Information security

Introduction to information
security

Theory
Lecture one
[email protected]
q
Outline
• Meaning of computer security.
• Some important terms used in computer
security.
 computer security
• The meaning of the term computer
security has evolved in recent years.
Before the problem of data security
became widely publicized in the media,
most people’s idea of computer security
focused on the physical machine.
Traditionally, computer facilities have
been physically protected for three
reasons:
– To prevent theft of or damage to the
hardware
– To prevent theft of or damage to the
Computer security
• Computer security is security applied to computing
devices such as computers and smartphones, as
well as computer networks such as private and
public networks, including the whole Internet.
• It includes physical security to prevent theft of
equipment, and information security to protect the
data on that equipment. It is sometimes referred to
as "cyber security" or "IT security", though these
terms generally do not refer to physical security.
 Some important terms used in
computer security.

• Vulnerability is a weakness which allows an

attacker to reduce a system's information assurance.
Vulnerability is the intersection of three elements:
– A system susceptibility.
– Attacker access to the flaw.
– Attacker capability to exploit the flaw.
• To exploit vulnerability, an attacker must have at
least one applicable tool or technique that can
connect to a system weakness. In this frame,
vulnerability is also known as the attack surface
 Backdoors
• A backdoor in a computer system, is a
method of bypassing normal
authentication, securing remote access to a
computer, obtaining access to plaintext,
and so on, while attempting to remain
undetected.
• The backdoor may take the form of an
installed program (e.g., Back Orifice), or
could be a modification to an existing
program or hardware device. It may also
fake information about disk and memory
usage.
 Denial-of-service attack
• Attackers can deny service to individual victims, such as by
deliberately entering a wrong password enough consecutive
times to cause the victim account to be locked, or they may
overload the capabilities of a machine or network and block
all users at once.
• These types of attack are, in practice, very hard to prevent,
because the behaviour of whole networks needs to be
analyzed, not only the behaviour of small pieces of code.
• Distributed denial of service (DoS) attacks are common,
where a large number of compromised hosts (commonly
referred to as "zombie computers", used as part of a botnet
with, for example; a worm, trojan horse, or backdoor exploit
to control them) are used to flood a target system with
network requests, thus attempting to render it unusable
 Direct-access attacks
• An unauthorized user gaining physical access to a
computer can perform many functions, install
different types of devices to compromise security,
including operating system modifications, software
worms, key loggers, and covert listening devices.
The attacker can also easily download large
quantities of data onto backup media, for instance
CD-R/DVD-R, tape; or portable devices such as key
drives, digital cameras or digital audio players.
• Another common technique is to boot an operating
system contained on a CD-ROM or other bootable
media and read the data from the hard drive(s) this
way. The only way to defeat this is to encrypt the
storage media and store the key separate from the
system. Direct-access attacks are the only type of
threat to Standalone computers (never connect to
internet), in most cases.
 Eavesdropping
• Eavesdropping is the act of secret
listening to a private conversation,
typically between hosts on a network.
For instance, programs such as
Carnivore and NarusInsight have been
used by the FBI and NSA to eavesdrop
on the systems of internet service
providers.
Spoofing
• Spoofing of user identity describes a
situation in which one person or
program successfully masquerades as
another by falsifying data and thereby
gaining an illegitimate advantage
 Tampering
• Tampering describes an intentional
modification of products in a way that
would make them harmful to the consumer
 Elevation of privilege
• Elevation of Privilege describes a
situation where a person or a program
want to gain elevated privileges or
access to resources that are normally
restricted to him/it.
 Indirect attacks
• An indirect attack is an attack launched
by a third-party computer. By using
someone else's computer to launch an
attack, it becomes far more difficult to
track down the actual attacker. There
have also been cases where attackers
took advantage of public anonymizing
systems, such as the tor onion router
system.
 Computer crime
• Computer crime refers to any crime that
involves a computer and a network.
Information security

INTRODUCTION TO
INFORMATION SECURITY

Theory
Second lecture
[email protected]
Information security

Outline:
• Top 10 Cybercrime Prevention Tips.
• Principle security.
Information security

Top 10 Cyber Crime Prevention Tips

1. Use Strong Passwords:
Use different user ID / password combinations for
different accounts and avoid writing them down. Make
the passwords more complicated by combining letters,
numbers, special characters (minimum 10 characters in
total) and change them on a regular basis.
Information security

