Seventh Edition, Global Edition

by William Stallings
 Cryptography and Network Security
William Stallings, Edition-7

Chapter 3: Classical Encryption Techniques

Part 2

0112304: Cryptography and Computer Network

Edited by: Bayan Abu Shawar

© 2017 Pearson Education, Ltd., All rights reserved.

 Hill Cipher
• Hill cipher is polyalphabetic Substitution block ciphers
• Hill cipher is a polygraphic substitution cipher based on
linear algebra.
• Developed by the mathematician Lester Hill in 1929
• Strength is that it completely hides single-letter
frequencies
– The use of a larger matrix hides more frequency information
– A 3 x 3 Hill cipher hides not only single-letter but also two-
letter frequency information
• Strong against a ciphertext-only attack but easily broken
with a known plaintext attack

© 2017 Pearson Education, Ltd., All rights reserved.

 Hill Cipher
• In Hill Cipher: the key is a matrix
• If matrix is 2x2 then you can encrypt two letters together
• If matrix is 3x3 then you can encrypt three letters at the same
time or
• Encrypt a polygraph letters based on square matrix size.
• You need some background in linear algebra: concepts of
Hill Algorithm
– Square matrix
– Matrix arithmetic modulo 26 C = E(P,K)= (PxK) mod 26
– Determinant of a matrix
P = D(C, K) = (C x K-1)mod 26
– Multiplicative inverse
You need initially to obtain index of alphabet letter (0, 1, 2, 3,…) as in Ceaser
Cipher and deal with that index

© 2017 Pearson Education, Ltd., All

rights reserved.
 Hill Cipher Example 17 17 5
21 18 21
• Encrypt “Pay more Money”using Hill Cipher with key:
2 2 19

Solution: 1
Since matrix is 3x3: then text will be treated as 3 letters at a time:

3 2. Pay mor emo ney

4. Final Result

AB C D E F G H I J K L M N O P Q R S T U V W X Y Z
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25
 Polyalphabetic Ciphers
• Polyalphabetic substitution cipher
– Improves on the simple monoalphabetic
technique by using different monoalphabetic
substitutions as one proceeds through the
plaintext message
All these techniques have the following features
in common:
• A set of related monoalphabetic substitution
rules is used
• A key determines which particular rule is
chosen for a given transformation

© 2017 Pearson Education, Ltd., All rights reserved.

 Vigenère Cipher
• Best known and one of the simplest
polyalphabetic substitution Stream ciphers
• In this scheme the set of related monoalphabetic
substitution rules consists of the 26 Caesar
ciphers with shifts of 0 through 25
• Each cipher is denoted by a key letter which is
the ciphertext letter that substitutes for the
plaintext letter a

© 2017 Pearson Education, Ltd., All rights reserved.

 Example of Vigenère Cipher
• To encrypt a message, a key is needed that
is as long as the message after removing all
punctuation and spaces from plain text.
• Usually, the key is a repeating keyword
• A general equation of the encryption process:
ci = (pi + ki) mod 26
• A general equation of the decryption process:
pi = (ci - ki) mod 26

© 2017 Pearson Education, Ltd., All rights reserved.

 An Example
An Example: If the keyword is “deceptive”, the message “we are
discovered save yourself” is encrypted as:
key: deceptivedeceptivedeceptive
plaintext: wearediscoveredsaveyourself
ciphertext: ZICVTWQNGRZGVTWAVZHCQYGLMGJ
Numerically we have the following results:

ABCDEFGH I J K L M N O P Q R S T U V W X Y Z
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23
 Vigener table
• The Vigenère cipher uses a 26×26 table with A to Z as
the row heading and column heading This table is
usually referred to as the Vigenère
Tableau, Vigenère Table or Vigenère Square. We
shall use Vigenère Table.
• The first row of this table has the 26 English letters.
Starting with the second row, each row has the
letters shifted to the left one position in a cyclic way.
For example, when B is shifted to the first position on
the second row, the letter A moves to the end.

