CLASSICAL ENCRYPTION TECHNIQUES

There are two basic building blocks of all encryption techniques: substitution and transposition.

1 SUBSTITUTION TECHNIQUES

A substitution technique is one in which the letters of plaintext are replaced by other letters or by
numbers or symbols. If the plaintext is viewed as a sequence of bits, then substitution involves
replacing plaintext bit patterns with cipher text bit patterns.

(i)Caesar cipher (or) shift cipher

The earliest known use of a substitution cipher and the simplest was by Julius Caesar. The Caesar cipher
involves replacing each letter of the alphabet with the letter standing 3 places further down the
alphabet.

e.g., Plain text : pay more money

Cipher text: SDB PRUH PRQHB

Note that the alphabet is wrapped around, so that letter following „z‟ is „a‟. For each plaintext letter
p, substitute the cipher text letter c such that

C =E(p) = (p+3) mod 26

A shift may be any amount, so that general Caesar algorithm is C = E (p) = (p+k) mod 26

Where k takes on a value in the range 1 to 25. The decryption algorithm is simply

P = D(C) = (C-k) mod 26

(ii) Playfair cipher

The best known multiple letter encryption cipher is the playfair, which treats digrams in the plaintext
as single units and translates these units into cipher text digrams. The playfair algorithm is based on
the use of 5x5 matrix of letters constructed using a keyword. Let the keyword be „monarchy‟. The
matrix is constructed by filling in the letters of the keyword (minus duplicates) from left to right and
from top to bottom, and then filling in the remainder of the matrix with the remaining letters in
alphabetical order.

The letter „i‟ and „j‟ count as one letter. Plaintext is encrypted two letters at a time according to
the following rules:

➢ Repeating plaintext letters that would fall in the same pair are separated with a filler letter
such as „x‟.

➢ Plaintext letters that fall in the same row of the matrix are each replaced by the letter to the
right, with the first element of the row following the last.
 ➢ Plaintext letters that fall in the same column are replaced by the letter beneath, with the top
element of the column following the last.

➢ Otherwise, each plaintext letter is replaced by the letter that lies in its own row and the column
occupied by the other plaintext letter.

Plaintext = meet me at the school house

Splitting two letters as a unit => me et me at th es ch ox ol ho us ex

Corresponding cipher text => CL KL CL RS PD IL HY AV MP HF XL IU

Strength of playfair cipher

➢ Playfair cipher is a great advance over simple mono alphabetic ciphers.

➢ Since there are 26 letters, 26x26 = 676 diagrams are possible, so identification of individual
digram is more difficult.

Frequency analysis is much more difficult.

Monoalphabetic Cipher

The specific form of substitution cipher is the Monoalphabetic Substitution Cipher, is known as “Simple
Substitution Cipher”. Monoalphabetic Substitution Ciphers based on an individual key mapping
function K, which consistently replaces a specific character α with a character from the mapping K (α).

A mono-alphabetic substitution cipher is a type of substitution ciphers in which the equivalent letters
of the plaintext are restored by the same letters of the ciphertext. Mono, which defines one, it signifies
that each letter of the plaintext has a single substitute of the ciphertext.
Caesar cipher is a type of Monoalphabetic cipher. It uses the similar substitution method to receive
the cipher text characters for each plain text character. In Caesar cipher, it can see that it is simply for
a hacker to crack the key as Caesar cipher supports only 25 keys in all. This pit is covered by utilizing
Monoalphabetic cipher.

In Monoalphabetic cipher, the substitute characters symbols supports a random permutation of 26

letters of the alphabet. 26! Permutations of the alphabet go up to 4*10^26. This creates it complex for
the hacker to need brute force attack to gain the key.

Mono-alphabetic cipher is a type of substitution where the relationship among a symbol in the
plaintext and a symbol in the cipher text is continually one-to-one and it remains fixed throughout the
encryption process.

These ciphers are considered largely susceptible to cryptanalysis. For instance, if ‘T’ is encrypted by ‘J’
for any number of appearance in the plain text message, then ‘T’ will continually be encrypted to ‘J’.

