You are on page 1of 101

# Symmetric Ciphers

## Classical Encryption Techniques

1
Encryption Algorithms
Symmetric
o Key at the sender side is same as receiver side
o Key is called secret key
Asymmetric
o Sender and receiver have different keys, called
private keys
o Public key is derived from private key
o Public key is sent on the channel
o Hence secrecy of key is maintained

2
Simplified Model of Symmetric Encryption

3
Simplified Model of Symmetric Encryption

4
Simplified Model of Symmetric Encryption

5
Simplified Model of Symmetric Encryption

6
Some Basic Terminology
Plaintext - original message
Ciphertext - enciphered message
Cipher - algorithm for transforming plaintext to
ciphertext
Secret key - information used to encrypt and decrypt
Encipher (encryption) - convert plaintext to ciphertext
Decipher (decryption) - recover plaintext from
ciphertext
Cryptography Area of encryption schemes
Cryptanalysis (code breaking) - Methods of
deciphering ciphertext without knowledge of key
Cryptology - Field of cryptography and cryptanalysis
7
Model of Symmetric Cryptosystem
Cryptanalyst X
K

X
Message X Encryption Decryption
Destination
source Algorithm Y=E(K,X) Algorithm

Secure
channel
K

Key
source

8
Model of Symmetric Cryptosystem
Cryptanalyst X
K

X
Message X Encryption Decryption
Destination
source Algorithm Y=E(K,X) Algorithm

Secure
channel
K

Key
source

9
Model of Symmetric Cryptosystem
Cryptanalyst X
K

X
Message X Encryption Decryption
Destination
source Algorithm Y=E(K,X) Algorithm

Secure
channel
K

Key
source

10
Cryptanalysis
Try to recover key and or message
general approaches
cryptanalytic attack-
knowledge of algorithm
general characteristics of the plain text
sample plaintext-ciphertext pairs
brute-force attack-
every possible key on ciphertext to extract
plaintext
generally, half of all possible keys are required

11
Brute Force Search
try every key
proportional to key size

Key Size (bits) Number of Alternative Time required at 1 Time required at 106
Keys decryption/s decryptions/s
32 232 = 4.3 109 231 s = 35.8 minutes 2.15 milliseconds
56 256 = 7.2 1016 255 s = 1142 years 10.01 hours
128 2128 = 3.4 1038 2127 s = 5.4 1024 years 5.4 1018 years

168 2168 = 3.7 1050 2167 s = 5.9 1036 years 5.9 1030 years

26 characters 26! = 4 1026 2 1026 s = 6.4 1012 years 6.4 106 years
(permutation)

## On average, half of all possible keys must be tried to achieve success

12
Brute Force Search
try every key
proportional to key size

Key Size (bits) Number of Alternative Time required at 1 Time required at 106
Keys decryption/s decryptions/s
32 232 = 4.3 109 231 s = 35.8 minutes 2.15 milliseconds
56 256 = 7.2 1016 255 s = 1142 years 10.01 hours
128 2128 = 3.4 1038 2127 s = 5.4 1024 years 5.4 1018 years

168 2168 = 3.7 1050 2167 s = 5.9 1036 years 5.9 1030 years

26 characters 26! = 4 1026 2 1026 s = 6.4 1012 years 6.4 106 years
(permutation)

## On average, half of all possible keys must be tried to achieve success

13
Brute Force Search
try every key
proportional to key size

Key Size (bits) Number of Alternative Time required at 1 Time required at 106
Keys decryption/s decryptions/s
32 232 = 4.3 109 231 s = 35.8 minutes 2.15 milliseconds
56 256 = 7.2 1016 255 s = 1142 years 10.01 hours
128 2128 = 3.4 1038 2127 s = 5.4 1024 years 5.4 1018 years

168 2168 = 3.7 1050 2167 s = 5.9 1036 years 5.9 1030 years

26 characters 26! = 4 1026 2 1026 s = 6.4 1012 years 6.4 106 years
(permutation)

