CYB 501 – Foundation of Information Security
Chapter 8 Cryptography
Liudong Zuo (lzuo@csudh.edu)
Computer Science Department
California State University, Dominguez Hills
Learning Objectives
• Upon completion of this material, you should be able to:
– Chronicle the most significant events and discoveries in the history
of cryptology
– Explain the basic principles of cryptography
– Describe the operating principles of the most popular cryptographic
tools
– List and explain the major protocols used for secure communications
Cryptography
Introduction
• Cryptology is the field of science that encompasses cryptography and
cryptanalysis.
– Cryptography is the process of making and using codes to secure
information. Cryptography comes from the Greek words kryptos, meaning
“hidden,” and graphein, meaning “to write”.
– Cryptanalysis is the process of obtaining the plaintext message from a
ciphertext message without knowing the keys used to perform the
encryption. An individual or system usually encrypts a plaintext message into
ciphertext, making it unreadable to unauthorized people—those without the
key needed to decrypt the message back into plaintext, where it can be read
and understood.
• Cryptography uses mathematical algorithms that are usually known to
all. After all, it’s not the knowledge of the algorithm that protects the
encrypted message, it’s the knowledge of the key —a series of
characters or bits injected into the algorithm along with the original
message to create the encrypted message.
Terminology
• Algorithm: The steps used to convert an unencrypted message into an
encrypted sequence of bits or vice versa; sometimes refers to the
programs that enable the cryptographic processes.
• Bit stream cipher: An encryption method that involves converting
plaintext to ciphertext one bit at a time.
• Block cipher: An encryption method that involves dividing the plaintext
into blocks or sets of bits and then converting the plaintext to ciphertext
one block at a time.
• Cipher or code or cryptosystem: A method or process encompassing the
algorithm, key(s) or cryptovariable(s), and procedures used to perform
encryption and decryption.
– The term cipher (sometimes cypher) is often used to refer to a pair of
algorithms, one for encryption and one for decryption.
Terminology
•
Ciphertext or cryptogram: The encoded message resulting from an encryption.
•
Decipher: To decrypt, decode, or convert ciphertext into the equivalent plaintext.
•
Encipher: To encrypt, encode, or convert plaintext into the equivalent ciphertext.
•
Key or cryptovariable: The information used in conjunction with an algorithm to
create the ciphertext from the plaintext or derive the plaintext from the ciphertext.
The key can be a series of bits used by a computer program, or it can be a
passphrase used by people that is then converted into a series of bits used by a
computer program.
•
Plaintext or cleartext: The original unencrypted message, or a message that has
been successfully decrypted.
•
Work factor: The amount of effort (usually in hours) required to perform
cryptanalysis to decode an encrypted message when the key, the algorithm, or
both are unknown.
Cipher Methods
• Plaintext can be encrypted through:
– Bit stream: each plaintext bit is transformed into a cipher bit one bit
at a time.
– Block cipher: message is divided into blocks (e.g., sets of 8- or 16-bit
blocks), and each is transformed into encrypted block of cipher bits
using algorithm and key.
• Bit stream methods commonly use algorithm functions like the exclusive
OR operation (XOR), whereas block methods can use substitution,
transposition, XOR, or some combination of these operations.
Modular Arithmetic
• Modular arithmetic is a system of arithmetic for integers, where numbers
"wrap around" when reaching a certain value, called the modulus.
• Starting at noon, the hour hand points in order to the following:
1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 0, ...
Modular Arithmetic
• When we divide two integers, we will have an equation that looks
like the following:
𝐴
= 𝑄 𝑟𝑒𝑚𝑎𝑖𝑛𝑑𝑒𝑟 𝑅
𝐵
– A is the dividend
– B is the divisor
– Q is the quotient
– R is the remainder
• Sometimes, we are only interested in what the remainder is when
we divide A by B.
A mod B = R
or
A%B=R
Modular Arithmetic
• Example:
– 9%2
– 98 % 4
– 5%2
– 11 % 3
– 17 % 5
– 21 % 3
– -19 % 6
– a % b (a >=0, b > 0)
Substitution Cipher
• Substitution cipher: An encryption method in which one value is
substituted for another.
• Example: Caesar Cipher
"If he had anything confidential to say, he wrote it
in cipher, that is, by so changing the order of the
letters of the alphabet, that not a word could be
made out. If anyone wishes to decipher these,
and get at their meaning, he must substitute the
fourth letter of the alphabet, namely D, for A, and
so with the others."
— Suetonius, Life of Julius Caesar 56
The Caesar cipher is named for
Julius Caesar, who used an
alphabet where decrypting would
shift three letters to the left.
Caesar Cipher
0
1
2
3
4
5
6
7
8
9
1
0
1
1
1
2
1
3
1
4
1
5
1
6
1
7
1
8
1
9
2
0
𝐴 → 0, 𝐵 → 1, … , 𝑍 → 25
Encryption of a letter x by a shift n: (𝑥 + 𝑛) 𝑚𝑜𝑑 26
Decryption of a letter x by a shift n: (𝑥 − 𝑛) 𝑚𝑜𝑑 26
Example: APPLE
Exercise: Orange
2
1
2
2
2
3
2
4
2
5
Exercise
0
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
A
B
C
D
E
F
G
H
I
J
K
L
M
N
O
P
Q
R
S
T
U
V
W
X
Y
Z
1. Suppose the shift n = 5, encrypt the plaintext
SUPERMAN
2.
Suppose the shift n = 5, decrypt the ciphertext
MFWWDUTYYJW
Exercise Solutions
0
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
A
B
C
D
E
F
G
H
I
J
K
L
M
N
O
P
Q
R
S
T
U
V
W
X
Y
Z
1. Suppose the shift n = 5, encrypt the plaintext
SUPERMAN
XZUJWRFS
2.
