Cryptography

Basics of Cryptography
• Everyone has secrets; some have more than
others.
• When it becomes necessary to transmit those
secrets from one point to another, it's important to
protect the information while it's in transit.
• Cryptography presents various methods for
taking legible, readable data, and transforming it
into unreadable data for the purpose of secure
transmission, and then using a key to transform it
back into readable data when it reaches its
destination.
• Cryptography (derived from Greek word
κρύπτω kryptó "hidden/secret" and the
γράφω gráfo "to write" or λέγειν legein "to
speak") is the practice and study of hiding
information.
• Cryptography is considered to be a branch
of both mathematics and computer science,
and is affiliated closely with information
theory, computer security, and engineering.
• The art and science of keeping messages secret
and secure is cryptography and is practiced by
Cryptographers.
• Cryptography was used only for military
businesses; however, in the information society
it has became one of the central tool for
maintaining privacy and confidentiality.
• It is time to expose cryptography and make full
use of the advantages it provides for the modern
society including all aspects of secure
messaging, authentication, digital signatures,
electronic money, and other applications.
• Two communicating parties will be
referred to as Alice and Bob; this is the
common nomenclature in the crypto field
and literature to make it easier to identify
the communicating parties.
• If there is a third or fourth party in the
communication, they will be referred to as
Carol and Dave.
• Mallory is a malicious party, Eve is an
eavesdropper, and Trent is a trusted third
party.
• Suppose that Bob wants to send a message to Alice,
and wants to be sure that no eavesdropper can read the
message.
• Or even worse, the message could be modified during
the transmission in such a way that the genuine recipient
Bob doesn’t detect the manipulation.
• However, there is the possibility that someone else
opens the letter or listen the communication, so to make
sure that something like that never happened, we use
cryptographic methods.
• One of the major objectives of cryptography is to provide
methods for preventing such attacks and providing
confidentiality.
 Data integrity
• The receiver of a message should be able
to check whether the message was
modified during the transmission; either
accidentally or deliberately.
• No one should be able to substitute a false
message for the original one, or for parts
of it.
 Authentication
• The receiver of a message should be able
to verify its origin.
• No one should be able to send a message
to Bob and pretend to be Alice-(data origin
authentication).
• When initiating a communication, Alice
and Bob should be able to identify each
other- (entity authentication).
 Non-repudiation
• The sender should not be able to deny
later that she has sent a message.
• If messages are written on a paper, it provides a
certain security against manipulation, so they are
intended to guarantee authentication and non-
repudiation.
• If electronic media are used, the medium itself
provides no security at all, since it is easy to replace
some bytes in a message during its transmission
over a computer network and it is particularly easy if
the network is publicly accessible like internet.
• So the need for techniques providing data integrity
and authentication is essential from the view of
rapidly increasing significance of electronic
communication.
Basics Terminologies
of cryptography
• The message to be transmitted is called the
plaintext ‘m’ or cleartext.
• It can be some text, numerical data, an
executable program or any other kind of
information.
• The fundamental and classical task of
cryptography is to provide confidentiality by
encryption methods.
• Encoding the contents of the message in
such a way that hides its contents from
outsiders is called encryption.
• Alice encrypts the plaintext ‘m’ and the
encrypted message is called the
ciphertext ‘c’.
• The ciphertext ‘c’ is transmitted to Bob.
• Bob turns the ciphertext back to the
plaintext by decryption.
• The process of retrieving the plaintext from
the ciphertext is called decryption.
Cont..
• Encryption and decryption usually make use
of a key, and the coding method is such that
decryption can be performed only by
knowing the proper key.
• Cryptanalysis is the art of and science of
breaking ciphertexts; that seeing through
mask; and is practiced by Cryptanalysts.
• The branch of mathematics encompassing
cryptography and cryptanalysis is
Cryptology and it practitioners are
Cryptologists.
 Encryption
• The fundamental and classical task of
cryptography is to provide confidentiality by
encryption methods.
• The encryption method is very old.
• For eg: Caesar’s shift cipher (each plaintext
character is replaced by the character 3 to the
right modulo 26).
• ie: ‘a’ is replaced by ‘d’, ‘b’ is replaced by ‘e’,
……….. ‘x’ by ‘a’, ‘y’ by ‘b’, and ‘z’ by ‘c’) was
introduced in the early years.
• Every encryption method provides an Encryption
algorithm ‘E’ and a Decryption algorithm ‘D’.
• Modern cryptography uses a key ‘k’ which might be
any one of a large number of values.
• In classical encryption schemes, both algorithms
depend on the same key ‘k’ which is used for both
encryption and decryption. ie :

D ( k, E( k, m ) ) = m , for each plaintext ‘m’.

