Unit 2

#Symmetric Techniques

-Symmetric encryption is an encryption methodology that uses a single key to encrypt (encode) and
decrypt (decode) data. It's the oldest and most well-known technique for encryption.

-The secret key can be a word, a number, or a string of letters, and it's applied to a message. The
message is changed following the rules in the key. Sender and receiver know the key, and can thus code
and decode any message that would use that specific key.

-There are five main components of a symmetric encryption system: plaintext, encryption algorithm,
secret key, ciphertext, and the decryption algorithm. Let's look at these one at a time.

■ Plaintext: This is the original intelligible message or data that is fed into the algorithm as input.

■ Encryption algorithm: The encryption algorithm performs various substitutions and transformations
on the plaintext.

■ Secret key: The secret key is also input to the encryption algorithm. The key is a value independent of
the plaintext and of the algorithm. The algorithm will produce a different output depending on the
specific key being used at the time. The exact substitutions and transformations performed by the
algorithm depend on the key

■ Ciphertext: This is the scrambled message produced as output. It depends on the plaintext and the
secret key. For a given message, two different keys will produce two different ciphertexts. The
ciphertext is an apparently random stream of data and, as it stands, is unintelligible.

■ Decryption algorithm: This is essentially the encryption algorithm run in reverse. It takes the
ciphertext and the secret key and produces the original plaintext.

-Here are some commonly used symmetric techniques:

1. Data Encryption Standard (DES): DES is a symmetric encryption algorithm that uses a 56-bit key
to encrypt and decrypt data in 64-bit blocks. However, due to its small key size, DES is no longer
considered secure and has been largely replaced by more advanced algorithms.

2. Triple Data Encryption Standard (3DES): 3DES is a variant of DES that applies the DES algorithm
three times with different keys. It provides a higher level of security than DES but is slower due
to the repeated encryption.

3. Advanced Encryption Standard (AES): AES is a widely used symmetric encryption algorithm that
supports key sizes of 128, 192, and 256 bits. It is considered highly secure and efficient, making
it the de facto standard for symmetric encryption in many applications.
#Substitution ciphers

-A substitution technique is one in which the letters of plaintext are replaced by other letters or by
numbers or symbols. If the plaintext is viewed as a sequence of bits, then substitution involves replacing
plaintext bit patterns with cipher text bit patterns.

-There are various types of substitution ciphers which are as follows

1. Caesar Cipher: The earliest known, and the simplest, use of a substitution cipher was by Julius Caesar.
The Caesar cipher involves replacing each letter of the alphabet with the letter standing three places
further down the alphabet. For example,

plain: meet me after the toga party cipher: PHHW PH DIWHU WKH WRJD SDUWB

Note that the alphabet is wrapped around, so that the letter following Z is A. We can define the
transformation by listing all possibilities, as follows:

plain: a b c d e f g h i j k l m n o p q r s t u v w x y z

cipher: D E F G H I J K L M N O P Q R S T U V W X Y Z A B C

2. Monoalphabetic Cipher − In monoalphabetic substitution cipher, a character in a plaintext is always

restored or changed to the similar character in the ciphertext indifferent of its position in the text.

For instance, if a letter A in the plaintext is changed to G then each appearance of A in the plaintext will
be restored by G.

Plaintext : hello Ciphertext : IFMMP

This is a monoalphabetic cipher as both 1’s are encrypted as ‘M’.

3. One-Time Pad − The one-time pad cipher recommend that the key length must be as long as the plain
text to avoid the repetition of key. Along with that, the key must be used only once to encrypt and
decrypt the individual message after that the key must be discarded.

4. Playfair Cipher − The playfair cipher is also known as Playfair Square. It is a cryptographic technique
used for manual encryption of information. This scheme was developed by Charles Wheatstone in 1854.

The Playfair cipher was used by the British army in World War I and by the Australian in World War II.
This was applicable because the playfair cipher is perfectly fast to use and does not demand some
specific equipment to be used.

5. Polyalphabetic cipher: It is far more secure than a monoalphabetic cipher. As monoalphabetic cipher
maps a plain text symbol or alphabet to a ciphertext symbol and uses the same ciphertext symbol
wherever that plain text occurs in the message.
But polyalphabetic cipher, each time replaces the plain text with the different ciphertext.
#Transposition ciphers

-A very different kind of mapping is achieved by performing some sort of permutation on the plaintext
letters. This technique is referred to as a transposition cipher.

-Unlike substitution ciphers, transposition ciphers do not change the letters themselves but rather their
order. These ciphers rely on the secrecy of the rearrangement rule to provide security.