## On average, half of all possible keys must be tried to achieve success

14
Symmetric Encryption

substitution
transposition
product

15
Symmetric Encryption
Transposition cipher
o Arrangement of bits without changing the value
o For n bit cipher n! rearrangements are possible
o Required number of key bits = ceil(log2(n!))
o For n=3, n!=6 and key size is = 3
o For 6 possible transpositions we are using 3 bit key
o Therefore out of 8 possible keys only 6 are used
Substitution cipher
o Substitutes the bits with another bits
o Number of possible substitutions is 2n
o Number of possible substitution arrangements is 2n!
o Number of key bits = log2(2n!)
o For n=3, 2n! =40320 and key size is = 16
o Therefore out of 216=65536 possible keys only 40320 are used
o Lot of unused keys 16
Substitution Ciphers

## Letters of plaintext are replaced by other letters or

by numbers or symbols

## If plaintext is viewed as a sequence of bits, then

substitution involves replacing plaintext bit patterns
with ciphertext bit patterns

17
Types of Substitution Cipher
o Caesar
o Playfair
o Hill
o Vigenere
o Vernam

18
Caesar Cipher
Replaces each letter by 3rd letter after the current letter
in sequence
Define transformation as:
Plaintext: a b c d e f g h i j k l m n o p q r s t u v w x y z
Ciphertext: D E F G H I J K L M N O P Q R S T U V W X Y Z A
BC
example:
Plain: caesar cipher
Cipher: FDHVDU FLSKHU

19
Caesar Cipher
Mathematically each letter is given a number
a b c d e f g h i j k l m n o p q r s t u v w x y z

0 1 2 3 4 5 6 7 8 9 10 11 12 1 1 1 1 1 1 1 2 2 2 2 2 2
3 4 5 6 7 8 9 0 1 2 3 4 5

## General Caesar cipher is

c = E(k, p) = (p + k) mod (26)
p = D(k, c) = (c k) mod (26)
Example
Plaintext: Encrypt message
Key: 3, ignore spaces
Ciphertext: HQFUBSWPHVVDJH
20
a b c d e f g h i j k l m n o p q r s t u v w x y z

0 1 2 3 4 5 6 7 8 9 10 11 12 1 1 1 1 1 1 1 2 2 2 2 2 2
3 4 5 6 7 8 9 0 1 2 3 4 5

## Key can be any number between 0 and 25

Plaintext: Home
Key : 6
Home = {7, 14, 12, 4}
(P + k) mod 26 = {7, 14, 12, 4} + 6
= {13, 20, 18, 10}
Ciphertext
= NUSK
21

Not secure
Algorithm is known
26 possible ciphers

## brute force search

eg. break ciphertext: GCUAVQDTGCM
o Key = 1
o plain text: FBTZUPCSFBL
o Key = 2
o Plaintext: EASYTOBREAK

22
Multiplicative Ciphers
C= (P K) mod 26
P = (C K-1) mod 26
P= home, K = 7
C= (7x7)mod 26, (14x7)mod26, (12x7)mod26 ,
(4x7) mod26
= 23, 20, 6, 2
= XUGC

23
Affine Cipher
C = ((P x k1) + k2 ) mod 26
P = ((C- k2) x k1-1 ) mod 26

24
Affine Cipher

## Additive, multiplicative and affine ciphers have

small key domains.
This is because each alphabet altered by a key of
length one
Hence key is 26 letters long
Therefore vulnerable to brute-force attack
To reduce vulnerability, shuffle plaintext using a key
of length 26

25
Monoalphabetic substitution Cipher

Key table
a b c d e f g h i j k l m n o p q r s t u v w x y z

N O A T R B E C F U X D Q G Y L K H V I J M P Z S W

Example
Plain : wish
Cipher: PFVC
A total of 26! = 4 x 1026 possible keys for monoalphabetic
General Caesar has 26 possible keys
Therefore security of monoalphabetic is better than