• These encryption methods are therefore called

symmetric.
Cont..
Cryptographic algorithm
• A cryptographic algorithm (also called a cipher)
is the mathematical function used for encryption
and decryption.
• Generally these are two related functions; one
for encryption and the other for decryption.

ie ; E k (m) = c
D k (c) = m

• Those functions have the property that

D k ( E k (m) ) = m
• Here encryption and decryption algorithms
use the same key. But some algorithms use
a different encryption key and different
decryption keys.
• That means encryption key ‘ k1 ’ will be
different from decryption key ‘ k2 ’.
• In those cases,
E k1 (m) = c
D k2 (c) = m and
D k2 ( E k1 (m) ) = m
• All of the security in these algorithms is
based on the key (or keys); none is based
in the details of the algorithm.
• This means that the algorithm can be
published and analyzed.
• Also, it doesn’t matter if an eavesdropper
knows your algorithm; she/he can’t read
your message unless she/he knows your
particular key.
Types of algorithms
• There are two classes of key-based
algorithms, symmetric (or secret-key) and
asymmetric (or public-key) algorithms.
• The difference is that symmetric algorithms
use the same key for encryption and
decryption (or the decryption key is easily
derived from the encryption key),
• Asymmetric algorithms use a different key for
encryption and decryption, and the
decryption key can not be derived from the
encryption key.
 Symmetric (or secret-key) algorithms

• These algorithms, sometimes called conventional

algorithms, single-key algorithms or one-key
algorithms in which the encryption key can be
calculated from decryption key and vice versa –
require that sender and receiver agree on a key
before they can communicate securely.
• The security of a symmetric algorithm rests in the
key, and it must remain secret in order to keep the
communication secret.
• Encryption and decryption with a
symmetric algorithm are denoted by ,

E k (m) = c

D k (c) = m
• Symmetric algorithms can be divided into two
categories.
Steam cipher (or stream algorithm)
 Stream ciphers can encrypt a single bit of
plaintext at a time
Block cipher (or block algorithm)
 Block ciphers take a number of bits- known
as blocks (typically 64 bits in modern
ciphers), and encrypt them as a single unit
 Asymmetric (or public-key) algorithms
• These algorithms are designed so that the key used for
encryption is different from the key used for decryption.
• Further more, the decryption key cannot be calculated
from the encryption key.
• The algorithms are called “ public-key” because the
encryption key can be made public.
• A complete stranger can use the encryption key to
encrypt a message, but a specific person with the
corresponding decryption key can only decrypt the
message.
• In these systems, the encryption key is often called
the public key ‘ Pk ’ and the decryption key is often
called the private key or secret key ‘ S k ’.
• If Alice wants to send a message ‘m’ to Bob,
she encrypts ‘m’ by use of Bob’s publicly
known encryption key ‘ Pk ’ .
• Bob decrypts the ciphertext by use of his
decryption key ‘ Sk ’ which is known only to
him.
ie,
D ( Sk , E ( P k , m ) ) = m
• Public key encryption methods require
more complex computations and are less
efficient than classical symmetric methods.
• Thus symmetric methods are commonly
used for the encryption of large amount of
data.
• Generally, symmetric algorithms are much
faster to execute on a computer than
asymmetric ones.
• In practice they are often used together,
so that a public-key algorithm is used to
encrypt a randomly generated encryption
key, and the random key is used to
encrypt the actual message using a
symmetric algorithm.
Cryptanalysis
• The whole point of Cryptography is to keep
the plaintext & the key (or both) secret from
eavesdroppers (also called adversaries/
attackers/interceptors/interlopers/ opponents/
or simply the enemy).
• Eavesdroppers are assumed to have
complete access to the communication
between the sender and receiver.
• Cryptanalysis is the art & science of
breaking ciphertexts; that is seeing through
disguise (or mask) and an attempted
cryptanalysis is called an attack.
• It is assumed that the cryptanalyst has
complete details of the cryptographic
algorithm.
• There are 5 general types of cryptanalytic
attacks.

