Chapter Two

Classical Cryptography: Symmetric Cipher Model

Points to be discussed in this chapter:

➢ Definition of Cryptography,
➢ Ingredients of symmetric cipher,
➢ Cryptanalysis and Brute force attack,
➢ Dimensions of cryptography,
➢ Steganography,

By Bereket S.

1
 Cryptography
➢ Cryptography comes from the Greek word from Crypto and Graphia which
means secret writing.
➢ Cryptography is a science that studies the writing of a secret, in which the
definition of cryptography according to (Schneier, 1996) is the science as
well as the arts to maintain the security of messages (message).
➢ Cryptography is part of a branch of mathematical science called Cryptology.
➢ Cryptography aims to maintain the confidentiality of information contained
in the data so that the information can not be known by unauthorized
parties.
➢ Cryptography is the art and science of protecting information from
undesirable individuals by converting it into a form non-recognizable by its
attackers while stored and transmitted
2
 Cont.
➢ Encryption is the process of securing an information by making the information
unreadable without the help of knowledge and or special tools.
➢ The way used to perform encryption is to change a code from an understandable into a
code that can not be understood.
➢ A coding system uses a table or dictionary that has been defined to replace the word of
the information or piece of information sent.
➢ Encryption can be interpreted as a code or cipher. A cipher uses an algorithm that can
encode all stream data streams from a message into an unintelligible cryptogram.
➢ Decryption is an algorithm or a way that can be used to read encrypted information for
readability.
➢ In other words the description is the process of giving the result given from the
encryption process into the initial form before the encryption.

3
 Symmetric Encryption
➢ Symmetric encryption is a form of cryptosystem in which encryption and
decryption are performed using the same key.
➢ It is also known as conventional encryption.
➢ Symmetric encryption transforms plaintext into ciphertext using a secret key
and an encryption algorithm.
➢ Using the same key and a decryption algorithm, the plaintext is recovered from
the ciphertext.
➢ The two types of attack on an encryption algorithm are cryptanalysis, based on
properties of the encryption algorithm, and brute-force, which involves trying
all possible keys.

4
 A symmetric encryption scheme has five ingredients:
➢ Plaintext: This is the original intelligible message or data that is fed into the
algorithm as input.
➢ Encryption algorithm: The encryption algorithm performs various
substitutions and transformations on the plaintext.
➢ Secret key: The secret key is also input to the encryption algorithm. The key is
a value independent of the plaintext and of the algorithm.
➢ Ciphertext: This is the scrambled message produced as output.
➢ Decryption algorithm: This is essentially the encryption algorithm run in
reverse. It takes the ciphertext and the secret key and produces the original
plaintext.

5
6
 Cryptanalysis and Brute-Force Attack

There are two general approaches to attacking a conventional encryption scheme:

➢ Cryptanalysis: Cryptanalytic attacks rely on the nature of the algorithm plus

perhaps some knowledge of the general characteristics of the plaintext or even
some sample plaintext–ciphertext pairs.

➢ Brute-force attack: The attacker tries every possible key on a piece of

ciphertext until an intelligible translation into plaintext is obtained.

➢ On average, half of all possible keys must be tried to achieve success.

7
Cryptanalysis and Brute-Force Attack

8
➢ Unconditionally secure means if the ciphertext generated by the scheme does
not contain enough information to determine uniquely the corresponding
plaintext, no matter how much ciphertext is available.
➢ That is, no matter how much time an opponent has, it is impossible for him or
her to decrypt the ciphertext simply because the required information is not
there.
➢ Therefore, all that the users of an encryption algorithm can strive for is an
algorithm that meets one or both of the following criteria:
✓ The cost of breaking the cipher exceeds the value of the encrypted information.
✓ The time required to break the cipher exceeds the useful lifetime of the information.
➢ Computationally secure if either of the foregoing two criteria are met.
Unfortunately, it is very difficult to estimate the amount of effort required to
cryptanalyze ciphertext successfully.

9
10
Cryptographic systems are characterized along three independent dimensions:
1. The type of operations used for transforming plaintext to ciphertext.
✓ substitution,
✓ Transposition
✓ Product system
2. The number of keys used.
✓ symmetric, single-key, secret-key, or conventional encryption: If both sender and receiver
use the same key,
✓ two-key, or public-key encryption, asymmetric : If the sender and receiver use different
keys
3. The way in which the plaintext is processed.
✓ A block cipher processes the input one block of elements at a time, producing an output
block for each input block.
✓ A stream cipher processes the input elements continuously, producing output one element
at a time, as it goes along.

