Professional Documents
Culture Documents
Part – I
Classical Encryption Principles & Algorithms
Information Security
(SE3052)
1 Compiled by Alemu w., (awcourseapp@gmail.com) , Tuesday,
March 22, 2021
Introduction
Institutions of all sizes collect and store huge volumes of confidential
information and most of this information is collected, processed and stored on
computers and transmitted across networks to other computers.
The rapid growth and widespread use of electronic data processing and
electronic business conducted through the Internet, along with numerous
occurrences of international terrorism, fueled the need for better methods of
protecting the computers and the information.
Information security means protecting information and information systems
from unauthorized access, use, disruption, or destruction.
So that, the OSI security architecture provides a systematic frame work for
defining security attacks
2
Terminologies
Cryptography:
The art of protecting transmitted information from unauthorized interception or
tampering
The art and science of encompassing the principle and methods of transforming an
intelligible (plain text) message into one that is unintelligible(cipher text), and then
retransforming that message back to its original form.
The sender enciphers a message into unintelligible form, and the receiver deciphers it
into intelligible form
The enciphering and deciphering of messages into secret codes by means of various
transformations of the plaintext
Cryptography is closely related to communication theory, namely coding theory
Coding Theory involves translating information of any kind (text, scientific data,
pictures, sound, and so on) into a standard form for transmission, and protecting this
information against distortion by random noise.
3
Terminologies
Plain text:
The original intelligible message or data that is fed into the algorithm as input
The plaintext is not quite the same as the message being sent
The message probably has to be translated into some standard form to be encrypted; for
example, this might be leaving out the punctuation, turning it into ASCII code or a sequence of
numbers, etc.
But there is nothing secret about this stage; knowing the plaintext is equivalent to knowing
the message
Cipher text:-
The scramble message produced as an output of the encryption algorithm
Key(Secret Key):
Is some critical information used by the encryption algorithm as input to encrypt the plaintext
It is independent of the plaintext and encryption algorithm
It is only known to the sender and receiver
4
Terminologies
Enciphering or Encryption:
Needs an input (Clear message & key) to deliver the cipher form (output) , this cipher form to be
decrypted (converted to the clear form ) we shall need a key and the same algorithm
Deciphering/Decryption:- is the process of restoring back the plaintext from the cipher
text.
Cryptanalysis(code breaking):-The process of deriving the plaintext from the cipher text
5
approaches to Information Security
Link Encryption:
Each vulnerable communication link is equipped on both ends with an encryption device.
User information, header, trailers, source/destination addresses and routing data will be
encrypted
The only data/information that will not be encrypted is data link control message infn
The main disadvantage is that it is effective only if all potential weak links from source to
End-to-End Encryption:
Data is encrypted only at the source node and decrypted at the destination node.
The cryptographic keys used to encrypt and decrypt the messages are stored exclusively on the
endpoints
6
Characteristics of Cryptographic Systems
All encryption algorithms are based on two general principles:
Substitution: Element in the plain text(bit, letter or groups) is mapped into another element
Symmetric: If both sender and receiver use similar or single key for both encryption and
encryption.
Block cipher: Processes the input one block of elements(typically 64 or 128 bits) at a time,
algorithm and has access to one or more cipher text would be unable to
decipher the cipher text or figure out the key.
Sender & receiver must have to obtain the secret key in secure fashion and
keep it secure
If someone can found the key and knows the algorithm, all communication
To recover the plaintext of a cipher text or, more typically, to recover the secret key
Kerkhoff’s principle: The adversary knows all details about a cryptosystem except the secret
key
Brute-force Attack:
Try all possible keys on cipher text until get an intelligible translation into plaintext
Attacker knows cipher text of several messages encrypted with same key
attacks
The easiest to defend against because the opponent has the least amount information to
work with
10
Cryptanalytic Attack
Known-plaintext attack
The attacker knows the Algorithm, cipher text and plaintext-cipher text pair
Attackers observe pairs of plaintext-cipher text encrypted with the same secret key.
That is given (m1,c1), (m2,c2), …, (mk, ck) and a new cipher text c
Chosen-plaintext attack
Attacker can choose the plaintext and look at the paired cipher text
Attacker has more control than known-plaintext attack and may be able to gain more information
about key
That is given: (m1,c1), (m2,c2), …,(mk,ck), where m1, m2, …, mk are chosen by the adversary; and
The attacker knows the Algorithm, cipher text and chosen plaintext and its cipher text
11
Cryptanalytic Attack
Chosen-cipher text attack
Attacker chooses a series of plaintexts, basing the next plaintext on the result of
previous encryption
The Encryption algorithm, cipher text and purported cipher text chosen by
cryptanalyst, together with its corresponding decrypted plaintext generated with the
secret key are known to cryptanalyst.
That is given: (m1,c1), (m2,c2), …,(mk, ck), where c1, c2, …, ck are chosen by the
The attacker knows the Algorithm, cipher text & chosen plaintext and its cipher text
12
Cryptanalytic Attack
Chosen-text attack
The attacker has the capability to choose arbitrary plaintexts to be encrypted and obtain the
The goal of the attack is to gain some further information which reduces the security of the
encryption scheme.