2. Secure your computer:

• Activate your firewall Firewalls are the first line of cyber

defence. they block connections to unknown or bogus
sites and will keep out some types of viruses and hackers.
• Use anti-virus/malware software prevent viruses from
infecting your computer by installing and regularly
updating anti-virus software.
• Block spyware attacks Prevent spyware from infiltrating
your computer by installing and updating anti-spyware
software.
Information security

3. Be Social-Media Savvy
Make sure your social networking profiles (e.g. Facebook,
Twitter, Youtube, MSN, etc.) are set to private. Check your
security settings. Be careful what information you post online.
Once it is on the Internet, it is there forever!
4. Secure your Mobile Devices
Be aware that your mobile device is vulnerable to viruses and
hackers. Download applications from trusted sources.
5. Install the latest operating system updates
Keep your applications and operating system (e.g. Windows,
Mac, Linux) current with the latest system updates. Turn on
automatic updates to prevent potential attacks on older software.
Information security

6. Protect your Data

• Use encryption for your most sensitive files such as tax
returns or financial records, make regular backups of all your
important data, and store it in another location.

7. Secure your wireless network

• Wi-Fi (wireless) networks at home are vulnerable to intrusion
if they are not properly secured. Review and modify default
settings. Public Wi-Fi, a.k.a. “Hot Spots”, are also vulnerable.
Avoid conducting financial or corporate transactions on these
networks
Information security

8. Protect your e-identity

• Be cautious when giving out personal information such as
your name, address, phone number or financial
information on the Internet. Make sure that websites are
secure (e.g. when making online purchases) or that
you’ve enabled privacy settings (e.g. when
accessing/using social networking sites).
9. Avoid being scammed
• Always think before you click on a link or file of unknown
origin. Don’t feel pressured by any emails. Check the
source of the message. When in doubt, verify the source.
Never reply to emails that ask you to verify your
information or confirm your user ID or password.
Information security

10. Call the right person for help

• Don’t panic! If you are a victim, if you encounter illegal
Internet content (e.g. child exploitation) or if you suspect a
computer crime, identity theft or a commercial scam,
report this to your local police. If you need help with
maintenance or software installation on your computer,
consult with your service provider or a certified computer
technician.
Information security

Principle security.
• There are five principles of security. They are as follows

1. Confidentiality
The principle of confidentiality specifies that only the
sender and the intended recipient should be able to access
the content of the message.
Information security

2. Integrity
• Integrity means that data is protected from unauthorized
changes to ensure that it is reliable and correct.

• The confidential information sent by A to B which is

accessed by C without the permission or knowledge of A
and B.
Information security

3. Authentication:
• Authentication mechanism helps in establishing proof of
identification.

4. Access control:
Access control specifies and control who can access what.

5. Availability: It means that assets are accessible to

authorized parties at appropriate times.
Information security

Attacks
• We want our security system to make sure that no
data are disclosed to unauthorized parties.
Ø Data should not be modified in illegitimate ways
Ø Legitimate user can access the data.

Types of attacks
Attacks are grouped into two types:
Ø Passive attacks: does not involve any modification to
the contents of an original message
Ø Active attacks: the contents of the original message
are modified in some ways.
Information security

Elementary cryptography: substitution cipher

• Encryption is the process of encoding a message so that

its meaning is not obvious.
• Decryption is the reverse process, transforming an
encrypted message back into its normal, original form.
• The terms encode and decode or encipher and decipher
are used instead of encrypt and decrypt.
• We say that we encode, encrypt, or encipher the original
message to hide its meaning.
• We decode, decrypt, or decipher it to reveal the original
message. A system for encryption and decryption is
called a cryptosystem.
Information security

• The original form of a message is known as plaintext, and

the encrypted form is called cipher text. For convenience,
we denote a plaintext message P as a sequence of
individual characters P = <p1, p2, …, Pn>. Similarly,
cipher text is written as C = <c1, c2, …,Mm>.
Information security

• For instance, the plaintext message "I want cookies" can be

denoted as the message string <I, ,w,a,n,t,c,o,o,k,i,e,s>. It can
be transformed into cipher text<c1, c2, …,c14>, and the
encryption algorithm tells us how the transformation is done.
• We use this formal notation to describe the transformations
between plaintext and cipher text.
• For example:
• we write C = E (P) and P = D(C),
• where C represents the cipher text,
• E is the encryption rule,
• P is the plaintext,
• D is the decryption rule.
Information security

• Cryptanalyst: cryptanalyst is a person who studies encryption

and decrypted message and tries to find the hidden meanings
(to break an encryption).

• Confusion: it is a technique for ensuring that ciphertext has no

clue about the original message.

