19CSE331 – Cryptography

by
KAVITHA C.R.
Asst. Prof.
Dept. of Computer Science and Engineering

Amrita School of Computing, Bengaluru

Amrita Vishwa Vidyapeetham
 Classical Cryptography
Also known as Conventional Cryptography

Notations:
P – Plain Text
C – Cipher Text

For Plain text use Lower-case letters

For Cipher text use Upper-case letters

Cryptosystem

(P, C, K, E, D)
P – Plain Text
C – Cipher Text
K – Secret key
E – Encryption Algorithm
D – Decryption Algorithm

29-10-2022 2
 There are various techniques.

1) Shift Cipher or Caesar Cipher or Additive Cipher

It is an example of a substitution cipher where each character in the

given text is replaced by a letter which is shifted at some fixed value.

Encryption: Ci = Pi + K mod 26
Decryption: Pi = Ci – K mod 26

Eg. 1: P : attack at dawn

C: fyyfhp fy ifbs
K?
K=5

a b c d …… is 0, 1, 2,3………

29-10-2022 3
 Cryptanalysis
Cryptanalysis is the art of breaking codes and ciphers.

The Caesar cipher is probably the easiest of all ciphers to break.

Since the shift has to be a number between 1 and 25, (0 or 26
would result in an unchanged plaintext) we can simply try each
possibility and see which one results in a piece of readable text.

If you happen to know what a piece of the ciphertext is, or you

can guess a piece, then this will allow you to immediately find
the key.

Brute Force Attack or Exhaustive search attack

Worst case is 25 times can be tried to obtain the key

29-10-2022 4
 Given the cipher text, find plain text and the key using brute force attack

WXUWOHVFDQWHOOPRUHDERXWWKHURDGVWKDVWTVNUHV
-1 VWTVN
-2 UVSUM
-3 TURTLESCANTELLMOREABOUTTHEROADSTHANHARES

TURTLES CAN TELL MORE ABOUT THE ROADS THAN

HARES

29-10-2022 5
 2)

29-10-2022 6
 Eg.1: P = givesomemoney
K=7
Find C.

29-10-2022 7
 Decryption of C = QERCWUGCGUNCM with k = 7, so its inverse K-1 is 15

29-10-2022 8
 3) Simple Substitution Cipher

A Look-up table is used for encryption. Its inverse is used

for decryption.

It basically consists of substituting every plaintext

character for a different ciphertext character.
It differs from the Caesar cipher in that the cipher alphabet is not
simply the alphabet shifted, it is completely jumbled.

The simple substitution cipher offers very little

communication security, and it will be shown that it
can be easily broken even by hand, especially when
longer messages
(more than several hundred ciphertext characters).
29-10-2022 9
 a b c d e f g h i j k l m n o p q r s t u v w x y z
P
p h q g i u m e a y l n o f d x j k r c v s t z w b
C

Encryption
plaintext : defend the east wall of the castle
ciphertext : giuifgceiiprctpnnduceiqprcni
Decryption

cipher alphabet: zebracdfghijklmnopqstuvwxy

Plain text: xhzsitondbeqrkglmacvypj

29-10-2022 10
 Cryptanalysis
The simple substitution cipher is quite easy to break.
Even though the number of keys is around 288.4 (a really
big number), there is a lot of redundancy and other
statistical properties of English text that make it quite easy
to determine a reasonably good key.
The first step is to calculate the frequency distribution of
the letters in the cipher text.
This consists of counting how many times each letter
appears.
Note: Brute Force Attack takes 26!
29-10-2022 11
 Natural English text has a very distinct distribution that can be used help
crack codes. This distribution is as follows:

29-10-2022 12
 Short pieces of text often need more expertise to crack.
If the original punctuation exists in the message,
e.g. 'giuifg cei iprc tpnn du cei qprcni’,
then it is possible to use the following rules to guess some of the words, then,
using this information, some of the letters in the cipher alphabet are known.

