Cryptography

Activity

What is cryptography ?
Introduction
Cryptography is the study of Encryption
◦ Greek kryptos means “hidden” and
graphia means “writtings”
Encryption is an ancient form of
information protection. … dates back
4,000 years.
◦ process by which plaintext is converted into
ciphertext.
Decryption is the inverse of Encryption.
Introduction …
A sender S wanting to transmit message M to
a receiver R
To protect the message M, the sender first
encrypts it into meaningless message M’
After receipt of M’, R decrypts the message to
obtain M
M is called the plaintext
◦ What we want to encrypt
M’ is called the ciphertext
◦ The encrypted output
Introduction…
Notation
Given
P=Plaintext
C=CipherText

C = EK (P) Encryption
P = DK ( C) Decryption
 Terminologies

Cryptography: Schemes for encryption and

decryption
Encryption algorithm: technique or rules
selected for encryption.
Key: is secret value used to encrypt and/or
decrypt the text.
Cryptanalysis: The study of “breaking the
code”.
Cryptology: Cryptography and cryptanalysis
together constitute the area of cryptology.
Encryption vs. C-I-A
Encryption provides :
◦ Confidentiality/Secrecy
 keeps our data secret.
◦ Integrity
 protect against forgery or tampering
Cryptographic systems
are characterized along three dimensions
operations used for transforming
◦ Substitution: Replace (bit, letter, group of bits letters
◦ Transposition: Rearrange the order
◦ Product :use multiple stages of both
number of keys used
◦ Symmetric: same key , secret-key, private-key
◦ Asymmetric: different key , public-key
way in which the plaintext is processed
◦ block cipher
◦ Stream cipher
 More Definitions
unconditional security : An encryption
scheme is unconditionally secure if the
ciphertext generated by the scheme does
not contain enough information to determine
uniquely the corresponding plaintext, no
matter how much computer power or time is
available.
computational security
◦ given limited computing resources (eg time needed
for calculations is greater than age of universe), the
cipher cannot be broken
 Transposition and Substitution
security security security

Encryption Encryption Encryption

cusetyri
tfdvsjuz 19 5 3 21 18 9 20 25
Simple Simple Substitution
Transposition
 Classical Substitution
Caesar Cipher: used by Julius Caesar's
◦ substitutes each letter of the alphabet with
the letter standing three places further down
the alphabet
Caesar cipher
 Activity

Convert it ....to Caesar Ciphertext?

Plaintext: are you ready

Ciphertext: duh brx uhdgb

Plaintext a b c d e f g h i j k l m n o p q r s t u v w x y z

Ciphertext DE F G H I J K L M N O P Q R S T U V WX Y Z A B C
Caesar Cipher
the algorithm can be expressed as, for each
plaintext letter P, substitute ciphertext
letter C.
◦ C = E(3, p) = (p + 3) mod 26
mathematically give each letter a number
abcde fg hi j k l m n o p q r s t u v w x y z
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25
General Caesar algorithm as:
c = E(k, p) = (p + k) mod (26)
p = D(k, c) = (c – k) mod (26)
 Where k is [1 to 25]. Secret-key
Monoalphabetic Cipher
ratherthan just shifting the alphabet
could shuffle the letters arbitrarily
each plaintext letter maps to a different
random ciphertext letter
hence key is 26 letters long

Plain: abcdefghijklmnopqrstuvwxyz
Cipher: DKVQFIBJWPESCXHTMYAUOLRGZN

Plaintext: ifwewishtoreplaceletters
Ciphertext: WIRFRWAJUHYFTSDVFSFUUFYA
 Monoalphabetic Cipher Security
now have a total of 26! = 4 x 1026 keys
with so many keys, might think is
secure
but would be !!!WRONG!!!
problem is language characteristics,
statistical techniques
 Playfair Cipher
It is a Polyalphabetic Cipher, a substitution
cipher in which the cipher alphabet for the plain
alphabet may be different at different places
during the encryption process.
A manual symmetric encryption technique
It was the first literal digraph substitution cipher.
◦ The scheme was invented in 1854 by Charles
Wheatstone, but bears the name of Lord Playfair who
promoted the use of the cipher.
Used in WWI and WWII
 Playfair Key Matrix
a 5X5 matrix of letters based on a keyword
fill in letters of keyword (no duplicates, i & j)
fill rest of matrix with other letters
eg. using the keyword (key) simple

s i/j m p l
e a b c d
f g h k n
o q r t u
v w x y z
 Playfair Cipher
 Use filler letter to separate repeated letters
◦ eg. "balloon" encrypts as "ba lx lo on" Encrypt two letters
together

 Same row– >followed letters

◦ If both letters are in the same row, take the letter to the right of each
one (going back to the left if at the farthest right
◦ ac--bd
 Same column–> letters under
◦ If both the letters are in the same column, take the letters below each
one
◦ qw--wi
 Otherwise—>square’s corner at same row
◦ If neither of the preceding two rules are true, form a rectangle with the
two letters and take the letters on the horizontal opposite corner of the
rectangle.
 Activity
Q: construct the playfair matrix using the
keyword: MONARCHY ?
Plaintext: Ethiopia
M O N A R
C H Y B D
E F G I/J K
L P Q S T
U V W X Z

klbfhvs
Ciphertext: b
 Examples
• Let us say we want to encrypt the message “hide money”. It will
be written as −

