~~ Cryptography Network security is mostly achieved through the use of eryptography, a science based on abstract algebra. In this chapter, we briefly discuss the cryptography suitable for the scope of this book. We have tried to limit our discussion of abstract algebra as much as we could, Our goal is to give enough information about cryptography to make network security understandable. The chapter opens the door for stud lying network security in Chapter 31 and Internet security in Chapter 32. 30.1 INTRODUCTION luce the issues involved in cryptography. First, we need to define some terms: give some taxonomies. nitions We define some terms here that are used in the rest of the chapter. Cryptography Cryptography, a word with Greck origins, means “secret writing,” However, we use the term to refer to the science and art of transforming messages to make them secure and immune to attacks, Figure 30.1 shows the components involved in cryptography. Figure 30.1. Cryptography components +CHAPTER 30. cRYPTOGRAPHY th three fypes OF Keys in ery, 0 Three Types of Revs jcc tat 86 aE dealing with thre avg NC d the private key. ‘The first, the secret key, jg They ‘The second and the third are y,. ty phy, We will use three differs? Yi uy - fh one from the others, ag th ‘cory np “The render may hae NOHO the secret key, he public REY. Ta graph key used in symmetric Key ee aah Bey pate Reps sed i aS gitimgs for these keys throughout the be Figure 30.5. —_—-—_—— Figure 30.5 Kevs used in cryplsrep! Rigor SS Public key Private key "Asymmetric-key cryptography Same ey ema Comparison Let us compare symmetric-key and asymmetric-key cryptography. Encryption can te thought of as electronic locking; decryption as electronic unlocking. The sender puss the message in a box and locks the box by using a key; the receiver unlocks the box with a key and takes out the message. ‘The difference lies in the mechanism of the locking and unlocking and the type of keys used. = In symmetric-key cryptography, the same key locks and unlocks the box. In asymmetric-key cryptography, one key locks the box, but another key is needed to unlock it. Figure 30.6 shows the difference. Figure 30.6 Comparison between two categories of cryptographySECTION 30.2 SYMMETRIC-KEY CRYPTOGRAPHY — 935 30.2 SYMMETRIC-KEY CRYPTOGRAPHY yptogay Phy started thousands of years ago when people needed to eereae for Cxanupte, in a war), We still mainly use symnmetrie-key cryptography , ook Security. However, today's ciphers are much more complex. Let us first discuss traditional algorithm, which were charactetoriented, "Then we discuss the modem ich are bit-oriented, cS ‘ones, WI Traditional Ciphers We briefly introduce some traditional ciphers, which are character-oriented. Although these are now obsolete, the goal is to show how modern ciphers evolved from them. We can divi y ey ciphers into two broad categories: substitution ciphers and transposition ciphers, as shown in Figure 30.7. Figure 30.7 Traditional ciphers a ‘Substitution ciphers “Transposition ciphers Substitution Cipher i i . If the symbols in the plain- ion cipher substitutes one symbol with another. - ue al vabetie characters, we replace one character with another. For example, we en a ce character A with D, and character T with Z. Ifthe symbols are digits (0 to aytecaaa replace 3 with 7, and 2 with 6, Substitution ciphers can be categorized as cither monoalphabetic or polyalphabetic ciphers. 3 ‘A substitution cipher replaces one symbol with another. (or @ symbol) in the plaintext is always Ina monoalphabetic cipher, a character (or a sintext inlays ster (or symbol) in the ciphertext regardless of its positi changed t0.1he Se ee alpen says that character A in the plaintext is changed oo ea eee oa very character A is changed to character D, In other words, the relation- Coe mes in the plaintext and the ciphertext is a one-to-one relationship. sai ee sivalphabetle cipher, each occurrence of a character can have a different substtute "The felationship between a character in the plaintext to a character in the936 CHAPTER 30 CRYPTOGRAPHY totionship. For example, character A could be ciphertext is a one sma iene be changed to N atthe middle, ir ninety Din the begining ot een plaintext characters and ciphertext characters j 5%, that if the relavionsti? ig which of the many possible characters can be cho many, ie i irave this goat, we need to divide the text into groups of hare” ea