Classical

Cryptography
Hina Binte Haq
Secret Writing: Hieroglyphics (
)
Secret Writing
●Cryptography kryptos graphein
○ Scrambled writing

●Steganography steganos graphein

○ Covered writing
Cryptography
●Code king  cat
● In WW2, Marine Corps leadership selected 29 Navajo men, the Navajo Code
Talkers, who created a code based on the complex, unwritten Navajo
language. The code primarily used word association by assigning a Navajo
word to key phrases and military tactics.

●Cipher king  qtui

● Most commonly used today
○ SUBSTITUTION
■ Monoalphabetic
■ Polyalphabetic
○ TRANSPOSITION
Cryptosystem

● A cryptosystem is a 5-tuple (E, D, M, K, C), where:

● M is the set of plaintexts,

● K the set of keys,

● C is the set of cipher texts,

● Encryption Function : E (m, k) = c

● Decryption Function : D (c, k) = m

Polybius

44 23 15
13 11 44
43 11 44
34 33
44 23 15
32 11 44
Rosicrucian Cipher
Monoalphabetic: Caesar Cipher - I
Monoalphabetic: Caesar Cipher-I
• plain: hello
• key +3
• cipher: khoor
Activity

●Encode INFORMATION with a right shift of 3

Monoalphabetic: Caesar Cipher - I

C = (m + k) mod 26

m = (C - k) mod 26
Monoalphabetic: Caesar Cipher - II
Jefferson Wheel implementation of
Caesar Cipher
● Caesar Shift Cipher
○ Each letter substituted by shifting n=3 places
■ E XAM PLE
■ HAD P SO H
● Jefferson wheel implementation
○ Set the message across the wheels
○ Select another line (in random) as cipher
Cryptanalysis

• Cryptanalysis is the study of breaking ciphers.

Exhaustive / Brute force search

plain: meet me after the toga party

cipher: PHHW PH DIWHU WKH WRJD

• SDUWB
An adversary wishes to break the Cryptosystem.
Exhaustive / Brute force search
Cipher text

• simply try all the

25 possible
keys.
Exhaustive / Brute force search
Cipher text

• simply try all the

25 possible
keys.

When does Brute

force become
impractical?
Exhaustive / Brute force search

Brute force cryptanalysis become

impractical when user employs a
large number key.

Brute force cryptanalysis become

impractical when
Language is unknown.

Brute force cryptanalysis become

impractical when
Algorithm is Unknown.
 Cryptanalysis
As cryptography is the science and art of creating secret codes,
cryptanalysis is the science and art of breaking those codes.

3.19
 Ciphertext-Only Attack

Intruder only has the cyphertext to analyze

3.20
 Known-Plaintext Attack

Intruder uses a set of known plaintexts and corresponding

ciphertexts

3.21
 Chosen-Plaintext Attack
Attacker chooses some plaintexts and somehow gets its
ciphertexts. Then compares/analyzes plaintext/ciphertexts to
get the key

3.22
 Chosen-Ciphertext Attack
Attacker chooses some ciphertexts and somehow gets its
plaintexts. Then compares/analyzes plaintext/ciphertexts to get
the key

3.23
Cryptanalysis

• Cryptanalysis is the study of breaking ciphers.

• The credit for breaking Caesar cipher goes primarily to the renowned
Arab polymath Al-Kindi (801–873 CE).

• Al-Kindi wrote a treatise titled "A Manuscript on Deciphering

Cryptographic Messages" (‫ )رسالة في استخراج المعمى‬in which he laid
the groundwork for cryptanalysis—the study of breaking ciphers.
• He introduced the technique of frequency analysis, which involves
studying the frequency of letters or symbols in a ciphertext and
comparing them to the expected frequencies in a given language. This
method works particularly well for monoalphabetic substitution ciphers
like the Caesar cipher.