• HI DE MO NE YZ

The Rules of Encryption

1. If both the letters are in the same column, take the letter below
each one (going back to the top if at the bottom)
 2. If both letters are in the same row, take the letter to the right of
each one (going back to the left if at the farthest right)

3. If neither of the preceding two rules are true, form a rectangle

with the two letters and take the letters on the horizontal
opposite corner of the rectangle.
Using these rules, the result of the encryption of ‘hide money’ with the
key of ‘tutorials’ would be −
QC EF NU MF ZV
Decrypting the Playfair cipher is as simple as doing the same process in
48
reverse.
Excersise
1. Write the cipher text of a given message
if the plaintext “Why, don’t you? and the
key is keyword
 Security of Playfair Cipher
security much improved over
monoalphabetic
But, still has much of plaintext structure.
it can be broken, given a few hundred letters
◦ With ciphertext only, possible to analyse
frequency of occurrence of digrams (pairs of
letters)
◦ Obtaining the key is relatively straightforward if
both plaintext and ciphertext are known.
Polyalphabetic ciphers
Polyalphabetic ciphers
using multiple substitution alphabets.
make cryptanalysis harder with more
alphabets to guess and flatter frequency
distribution
use a key to select which alphabet is used
for each letter of the message
◦ use each alphabet in turn
◦ repeat from start after end of key is reached
 Vigenere Cipher
 simplest polyalphabetic substitution cipher
meaning that instead of there being a one-
to-one relationship between each letter and
its substitute, there is a one-to-many
relationship between each letter and its
substitutes.
◦ The encipherer chooses a keyword and repeats it
until it matches the length of the plaintext
Vigenère square or Vigenère table
 Vigenère Cipher
Basicallymultiple Caesar ciphers
key is multiple letters long
◦ K = k1 k2 ... kd
◦ ith letter specifies ith alphabet to use
◦ use each alphabet in turn, repeating from start
after d letters in message
Plaintext: THISPROCESSCANALSOBEEXPRESSED
Keyword: CIPHERCIPHERCIPHERCIPHERCIPHE
Ciphertext: VPXZTIQKTZWTCVPSWFDMTETIGAHLH
Vigenère Cipher
write the plaintext out
write the keyword repeated above it
use each key letter as a caesar cipher key
encrypt the corresponding plaintext letter
Activity
Q: encrypt the given plaintext letter using
Vigenère Cipher use keyword deceptive

plaintext:
wearediscoveredsaveyourself
Key: deceptivedeceptivedeceptive
Ciphertext:
zicvtwqngrzgvtwavzhcqyglmgj
Security of Vigenère Ciphers
have multiple ciphertext letters for each
plaintext letter
◦ hence letter frequencies are masked
◦ but not totally lost
start with letter frequencies
◦ see if look monoalphabetic or not
ifnot, then need to determine number of
alphabets, since then can attach each
 Transposition Cipher
• So far we have seen ciphering with substitution.

• We will now talk about a different notion classical

in cryptography: permuting the plaintext.

• Transposition ciphers differ form substitution cipher

technique in addition to replace on alphabet with another
they perform some permutation over the plain text alphabet

• Rearrange bits or characters in the data

– Letters stay the same

– Order is different
 Ciphering with Transposition
This is how a pure permutation cipher could work:

– You write your plaintext message along the rows of a matrix of

some size.

– You generate ciphertext by reading along the columns.

– The order in which you read the columns is determined by the

encryption key.

• Modern encryption algorithms, such as the DES (Data

Encryption Standard) and 3DES, still use
transposition as part of the algorithm.
 Transposition Cipher
• Types of Transposition Cipher Techniques:

– Spartans cipher

– Rail fence cipher

– Simple Columnar Transposition

– Route cipher

– Book cipher/running key cipher

60
 Classical Transposition
• Spartans cipher , fifth century
B.C. Start the war today

Encryption: rearrange the text in 3 columns

S t a
r tt
h e
wa r
t
o d
ay
Rewrit
Srhaoytterdatwta
e it by 61
readin
 Rail Fence Cipher
Write the plaintext downwards on successive "rails" of an
imaginary fence. When you get to the bottom start moving
up. Write the message line by line.

Example: if we have 3 "rails" and a message of 'WE ARE

DISCOVERED. FLEE AT ONCE', the cipherer writes out:

W R I O R F E O E
E E S V E L A N
A D C E D E T C

The message:
WRIORFEOEEESVELANADCEDETC.
 Route Cipher
The plaintext is first written out in a grid of given dimensions,
then we read it off in a pattern given in the key.
Example: The key say: read message from top right corner down and
to the left.
W D V F T
E I E L O
A S R E N
R C E E C
E O D A E

TONCEADOEFLEEECRVERSADIEW
Cryptanalytic Attacks
 Types of attacks

- An attacker has only the ciphertext and his

goal is to find the corresponding plaintext.
- An attacker has a ciphertext and the
corresponding plaintext and his goal is
to find the key.

