Chapter two

Cryptography and encryption techniques

1
 • Basics of cryptography

• Historical background

• Cipher techniques
Outlines
• Conventional encryption algorithms

• Cryptographic systems
• Symmetric key cryptography
• Public key cryptography
• Hash function
2
Basic concepts of cryptography

• The name cryptography is taken from Greek word “kryptose” meaning

hidden secret.

• It the science and art of transforming messages to make them secure

and immune to attack..

• It is also the science of using mathematics to encrypt and decrypt data.

• Cryptography enables users to store sensitive information or transmit

it across insecure networks so that it can’t be read by any one except
the intended recipient.
3
Cryptography cont…

• Cryptography is the study of techniques for secure communication in

the presence of third parties.

• plain text
• Cipher text
Basic terms
• Encryption
• Decryption
• Keys

4
Basic terms cont...

• Plain text : a message which is on its orginal form and easly readable
by attackers.

• Cipher text: a message in its encrypted form which is difficult for

attackers to read. This is altered in the form unreadable for any one
except the intended recipient.

• Key: the sequence that controls the operation and behavior of the
cryptographic algorithm.

• Encryption: the process of converting plain text to cipher text.

5
Basic terms cont...

• Decryption: the process of changing cipher text to its original form.

• Cipher: the algorithm to change plain text to cipher text.

• Cryptanalysis: also called code breaking is the study of

principles/methods of deciphering cipher text with out knowing the
key.

• Cryptology: the study of both cryptography and cryptanalysis.

6
Features of Cryptography

• Confidentiality: Information can only be accessed by the person for

whom it is intended and no other person except him can access it.

• Integrity: Information cannot be modified in storage or transition

between sender and intended receiver without any addition to
information being detected.

• Non-repudiation: The creator/sender of information cannot deny his

intention to send information at later stage.

• Authentication: The identities of sender and receiver are confirmed.

7
 Types of cryptography

• In general there are three types of cryptography:

• Symmetric Key Cryptography: also called private /secret/ key cryptography.

• It is an encryption system where the sender and receiver of message use a

single common key to encrypt and decrypt messages.

• Symmetric Key Systems are faster and simpler but the problem is that sender
and receiver have to somehow exchange key in a secure manner.

• The most popular symmetric key cryptography system is Data Encryption

System(DES).
8
Cont…
• Asymmetric Key/public key/ Cryptography: A pair of keys is used to encrypt and
decrypt information. A public key is used for encryption and a private key is used for
decryption. Public key and Private Key are different. Even if the public key is known
by everyone the intended receiver can only decode it because he alone knows the
private key. Eg, RSA algorithm. How RSA works? Assignment/5%/

• Hash Functions: There is no usage of any key in this algorithm. A hash value with
fixed length is calculated as per the plain text which makes it impossible for contents
of plain text to be recovered.

• Many operating systems use hash functions to encrypt passwords.

9
Difference between symmetric and asymmetric cryptography

Symmetric key cryptography Asymmetric key cryptography

• One algorithm is used for encryption
• The same algorithm with the
and decryption with a pair of keys
same key is used for
one for encryption and the other for
encryption and decryption
decryption
• The key must be kept secret.
• One of the two keys must be kept
secret.

10
Cipher techniques

• Substitution
Classical Cryptography
• Transposition

• Stream cipher
Modern Cryptography
• Block cipher

11
Cipher techniques cont…

• Substitution: A cipher technique that encrypts the plaintext by

swapping each letter or symbol by a different symbol as directed
by the key.

• Some of the substitution cipher techniques are:

• Caesar cipher
• Playfair cipher
• Vigenere cipher
• Vernam Cipher etc.
12
Cipher technique cont…

• Transposition: a cipher technique used to encrypt plaintext by

changing the position of the character but not its identity.

• The common transposition ciphers are :

• Rail Fence
• Row column transposition

13
Caesar cipher

• It is one of the earliest and simplest methods of encryption technique

• It’s simply a type of substitution cipher, i.e., each letter of a given text is
replaced by a letter with 3 places further down the alphabet.