-Here are a few examples of transposition ciphers:

1. Rail Fence Cipher: In the Rail Fence cipher, the plaintext is written diagonally in a zigzag pattern
across a set number of "rails" or lines. The ciphertext is then formed by reading the letters row
by row. For example, if the plaintext is "HELLO WORLD" and the number of rails is 3, the
ciphertext would be "HOLELWRDLL O".

2. Columnar Transposition Cipher: In the Columnar Transposition cipher, the plaintext is written
out in rows, and then the columns are rearranged according to a keyword or rule. The ciphertext
is formed by reading the columns in the new order. For example, if the plaintext is "HELLO
WORLD" and the keyword is "CRYPTO", the ciphertext could be "OLHOLELWRD".

3. Route Cipher: The Route Cipher, also known as the Scytale cipher, involves writing the plaintext
on a long, narrow strip of paper, called a "scytale." The ciphertext is then obtained by reading
the letters in a specific pattern, such as winding around a rod of a particular diameter. The exact
rules of the route and pattern determine the encryption and decryption process.

4. Columnar Transposition with Key: This variant of the Columnar Transposition cipher uses a
keyword to determine the column order. The keyword is used to sort the columns
alphabetically, and the ciphertext is formed by reading the columns row by row. This adds an
additional layer of complexity to the transposition process.
#Stream and block ciphers

Stream Cipher:

-stream cipher is one that encrypts a digital data stream one bit or one byte at a time.

- Examples of classical stream ciphers are the autokeyed Vigenère cipher and the Vernam cipher. In the
ideal case, a one-time pad version of the Vernam cipher would be used, in which the keystream (ki ) is as
long as the plaintext bit stream (pi ).

- If the cryptographic keystream is random, then this cipher is unbreakable by any means other than
acquiring the keystream. However, the keystream must be provided to both users in advance via some
independent and secure channel. This introduces insurmountable logistical problems if the intended
data traffic is very large.

-Accordingly, for practical reasons, the bit-stream generator must be implemented as an algorithmic
procedure, so that the cryptographic bit stream can be produced by both users.

- In this approach (Figure a), the bit-stream generator is a key-controlled algorithm and must produce a
bit stream that is cryptographically strong. That is, it must be computationally impractical to predict
future portions of the bit stream based on previous portions of the bit stream. The two users need only
share the generating key, and each can produce the keystream.
Block Cipher:

-A block cipher is one in which a block of plaintext is treated as a whole and used to produce a
ciphertext block of equal length. Typically, a block size of 64 or 128 bits is used. As with a stream cipher,
the two users share a symmetric encryption key (Figure b). a block cipher can be used to achieve the
same effect as a stream cipher.

-In general, they seem applicable to a broader range of applications than stream ciphers. The vast
majority of network-based symmetric cryptographic applications make use of block ciphers.

#A5,RC4 Ciphers

A5 and RC4 are two symmetric encryption algorithms that have been used in the field of cryptography.
Let's take a closer look at each of them:

1. A5 (A5/1 and A5/2):

- A5 is a stream cipher used in the GSM (Global System for Mobile Communications) standard for
encrypting voice and data communications.

- A5/1 is the original version of A5 and was introduced in the first-generation GSM systems. It uses
three linear feedback shift registers (LFSRs) with different clocking mechanisms to generate a keystream
for encryption.

- A5/2 is a weaker version of A5 that was designed for export restrictions but is no longer considered
secure.

- A5/1 and A5/2 have been subject to attacks and vulnerabilities, leading to security concerns. As a
result, newer encryption algorithms like A5/3 have been introduced in more recent GSM standards.

2. RC4 (Rivest Cipher 4):

- RC4 is a symmetric stream cipher designed by Ron Rivest and widely used in various applications,
including wireless networks (e.g., WEP, WPA), secure sockets layer (SSL), and wireless LANs.

- RC4 operates on variable-length keys (typically between 40 and 256 bits) and generates a
pseudorandom keystream used for encryption by combining the key with a permutation of the numbers
0 to 255.

- RC4 gained popularity due to its simplicity and fast encryption/decryption speed. However, serious
vulnerabilities have been discovered in the keystream generation process, making it susceptible to
attacks. As a result, it is no longer recommended for secure applications.

