Classical Cryptographic Techniques,

Feistel Cipher Structure

Adri Jovin J J, M.Tech., Ph.D.

UITC203 CRYPTOGRAPHY AND NETWORK SECURITY

Symmetric Cipher Model

Plaintext
the original intelligible message or data that is fed into the algorithm as input.

Encryption algorithm
performs various substitutions and transformations on the plaintext

Secret key
a value independent of the plaintext and of the algorithm which helps the algorithm to produce a different output depending on the
one being used at the time

Ciphertext
the scrambled message produced as output

Decryption algorithm
essentially the encryption algorithm run in reverse

UITC203 CRYPTOGRAPHY AND NETWORK SECURITY 2

A question….

Why most cryptographic algorithms are open to the public?

Advantages:
• Easier to keep a secret key than a secret algorithm
The reason is:
• Easier to change the key than the algorithm
Kerckhoff’s Principle • Standardization

Encryption Scheme is not secret • Ease of deployment

- The only secret is the key • Public validation

- The key must be chosen at random and kept secret

UITC203 CRYPTOGRAPHY AND NETWORK SECURITY 3

Cryptography

Cryptographic systems are characterized along three independent dimensions:

1. The type of operations used for transforming plaintext to ciphertext

2. The number of keys used

3. The way in which the plaintext is processed

UITC203 CRYPTOGRAPHY AND NETWORK SECURITY 4

Cryptanalysis

Cryptanalysis Brute-force attack

Rely on the nature of the algorithm plus Attacker tries every possible key on a piece of
perhaps some knowledge of the general ciphertext until an intelligible translation into
characteristics of the plaintext or even some plaintext is obtained
sample plaintext-ciphertext pairs
Type of attack Known to cryptanalyst Type of attack Known to cryptanalyst

Ciphertext Only • Encryption algorithm Chosen Ciphertext • Encryption algorithm

• Ciphertext • Ciphertext
• Ciphertext chosen by cryptanalyst, together with its
Known Plaintext • Encryption algorithm corresponding decrypted plaintext generated with the secret
• Ciphertext key
• One or more plaintext–ciphertext pairs formed with the
secret key Chosen Text • Encryption algorithm
• Ciphertext
Chosen Plaintext • Encryption algorithm • Plaintext message chosen by cryptanalyst, together with its
• Ciphertext corresponding ciphertext generated with the secret key
• Plaintext message chosen by cryptanalyst, together with • Ciphertext chosen by cryptanalyst, together with its
its corresponding ciphertext generated with the secret key corresponding decrypted plaintext generated with the secret
key
UITC203 CRYPTOGRAPHY AND NETWORK SECURITY 5
Average Time Required for Exhaustive Key Search

Key size (bits) Number of alternative keys Time required at 1 decryption/ms Time required at 106
decryption/ms

32 232 = 4.3 x 109 231 ms = 35.8 minutes 2.15 milliseconds

56 256 = 7.2 x 1016 255 ms = 1142 years 10.01 hours
128 2128 = 3.4 x 1038 2127 ms = 5.4 x 1024 years 5.4 x 1018 years
168 2168 = 3.7 x 1050 2167 ms = 5.9 x 1036 years 5.9 x 1030 years
26 characters 26! = 4 x 1026 2 x 1026 ms = 6.4 x 1012 years 6.4 x 106 years
(permutation)

UITC203 CRYPTOGRAPHY AND NETWORK SECURITY 6

Caesar Cipher

plain: meet me after the toga party

cipher: PHHW PH DIWHU WKH WRJD SDUWB

a b c d e f g h i j k l m
0 1 2 3 4 5 6 7 8 9 10 11 12
C = E(3, p) = (p + 3) mod 26
n o p q r s t u v w x y z
13 14 15 16 17 18 19 20 21 22 23 24 25
Generalised as:

C = E(k, p) = (p + k) mod 26

c
helloworld jgnnqyqtnfb
Decryption: p = D(k, C) = (C - k) mod 26

UITC203 CRYPTOGRAPHY AND NETWORK SECURITY 7

Brute-Force Cryptanalysis of Caesar Cipher

UITC203 CRYPTOGRAPHY AND NETWORK SECURITY 8

Playfair Cipher

1. Repeating plaintext letters that are in the same pair are separated with a filler letter, such as x,

so that balloon would be treated as ba lx lo on.

