Secret key cryptography
- 3. With secret key cryptography, a single key is
used for both encryption and decryption.
the sender uses the key (or some set of rules)
to encrypt the plaintext and sends the
ciphertext to the receiver.
The receiver applies the same key (or ruleset)
to decrypt the message and recover the
plaintext.
Because a single key is used for both
functions, secret key cryptography is also
called symmetric encryption.
- 4. Plaintext: This is the original intelligible message
or data that is fed into the algorithm as input.
Encryption algorithm: The encryption algorithm
performs various substitutions and
transformations on the plaintext.
Secret key: The secret key is also input to the
encryption algorithm. The key is a value
independent of the plaintext and of the
algorithm. The algorithm will produce a different
output depending on the specific key being used
at the time. The exact substitutions and
transformations performed by the algorithm
depend on the key.
- 5. Ciphertext: This is the scrambled message
produced as output. It depends on the
plaintext and the secret key. For a given
message, two different keys will produce two
different ciphertexts. The ciphertext is an
apparently random stream of data and, as it
stands, is unintelligible.
Decryption algorithm: This is essentially the
encryption algorithm run in reverse. It takes
the ciphertext and the secret key and
produces the original plaintext.
- 6. With this form of cryptography, it is obvious
that the key must be known to both the
sender and the receiver; that, in fact, is the
secret. The biggest difficulty with this
approach, of course, is the distribution of the
key.
- 7. two requirements for secure use of symmetric
encryption:
◦ a strong encryption algorithm
◦ a secret key known only to sender / receiver
mathematically have:
Y = E(K, X)
X = D(K, Y)
assume encryption algorithm is known
implies a secure channel to distribute key
- 8. Secret key cryptography schemes are generally
categorized as being either
stream ciphers or block ciphers.
Stream ciphers operate on a single bit (byte or
computer word) at a time and implement some
form of feedback mechanism so that the key is
constantly changing.
A block cipher is so-called because the scheme
encrypts one block of data at a time using the
same key on each block. In general, the same
plaintext block will always encrypt to the same
ciphertext when using the same key in a block
cipher whereas the same plaintext will encrypt to
different ciphertext in a stream cipher.
Secret key cryptography schemes
- 9. Stream ciphers come in several flavors but
two are worth mentioning here.
Self-synchronizing stream ciphers calculate
each bit in the keystream as a function of the
previous n bits in the keystream.
It is termed "self-synchronizing" because the
decryption process can stay synchronized
with the encryption process merely by
knowing how far into the n-bit keystream it
is.
- 10. Block ciphers can operate in one of several modes;
the following four are the most important:
Electronic Codebook (ECB) mode is the simplest, most
obvious application: the secret key is used to encrypt
the plaintext block to form a ciphertext block. Two
identical plaintext blocks, then, will always generate
the same ciphertext block. Although this is the most
common mode of block ciphers, it is susceptible to a
variety of brute-force attacks.
Cipher Block Chaining (CBC) mode adds a feedback
mechanism to the encryption scheme. In CBC, the
plaintext is exclusively-ORed (XORed) with the
previous ciphertext block prior to encryption. In this
mode, two identical blocks of plaintext never encrypt
to the same ciphertext.
- 11. Cipher Feedback (CFB) mode is a block cipher implementation
as a self-synchronizing stream cipher. CFB mode allows data
to be encrypted in units smaller than the block size, which
might be useful in some applications such as encrypting
interactive terminal input. If we were using 1-byte CFB mode,
for example, each incoming character is placed into a shift
register the same size as the block, encrypted, and the block
transmitted. At the receiving side, the ciphertext is decrypted
and the extra bits in the block (i.e., everything above and
beyond the one byte) are discarded.
Output Feedback (OFB) mode is a block cipher
implementation conceptually similar to a synchronous stream
cipher. OFB prevents the same plaintext block from
generating the same ciphertext block by using an internal
feedback mechanism that is independent of both the
plaintext and ciphertext bitstreams.
- 12. SUBSTITUTION TECHNIQUES:-
The two basic building blocks of all
encryption techniques are substitution and
transposition.
A substitution technique is one in which
the letters of plaintext are replaced by other
letters or by numbers or symbols. If the
plaintext is viewed as a sequence of bits, then
substitution involves replacing plaintext bit
patterns with ciphertext bit patterns.
