Cryptography ‫التشفير او التعمية‬

The messages to be encrypted, known as the plaintext, are transformed by a function that is
parameterized by a key. The output of the encryption process, known as the ciphertext, is then
transmitted, by messenger or radio.
Key ‫ مع المفتاح‬Encryption ‫ حيث يتم تحويلها باستخدام دالة التشفير‬،Paintext ‫الرسالة المراد تشفيرها تسمى النص االصلي‬
.‫ ويتم ارسال النص المشفر من المرسل الى الهدف‬Ciphertext ‫الى النص المشفر‬
The enemy, or intruder, hears and copies down the complete ciphertext. Unlike the intended
recipient, he does not know what the decryption key is and so cannot decrypt the ciphertext easily.
The passive intruder can only listen to the communication channel. The active intruder can record
messages and play them back later, inject his own messages, or modify legitimate messages before
they get to the receiver.
،‫ لهذا فان المتطفل السلبي يستمع فقط لقناة االتصال‬.‫الخصم او المتطفل يستمع وينسخ النص المشفر ولكنه ال يستطيع فتحه بسهولة النه ال يملك المفتاح‬
.‫ يسجل الرسائل ويعيد ارسالها الى المستلم‬، ‫ يعدل في الرسائل‬،‫اما المتطفل االيجابي يرسل رسائل جديدة‬

The art of breaking ciphers, called cryptanalysis, and the art devising them is known as cryptology
Cryptology ‫ ومبادئ الحماية يسمى‬Cryptanalysis ‫مبادئ كسر التشفير يسمى‬
We will use C = EK(P) to mean that the encryption of the plaintext P using key K gives the
ciphertext C. Similarly, P = DK(C) represents the decryption of C to get the plaintext again. It then
follows that DK(EK(P)) = P
Both E and D are mathematical functions of two parameters, and we have written one of the
parameters (the key) as a subscript, rather than as an argument, to distinguish it from the message.
A fundamental rule of cryptography is that one must assume that the cryptanalyst knows the
methods used for encryption and decryption. In other words, the cryptanalyst knows how the
encryption method, E, and decryption, D. The amount of effort necessary to invent, test, and install
a new algorithm every time the old method is compromised has always made it impractical to keep
the encryption algorithm secret. Thinking it is secret when it is not does more harm than good.
The idea that the cryptanalyst knows the algorithms and that the secrecy lies exclusively in the keys
is called Kerckhoff's principle.
‫ بكلمة‬.‫للتشفير ولفتح التشفير‬
ِ ‫رف الطرقَ المستعملة‬ ّ ‫فترض‬
ُ ‫ يَ ْع‬cryptanalyst ‫بأن‬ َ َ‫بأن الواحد يَ ِجبُ أ َ ْن ي‬
ّ ِ‫القاعدة أساسية في الكتابة المشفَّرة‬
‫ وتنصيب خوارزمية جديدة ُك َّل‬،‫ واختبار‬،‫ ان ال ُجه ِد الضروري إلختِراع‬. D ‫ وفتح التشفير‬،E ‫التشفير‬ َ ‫ طريقة‬cryptanalyst ‫رف‬ ُ ‫ يَ ْع‬،‫أخرى‬
‫ الخوارزميات وان‬cryptanalyst ‫رف‬ ً
ُ ‫ الفكرة التي يَ ْع‬.‫التشفير غير عملي دائما‬
َ ْ
‫َم َّرةٍ يتم اختراق الطريقة القديمة َجعلت ِكتمان خوارزمي ِة‬
.Kerckhoff َ ‫السريةَ تكمن بشكل خاص في المفاتيحِ تُدْ َعى مبدأ‬

