INTRODUCTION TO

CRYPTOGRAPHY
 Objectives

• Know what is cryptography means

• Understand how cryptography works
• Able to know terminology that used
in Cryptography
• Able to identify several algorithm that
used in cryptography
 TOC

• What is Cryptography
• Plain Text and Cipher Text
• Substitution Techniques
• Transposition Techniques
• Encryption and Decryption
• Symmetric and Asymmetric Key
Cryptography
• Steganography
• Exercises
 What is Cryptography

• Comes from Greek word – art of secret writing

• Service provided:
– Send information between participants - prevents
others from reading
– Integrity checking
– Authentication
• An encryption scheme has five ingredients:
 What is Cryptography… Cont…
• Cryptographic system tend to involve
– Algorithm
– Secret value – key
• Why use key?
– Difficult to keep devising new algorithm
– Perfect key – doesn’t matter if anyone know
the algorithm.
• Concept of key – analogous to the
combination for a combination lock
• Not easy to break without knowing the
combination.
 Definition

• Cryptography is the art of achieving

security by encoding messages to
make them non-readable
 Definition

• Few term used in cryptography

– Brute-force attack – attack on cipher text – use all
possible permutations and combinations
– Cryptanalyst – person who attempts to break a
cipher text – process as cryptanalysis
– Cryptanalysis – the study of cipher text, ciphers
and cryptosystems with the aim of understanding
how they work and finding and improving
techniques for defeating or weakening them.
 Plain Text and Cipher Text
• Plain text / clear text – word that can be
understand by the sender, the recipient, and also
by anyone
– Eg: I Love You
• Cipher text – plain text message is codified using
any suitable scheme
Fig. 3.1
– Eg:

Fig. 3.2
 Plain Text and Cipher Text… Cont

– 2 primary ways – plain text codified into cipher text

• Substitution
• Transposition
– When 2 approaches used together – product cipher

Fig. 3.3
 Substitution Techniques
• Caesar Cipher
– Scheme illustrated in fig. 3.1 – proposed by
Julius Caesar – Caesar Cipher
– Substitution Cipher Techniques – char plain
text are replaced by other char, number or
symbols
– Caesar cipher is a very weak scheme – reverse
the Caesar Cipher process
 Substitution Techniques … Caesar Cipher… Cont..

– Fig. 3.3 show summarized of simple algorithm

to break Caesar Cipher

Fig. 3.4

Algorithm to break Caesar cipher

Fig. 3.5
Example of Breaking Caesar Cipher
 Exercises

Convert the following cipher text to plain text

1. HQFUBSWLRQ
2. PHHW PH DIWHU WKH WRJD SDUWB
3. QHWZRUN VHFXULWB
 Substitution Techniques.. Modified Caesar Cipher

• Modified Version of Caesar Cipher

– Good in theory but not in practice
– How to make an attacker’s life difficult
• All alphabet in plain text can be place with any
valid alphabet
• All the replacement alphabet is constant – once
the a alphabet replace to alphabet in plain text –
cannot used to another.
• Cannot replace with itself – (A with A)
• There 25 possibilities of replacement
• Fig. 3.6 : algorithm to break this version of Caesar
cipher
 Substitution Techniques.. Modified Caesar Cipher… Cont

Fig. 3.6

– Use cipher text message produced by the modified

Caesar Cipher and break use above algorithm. Table
3.1 show the result.
Substitution Techniques.. Modified Caesar Cipher… Cont

Table: 3.1
 Exercises

Convert the following cipher text to plain text

1. HTRGTI XH GTKTPATS
2. JQHWDUYJI RJXXFLJ KTZSI
 Substitution Techniques.. Mono-alphabetic

• Mono-alphabetic cipher
– Major weakness of the Caesar Cipher – predictability
– Mono-alphabetic cipher – use random substitution ( A
can replace with B through Z) and so on
– Mathematically – permutation or combination of the
26 alphabet (26x25x24x23x…2) or 4 x 1026 – hard to
crack
– But it useless, if the cipher text – short.
 Substitution Techniques.. Homophonic