• Diffusion: that if we change a character of the plaintext, then

several characters of the ciphertext should change, and
similarly, if we change a character of the ciphertext, then
several characters of the plaintext should change. We saw that
the Hill cipher has this property..
Information security

INFORMATION SECURITY

Theory
Third lecture
[email protected]
Information security

Outline:
• Substitution and Transposition method
• Caeser cipher
• Monoalphabetic cipher
• Vigenere Cipher
• Polybius cipher
Information security

Substitution and Transposition method:

• With classical method there are two categories of
cipher:
1. Substitution
2. Transposition
Information security

Substitution:
• This is a classical method of cryptography
• We use substitution when the Plaintext are replaced with
Ciphertext.
• When the letters are represented by other letter by someone to
hide real words.
• There is a method which is used with substitution method called
Caesar cipher
Information security

Caesar cipher
• For two thousand years ago this method has been invented by
the Roman Empire (Julius Caesar).
• This is use to hide messages
• How to use?
Answer: take a letter go three long alphabetic and replaced with a
letter for instance.

P: A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
C: D E F G H I J K L M N O P Q R S T U V W X Y Z A B C

H O W A R E Y O U
Example:
K R Z D U H B R X
• Plaintext c(x) = this find the cypher text of (this) if key =3?
ABCDEFGHI J K LMNOPQRSTUVWXYZ
0 1 2 3 4 5 6 7 8 9 10………………..…………… ……..25
Solution:
c(x)= (t+k) mod 26
c(t)=(19+3) mod 26 = 22 w
c(h)=(7+3) mod 26 = 10 k
c(i)=(8+3) mod 26 = 11 l
c(s)=(18+3) mod 26 = 21 v
Information security

Examples of Caesar cipher

• What is the following message say?
1. GHDU HPSLUE SOHDVH DFFHSW PB GHPDQG
2. Find the plaintext of (wklv) when k=3?
• p(y) = (y-k) mod 26
• p(w) = (22-3) mod 26 = t
• p(k) = (10-3) mod 26 = h
• p(l) = (11-3) mod 26 = i
• p(v) = (21-3) mod 26 = s

• P(wlkv)= this
Information security

Breaking Caesar Cipher

q Only have 26 possible ciphers

q A maps to A,B,..Z
q Could simply try each in turn
q Given ciphertext, just try all shifts
of letters
q Do need to recognize when have
plaintext
q Compression reduces chance of
breaking
 Question:- The following cipher texts have been encrypted
using Caesar cipher, find out the original text:
m xlmro, xlivijsvi m ibmwx

Solution
Caesar Cipher is broken either with brute force or frequency analysis.
Using Frequency Analysis, the letter ‘m’ is repeated, and single letter words are
scarce in English; examples are ‘a’ and ‘I’.
To decipher the rest of the text, we find the shift needed to turn ‘m’ to ‘a’ and
‘m’ to ‘I’, whichever produces a meaningful sentence is the correct shift.
Fours shifts backwards are needed to turn ‘m’ to ‘I’, continuing to shift each of
the letters of the cipher text 4 shifts backwards produces the decrypted text:
I think, therefore I exist
Information security

Monoalphabetic Cipher
q Rather than just shifting the alphabet, shuffle (jumble) the letters
arbitrarily ‫ﮔۆﺮﯾﻦ‬
q Each plaintext letter maps to a different random ciphertext letter
q Hence key is 26 letters long
• Plain: abcdefghijklmnopqrstuvwxyz
• Cipher: DKVQFIBJWPESCXHTMYAUOLRGZN
• Plaintext: ifwewishtoreplaceletters
• Ciphertext: WIRFRWAJUHYFTSDVFSFUUFYA

q Now have a total of 26! = 4 x 1026 keys

q With so many keys, might think is secure
q But would be !!!WRONG!!!
Question
a) Using the Monoalphabetic use the following perfect pangram:
“pack my box with five dozen liquor jugs”
To encrypt the statement: “I am going to graduate very soon”
b) Is the encryption algorithm that you used considered secure? Why?

