Secret-Key Encryption

Introduction
• Encryption is the process of encoding a message in such a way that
only authorized parties can read the content of the original message
• Two types of encryption
• secret-key encryption : same key for encryption and decryption
• pubic-key encryption : different keys for encryption and decryption

• We focus on secret-key encryption in this lab

Bob “Hi Alice, my address is 123 Alice
Painting Avenue. Please
stop by at 6:00”

Over a wire, wirelessly, via a Pidgeon etc

 Bob “Hi Alice, my address is 123 Alice
Painting Avenue. Please
stop by at 6:00”

Because our transmission medium is

shared, there is a possible someone
else could be eavesdropping
Eve
 “Hi Alice, my address is 123
Bob Alice
Painting Avenue. Please
stop by at 6:00”

Because our transmission medium is

shared, there is a possible someone
else could be eavesdropping
Eve

Our goal is to make sure Alice can receive our message securely, and our
original message cannot be intercepted
 Bob Alice

Cleartext/Plaintext
“Hi Alice, my address is 123
Painting Avenue. Please
stop by at 6:00”

Eve
 Bob Alice

Cleartext/Plaintext
“Hi Alice, my address is 123
Painting Avenue. Please
stop by at 6:00”

Bob encrypts his message with a key

Eve
MuYGoP5LiTTGPVX6U/
r2VTpxPSqTFmy5nsoFWURThKMhHk/
7tbjYsS2EJ917q7megTAcV+V4ZMU4HjJjiW The result is a
2DCBroxvJ0V3ZYDgZ8B9lUvGUmdiRMH25 ciphertext
Xkf7QrhAGR3FF
 Bob MuYGoP5LiTTGPVX6U/
r2VTpxPSqTFmy5nsoFWURThKMhHk/ Alice
7tbjYsS2EJ917q7megTAcV+V4ZMU4HjJjiW2DCBroxvJ0
V3ZYDgZ8B9lUvGUmdiRMH25Xkf7QrhAGR3FF

Cleartext/Plaintext
“Hi Alice, my address is 123
Painting Avenue. Please
If Eve intercepts our ciphertext, she
stop by at 6:00”
can't do very much with it
MuYGoP5LiTTGPVX6U/
Eve r2VTpxPSqTFmy5nsoFWURThKMh
Hk/
7tbjYsS2EJ917q7megTAcV+V4ZMU
4HjJjiW2DCBroxvJ0V3ZYDgZ8B9lUv
GUmdiRMH25Xkf7QrhAGR3FF
 Bob Alice

Cleartext/Plaintext
“Hi Alice, my address is 123
Painting Avenue. Please
stop by at 6:00”
Eve
Alice receives the ciphertext,
and then uses the same key
that bob used, and then
decrypts the ciphertext
MuYGoP5LiTTGPVX6U/
r2VTpxPSqTFmy5nsoFWURT
hKMhHk/
7tbjYsS2EJ917q7megTAcV+V
4ZMU4HjJjiW2DCBroxvJ0V3Z
YDgZ8B9lUvGUmdiRMH25Xk
f7QrhAGR3FF
“Hi Alice, my address is 123
Painting Avenue. Please
stop by at 6:00”
 The importance here is that
the keys used for
encryption/decryption are
secret (ie not public
knowledge)

Deterministic programs*
Monoalphabetic Substitution
Cipher
Substitution Cipher
• Encryption is done by replacing units of plaintext with ciphertext,
according to a fixed system.
• Units may be single letters, pairs of letters, triplets of letters, mixtures
of the above, and so forth
• Decryption simply performs the inverse substitution.
• Two typical substitution ciphers:
• monoalphabetic - fixed substitution over the entire message – Same “rules”
are applied throughout the entire plaintext
• Polyalphabetic - a number of substitutions at different positions in the
message
Monoalphabetic Substitution Cipher
• Encryption and decryption
Breaking Monoalphabetic
Substitution Cipher
• Frequency analysis is the study of the frequency of letters or groups
of letters in a ciphertext.
• Common letters : T, A, E, I, O
• Common 2-letter combinations (bigrams): TH, HE, IN, ER
• Common 3-letter combinations (trigrams): THE, AND, and ING
 Here is a ciphertext (cipher.txt)

Suppose we know that that this message is an english message encrypted with a monolithic substitution cipher

Can we crack this?