• Homophonic Substitution Cipher

– Similar to Mono-alphabetic Cipher.
– But, in HSC, one plain text alphabet can
map more than one cipher text alphabet
– Eg: A can replaced by D, H, P, R and B by
E, I, Q, S
 Substitution Techniques.. Polygram

• Polygram Substitution Cipher

– Replace a block plain text with a block of
cipher text
– For instant HELLO can be replaced by
YUQQW

Fig. 3.7
 Substitution Techniques.. Polyalphabetic

• Polyalphabetic Substitution Cipher

– Use multiple one-character keys – each
encrypts one plain text.
– After all key are used – recycle
– All key (identified) used – period of
cipher.
 Transposition Techniques
• Not like substitution techniques – not simply
to replace one alphabet with another
• perform some permutation over the plain text
alphabets
• There are several techniques in Transposition:
– Rail Fence Technique
– Simple Columnar Transposition Technique
– Vernam Cipher
– Book Cipher / Running Key Cipher
 Rail Fence Technique
• Uses simple algorithm as shown in fig 3.8
• Involve writing plain text as sequence of
diagonals and reading it row-by-row to
produce cipher text
• Eg: Come home tomorrow : How to transform
to cipher text?

Fig. 3.9

– RFT quite simple to cryptanalyst to break into.

Simple Columnar Transposition Technique

• Simply arrange the plain text as a sequence of

rows of a rectangle – read in columns randomly

• It has 2 techniques
– Basic Technique
– Simple Columnar Transposition Technique with
Multiple Rounds
 Basic Techniques
• The algorithm shown in fig. 3.10

Fig. 3.10

• Eg: Come home tomorrow : How to transform to

cipher text? This is illustrated in fig. 3.11
Fig. 3.11
Simple Columnar Transposition Technique with
Multiple Rounds
• To introduce more complexity of SCTT
• Extend one step from SCTT basic. This
shown in fig. 3.12
• Cipher text – much more complex to crack

Fig. 3.12
Fig. 3.13
 Vernam Cipher
• Also called One-Time-Pad – implement using a random
set of non-repeating characters as the input cipher text
• Once use never use again
• The length of the input cipher text = plain text
• Algorithm described in Fig. 3.14 Fig. 3.14
• Apply the Vernam Cipher algorithm to plain text
message HOW ARE YOU using one time-pad
NCBTZQARX
• The steps shown in fig. 3.15
• More secure (discarded one-time-pad after
used) and suitable for small plain text message
but not practical for large.
• Implemented at AT&T – help of a device –
Vernam Machine
Fig. 3.15
 Book Cipher

• Also called as Running Key Cipher

• Similar in principle of Vernam Cipher
• Use portion of text from a book – serve of one-
time-pad
• Each character used - cannot same with others
(ADOBE)
• Those characters added to the input plain text –
similar to one-time-pad work
 Encryption and Decryption
• As we know the process to transform plain text
to cipher text or vise versus – encryption and
decryption

Fig. 3.16

Fig. 3.17
• In computer communication – sender send the
encrypt message through the network.
• Receiver received the message and decrypt it to
plain text.
• To encrypt and decrypt the message –
encryption and decryption algorithm
• Usage both must be same each other –
otherwise the decryption cannot success
• Others method using key = one time pad in
Vernam Technique
• Algorithm – know to everyone– to made the
message secure – use the key.
Fig. 3.18
• There are 2 cryptography mechanism
– Symmetric key Cryptography = use same key to
encrypt and decrypt the message
– Asymmetric key Cryptography – use different key
in encrypt and decrypt the message
Fig. 3.19
Symmetric and Asymmetric Key Cryptography

