ICE-4103: Information, Network

and Software Security

Classical Encryption Techniques

Dr. Mosabber Uddin Ahmed

 Some Basic Terminology
• plaintext - original message
• ciphertext - coded message
• cipher - algorithm for transforming plaintext to ciphertext
• key - info used in cipher known only to sender/receiver
• encipher (encrypt) - converting plaintext to ciphertext
• decipher (decrypt) - recovering ciphertext from plaintext
• cryptography - study of encryption principles/methods
• cryptanalysis (codebreaking) - study of principles/ methods
of deciphering ciphertext without knowing key
• cryptology - field of both cryptography and cryptanalysis

Cryptography
• can characterize cryptographic system by:
– type of encryption operations used
• Substitution: replace one element in plaintext with
another
• Transposition: re-arrange elements
• Product systems: multiple stages of substitutions and
transpositions
– number of keys used
• single-key or private or symmetric
 • two-key or public or asymmetric
– way in which plaintext is processed
• Block cipher: process one block of elements at a time
• Stream cipher: process input elements continuously

Symmetric Encryption
• or conventional / private-key / single-key
• sender and recipient share a common key
• all classical encryption algorithms are
privatekey
• was only type prior to invention of public-key
in 1970’s
• and by far most widely used
Symmetric Cipher Model
 Requirements and Assumptions
• two requirements for secure use of symmetric
encryption:
– a strong encryption algorithm
– a secret key known only to sender / receiver
• mathematically have:
Y = E(K, X)
X = D(K, Y)
Assumptions:
• assume encryption algorithm is known
• implies a secure channel to distribute key
If either succeed all key use compromised
 Classical Substitution Ciphers
• where letters of plaintext are replaced by
other letters or by numbers or symbols
• or if plaintext is viewed as a sequence of bits,
then substitution involves replacing plaintext
bit patterns with ciphertext bit patterns
 Monoalphabetic Cipher Security
• now have a total of 26! = 4 x 1026 keys • with
so many keys, might think is secure
• but would be !!!WRONG!!!
• problem is language characteristics
 Language Redundancy and
Cryptanalysis
➢ human languages are redundant
➢ letters are not equally commonly used
➢ in English E is by far the most common letter
⚫ followed by T,R,N,I,O,A,S
➢ other letters like Z,J,K,Q,X are fairly rare
➢ have tables of single, double & triple letter
frequencies for various languages
English Letter Frequencies
 Use in Cryptanalysis
• key concept - monoalphabetic substitution ciphers
do not change relative letter frequencies
• discovered by Arabian scientists in 9th century
• calculate letter frequencies for ciphertext
• compare counts/plots against known values
• if caesar cipher look for common peaks/troughs
– peaks at: A-E-I triple, NO pair, RST triple
– troughs at: JK, X-Z
• for monoalphabetic must identify each letter
– tables of common double/triple letters help
 Example Cryptanalysis
• given ciphertext:
UZQSOVUOHXMOPVGPOZPEVSGZWSZOPFPESXUDBMETSXAIZ
VUEPHZHMDZSHZOWSFPAPPDTSVPQUZWYMXUZUHSX
EPYEPOPDZSZUFPOMBZWPFUPZHMDJUDTMOHMQ

• count relative letter frequencies (see text)

• guess P & Z are e and t
• guess ZW is th and hence ZWP is the
• proceeding with trial and error finally get:
it was disclosed yesterday that several informal but
direct contacts have been made with political
representatives of the viet cong in moscow
 Playfair Cipher
➢not even the large number of keys in a
monoalphabetic cipher provides security
➢one approach to improving security was to
encrypt multiple letters
➢the Playfair Cipher is an example
➢invented by Charles Wheatstone in 1854, but
named after his friend Baron Playfair
 Playfair Key Matrix
➢a 5X5 matrix of letters based on a keyword
➢fill in letters of keyword (sans duplicates)
➢fill rest of matrix with other letters
➢Special: Treat I and J as same letter
➢eg. using the keyword MONARCHY
M O N A R

C H Y B D

E F G I/J K
 L P Q S T

U V W X Z

Encrypting and Decrypting

1. Operate on pair of letters (digram) at a time
2. Special: if digram with same letters, separate
by special letter (e.g. x)
3. Plaintext in same row: replace with letters to
right
4. Plaintext in same column: replace with letters
below
5. Else, replace by letter in same row as it and
same column as other plaintext letter
Security of Playfair Cipher
➢ security much improved over monoalphabetic
➢ since have 26 x 26 = 676 digrams
➢ would need a 676 entry frequency table to analyse
(verses 26 for a monoalphabetic)
➢ and correspondingly more ciphertext
 ➢ was widely used for many years
⚫ eg. by US & British military in WW1
➢ it can be broken, given a few hundred letters
➢ since still has much of plaintext structure

