Cryptography

Introduction

• Cryptography is the art of achieving security by encoding messages to make them non-readable.

• Some cryptography algorithms are very trivial to understand, replicate, and therefore crack.

• Some other cryptography algorithms are highly complicated, and therefore, difficult to crack.

• The rest are somewhere in the middle.• By far the most important automated tool for

network and communications security is encryption.

Encryption

Two forms of encryption are in common use:

1. Conventional, or symmetric encryption.

2. public-key or asymmetric encryption

Symmetric cipher model• Symmetric encryption is also referred as conventional or single-key

encryption.• An original message is known as plaintext• The coded message is called the ciphertext.• The process of converting from plaintext to ciphertext is known as

enciphering or encryption.• Restoring the plaintext from the ciphertext is deciphering or

decryption.• The many schemes used for encryption constitute the area known

as cryptography. Such a scheme is known as a cryptographic system or a cipher.

• Techniques used for deciphering a message without any knowledge of the enciphering details fall into the area of cryptanalysis.

• Cryptanalysis is what the layperson calls “breaking the code”. The areas of cryptography and cryptanalysis together are called cryptology.

Symmetric Cipher Model…

A symmetric encryption scheme has five ingredients:

1. Plaintext

2. Encryption algorithm

3. Secret Key

4. Ciphertext

5. Decryption algorithm

Plaintext

• This is the original intelligible message or data that is fed into the algorithm as input.

• Note that plain text also known as clear text signifies a message that can be understood by the sender, the recipient, and also by anyone else who gets an access to that message.

Encryption algorithm

• The encryption algorithm performs various substitutions and transformations on the plaintext

Secret Key

The secret key is also input to the encryption algorithm. The key is a value independent of the plain text and of the algorithm. The algorithm will produce a different output depending on the specific key being used at the time. The exact substitutions and transformations performed by the algorithm depend on the key.

Ciphertext

• This is scrambled message produced as output.

• It depends on the plaintext and the secret key.

• When a plaintext message is codified using any suitable scheme, the resulting message is called as cipher text.

• It is unintelligible.

Decryption algorithm

This is essentially the encryption algorithm run in reverse. It takes the cipher text and the secret key and produces the original plaintext.

Requirements

There are two requirements for secure use of conventional encryption:

1. We need a strong encryption algorithm. i.e. The opponent should be unable to decrypt cipher text or discover the key even if he or she is in possession of a number of ciphertexts together with the plaintext that produced each ciphertext.

2. Sender and receiver must have obtained copies of the secret key in a secure fashion and must keep the key secure.

Cryptography

Cryptographic systems are characterized along three independent dimensions:

1. The type of operations used for transforming plaintext to ciphertext.There are two primary ways in which a plain text message can be codified to obtain the corresponding cipher text : Substitution and Transposition. The fundamental requirement is that no information be lost.

2. The number of keys used. 3. The way in which plain text is processed.

Substitution and Transposition

• In substitution each element in the plaintext is mapped into another element.

• In transposition elements in the plaintext are rearranged.

• When two approaches are used together , we call the technique as product cipher.

Number of keys

If both sender and receiver use the same key, the system is referred to as symmetric, single-key, secret-key, or conventional encryption.

If the sender and receiver use different keys, the system is referred to as asymmetric, two-key, or public-key encryption.

block cipher

• The way in which the plaintext is processed : A block cipher processes the input one block of elements at a time, producing an output block for each input block.

• A stream cipher processes the input elements continuously, producing output one element at a time, as it goes along.

Cryptanalysis

Typically, the objective of attacking an encryption system is to recover the key in use rather then simply to recover the plaintext of a single ciphertext. There are two general approaches to attacking a conventional encryption scheme:

1. Cryptanalysis : This type of attack exploits the characteristics of the algorithm to attempt to deduce a specific plaintext or to deduce the key being used.

2. Brute-Force attack: The attacker tries every possible key on a piece of ciphertext until an intelligible translation into plaintext is obtained.

Types of cryptanalytic attacksType of attack Known to cryptanalyst

Ciphertext only •Encryption algorithm•Ciphertext

Known plaintext •Encryption algorithm•Ciphertext•One or more plaintext-ciphertext pairs formed with the secret key

Chosen plaintext •Encryption algorithm•Ciphertext•Plaintext message chosen by cryptanalyst, together with its corresponding ciphertext generated with the secret key.