© 2017 Pearson Education, Ltd., All

rights reserved.
 Vigener table
For example, suppose the
plaintext is MICHIGAN
TECHNOLOGICAL
UNIVERSITY and the keyword
is HOUGHTON. Then, the
keyword must be repeated to be
the same length.
Start by removing all spaces and
punctuation, converting all letters
to upper case, and dividing the
result into 5-letter blocks. As a
result, the above plaintext and
keyword become the following:

Plain Text: MICHI GANTE CHNOL OGICA LUNIV E R S I T Y

Key: HOUGH TONHO UGHTO NHOUG HTONH O UG HT O

Cipher Text: TWWNP ZOAAS WNUHZ BNWWG SNBVC SLYPM M

 To encrypt, pick a letter in the plaintext and its corresponding letter in the
keyword, use the keyword letter (Row letter index) and the plaintext letter (Col
letter index ) the cipher letter is the row-column intersection is the letter a. For
example, the first letter in the plaintext is M and its corresponding keyword letter
is H. This means that the row of H and the column of M are used, and the
entry T at the intersection is the encrypted result.

Vigenère
Table
 Decrypt Using Vigener Table
• To decrypt, pick a letter in the
ciphertext and its
corresponding letter in the
keyword, use the keyword
letter to find the
corresponding row, and search
in that row for cipher letter,
take the header of that col
where cipher letter found as
plain letter.
• Consider the fifth letter P in
the ciphertext. This letter
corresponds to the keyword
letter H and row H is used to
find P. Since P is on column I,
the corresponding plaintext
letter is I.
 Vigenère Autokey System
• A keyword is concatenated with the plaintext itself to
provide a running key. (avoid repeating keyword)

• Example:
key: deceptivewearediscoveredsav
plaintext: wearediscoveredsaveyourself
ciphertext: ZICVTWQNGKZEIIGASXSTSLVVWLA

• Even this scheme is vulnerable to cryptanalysis

– Because the key and the plaintext share the same frequency
distribution of letters, a statistical technique can be applied.

© 2017 Pearson Education, Ltd., All rights reserved.

 Vernam Cipher
• Vigener Scheme is vulnerable to cryptanalysis because the key
and the plaintext share the same frequency distribution of
letters so a statistical technique can be applied.
• To avoid this Vernam Cipher is used to choose keyword
that is as long as the plaintext and has no statistical
relationship to it.
• Vernam cipher is a symmetrical stream cipher in which
the plaintext is combined with a random or
pseudorandom stream of data (the "keystream") of the
same length, to generate the ciphertext, using the
Boolean "exclusive or" (XOR) function.
© 2017 Pearson Education, Ltd., All
rights reserved.
 Vernam Cipher
• Need of ultimate defense against cryptanalysis
• Length of keyword = length of plaintext
• No statistical relationship between keyword and plaintext
• Vernam Cipher works on binary data (bits) rather than letters.
• The ciphertext is generated by performing the bitwise XOR of
the plaintext and the key.
• The system can be expressed as:
(Encryption) and the same for Decryption
 Vernam Cipher

it can be broken with sufficient ciphertext, the use of known or

probable plaintext sequences, or both.
© 2017 Pearson Education, Ltd., All rights reserved.
 Vernam Cipher Algorithm
• PlainText: Take number of each letter such a =0, b =1, etc
• Method to take key: In the Vernam cipher algorithm, we take a key to
encrypt the plain text whose length should be equal to the length of the
plain text.
• Encryption Algorithm:
1. Assign a number to each character of the plain-text and the key
according to alphabetical order. And represent number in binary
system as bits
2. Bitwise XOR both the number (Corresponding plain-text character
number and Key character number).
3. Subtract the number from 26 if the resulting number is greater than
or equal to 26, if it isn’t then leave it.
 Example: Vernam Cipher