Solution

a) First construct the substitution table

a b c d e f g h i j k l m n o p q r s t u v w x y Z

P A C K M Y B O X W I T H F V E D Z E N L Q U R J S

Then perform the substitution to be: XPHBVXFBNVBZPKLPNMQMZJEVVF

b) It is vulnerable to frequency analysis, so it is not secure.
Information security

Breaking the Monoalphabetic Cipher

q Given ciphertext:

• UZQSOVUOHXMOPVGPOZPEVSGZWSZOPFPESXUDBMETS
XAIZ
• VUEPHZHMDZSHZOWSFPAPPDTSVPQUZWYMXUZUHSX

• EPYEPOPDZSZUFPOMBZWPFUPZHMDJUDTMOHMQ
 Breaking the Monoalphabetic Cipher

q Human languages are redundant.

q letters are not equally commonly used
q In English E is by far the most common letter
q followed by T,R,N,I,O,A,S
q Other letters like Z,J,K,Q,X are
fairly rare
q Have tables of single, double &
triple letter frequencies for
various languages
Breaking the Monoalphabetic Cipher
Ø Key concept - monoalphabetic substitution ciphers do not
change relative letter frequencies
Ø Discovered by Arabian scientists in 9th century
Ø Calculate letter frequencies for ciphertext
Ø Compare counts/plots against known values
Ø If Caesar cipher look for common peaks/troughs
l peaks at: A-E-I triple, NO pair, RST triple
l troughs at: JK, X-Z
Ø For monoalphabetic must identify each letter
l tables of common double/triple letters help
 Breaking the Monoalphabetic Cipher
q Given ciphertext:
UZQSOVUOHXMOPVGPOZPEVSGZWSZOPFPESXUDBMETSXAIZVUEPHZHMDZSHZOWSFPAPPDTS
VPQUZWYMXUZUHSX EPYEPOPDZSZUFPOMBZWPFUPZHMDJUDTMOHMQ
q Count relative letter frequencies

q Guess P & Z are e and t

q Guess ZW is “th” and hence ZWP is “the”. Frequency of two-letter combinations is
known as digrams
q Proceeding with trial and error finally get:
it was disclosed yesterday that several informal but
direct contacts have been made with political
representatives of the viet cong in moscow
 Question
The following ciphertext was produced using a Caesar cipher. Break the encryption to obtain the
plaintext. Note that the most commonly occurring letter in the English language is “e” and the
second most commonly occurring letter is “t”.
MAX YTNEM, WXTK UKNMNL, EBXL GHM BG HNK LMTKL UNM BG HNKLXEOXL

Solution
By analyzing the ciphertext, the most commonly occurring letter is M, followed by X. If we assume
that M is equivalent to e and X is equivalent to t we do not get a meaningful phrase. Thus, we can
estimate that M = t and X = e. Analysis confirms that this is a shift of 19 letters in both substitutions.
Using this same shift for all letters gives the plaintext

The fault, dear Brutus is lies not in our stars but in ourselves
 Vigenère Cipher

q Blasis de Vigenere, a French cryptographer of the 1500.

q Has similar method of encryption as cipher, but uses a far more
complex encryption key.
q This is a more secure cipher than Caesar cipher.
q The plaintext is encrypted using a starting instead of singular
number or letter each alphabetical character in plaintext is shifted
by the letter in the keyword.
q Simplest polyalphabetic substitution cipher
q Key is multiple letters long K = k1 k2 ... kd , ith letter specifies ith alphabet to use
q Use each alphabet in turn
q Decryption simply works in reverse
q Write the plaintext out. Write the keyword repeated above it
q Use each key letter as a Caesar cipher key. Encrypt the corresponding plaintext
letter
q eg using keyword deceptive

q key: d e c e p t i v e d e c e p t i v e d e c e p t i v e
q plaintext: we a r e d i s c o v e r e d s a v e y o u r s e l f
q ciphertext:
Z I C V T WQ N G R Z G V T WA V Z H C Q Y G L M G J
 Plaintext

Key
 Breaking the Vigenère Cipher

q Have multiple ciphertext letters for each plaintext letter

q Hence letter frequencies are hide, but not totally lost
q Kasiski method developed by Babbage/Kasiski is a way of
breaking Vigenere
q Repetitions in ciphertext give clues (‫ )ﻫەڵﯿﻨﺎﻥ‬to period, so
find same plaintext an exact period apart which results in the
same ciphertext
q Of course, could also be random luck
 Question
a) Encrypt “Attack Now” using Vigenère cipher, with the keyword “Play” using tabula recta.
b) Perform an examination to find the length of the key that was used to produce the following
Vigenère cipher text.
io ygx wewq ss tswmw nzl eytluonnr. vs wewq ss hzo aj acw ysamdi yo mw eytluojd.

