You are on page 1of 101

Symmetric Ciphers

Classical Encryption Techniques

1
Encryption Algorithms
Symmetric
o Key at the sender side is same as receiver side
o Key is called secret key
Asymmetric
o Sender and receiver have different keys, called
private keys
o Public key is derived from private key
o Public key is sent on the channel
o Hence secrecy of key is maintained

2
Simplified Model of Symmetric Encryption

3
Simplified Model of Symmetric Encryption

4
Simplified Model of Symmetric Encryption

5
Simplified Model of Symmetric Encryption

6
Some Basic Terminology
Plaintext - original message
Ciphertext - enciphered message
Cipher - algorithm for transforming plaintext to
ciphertext
Secret key - information used to encrypt and decrypt
Encipher (encryption) - convert plaintext to ciphertext
Decipher (decryption) - recover plaintext from
ciphertext
Cryptography Area of encryption schemes
Cryptanalysis (code breaking) - Methods of
deciphering ciphertext without knowledge of key
Cryptology - Field of cryptography and cryptanalysis
7
Model of Symmetric Cryptosystem
Cryptanalyst X
K

X
Message X Encryption Decryption
Destination
source Algorithm Y=E(K,X) Algorithm

Secure
channel
K

Key
source

8
Model of Symmetric Cryptosystem
Cryptanalyst X
K

X
Message X Encryption Decryption
Destination
source Algorithm Y=E(K,X) Algorithm

Secure
channel
K

Key
source

9
Model of Symmetric Cryptosystem
Cryptanalyst X
K

X
Message X Encryption Decryption
Destination
source Algorithm Y=E(K,X) Algorithm

Secure
channel
K

Key
source

10
Cryptanalysis
Try to recover key and or message
general approaches
cryptanalytic attack-
knowledge of algorithm
general characteristics of the plain text
sample plaintext-ciphertext pairs
brute-force attack-
every possible key on ciphertext to extract
plaintext
generally, half of all possible keys are required

11
Brute Force Search
try every key
proportional to key size

Key Size (bits) Number of Alternative Time required at 1 Time required at 106
Keys decryption/s decryptions/s
32 232 = 4.3 109 231 s = 35.8 minutes 2.15 milliseconds
56 256 = 7.2 1016 255 s = 1142 years 10.01 hours
128 2128 = 3.4 1038 2127 s = 5.4 1024 years 5.4 1018 years

168 2168 = 3.7 1050 2167 s = 5.9 1036 years 5.9 1030 years

26 characters 26! = 4 1026 2 1026 s = 6.4 1012 years 6.4 106 years
(permutation)

On average, half of all possible keys must be tried to achieve success


12
Brute Force Search
try every key
proportional to key size

Key Size (bits) Number of Alternative Time required at 1 Time required at 106
Keys decryption/s decryptions/s
32 232 = 4.3 109 231 s = 35.8 minutes 2.15 milliseconds
56 256 = 7.2 1016 255 s = 1142 years 10.01 hours
128 2128 = 3.4 1038 2127 s = 5.4 1024 years 5.4 1018 years

168 2168 = 3.7 1050 2167 s = 5.9 1036 years 5.9 1030 years

26 characters 26! = 4 1026 2 1026 s = 6.4 1012 years 6.4 106 years
(permutation)

On average, half of all possible keys must be tried to achieve success


13
Brute Force Search
try every key
proportional to key size

Key Size (bits) Number of Alternative Time required at 1 Time required at 106
Keys decryption/s decryptions/s
32 232 = 4.3 109 231 s = 35.8 minutes 2.15 milliseconds
56 256 = 7.2 1016 255 s = 1142 years 10.01 hours
128 2128 = 3.4 1038 2127 s = 5.4 1024 years 5.4 1018 years

168 2168 = 3.7 1050 2167 s = 5.9 1036 years 5.9 1030 years

26 characters 26! = 4 1026 2 1026 s = 6.4 1012 years 6.4 106 years
(permutation)

