Network Security

Classical Encryption Techniques

Dr. Qaisar Javaid

 Where we are …
• Introduction to network security
• Vulnerabilities in IP
• I. CRYPTOGRAPHY
– Symmetric Encryption and Message Confidentiality
– Public-Key Cryptography and Message Authentication
• II. NETWORK SECURITY APPLICATIONS
– Authentication Applications (Kerberos, X.509)
– Electronic Mail Security (PGP, S/MIME)
– IP Security (IPSec, AH, ESP, IKE)
– Web Security (SSL, TLS, SET)
– Network Management Security (SNMP)
• III. SYSTEM SECURITY
– Intruders and intrusion detection
– Malicious Software (viruses)
– Firewalls and trusted systems

Information Security
 Outline
• Conventional Encryption Principles
• Conventional Encryption Algorithms
– Caeser Cipher
– Monoalphabetic Cipher
– Polyalphabetic Cipher
• Vigenère Cipher
– Rotor Machines
– Steganography
Information Security
 Classical Encryption
Techniques

Many savages at the present day regard their

names as vital parts of themselves, and
therefore take great pains to conceal their
real names, lest these should give to evil-
disposed persons a handle by which to injure
their owners. —The Golden Bough, Sir
James George Frazer

Information Security
 Symmetric Encryption

• Or conventional/private-key/single-key
• Sender and recipient share a common key
• All classical encryption algorithms are
private-key
• Was only type prior to invention of public-
key in 1970’s

Information Security
 Basic Terminology
• Plaintext - the original message
• Ciphertext - the coded message
• Cipher - algorithm for transforming plaintext
to ciphertext
• Key - info used in cipher known only to
sender/receiver
• Encipher (encrypt) - converting plaintext to
ciphertext

Information Security
 Basic Terminology
• Decipher (decrypt) - recovering plaintext
from ciphertext
• Cryptography - study of encryption
principles/methods
• Cryptanalysis (codebreaking) - the study
of principles/ methods of deciphering
ciphertext without knowing key
• Cryptology - the field of both
cryptography and cryptanalysis

Information Security
 Conventional Encryption
Principles
• An encryption scheme has five ingredients:
– Plaintext
– Encryption algorithm
– Secret Key
– Ciphertext
– Decryption algorithm
• Security depends on the secrecy of the
key, not the secrecy of the algorithm

Information Security
Symmetric Cipher Model

Information Security
 Requirements
• Two requirements for secure use of
symmetric encryption:
– a strong encryption algorithm
– a secret key known only to sender / receiver
Y = EK(X)
X = DK(Y)

• Assumes encryption algorithm is known

• Implies a secure channel to distribute key

Information Security
 Cryptography
• Classified along three independent
dimensions:
– type of encryption operations used for
transforming plaintext to ciphertext
• substitution / transposition / product
– number of keys used
• symmetric - single-key or secret key encryption
• asymmetric - two-key or public key encryption
– way in which plaintext is processed
• block / stream

Information Security
 Cryptanalysis
• Two general approaches to attack an
encryption scheme
– Cryptanalysis
• needs encryption algorithm plus some
knowledge regarding the plaintext or some
sample plaintext-ciphertext pair
– Brute-Force attack
• attacker tries every possible key to decrypt.
• needs to check so many keys

Information Security
 Types of Cryptanalytic
Attacks
• Ciphertext only
– attacker only knows the encryption algorithm &
ciphertext
• Known plaintext
– knows the encryption algorithm & ciphertext
– additionally knows some sample plaintext-
ciphertext pairs
• Chosen plaintext
– attacker selects plaintext and obtains ciphertext
to attack cipher
Information Security
 Types of Cryptanalytic
Attacks
• Chosen ciphertext
– select ciphertext and obtain plaintext to attack
cipher
• Chosen text
– select either plaintext or ciphertext to
en/decrypt to attack cipher

Information Security
 Model of Symmetric
Cryptosystem

Information Security
 Brute Force Search
• Always possible to simply try every key
• Most basic attack, proportional to key size
• Assume either know / recognise plaintext

Information Security
 Average Time Required for
Exhaustive Key Search
Key Size Number of Time required at
(bits) Alternative Keys 106 Decryption/µs
32 232 = 4.3 x 109 2.15 milliseconds
56 256 = 7.2 x 1016 10 hours
128 2128 = 3.4 x 1038 5.4 x 1018 years
168 2168 = 3.7 x 1050 5.9 x 1030 years

