INS Unit - 4 1
INS Unit - 4 1
CRYPTOGRAPHY
Introduction
The science of encryption known as cryptology contains
cryptography and cryptanalysis
Cryptography comes from the Greek words Kryptos meaning
“hidden” and Graphein meaning “to write”
Is the process of making and using codes to secure the transmission
of information
Plaintext (clear text) – Original message
Cipertext ( cryptogram) – Encrypted message
Encryption ( encipher) is the process of converting an original
message into form that is unreadable to unauthorized individuals
Decryption ( decipher) is the process of converting the ciphertext
message back into plaintext so that it can be readily understood
Cryptanalysis is the process of obtaining the plaintext from
ciphertext without knowing the algorithms and keys used to
perform the encryption
Can protect sensitive information using cryptography
History of cryptology
◦ 1900 B.C first documented use of written cryptography
◦ Today all the popular web browsers use built-in encryption
features to enable secure e-commerce, such as online banking
and web shopping
Terminology
Elements of cryptosystems-Cipher methods
Cryptographic techniques are known as ciphers
2 methods of encrypting plaintext
◦ The bit stream method
◦ Each bit in the plaintext is transformed into a cipher bit one bit at
a time
◦ The block cipher method
◦ The message is divided into blocks ( 8,16,32 or 64-bit)
◦ Each block of plaintext bits is transformed into an encrypted
block of cipher bits using an algorithm and a key
Substitution Cipher
Block cipher method
Substitute one value for another
Ex : A letter in the alphabet with the letter 3 values to the right or 4
places to its left
3-char substitution to the right
Also called as caesar cipher
Ex :
Initial alphabet :abcdefghijklmnopqrstuvwxyz
Encryption alphabet : d e f g h i j k l m n o p q r s t u v w x y z a b c
Ex :
Plaintext : mom
Ciphertext : prp
This type of substitution is based on a monoalphabetic substitution
Uses one alphabet
Polyalphabetic substitutions
◦ More advanced
◦ Uses 2 or more alphabets
Ex :
Plaintext : TEXT
Substitute a letter from the second row for the first letter T,letter
from the 3rd row for the second letter E and so on
Ciphertext is WKGF
Adv :
◦ Difficult to decipher even if the letter is repeated
◦ Difficult to decipher when one doesn’t have the algorithm (the
rows of ciphers) and the key (method used ex. First letter second
row etc)
For more complex operation can randomize the cipher rows
An advanced type of substitution cipher that uses a simple
polyalphabetic code is the Vigenere cipher
Vigenere square is used to get the cipher
Vigenere square is made up of 26 distinct cipher alphabets
In the header row the alphabet is written in its normal order
In each subsequent row the alphabet is shifted one letter to the right
until a 26*26 block of letters is formed
There are number of ways to use the vigenere square
1) For encryption first letter of plaintext substiute from first row and
so on
Ex. SECURITY will become TGFYWOAG
2) This is the more sophisticated way
◦ Use a keyword to represent the shift
◦ Begin by writing a keyword above the plaintext message
Ex :
Keyword : I N D I A I N D I A I N D I A I N
Plain Text :N E W H O R I Z O N C O L L E G E
Now use the keyword letter and the message(plain text) letter in
combination. Then look into vigenere square fist column and then
row to get the alphabet
Keyword letter – locate the column
message letter - find the row
Then look for the letter at their intersection.
Ex. I and N is V
Ciphertext : VRZPOZVCWNKBOTEOR
Weakness : Any keyword or message letter combination containing
an A row or or column reproduces the plaintext message letter
To minimize this avoid choosing a keyword that contains the letter
A
Transposition Cipher
Block cipher method
Also called as permutation cipher
Simply rearranges the values within a block to create the ciphertext
Can be done at the bit level or at the byte( character ) level
Ex.
Key pattern : 1->4, 2->8, 3->1, 4->5, 5->7, 6->2, 7->6, 8->3
Bit or byte (char) in position 1 moves to position 4 and so on
Ex.
Plaintext message : 00100101011010111001010101010100
Divide the plain text message into 8-bit blocks
Julius caesar also was associated with an early version of the
transposition cipher called caeser block cipher
In caeser block cipher the recipient uses the square
Ex. If message <=25 characters then use 5*5 square then fill the
slots from L->R top to bottom.