• Caesar cipher which stood for almost a thousand years was broken by
Cryptanalysis
 Attacking the Cipher

• Statistical analysis

– Compare to 1-gram model of English

 Attacking the Cipher

Cipher text

UZQSOVUOHXMOPVGPOZPEVSGZWSZOPFPESXUD
BMETSXAIZVUEPHZHMDZSHZOWSFPAPPDTSVPQUZ
WYMXUZUHSXEPYEPOPDZSZUFPOMBZWPFUPZHM
DJUDTMOHMQ
 Attacking the Cipher

Relative Frequency of Letters in English Text

 Attacking the Cipher

Cipher text

UZQSOVUOHXMOPVGPOZPEVSGZWSZOPFPESXUD
BMETSXAIZVUEPHZHMDZSHZOWSFPAPPDTSVPQUZ
WYMXUZUHSXEPYEPOPDZSZUFPOMBZWPFUPZHM
DJUDTMOHMQ
 Attacking the Cipher
Cipher text

Relative Frequency = RF

RF(Character) = f(Character)/ Total Character * 100

Relative Frequency of Character P

P Appears = 16

RF(p) = 16/120 * 100

= 13.33
 Attacking the Cipher

relative frequencies of the letters in the ciphertext (in percentages)

P 13.33 H 5.83 F 3.33 B 1.67 C 0.00

Z 11.67 D 5.00 W 3.33 G 1.67 K 0.00

S 8.33 E 5.00 Q 2.50 Y 1.67 L 0.00

U 8.33 V 4.17 T 2.50 I 0.83 N 0.00

O 7.50 X 4.17 A 1.67 J 0.83 R 0.00

M 6.67
 Attacking the Cipher
P 13.33 H 5.83 F 3.33 B 1.67 C 0.00

Z 11.67 D 5.00 W 3.33 G 1.67 K 0.00

S 8.33 E 5.00 Q 2.50 Y 1.67 L 0.00

U 8.33 V 4.17 T 2.50 I 0.83 N 0.00

O 7.50 X 4.17 A 1.67 J 0.83 R 0.00

M 6.67

P Z
 Attacking the Cipher
P 13.33 H 5.83 F 3.33 B 1.67 C 0.00

Z 11.67 D 5.00 W 3.33 G 1.67 K 0.00 S, U, O, M, and H are all of relatively high
S 8.33 E 5.00 Q 2.50 Y 1.67 L 0.00 frequency and probably correspond to plain
letters from the set {a, h, i, n, o, r, s}.
U 8.33 V 4.17 T 2.50 I 0.83 N 0.00

O 7.50 X 4.17 A 1.67 J 0.83 R 0.00

M 6.67

P Z
 Attacking the Cipher
P 13.33 H 5.83 F 3.33 B 1.67 C 0.00

Z 11.67 D 5.00 W 3.33 G 1.67 K 0.00 S, U, O, M, and H are all of relatively high
S 8.33 E 5.00 Q 2.50 Y 1.67 L 0.00 frequency and probably correspond to plain
letters from the set {a, h, i, n, o, r, s}.
U 8.33 V 4.17 T 2.50 I 0.83 N 0.00

O 7.50 X 4.17 A 1.67 J 0.83 R 0.00

M 6.67

P Z

S
 Attacking the Cipher

P Z

S
Most common 2 gram and 3gram Frequencies

36
 Attacking the Cipher

• A powerful tool is to look at the frequency of two-letter combinations, known as 2 gram or

digram.

• A table similar could be drawn up showing the relative frequency of 2-gram.

• The most common such digram is th.

• In our ciphertext, the most common digram is ZW, which appears three times.
 Attacking the Cipher
• Now notice the sequence ZWSZ in the first line.
• We do not know that these four letters form a complete word TH_T.
• If S  A then it will become THAT
 Attacking Caesar Cipher

The complete plaintext, with spaces added between words

it was disclosed yesterday that several informal

but direct contacts have been made with political
representatives of the viet cong in moscow
 Cæsar’s Problem