• Ciphertext-only attack
• Known-plaintext attack
• Chosen-plaintext attack
• Adaptive-chosen plaintext attack
• Chosen-ciphertext attack
 Ciphertext-only attack
• A ciphertext-only attack is an attack where a cryptanalyst
has access to a ciphertext but does not have access to
corresponding plaintext.
• The cryptanalyst has the ability to obtain ciphertext of
several messages, all of which have been encrypted using
the same encryption algorithm.
• The cryptanalyst’s job is to recover the plaintext of as
many message as possible, or figure out the key (or keys)
used to encrypt the messages, in order to decrypt other
messages encrypted with the same key.
• An encryption method that cannot resist a ciphertext-only
attack is completely insecure.
 Known-plaintext attack
• The cryptanalyst has access not only to
the ciphertext of several messages, but
also to the plaintext of those messages.
• His job is to deduce the key (or keys) used
to encrypt the message or an algorithm to
decrypt any new messages encrypted with
the same key (or keys).
 Chosen-plaintext attack
• A chosen plaintext attack is an attack where a
cryptanalyst can choose specific plaintext blocks
to encrypt and study the resulting ciphertext that
might yield more information about the key.
• This is more powerful than a known-plaintext
attack.
• His job is to deduce the key (or keys) used to
encrypt the messages or an algorithm to decrypt
any new messages encrypted with the same key
(or keys).
Adaptive-chosen plaintext attack
• This is a special case of chosen-plaintext attack.
• Not only the cryptanalyst can choose the plaintext
that is encrypted, but he can also modify his
choice based on the result of previous encryption.
• In a chosen-plaintext attack, a cryptanalyst might
just be able to choose one large block plaintext to
be encrypted; but in an adaptive-chosen-plaintext
attack, he can choose a smaller block of plaintext
and then chooses another, based on the results of
the first, and so forth…..
 Chosen-cipher-text attack
• A chosen ciphertext attack is an attack where a
cryptanalyst chooses different ciphertexts, attempts
to find the hidden secret key used for decryption and
has access to the decrypted plaintext.
• The cryptanalyst’s job is to deduce the key and this
attack is primarily aimed at public-key algorithms
(sometimes it is effective against symmetric
algorithm as well).
• A chosen plaintext attack and a chosen ciphertext
attack are together known as a chosen-text attack.
 Rubber-hose cryptanalysis
• The cryptanalyst threatens, blackmails, or
tortures someone (in contrast to a
mathematical or technical cryptanalytic attack)
to get the key.
• Bribery is sometimes referred to as a
purchase-key attack.
• These are very powerful attacks and often the
best way to break an algorithm.
 Fundamental Cryptographic principles

• There are two principles underlying all

cryptographic systems that are important
to understand.
• These are:-
– Redundancy and Freshness/Update
 Redundancy
• All encrypted messages must contain some
redundancy, i.e. information not needed to
understand the message, making a passive
intruder attacking less likely. Passive intruder
means misuse the information without
understanding the information.
• For example, credit card number sent over the
Internet would be accompanied by other
information such as mobile number, or date of
birth of the card holder. This reduces the
possibility of making up a credit card number by
an intruder.
 Freshness/Update
• The second principle is that some measures
must be taken to ensure that each message
received could be verified as being fresh.
• This measure is needed to prevent active
intruders from playing back old messages.
• One such measure is, including in every
message, a ‘time stamp’, valid for, say 10
seconds.
• The receiver can then just keep around for 10
seconds, to compare newly arrived messages
with the previous ones to filter out duplicates.
Classical encryption techniques
 Steganography
• Steganography serves to hide secret messages in other
messages, such that the secret’s very existence is
concealed (masked).
• Generally the sender writes a safe message and then
conceals a secret message on the same message.
• Strictly speaking, steganography is not an encryption
where it conceals the existence of a secret message.
• But the method of cryptography will make the message
meaningless to outsiders by various transformations of
the text.
• Historical steganographics tricks include invisible inks,
tiny pin punctures on selected characters, pencil marks
on typewritten characters etc…..
• Invisible ink- A number of substances can be
used to for writing but it leave no visible trace
until heat or some chemical is applied to the
paper.
• Pin Punctures- Small pin punctures
(stab/pierce) on selected letters are ordinarily
not visible, unless the paper is held up in front of
a light.
• Character Masking- Selected letters of printed
text are overwritten with a special kind of pencil.
The marks are ordinarily not visible unless the
paper is subjected to an angle to bright light.
• More recently people are hiding secret
messages in graphic images too, by
replacing the least significant bit of each byte
of the image with the bits of the message.
• The graphical image won’t change noticeably
and the message can be uncovered at the
receiving end.
 One-time pads
• There was a perfect encryption scheme, called as
one-time pad, and was invented in 1917 by Major
Joseph Mauborgen and AT & T’s Gilbert Vernam.
• Classically, one time pads are nothing more than a
large non-repeating set of truly random key letters
written on sheets of paper, and glued together in a
pad.
• The sender uses each key letter on the pad to
encrypt exactly one plaintext character.
• Encryption is the addition modulo 26 of the plaintext
character and the one-time pad key character.
For example:-
• If the message is ---------------------------- ONETIMEPAD
and the key sequence from the pad is -- TBFRGFARFM
then, the ciphertext will be ------------------ HOJKOREGFP

