Cryptography

and
Network Security
Classical Ciphers - I

Lecture 06

Source: Based on Lecture slides by Steve Lai

Learning Outcome
After the completion of today’s session you will be able to:
• Explain the concept of substitution based ciphers.
• Elaborate some monoalphabetic and polyalphabetic ciphers.
• Perform the cryptanalysis of ciphers.
Classical Ciphers
• Plaintext is viewed as a sequence of elements (e.g., bits or
characters)
• Substitution cipher: replacing each element of the
plaintext with another element.
• Transposition (or permutation) cipher: rearranging the
order of the elements of the plaintext.
• Product cipher: using multiple stages of substitutions and
transpositions

3
Caesar Cipher
• Earliest known substitution cipher
• Invented by Julius Caesar
• Each letter is replaced by the letter three positions further
down the alphabet.
• Plaintext: a b c d e f g h i j k l m n o p q r s t u v w x y z
Cipher: DEFGHIJKLMNOPQRSTUVWXYZABC
• Example: rgukt nuzvid  UJXNW QXCYLG

4
Caesar Cipher
• Mathematically, map letters to numbers:
a, b, c, ..., x, y, z
0, 1, 2, ..., 23, 24, 25
• Then the general Caesar cipher is:
c = EK(p) = (p + k) mod 26
p = DK(c) = (c – k) mod 26
• Can be generalized with any alphabet.

5
Cryptanalysis of Caesar Cipher
• Key space: {0, 1, ..., 25}
• Vulnerable to brute-force attacks.
• E.g., break ciphertext “FkLS WQOVMA“

• Need to recognize it when have the plaintext

• What if the plaintext is written in some other language?

6
Monoalphabetic Substitution Cipher

• Shuffle the letters and map each plaintext letter to a different

random ciphertext letter:

Plain letters: abcdefghijklmnopqrstuvwxyz

Cipher letters: DKVQFIBJWPESCXHTMYAUOLRGZN
Plaintext: ifwewishtoreplaceletters
Ciphertext: WIRFRWAJUHYFTSDVFSFUUFYA

• What does a key look like?

7
Monoalphabetic Cipher Security
• Now we have a total of 26! = 4 x 1026 keys.
• With so many keys, it is secure against brute-force attacks.
• But not secure against some cryptanalytic attacks.
• Problem is language characteristics.

8
Language Statistics and Cryptanalysis
• Human languages are not random.

• Letters are not equally frequently used.

• In English, E is by far the most common letter, followed by T, R, N, I, O,

A, S.

• Other letters like Z, J, K, Q, X are fairly rare.

• There are tables of single, double & triple letter frequencies for
various languages
9
English Letter Frequencies

10
Statistics for double & triple letters
• In decreasing order of frequency

• Double letters:
th he an in er re es on, …

• Triple letters:
the and ent ion tio for nde, …

11
Use in Cryptanalysis
• Key concept: monoalphabetic substitution does not change
relative letter frequencies

• To attack, we
• calculate letter frequencies for ciphertext
• compare this distribution against the known one

12
Example Cryptanalysis
• Given ciphertext:
UZQSOVUOHXMOPVGPOZPEVSGZWSZOPFPESXUDBMETSXAIZ
VUEPHZHMDZSHZOWSFPAPPDTSVPQUZWYMXUZUHSX
EPYEPOPDZSZUFPOMBZWPFUPZHMDJUDTMOHMQ

• Count relative letter frequencies (see next page)

• Guess {P, Z} = {e, t}
• Of double letters, ZW has highest frequency, so guess ZW = th and hence
ZWP = the
• Proceeding with trial and error finally get:
it was disclosed yesterday that several informal but
direct contacts have been made with political
representatives of the viet cong in moscow
13
Letter frequencies in ciphertext
P 13.33 H 5.83 F 3.33 B 1.67 C 0.00
Z 11.67 D 5.00 W 3.33 G 1.67 K 0.00
S 8.33 E 5.00 Q 2.50 Y 1.67 L 0.00
U 8.33 V 4.17 T 2.50 I 0.83 N 0.00
O 7.50 X 4.17 A 1.67 J 0.83 R 0.00
M 6.67

14
Playfair Cipher
• Not even the large number of keys in a monoalphabetic cipher
provides security.
•

• One approach to improving security is to encrypt multiple letters at a

time.