11
Substitution Techniques
➢ A substitution technique is one in which the letters of plaintext are replaced by
other letters or by numbers or symbols.
➢ If the plaintext is viewed as a sequence of bits, then substitution involves
replacing plaintext bit patterns with ciphertext bit patterns.
Caesar Cipher
➢ The earliest known, and the simplest, use of a substitution cipher was by Julius
Caesar.
➢ The Caesar cipher involves replacing each letter of the alphabet with the letter
standing three places further down the alphabet. For example,
plain: meet me after the toga party
cipher: PHHW PH DIWHU WKH WRJD SDUWB

12
Substitution Techniques…

13
Substitution Techniques…
➢ If it is known that a given ciphertext is a Caesar cipher, then a brute-force
cryptanalysis is easily performed: simply try all the 25 possible keys.
➢ Figure 2.1 shows the results of applying this strategy to the example ciphertext.
➢ In this case, the plaintext leaps out as occupying the third line.
Three important characteristics of this problem enabled us to use a brute force
cryptanalysis:
1) The encryption and decryption algorithms are known.
2) There are only 25 keys to try.
3) The language of the plaintext is known and easily recognizable.
➢ In most networking situations, we can assume that the algorithms are known.
➢ What generally makes brute-force cryptanalysis impractical is the use of an
algorithm that employs a large number of keys
14
Fig. 2.1 Brute-Force Cryptanalysis of Caesar Cipher
15
 Monoalphabetic Ciphers

➢ With only 25 possible keys, the Caesar cipher is far from secure.
➢ A dramatic increase in the key space can be achieved by allowing an arbitrary
substitution.
➢ A permutation of a finite set of elements is an ordered sequence of all the
elements of , with each element appearing exactly once.
➢ For example, if S = {a, b, c}, there are six permutations of S:
abc, acb, bac, bca, cab, cba
➢ In general, there are ! permutations of a set of elements, because the first
element can be chosen in one of n ways, the second in ways, the third in ways,
and so on.

16
 Monoalphabetic Ciphers…

➢ Recall the assignment for the Caesar cipher:

➢ If, instead, the “cipher” line can be any permutation of the 26 alphabetic
characters, then there are 26! or greater than 4 * 10 26 possible keys.
➢ Such an approach is referred to as a monoalphabetic substitution cipher,
because a single cipher alphabet (mapping from plain alphabet to cipher
alphabet) is used per message.
➢ There is, however, another line of attack.
➢ If the cryptanalyst knows the nature of the plaintext (e.g., noncompressed
English text), then the analyst can exploit the regularities of the language.

17
 Monoalphabetic Ciphers…
➢ To see how such a cryptanalysis might proceed, we give a partial example here.
➢ The ciphertext to be solved is

UZQSOVUOHXMOPVGPOZPEVSGZWSZOPFPESXUDBMETSXAIZ
VUEPHZHMDZSHZOWSFPAPPDTSVPQUZWYMXUZUHSX
EPYEPOPDZSZUFPOMBZWPFUPZHMDJUDTMOHMQ

➢ As a first step, the relative frequency of the letters can be determined and
compared to a standard frequency distribution for English, such as is shown in
Figure 2.2 (in next slide).

18
 Monoalphabetic Ciphers…
➢ If the message were long enough, this technique alone might be sufficient, but
because this is a relatively short message, we cannot expect an exact match.
➢ In any case, the relative frequencies of the letters in the ciphertext (in
percentages) are as follows:

19
 Monoalphabetic Ciphers…

Fig. 2.2 Shows Relative Frequency of Letters in English Text

20
 Monoalphabetic Ciphers…
➢ Comparing this breakdown with Figure 2.2, it seems likely that cipher letters P
and Z are the equivalents of plain letters e and t, but it is not certain which is
which.
➢ The letters S,U,O, M, and H are all of relatively high frequency and probably
correspond to plain letters from the set {a, h, i, n, o, r, s}.
➢ The letters with the lowest frequencies (namely, A, B,G,Y, I, J) are likely
included in the set {b, j, k, q, v, x, z}.
➢ There are a number of ways to proceed at this point.
➢ We could make some tentative assignments and start to fill in the plaintext to
see if it looks like a reasonable “skeleton” of a message.
➢ A more systematic approach is to look for other regularities.
➢ For example, certain words may be known to be in the text.
➢ Or we could look for repeating sequences of cipher letters and try to deduce
their plaintext equivalents.
21
 Monoalphabetic Ciphers…
➢ A powerful tool is to look at the frequency of two-letter combinations, known
➢ as digrams.
➢ A table similar to Figure 2.2 could be drawn up showing the relative frequency
➢ of digrams. The most common such digram is th.
➢ In our ciphertext, the most common digram is ZW, which appears three times.
➢ So we make the correspondence of Z with t and W with h. Then, by our earlier
hypothesis, we can equate P with e.
➢ Now notice that the sequence ZWP appears in the ciphertext, and we can
translate that sequence as “the.”
➢ This is the most frequent trigram (three-letter combination) in English, which
seems to indicate that we are on the right track.

22
 Monoalphabetic Ciphers…
➢ Next, notice the sequence ZWSZ in the first line.
➢ We do not know that these four letters form a complete word, but if they do, it
is of the form th_t. If so, S equates with a.
➢ So far, then, we have

23
 Monoalphabetic Ciphers…
➢ Only four letters have been identified, but already we have quite a bit of the
message.
➢ Continued analysis of frequencies plus trial and error should easily yield a
solution from this point.
➢ The complete plaintext, with spaces added between words, follows:

it was disclosed yesterday that several informal but

direct contacts have been made with political
representatives of the viet cong in Moscow

➢ Monoalphabetic ciphers are easy to break because they reflect the frequency
data of the original alphabet.

24
 Playfair Cipher
➢ The best-known multiple-letter encryption cipher is the Playfair, which treats
digrams in the plaintext as single units and translates these units into ciphertext
digrams.
➢ The Playfair algorithm is based on the use of a 5 × 5 matrix of letters
constructed using a keyword.
➢ Here is an example, solved by Lord Peter Wimsey in Dorothy Sayers’s Have
His Carcase.

➢ In this case, the keyword is MONARCHY.

25
 Playfair Cipher…
➢ The matrix is constructed by filling in the letters of the keyword (minus
duplicates) from left to right and from top to bottom, and then filling in the
remainder of the matrix with the remaining letters in alphabetic order.
➢ The letters I and J count as one letter.
➢ Plaintext is encrypted two letters at a time, according to the following rules:
1. Repeating plaintext letters that are in the same pair are separated with a filler
letter, such as x, so that balloon would be treated as ba lx lo on.
2. Two plaintext letters that fall in the same row of the matrix are each replaced
by the letter to the right, with the first element of the row circularly following
the last. For example, ar is encrypted as RM.
3. Two plaintext letters that fall in the same column are each replaced by the
letter beneath, with the top element of the column circularly following the last.
For example, mu is encrypted as CM.
4. Otherwise, each plaintext letter in a pair is replaced by the letter that lies in its
own row and the column occupied by the other plaintext letter. Thus, hs
becomes BP and ea becomes IM (or JM, as the encipherer wishes).

26
 Playfair Cipher…
➢ The Playfair cipher is a great advance over simple monoalphabetic ciphers.
➢ For one thing, whereas there are only 26 letters, there are 26 × 26 = 676
digrams, so that identification of individual digrams is more difficult.
➢ Furthermore, the relative frequencies of individual letters exhibit a much
greater range than that of digrams, making frequency analysis much more
difficult.
➢ For these reasons, the Playfair cipher was for a long time considered
unbreakable.
➢ It was used as the standard field system by the British Army in World War I and
still enjoyed considerable use by the U.S. Army and other Allied forces during
World War II.
➢ Despite this level of confidence in its security, the Playfair cipher is relatively
easy to break, because it still leaves much of the structure of the plaintext
language intact.
➢ A few hundred letters of ciphertext are generally sufficient.
27
 Polyalphabetic Ciphers
VIGEN`ERE CIPHER:
➢ The best known, and one of the simplest, polyalphabetic ciphers is the Vigenère
cipher.