Because O + T mod 26 = H
N + B mod 26 = O
E + F mod 26 = J
and so..on….
• Each key letter is used exactly once, for one
message.
• The sender encrypts the message and then
destroys the used pages of the pad.
• The receiver has an identical pad and uses each
key on the pad to decrypt each letter of the
ciphertext.
• The receiver also destroys the same pad pages
after decryption.
• A random key sequence added to a non-random
plaintext message produces a completely
random ciphertext message and no amount of
computing power can change that easily.
• The one-time pad offers somewhat strong
security, but in practice, it has two major
difficulties
 There is a practical problem of making large
quantities of random- keys.
 Even more worst is the problem of key
distribution and protection.
 For every message to be sent, a key of equal
length is needed by both sender and receiver.
 So, it is to make sure that the sender and
receiver should be perfectly synchronized. Thus
a huge key distribution exists.
Substitution and Transposition
techniques
• There are two basic building blocks of all
encryption techniques:
Substitution and Transposition
• A study of these techniques enables us to
illustrate the basic approaches to the
encryption methods used today.
 Substitution Techniques
• A substitution technique is one in which the letters of
plaintext are replaced by other letters or by numbers
or symbols.
• In cryptography, a substitution cipher is a method
of encryption by which, units of plaintext are
replaced with ciphertext according to a regular
system
• The "units" may be single letter (the most common),
pairs of letters, triplets of letters, mixtures of the
above, and so forth.
• The receiver deciphers the text by performing an
inverse substitution.
 Cont.…
• There are a number of different types of
substitution cipher.
• If the cipher operates on single letters, it is
termed a simple substitution cipher
• The cipher that operates on larger groups of
letters is termed polygraphic substitution.
 Simple substitution
• Substitution over a single letter—simple
substitution—can be demonstrated by writing
out the alphabet in some order to represent
the substitution. This is termed a substitution
alphabet.
• The cipher alphabet may be shifted or
reversed.
 1) Caesar Cipher
• Greeks described several substitution
ciphers, the first attested use was in military
affairs. One was Caesar cipher
• The Caesar cipher involves replacing each
letter of the alphabet with the letter standing
three places further down the alphabet.
For example
Plaintext: I CAME I SAW I CONQUERED
Ciphertext: L FDPH L VDZ L FRQTXHUHG
• Note that the alphabet is wrapped around; so
that the letter following Z is A.
• We can define the transformation by listing all
possibilities, as follows:

• Plaintext: a b c d e f g h i j k l m n o p q r s t u v w x y z
• Ciphertext: D E F G H I J K L M N O P Q R S T U V W X Y Z A B C
Mathematically let us assign a numerical equivalent to each letter:

a b c d e f g h i j k l m n o p q r s t u v w x y z
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25

• Then the algorithm can be expressed as follows.

• For each plaintext letter p, substitute the ciphertext letter C
C = E (p) = (p + 3) mod (26)

• A shift may be of any amount, so that the general Caesar

algorithm is:
C = E (p) = (p + k) mod (26)
Where k takes on a value in the range 1 to 25.

