Classical Encryption

Techniques
Chapter – 2, Cryptography & Network Security,
William Stallings,
Fifth Edition
Symmetric Cipher Model
• plaintext
• ciphertext
• cipher
• key
• encipher (encrypt)
• decipher (decrypt)
• cryptography
• cryptanalysis
• cryptology
Threat Model and Symmetric Cipher Model
 Crypt Analysis and Brute Force Attack
• Cryptanalysis: Cryptanalytic attacks rely on the nature of the algorithm plus
perhaps some knowledge of the general characteristics of the plaintext or
even some sample plaintext–ciphertext pairs.
• Attack exploits the characteristics of the algorithm to attempt to deduce a
specific plaintext or to deduce the key being used.
• Brute-force attack: The attacker tries every possible key on a piece of
ciphertext until an intelligible translation into plaintext is obtained. On
average, half of all possible keys must be tried to achieve success.
Cryptanalytic Attacks on Encrypted Messages
• ciphertext only
• only know algorithm / ciphertext, statistical, can identify plaintext
• known plaintext
• know/suspect plaintext & ciphertext to attack cipher
• chosen plaintext
• select plaintext and obtain ciphertext to attack cipher
• chosen ciphertext
• select ciphertext and obtain plaintext to attack cipher
• chosen text
• select either plaintext or ciphertext to en/decrypt to attack cipher
More Terms to consider
• unconditional security
• no matter how much computer power is available, the cipher cannot be broken
since the ciphertext provides insufficient information to uniquely determine the
corresponding plaintext
• computational security
• given limited computing resources (eg time needed for calculations is greater than
age of universe), the cipher cannot be broken
Classical Substitution Ciphers
• where letters of plaintext are replaced by other letters or by numbers
or symbols
• or if plaintext is viewed as a sequence of bits, then substitution
involves replacing plaintext bit patterns with ciphertext bit patterns
Caesar Cipher
• earliest known substitution cipher created by Julius Caesar
• first attested use in military affairs
• replaces each letter by 3rd letter on C = E(p) = (p + k) mod (26)
p = D(C) = (C – k) mod (26)
• example:
meet me after the toga party
PHHW PH DIWHU WKH WRJD SDUWB
• can define transformation as:
a b c d e f g h i j k l m n o p q r s t u v w x y z - Plaintext
D E F G H I J K L M N O P Q R S T U V W X Y Z A B C – Ciphertext

• mathematically give each letter a number

a b c d e f g h i j k l m n o p q r s t u v w x y Z
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25
Cryptanalysis of Caesar Cipher
• only have 26 possible ciphers
• A maps to A,B,..Z
• could simply try each in turn
• a brute force search
• given ciphertext, just try all shifts of letters
• do need to recognize when have plaintext
Monoalphabetic Cipher
• rather than just shifting the alphabet
• could shuffle (jumble) the letters arbitrarily
• each plaintext letter maps to a different random ciphertext letter
• hence key is 26 letters long

Plain: abcdefghijklmnopqrstuvwxyz
Cipher: DKVQFIBJWPESCXHTMYAUOLRGZN
Plaintext: ifwewishtoreplaceletters
Ciphertext: WIRFRWAJUHYFTSDVFSFUUFYA
Monoalphabetic Cipher Security
• now have a total of 26! = 4 x 1026 keys
• with so many keys, might think is secure
• but would be !!!WRONG!!!
• problem is language characteristics
Language Redundancy and Cryptanalysis
• human languages are redundant
. letters are not equally commonly used
• in English e is by far the most common letter
• then T,R,N,I,O,A,S
• other letters are fairly rare
• cf. Z,J,K,Q,X
• have tables of single, double & triple letter frequencies
English Letter Frequencies
Use in Cryptanalysis
• key concept - monoalphabetic substitution ciphers do
not change relative letter frequencies
• discovered by Arabian scientists in 9th century
• calculate letter frequencies for ciphertext
• compare counts/plots against known values
• for monoalphabetic must identify each letter
• tables of common double/triple letters help
Example Cryptanalysis
• given ciphertext:
UZQSOVUOHXMOPVGPOZPEVSGZWSZOPFPESXUDBMETSXAIZ
VUEPHZHMDZSHZOWSFPAPPDTSVPQUZWYMXUZUHSX
EPYEPOPDZSZUFPOMBZWPFUPZHMDJUDTMOHMQ
• count relative letter frequencies (see text)
• guess P & Z are e and t
• guess ZW is th and hence ZWP is the
• proceeding with trial and error fially get:
it was disclosed yesterday that several informal but
direct contacts have been made with political
representatives of the viet cong in moscow
Polyalphabetic Ciphers
• another approach to improving security is to use multiple cipher
alphabets
• called polyalphabetic substitution ciphers
• makes cryptanalysis harder with more alphabets to guess and flatter
frequency distribution
• use a key to select which alphabet is used for each letter of the
message
• use each alphabet in turn
• repeat from start after end of key is reached
Vigenère Cipher
• simplest polyalphabetic substitution cipher is the Vigenère Cipher
• effectively multiple caesar ciphers
• key is multiple letters long K = k1 k2 ... kd
• ith letter specifies ith alphabet to use
• use each alphabet in turn
• repeat from start after d letters in message
• decryption simply works in reverse
Example
• write the plaintext out
• write the keyword repeated above it
• use each key letter as a caesar cipher key
• encrypt the corresponding plaintext letter
• eg using keyword deceptive
key: deceptivedeceptivedeceptive
plaintext: wearediscoveredsaveyourself
ciphertext:ZICVTWQNGRZGVTWAVZHCQYGLMGJ
Security of Vigenère Ciphers
• have multiple ciphertext letters for each plaintext letter
• hence letter frequencies are obscured
• but not totally lost
• start with letter frequencies
• see if look monoalphabetic or not
• if not, then need to determine number of alphabets, since then can
attach each
Autokey Cipher
• ideally want a key as long as the message
• Vigenère proposed the autokey cipher
• with keyword is prefixed to message as key
• knowing keyword can recover the first few letters
• use these in turn on the rest of the message
• but still have frequency characteristics to attack
• eg. given key deceptive
key: deceptivewearediscoveredsav
plaintext: wearediscoveredsaveyourself
ciphertext:ZICVTWQNGKZEIIGASXSTSLVVWLA