One-Letter Words
a, i

Frequent Two-Letter Words of, to, in, it, is, be, as, at, so, we, he, by, or,
on, do, if, me, my, up, an, go, no, us, am
the, and, for, are, but, not, you, all, any,
can, had, her, was, one, our, out, day, get,
Frequent Three-Letter Words has, him, his, how, man, new, now, old,
see, two, way, who, boy, did, its, let, put,
say, she, too, use
that, with, have, this, will, your, from, they,
Frequent Four-Letter Words
know, want, been, good, much, some, time
29-10-2022 13
 Usually, punctuation in ciphertext is removed and the ciphertext is put
into blocks such as 'giuif gceii prctp nnduc eiqpr cnizz', which prevents
the previous tricks from working. There are, however, many other
characteristics of English that can be utilized. The table below lists
some other facts that can be used to determine the correct key. Only
the few most common examples are given for each rule.
Most Frequent Single Letters ETAOINSHRDLU
th er on an re he in ed nd ha at en
Most Frequent Digraphs es of or nt ea ti to it st io le is ou ar
as de rt ve
the and tha ent ion tio for nde has
Most Frequent Trigraphs
nce edt tis oft sth men ing
Most Common Doubles ss ee tt ff ll mm oo
TOAWBCDSFMRHIYEGLN
Most Frequent Initial Letters
PUJK
ESTDNRYFLOGHAKMPU
Most Frequent Final Letters
W
29-10-2022 14
 SOWFBRKAWFCZFSBSCSBQITBKOWLBFXTBKOWLSOXS
OXFZWWIBICFWUQLRXINOCIJLWJFQUNWXLFBSZXFBTX
AANTQIFBFSFQUFCZFSBSCSBIMWHWLNKAXBISWGSTO
XLXTSWLUQLXJBUUWLWISTBKOWLSWGSTOXLXTSWL
BSJBUUWLFULQRTXWFXLTBKOWLBISOXSSOWTBKOWL
XAKOXZWSBFIQSFBRKANSOWXAKOXZWSFOBUSWJBSB
FTQRKAWSWANECRZAWJ
Encryption Table

a b c d e f g h i j k l m n o p q r s t u v w x y z

X Z T J W U M O B E P A R I Q K D L F S C H Y G N V

THESIMPLESUBSTITUTIONCIPHERISACIPHERTHATHASBEEN
INUSEFORMANYHUNDREDSOFYEARSITBASICALLYCONSISTS
OFSUBSTITUTINGEVERYPLAINTEXTCHARACTERFORADIFFER
ENTCIPHERTEXTCHARACTERITDIFFERSFROMCAESARCIPHER
INTHATTHECIPHERALPHABETISNOTSIMPLYTHEALPHABET
SHIFTEDITISCOMPLETELYJUMBLED
29-10-2022 15
 Z A Z M I T A K A V O A I O L
h e h a d s e l e c t e d t w
Y A X M Q G K A T Y B T O P I
o e x a m p l e s o f s t u d
A S O V Y Q G Y T D O D Y S O
e n t c o m p o s i t i o n t
Z A B D J T O L M T M J M Q N
h e f i r s t w a s a r a m b
K D S E I D T V Y S S A V O A
l i n g d i s c o n n e c t e
I O Z D S E L D O Z D S O A J
d t h i n g w i t h i n t e r
A T O D S E D I A M T O Z M O
e s t i n g i d e a s t h a t
S A W A J N P D K O D S O Y M
n e v e r b u i l t i n t o a
S U O Z D S E
16
29-10-2022 n y t h i n g
a b c d e f g h i j k l m n o p q r s t u v w x y z

e f j i g k p q d r l w a b t u m z n s y c v x o h

29-10-2022 17
 Affine Cipher
(k1, k2) key pair is used
k1 is the multiplicative key and k2 is the additive key

Encryption: C = P * k1 + k2 mod 26

Decryption: P = (C – k2) * k1-1 mod 26

29-10-2022 18
 19
29-10-2022
29-10-2022
7-1 mod 26 is 15 20
 Encryption

Verify the decryption and obtain plain text

29-10-2022 21
 Brute Force Attack
Multiplication operation
Փ(26) = 12
K1= z26* = {1,3,…….25}
So 12 elements

But 1 will not be used

Then key space = 11

Addition operation
Key space = 26
K2 = z26 = {0, 1,….25}
But 0 will not be used.
Then key space = 25