 Here is a ciphertext (cipher.txt)

Frequency Analysis leverages the fact that in any given written language, certain letters and
combinations occur more frequently than others

In English, T, A , I, and O are the most common letters, so it is likely the letters that appear the
most frequently in our ciphertext are one of those
 Here is a ciphertext (cipher.txt)

We can write a program that counts the frequency of characters (1-gram) and
frequency of character pairs (2-gram)

Frequencies in English Language

We can start making guesses!

Most common bigrams (in order)

th, he, in, en, nt, re, er, an, ti, es, on, at, se, nd, or, ar, al, te, co,
de, to, ra, et, ed, it, sa, em, ro.
Breaking Monoalphabetic
Substitution Cipher
• Trigram Frequency analysis results:
Translate ciphertext.txt, and replace all y with t

Translate ciphertext.txt, and replace all y with t, and replace all d with h

Keep adding more characters to your decryption scheme until you get the full answer 
Mode of Encryptions
Review the XOR operator:

Everything on a computer is zeros and ones

0101010101010010111101010100100
0010111001000101010101100101010 01101000 01100101 01101100 01101100
1010111110100100101010101001010 Hello world 01101111 00100000 01110111 01101111
1010110010101011010100101010101 01110010 01101100 01100100 00001010
0101010101001010101010101010100
1010101010101010110100101010101
00101…

Message:
⊕ 0001 1010 0011
Key:
1100 1100 0101
1⊕ 0 = 1
Ciphertext:
1101 0110 0110
0⊕0=0
1⊕1=0 How to get original message?
0⊕1=1
Review the XOR operator:

Everything on a computer is zeros and ones

0101010101010010111101010100100
0010111001000101010101100101010 01101000 01100101 01101100 01101100
1010111110100100101010101001010 Hello world 01101111 00100000 01110111 01101111
1010110010101011010100101010101 01110010 01101100 01100100 00001010
0101010101001010101010101010100
1010101010101010110100101010101
00101…

Message:
⊕ 0001 1010 0011
Key:
1100 1100 0101
1⊕ 0 = 1
Ciphertext:
⊕ 1101 0110 0110
0⊕0=0
1⊕1=0
1100 1100 0101
0001 1010 0011
0⊕1=1
XOR with the
key again!
 Block Cipher
Split in messages into fixed sized blocks, encrypt each block
separately

Hello there world

01101000 01100101 01101100 01101100
01101111 00100000 01110100 01101000
01100101 01110010 01100101 00100000
01110111 01101111 01110010 01101100
01100100 00001010
The specifics of this
Block 1 Block 2 Block 3 operation vary
depending on your
⊕ ⊕ ⊕ mode of encryption Decryption is performed by applying the reverse
transformation to ciphertext blocks

• Even small differences in plaintext result in

Important different ciphertexts
Ciphertext Properties • Blocks in plaintext that are the same will also
have matching ciphertexts
Advanced Encryption Standard
(AES)
• AES is a block cipher
• 128-bit block size.
• Three different key sizes: 128, 192, and 256 bits
Modes of Encryption

• Electronic Codebook (ECB)

• Cipher Block Chaining (CBC)
• Propagating CBC (PCBC)
• Cipher Feedback (CFB)
• Output Feedback (OFB)
• Counter (CTR)

All block ciphers!

Electronic Codebook ECB

Notice: For the same key, a plaintext always maps to the same ciphertext
In ECB (Electronic Codebook) mode, each block of plaintext is encrypted
separately. This means that the encryption of one block does not depend on
any other blocks.
Electronic Codebook (ECB) Mode
• Using openssl enc command:
3

• We use the 128-bit (key size) AES algorithm

• The -aes-128-ecb option specifies ECB mode
• The -e option indicates encryption
• The -d option indicate decryption
• The -K option is used to specify the encryption/decryption key
• Input file to be encrypted will be plain.txt
• Output file created that contains the ciphertext will be cipher.txt
Using OpenSSL to encrypt w/ ECB
Encrypt a .txt file

openssl enc -aes-128-ecb -e -in plain.txt -out cipher.txt \

-K 00112233445566778899AABBCCDDEEFF

plain.txt
Using OpenSSL to encrypt w/ ECB

Decrypt a .txt file

openssl enc -aes-128-ecb -d -in cipher.txt -out new_output.txt \

-K 00112233445566778899AABBCCDDEEFF

Changing the key used for decryption wont decrypt correctly!

