Module 1

Introduction & Number

Theory

No. Of Hours: 10 hours Weightage: 20%

Concepts
• Security Goals, Services, Mechanisms and attacks,
• The OSI security architecture
• Network security model
• Classical Encryption techniques
• Symmetric cipher model
• mono-alphabetic and polyalphabetic
• substitution techniques
• Vigenere cipher
• Playfair cipher
• Hill cipher,
• transposition techniques
• keyed and keyless transposition ciphers
• steganography.
Concepts ……
• Modular Arithmetic and Number Theory
• Euclid's algorithm
• Prime numbers
• Fermat's and Euler's theorem
• The Chinese remainder theorem
• Discrete logarithms.
Objective and Outcome of the Module
• Objective
• To introduce classical encryption techniques and concepts of modular
arithmetic and number theory

• Outcome
• Understand system security goals and concepts, classical encryption
techniques and acquire Fundamental knowledge on the concepts of
modular arithmetic and number theory.
 What is Security
• Freedom from risk or danger; safety.
• Freedom from doubt, anxiety, or fear;
• confidence.

5
 Why do we need security?
• Protect vital information while still allowing access to those
who need it
• Trade secrets, medical records, etc.

• Provide authentication and access control for resources

• Guarantee availability of resources

6
 COMPUTER SECURITY CONCEPTS
A Definition of Computer Security

The National Institute of Standards and Technology (NIST) defines the

term computer security as follows:

 The protection afforded to an automated information system in order to attain

the applicable objectives of preserving the integrity, availability, and
confidentiality of information system resources (includes hardware, software,
firmware, information/ data, and telecommunications).
 Security Goals

Confidentiality
Authentication re
cu
Se

Integrity
Avalaibility

Non-Repudiation

8
 Confidentiality
:
• Goal: Keep the contents of communication or data on storage secret
• Example: Alice and Bob want their communications to be secret from Eve
• Example of attack threatening to confidentiality is traffic analysis
 Data confidentiality:
 Privacy

Alice Bob

9
Integrity
• Contends of the message should not be modified until it
reaches to the authorized person

• Changes need to be done only by authorized entities

and through authorized mechanisms

• Data Integrity
• System Integrity

• Example of attack threatening to integrity is

masquerading
10
Availability
• The information created and stored by an organization needs to
be available to authorized entities

• Example of attack threatening to availability is DoS

11
Authentication
• It is assurance of parties that they are authentic user in the
communication network

• Peer Authentication
• Data origin Authentication

• Example of attack threatening to authentication is

Spoofing
Non-Repudiation
• Non-repudiation is the assurance that someone cannot deny the validity of
something.
• Non-repudiation is a legal concept that is widely used in information security
and refers to a service, which provides proof of the origin of data and the
integrity of the data.
• Sender Non-Repudiation
• Receiver Non-Repudiation
BASIC TERMINOLOGY
 An original message is known as the plaintext.
 The coded message is called the ciphertext.
 The process of converting from plaintext to ciphertext is known as enciphering or
encryption.
 Restoring the plaintext from the ciphertext is deciphering or decryption.
 The many schemes used for encryption constitute the
area of study known as cryptography. Such a scheme is known as a
cryptographic system or a cipher.
 Techniques used for deciphering a message without any knowledge of the
enciphering details fall into the area of cryptanalysis. Cryptanalysis is what the
layperson calls “breaking the code.”
 The areas of cryptography and cryptanalysis together are called cryptology.
The OSI Security Architecture
 The Open System Interconnect(OSI) security architecture was designated by
the ITU-T (International Telecommunication Union - Telecommunication).
 The ITU-T decided that their standard "X.800" would be the ISO security
architecture
 It provides a systematic framework for defining
1. Security attacks

2. Security mechanisms

3. Security services
Aspects of Security
 Securityattack: Any action that compromises the security of
information owned by an organization.
 Securitymechanism: A process that is designed to detect,
prevent, or recover from a security attack.
 Securityservice: A processing or communication service that
enhances the security of the data processing systems and the
information transfers of an organization. The services are
intended to counter security attacks, and they make use of one
or more security mechanisms to provide the service.
 • Threat
a) Any circumstance or event with the potential to harm
an information system through unauthorized access,
destruction, disclosure, modification of data, and/or
denial of service. Threats arise from human actions
and natural events.
b) A potential for violation of security, which exists when
there is a circumstance, capability, action, or event
Threat and that could breaks security and cause harm. That is, a
threat is a possible danger that might exploit a
Attack vulnerability ( Susceptibility to injury or attack or
weakness).
• Attack
a) Network security attacks are unauthorized actions
against private, corporate or governmental IT assets in
order to destroy them, modify them or steal sensitive
data.
b) An violation on system security that derives from an
intelligent threat; that is, an intelligent act that is a
deliberate attempt to evade security services and
violate the security policy of a system.
Security Attacks
Security attacks are classifieds into two:

1. Passive attacks
2. Active attacks.

A passive attack attempts to learn or make use of information from the

system but does not affect system resources.
 Anactive attack attempts to alter system resources or affect their
operation.
Passive vs Active Attacks

In a passive attack, the attacker’s goal is just to obtain information. The

attack does not modify data or harm the system, and the system
continues with its normal operation.
An active attack may change the data or harm the system.
19
Difference between Passive and Active Attack

ACTIVE ATTACK PASSIVE ATTACK

Attacker needs to have physical control of the media or Attacker merely needs to observe the communication
network. in the media or network.

