MODULE 1

Elementary cryptosystem:
Symmetric encryption, also referred to as conventional encryption or single-key
encryption, was the only type of encryption in use prior to the development of
public-key encryption in the 1970s. It remains by far the most widely used of the
two types of encryption.

Before beginning, we define some terms.

An original message is known as the plaintext, while the coded message is called
the ciphertext. The process of converting from plaintext to ciphertext is known as
enciphering or encryption; restoring the plaintext from the ciphertext is
deciphering or decryption. The many schemes used for encryption constitute the
area of study known as cryptography. Such a scheme is known as a cryptographic
system or a cipher. Techniques used for deciphering a message without any
knowledge of the enciphering details fall into the area of cryptanalysis.
Cryptanalysis is what the layperson calls "breaking the code." The areas of
cryptography and cryptanalysis together are called cryptology.

Symmetric Cipher Model

A symmetric encryption scheme has five ingredients (Figure 2.1):

Plaintext: This is the original intelligible message or data that is fed into the
algorithm as input.

Encryption algorithm: The encryption algorithm performs various substitutions

and transformations on the plaintext.

Secret key: The secret key is also input to the encryption algorithm. The key is a
value independent of the plaintext and of the algorithm. The algorithm will
produce a different output depending on the specific key being used at the time.
The exact substitutions and transformations performed by the algorithm depend
on the key.

Cipher text: This is the scrambled message produced as output. It depends on

the plaintext and the secret key. For a given message, two different keys will
produce two different cipher texts.The cipher text is an apparently random stream
of data and, as it stands, is unintelligible.

Decryption algorithm: This is essentially the encryption algorithm run in

reverse. It takes the cipher text and the secret key and produces the original
plaintext.
There are two requirements for secure use of conventional encryption:

1. We need a strong encryption algorithm. At a minimum, we would like the

algorithm to be such that an opponent who knows the algorithm and has
access to one or more ciphertexts would be unable to decipher the
ciphertext or figure out the key. This requirement is usually stated in a
stronger form: The opponent should be unable to decrypt ciphertext or
discover the key even if he or she is in possession of a number of
ciphertexts together with the plaintext that produced each ciphertext.

2. Sender and receiver must have obtained copies of the secret key in a secure
fashion and must keep the key secure. If someone can discover the key and
knows the algorithm, all communication using this key is readable. We
assume that it is impractical to decrypt a message on the basis of the
ciphertext plus knowledge of the encryption/decryption algorithm. In other
words, we do not need to keep the algorithm secret; we need to keep only
the key secret. This feature of symmetric encryption is

Let us take a closer look at the essential elements of a symmetric encryption

scheme, using Figure 2.2. A source produces a message in plaintext, X = [X1,
X2, ..., XM]. The M elements of X are letters in some finite alphabet. Traditionally,
the alphabet usually consisted of the 26 capital letters. Nowadays, the binary
alphabet {0, 1} is typically used. For encryption, a key of the form K = [K1, K2, ...,
KJ] is generated. If the key is generated at the message source, then it must also
be provided to the destination by means of some secure channel. Alternatively, a
third party could generate the key and securely deliver it to both source and
destination.

With the message X and the encryption key K as input, the encryption algorithm
forms the ciphertext Y = [Y1, Y2, ..., YN]. We can write this As Y = E(K, X) This
notation indicates that Y is produced by using encryption algorithm E as a function
of the plaintexXt , with the specific function determined by the value of the key K.

The intended receiver, in possession of the key, is able to invert the

transformation:
X = D(K, Y)
An opponent, observing Y but not having access to K or X, may attempt to recover
X or K or both X and K. It is assumed that the opponent knows the encryption (E)
and decryption (D) algorithms. If the opponent is interested in only this particular
message, then the focus of the effort is to recover X by generating a plaintext
estimate . Often, however, the opponent is interested in being able to read future
messages as well, in which case an attempt is made to
recover K by generating an estimate .

Cryptography

Cryptographic systems are characterized along three independent dimensions:

1. The type of operations used for transforming plaintext to

ciphertext. All encryption algorithms are based on two general principles:
substitution, in which each element in the plaintext (bit, letter, group of bits
or letters) is mapped into another element, and transposition, in which
elements in the plaintext are rearranged. The fundamental requirement is
that no information be lost (that is, that all operations are reversible). Most
systems, referred to as product systems, involve multiple stages of
substitutions and transpositions.

2. The number of keys used. If both sender and receiver use the same key,
the system is referred to as symmetric, single-key, secret-key, or
conventional encryption. If the sender and receiver use different keys, the
system is referred to as asymmetric, two-key, or public-key encryption.

3. The way in which the plaintext is processed. A block cipher processes

the input one block of elements at a time, producing an output block for
each input block. A stream cipher processes the input elements
continuously, producing output one element at a time, as it goes along.

Cryptanalysis

Typically, the objective of attacking an encryption system is to recover the key in

use rather then simply to recover the plaintext of a single ciphertext.

There are two general approaches to attacking a conventional encryption scheme:

Cryptanalysis: Cryptanalytic attacks rely on the nature of the algorithm plus

perhaps some knowledge of the general characteristics of the plaintext or even
some sample plaintext-ciphertext pairs. This type of attack exploits the
characteristics of the algorithm to attempt to deduce a specific plaintext or to
deduce the key being used.