• The Playfair Cipher is the best known such cipher.

• Invented by Charles Wheatstone in 1854, but named after his friend

Baron Playfair.

15
Playfair Key Matrix
• Use a 5 x 5 matrix.
• Fill in letters of the key (w/o duplicates).
• Fill the rest of matrix with other letters.
• E.g., key = MONARCHY.

M O N A R
C H Y B D
E F G I/J K
L P Q S T
U V W X Z

16
Encrypting and Decrypting
Plaintext is encrypted two letters at a time.
1. If a pair is a repeated letter, insert filler like 'X’.
2. If both letters fall in the same row, replace each with the letter to its right
(circularly).
3. If both letters fall in the same column, replace each with the letter below
it (circularly).
4. Otherwise, each letter is replaced by the letter in the same row but in the
column of the other letter of the pair.

17
Encrypting and Decrypting
M O N A R Example:
C H Y B D 1. balloon = ba lx lo on
E F G I/J K 2. ar = RM
L P Q S T 3. mu = CM
U V W X Z
4. hs = BP
ea = IM or JM

18
Security of Playfair Cipher
• Equivalent to a monoalphabetic cipher with an alphabet of 26 x 26 =
676 characters.

• Security is much improved over the simple monoalphabetic cipher.

• Was widely used for many decades

• eg. by US & British military in WW1 and early WW2

• Once thought to be unbreakable.

• Actually, it can be broken, because it still leaves some structure of

plaintext intact.
19
Polyalphabetic Substitution Ciphers
• A sequence of monoalphabetic ciphers (M1, M2, M3, ..., Mk) is used in
turn to encrypt letters.
• A key determines which sequence of ciphers to use.
• Each plaintext letter has multiple corresponding ciphertext letters.
• This makes cryptanalysis harder since the letter frequency distribution
will be flatter.

20
Vigenère Cipher
• Simplest polyalphabetic substitution cipher
• Consider the set of all Caesar ciphers:
{ Ca, Cb, Cc, ..., Cz }
• Key: e.g. security
• Encrypt each letter using Cs, Ce, Cc, Cu, Cr, Ci, Ct, Cy in turn.
• Repeat from start after Cy.
• Decryption simply works in reverse.

21
Example of Vigenère Cipher

• Keyword: deceptive
key: deceptivedeceptivedeceptive
plaintext: wearediscoveredsaveyourself
ciphertext: ZICVTWQNGRZGVTWAVZHCQYGLMGJ

22
Security of Vigenère Ciphers
• There are multiple (how many?) ciphertext letters corresponding to
each plaintext letter.
• So, letter frequencies are obscured but not totally lost.

• To break Vigenere cipher:

1. Try to guess the key length. How?

2. If key length is N, the cipher consists of N Caesar ciphers. Plaintext letters
at positions k, N+k, 2N+k, 3N+k, etc., are encoded by the same cipher.
3. Attack each individual cipher as before.
23
Guessing the Key Length
• Main idea: Plaintext words separated by multiples of the key length are
encoded in the same way.
• In our example, if plaintext = “…thexxxxxxthe…” then “the” will be encrypted
to the same ciphertext words.

• So look at the ciphertext for repeated patterns.

• E.g. repeated “VTW” in the previous example suggests a key length of 3 or 9:

ciphertext: ZICVTWQNGRZGVTWAVZHCQYGLMGJ

• Of course, the repetition could be a random fluke.

24
Thanks