It can be easily detected. It cannot be easily detected.

It affects the system. It does not affect the system.

It involves a modification of data. It involves the monitoring of data.

Types of active attacks are Masquerade, session replay, Types of passive attacks are the Release of a message,
denial of service, distributed denial of service. traffic analysis.

It scans the ports and network in the search of

It does not check for loopholes or vulnerabilities. loopholes and vulnerabilities.

It is difficult to prevent network from active attack. Passive attacks can be prevented.
 Types Security Attacks
The three goals of security can be threatened by security attacks.

21
Passive Attacks
 Passive attacks are in the nature of eavesdropping on, or monitoring of, transmissions.

 The goal of the opponent is to obtain information that is being transmitted.

 Two types of passive attacks are the release of message contents and traffic analysis.

 The release of message contents is easily understood. A telephone conversation, an

electronic mail message, and a transferred file may contain sensitive or confidential
information. We would like to prevent an opponent from learning the contents of these
transmissions.
Active Attacks
 Activeattacks involve some modification of the data stream or the
creation of a false stream and can be subdivided into four categories:
masquerade, replay, modification of messages, and denial of service.
A masquerade attack is an attack that uses a fake identity, to gain
unauthorized access to personal computer information through
legitimate access identification. For example, authentication
sequences can be captured and replayed after a valid authentication
sequence has taken place, thus enabling an authorized entity with few
privileges to obtain extra privileges by impersonating an entity that
has those privileges.
 Replay involves the passive capture of a data unit and its
subsequent retransmission to produce an unauthorized effect.
 Modification of messages simply means that some portion of a valid message is altered, or that
messages are delayed or reordered, to produce an unauthorized effect.
 For example, a message meaning “Allow John Smith to read confidential file accounts” is modified to
mean “Allow Fred Brown to read confidential file accounts.”
 The denial of service prevents the normal use or management of communications
facilities.
 This attack may have a specific target; for example, an entity may suppress all messages
directed to a particular destination.
 Another form of service denial is the disruption of an entire network, either by disabling
the network or by overloading it with messages so as to degrade performance.
Services and Mechanisms

• The International Telecommunication Union-Telecommunication Standardization Section

(ITU-T) provides some security services and some mechanisms to implement those services.

• Security services and mechanisms are closely related because a mechanism or combination
of mechanisms are used to provide a service.
 Security Services
• Security service means a processing or communication service that is provided by a system
to give a specific kind of protection to system resources.

• X.800 divides Security services as shown in the following figure

Authentication
 The authentication service is concerned with assuring that a communication is authentic.

 In the case of a single message, its function of the authentication service is to assure the
recipient that the message is from the source that it claims to be from.
 In the case of an ongoing interaction, such as the connection of a terminal to a host, two
aspects are involved.
 First,
at the time of connection initiation, the service assures that the two entities are
authentic, that is, that each is the entity that it claims to be.
 Second, the service must assure that the connection is not interfered with in such a way that
a third party can masquerade as one of the two legitimate parties for the purposes of
unauthorized transmission or reception.
Authentication Services
• Two specific authentication services are defined
 Peer entity authentication
 Data origin authentication
 Peer entity authentication: Provides for the corroboration of the identity of a peer
entities involved in communication. It is used for providing authentication at the time
of connection establishment and during the process of data transmission.
 Data origin authentication: Provides for the corroboration of the
source of a data unit.
It does not provide protection against the duplication or modification of data units.
This type of service supports applications like electronic mail, where there are no
prior interactions between the communicating entities.
Access Control
The prevention of unauthorized use of a resource.

Access control is the ability to limit and control the access to host systems

and applications via communications links.

To achieve this, each entity trying to gain access must first be
identified, or authenticated, so that access rights can be tailored to the
individual.
Data Confidentiality
 Confidentiality is the protection of transmitted data from passive attacks.

 The protection of data from unauthorized disclosure.

• Types of confidentiality:
 Connection Confidentiality: The protection of all user data on a connection.

 Connectionless Confidentiality: The protection of all user data in a single data block
 Selective-Field Confidentiality: The confidentiality of selected fields within the user data
on a connection or in a single data block.
 Traffic-Flow Confidentiality:The protection of the information that might be
derived from observation of traffic flows.
Data Integrity
 The assurance that data received are exactly as sent by an authorized entity (i.e., contain no
modification, insertion, deletion, or replay).
• Types of integrity
 Connection Integrity with Recovery: Provides for the integrity of all user data on a connection and
detects any modification, insertion, deletion, or replay of any data within an entire data sequence, with
recovery attempted.
 Connection Integrity without Recovery As above, but provides only detection without recovery.
 Selective-Field Connection Integrity Provides for the integrity of selected fields within the user data of
a data block transferred over a connection and takes the form of determination of whether the selected
fields have been modified, inserted, deleted, or replayed.
Data Integrity……

Connectionless Integrity Provides for the integrity of a single

connectionless data block and may take the form of detection of data
modification. Additionally, a limited form of replay detection may be
provided.
Selective-Field Connectionless Integrity Provides for the integrity of
selected fields within a single connectionless data block; takes the form
of determination of whether the selected fields have been modified.
Non-Repudiation

It is assurance that someone cannot deny something. It is a method of

guaranteeing message transmission between parties.
Provides protection against denial by one of the entities involved in a
communication of having participated in all or part of the communication.
Nonrepudiation, Origin :Proof that the message was sent by the specified
party.
Nonrepudiation, Destination: Proof that the message was received by the
specified party.
Availability

• Availability is the method with assure the information and

communications will be ready for use when excepted.

