Information Security

Delivered By: Dr.Ahthasham

Dated: 16th Sept 2024
 Agenda
• Basic Terminologies
• Types of Encryption
• Conventional Encryption Principles
• Cryptography Dimensions
• Classic Substitution Ciphers
• Brute Force Attack

2
 Basic Terminology
• Plaintext - The original message

• Cipher text - The coded message

• Cipher - Algorithm for transforming plaintext to cipher text

• Key - Info used in cipher known only to sender/receiver

• Encipher (Encrypt) - Converting plaintext to cipher text

3
 Basic Terminology
• Decipher (Decrypt) - Recovering plaintext from
ciphertext

• Cryptography - study of encryption principles/methods

• Cryptanalysis (Code Breaking) - the study of principles/

methods of deciphering ciphertext without knowing key

• Cryptology - The field of both cryptography and

cryptanalysis
4
Types of Encryption

5
6
 Conventional Encryption
Principles
• An encryption scheme has five ingredients:
1. Plaintext

2. Encryption algorithm

3. Secret Key

4. Ciphertext

5. Decryption algorithm

• Security depends on the secrecy of the key, not the secrecy of

the algorithm

7
8
 Symmetric Encryption

• Or conventional/private-key/single-key

• Sender and recipient share a common key

• All classical encryption algorithms are private-key

• Was only type prior to invention of public-key in 1970’s

9
10
11
12
13
Symmetric Cipher Model

14
 Requirements
• Two requirements for secure use of symmetric encryption:
– A strong Encryption Algorithm

– A secret key known only to Sender / Receiver

Y = EK(X)
– Assumes encryption algorithm is known
X = DK(Y)
• Implies a secure channel to distribute key

15
16
17
18
 Cryptography Dimensions
• Classified along three independent dimensions:

1. Type of encryption operations used for transforming plaintext to ciphertext

• Substitution / Transposition / Product

2. Number of Keys used

• Symmetric - single-key or secret key encryption

• Asymmetric - two-key or public key encryption

3. Way in which Plaintext is processed

• Block / Stream

19
 Cryptanalysis
• Two general approaches to attack an encryption scheme

1.Cryptanalysis
• Needs encryption algorithm plus some knowledge regarding
the plaintext or some sample plaintext-ciphertext pair

2. Brute-Force attack
• Attacker tries every possible key to decrypt.

• Needs to check so many keys

20
 Types of Cryptanalytic Attacks

• Ciphertext only
– Attacker only knows the encryption algorithm & ciphertext

• Known Plaintext
– Knows the encryption algorithm & ciphertext

– Additionally knows some sample plaintext-ciphertext pairs

• Chosen Plaintext
– Attacker selects plaintext and obtains ciphertext to attack cipher

21
 Types of Cryptanalytic Attacks

• Chosen Ciphertext
– Select ciphertext and obtain plaintext to attack cipher

• Chosen Text
– Select either plaintext or ciphertext to en/decrypt to attack
cipher

22
Model of Symmetric
Cryptosystem

23
 Computational vs. Unconditional
Security
• Unconditional Security

– no matter how much computer power is available, the cipher

cannot be broken since the ciphertext provides insufficient
information to uniquely determine the corresponding plaintext

• Computational Security

– given limited computing resources (e.g. time needed for

calculations is greater than age of universe), the cipher cannot be
broken

24
 Classical Substitution
Ciphers

• Where letters of plaintext are replaced by other letters or

by numbers or symbols

• Or if plaintext is viewed as a sequence of bits, then

substitution involves replacing plaintext bit patterns with
ciphertext bit patterns

25
 Substitution Ciphers

• Monoalphabetic cipher
– Caesar cipher
• Polyalphabetic cipher
– Vigenère cipher
• Multiple letter cipher
– Playfair cipher

26
 Caesar Cipher
• Earliest known substitution cipher
• By Julius Caesar
• First attested use in military affairs
• Suppose Key is 3 , so Replaces each
letter by 3rd letter of alphabets in
plaintext to get cipher text.
• Example:
Plaintext: meet me after the toga party
Ciphertext: PHHW PH DIWHU WKH WRJD SDUWB
27
 Caesar Cipher
• Can define transformation as:

• Mathematically give each letter a number

a b c d e f g h i j k l m
0 1 2 3 4 5 6 7 8 9 10 11 12
n o p q r s t u v w x y Z
13 14 15 16 17 18 19 20 21 22 23 24 25

28
 Caesar Cipher
• Then we can generalize Caesar cipher as:

C = E(p) = (p + k) mod (26)

p = D(C) = (C – k) mod (26)

• Where:
p : letter to be converted into ciphertext
k : offset e.g., 3 as in our example
C : ciphertext

29
• https://www.boxentriq.com/code-br
eaking/caesar-cipher

• Use The Link to Practice Ceaser

Cipher Scenario

30
 Cryptanalysis of Caesar
Cipher
• Only have 26 possible ciphers
– A maps to A,B,..Z
• Could simply try each in turn i.e., using
a brute force search
• Given ciphertext, just try all shifts of
letters

31
 Brute Force Search
• Always possible to simply try every key
• Most basic attack, proportional to key size
• Assume either know / recognise plaintext

32
Brute-Force
Cryptanalysi
s of Caesar
Cipher

33
 Cryptanalysis of Caesar
Cipher
• Do need to recognize when have
plaintext
• eg. break ciphertext “KHOOR ZRUOG“
HELLO WORLD
-3
KHOOR ZRUOG

34
 Compressed Plaintext
• The input may be abbreviated or
compressed
• Encrypted using simple substitution,
decrypting is not simple as plaintext is
not understandable

35
Sample of Compressed
Text

36