26
Monoalphabetic Cipher Security
It is not completely secure
Statistical attack based on the frequency of characters
can be used
If cryptanalyst knows language, regularities in language
and nature of plain text
Then it is possible to predict plaintext
Each letter is encrypted to the same letter even if that
letter repeats in the plaintext
Ex: Therefore ICRHRBYHR
Frequency of e is 3 in plaintext and R is 3 in ciphertext
Monoalphabetic cipher does not change the frequency
of characters in ciphertext
Therefore vulnerable to statistical attack
27
English Letter Frequencies

28
Language Redundancy and
Cryptanalysis

## In English, e is the most common letter

followed by t, r, n, l, o, a, s
Other letters like Z,J,K,Q,X are fairly rare
Table double & triple letter frequencies for
various languages can also be used

29
Letter frequency for Cryptanalysis
a b c d e f g h i j k l m n o p q r s t u v w x y z

N O A T R B E C F U X D Q G Y L K H V I J M P Z S W

## Ex: plaintext: considerthisexample

ciphertext: AYGVFTRHICFVRZNQLR
e occurs max (3) times in plaintext
R occurs max (3) times in ciphertext
Similarly number of occurrences for other letters is
same
Calculate letter frequencies for ciphertext
Compare frequencies against known values

30
Example Cryptanalysis
given ciphertext:
UZQSOVUOHXMOPVGPOZPEVSGZWSZOPFPESXUDBMETSXAIZ
VUEPHZHMDZSHZOWSFPAPPDTSVPQUZWYMXUZUHSX
EPYEPOPDZSZUFPOMBZWPFUPZHMDJUDTMOHMQ
count relative letter frequencies
P & Z are e and t
ZW is th and hence ZWP is the
proceeding with trial and error finally get
it was disclosed yesterday that several informal but
direct contacts have been made with political
representatives of the viet cong in moscow

31
Ciphertext only
Apply Bruteforce method
Do a frequency count for letters like, e, t
Known plaintext
If one plaintext letter and corresponding
ciphertext then key can be deduced
Ex: t (=19) D(=3) then
k=(3-19) mod 26= -16=10
Chosen plaintext
ciphertext gives the key for the chosen plaintext
Chosen ciphertext
plaintext gives the key for the chosen ciphertext
Therefore large number of keys in a monoalphabetic
cipher do not provide security 32
Playfair Cipher

Monoalphabetic cipher
Encrypt multiple (two) letters called digram at once
Provides better security

33
Playfair Key Matrix
Keyword is MONARCHY

M O N A R
C H Y

34
Playfair Key Matrix
Keyword is MONARCHY

M O N A R
C H Y B

35
Playfair Key Matrix
Keyword is MONARCHY

M O N A R
C H Y B D

36
Playfair Key Matrix
Keyword is MONARCHY

M O N A R
C H Y B D
E F G I/J K
L P Q S T
U V W X Z

Plaintext: unit
Ciphertext: WMKS

37
Playfair Encryption
Plaintext is encrypted two letters at a time
If plaintext has odd number of characters then
add a filler, x at the end
If a pair has repeated letters, insert filler like 'X
symmetric sy mx me tr ic
Encryption
o If both letters fall in the same row, replace each
with letter to right (wrapping back to start from
end)
o if both letters fall in the same column, replace
each with the letter below it (wrapping to top
from bottom)
o otherwise each letter is replaced by the letter in
the same row and in the column of the other
letter of the pair
38
Playfair Cipher
Keyword is MONARCHY
Plaintext is HOUSE

M O N A R
C H Y B D
E F G I/J K
L P Q S T
U V W X Z

Plaintext: HO US EX
Ciphertext: FH XL IU
39
Playfair Cipher
Keyword: playfair
Key: playfir
Plaintext: meet at the school

P L A Y F
I R B C D
E G H K M
N O Q S T
U V W X Z

Plaintext: ME ET AT TH ES CH OX OL
Ciphertext: EG MN FQ QM KN BK SV VR
40
Security of Playfair Cipher

## Brute-force is very difficult

Ciphertext only attack is possible
Security is better than monoalphabetic
Key domain is 25!
Has 26 x 26 = 676 digrams
would need a 676 entry frequency table to
analyse (verses 26 for a monoalphabetic)
Frequency of digrams can be used to deduce
the key
Can be broken, given a few hundred letters

