Lecture 2 Dr.

Alshaimaa Abo-alian
Classical Encryption Techniques [email protected]
Lecture Outline
➢ Symmetric Encryption Model
➢ Substitution Techniques
1. Caesar Cipher
2. Monoalphabetic (Homophonic) Ciphers
3. The Hill Algorithm
4. Polyalphabetic Ciphers
a) Vigenère Cipher
b) Vernam cipher/one-time pad

➢ Transposition Techniques
1. Rail Fence Cipher
2. Row Transposition Cipher

➢ Product Cipher
2
Encryption Algorithms
Encryption algorithms are characterized along 3 dimensions:
• The type of operations used for transforming plaintext to ciphertext
– Substitution – Transposition
– Product systems (multiple stages of substitutions and
transpositions)
• The number of keys used
– Single-key (Symmetric, secret-key, or conventional encryption)
– Two-key (Asymmetric, or public-key encryption)
• The way in which the plaintext is processed
– Block cipher – Stream cipher
3
Symmetric Encryption Model

4
Symmetric Encryption
Terminologies
▪ Plaintext (m): An original message
▪ Ciphertext (c): The coded message
▪ Enciphering/encryption (E): The process of converting
from plaintext to ciphertext.
▪ Deciphering/decryption (D): Restoring the plaintext from
the ciphertext
▪ Secret key (k): is also input to the encryption/decryption
algorithm. The key is a value independent of the
plaintext and of the algorithm.

5
Symmetric Encryption
Scheme
• A symmetric encryption scheme is defined by a
message space M and algorithms (Gen, E, D):
– Gen (key-generation algorithm): outputs kK
– E (encryption algorithm): takes key k and
message mM as input; outputs ciphertext c
c  E (k, m)
– Dec (decryption algorithm): takes key k and
ciphertext c as input; outputs m
m  D (k, c)

➔ D (k, E (k, m)) = m

6
Substitution Techniques
▪ Substitution ciphers are block ciphers in which the symbols of
plaintext are replaced by other symbols.
▪ Examples:
– Caesar Cipher
– Shift cipher
– Monoalphabetic Cipher
– Hill Cipher
– Polyalphabetic Cipher
– Vigenère Cipher
– Vernam Cipher
7
 Substitution Techniques
Caesar Cipher
▪ Simplest and earliest known use of a substitution cipher
▪ Used by Julius Caesar
▪ Involves replacing each letter of the alphabet with the
letter standing three places further down the alphabet
➔ a was replaced with D, b with E, and so on.
▪ Alphabet is wrapped around so that the letter following Z
is A
➔ z was replaced with C
plaintext: meet me after the toga party
ciphertext: PHHW PH DIWHU WKH WRJD SDUWB 8
 Substitution Techniques
Caesar Cipher
Transformation can be defined as:
a b c d e f g h i j k l m n o p q r s t u v w x y z
D E F G H I J K L M N O P Q R S T U V WX Y Z A B C

Mathematically give each letter a number

a b c d e f g h i j k l m n o p q r s t u v w x y z
0 1 2 3 4 5 6 7 8 9 1 1 1 1 1 1 1 1 1 1 2 2 2 2 2 2
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5

Encryption algorithm can be expressed as:

c = Enc(3, p) = (p + 3) mod 26
And the decryption algorithm is p = Dec(3 , C ) = (C − 3 ) mod 26
9
Substitution Techniques
Shift Cipher (Generalized Caesar)
▪ The shift cipher can be viewed as a keyed variant of
Caesar’s cipher.

▪ A shift may be of any amount, so that the encryption

algorithm is:
C = E(k , p ) = (p + k ) mod 26
Where k takes on a value in the range 1 to 25

▪ The decryption algorithm is simply:

p = D(k , C ) = (C − k ) mod 26
10
Substitution Techniques
Shift Cipher
▪ Is the shift cipher secure?
▪ Try to decrypt the following ciphertext that was
generated using the shift cipher and a secret key k:
PHHW PH DIWHU WKH WRJD SDUWB
Is it possible to recover the message without knowing k?

It is trivial. Just try all the 26 possible keys.

11
 Brute-force Attack
of Shift Cipher
This observation is known as the
sufficient key-space principle:

Any secure encryption scheme must

have a key space that is sufficiently
large to make an exhaustive-search
attack infeasible.