If the plaintext is “TREE”, thus the cipher text can be “ADOO” and this showcases that the cipher is
possibly mono-alphabetic as both the “O”s in the plaintext are encrypted with “E”s in the cipher text.

Although the hacker will not be capable to need brute force attack, it is applicable for consider the key
by using the All- Fearsome Statistical Attack. If the hacker understand the characteristics of plaintext
of any substitution cipher, then regardless of the size of the key space, it can simply break the cipher
using statistical attack. Statistical attack includes measuring the frequency distribution for characters,
comparing those with same statistics for English.

Polyalphabetic Cipher

Vigenere Cipher is a method of encrypting alphabetic text. It uses a simple form of polyalphabetic
substitution. A polyalphabetic cipher is any cipher based on substitution, using multiple substitution
alphabets. The encryption of the original text is done using the Vigenère square or Vigenère table.

• The table consists of the alphabets written out 26 times in different rows, each alphabet
shifted cyclically to the left compared to the previous alphabet, corresponding to the 26
possible Caesar Ciphers.

• At different points in the encryption process, the cipher uses a different alphabet from one of
the rows.

• The alphabet used at each point depends on a repeating keyword.

Example:

Input : Plaintext : GEEKSFORGEEKS

Keyword : AYUSH

Output : Ciphertext : GCYCZFMLYLEIM

For generating key, the given keyword is repeated in a circular manner until it matches the length of
the plain text.

The keyword "AYUSH" generates the key "AYUSHAYUSHAYU"

The plain text is then encrypted using the process explained below.

Encryption:
The first letter of the plaintext, G is paired with A, the first letter of the key. So use row G and column
A of the Vigenère square, namely G. Similarly, for the second letter of the plaintext, the second letter
of the key is used, the letter at row E, and column Y is C. The rest of the plaintext is enciphered in a
similar fashion.

Table to encrypt – Geeks

Decryption:
Decryption is performed by going to the row in the table corresponding to the key, finding the position
of the ciphertext letter in this row, and then using the column’s label as the plaintext. For example, in
row A (from AYUSH), the ciphertext G appears in column G, which is the first plaintext letter. Next, we
go to row Y (from AYUSH), locate the ciphertext C which is found in column E, thus E is the second
plaintext letter.

A more easy implementation could be to visualize Vigenère algebraically by converting [A-Z] into
numbers [0–25].

Encryption

The plaintext(P) and key(K) are added modulo 26.

Ei = (Pi + Ki) mod 26

Decryption

Di = (Ei - Ki) mod 26

Vernam Cipher

It is a method of encrypting alphabetic text. It is one of the Substitution techniques for converting plain
text into cipher text. In this mechanism we assign a number to each character of the Plain-Text, like (a
= 0, b = 1, c = 2, … z = 25).

Method to take key: In the Vernam cipher algorithm, we take a key to encrypt the plain text whose
length should be equal to the length of the plain text.

Encryption Algorithm:

➢ Assign a number to each character of the plain-text and the key according to alphabetical
order.

➢ Bitwise XOR both the number (Corresponding plain-text character number and Key character
number).

➢ Subtract the number from 26 if the resulting number is greater than or equal to 26, if it isn’t
then leave it.

Example

Plain-Text: O A K

Key: S O N

O ==> 14 = 0 1 1 1 0

S ==> 18 = 1 0 0 1 0

Bitwise XOR Result: 1 1 1 0 0 = 28

Since the resulting number is greater than 26, subtract 26 from it. Then convert the Cipher-Text
character number to the Cipher-Text character.

28 - 26 = 2 ==> C

CIPHER-TEXT: C

One Time Pad

One Time Pad algorithm is the improvement of the Vernam Cipher, proposed by An Army Signal Corp
officer, Joseph Mauborgne. It is the only available algorithm that is unbreakable(completely secure). It
is a method of encrypting alphabetic plain text. It is one of the Substitution techniques which converts
plain text into ciphertext. In this mechanism, we assign a number to each character of the Plain-Text.

The two requirements for the One-Time pad are

• The key should be randomly generated as long as the size of the message.