In the worst case, a chosen-plaintext attack could reveal the scheme's secret key.
Batch chosen-plaintext attack - The attacker chooses all plaintexts before any of them are
encrypted
Adaptive chosen-plaintext attack: The attacker has the ability to make his choice of the
inputs to the encryption algorithm based on the previous chosen plaintext queries and
their corresponding ciphertexts
13
Transposition Cipher
Rearrange letters in plaintext to produce cipher text
imaginary fence
Move up when we reach the bottom rail and move down when we reach the top rail
Example: If we have 3 "rails" and a message of ‘KILL THE QUEEN', the cipher
writes out
K T U
Encryption/Transposition Result: KTU ILHQEN LEE
I L H Q E N
L E E
14
Transposition Cipher
Route Cipher:
In a route cipher, the plaintext is first written out in a grid of given dimensions, then
In fact, for messages of reasonable length, the number of possible keys is potentially
writes out:
The key might specify “spiral inwards, clockwise, starting from the top right”
The message is written out in rows of a fixed length, and then read out again column
Example, the word ZEBRAS is of length 6 (so the columns are of length 6), and the
In a regular columnar transposition cipher, any spare spaces are filled with nulls; in
6 3 2 4 1 5
an irregular columnar transposition cipher, the spaces are left blank
W E A R E D
Example: WE ARE DISCOVERED FLEE AT ONCE
I S C O V E
Encryption/Transposition Result:
R E D F L E
EVLNFACDTSESEAAROFODDEECQWIREE E A T O N C
16 E A S D F Q
Transposition Cipher
Double transposition:
lengths, writing the message out in its columns and then looking for possible anagrams.
Thus to make it stronger, a double transposition was often used, this is simply a
Example: Take the result of the irregular columnar transposition in the previous
section, and perform a second encryption with a keyword, STRIPE, which gives the
permutation "564231” 5 6 4 2 3 1
E
Message: EVLNFACDTSESEAAROFODDEECQWIREE V L N F A
Encryption/Transposition Result:
C D T S E S
E A A R O F
ASFCE NSRER FEOEE LTADI ECEOQ VDADW
O D D E E C
17 Q W I R E E
Example
We are software Engineers at WKU.
4 1 3 2
1. Soft
A O A N
2. Ware E A U E
S W E N
1. Construct columns
S K W E
2. orders to read columns
T E I R
W R F R
G E T
18
Transposition Cipher
Myszkowski Transposition
letters.
In usual practice, subsequent occurrences of a keyword letter are treated as if the next
letter in alphabetical order, e.g., the keyword TOMATO yields a numeric key string
of "532164."
In Myszkowski transposition, recurrent keyword letters are numbered identically,
Part – II
Substitution Cipher
Information Security
(SE3052)
Multiplicative Cipher
Affine Cipher
Polyalphabetic cipher
Vigenère cipher
21
Substitution Cipher - Mono Alphabetic
In mono alphabetic substitution, the relationship between a symbol in the
DEFGHIJKLMNOPQRSTUVWXYZABC
Additive Cipher:
The simplest mono alphabetic cipher and sometimes called Shift or Caesar cipher, but
Additive cipher reveals its mathematical nature
Caesar cipher corresponds to n = 3
Num. Val 0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25
Plain Text A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
Key = 3 D E F G H I J KLM N O P Q R S T U V W X Y Z A B C
When the cipher is additive, the plaintext, cipher text, and key are integers in Z26
General architecture:
Example: Use the additive cipher with key = 15 to encrypt the message “hello”
23
Substitution Cipher – Mono Alphabetic
Additive Cipher Brute-force Cryptanalysis Attack
If it is known that a given cipher text is a Caesar cipher, then a brute-force cryptanalysis is
cryptanalysis:
The encryption and decryption algorithms are known.
SDUWB”.
24
Encryption/Transposition Result:: Meet Me After Toga Party
Substitution Cipher – Mono Alphabetic
Multiplicative Cipher
Caesar ciphers are encrypted by adding modulo 26 (C = p + key mod 26, where C is
ciphertext and p is plaintext) and are decrypted by adding the inverse of the key.
It seems reasonable to consider what would happen if we encrypted by multiplying modulo
The plaintext and cipher text are integers in Z26, and the key is also an integer in Z26*
The key domain for any multiplicative cipher: 1, 3, 5, 7, 9, 11, 15, 17, 19, 21, 23, 25
Example: Use a multiplicative cipher to encrypt the message “hello” with a key of 7
Why even numbers in Z26* are not in the key set of multiplicative cipher?
The only multipliers that are possible are those that result in one-to-one mappings.
25
Substitution Cipher – Mono Alphabetic
Multiplicative Cipher
26
Substitution Cipher – Mono Alphabetic
Affine Cipher
If encrypting once is good, twice must be better. Correct? Well, not always.
Consider encrypting a message twice with Caesar ciphers. Let’s say the message was
first encrypted using a Caesar cipher with key 7 and then with 11, the result of the re-
encryption is equivalent to having encrypted the message once with key 18.
