Authentication Text Source Using
Rail Fence Cryptography Technique
Andysah Putera Utama Siahaan
Universitas Sumatra Utara
Jl. Dr. Mansur No. 9, Medan, Sumatra Utara, Indonesia
andysahputrautamasiahaan@yahoo.com
Abstract — This paper presents the basic principle of using
rail fence cryptography in authenticating data. Special
outline is put on showing the relationships among several
method of cryptography model.. Other sections cover
other the important methods such as converting to cipher
text, recovering to plain text, and provide references to
significant work on cryptography. Recent advances in
cryptography are also briefly discussed.
Keywords — cryptography, cipher, plain, algorithm,
computer
I. INTRODUCTION
Until now, cryptography has been an interest lesson to
learn. Cryptography is primarily used by military and
diplomatic communities. Private individuals and even
commercial organizations have rarely considered it necessary
to support the protection of their communications. Today,
however, several factors have combined to stimulate great
interest in commercial applications. Electronic devices are
replacing paper media in a rapidly increasing variety of
applications. The effect of this is both to increase the amount
and variety of information available to an eavesdropper, and
to make the act of eavesdropping easier. Fortunately the same
factors which promote the spread of electronic
communications are producing, a marked decrease in the cost
of cryptography.
Where once the nation's business was conducted either by
personal contact or written correspondence, it is now handled
largely over the telephone, creating the environment for a
substantial wiretapping industry. The replacement of wires by
microwaves has even allowed the wireman to ply his trade
without having to tap any actual wires. Finally, the
introduction of direct long distance dialing has made it
possible to identify calls of interest even when the tap is
placed a long way from the person being spied upon, because
each call is preceded by a digital sequence identifying the
number being called.
II. BASIC CONCEPT
When valuable or secret data must be saved or transmitted,
they are frequently protected physically through the use of
safes, armed couriers, shielded cables, and the like. As
electronic forms of communication and storage take over from
their predecessors, however, such measures often become
inapplicable, insufficient or uneconomical, and other
techniques must be employed. Central among these techniques
is cryptography: the use of transformations of data intended to
make the data useless to one's opponents. Such
transformations provide solutions to two major problems of
data security: the privacy problem, preventing an opponent
from extracting information from a communication channel,
and the authentication problem, preventing an opponent from
injecting false data into the channel.
In telephone communication the problem of authentication
predominates, since the called party cannot determine who is
calling. Eavesdropping, which requires the use of a wiretap, is
technically more difficult and legally more hazardous than
calling and pretending to be someone else. In radio
communication, the situation is reversed. Eavesdropping is
passive and involves scant legal hazard, while injection
exposes the illegitimate transmitter to discovery and
prosecution. Sometimes it is sufficient to authenticate that a
message has not been modified by a third party. At other
times, it is important for the receiver to be able to prove that
he actually received the message from the sender and that he
has not modified it or originated it himself. The problem of
dispute is to provide the recipient of a message with legal
proof of the identity of the sender. On channels used for
electronic funds transfer or contract negotiation, it is
important to provide the electronic equivalent of a written
signature, in order to settle any dispute between the sender
and receiver as to what message, if any, was sent. The
problems of privacy and authentication are closely related and
techniques for solving one can frequently be applied to the
other. This paper examines the problem of privacy first
because it is the older, the more widespread, and the more
familiar of the two.
III. AUTHENTICATION
Authentication is the act of establishing or confirming
something (or someone) as authentic, that is, that claims made
by or about the subject are true. This might involve
confirming the identity of a person, tracing the origins of an
artifact, ensuring that a product is what its packaging and
labeling claims to be, or assuring that a computer program is a
trusted one.
A. Authentication Method
In art, antiques, and anthropology, a common problem is
verifying that a given artifact was produced by a certain
famous person, or was produced in a certain place or period of
history.
There are two types of techniques for doing this. The first is
comparing the attributes of the object itself to what is known
about objects of that origin. For example, an art expert might
look for similarities in the style of painting, check the location
and form of a signature, or compare the object to an old
photograph. An archaeologist might use carbon dating to
verify the age of an artifact, do a chemical analysis of the
materials used, or compare the style of construction or
decoration to other artifacts of similar origin. The physics of
sound and light, and comparison with a known physical
environment, can be used to examine the authenticity of audio
recordings, photographs, or videos.
Attribute comparison may be vulnerable to forgery. In
general, it relies on the fact that creating a forgery
indistinguishable from a genuine artifact requires expert
knowledge, that mistakes are easily made, or that the amount
of effort required to do so is considerably greater than the
amount of money that can be gained by selling the forgery.
In art and antiques certificates are of great importance,
authenticating an object of interest and value. Certificates can,
however, also be forged and the authentication of these pose a
problem. For instance, the son of Han van Meegeren, the well-
known art-forger, forged the work of his father and provided a
certificate for its provenance as well; see the article Jacques
van Meegeren. Criminal and civil penalties for fraud, forgery,
and counterfeiting can reduce the incentive for falsification,
depending on the risk of getting caught.
The second type relies on documentation or other external
affirmations. For example, the rules of evidence in criminal
courts often require establishing the chain of custody of
evidence presented. This can be accomplished through a
written evidence log, or by testimony from the police
detectives and forensics staff that handled it. Some antiques
are accompanied by certificates attesting to their authenticity.
External records have their own problems of forgery and
perjury, and are also vulnerable to being separated from the
artifact and lost.
Currency and other financial instruments commonly use the
first type of authentication method. Bills, coins, and cheques
incorporate hard-to-duplicate physical features, such as fine
printing or engraving, distinctive feel, watermarks, and
holographic imagery, which are easy for receivers to verify.
Consumer goods such as pharmaceuticals, perfume, fashion
clothing can use either type of authentication method to
prevent counterfeit goods from taking advantage of a popular
brand's reputation (damaging the brand owner's sales and
reputation). A trademark is a legally protected marking or
other identifying feature which aids consumers in the
identification of genuine brand-name goods.
B. Authentication Factors and Identity
The ways in which someone may be authenticated fall into
three categories, based on what are known as the factors of
authentication: something you know, something you have, or
something you are. Each authentication factor covers a
range of elements used to authenticate or verify a person's
identity prior to being granted access, approving a transaction
request, signing a document or other work product, granting
authority to others, and establishing a chain of authority.
Security research has determined that for a positive
identification, elements from at least two, and preferably all
three, factors be verified.[1] The three factors (classes) and
some of elements of each factor are:
 the ownership factors: Something the user has (e.g.,
wrist band, ID card, security token, software token,
phone, or cell phone)
 the knowledge factors: Something the user knows
(e.g., a password, pass phrase, or personal
identification number (PIN), challenge response (the
user must answer a question))
 the inherence factors: Something the user is or does
(e.g., fingerprint, retinal pattern, DNA sequence
(there are assorted definitions of what is sufficient),
signature, face, voice, unique bio-electric signals, or
other biometric identifier).
C. Authentication vs. Authorization
The process of authorization is sometimes mistakenly
thought to be the same as authentication; many widely
adopted standard security protocols, obligatory regulations,
and even statutes make this error. However, authentication is
the process of verifying a claim made by a subject that it
should be allowed to act on behalf of a given principal
(person, computer, process, etc.). Authorization, on the other
hand, involves verifying that an authenticated subject has
permission to perform certain operations or access specific
resources. Authentication, therefore, must precede
authorization.
For example, when you show proper identification
credentials to a bank teller, you are asking to be authenticated
to act on behalf of the account holder. If your authentication
request is approved, you become authorized to access the
accounts of that account holder, but no others.Even though
authorization cannot occur without authentication, the former
term is sometimes used to mean the combination of both.
 IV. IMPLEMENTATION IN RAIL FENCE CRYPTOGRAPHY

