Information Security

Dr. Irfan Yousuf

Department of Computer Science (New Campus)
UET, Lahore
(Week 3: September 16 - 20, 2024 )
Outline
• Cryptography Basics
• Symmetric Cryptography:
• Substitution Techniques
Basic Definitions
• Cryptography: The science and practice of secure communication
techniques that protect information by transforming it into an
unreadable format (ciphertext) and back into its original form
(plaintext).

• Plaintext: The original, readable message or data that you want to

protect using cryptography.

• Ciphertext: The encrypted form of the plaintext, which is generated

using an encryption algorithm. It appears as a random or unreadable
sequence of characters.
Basic Definitions
• Encryption: The process of converting plaintext into ciphertext
using an encryption algorithm and a cryptographic key.

• Decryption: The process of converting ciphertext back into

plaintext using a decryption algorithm and the appropriate
cryptographic key.

• Key: A secret piece of information used in encryption and

decryption processes. Keys are essential for ensuring the security of
the cryptographic system.
Basic Definitions
Basic Definitions
• Symmetric Encryption: A type of encryption where the same key
is used for both encryption and decryption. It is faster but requires
secure key distribution.
Basic Definitions
• Asymmetric Encryption (Public-Key Encryption): A type of
encryption where two different keys, a public key for encryption and
a private key for decryption, are used. It facilitates secure
communication and digital signatures.
Basic Definitions
• Cryptographic Algorithm: A set of mathematical rules and
procedures used in encryption and decryption processes.

• Key Length: The size or number of bits in a cryptographic key,

which determines the strength of the encryption. Longer keys
generally provide higher security.

• Cryptanalysis: The science of analyzing and breaking

cryptographic systems to reveal the plaintext without knowledge of
the key. Cryptanalysts are attackers attempting to compromise
security.
Provable Security
•There is no such thing as a provably secure system.
•Proof of unbreakable encryption does not prove the
system is secure.
•The only provably secure encryption is the one time
pad: C = P + K, where K is as long as P and never
reused.
•Systems are believed secure only when many people
try and fail to break them.
Classical Cryptography
•Classical cryptography is based on the mathematics,
and it relies on the computational difficulty of
factorizing large number.

•The security of classical cryptography is based on the

high complexity of the mathematical problem for the
instance factorization of large number.
Classical Cryptography
•It has two building blocks

• Transposition Cipher
• Substitution Cipher
Transposition Cipher
•Transposition Cipher technique rearranges the
position of the plain text’s characters.

• In transposition Cipher Technique, the position of the

character is changed but character’s identity is not
changed.

•Transposition cipher is a type of encryption technique

where the positions of the letters in the plaintext
message are rearranged to form a ciphertext message.
Transposition Cipher
•Transposition technique is an encryption method
which is achieved by performing permutation over
the plain text.

•Mapping plain text into cipher text using

transposition technique is called transposition cipher.
Transposition Cipher: Rail Fence

• Write plaintext in two rows

• Generate ciphertext in column order

• Example: “HELLOWORLD”

HLOOL
ELWRD
ciphertext: HLOOLELWRD
Problem: does not affect the frequency of individual symbols
Transposition Cipher: rail fence

• Plain Text: meet me tomorrow

• Ciphertext:

• First Row: m e m t m r o
• Second Row: e t e o o r w
• CipherText: M E M T M R O E T E O O R W
Transposition Cipher: Columnar Transposition
•The columnar transposition cipher is more complex
as compared to the rail fence.
•Step 1: The plain text is written in the rectangular
matrix of the initially defined size in a row-by-row
pattern.
•Step 2: To obtain the cipher text read the text written
in a rectangular matrix column by column.
Transposition Cipher: Columnar Transposition
•Plain text: meet tomorrow

•Cipher Text: EORTOWMTREMO

Transposition Cipher: Columnar Transposition
Technique with Multiple Rounds
•It is similar to the basic columnar technique but is
introduced with an improvement. The basic columnar
technique is performed over the plain text but more
than once.
Substitution Cipher
•A substitution technique is one in which the letters of
plaintext are replaced by other letters or by numbers
or symbols.
•Ceaser cipher
•Playfair cipher
•Vigenere cipher
•One Time Pad Cipher
Playfair Cipher
•In playfair cipher unlike traditional cipher we encrypt
a pair of alphabets(digraphs) instead of a single
alphabet.
Playfair Cipher: Encryption Algorithm
•Step 1: Generate the key Square(5×5)
•The key square is a 5×5 grid of alphabets that acts as
the key for encrypting the plaintext. Each of the 25
alphabets must be unique and one letter of the
alphabet (usually J) is omitted from the table (as the
table can hold only 25 alphabets). If the plaintext
contains J, then it is replaced by I.

•The initial alphabets in the key square are the

unique alphabets of the key in the order in which
they appear followed by the remaining letters of the
alphabet in order.
Playfair Cipher: Encryption Algorithm
•Key: Computer
Playfair Cipher: Encryption Algorithm
•Key: Athens
Playfair Cipher: Encryption Algorithm
•Step 2: Algorithm to encrypt the plain text:

•The plaintext is split into pairs of two letters

(digraphs). If there is an odd number of letters, a Z is
added to the last letter.

