Model for Network Security

Trusted third party

(e.g., arbiter, distributer
of secret information)

Sender Recipient
Security -related Info. Security -related
Channel

Message

Message
Message

Message
Transformation Transformation

Secure
Secure
Secret Secret
Information Opponent Information
Encryption and Decryption

Hello f7#er Hello

Sender Encryption Decryption Receiver
Symmetric Cipher Model (Conventional Encryption)
Secret key shared by Secret key shared by
sender and recipient sender and recipient
K
K
Transmitted
cipher text
Y = E(K, X)
X X
Plaintext Encryption Algorithm Decryption Algorithm Plaintext
input (e.g. AES) (reverse of encryption output
algorithm)
 Plaintext is the original intelligible message or data that is fed into
the algorithm as input.
 Encryption algorithm performs various substitutions and
transformations on the plaintext.
 Ciphertext is the scrambled message produced as output.
 It depends on the plaintext and the secret key.
 The ciphertext is an apparently random stream of data and, as it stands, is unintelligible.
 Decryption algorithm is essentially the encryption algorithm run in reverse.
 It takes the ciphertext and the secret key and produces the original plaintext.
 The secret key is also input to the encryption algorithm.
 The key is a value independent of the plaintext and of the algorithm.
 The algorithm will produce a different output depending on the specific key being used at
the time.
 An opponent, observing Y but not having access to K or X, may
attempt to recover X or K or both X and K.
 If the opponent is interested in only this particular message, then
he will focus to recover X by generating a plaintext estimate .
 Often, however, the opponent is interested in being able to read
future messages as well, in which case an attempt is made to
recover K by generating an estimate .
Kerckhoff’s Principle
 Based on Kerckhoff’s principle, one should always assume that the adversary, Eve, knows
the encryption/decryption algorithm. The resistance of the cipher to attack must be based
only on the secrecy of the key.
Cryptanalysis
 As cryptography is the science and art of creating secret codes, cryptanalysis is the science
and art of breaking those codes
Cryptanalysis and Brute-Force Attack
 Cryptanalysis: Cryptanalytic attacks rely on the nature of the algorithm and some
knowledge of the general characteristics of the plaintext or even some sample plaintext–
ciphertext pairs.
 This type of attack exploits the characteristics of the algorithm to attempt to derive a
specific plaintext or to derive the key being used.
 Brute-force attack: The attacker tries every possible key on a piece of ciphertext until an
intelligible translation into plaintext is obtained.
 On average, half of all possible keys must be tried to achieve success.
Attacks on Encrypted Messages
Type of Attack Known to cryptanalyst
Ciphertext Only Encryption algorithm, Ciphertext
Attacks on Encrypted Messages
Type of Attack Known to cryptanalyst
Known Plaintext Encryption algorithm, Ciphertext, One or more plaintext-
cipher text pairs formed with the secret key
Attacks on Encrypted Messages
Type of Attack Known to cryptanalyst
Chosen Plaintext Encryption algorithm, Ciphertext, Plaintext message chosen by
cryptanalyst
Attacks on Encrypted Messages
Type of Attack Known to cryptanalyst
Chosen Encryption algorithm, Ciphertext, Ciphertext chosen by
Ciphertext cryptanalyst, with its corresponding decrypted plaintext
generated with the secret key
Attacks on Encrypted Messages
Type of Attack Known to cryptanalyst
Chosen text Encryption algorithm, Ciphertext, Plaintext chosen by
cryptanalyst, with its corresponding ciphertext generated with
the secret key , Ciphertext chosen by cryptanalyst, with its
corresponding decrypted plaintext generated with the secret
key
Cipher Techniques
Classical Techniques
Substitution Cipher
Monoalphabetic
1. Additive cipher (Special case of affine cipher where k1=1)
2. Caesar cipher (Special case of affine cipher where k1=1)
3. Multiplicative cipher (Special case of affine cipher where k2=0)
4. Affine Cipher
Polyalphabetic
5. Playfair Cipher
6. Hill Cipher
7. Vigenere
8. Vernam
9. One-Time Pad
Transpositional Cipher
10. Railfence Cipher
Category of substitution cipher
 A substitution cipher replaces one symbol with another. Substitution ciphers can be
categorized as either monoalphabetic ciphers or polyalphabetic ciphers.