Rail Fence Cipher generally refers to a form of

transposition cipher. It derives its name from the way in which
it is encoded. In the rail fence cipher, the plaintext is written
downwards and diagonally on successive "rails" of an
imaginary fence, then moving up when we reach the bottom
rail. When we reach the top rail, the message is written
downwards again until the whole plaintext is written out. The
message is then read off in rows.

Rail Fence Cipher is also called Zig Zag Cipher. The term
Zigzag cipher may refer to the Rail Fence Cipher as described
above. However, it may also refer to a different type of cipher
system that looks like a zigzag line going from the top of the
page to the bottom. As described in Fletcher Pratt's Secret and
Urgent, it is "written by ruling a sheet of paper in vertical
columns, with a letter at the head of each column. A dot is
made for each letter of the message in the proper column,
reading from top to bottom of the sheet. The letters at the head
of the columns are then cut off, the ruling erased and the
message of dots sent along to the recipient, who, knowing the
width of the columns and the arrangement of the letters at the
top, reconstitutes the diagram and reads what it has to say.

Below is the illustration:

 REFERENCES

Robert Stinson, Douglas. “Cryptography: theory and practice”,

Chapman & Hall/CRC. 2006.
http://en.wikipedia.org/wiki/Transposition_cipher, access time : April,
10th , 2011.
http://en.wikipedia.org/wiki/Topics_in_cryptography, access time : April,
10th , 2011
http://en.wikipedia.org/wiki/Cryptography, access time : April, 10th ,
2011.
http://www.cryptogram.org/cdb/aca.info/aca.and.you/chapter_09.pdf#RA
ILFE, access time : April, 10th , 2011.
http://en.wikipedia.org/wiki/Rail_fence, access time : April, 10th , 2011.