Cryptography

• Cryptography is the science of secret, or hidden

writing
• It has two main Components:
1. Encryption
– Practice of hiding messages so that they can not be read by
anyone other than the intended recipient
2. Authentication
– Ensuring that users of data/resources are the persons they
claim to be and that a message has not been surreptitiously
altered
 Encryption - Cipher
• Cipher is a method for encrypting messages

Plain Text Encryption Cipher Text Decryption Plain Text

Algorithm Algorithm

Key A Key B
• Encryption algorithms are standardized & published
• The key which is an input to the algorithm is secret
– Key is a string of numbers or characters
– If same key is used for encryption & decryption the algorithm is called symmetric
– If different keys are used for encryption & decryption the algorithm is called
asymmetric
 Encryption - Symmetric Algorithms
• Algorithms in which the key for encryption and
decryption are the same are Symmetric
– Example: Caesar Cipher
• Types:
1. Block Ciphers
– Encrypt data one block at a time (typically 64 bits, or 128 bits)
– Used for a single message
2. Stream Ciphers
– Encrypt data one bit or one byte at a time
– Used if data is a constant stream of information
 Symmetric Encryption – Key Strength
• Strength of algorithm is determined by the size of the key
– The longer the key the more difficult it is to crack
• Key length is expressed in bits
– Typical key sizes vary between 48bits and 448 bits
• Set of possible keys for a cipher is called key space
– For 40-bit key there are 240 possible keys
– For 128-bit key there are 2128 possible keys
– Each additional bit added to the key length doubles the security
• To crack the key the hacker has to use brute-force
(i.e. try all the possible keys till a key that works is found)
– Super Computer can crack a 56-bit key in 24 hours
– It will take 272 times longer to crack a 128-bit key
(Longer than the age of the universe)
 Symmetric Algorithms – Caesar Cipher
• Caesar Cipher is a method in which each letter in the
alphabet is rotated by three letters as shown

ABCDEFGHIJKLMNOPQRSTUVWXYZ

DEFGHIJKLMNOPQRSTUVWXYZABC

• Let us try to encrypt the message

– Attack at Dawn

Assignment: Each student will exchange a secret message

with his/her closest neighbor about some other person in
the class and the neighbor will decipher it.
 Symmetric Algorithms - Caesar Cipher
Encryption
Plain Text Cipher Text
Cipher:
Message: Caesar Cipher Message:
Attack at Dawn Algorithm Dwwdfn Dw Gdyq

Key (3)
Decryption
Cipher Text Plain Text
Cipher:
Message: Caesar Cipher Message:
Dwwdfn Dw Gdyq Algorithm Attack at Dawn

Key (3)
How many different keys are possible?
 Symmetric Algorithms - Monoalphabetic Cipher
• Any letter can be substituted for any other letter
– Each letter has to have a unique substitute

ABCDEFGH I JKLMNOPQRSTUVWXYZ

MNBVCXZASDFGHJ KLPO IUYTREWQ

• There are 26! pairing of letters (~1026)

• Brute Force approach would be too time consuming
– Statistical Analysis would make it feasible to crack the key
Message: Encrypted
Cipher: Message:
Bob, I love you. Monoalphabetic Nkn, s gktc wky.
Alice Cipher mgsbc

Key
 Symmetric Algorithms - Polyalphabetic Cipher
• Developed by Blaise de Vigenere
– Also called Vigenere cipher
• Uses a sequence of monoalpabetic ciphers in tandem
– e.g. C1, C2, C2, C1, C2

Plain Text ABCDEFGH I JKLMNOPQRSTUVWXYZ

C1(k=6) FGH I JKLMNOPQRSTUVWXYZABCDE

C1(k=20) TUVWXYZABCDEFGH I JKLMNOPQRS

• Example
Message: Encrypted
Cipher: Message:
Bob, I love you. Monoalphabetic Gnu, n etox dhz.
Alice Cipher tenvj

Key
 Data Encryption Standard (DES)

• Goal of DES is to completely scramble the data

and key so that every bit of cipher text depends
on every bit of data and ever bit of key
• DES is a block Cipher Algorithm
– Encodes plaintext in 64 bit chunks
– One parity bit for each of the 8 bytes thus it reduces
to 56 bits
• It is the most used algorithm
– Standard approved by US National Bureau of Standards
for Commercial and nonclassified US government use
in 1993
 Data Encryption Standard (DES)
64-bit input 56-bit key

48-bit k1
L1 R1
• DES run in reverse to
F(L1, R1, K1)
decrypt
48-bit k2 •
L2 R2 Cracking DES
– 1997: 140 days
F(L2, R2, K2)
– 1999: 14 hours
48-bit k3
L3 R3 • TripleDES uses DES 3
times in tandem
– Output from 1 DES is
F(L16, R16, K16)
input to next DES

48-bit k16
L17 R17
 Summary of Encryption Algorithm

Algorithm Type Key Size Features

DES Block 56 bits Most Common, Not

Cipher strong enough
TripleDES Block 168 bits Modification of DES,
Cipher (112 effective) Adequate Security
Blowfish Block Variable Excellent Security
Cipher (Up to 448 bits)
AES Block Variable Replacement for DES,
Cipher (128, 192, or Excellent Security
256 bits)
RC4 Stream Variable Fast Stream Cipher,
Cipher (40 or 128 bits) Used in most SSL
implementations
 Symmetric Encryption – Limitations
• Any exposure to the secret key compromises
secrecy of ciphertext
• A key needs to be delivered to the recipient of
the coded message for it to be deciphered
– Potential for eavesdropping attack during transmission
of key