Consider encrypting a message twice with multiplicative ciphers. If a message is first
encrypted with a key 3 and then with key 7, the re-encryption is equivalent to having
encrypted the message once with key 21
In neither of these cases is the security enhanced by re-encryption.
Well, how about encrypting first with a Caesar cipher and then re-encrypting with a
multiplicative cipher? This composition does increase security. Such ciphers are
called affine ciphers.
27
Substitution Cipher – Mono Alphabetic
Affine Cipher:
We could first encrypt using a multiplicative cipher with multiplicative key m and
then re-encrypt with a Caesar cipher with additive key b. This results in C = mp+b
where p is plaintext and C is ciphertext.
Alternatively, we could first encrypt using a Caesar cipher with additive key b and
then re-encrypt with a multiplicative cipher with multiplicative key m. This results in
C = m(p+b).
28
Substitution Cipher – Mono Alphabetic
Affine Cipher
Example: Use affine cipher to encrypt the message “hello” with the key (7, 2)
Example: Use affine cipher to decrypt the message “ZEBBW” with the key pair
They are not secure enough – operates on the key range of Z26 and increasing the
Each plaintext character may be replaced by more than one character and each
text is one-to-many.
The most common examples include: Vigenère cipher, Play fair cipher and
Hill Cipher
30
Substitution Cipher - Polyalphabetic
Vigenère cipher
First row starts with ‘A’, second row starts with ‘B’, etc.
It requires a keyword that the sender and receiver know ahead of time
Each character of the message is combined with the characters of the keyword to find
Refer the Vigenère table at the end of the slides or [click here]
S E E M E I N M A L L
I N F O S E C I N F O
31
Substitution Cipher - Polyalphabetic
Vigenère cipher
The keyword and message characters are converted to corresponding numbers in the
characters
Uses the fact that the keyword character helps to get different cipher text
To decrypt, use the table, choose the row corresponding to the keyword character and
Process:
SHEI SLI S TENING
PAS CAL PAS CAL PA
Result: HHWKSWXSLGNPCG
Can you do it
with Additive
Method?
33
Substitution Cipher - Polyalphabetic
Multiple Letter (Play fair) Cipher:
Alphabets that are not in the keyword are arranged in the remaining cells from left to
34
Substitution Cipher
Multiple Letter (Play fair) Cipher:
Grouped text: CR YP TO IS TO XO EA SY
I/J N F O S
E C A B D
G H K L M
P Q R T U
V W X Y Z
Result: AQ VT YB NI YB YF CB OZ
Reading Assignment:
Read about Vernam Cipher: About History, Application, Algorithm and related
issues.
Note: You are supposed to include this encryption algorithm in your project.
35
Substitution Cipher - Polyalphabetic
Hill Cipher
A polyalphabetic cipher invented by Lester S. Hill & plaintext is divided into equal
size blocks
The blocks are encrypted one at a time and makes it a block cipher
Each character in the block contains to the encryption of other characters in the block
In Hill cipher, the key is a square matrix of size mxm in which m is the size of the
block
Let the key be K, each element of the matrix is K ij as shown below
C1 = P1K11 + P2K21 + … + PmKm1
C2 = P1K12 + P2K22 + … + PmKm2
….
Cm = P1K1m + P2K2m + … + PmKmm
36
Substitution Cipher - Polyalphabetic
Hill Cipher
37
Substitution Cipher - Polyalphabetic
Hill Cipher
The Inverse K-1 of a matrix K is defined by the equation KK-1= K-1K=I where I is the
identity matrix
The Hill system can be expressed as:
C = E(K,P) = KP mod 26
Hill cipher is strong against a cipher text-only attack, it is easily broken with a known
plaintext attack
38
Chapter Three
Security Techniques
Part – III
Substitution Cipher
DES and AES
Information Security
(SE3052)
39 Compiled by Alemu w., (awcourseapp@gmail.com) , Tuesday,
March 22, 2021
Data Encryption Standard (DES)
The Data Encryption Standard (DES) was developed in the 1970s by the National Bureau
unclassified data
IBM created the first draft of the algorithm, calling it LUCIFER and DES officially became
Following a period of redesign and comment it became the Data Encryption Standard
The DES algorithm is a careful and complex combination of two fundamental building
41
Substitution Cipher
42
Substitution Cipher
43
Substitution Cipher
44
Substitution Cipher
45
Substitution Cipher
46
Substitution Cipher
47
Substitution Cipher
48
Substitution Cipher
49
Substitution Cipher
50
Substitution Cipher
51
Substitution Cipher
52
Substitution Cipher
53
Substitution Cipher
54
Substitution Cipher
55
Substitution Cipher
56
Substitution Cipher
57
Substitution Cipher
58
Substitution Cipher
59
Substitution Cipher
60
Substitution Cipher
61
Substitution Cipher
62
Substitution Cipher
63
Substitution Cipher
64
Substitution Cipher
65
Substitution Cipher
66
Substitution Cipher
67
Substitution Cipher
68
Substitution Cipher
69
Substitution Cipher
70
Substitution Cipher
71
Substitution Cipher
72