or gaye or exazple, we can divide the text “THISISANEAS pach into groups of 3 characters and then apply the encryption using a set of 3 keys, wy, they repeat the procedure for the next 3 characters. Example 30.1 , ‘The following shows a plaintext and its corresponding ciphertext. Is the cipher Monoalphabetier Plaintext: HELLO Ciphertext: KHOOR Solution : ‘The cipher is probably monoalphabetic because both occurrences of L's are encrypted as 0's, Example 30.2 The following shows a plaintext and its corresponding ciphertext. Is the cipher monoalphabetic? Plaintext: HELLO Ciphertext: ABNZF. Solution The cipher is not monoalphabetic because each occurrence of L is.encrypted by a different cha acter. The first I. is encrypted as N; the second as Z. Shift Cipher The simplest monoalphabetic cipher is probably the shift cipher. We assume that the plaintext and ciphertext consist of uppercase letters (A to Z) only. In this cipher, the encryption algorithm is “‘shift key characters down,” with key equal 0 some number. The decryption algorithm is “shift key characters up.” For example, ite key is 5, the encryption algorithm is “shift 5 characters down” (toward the end of te al abet. The decryption algorithm is “shift 5 characters up” (toward the beginning th pha ). Of course, if we reach the end or beginning of the alphabet, We ee ce eae used the shift cipher to communicate with his officers. For this Lierr} ler is someti fee Se omtiaes teferred to as the Caesar cipher. Caesar used # key Example 30.3 Use the shift cipher with key = 1510 encrypt the message “HELLO.”SECTION AOD SYMUIETIICKER ER EPTOQVAPIY — OA Rolitlon We enctyi ne charncter at enerypled WW. Letter Hine emetypied WA. An Oise A Utne Gach eharwcter ie chitted 15 chotysesere Aovem Letior Ht om Vypted 10 T The ties 1. be enseryptedd Un A Tie anweand tbe eae #DNEN NY Ave cipher teat ie WAALS Kvample 30d Use the abit cpt with hey © 19 tu dectypn tle message “WIAAN” Solution es eeon one charac fet aw tline, Rach character be shifted 15 characters wp Leniee We leery ped to HL. Letter T ie dectypted to 4). ‘The first A is decrypted Wa 1. The tanomd & is deeryped to L. Aud, finally, 2 in decrygaed 9 0. The plaintest i HELLO Transposition ‘Iph Ina transposition elpher, there is no substitution of characters; instead, their ieatieme change. A character in the first position of the plaintext nay appear in the tents peautien of the ciphertext. A character in the cighth position may appear in the first perction fe other words, « transposition cipher reorders the symbols in a block of symbeae SS A transposition cipher reorders (permutes) symbols In a block of symibene Key Ina transposition cipher, the key is a mapping between the penition of the wymbets in the plaintext and cipher text. For example, the following shorws the key using 2 block of four characters: Plaintext: 2413 Ciphertext: 1.2 3 4 In encryption, we move the character at position 2 to position 1, the character at position 4 10 position 2, and so on, In decryption, we do the reverse. Note that, to be more effective, the key should be long, which means encryption and decryption of long blocks of data. Figure 30.8 shows encryption and decryption for our four-character Figure 30.8 | Transposition cipher Prainaeat bos) ‘&98 | CHAPTER 30 CRYPTOGRAPHY “Phe figure shows that the encryption and decryny , Ption es it from downward while decryption app py , block using the above key. same key. The eneryption app Example 30.5 Encrypt the message “HELLO MY DEAR." using the above key. Solution vide the text into blocks first remove the spaces inthe message, We then divide the text into blocks of four We ndts ee chatter Za the end of the hid block, The result is HELL OMY Earn ‘create a three block ciphertext ELHLMDOYAZER. ‘ “ Z ————— Example 30.6 Using Example 30.5, decrypt the message “ELHLMDOYAZER : Solution . ‘The result is HELL OMYD EAR. Afier removing the bogus character and combining the chr, acters, we get the original message “HELLO MY DEAR.” ~~ a Simple Modern Ciphers. The traditional ciphers we have studied so far are character-oriented. With the advent of the computer, ciphers need to be bit-oriented. This is so because the information tobe encrypted is not just text; it can also consist of numbers, graphics, audio, and video das It is convenient to convert these types of data into a stream of bits, encrypt the stream, and then send the encrypted stream. In addition, when