• Information is kept available to authorized persons when they need it.

• The availability can be significantly affected by a variety of attacks
which are susceptible to authentication, encryption etc., whereas some
attacks require physical action for preventing and recovering from the
loss of availability
Examples of Security Requirements
 Confidentiality – student grades
 Integrity – patient information
 Availability – authentication service
 Authenticity – admission ticket
 Non-Repudiation – stock sell order
Specific Security Mechanisms
• These mechanisms are incorporated into the appropriate protocol layer in order to
provide some of the OSI security services.
• Encipherment:It refers to the process of applying mathematical algorithms to
transform data into a form that is not readily intelligible. The transformation and
subsequent recovery of the data depend on an algorithm and encryption keys.
Data appended to, or a cryptographic transformation of, a data unit
• Digital Signature:
must preserve the integrity of the data and prevents if from any unauthorized
access.
• Access Control: A variety of mechanisms that enforce access rights to
resources.
Specific Security Mechanisms ……
 Data Integrity: A variety of mechanisms used to assure the integrity of a data unit or stream of data units.
 Authentication Exchange: A mechanism intended to ensure the identity of an entity by means of
information exchange.
 Traffic Padding: The insertion of bits into gaps in a data stream to frustrate traffic analysis attempts.
 Routing Control: Enables selection of particular physically secure routes for certain data and allows routing
changes, especially when a breach of security is suspected.
 Notarization: The use of a trusted third party to assure certain properties of a data exchange.
Security Mechanism
Hiding or covering data

Appends to data a short check value

Sender signs data, receiver verifies data

Two entities exchange msg to prove their identity

to each other
Insert bogus data into the data traffic to thwart
traffic analysis
Continuously change routes b/w sender and
receiver to prevent eavesddropping
A third trusted party controls communication

Prove and verify that a user has access right to

resources
Relation between Services and Mechanisms
Steganography
• Steganography is the art and science of hiding information into covert
channels to conceal the information and prevent the detection of the hidden
message.
• Today, steganography refers to hiding information in digital picture files and
audio files.
• Hide a message by using the least significant bits of frames on a CD
• Kodak photo CD format’s maximum resolution is 2048 by 3072 pixels, with each pixel
containing 24 bits of RGB color information.
• The least significant bit of each 240bit pixel can be changed without greatly affecting the
quality of the image.
• Drawbacks:
• Overhead
• Worthless once discovered (encryption)
 The image in which we want to hide another image The image we wish to hide: ‘F15’

The stego-image (i.e., after the hiding process) The image extracted from the stego-image
Classical Encryption
Techniques
Some Basic Terminology
 An original message is known as the plaintext.
 The coded message is called the ciphertext.

 The process of converting from plaintext to ciphertext is known as enciphering or

encryption.
 Restoring the plaintext from the ciphertext is deciphering or decryption.
 The many schemes used for encryption constitute the
area of study known as cryptography. Such a scheme is known as a
cryptographic system or a cipher.
 Techniques used for deciphering a message without any knowledge of the enciphering
details fall into the area of cryptanalysis. Cryptanalysis is what the layperson calls “breaking
the code.”
 The areas of cryptography and cryptanalysis together are called cryptology.
Symmetric Cipher Model
 Symmetric encryption, also referred to as conventional encryption or single-key encryption

• A symmetric encryption scheme has five ingredients.

 Plaintext: This is the original intelligible message or data that is fed into the algorithm as input.

 Encryption algorithm: The encryption algorithm performs various substitutions and transformations on the plaintext.

 Secret key: The secret key is also input to the encryption algorithm. The key is a value independent of the plaintext
and of the algorithm. The algorithm will produce a different output depending on the specific key being used at the
time. The exact substitutions and transformations performed by the algorithm depend on the key.

 Ciphertext: This is the scrambled message produced as output. It depends on the plaintext and the secret key. For a
given message, two different keys will produce two different cipher texts. The ciphertext is an apparently random
stream of data and, as it stands, is unintelligible.

 Decryption algorithm: This is essentially the encryption algorithm run in reverse. It takes the ciphertext and the secret
key and produces the original plaintext.
Simplified Model of Symmetric Encryption
Requirements
•There are two requirements for secure use of conventional encryption:

1.We need a strong encryption algorithm

2.a secret key known only to sender / receiver:

Sender and receiver must have obtained copies of the secret key in a secure
fashion and must keep the key secure
Model of Symmetric Encryption
Model of Symmetric Encryption…..
• The essential elements of a symmetric encryption scheme, in the Figure.
A source produces a message in plaintext, X = [X1,X2……..XM]. The elements of are
letters in some finite alphabet. Traditionally, the alphabet usually consisted of the 26
capital letters. Nowadays, the binary alphabet {0, 1} is typically used.
 For encryption, a key of the form K = [K1,K2….KJ]is generated. If the key is generated at

the message source, then it must also be provided to the destination by means of
some secure channel.
 Alternatively,
a third party could generate the key and securely deliver it to both
source and destination.
 Model of Symmetric Encryption…..
 With the message and the encryption key as input, the encryption algorithm forms the ciphertext

• Y=[Y1,Y2….YN].