41
Hill Cipher

p is plaintext matrix
c is ciphertext matrix
k is key matrix
c =p x k mod 26
p = c x k-1 mod 26

42
Modulo Arithmetic, 26

(3+24)mod 26
= 27 mod 26=1
(14-20)mod 26
=(-6)mod26=20
If (a*b) mod 26=1 then a and b are
multiplicative inverse of each other
Multiplicative inverse: 3*9=27 mod 26=1
3 and 9 are multiplicative inverse of each
other
43
Multiplicative Inverse for Modulo 26

## number Multiplicativ number Multiplicativ

e inverse e inverse
1 1
3

44
Multiplicative Inverse for Modulo 26

## number Multiplicativ number Multiplicativ

e inverse e inverse
1 1
3 9

45
Multiplicative Inverse for Modulo 26

## number Multiplicativ number Multiplicativ

e inverse e inverse
1 1
3 9
5
7
9
11

46
Multiplicative Inverse for Modulo 26

## number Multiplicativ number Multiplicativ

e inverse e inverse
1 1
3 9
5 21
7
9
11

47
Multiplicative Inverse for Modulo 26

## number Multiplicativ number Multiplicativ

e inverse e inverse
1 1
3 9
5 21
7 15
9
11

48
Multiplicative Inverse for Modulo 26

## number Multiplicativ number Multiplicativ

e inverse e inverse
1 1
3 9
5 21
7 15
9 3
11 19

49
Multiplicative Inverse for Modulo 26

## number Multiplicativ number Multiplicativ

e inverse e inverse
1 1 15 7
3 9 17 23
5 21 19 11
7 15 21 5
9 3 23 17
11 19

## Not all the number have multiplicative inverses

50
Hill Cipher
Each letter of plaintext is assigned a numerical
value, a=0, b=1, z=25

11 12 13
k = 21 22 23
31 32 33

## p = {p1 p2 p3}, c = {c1 c2 c3}

51
Hill Cipher

11 12 13
1 2 3 = (1 2 3 ) 21 22 23 mod 26
31 32 33
c1 = (k11p1 + k21p2 + k31p3) mod 26
c2 = (k12p1 + k22p2 + k32p3) mod 26
c3 = (k31p1 + k32p2 + k33p3) mod 26

c=p x k mod 26

52
Example Hill Cipher
Plaintext: paymoremoney
= pay mor emo ney

17 17 5
K= 21 18 21
2 2 19

abcdefghij k l m n o p q r s t u v w x y z
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25

{pay} {15,0,24},

c=p k mod 26

53
Ciphertext

17 17 5
= (15 0 24) 21 18 21 mod 26
2 2 19

## c = (303 303 531) mod 26

= (17 17 11)
= RRL
paymoremoneyRRLMWBKASPDH

54
Example Hill Cipher
Plaintext: abc

1 2 3
K= 4 5 6
11 9 8

abcdefghij k l m n o p q r s t u v w x y z
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25

{abc} {0,1,2},

c=p x k mod 26

55
Ciphertext

1 2 3
= (0 1 2) 4 5 6 mod 26
11 9 8

c = (0 23 22) mod 26
= AXW

56
Example Hill Cipher contd.

## Larger matrix hides more frequency information

57
Inverse of A mod 26
5 8
A=
17 3
5 8
det =(5x3)-(8x17)= -121 mod 26
17 3
=(-121)+(5x26)=9
(1/9) mod 26=3
3 17 T 3 8 9 24
A-1 mod 26=3 =3 =
8 5 17 5 51 15
9 2
=
1 15

58
Determinant of Matrix
11 12
For A= 22 , det(A) = a11a22 a21a12
21

11 12 13
For A= 21 22 23
31 32 33

## det(A) = a11a22 a33 a11a23a32 - a21a12 a33+ a21a13a32

a31a12 a23 a31a22a13

59
Inverse of Matrix
2 4 3
For k= 6 1 5
2 1 3
Det(k) = 2(3-5)-6(12-3)-2(20-3)= -92
If A has nonzero determinant then A has
inverse, k-1
Inv(k) =BT
Bi,j = cofi,j(k)/det(A)
b23 = -[(2x1)-(4x(-2))]/-92=10/92