2. Two plaintext letters that fall in the same row of the matrix are each replaced by the letter to

the right, with the first element of the row circularly following the last. For example, ar is

encrypted as RM.

3. Two plaintext letters that fall in the same column are each replaced by the letter beneath, with

the top element of the column circularly following the last. For example, mu is encrypted as

CM.

4. Otherwise, each plaintext letter in a pair is replaced by the letter that lies in its own row and

the column occupied by the other plaintext letter. Thus, hs becomes BP and ea becomes IM

(or JM, as the encipherer wishes). UITC203 CRYPTOGRAPHY AND NETWORK SECURITY 9
Hill Cipher

 k11 k12 k13 

 
 c1 c2 c3    p1 p2 p 3   k 21 k 22 k 23  mod 26
k k 32 k 33 
 31

C = KP mod 26
P = K-1C mod 26

UITC203 CRYPTOGRAPHY AND NETWORK SECURITY 10

An example

 Plain text=‘pay more money’  

UITC203 CRYPTOGRAPHY AND NETWORK SECURITY 11

Vigenère Cipher

• Poly-alphabetic

• A set of related monoalphabetic substitution rules is used.

• A key determines which particular rule is chosen for a given transformation.

Key : deceptivedeceptivedeceptive

Plaintext : wearediscoveredsaveyourself

Ciphertext : ZICVTWQNGRZGVTWAVZHCQYGLMGJ

UITC203 CRYPTOGRAPHY AND NETWORK SECURITY 12

The Modern Vigenère Tableau

Image Source:
https://pages.mtu.edu/~shen
e/NSF-4/Tutorial/VIG/Vig-
Base.html
UITC203 CRYPTOGRAPHY AND NETWORK SECURITY 13
ASCII Table

UITC203 CRYPTOGRAPHY AND NETWORK SECURITY 14

ASCII-based solution

Plain-text: Hello! 0X48 XOR 0xA1

Key: 0xA1 2F 0100 1000 XOR 1010 0001

Plain-text XOR Key = 1110 1001

Hello! – 0x48 65 6C 6C 6F 21 = 0xE9

XOR 0xA1 2F A1 2F A1 2F On following the similar procedure we obtain the cipher text as

0xE9 4A CD 43 CE 0E

UITC203 CRYPTOGRAPHY AND NETWORK SECURITY 15

Secure Encryption

Regardless of any prior information, the attacker has about the plaintext, the ciphertext should leak no additional
information about the plaintext.

UITC203 CRYPTOGRAPHY AND NETWORK SECURITY 16

One-Time Pad

Ciphertext : ANKYODKYUREPFJBYOJDSPLREYIUNOFDOIUERFPLUYTS

Key : pxlmvmsydofuyrvzwc tnlebnecvgdupahfzzlmnyih

Plaintext : mr mustard with the candlestick in the hall

Ciphertext : ANKYODKYUREPFJBYOJDSPLREYIUNOFDOIUERFPLUYTS

Key : mfugpmiydgaxgoufhklllmhsqdqogtewbqfgyovuhwt

Plaintext : miss scarlet with the knife in the library

UITC203 CRYPTOGRAPHY AND NETWORK SECURITY 17

One-Time Pad (Contd…)

In theory, we need look no further for a cipher. The one-time pad offers complete security but, in practice, has two
fundamental difficulties:

1. There is the practical problem of making large quantities of random keys. Supplying truly random characters in this
volume is a significant task.

2. The problem of key distribution and protection. For every message to be sent, a key of equal length is needed by
both sender and receiver.