Suppose the shift n = 5, decrypt the ciphertext
MFWWDUTYYJW
HARRYPOTTER
Cryptanalysis
• Cryptanalysis is the art of breaking codes and ciphers.
• Application of the Caesar cipher does not change letter frequencies.
Polyalphabetic Substitutions
• Caesar Cipher is based on a single alphabet and thus is known as a
monoalphabetic substitution.
• More advanced substitution ciphers use two or more alphabets, and are
referred to as polyalphabetic substitutions.
• Example:
Plaintext:
ABCDEFGHIJKLMNOPQRSTUVWXYZ
Substitution cipher 1: DEFGHIJKLMNOPQRSTUVWXYZABC
Substitution cipher 2: GHIJKLMNOPQRSTUVWXYZABCDEF
Substitution cipher 3: JKLMNOPQRSTUVWXYZABCDEFGHI
Substitution cipher 4: MNOPQRSTUVWXYZABCDEFGHIJKL
The first row here is the plaintext, and the next four rows are four sets of
substitution ciphers, which taken together constitute a single
polyalphabetic substitution cipher.
Example: encode the word TEXT
Exercise
Plaintext:
ABCDEFGHIJKLMNOPQRSTUVWXYZ
Substitution cipher 1: DEFGHIJKLMNOPQRSTUVWXYZABC
Substitution cipher 2: GHIJKLMNOPQRSTUVWXYZABCDEF
Substitution cipher 3: JKLMNOPQRSTUVWXYZABCDEFGHI
Substitution cipher 4: MNOPQRSTUVWXYZABCDEFGHIJKL
1. Encrypt the plaintext
HOLA
2. Decrypt the ciphertext
ZUZY
Vigenère Cipher
• An advanced type of substitution cipher that uses a simple
polyalphabetic code is the Vigenère cipher. The cipher is implemented
using the Vigenère square (or table).
• Vigenère square is made up of 26 distinct cipher alphabets. In the
header row and column, the alphabet is written in its normal order. In
each subsequent row, the alphabet is shifted one letter to the right until a
26 x 26 block of letters is formed.
• You can use the Vigenère square in several ways. For example, you
could perform an encryption by simply starting in the first row, finding a
substitute for the first letter of plaintext, and then moving down the rows
for each subsequent letter of plaintext.
• Example: SECURITY in plaintext → TGFYWOAG in ciphertext.
• Exercise:
Encrypt the plaintext
Decrypt the ciphertext
HOLA
ZUZY
Vigenère Square (Table)
Vigenère Cipher
• A much more sophisticated way to use the Vigenère square is to use a
keyword to represent the shift. To accomplish this, you begin by writing a
keyword above the plaintext message.
• Example:
– plaintext message is SACK GAUL SPARE NO ONE
– keyword is ITALY
We thus end up with the following
plaintext message is I LOVE APPLES
keyword is KIWI
Use the keyword letter to locate the column and the message letter to
find the row, and then look for the letter at their intersection. Thus, for
column “I” and row “S,” you will find the ciphertext letter “A.”
Vigenère Cipher
ATCVEINLDNIKEYMWGE
• One weakness of this method is that any keyword-message letter
combination containing an “A” row or column reproduces the plaintext
message letter.
• Example: the third letter in the plaintext message, the C (of SACK), has
a combination of AC, and thus is unchanged in the ciphertext. To
minimize the effects of this weakness, you should avoid choosing a
keyword that contains the letter “A.”
Transposition Cipher
• A table is used to do the transposition. The number of columns of
the table is determined by the length of the key.
• Example:
– the key ZEBRAS is of length 6, so the number of column is 6.
– Plaintext: WE ARE DISCOVERED. FLEE AT ONCE.
W
E
A
R
E
D
W
E
A
R
E
D
I
S
C
O
V
E
I
S
C
O
V
E
R
E
D
F
L
E
R
E
D
F
L
E
E
A
T
O
N
C
E
A
T
O
N
C
E
Q
K
J
E
U
E
– The last row is not full filled, we can fill in some random letters.
Transposition Cipher
• The permutation is defined by the alphabetical order of the letters
in the keyword.
– In this example, the key is ZEBRAS, so order would be "6 3 2 4 1 5".
6
3
2
4
1
5
W
E
A
R
E
D
I
S
C
O
V
E
R
E
D
F
L
E
E
A
T
O
N
C
E
Q
K
J
E
U
• Cipertext: EVLNE ACDTK ESEAQ ROFOJ DEECU WIREE
Exercise
• Plaintext: I LOVE APPLES AND BANANAS
• the key is MANGO
• If the last row is not fully filled, fill in letters starting from Z and
then going backward of the alphabet.
Exclusive OR (⊕)
• The exclusive OR operation (XOR, symbol ⊕) is a function of Boolean
algebra in which two bits are compared and a binary result is generated
(If the two bits are identical, the result is a binary 0; otherwise, the result
is a binary 1).
• XOR encryption is a very simple symmetric cipher that is used in many
applications where security is not a defined requirement.
• Example: 1101 ⊕ 0011 = ?
ASCII Table
Exclusive OR (⊕)
• Example: CAT
– Plaintext: CAT (01000011 01000001 01010100)
– Key: V (01010110)
– Key is repeated for each character to be encrypted, written from left
to right.
Text value
Binary value
CAT as bits
010000110100000101010100
VVV as key
010101100101011001010110
Cipher
000101010001011100000010
Exercise
• Plaintext: DOG
• Key: M