60
Inverse of Matrix contd..
2 4 3
For k = 6 1 5
2 1 3
b11 =[(1x3)-(5x1)]/-92=2/92
b23 = -[(2x1)-(4x(-2))]/-92=10/92
2 9 17
B = (1/92) 28 12 8
8 10 22
2 28 8
Inv(k) =BT =(1/92) 9 12 10
17 8 22

61
Hill Cipher: example
Plaintext: CAT, C=2, A=0, T=19
Key, k
6 24 1
k= 13 16 10 ,
20 17 15

p=[2 0 19]

## c=p x k= [392 371 287] mod 26=[2 7 1]

Ciphertext=CHB

62
Decipher text
Compute k-1
8 5 10
k-1= 21 8 21
21 12 8
8 5 10
c x k-1= [2 7 1] 21 8 21 mod 26
21 12 8
= [184 78 175] mod 26
= [2 0 19]
Alternative, c=pT x k
p = k x cT

63
Cryptanalyst for Hill Cipher

## Brute-force is extremely difficult

Statistical analysis based on the frequency on single
letter, digrams, trigrams is also not possible
Known plaintext attack is possible.
E must know size of key, m and m pairs of plaintext
and ciphertext
Assume length of plaintext and ciphertext is m

64
Cryptanalyst for Hill Cipher

## ll RZ i.e. (11 11)K mod 26 = (17 25)

65
Cryptanalysis example
Y = Xk mod 26
7 2 7 8
= 26
17 25 11 11
k=X-1Y
1
7 8 25 22
1 = =
11 11 1 23

25 22 7 2
k=
1 23 17 25 If X is not invertible
= 26 plaintext-ciphertext
398 577
3 2 pair
=
8 5 66
Polyalphabetic Ciphers
For monoalphabetic cipher each letter is encrypted to
the same letter for every occurrence of the plaintext
letter
For example letter between dgvyggp
For polyalphabetic, each occurrence of a character
may have a different substitute
The relationship between a character in the plaintext to
a character in the cipher text is one to many
For example a can be enciphered to D in the
beginning and to F later
Therefore frequency of a is hidden in the cipher
Therefore statistical attack based on frequency can not
be used
For polyalphabetic, each ciphertext character is
dependent on the plaintext letter and its position

67
Vigenre Cipher
Plaintext, p=p0, p1,,pn-1
Key, k = k0, k1, ..., km-1 (m<n)
Ciphertext, c=c0,c1, , cn-1
=(p0+ k0)mod 26 , (p1+ k1)mod 26+
Ci=(pi+ki)mod 26
Plaintext: poly 15 14 12 24
Key: beam 1 4 0 13
Ciphertext: QSLK 16 18 12 11
Decryption works in reverse
Ci=(pi-ki)mod 26

68
Example of Vigenre Cipher

## use each key letter as a additive cipher key

eg keyword: deceptive
o plaintext: we are discovered save yourself

o plaintext: wearediscoveredsaveyourself

o key: deceptivedeceptivedeceptive

69
Example of Vigenre Cipher
key d e c e p t i v e
k
plain w e a r e d i s c o v e r e
p
c
cipher

key
k
plain d s a v e y o u r s e l f
p
c
cipher

70
Example of Vigenre Cipher
key d e c e p t i v e d e c e p
k
plain w e a r e d i s c o v e r e
p
c
cipher

key t i v e d e c e p t i v e
k
plain d s a v e y o u r s e l f
p
c
cipher

71
Example of Vigenre Cipher
key d e c e p t i v e d e c e p
k 3 4 2 4 15 19 8 21 4 3 4 2 4 15
plain w e a r e d i s c o v e r e
p 22 4 0 17 4 3 8 18 2 14 21 4 17 4
c
cipher

key t i v e d e c e p t i v e
k 19 8 21 4 3 4 2 4 15 19 8 21 4
plain d s a v e y o u r s e l f
p 3 18 0 21 4 24 14 20 17 18 4 11 5
c
cipher