Solution a) Plain Key : p l a y p l a y p

text: a t t a c k n o w
Result :
P E T Y R V N M L
b) First, we find repetitions of sequences in the cipher:
io ygx wewq ss tswmw nzl eytluonnr. vs wewq ss hzo aj acw ysamdi yo mw eytluojd.
The distances between repetitions are 25 characters and 35 characters respectively.
Using prime factorization:
25 = 5 *5 wew
35 = 5*7 mw
Therefore the gcd = wew 5
This indicates a key length of 5.
Polybius method
• This is known as a simple to substitute cipher, and each plaintext
character ciphered as 2 cipher text character:
• Example: xabat

CDBBEBBBED
Transposition
• With transposition method the letter are stable they are not change,
only their letter’s position are going to change.
• According to its columns we can make changes.
Transposition example
• Change the bellow plaintext to ciphertext regarding using
transposition method by four columns:
• “How are you mate”
• 4-col-type
4 col-type ciphertext
howa hrueoemxwyaxaotx
reyo
Umat
E xxx
• Decrypt the message = “AES EAO OIT VUI NNN NEE RLC
FTE LNV LER LS ” using a tabular transposition cipher with
row of length 4 characters.
• since there are 10 * 3 + 2 = 32 characters and row as 4
characters, 32/4= 8. means we need 8 row.

At eleven surveillance on front lines

Cypher text is
TSICNAUVANYAFULEEMARENECORLOMP
 PLAN

N T O A
A N T O
C A K T
S A E B
M A P C

Plain text is At noon attack base camp

Exercises
1. With using Caesar cipher transform the word(PB FRXQWUB)
from ciphertext to plaintext.
2. Change the word (HALGURD) from plaintext to Ciphertext
when the key is 6.
Exercises
4. With transportation method change (My favourite colour is
Black) by using 4-column
5. With Polybius method find the plaintext for
(DDBBACBDBBEABB)

6. Find the ciphertext for word (SHANGAL). By using Polybius

method
Exercise
7. Find the plaintext for the word (dmmtsjj) by mixed with word
(aso). In Monoalphabetic method.
Information security

INFORMATION SECURITY

Theory
Fourth lecture
[email protected]
Information security

Outline:
• Making good encryption algorithm.
• Properties of "Trustworthy" Ecryption Systems
• Symmetric·Key Cryptography
• Asymmetric-Key Cryptography
• Private key crypto system
Information security

Making good encryption algorithm

• The encryption algorithms we have seen are trivial, intended
primarily to demonstrate the concepts of substitution and
permutation.
• We have examined several approaches cryptanalysts use to
attack encryption algorithms.
• For each type of encryption we considered, has the advantages
and disadvantages. But there is a broader question: What does it
mean for a cipher to be "good"?
• The meaning of good depends on the intended use of the cipher.
Information security

Shannon's Characteristics of "Good" Ciphers

In 1949, Claude Shannon [SHA49] proposed several characteristics
that identify a good cipher.
1. The amount of secrecy needed should determine the amount of
labor appropriate for the encryption and decryption.
2. The set of keys and the enciphering algorithm should be free
from complexity.
3. The implementation of the process should be as simple as
possible.
Information security

4. Errors in ciphering should not propagate and cause corruption of

further information in the message.
Principle 4 acknowledges that humans make errors in their use of enciphering
algorithms. One error early in the process should not throw off the entire
remaining cipher text. For example, dropping one letter in a columnar
transposition throws off the entire remaining encipherment. Unless the receiver
can guess where the letter was dropped, the remainder of the message will be
unintelligible. By contrast, reading the wrong row or column for a polyalphabetic
substitution affects only one character and remaining characters are unaffected.

5. The size of the enciphered text should be no larger than the text
of the original message.
The idea behind principle 5 is that a cipher text that expands dramatically in size
can not possibly carry more information than the plaintext, yet it gives the
cryptanalyst more data from which to infer a pattern. Furthermore, a longer cipher
text implies more space for storage and more time to communicate.
Information security

Properties of "Trustworthy" Encryption Systems

• Commercial users have several requirements that must be satisfied when
they select an encryption algorithm. Thus, when we say that encryption is
"commercial grade," or "trustworthy," we mean that it meets these
constraints:

1. It is based on sound mathematics. Good cryptographic algorithms are not just

invented; they are derived from solid principles.
2. It has been analyzed by competent experts and found to be sound. Even the best
cryptographic experts can think of only so many possible attacks, and the developers
may become too convinced of the strength of their own algorithm.
3. It has stood the a test of time. A new algorithm gains popularity, people continue to
review both its mathematical foundations and the way it builds on those foundations.
Although a long period of successful use and analysis is not a guarantee of a good
algorithm, the flaws in many algorithms are discovered relatively soon after their
release
Information security