On average, half of all possible keys must be tried to achieve success


14
Symmetric Encryption

substitution
transposition
product

15
Symmetric Encryption
Transposition cipher
o Arrangement of bits without changing the value
o For n bit cipher n! rearrangements are possible
o Required number of key bits = ceil(log2(n!))
o For n=3, n!=6 and key size is = 3
o For 6 possible transpositions we are using 3 bit key
o Therefore out of 8 possible keys only 6 are used
Substitution cipher
o Substitutes the bits with another bits
o Number of possible substitutions is 2n
o Number of possible substitution arrangements is 2n!
o Number of key bits = log2(2n!)
o For n=3, 2n! =40320 and key size is = 16
o Therefore out of 216=65536 possible keys only 40320 are used
o Lot of unused keys 16
Substitution Ciphers

Letters of plaintext are replaced by other letters or


by numbers or symbols

If plaintext is viewed as a sequence of bits, then


substitution involves replacing plaintext bit patterns
with ciphertext bit patterns

17
Types of Substitution Cipher
o Caesar
o Playfair
o Hill
o Vigenere
o Vernam
o One-Time Pad

18
Caesar Cipher
Replaces each letter by 3rd letter after the current letter
in sequence
Define transformation as:
Plaintext: a b c d e f g h i j k l m n o p q r s t u v w x y z
Ciphertext: D E F G H I J K L M N O P Q R S T U V W X Y Z A
BC
example:
Plain: caesar cipher
Cipher: FDHVDU FLSKHU

19
Caesar Cipher
Mathematically each letter is given a number
a b c d e f g h i j k l m n o p q r s t u v w x y z

0 1 2 3 4 5 6 7 8 9 10 11 12 1 1 1 1 1 1 1 2 2 2 2 2 2
3 4 5 6 7 8 9 0 1 2 3 4 5

General Caesar cipher is


c = E(k, p) = (p + k) mod (26)
p = D(k, c) = (c k) mod (26)
Also called additive cipher
Example
Plaintext: Encrypt message
Key: 3, ignore spaces
Ciphertext: HQFUBSWPHVVDJH
20
Additive Ciphers
a b c d e f g h i j k l m n o p q r s t u v w x y z

0 1 2 3 4 5 6 7 8 9 10 11 12 1 1 1 1 1 1 1 2 2 2 2 2 2
3 4 5 6 7 8 9 0 1 2 3 4 5

Key can be any number between 0 and 25


Plaintext: Home
Key : 6
Home = {7, 14, 12, 4}
(P + k) mod 26 = {7, 14, 12, 4} + 6
= {13, 20, 18, 10}
Ciphertext
= NUSK
21
Cryptanalysis of additive Cipher

Not secure
Algorithm is known
26 possible ciphers

brute force search


eg. break ciphertext: GCUAVQDTGCM
o Key = 1
o plain text: FBTZUPCSFBL
o Key = 2
o Plaintext: EASYTOBREAK

22
Multiplicative Ciphers
C= (P K) mod 26
P = (C K-1) mod 26
P= home, K = 7
C= (7x7)mod 26, (14x7)mod26, (12x7)mod26 ,
(4x7) mod26
= 23, 20, 6, 2
= XUGC

23
Affine Cipher
C = ((P x k1) + k2 ) mod 26
P = ((C- k2) x k1-1 ) mod 26

24
Affine Cipher

Additive, multiplicative and affine ciphers have


small key domains.
This is because each alphabet altered by a key of
length one
Hence key is 26 letters long
Therefore vulnerable to brute-force attack
To reduce vulnerability, shuffle plaintext using a key
of length 26

25
Monoalphabetic substitution Cipher

Key table
a b c d e f g h i j k l m n o p q r s t u v w x y z

N O A T R B E C F U X D Q G Y L K H V I J M P Z S W

Example
Plain : wish
Cipher: PFVC
A total of 26! = 4 x 1026 possible keys for monoalphabetic
General Caesar has 26 possible keys
Therefore security of monoalphabetic is better than
additive cipher

26
Monoalphabetic Cipher Security
It is not completely secure
Statistical attack based on the frequency of characters
can be used
If cryptanalyst knows language, regularities in language
and nature of plain text
Then it is possible to predict plaintext
Each letter is encrypted to the same letter even if that
letter repeats in the plaintext
Ex: Therefore ICRHRBYHR
Frequency of e is 3 in plaintext and R is 3 in ciphertext
Monoalphabetic cipher does not change the frequency
of characters in ciphertext
Therefore vulnerable to statistical attack
27
English Letter Frequencies