Key is too short

• Can be found by exhaustive search

• Statistical frequencies not concealed well

They look too much like regular English letters

Improve the substitution permutation

• Increase number of mapping options from 26

Polyalphabetic: Vigenere Cipher (16th
Century)
Vigènere Cipher: another example
Like Cæsar cipher, but use a phrase as key
Example
• Message: THE BOY HAS THE BALL
• Key : VIG
• Encipher using Cæsar cipher for each letter:

key VIGVIGVIGVIGVIGV
plain THEBOYHASTHEBALL
Cipher OPKWWECIYOPKWIRG
 Key

Plain Text

Key : VIGVIGVIGVIGVIGV
Plain : THEBOYHASTHEBALL
Cipher : OPKWWECIYOPKWIRG
 Vigenere Cipher

Period: length of key

• In earlier example, period is 3

Tableau: table used to encipher and decipher

• Vigènere cipher has key letters on top, plaintext letters on the left

Polyalphabetic:

• The key has several different letters

• Caesar cipher is monoalphabetic

4
4
Transposition: Scytale / Staff Cipher

Sparta’s scytale is first cryptographic device (5th Century BC)

Message written on a leather strip, which is then unwound to scramble the message
Transposition Cipher
Product Cipher
● A combination of substitution and transposition
Product Cipher: Substitution phase
• Change characters in plaintext to produce ciphertext

• Example (Cæsar cipher)

– Plaintext is HELLO WORLD

– Change each letter to the third letter following it

– (X goes to A, Y to B, Z to C)

Key is 3, usually written as letter ‘D’

– Ciphertext is KHOOR ZRUOG

Product Cipher: Transposition Phase

● Generalize to n-columnar transpositions

● Example 3-columnar
● Plain text is : HELLO WORLD (after substitution it becomes KHOOR
ZRUOG)

– KHO

– ORZ

– RUO

– GXX
Modern History
● 19th century and onwards
Attacking Vigenere Cipher

Approach

• Establish period; call it n

• Break message into n parts, each part being enciphered using the

same key letter

• Solve each part

 Vigenere Polyalphabetic Cipher
● Vigenere’s polyalphabetic cipher (16th Century) generalizes Caesar’s
shift cipher
○ Use keyword to select encrypting rows

¨ The Vigenere cipher is not amenable to Vigenere Tableau

simple frequency analysis

¨ Called “The Unbreakable Cipher”

52
Babbage breaks Vigenere Cipher
● Babbage broke Vigenere’s Cipher (1854, Crimean war)
○ Stage 1: Discover key length
■ Look for repeated sequences, and measure their distance
■ The key length is a factor of these distances

○ Stage 2: Identify the key itself

■ Compare distributions for each of the key letters with the standard distribution,
to
identify the shift

● Babbage could not publish his work

○ Similar techniques developed independently by Kasiski (a Prussian officer);
Kerckhoff (French cryptographer)

53
 Babbage breaks Vigenere Cipher
● Given this ciphertext

● Assuming that the keyword is indeed five letters long, the next step is to work out the actual letters of the keyword. For
the time being, let us call the keyword L1-L2-L3-L4-L5, such that L1 represents the first letter of the keyword, and
so on.
● The letter L1 defines one row of the Vigenère square and effectively provides a
monoalphabetic substitution cipher alphabet for the first letter of the plaintext.
● L2, second L3, third, L4 fourth, L5 fifth and L6 once again 1 st so that is it just use frequency analysis.
54
Babbage breaks Vigenere Cipher
● What if key was large???
● What if key size was as large as message???
● What if keys are only used once???

55
 One-Time Pad

It is a Vigenère cipher with following features:

• Having a random key that is as long as the message, so

that the key need not be repeated.

• key is to be used to encrypt and decrypt a single

message, and then is discarded.

• Each new message requires a new key of the same

length as the new message.

3
9
 One-Time Pad

The one-time pad offers complete security but, in practice, has two fundamental difficulties:
• Key Generation

– There is the practical problem of making large quantities of random keys.

– Any heavily used system might require millions of random characters on a regular basis.

– Supplying truly random characters in this volume is a significant task.

• Key Distribution

– Even more daunting is the problem of key distribution and protection.

– For every message to be sent, a key of equal length is needed by both sender and receiver

3
9
 One-Time Pad
● Why It's Unbreakable:
An attacker has no information about the plaintext because every
possible plaintext message of the same length can produce the same
ciphertext (given an appropriate key).