• Symmetric Key Cryptography and the

problem: key problem
 key distribution problem
• Problem in transmission. Create the same problem
• By courier may improve the situation – same
problem happened
• Another option by hand-delivery mechanism
• Others idea – put the envelope in box and locked it
– difficult to receiver to opened it – Another KEY?
• Send key by another way
• No solution completely acceptable – either not fully
proof or not practically possible – called key
distribution problem / key exchange problem
• Same key to encrypt and decrypt – symmetric key
operation
• Let say A want to send different message to 2
person B and C. so need 2 different pair of key
• How about involve more than 5 person?
– 10 pairs of key and locked needed
• So we can write in Mathematic
– Person involve (PI)
• PI * (PI – 1) / 2
– Let say 1000 person involve
• 1000 * (1000 – 1) / 2 = 499,500 lock and key pairs
• Remember that locked and key pair must be
maintained by somebody
 Asymmetric Key Operation
• Have 2 keys ; encrypt and decrypt the
message.
• Let say A want to send a message to B, so B
will send K1 to A to be used in encrypting the
message
• B will open / decrypt the message by using
K2
• K1 != K2
• K1 everyone know… but not K2; only B
knows.
• K1 known as public Key and K2 as private key
Fig. 3.29
• What if B want to received a message from C;
C may use the same key (K1) to encrypt the
message and B can use K2 (same as used to
decrypt message A)
• Only a pair of key is needed to execute
cryptography process (if B want to receive
from 1000 person)
• But if they want to communicate with each
other they will need 1000 lock, 1000 K1, 1000
K2 – not as symmetric (499, 500)
 Steganography

• Technique that hiding the message inside other

message.
• Historically, the sender use invisible ink, tiny pin
puncher on specific character, etc
• Of late – hiding behind the picture
 Exercises

1.Alice meets Bob and says

Rjjy rj ts ymj xfggfym. bj bnqq inxhzxx ymj uqfs.
If she is using Caesar Cipher, what does she want to
convey?

2. What would be the transformation of a message

‘Happy birth day to you’ using Rail Fence technique?
 Exercises cont…

3.During the World War II, a German spy used a

technique known as Null Cipher. Using this technique,
the actual message is created from the first alphabet
of each word in the message that is actually
transmitted. Find out the hidden secret message if
the transmitted message was
President’s embargo ruling should have immediate
notice. Grave situation affecting international law,
statement foreshadows ruin of many neutral yard.
 Exercises cont…

4. Consider a scheme involving the replacement of

alphabets as follows:
Original A B C… X Y Z
Changed to Z Y X … C B A
If Alice sends a message HSLDNVGSVNLMVB, what
should Bob infer from this?
5. Encrypt the following message using Mono-
alphabetic Substitution Cipher with key = 4.
This is a book on Security
6. Decrypt the following message using Mono-
alphabetic Substitution Cipher with key= 4.
wigyvmxc rixiv gsqiw jsv jvii
 Exercises cont…

7.Encrypt the following plain text bit pattern with the

supplied key, using the XOR operation, and state the
resulting cipher text bit pattern.

Plain text 10011110100101010

Key 01000101111101101

8. Transform the cipher text generated in the above

exercise back to the original plain text.
 Exercises cont…

9. Consider a plain text message I AM A HACKER.

Encrypt it with the help of the following algorithm:

(a) Replace each alphabet with its equivalent 7-bit ASCII

code.
(b) Add a 0 bit as the leftmost bit to make each of the
above bit patterns 8 positions long.
(c) Swap the first four bits with the last four bits for each
alphabet.
(d) Write the hexadecimal equivalent of every four bits.
 Algorithm Types/ Algorithm Modes

• Algorithm Types
– Stream Ciphers
– Block Ciphers

• Algorithm Modes – combination of a series of

the basic algorithms steps on block cipher
 Stream Cipher
• Plaintext is encrypted one bit at a time
• Suppose message is “Pay 101” in ASCII
• In binary it can be a series of 1 and 0;
– 7 bit times 7 characters
• Every bit will be applied with a encryption
algorithms
• Let Say binary data is 10010101
– Apply XOR with a key operation will get a cipher text
 Block Ciphers
• A block of bits is encrypted at one go
• Suppose a plaint text is FOUR_AND_FOUR
• It can be encrypted in blocks of “FOUR”,
“_AND_”, and “FOUR”
Advantages and Limitations of ECB
• repetitions in message may show in cipher text