Cryptanalytic attacks…Chosen Ciphertext •Encryption algorithm

•Ciphertext•Purported ciphertext chosen by cryotanalyst, together with its corresponding decrypted plaintext generated with the secret key

Chosen Text •Encryption algorithm•Ciphertext•Plaintext message chosen by cryptanalyst, together with its corresponding ciphertext generated with the secret key.•Purported ciphertext chosen by cryotanalyst, together with its corresponding decrypted plaintext generated with the secret key

Substitution techniques

• The two basic building blocks of all encryption techniques are substitution and transposition.

• A substitution technique is one in which the letters of plaintext are replaced by other letters or by symbols.

• If plaintext is viewed as a sequence of bits, then substitution involves replacing plaintext bit patterns with ciphertext bit patterns.

Types of substitution techniques

1. Caesar Cipher

2. Modified version of Caesar cipher

3. Mono-alphabetic cipher

4. Homophonic Substitution cipher

5. Polygram Substitution cipher

6. Polyalphabetic Substitution cipher

Caesar Cipher

• This scheme was first proposed by Julius Caesar, and is termed as Caesar Cipher.

• Caesar cipher is a special case of substitution techniques wherein each alphabet in a message is replaced by an alphabet three places down the line.

• E.g. MANASI will become cipher text PDQDVL.

Algorithm to break Caesar Cipher

1. Read each alphabet in the cipher text message, and search for it in the second row in the following figure.

2. When a match is found, replace that alphabet in the cipher text message with the corresponding alphabet in the same column but the first row of the table .

3. Repeat the process of all alphabets in the cipher text message.

4. The process shown above will reveal the original plain text.

Formula for Caesar Cipher

For each plain text letter p, substitute the cipher text letter C: then

C = E(3, p) = (p + 3) mod 26

A shift may be of any amount, so that general Caesar algorithm is

C = E(k, p) = (p + k) mod 26

Where k takes on a value in the range 1 to 25.

The decryption algorithm is simply

P = D(k, C) = (C – k) mod 26

Modified version of Caesar cipher

• In this version of Caesar cipher the cipher text alphabets corresponding to the original plain text alphabets may not necessarily be three places down the order, but instead, can be any places down the order.

Algorithm to break the modified Caesar cipher

1. Let k be number equal to 12. Read the complete cipher text message3. Replace each alphabet in the cipher text message

with an alphabet that is k positions down the order.4. Increment k by 15. If k is less than 26, then go to step 2. Otherwise

stop the process.6. The original text message corresponding to the

cipher text message in one of the 25 possibilities produced by the above steps.

7. The above algorithm uses Brute – force attack

Caesar cipher…

As we have noticed, even the modified version of the Caesar cipher is not very secure. After all, the cryptanalyst needs to be aware of only following points to break a cipher text message using brute-force attack:

1. Substitution technique was used to derive the cipher text from original plain text.

2. There are only 25 possibilities to try out.3. The language of the plain text was English.Anyone armed with this knowledge can easily break

cipher text produced by the modified version of Caesar Cipher.

Monoalphabetic cipher

• In this scheme rather than using a uniform scheme for all the alphabets in a given plain text message, a random substitution is used.

• This means that in a given plain text message, each A can be replaced by any other alphabet (B through Z), each B can also be replaced by any other random alphabet (A or C through Z), and so on. The crucial difference being, there is no relation between the replacement of B and replacement of A.

• To put it mathematically, we can now have any permutation or combination of the 26 alphabets, which means (26 * 25 * 24 * 23 * …2) or 4 * 1026 possibilities.

• This type would be extremely hard to crack.

Attacking monoalphabetic cipher

• If the cryptanalyst knows the nature of the plaintext , then the analyst can exploit the regularities of the language.

• Consider following example:The ciphertext is as follows:UZQSOVUHXMOPVGPOZPEVSGZWSZOPFPESX

UDBMETSXAIZVUEPHZHMDZSHZOWSFPAPPDTSVPQUZWYMX

UZUHSXEPYEPOPDZSZUFPOMBZWPFUPZHMDJUDTMO

HMQ.

Monoalphabetic cipher…

1. The relative frequency of letters can be determined and compared to standard frequency distribution for English.

2. The relative frequencies of the letters in the cipher text are as follows:

P-13.33, Z-11.67, S-8.33, U-8.33, O-7.50, M-6.67, H-5.83, D-5.00, E-5.00, V-4.17, X-4.17, F-3.33, …..

Monoalphabetic cipher…

• There are number of ways to proceed at this point.• Comparing the brekdown it seems likely that cipher

letters P and Z are the equivalents of letters e and t, but it is not certain which is which.

• Now we would look for repeating sequences of cipher letters and try to deduce their plaintext equivalents..