28
Language Redundancy and
Cryptanalysis

In English, e is the most common letter


followed by t, r, n, l, o, a, s
Other letters like Z,J,K,Q,X are fairly rare
Table double & triple letter frequencies for
various languages can also be used

29
Letter frequency for Cryptanalysis
a b c d e f g h i j k l m n o p q r s t u v w x y z

N O A T R B E C F U X D Q G Y L K H V I J M P Z S W

Ex: plaintext: considerthisexample


ciphertext: AYGVFTRHICFVRZNQLR
e occurs max (3) times in plaintext
R occurs max (3) times in ciphertext
Similarly number of occurrences for other letters is
same
Calculate letter frequencies for ciphertext
Compare frequencies against known values

30
Example Cryptanalysis
given ciphertext:
UZQSOVUOHXMOPVGPOZPEVSGZWSZOPFPESXUDBMETSXAIZ
VUEPHZHMDZSHZOWSFPAPPDTSVPQUZWYMXUZUHSX
EPYEPOPDZSZUFPOMBZWPFUPZHMDJUDTMOHMQ
count relative letter frequencies
P & Z are e and t
ZW is th and hence ZWP is the
proceeding with trial and error finally get
it was disclosed yesterday that several informal but
direct contacts have been made with political
representatives of the viet cong in moscow

31
Attacks on Additive Cipher
Ciphertext only
Apply Bruteforce method
Do a frequency count for letters like, e, t
Known plaintext
If one plaintext letter and corresponding
ciphertext then key can be deduced
Ex: t (=19) D(=3) then
k=(3-19) mod 26= -16=10
Chosen plaintext
ciphertext gives the key for the chosen plaintext
Chosen ciphertext
plaintext gives the key for the chosen ciphertext
Therefore large number of keys in a monoalphabetic
cipher do not provide security 32
Playfair Cipher

Monoalphabetic cipher
Encrypt multiple (two) letters called digram at once
Provides better security

33
Playfair Key Matrix
Keyword is MONARCHY

M O N A R
C H Y

34
Playfair Key Matrix
Keyword is MONARCHY

M O N A R
C H Y B

35
Playfair Key Matrix
Keyword is MONARCHY

M O N A R
C H Y B D

36
Playfair Key Matrix
Keyword is MONARCHY

M O N A R
C H Y B D
E F G I/J K
L P Q S T
U V W X Z

Plaintext: unit
Ciphertext: WMKS

37
Playfair Encryption
Plaintext is encrypted two letters at a time
If plaintext has odd number of characters then
add a filler, x at the end
If a pair has repeated letters, insert filler like 'X
symmetric sy mx me tr ic
Encryption
o If both letters fall in the same row, replace each
with letter to right (wrapping back to start from
end)
o if both letters fall in the same column, replace
each with the letter below it (wrapping to top
from bottom)
o otherwise each letter is replaced by the letter in
the same row and in the column of the other
letter of the pair
38
Playfair Cipher
Keyword is MONARCHY
Plaintext is HOUSE

M O N A R
C H Y B D
E F G I/J K
L P Q S T
U V W X Z

Plaintext: HO US EX
Ciphertext: FH XL IU
39
Playfair Cipher
Keyword: playfair
Key: playfir
Plaintext: meet at the school

P L A Y F
I R B C D
E G H K M
N O Q S T
U V W X Z

Plaintext: ME ET AT TH ES CH OX OL
Ciphertext: EG MN FQ QM KN BK SV VR
40
Security of Playfair Cipher

Brute-force is very difficult


Ciphertext only attack is possible
Security is better than monoalphabetic
Key domain is 25!
Has 26 x 26 = 676 digrams
would need a 676 entry frequency table to
analyse (verses 26 for a monoalphabetic)
Frequency of digrams can be used to deduce
the key
Can be broken, given a few hundred letters

41
Hill Cipher

p is plaintext matrix
c is ciphertext matrix
k is key matrix
c =p x k mod 26
p = c x k-1 mod 26

