UNIT-IV

CRYPTOGRAPHY
Introduction
 The science of encryption known as cryptology contains
cryptography and cryptanalysis
 Cryptography comes from the Greek words Kryptos meaning
“hidden” and Graphein meaning “to write”
 Is the process of making and using codes to secure the transmission
of information
 Plaintext (clear text) – Original message
 Cipertext ( cryptogram) – Encrypted message
 Encryption ( encipher) is the process of converting an original
message into form that is unreadable to unauthorized individuals
 Decryption ( decipher) is the process of converting the ciphertext
message back into plaintext so that it can be readily understood
 Cryptanalysis is the process of obtaining the plaintext from
ciphertext without knowing the algorithms and keys used to
perform the encryption
 Can protect sensitive information using cryptography
 History of cryptology
◦ 1900 B.C first documented use of written cryptography
◦ Today all the popular web browsers use built-in encryption
features to enable secure e-commerce, such as online banking
and web shopping
Terminology
Elements of cryptosystems-Cipher methods
 Cryptographic techniques are known as ciphers
 2 methods of encrypting plaintext
◦ The bit stream method
◦ Each bit in the plaintext is transformed into a cipher bit one bit at
a time
◦ The block cipher method
◦ The message is divided into blocks ( 8,16,32 or 64-bit)
◦ Each block of plaintext bits is transformed into an encrypted
block of cipher bits using an algorithm and a key
Substitution Cipher
 Block cipher method
 Substitute one value for another
 Ex : A letter in the alphabet with the letter 3 values to the right or 4
places to its left
 3-char substitution to the right
 Also called as caesar cipher
 Ex :
Initial alphabet :abcdefghijklmnopqrstuvwxyz
Encryption alphabet : d e f g h i j k l m n o p q r s t u v w x y z a b c

Ex :
Plaintext : mom
Ciphertext : prp
 This type of substitution is based on a monoalphabetic substitution
 Uses one alphabet
 Polyalphabetic substitutions
◦ More advanced
◦ Uses 2 or more alphabets
 Ex :
 Plaintext : TEXT
 Substitute a letter from the second row for the first letter T,letter
from the 3rd row for the second letter E and so on
 Ciphertext is WKGF
 Adv :
◦ Difficult to decipher even if the letter is repeated
◦ Difficult to decipher when one doesn’t have the algorithm (the
rows of ciphers) and the key (method used ex. First letter second
row etc)
 For more complex operation can randomize the cipher rows
 An advanced type of substitution cipher that uses a simple
polyalphabetic code is the Vigenere cipher
 Vigenere square is used to get the cipher
 Vigenere square is made up of 26 distinct cipher alphabets
 In the header row the alphabet is written in its normal order
 In each subsequent row the alphabet is shifted one letter to the right
until a 26*26 block of letters is formed
 There are number of ways to use the vigenere square
1) For encryption first letter of plaintext substiute from first row and
so on
Ex. SECURITY will become TGFYWOAG
2) This is the more sophisticated way
◦ Use a keyword to represent the shift
◦ Begin by writing a keyword above the plaintext message
 Ex :
 Keyword : I N D I A I N D I A I N D I A I N
Plain Text :N E W H O R I Z O N C O L L E G E
 Now use the keyword letter and the message(plain text) letter in
combination. Then look into vigenere square fist column and then
row to get the alphabet
 Keyword letter – locate the column
message letter - find the row
Then look for the letter at their intersection.
Ex. I and N is V
 Ciphertext : VRZPOZVCWNKBOTEOR
 Weakness : Any keyword or message letter combination containing
an A row or or column reproduces the plaintext message letter
 To minimize this avoid choosing a keyword that contains the letter
A
Transposition Cipher
 Block cipher method
 Also called as permutation cipher
 Simply rearranges the values within a block to create the ciphertext
 Can be done at the bit level or at the byte( character ) level
 Ex.
 Key pattern : 1->4, 2->8, 3->1, 4->5, 5->7, 6->2, 7->6, 8->3
 Bit or byte (char) in position 1 moves to position 4 and so on
 Ex.
 Plaintext message : 00100101011010111001010101010100
 Divide the plain text message into 8-bit blocks
 Julius caesar also was associated with an early version of the
transposition cipher called caeser block cipher
 In caeser block cipher the recipient uses the square
 Ex. If message <=25 characters then use 5*5 square then fill the
slots from L->R top to bottom.
 Then read the message from the opposite direction i.e, top to bottom
L->R
 Ex. Plaintext : NEW_HORIZON_COLLEGE
N E W _ H
O R I Z O
N _ C O L
L E G E _
_ _ _ _ _
 Ciphertext : NONL_ER_E_WICG_ _ZOE_HOL_ _
 Decryption :
 N O N L _
E R _ E _
W I C G _
_ Z O E _
H O L _ _