Information Security
 Time to Break a Code
(Assuming 106 decryptions/µs)

Information Security
 More Definitions
• Unconditional security
– no matter how much computer power is
available, the cipher cannot be broken since the
ciphertext provides insufficient information to
uniquely determine the corresponding plaintext

• Computational security
– given limited computing resources (e.g. time
needed for calculations is greater than age of
universe), the cipher cannot be broken

Information Security
 Classical Substitution
Ciphers
• Where letters of plaintext are replaced by
other letters or by numbers or symbols
• Or if plaintext is viewed as a sequence of
bits, then substitution involves replacing
plaintext bit patterns with ciphertext bit
patterns

Information Security
 Caesar Cipher
• Earliest known substitution cipher
• By Julius Caesar
• First attested use in military affairs
• Replaces each letter by 3rd letter of
alphabets
• Example:
Plaintext: meet me after the toga party
Ciphertext: PHHW PH DIWHU WKH WRJD SDUWB

Information Security
 Caesar Cipher
• Can define transformation as:

• Mathematically give each letter a number

a b c d e f g h i j k l m
0 1 2 3 4 5 6 7 8 9 10 11 12
n o p q r s t u v w x y Z
13 14 15 16 17 18 19 20 21 22 23 24 25

Information Security
 Caesar Cipher
• Then we can generalize Caesar cipher as:
C = E(p) = (p + k) mod (26)
p = D(C) = (C – k) mod (26)

• Where:
p : letter to be converted into ciphertext
k : offset e.g., 3 as in our example
C : ciphertext

Information Security
 Cryptanalysis of Caesar
Cipher
• Only have 26 possible ciphers
– A maps to A,B,..Z
• Could simply try each in turn i.e., using a
brute force search
• Given ciphertext, just try all shifts of
letters

Information Security
Brute-Force
Cryptanalysis
of Caesar
Cipher

Information Security
 Cryptanalysis of Caesar
Cipher
• Do need to recognize when have plaintext
• eg. break ciphertext “KHOOR ZRUOG“

H E L L O W O R L D
-3
K H O O R Z R U O G

Information Security
 Compressed Plaintext
• The input may be abbreviated or
compressed
• Encrypted using simple substitution,
decrypting is not simple as plaintext is not
understandable

Information Security
Sample of Compressed Text

Information Security
 Monoalphabetic Cipher

• Rather than just shifting the alphabet

• Could shuffle (jumble) the letters
arbitrarily
• Each plaintext letter maps to a different
random ciphertext letter
• Hence key is 26 letters long

Information Security
 Monoalphabetic Cipher
• Key is 26 letters long

Information Security
 Monoalphabetic Cipher
Example

Plaintext: ifwewishtoreplaceletters

Ciphertext: DMLVLDOFIRJVYWKPVWVIIVJO

Information Security
 Monoalphabetic Cipher
Security

• Now have a total of 26! = 4 x 1026 keys

• With so many keys, might think it is secure
• But would be !!!WRONG!!!
• Problem is language characteristics

Information Security
 Language Redundancy and
Cryptanalysis
• Human languages are redundant
• e.g. ciphertext
" DMLVLDOFIRJVYWKPVWVIIVJO "
Plaintext
“ifwewishtoreplaceletters”
• Can see the redundancy in the ciphertext
– it can be exploited
• Letters are not equally commonly used
Information Security
 Language Redundancy and
Cryptanalysis
• In English e is by far the most common
letter
• Then T,R,N,I,O,A,S
• Other letters are fairly rare; like
Z,J,K,Q,X
• Have tables of single, double & triple letter
frequencies

Information Security
English Letter Frequencies

Information Security
 Use in Cryptanalysis

• Key concept - monoalphabetic substitution

ciphers do not change relative letter
frequencies
• Discovered by Arabian scientists in 9th century
• Calculate letter frequencies for ciphertext
• Compare counts/plots against known values

Information Security
 Use in Cryptanalysis
• If Caesar cipher look for common
peaks/troughs
– peaks at: A-E-I triple, NO pair, RST triple
– troughs at: JK, X-Z
• For monoalphabetic must identify each
letter
– tables of common double/triple letters help

Information Security
 Cryptanalysis Example
• Given ciphertext:
UZQSOVUOHXMOPVGPOZPEVSGZWSZOPFPESXUDBMETSXAIZ
VUEPHZHMDZSHZOWSFPAPPDTSVPQUZWYMXUZUHSX
EPYEPOPDZSZUFPOMBZWPFUPZHMDJUDTMOHMQ

