Cryptography

The Basic Idea:

Two approaches:

plaintext
Security through
obscurity

1) Make algorithm secret

and dont use a key.
Bad Idea
2) Make algorithm public
but keep the key secret.

Good Idea

Key

algorithm

ciphertext

Security through obscurity

Security through obscurity is the use of secrecy of design or
implementation to provide security.
Security through obscurity is discouraged and not
recommended.
A system relying on security through obscurity may have
theoretical or actual security vulnerabilities.
But its owners or designers believe that if the flaws are not
known, then attackers will be unlikely to find them
Cipher cannot be distributed among public and thus would not
have a commercial or publically accepted value.

Block Cipher Building blocks

Shannon proposed ciphers with two
components
S-Boxes substitution
providing confusion of input bits

P-Boxes permutation
providing diffusion across S-box inputs

S-box (substitution)
3 bit
input

0
1
2
3
4
5
6
7

1
0

0
1
2
3
4
5
6
7

Word size of 3 bits => mapping of 23 = 8 values

3 bit
output

1
1
0

P-box (permutation)
4 bit
input

1
0

1
0

Example 1

Example 2 - swap two

halves of input

S-Box and P-Box

A combination of S-box and P-box transformation
is known as a product cipher. (Example Lucifer
cipher)
The combination could yield a cipher system more
powerful than either one alone.
A product cipher that uses only substitutions and
permutations is also called a SP-network.
Basis of modern block symmetric cryptography