Then read the message from the opposite direction i.e, top to bottom
L->R
Ex. Plaintext : NEW_HORIZON_COLLEGE
N E W _ H
O R I Z O
N _ C O L
L E G E _
_ _ _ _ _
Ciphertext : NONL_ER_E_WICG_ _ZOE_HOL_ _
Decryption :
N O N L _
E R _ E _
W I C G _
_ Z O E _
H O L _ _
Plaintext : NEW_HORIZON_COLLEGE
Larger block size (64 or 128 bits) more complex and stronger
encryption
Exclusive OR (XOR)
Bit stream method
Two bits are identical then the result is 0 else 1
Used where security is not a requirement
Simple to implement and simple to break
Use it with other encryption method
In order to encrypt the plain text a key value should be selected
And the key value is repeated for each character to be encrypted
Ex. Plain text CAT
Binary equivalent of CAT is 01000011 01000001 01010100
ASCII value of C is 67 A is 65 T is 84
If key value is B ( Ascii value is 66 so binary equivalent is
01000010)
CAT as bits : 01000011 01000001 01010100
BBB as key : 01000010 01000010 01000010
Cipher : 00000001 00000011 00010110
This is decrypted using the key value of “B” at the receiver side
Vernam cipher
Also known as one-time pad
Uses a set of characters only one time for each encryption process
Write the position value of each letter in the plain text
Write the position value of each letter in the one-time pad text
These two are added
If the sum exceeds 26 (should be within the range 1to 26) then 26 is
subtracted from the total
Called as modulo-26
The resulting sum for the char is then converted to a ciphertext
letter for transmission
Ex.
Plain text : N E W H O R I Z O N
Plain text value : 14 05 23 08 15 18 09 26 15 14
One-time pad text : A Z P Y X T S F Y O
One-time pad value: 01 26 16 25 24 20 19 06 25 15
_______________________________________________________
Sum of Plain text 15 31 39 33 39 38 28 32 40 29
and pad :
After modulo 26
Subtraction : 05 13 07 13 12 02 06 14 03
Ciphertext : O E M G M L B F N C
For decryption one must know the one time pad value
Instead of add subtract the pad value from the place value of the
ciphertext.if its not in the range 1-26 ( i.e, -ve) then add 26 to it
Ex.
Cipher text : O E M G M L B F N C
Place value : 15 05 13 07 13 12 02 06 14 03
One-time pad text : A Z P Y X T S F Y O
One-time pad value: 01 26 16 25 24 20 19 06 25 15
_______________________________________________________
Subtraction 14 -21 -03 -18 -11 -08 -17 0 -11 -12
After modulo 26
Addition : 05 23 08 15 18 09 26 15 14
Plain text : N E W H O R I Z O N
Book or Running Cipher
Text in a book is used as a key to decrypt a message
The ciphertext consists of a list of codes representing the page
no,line no and word no of the plain text word
Ex. 259,19,8 ; 22,3,8 ; 17,16,2
Any book can be used
Dictionaries, thesauruses are mostly used as they contain almost any
word that might be needed
For complexity can use multiple books
To decrypt receiver should know the book name
Hash functions
Hash functions are mathematical algorithms that generate a message
summary or digest (called as fingerprint) to confirm the identity of a
specific message and to confirm that there have not been any
changes to the content
Do not create a ciphertext
Confirms message identity and integrity
Used in e-commerce
Hash algorithms are public functions that create a hash value, also
known as message digest by converting variable-length messages
into a single fixed-length value
The message digest is a fingerprint of the author’s message that is
compared with the recipient’s locally calculated hash of the same
message
After comparing, if both hashes are identical after transmission, the
message has arrived without modification
One-way operation. Same message always provides the same hash
value but the hash value itself cannot be used to determine the
contents of the message
Hashing functions do not require the use of keys
Can attach Message Authentication Code(MAC) to the hashing
function which allows only specific recipients to access the message
digest
Because hash functions are one-way, they are used in password
verification systems to confirm the identity of the user by
comparing the hash value based on the user’s password input and
the stored value
The Secure Hash Standard (SHS) is a standard issued by the
National Institute of Standards and Technology
SHA-1 ( Secure Hash Algorithm 1)
Secure algorithm for computing a condensed representation of a
message or data file
Produces a 160-bit message digest, which can be used as an input to
a digital signature algorithm
New hash algorithms
◦ SHA-256 is 128 bits
◦ SHA-384 is 192 bits
◦ SHA-512 is 256 bits
If attackers gain access to a file of hashed passwords, they can use a
combination of brute force and dictionary attacks to reveal user
passwords
Rainbow cracking is a attack method which uses rainbow table
which is a database of pre computed hashes from sequentially
calculated passwords
The rainbow cracker simply looks up the hashed password and
reads out the text version
No brute force required
This type of attack is classified as time-memory tradeoff attack
To defend against this type of attack, password hash salting
approach can be used
Salting is the process of providing a non-secret, random piece of
data to the hashing function when the hash is first calculated
Cryptographic Algorithms
Grouped into two broad categories :
◦ Symmetric encryption
◦ Asymmetric encryption
Symmetric Encryption
Also called as private key encryption
Require the same secret key to encrypt and decrypt the message
Symmetric encryption methods use mathematical operations that
can be programmed into extremely fast computing algorithms so
that the encryption and decryption processes are executed quickly
by even small computers