• The key is to be used to encrypt and decrypt a single message, and then it is discarded.
So encrypting every new message requires a new key of the same length as the new message in one-
time pad.

The ciphertext generated by the One-Time pad is random, so it does not have any statistical relation
with the plain text.

A B C D E F G H I J

0 1 2 3 4 5 6 7 8 9

K L M N O P Q R S T

10 11 12 13 14 15 16 17 18 19

U V W X Y Z

20 21 22 23 24 25

The relation between the key and plain text: In this algorithm, the length of the key should be equal to
that of plain text.

Examples:

Input: Message = HELLO, Key = MONEY Output: Cipher – TSYPM,

Message – HELLO

Explanation: Part 1: Plain text to Ciphertext

Plain text — H E L L O 7 4 11 11 14

Key — M O N E Y 12 14 13 4 24

Plain text + key 19 18 24 15 38

19 18 24 15 12 (= 38 – 26)

Cipher Text T S Y P M

Part 2: Ciphertext to Message

Cipher Text — T S Y P M 19 18 24 15 12 Key — M O N E Y 12 14 13 4 24

Cipher text – key 7 4 11 11 -12

7 4 11 11 14
Transposition Techniques:

Transposition Cipher is a cryptographic algorithm where the order of alphabets in the plaintext is
rearranged to form a cipher text. In this process, the actual plain text alphabets are not included.

Rail Fence Cipher

The rail fence cipher (also called a zigzag cipher) is a form of transposition cipher. It derives its name
from the way in which it is encoded.

In a transposition cipher, the order of the alphabets is re-arranged to obtain the cipher-text.
Encryption

• In the rail fence cipher, the plain-text is written downwards and diagonally on successive rails
of an imaginary fence.

• When we reach the bottom rail, we traverse upwards moving diagonally, after reaching the
top rail, the direction is changed again. Thus the alphabets of the message are written in a zig-
zag manner.

• After each alphabet has been written, the individual rows are combined to obtain the cipher-
text.

For example, if the message is “GeeksforGeeks” and the number of rails = 3 then cipher is prepared
as:

.’.Its encryption will be done row wise i.e. GSGSEKFREKEOE

Decryption

As we’ve seen earlier, the number of columns in rail fence cipher remains equal to the length of plain-
text message. And the key corresponds to the number of rails.

• Hence, rail matrix can be constructed accordingly. Once we’ve got the matrix we can figure-
out the spots where texts should be placed (using the same way of moving diagonally up and
down alternatively ).

• Then, we fill the cipher-text row wise. After filling it, we traverse the matrix in zig-zag manner
to obtain the original text.
Row Column Cipher / columnar transposition cipher

A simple example for a transposition cipher is columnar transposition cipher where each character in
the plain text is written horizontally with specified alphabet width. The cipher is written vertically,
which creates an entirely different cipher text.

Consider the plain text hello world, and let us apply the simple columnar transposition technique as
shown below

The plain text characters are placed horizontally and the cipher text is created with vertical format as
: holewdlo lr.

Now, the receiver has to use the same table to decrypt the cipher text to plain text.

Encryption

In a transposition cipher, the order of the alphabets is re-arranged to obtain the cipher-text.

1. The message is written out in rows of a fixed length, and then read out again column by
column, and the columns are chosen in some scrambled order.

2. Width of the rows and the permutation of the columns are usually defined by a keyword.

3. For example, the word HACK is of length 4 (so the rows are of length 4), and the permutation
is defined by the alphabetical order of the letters in the keyword. In this case, the order would
be “3 1 2 4”.

4. Any spare spaces are filled with nulls or left blank or placed by a character

5. Finally, the message is read off in columns, in the order specified by the keyword.
Decryption

To decipher it, the recipient has to work out the column lengths by dividing the message length by the
key length.

Then, write the message out in columns again, then re-order the columns by reforming the key word.

Symmetric Key Algorithms

Symmetric key algorithms are a type of cryptographic technique that uses a shared secret key for both
encryption and decryption. This means that the same key is used to encode and decode the message.
Symmetric key algorithms are generally faster and more efficient than asymmetric key algorithms, but
they require that the sender and receiver of a message share a secret key.