 In monoalphabetic substitution, the relationship between a symbol in the plaintext to a

symbol in the ciphertext is always one-to-one.

 In polyalphabetic substitution, each occurrence of a character may have a different

substitute. The relationship between a character in the plaintext to a character in the
ciphertext is one-to-many.
Monoalphabetic Cipher
 The following shows a plaintext and its corresponding ciphertext. The cipher is probably
monoalphabetic because both l’s (els) are encrypted as O’s.

 The simplest monoalphabetic cipher is the additive cipher. This cipher is sometimes called
a shift cipher and sometimes a Caesar cipher, but the term additive cipher better reveals
its mathematical nature.

 When the cipher is additive, the plaintext, ciphertext, and key are integers in Z26.
1) Additive or Caesar Cipher
 The Caesar cipher involves replacing each letter of the alphabet with the letter standing
three places further down the alphabet.
 In encryption each plaintext letter P, substitute the ciphertext letter C:

C = E(k, P) = (P + k) mod 26
 C = E(3, P) = (P + 3) mod 26
For decryption algorithm is:

P = D(k, C) = (C - k) mod 26
Caesar Cipher (Cont…)
 Let us assign a numerical equivalent to each letter
a b c d e f g h i j k l m
0 1 2 3 4 5 6 7 8 9 10 11 12
n o p q r s t u v w x y z
13 14 15 16 17 18 19 20 21 22 23 24 25

C = E(3, P) = (P + 3) mod 26
plain: a b c d e f g h i j k l m n o p q r s t u v w x
y z
cipher: d e f g h i j k l m n o p q r s t u v w x y z a
Example:
b c
Plaintext: THE QUICK BROWN FOX
Ciphertext: WKH TXLFN EURZQ IRA
Brute force attack on Caesar Cipher
 The encryption and decryption algorithms are known.
 There are only 25 keys to try.
 The language of the plaintext is known and easily recognizable.
Brute force attack on Caesar Cipher
Ciphertext: ZNK WAOIQ HXUCT LUD
Key Transformed text Key Transformed text
1 YMJ VZNHP GWTBS KTC 14 LZW IMAUC TJGOF XGP
2 XLI UYMGO FVSAR JSB 15 KYV HLZTB SIFNE WFO
3 WKH TXLFN EURZQ IRA 16 JXU GKYSA RHEMD VEN
4 VJG SWKEM DTQYP HQZ 17 IWT FJXRZ QGDLC UDM
5 UIF RVJDL CSPXOGPY
18 HVS EIWQY PFCKB TCL
6 THE QUICK BROWN FOX
19 GUR DHVPX OEBJA SBK
7 SGD PTHBJ AQNVM ENW
8 RFC OSGAI ZPMUL DMV 20 FTQ CGUOW NDAIZ RAJ
9 QEB NRFZH YOLTK CLU 21 ESP BFTNV MCZHY QZI
10 PDA MQEYG XNKSJ BKT 22 DRO AESMU LBYGX PYH
11 OCZ LPDXF WMJRI AJS 23 CQN ZDRLT KAXFW OXG
12 NBY KOCWE VLIQH ZIR 24 BPM YCQKS JZWEV NWF
13 MAX JNBVD UKHPG YHQ 25 AOL XBPJR IYVDU MVE
2) Simple substitution
 It is an improvement to the Caesar Cipher.
 Instead of shifting the alphabets by some number, this scheme uses some permutation of
the letters in alphabet.
 The sender and the receiver decide on a randomly selected permutation of the letters of
the alphabet.
 With 26 letters in alphabet, the possible permutations are 26! which is equal to 4x1026.

plain: a b c d e f g h i j k l m n o p q r s t u v w x
y z
cipher: y n l k x b s h m i w d p j r o q v f e a u g t
z c
Attack on Monoalphabetic Cipher
 The relative frequencies of the letters in the ciphertext (in percentages) are