• The method is named after Julius Caesar, who apparently used it to

communicate with his officials.

• The encryption can be represented using modular arithmetic by first

transforming the letters into numbers, according to the scheme, A = 0, B =
1,…, Z = 25.
14
Caesar cont…

• Algorithm
• For each plain text letter “p”, substitute the cipher text letter “C”.
• Encryption, C= E(p,k)mod 26 = (p+k)mod 26
• Decryption, p=D(C,k)mod 26 = (C-k)mod 26 or (C-k)+26 if C<k
• The default k value for Caesar cipher is 3.
• Plain text is written in small letters while cipher text is denoted in
capital letters

15
Playfair cipher

• The Playfair cipher was the first literal digraph substitution cipher.

• It is symmetric encryption technique aka playfair square or wheatstone-

playfair cipher after Charles wheatstone invented it in 1854

• It is a multiple letter encryption technique that uses 5x5 matrix diagram

constructed using a keyword. (eg, student).

16
 Playfair cont…

• Steps in encryption
• Create diagrams
• Repeating letters - filler letters
• Same column – |↓| wraparound
• Same row – |→| wrap around
• Rectangle – | |swap

• Example1, take the plain text “ attack”

• Create diagrams (at, ta, ck).

17
Playfair cont…

• If the plain text is with repeated letters the filler letter is used.

• The diagrams for the word “hello” will be (he, lx, lo).

• If the plain text ends with odd number of letters like, “round”

• The diagrams will be (ro, un, dx)

• If the word “balloon”, is the plain text, its diagram will be (ba, lx, lo, on).

• Note: while decryption, the filler latters will be removed.

18
 Cipher text generation in playfair
• Let take plain text “ attack” with key = student
• Diagram = at, ta, ck

Plain text at ta ck
Cipher text HA AH KQ

• Let us take plain text “security” with the same key

• Diagrams = se, cu, ri, ty.

Plain text se cu ri ty
Cipher text TS BD PL DW

19
Vigenere Cipher
• It is a method of encrypting alphabetic text. In Vigenere cipher method,

• Assign a number to each character of the Plain-Text, like (a = 0,... z = 25).

• Repeat a key to encrypt the plain text until the length of the key becomes equal to
the length of the plain text.

• Encryption Algorithm:
• Assign a number to each character of the plain-text and the key based on
alphabetical order.
• Add the number (Corresponding plain-text and Key character number).
• Subtract 26 from the number if the resulting number is greater than or equal to
26, if it isn’t then leave it.
20
Vigenere cipher example
• Example 1:
• Plain-Text: O A K
• Key: S O N
• O ==>14 A=0 K= 10
• S ==>18 O=14 N= 13
• Adding the values gives us 32, 14, 23
• Since the resulting number is greater than 25, subtract 26 from it. Then convert
the Cipher-Text character number to the Cipher-Text character.
• 32 - 26 = 6 ==> G,
• 14==>O,
• 23==>X
• There fore: CIPHER-TEXT: GOX
21
Vigenere cipher cont…
• Change the plain text “ defeat” to cipher text using the key “create”.
A B C D E F G H I J
0 1 2 3 4 5 6 7 8 9
K L M N O P Q R S T
10 11 12 13 14 15 16 17 18 19
U V W X Y Z
20 21 22 23 24 25

Plain text d e f e a t
3 4 5 4 0 19
Key c r e a t e
2 17 4 0 19 4
sum 5 21 9 4 19 23
Cipher text F V J E T X
22
Vernam cipher
• Vernam Cipher is a method of encrypting alphabetic text. It is one of the Substitution
techniques for converting plain text into cipher text. In this mechanism, we assign a
number to each character of the Plain-Text, like (a = 0, b = 1, c = 2, … z = 25).
Method to take key: In the Vernam cipher algorithm, we take a key to encrypt the plain
text whose length should be equal to the length of the plain text.
• Encryption Algorithm
• Assign a number to each character of the plain text and the key according to alphabetical
order.
• Bitwise XOR both the number (Corresponding plain-text character number and Key
character number).
• Subtract the number from 26 if the resulting number is greater than or equal to 26, if it
isn’t then leave it.