42
Modulo Arithmetic, 26

(3+24)mod 26
= 27 mod 26=1
(14-20)mod 26
=(-6)mod26=20
If (a*b) mod 26=1 then a and b are
multiplicative inverse of each other
Multiplicative inverse: 3*9=27 mod 26=1
3 and 9 are multiplicative inverse of each
other
43
Multiplicative Inverse for Modulo 26

number Multiplicativ number Multiplicativ


e inverse e inverse
1 1
3

44
Multiplicative Inverse for Modulo 26

number Multiplicativ number Multiplicativ


e inverse e inverse
1 1
3 9

45
Multiplicative Inverse for Modulo 26

number Multiplicativ number Multiplicativ


e inverse e inverse
1 1
3 9
5
7
9
11

46
Multiplicative Inverse for Modulo 26

number Multiplicativ number Multiplicativ


e inverse e inverse
1 1
3 9
5 21
7
9
11

47
Multiplicative Inverse for Modulo 26

number Multiplicativ number Multiplicativ


e inverse e inverse
1 1
3 9
5 21
7 15
9
11

48
Multiplicative Inverse for Modulo 26

number Multiplicativ number Multiplicativ


e inverse e inverse
1 1
3 9
5 21
7 15
9 3
11 19

49
Multiplicative Inverse for Modulo 26

number Multiplicativ number Multiplicativ


e inverse e inverse
1 1 15 7
3 9 17 23
5 21 19 11
7 15 21 5
9 3 23 17
11 19

Not all the number have multiplicative inverses

50
Hill Cipher
Each letter of plaintext is assigned a numerical
value, a=0, b=1, z=25

Key is n x n matrix, n<= length of plaintext

11 12 13
k = 21 22 23
31 32 33

p = {p1 p2 p3}, c = {c1 c2 c3}

51
Hill Cipher

11 12 13
1 2 3 = (1 2 3 ) 21 22 23 mod 26
31 32 33
c1 = (k11p1 + k21p2 + k31p3) mod 26
c2 = (k12p1 + k22p2 + k32p3) mod 26
c3 = (k31p1 + k32p2 + k33p3) mod 26

c=p x k mod 26

52
Example Hill Cipher
Plaintext: paymoremoney
= pay mor emo ney

17 17 5
K= 21 18 21
2 2 19

abcdefghij k l m n o p q r s t u v w x y z
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25

{pay} {15,0,24},

c=p k mod 26

53
Ciphertext

17 17 5
= (15 0 24) 21 18 21 mod 26
2 2 19

c = (303 303 531) mod 26


= (17 17 11)
= RRL
paymoremoneyRRLMWBKASPDH

54
Example Hill Cipher
Plaintext: abc

1 2 3
K= 4 5 6
11 9 8

abcdefghij k l m n o p q r s t u v w x y z
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25

{abc} {0,1,2},

c=p x k mod 26

55
Ciphertext

1 2 3
= (0 1 2) 4 5 6 mod 26
11 9 8

c = (0 23 22) mod 26
= AXW

56
Example Hill Cipher contd.

For decryption, c k-1 mod 26 = p

Hides multiple letter frequency

Larger matrix hides more frequency information

57
Inverse of A mod 26
5 8
A=
17 3
5 8
det =(5x3)-(8x17)= -121 mod 26
17 3
=(-121)+(5x26)=9
(1/9) mod 26=3
3 17 T 3 8 9 24
A-1 mod 26=3 =3 =
8 5 17 5 51 15
9 2
=
1 15

58
Determinant of Matrix
11 12
For A= 22 , det(A) = a11a22 a21a12
21

11 12 13
For A= 21 22 23
31 32 33

det(A) = a11a22 a33 a11a23a32 - a21a12 a33+ a21a13a32


a31a12 a23 a31a22a13

59
Inverse of Matrix
2 4 3
For k= 6 1 5
2 1 3
Det(k) = 2(3-5)-6(12-3)-2(20-3)= -92
If A has nonzero determinant then A has
inverse, k-1
Inv(k) =BT
Bi,j = cofi,j(k)/det(A)
b23 = -[(2x1)-(4x(-2))]/-92=10/92