text is treated at the bit level, esch character is replaced by 8 (or 16) bits, which means the number of symbols becomes § (or 16). Mingling and mangling bits provides more security than mingling and mangling characters. Modem ciphers use a different strategy than the traditional ones. A modem symmetric cipher is a combination of simple ciphers. In other words, a modem cipher uses several simple ciphers to achieve its goal. We first discuss these simple ciphers. XOR Cipher Modem ciphers today are normally made of a set of simple ciphers, which are simple predefined functions in mathematics or computer science. The first one discussed here ~iscalled the XOR cipher because it uses the exclusive-or operation as defined in compu science. Figure 30.9 shows an XOR cipher. Figure 30.9 XOR cipherSECTION 30.2 SYMMETRIC-KEY CRYPTOGRAPHY — 939 An XOR operati ion 1 needs (wo data inputs plaintext, as the first and a key as the sec- ond. In other word: H Siac ean ioe of the inputs is the block to be the encrypted, the other input is the plaintext, and the ci ridin block. Note that in an XOR cipher, the size of the key, property: the enerymig Text ate all the same. XOR ciphers have a very interesting 'ys We encryption and decryption are the same. Rotation Cipher __ Rotation Cipher ae eae is the rotation eipher, in which the input bits are rotated to ihe Bey define the: hase cipher can be keyed or keyless. In keyed rotation, the value of Freee S10 area amber of rotations; in keyless rotation the numberof rotations i fixed. Figure 30.10 shows an example of a rotation cipher. Note thatthe rotation cipher ean be special case of the transpositional cipher using bits instead of characters. Figure 30.10 Rotation cipher ‘The rotation cipher has an interesting property. If the length of the original stream is N, after N rotations, we get the original input stream. This means that itis useless to apply more than N = | rotations. In other words, the number of rotations must be between Vand N= 1. "The decryption algorithm for the rotation cipher uses the same key and the opposite rotation direction, If we use a tight rotation in the encryption, we use a left rotation in decryption and vice versa. S-box ion box) parallels the traditional substitution cipher for characters. ‘The input to an S-box is a stream of bits with length N; the result is another stream of bite with length M. And N and M are not necessarily the same. Figure 30.11 shows an S-box. © "The $-box is normally Keyless and is used as an intermediate stage of encryption or decryption. The function that matches the input to the output may be defined mathe- matically or by a table. 3 Substitution Ciphe <_ Transposition Cipher: P-bos. r ‘A P-box (permutation box) for bits parallels the traditional transposition cipher for char- acters. It performns a transposition atthe bit level; it transposes bts. It can be implemented930 CHAPTER 30 CRYPTOGRAPHY int bit sm fd bo bd ‘A fant that matches M inputs WAL outputs TM oaipui bie in software or hardware, but hardware is faster. P-boxes like S-boxes, are normally tay, less. We can have three types of permutations in P-boxes: the straight permuta expansion permutation, and compression permutation as shown in Figure 30,1 Figure 30.12 _P-boxes: straight, expansion, and compression §o2 3 4 5 ia. Expansion " © Compression A straight permutation cipher or a straight P-bo; it ion ci -box has the same number of inputs as outpus. Im other words, if the number of inputs is N, the number of outputs is also. In ae ee pemalasion cipher, the number of Oulput ports is greater than the number - In a compression permutation ci; sis fate ee tutation cipher, the number of output ports is less Modern Round Ciphers — i of today are called round ciphers because sea ipte rounds, c| Ive multiple " Where each round is a complex cipher made up ch thesinghccohne that we previous) = onSECTION 10.2 SYMMETHIC-KEY CRYPTOGRAPHY 9A Wround ts 1 subset or vartation of the yeneral key called the round Key. H the cipher has sounds, « hey genorntor produces N keys, Ky. Ky. ++ Be Wheto Ki by cdl in romnul 1, in ein 3, ond a on I this section, we , introduce two modern sytmmetic-key ciphers, DES and ALS ee Jelerred 10 95 block ciphers because th de the pl ini Wc the same | Q Se thy sutne hey to encryptand decrypt the- blocks) facto standant until recently. AES iy the formal standard now has been the de Data Encryption Standard (Dis) ep One example OF a complex block cipher iy the Data Encryption Standard (DES). DES Pes was designed by 13M and adopted by Hipent as the standard encryption method Tor nonnillitary and nonelassified us porithm.cnceyptss 64-bit plaintext block using 1 64-bit key, as shown in Figure 30.13, Figure 30.13 Des 64 bi painters GA bit bey 64 bis eiptienent iti e Fs (they are 5 ition blocks (P-boxes) and 16 complex round ciphers ved ATT Ine Te ierition Found eipherFaie Conceptually the ame. cach uses nae i the original key. pai eran re mounts are keyless straight permutations that ure the i cules other. The permutation takes a 64-bit input and permutes them according ins a to predefined values.~~ 942 CHAPTER 30 CRYPTOGRAPHY cl own in Figure 30.14, n, cA somplex round cipher, as shown . Note the mia Porte eneniiled a ciphers if different from that of the dectyptign « . ucture of \ery DES Function Lis the DES function. The DES function applies 48-bit key to the rightmost 32 bits & to produce a 32-bit output. This function is made tp of four operationSan XOR, an i cxpansion permulation, a group of S-Boxes, anda Straight permutation, as shown in Figure 30.15. rem a —_ Figure 30.15 DES function K, (48 bits)ate SECTION 30.2. SYMMETRIC-KEY CRYPTOGRAPHY 943 Triple DES Critics of DES conte , bs teen Riopiaed ead Peat hey in too short. ‘To lengthen the key, Triple DES or 3DES ote tha fi DI se Mae reeyting block uses an encryption-decryption-encryption corm ‘Two different versione, En block uses a decryption-encryption-decryption combi Ae rake ie eae pe ‘are in use: 3DES with two keys and 3DES with three Keys. Bebra is ‘and at the same time protcet DES from attacks such as the the third keys tack, 3DES with two keys. was designed, In this version, the first and asingle DES block ean : te Keys). This has the advantage in that a text encrypted by Many algorithms use a 3 5 ‘eerypted by the new 3DES. We just set all keys equal to Key nN to 168 bits. . ES cipher with three keys. This increases the size of the key Figure 30.16 Triple DES 64-bit plaintext Key, Keys Keys (64-bit ciphertext (64-bit ciphertext ‘, Encryption Triple DES by Decryption Triple DES ‘Advanced Encryption Standard (AES) - “The Advanced Eneryption Standard (ABS) was designed because DES's key was t00 sre Although Triple DES (3DES) increased the key size, the process was too slow. The National Institute of Standards and Technology (NIST) chose the Rijndael Algorithm, named after its (wo Belgian inventors, Vincent Rijmen and Joan Daemen, arene basis of AES. AES is a very complex round cipher. AES is designed with three fay sizes: 128, 192, oF 256 bits. Table 30. shows the relationship between the data block, number of rounds, and key size. Table 30.1. AES configuration [Tsp Block | NumberofRowds “| ~_« KeySize 10) 128 bits ee 12 192 bits i 256 bitsos A pet qt! Al” CHAPTER 30 CRYPTOGRAPHY AES has three different configurations with respect to the number of rounds and key size, Inthis text, we discuss just the 10-round, 128-bit Key configuration. The structure ang eration ofthe other configurations are similar. The difference lies in the key generation The general structure is shown in Figure 30,17, There is an initial XOR operation (otlowed by 10 round ciphers, The last ound is slightly different from the preceding ounds: it is missing one operation, Although the 10 iteration blocks are almost identical, cach uses a different A A key lerived from the original key. igure 30.17 AES 128-bit plaintext 28-bit ciphertext a ioe Round Each round of AES, except for the last, is a cipher with four ae we it are invertible. The last found has only three operations, Figure 30.18 is pee mi lat shows the ©perations in each round. Each of the four operations used in rnd uses a complex cipher; this topic is beyond the scope of this book. Other Ciphers During the last two decades, Used. Most ofthese ciphers this chapter (DES and AES) number of rounds, and the burden the user with the de 4 few other symmetric block ciphers have been designed and have similar characteristics tothe two ciphers we discussed ia ). The difference is usually in the size of the block or key. functions used. The principles are the same. In order not !0 tails of these ciphers, we give a brief description of each. visa:SECTION 302 SYMMETRIC-KEY CRYPTOGRAPHY — 945 Figure 30.18 Structure of each rund 12-bit data IDEA. The Intemational Data Encryption Algorithm (IDEA) was