Cryptography

Cryptography Concepts

Encryption Algorithms
Cryptography Concepts

• Cryptography is the conversion of data into a

scrambled code that is encrypted and sent across a
private or public network
• Cryptography is used to protect confidential data
such as email messages, chat sessions, web
transactions, personal data, e-commerce
applications, etc.
• Objectives of Cryptography
• Confidentiality
• Authentication
• Integrity
• Nonrepudiation
Cryptography concepts

• plaintext - the original message

• ciphertext - the coded message
• cipher - algorithm for transforming plaintext to
ciphertext
• key - info used in cipher known only to
sender/receiver
Cryptography concepts

• Basic situation in cryptography

Cryptography concepts
Some types of systems
• Depending on the type of operations in the
encryption/decryption
• Based on substitutions: elements in the plaintext are replaced
by other elements
• Based on transpositions: elements in the plaintext are re-
arranged
• Number of keys used
• Symmetric systems (also known as single-key, secret-key, or
conventional systems)
• Asymmetric systems (also known as two-key, public-key, or
unconventional systems)
• The way the plaintext is processed
• Block ciphers: plaintext split into blocks processed separately
• Stream ciphers: plaintext processed continuously
Cryptography concepts
Cryptanalysis – types of attacks
• Fundamental rule: one must always assume that the attacker knows the
methods for encryption and decryption; he is only looking for the keys
• Creating a new cryptographic method is a very complex process involving many
people – difficult to keep it confidential
• Bonus for publishing the methods: people will try to break it for you (for free!)
• Passive attack: the attacker only monitors the traffic attacking the
confidentiality of the data
• Active attack: the adversary attempts to alter the transmission attacking
data integrity, confidentiality, and authentication.
• Cryptanalysis: rely on the details of the encryption algorithm plus
perhaps some knowledge about the general characteristics of the
plaintext – sometimes the plaintext is known and the key is being looked
for
• Brute-force attack: try every possible key on the ciphertext until an
intelligible translation into a plaintext is obtained
Types of cryptography

• Symmetric Encryption
• (secret-key, shared-key, and private-key) uses the same
key for encryption as it does for decryption.
• Asymmetric Encryption
• (public key) uses different encryption keys for encryption
and decryption. These keys are known as public and
private keys.
 Types of cryptography

Alice’s Bob’s
K encryption K decryption
A
key B key

plaintext encryption ciphertext decryption plaintext

algorithm algorithm
Types of cryptography

• Symmetric Encryption
 Types of cryptography

• Symmetric Encryption

KA-B KA-B

plaintext encryption ciphertext decryption plaintext

message, m algorithm algorithm
K (m) m = K ( KA-B(m) )
A-B A-B

symmetric key crypto: Bob and Alice share know same

(symmetric) key: K A-B
• e.g., key is knowing substitution pattern in mono
alphabetic substitution cipher
Types of cryptography

• Symmetric Encryption
• Requirements
• two requirements for secure use of symmetric
encryption:
• a strong encryption algorithm
• a secret key known only to sender / receiver
Y = EK(X)
X = DK(Y)
• assume encryption algorithm is known
• implies a secure channel to distribute key
Classical encryption

• Secret-key cryptography
• Also called symmetric or conventional cryptography
• Five ingredients
• Plaintext
• Encryption algorithm: runs on the plaintext and the encryption key to yield the ciphertext
• Secret key: an input to the encryption algorithm, value independent of the plaintext;
different keys will yield different outputs
• Ciphertext: the scrambled text produced as an output by the encryption algorithm
• Decryption algorithm: runs on the ciphertext and the key to produce the plaintext

• Requirements for secure conventional encryption

• Strong encryption algorithm
• An opponent who knows one or more ciphertexts would not be able to find the plaintexts
or the key
• Ideally, even if he knows one or more pairs plaintext-ciphertext, he would not be able to
find the key
• Sender and receiver must share the same key. Once the key is compromised, all
communications using that key are readable
• It is impractical to decrypt the message on the basis of the ciphertext plus the knowledge
of the encryption algorithm -> encryption algorithm is not a secret
Classical encryption

• Notation for relating the plaintext, ciphertext, and the keys

• C=EK(P) denotes that C is the encryption of the plaintext

P using the key K
• P=DK(C) denotes that P is the decryption of the
ciphertext C using the key K
• Then DK(EK(P))=P
Caesar Cipher

• It is a typical substitution cipher and the oldest known

– attributed to Julius Caesar
• Simple rule: replace each letter of the alphabet with
the letter standing 3 places further down the alphabet
• Example:

• Here the key is 3 – choose another key to get a

different substitution
• The alphabet is wrapped around so that after Z follows
A:
Caesar cipher

• Mathematically, give each letter a number

• The key is a number from 0 to 25

• Caesar cipher can now be given as
Attacking Caesar

• Caesar can be broken if we only know one pair

(plain letter, encrypted letter)
• The difference between them is the key
• Caesar can be broken even if we only have the
encrypted text and no knowledge of the plaintext
• Brute-force attack is easy: there are only 25 keys
possible
• Try all 25 keys and check to see which key gives an
intelligible message
Attacking Caesar
Strengthening Caesar: monoalphabetic ciphers

• Caesar only has 25 possible keys – far from secure

• Idea: instead of shifting the letters with a fixed amount
how about allowing any permutation of the alphabet

• This is called monoalphabetic susbstitution cipher – a

single alphabet is used
• The increase in the number of keys is dramatic: 26!, i.e.,
more than 4x1026 possible keys
• Compare: DES only has an order of 1016 possible keys
Playfair Cipher

• The Playfair Cipher is an example of multiple-letter

encryption
• Invented by Sir Charles Wheatstone in 1854, but
named after his friend Baron Playfair who
championed the cipher at the British foreign office
• Based on the use of a 5x5 matrix in which the
letters of the alphabet are written (I is considered
the same as J)
• This is called key matrix
Playfair Cipher

• A 5X5 matrix of letters based on a keyword

• Fill in letters of keyword (no duplicates)
• Left to right, top to bottom
• Fill the rest of matrix with the other letters in alphabetic
order
• E.g. using the keyword MONARCHY, we obtain the
following matrix
Encrypting and decrypting with Playfair

• The plaintext is encrypted two letters at a time

• Break the plaintext into pairs of two consecutive letters
• If a pair is a repeated letter, insert a filler like 'X‘ in the
plaintext, eg. "balloon" is treated as "ba lx lo on"
Vigenère Cipher
• Proposed by Giovan Batista Belaso (1553) and reinvented by Blaise de
Vigenère (1586), called “le chiffre indéchiffrable” for 300 years
• Effectively multiple Caesar ciphers
• Key is a word

• Encryption
• Read one letter t from the plaintext and one letter k from the key-word
• t is encrypted according to the Caesar cipher with key k
• for the next plain-letter, use the next letter from the key-word
• When the key word is finished, start the reading of the key from the beginning
• In other words: ci=(pi+ki mod m) mod 26
• Decryption works in reverse
• Example: key is “bcde”; “testing” is encrypted as “ugvxjpj”
• Note that the two ‘t’ are encrypted by different letters: ‘u’ and ‘x’
• The two ‘j’ in the cryptotext come from different plain letters: ‘i’ and ‘j’
Vigenère Cipher

https://pages.mtu.edu/~shene/NSF-4/Tutorial/VIG/Vig-Base.html
Vigenère Cipher

For example, suppose

the plaintext is MICHIGAN TECHNOLOGICAL UNIVERSITY
and the keyword is HOUGHTON

https://pages.mtu.edu/~shene/NSF-4/Tutorial/VIG/Vig-Base.html