Chapter 1

Introduction to Cryptography and

Classical Encryption Techniques
 Chapter 1 – Introduction

The art of war teaches us to rely not on the

likelihood of the enemy's not coming, but on
our own readiness to receive him; not on the
chance of his not attacking, but rather on the
fact that we have made our position
unassailable.
—The Art of War, Sun Tzu
 Cont…
• Cryptography
in greek: krptos : hidden
graphein : to write
- Hidden writing .
• It is used to protect information
• can ensure
confidentiality
 Integrity and
 Authenticity

3
 Cont…
• Computer Security - generic name for the collection
of tools designed to protect data and to trace
hackers
• Network Security - measures to protect data during
their transmission
• Internet Security - measures to protect data during
their transmission over a collection of
interconnected networks
• information security is about how to prevent
attacks, or failing that, to detect attacks on
information-based systems
 Primary Goals of security is
C.I.A. triangle was standard that tells the primary goals of
information security

5
Security Trends
 Aspects of Security
• consider 3 aspects of information security:
– security attack
– security mechanism
– security service
 Security Attack

any action that compromises the security of

information owned by an organization

•Brute force attack: trying every possible

combination of options.

•Dictionary attack: selects specific accounts to

attack and uses commonly used passwords
(i.e., the dictionary) to guide guesses

8
 Attacks (continued)
• Denial-of-service (DoS): attacker sends large
number of connection or information requests
to a target
– Target system cannot handle successfully along with
other, legitimate service requests
– May result in system crash or inability to perform
ordinary functions
• Distributed denial-of-service (DDoS):
coordinated stream of requests is launched
against target from many locations
simultaneously 9
Figure 2-9 - Denial-of-Service
Attacks

Fig 1.2 Denial of service attack

10
 Attacks (continued)
• Ip Spoofing attack: technique used to gain
unauthorized access; intruder assumes a
trusted IP address

• Man-in-the-middle attack: attacker monitors

network packets, modifies them, and inserts
them back into network

11
Fig 1.3 Ip spoofing
12
Figure 2-11 - Man-in-the-Middle

Fig 1.4 Man-in-the Middle attack

13
 Attacks (continued)
• Mail bombing: also a DoS; attacker routes large
quantities of e-mail to target
• Masquerade it will takes place when one entity
pretends to be a different entity. For example,
authentication sequences can be captured and
replayed after a valid authentication sequence
has taken place, thus enabling an authorized entity
with few privileges to obtain extra privileges by
impersonating an entity that has those privileges.
14
 Attacks (continued)
• Phishing: an attempt to gain personal/financial
information from individual, usually by posing as
genuine entity

• Pharming: redirection of legitimate Web traffic

(e.g., browser requests) to illegitimate site for the
purpose of obtaining private information

• Sniffers - A program and/or device that can monitor

data traveling over a network. Sniffers can be used
both for legitimate network management functions
and for stealing information from a network.
15
 Types of attacks
– types of attacks
1. passive
2. Active
1. Active attacks
Active attacks involve some modification of the data
stream or the creation of a false stream.

16
 2.Passive Attacks:
• Passive attacks are in the nature of eavesdropping
on, or monitoring of, transmissions.
• The goal of the opponent is to obtain information
that is being transmitted.

17
Difference between passive and active attacks

18
• Cont…

19
 Security Service
– enhance security of data processing systems and
information transfers of an organization
– intended to counter security attacks
– using one or more security mechanisms
– often replicates functions normally associated
with physical documents
• which, for example, have signatures, dates; need
protection from disclosure, tampering, or destruction;
be notarized or witnessed; be recorded or licensed
 Security Services
• X.800:
“a service provided by a protocol layer of
communicating open systems, which ensures
adequate security of the systems or of data
transfers”