• We can divide all the cryptography algorithms (ciphers) into two

groups: symmetric key cryptography algorithms and asymmetric
cryptography algorithms.
Information security

1. Symmetric·Key Cryptograph
• In symmetric-key cryptography, the same key is used by both
parties. The sender uses this key and an encryption algorithm to
encrypt data; the receiver uses the same key and the
corresponding decryption algorithm to decrypt the data.
Information security

PRIVATE KEY CRYPTOSYSTEM

• Symmetric encryption (also called private-key encryption or secret-
key encryption) involves using the same key for encryption and
decryption.
• Encryption involves applying an operation (an algorithm) to the
data to be encrypted using the private key to make them
unintelligible. The slightest algorithm (such as an exclusive OR)
can make the system nearly tamper proof.
• Claude Shannon proved that to be completely secure, private-key
systems need to use keys that are at least as long as the message
to be encrypted. Moreover, symmetric encryption requires that a
secure channel be used to exchange the key, which seriously
diminishes the usefulness of this kind of encryption system.
Information security

• The main disadvantage of a secret-key cryptosystem is related to the

exchange of keys. Symmetric encryption is based on the exchange of a
secret (keys). The problem of key distribution therefore arises.
• Moreover, a user wanting to communicate with several people while
ensuring separate confidentiality levels has to use as many private keys
as there are people. For a group of N people using a secret-key
cryptosystem, it is necessary to distribute a number of keys equal to
• N * (N-1) / 2.
• In the 1920s, Gilbert Vernam and Joseph Mauborgne developed the
One-Time Pad method (sometimes called "One-Time Password" and
abbreviated OTP), based on a randomly generated private key that is
used only once and is then destroyed.
Information security

2. Asymmetric-Key Cryptography:
• In asymmetric or public-key cryptography, there are two keys: a
private key and a public key. The private key is kept by the
receiver. The public key is announced to the public.
Information security

• Stream cipher: Stream ciphers convert one symbol of

plaintext directly into a symbol of ciphertext.
• Advantages:
• Speed of transformation: algorithms are linear in time and constant
in space.
• Low error propogation: an error in encrypting one symbol likely will
not affect subsequent symbols.
• Disadvantages:
• Low diffusion: all information of a plaintext symbol is contained in a
single ciphertext symbol.
• Susceptibility to modifications: an active interceptor who breaks the
algorithm might insert spurious text that looks authentic.
Information security

• Block ciphers: It encrypt a group of plaintext symbols as

one block.
• Advantages:
• High diffusion: information from one plaintext symbol is
diffused into several ciphertext symbols.
• Immunity to tampering: difficult to insert symbols without
detection.
• Disadvantages:
• Slowness of encryption: an entire block must be accumulated
before encryption / decryption can begin.
• Error propagation: An error in one symbol may corrupt the
entire block. Simple substitution is an example of a stream
cipher. Columnar transposition is a block cipher.
Secure Computer Systems

Principles of Symmetric cryptography

Lecture 5

Younus Muhammed
Outline
n Main components of modern Symmetric
cryptography
n

— 76
Modern Block Ciphers (I)
n A modern block cipher encrypts an n-bit block of plaintext
or decrypts an n-bit block of ciphertext.
n The encryption or decryption algorithm uses a k-bit key.
n The decryption algorithm must be the inverse of the
encryption algorithm and both operations must use the
same secret key.

An Introduction to Modern Symmetric Encryption Techniques — 77

Modern Block Ciphers (II)
n If the message has fewer than n bits,
padding must be added to make it an n-bit
block;
n If the message has more than n bits, it
should be divided into n-bit blocks and the
appropriate padding must be added to the
last block if necessary.
n The common values for n are 64, 128,
256, or 512 bits.

An Introduction to Modern Symmetric Encryption Techniques — 78

Modern Block Ciphers (III)
n Question: How many padding bits must be added to a
message of 100 characters if 8-bit ASCII is used for
encoding and the block cipher accepts blocks of 64 bits?

n Solution: Encoding 100 characters using 8-bit ASCII

results in an 800-bit message. The plaintext must be
divisible by 64. If | M | and |Pad| are the length of the
message and the length of the padding,