Brute-force attack: The attacker tries every possible key on a piece of

ciphertext until an intelligible translation into plaintext is obtained. On average,
half of all possible keys must be tried to achieve success. If either type of attack
succeeds in deducing the key, the effect is catastrophic: All future and past
messages encrypted with that key are compromised.

Table below summarizes the various types of cryptanalytic attacks, based on the
amount of information known to the cryptanalyst. The most difficult problem is
presented when all that is available is the cipher text only. In some cases, not
even the encryption algorithm is known, but in general we can assume that the
opponent does know the algorithm used for encryption. One possible attack under
these circumstances is the brute-force approach of trying all possible keys. If the
key space is very large, this becomes impractical. Thus, the opponent must rely
on an analysis of the cipher text itself, generally applying various statistical tests
to it.

Substitution Techniques:

In this section we examine a sampling of what might be called classical encryption

techniques. A study of these techniques enables us to illustrate the basic
approaches to symmetric encryption used today and the types of cryptanalytic
attacks that must be anticipated. The two basic building blocks of all encryption
techniques are substitution and transposition. We examine these in the next
sections. Finally, we discuss a system that combines both substitution and
transposition. A substitution technique is one in which the letters of plaintext are
replaced by other letters or by numbers or symbols. If the plaintext is viewed as a
sequence of bits, then substitution involves replacing plaintext bit patterns with
ciphertext bit patterns

Caesar Cipher

The earliest known use of a substitution cipher, and the simplest, was by Julius
Caesar. The Caesar cipher involves replacing each letter of the alphabet with the
letter standing three places further down the alphabet. For example,

plain: meet me after the toga party

Cipher: PHHW PH DIWHU WKH WRJD SDUWB

Then the algorithm can be expressed as follows. For each plaintext letter p,
substitute the ciphertext letter C:

C = E(3, p) = (p + 3) mod 26
A shift may be of any amount, so that the general Caesar algorithm is
C = E(k, p) = (p + k) mod 26
where k takes on a value in the range 1 to 25. The decryption algorithm is simply
p = D(k, C) = (C k) mod 26

If it is known that a given ciphertext is a Caesar cipher, then a brute-force

cryptanalysis is easily performed: Simply try all the 25 possible keys. Figure 2.3
shows the results of applying this strategy to the example ciphertext.
Three important characteristics of this problem enabled us to use a brute-force
cryptanalysis:

1. The encryption and decryption algorithms are known.

2. There are only 25 keys to try.
3. The language of the plaintext is known and easily recognizable.

Monoalpabetic ciphers

With only 25 possible keys in generalised Caesar cipher, cryptanalysis is easy,

hence insecure. Increase in the key space can be achieved by allowing an arbitrary
substitution.

A permutation of a finite set of elements S is an ordered sequence of all the

elements of S, with each element appearing exactly once. For example, if S = {a, b, c}, there are six
permutations of S: abc, acb, bac, bca, cab, cba

There are n! permutations of a Set of n elements

In generalised Caeser cipher the number of possible key is 25. If, instead, the cipher= line can be any
permutation of the 26 alphabetic characters, then there are 26! or greater than 4 * 1026 possible keys.

Such an approach is referred to as a monoalphabetic substitution cipher, because a single cipher

alphabet (mapping from plain alphabet to cipher alphabet) is used per message.

Cryptanalysis scope on Monoalphabetic cipher : If the cryptanalyst knows the nature of the plaintext
(e.g., non-compressed English text), then the analyst can exploit the
regularities of the language.

Vigenere Cipher
Vigenere Cipher is a method of encrypting alphabetic text. It uses a simple form of polyalphabetic
substitution. A polyalphabetic cipher is any cipher based on substitution, using multiple substitution
alphabets. The encryption of the original text is done using theVigenère square or Vigenère table.

• The table consists of the alphabets written out 26 times in different rows, each alphabet shifted
cyclically to the left compared to the previous alphabet, corresponding to the 26 possible.Caesar
Ciphers
• At different points in the encryption process, the cipher uses a different alphabet from one of the
rows.
• The alphabet used at each point depends on a repeating keyword.
Example:
Input : Plaintext : GEEKSFORGEEKS
Keyword : AYUSH
Output : Ciphertext : GCYCZFMLYLEIM
For generating key, the given keyword is repeated in a circular manner until it matches the length of
the plain text. The keyword "AYUSH" generates the key "AYUSHAYUSHAYU" The plain text is then
encrypted using the process explained below.

One-time pad cipher

One-time pad cipher is a type of Vignere cipher which includes the following features −

•It is an unbreakable cipher.

•The key is exactly same as the length of message which is encrypted.
•The key is made up of random symbols.
•As the name suggests, key is used one time only and never used again for any other message to
be encrypted.
Due to this, encrypted message will be vulnerable to attack for a cryptanalyst. The key used for a one-
time pad cipher is calledpad, as it is printed on pads of paper.

Why is it Unbreakable?
The key is unbreakable owing to the following features −
•The key is as long as the given message.
•The key is truly random and specially auto-generated.
•Key and plain text calculated as modulo 10/26/2.
•Each key should be used once and destroyed by both sender and receiver.
•There should be two copies of key: one with the sender and other with the receiver.
Playfair cipher : In Playfair cipher, two consecutive letters in the plaintext, called digrams, are
taken at a time and translated into cipher text digrams.