• A powerful tool is to look at the frequency of two-letter combinations, known as digrams.The most most common digram is th.

• In our cipher text , the most common digram is ZW.

Monoalphabetic cipher…

• So we make the correspondence of Z with t and W with h.

• Then look for most frequent trigram. In english it is “ the”. So ZWP would be The.

• In the above manner after analyzing the entire cipher text we arrive at :

It was disclosed yesterday that several informal but direct contacts have been made with political representatives of the viet cong in moscow.

Homophonic Substitution Cipher

• In this technique one plain text alphabet can map to more tham one cipher text alphabet.

Polygram Substitution cipher

• In polygram substitution cipher technique, rather than replacing one plain text alphabet with one cipher text alphabet at a time, a block of alphabets is replaced with another block.

• For instance, HELLO could be replaced by YUQQW, but HELL could be replaced by a totally different cipher text block TEUI

• This is true in spite the first four characters of the two blocks of text being the same. This shows that in polygram substitution cipher, the replacement of plain text happens block – by – block,rather than charater – by – character.

Polyalphabetic Substitution Cipher

• Leon Battista invented the Polyalphabetic substitution Cipher in 1568.

• This cipher has been broken many times, yet it has been used extensively.

• The Vigenere cipher and the Beaufort Cipher are examples of Polyalphabetic Substitution Cipher.

• This cipher uses multiple-one character keys. Each of the keys encrypts one plain text character.

Vigenere cipher

• It is the best known and one of the simplest polyalphbetic cipher

• In this scheme, the set of related monoalphabetic substitution rules consists of the 26 Caesar ciphers, with shifts of 0 through 25.

• Each cipher is denoted by a key letter, which is the ciphertext letter that substitutes for the plain text letter a.

• Thus, a Caesar cipher with a shift of 3 is denoted by the key value d.

Vigenere cipher…

• A matrix known as Vigenere tableau is constructed.

• Each of the 26 ciphers is laid out horizontally, with the key letter for each cipher to its left.

• A normal alphabet for the plaintext runs across the top.

• The process of encryption is simple:

Vigenere cipher…

• Given a key letter x and a plaintext letter y, the cipher text letter is at the intersection of the row labeled x and the column labeled y; in this case the ciphertext is V.

• To encrypt a message, a key is needed that is as long as the message.

• Usually the key is a repeating keyword.

Vigenere Example

• For example, if the keyword is deceptive, the message “we are discovered save yourself” is encrypted as follows:

Key : deceptivedeceptivedeceptive

plaintext : wearediscoveredsaveyourself

ciphertext: ZICVTWQNGRZGVTWAVZHCQYGLMGJ

Vigenere cipher decryption

• Decreption is equally simple:• The key letter again identifies the row.• The position of the cipher text letter in that

row determines the column, and the plain text letter is at the top of that column.

• The strength of this cipher is that there are multiple ciphertext letters for each plaintext letter, one for each unique letter of the keyword.

Principal methods in substitution ciphers.

Two principal methods are used in substitution ciphers to lessen the extent to which the structure of the plain text survives in the ciphertext:

1. To encrypt multiple letters of plaintext

2. To use multiple cipher alphabets

Examples of multiple-letter encrytion cipher:

Playfair Cipher, Hill Cipher.

Playfair cipher

• The best-known multiple-letter encryption cipher is the Playfair, which treats digrams in the plaintext as single units and translates these units into cipher text digrams.

• The Playfair algorithm is based on the use of a 5 * 5 matrix of letters constructed using a keyword.

• The matrix is constructed by filling in the letters of the keyword (minus duplicates) from left to right and from top to bottom, and then filling in the remainder of the matrix with the remaining letters in alphabetic order.

Playfair …

• The letters I and J count as one letter.• Plaintext is encrypted two letters at a time,

according to the following rules :1. Repeating plaintext letters that are in the same

pair are separated with the filler letter, such as x, so that balloon would be treated as ba lx lo on.

2. Two plaintext letters that fall in the same row of the matrix are each replaced by the letter to the right, with the first element of the row circularly following the last.

Playfair…

3. Two plaintext letters that fall in the same column are each replaced by the letter beneath, with the top element of the column circularly following the last.

4. Otherwise, each plaintext letter in a pair is replaced by the letter that lies in its own row and column occupied by the other plaintext letter.

Advantages of Playfair over monoalphabetic

• The Playfair cipher is a great advance over simple monoalphabetic ciphers. For one thing, whereas there are only 26 letters, there are 26 * 26 = 676 digrams, so that identification of individual digrams is more difficult.

• Furthermore, the relative frequencies of individual letters exhibit a much greater range than that of digrams, making frequency analysis much more difficult.

