Cryptography

LEC2
Lec Points
Introduction.
Cryptography Components.
Categories of Cryptography.

2
Introduction

• Network security is mostly achieved through the use of

cryptography, a science based on abstract algebra.
• Cryptography, a word with Greek origins, means "secret
writing." However, we use the term to refer to the science
and art of transforming messages to make them secure and
immune to attacks.
• The many schemes used for encryption constitute the area
of study known as cryptography.

3
Cryptography
Components

4
• Plaintext and Ciphertext:
The original message, before being transformed, is called
plaintext. After the message is transformed, it is called
ciphertext.
• Cipher:
We refer to encryption and decryption algorithms as ciphers.
• Key:
A key is a number (or a set of numbers) that the cipher, as an
algorithm, operates on.

5
• The process of converting from plaintext to ciphertext is
known as enciphering or encryption; restoring the
plaintext from the ciphertext is deciphering or
decryption.
• To encrypt a message, we need an encryption algorithm,
an encryption key, and the plaintext. These create the
ciphertext. To decrypt a message, we need a decryption
algorithm, a decryption key, and the ciphertext. These
reveal the original plaintext.

6
Categories of
Cryptography

We can divide all the cryptography algorithms (ciphers) into

two groups: symmetric key (also called secret-key)
cryptography algorithms and asymmetric (also called public-
key) cryptography algorithms.

7
Symmetric-Key
Cryptography

In symmetric-key cryptography, the same key is used by both

parties. The sender uses this key and an encryption algorithm
to encrypt data; the receiver uses the same key and the
corresponding decryption algorithm to decrypt the data.

8
Symmetric-Key
Cryptography

9
 Symmetric Cipher
Model
A symmetric encryption scheme has five ingredients:
● Plaintext: This is the original intelligible message or data
that is fed into the algorithm as input.
● Encryption algorithm: The encryption algorithm performs
various substitutions and transformations on the plaintext.
● Secret key: The secret key is also input to the encryption
algorithm. The key is a value independent of the plaintext and
of the algorithm. The algorithm will produce a different output
depending on the specific key being used at the time. The exact
substitutions and transformations performed by the algorithm
depend on the key.
10
● Ciphertext: This is the scrambled message produced as
output. It depends on the plaintext and the secret key. For a
given message, two different keys will produce two different
ciphertexts. The ciphertext is an apparently random stream of
data and, as it stands, is unintelligible.
● Decryption algorithm: This is essentially the encryption
algorithm run in reverse. It takes the ciphertext and the secret
key and produces the original plaintext.

11
Requirements for Security
• Strong encryption algorithm.
– Even if known, should not be able to decrypt or work
out key.
• Sender and receiver must obtain secret key securely.
• Once key is known, all communication using this key is
readable.
Asymmetric-Key
Cryptography

• In asymmetric or public-key cryptography, there are two

keys: a private key and a public key. The private key is
kept by the receiver. The public key is available to the
public.
• the public key that is used for encryption is different from
the private key that is used for decryption.
• is imagine Alice wants to send a message to Bob. Alice
uses the public key to encrypt the message. When the
message is received by Bob, the private key is used to
decrypt the message.

13
Asymmetric-Key
Cryptography

14
Types of Keys
• we are dealing with three types of keys in cryptography:
the secret key, the public key, and the private key. The first,
the secret key, is the shared key used in symmetric-key
cryptography. The second and the third are the public and
private keys used in asymmetric-key cryptography.

15
16
SYMMETRIC-KEY CRYPTOGRAPHY

17
General idea of a symmetric-key cipher
• Encryption: C = Ek(P)
• Decryption: P = Dk(C)
• encryption and decryption public but keep
the shared key secret.
• secured channel, trust a third party to give
them the same key.
symmetric-key ciphers
Substitution Cipher
• A substitution cipher substitutes one symbol with another. If
the symbols in the plaintext are alphabetic characters, we
replace one character with another.
• Substitution ciphers can be categorized as either
monoalphabetic or polyalphabetic ciphers.
• In a monoalphabetic cipher, a character (or a symbol) in the
plaintext is always changed to the same character (or
symbol) in the ciphertext regardless of its position in the
text.
• In other words, the relationship between characters in the
plaintext and the ciphertext is a one-to-one relationship.
21
• In a polyalphabetic cipher, each occurrence of a character can have a
different substitute. The relationship between a character in the
plaintext to a character in the ciphertext is a one-to-many relationship.
Example1:
The following shows a plaintext and its corresponding ciphertext. Is the
cipher monoalphabetic?
Plaintext: HELLO
Ciphertext: KHOOR
Solution
The cipher is probably monoalphabetic because both occurrences of L's
are encrypted as O's.

22
Example 2:
The following shows a plaintext and its corresponding
ciphertext. Is the cipher monoalphabetic?
Plaintext: HELLO
Ciphertext: ABNZF
Solution
The cipher is not monoalphabetic because each occurrence of
L is encrypted by a different character.
The first L is encrypted as N; the second as Z.