11 * 25 = 275 possible
29-10-2022
keys 22
 Suppose we receive a cipher text that was
enciphered using an Affine cipher. After running a
frequency analysis on cipher text, we found that the
most highly frequency occurring letters are R and K.
Assume that these letters corresponds to e and t.
Find the parameters that were used in Affine cipher.
Given Cipher text C is FMXVEDKAPH

Index Table

a b c d e f g h i j k l m n o p q r s t u v w x y z

0 1 2 3 4 5 6 7 8 9 1 1 1 1 1 1 1 1 1 1 2 2 2 2 2 2
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5

29-10-2022 23
29-10-2022 24
3-1 mod 26 is 9
a b c d e f g h i j k l m n o p q r s t u v w x y z

0 1 2 3 4 5 6 7 8 9 1 1 1 1 1 1 1 1 1 1 2 2 2 2 2 2
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 25
 The plaintext obtained is algorithms
a b c d e f g h i j k l m n o p q r s t u v w x y z

0 1 2 3 4 5 6 7 8 9 1 1 1 1 1 1 1 1 1 1 2 2 2 2 2 2
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5
26
29-10-2022 27
29-10-2022 28
29-10-2022 29
 Message is Have a good day
ha ve ag oz od da yz
CD OM BL XT SB BL ZP
same letter should not be repeated in a digram. Use a filler character to separate.
29-10-2022 30
 Key is KEYWORD

K E Y W O
R D A B C
F G H I/J L
M N P Q S
T U V X Z
1) Why don’t you?
wh yd on ty ou
YI EA ES VK EZ
YJ
2) come to the window
co me to th ew in do wy
OZ NK ZK VF YO GQ CE YE

3) The big wheel

th eb ig wh ez el
29-10-2022
VF WD HF YI or YJ OU OG 31
 mod26 mod26

Index table
a b c d e f g h i j k l m n o p q r s t u v w x y z

0 1 2 3 4 5 6 7 8 9 1 1 1 1 1 1 1 1 1 1 2 2 2 2 2 2
29-10-2022 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 32
29-10-2022 33
 Vigenere
Table

29-10-2022 34
 Eg. 1: The key is KEY, and the plaintext is DCODE. What is the
cipher text?
C1 = 3 + 10 mod 26 = 13 N
C2= 2 + 4 mod 26 = 6 G
C3= 14 + 24 mod 26 = 12 M
C4 = 3 + 10 mod 26 = 13 N
C5 = 4 + 4 mod 26 = 8 I

Eg. 2: Decrypt NGMNI, the key is KEY.

Locate the letter K on the first column, and on the row of it, find the cell of the
letter N, the name of its column is D, it is the first letter of the plain message.

Plain text = DCODE

a b c d e f g h i j k l m n o p q r s t u v w x y z

0 1 2 3 4 5 6 7 8 9 1 1 1 1 1 1 1 1 1 1 2 2 2 2 2 2
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5

29-10-2022 35
 How to find the key when having both cipher and
plaintext?
When encrypting, the key is added to the plain text to get
encrypted text. So, from the encrypted text, subtract the
plain text to get the key.
Ci = Pi + Ki mod 26 Then, Ki = Ci – Pi mod 26
Eg. 3: Plain text : is it safe
Cipher text: awknjexi
Find the key. security

a b c d e f g h i j k l m n o p q r s t u v w x y z

0 1 2 3 4 5 6 7 8 9 1 1 1 1 1 1 1 1 1 1 2 2 2 2 2 2
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5

29-10-2022 36
 Cryptanalysis of Vigenere Cipher

1)Determine the length n of the key.

- Kasiski Test and
- Index of Co-incidence

2) Determine K = (k1, k2, k3,…..kn)

29-10-2022 37
 How to decipher Vigenere without knowing the key?

Most common keyless techniques uses statistical

methods in order to find the key length, then a
simple frequency analysis allow to find the key.

Kasiski test
Kasiski test consists in finding repeating sequences of
letters in the ciphertext.