• For these reasons, the Playfair cipher was for a long time considered unbreakable.

Hill Cipher

• Another interesting multiletter cipher is the Hill cipher, developed by the mathematician Lester Hill in 1929.

• The encryption algorithm takes m successive plaintext letters and substitutes for them m ciphertext letters.

• The substitution is determined by m linear equations in which each character is assigned a numerical value ( a = 0, b = 1, …, z = 25).

Hill Cipher …

• For m = 3, the system can be described as follows:

c1 = (k11p1 + k12p2 + k13p3) mod 26

c2 = (k21p1 + k22p2 + k23p3) mod 26

c3 = (k31p1 + k32p2 + k33p3) mod 26

This can be expressed in term of column vectors and matrices:

Transposition techniques

• Transposition techniques differ from substitution techniques in the way that they do not simply replace one alphabet with another: they also perform some permutation over the plain text alphabets.

• 4 techniques:1. Rail Fence Technique2. Simple Columnar Transposition Technique3. One-Time Pad (Vernam cipher)4. Book cipher / Running key cipher

Rail Fence Technique

• Rail Fence technique involves writing plain text as sequence of diagonals and then reading it row-by-row to produce cipher text.

• Algorithm is as follows: 1. Write down the plain text message as a

sequence of diagonals. 2. Read the plain text written in step 1 as a

sequence of rows.• It should be quite clear that the Rail Fence

technique is quite simple for a cryptanalyst to break into.

Simple columnar transposition technique

The algorithm is as follows:1. Write the plain text message row-by-row in a rectangle

of a pre-defined size.2. Read the message column-by-column. However, it

need not be in the order of columns 1,2,3,etc. It can be any random order such as 2,3,1,etc.

3. The message thus obtained is the cipher text message.

In short The Simple Columnar Transposition Technique simply arranges the plain text as a sequence of rows of a rectangle that are read in columns randomly.

Simple columnar transposition technique with multiple rounds

• The idea is to use the same basic procedure as used by the simple columnar transposition technique, but do it more than once.

• Cipher text produced by the Simple Columnar Transposition Technique with multiple rounds is much more complex to crack as compared to the basic technique.

Vernam Cipher (one – time pad)

• The Vernam Cipher, also called as One-Time Pad, is implemented using a random set of non-repeating characters as the input cipher text.

• The most significant point here is that once an input cipher text for transposition is used, it is never used againfor any other message (hence the name one-time).

• The length of the input cipher text is equal to the length of the original plain text.

Algorithm for Vernam cipher

1. Treat each plain text alphabet as a number in an increasing sequence, i.e. A = 0, B = 1, … Z = 25

2. Do the same for each character of the input cipher text3. Add each number corresponding to the plain text

alphabet to the corresponding input cipher text alphabet number.

4. If the sum thus produced is greater than 26, subtract 26 from it.

5. Translate each number of the sum back to the corresponding alphabet. This gives the output cipher text.

It should be clear that since the one-time pad is discarded after single use, this technique is highly secure and suitable for small plain text message, but is clearly impractical for large messages.

Vernam cipher…

• It is unbreakable.• It produces random output that bears no

statistical relationship to the plaintext.• Because the cipher text contains no

information whatsoever about the plaintext, there is simply no way to break the code.

• example : Cryptography and network security – William Stallings . Pg 49.

Book Cipher / Running key cipher

• For producing cipher text, some portion of text from a book is used, which serves the purpose of a one-time pad. Thus, the characters from a book are used as one-time pad, and they are added to the input plain text message similar to the way a one-time pad works.

Diffie-Hellman Key Exchange/Agreement Algorithm

• The beauty of this scheme is that the two parties, who want to communicate securely, can agree on a symmetric using this technique. This key can then be used for encryption / decryption.

• However, we must note that Diffie-Hellman key exchange algorithm can be used only for key agreement, but not for encryption or decryption of messages.

Diffie-Hellman key exchange algorithm

1. Firstly, Alice and Bob agree on two large prime numbers, n and g. These two integers need not be kept secret. Alice and Bob can use an insecure channel to agree on them.

2. Alice chooses another large random number x, and calculates A such that :A = gx mod n

3. Alice sends the number A to Bob.

algorithm…

4. Bob independently chooses another large random integer y and calculates B such that : B = gy mod n

5. Bob sends the number B to Alice.6. A now computes the secret key K1 as follows:

K1 = Bx mod n7. B now computes the secret key K2 as follows:

K2 = Ay mod nIt might come as a surprise, but K1 is actually

equal to K2!