 Plaintext : NEW_HORIZON_COLLEGE
 Larger block size (64 or 128 bits) more complex and stronger
encryption
Exclusive OR (XOR)
 Bit stream method
 Two bits are identical then the result is 0 else 1
 Used where security is not a requirement
 Simple to implement and simple to break
 Use it with other encryption method
 In order to encrypt the plain text a key value should be selected
 And the key value is repeated for each character to be encrypted
 Ex. Plain text CAT
 Binary equivalent of CAT is 01000011 01000001 01010100
 ASCII value of C is 67 A is 65 T is 84
 If key value is B ( Ascii value is 66 so binary equivalent is
01000010)
 CAT as bits : 01000011 01000001 01010100
BBB as key : 01000010 01000010 01000010
Cipher : 00000001 00000011 00010110
 This is decrypted using the key value of “B” at the receiver side
Vernam cipher
 Also known as one-time pad
 Uses a set of characters only one time for each encryption process
 Write the position value of each letter in the plain text
 Write the position value of each letter in the one-time pad text
 These two are added
 If the sum exceeds 26 (should be within the range 1to 26) then 26 is
subtracted from the total
 Called as modulo-26
 The resulting sum for the char is then converted to a ciphertext
letter for transmission
 Ex.
Plain text : N E W H O R I Z O N
Plain text value : 14 05 23 08 15 18 09 26 15 14
One-time pad text : A Z P Y X T S F Y O
One-time pad value: 01 26 16 25 24 20 19 06 25 15
_______________________________________________________
Sum of Plain text 15 31 39 33 39 38 28 32 40 29
and pad :
After modulo 26
Subtraction : 05 13 07 13 12 02 06 14 03
Ciphertext : O E M G M L B F N C
 For decryption one must know the one time pad value
 Instead of add subtract the pad value from the place value of the
ciphertext.if its not in the range 1-26 ( i.e, -ve) then add 26 to it
 Ex.
Cipher text : O E M G M L B F N C
Place value : 15 05 13 07 13 12 02 06 14 03
One-time pad text : A Z P Y X T S F Y O
One-time pad value: 01 26 16 25 24 20 19 06 25 15
_______________________________________________________
Subtraction 14 -21 -03 -18 -11 -08 -17 0 -11 -12
After modulo 26
Addition : 05 23 08 15 18 09 26 15 14
Plain text : N E W H O R I Z O N
Book or Running Cipher
 Text in a book is used as a key to decrypt a message
 The ciphertext consists of a list of codes representing the page
no,line no and word no of the plain text word
 Ex. 259,19,8 ; 22,3,8 ; 17,16,2
 Any book can be used
 Dictionaries, thesauruses are mostly used as they contain almost any
word that might be needed
 For complexity can use multiple books
 To decrypt receiver should know the book name
Hash functions
 Hash functions are mathematical algorithms that generate a message
summary or digest (called as fingerprint) to confirm the identity of a
specific message and to confirm that there have not been any
changes to the content
 Do not create a ciphertext
 Confirms message identity and integrity
 Used in e-commerce
 Hash algorithms are public functions that create a hash value, also
known as message digest by converting variable-length messages
into a single fixed-length value
 The message digest is a fingerprint of the author’s message that is
compared with the recipient’s locally calculated hash of the same
message
 After comparing, if both hashes are identical after transmission, the
message has arrived without modification
 One-way operation. Same message always provides the same hash
value but the hash value itself cannot be used to determine the
contents of the message
 Hashing functions do not require the use of keys
 Can attach Message Authentication Code(MAC) to the hashing
function which allows only specific recipients to access the message
digest
 Because hash functions are one-way, they are used in password
verification systems to confirm the identity of the user by
comparing the hash value based on the user’s password input and
the stored value
 The Secure Hash Standard (SHS) is a standard issued by the
National Institute of Standards and Technology
SHA-1 ( Secure Hash Algorithm 1)
 Secure algorithm for computing a condensed representation of a
message or data file
 Produces a 160-bit message digest, which can be used as an input to
a digital signature algorithm
 New hash algorithms
◦ SHA-256 is 128 bits
◦ SHA-384 is 192 bits
◦ SHA-512 is 256 bits
 If attackers gain access to a file of hashed passwords, they can use a
combination of brute force and dictionary attacks to reveal user
passwords
 Rainbow cracking is a attack method which uses rainbow table
which is a database of pre computed hashes from sequentially
calculated passwords
 The rainbow cracker simply looks up the hashed password and
reads out the text version
 No brute force required
 This type of attack is classified as time-memory tradeoff attack
 To defend against this type of attack, password hash salting
approach can be used
 Salting is the process of providing a non-secret, random piece of
data to the hashing function when the hash is first calculated
Cryptographic Algorithms
 Grouped into two broad categories :
◦ Symmetric encryption
◦ Asymmetric encryption
 Symmetric Encryption
 Also called as private key encryption
 Require the same secret key to encrypt and decrypt the message
 Symmetric encryption methods use mathematical operations that
can be programmed into extremely fast computing algorithms so
that the encryption and decryption processes are executed quickly
by even small computers