60
Inverse of Matrix contd..
2 4 3
For k = 6 1 5
2 1 3
b11 =[(1x3)-(5x1)]/-92=2/92
b23 = -[(2x1)-(4x(-2))]/-92=10/92
2 9 17
B = (1/92) 28 12 8
8 10 22
2 28 8
Inv(k) =BT =(1/92) 9 12 10
17 8 22

61
Hill Cipher: example
Plaintext: CAT, C=2, A=0, T=19
Key, k
6 24 1
k= 13 16 10 ,
20 17 15

p=[2 0 19]

c=p x k= [392 371 287] mod 26=[2 7 1]

Ciphertext=CHB

62
Decipher text
Compute k-1
8 5 10
k-1= 21 8 21
21 12 8
8 5 10
c x k-1= [2 7 1] 21 8 21 mod 26
21 12 8
= [184 78 175] mod 26
= [2 0 19]
Alternative, c=pT x k
p = k x cT

63
Cryptanalyst for Hill Cipher

Brute-force is extremely difficult


Statistical analysis based on the frequency on single
letter, digrams, trigrams is also not possible
Known plaintext attack is possible.
E must know size of key, m and m pairs of plaintext
and ciphertext
Assume length of plaintext and ciphertext is m

64
Cryptanalyst for Hill Cipher

Construct m x m matrices, X and Y.

Plaintext: hillcipher and Ciphertext: HCRZSSXNSP

hiHC i.e. (7 8)K mod 26 = (7 2)

ll RZ i.e. (11 11)K mod 26 = (17 25)

65
Cryptanalysis example
Y = Xk mod 26
7 2 7 8
= 26
17 25 11 11
k=X-1Y
1
7 8 25 22
1 = =
11 11 1 23

25 22 7 2
k=
1 23 17 25 If X is not invertible
549 600 then form additional
= 26 plaintext-ciphertext
398 577
3 2 pair
=
8 5 66
Polyalphabetic Ciphers
For monoalphabetic cipher each letter is encrypted to
the same letter for every occurrence of the plaintext
letter
For example letter between dgvyggp
For polyalphabetic, each occurrence of a character
may have a different substitute
The relationship between a character in the plaintext to
a character in the cipher text is one to many
For example a can be enciphered to D in the
beginning and to F later
Therefore frequency of a is hidden in the cipher
Therefore statistical attack based on frequency can not
be used
For polyalphabetic, each ciphertext character is
dependent on the plaintext letter and its position

67
Vigenre Cipher
Plaintext, p=p0, p1,,pn-1
Key, k = k0, k1, ..., km-1 (m<n)
Ciphertext, c=c0,c1, , cn-1
=(p0+ k0)mod 26 , (p1+ k1)mod 26+
Ci=(pi+ki)mod 26
Plaintext: poly 15 14 12 24
Key: beam 1 4 0 13
Ciphertext: QSLK 16 18 12 11
Decryption works in reverse
Ci=(pi-ki)mod 26

68
Example of Vigenre Cipher

use each key letter as a additive cipher key


eg keyword: deceptive
o plaintext: we are discovered save yourself

o plaintext: wearediscoveredsaveyourself

o key: deceptivedeceptivedeceptive

69
Example of Vigenre Cipher
key d e c e p t i v e
k
plain w e a r e d i s c o v e r e
p
c
cipher

key
k
plain d s a v e y o u r s e l f
p
c
cipher

70
Example of Vigenre Cipher
key d e c e p t i v e d e c e p
k
plain w e a r e d i s c o v e r e
p
c
cipher

key t i v e d e c e p t i v e
k
plain d s a v e y o u r s e l f
p
c
cipher

71
Example of Vigenre Cipher
key d e c e p t i v e d e c e p
k 3 4 2 4 15 19 8 21 4 3 4 2 4 15
plain w e a r e d i s c o v e r e
p 22 4 0 17 4 3 8 18 2 14 21 4 17 4
c
cipher

key t i v e d e c e p t i v e
k 19 8 21 4 3 4 2 4 15 19 8 21 4
plain d s a v e y o u r s e l f
p 3 18 0 21 4 24 14 20 17 18 4 11 5
c
cipher

