CHAPTER TWO

Fundaments of Cryptography

1
 Outline
• Cryptography
• Symmetric and asymmetric encryption
• Cryptanalytic Attacks
• Caesar cipher
• Block vs Stream Ciphers
• Substitution-Permutation Ciphers
• Cryptographic Algorithms
• Symmetric Block Cipher Algorithms
– DES (Data Encryption Standard)
– Double DES
– 3DES (Triple DES)
• DES strength/weakness

2
 Basics of Cryptography
• Cryptography is the science of using mathematics to encrypt
and decrypt data. Cryptography enables you to store sensitive
information or transmit it across insecure networks (like the
Internet) so that it cannot be read by anyone except the intended
recipient.
• While cryptography is the science of securing data,
cryptanalysis is the science of analyzing and breaking secure
communication. Classical cryptanalysis involves an interesting
combination of analytical reasoning, application of mathematical
tools, pattern finding, patience, determination, and luck.
Cryptanalysts are also called attackers.
• When Julius Caesar sent messages to his generals, he didn't
trust his messengers. So he replaced every A in his messages
with a D, every B with an E, and so on through the alphabet.
Only someone who knew the “shift by 3”rule could decipher his
3
messages. And so we begin.
 Purpose of Cryptography
• Secure stored information - regardless if
access obtained
• Secure transmitted information -
regardless if transmission has been
monitored

4
 Services Provided by Cryptography
• Confidentiality
– provides privacy for messages and stored data by hiding
• Message Integrity
– provides assurance to all parties that a message remains
unchanged
• Non-repudiation
– Can prove a document came from X even if X’ denies it
• Authentication
– identifies the origin of a message
– verifies the identity of person using a computer system

5
 Cryptography
• Cryptography has five components:
- Plaintext: This is what you want to encrypt.
- Ciphertext: The encrypted output.
- Enciphering or encryption: The process by which
plaintext is converted into ciphertext.
- Encryption algorithm: The sequence of data
processing steps that go into transforming plaintext into
ciphertext.
- Secret Key: is used to set some or all of the
various parameters used by the encryption
algorithm.
- Deciphering or decryption: Recovering
plaintext from ciphertext.
- Decryption algorithm: The sequence of data processing steps
that go into transforming ciphertext back into plaintext. 6
 Keys
• A key can be thought of as
simply a collection of bits
• The more bits, the stronger 101111011
the key 101100101
• Keys are tied to specific
encryption algorithms
• Lengths vary depending on
the encryption algorithm
– e.g. 128 bits is long for
some algorithms, but short
for others

7
 Cryptography
• Encryption Overview
– Plain text is converted to cipher text by use of an
algorithm and key.
• Algorithm is publicly known
• Key is held private
– Three Main Categories
• Secret Key
– single key is used to encrypt and decrypt information
• Public/Private Key
– two keys are used: one for encryption (public key) and one for
decryption (private key)
• One-way Function
– information is encrypted to produce a “digest” of the original
information that can be used later to prove its authenticity 8
 Encryption
• Encryption is the process of
taking some data and a
key and feeding it into a
function and getting
encrypted data out
• Encrypted data is, in Encryption
principle, unreadable unless Function
decrypted

9
 Decryption
• Decryption is the process
of taking encrypted data
and a key and feeding it
into a function and
getting out the original
data
– Encryption and decryption
functions are linked Decryption
Function

10
 Encryption Techniques
Symmetric Encryption
• Encryption and decryption
algorithms that use the same
key are called symmetric
Encrypt
– In this case everyone wanting to
read encrypted data must share
the same key
• Sender and receive have the
same secret key that will
encrypt and decrypt plain text.
• Strength of encryption Decrypt
technique depends on key
length

11
 Encryption Techniques…

• Secret Key (Symmetric)

– Known symmetrical algorithms
• Data Encryption Standard (DES)
– 56 bit key
• Triple DES, DESX, GDES, RDES
– 168 bit key
• RC2, RC4, RC5
– variable length up
to 2048 bits
• IDEA - basis of PGP
– 128 bit key
• Blowfish
– variable length up to 448 bits

12
 Encryption Techniques…
Asymmetric Encryption
• Encryption and decryption
algorithms that use a key
pair are called
asymmetric
– Keys are mathematically
linked
• Most common algorithm is
the RSA (Rivest Shamir
Adelman) algorithm with
key lengths from 512 to
1024 bits.

13
 ENCRYPTION DECRY P TI ON

Message 1 Encrypted Message 1

Central to the growth of e-commerce and e- 9a46894335be49f0b9cab28d755aaa9cd98571b
governance is the issue of trust in electronic 275bbb0adb405e6931e856ca3e5e569edd13528
environment. 5482

Encrypted Message 1 Message 1

9a46894335be49f0b9cab28d755aaa9cd985 Central to the growth of e-commerce and e-
71b275bbb0adb405e6931e856ca3e5e569e governance is the issue of trust in electronic
dd135285482 environment.