Kerckhoff's principle: All algorithms must be public; only the keys are secret
‫ فقط مفاتيح التشفير تكون سرية‬،‫ كل خوارزميات التشفير يجب ان تكون عامة‬:‫مبدأ كيركوف‬
Substitution Ciphers ‫خوارزمية االستبدال‬
In a substitution cipher each letter or group of letters is replaced by another letter or group of
letters to disguise it. ‫كل حرف او مجموعة من الحروف تستبدل بحرف او مجموعة من الحروف الخفائها‬
One of the oldest known ciphers is the Caesar cipher, attributed to Julius Caesar. In this method, a
becomes D, b becomes E, c becomes F, ... , and z becomes C. For example, attack becomes
DWWDFN, where plaintext will be given in lower case letters, and ciphertext in upper case letters.
‫ وهكدا‬E ‫ بحرف‬b ‫ وحرف‬،D ‫ بحرف‬a ‫ الى الحرف االصلي فيستبدل حرف‬3 ‫وفي خوارزمية قيصر يتم استبدال الحرف بزيادة‬
DWWDFN ‫ الى‬attack ‫حيث تصبح الكلمة‬
A generalization of the Caesar cipher allows the ciphertext alphabet to be shifted by k letters,
instead of 3. In this case k becomes a key to the general method of circularly shifted alphabets.
‫ في‬.‫ احرف‬3 ‫ بدالً ِم ْن‬،‫ احرف‬k ‫ لكي يتم ازاحتها بعدد‬ciphertext ‫ َيسْم ُح ألبجدي ِة‬Caesar cipher ‫القيصر‬
َ ‫ان تعميم خوارزمية‬
.‫ يُصب ُح مفتاح الطريق ِة العا ّم ِة الزاحة األبجدياتَ بشكل دائري‬k ‫هذه الحال ِة‬
Monoalphabetic substitution ‫استبدال احادي االبجدية‬
The next improvement is to have each of the symbols in the plaintext, (the 26 letters for simplicity),
map onto some other letter. ‫يتم استبدال كل حرف في النص االصلي بحرف اخر بشكل عشوائي كما في المثال ادناه‬
plaintext: a b c d e f g h i j k l m n o p q r s t u v w x y z
ciphertext: Q W E R T Y U I O P A S D F G H J K L Z X C V B N M
َ‫ حرف يُقاب ُل األبجدية‬26 ِ‫ حيث يكون المفتاح‬، a monoalphabetic substitution ‫الرمز يُ ْد َعى‬
ِ ‫للرمز بدل‬
ِ ‫النظام العا َّم‬
َ ّ
‫إن‬
.ciphertext= QZZQEA ‫ُتحو ُل إلى‬
ّ ‫سي‬ َ plaintext =attack ‫ فان‬،‫ ووفقا للمفتاحِ اعاله‬.َ‫الكاملة‬
The general system of symbol-for-symbol substitution is called a monoalphabetic substitution, with
the key being the 26-letter string corresponding to the full alphabet. For the key above, the plaintext
attack would be transformed into the ciphertext QZZQEA.

The basic attack takes advantage of the statistical properties of natural languages. In English, for
example, e is the most common letter, followed by t, o, a, n, i, etc. The most common two-letter
combinations, or digrams, are th, in, er, re, and an. The most common three-letter combinations, or
trigrams, are the, ing, and, and ion.

.‫هناك هجوم يعتمد على الخصائص االحصائية للغات الطبيعية حيث يعتمد على مدى تكرار بعض الحروف في الكلمات‬
Transposition Ciphers ‫خوارزمية التنقيل‬
Transposition ciphers reorder the letters but do not disguise them. Figure 8-3 shows a common
transposition cipher, the columnar transposition. The cipher is keyed by a word or phrase not
containing any repeated letters. In this example, MEGABUCK is the key.
‫تقوم خوا رزمية التنقيل على اعادة ترتيب الحروف في النص المشفر بدون اخفائها حيث يتكون مفتاح التشفير من كلمة او عبارة ال‬
‫ يتم كتابة النص االصلي افقيا في‬.‫ ويستخدم المفتاح لترقيم االعمدة في المصفوفة بشكل تصاعدي‬.‫تحتوي على احرف مكررة‬
.‫الصفوف لتعبئة المصفوفة ويتم الحصول على النص المشفر بقراءة االعمدة بشكل تصاعدي حسب ارقامها‬
The purpose of the key is to number the columns, column 1 being under the key letter closest to the
start of the alphabet, and so on. The plaintext is written horizontally, in rows, padded to fill the
matrix if need be. The ciphertext is read out by columns, starting with the column whose key letter
is the lowest.