28 - 26 = 2 ==> C
CIPHER-TEXT: C

ABCDEFGH I J K L M N O P Q R S T U V W X Y
Z
 One-Time Pad (Stream Cipher)
• Improvement to Vernam cipher proposed by an Army Signal Corp
officer, Joseph Mauborgne
• The two requirements for the One-Time pad are:
– The key should be randomly generated as long as the size of the
message.
– The key is to be used to encrypt and decrypt a single message,
and then it is discarded.
• Each new message requires a new key of the same length as the new
message.
• Scheme is unbreakable (the only available scheme that is completely secure)
– Produces random output that bears no statistical relationship to
the plaintext
– Because the ciphertext contains no information whatsoever about
the plaintext, there is simply no way to break the code
© 2017 Pearson Education, Ltd., All rights reserved.
 Difficulties
• The one-time pad offers complete security but, in practice, has two
fundamental difficulties:
– There is the practical problem of making large quantities of random
keys
• Any heavily used system might require millions of random
characters on a regular basis
– Mammoth key distribution problem
• For every message to be sent, a key of equal length is needed by
both sender and receiver
• Because of these difficulties, the one-time pad is of limited utility
– Useful primarily for low-bandwidth channels requiring very high
security
• The one-time pad is the only cryptosystem that exhibits perfect secrecy.

Perfect Secrecy means if a given ciphertext is generated from a secure cipher

scheme, absolutely nothing will be revealed about the plaintext by the cipher
text.
 Example: One-Time Pad (OTP)
• Message = HELLO, Key = MONEY OTP uses Modular addition
• E: message + key (mod 26)
Cipher = TSYPM,
• D: message - key (mod 26)
Explanation: • Mod operation: is a loop of
• Part 1: Plain text to Ciphertext (used by sender) subtraction till number is
less or equal to 26
– Plain text — H E L L O → 7 4 11 11 14
– Key — M O N E Y → 12 14 13 4 24
– Plain text + key → 19 18 24 15 38 → 19 18 24 15 12 (= 38 – 26)
– Cipher Text → T S Y P M
• Part 2: Ciphertext to Message (used by receiver)
– Cipher Text — T S Y P M → 19 18 24 15 12
– Key — M O N E Y→ 12 14 13 4 24
– Cipher text – key → 7 4 11 11 -12 (= -12+26) → 7 4 11 11 14
– Message → H E L L O
• Input: Message = SAVE, Key = LIFE Output: Cipher – DIAI Message – SAVE
 Rail Fence Cipher
• Simplest transposition cipher
• Plaintext is written down as a sequence of
diagonals and then read off as a sequence of rows
• To encipher the message “meet me after the toga
party” with a rail fence of depth 2, we would
write:
mematrhtgpry
etefeteoaat
Encrypted message is:
MEMATRHTGPRYETEFETEOAAT

© 2017 Pearson Education, Ltd., All rights reserved.

 Rail Fence Cipher
• In a transposition cipher, the order of the alphabets is re-arranged to obtain the
cipher-text.

Encryption:
1. Construct a matrix where:
– Number of rows = key
– Number of coloms = number of letters in plain tex
2. In the rail fence cipher, the plain-text is written downwards and diagonally on
successive rails of an imaginary fence.
3. When we reach the bottom rail, we traverse upwards moving diagonally, after
reaching the top rail, the direction is changed again. Thus the alphabets of the
message are written in a zig-zag manner.
4. After each alphabet has been written, the individual rows are combined to obtain
the cipher-text.