• Count relative letter frequencies (see text)

• Guess P & Z are ‘e’ and ‘t’
• Guess ZW is ‘th’ and hence ZWP is ‘the’
• Proceeding with trial and error finally get:
it was disclosed yesterday that several informal but
direct contacts have been made with political
representatives of the viet cong in moscow
Information Security
 Playfair Cipher
• Not even the large number of keys in a
monoalphabetic cipher provides security
• One approach to improving security was to
encrypt multiple letters
• The Playfair Cipher is an example
• Invented by Charles Wheatstone in 1854,
but named after his friend Baron Playfair

Information Security
 Playfair Key Matrix
• A 5X5 matrix of letters based on a
keyword
• Fill in letters of keyword (sans duplicates)
• Fill rest of matrix with other letters
• e.g., using the keyword MONARCHY
M O N A R
C H Y B D
E F G I/J K
L P Q S T
U V W X Z
Information Security
 Playfair
Encrypting and Decrypting
• Plaintext encrypted two letters at a
time:
1. If a pair is a repeated letter, insert a
filler like 'X', e.g., "balloon" encrypts
as "ba lx lo on"
2. If both letters fall in same row, M
C
O
H
N
Y
A
B
R
D
replace each with letter to right E F G I K
(wrapping back to start from end) L
U
P
V
Q
W
S
X
T
Z
e.g., “ar" encrypts as "RM"
Information Security
 Playfair
Encrypting and Decrypting
3. If both letters fall in the same column,
replace each with the letter below it
(again wrapping to top from bottom),
e.g., “mu" encrypts to "CM"
M O N A R
C H Y B D
4. Otherwise each letter replaced E F G I K
by the one in its row in the column L P Q S T
of the other letter of the pair, U V W X Z

e.g., “hs" encrypts to "BP", and “ea"

to "IM" or "JM" (as desired)
Information Security
 Security of the Playfair
Cipher
• Security much improved over monoalphabetic
• Since have 26 x 26 = 676 digrams
• Would need a 676 entry frequency table to
analyse (verses 26 for a monoalphabetic)
• And correspondingly more ciphertext

Information Security
 Security of the Playfair
Cipher
• Was widely used for many years (eg. US &
British military in WW1)
• It can be broken, given a few hundred
letters
• Since still has much of plaintext structure

Information Security
 Polyalphabetic Ciphers
• Another approach to improving security is to
use multiple cipher alphabets
• Makes cryptanalysis harder with more
alphabets to guess and flatter frequency
distribution
• Use a key to select which alphabet is used for
each letter of the message
• Use each alphabet in turn
• Repeat from start after end of key is reached
Information Security
 Vigenère Cipher
• Simplest polyalphabetic substitution cipher
is the Vigenère Cipher
• Effectively multiple Caesar ciphers
• Key is multiple letters long K = k1 k2 ... kd
• ith letter specifies ith alphabet to use

Information Security
 Vigenère Cipher

• Use each alphabet in turn

• Repeat from start after d letters in
message
• Decryption simply works in reverse

Information Security
Modern Vigenère Tableau

Information Security
 Example
• Write the plaintext out
• Write the keyword repeated above it
• Use each key letter as a Caesar cipher key
• Encrypt the corresponding plaintext letter
• e.g. using keyword deceptive

key: deceptivedeceptivedeceptive
key: deceptivedeceptivedeceptive
plaintext: wearediscoveredsaveyourself
plaintext: wearediscoveredsaveyourself
ciphertext: ZICVTWQNGRZGVTWAVZHCQYGLMGJ
ciphertext:ZICVTWQNGRZGVTWAVZHCQYGLMGJ

Information Security
 Aids
• Simple aids can assist with en/decryption
• A Saint-Cyr Slide is a simple manual aid
– a slide with repeated alphabet
– line up plaintext 'A' with key letter, e.g. 'C'
– then read off any mapping for key letter
• Can bend round into a cipher disk
• Or expand into a Vigenère Tableau (see
Table 2.3)

Information Security
 Security of Vigenère
Ciphers
• Have multiple ciphertext letters for each
plaintext letter
• Hence letter frequencies are obscured
• But not totally lost
• Start with letter frequencies
– see if look monoalphabetic or not
• If not, then need to determine number of
alphabets, since then can attach each

Information Security
 Kasiski Method
• Method developed by Babbage / Kasiski
• Repetitions in ciphertext give clues to
period
• So find same plaintext an exact period
apart
• Which results in the same ciphertext
• Of course, could also be random fluke