Here are some of the basic principles of symmetric key algorithms −

• The same key is used for both encryption and decryption − In symmetric key algorithms, the
same key is used to both encrypt and decrypt the message. This means that the sender and
receiver of a message must share the same secret key in order to communicate securely.

• Symmetric key algorithms are faster and more efficient than asymmetric key algorithms −
Symmetric key algorithms are generally faster and more efficient than asymmetric key
algorithms, as they do not require the use of complex mathematical operations such as
exponentiation. This makes them well-suited for applications that require fast encryption and
decryption, such as securing communication over the internet.

• Symmetric key algorithms are less secure than asymmetric key algorithms − While symmetric
key algorithms are generally faster and more efficient than asymmetric key algorithms, they
are also less secure. This is because the same key is used for both encryption and decryption,
which means that if the key is compromised, the security of the entire system is compromised.

Overall, symmetric key algorithms are an important type of cryptographic technique that are used to
secure communication and protect data. While they are generally faster and more efficient than
asymmetric key algorithms, they are also less secure and require that the sender and receiver of a
message share a secret key.

Cryptographic Strength of Symmetric Algorithms

The cryptographic strength of a symmetric key algorithm refers to its ability to resist attacks and protect
the confidentiality of the information it is used to encrypt. The cryptographic strength of a symmetric
key algorithm is determined by a variety of factors, including −

• Key size − The size of the key used in a symmetric key algorithm is a major determinant of its
cryptographic strength. In general, the larger the key size, the stronger the algorithm.

• Block size − The block size of a symmetric key algorithm refers to the size of the blocks of data
that are encrypted and decrypted using the algorithm. A larger block size can increase the
cryptographic strength of the algorithm.
 • Number of rounds − The number of rounds in a symmetric key algorithm refers to the number
of times that the encryption and decryption process is repeated. A larger number of rounds
can increase the cryptographic strength of the algorithm.

• Resistance to attacks − The resistance of a symmetric key algorithm to attacks, such as brute-
force attacks or differential cryptanalysis, is another factor that determines its cryptographic
strength. Algorithms that are resistant to these types of attacks are generally considered to be
stronger.

Overall, the cryptographic strength of a symmetric key algorithm is determined by a combination of

these and other factors. Stronger algorithms are generally more resistant to attacks and more effective
at protecting the confidentiality of the information they are used to encrypt.

Types of Symmetric Key Algorithms

There are several different types of symmetric key algorithms, including −

• Block ciphers − Block ciphers are symmetric key algorithms that operate on fixed-size blocks
of data and use a secret key to encrypt and decrypt the data. Examples of block ciphers include
the Advanced Encryption Standard (AES) and Blowfish.

• Stream ciphers − Stream ciphers are symmetric key algorithms that operate on a stream of
data and use a secret key to encrypt and decrypt the data. Stream ciphers are generally faster
and more efficient than block ciphers, but they are also generally considered to be less secure.

• Feistel ciphers − Feistel ciphers are a type of block cipher that are based on a structure known
as a Feistel network. They are widely used in symmetric key algorithms and are known for their
efficiency and ease of implementation.

• Substitution-permutation ciphers − Substitution-permutation ciphers are a type of block

cipher that use both substitution and permutation operations to encrypt and decrypt data.
They are known for their strong cryptographic properties and are used in many modern
symmetric key algorithms.

Feistel Cipher

It is not a specific scheme of block cipher. It is a design model from which many different block ciphers
are derived. DES is just one example of a Feistel Cipher. A cryptographic system based on Feistel cipher
structure uses the same algorithm for both encryption and decryption.

Encryption Process

The encryption process uses the Feistel structure consisting multiple rounds of processing of the
plaintext, each round consisting of a “substitution” step followed by a permutation step.

Feistel Structure is shown in the following illustration −

• The input block to each round is divided into two halves that can be denoted as L and R for the
left half and the right half.

• In each round, the right half of the block, R, goes through unchanged. But the left half, L, goes
through an operation that depends on R and the encryption key. First, we apply an encrypting
function ‘f’ that takes two input − the key K and R. The function produces the output f(R,K).
Then, we XOR the output of the mathematical function with L.