• We can write this as Y=E(K,X)

• This notation indicates that is produced by using encryption algorithm E as a function of the
plaintext X, with the specific function determined by the value of the key K

• The intended receiver, in possession of the key, is able to invert the transformation: X=D(K,Y)

 An opponent, observing Y but not having access to K or X , may attempt to recover X or K or both X
and K. It is assumed that the opponent knows the encryption (E) and decryption (D) algorithms. If
the opponent is interested in only this particular message, then the focus of the effort is to recover
X by generating a plaintext estimate X .

 Often, however, the opponent is interested in being able to read future messages as well, in which
Dimensions of Cryptography
• Cryptographic systems are characterized along three independent
dimensions:
1. The type of operations used for transforming plaintext to ciphertext.
1. Substitution
2. Transposition
2. The number of keys used.
1. Symmetric,
2. Asymmetric or public-key encryption.
3. The way in which the plaintext is processed.
1. Block Cipher
2. Stream Cipher
Approaches for Attacking ----
Cryptanalysis
• There are two general approaches to attacking a conventional encryption
scheme:
Cryptanalysis: Cryptanalytic attacks rely on the nature of the algorithm plus
perhaps some knowledge of the general characteristics of the plaintext or
even some sample plaintext ciphertext pairs. This type of attack exploits the
characteristics of the algorithm to attempt to deduce a specific plaintext or to
deduce the key being used.
Brute-force attack: The attacker tries every possible key on a piece of
ciphertext until an intelligible translation into plaintext is obtained. On
average, half of all possible keys must be tried to achieve success.
Cryptanalysis Attacks
• As cryptography is the science and art of creating secret codes,
cryptanalysis is the science and art of breaking those codes.

Cryptanalysis attacks
 Ciphertext-Only Attack

Ciphertext-only attack

Brute force
Statistical attack
Pattern attack
16.62
 By letter By frequency
Letter Frequency Letter Frequency
a 0.08167 e 0.12702
b 0.01492 t 0.09056
c 0.02782 a 0.08167
d 0.04253 o 0.07507
e 0.12702 i 0.06966
f 0.02228 n 0.06749
g 0.02015 s 0.06327
h 0.06094 h 0.06094
i 0.06966 r 0.05987
j 0.00153 d 0.04253
k 0.00772 l 0.04025
l 0.04025 c 0.02782
m 0.02406 u 0.02758
n 0.06749 m 0.02406
o 0.07507 w 0.02360
p 0.01929 f 0.02228
q 0.00095 g 0.02015
r 0.05987 y 0.01974
s 0.06327 p 0.01929
t 0.09056 b 0.01492
u 0.02758 v 0.00978
v 0.00978 k 0.00772
w 0.02360 j 0.00153
x 0.00150 x 0.00150
y 0.01974 q 0.00095 16.63
z 0.00074 z 0.00074
Known-Plaintext Attack

3.64
Chosen-Plaintext Attack

3.65
Chosen-Ciphertext Attack
Chosen-ciphertext attack
Categories of Traditional Ciphers
•The two basic building blocks of all encryption
techniques are substitution and transposition.
1. Substitution Cipher-Replace one symbol with another
2. Transposition Cipher -Reorders Symbols
Substitution Cipher

• Mono-alphabetic Substitution
• The relationship between symbols in plain text to a symbols In cipher text
is always one to one

• Poly-alphabetic substitution cipher

• Each occurrence of a character may have different substitution
• The relationship between symbols in plain text to a symbols In cipher text
is always one to many

68
Mono-
alphabetic
Substitution

•The relationship between symbols in

plain text to a symbols In cipher text is
always one to one
1. Additive Cipher
2. Multiplicative Cipher
3. Affine Cipher

• Monoaplhabetic Substitution Cipher

69
Additive Cipher / Shift Cipher
/ Caesar Cipher
 The earliest known, and the simplest, use of a substitution cipher was by Julius Caesar.

 The Caesar cipher involves replacing each letter of the alphabet with the letter standing three places
further down the alphabet. For example,
Process of Caesar Cipher
 In order to encrypt a plaintext letter, the sender positions the sliding ruler underneath the first set of plaintext
letters and slides it to LEFT by the number of positions of the secret shift(here 3).

 The plaintext letter is then encrypted to the ciphertext letter on the sliding ruler underneath. The result of this
process is depicted in the following illustration for an agreed shift of three positions.
Then the algorithm can be expressed as follows. For each plaintext letter p, substitute the ciphertext
letter C=E(3,p)=(p+3) mod 26
A shift may be of any amount, so that the general Caesar algorithm is
C = E(k, p) = (p + k) mod 26
where k takes on a value in the range 1 to 25. The decryption algorithm is simply
p = D(k, C) = (C - k) mod 26
Drawbacks of Caesar cipher
• If it is known that a given ciphertext is a Caesar cipher, then a brute-force cryptanalysis is
easily performed: simply try all the 25 possible keys. Figure shows the results of applying
this strategy to the example ciphertext. In this case, the plaintext leaps out as occupying the
third line.