Ciphertext:
uzqsovuohxmopvgpozpevsgzwszopfpesxudbmetsxaizvuephzhmdzs
hzowsfpappdtsvpquzwymxuzuhsxepyepopdzszufpombzwpfupzhmdj
udtmohmq
 In our ciphertext, the most common digram is ZW, which appears
three times. So equate Z with t, W with h and P with e.
 Now notice that the sequence ZWP appears in the ciphertext, and
we can translate that sequence as “the.”
Attack on Monoalphabetic Cipher (Cont…)
 If the cryptanalyst knows the nature of the plaintext, then the analyst can exploit the
regularities of the language.
 The relative frequency of the letters can be determined and compared to a standard
frequency distribution for English.
 If the message were long enough, this technique alone might be sufficient, but because
this is a relatively short message, we cannot expect an exact match.
3. Multiplicative cipher
 Multiplicative cipher to encrypt the message “hello” with a key of 7. The ciphertext is
“XCZZU”.
4. Affine cipher
 The affine cipher uses a pair of keys in which the first key is from Z 26* and the second is
from Z26. The size of the key domain is 26 × 12 = 312.
 Use an affine cipher to encrypt the message “hello” with the key pair (7, 2).

 Use the affine cipher to decrypt the message “ZEBBW” with the key pair (7, 2) in modulus
26.

The additive cipher is a special case of an affine cipher in which

k1 = 1. The multiplicative cipher is a special case of affine cipher in which k 2 = 0.
 Because additive, multiplicative, and affine ciphers have small key domains, they are very
vulnerable to brute-force attack.
 A better solution is to create a mapping between each plaintext character and the
corresponding ciphertext character. Alice and Bob can agree on a table showing the
mapping for each character.
 An example key for monoalphabetic substitution cipher
Polyalphabetic cipher
 In polyalphabetic substitution, each occurrence of a character may have a different
substitute. The relationship between a character in the plaintext to a character in the
ciphertext is one-to-many
Autokey Cipher

Plaintext = "HELLO"
Autokey = N
Ciphertext = "ULPWZ"
Example
 Given plain text is : H E L L O Let's decrypt:
 Key is :NHELL
Cipher Text(C) :U L P W Z
 Let's encrypt: Key(K) :N H E L L
---------------------
 Plain Text(P) Applying the formula: H E L L O
:H E L L O
Hence Plaintext is: HELLO
 Corresponding Number: 7 4 11 11 14
 Key(K) :N H E L L
 Corresponding Number: 13 7 4 11 11
---------------------
Applying the formula: 20 11 15 22 25
Letters are :U L P W Z

 Hence Ciphertext is: ULPWZ

1. Playfair Cipher
 The Playfair algorithm is based on a 5 × 5 matrix (key) of letters.
 The matrix is constructed by filling in the letters of the keyword (minus duplicates) from
left to right and from top to bottom, and then filling in the remainder of the matrix with
the remaining letters in alphabetic order. The letters I and J count as one letter.

O C U R E
Example: N A B D F
Keyword= OCCURRENCE
Plaintext= TALL TREES G H I/J K L
M P Q S T
V W X Y Z
Playfair Cipher - Encrypt Plaintext
 Playfair, treats digrams (two letters) in the plaintext as single units and translates these
units into ciphertext digrams.
 Make Pairs of letters add filler letter “X” if same letter appears in a pair.

Plaintext= TALL TREES

Plaintext= TA LX LT RE
 If there is anESodd number of letters, then add uncommon letter to complete digram, a X/Z
may be added to the last letter.
Playfair Cipher - Encrypt Plaintext
 Map each pair in key matrix
O C U R E
Plaintext= TA LX LT RE
ES N A B D F
Ciphertext= PF IZ TZ EO
RT G H I/J K L
M P Q S T
V W X Y Z
 If the
theletters
lettersare
letters on different
appear
appear ononthe rows
thesame
sameand columns,
column,
row, replace
replace
replace themthem
them withwith
with the
the letters
letters on other
toimmediately
their corner
immediate of
below, the
right same row.
wrapping
respectively,
around
wrapping
to thearound
top to
if
 The
the order
necessary.
left sideisofimportant - the first letter of the pair should be
the row if necessary.
 replaced
For example,first. using the table above,
above, the
the letter
letter pair
pair RE
LT would be
 For example,
encoded TZ.using the table above, the letter pair TA would be
as EO.
encoded as PF.
Playfair Cipher Examples
1. Key= “ engineering ” Plaintext=” test this process ”
2. Key= “ keyword ” Plaintext=” come to the window ”
3. Key= “ moonmission ” Plaintext=” greet ”
E N G I R Encrypted Message: K E Y W Encrypted Message:
A B C D F pi tu pm gt ue lf gp xg O lc nk zk vf yo gq ce
bw
H K L M O R D A B
P Q S T U C
V W X Y Z F G H I
M O N I S Encrypted Message: L
A B C D E hq cz du M N P Q
F G H K L S
P Q R T U T U V X
V W X Y Z Z
Limitations
 Key Size: The key space of the Playfair cipher is relatively small, especially when compared to modern
encryption standards. The 5x5 key matrix allows for only 25 possible starting positions, making it
susceptible to brute force attacks.