Example: ABC appears three times in the

message ABCXYZABCKLMNOPQRSABC

38
29-10-2022
 If K matrix is used for encryption then K-1 Matrix is used for decryption
29-10-2022 Matrix inverse exists if its determinant is not equal to 0 39
Encrypt the message “heie” using Hill cipher with the given
Key matrix.
Aij= a b AijT= a c
K=3 7 c d b d

5 12 Aij-1= d -b
-c a
Its inverse exists, it is K-1 = 12 -7 divided by the
Aij = (-1)i+j subdeterminant with
-5 3 determinant mod 26 row i and col j
__________________________

det(A)

A11 = (-1)1+1 (d) / (a*d – b*c)

The determinant is 1 in this case A12 = (-1)1+2 (b) / (a*d – b*c)
A21 = (-1)2+1 (c) / (a*d – b*c)
Encryption: [CT] = [key] [PT] mod 26 A22 = (-1)2+2 (a) / (a*d – b*c)

Decryption: [PT] = [key]-1 [CT] mod 26

29-10-2022 K * K-1 = K-1 * K = I Identity Matrix 40

 Encryption

Decryption

a b c d e f g h i j k l m n o p q r s t u v w x y z

0 1 2 3 4 5 6 7 8 9 1 1 1 1 1 1 1 1 1 1 2 2 2 2 2 2
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5
29-10-2022 41
29-10-2022
42
 A: 10010010111 00010111001
B: 01111010001 10010010111
A xor B :00010111001 01111010001

29-10-2022 XOR has reversible property 43

 One-time pad cipher is a type of Vigenere cipher which
includes the following features −
•It is an unbreakable cipher.
•The key is exactly same as the length of message which
is encrypted.
•The key is made up of random symbols.
•As the name suggests, key is used one time only and
never used again for any other message to be encrypted.

Why is it Unbreakable?
The key is unbreakable owing to the following features −
•The key is as long as the given message.
•The key is truly random and specially auto-generated.
•Key and plain text calculated as modulo 10 or 26 or 2.
•Each key should be used once and destroyed by both sender and receiver.
•There should be two copies of key: one with the sender and other with the
receiver.

Commonly used operation is XOR as it is reversible.

29-10-2022 44
29-10-2022 45
29-10-2022 46
29-10-2022 47
29-10-2022 48
 Encryption Decryption

P 3 1 4 5 2 P 1 2 3 4 5
C 1 2 3 4 5 C 2 5 1 3 4
29-10-2022 49
29-10-2022 50
29-10-2022 51
 Encryption Key Decryption Key
31452 25134

29-10-2022 52
 Decryption Key matrix is the multiplicative inverse of Key matrix and
K * K-1 mod 26 = Identity Matrix
29-10-2022 53
29-10-2022 54
 1) Encrypt the text “sources” using Hill cipher and given the key
matrix and verify the decryption.
K=9 4 18 14 9 4 mod 26 = 24 14 = yo fr mk bn
5 7 20 17 * 5 7 5 17
2 4 12 10
18 25 1 13
Decryption: inverse of K mod 26.
7 -4
-5 9 divided by 43 * cipher text mod 26
43-1 mod 26 = 17-1 mod 26 = 23
a b c d e f g h i j k l m n o p q r s t u v w x y z

0 1 2 3 4 5 6 7 8 9 1 1 1 1 1 1 1 1 1 1 2 2 2 2 2 2
29-10-2022 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 55
 Plain Text = “ Sources”
K=9 4
5 7

Encryption:
C = K P mod n

C1 = 9 4 18 9 * 18 + 4 * 14 10 K
C2 5 7 * 14 mod 26 = 5 * 18 + 7 * 14 mod 26 = 6 = G

C3 = 9 4 20 9 * 20 + 4 * 17 14 O
C4 5 7 * 17 mod 26 = 5 * 20 + 7 * 17 mod 26 = 11 = L

and so on

The cipher text is KGOLIMCF

56
29-10-2022
 2) Encrypt the message “cryptography is good” using the permutation
cipher using the given encryption table. Find the decryption key.