• RFC 2828:
“a processing or communication service provided by
a system to give a specific kind of protection to
system resources”
 Security Services (X.800)
• Authentication - assurance that the communicating
entity is the one claimed
• Access Control - prevention of the unauthorized use
of a resource
• Data Confidentiality –protection of data from
unauthorized disclosure
• Data Integrity - assurance that data received is as
sent by an authorized entity
• Non-Repudiation - protection against denial by one
of the parties in a communication
 Security Mechanism
• feature designed to detect, prevent, or
recover from a security attack
• no single mechanism that will support all
services required
• however one particular element underlies
many of the security mechanisms in use:
– cryptographic techniques
• hence our focus on this topic
 Security Mechanisms (X.800)
• specific security mechanisms:
– encipherment
– digital signatures
– access controls
– data integrity
– authentication exchange
– traffic padding
Model for Network Security
 Some Basic Terminology

• plaintext - original message

• ciphertext - coded message
• cipher - algorithm for transforming plaintext to
ciphertext
• key - info used in cipher known only to sender/receiver
• encipher (encrypt) - converting plaintext to ciphertext
• decipher (decrypt) - recovering ciphertext from plaintext
• cryptography - study of encryption principles/methods
• cryptanalysis (codebreaking) - study of principles/
methods of deciphering ciphertext without knowing key
• cryptology - field of both cryptography and cryptanalysis

26
 Cryptanalysis
• objective to recover key not just message
• general approaches:
– cryptanalytic attack
– brute-force attack
 Cryptanalytic Attacks
• ciphertext only
– only know algorithm & ciphertext, is statistical,
know or can identify plaintext
• known plaintext
– know/suspect plaintext & ciphertext
• chosen plaintext
– select plaintext and obtain ciphertext
• chosen ciphertext
– select ciphertext and obtain plaintext
• chosen text
– select plaintext or ciphertext to en/decrypt
conventional / Symmetric /private-key/
single-key/ cryptographic algorithm

• sender and recipient share a common key

• and by far most widely used
1.classical (stream) cipher technique
2.block cipher technique

29
Symmetric Cipher Model

Fig Simplified Model of Symmetric Encryption

30
 1.Classical encryption technique
• There are two primary methods in which plain
text can be converted into cypher text and vice
versa
a. Substitution: letters of plaintext are replaced by
other letters or by numbers or symbols
b. Transposition: performing permutation in order
to change the plain text to cipher text.
Thus, these two methods are called as classical
cryptography techniques
31
 a) Substitution Ciphers
• where letters of plaintext are replaced by other letters or
by numbers or symbols
• or if plaintext is viewed as a sequence of bits, then
substitution involves replacing plaintext bit patterns with
cipher text bit patterns
example: i) Caesar cipher
ii) Monoalphabetic Cipher
iii)Playfair Cipher
iv)Hill Cipher
v)polyalphabetic Cipher
Vi ) one time pad

32
 i)Caesar Cipher
• earliest known substitution cipher
• by Julius Caesar
• first attested use in military affairs
• replaces each letter by 3rd letter on
• example:
meet me after the toga party
PHHW PH DIWHU WKH WRJD SDUWB

33
 Caesar Cipher
• can define transformation as:
a b c d e f g h i j k l m n o p q r s t u v w x y z
D E F G H I J K L M N O P Q R S T U V W X Y Z A B C

• mathematically give each letter a number

a b c d e f g h i j k l m n o p q r s t u v w x y z
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25

• then have Caesar cipher as:

c = E(p) = (p + k) mod (26)
p = D(c) = (c – k) mod (26)

34
 Cryptanalysis of Caesar Cipher
• only have 26 possible ciphers
– A maps to A,B,..Z
• could simply try each in turn
• a brute force search
• given cipher text, just try all shifts of letters
• do need to recognize when have plaintext
• eg. break ciphertext "GCUA VQ DTGCM"
 ii) Monoalphabetic Cipher
• rather than just shifting the alphabet
• Permute the letters arbitrarily
• each plaintext letter maps to a different random
ciphertext letter
• hence key is 26 letters long

Plain: abcdefghijklmnopqrstuvwxyz
Cipher: DKVQFIBJWPESCXHTMYAUOLRGZN

Plaintext: ifwewishtoreplaceletters
Ciphertext: WIRFRWAJUHYFTSDVFSFUUFYA
 Monoalphabetic Cipher Security
• If S=[a,b,c]
• s have 6 permituation
• (abc,acb,bac,bca,cab,cba)
3!=6
• now have a total of 26! = 4 x 1026 keys
• with so many keys, might think is secure
• but would be !!!WRONG!!!
• problem is language characteristics
 Language Redundancy and Cryptanalysis