Without access to the key, there’s no way to distinguish the correct

plaintext from random noise.

58
 One-Time Pad

• A Vigenère scheme with 27 characters

We now show two different decryptions using two different keys:

ciphertext:
ANKYODKYUREPFJBYOJDSPLREYIUNOFDOIUERFPLUYTS
key: pxlmvmsydofuyrvzwc tnlebnecvgdupahfzzlmnyih
plaintext: mr mustard with the candlestick in the hall

ciphertext:
ANKYODKYUREPFJBYOJDSPLREYIUNOFDOIUERFPLUYTS
key: pftgpmiydgaxgoufhklllmhsqdqogtewbqfgyovuhwt
plaintext: miss scarlet with the knife in the library 3
9
 Book Cipher: an
approximation of the
One Time Pad
• Approximate one-time pad with book text

– Sender and receiver agree on text to pull key from

– Bible, Phone Book, Literary text

• Each letter is given by a row, column pair as it is found in an agreed upon text.

• So the cipher would read:row,column,row,column, row,column,…..

 Book Cipher

• Each letter is given by a row, column pair as it is found in an agreed

upon text.

• So the cipher would read:row,column,row,column, row,column,…..

• Note all such ciphers would have an even number of numbers in them,

which might be a hint that one is facing a book cipher.

Book cipher
Enigma - Rotor Machines
 Kerckhoffs Principles System + Keys
August Kerckhoffs, Journal of Military Science, 1883

1. The system must be substantially, if not mathematically,

undecipherable;
2. The system must not require secrecy and can be stolen by the
enemy without causing trouble;
3. It must be easy to communicate and remember the keys without
requiring written notes, it must also be easy to change or modify the
keys with different participants;
4. The system ought to be compatible with telegraph communication;
5. The system must be portable, and its use must not require more than
one person;
6. Finally, regarding the circumstances in which such system is
applied, it must be easy to use and must neither require stress of
mind nor the knowledge of a long series of rules.

64
 Enigma - Rotor Machines

• Another approximation of one-time pad

• Substitution cipher
– Each rotor is a substitution

– Changes in rotor position change how substitutions are stacked

– Key press passes through all rotors and back through a reflector
rotor
– Rotors advance after each key press changing the substitution.

• Key is initial position of the rotors

• More details
– http://www.codesandciphers.org.uk/enigma/
Electromechanical - Enigma
The German Enigma
● Invented as a commercial machine (Scherbius), and failed
○ Electrical typewriter-like encryption machine
○ Each keystroke lights a letter

● Performing substitutions
○ Letter-pairs are switched
○ Pulse goes through scramblers
○ Hits reflector and goes back

● Original Enigma (M3) based on commercial version

○ swapped letter-pairs
○ 3 rotating scramblers (263 orientations)
○ scramblers can be configured in 6 (3!) ways
○ Later, up to 5 scramblers to choose from

● Theoretical key space = a total of 1017 combinations

67
68
 Poles Crack the Enigma
● Polish obtained an Enigma from a German spy (1933)
○ Hans-Thilo Schmidt sold to French intelligence
● Obtained information on its usage
○ daily code book indicated rotors and orientation
○ a different orientation key for each message (swapped keys)

69
 Poles Crack the Enigma
● Rejewski’s algorithm to discover the day key
○ First, use catalog to identify the scrambler setting and orientation
○ Then, run the ciphertext through an Enigma and look at the text to identify
swapped letter pairs using frequency analysis
● Bombe machines were constructed to mechanize the search

70
Online Crypto Tools
● https://www.cryptool.org/en/cto/caesar/
● https://www.cryptool.org/en/cto/atbash/
● https://legacy.cryptool.org/en/cto/frequency-analysis
● https://www.boxentriq.com/code-breaking/cipher-identifier
● https://www.cryptool.org/en/cto/monoalpha/
● https://www.cryptool.org/en/cto/railfence/
● https://www.101computing.net/category/cryptography/

71