C 1 2 3 4 5
Decryption key is 1 4 2 5 3
P 1 3 5 2 4

crypt ograp hyisg oodxz

CYTRP ORPGA HIGYS ODZOX

1 3 5 2 4
c r y p t
o g r a p COHOYRIDTPGZRGYOPASX
h y i s g
o o d x z
29-10-2022 57
 3) Decrypt the cipher text which has been encrypted using Permutation or
Transposition cipher.

SRNTAGTAEHTRACETRSUEWTOIHUBCTAKOEBNSAEHVTE
AHHRETDSSELHLS
Hint1: 5 is the key length
Hint2: 4 filler characters are required
Hint3: Block cipher

SRNTA GTAEH TRACE TRSUE WTOIH UBCTA KOEBN

STRAN GETHA TCREA TURES WITHO UTBAC KBONE
14253
SAEHV TEAHH RETDS SELHL SXXXX
SHAVE THEHA RDEST SHELL SXXXX

The plain text is

STRANGE THAT CREATURES WITHOUT BACKBONE HAVE THE HARDEST SHELLS

29-10-2022 58
 4) Decrypt the following cipher text using the key “BENEFIT” and
single round columnar transposition.

KEDEEXHFZAOXSUYYNYBNZ
Hint1: find the message length and divide by key length to get no. of rows
Write column wise based on key and then read row wise.

1 2 6 3 4 5 7
B E N E F I T
K E Y H A S B
E E N F O U N
D X Y Z X Y Z

Plain Text : KEY HAS BEEN FOUND XYZXYZ

29-10-2022 Note: The key characters decide the order of cipher text
59
 5) Perform columnar double transposition using the same key “STRENGTH”
Plain text is “meet me later”
First Round

6 7 5 1 4 2 8 3
S T R E N G T H
M E E T M E L A
T E R X Y Z W X

First round result: TXEZAXMYERMTEELW

Second Round

6 7 5 1 4 2 8 3
S T R E N G T H
T X E Z A X M Y
E R M T E E L W

Cipher Text: ZTXEYWAEEMTEXRML

29-10-2022 Note: The key characters decide the order of cipher text 60
 6) The following message was encrypted with a simple substitution cipher.
It has been partially cryptanalyzed. The letters e, t, a, o, i, n, s have been
inserted into the ciphertext. Complete the cryptanalysis.
tMe ZaWanese VeWLaFeR tMe VeR KaFMine IitM a
KaFMine to Ue XnoIn as WQVWLe

Solution: the japanese replaced the red machine with a

machine to be known as purple

a b c d e f g h i j k l m n o p q r s t u v w x y z

c w m l h u d r p k j

29-10-2022 61
 Homophonic Substitution Cipher
Homophonic Substitution cipher is a substitution cipher in which single plaintext
letters can be replaced by any of several different ciphertext letters. They are
generally much more difficult to break than standard substitution ciphers
• The number of characters each letter is replaced by is part of the key,
e.g. the letter 'E' might be replaced by any of 5 different symbols, while
the letter 'Q' may only be substituted by 1 symbol.

• The easiest way to break standard substitution ciphers is to look at the

letter frequencies, the letter 'E' is usually the most common letter in
English, so the most common ciphertext letter will probably be 'E' (or
perhaps 'T’).

• If the letter 'E’ is replaced by any of 3 different characters, then we can

no longer just take the most common letter, since the letter count of 'E'
is spread over several characters.
• As we allow more and more possible alternatives for each letter, the
resulting cipher can become very secure.
29-10-2022 62
 Example
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
D X S F Z E H C V I T P G A Q L K J R U O W M Y B N
9 7 3 5 0 4 6
2
1

plaintext: DEFEND THE EAST WALL OF THE CASTLE

ciphertext:F7EZ5F UC2 1DR6 M9PP 0E 6CZ SD4UP1

63
29-10-2022
 Attacks

Types of Attacks
1) Active Attacks
2) Passive Attacks

Active and Passive Attacks are security attacks.

In Active attack, an attacker tries to modify the content of the

messages.

In Passive attack, an attacker observes the messages, copy

them and may use them for malicious purposes.

29-10-2022 64
 Modification In Active Attack, information is In Passive Attack, information
1 modified. remain unchanged.