Polyalphabetic Ciphers
➢ polyalphabetic substitution ciphers
➢ improve security using multiple cipher alphabets
➢ make cryptanalysis harder with more alphabets to guess
and flatter frequency distribution
➢ use a key to select which alphabet is used for each letter of
the message
➢ use each alphabet in turn
➢ repeat from start after end of key is reached ➢ Examples:
• Vigenere cipher
• Vernam cipher (see textbook)
• One time pad

Vigenère Cipher
• simplest polyalphabetic substitution cipher
• effectively multiple caesar ciphers
• key is multiple letters long K = k1 k2 ... kd
• ith letter specifies ith alphabet to use
• use each alphabet in turn
• repeat from start after d letters in message
• decryption simply works in reverse
Example of Vigenère Cipher
➢ write the plaintext out
➢ write the keyword repeated above it
➢ use each key letter as a caesar cipher key
➢ encrypt the corresponding plaintext letter
➢ eg using keyword deceptive key:
deceptivedeceptivedeceptive plaintext:
 wearediscoveredsaveyourself
ciphertext:ZICVTWQNGRZGVTWAVZHCQYGLMGJ

Security of Vigenère Ciphers

• have multiple ciphertext letters for each
plaintext letter
• hence letter frequencies are obscured
• but not totally lost
• start with letter frequencies
– see if look monoalphabetic or not
• if not, then need to determine number of
alphabets, since then can attach each
Autokey Cipher
• ideally want a key as long as the message
• Vigenère proposed the autokey cipher
• with keyword is prefixed to message as key
• knowing keyword can recover the first few letters
• use these in turn on the rest of the message
• but still have frequency characteristics to attack
• eg. given key deceptive
 key: deceptivewearediscoveredsav
plaintext: wearediscoveredsaveyourself
ciphertext:ZICVTWQNGKZEIIGASXSTSLVVWLA

Vernam Cipher
➢ultimate defense is to use a key as long as the
plaintext
➢with no statistical relationship to it
➢invented by AT&T engineer Gilbert Vernam in
1918
➢originally proposed using a very long but
eventually repeating key
 One-Time Pad
• if a truly random key as long as the message is used,
the cipher will be secure
• called a One-Time pad
• is unbreakable since ciphertext bears no statistical
relationship to the plaintext
• since for any plaintext & any ciphertext there exists a
key mapping one to other
• can only use the key once though
• problems in generation & safe distribution of key
 Transposition Ciphers
➢now consider classical transposition or
permutation ciphers
➢these hide the message by rearranging the
letter order
➢without altering the actual letters used
➢can recognise these since have the same
frequency distribution as the original text
 Rail Fence cipher
• write message letters out diagonally
over a number of rows
• then read off cipher row by row • eg.
write message out as:
m e m a t r h t g p r y
e t e f e t e o a a t

• giving ciphertext
MEMATRHTGPRYETEFETEOAAT

Row Transposition Ciphers

➢is a more complex transposition
➢write letters of message out in rows over a
specified number of columns
➢then reorder the columns according to some
key before reading off the rows
Key: 4312567
Column Out 4 3 1 2 5 6 7
Plaintext: a t t a c k p
o s t p o n e d
u n t i l t
w o a m x y z
Ciphertext: TTNAAPTMTSUOAODWCOIXKNLYPETZ

Product Ciphers
• ciphers using substitutions or transpositions are not
secure because of language characteristics
• hence consider using several ciphers in succession to
make harder, but:
– two substitutions make a more complex substitution
– two transpositions make more complex transposition
– but a substitution followed by a transposition makes a
new much harder cipher
• this is bridge from classical to modern ciphers

Rotor Machines
• before modern ciphers, rotor machines were most
common complex ciphers in use
• widely used in WW2
– German Enigma, Allied Hagelin, Japanese Purple
• implemented a very complex, varying substitution
cipher
• used a series of cylinders, each giving one
substitution, which rotated and changed after each
letter was encrypted
• with 3 cylinders have 263=17576 alphabets
Hagelin Rotor Machine
Rotor Machine Principles
 Summary
• have considered:
– classical cipher techniques and
terminology
– monoalphabetic substitution ciphers
– cryptanalysis using letter frequencies
– Playfair cipher
– polyalphabetic ciphers
– transposition ciphers
– product ciphers and rotor machines
– stenography