• human languages are redundant

• eg "th lrd s m shphrd shll nt wnt"
• letters are not equally commonly used
• in English E is by far the most common letter
– followed by T,R,N,I,O,A,S
• other letters like Z,J,K,Q,X are fairly rare
• have tables of single, double & triple letter
frequencies for various languages
English Letter Frequencies
 Use in Cryptanalysis
• key concept - monoalphabetic substitution ciphers
do not change relative letter frequencies
• discovered by Arabian scientists in 9th century
• calculate letter frequencies for ciphertext
• compare counts/plots against known values
• if caesar cipher look for common peaks/troughs
– peaks at: A-E-I triple, NO pair, RST triple
– troughs at: JK, X-Z
• for monoalphabetic must identify each letter
– tables of common double/triple letters help
 Example Cryptanalysis
• given ciphertext:
UZQSOVUOHXMOPVGPOZPEVSGZWSZOPFPESXUDBMETSXAIZ
VUEPHZHMDZSHZOWSFPAPPDTSVPQUZWYMXUZUHSX
EPYEPOPDZSZUFPOMBZWPFUPZHMDJUDTMOHMQ
• count relative letter frequencies (see text)
• guess P & Z are e and t
• guess ZW is th and hence ZWP is the
• proceeding with trial and error finally get:
it was disclosed yesterday that several informal but
direct contacts have been made with political
representatives of the viet cong in moscow
 iii)Playfair Cipher
• not even the large number of keys in a
monoalphabetic cipher provides security
• one approach to improving security was to
encrypt multiple letters
• the Playfair Cipher is an example
• invented by Charles Wheatstone in 1854, but
named after his friend Baron Playfair

42
 Playfair Key Matrix
• a 5X5 matrix of letters based on a keyword
• fill in letters of keyword (sans duplicates)
• fill rest of matrix with other letters
• eg. using the keyword MONARCHY
M O N A R
C H Y B D
E F G I/J K
L P Q S T
U V W X Z
43
 Encrypting and Decrypting
• plaintext is encrypted two letters at a time
1. if a pair is a repeated letter, insert filler like 'X’
2. if both letters fall in the same row, replace each
with letter to right (wrapping back to start from
end)
3. if both letters fall in the same column, replace
each with the letter below it (again wrapping to
top from bottom)
4. otherwise each letter is replaced by the letter in
the same row and in the column of the other letter
of the pair

44
 Playfair Cipher (cont…)

Example
use key playfir to encrypt the message (meet at the
school house)
p l a y f

Ij r b c d

e g h k m

n o q s t

u v w x z

meet at the school house

me et at th es ch ox ol ho us ex
Encrypted message: EG MN FQ QM KN BK SV VR GQ XN KU

45
 iV) Hill Cipher
Invented in 1929 by Lester Hill, the Hill Cipher uses blocks of m characters for some
integer m, and enciphers elements by means of linear combinations of the m elements.
Let P = C = (Z26)m and let K be the set of invertible mm matrices over Z26.

Given a matrix M  K, and a integer plaintext element x = (x1,x2,…,xm),

we define
eM(x) = (x1,x2,…,xm)M,

where the symbol  denotes matrix multiplication.

In the above, we have identified the letters of the alphabet with the corresponsing
integers as before.

We shall henceforth assume this correspondence and treat Z26 as if it were the
alphabet.

However, from time to time, we will elaborate to remind you of the real process.

46
 The Hill Cipher

So how do we decrypt?

We need to solve equations like y = xMfor a square matrix M over Z26

If we solving over the reals, we would check to see if det(M)  0.

Then we would compute the matrix inverse and multiply both sides by the inverse

Thus the decryption function would be given by

dM(y) = yM-1

Recall that we require M to be an “invertible” matrix over Z26.