• Three important characteristics of this problem enabled us to use a brute force cryptanalysis:

1.The encryption and decryption algorithms are known.

2.There are only 25 keys to try

3.The language of the plaintext is known and easily recognizable.

 Example: Additive Cipher / Shift Cipher / Caesar
Cipher
Key
Key
Alice k Bob
K

Plaintext Cipher text Plaintext

P C P
C=(P+K) mod P=(C-K) mod
26 26

Encryption Decryption

a b c d e f g h i j k l m n o p q r s t u v w x y z
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25

75
o EXAMPLE

• Plaintext = apple
• Key = 5
• Ciphertext=?

• Plaintext a 00 Encryption(00+05) mod 26 Ciphertext: 05 F

• Plaintext p 15 Encryption(15+05) mod 26 Ciphertext: 20 U
• Plaintext p 15 Encryption(15+05) mod 26 Ciphertext: 20 U
• Plaintext l  11 Encryption(11+05) mod 26 Ciphertext: 15 P
• Plaintext e 04 Encryption(04+05) mod 26 Ciphertext: 09 J

• Ciphertext = FUUPJ

76
Ciphertext=PHHW PH is given and plaintext
needs to be found using the decryption algorithm
but no key is given.
• Key not given we have to calculate it & get the plaintext for which we need to check it with all 26 keys available set of
keys with us ( A= 0 to Z= 25) till a meaningful message is obtained.
• Decryption:
• With Key 0
• Plaintext = PHHW PH , which is not meaningful so take next key
• for Key 1, Plaintext= nffu nf , which is again not meaningful so take next key
• for Key 3,Plaintext = meet me , which makes some meaning
• So Plaintext = MEET ME with Key = 3

Example:
• To encrypt the message " NOTSECURE" with Key = 07
• So, Ciphertext is "UVAZLJBYL"
 Multiplicative Cipher
Key
Key
Alice k Bob
K

Plaintext Cipher text Plaintext

P C P
C=(P*K) mod P=(C*K-1) mod
26 26

Encryption Decryption

In multiplicative cipher, the encryption algorithm specifies the

multiplication of the plaintext with the key and the decryption algorithm
specifies the division of the ciphertext by the key as shown in the above
figure
78
 Multiplicative Cipher Example
• Multiplicative cipher has a key set ( Key Domain) of 12 members:
1,3,5,7,9,11,15,17,19,21,23,25.
• Encryption algorithm : C = E(K,P)=(P*K) mod 26
• where Key Domain = 1,3,5,7,9,11,15,17,19,21,23,25.
• and
• Decryption algorithm : P=D(K,C)=(C*K−1) mod 26
• Example:
• encrypt the message "HELLO" using multiplicative cipher with key = 7
• So, the ciphertext is " XCZZU"
a b c d e f g h i j k l m n o p q r s t u v w x y z
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25
Affine Cipher

• Affine cipher is the combination of additive and multiplicative

ciphers with a pair of keys K1, K2.
• The first key is used with the multiplicative cipher and the second
key is used with the additive cipher.
• the figure below shows the affine cipher algorithm.
 Affine Cipher
Key Key
k1 K2
Alice

Plaintext
P T
C=(P*K1) mod P=(C+K2) mod
26 26
Ciphertext
Encryption C
Bob

Plaintext
P C=(P*K-1) mod P=(C-K2) mod
26 26

Decryption

Key Key
k1 K2 81
Example: Affine Cipher
o EXAMPLE

• plaintext = hello
• Key pair = (7,2)
• Ciphertext=?

• So, the ciphertext is " ZEBBW"

82
Monoalphabetic Ciphers
 Monoalphabetic cipher is a substitution cipher in which for a given key, the cipher alphabet
for each plain alphabet is fixed throughout the encryption process.
 With only 25 possible keys, the Caesar cipher is far from secure. A dramatic increase in the
key space can be achieved by allowing an arbitrary substitution. Before proceeding, we
define the term permutation.
 A permutation of a finite set of elements S is an ordered sequence of all the elements of S,

with each element appearing exactly once.

 For example, if S = {a, b, c}, there are six permutations of S:

• abc, acb, bac, bca, cab, cba

 If the cryptanalyst knows the nature of the plaintext, then the analyst can exploit
the regularities of the language.

• As a first step, the relative frequency of the letters can be determined and compared to a
standard frequency distribution for English, such as is shown in Figure. If the message were
long enough, this technique alone might be sufficient, but because this is a relatively short
message, we cannot expect an exact match.
• A powerful tool is to look at the frequency of two-letter combinations, known as digrams
 Monoalphabetic ciphers are easy to break because they reflect the
frequency data of the original alphabet.
 Poly-alphabetic substitution cipher
• Each occurrence of a character may have different substitution
• The relationship between symbols in plain text to a symbols In
cipher text is always one to many

• AutoKey Cipher

• Playfair Cipher

• Vigenere Cipher

88
 Autokey cipher
• In this cipher the key is a stream of subkeys,in which each sub key is use
to encrypt the corresponding character in the plaintext

• The first sub key is predetermined value secretly agreed upon by Alice
and Bob.

• The second sub key is the value of first plaintext character

• P=P1P2p3……. C=C1C2C3…….. K=(K1,P1,P2,…..)