 Key Distribution: Distributing and securely managing the key can be challenging. If the key is
compromised, the entire encryption system becomes vulnerable.

 Known-plaintext Attacks: The Playfair cipher is susceptible to known-plaintext attacks. If an attacker has
access to some parts of the encrypted text and the corresponding plaintext, they can analyze the
patterns and potentially deduce parts of the key.

 Frequency Analysis: Similar to other classical ciphers, frequency analysis can be applied to ciphertext
encrypted with the Playfair cipher. This involves analyzing the frequency of certain digraphs (pairs of
letters) to deduce information about the plaintext.
 Insecure for Large Data: The Playfair cipher is not well-suited for encrypting large amounts of data. It
was primarily designed for manual encryption and decryption of short messages.

 Limited Alphabet: The Playfair cipher works with a 5x5 grid of letters, so it cannot handle characters
outside of the English alphabet. This limitation makes it unsuitable for encrypting messages in other
languages or containing special characters.

 No Authentication: The Playfair cipher does not provide any form of authentication. An attacker might
modify the ciphertext, and the recipient would have no way of knowing if the message has been
tampered with.

 Cryptanalysis Techniques: Various cryptanalysis techniques, such as hill climbing and simulated
annealing, can be applied to break the Playfair cipher, especially when multiple rounds of encryption
are used.
2. Hill Cipher
 Hill Cipher is a popular symmetric key encryption algorithm that was developed by Lester S.
 Hill in 1929. It is a polygraphic substitution cipher that encrypts plaintext by dividing it into
blocks of n letters and transforming those blocks using a matrix-based algorithm.
 Hill Cipher is widely used in various applications, including military communications,
banking, and computer security.
Use Cases of Hill Cipher:
 Military communications: Hill Cipher has been used by the military to encrypt sensitive
communications and protect them from interception.
 Banking: Hill Cipher has been used by banks to protect financial transactions and customer
data from unauthorized access.
 Computer security: Hill Cipher has been used in various computer security applications,
including encryption of passwords and other sensitive data.
Encryption Process of Hill Cipher:
 Hill Cipher encrypts plaintext by dividing it into blocks of n letters and transforming those
blocks using a matrix-based algorithm.
 The encryption algorithm involves multiplying the block of plaintext by a key matrix to
produce a block of ciphertext.
 The key matrix used for encryption must be invertible, meaning that it has an inverse
matrix that can be used for decryption.

* Hill Cipher can be made more secure by using larger block sizes and more complex key
matrices.
Decryption Process of Hill Cipher:
 Hill Cipher decrypts ciphertext by multiplying the block of ciphertext by the inverse of the
key matrix to produce a block of plaintext.
 The inverse matrix is calculated using matrix algebra and must exist for decryption to be
possible.
 The decrypted plaintext is then reassembled from the blocks of n letters.
Hill Cipher
 Hill cipher is based on linear algebra
 Each letter is represented by numbers from 0 to 25 and calculations are done modulo 26.
 Encryption and decryption can be given by the following formula:
Encryption:
C=P.K mod 26
Decryption:
P=C.K-1 mod 26

mod 26
Hill Cipher Encryption
 To encrypt a message using the Hill Cipher we must first turn our keyword and plaintext
into a matrix (a 2 x 2 matrix or a 3 x 3 matrix, etc).