23
 Shift Cipher
• The simplest monoalphabetic cipher is probably the shift
cipher. We assume that the plaintext and ciphertext consist of
letters only. In this cipher, the encryption algorithm is "shift
key characters down," with key equal to some number. The
decryption algorithm is "shift key characters up.“
• Julius Caesar used the shift cipher to communicate with his
officers. For this reason, the shift cipher is sometimes referred
to as the Caesar cipher. Caesar used a key of 3 for his
communications

24
 Caesar Cipher
The Caesar cipher involves replacing each letter of the alphabet
with the letter standing three places further down the alphabet. For
example:
plain: meet me after the party
cipher: PHHW PH DIWHU WKH SDUWB

Note that the alphabet is wrapped around, so that the letter

following Z is A. We can define the transformation by listing all
possibilities, as follows:

plain: a b c d e f g h i j k l m n o p q r s t u v w x y z
cipher: D E F G H I J K L M N O P Q R S T U V W X Y Z A B C
25
 Caesar Cipher

Then the algorithm can be expressed as follows. For each plaintext

letter p, substitute the ciphertext letter C:

C = E(k, p) = (p + k) mod 26

If it is known that a given ciphertext is a Caesar cipher, then a brute-

force cryptanalysis is easily performed: Simply try all the 25 possible
keys.

26
 Caesar Cipher

Three important characteristics of this problem enabled us to use a

brute-force cryptanalysis:

•The encryption and decryption algorithms are known.

•There are only 25 keys to try.
•The language of the plaintext is known and easily recognizable.

27
Additive cipher
Representation of plaintext and ciphertext
characters in modulo 26
Example:
Example:
Figure An example key for a monoalphabetic
substitution cipher

Example:
 In a polyalphabetic cipher, each occurrence
of a character may have a different
substitute.
 Example 4
Assume that Alice and Bob agreed to use an autokey cipher with
initial key value k1 = 12. Now Alice wants to send Bob the message
“Attack is today”. Enciphering is done character by character.

3.34
Transposition Ciphers
• In a transposition cipher, there is no substitution of
characters; instead, their locations change. A character in
the first position of the plaintext may appear in the tenth
position of the ciphertext. A character in the eighth
position may appear in the first position. In other words, a
transposition cipher reorders the symbols in a block of
symbols.
• In a transposition cipher, the key is a mapping between the
position of the symbols in the plaintext and cipher text.

35
36
Example:
Stream Ciphers and Block
Ciphers

A stream cipher is one that encrypts a digital data stream

one bit or one byte at a time.
A block cipher is one in which a block of plaintext is treated
as a whole and used to produce a ciphertext block of equal
length.

38
Simple Modern Ciphers

A modern symmetric cipher is a combination of simple

ciphers. In other words, a modern cipher uses several simple
ciphers to achieve its goal. We first discuss these simple
ciphers:
•XOR Cipher:
it uses the exclusive-or operation.
 XOR operation needs two data inputs: plaintext, and a key.
the result is the encrypted block.

39
• Rotation Cipher:
 Another common cipher is the rotation cipher, in which the
input bits are rotated to the left or right. the rotation cipher
can be considered a special case of the transpositional
cipher using bits instead of characters.
 the number of rotations must be between 1 and N-1.
 The decryption algorithm for the rotation cipher uses the
same key and the opposite rotation direction.

40
• Substitution Cipher: S-box
 The input to an S-box is a stream of bits with length N; the
result is another stream of bits with length M.
 N and M are not necessarily the same.
 used as an intermediate stage of encryption or decryption.
 The function that matches the input to the output may be
defined mathematically or by a table.

41
• Transposition Cipher: P-box
 The function that matches the input to the output may be
defined mathematically or by a table.
 We can have three types of permutations in P-boxes: the
straight permutation, expansion permutation, and
compression permutation.

42
43
Round Cipher:

 involve multiple rounds.

 The key used in each round is a subset or variation of the
general key called the round key.
 If the cipher has N rounds, a key generator produces N
keys, K1, K2, ..., KN, where K1 is used in round 1, K2 in
round 2, and so on.
 we introduce two modem symmetric-key ciphers: DES and
AES.

44
Data Encryption
Standard(DES)

 most widely used encryption algorithm.

 DES was designed by IBM.
 US standard.
 64 bit plain text blocks.
 64 bit key.
 Special purpose machine.
 Less than three days.
 DES now worthless.
DES has two transposition blocks (P-boxes) and 16 complex
round ciphers (they are repeated). Although the 16 iteration
round ciphers are conceptually the same, each uses a different
key derived from the original key.
The initial and final permutations are keyless straight
permutations that are the inverse of each other. The
permutation takes a 64-bit input and permutes them according
to predefined values.

46
47
48
DES Function:
the heart of DES is the DES function. The DES function
applies a 48-bit key to the rightmost 32 bits Ri to produce a
32-bit output. This function is made up of four operations: an
expansion permutation, an XOR, a group of S-boxes, and a
straight permutation.

49
50
Advanced Encryption
Standard

 AES is a symmetric block cipher.

 was designed because DES's key was too small.
 Security strength equal to or better than DES,
 Improved efficiency.
 Block length 128 bits.
 AES is designed with three key lengths 128, 192, and 256
bits.
 Evaluation include security, computational efficiency,
memory requirements.
52
53
The End

54