Dangerous For Active Attack is dangerous for Passive Attack is dangerous for
2 Integrity as well as Availability. Confidentiality.

Attention Attention is to be paid on Attention is to be paid on

3 detection. prevention.
Impact on In Active Attack, system is In Passive Attack, system has no
4 System damaged. impact.

Victim Victim gets informed in active Victim does not get informed in
5 attack. passive attack.

System System Resources can be System Resources are not

6 Resources changed in active attack. changed in passive attack.

Examples Denial of Service, password Snooping of data or traffic

crackers, viruses, replay attack analysis, eavesdropping or
7
sniffing, release of message
29-10-2022 contents 65
 Based on the methodology used, attacks are categorized as follows −
1) Ciphertext Only Attacks (COA) −
▪ the attacker has access to a set of ciphertext(s).
▪ He does not have access to corresponding plaintext.
▪ COA is said to be successful when the corresponding plaintext
can be determined from a given set of ciphertext.
▪ Occasionally, the encryption key can be determined from this
attack
▪ Modern cryptosystems are guarded against ciphertext-only
attacks.

2) Known Plaintext Attack (KPA) −

▪ the attacker knows the plaintext for some parts of the ciphertext.
▪ The task is to decrypt the rest of the ciphertext using this
information
▪ This may be done by determining the key or via some other
method
▪ The best example of this attack is linear cryptanalysis against
block ciphers.
29-10-2022 66
 3) Chosen Plaintext Attack (CPA) −
▪the attacker has the text of his choice encrypted.
▪So he has the ciphertext-plaintext pair of his choice.
▪This simplifies his task of determining the encryption key.
▪An example of this attack is differential cryptanalysis applied
against block ciphers as well as hash functions.
▪A popular public key cryptosystem, RSA is also vulnerable to
chosen-plaintext attacks.

4) Chosen ciphertext attack (CCA) -

▪ cryptanalyst can choose different cipher texts to be decrypted
and has access to the decrypted plaintext.
▪ This type of attack is generally applicable to attacks against
public key cryptosystems.
▪ Adaptive chosen ciphertext attack involves attacker selecting
certain cipher texts to be decrypted, then using the results of
these decryptions to select subsequent cipher texts.
▪ modifications in ciphertext helps in getting key from the
decryptions.
29-10-2022 67
 5) Dictionary Attack −
▪ This attack has many variants, all of which involve
compiling a ‘dictionary’.
▪ In simplest method of this attack, attacker builds a
dictionary of ciphertexts and corresponding plaintexts that
he has learnt over a period of time.
▪ In future, when an attacker gets the ciphertext, he refers
the dictionary to find the corresponding plaintext.

6) Brute Force Attack (BFA) −

▪ the attacker tries to determine the key by attempting all
possible keys.
▪ If the key is 8 bits long, then the number of possible keys
is 28 = 256
▪ The attacker knows the ciphertext and the algorithm, now
he attempts all the 256 keys one by one for decryption.
▪ The time to complete the attack would be very high if the
29-10-2022 key is long. 68
 7) Birthday Attack −
▪ This attack is a variant of brute-force technique.
▪ It is used against the cryptographic hash function.
▪ Like the birthdays can repeat, hash code also can repeat

8) Man in Middle Attack (MIM) − The targets of this attack are

mostly public key cryptosystems where key exchange is involved
before communication takes place.

9) Side Channel Attack (SCA) − This type of attack is not

against any particular type of cryptosystem or algorithm. Instead,
it is launched to exploit the weakness in physical implementation
of the cryptosystem.

29-10-2022 69
 10) Timing Attacks −
▪ They exploit the fact that different computations take
different times to compute on processor.
▪ By measuring such timings, it is be possible to know about
a particular computation the processor is carrying out.
▪ For example, if the encryption takes a longer time, it
indicates that the secret key is long.

11) Power Analysis Attacks −

▪ These attacks are similar to timing attacks except that the
amount of power consumption is used to obtain information
about the nature of the underlying computations.

12) Fault analysis Attacks −

▪ In these attacks, errors are induced in the cryptosystem
and the attacker studies the resulting output for useful
information.
29-10-2022 70