One-Time Pads ‫الحشوة لمرة واحدة‬

First choose a random bit string as the key. Then convert the plaintext into a bit string, for example
by using its ASCII representation. Finally, compute the XOR (eXclusive OR) of these two strings,
bit by bit. The resulting ciphertext cannot be broken, because in a sufficiently large sample of
ciphertext, each letter will occur equally often, as will every digram, every trigram, and so on. This
method, known as the one-time pad, is immune to all present and future attacks no matter how
much computational power the intruder has.
‫ وبعد ذلك‬.ASCII code ‫ الى تدفق بت باستخدام‬plaintext ‫ ثم يتم تحويل‬،‫في البداية يتم اختيار تدفق بت عشوائي كمفتاح تشفير‬
‫ يعتبر هذه الخوارزمية منيعة ضد الهجمات التي يعتمد على الخصائص االحصائية للغات‬.‫ لهذين التدفقين بت مع بت‬XOR ‫يحسب‬
.‫الطبيعية‬
First, message 1, ''I l.'' is converted to 7-bit ASCII. Then a one-time pad, pad 1(key), is chosen and
XORed with the message to get the ciphertext.

Message : 1001001 0100000 ‫الرسالة‬

XOR Pad (Key): 1010010 1001011 ‫المفتاح‬

Ciphertext: 0011011 1101011 ‫النص المشفر‬

Symmetric-Key Algorithms
Modern cryptography uses the same basic ideas as traditional cryptography (transposition and
substitution) but its emphasis is different. The object is to make the encryption algorithm complex
that even if the cryptanalyst acquires vast mounds of enciphered text of his own choosing, he will
not be able to make any sense of it at all without the key.
The first class of encryption algorithms we will study called symmetric-key algorithms because
they used the same key for encryption and decryption. Fig. 8-2 illustrates the use of a symmetric-
key algorithm.
Block ciphers take an n-bit block of plaintext as input and transform it using the key into n-bit
block of ciphertext. Cryptographic algorithms can be implemented in either hardware (for speed) or
in software (for flexibility).

‫للتشفير ولفتح‬
ِ ‫المفتاح‬
ِ ‫ت المتماثل ِة ألناو المتناظرة حيث يتم إستعمال نفس‬ ِ ‫سها تس ّمى الخوارزميا‬
ُ ‫س َندْر‬
َ ‫تشفير التي‬
ِ ِ ‫اِ ْن خوارزميا‬
‫ت ال‬
.2-8 ‫التشفير كما هو موضح في الشكل‬
.n bit ‫ مكون من‬ciphertext.‫حولُها باستخدام المفتا َح إلى‬ ّ ُ ‫ وت‬n bit ‫ مكونة من‬plaintext ‫ كتلة‬Block cipher ُ‫ت َأْخذ‬
.)‫ (للسرع ِة) أَو باستخدام البرامجِ (للمرون ِة‬hardware ‫الخوارزميات المشفّرة ي ُْم ِكنُ أَ ْن تُطبّقَ في باستخدام‬