• Encryption : Ci = (Pi+Ki) mod 26 Decryption : Pi = (Ci-Ki)mod 26

89
Autokey cipher Example

The autokey cipher, as used by members of

the American Cryptogram Association, starts
with a relatively-short keyword, the primer,
and appends the message to it. If, for
example, the keyword is "QUEENLY" and the
message is "ATTACK AT DAWN", the key would
be "QUEENLYATTACKATDAWN".

Plaintext: ATTACK AT DAWN...

Key: QUEENL YA TTACK AT DAWN....
Ciphertext: QNXEPV YT WTWP...
The ciphertext message would thus be
"QNXEPVYTWTWP".
 playfair cipher
• Best-known multiple-letter substitution cipher

• Digram cipher (digram to digram, i.e., E(pipi+1) = cici+1 through

keyword-based 5x5 transformation table)
• Great advance over simple monoalphabetic cipher (26 letters
 26x26=676 digrams)
L G D B A
Q M H E C
U R N I/J F
X V S O K
Z Y W T P
91
 playfair cipher
• Before encryption ,if two letters in the pair are same, a bogus
letter is inserted to separate them
• After inserting a bogus letter if the number of character in the
plaintext is odd, one extra bogus character is added at the
end of the string
• The cipher uses three rules for encryption

1. If the two letter in the pair are located in same row of the key, then The
corresponding encrypted character for each letter is the next letter to the
right in the same row, with the first element of the row
circularly following the last. For example, ba is
encrypted as AL.
92
playfair cipher

2.
If two letter in the pair are in the same column of the
key ,the corresponding encrypted character for each letter
is the letter beneath with the top element of the column
circularly following the last. For example, lz is encrypted as
3. If two letter in the pair are are not in the same row or
QL.
column of the key ,the corresponding encrypted character
for each letter is the letter that is in it’s own row but in the
same column as the other letter.

93
playfair cipher
o EXAMPLE

• plaintext = hello
• Cipher text=?
Plaintext : hello
L G D B A
Add bogus character
Q M H E C
• Key= U R I/J F helxlo
N

X V S O K he lx lo
Z Y W T P
he  EC

lx  QZ

lo  BX

Ciphertext : ECQZBX 94
• Step 1: group letter in pair of two, he ll o, applying Basic Rules, we get pair as he lx lo
• Step 2: he in the same row of the secret key so by Rule 1 of encryption he becomes ec
• Step 3: lx in the same column so by Rule 2 of encryption, lx becomes qz
• Step 4: lo not in the same row and not in the same column of the secret key so by Rule 3 of
encryption lo becomes bx
• Plaintext = "hello"
• After making pairs: he ll o
• After applying basic rules: he lx lo
• After applying encryption rules: ec qz bx
• So Ciphertext = "ecqzbx"
Playfair Cipher
 The best-known multiple-letter encryption cipher is the Playfair, which
treats digrams in the plaintext as single units and translates these units
into ciphertext digrams.
 The Playfair algorithm is based on the use of a 5 * 5 matrix of letters
constructed using a keyword.
 In this case, the keyword is monarchy.
In this case, the keyword is monarchy. The matrix is constructed by filling in
the letters of the keyword (minus duplicates) from left to right and from top
to bottom, and then filling in the remainder of the matrix with the remaining
letters in alphabetic order. The letters I and J count as one letter. Plaintext is
encrypted two letters at a time, according to the following rules:
1. Repeating plaintext letters that are in the same pair are
separated with a filler letter, such as x, so that balloon would be treated
as ba lx lo on.
2. Two plaintext letters that fall in the same row of the matrix
are each replace by the letter to the right, with the first element of the
row circularly following the last. For example, ar is encrypted as RM.
3.Two plaintext letters that fall in the same column are each
replaced by the letter beneath, with the top element of the column
circularly following the last. For example, mu is encrypted as CM.
4.Otherwise, each plaintext letter in a pair is replaced by the letter
that lies in its own row and the column occupied by the other plaintext
letter. Thus, hs becomes BP and ea becomes IM (or JM, as the encipherer
wishes).
 The Playfair cipher is a great advance over simple monoalphabetic ciphers. For one
thing, whereas there are only 26 letters, there are 26 * 26 = 676 digrams, so that
identification of individual digrams is more difficult.

 Despite this level of confidence in its security, the Playfair cipher is relatively easy
to break, because it still leaves much of the structure of the plaintext language
intact. A few hundred letters of ciphertext are generally sufficient.
 Polyalphabetic Ciphers
 Another way to improve on the simple monoalphabetic technique is to use
different monoalphabetic substitutions as one proceeds through the
plaintext message. The general name for this approach is polyalphabetic
substitution cipher.

 The best known, and one of the simplest, such algorithm is referred to as
the Vigenère cipher. In this scheme, the set of related monoalphabetic
substitution rules consists of the 26 Caesar ciphers, with shifts of 0 through
25.
Table. The Modern Vigenère Tableau
Vigenere cipher
• The key stream is a repetition of an initial secret key stream of length
m,where we have 1<=m<=26.
• Initially the secret key should be agreed by Alice and Bob

• P=P1P2p3……. C=C1C2C3……..

• K=((K1,K2...,Km),(K1,K2,…,Km),….)