- 13. The idea behind Caesar Codes is letter
substitution. One strategy uses rotation: turn
the inner wheel and then replace the outer
letters (plaintext) with those in the inner
wheel (ciphertext):
plaintext: CAESAR
ciphertext: PNRFNE
- 14. Then the algorithm can be expressed as follows. For each plaintext letter ,
substitute the ciphertext letter :
C = E(3, p) = (p + 3) mod 26
A shift may be of any amount, so that the general Caesar algorithm is
C = E(k, p) = (p + k) mod 26
where takes on a value in the range 1 to 25.The decryption algorithm is
simply
p = D(k, C) = (C - k) mod 26
- 16. Note: The ASCII code is not about encryption;
it's just a standard for numbering characters.
The existence of such a numbering means
that we can do rotation codes numerically,
like this:
encoded_char = (plaintext_char +
rotation_amount) % 128;
ASCII is now being supplanted by UNICODE,
which is a vastly larger code, designed to
handle all the world's languages.
- 17. only have 26 possible ciphers
A maps to A,B,..Z
could simply try each in turn
a brute force search
given ciphertext, just try all shifts of letters
do need to recognize when have plaintext
eg. break ciphertext "GCUA VQ DTGCM"
- 18. human languages are redundant
eg "th lrd s m shphrd shll nt wnt"
letters are not equally commonly used
in English E is by far the most common
letter
followed by T,R,N,I,O,A,S
other letters like Z,J,K,Q,X are fairly rare
have tables of single, double & triple letter
frequencies for various languages
- 21. one approach to improving security was to
encrypt multiple letters
the Playfair Cipher is an example
invented by Charles Wheatstone in 1854, but
named after his friend Baron Playfair
The best-known multiple-letter encryption
cipher is the Playfair, which treats digrams in
the plaintext as single units and translates
these units into ciphertext digrams.
- 22. The Playfair algorithm is based on the use of
a 5 × 5 matrix of letters constructed using a
keyword.
Example:-
- 23. Keyword – MONARCHY
The matrix is constructed by filling in the
letters of the keyword (minus duplicates)
from left to right and from top to bottom,
and then filling in the remainder of the matrix
with the remaining letters in alphabetic order.
The letters I and J count as one letter.
- 24. 1. Repeating plaintext letters that are in the
same pair are separated with a filler letter,
such as x, so that balloon would be
treated as ba lx lo on.
2. Two plaintext letters that fall in the same
row of the matrix are each replaced by the
letter to the right, with the first element of
the row circularly following the last.
For example, ar is encrypted as RM.
- 25. 3. Two plaintext letters that fall in the same
column are each replaced by the letter
beneath, with the top element of the column
circularly following the last.
For example, mu is encrypted as CM.
4. Otherwise, each plaintext letter in a pair is
replaced by the letter that lies in its own row
and the column occupied by the other
plaintext letter.
Thus, hs becomes BP and ea becomes IM
(or JM, as the encipherer wishes).
- 26. security much improved over
monoalphabetic
since have 26 x 26 = 676 digrams
would need a 676 entry frequency table to
analyse (verses 26 for a monoalphabetic)
and correspondingly more ciphertext
was widely used for many years
eg. by US & British military in WW1
it can be broken, given a few hundred
letters
since still has much of plaintext structure
- 27. simplest polyalphabetic substitution cipher
effectively multiple caesar ciphers
key is multiple letters long K = k1 k2 ... kd
ith letter specifies ith alphabet to use
use each alphabet in turn
repeat from start after d letters in message
decryption simply works in reverse
- 28. write the plaintext out
write the keyword repeated above it
use each key letter as a caesar cipher key
encrypt the corresponding plaintext letter
eg using keyword deceptive
key: deceptivedeceptivedeceptive
plaintext: wearediscoveredsaveyourself
ciphertext:ZICVTWQNGRZGVTWAVZHCQYGLMGJ
- 29. Another interesting multiletter cipher is the
Hill cipher, developed by the mathematician
Lester Hill in 1929.
- 30. Each new message requires a new key of the
same length as the new message. Such a
scheme, known as a one-time pad, is
unbreakable.
It produces random output that bears no
statistical relationship to the plaintext.
Because the ciphertext contains no
information whatsoever about the plaintext,
there is simply no way to break the code.
- 31. Suppose that we are using a following
scheme with 27 characters in which the
twenty-seventh character is the space
character, but with a one-time key that is as
long as the message.
Consider the ciphertext
ANKYODKYUREPFJBYOJDSPLREYIUNOFDOIUERFPLUY
TS