72
Example of Vigenre Cipher
key d e c e p t i v e d e c e p
k 3 4 2 4 15 19 8 21 4 3 4 2 4 15
plain w e a r e d i s c o v e r e
p 22 4 0 17 4 3 8 18 2 14 21 4 17 4
c 25 8 2 21 19 22 16 13 6 17 25 6 21 19
cipher Z I C V T W Q N G R Z G V T

key t i v e d e c e p t i v e
k 19 8 21 4 3 4 2 4 15 19 8 21 4
plain d s a v e y o u r s e l f
p 3 18 0 21 4 24 14 20 17 18 4 11 5
c 22 0 21 25 7 2 16 24 6 11 12 6 9
cipher W A V Z H C Q Y G L M G J

ciphertext:ZICVTWQNGRZGVTWAVZHCQYGLMGJ
73
Security of Vigenre Ciphers
Key length is 9
Therefore, letters at 1,10,19,28, are shifted by same
number
o key: deceptivedeceptivedeceptive
o plaintext: wearediscoveredsaveyourself

## If two identical sequences of plaintext occur at integer

multiple of keyword length then they generate identical
cipher text.
Ex: red is repeated after 9 characters
o key: dec ept ivedec ept ive deceptive
o plaintext: wea red iscove red saveyourself
o Ciphertext: ... VTWVTW.
If message is long then there can be many repetitive
characters

74
Autokey Cipher
keyword is concatenated with plaintext
eg. given key deceptive
plaintext: wearediscoveredsaveyourself
key: deceptivewearediscoveredsav
ciphertext: ZICVTWQNGKZEIIGASXSTSLVVWLA
Keyword and plaintext have same
frequency distribution
Statistical techniques can be used

75
Vernam Cipher

## Works on binary data

ci = pi + ki, where + is XOR operation
Decryption is pi = ci + ki
Length of key = length of plaintext
relationship to plaintext
Disadvantage: Uses a very long but
eventually repeating key

76
Use one key for one message
If a random key is used for each message
then cipher is secure
If two identical sequences of plaintext occur
at integer multiple of keyword length then
they generate identical cipher text.
relationship to the plaintext
Limitation: generation & safe distribution of
key

77
cipher
Key is a stream of random numbers between 0 and
26
Plaintext letters shift by key numbers
Ex: a) plaintext: sendmoremoney
key: 9 0 1 7 23 15 21 14 11 11 2 8 9
B) Determine key so that ciphertext decrypts to
plaintext cashnotneeded

78
Example: vigenere

plain s e n d m o r e m o n e y

Plain
number
key 9 0 1 7 23 15 21 14 11 11 2 8 9

Cipher
number
cipher

79
Example: vigenere

plain s e n d m o r e m o n e y

Plain 18 4 13 3 12 14 17 4 12 14 13 4 24
number
key 9 0 1 7 23 15 21 14 11 11 2 8 9

Cipher
number
cipher

80
Example: vigenere

plain s e n d m o r e m o n e y

Plain 18 4 13 3 12 14 17 4 12 14 13 4 24
number
key 9 0 1 7 23 15 21 14 11 11 2 8 9

Cipher 1 4 14 10 9 3 12 18 23 25 15 12 7
number
cipher

81
Example: vigenere

plain s e n d m o r e m o n e y

Plain 18 4 13 3 12 14 17 4 12 14 13 4 24
number
key 9 0 1 7 23 15 21 14 11 11 2 8 9

Cipher 1 4 14 10 9 3 12 18 23 25 15 12 7
number
cipher B E O K J D M S X Z P M H

82
Example: find key to decipher

Plain C a s h n o t n e e d e d

Plain 2 0 18 7 13 14 19 13 4 4 3 4 3
number
key

Cipher 1 4 14 10 9 3 12 18 23 25 15 12 7
number
cipher B E O K J D M S X Z P M H

83
Example: find key to decipher

Plain C a s h n o t n e e d e d

Plain 2 0 18 7 13 14 19 13 4 4 3 4 3
number
key

## Cipher 1= 4 14= 10 9= 3= 12= 18 23 25 15 12 7

number 27 40 35 29 38
cipher B E C K J D M S X Z P M H

84
Example: find key to decipher

Plain C a s h n o t n e e d e d

Plain 2 0 18 7 13 14 19 13 4 4 3 4 3
number
key 25 4 22 3 22 15 19 5 19 21 12 8 4