•PlainText: "instruments"
•After Split: 'in' 'st' 'ru' 'me' 'nt' 'sz'
Playfair Cipher: Digraphs Rule
•Pair cannot be made with same letter. Break the letter
in single and add a bogus letter to the previous letter.
• Plain Text: “hello”
• After Split: ‘he’ ‘lx’ ‘lo’
• Here ‘x’ is the bogus letter.
•If the letter is standing alone in the process of pairing,
then add an extra bogus letter with the alone letter
• Plain Text: “helloe”
• After Split: ‘he’ ‘lx’ ‘lo’ ‘ez’
• Here ‘z’ is the bogus letter.
Playfair Cipher: Encryption Rule
•If both the letters are in the same column: Take the
letter below each one (going back to the top if at the
bottom).
Digraph: "me"
Encrypted Text: cl
Encryption:
m -> c
e -> l
Playfair Cipher: Encryption Rule
•If both the letters are in the same row: Take the letter
to the right of each one (going back to the leftmost if
at the rightmost position).

Digraph: "st"
Encrypted Text: tl
Encryption:
s -> t
t -> l
Playfair Cipher: Encryption Rule
•If neither of the above rules is true: Form a rectangle
with the two letters and take the letters on the
horizontal opposite corner of the rectangle.
Digraph: "nt"
Encrypted Text: rq
Encryption:
n -> r
t -> q
Playfair Cipher: Example
•Plain Text: "instruments“
•Key: Monarchy
•Cipher text: gatlmzclrqtx
Playfair Cipher: Exercise
•Plain Text: Communicate
•Key: Computer
•Cipher text: ?
Vigenere cipher

•Idea: Uses Caesar's cipher with various different

shifts, in order to hide the distribution of the letters.
•A key defines the shift used in each letter in the text
•A key word is repeated as many times as required to
become the same length.

Plain text: I a t t a c k
Key: 2342342 (key is “234”)
Cipher text: K d x v d g m
Vigenere cipher

•The Vigenère cipher uses a 26×26 table with A to Z as

the row heading and column heading.
• This table is usually referred to as the Vigenère
Tableau, Vigenère Table or Vigenère Square.
Vigenere cipher
Vigenere cipher

•In addition to the plaintext, the Vigenère cipher also

requires a keyword, which is repeated so that the
total length is equal to that of the plaintext.

•For example, suppose the plaintext is MICHIGAN

TECHNOLOGICAL UNIVERSITY and the keyword is
HOUGHTON. Then, the keyword must be repeated as
follows:
Vigenere cipher

•To encrypt, pick a letter in the plaintext and its

corresponding letter in the keyword, use the
keyword letter and the plaintext letter as the row
index and column index, respectively,
Vigenere cipher
Vigenere cipher
Vigenere cipher
Vigenere Cipher Calculator
•If the Vigenere table is not available or accessible,
then encryption and decryption processes can be
carried out using the Vigenere algebraic formula.
•For this method to work, the alphabets have to be
converted into numbers (0-25).
Vigenere Cipher Calculator

•Plain Text: Cyber Security

•Key: Best
Vigenere Cipher Calculator

•Plain Text: Cyber Security

•Key: Best
Vigenere Cipher: Exercise

•Plain Text: Information

•Key: Worst
One Time Pad
One Time Pad
One Time Pad
One Time Pad
Binary One Time Pad
It represents the message as a sequence of 0s and 1s. this can
be accomplished by writing all numbers in binary, for
example, or by using ASCII.
The key is a random sequence of 0‟s and 1‟s of same length
as the message.
Binary One Time Pad
Binary One Time Pad

hello world = 01101000 01100101 01101100 01101100

01101111 00100000 01110111 01101111 01110010 01100100

I not know = 01001001 00100000 01101110 01101111

01110100 00100000 01101011 01101110 01101111 01110111

Ciphertext = 00100001 01000101 00000010 00000011

00011011 00000000 00011100 00000001 00011101 00010011
Cryptographic Attacks
• Brute Force Attack: In a brute force attack, an attacker tries every
possible key combination until the correct key is found. It's a time-
consuming method that becomes increasingly difficult as the key
length increases.

• Dictionary Attack: In a dictionary attack, an attacker uses a list of

common words or phrases to guess a password or cryptographic key.
This is effective against weak or easily guessable passwords.
Cryptographic Attacks
• Known-Plaintext Attack: In a known-plaintext attack, the attacker
has access to both the plaintext and corresponding ciphertext. They
analyze this information to deduce the encryption key.

• Chosen-Plaintext Attack: In a chosen-plaintext attack, the attacker

can choose specific plaintexts and obtain the corresponding
ciphertexts. This helps the attacker learn more about the encryption
algorithm and potentially discover the key.
Cryptographic Attacks
• Chosen-Ciphertext Attack: In a chosen-ciphertext attack, the
attacker can choose specific ciphertexts and obtain the
corresponding plaintexts. This can be used to gain information about
the decryption process and potentially recover the key.

• Man-in-the-Middle (MitM) Attack: In a MitM attack, an attacker

intercepts and possibly alters communication between two parties
without their knowledge. This can lead to the compromise of
cryptographic keys or sensitive information.
Cryptographic Attacks
• Differential Cryptanalysis: Differential cryptanalysis is a
technique that analyzes the differences between pairs of plaintext-
ciphertext pairs to deduce key information. It's used to find
vulnerabilities in encryption algorithms.

• Linear Cryptanalysis: Linear cryptanalysis is a statistical technique

used to analyze the linear relationships between plaintext, ciphertext,
and key bits to discover weaknesses in encryption algorithms.
Summary
• Symmetric cryptography