72
Example of Vigenre Cipher
key d e c e p t i v e d e c e p
k 3 4 2 4 15 19 8 21 4 3 4 2 4 15
plain w e a r e d i s c o v e r e
p 22 4 0 17 4 3 8 18 2 14 21 4 17 4
c 25 8 2 21 19 22 16 13 6 17 25 6 21 19
cipher Z I C V T W Q N G R Z G V T

key t i v e d e c e p t i v e
k 19 8 21 4 3 4 2 4 15 19 8 21 4
plain d s a v e y o u r s e l f
p 3 18 0 21 4 24 14 20 17 18 4 11 5
c 22 0 21 25 7 2 16 24 6 11 12 6 9
cipher W A V Z H C Q Y G L M G J

ciphertext:ZICVTWQNGRZGVTWAVZHCQYGLMGJ
73
Security of Vigenre Ciphers
Key length is 9
Therefore, letters at 1,10,19,28, are shifted by same
number
o key: deceptivedeceptivedeceptive
o plaintext: wearediscoveredsaveyourself

If two identical sequences of plaintext occur at integer


multiple of keyword length then they generate identical
cipher text.
Ex: red is repeated after 9 characters
o key: dec ept ivedec ept ive deceptive
o plaintext: wea red iscove red saveyourself
o Ciphertext: ... VTWVTW.
If message is long then there can be many repetitive
characters

74
Autokey Cipher
keyword is concatenated with plaintext
eg. given key deceptive
plaintext: wearediscoveredsaveyourself
key: deceptivewearediscoveredsav
ciphertext: ZICVTWQNGKZEIIGASXSTSLVVWLA
Keyword and plaintext have same
frequency distribution
Statistical techniques can be used

75
Vernam Cipher

Works on binary data


ci = pi + ki, where + is XOR operation
Decryption is pi = ci + ki
Length of key = length of plaintext
Advantage: Key has no statistical
relationship to plaintext
Disadvantage: Uses a very long but
eventually repeating key

76
One-Time Pad
Use one key for one message
If a random key is used for each message
then cipher is secure
If two identical sequences of plaintext occur
at integer multiple of keyword length then
they generate identical cipher text.
Advantage: Ciphertext bears no statistical
relationship to the plaintext
Limitation: generation & safe distribution of
key

77
One-time pad version of Vigenere
cipher
Key is a stream of random numbers between 0 and
26
Plaintext letters shift by key numbers
Ex: a) plaintext: sendmoremoney
key: 9 0 1 7 23 15 21 14 11 11 2 8 9
B) Determine key so that ciphertext decrypts to
plaintext cashnotneeded

78
Example: vigenere

plain s e n d m o r e m o n e y

Plain
number
key 9 0 1 7 23 15 21 14 11 11 2 8 9

Cipher
number
cipher

79
Example: vigenere

plain s e n d m o r e m o n e y

Plain 18 4 13 3 12 14 17 4 12 14 13 4 24
number
key 9 0 1 7 23 15 21 14 11 11 2 8 9

Cipher
number
cipher

80
Example: vigenere

plain s e n d m o r e m o n e y

Plain 18 4 13 3 12 14 17 4 12 14 13 4 24
number
key 9 0 1 7 23 15 21 14 11 11 2 8 9

Cipher 1 4 14 10 9 3 12 18 23 25 15 12 7
number
cipher

81
Example: vigenere

plain s e n d m o r e m o n e y

Plain 18 4 13 3 12 14 17 4 12 14 13 4 24
number
key 9 0 1 7 23 15 21 14 11 11 2 8 9

Cipher 1 4 14 10 9 3 12 18 23 25 15 12 7
number
cipher B E O K J D M S X Z P M H

82
Example: find key to decipher

Plain C a s h n o t n e e d e d

Plain 2 0 18 7 13 14 19 13 4 4 3 4 3
number
key

Cipher 1 4 14 10 9 3 12 18 23 25 15 12 7
number
cipher B E O K J D M S X Z P M H

83
Example: find key to decipher

Plain C a s h n o t n e e d e d

Plain 2 0 18 7 13 14 19 13 4 4 3 4 3
number
key

Cipher 1= 4 14= 10 9= 3= 12= 18 23 25 15 12 7


number 27 40 35 29 38
cipher B E C K J D M S X Z P M H

84
Example: find key to decipher

Plain C a s h n o t n e e d e d

Plain 2 0 18 7 13 14 19 13 4 4 3 4 3
number
key 25 4 22 3 22 15 19 5 19 21 12 8 4