• The decryption algorithm is simply

p = D(C) = (C - 3) mod (26)
 2) ROT13
• ROT13 is a Caesar cipher, a type of substitution
cipher.
• In ROT13, the alphabet is rotated 13 steps as
shown in the figure
 3) Monoalphabetic Cipher
• A monoalphabetic substitution is one where
a letter of plaintext always produces the
same letter of ciphertext.
• If, instead, the “cipher” line can be any permutation
of the 26 alphabetic characters, then there are 26!
keys.
• Such an approach is referred to as a
Monoalphabetic Substitution Cipher, because a
single cipher alphabet is used per message.
For example:
Plaintext: IF WE WISH TO REPLACE LETTERS
Ciphertext: WI RF RWAJ UH YFTSDVF SFUUFYA

In a monoalphabetic cipher, the same substitution rule is used

for every substitution.
• In this case also the cryptanalyst can easily find the plaintext.
• As a first step, the relative frequency of each letters can be
determined and compared to a standard frequency
distribution for English texts, such as shown in figure below.
 Polygraphic substitution
• In a monoalphabetic cipher, the same substitution rule is
used for every substitution but in a polyalphabetic cipher,
the substitution rule changes continuously from letter to
letter accordingto the elements of the encryption key.
• In a polygraphic substitution cipher, plaintext letters are
substituted in larger groups, instead of substituting letters
individually.
• The first advantage is that the frequency distribution is much
flatter than that of individual letters (though not actually flat
in real languages; for example, 'TH' is much more common
than 'XQ' in English).
• Second, the larger number of symbols requires
correspondingly more ciphertext to productively analyze
letter frequencies.
 Playfair Cipher
• The Playfair cipher or Playfair square is a manual
symmetric encryption technique and was the first literal
digraph substitution cipher.
• The scheme was invented in 1854 by Charles Wheatstone,
but bears the name of Lord Playfair who promoted the use of
the cipher.
• The technique encrypts pairs of letters (digraphs), instead of
single letters as in the simple substitution cipher.
• It was used for tactical purposes by British forces in the
Second Boer War and in World War I and for the same
purpose by the Australians and Germans during World War II.
• This was because Playfair is reasonably fast to use and
requires no special equipment.
• Playfair is no longer used by military forces because of the
advent of digital encryption devices.
• Playfair is no longer used by military forces because of the
advent of digital encryption devices.
• Playfair is now regarded as insecure for any purpose,
because modern cryptanalysts could easily break the cipher
within seconds.
• The playfair algorithm is based on the use of a (5 X 5)
matrix of letters constructed using a keyword.
• The matrix can be constructed by filling in the letters of the
keyword by removing duplicates letters from left to right and
from top to bottom, and then filling in the remaining position
of the matrix with the remaining letters in alphabetic order,
with I/J used as single letter.
• The keyword together with the conventions for filling in the 5
by 5 table constitutes the cipher key.
• To encrypt a message using the playfair
cipher, one would break the message into
digraphs (groups of 2 letters) such that, for
example, "HelloWorld" becomes "HE LL
OW OR LD", and map them out on the key
table.
• The two letters of the digraph are
considered as the opposite corners of a
rectangle in the key table.
• Note the relative position of the corners of
this rectangle .
Then apply the following 4 rules, in order, to each pair of letters in the plaintext:
• If both letters are the same (or only one letter is left), add an "X"
after the first letter. Encrypt the new pair and continue.
• If the letters appear on the same row of your table, replace them
with the letters to their immediate right respectively (wrapping
around to the left side of the row if a letter in the original pair was
on the right side of the row).
• If the letters appear on the same column of your table, replace
them with the letters immediately below respectively (wrapping
around to the top side of the column if a letter in the original pair
was on the bottom side of the column).
• If the letters are not on the same row or column, replace them with
the letters on the same row respectively but at the other pair of
corners of the rectangle defined by the original pair. The order is
important – the first letter of the encrypted pair is the one that lies
on the same row as the first letter of the plaintext pair.
 Example:-
• Using "playfair example" as the key,
the table becomes:
PLAYF

IREXM

BCDGH

KNOQS

TUVWZ

• Encrypting the message,

"Hide the gold in the tree stump“

HI DE TH EG OL DI NT HE TR EX ES TU MP
• The pair HI forms a rectangle, replace it with BM
• The pair DE is in a column, replace it with OD
• The pair TH forms a rectangle, replace it with ZB
• The pair EG forms a rectangle, replace it with XD
• The pair OL forms a rectangle, replace it with NA
• The pair DI forms a rectangle, replace it with BE
• The pair NT forms a rectangle, replace it with KU
• The pair HE forms a rectangle, replace it with DM
• The pair TR forms a rectangle, replace it with UI
• The pair EX (X inserted to split EE) is in a row, replace it with XM
• The pair ES forms a rectangle, replace it with MO
• The pair TU is in a row, replace it with UV
• The pair MP forms a rectangle, replace it with IF

