NET3106 – Network Security

WEEK (2)
Classical Encryption Techniques
Houshyar Honar Pajooh
Room Number : AE-3-28 (University Building - East)
Email: houshyarh@sunway.edu.my

Sunway University | NET3106 Network Security | Houshyar Honar Pajooh | Aug 2022
SENSITIVE
 Definitions (1 of 2)
• Plaintext
• An original message
• Ciphertext
• The coded message
• Enciphering/encryption
• The process of converting from plaintext to ciphertext
• Deciphering/decryption
• Restoring the plaintext from the ciphertext

Sunway University | NET3106 Network Security | Houshyar Honar Pajooh | Aug 2022
SENSITIVE
 Definitions (2 of 2)
• Cryptography
• The area of study of the many schemes used for encryption
• Cryptographic system/cipher
• A scheme
• Cryptanalysis
• Techniques used for deciphering a message without any
knowledge of the enciphering details
• Cryptology
• The areas of cryptography and cryptanalysis

Sunway University | NET3106 Network Security | Houshyar Honar Pajooh | Aug 2022
SENSITIVE
 Simplified Model of Symmetric Encryption

Sunway University | NET3106 Network Security | Houshyar Honar Pajooh | Aug 2022
SENSITIVE
 Symmetric Cipher Model
• There are two requirements for secure use of conventional
encryption:

• A strong encryption algorithm

• Sender and receiver must have obtained copies of the

secret key in a secure fashion and must keep the key secure

Sunway University | NET3106 Network Security | Houshyar Honar Pajooh | Aug 2022
SENSITIVE
 Model of Symmetric Cryptosystem

Sunway University | NET3106 Network Security | Houshyar Honar Pajooh | Aug 2022
SENSITIVE
 Cryptographic Systems
• Characterized along three independent dimensions:
• The type of operations used for transforming plaintext to ciphertext
• Substitution
• Transposition
• The number of keys used
• Symmetric, single-key, secret-key, conventional encryption
• Asymmetric, two-key, or public-key encryption
• The way in which the plaintext is processed
• Block cipher
• Stream cipher
Sunway University | NET3106 Network Security | Houshyar Honar Pajooh | Aug 2022
SENSITIVE
 Cryptanalysis and Brute-Force Attack
• Cryptanalysis
• Attack relies on the nature of the algorithm plus some knowledge of the
general characteristics of the plaintext
• Attack exploits the characteristics of the algorithm to attempt to deduce a
specific plaintext or to deduce the key being used
• Brute-force attack
• Attacker tries every possible key on a piece of ciphertext until an intelligible
translation into plaintext is obtained
• On average, half of all possible keys must be tried to achieve success

Sunway University | NET3106 Network Security | Houshyar Honar Pajooh | Aug 2022
SENSITIVE
 Types of Attacks on Encrypted Messages
Type of Attack Known to Cryptanalyst

Ciphertext Only • Encryption algorithm

• Ciphertext
Known Plaintext • Encryption algorithm
• Ciphertext
• One or more plaintext–ciphertext pairs formed with the secret key
Chosen Plaintext • Encryption algorithm
• Ciphertext
• Plaintext message chosen by cryptanalyst, together with its corresponding
ciphertext generated with the secret key
Chosen Ciphertext • Encryption algorithm
• Ciphertext
• Ciphertext chosen by cryptanalyst, together with its corresponding decrypted
plaintext generated with the secret key
Chosen Text • Encryption algorithm
• Ciphertext
• Plaintext message chosen by cryptanalyst, together with its corresponding
ciphertext generated with the secret key
• Ciphertext chosen by cryptanalyst, together with its corresponding decrypted
plaintext generated with the secret key

Sunway University | NET3106 Network Security | Houshyar Honar Pajooh | Aug 2022
SENSITIVE
 Encryption Scheme Security
• Unconditionally secure
• No matter how much time an opponent has, it is
impossible for him or her to decrypt the ciphertext simply
because the required information is not there
• Computationally secure
• The cost of breaking the cipher exceeds the value of the
encrypted information
• The time required to break the cipher exceeds the useful
lifetime of the information

Sunway University | NET3106 Network Security | Houshyar Honar Pajooh | Aug 2022
SENSITIVE
 Brute-Force Attack
• Involves trying every possible key until an intelligible
translation of the ciphertext into plaintext is obtained
• On average, half of all possible keys must be tried to achieve
success
• To supplement the brute-force approach, some degree of
knowledge about the expected plaintext is needed, and some
means of automatically distinguishing plaintext from garble is
also needed

Sunway University | NET3106 Network Security | Houshyar Honar Pajooh | Aug 2022
SENSITIVE
 Strong Encryption
• The term strong encryption refers to encryption schemes that
make it impractically difficult for unauthorized persons or
systems to gain access to plaintext that has been encrypted
• Properties that make an encryption algorithm strong are:
• Appropriate choice of cryptographic algorithm
• Use of sufficiently long key lengths
• Appropriate choice of protocols
• A well-engineered implementation
• Absence of deliberately introduced hidden flaws

