GEMMW

Mathematics in the Modern World

MODULE 5: CRYPTOGRAPHY

Learning Outcomes:

At the end of this module, the students should be able to:

1. Understand the basic principles of cryptography.

2. Analyze codes and coding scheme used for identification, privacy, and security
purposes.

3. Decode the different ciphers.

CRYPTOGRAPHY

Social media applications are a trend to a lot of people. We are able to reach
and communicate with people no matter where they are. However, we use these
applications without knowing if these applications are secure enough to call it a
“private” conversation.

Applications such as Telegram and Facebook Messenger employ an end-to-

end encryption (E2EE) which is the most secure type of cryptography. For each
user, the platform issues a pair of public and private encryption keys. It stores the
public keys on its servers, but private keys are stored on user devices only.

Users can retrieve one another’s public keys from servers to encrypt their
messages. Each message encrypted with a public key can only be decrypted by with
its corresponding private key, which is in the exclusive ownership of the recipient.
E2EE ensures that not even the company that hosts the application can access
message content. Even if hackers break into their servers or three-letter agencies
force them to hand over user data, they won’t be able to decrypt the content of
messages.

There are three notions of security which we need to understand before we go

deeper in this topic. These are:
 a. Perfect security - the scheme is said to have perfect security or to have
information theoretic security, if an adversary with infinite computing power
can learn nothing about the plaintext given the ciphertext.
b. Semantic security - This is similar to perfect security but we only allow an
adversary with polynomially bounded computer power
c. Polynomial security - this is sometimes called indistinguishability of
encryptions, it is said to be so because if no adversary can win the following
game with probability greater than one half.

Communication security is the discipline of preventing unauthorized

interceptors from accessing telecommunications in an intelligible form, while still
delivering content to the intended recipients.

This field includes cryptographic security, transmission security, emissions

security and physical security of COMSEC (Communication Security) equipment and
associated keying material.

COMSEC is used to protect both classified and unclassified traffic on military

communications networks, including voice, video, and data. It is used for both
analog and digital applications, and both wired and wireless links.

Fields of Communication Security

• Cryptographic Security. The component of communications security that

results from the provision of technically sound cryptosystems and their proper
use.
• Emission Security (EMSEC). This refers to the protection resulting from all
measures taken to deny unauthorized persons’ information of value that might
be derived from communications systems and cryptographic equipment
intercepts and the interception and analysis of compromising emanations from
cryptographic — equipment, information systems, and telecommunication
systems.
• Transmission Security (TRANSEC). The component of communication
security that results from the application of measures designed to protect
 transmissions from interceptions and exploitation by means other than
cryptanalysis.
• Physical Security. The component of communications security that results
from all physical measures necessary to safeguard classified equipment,
material, and documents from access thereto or observation thereof by
unauthorized persons.

Double Encryption

To encipher a message the sending operator decided on a message key. The

message key would be a sequence of three letters, say D H I. The message key
needs to be transported to the recipient. Using the day key, the message would be
enciphered twice. The double enciphering is to act as a form of error control. Hence,
D H I might be enciphered as X H J K L M. Note, that D encrypts to X and then K,
this is a property of the Enigma Machine.
Name:______________________________________Score:_________________
Section:_____________________________________Date:__________________

Activity 1
Cryptography

Try to decipher the following message using the following clues.

LETTER EQUIVALENT LETTER EQUIVALENT

Z A M N
Y B L O
X C K P
W D J Q
V E I R
U F H S
T G G T
S H F U
R I E V
Q J D W
P K C X
O L B Y
N M A Z

“GSV LMOB DZB GL OVZIM NZGRVNZGSXH RH GL WL NZGRVNZGSXH”

- KZFO SZONLH

Message:
PRINCIPLES OF CRYPTOGRAPHY

Cryptography is the science of using mathematics to encrypt and decrypt

data.

Cryptography enables you to store sensitive information or transmit it across

insecure networks so that it cannot be read or understood by anyone except the

intended recipient.

Cryptanalysis is the science of analyzing and breaking secure

communication.

Classical cryptanalysis involves an interesting combination of analytical

reasoning, application of mathematical symbols, pattern finding, patience,

determination, and luck. Cryptanalysts are also called attackers.

Cryptology embraces both cryptography and cryptanalysis.