• In real implementation of the Feistel Cipher, such as DES, instead of using the whole encryption
key during each round, a round-dependent key (a subkey) is derived from the encryption key.
This means that each round uses a different key, although all these subkeys are related to the
original key.

• The permutation step at the end of each round swaps the modified L and unmodified R.
Therefore, the L for the next round would be R of the current round. And R for the next round
be the output L of the current round.

• Above substitution and permutation steps form a ‘round’. The number of rounds are specified
by the algorithm design.
 • Once the last round is completed then the two sub blocks, ‘R’ and ‘L’ are concatenated in this
order to form the ciphertext block.

The difficult part of designing a Feistel Cipher is selection of round function ‘f’. In order to be
unbreakable scheme, this function needs to have several important properties that are beyond the
scope of our discussion.

Decryption Process

The process of decryption in Feistel cipher is almost similar. Instead of starting with a block of plaintext,
the ciphertext block is fed into the start of the Feistel structure and then the process thereafter is
exactly the same as described in the given illustration.

The process is said to be almost similar and not exactly same. In the case of decryption, the only
difference is that the subkeys used in encryption are used in the reverse order.

The final swapping of ‘L’ and ‘R’ in last step of the Feistel Cipher is essential. If these are not swapped
then the resulting ciphertext could not be decrypted using the same algorithm.

The number of rounds used in a Feistel Cipher depends on desired security from the system. More
number of rounds provide more secure system. But at the same time, more rounds mean the
inefficient slow encryption and decryption processes. Number of rounds in the systems thus depend
upon efficiency–security tradeoff.

Data Encryption Standard (DES)

The Data Encryption Standard (DES) is a symmetric-key block cipher published by the National Institute
of Standards and Technology (NIST).

DES is an implementation of a Feistel Cipher. It uses 16 round Feistel structure. The block size is 64-bit.
Though, key length is 64-bit, DES has an effective key length of 56 bits, since 8 of the 64 bits of the key
are not used by the encryption algorithm (function as check bits only). General Structure of DES is
depicted in the following illustration −
Since DES is based on the Feistel Cipher, all that is required to specify DES is −

• Round function

• Key schedule

• Any additional processing − Initial and final permutation

Initial and Final Permutation

The initial and final permutations are straight Permutation boxes (P-boxes) that are inverses of each
other. They have no cryptography significance in DES. The initial and final permutations are shown as
follows −
Round Function

The heart of this cipher is the DES function, f. The DES function applies a 48-bit key to the rightmost
32 bits to produce a 32-bit output.
• Expansion Permutation Box − Since right input is 32-bit and round key is a 48-bit, we first
need to expand right input to 48 bits. Permutation logic is graphically depicted in the
following illustration −

• The graphically depicted permutation logic is generally described as table in DES specification
illustrated as shown −
• XOR (Whitener). − After the expansion permutation, DES does XOR operation on the expanded
right section and the round key. The round key is used only in this operation.

• Substitution Boxes. − The S-boxes carry out the real mixing (confusion). DES uses 8 S-boxes,
each with a 6-bit input and a 4-bit output. Refer the following illustration −

• The S-box rule is illustrated below −

 • There are a total of eight S-box tables. The output of all eight s-boxes is then combined in to
32 bit section.

• Straight Permutation − The 32 bit output of S-boxes is then subjected to the straight
permutation with rule shown in the following illustration:

Key Generation

The round-key generator creates sixteen 48-bit keys out of a 56-bit cipher key. The process of key
generation is depicted in the following illustration −

The logic for Parity drop, shifting, and Compression P-box is given in the DES description.
DES Analysis

The DES satisfies both the desired properties of block cipher. These two properties make cipher very
strong.

• Avalanche effect − A small change in plaintext results in the very great change in the
ciphertext.

• Completeness − Each bit of ciphertext depends on many bits of plaintext.

During the last few years, cryptanalysis have found some weaknesses in DES when key selected are
weak keys. These keys shall be avoided.

DES has proved to be a very well-designed block cipher. There have been no significant cryptanalytic
attacks on DES other than exhaustive key search.