Sunway University | NET3106 Network Security | Houshyar Honar Pajooh | Aug 2022
SENSITIVE
 Substitution Technique
• Is one in which the letters of plaintext are replaced by other
letters or by numbers or symbols
• If the plaintext is viewed as a sequence of bits, then
substitution involves replacing plaintext bit patterns with
ciphertext bit patterns

Sunway University | NET3106 Network Security | Houshyar Honar Pajooh | Aug 2022
SENSITIVE
 Caesar Cipher
• Simplest and earliest known use of a substitution cipher
• Used by Julius Caesar
• Involves replacing each letter of the alphabet with the letter
standing three places further down the alphabet
• Alphabet is wrapped around so that the letter following Z is A

plain: meet me after the toga party

cipher: PHHW PH DIWHU WKH WRJD SDUWB

Sunway University | NET3106 Network Security | Houshyar Honar Pajooh | Aug 2022
SENSITIVE
 Caesar Cipher Algorithm
• Can define transformation as:
abcdefghijklmnopqrstuvwxyz
DEFGHIJKLMNOPQRSTUVWXYZABC
• Mathematically give each letter a number
abcdefghij k l m n o p q r s t u v w x y z
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25
• Algorithm can be expressed as:
c = E(3, p) = (p + 3) mod (26)
• A shift may be of any amount, so that the general Caesar algorithm is:
C = E(k , p ) = (p + k ) mod 26
• Where k takes on a value in the range 1 to 25; the decryption algorithm is simply:
p = D(k , C ) = (C − k ) mod 26

Sunway University | NET3106 Network Security | Houshyar Honar Pajooh | Aug 2022
SENSITIVE
 Brute-Force
Cryptanalysis
of Caesar Cipher

Sunway University | NET3106 Network Security | Houshyar Honar Pajooh | Aug 2022
SENSITIVE
 Sample of Compressed Text
Sample of Compressed Text

Sunway University | NET3106 Network Security | Houshyar Honar Pajooh | Aug 2022
SENSITIVE
 Monoalphabetic Cipher
• Permutation
• Of a finite set of elements S is an ordered sequence of all the
elements of S , with each element appearing exactly once
• If the “cipher” line can be any permutation of the 26 alphabetic
characters, then there are 26! or greater than 4 x 1026 possible
keys
• This is 10 orders of magnitude greater than the key space for
DES
• Approach is referred to as a monoalphabetic substitution cipher
because a single cipher alphabet is used per message

Sunway University | NET3106 Network Security | Houshyar Honar Pajooh | Aug 2022
SENSITIVE
 Relative Frequency of Letters in English Text

Sunway University | NET3106 Network Security | Houshyar Honar Pajooh | Aug 2022
SENSITIVE
 Monoalphabetic Ciphers
• Easy to break because they reflect the frequency
data of the original alphabet
• Countermeasure is to provide multiple substitutes
(homophones) for a single letter
• Digram
• Two-letter combination
• Most common is th
• Trigram
• Three-letter combination
• Most frequent is the

Sunway University | NET3106 Network Security | Houshyar Honar Pajooh | Aug 2022
SENSITIVE
 Playfair Cipher
• Best-known multiple-letter encryption cipher
• Treats digrams in the plaintext as single units and translates
these units into ciphertext digrams
• Based on the use of a 5 × 5 matrix of letters constructed using
a keyword
• Invented by British scientist Sir Charles Wheatstone in 1854
• Used as the standard field system by the British Army in World
War I and the U.S. Army and other Allied forces during World
War II

Sunway University | NET3106 Network Security | Houshyar Honar Pajooh | Aug 2022
SENSITIVE
 Playfair Key Matrix
• Fill in letters of keyword (minus duplicates) from left to right
and from top to bottom, then fill in the remainder of the
matrix with the remaining letters in alphabetic order
• Using the keyword MONARCHY:

M O N A R
C H Y B D
E F G I/J K
L P Q S T
U V W X Z

Sunway University | NET3106 Network Security | Houshyar Honar Pajooh | Aug 2022
SENSITIVE
 Relative Frequency of Occurrence of Letters

Sunway University | NET3106 Network Security | Houshyar Honar Pajooh | Aug 2022
SENSITIVE
 Hill Cipher
• Developed by the mathematician Lester Hill in 1929
• Strength is that it completely hides single-letter frequencies
• The use of a larger matrix hides more frequency
information
• A 3 x 3 Hill cipher hides not only single-letter but also two-
letter frequency information
• Strong against a ciphertext-only attack but easily broken with a
known plaintext attack