developed by Xuejia Lai and James Massey. The block size is 64 and the key size is 128. It can be imple- mented in both hardware and software. Blowfish Blowfish was developed by Bruce Schneier. The block size is 64 and the key size between 32 and 448. CAST-128 CAST-128 was developed by Carlisle Adams and Stafford Tavares. It is a Feistel cipher with 16 rounds and a block size of 64 bits; the key size is 128 bits. RCS RCS was designed by Ron Rivest. Itis a family of ciphers with different block sizes, key sizes, and numbers of rounds. Mode of Operation ‘A mode of operation is a and AES that we discusse technique that employs the modem block ciphers such as DES .d earlier (see Figure 30.19). Figure 30.19 Modes of operation for block ciphersCHAPTER 30 CRYPTOGRAPHY Electronic Code Book ; ie € d Be ei cly block cipher technique. The pa, ic code hook (ECB) mode is a purely bl Plain & is wivided into blocks of N bits. The ciphertext ix made of blocks of W bits, Th, value of W depends on the type of cipher used. Figure 30.20 shows the method, 1: Plaintext blow | C; Ciphertent block / Nobis Gq ‘We mention four characteristics of this mode: - Because the key and the encryption/decryption algorithm are the same, equal blocks in the plaintext become equal blocks in the ciphertext. For example, if plaintext blocks 1, 5, and 9 are the same, ciphertext blocks 1, 5, and 9 are also the same. This can be a security problem; the adversary can guess that the plaintext blocks are the same if the corresponding ciphertext blocks are the same. If we reorder the plaintext block, the ciphertext is also reordered, Blocks are independent of each other. Each block is encrypted or decrypted inde- pendently. A problem in encryption or decryption of a block does not affect other blocks. Anerror in one block is not propagated to other blocks. If one or more bits are cor- rupted during transmission, it only affects the bits in the corresponding plaintext after decryption. Other plaintext blocks are not affected. This is a real advantage if the channel is not noise-free. te PP B Cipher Block Chaining Sipher block chaining (CBC) mode tries to al by including the previous cipher block in the preparation of the current block. If the cu J. plockis ithe previous ciphertext block Cy. is included in the encryption of bocki Mother words, when a block is completely enciphered, the block i sent but a copy fi is Kept ina register (a place where data can be held) to be used inthe encryption of te peta o&k: The reader may wonder about the initial block. Thee is no ciphertext Bok before the first block. In this ease, a phony block called the intigtion vector UY) ® Weed, Hoth the sender and receiver agree upon a spectic predetermined I. Ino Mord te IV is used instead of the nonexistent Cy. Figure 30.21 shows the CBC mode. , The reader may wonder about the decryption. Does the configuration shown in ie igure guarantee the correct decryption? It can be Proven that it does, but we leave Proof to a textbook in network security, leviate some of the problems in ECBSECTION 30.2 SYMMETRIC-KEY CRYPTOGRAPHY 947 CHC mote 2, Paine block 4 a Uontiated C, Cipherentbheck ¢ wath tv 1, tnatization vector G The following are some characteristics of CBC. . Even though the key and the encryption/decryption algorithm are the same, equal blocks in the plaintext do not become equal blocks in the ciphertext. For example, if plaintext blocks 1, 5, and 9 are the same, ciphertext blocks 1, 5, and 9 will not be the same. An adversary will not be able to guess from the ciphertext that two blocks are the same. Blocks are dependent on each other. Each block is encrypted or decrypted based on a previous block. A problem in encryption or decryption of a block affects other blocks. 3. The error in one block is propagated to the other blocks. If one or more bits are corrupted during the transmission, it affects the bits in the next blocks of the plain- text after decryption. n Cipher Feedback ‘The cipher feedback (CFB) mode was created for those situations in which we need to send or receive r bits of data, where r is a number different from the underlying block size of the encryption cipher used. The value of rcan be 1, 4, 8, or any number of bite, Since all block ciphers work on a block of data at a time, the problem is how to encrypt just r bits. The solution is to let the cipher encrypt a block of bits and use only the first r bits as a new key (stream key) to encrypt the r bits of user data. Figure 30.22 shows the configuration. _ “The following are some characteristics of the CFB mode: 1. If' we change the IV from one encryption to another using the same plaintext, the ciphertext is different. 