Example: Key = “HILL”, Plaintext = “EXAM”

a b c d e f g h i j k l m
0 1 2 3 4 5 6 7 8 9 10 11 12
n o p q r s t u v w x y z
13 14 15 16 17 18 19 20 21 22 23 24 25

=
Hill Cipher Encryption (Cont…)
== Plaintext
( )( ) ( )( )
E
X
A
M
=
4
23
0
12

C=P.K mod 26
( 7
11
8
11 )( )
4
23 ( 7
11
8
11 )( )
0
12

x 4 + 8 x 23 = 212 x 0 + 8 x 12 = 96
x 4 + 11 x 23 = 297 x 0 + 11 x 12 = 132

( 7
11
8
11 )( ) (
4
23
=
2 12
297 ) ( 7
11
8
11 )( ) (
0
12
=
96
132 )
= mod 26 = = mod 26 =

Ciphertext = “ELSC”
Hill Cipher Decryption
P=CK-1 mod 26
Step:1 Find Inverse of key matrix
Step:2 Multiply the Multiplicative Inverse of the Determinant by the Adjoin Matrix
Step:3 Multiply inverse key matrix with ciphertext matrix to obtain plaintext matrix
Inverse of key matrix
2 X 2 inverse of matrix

[ ] [ ]
−1
a b 1 d −b
=
c d ad − cb −c a

3 X 3 inverse of matrix

−1 1
A = ∙ adjoin( A )
determinant ( A )
Hill Cipher Encryption (Cont…)
= Ciphertext
( )( ) ( )( )
E
L
S
C
=
4
11
18
2

P=CK-1 mod 26
( 25
1
22
23 )( )
4
11 ( 25
1
22
23 )( )
18
2

x 4 + 22 x 11 = 342 x 18 + 22 x 2 = 494
x 4 + 23 x 11 = 257 x 18 + 23 x 2 = 64

( 25
1
22
23 )( ) (
4
11
=
342
257 ) ( 7
11
8
11 )( ) (
0
12
=
494
64 )
= mod 26 = = mod 26 =

Plaintext = “EXAM”
  Some cryptography books express the plaintext and ciphertext as column vectors, so that
the column vector is placed after the matrix rather than the row vector placed before the
matrix.
 We have to encrypt the message ‘ACT’ (n=3).The key is ‘GYBNQKURP’ which can be
written as the nxn matrix:

• Our plain text matrix is multiplied by

matrix of randomly chosen key.
• The matrix is of size nxn, where n is
the number of row in our plain text.
Weaknesses of Hill Cipher:
 Hill Cipher is vulnerable to brute force attacks, especially when the block size is small and
the key is weak.
 Hill Cipher is vulnerable to known plaintext attacks, where an attacker has access to both
plaintext and ciphertext.
 Hill Cipher can be vulnerable to cryptanalysis attacks, where an attacker analyzes the
ciphertext to gain insight into the key matrix used for encryption.
Examples
 consider the plaintext “paymoremoney” and use the encryption key k
 The first three letters of the plaintext are represented by the vector (15 0 24) .
 Then (15 0 24)K = (303 303 531) mod 26 = (17 17 11) = RRL.
 Continuing in this fashion, the ciphertext for the entire plaintext is RRLMWBKASPDH.
 Decryption requires using the inverse of the matrix K. We can compute det K = 23 , and
therefore, (det K)-1mod 26 = 17. We can then compute the inverse as
3. Vigenere Cipher
Keyword : DECEPTIVE
Key : DECEPTIVEDECEPTIVEDECEPTIVE
Plaintext : WEAREDISCOVEREDSAVEYOURSELF
Ciphertext : ZICVTWQNGRZGVTWAVZHCQYGLMGJ
C =( P1 + K 1 , P 2+ K 2 , … P m + K m ) mod 26
P =( C 1 − K 1 ,C 2 − K 2 , … Cm − K m ) mod 26

An analyst looking at only the ciphertext would detect the repeated

sequences VTW at a displacement of 9 and make the assumption that the
keyword is either three or nine letters in length.
This system is
Keyword : DECEPTIVE referred as
Key : DECEPTIVEWEAREDISCOVEREDSAV an autokey
Plaintext : WEAREDISCOVEREDSAVEYOURSELF system
 Plaintext