Cryptography can be strong or weak. Its strength is measured in the time

and resources it would require to recover the plaintext. The result of strong

cryptography is ciphertext that is very difficult to decipher without possession of the

appropriate decoding tool.

Cryptographic algorithm, or cipher, is a mathematical function used in the

encryption and decryption process. It works in combination with a key – a word,

number, or phrase – to encrypt the plaintext. The security of encrypted data is

entirely dependent on two things: strength of the cryptographic algorithm and the

secrecy of the key.

A cryptographic algorithm, and all possible keys and all the protocols that

make it work comprise a cryptosystem.

 Conventional cryptography, also called secret-key or symmetric-key

encryption, involves only one key that is used for encryption and decryption.

Conventional Cryptography

Plaintext Encryption Ciphertext Decryption Plaintext

Public key cryptography solves the problem of key distribution. This is an

asymmetric scheme that uses a pair of keys for encryption: a public key which

encrypts data and a secret key for decryption.

The concept was introduced by Whitfield Diffie and Martin Hellman in 1975.

Public Key Encryption

Plaintext

Encryption (Using Public Key)

Ciphertext

Decryption (Using Private Key)

Plaintext
 Pretty Good Privacy (PGP) combines some of the best features of both

conventional and public key cryptography. It is a hybrid cryptosystem.

When a user encrypts plaintext with PGP, PGP first compresses the plaintext. Data

compression saves modem transmission time and disk space and, more importantly,

strengthens cryptographic security.

Compression reduces these patterns in the plaintext, thereby greatly

enhancing resistance to cryptanalysis.

PGP then creates a session key, which is a one-time-only secret key. This

key is a random number generated from the random movements of your mouse and

the keystrokes you type. This session key works with a very secure, fast

conventional encryption algorithm to encrypt the plaintext; the result is ciphertext.

Once the data is encrypted, the session key is then encrypted to the recipient’s

public key. This public key-encrypted session key is transmitted along with the

ciphertext to the recipient.

PGP Encryption

Ciphertext +
encrypted
Session key is session key
encrypted with
Plaintext is public key
encrypted with
session key
 Decryption works in reverse. The recipients’ copy of PGP uses his or her

private key to recover the temporary session key, which PGP then uses to decrypt

the conventionally-encrypted ciphertext.

PGP Decryption

Encrypted
session key
recipients
session key
private key
Encrypted used to original
used to
Message decrypt plaintext
decrypt
cipher text
session key

Ciphertext

The combination of the two encryption methods combines the convenience of

public key encryption with the speed of conventional encryption. Conventional

encryption is about 1,000 times faster than public key encryption. Public key

encryption in turn provides a solution to key distribution and data transmission

issues. Used together, performance and key distribution are improved without any

sacrifice in security.

A key is a value that works with a cryptographic algorithm to produce a

specific ciphertext. Keys are basically really, really, really big numbers. Key size is

measured in bits. In public key cryptography, the bigger the key, the more secure

the ciphertext.
 However, public key size and conventional cryptography’s secret key size are

totally unrelated. A conventional 80-bit key has the equivalent strength of a 1024-bit

public key. A conventional 128-bit key is equivalent to a 3000-bit public key. Again,

the bigger the key, the more secure, but the algorithms used for each type of

cryptography are very different.

CIPHER METHOD

Caesar’s Cipher

A substitution cipher substitutes one piece of information for another. This is

most frequently done by offsetting letters of the alphabet. This kind of cipher is the
cipher used in the activity earlier.

Example: If the word “SECRET” will be encoded using Caesar’s key value of 3,
the alphabet will be offset so that the 3rd letter down (D) begins the
alphabet.

So, starting with:

ABCDEFGHIJKLMNOPQRSTUVWXYZ

and sliding everything up by 3, you get

DEFGHIJKLMNOPQRSTUVWXYZABC

where D = A, E = B, F = C, and so on.

Therefore, the plaintext SECRET encrypts as “VHFUHW” using this scheme.

To allow someone else to read the ciphertext, tell them that the key is 3.

Affine Ciphers

Affine cipher uses an encrypting function with additions and multiplication

which convert a letter of value x in a 26 letters alphabet into another letter with value
of (Ax+B) modulo 26.
 Encryption uses a classic alphabet and two integers called coefficients or
keys A and B.

