NETWORK SECURITY AND CRYPTOGRAPHYNETWORK SECURITY

AND CRYPTOGRAPHY

SYMMETRIC CIPHERS :

1.Classical Encryption Techniques :

All encryption techniques are based on 2 methods, which can be used separately or
together:
1- Substitution
2- Transposition

1- Substitution Encryption Techniques:

Substitution is an encryption technique where elements in the plaintext are replaced or
mapped with another elements. There are many types of the substitution techniques
such as (monoalphabetic cipher and polyalphabetic cipher).
A – Monoalphabetic Cipher
Let’s look at an example of monoalphabetic cipher called Caesar cipher.
Caesar Cipher:
Is the simplest and the oldest known encryption techniques where elements in the
plaintext are shifted a fixed number of spaces. For example, they’re moved 3 places:

Example:
Plaintext : WELCOME TO CRYPTOGRAPHY
Ciphertext : ZHOFRPH WR FUBSWRJUDSKB
The ciphertext is produced by adding 3 positions for every letter.
As we can see here, the encryption algorithm for each plaintext P to produce a
ciphertext C, where C = E(3,P) = (P+3)mod26. So, generally the encryption algorithm
for Caesar cipher is C= E(K,P) = (P+K)mod26
The decryption algorithm for Caeser cipher is:
P= D(K,C) = (C-K)mod26
B – Polyalphabetic Cipher:
Polyalphabetic Cipher is an encryption method to improve the simple substitution
cipher techniques by using a larger key space and making the frequency of letters
analysis harder. Polyalphabetic Cipher is a block cipher with the following properties:
1- The key space consists of all order of K = (k1, k2, k3, … ki) and i= block length
2- Encryption of plaintext M = (m1, m2, m3 … mi)
Encryption algorithm:
E(m+k) = (k1(m1).k2(m2).k3(m3). ,,,, ki(mi))
Let’s see an example of Polyalphabetic Cipher called Vigenere Cipher:
Vigenere Cipher is Polyalphabetic Cipher technique and it uses 26 letters shifting from
1 to 25. It’s similar to Caesar cipher, but with a dynamic key, which changes every time
on “i”interval.
The encryption algorithm for Vigenere Cipher to produce a ciphertext C:
Ci = (Pi+Ki)
The decryption algorithm for Vigenere Cipher to produce a plaintext P:
Pi = (Ci-Ki)
Example:
Let key: K= HAMZA and plaintext = WELCOME TO CRYPTOGRAPHY
Key = HAMZAHAMZAHAMZAHAMZAH
Plaintext = WELCOMETOCRYPTOGRAPHY
Ciphertext = ZEUBOTEFNCYYBSONRMOHF

Vernam Cipher:
Vernam Cipher works on binary data rather than letters, which give us a defense against
frequency letters analysis because there’s no statistical relationship between the
plaintext and the ciphertext.
The encryption algorithm in Vernam Cipher can be expressed as:
Ci = Pi⊕Ki
Ci = ith binary digit of ciphertext.
Pi = ith binary digit of plaintext.
⊕ = exclusive-OR (XOR) operation.
Ki = ith binary digit of key.
The decryption algorithm in Vernam Cipher is:
Pi = Ci⊕Ki
One-Time Pad:
One-Time Pad is an encryption technique that’s UNBREAKABLE by using a secret
key – the key will not repeated to fit the plaintext. The key generator algorithm
generates a key for each plaintext. The ciphertext has no statistical relationship to the
plaintext. The secret key will be used to encrypt and decrypt for only one plaintext, then
the secret key will be destroyed.
For example:
Suppose we use Vernam Cipher but with One-Time Pad method, we generate a secret
key as long as the plaintext and only for this plaintext.
Let’s try to encrypt “HELLO”
Plaintext = HELLO
Secret key = XMCKL
by adding the values of each digit
Ciphertext = EQNVZ

2. Block Ciphers :
A block cipher is a symmetric cryptographic algorithm that operates on a fixed-size
block of data using a shared, secret key. Plaintext is used during the encryption, and
the resulting encrypted text is called a ciphertext. The same key is used for both the
encryption of the plaintext and the decryption of the ciphertext
Block cipher encrypts/decrypts its input one block at a time instead of one bit at a
time using a shared, secret key. The block is fixed in size; otherwise, padding is
necessary. This algorithm is symmetric. During encryption, it uses the shared key to
transform its plaintext input into a cyphertext (encrypted text). During decryption, it
uses the same key to transform the cyphertext back to the original plaintext. The
length of the output is the same as the input.
Well-known implementations of the block cipher algorithm are the Data Encryption
Standard (DES), TripleDES and the Advanced Encryption standard (AES).