Simplified Data Encryption Standard (S-DES) Overview ‫معيار تشفير البيانات المبسط‬
Figure G.1 illustrates the overall structure of the simplified DES,(S-DES). The S-DES encryption
algorithm takes an 8-bit block of plaintext (example: 10111101) and a 10-bit key as input and
produces an 8-bit block of ciphertext as output. The S-DES decryption algorithm takes an 8-bit
block of ciphertext and the same 10-bit key used to produce that ciphertext as input and produces
the original 8-bit block of plaintext.
plaintext َ‫ كتلة‬S-DES encryption ‫ حيث تاخد الخوارزمية‬،‫ ال ُم َبسَّط‬S-DES ‫التركيب العا َّم لخوارزمية‬ َ G.1 ‫يوضح الشكل‬
‫ كما تاخد‬.‫ كمخرج‬8 bit ‫ مكونة من‬ciphertext َ‫ كمدخالت وتُنت ُج كتلة‬10 bit ‫) ومفتاح‬10111101 :‫ (مثال‬8 bit ‫مكونة من‬
‫ كمدخالت‬10 bit ‫) ونفس مفتاح‬10111101 :‫ (مثال‬8 bit ‫ مكونة من‬ciphertext َ‫ كتلة‬S-DES Decryption ‫الخوارزمية‬
.‫ كمخرج‬8 bit ‫ االصلية مكونة من‬plaintext َ‫وتُنت ُج كتلة‬
‫ التي تتض ّمنُ كلتا عمليات‬،fK ‫)؛ دالة معقّدة تسمى‬IP( )‫ تبديل أولي للمواقع (تقليب‬:‫وظائف‬ َ ‫التشفير خمس‬
َ ُ‫ت َتض ّمنُ خوارزمية‬
fK ‫ت اليمين واليسار؛ الوظيفة‬ ِ ‫) نصفان البيانا‬SW( ‫ب بسيط ِة التي تبدل‬ ِ ‫والتقليب وت َعتمدُ على مفتاح كمدخل ؛ و وظيفة تقلي‬ َ ‫التبدي َل‬
.ِ ‫ب األولي‬
ِ ‫ب التي هي عكس التقلي‬ ِ ‫ثانيةً؛ وأخيرا ً وظيفة تقلي‬
ّ .G. 1 ‫) كما هو موضح في الشكل‬subkeys ‫ (إثنان‬8 bit ‫ الذي يتم منه انشاء مفتاحين فرعيين من‬10 bit ‫مفتاح‬
‫إن المفتا َح‬
‫ب الذي‬ ِ ‫التغيير واالزاحة يَ ْمر من خال ِل وظيفة تقلي‬
َ ‫ ناتج عملي ِة‬.‫تغيير وازاحة الى اليسار‬ ِ ‫ ث ّم عملية‬.)P10( ‫ض ُع أوالً إلى تقليب‬ َ ‫يُخ‬
‫اآلخر والحال ِة‬
ِ ‫التغيير‬
ِ ‫التغيير واالزاحة أيضا ً إلى‬
َ ‫ كما َيغذّي نات ُج عملي ِة‬.)K1( ‫) للمفتاحِ الثانوي ِ األو ِل‬P8( 8 bit ‫يُنت ُج نات َج‬
.)K2( ِ ‫ إل ْنتاج المفتاحِ الثانوي ِ الثاني‬P8 ‫األخرى‬
The encryption algorithm involves five functions: an initial permutation (IP); a complex function
labeled fK, which involves both permutation and substitution operations and depends on a key input;
a simple permutation function that switches (SW) the two halves of the data; the function f K again;
and finally a permutation function that is the inverse of the initial permutation
A 10-bit key from which two 8-bit subkeys are generated, as shown in Figure G.1. The key is first
subjected to a permutation (P10). Then a shift operation is performed. The output of the shift
operation passes through a permutation function that produces an 8-bit output (P8) for the first
subkey (K1). The output of the shift operation also feeds into another shift and another instance of
P8 to produce the second subkey (K2).
Key generation of S-DES

STREAM CIPHERS AND RC4

A block cipher processes the input one block of elements at a time, producing an output block for
each input block. A stream cipher processes the input elements continuously, producing output one
element at a time, as it goes along.
stream cipher ‫ يُعال ُج‬.‫ و يُنت ُج كتلةَ كمخرج ل ُك ّل كتلة مدخلة‬،‫العناصر في وقت‬
ِ ‫ مدخل واحد ِم ْن كتل ِة‬Block Cipher ‫يُعال ُج‬
.‫ يُنت ُج ناتجا ً او مخرجا عنصرواحد ك ّل مرة‬،‫عناصر المدخلة بشكل مستمر‬
َ
Stream Cipher Structure ‫تركيب خوارزمية التدفق‬
A stream cipher encrypts plaintext 1 byte at a time, although a stream cipher may be designed to
operate on 1 bit at a time or on units larger than a byte at a time. Figure is a representative diagram
of stream cipher structure. In this structure a key is input to a pseudorandom bit generator that
produces a stream of 8-bit numbers that are random. A pseudorandom stream is one that is
unpredictable without knowledge of the input key and that has a random character. The output of
the generator, called a keystream , is combined 1 byte at a time with the plaintext stream using the
bitwise exclusive-OR (XOR) operation.
Stream ‫ب‬ ِ ‫ يوضح الشكل تخطيط تمثيلي لتركي‬.‫ في وقت‬1 bit ‫ واحد بايت او‬plaintext ‫ يُشفّ ُر‬Stream Cipher ‫خوارزمية‬
‫ أي جدول‬.‫ العشوائية‬8 bit ‫ الذي يُنت ُج جدول ِم ْن أعدا ِد‬a pseudorandom bit ‫ب يُد َخ ُل مفتاح إلى مولد‬
ِ ‫ في هذا التركي‬.Cipher
ّ
،keystream ‫ يس ّمى‬،ِ‫المولد‬ ّ .‫عشوائي‬
‫إن نات َج‬ ُ ‫ ال يمكن التنبوء به بدون معرف ِة مفتاحِ االدخال والذي هو حرف‬pseudorandom
. bitwise XOR ‫ باستخدام عملية‬plaintext ‫يُ ْد َم ُج بايتَ واحد في وقت بجدو ِل‬