Same Key
Message 2 SYMMETRIC
The Internet knows no geographical boundaries. Encrypted Message 2
It has redefined time and space. Advances in a520eecb61a770f947ca856cd675463f1c95a9a2b
computer and telecommunication technologies 8d4e6a71f80830c87f5715f5f59334978dd7e97da
have led to the explosive growth of the Internet. 0707b48a1138d77ced56feba2b467c398683c7db
This in turn is affecting the methods of eb86b854f120606a7ae1ed934f5703672adab0d7
communication, work, study, education, be66dccde1a763c736cb9001d0731d541106f50b
interaction, leisure, health, governance, trade b7e54240c40ba780b7a553bea570b99c9ab3df13
and commerce. d75f8ccfdddeaaf3a749fd1411
Encrypted Message 2 Message 2
a520eecb61a770f947ca856cd675463f1c95 The Internet knows no geographical boundaries. It has
a9a2b8d4e6a71f80830c87f5715f5f5933497 redefined time and space. Advances in computer and
8dd7e97da0707b48a1138d77ced56feba2b4 telecommunication technologies have led to the
67c398683c7dbeb86b854f120606a7ae1ed9 explosive growth of the Internet. This in turn is
34f5703672adDabi0fdf7ebree6n6dtccKdee1yas76 affecting the methods of communication, work, study,
3c736c education, interaction, leisure, health, governance,
b9001 d 0 7 3 1 d5 4 1 1 0 6 f
[ K e y s o f a p a i r –
80b7a553bea570b99c9ab3df13d75f8ccfddd trade and commerce.
50 b b 7 e 54 2 04 c 4 0b a 7
P u b l ci a nd P r vi ta e ]
A S
eaaf3a749fd1 41 1

YMMETRIC
 Encryption Techniques…

• One-Way Function
– non-reversible “quick” encryption
– produces a fixed length value called a hash
or
message digest
– used to authenticate contents of a
message
– Common message digest functions
• MD4 and MD5
– produces 128 bit hashes
• SHA
– produces 160 bit hashes 15
 Cryptographic Services Allow
• Digital Signatures
– sign messages to validate source and integrity of the contents
• Digital Envelopes (combination of symmetric/asymetric)
– secure delivery of secret keys
• Message Digests
– short bit string hash of message
• Digital Certificates
– used to authenticate: users, web sites, public keys of
public/private pair, and information in general
• Secure Channels
– Encryption can be used to create secure channels over private
or public networks
16
 Building Blocks of Encryption Techniques
• Two building blocks of all classical encryption techniques are
substitution and transposition.

• Substitution means replacing an element of the plaintext with

an element of ciphertext.
– each element in the plaintext (bit, letter, group of bits or
letters) is mapped into another element
• Transposition means rearranging the order of appearance of
the elements of the plaintext.

• Transposition is also referred to as permutation.

17
 Cryptography…
• Cryptographic systems can be characterized along
these three independent dimensions.
– type of encryption operations used
• substitution
• transposition
• product
– number of keys used
• single-key, secret-key, symmetric or private
• two-key, asymmetric or public-key
– way in which plaintext is processed
• block
• stream
18
 Cryptography...
• Simplified Encryption Model:

19
 Cryptography...
Description
• A sender S wants to transmit message M to a
receiver R.
• To protect the message M, the sender first encrypts
it into an intelligible message M’.
• After receipt of M’, R decrypts the message to obtain
M.
• M is called the plaintext
➢ What we want to encrypt
• M’ is called the ciphertext
➢ The encrypted output
20
 Cryptography...
• Mathematical Notation
➢ Given
● P=Plaintext
● C=Ciphertext

➢ C = EK Encryption
(P)
➢ P = DK Decryption
(C)
21
 Cryptanalytic Attacks
• Types of attacks
- An attacker has only the ciphertext and his goal is to find
the corresponding plaintext.
- An attacker has a ciphertext and the
corresponding plaintext and his goal is to find the key.

• A good cryptosystem protects against all types of

attacks.
• Attackers use both Mathematics and Statistics.
22
 Cryptanalytic Attacks…
• Intruders
• Eavesdropping (listening/spying the message)
➢ An intruder may try to read the message
➢ If it is well encrypted, the intruder will not know the content
➢ However, just the fact the intruder knows
communicationthere
that may be a threat
is (Traffic analysis)

• Modification
➢ Modifying a plaintext is easy, but modifying encrypted messages
is more difficult

• Insertion of messages
➢ Inserting new message into a ciphertext is difficult
23
Cryptography and Cryptanalytic Attacks
• Intruders

24
 Cryptography example:
Caesar cipher
• This is the earliest known example of a substitution
cipher.
• Each character of a message is replaced by a character
three position down in the alphabet.