2. The ciphertext C, depends on both P, and the preceding ciphertext block. 3. Errors in one or more bits of the ciphertext block affect the next ciphertext blocks. Output Feedback “The output feedback (OFB) mode is very similar to the CFB mode with one difference. Each bit in the ciphertext is independent of the previous bit or bits. This avoids errorSCRIPTED OXPATOGRPAY Pp PYaioteut Mock €: Cipher Bh « INS tritiation vector c rite propagation. If an error occurs in transmission, it does not affect the future bits. Noce that, as in CEB, both the sender and the receiver use the encryption algorithm, Note also that in OFB, block ciphers such as DES of AES can only be used to create the key stream. The feedback for creating the next bit stream comes from the previous bits of the key stream instead of the ciphertext, The ciphertext does not take part in creating the key stream, Figure 30.23 shows the OFB mode. Figure 30.23 OF mode The following are some of the characteristics of the OFB mode. 4. If we change the IV from one ettcryption to another usi same plaintext. the f t aintext. ciphertext will be different, ae ee " 2. The ciphertext C; depends on the plaintext P, 3. Errors in one or more bits of the ciphertext do not affect future ciphertext blocks.SECT ECTION 30.3 ASYMMETRIC-KEY CRYPTOGRAPHY 949 30.3 ASYMMETRIC-KEY CRYPTOGRAPHY In the previous secti introduce: aammcl ie ces discussed symmetric-key cryptography. In this section we asymmettic-key (or Pb cryptography). As we mentioned before, an iscuss : key) ci A ait , Gibcus vo algo Reger iat fo ky one pate an oe public We RSA ‘The most oo and (adtonanl (esa key algorithm is RSA, named for its inventors Rivest, Shamir, Ie uses ty ; ” and Aleman (RSA). Kase wo numbers and da the public and private ep, a Figure 30.24 RSA To public 4 ‘Calculating ed, anda P= Ctmodn .d d, have a special relationship to each other, a discussion of this ‘The two keys, ¢ an the scope of this book. We just show how to calculate the keys relationship is beyond without proof. Selecting Keys : Bob use the following steps to select the private and public keys: 1. Bob chooses two very large prime numbers p and q. Refnember that a prime num- boris one that can be divided evenly only by { and itself. Bob multiplies the above two primes to find nthe modulus for eneryption and decryption. In other words, m= PX q. Bob calculates another number @ = (p~ 1) X (q~ 1). Bob chooses a random integer e. He then calculates d so that dx e = 1 mod 4. Bob announces ¢ and 1 to the public; he keeps @ and d secret. 2. yay announced to the Patan ee950 CHAPTER 30 CRYPTOGRAPHY Encryption 4 Anyone who needs to send a message to Bob can use 1 and ed cramp, if Alice needs to send a message to Bob, she can change the message, usually a sl One, oan integer. This is the plaintext. She then calculates the ciphertext, using ¢ and 1, Ce Pt (modn) Alice sends C, the ciphertext, to Bob, Decryption Bob keeps 6 and d private. When he receives the ciphertext, he uses his private key d tp decrypt the message: P=C4(mod n) Restriction For RSA to work, the value of P must be less than the value of n. If P is a large number, the plaintext needs to be divided into blocks to make P less than n. Example 30.7 Bob chooses 7 and 11 as p and q and calculates n = 7+ 1! = 77. The value of § = (7~1)(11=1) or 60. Now he chooses two keys, ¢ and d. If he chooses ¢ to be 13, then d is 37. Now imagine Alice sends the plaintext 5 to Bob. She uses the public key 13 to encrypt 5. Plaintext: 5 C=5'3 = 26 mod 77 Ciphertent: 26 Bob receives the ciphertext 26 and uses the private key 37 to decipher the ciphertext: Ciphertext: 26 P=26"7=5 mod77 Plaintext: § ‘The plaintext 5 sent by Alice is received as plaintext 5 by Bob. Example 30.8 Jennifer creates a pair of keys for herself. She chooses p = ates 0 = . P = 397 and q = 401. She calculate 159,197 and @ = 396 - 400 = 158,400. She then chooses ¢ = 343 and d = 12,007. Show how can send a message to Jennifer if he knows e and n, Solution . He then concatenates the 180 a git number. The plaintext is 1314. Ted then uses ¢ arid 1 t0 enc ‘the message. The ciphertext is 131443, 33,677 mod 159,197. Jennifer receives the mes