For example, if the next byte generated by the generator is 01101100 and the next plaintext byte is
11001100, then the resulting ciphertext byte is

The RC4 Algorithm

RC4 is a stream cipher designed by Ron Rivest for RSA Security. It is a variable-key-size stream
cipher with byte-oriented operations. The algorithm is based on the use of a random permutation.
A variable-length key of from 1 to 256 bytes (8 to 2048 bits) is used to initialize a 256-byte
state vector S , with elements S [0], S [1], . . . , S [255]. At all times, S contains a permutation
of all 8-bit numbers from 0 through 255. For encryption and decryption, a byte k (see Figure 2.3b )
is generated from S by selecting one of the 255 entries in a systematic fashion. As each value of k is
generated, the entries in S are once again permuted.
‫ دو مفتاح‬a stream cipher ‫ انه‬.RSA ‫ألمن شركة‬ ِ Rivest ‫ ص ّم َمت ِمن قِبل رون‬RC4 is a stream cipher ‫ان خوارزمية‬
‫ يتم استخدام مفتاح بطو ِل متغي ِّر‬.‫إن الخوارزميةَ مستندة على إستعما ِل تقليب عشوائي‬ ّ . َ‫ت على اساس البايت‬
ِ ‫متغي ِّر الحجم وبعمليا‬
. .، S]1[ ،S]0[ ‫بالعناصر‬ ِ 256 byte state vector S ‫) يُست َعم ُل العداد متجه الحالة‬bit 2048 ‫ إلى‬8( ‫ت‬ ِ ‫ باي‬256 ‫ إلى‬1 ‫ِم ْن‬
ُ‫ يُ َو َّلد‬، ‫للتشفير وفتح التشفير‬
ِ .255 ‫ َحتَّى نهاية‬0‫ من الـ‬8 bit ‫ على تقليب ُك ّل أعداد‬S ‫ َيحتوي‬،‫ في جميع األوقات‬. S]255[ ، .
.‫ مرة ً أخرى‬S ‫ يتم تبديل المداخل في‬،ُ‫ ُم َو َّلدة‬k ‫ ك ُك ّل قيمة‬.‫ بشكل متناسق‬255‫بإختياَر أحد المداخ ِل الـ‬ْ S ‫ ِم ْن المتجه‬k Byte ‫المفتاح‬
INITIALIZATION OF S ‫اعداد المتجه الحالة‬
To begin, the entries of S are set equal to the values from 0 through 255 in ascending order; that is,
S [0] = 0, S [1] = 1, . . . , S [255] = 255.‫ في الترتيب الصاعدِ؛‬255 ‫ َحتَّى نهاية‬0‫ان مداخل المتجه تاخد ال ِق َي ِم من الـ‬
A temporary vector, T, is created. If the length of the key K is 256 bytes, then K is transferred to T.
For a key of length keylen bytes, the first keylen elements of T are copied from K and then K is
repeated as many times as necessary to fill out T. These preliminary operations are summarized as:

/* Initialization */
for i = 0 to 255 do
S[i] = i;
T[i] = K[i mod keylen];
Next we use T to produce the initial permutation of S. This involves starting with S[0] and going
through to S[255], and, for each S [i], swapping S [i] with another byte in S according to a scheme
dictated by T[i]:
/* Initial Permutation of S */
j = 0;
for i = 0 to 255 do
j = (j + S[i] + T[i]) mod 256;
Swap (S[i], S[j]);
Because the only operation on S is a swap, the only effect is a permutation. S still contains all the
numbers from 0 through 255.
STREAM GENERATION
Once the S vector is initialized, the input key is no longer used. Stream generation involves cycling
through all the elements of S [i], and, for each S [i], swapping S [i] with another byte in S according
to a scheme dictated by the current configuration of S. After S[255] is reached, the process
continues, starting over again at S[0]:
/* Stream Generation */
i, j = 0;
while (true)
i = (i + 1) mod 256;
j = (j + S[i]) mod 256;
Swap (S[i], S[j]);
t = (S[i] + S[j]) mod 256;
k = S[t];
To encrypt, XOR the value k with the next byte of plaintext. To decrypt, XOR the value k with the
next byte of ciphertext.