12
Substitution Techniques
Monoalphabetic (Homophonic)
Ciphers
▪ In the shift cipher, the key defines a fixed shift.
▪ In the mono-alphabetic substitution cipher, the key also defines
a map on the alphabet, but the map is now arbitrary.
▪ The key space consists of all bijections of the alphabet.
▪ Example:

➢ if 'A' is replaced by 'X', it will always be replaced by 'X' throughout the

entire message.

13
Substitution Techniques
Monoalphabetic (Homophonic)
Ciphers
If the cipher can be any permutation of the 26 alphabetic
characters, then there are 26! or approximately 288 possible
keys
▪ A brute-force attack is infeasible.
▪ However, this does not mean the cipher is secure!

▪ It can be attacked by utilizing statistical properties of the

English language.
➔ Ciphertext reflects the frequency of original plaintext
➔ Letter Frequency Analysis: The frequency distribution
of individual letters in English-language text is known
14
Relative Frequency of Letters in
English Text

15
Cryptanalysis Example
Letter Frequency Analysis
Given ciphertext
uzqsovuohxmopvgpozpevsgzwszopfpesxudbmetsxaizv
uephzhzshzowsfpappdtsvpquzwymxuzuhsxepyepopdzs
zufpombzwpfupzhmdjudtmohmq
Frequency Analysis
Ciphertext length= 120 P 13.33 H 5.83 F 3.33 B 1.67 C 0.00

No. of occurrence of letter P= Z 11.67 D 5.00 W 3.33 G 1.67 K 0.00

16 S 8.33 E 5.00 Q 2.50 Y 1.67 L 0.00

➔ relative freq. of letter P= U 8.33 V 4.17 T 2.50 I 0.83 N 0.00

13.33 O 7.50 X 4.17 A 1.67 J 0.83 R 0.00

M 6.67

16
Cryptanalysis Example
Letter Frequency Analysis
– Determine the frequency of every ciphertext letter and compare
it to the standard table of letter frequencies of English language.
– The frequency distribution will be close to that of the given
language in general
– We can also look at digrams (pairs) or trigram (triples ) of letters
– For example, the letter Q is almost always followed by a U. we
detect frequent short words such as THE, AND, etc.
– Continuing with trial and error, we finally get the following
plaintext
It was disclosed yesterday that several informal
but direct contacts have been made with
political representatives of the Viet Cong in
Moscow 17
Frequency of Common Digrams in
English

18
Playfair Cipher
– Best-known multiple-letter encryption cipher
– Invented by British scientist Sir Charles Wheatstone in 1854
– it encrypts pairs of letters (digrams) instead of single letters.
– It uses a 5×5 matrix of letters based on a keyword.
– Initialization:
o Create 5x5 matrix and write keyword (row by row; ignoring duplicates)
o Fill out remainder with alphabet, not repeating any letters
o Treat I and J as same letter

19
Playfair Cipher
– Preparing Plaintext:
o Split the text into letter pairs (digrams).
o If a pair contains duplicate letters (e.g., "LL"), insert an X between
them (e.g., "LXL").
o If there's an odd number of letters, add X at the end.
– Encryption
o Plaintext in same row: Replace each letter with the next letter to the
right (wrap around if needed)
o Plaintext in same column: Replace each letter with the letter below it
(wrap around if needed)
o Else, replace by letter in same row as it and same column as other
plaintext letter 20
Playfair Cipher - Example
T H A I/J L
– Plaintext: hello
N D B C E
– Keyword: thailand F G K M O
– Initialization ➔ P Q R S U

– Preparing Plaintext: V W X Y Z

HE LX LO
– Encryption:
HE ➔ LD
LX ➔ AZ
LO ➔ EU
✓Ciphertext: LDAZEU 21
Substitution Techniques
The Hill Algorithm
▪ Developed by the mathematician Lester Hill in 1929
▪ Its strength is that it completely hides single-letter frequencies
✓ The use of a larger matrix hides more frequency information
✓ A 3 x 3 Hill cipher hides not only single-letter but also two-
letter frequency information
▪ It takes successive m plaintext letters and substitutes for them m
ciphertext letters.
▪ The substitution is determined by linear equations in which each
character is assigned a numerical value (a=0, b=1, …, z=25)