28
Polyalphabetic Ciphers…

29
 Polyalphabetic Ciphers…
➢ For example, if the keyword is deceptive, the message “we are discovered save
yourself” is encrypted as:
➢ key: deceptivedeceptivedeceptive
➢ plaintext: wearediscoveredsaveyourself
➢ ciphertext: ZICVTWQNGRZGVTWAVZHCQYGLMGJ

30
 Polyalphabetic Ciphers…
➢ The strength of this cipher is that there are multiple ciphertext letters for each
plaintext letter, one for each unique letter of the keyword.
➢ Thus, the letter frequency information is obscured.
➢ However, not all knowledge of the plaintext structure is lost.
➢ An improvement is achieved over the Playfair cipher, but considerable
frequency information remains.
➢ It is instructive to sketch a method of breaking this cipher, because the method
reveals some of the mathematical principles that apply in cryptanalysis.

31
 TRANSPOSITION TECHNIQUES
➢ All the techniques examined so far involve the substitution of a ciphertext
symbol for a plaintext symbol.
➢ A very different kind of mapping is achieved by performing some sort of
permutation on the plaintext letters.
➢ This technique is referred to as a transposition cipher.
➢ The simplest such cipher is the rail fence technique, in which the plaintext is
written down as a sequence of diagonals and then read off as a sequence of
rows.

32
 TRANSPOSITION TECHNIQUES…
➢ For example, to encipher the message “meet me after the toga party” with a rail
fence of depth 2, we write the following:
m e m a t r h t g p r y
e t e f e t e o a a t
➢ The encrypted message is: MEMATRHTGPRYETEFETEOAAT

33
 TRANSPOSITION TECHNIQUES…
➢ This sort of thing would be trivial to cryptanalyze.
➢ A more complex scheme is to write the message in a rectangle, row by row, and
read the message off, column by column, but permute the order of the columns.
➢ The order of the columns then becomes the key to the algorithm.
➢ For example,

➢ Thus, in this example, the key is 4312567.

➢ To encrypt, start with the column that is labeled 1, in this case column 3.
➢ Write down all the letters in that column.
➢ Proceed to column 4, which is labeled 2, then column 2, then column 1, then
columns 5, 6, and 7.

34
 TRANSPOSITION TECHNIQUES…
➢ A pure transposition cipher is easily recognized because it has the same letter
frequencies as the original plaintext.
➢ For the type of columnar transposition just shown, cryptanalysis is fairly
straightforward and involves laying out the ciphertext in a matrix and playing
around with column positions.
➢ Digram and trigram frequency tables can be useful.
➢ The transposition cipher can be made significantly more secure by performing
more than one stage of transposition.
➢ The result is a more complex permutation that is not easily reconstructed.

35
 TRANSPOSITION TECHNIQUES…
➢ if the foregoing message is re-encrypted using the same algorithm,

36
 Rotor Machine (Product System)
➢ The example just given suggests that multiple stages of encryption can produce
an algorithm that is significantly more difficult to cryptanalyze.
➢ This is as true of substitution ciphers as it is of transposition ciphers.
➢ The basic principle of the rotor machine is illustrated in Figure 2.8.
➢ The machine consists of a set of independently rotating cylinders through
which electrical pulses can flow.
➢ Each cylinder has 26 input pins and 26 output pins, with internal wiring that
connects each input pin to a unique output pin.

37
 Rotor Machine…
➢ For simplicity, only three of the internal connections in each cylinder are
shown.

38
Rotor Machine…

39
 Steganography
➢ Plaintext message may be hidden in one of two ways.
➢ The methods of steganography conceal the existence of the message, whereas
the methods of cryptography render the message unintelligible to outsiders by
various transformations of the text.
➢ Embedding a secret message in plain text.
➢ For example , consider the following sentence:
"This example contains highly Technical expressions regarding modern
simulations."
➢ The first letter of each word produces the hidden phrase, "TechTerms."

40
 Practical Works
1. Write a Java/C++ code which implements the following classical
cryptographic algorithms:
a. Polyalphabetic ciphers (Vigenère ciphter)
b. Playfair cipher
c. Rail fence
2. Analyze the above ciphertext output based on the language pattern.
(Hint. Narrate it in the understanding of cryptanalysis)

41