediscoveredsaveyourself
ciphertext: ZICVTWQNGKZEIIGASXSTSLVVWLA

• Even this scheme is vulnerable to

cryptanalysis
• Because the key and the plaintext share the
same frequency distribution of letters, a
statistical technique can be applied
 Vigenère Autokey System

• The ultimate defense against such a cryptanalysis is to

choose a keyword that is as long as the plaintext and has
no statistical relationship to it.

• Such a system was introduced by an AT&T engineer

named Gilbert Vernam in 1918.His system works on
binary data (bits) rather than letters. The system can be
Expressed as

ci = pi ⊕ ki
• pi = ith binary digit of plaintext , ki = ith binary digit of key ,ci = ith binary digit of
ciphertext ,⊕ = exclusive-or (XOR) operation
Vernam Cipher
 One-Time Pad
• Improvement to Vernam cipher proposed by an Army
Signal Corp officer, Joseph Mauborgne
• Use a random key that is as long as the message so that
the key need not be repeated
• Key is used to encrypt and decrypt a single message and
then is discarded
• Each new message requires a new key of the same length
as the new message
• Scheme is unbreakable
• Produces random output that bears no statistical
relationship to the plaintext
• Because the ciphertext contains no information whatsoever
about the plaintext, there is simply no way to break the
code
 Difficulties
• The one-time pad offers complete security but, in
practice, has two fundamental difficulties:
• There is the practical problem of making large quantities
of random keys
• Any heavily used system might require millions of random
characters on a regular basis
• Mammoth key distribution problem
• For every message to be sent, a key of equal length is
needed by both sender and receiver

• Because of these difficulties, the one-time pad is of

limited utility
• Useful primarily for low-bandwidth channels requiring
very high security

• The one-time pad is the only cryptosystem that exhibits

perfect secrecy (see Appendix F)
 Rail Fence Cipher
• Simplest transposition cipher

• Plaintext is written down as a sequence of

diagonals and then read off as a sequence of
rows

• To encipher the message “meet me after the

toga party” with a rail fence of depth 2, we
would write:
mematrhtgpry
etefeteoaat
Encrypted message is:
MEMATRHTGPRYETEFETEOAAT
Row Transposition Cipher
• Is a more complex transposition

• Write the message in a rectangle, row by row, and

read the message off, column by column, but
permute the order of the columns
• The order of the columns then becomes the key to
the algorithm
Key: 4 3 1 2 5 6 7
Plaintext: atta c kp
ostpone
dunt i l t
w o a mx y z
Ciphertext:
TTNAAPTMTSUOAODWCOIXKNLYPETZ
To visualize the result of this double transposition,
designate the letters in the original plaintext message by
the numbers designating their position. Thus, with 28
letters in the message, the original sequence of letters is
Rotor Machines
Steganography
 • Character marking
• Selected letters of printed or
typewritten text are over-
Other written in pencil
• The marks are ordinarily not
Steganograph visible unless the paper is
held at an angle to bright
y Techniques light
• Invisible ink
• A number of substances can
be used for writing but leave
no visible trace until heat or
some chemical is applied to
the paper
• Pin punctures
• Small pin punctures on
selected letters are ordinarily
not visible unless the paper is
held up in front of a light
• Typewriter correction
ribbon
• Used between lines typed
with a black ribbon, the
 Summary
• Symmetric Cipher • Substitution
Model techniques
• Cryptography • Caesar cipher
• Cryptanalysis and • Monoalphabetic
Brute-Force Attack ciphers
• Playfair cipher
• Transposition
• Hill cipher
techniques
• Polyalphabetic
• Rotor machines ciphers
• One-time pad

• Steganography