Using the 26 characters alphabet (m = 26), A should be chosen relatively prime to m.

A B C D E F G H I J K L M
1 2 3 4 5 6 7 8 9 10 11 12 13
N O P Q R S T U V W X Y Z
14 15 16 17 18 19 20 21 22 23 24 25 26

Francis Bacon Cipher

Francis Bacon created one of the more interesting substitution ciphers. He

used two different type faces slightly differing in weight (boldness). He broke up his
ciphertext into 5 - character groups, each of which would represent one character in
his plaintext. Depending on which characters of the group were bold, one could
determine the plaintext character using the following table (* stands for a plain
character and B for a bold character)

A=***** H=**BBB O=*BBB* V=B*B*B

B=****B I=*B*** P=*BBBB W=B*BB*

C=***B* J=*B**B Q=B**** X=B*BBB

D=***BB K=*B*B* R=B***B Y=BB***

E=**B** L=*B*BB S=B**B* Z=BB**B

F=**B*B M=*BB** T=B**BB

G=**BB* N=*BB*B U=B*B**

The same secret message as above would appear as (Bacon's bold and plain
characters were less obvious than those below):

To be or not to be that is the question.

Whether 'tis nobler in the mind to

suffer the slings and arrows of

outrageous fortune or to take arms

against a sea of troubles and by

opposing end them?

 To decipher, we just break the characters into groups of 5 and use the key
above to find the plaintext message.

M E E T M E B E
Tobeo rnott obeth atist heque stion Wheth ertis

H I N D T H E G
noble rinth emind tosuf ferth eslin gsand arrow

Y M A F T E R S
sofou trage ousfo rtune ortot akear msaga insta

C H O O L
seaof troub lesan dbyop posin gendt hem?

Message: MEET ME BEHIND THE GYM AFTER SCHOOL

Columnar Transposition

It works like this:

First, think of a secret key word. Ours will be the word SECRET. Next, write it
above the columns of letters in the square, and number the letters of the key word as
they would fall if we placed them in alphabetical order. (If there are duplicate letters,
like the "E", they are numbered from left to right.)

5 2 1 4 3 6
S E C R E T
M E E T M E
A F T E R S
C H O O L B
E H I N D T
H E G Y M O

Now write the columns down in the order indicated by the numbers. The
resulting ciphertext looking like this:

ETOIG EFHHE MRLDM TEONY MACEH ESBTO

Polybius Square

This is called the Polybius Square, since it

1 2 3 4 5
was first described by Polybius in his “Histories” in
around 150BC. It has been used by many cultures
1 A B C D E
throughout history in different sizes depending on
the length of the alphabet (for example the
2 F G H I/J K
Japanese used a 7 × 7 grid). Although useful as a
form of enciphering, it is not particularly strong.
3 L M N O P

4 Q R S T U

5 V W X Y Z

Example:

32 15 44 23 34 14 24 33 44 23 15 32 11
14 33 15 43 43

Decryption:

32 15 44 23 34 14 24 33 44 23 15 32 11

M E T H O D I/J N T H E M A

14 33 15 43 43

D N E S S

Message: METHOD IN THE MADNESS

QWERTY Code

Plaintext letter ABCDEFGHIJKLMNOPQRSTUVWXYZ

Ciphertext letter QWERTYUIOPASDFGHJKLZXCVBNM

You can construct a secret message from the above table. Every time you see
an "I" you would substitute the "O" beneath and so on for the other characters. The
message "Meet me after school behind the gym," would read

"DTTZ DT QYZTK LEIGGS WTIOFR ZIT UND."

 Word lengths - especially the short words - give great clues as to the nature of
the code (see frequency charts). To help conceal your message, ignore the spaces
and break the message up into equal-sized chunks. Five letters are customary in the
spy biz, so your message comes out like this (Note that an extra "dummy" character
"M" is added at the end to make it come out with a 5-letter group. Your recipient
should have no trouble with the extra character.

DTTZD TQYZT KLEIG GSWTI OFRZI TUNDM

Name:______________________________________Score:_________________
Section:_____________________________________Date:__________________

Activity 2
Cipher Method

Using Caesar’s Cipher key 5, write the quotation:

“Mathematics is the language with which God wrote the universe”

- Galileo Galilei
References:

Sirug, W. S. (2018). Mathematics in the Modern World