© 2017 Pearson Education, Ltd., All

rights reserved.
 Example: Rail Fence Cipher
Encrypt message “GeeksforGeeks” using 3 rails.
Solution:
1. Construct 3X13 matrix and fill it in zig zag manner
2. Cipher text is read row wise in sequence manner
3. Ciphertext is: GSGSEKFREKEOE

Think: How to Decrypt Rail Fence? So Easy

 Row-Col Transposition Cipher
• Is a more complex transposition based on permutations (Shuffling) of
columns.
• Write the message in a rectangle, row by row, and read the message
off, column by column, but permute the order of the columns (follow
order of permutation 1, 2,..)
– The order of the columns then becomes the key to the algorithm

• Number of cols = key length,

• Number of rows= text/key length
• Empty cells can be filled with any
letter or repeated letter xxx

Ciphertext: TTNAAPTMTSUOAODWCOIXKNLYPETZ
For the type of columnar transposition just shown, cryptanalysis is fairly
straightforward and involves laying out the ciphertext in a matrix and playing
around with column positions. Digram and trigram frequency tables can be useful.
 Row-Col Transposition Cipher
• The transposition cipher can be made significantly more
secure by performing more than one stage of transposition
(multiple stage of encryption). The result is a more complex
permutation that is not easily reconstructed.
• So if we can apply make double transposition in the previous
example, by taking the cipher text and using the same key and
the same algorithm

© 2017 Pearson Education, Ltd., All

rights reserved.
 Row-Col Transposition
• When you have a key as string, the key
permutation is the order of the alphabets in
the key.
• If key for example: HACK then the order of
letters are: 3124
• Order according to existing letters

© 2017 Pearson Education, Ltd., All

rights reserved.
Row-Col Transposition Cipher
Decryption in Row-Col Cipher
 Classical (Symmetric) Encryption Techniques
Classical Encryption Techniques:
• Substitution and
• Transposition
Steganography

© 2017 Pearson Education, Ltd., All rights reserved.

Steganography is the practice of hiding a • Character marking
secret message inside of (or even on top of) • Selected letters of printed or
something that is not secret. That typewritten text are over-written in
something can be just about anything you pencil
want. • The marks are ordinarily not visible
These days, many examples of unless the paper is held at an angle
steganography involve embedding a secret to bright light
piece of text inside of a picture. Or hiding a • Invisible ink
secret message or script inside of a Word or
Excel document. • A number of substances can be used
for writing but leave no visible trace
until heat or some chemical is
Other Steganography applied to the paper
Techniques • Pin punctures
• Small pin punctures on selected
letters are ordinarily not visible
unless the paper is held up in front of
a light
• Typewriter correction ribbon
• Used between lines typed with a
black ribbon, the results of typing
with the correction tape are visible
only under a strong light
© 2017 Pearson Education, Ltd., All rights reserved.
 Steganography vs. Encryption

• Steganography – The advantage of

has a number of steganography
• It can be employed by
drawbacks when parties who have
compared to encryption something to lose
should the fact of their
– It requires a lot of secret communication
overhead to hide a (not necessarily the
relatively few bits of content) be discovered
information – Encryption flags traffic as
important or secret or
– Once the system is may identify the sender
discovered, it becomes or receiver as someone
virtually worthless with something to hide

© 2017 Pearson Education, Ltd., All rights reserved.

 Videos to watch
//Cryptaanalytic attacks
https://www.youtube.com/watch?v=Kejs-saINOo&t=182s
//Monoalphabet
https://www.youtube.com/watch?v=J-utjSeUq_c
//Playfair Part 1
• https://www.youtube.com/watch?v=UURjVI5cw4g
//Playfair Part 2
• https://www.youtube.com/watch?v=whEJfas9MAI
//Steganography
https://www.youtube.com/watch?v=Te8Cao2Smsk
//Vigener Cipher
https://www.youtube.com/watch?v=Ic4BzVggNY8

//Vernam Cipher
https://www.youtube.com/watch?v=Qojvtgf7SQw
 Summary
• Symmetric Cipher • Substitution
Model techniques
– Cryptography – Caesar cipher
– Cryptanalysis and – Monoalphabetic
Brute-Force Attack ciphers
• Transposition – Playfair cipher
techniques – Hill cipher
• Rotor machines – Polyalphabetic
ciphers
– One-time pad
• Steganography
© 2017 Pearson Education, Ltd., All rights reserved.