23
Vernam cipher…
• Ci= Pi ⊕ Ki
• Example 1: plain text= oak, key= son
• Solution: Plain text o a K
Decimal and Binary 14=01110 0=00000 10=01010
representation
Key s o n
Decimal and Binary 18= 10010 14=01110 13=01101
representation
Bitwise XOR 11100=28 01110=14 00111=7
Cipher text 28-26= 2→ C 14→ O 7→H

• However, its’ decryption is not as much simple as its encryption. There fore, vernam
cipher was improved to the addition of the key value to the plain text value to change to
it’s cipher text.
24
Vernam cipher improved
• Encryption Algorithm:
• Assign a number to each character of the plain-text and the key based on alphabetical
order.
• Add the number (Corresponding plain-text and Key character number).
• Subtract 26 from the number if the resulting number is greater than or equal to 26, if it
isn’t then leave it.
• Example 1: Plain-Text: O A K, Key: S O N
• O ==>14 A=0 K= 10
• S ==>18 O=14 N= 13 Adding the values gives us 32, 14, 23
• Since the resulting number is greater than 25, subtract 26 from it. Then convert the Cipher-
Text character number to the Cipher-Text character.
• 32 - 26 = 6 ==> G, 14==>O, 23==>X
• There fore: CIPHER-TEXT: GOX

25
Let us see the limitation of XOR decryption and strength of using decimal addition
and subtraction Cipher text C O H
Decimal and Binary representation 2=00010 14=01110 7=00111
Key s o n
Decimal and Binary representation 18= 10010 14=01110 13=01101
Bitwise XOR 10000= 16 00000= 0 01010= 10
plain text 16→ q 0→a 10→k

Cipher text G= 6 O= 14 X=23

Key S= 18 O= 14 N=13
Subtraction result -12+26=14 0 10
Plain text 14→ o 0→a 10→k

Note: As we can see from the examples the bitwise XOR couldn’t
decrypt the text back correctly.
26
Vernam cipher cont…
Example 2: Change the plain text “ defeat” to cipher text using the key “create”.

A B C D E F G H I J
0 1 2 3 4 5 6 7 8 9
K L M N O P Q R S T
10 11 12 13 14 15 16 17 18 19

U V W X Y Z
20 21 22 23 24 25

Plain text d e f e a t
3 4 5 4 0 19
Key c r e a t e
2 17 4 0 19 4
sum 5 21 9 4 19 23
Cipher text F V J E T X
27
Rail fence technique
• The simplest transposition technique.

• The plain text is written down as a sequence of diagonals and then read off as
a sequence of rows.

• The length of the diagonal will be determined by the depth value

• Example change the plain text “computer security” to cipher text using depth
value 3. C U S R
O P T R E U I Y
• Plain text = computer security
M E C T
• depth= 3

• Cipher text =CUSROPTREYIYMECT 28

Decryption using rail fence
• Decrypt the cipher text “ GEFTKERAYOATCTDRA” using key value 3.
• Step 1: GEFTK g e f t K
- - - - - - - -
- - - -

g e f t K
e r a y o a t c
• Step 2: ERAYOATC - - - -

g e f t K
e r a y o a t c
• Step 3: TDRA t d r a

• Finally read the diagonals: “get ready for attack” is the plain text.
29
Row column transposition

• A more complex scheme of transposition cipher.

• The steps in this cipher technique are

• Create a rectangle having an agreed number of rows and columns
by sender and receiver
• Write the plain text row by row and read it column by column.
• Key is taken as order of the columns to be read

30
 Row column cont…

• Example: change the plain text “ create your own password now” into cipher text
using a 5*5* rectangle.

• The key is 23415 c r e a t

• The cipher text is : e y o u r
o w n p a
• Rywsneonwoaupowceosdtrarz s s w o r
d n o w z
• Reverse the process for decryption using row-column transposition.