UITC203 CRYPTOGRAPHY AND NETWORK SECURITY 18

Transposition Techniques

Rail-fence Cipher

Plain-text : meet me after the toga party

Key : 2

m  e   m  a   t   r   h   t   g   p   r   y
  e   t   e   f   e   t   e   o   a   a   t  

UITC203 CRYPTOGRAPHY AND NETWORK SECURITY 19

Steganography

• Character marking

• Invisible ink

• Pin punctures

Image Source: https://www.pinterest.com/pin/305259680973137511/

• Typewriter correction ribbon

Image Source: https://www.pinterest.co.uk/pin/600667669026142225/

UITC203 CRYPTOGRAPHY AND NETWORK SECURITY 20

Traditional Block Ciphers

Stream Cipher
• Encrypts a digital data stream one bit or one byte at a time
• Example: Vigenère cipher, Vernam Cipher
Block Cipher
• A block of plaintext is treated as a whole and used to produce a ciphertext block of equal length
• Example: Data Encryption Standard

UITC203 CRYPTOGRAPHY AND NETWORK SECURITY 21

Feistel Cipher

• Proposed by Feistel
• Execution of two or more ciphers in a sequence in such a way that the result or product is cryptographically stronger
• Use of cipher that alternates substitutions and permutations
• Practical application of a proposal by Claude Shannon to develop a product cipher that alternated diffusion and
confusion functions
Make
Make the
the relationship
relationship The
The statistical
statistical structure
structure
between Each
Each plaintext
plaintext element
element AA sequence
sequence of of
between thethe statistics
statistics of
of the
the plaintext
plaintext isis
of or
or group
group ofof elements
elements plaintext
plaintext elements isis
elements
of the ciphertext and
the ciphertext and dissipated
dissipated into
into long-
long-
the isis uniquely
uniquely replaced
replaced replaced
replaced by
by aa
the value of the
value of the range
range statistics of the
statistics of the
encryption by
by aa corresponding
corresponding permutation
permutation of of that
that
encryption key key as as ciphertext.
ciphertext.
complex as possible ciphertext
ciphertext element
element or
or sequence.
sequence. That is,
That is,
complex as possible
group
group of
of elements.
elements. no
no elements
elements are are
added
added or or deleted
deleted or or
replaced
replaced in
in the
the
sequence,
sequence, rather
rather the
the
order
order inin which
which the the
elements
elements appear
appear in in
the sequence
the sequence is is
changed.
changed.

UITC203 CRYPTOGRAPHY AND NETWORK SECURITY 22

Feistel Encryption and Decryption

UITC203 CRYPTOGRAPHY AND NETWORK SECURITY 23

Influencing parameters

Block size
• Larger block sizes mean greater security (Reasonable size: 64/128-bit block)
Key size
• Larger key size means greater security (Reasonable size: 64/128 bits)
Number of rounds
• Multiple rounds offer increased security
Subkey generation algorithm
• Greater complexity in this algorithm leads to greater difficulty of cryptanalysis
Round function F
• Greater complexity generally leads to greater resistance to cryptanalysis

UITC203 CRYPTOGRAPHY AND NETWORK SECURITY 24

Considerations in design

Fast software encryption/decryption

• Encryption is embedded in applications or utility functions in such a way as to preclude a hardware implementation.

Ease of analysis
• If the algorithm can be concisely and clearly explained, it is easier to analyze that algorithm for cryptanalytic
vulnerabilities and therefore develop a higher level of assurance as to its strength

UITC203 CRYPTOGRAPHY AND NETWORK SECURITY 25

References

Schneier, B. (2007). Applied cryptography: protocols, algorithms, and source code in C. John Wiley & Sons.

Stallings, W. (2014). Cryptography and network security, 6/E. Pearson Education India.

Katz, J., & Lindell, Y. (2014). Introduction to modern cryptography. CRC press.

UITC203 CRYPTOGRAPHY AND NETWORK SECURITY 26