Information Security
 Kasiski Method
• e.g. repeated “VTW” in previous example
• Suggests size of 3 or 9
• Then attack each monoalphabetic cipher
individually using same techniques as
before

Information Security
 Autokey Cipher
• Ideally want a key as long as the message
• Vigenère proposed the autokey cipher, where
keyword is prefixed to message as key
• Knowing keyword can recover the first few
letters
• Use these in turn on the rest of the message
but still have frequency characteristics to
attack

Information Security
 Autokey Cipher Example
• e.g., given key deceptive

key: deceptivedeceptivedeceptive
plaintext: wearediscoveredsaveyourself
ciphertext:ZICVTWQNGKZEIIGASXSTSLVVWLA

Information Security
 One-Time Pad
• If a truly random key as long as the
message is used, the cipher will be secure
• called a One-Time pad
• Is unbreakable since ciphertext bears no
statistical relationship to the plaintext
• Since for any plaintext & any ciphertext
there exists a key mapping one to other
• Can only use the key once
• It has problem of safe distribution of key
Information Security
 One-Time Pad Example I
ciphertext:
ANKYODKYUREPFJBYOJDSPLREYIUNOFDOIUERFPLUYTS

key:
pxlmvmsydoftyrvzwc tnlebnecvgdupahfzzlmnyih

plaintext:
mr mustard with the candlestick in the hall

Information Security
 One-Time Pad Example II
• Same ciphertext produces two different
outputs with two different keys
ciphertext:
ANKYODKYUREPFJBYOJDSPLREYIUNOFDOIUERFPLUYTS

key:
mfugpmiydgaxgoufhklllmhsqdqogtewbqfgyovuhwt

plaintext:
miss scarlet with the knife in the library

Information Security
 Transposition Ciphers
• Now consider classical transposition or
permutation ciphers
• These hide the message by rearranging the
letter order without altering the actual
letters used
• The cryptanalyst can recognise the cipher
easily since it has the same letter
frequency as the original text

Information Security
 Transpositional Cipher
Example

Information Security
 Rail Fence Cipher
• Write message letters diagonally over a
number of rows
• Then read off cipher row by row
• e.g., write message out as:
m e m a t r h t g p r y
e t e f e t e o a a t

• Giving ciphertext
MEMATRHTGPRYETEFETEOAAT

Information Security
 Row Transposition Ciphers
• A more complex scheme
• Write letters of message out in rows over a
specified number of columns
• Then reorder the columns according to some key
before reading off the rows
Key: 4 3 1 2 5 6 7
Plaintext: a t t a c k p
o s t p o n e
d u n t i l t
w o a m x y z
Ciphertext: TTNAAPTMTSUOAODWCOIXKNLYPETZ
Information Security
 Product Ciphers
• Ciphers using substitutions or
transpositions are not secure because of
language characteristics
• Hence consider using several ciphers in
succession to make harder, but:
– Two substitutions make a more complex
substitution
– Two transpositions make more complex
transposition
– But a substitution followed by a transposition
makes a new much harder cipher
Information Security
 Product Ciphers

• This is bridge from

classical to modern
ciphers

• P-Permutation Box
• S-Substitution Box

Information Security
 Rotor Machines
• Before modern ciphers, rotor machines
were most common product cipher
• These were widely used in WW2
– German Enigma, Allied Hagelin, Japanese Purple

• Implemented as a very complex, varying

substitution cipher

Information Security
 Rotor Machines
• Rotor Machines
– used a series of cylinders
– each giving one substitution
– rotated and changed after each letter was
encrypted

• Each machine with 3 cylinders have

263=17576 alphabets

Information Security
 Three-Rotor Machine
• Initial
setting

Information Security
 Three-Rotor Machine
• Setting
after one
keystroke

Information Security
 Three-Rotor Machine

Information Security
 Steganography
• An alternative to encryption
• Hides existence of message
– Using only a subset of letters/words in a longer
message marked in some way
– Using invisible ink
– Hiding in LSB in graphic image or sound file
• Has drawbacks
– High overhead to hide relatively few info bits

Information Security
 Summary
• Have considered:
– Classical cipher techniques and terminology
– Monoalphabetic substitution ciphers
– Cryptanalysis using letter frequencies
– Playfair ciphers
– Polyalphabetic ciphers
– Transposition ciphers
– Product ciphers and rotor machines
– Steganography

Information Security