 A good cryptosystem protects against all types of

attacks.

 Attackers use both Mathematics and Statistics.

• general approaches:

– Cryptanalytic attack

• exploits the characteristics of the algorithm

 Brute Force Attack (BFA) − In this method, the attacker

tries to determine the key by attempting all possible keys.

– try every possible key on a piece of cipher text

– If the key is 8 bits long, then the number of possible keys

is 28 =
 256. The attacker knows the ciphertext and the
algorithm, now he attempts all the 256 keys one by one for
decryption.
 – The time to complete the attack would be very high if
the key is long
 Brute Force Search
always possible to simply try every key
assume either know / recognise plaintext
impractical if we use an algorithm that
employs a large number of keys.
most basic attack, proportional to key size
 Cryptanalytic Attacks
• The basic intention of an attacker is to break a cryptosystem
and to find the plaintext from the ciphertext.
• To obtain the plaintext, the attacker only needs to find
out the secret decryption key, as the algorithm is
already in public domain.
• Once the attacker is able to determine the key, the attacked
system is considered as broken or compromised.
Ciphertext Only Attacks (COA) − In this method, the attacker has access
to a set of ciphertext(s). He does not have access to corresponding plaintext.
– Only know algorithm & ciphertext, is statistical, know or can identify
plaintext
.
– Find the plain text of the message or the key. Most difficult
– COA is said to be successful when the corresponding plaintext can be
determined from a given set of ciphertext. Occasionally, the encryption key
can be determined from this attack.
– Modern cryptosystems are guarded against ciphertext-only attacks
 Cryptanalytic Attacks
Known Plaintext Attack (KPA) − In this method, the attacker
knows the plaintext for some parts of the ciphertext.
– Know/suspect plaintext & ciphertext
– Find key or algorithm
– The task is to decrypt the rest of the ciphertext using this
information. This may be done by determining the key
or via some other method.
Chosen Plaintext Attack (CPA) − In this method, the attacker has
the text of his choice encrypted. So he has the ciphertext-plaintext
pair of his choice. This simplifies his task of determining the
encryption key.
– select plaintext and obtain ciphertext
• Chosen ciphertext
– select ciphertext and obtain plaintext
• Chosen text
– select plaintext or ciphertext to en/decrypt 72
Language Redundancy and
Cryptanalysis
human languages are redundant
letters are not equally commonly used in
English, E is by far the most common
letter
◦ followed by T,R,N,I,O,A,S
other letters like Z,J,K,Q,X are fairly rare
have tables of single, double & triple
letter frequencies for various languages
English Letter Frequencies
 Use in Cryptanalysis
key concept - monoalphabetic substitution
ciphers do not change relative letter
frequencies
discovered by Arabian scientists in 9 th century
calculate letter frequencies for ciphertext
compare counts/plots against known values
Example Cryptanalysis
given ciphertext:
UZQSOVUOHXMOPVGPOZPEVSGZWSZOPFPESXUDBMETSXAIZ
VUEPHZHMDZSHZOWSFPAPPDTSVPQUZWYMXUZUHSX
EPYEPOPDZSZUFPOMBZWPFUPZHMDJUDTMOHMQ
count relative letter frequencies
guess P & Z are e and t
guess ZW is th and hence ZWP is the
proceeding with trial and error finally get:
it was disclosed yesterday that several informal
but direct contacts have been made with political
representatives of the viet cong in moscow
 Given this cipher text
UZQSOVUOHXMOPVGPOZPEVSGZWSZOPFPESXUDBMETSXAIZ
VUEPHZHMDZSHZOWSFPAPPDTSVPQUZWYMXUZUHSX
EPYEPOPDZSZUFPOMBZWPFUPZHMDJUDTMOHMQ

 Relative frequency of the letters in the text

P 13.33 H 5.83 F 3.33 B 1.67 C 0.00

Z 11.67 D 5.00 W 3.33 G 1.67 K 0.00
S 8.33 E 5.00 Q 2.50 Y 1.67 L 0.00
U 8.33 V 4.17 T 2.50 I 0.83 N 0.00
O 7.50 X 4.17 A 1.67 J 0.83 R 0.00
M 6.67
UZQSOVUOHXMOPVGPOZPEVSGZWSZOPFPESXUDBMETSXAIZ
t a e e te a that ee a a t
VUEPHZHMDZSHZOWSFPAPPDTSVPQUZWYMXUZUHSX
e t ta t ha e ee a e th t a
EPYEPOPDZSZUFPOMBZWPFUPZHMDJUDTMOHMQ
e e e tat e the t
 Continued analysis of frequencies plus trial and error
should easily yield a solution from this point

it was disclosed yesterday that several informal but

direct contacts have been made with political
representatives of the viet cong in moscow.
Questions?