## Cipher 1= 4 14= 10 9= 3= 12= 18 23 25 15 12 7

number 27 40 35 29 38
cipher B E C K J D M S X Z P M H

85
Transposition Ciphers

## Also called permutation ciphers

Hide message by rearranging the letter
order without altering the actual letters used
Can recognise these since have the same
frequency distribution as the original text

86
Rail Fence cipher
Message letters are written diagonally over a
number of rows
Ciphertext is read off row by row
eg. plaintext: rail fence cipher
r i f n e i h r
a l e c c p e
Ciphertext:
RIFNEIHRALECCPE

87
Row Transposition Ciphers
Message is arranged in 2-D array
Reorder the columns according to some key before
Plaintext: attack postponed until two am

Key: 4 3 1 2 5 6 7

Matrix : a t t a c k p
o s t p o n e
d u n t i l t
w o a m x y z

Ciphertext: TTNAAPTMTSUOAODWCOIXKNLYPETZ

## Same transposition can be done again to increase

security
88
Product Ciphers
Ciphers using substitutions or transpositions
are not secure because of language
characteristics
Use several ciphers in succession to make it
difficult
o two substitutions make a more complex
substitution
o two transpositions make more complex
transposition
o substitution followed by a transposition makes a
new more difficult cipher

89
Permutation/ Transposition
encryption decryption
y1 y1
x1 x1
y2 y2 x2
x2
y3 y3 x3
x3
y4 y4 x4
x4
y5 y5 x5
x5

Plaintext: springing

90
Permutation/ Transposition
encryption decryption
s y1 y1
x1 x1

p y2 y2 x2
x2
r y3 y3 x3
x3
i y4 y4 x4
x4
n y5 y5 x5
x5

## Plaintext: sprin gingx

91
Permutation/ Transposition
encryption decryption
s y1 s y1
x1 x1

p y2 r y2 x2
x2
r y3 n y3 x3
x3
i y4 p y4 x4
x4
n y5 i y5 x5
x5

## Plaintext: sprin gingx

Ciphertext: srnpi gnxig
92
Permutation/ Transposition
encryption decryption
y1 s y1 s
x1 x1
y2 r y2 p x2
x2
y3 y3 r
n x3
x3
i
y4 p y4 x4
x4
n
y5 i y5 x5
x5

## Plaintext: sprin gingx Ciphertext: srnpi gnxig

Ciphertext: srnpi gnxig Plaintext: sprin gingx
93
Rotor cipher

## Complex substitution cipher

Uses a series of cylinders, each gives one
substitution, which is rotated after each
letter was encrypted
3 cylinders have 263=17576 alphabets
n cylinders privide 26n alphabets

94
Rotor Machine Principles

95
Cryptanalysis Attacks on Encrypted Messages

96
Ciphertext only attack
E

plaintext

A
analyze B

## E knows algorithm and intercepts to find ciphertext

E tries to find key and plain text
Brute-Force attack
Statistical attack
97
Pattern attack
Known Plaintext attack
plaintext ciphertext
E

A
analyze B

## ciphertext ciphertext ciphertext

98
Chosen-Plaintext attack
Pair created from chosen plaintext
E
plaintext ciphertext E
plaintext

A analyze B

## Same as known plaintext except that the

attacker has chosen plaintext and got
corresponding ciphertext
99
Chosen-Ciphertext attack
Pair created from chosen ciphertext

E
E
plaintext ciphertext
plaintext

A
analyze B

## Same as known plaintext except that the

attacker has chosen ciphertext and got
corresponding plaintext
100
Requirements of symmetric
encryption
Strong encryption algorithm

## Encryption algorithm is known to all (for low cost

chip implementation)

101