31
 Cont…

• Decrypt the cipher text “NTKAOACDDTAOOTTY” using the key 3214 with 4 rows.

• Step 1: put the letters in the indicated columns.

• Step 2: read the inserted letters horizontally following the rows.

Step 1: step2: step 3: step 4:

- - n - - o n - d o n - d o n o
- - t - - a t - t a t - t a t t
- - k - - c k - a c k - a c k t
- - a - - d a - o d a - o d a y

Step 5: read the text horizontally: do not attack today.

32
 Modern cryptography
• Symmetric encryption algorithms are divided into stream and block cipher.

• A stream cipher encrypts a continuous string of binary digits by applying time-varying

transformations on plaintext data.

• It works byte by byte to transform plain text into code that's unreadable to anyone
without the proper key.

• Stream encryption also occurs in a linear, continuous manner, making it simpler and
faster to implement.

• Examples of stream cipher: Rivest Cipher (RC4), Salsa20, Software-optimized

Encryption Algorithm (SEAL)

33
 Types of stream cipher

• Two categories of stream cipher are:

• Synchronous and self-synchronizing/asynchronous stream cipher

• Synchronous cipher:

• The keystream block is generated independently of the previous ciphertext and plaintext
messages.

• The most common stream cipher modes use pseudorandom number generators to create
a string of bits to combine it with the key to form the keystream, which is XORed with
the plaintext to generate ciphertext.

34
•A self-synchronizing stream cipher, also known as ciphertext autokey, generates
the keystream block as a function of the symmetric key and fixed size (N-bits) of
the previous ciphertext block.

•Altering the ciphertext alters the content of the next keystream so that
asynchronous stream ciphers can detect active attacks.

•These ciphers also offer limited error propagation since a single-digit error can
affect N bits at most.

35
 Advantages of stream cipher:

• Stream ciphers that do not use block ciphers as a constructing block are usually faster.

• For applications that need a stream of data, including over a data communications channel
or a browser/Web link, a stream cipher can be the superior alternative.

• It requires few lines of code compared to block cipher.

Disadvantages:
 They lack diffusion since each plaintext digit is mapped to one ciphertext output.
 They do not validate authenticity, making them vulnerable to insertions.
 If hackers break the encryption algorithm, they can insert or modify the encrypted
message without detection.

36
 Block cipher
• Block ciphers convert data in plaintext into ciphertext in fixed-size blocks. The block
size depends on the encryption scheme and is usually in octaves (64-bit or 128-bit
blocks).

• If the plaintext length is not a multiple of 8, the encryption scheme uses padding to
ensure complete blocks.

• For instance, to perform 128-bit encryption on a 150-bit plaintext, the encryption scheme
provides two blocks, 1 with 128 bits and one with 22 bits left. 106 Redundant bits are
added to the last block to make the entire block equal to the encryption scheme’s
ciphertext block size.

37
 Con…
• Modern block ciphers are based on the design of an iterated product cipher.

• With the use of a fixed key, a block cipher encrypts groups of data in order to maintain
maximum confidentiality and security.

• Block encryption algorithms offer high diffusion; that is, if a single plaintext block were
subjected to multiple encryption iterations, it resulted in a unique ciphertext block for each
iteration.

• It is difficult for malicious actors to insert symbols into a data block without detection.

• Block ciphers have a high error propagation rate since a bit of change in the original
plaintext results in entirely different ciphertext blocks.

38
 Block cipher operation modes

• Several block cipher modes of operation have been developed to enable the encryption of

multiple blocks of long data that are included into two categories:

• Confidentiality-only and Authenticated encryption with additional data.

•Confidentiality-only cipher focuses on keeping communication between two parties

private. These modes include:

 Electronic codebook (ECB)

 Cipher block chaining mode (CBC)

 Propagating cipher block chaining (PCBC)

39
•Authenticated encryption with additional data: the mode of operation for block
ciphers ensures data authenticity and confidentiality. These includes:
 Galois/counter mode (GCM)

 Synthetic initialization vector (SIV)

•Block Cipher standards

•Block ciphers form the basis of most modern cipher suites. Some commonly used block
cipher encryption standards include: Data Encryption Standard (DES), Advanced
Encryption Standard (AES), Twofish.