An Introduction to Modern Symmetric Encryption Techniques — 79

Main components of modern
Symmetric crypto
n Convert any letter or digit to its equivalent
binary (Ascii code)
n P-Box (Permutation Box)
n S-Box (Substitution Box)
n XOR operator
n Circular shift
n Swap
n Split and combine
n Multiple round encryption
An Introduction to Modern Symmetric Encryption Techniques — 80
P-Box (I)
n A P-Box is a method for bit-shuffling.
n It is used for some sort of permutation on
0 0
the plaintext bits. 1 1
n If the 8 bits are designated from top to 2 2
3
bottom as 01234567, the output of this 3
4 4
particular P-box is 24506713. 5 5
6
n By appropriate internal wiring, a P-box can 67 7
be made to perform any transposition and
do it at practically the speed of light since no
computation is involved, just signal
propagation.
n The attacker knows that the general method
is permuting the bits. What he does not
know is which bit goes where,
An Introduction to Modern Symmetric Encryption Techniques — 81
P-Box (II)
Three types of P-Box: Straight P-boxes, Expansion P-
boxes, and Compression P-boxes

A 5 × 5 P-Box

A 5 × 3 P-Box A 3 × 5 P-Box
An Introduction to Modern Symmetric Encryption Techniques — 82
P-Box(III)
n Straight P-Boxes
n A straight P-Box with n inputs and n outputs is
a permutation.
n There are n! possible mappings.

All 6 possible mappings of a 3 × 3 P-box.

An Introduction to Modern Symmetric Encryption Techniques — 83

P-Box(IV)
n Although a P-box can use a key to define one of
the n! mappings, P-boxes are normally keyless,
which means that the mapping is predetermined.
n If the P-box is implemented in hardware, it is
prewired.
n If it is implemented in software, a permutation
table shows the rule of mapping.
n The entries in the table are the inputs and the
positions of the entries are the outputs

An Introduction to Modern Symmetric Encryption Techniques — 84

P-Box(V)
Example of a permutation table for a straight
P-box

It has 64 entries, corresponding to the 64 inputs.

The position (index) of the entry corresponds to the output.
The first output comes from the 58th input.
The 64th output comes from the 7th input

An Introduction to Modern Symmetric Encryption Techniques — 85

P-Box(VI)
Compression P-Boxes: is a P-box with n inputs and m outputs where m < n.

Some of the inputs are blocked and do not reach the output

Output
Input

Example of a 32 × 24 permutation table

Note that inputs 7, 8, 9, 15, 16, 23, 24. and 25 are blocked.

An Introduction to Modern Symmetric Encryption Techniques — 86

 P-Box(VII)
Expansion P-Boxes : is a P-box with n inputs and m outputs where m > n.

Some of the inputs are connected to more than one input.

We need to know that a permutation table for an expansion P-box
has m entries, but m - n of the entries are repeated

Example of a 12 × 16 permutation table

Note that each of the inputs 1, 3, 9, and 12 is mapped to two outputs.

An Introduction to Modern Symmetric Encryption Techniques — 87

P-Box(VIII)
n Invertibility: A straight P-box is invertible.
n We can use a straight P-box in the encryption
cipher and its inverse in the decryption cipher.
n The permutation tables, however, need to be the
inverses of each other.
n Example: Inverting a permutation table

An Introduction to Modern Symmetric Encryption Techniques — 88

P-Box(IX)
Compression and expansion P-boxes are non-invertible

An Introduction to Modern Symmetric Encryption Techniques — 89

S-Box

An Introduction to Modern Symmetric Encryption Techniques — 90

S-Box (I)
n Substitutions are performed by S-
boxes.
n In this example a 3-bit plaintext is 0
0
0
0 1
entered and a 3-bit ciphertext is output. 0 1 0
0 0 0
n The 3-bit input selects one of the eight 1 0 0
0 1
lines exiting from the first stage and 0 0 0
1
0 0
sets it to 1; all the other lines are 0.
n The second stage is a P-box.
n The third stage encodes the selected
input line in binary again.
n With the wiring shown, if the eight octal
numbers 01234567 were input one
after another, the output sequence
would be 24506713.
An Introduction to Modern Symmetric Encryption Techniques — 91
S-Box (II)
n The input to an S-box could be an n-bit word, but
the output can be an m-bit word, where m and n
are not necessarily the same.
n An S-box can be keyed or keyless, modern block
ciphers normally use keyless S-boxes, where the
mapping from the inputs to the outputs is
predetermined.
n In an S-box with n inputs and m outputs, we call
the inputs x0, x1, ..., xn and the outputs y1, y2,…,
ym

An Introduction to Modern Symmetric Encryption Techniques — 92

S-Box (III)
n The relationship between the inputs and
the outputs can be represented as a set of
equations

An Introduction to Modern Symmetric Encryption Techniques — 93

S-Box (IV)
n Example: The following table defines the input/output relationship for
an S-box of size 3 × 2. The leftmost bit of the input defines the row;
the two rightmost bits of the input define the column. The two output
bits are values on the cross section of the selected row and column.