• weakness due to encrypted message blocks being

independent

• main use is sending a few blocks of data

 Advantages and Limitations of CBC
• Each cipher text block depends on all message blocks
• Thus a change in the message affects all cipher text
blocks after the change as well as the original block
• Need initial value (IV) known to sender & receiver
• If same plaintext block is repeated different cipher
text blocks are produced
• For Encryption
– Initialization vector is given as the input to the
shift register
– The left most s bits of the encrypted output is
XORed with plain text to produce c1
• For Decryption
– The received ciphertext is xored with output of
the encryption function to produce plaintext unit
Advantages and Limitations of CFB
• Appropriate when data arrives in bits/bytes
• Most common stream mode
• Cipher text should be of the same length of plain
text, if no transmission capacity is wasted
 Symmetric Key Algorithms

• Data Encryption Standard (DES)

• Double DES
• Triple DES
• International Data Encryption Algorithm (IDEA)
• Diffie-Hellman Key Exchange/Agreement
Algorithm
 Conceptual working of DES
64-bit 64-bit 64-bit
Plain Text Plain Text Plain Text
……
56-bit 56-bit 56-bit
Key DES Key DES Key DES

64-bit 64-bit 64-bit

Cipher Text Cipher Text Cipher Text

Block 1 Block 2 Block n

 Broad Level steps in DES

Step 1 Plain text (64 bits)

Step 2 Initial Permutation

(IP)

Step 3 LPT RPT

(32-bit) (32-bit)

Step 4 Key 16 16
rounds rounds Key

Step 5 Final Permutation

(FP)

Step 6 Cipher text (64 bits)

Initial Permutation (IP) Table
 Details of One Round in DES

Key
Transformation 64-bit ->56-bit
key -> 48 bit
sub-key
Expansion
Permutation

S-Box
Substitution
32-bit
P-Box RPT
Permutation

XOR and Swap

 Key Transformation

 Initially 64-bit key

 Transformed into 56-bit key(discard every 8th
bit of the initial key)
 For each round 56-bit key is available
 From 56-bit key, a different 48-bit sub-key is
generate during each round(16 rounds, 16
different , 48-bit sub-key),process called as
Key Transformation.
 Key Transformation

 How to get different 48-bit sub-key for each

round(i.e., 16 rounds)?
 Divide 56-bit key into 2 halves, each 28 bits.
 These halves are circularly shifted left by 1 or
2 positions, depending on the round.
 EX:- if the round number is 1,2,9,16 the shift
is done by only one position. For all the other
rounds ,the circular shift by 2 positions.
 Key Transformation

 After appropriate shift,48 of the 56 bits are

selected.
 DES provides built-in table of 48-bits
 Selecting 48 of 56 bits, called as Compression
Permutation.
 Key Transformation

Discarding of every 8th bit of original 64-bit key (shaded positions are discarded)

Number of key bits shifted per round

Compression Permutation
 Expansion Permutation (EP)

 After Initial Permutation , we had Left Plain

Text(LPT),Right Plain Text(RPT) , 32 bits each
 During EP, the RPT expanded from 32 bits to
48 bits.
 Besides increasing bit size from 32 to 48, bits
are permuted, hence name is Expansion
Permutation.
 Expansion Permutation

 How to expand 32 bits to 48 bits?

