Professional Documents
Culture Documents
1. INTRODUCTION OF CRYPTOGRAPHY
An original message is known as the plaintext, while the coded message is called the ciphertext. The process
of converting from plaintext to ciphertext is known as enciphering or encryption; restoring the plaintext
from the ciphertext is deciphering or decryption. The many schemes used for encryption constitute the
area of study known as cryptography. Such a scheme is known as a cryptographic system or a cipher.
Techniques used for deciphering a message without any knowledge of the enciphering details fall into the
area of cryptanalysis. Cryptanalysis is what the layperson calls “breaking the code.” The areas of
cryptography and cryptanalysis together are called cryptology.
There are five primary functions of cryptography today:
1. Privacy/confidentiality: Ensuring that no one can read the message except the intended receiver.
2. Authentication: The process of proving one's identity.
3. Integrity: Assuring the receiver that the received message has not been altered in any way from the
original.
4. Non-repudiation: A mechanism to prove that the sender really sent this message.
5. Key exchange: The method by which crypto keys are shared between sender and receiver.
In cryptography, we start with the unencrypted data, referred to as plaintext. Plaintext is encrypted
into ciphertext, which will in turn (usually) be decrypted into usable plaintext. The encryption and
decryption is based upon the type of cryptography scheme being employed and some form of key. For those
who like formulas, this process is sometimes written as:
C = Ek(P)
P = Dk(C)
where P = plaintext, C = ciphertext, E = the encryption method, D = the decryption method, and k = the
key.
Figure 1: Three types of cryptography: secret key, public key, and hash function.
pg. 2
Computer Network Security Chapter 3: Cryptography and Public key Infrastructure
A substitution technique is one in which the letters of plaintext are replaced by other letters or by numbers
or symbols. If the plaintext is viewed as a sequence of bits, then substitution involves replacing plaintext bit
patterns with ciphertext bit patterns. Different types of encryption techniques are listed and described
below.
A. Caesar’s Cipher
B. Playfair Cipher
C. Keyword Cipher
D. Vigenere (Polyalphabetic) Cipher,
E. One Time Pad (Vermin Cipher)
A. Caesar’s Cipher
The Caesar cipher involves replacing each letter of the alphabet with the letter standing three places further
down the alphabet. For example,
plain: meet me after the toga party
cipher: PHHW PH DIWHU WKH WRJD SDUWB
The alphabet is wrapped around, so that the letter following Z is A. We can define the transformation by
listing all possibilities, as follows:
pg. 3
Computer Network Security Chapter 3: Cryptography and Public key Infrastructure
To do the decryption, for each plaintext letter C, substitute the ciphertext letter p:
p = D(3, C) = (C - 3) mod 26
B. Playfair Cipher
The Playfair cipher encrypts pairs of letters (digraphs), instead of single letters. The Playfair cipher uses a 5
by 5 table containing a key word or phrase. To generate the table, one would first fill in the spaces of the
table with the letters of the keyword (dropping any duplicate letters), then fill the remaining spaces with
the rest of the letters of the alphabet in order (to reduce the alphabet to fit WE can either omit "Q" or use
I and J together). In the example to the right, the keyword is "keyword".
K E Y W O
R D A B C
F G H I J
L M N P S
T U V X Z
To encrypt a message, one would break the message into groups of 2 letters. If there is a dangling letter at
the end, we add an X.
pg. 4
Computer Network Security Chapter 3: Cryptography and Public key Infrastructure
C. Keyword Cipher
The Keyword cipher is identical to the Caesar Cipher with the exception that the substitution alphabet used
can be represented with a keyword. To create a substitution alphabet from a keyword, we first write down
the alphabet. Below this we write down the keyword (omitting duplicate letters) followed by the remaining
unused letters of the alphabet.
ABCDEFGHIJKLMNOPQRSTUVWXYZ
KEYWORDABCFGHIJLMNPQSTUVXZ
To encipher a plaintext message, we convert all letters from the top row to their corresponding letter on
the bottom row (A to K, B to E, etc).
D. Vigenere Cipher
The Vigenere cipher consists of using several Caesar ciphers in sequence with different shift values. To
encipher, a table of alphabets can be used, termed as a Vigenere table. It consists of the alphabet written
out 26 times in different rows, each alphabet shifted cyclically to the left compared to the previous alphabet,
corresponding to the 26 possible Caesar ciphers. At different points in the encryption process, the cipher
uses a different alphabet from one of the rows. The alphabet used at each point depends on a repeating
keyword.
pg. 5
Computer Network Security Chapter 3: Cryptography and Public key Infrastructure
Plaintext: A T T A C K A T D A W N
Key: L E M O N L E M O N L E
Ciphertext: L X F O P V E F R N H R
Decryption is performed by finding the position of the ciphertext letter in a row of the table, and then taking
the label of the column in which it appears as the plaintext. For example, in row L, the ciphertext L appears
in column A, which taken as the first plaintext letter. The second letter is decrypted by looking up X in row
E of the table; it appears in column T, which is taken as the plaintext letter.