•Data Encryption Standard (DES): A 56-bit symmetric key algorithm was initially used
to protect sensitive, confidential information.
40
•DES has since been withdrawn due to short key length and other security concerns
but is still viewed as a pioneer encryption standard.

•Advanced Encryption Standard (AES): A popular block cipher encrypts data in

blocks of 128 bits using 128, 192, and 256-bit symmetric keys.

•AES is a globally accepted encryption standard since cryptanalysis efforts against its
algorithms have been unsuccessful.

•Twofish: is an encryption standard that uses a complex key schedule, and substitution
techniques to separate the key and ciphertext.

•The standard encrypts plaintext data in blocks of128 bits, with flexible key sizes
between 128 and 256 bits long.
41
• Advantages of block cipher:

• While they may be altered with, they generally go undetected and possess strong
resistance.
•Disadvantages of block ciphers:
• The encryption speed isn’t as fast as other methods since encryption occurs within
entire blocks and multiple bits at a time.
• Small mistakes in even just one symbol may endanger the entire block, allowing for
errors to spread quickly.

42
• Difference between stream and block cipher

Stream cipher Block cipher

Converts the plain text into cipher text by converts the plain text into cipher text by
taking 1 byte of plain text at a time. taking plain text’s block at a time

uses 8 bits. uses either 64 bits or more than 64 bits.

Uses algorithm modes like ECB (Electronic

Uses algorithm modes such as CFB (Cipher Code Book) and CBC (Cipher Block
Feedback) and OFB (Output Feedback). Chaining).
stream cipher works on substitution Block cipher works on transposition
techniques techniques

43
Key management and exchange
• In cryptography, it is a very tedious task to distribute the public and private keys between sender
and receiver. If the key is known to third party (forger) then the whole security mechanism
becomes useless. So, it needs to secure key exchange. The two aspects for Key Management are:
1.Distribution of public keys.
2.Use of public-key encryption to distribute secrets.
• Distribution of Public Key:
• The public key can be distributed in four ways:
1.Public announcement
2.Publicly available directory
3.Public-key authority
4.Public-key certificates
• Public Announcement: Here the public key is broadcasted to everyone. The major weakness of
this method is a forgery. Anyone can create a key claiming to be someone else and broadcast it.
Until forgery is discovered he/she can masquerade as claimed user.
44
Key management and exchange cont…
• Publicly Available Directory: the public key is stored in a public directory. Directories are
trusted here, with properties like Participant Registration, access and allow to modify values at
any time, contains entries like name, public-key. Still vulnerable to forgery.
• Public Key Authority: Similar to directory but, improves security by tightening control over the
distribution of keys from the directory. It requires users to know the public key for the directory.
Whenever the keys are needed, real-time access to the directory is made by the user to obtain any
desired public key securely.
• Public Certification: This time authority provides a certificate (which binds an identity to the
public key) to allow key exchange without real-time access to the public authority each time. The
certificate is accompanied by some other information such as validity period, rights of use, etc
which are signed by the private key of the certificate authority and it can be verified by anyone
possessing the authority’s public key. First sender and receiver both request CA for a certificate
which contains a public key and other information and then they can exchange these certificates
and can start communication.
45
Cryptographic hash functions
• Hash functions are mathematical functions that transform or "map" a given data set into
a bit string of fixed size, also known as the "hash value."
• Hash functions are used in cryptography and have variable levels of complexity and
difficulty.
• Hash functions are used for cryptocurrency, password security, and message security.
• A cryptographic hash function is a mathematical function used in cryptography. Typical
hash functions take inputs of variable lengths to return outputs of a fixed length.
• A cryptographic hash function combines the message-passing capabilities of hash
functions with security properties.
• Cryptographic hash functions add security features to typical hash functions, making it
more difficult to detect the contents of a message or information about recipients and
senders.

46
 you
a n k
T h s ?
t i on
ue s
Q

47