BM OD ZB XD NA BE KU DM UI XM MO UV IF
Thus the message "Hide the gold in the tree stump" becomes

"BMODZBXDNABEKUDMUIXMMOUVIF".
 2) Hill Cipher
• Another interesting multi letter (polygraphic) cipher
is the Hill Cipher, developed by the mathematician
Lester Hill in 1929.
• The encryption algorithm takes m successive
plaintext letter and substitutes for them m ciphertext
letters.
• The substitution determined m linear equations in
which each character is assigned a numerical value
(a=0, b=1… z=25). For m = 3, the system can be
described as follows:
 C1 = (k11p1 + k12p2 + k13p3) mod 26
C2 = (k21p1 + k22P2 + k23p3) mod 26
C3 = (k31p1 + k32p2 + k33p3) mod 26

• This can be expressed in term of column vectors and

matrices:
c1 k11 k12 k13 p1
c2 k21 k22 k23 p2
c3 = k31 k32 k33 p3

Or , C = KP mod 26

• Where C and P are column vectors of length 3, representing

the plaintext and ciphertext, and k is a (3 x 3) matrix,
representing the encryption key.
• Operation key formed with an operation mod 26.
 Cont..
• For example consider the plain text “pay
more money”, and use the encryption key
as given below

• K=
17 17 5
21 18 21
2 2 19
 Cont..
• The first three letters of the plaintext are
represented by the vector (p)

15

P=
0
24
 Cont..
• Then, KP will be

17 17 5 15 375
21 18 21 0 = 819
2 2 19 24 486

and ( KP mod 26 ) will be

375 11
819 mod 26 = 13 which is = LNS
486 18
 Cont...
• Continuing in this fashion, the cipher text for the
entire plaintext is LNSHDLEWMTRW.
• Decryption requires using the inverse of the
matrix k.
• The inverse k-1 of a matrix k is defined the
equation kk-1 = k-1k = I ,where I is unit matrix.
• Now plaintext can be calculated as follows
P = K -1 C mod 26
 Transposition Techniques

Transposition Ciphers form the second

basic building block of ciphers.
The core idea is to rearrange the order of
basic units (letters/bytes/bits) without
altering their actual values.
 Railfence Technique
The simplest transposition cipher is the rail fence
technique, in which the plain text is written down
as a sequence of diagonals and then read off as a
sequence of rows.
For example,to encipher the message
“meet me after the toga party”
with a rail fence of depth 2, we write the following:
m e m a t r h t g p r y
e t e f e t eo a a t
The encrypted message is:
MEMATRHTGPRYETEFETEOAAT
 Column Transposition Technique
• A more complex scheme is to write the message in a
rectangle, written in row by row format and read the
message off column by column, but permute the order of the
columns. The order of the columns then becomes the key to
the algorithm.
• The order of the columns then becomes the key to the
algorithm.
• For example,
Key: 4 31 2 5 6 7
Plaintext: a t t a c k p
o s t p o n e
d u n t i l t
wo a m x y z

• Then the Ciphertext will be : ttnaaptmtsuoaodwcoixknlypetz

• A pure transposition cipher is easily
recognized because it has the same letter
frequencies as the original plaintext.
• The transposition cipher can be made
significantly more secure by performing
more than one stage of transposition.
• The result is a more complex permutation
that is not easily reconstructed.
• Thus if the fore going message is re-
encrypted using the same algorithm,
Key: 4 3 1 2 5 6 7
Plaintext: t t n a a p t
m t s u o a o
d w c o i x k
n l y p e t z

output: nscyauopttwltmdnaoiepaxttokz
• To visualize the result of this double transposition, designate the letters
in the original plaintext message by the numbers designating their
position.
• Thus, with 28 letters in the message, the original sequence of letters is:
01 02 03 04 05 06 07 08 09 10 11 12 13 14
15 16 17 18 19 20 21 22 23 24 25 26 27 28

• After the first transposition we have:

03 10 17 24 04 11 18 25 02 09 16 23 01 08
15 22 05 12 19 26 06 13 20 27 07 14 21 28

• Which has a somewhat regular structure. But after the second

transposition, we have
17 09 05 27 24 16 12 07 10 02 22 20 03 25
15 13 04 23 19 14 11 01 26 21 18 08 06 28

• This is a much less structured permutation and is much more difficult to

cryptanalyze
Thank you