- Many organizations and standards bodies, such as the Internet Engineering Task Force (IETF), have
discouraged the use of RC4 and recommended transitioning to more secure encryption algorithms like
AES.
#Characteristics of good ciphers

Good ciphers possess several important characteristics that contribute to their effectiveness in providing
secure encryption. Here are some key characteristics of good ciphers:

1. Security: A good cipher should provide a high level of security, making it resistant to various
cryptanalysis techniques. It should be computationally infeasible to decrypt the ciphertext without
knowledge of the secret key.

2. Key Length: The length of the encryption key is crucial. A good cipher should support keys of sufficient
length to withstand brute-force attacks. Longer key lengths exponentially increase the number of
possible keys, making it more difficult to guess or crack the key.

3. Confidentiality: A good cipher ensures the confidentiality of the plaintext by obscuring its content. It
should prevent unauthorized individuals from gaining access to the original message.

4. Resistance to Attacks: A cipher should be resistant to a wide range of attacks, including known-
plaintext attacks, chosen-plaintext attacks, differential attacks, and statistical attacks. It should not
reveal any patterns or biases that can be exploited to compromise the security of the encryption.

5. Key Management: Good ciphers require proper key management practices. They should provide
secure mechanisms for key generation, storage, distribution, and revocation. Key management is crucial
to maintaining the security of the encryption system.

6. Longevity: A good cipher should have long-term viability. It should be designed to withstand
advancements in computational power and evolving attack techniques. A cipher that remains secure
over an extended period reduces the need for frequent algorithm changes.

7.Efficiency: A good cipher strikes a balance between security and efficiency. It should be
computationally efficient to encrypt and decrypt data, allowing for practical implementation on various
platforms and in different applications

#Data Encryption Standard

-The Data Encryption Standard (DES) is a symmetric-key block cipher

-It is based on the Feistel structure in which the plaintext is separated into two halves. It takes input
as 64-bit plaintext and a 56-bit key to produce 64-bit ciphertext.

-Before processing, the entire plain text is separated into two pieces of 32 bits each, and the same
operations are done on each portion. Each piece goes through 16 rounds of operations before the final
permutation is used to obtain the 64-bit ciphertext.
-Expansions, permutations, and substitutions are some of the functions used in the rounds, as well as
an XOR operation with a round key.

-Decryption is done in the same way as encryption but in the opposite sequence. Although DES was
regarded to be less safe for encrypting highly confidential data of government because it uses a smaller
shared key, triples-DES was invented to counter this. Still, it was also not considered a good algorithm
because it encrypts data very slowly.

- In DES, even a minor change in the input text results in a completely new ciphertext.

#Advanced Encryption Standard

-Advanced Encryption Standard (AES) is also a symmetric key block cipher. Because DES utilises a
relatively short cipher key and the algorithm was quite slower, AES was introduced to replace it.

-It is currently one of the most popular symmetric block cipher algorithms. It is at least six times faster
than triple-DES encryption. Unlike DES, it is based on the "Substitution and Permutation'. It takes a
step-by-step method. In AES, bytes are used instead of bits.
-In AES, plain text is considered 126 bits equivalent to 16 bytes with a 128-bit secret key to generate
a 44-bit matrix (having 4 rows and 4 columns). It then does 10 rounds after this step.

- Each round has its own subprocesses, with 9 rounds including Sub bytes, Shift Rows, Mix
Columns and Add Round Keys. The 10th round includes all the above operations excluding 'Mix columns'
in order to produce the 126-bit ciphertext.

-The number of rounds in AES is determined by the key size, which is 10 for 128-bit keys, 12 for 192-bit
keys, and 14 for 256-bit keys. We can use it in several protocols such as TLS, SSL and numerous modern
application which need high encryption security. We can also use AES for hardware which needs high
throughput.
#Block cipher modes of operation

#Confidentiality using symmetric encryption

Confidentiality can indeed be achieved using symmetric encryption algorithms. Symmetric encryption,
also known as secret-key encryption, involves using the same key for both the encryption and
decryption processes. Here's how confidentiality is achieved with symmetric encryption:

1. Key Generation: A secret key is generated, which is a shared secret between the communicating
parties. The key must be kept confidential and known only to authorized parties.

2. Encryption: The sender uses the secret key to encrypt the plaintext message or data. The encryption
algorithm scrambles the data into ciphertext, which is unreadable and meaningless without the
corresponding key.

3. Transmission: The encrypted ciphertext is transmitted over the network or other communication
channels. Since the data is encrypted, even if it's intercepted by an unauthorized entity, they won't be
able to understand its content without the key.

4. Decryption: The intended recipient uses the same secret key to decrypt the ciphertext back into the
original plaintext. The decryption algorithm reverses the encryption process, allowing the recipient to
access the original message.