22
Substitution Techniques
The Hill Algorithm
For m= 3, this can be expressed in terms of row vectors and
matrices
𝑘11 𝑘12 𝑘13 𝑝1
(𝑐1 𝑐2 𝑐3 ) = 𝑘21 𝑘22 𝑘23 × 𝑝2 𝑚𝑜𝑑 26
𝑘31 𝑘32 𝑘33 𝑝3

𝑐1 = (𝑘11 𝑝1 + 𝑘12 𝑝2 + 𝑘13 𝑝3 ) mod 26

𝑐2 = (𝑘21 𝑝2 + 𝑘22 𝑝2 + 𝑘23 𝑝3 ) mod 26
𝑐3 = (𝑘31 𝑝1 + 𝑘32 𝑝2 + 𝑘33 𝑝3 ) mod 26

23
Hill Cipher Example

Encrypt the message “Good Course” using the hill cipher

𝟓 𝟖
matrix with the key K = ( )
𝟏𝟕 𝟑
G O O D C O U R S E
6 14 14 3 2 14 20 17 18 4
6
Applying the transform for the first 2 letters 5 8
mod 26
17 3 14

C1 = 5 ∗ 6 + 8 ∗ 14 𝑚𝑜𝑑 26 = 30 + 112 𝑚𝑜𝑑 26 = 142 𝑚𝑜𝑑 26 = 12 ➔ M

C2 = 17 ∗ 6 + 3 ∗ 14 𝑚𝑜𝑑 26 = 102 + 42 𝑚𝑜𝑑 26 = 144 𝑚𝑜𝑑 26 = 14 ➔ O

24
Hill Cipher Example
Continue with other di-grams

12 14 16 13 18 24 2 1 18 6
M O Q N S Y C B S G
For the plaintext “ Good Course”
The encrypted message is “MOQN SYCBSG”

25
Substitution Techniques
Polyalphabetic Ciphers
▪ The mono-alphabetic substitution cipher can be
statistically attacked because the key defines a fixed
mapping that is applied letter-by-letter to the plaintext.
▪ A Polyalphabetic Cipher uses different monoalphabetic
substitutions as one proceeds through the plaintext message
▪ Examples:
o Vigenère cipher
o Vernam cipher
o One time pad

26
Vigenère Cipher

▪ Best known and one of the simplest polyalphabetic

substitution ciphers
▪ Uses a keyword to encrypt a message. It extends the
Caesar Cipher by applying different shift values based on
the letters of the keyword.
▪ The key is now a string, not just a character
▪ To encrypt, shift each character in the plaintext by the
amount dictated by the next character of the key
— Wrap around in the key as needed

27
Vigenère Cipher

Assume the following:

▪ a sequence of plaintext letters P = p0, p1, …, pn-1
▪ a key consisting of the sequence of letters K = k0, k1,
…, km-1 where m<n .
➔ Then, the sequence of ciphertext letters is
calculated as follows:
Ci = (pi + k i mod m) mod 26
Repeating Key version

28
 Vigenère Cipher- Example
Encrypt the message “we are discovered” using Vigenère Cipher
with the keyword = deceptive
P w e a r e d i s c o v e r e d
PI 22 4 0 17 4 3 8 18 2 14 21 4 17 4 3
K d e c e p t i v e d e c e p t
KI 3 4 2 4 15 19 8 21 4 3 4 2 4 15 19
CI 25 8 2 21 19 22 16 13 6 17 25 6 21 19 22
C Z I C V T W Q N G R Z G V T W

The ciphertext using Vigenère Cipher (Repeating key) will be “ZICVTWQNGRZGVTW”

29
 Vigenère Cipher- Is it secure?

✓ Trying to guess the entire key k would require a brute-force search

through 26m different possibilities, which is infeasible for large m.
However, this scheme is vulnerable to cryptanalysis because:
1. The key and the plaintext share the same frequency distribution of
letters, a statistical technique can be applied.
2. Look for repeated sequences of letters in the ciphertext.
3. Measure the distance between these repetitions to estimate the
keyword length.
4. Once the key length m is determined, the ciphertext can be split
into multiple Caesar ciphers and a frequency analysis can be
done on each group.
30
Vernam Cipher

▪ The Vigenère cipher can be shown to be secure if

the key is as long as the plaintext and has no
statistical relationship to it.
▪ Such a system was introduced by an AT&T engineer
named Gilbert Vernam in 1918.
▪ Vernam Cipher is a stream cipher (data is
encrypted one symbol at a time)
▪ It works on binary data (bits) rather than letters.