Sunway University | NET3106 Network Security | Houshyar Honar Pajooh | Aug 2022
SENSITIVE
 Polyalphabetic Ciphers
• Polyalphabetic substitution cipher
• Improves on the simple monoalphabetic technique by
using different monoalphabetic substitutions as one
proceeds through the plaintext message

• All these techniques have the following features in common:

• A set of related monoalphabetic substitution rules is used
• A key determines which particular rule is chosen for a given
transformation

Sunway University | NET3106 Network Security | Houshyar Honar Pajooh | Aug 2022
SENSITIVE
 Vigenère Cipher
• Best known and one of the simplest polyalphabetic
substitution ciphers
• In this scheme the set of related monoalphabetic substitution
rules consists of the 26 Caesar ciphers with shifts of 0 through
25
• Each cipher is denoted by a key letter which is the ciphertext
letter that substitutes for the plaintext letter a

Sunway University | NET3106 Network Security | Houshyar Honar Pajooh | Aug 2022
SENSITIVE
 Example of Vigenère Cipher
• To encrypt a message, a key is needed that is as long as the
message
• Usually, the key is a repeating keyword
• For example, if the keyword is deceptive, the message “we are
discovered save yourself” is encrypted as:

key: deceptivedeceptivedeceptive
plaintext: wearediscoveredsaveyourself
ciphertext: ZICVTWQNGRZGVTWAVZHCQYGLMGJ

Sunway University | NET3106 Network Security | Houshyar Honar Pajooh | Aug 2022
SENSITIVE
 Vigenère Autokey System
• A keyword is concatenated with the plaintext itself to provide a
running key
• Example:

key: deceptivewearediscoveredsav
plaintext: wearediscoveredsaveyourself
ciphertext: ZICVTWQNGKZEIIGASXSTSLVVWLA
• Even this scheme is vulnerable to cryptanalysis
• Because the key and the plaintext share the same frequency
distribution of letters, a statistical technique can be applied

Sunway University | NET3106 Network Security | Houshyar Honar Pajooh | Aug 2022
SENSITIVE
 Vernam Cipher
Vernam Cipher

Sunway University | NET3106 Network Security | Houshyar Honar Pajooh | Aug 2022
SENSITIVE
 One-Time Pad
• Improvement to Vernam cipher • Scheme is unbreakable
proposed by an Army Signal • Produces random output
Corp officer, Joseph Mauborgne that bears no statistical
• Use a random key that is as long relationship to the
as the message so that the key plaintext
need not be repeated • Because the ciphertext
• Key is used to encrypt and contains no information
decrypt a single message and whatsoever about the
then is discarded plaintext, there is simply
no way to break the code
• Each new message requires a
new key of the same length as
the new message

Sunway University | NET3106 Network Security | Houshyar Honar Pajooh | Aug 2022
SENSITIVE
 Difficulties
• The one-time pad offers complete security but, in practice, has two
fundamental difficulties:
• There is the practical problem of making large quantities of random
keys
• Any heavily used system might require millions of random
characters on a regular basis
• Mammoth key distribution problem
• For every message to be sent, a key of equal length is needed by
both sender and receiver
• Because of these difficulties, the one-time pad is of limited utility
• Useful primarily for low-bandwidth channels requiring very high
security
• The one-time pad is the only cryptosystem that exhibits perfect secrecy (see
Appendix F)

Sunway University | NET3106 Network Security | Houshyar Honar Pajooh | Aug 2022
SENSITIVE
 Rail Fence Cipher
• Simplest transposition cipher
• Plaintext is written down as a sequence of diagonals and then
read off as a sequence of rows
• To encipher the message “meet me after the toga party” with a
rail fence of depth 2, we would write:

mematrhtgpry
etefeteoaat
Encrypted message is:
MEMATRHTGPRYETEFETEOAAT

Sunway University | NET3106 Network Security | Houshyar Honar Pajooh | Aug 2022
SENSITIVE
 Row Transposition Cipher
• Is a more complex transposition
• Write the message in a rectangle, row by row, and read the message off,
column by column, but permute the order of the columns
• The order of the columns then becomes the key to the algorithm

Key: 4312 5 67
Plaintext: atta c kp
ostpone
dunt i l t
w o a mx y z
Ciphertext: TTNAAPTMTSUOAODWCOIXKNLYPETZ
Sunway University | NET3106 Network Security | Houshyar Honar Pajooh | Aug 2022
SENSITIVE
 Summary
• Present an overview of the main concepts of symmetric
cryptography
• Explain the difference between cryptanalysis and brute-force
attack
• Understand the operation of a monoalphabetic substitution
cipher

• Understand the operation of a polyalphabetic cipher

• Present an overview of the Hill cipher

Sunway University | NET3106 Network Security | Houshyar Honar Pajooh | Aug 2022
SENSITIVE
 01010001
&
01000001

Sunway University | NET3106 Network Security | Houshyar Honar Pajooh | Aug 2022
SENSITIVE