Based on the table, an input of 010 yields the output 01. An input of 101
yields the output of 00.

An Introduction to Modern Symmetric Encryption Techniques — 94

S-Box (V)
n S-Boxes: Invertibility
n An S-box may or may not be invertible. In
an invertible S-box, the number of input
bits should be the same as the number of
output bits.

An Introduction to Modern Symmetric Encryption Techniques — 95

S-Box (VI)
n Example: in the following Figure
n if the input to the left box is 001, the output is 101.
n The input 101 in the right table creates the output
001, which shows that the two tables are inverses
of each other. So it is invertible.

An Introduction to Modern Symmetric Encryption Techniques — 96

 S-Box (VII)
n Given a 6-bit input, the 4-bit output is found by selecting
the row using the outer two bits (the first and last bits),
and the column using the inner four bits.
n For example, an input "011011" has outer bits "01" and
inner bits "1101"; the corresponding output would be
"1001"

Middle 4 bits of input

S5
0000 0001 0010 0011 0100 0101 0110 0111 1000 1001 1010 1011 1100 1101 1110 1111

00 0010 1100 0100 0001 0111 1010 1011 0110 1000 0101 0011 1111 1101 0000 1110 1001

Oute 01 1110 1011 0010 1100 0100 0111 1101 0001 0101 0000 1111 1010 0011 1001 1000 0110
r bits 10 0100 0010 0001 1011 1010 1101 0111 1000 1111 1001 1100 0101 0110 0011 0000 1110

11 1011 1000 1100 0111 0001 1110 0010 1101 0110 1111 0000 1001 1010 0100 0101 0011

An Introduction to Modern Symmetric Encryption Techniques — 97

Exclusive-Or (XOR)

An Introduction to Modern Symmetric Encryption Techniques — 98

XOR (I)
n An important component in most block
ciphers is the exclusive-or operation.

An Introduction to Modern Symmetric Encryption Techniques — 99

XOR (II)
n The five properties of the XOR operation makes this operation a very
interesting component for use in a block cipher.
n Closure: This property guarantees that the result of exclusive-oring two
n-bit words is another n-bit word.
n Associativity: This property allows us to use more than one exclusive-or
operator in any order.

n Commutativity: This property allows us to swap the inputs without

affecting the output.

n Existence of identity: The identity element for the exclusive-or operation

is an n-bit word that consists of all O's, or (00 ... 0).

n Existence of inverse: each word is the additive inverse of itself.

An Introduction to Modern Symmetric Encryption Techniques — 100

XOR (III)
n the exclusive-or operation is invertible

An Introduction to Modern Symmetric Encryption Techniques — 101

Circular Shift

An Introduction to Modern Symmetric Encryption Techniques — 102

Circular Shift (I)
n Another component found in some modern block ciphers
is the circular shift operation.
n Shifting can be to the left or to the right.
n Shifting to the left: The leftmost k bits are removed from
the left and become the rightmost bits
n Shifting to the right: The rightmost k bits are removed
from the right and become the leftmost bits

An Introduction to Modern Symmetric Encryption Techniques — 103

Circular Shift (II)
n shift operation normally is keyless; the value of k
is fixed and predetermined
n Invertibility:
n A circular left-shift operation is the inverse of the
circular right-shift operation.
n If one is used in the encryption cipher, the other can
be used in the decryption cipher.
n Note that:
n The shifting is modulo n. In other words, if k = 0 or k =
n, there is no shifting.
n If k is larger than n, then the input is shifted k mod n
bits.
An Introduction to Modern Symmetric Encryption Techniques — 104
Swap

An Introduction to Modern Symmetric Encryption Techniques — 105

Swap
n The swap operation is a special case of
the circular shift operation where k = n/2.
n This operation is valid only if n is an even
number

An Introduction to Modern Symmetric Encryption Techniques — 106

Split and Combine

An Introduction to Modern Symmetric Encryption Techniques — 107

Split and Combine (I)
n Two other operations found in some block
ciphers are split and combine.
n The split operation normally splits an n-bit word
in the middle, creating two equal-length words.
n The combine operation normally concatenates
two equal-length words to create an n-bit word.
n These two operations are inverses of each other
and can be used as a pair to cancel each other
out.
n If one is used in the encryption cipher, the other is
used in the decryption cipher.

An Introduction to Modern Symmetric Encryption Techniques — 108

Split and Combine (II)

An Introduction to Modern Symmetric Encryption Techniques — 109