1. The 32-bit RPT is divided into 8 blocks, each
block of 4 bits(8*4=32)
2. Next , each 4-bit block is expanded to a 6-bit
block. Add 2 more bits to 4-bit block. HOW?
3. These 2 bits are repeated 1st and 4th bits of the 4
bit block. The 2nd and 3rd bits are written down
as it is.
4. The 1st input bit is outputted to 2nd and 48th
position. And 32nd input bit is outputted to 47th
as well as 1st position.
Division of 32-bit RPT into (8) 4 bit blocks
RPT Expansion Permutation
RPT Expansion Permutation Table
 Way to S-box Substitution

 The 48-bit key is XORed with the 48-bit RPT,

and the resulting output of 48-bit is given to
the next step called S-box Substitution.
Key Transformation Expansion Permutation
(Compress key from 56 bits to (Expand RPT from 32 bits to
48 bits) 48 bits)

48-bit Key XOR 48-bit RPT

S-box Substitution
 S-box Substitution
 The substitution is performed by 8 substitution
boxes called S-boxes.
 Each of the 8 S-boxes has 6-bit input and a 4-bit
output.
 The 48 bit input block is divided into 8 sub-
blocks (each of 6 bits),and each such sub-block
is given to S-box.
 What is the logic used by S-box substitution for
selecting only 4 of the 6 bits?
 Every S-box as a table with 4 rows(0 to 3) and
16 columns (0 to 15).
 S-box Substitution

48-bit input block

6-bit sub-block 6-bit sub-block 6-bit sub-block

S-box 1 S-box 2 S-box 3

4-bit block 4-bit block 4-bit block

32-bit output block

 S-box tables

S-box 1
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15
0
1
2
3

S-box 2
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15
0
1
2
3
….

S-box 8
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15
0
1
2
3
 Selection of S-box output based on input

b6 Selecting an
b1 b2 b3 b4 b5
entry in a S-box
based on the 6
4-bit column number bit input
2-bit row number

1 0 1 1 0 1

1 0 1 1 0 1

Column:0110 in binary, 6 in decimal

Row:11 in binary, 3 in decimal

 P-box Permutation
 The output of S-box consists of 32 bits.
 These 32-bits are permuted using a P-box.
 Replacement of each bit with another bit , as
specified in the P-box table, without any
expansion or compression, called P-box
Permutation.
 Then XOR and Swap:- Here LPT (32-bit) is XORed
with the output produced by P-box Permutation.
 The result of this XOR operation becomes the
new RPT. The old RPT becomes new LPT.
P-box Permutation table
 XOR AND SWAP

Old LPT

New LPT
 Final Permutation

Final Permutation table

1. At the end of the 16 rounds, the Final Permutation is performed (only once)
2. The output of the Final Permutation is the 64-bit encrypted block.

DES Decryption:-

1.The same algorithm used for encryption in DES also works for Decryption.
2. The only difference between the encryption and decryption process is the
reversal of key portions.
3. The original key k was divided into K1, K2, K3,….K16 encryption rounds,
then for decryption, the key should be used as K16, K15, K14,……K1.
 Variations of DES

 Tremendous advances in computer hardware ,

DES is susceptible to possible attacks.
 Two main variations of DES have emerged
Double DES (2DES)
Triple DES (3DES)
 Double DES

1. The original Plain Text is encrypted twice with 2 different keys.

2. Double DES uses 2 keys, say K1 and K2.
3. It first performs DES on the original plain text using K1 to get the
encrypted text.
It again performs DES on the encrypted text, but with the other key
i.e. K2.
4. The final output is encryption of encrypted text.
 Double DES Decryption

1.Double DES Decryption works in exactly reverse order of Double

DES Encryption
2.The Double encrypted cipher text block is first decrypted using key
K2 produces single encrypted cipher text. This cipher text is then
decrypted using key K1 to obtain original plain text.
3. Meet-in-the-Middle:- This attack involves encryption from one end and
decryption from the other end, and matching the results in the middle.
Double DES Mathematical Expression
 Triple DES

1.Triple DES is DES-three times.