pg. 6
Computer Network Security Chapter 3: Cryptography and Public key Infrastructure
Another example:
Encryption:
Step 1: write plaintext and expand key upto the length of plaintext as shown below. Plaintext (Today is
Friday) & Key (DAY)
Step 2: consider plaintext letter as a column and key letter as a row and make a straight line from both of
it, whenever they intersect that letter will be used as a ciphertext for them. For plaintext “T” and key “D”
ciphertext will be “W”. Likewise for others OBDYGVFPLDYB
Decryption:
Step 1: write ciphertext and expand key upto the length of the ciphertext as shown below.
Step 2: consider plaintext letter as a column and key letter as a row and make a straight line from both of
it, whenever they intersect that letter will be used as a ciphertext for them. For ciphertext “W” and key “D”
plaintext will be “T ”. Likewise for others ODAYISFRIDAY
Vigenère can also be viewed algebraically. If the letters A–Z are taken to be the numbers 0–25, and addition
is performed modulo 26, then Vigenère encryption E using the key K can be written,
Then, each bit or character of the plaintext is encrypted by combining it with the corresponding bit or
character from the pad using modular addition. If the key is truly random, and at least as long as the
plaintext, and never reused in whole or in part, and kept completely secret, then the resulting ciphertext
twill be impossible to decrypt or break. It has also been proven that any cipher with the perfect secrecy
property must use keys with effectively the same requirements as OTP keys. However, practical problems
have prevented one-time pads from being widely used.
Plaintext : Hello
Random key: XMCKL
Encryption:
Step 1: write your plaintext and replace each alphabet by its according number (A=0, B=1…….Z=25).
H E L L O
7 4 11 11 14
Step 2: generate random key as size of the plaintext replace each alphabet by its according number (A=0,
B=1…….Z=25).
X M C K L
23 12 2 10 11
Step 3: add plaintext letter number to its respective key letter number.
7 4 11 11 14
23 12 2 10 11
After Addition of above two rows
30 16 13 21 25
Decryption:
Step 1: write ciphertext and replace each letter by its according number (A=0, B=1…….Z=25).
E Q N V Z
4 16 13 21 25
Step 2: use sender side generated random key and replace each letter by its according number (A=0,
B=1…….Z=25).
X M C K L
23 12 2 10 11
Step 3: subtract plaintext letter number from its respective key letter number.
pg. 8
Computer Network Security Chapter 3: Cryptography and Public key Infrastructure
4 16 13 21 25
23 12 2 10 11
After Subtraction of above two
rows
-19 4 11 11 14
pg. 9
Computer Network Security Chapter 3: Cryptography and Public key Infrastructure
pg. 10
Computer Network Security Chapter 3: Cryptography and Public key Infrastructure
Since digital signature is created by ‘private’ key of signer and no one else can have this key; the
signer cannot repudiate signing the data in future.
pg. 11
Computer Network Security Chapter 3: Cryptography and Public key Infrastructure
The receiver after receiving the encrypted data and signature on it, first verifies the signature using sender’s
public key. After ensuring the validity of the signature, he then retrieves the data through decryption using
his private key.
Key Management
There are some important aspects of key management which are as
follows −
Cryptographic keys are nothing but special pieces of data. Key
management refers to the secure administration of
cryptographic keys.
Key management deals with entire key lifecycle as depicted in
the following illustration −
There are two specific requirements of key management for public key cryptography.
o Secrecy of private keys. Throughout the key lifecycle, secret keys must remain secret from
all parties except those who are owner and are authorized to use them.
o Assurance of public keys. In public key
Figure 6: key lifecycle
cryptography, the public keys are in open
domain and seen as public pieces of data. By default there are no assurances of whether a
public key is correct, with whom it can be associated, or what it can be used for. Thus key
pg. 12
Computer Network Security Chapter 3: Cryptography and Public key Infrastructure
management of public keys needs to focus much more explicitly on assurance of purpose of
public keys.
The most crucial requirement of ‘assurance of public key’ can be achieved through the public-key
infrastructure (PKI), a key management systems for supporting public-key cryptography.
As shown in the illustration, the Certifying Authority (CA) accepts the application from a client to certify his
public key. The CA, after duly verifying identity of client, issues a digital certificate to that client.
pg. 14
Computer Network Security Chapter 3: Cryptography and Public key Infrastructure
computer, he can easily gain access to private key. For this reason, a private key is stored on secure
removable storage token access to which is protected through a password.
Different vendors often use different and sometimes proprietary storage formats for storing keys. For
example, Entrust uses the proprietary .epf format, while Verisign, GlobalSign, and Baltimore use the
standard .p12 format.
pg. 15