Cipher Block Chaining (CBC) Mode
• The main purpose of IV
(initialization vector which is
random and unique) is to
ensure that even if two
plaintexts are identical, their
ciphertexts are still different,
because different IVs will be
used.
Cipher Block Chaining (CBC) Mode
• Using openssl enc command to encrypt the same plaintext, same key, different IV:

• We use the 128-bit (key size) AES algorithm

• The -aes-128-cbc option specifies CBC mode
• The -e option indicates encryption
• The -iv option is used to specify the Initialization Vector (IV)
Cipher Feedback (CFB) Mode
• A block cipher is turned into a stream
cipher.
• Ideal for encrypting real-time data.
• Padding not required for the last
block.
Comparing encryption with CBC and
CFB

• Plaintext size is 21 bytes

• CBC mode: ciphertext is 32 bytes due padding
• CFB mode: ciphertext size is same as plaintext size (21 bytes)
Output Feedback (OFB) Mode
• Similar to CFB
• Used as stream cipher
• Does not need padding and can
handle variable-length data
streams.
Counter (CTR) Mode
• It basically uses a counter to generate the
key streams
• no key stream can be reused, hence the
counter value for each block is prepended
with a randomly generated value called
nonce
• This nonce serves the same role as the IV
does to the other encryption modes.
ECB
How It Works: Each block
of plaintext is encrypted
independently.
Pros: Simple and fast.
Cons: Patterns in the
plaintext are visible in the
ciphertext (same plaintext
block = same ciphertext).
Example: Encrypting
"HELLO" produces the
same ciphertext every
time.
CBC CFB OFB
How It Works: Each block How It Works: Encrypts How It Works: Similar to
is XORed with the data in smaller segments CFB, but it generates
previous ciphertext block (like bytes). Each segment keystream blocks from the
before encryption. The is combined with the IV. Each block is
first block uses an previous ciphertext. independent of the
Initialization Vector (IV) Pros: Can encrypt data of plaintext.
for randomness. any length. Pros: If one byte of
Pros: More secure than Cons: An error in one byte ciphertext is corrupted,
ECB; patterns are hidden. affects that byte and all only that byte of plaintext
Cons: If one block is following bytes in that will be affected upon
corrupted, it affects that segment. decryption, with no
block and the next one. Example: The encryption impact on other bytes.
Example: Encrypting of a single character Cons: Same keystream
"HELLO" and "WORLD" changes based on can be reused, leading to
will produce different previous ciphertext. security risks.
ciphertexts even if they Example: Each byte is
are the same length. encrypted based on the IV
and not the previous
ciphertext.
Encryption Modes on images

Pattern Leakage: Identical plaintext blocks lead to identical

ciphertext blocks, which can expose patterns in the image.
Padding
Padding
• Padding is extra data added to make the original data fit into fixed-size
blocks. Block ciphers often require data to be a specific size (like 16 bytes).
• If the plaintext is not a multiple of the block size, padding ensures that the
plaintext fills the last block completely. Without padding, the encryption
process would not work correctly.
• Example: If your data is 14 bytes and the block size is 16 bytes, you need 2
bytes of padding. You might add 02 02 to indicate that there are 2 padding
bytes
• When decrypting, the padding is removed to get back to the original data.
• Commonly used padding scheme is PKCS#5
Padding Experiment

• Plaintext size is 9 bytes.

• Size of ciphertext (cipher.bin) becomes 16 bytes
Padding Experiment
• How does decryption software know where padding starts?

7 bytes of 0x07 are added

as the padding data
 Padding Experiment – Special case
• What if the size of the plaintext is already a multiple of the block size
(so no padding is needed), and its last seven bytes are all 0x07

• Size of plaintext (plain3.txt) is 16 bytes

• Size of decryption output (plaint3_new.txt) is 32 bytes ( a full block is added as the padding).
• Therefore, in PKCS#5, if the input length is already an exact multiple of the block size B, then B bytes of
value B will be added as the padding.
 Padding - summary

ECB CBC CFB OFB

Padding: Uses padding if Padding: Uses padding Padding: Does not No Padding Required:
the data isn’t a complete if needed. If "HELLO" need padding. The plaintext can be of
block. For example, if needs padding to fit IV: CFB also uses an IV any length.
"HELLO" is 5 bytes but into a block, it will add for extra security. IV: OFB uses an IV as
needs to be 8 bytes, it bytes to the end well.
adds 3 bytes of padding. IV (Initialization
No IV Vector): CBC requires
an IV, which is a
random value added to
the first block to make
the encryption more
secure.