• Encryption : Ci = (Pi+Ki) Decryption : Pi = (Ci-Ki)

• Vigenere key stream does not depend on the plaintext characters

101
 Vigenere cipher Example
a b c d e f g h i j k l m n o p q r s t u v w x y z
o EXAMPLE A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
0 1 2 3 4 5 6 7 8 9 1 1 1 1 1 1 1 1 1 1 2 2 2 2 2 2
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5

• plaintext = she is listening

• Cipher text=?
• Key= PASCAL
Plaintext s h e i s l i s t e n i n g
P’s Value 18 07 04 08 18 11 08 18 19 04 13 08 13 06
Key P A S C A L P A S C A L P A
Key’s value 15 00 18 02 00 11 15 00 18 02 00 11 15 00
C’s value 07 07 22 10 18 22 23 18 11 6 13 19 02 06
ciphertext H H W K S W X S L G N T C G

Ciphertext : HHWKSWXSLGNTCG 102

 Example

Vigenere cipher can be seen as combinations of m additive ciphers.

16.103
Example
key: deceptive
plaintext: wearediscoveredsaveyourself
ciphertext: ZICVTWQNGRZGVTWAVZHCQYGLMGJ
example, if the keyword is deceptive, the
message “we are discovered save yourself”
The periodic nature of the keyword can be eliminated by using a nonrepeating keyword that is as
long as the message itself. Vigenère proposed what is referred to as an autokey system, in which a
keyword is concatenated with the plaintext itself to provide a running key.
 Hill Cipher
 Another interesting multiletter cipher is the Hill cipher, developed by the
mathematician Lester Hill in 1929.
 This encryption algorithm takes m successive plaintext letters and substitutes for
them m ciphertext letters.
 The substitution is determined by m linear equations in which each character is
assigned a numerical value (a = 0, b= 1, c, z = 25). For m = 3, the
system can be described as
 For example, consider the plaintext “paymoremoney” and use the encryption key

The first three letters of the plaintext are represented by the vector (15 0 24). Then (15 0 24)K =
(303 303 531) mod 26 = (17 17 11) = RRL
. Continuing in this fashion, the ciphertext for the entire plaintext is RRLMWBKASPDH.
Decryption requires using the inverse of the matrix K. We can compute det K = 23, and
therefore, (det K)-1 mod 26 = 17. We can then compute the inverse as

a b c d e f g h i j k l m n o p q r s t u v w x y z
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25
The inverse of A is A-1 only when A ×
A-1 = A-1 × A = I.
 Vernam Cipher
 The ultimate defense against such a cryptanalysis is to choose a keyword that is as
long as the plaintext and has no statistical relationship to it. Such a system was
introduced by an AT&T engineer named Gilbert Vernam in 1918.
 One-Time Pad
 Joseph Mauborgne, proposed an improvement to the Vernam cipher that
yields the
ultimate in security.
 Mauborgne suggested using a random key that is as long as the message,
so that the key need not be repeated.
 In addition, the key is to be used to encrypt and decrypt a single message,
and then
is discarded.
 Each new message requires a new key of the same length as the new
message. Such a scheme, known as a one-time pad, is unbreakable.
 It produces random output that bears no statistical relationship to the
plaintext.
 Because the ciphertext contains no information whatsoever about the
plaintext,
there is simply no way to break the code.
An example should illustrate our point. Suppose that we are using a Vigenère
scheme with 27 characters in which the twenty-seventh character is the space
character, but with a one-time key that is as long as the message. Consider the
ciphertext
ANKYODKYUREPFJBYOJDSPLREYIUNOFDOIUERFPLUYTS
We now show two different decryptions using two different keys:
 Suppose that a cryptanalyst had managed to find these two keys. Two
plausible plaintexts are produced. How is the cryptanalyst to decide which is
the correct decryption (i.e., which is the correct key)? If the actual key were
produced in a truly random fashion, then the cryptanalyst cannot say that one
of these two keys is more likely than the other. Thus, there is no way to decide
which key is correct and therefore which plaintext is correct.

 In fact, given any plaintext of equal length to the ciphertext, there is a key that
produces that plaintext. Therefore, if you did an exhaustive search of all
possible keys, you would end up with many legible plaintexts, with no way of
knowing which was the intended plaintext. Therefore, the code is
unbreakable.
The one-time pad offers complete security but, in practice, has two fundamental
difficulties:

1.There is the practical problem of making large quantities of random keys. Any
heavily used system might require millions of random characters on a regular basis.
Supplying truly random characters in this volume is a significant task.

2.Even more daunting is the problem of key distribution and protection. For every
message to be sent, a key of equal length is needed by both sender and receiver. Thus, a
mammoth key distribution problem exists.
Because of these difficulties, the one-time pad is of limited utility
and is useful primarily for low-bandwidth channels requiring very
high security.
 Transposition Techniques
 A very different kind of mapping is achieved by performing some sort of
permutation
on the plaintext letters. This technique is referred to as a transposition cipher.
 Transposition Techniques
 In the transposition technique the positions of letters/numbers/symbols in plain text
is changed with one another.