31
 Vernam Cipher

▪ Vernam cipher is defined on the alphabet A = {0, 1}.

▪ A binary message p =p1p2 · · ·pt is operated on by a binary
key string k= k1k2 · · · kt of the same length to produce a
ciphertext string c=c1c2 · · · ct where ci = pi ⊕ ki

32
 One-Time Pad

▪ If the key string is randomly chosen and never used again,

the Vernam cipher is called one-time pad (OTP).
▪ Is it breakable?
This scheme is unbreakable because:
✓ It produces random output that has no statistical
relationship to the plaintext
➔ OTP is the only encryption algorithm that is
unconditionally secure.

33
One-Time Pad - Difficulties

The one-time pad offers perfect secrecy but, in practice, has

two main difficulties:
1. There is the practical problem of making large quantities
of random keys
– Any heavily used system might require millions of random
characters on a regular basis

2. Enormous key distribution problem

– the problem of key distribution and protection. For every
message to be sent, a key of equal length is needed by
both sender and receiver
34
 Transposition Techniques

▪ Another class of symmetric-key ciphers is the simple transposition

cipher, which simply permutes (re-arranges) the symbols in a
block.
▪ Examples:
– Rail Fence Cipher.
– Row Transposition Cipher

35
 Rail Fence Cipher

▪ The simplest transposition cipher

▪ Plaintext is written down as a sequence of diagonals and then
read off as a sequence of rows
▪ Example: To encrypt the message “meet me after the toga party”
with a rail fence of depth 2, we would write:
mematrhtgpry
etefeteoaat
So the ciphertext is:
MEMATRHTGPRYETEFETEOAAT

36
 Rail Fence Cipher

▪ Example: To encrypt the message “meet me after the toga party”

with a rail fence of depth 3, we would write:
m m t h g r
e t e f e t e o a a t
e a r t p y

So the ciphertext is:

MMTHGR ETEFETEOAAT EARTPY

37
 Row Transposition Cipher
▪ Write the message in a rectangle, row by row, and read the
message off, column by column, but permute the order of the
columns
–The order of the columns then becomes the key to the algorithm
– Example: To encrypt the message “attack postponed until two
am” with key = 4312567.

38
 Transposition Techniques
Are They Secure?

▪ A pure transposition cipher can easily be cryptanalyzed because

it has the same letter frequencies as the original plaintext.

▪ The transposition cipher can be made significantly more secure

by performing more than one stage of transposition

39
 Product Cipher

▪ Simple substitution and transposition ciphers individually do not

provide a very high level of security because of language
characteristics
▪ However, by combining these transformations, it is possible to
obtain strong ciphers.
➢ Two substitutions make a more complex substitution
➢ Two transpositions make more complex transposition
➢ But a substitution followed by a transposition makes a new
much harder cipher

➔ This is bridge from classical to modern ciphers

40
 Product Cipher
Example

▪ Let P, C, K be the set of all binary strings of length 6 .

▪ Let Plaintext P = (p1p2 · · ·p6) and the cipher is defined by:
C1= E1 (k, p) = p ⊕ k
C = E2(C1) = (p4 p5 p6 p1 p2 p3)

➔This is a product cipher that consists of a substitution cipher

(XOR) followed by a transposition cipher.

➔Generally, the composition of a substitution and a transposition

be called a round.
41
 Product Cipher
Confusion & Diffusion Concept

▪ Introduced by Claude Shannon to capture the two basic

building blocks (substitution & transposition) for any
cryptographic system
▪ Shannon’s concern was to prevent cryptanalysis based on
statistical analysis
▪ Confusion is intended to make the relationship between the
key and ciphertext as complex as possible.
▪ Diffusion refers to rearranging or spreading out the bits in
the message so that any redundancy in the plaintext is spread
out over the ciphertext.

42
 PRODUCT CIPHER
Confusion & Diffusion Concept

▪ A modern block cipher system should be a product cipher

apply a number of rounds in succession to encrypt plaintext.
▪ Each round is composed of a substitution & a transposition
▪ A substitution in a round is said to add confusion to the
encryption process whereas a transposition is said to add
diffusion.

➔ it is intended to make the statistical relationship between

the plaintext and ciphertext as complex as possible

43
Thank you

45