K
e
y

PT = HELLO
KEY = GMGMG
CT = NQRXU
4. Vernam Cipher
 One of the goals of cryptography is perfect secrecy. A study by Shannon has shown that
perfect secrecy can be achieved if each plaintext symbol is encrypted with a key
 randomly chosen from a key domain. This idea is used in a cipher called one-time pad,
invented by Vernam

 The ciphertext is generated by applying the logical XOR operation to the individual bits of
plaintext and the key stream.
5. One time pad
 The one-time pad, which is a provably secure cryptosystem,
was developed by Gilbert Vernam in 1918.
 The message is represented as a binary string (a sequence of 0’s
and 1’s using a coding mechanism such as ASCII coding.
 The key is a truly random sequence of 0’s and 1’s of the same
length as the message.
 message =‘IF’
 then its ASCII code =(1001001 1000110)
 key = (1010110 0110001)
 Encryption:
• 1001001 1000110 plaintext
• 1010110 0110001 key
• 0011111 1110110 ciphertext
Transposition Ciphers
 A transposition cipher does not substitute one symbol for another, instead it changes the
location of the symbols.
 The simplest such cipher is the rail fence technique, in which the plaintext is written down
as a sequence of diagonals and then read off as a sequence of rows.
 For example, to send the message “Meet me at the park” to Bob, Alice writes

 She then creates the ciphertext “MEMATEAKETETHPR”.

1. Rail fence technique
 A more complex scheme is to write the message in a rectangle, row by row, and read the
message off, column by column, but permute the order of the columns.
 The order of the columns then becomes the key to the algorithm.

Key: 4 3 1 2 5 6 7
Plaintext: a t t a c k p
o s t p o n e
d u n t i l t
w o a m x y z
Ciphertext: TTNAAPTMTSUOAODWCOIXKNLYPETZ
Same thing can be used as a matrices to show the encryption/decryption process for a
transposition cipher.
Double transposition
Cryptography and Cryptanalysis
 Cryptography and Cryptanalysis
• Cryptography is the study of the design of techniques for ensuring the secrecy and/or
authenticity of information
• Cryptanalysis deals with the defeating such techniques to recover information, or
forging information that will be accepted as authentic
STREAM AND BLOCK CIPHERS
Symmetric encryption algorithms are categorized into two: block and stream ciphers.
• Stream Ciphers
• Block Ciphers
• Combination
Symmetric cryptography involves using a shared key/secret to access an encoded message
between two entities. The sender shares the key cipher with the receiver to decrypt the
message. The encryption algorithm emulates a one-time pad system to protect the original
message from unauthorized access.
The cipher algorithms generate a truly random key cipher used only once with the one-time
pad system. Anyone who does not possess the secret/key cannot interpret the encrypted
message.
 Block ciphers encrypt data in blocks of set lengths, while stream ciphers do not and
instead encrypt plaintext one byte at a time. The two encryption approaches, therefore,
vary widely in implementation and use cases.
 Block ciphers convert data in plaintext into ciphertext in fixed-size blocks. The block size
generally depends on the encryption scheme and is usually in octaves (64-bit or 128-bit
blocks).
• If the plaintext length is not a multiple of 8, the encryption scheme uses padding to ensure complete
blocks. For instance, to perform 128-bit encryption on a 150-bit plaintext, the encryption scheme
provides two blocks, 1 with 128 bits and one with the 22 bits left. 106 Redundant bits are added to the
last block to make the entire block equal to the encryption scheme’s ciphertext block size.
Cryptographic Algorithms
 Cryptographic algorithms and protocols can be grouped into four
main areas
Cryptographic
algorithms and
protocols

Symmetric Asymmetric Data integrity Authentication

encryption encryption algorithms protocols

 Data integrity
Authentication
Symmetric
Asymmetric algorithms
Protocols
encryption
encryption usedused
used to to
are
to protect
schemes
conceal
secure theblocks
based
small of
ondata,
contents
blocks the
of
of such
data,
blocks as
usesuch
of
or
messages,
streams
as offrom
cryptographic
encryptiondata alteration.
algorithms
keys
of any designed
and size,
hash to authenticate
including
function messages,
values, whichtheare
files, identity
used of
encryption
in
entities.
keys,
digital
and
signatures.
passwords