47
 The Hill Cipher

Example: encrypt the plaintext july using the Hill cipher with m = 2 and key
 11 8
  
3 7

 7 18 
As noted above,   
 
 23 11 

The plaintext july consists of two elements: ju  (9,20) and ly 

11 8 
9, 20  99  60,72  140  3,4   DE
 3 7

 11 8
11, 22  121  72,88  168 11,22   LW
3 7

Thus eK(july) = DELW

 The Hill Cipher

To decrypt the ciphertext message DELW, Bob would compute

7 18 
3, 4  9,20   ju
 23 11 

 7 18 
11, 22  11,24  ly
 23 11 
 V. Polyalphabetic
Ciphers
The monoalphabetic (simple) substitution cipher uses
only one replacement scheme for all letters of the plain
text. Polyalphabetic ciphers use more than one
replacement scheme.
•improve security using multiple cipher alphabets(use of
multiple letters to replace one letter)
•make cryptanalysis harder with more alphabets to guess
and flatter frequency distribution
•one of the simplest, polyalphabetic ciphers is the
Vigenère cipher.
50
Vigenere Cipher

51
 vi.One-Time Pad
• This technique was introduced by army signal
officer Joseph Mauborgne. Which is also called
Vernam.
• He suggested using a random key that is as long
as the message.
• A message encrypted using a one-time pad
cannot be broken because the encryption key is a
random number and because the key is used
only once
• problems in generation & safe distribution of key
 2)Transposition Ciphers
• now consider classical transposition or
permutation ciphers
• these hide the message by rearranging the
letter order
• without altering the actual letters used
• can recognise these since have the same
frequency distribution as the original text
examples i. Rail Fence cipher
ii. Columnar Transposition 53
 i. Rail Fence cipher
• write message letters out diagonally over a number
of rows
• then read off cipher row by row
• For example, to encipher the message
“meet me after the toga party” with a rail fence of
depth 2, we write
• write message out as:
m e m a t r h t g p r y
e t e f e t e o a a t
• giving ciphertext
MEMATRHTGPRYETEFETEOAAT

54
 Decryption
• The decryption process for the Rail Fence Cipher
involves reconstructing the diagonal grid used to
encrypt the message. We start writing the
message, but leaving a dash in place of the
spaces yet to be occupied. Gradually, you can
replace all the dashes with the corresponding
letters, and read off the plaintext from the table.
• We start by making a grid with as many rows as
the key is, and as many columns as the length of
the ciphertext.
 Cont..
• We then place the first letter in the top left square, and
dashes diagonally downwards where the letters will be.
When we get back to the top row, we place the next
letter in the ciphertext. Continue like this across the row,
and start the next row when you reach the end.
• For example, if you receive the ciphertext
"TEKOOHRACIRMNREATANFTETYTGHH", encrypted with
a key of 4, you start by placing the "T" in the first square.
You then dash the diagonal down spaces until you get
back to the top row, and place the "E" here. Continuing
to fill the top row you get the pattern below.
Cont..
 Cont…
From this we can now read the plaintext off
following the diagonals to get "they are attacking
from the north".
 ii. Columnar Transposition
A more complex scheme is to write the message in a rectangle, row by row,
and read the message off, column by column, but to permute the order of
columns. The order of columns then becomes the key to the algorithm. For
Example, a t t a c k p o s t p o n e d u n t i l t w o month
Key: 4 3 1 2 5 6 7
Plaintext: a t t a c k p
o s t p o n e
d u n t i l t
w o m o n t h
Ciphertext: TTNMAPTOTSUOAODWCOINKNLTPETH
A pure transposition cipher is easily recognized because it has the same letter
frequencies as the original plaintext.

59
 Rotor Machines
• before modern ciphers, rotor machines were most
common complex ciphers in use
• widely used in WW2
– German Enigma, Allied Hagelin, Japanese Purple
• implemented a very complex, varying substitution
cipher
• used a series of cylinders, each giving one
substitution, which rotated and changed after each
letter was encrypted
• with 3 cylinders have 263=17576 alphabets
Cont…
 Steganography
• an alternative to encryption
• hides existence of message
– using only a subset of letters/words in a longer
message marked in some way
– using invisible ink
– Hiding in graphic image or sound file
• has drawbacks
– high overhead to hide relatively few info bits

62