Encryption

Cryptography is the science of secret, or hidden writing

It has two main Components:
1. Encryption
– Practice of hiding messages so that they can not be
read by anyone other than the intended recipient
2. Authentication & Integrity
– Ensuring that users of data/resources are the persons
they claim to be and that a message has not been
surreptitiously altered
Encryption
Cipher
• Cipher is a method for encrypting messages

Plain Text Encryption Cipher Text Decryption Plain Text

Algorithm Algorithm

Key A Key B

• Encryption algorithms are standardized & published

• The key which is an input to the algorithm is secret
• Key is a string of numbers or characters
• If same key is used for encryption & decryption the algorithm is called symmetric
• If different keys are used for encryption & decryption the algorithm is called asymmetric
Encryption
Symmetric Algorithms
• Algorithms in which the key for encryption and
decryption are the same are Symmetric
• Example: Caesar Cipher
• Types:
1. Block Ciphers
– Encrypt data one block at a time (typically 64 bits, or 128 bits)
– Used for a single message
2. Stream Ciphers
– Encrypt data one bit or one byte at a time
– Used if data is a constant stream of information
Substitution Ciphers
Caesar Cipher
• Caesar Cipher is a method in which each letter in the
alphabet is rotated by three letters as shown

ABCDEFGHIJKLMNOPQRSTUVWXYZ

DEFGHIJKLMNOPQRSTUVWXYZABC

• Let us try to encrypt the message

– Attack at Dawn
Assignment: Each student will exchange a secret message
with his/her closest neighbor about some other person in the
class and the neighbor will decipher it.
Substitution Ciphers
Caesar Cipher
Encryption
Plain Text Cipher Text
Cipher:
Message: Caesar Cipher Message:
Attack at Dawn Algorithm Dwwdfn Dw Gdyq

Key (3)
Decryption
Cipher Text Plain Text
Cipher:
Message: Caesar Cipher Message:
Dwwdfn Dw Gdyq Algorithm Attack at Dawn

Key (3)

How many different keys are possible?

Substitution Cipher
Monoalphabetic Cipher
• Any letter can be substituted for any other letter
• Each letter has to have a unique substitute

ABC D EFGH I J K LM N OPQ RSTUVWXYZ

MNBVCXZASDFGHJ KLPO IUYTREWQ

• There are 26! pairing of letters (~1026)

• Brute Force approach would be too time consuming
•
Message:Statistical Analysis would make it feasible to crack the key
Encrypted
Cipher: Message:
Bob, I love you. Monoalphabetic Nkn, s gktc wky.
Alice Cipher mgsbc

Key
 Substitution Cipher
Polyalphabetic Caesar Cipher
• Developed by Blaise de Vigenere
• Also called Vigenere cipher
• Uses a sequence of monoalpabetic ciphers in tandem
• e.g. C1, C2, C2, C1, C2

Plain Text ABCDEFGH I JKLMNOPQRSTUVWXYZ

C1(k=6) F G H I J K L M N O P Q R S T U V W X Y Z A B C D E
C2(k=20) T U V W X Y Z A B C D E F G H I J K L M N O P Q R S

• Example
Message: Encrypted
Cipher: Message:
Bob, I love you. Monoalphabetic Gnu, n etox dhz.
Alice Cipher tenvj

Key
 Substitution Cipher
Using a key to shift alphabet
• Obtain a key to for the algorithm and then shift the alphabets
• For instance if the key is word we will shift all the letters by four and remove the
letters w, o, r, & d from the encryption
• We have to ensure that the mapping is one-to-one
• no single letter in plain text can map to two different letters in cipher text
• no single letter in cipher text can map to two different letters in plain text

Plain Text ABCDEFGH I JKLMNOPQRSTUVWXYZ

C1(k=6) WORDABCEFGH I JKLMNPQSTUVXYZ

Message:
Encrypted
Cipher: Message:
Bob, I love you.
??
Alice

WORD
Transposition Cipher
Columnar Transposition
• This involves rearrangement of characters on the plain text into columns
• The following example shows how letters are transformed
• If the letters are not exact multiples of the transposition size there may be a few
short letters in the last column which can be padded with an infrequent letter such as
x or z

Plain Text Cipher Text

T H I S I T S S O H
S A M E S O A N I W
S A G E T H A A S O
O S H O W L R S T O
H O W A C I M G H W
O L U M N U T P I R
A R T R A S E E O A
N S P O S M R O O K
I T I O N I S T W C
W O R K S N A S N S
Symmetric Encryption
Limitations
• Any exposure to the secret key compromises
secrecy of ciphertext
• A key needs to be delivered to the recipient of the
coded message for it to be deciphered
• Potential for eavesdropping attack during transmission
of key
Asymmetric Encryption
Basics
• Uses a pair of keys for encryption
• Public key for encryption
• Private key for decryption
• Messages encoded using public key can only be decoded by the
private key
• Secret transmission of key for decryption is not required
• Every entity can generate a key pair and release its public key

Plain Text Cipher Text Plain Text

Cipher Cipher

Public Key Private Key

 Asymmetric Encryption
Weaknesses
• Efficiency is lower than Symmetric Algorithms
• A 1024-bit asymmetric key is equivalent to 128-bit
symmetric key
• Potential for man-in-the middle attack
• It is problematic to get the key pair generated for the
encryption
Message Authentication Codes
Basics
• A message digest created with a key
• Creates security by requiring a secret key to be
possesses by both parties in order to retrieve the
message

Message
Message Digest Digest
Algorithm

Secret Key
Password Authentication
Basics
• Password is secret character string only known to user and
server
• Message Digests commonly used for password
authentication
• Stored hash of the password is a lesser risk
• Hacker can not reverse the hash except by brute force attack
• Problems with password based authentication
• Attacker learns password by social engineering
• Attacker cracks password by brute-force and/or guesswork
• Eavesdrops password if it is communicated unprotected over the
network
• Replays an encrypted password back to the authentication server
Authentication
Biometrics
• Uses certain biological characteristics for
authentication
• Biometric reader measures physiological indicia and
compares them to specified values
• It is not capable of securing information over the
network
• Different techniques exist
• Fingerprint Recognition
• Voice Recognition
• Handwriting Recognition
• Face Recognition
• Retinal Scan
• Hand Geometry Recognition
Authentication
Iris Recognition
The scanning process takes advantage of the
natural patterns in people's irises, digitizing them
for identification purposes

Facts
• Probability of two irises producing exactly the same
code: 1 in 10 to the 78th power
• Independent variables (degrees of freedom) extracted:
266
• IrisCode record size: 512 bytes
• Operating systems compatibility: DOS and Windows
(NT/95)
• Average identification speed (database of 100,000
IrisCode records): one to two seconds
 Authentication
Digital Signatures
• A digital signature is a data item which accompanies or is
logically associated with a digitally encoded message.
• It has two goals
• A guarantee of the source of the data
• Proof that the data has not been tampered with

Sender’s Sender’s
Private Key Public Key
Message Digest Message
Digest
Sent to Algorithm Algorithm Digest
Receiver

Same?

Digital
Message Signature Signature Signature Message
Digest Algorithm Sent to Algorithm Digest
Receiver

Sender Receiver