Cipher 1= 4 14= 10 9= 3= 12= 18 23 25 15 12 7


number 27 40 35 29 38
cipher B E C K J D M S X Z P M H

85
Transposition Ciphers

Also called permutation ciphers


Hide message by rearranging the letter
order without altering the actual letters used
Can recognise these since have the same
frequency distribution as the original text

86
Rail Fence cipher
Message letters are written diagonally over a
number of rows
Ciphertext is read off row by row
eg. plaintext: rail fence cipher
r i f n e i h r
a l e c c p e
Ciphertext:
RIFNEIHRALECCPE

87
Row Transposition Ciphers
Message is arranged in 2-D array
Reorder the columns according to some key before
reading off the rows
Plaintext: attack postponed until two am

Key: 4 3 1 2 5 6 7

Matrix : a t t a c k p
o s t p o n e
d u n t i l t
w o a m x y z

Ciphertext: TTNAAPTMTSUOAODWCOIXKNLYPETZ

Same transposition can be done again to increase


security
88
Product Ciphers
Ciphers using substitutions or transpositions
are not secure because of language
characteristics
Use several ciphers in succession to make it
difficult
o two substitutions make a more complex
substitution
o two transpositions make more complex
transposition
o substitution followed by a transposition makes a
new more difficult cipher

89
Permutation/ Transposition
encryption decryption
y1 y1
x1 x1
y2 y2 x2
x2
y3 y3 x3
x3
y4 y4 x4
x4
y5 y5 x5
x5

Plaintext: springing

90
Permutation/ Transposition
encryption decryption
s y1 y1
x1 x1

p y2 y2 x2
x2
r y3 y3 x3
x3
i y4 y4 x4
x4
n y5 y5 x5
x5

Plaintext: sprin gingx


91
Permutation/ Transposition
encryption decryption
s y1 s y1
x1 x1

p y2 r y2 x2
x2
r y3 n y3 x3
x3
i y4 p y4 x4
x4
n y5 i y5 x5
x5

Plaintext: sprin gingx


Ciphertext: srnpi gnxig
92
Permutation/ Transposition
encryption decryption
y1 s y1 s
x1 x1
y2 r y2 p x2
x2
y3 y3 r
n x3
x3
i
y4 p y4 x4
x4
n
y5 i y5 x5
x5

Plaintext: sprin gingx Ciphertext: srnpi gnxig


Ciphertext: srnpi gnxig Plaintext: sprin gingx
93
Rotor cipher

Complex substitution cipher


Uses a series of cylinders, each gives one
substitution, which is rotated after each
letter was encrypted
3 cylinders have 263=17576 alphabets
n cylinders privide 26n alphabets

94
Rotor Machine Principles

95
Cryptanalysis Attacks on Encrypted Messages

96
Ciphertext only attack
E

plaintext

A
analyze B

ciphertext ciphertext ciphertext

E knows algorithm and intercepts to find ciphertext


E tries to find key and plain text
Brute-Force attack
Statistical attack
97
Pattern attack
Known Plaintext attack
plaintext ciphertext
E

plaintext Previous pair

A
analyze B

ciphertext ciphertext ciphertext

E has access to some plaintext-ciphertext pairs in


addition to intercepted ciphertext
98
Chosen-Plaintext attack
Pair created from chosen plaintext
E
plaintext ciphertext E
plaintext

A analyze B

ciphertext ciphertext ciphertext

Same as known plaintext except that the


attacker has chosen plaintext and got
corresponding ciphertext
99
Chosen-Ciphertext attack
Pair created from chosen ciphertext

E
E
plaintext ciphertext
plaintext

A
analyze B

ciphertext ciphertext ciphertext

Same as known plaintext except that the


attacker has chosen ciphertext and got
corresponding plaintext
100
Requirements of symmetric
encryption
Strong encryption algorithm

Encryption algorithm is known to all (for low cost


chip implementation)

Secret key known only to sender and receiver

Maintain secrecy of key

Provide a secure channel to distribute key

101