3. Data encryption standard (DES) :

Data encryption standard (DES) has been found vulnerable against very powerful
attacks and therefore, the popularity of DES has been found slightly on decline.
DES is a block cipher, and encrypts data in blocks of size of 64 bit each, means 64 bits
of plain text goes as the input to DES, which produces 64 bits of cipher text. The
same algorithm and key are used for encryption and decryption, with minor
differences. The key length is 56 bits. The basic idea is show in figure.
Thus, the discarding of every 8th bit of the key produces a 56-bit key from the
original 64-bit key.
DES is based on the two fundamental attributes of cryptography: substitution (also
called as confusion) and transposition (also called as diffusion). DES consists of 16
steps, each of which is called as a round. Each round performs the steps of
substitution and transposition. Let us now discuss the broad-level steps in DES.
1. In the first step, the 64 bit plain text block is handed over to an initial
Permutation (IP) function.
2. The initial permutation performed on plain text.
3. Next the initial permutation (IP) produces two halves of the permuted block;
says Left Plain Text (LPT) and Right Plain Text (RPT).
4. Now each LPT and RPT to go through 16 rounds of encryption process.
5. In the end, LPT and RPT are rejoined and a Final Permutation (FP) is
performed on the combined block
6. The result of this process produces 64 bit cipher text.

4. Finite Fields:

We review some well-known facts about finite fields. - For any finite field F,
there exist a prime p and a positive integer n such that F has p n elements. The prime
p is the characteristic of F. - Conversely, for any prime p and a positive integer n
there is a finite field with q = p n elements and this field is unique up to isomorphism.
Such a field is denoted by Fq. For any a ∈ F ∗ q , a q−1 = 1 by the Theorem of
Lagrange from group theory. - Let Fq be a finite field and Ω its algebraic closure. Then,
for any positive integer n, the splitting field of the polynomial Xq n − X over Fq is the
unique subfield of Ω with q n elements. Moreover, Fqm ⊆ Fqn if and only if m divides
n. Thus, the lattice of the subfields of Ω containing Fq is isomorphic to the lattice of
the nonnegative integers ordered by divisibility.

5. Advanced Encryption Standard :

The more popular and widely adopted symmetric encryption algorithm likely to be
encountered nowadays is the Advanced Encryption Standard (AES). It is found at least six
time faster than triple DES.

A replacement for DES was needed as its key size was too small. With increasing computing
power, it was considered vulnerable against exhaustive key search attack. Triple DES was
designed to overcome this drawback but it was found slow.

The features of AES are as follows −

 Symmetric key symmetric block cipher

 128-bit data, 128/192/256-bit keys

 Stronger and faster than Triple-DES

 Provide full specification and design details

 Software implementable in C and Java

Operation of AES
AES is an iterative rather than Feistel cipher. It is based on ‘substitution–permutation
network’. It comprises of a series of linked operations, some of which involve replacing
inputs by specific outputs (substitutions) and others involve shuffling bits around
(permutations).

Interestingly, AES performs all its computations on bytes rather than bits. Hence, AES treats
the 128 bits of a plaintext block as 16 bytes. These 16 bytes are arranged in four columns
and four rows for processing as a matrix −

Unlike DES, the number of rounds in AES is variable and depends on the length of the key.
AES uses 10 rounds for 128-bit keys, 12 rounds for 192-bit keys and 14 rounds for 256-bit
keys. Each of these rounds uses a different 128-bit round key, which is calculated from the
original AES key.

The schematic of AES structure is given in the following illustration −

Encryption Process:
Here, we restrict to description of a typical round of AES
encryption. Each round comprise of four sub-processes. The first
round process is depicted below −
*Symmetric Ciphers :