2.Two Flavors: one with 3 keys, another with 2 keys
3.Mathematical Express : 3DES with 3 keys
Encryption: C=EK3(EK2(EK1(P))).
Decryption: P=DK3(DK2(DK1(C))).
4. Triple DES with 3 keys is highly secure.
5.Drawback:-requires 56*3=168 bits of key i.e., difficult in practical.
 Triple DES with 2 keys

1. Encrypt plain text with key K1,we have EK1(P).

2. Decrypt the output of step1 above with key K2, we have DK2(EK1(P)).
3. Finally, encrypt the output of step2 again with key K1, EK1(DK2(EK1(P))).
4. Encryption: C= EK1(DK2(EK1(P))) Decryption: P=DK1(EK2(DK1(C))).
5. 3DES with 2 keys is also called as EDE (Encrypt-Decrypt-Encrypt) mode.
6. 3DES with 2 keys is not susceptible to the meet-in-the-middle attack, unlike
2DES with K1 and K2 keys.
 IDEA

 Initially it was
PES (Proposed Encryption Standard)-1990
IPES(Improved Proposed Encryption Standard)-1991
IDEA(International Data Encryption Algorithm)-1992
 IDEA is not popular as DES: 2 reasons
It is patent unlike DES (must be licensed before it can
be used in commercial applications.)
DES has a long history and track record compared to
IDEA.
 PGP(Pretty Good Privacy) is based on IDEA.
 IDEA
 IDEA is a block cipher.
 It works on 64-bit plain text blocks.
 The key is longer, 128-bit key.
 IDEA is reversible like DES (Same algorithm used
for encryption and decryption)
 The 64-bit plain text divided into
4 blocks(p1,p2,p3,p4) each of 16-bit.
 IDEA has 8 rounds.
 In Each round, 6 sub-keys are generated. Each
sub-key is of 16 bits.
Broad Level steps in IDEA
Details of one round in IDEA
 Details of one round in IDEA

1. Add*=addition modulo 65536 i.e.,

addition modulo 216
2. Multiply* = Multiplication modulo 65537
multiplication modulo 216+1

NOTE:- Even If the result of an addition or

multiplication of two 16-bit numbers
contains more than 17 bits, we bring it
back to 16 bit number.
 IDEA ROUNDS
 1st round : K1-K6
 2nd round: K7-K12
 8th round: K43-K48
 Final step:- output transformation 4 keys are
required (K49-K52)
 No. Of sub keys=> 8*6=48+4=52 sub keys.
 Each sub key, no of bits= 16 bits
6 sub keys per round then 6*16=96 bits(for round)
Then 128-96=32 bits are remaining, forwarded for
2nd round for K7,K8.
 Sub-Key generation for a round
Round 1
128bits 6 sub keys*16 bits per sub-key=96 bits

96bits 32bits (97-128)

Round 2 :- 96-32 =64 more bits

Note: How do we get remaining 64 bits?

IDEA employs the technique of key shifting.
Key shifting:- The original key is shifted left circularly by 25 bits. That
is, the 26th bit of the original key moves to the 1st position, and becomes 1st
bit after the shift, and the 25th bit of the original key moves to the last
position, and 128th bit after shift.
 Sub-key generation for Round 2,3,4

Round : 2 Used bits,

26-89 (64)
Unused ,
(90 -128)
(1-25)
Round :3,4
51-82 (32bits)
used

83-128,1-50
(96bits)
 Sub-Key generation for 5,6,7,8
Round : 5 96 bits(76-128,
1-43) Used
32 bits (44-75)
Unused

Round : 6 64bits(101-128,
1-36 )Used

64 bits(37-
100) Unused

Round : 7,8
32 bits(126-
128,1-29) Used

96 bits(30-
125) Unused
 Output Transformation (OT)
1. For Output Transformation we
need 4 keys. K49,K50,K51,K52

2. How to get 4 keys for output

Transformation?
OT must perform a circular-left
shift of 25 bits on the key that
we got at Round 8.

4 Sub-Keys for Output

Transformation (OT)
64 bits (23-86) Used

64 bits (87-128, 1-22)

Unused or discarded.
 Output Transformation Process

The output of this process is the final 64-bit

cipher text, which is the combination of 4 cipher
text sub-blocks C1 to C4.
 IDEA cont…

 IDEA Decryption
 same as encryption.
 The decryption keys
inverse of the encryption sub-keys.
 Strength of IDEA
IDEA uses 128-bit key
 Key size is double than of DES.
To break IDEA, 2128 encryption operations required