• Shift of letters:
Plain:
ABCDEFGHIJKLMNOPQRSTUVWXYZ
Cipher:
DEFGHIJKLMNOPQRSTUVWXYZABC

Example 25

plaintext: are you

 Cryptography example:
Caesar cipher
Example: Encipher the message
THIS MESSAGE IS TOP SECRET
• using the ordinary alphabet and
a Caesar cipher with a shift of 3.
• When each letter is converted to a number, and we group into
blocks of length 5, we get

19 7 8 18 12 4 18 18 0 6 4 8 18 19 14 15 18 4 2 17 4
19

• Here, we group the items in blocks for readability. After applying

the enciphering transformation, each number becomes
22 10 11 21 15 7 21 21 3 9 7 11 21 22 17 18 21 7 5 20 7
22
26
• and the ciphertext message is sent as
 Exercises
1. Encrypt the message HARAMAYA UNIVERSISTY with the
Caesar cipher with 6 as the key
2. The message QIIX PEXIV was encrypted using the Caesar
cipher with 4 as the key. Decrypt the message.
 Cryptography example:
Caesar cipher
• If we represent each letter of the alphabet by an integer that
corresponds to its position in the alphabet, the formula for
replacing each character ’P’ of the plaintext with a character ’C’
of the ciphertext can be expressed as
C = E( 3, P) = (P + 3) mod 26
• A more general version of this cipher that allows for any degree
of shift would be expressed by
C = E( k, P) = (P + k) mod 26
• The formula for decryption would be
P = D( k, C ) = (C - k) mod 26
• In these formulas, ’k’ would be the secret key.
• The symbols ’E’ and ’D’ represent encryption and decryption. 27
 WEAKNESSES OF THE CAESAR
CIPHER
• The Caesar Cipher is a secret key cryptosystem;
– that is, revealing the enciphering key makes decryption
simple.

• In the Caesar cipher, the shift value is the enciphering

key.
• Anyone knowing it can immediately decrypt, so it must
be protected from unauthorized persons.

29
 WEAKNESSES OF THE CAESAR CIPHER

• Exhaustive Key Search. There is yet another method for

breaking the Caesar cipher:
• simply try all the possible keys!
– After all, there are only 26 viable keys in the ordinary alphabet, and
only 255 useful keys in the ASCII alphabet! This kind of attack is
called an exhaustive search.
• An exhaustive search is rarely effective against all but the
simplest of cryptosystems.
• Seeing that the Caesar cipher is so vulnerable, we attempt to
see stronger cryptosystems.

30
 THE VERNAM
CIPHER
 The basic encryption involves an arbitrarily long
nonrepeating sequence of numbers that are combined with
the plaintext.
 Vernam's invention used an arbitrarily long punched paper
tape that fed into a teletype machine.
 The tape contained random numbers that were combined
with characters typed into the teletype.
 The sequence of random numbers had no repeats, and
each tape was used only once.
 As long as the key tape does not repeat or is not reused,
this type of cipher is immune to cryptanalytic attack
because the available ciphertext does not display the
pattern of the key.
 THE VERNAM
CIPHER

Exercises
1. Encode the message TELLECOMMINICATION using vernam’s
cipher algorithm
2. Encode the message MISS YOU using vernam’s cipher
algorithm
 Ciphering with Transposition
• So far we have seen ciphering with substitution.
• We will now talk about a different notion in classical
cryptography: permuting the plaintext.

• This is how a pure permutation cipher could work:

– You write your plaintext message along the rows of a matrix of
some size.
– You generate ciphertext by reading along the columns.
– The order in which you read the columns is determined by the
encryption key.

33
 Ciphering with Transposition…

Key: 4 1 3 6 2 5

Plaintext: m e e t m e
a t s q u a
r e g u a r
d e n f o r
g o o d d i
n n e r o k

Ciphertext: tqufdrmardgnesgnoeearriketeeonmuaodo

The cipher can be made more secure by performing multiple

rounds of such permutations. 34
 Exercise

1. Encipher WE NEED TO STUDY ELECTRICAL ENIGNEERING

using a simple 5 column transposition cipher. USE

34512 as a key.
 Symmetric and Asymmetric ciphering

• Symmetric: the same key is used to encrypt the

data
– Both sides of the communication must have the
same key
– Examples: DES, Blowfish, RC2, RC5, IDEA…

• Asymmetric: different keys are used to encrypt

and decrypt the data
– Example: RSA,…

36
 K1 K2
Encryption Decryption
M C M

• More formally, using maths:

• Notation
– Plain text: M
– Encrypted text: C
– Encryption with key K1 : E (M) =
K1

C
– Decryption with key K2 : D K2 (C) =
M
• Algorithms
33
– Sym m etric: K1 = K2
 Symmetric and Asymmetric ciphering...
• Symmetric Cryptography
• Also called secret-key/private-key cryptosystem
• The same key is used to encrypt and decrypt a message
C = D K [E K (P)]

• Have been used for centuries in a variety of forms

• The key has to be kept secret

• The key has to be communicated using a secure channel

• They are still in use in combination with public-

key cryptosystems due to some of their advantages

38
Symmetric Cipher Model

39
 Requirements
• Two requirements for secure use of symmetric
encryption:
– a strong encryption algorithm
– a secret key known only to sender / receiver
• mathematically have:
C = E(K, P ) done by sender side
P = D(K, receiver side
C ) encryption algorithm is known
• assume
• implies a secure channel to distribute key

40
Thank You!