1 2 3 4 5 6 4 2 1 6 3 5
M E E T M E T E M E E M
A F T E R P E F A P T R
A R T Y Y R A T
Transposition cipher
• Keyless Transposition Cipher

• Keyed Transposition Cipher

• Combination of two

118
Keyless Transposition cipher techniques

1.Rail Fence Cipher

Keyed Transposition cipher techniques

2.Columnar Transposition
 Simple Columnar Transposition
 Double Columnar Transposition
 Keyless Transposition Ciphers
Simple transposition ciphers, which were used in the past, are keyless.
• In this method plain text is written downwards on “rails of fence “ , starting a new column when bottom is reached.
• Algorithm:
1. First write down plain text message as a sequence of diagonals.
2. Read the plain text written in first step as a sequence of rows.

Example

A good example of a keyless cipher using the first method is the rail fence cipher. The
ciphertext is created reading the pattern row by row. For example, to send the
message “Meet me at the park” to Bob, Alice writes

She then creates the ciphertext “MEMATEAKETETHPR”.

16.120
Keyless Transposition Cipher
¨ Rearrange letters in plaintext to produce ciphertext (also called
permutation)

¨ Example (Rail-Fence Cipher)

16.121
Rail Fence Cipher

• Example:
• Plain text: come home tomorrow

• Cipher text: cmhmtmrooeoeoorw

 Keyed Transposition Cipher
• The keyless ciphers permute the characters by using
writing plaintext in one way and reading it in another way

• The permutation is done on the whole plaintext to create

the whole ciphertext.

• Another method is to divide the plaintext into groups of

predetermined size, called blocks, and then use a key to
permute the characters in each block separately.

123
 ExampleExample
Alice needs to send the message “Enemy attacks tonight” to Bob..

The key used for encryption and decryption is a permutation key, which shows how
the character are permuted.

The permutation yields

Columnar Transposition

Figure: Columnar Transposition.

125
 Columnar Transposition -
Agrees on number of columns used in A and B and write PT by
A row by row
Ex- come home tomorrow

C O M E H O
M E T O M O
R R O w - -
1 2 3 4 5 6

Order 4,6,1,2,5,3

Eowoo-cmroerhm-mto
126
1. Simple Columnar Transposition

• In this method the message is written in rows of fixed length and then
read out column by column
• Column are selected in some scrambled order.
• The number of columns are defined by the length of key.
• Algorithm:
1. Write the plain text message row by row in a rectangle of predefined
size.(length of key)
2. Read the message column by column according to the selected order
thus obtained message is a cipher text.
1. Simple Columnar Transposition

• Key: ZEBRAS
• plain text: welcome home
• Order : 6 3 2 4 1 5

• Cipher text: MLOEHCMWEOE

2.Double Columnar Transposition

• Single columnar transposition can be attack by guessing possible column lengths.

• Therefore to make it stronger double transposition is used.
• This is simple columnar transposition technique applied twice.
• Here same key can be used for transposition or two different keys can be used.
2.Double Columnar Transposition

• First apply simple columnar transposition

• Key: ZEBRAS
• plain text: welcome home
• Order : 6 3 2 4 1 5

• Cipher text: MLOEHCMWEOE

2.Double Columnar Transposition

• Cipher text 1: MLOEHCMWEOE

• Order : 6 3 2 4 1 5

• Final Cipher Text: COELWEOMMHE

 Row Transposition Ciphers
 A more complex scheme is to write the message in a rectangle, row by row,
and read the message off, column by column, but permute the order of the
columns. The order of the columns then becomes the key to the algorithm.
 Combining Two Approaches
Example

133
 Continued
Keys
In previous Example, a single key was used in two directions for the column
exchange: downward for encryption, upward for decryption. It is customary to create
two keys.

Encryption/decryption keys in transpositional ciphers

134
Double Transposition Ciphers

135
Difference between Substitution and
Transposition Cipher
Substitution Cipher Transposition Cipher
A substitution technique is one in which the In the transposition technique the positions of
letters/number/symbols of plain text are replaced by other letters/numbers/symbols in plain text is changed with one
letters/numbers/symbols. another.

It is easy to understand. It is difficult to understand.

Methods: Methods:
1. Mono-Alphabetic SubstitutionCipher 1. Rail Fence Cipher
2. A Polyalphabetic Substitution Cipher 2. Columnar Transposition
3. One time Pad(Vernam Cipher)  Simple Columnar Transposition
 Double Columnar Transposition
 STREAM AND BLOCK CIPHERS
The literature divides the symmetric ciphers into two broad categories: stream ciphers and
block ciphers. Although the definitions are normally applied to modern ciphers, this
categorization also applies to traditional ciphers.

1. Stream Ciphers
2. Block Ciphers
3. Combination

137
 Stream Ciphers
Call the plaintext stream P, the ciphertext stream C, and the key stream K.

Stream cipher

138
Example of stream cipher
Additive ciphers can be categorized as stream ciphers in which the key
stream is the repeated value of the key. In other words, the key stream is
considered as a predetermined as a stream of keys K = (k, k, …, k).

The monoalphabetic substitution ciphers discussed previously are also

stream ciphers. However, each value of the key stream in this case is the
mapping of the current plaintext character to the corresponding ciphertext
character in the mapping table.

139
 Block Ciphers
In a block cipher, a group of plaintext symbols of size m (m > 1) are
encrypted together creating a group of ciphertext of the same size. A single
key is used to encrypt the whole block even if the key is made of multiple
values.

140