Ch3-SecretKeyCryptography

See discussions, stats, and author profiles for this publication at: https://www.researchgate.
net/publication/371641373
Cryptography and Network Security Course Lessons
Presentation · February 2019
CITATIONS READS
0 1,134
1 author:
Asmelash Girmay
Mekelle University
6 PUBLICATIONS 1 CITATION
SEE PROFILE
All content following this page was uploaded by Asmelash Girmay on 19 June 2023.
The user has requested enhancement of the downloaded file.

IT4201 Cryptography and Network Security
Chapter 3 – Secret Key Cryptography
Review on Cryptography
Cryptography has three-dimensions
1) Number of keys used
• Single key: symmetric/conventional/secret-key cryptography
• Two keys: asymmetric/public-key cryptography
• Zero key: hashing function
2) The way a plaintext to ciphertext conversion process
• Stream cipher
• Block cipher
3) Types of operations used for encryption – all encryption algorithms are based on:
• Substitution cipher: mono-alphabetic and poly-alphabetic
• Transposition cipher
Secret-key Cryptography
A secret key cryptography is commonly called conventional or symmetric cryptography. This type of
cryptography uses a shared secret key, by which a key is shared between the communicating parties. There
are two types of encipher processes, namely the stream ciphers and block ciphers. Conventional stream
ciphers such as Caesar, Shift, simple substitution, Playfair, Vigenere, and Hill. Conventional block ciphers
are those of modern ciphers such as S-DES, DES, AES, etc.
Figure 1 Cipher process in Secret Key Cryptography
In addition to this, conventional cryptography algorithms operate in a substitution and transposition way.
Each of them will be discussed here below. In substitution conventional cryptography a plain letter is
substituted with a corresponding cipher letter. Whereas, in transposition conventional cryptography, a
ciphertext correspond of a given plaintext is generated by transposing, say, column wise or other way.
Substitution Cipher
A substitution cipher in which for a given key, each plaintext letter is substituted by one or more another
letter to create a ciphertext letter. For example, ‘A’ can be replaced with ‘F’ in throughout the encryption
process for monoalphabetic substitution, or changes with occurrence position for polyalphabetic
substitution. All in all, a plaintext letter is replaced with another letter that may or may not exist in the
plaintext arrangement. Example ciphers are one-time pad, Hill cipher, Vigenere Cipher, Beaufort Cipher,
Shift Cipher, etc.
1|Page Asmelash Girmay

Department of Information Technology
Mono-alphabetic and Poly-alphabetic Substitution Cipher

Mono-alphabetic cipher is a substitution cipher in which for a given key, the cipher letter for each plain
letter is fixed throughout the encryption process. For example, if ‘A’ is encrypted as ‘D’, for any number of
occurrences in that plaintext, ‘A’ will always get encrypted to ‘D’. Algorithms such as Caesar cipher, shift
cipher, simple substitution cipher are examples of mono-alphabetic cipher.
Poly-alphabetic cipher is a substitution cipher in which the cipher letter for the plain letter may be different
at different places during the encryption process. For example, if ‘A’ is encrypted as ‘D’ in the first
occurrence, ‘A’ in the nth occurrence, where n>1 may not be encrypted as ‘D’. Algorithms such as Playfair
and Vigenere Cipher are poly-alphabetic ciphers.
Application of Secret Key Cryptography

Security uses of secret key cryptography is used in the following areas:
A. Transmitting confidential information over an insecure channel
B. Secure storage on insecure media
C. Authentication, and
D. Integrity check
A. Transmitting Confidential Information Over an Insecure Channel
How to prevent eavesdropping when transmitting information? A telephone can be tapped, a letter can
be intercepted, and a message transmitted on a LAN can be received by unauthorized stations. It is good
idea to prevent it using secrete key cryptography with shared secrete key between the communicating
parties. The sender encrypts the message and the receiver decrypts it with the secrete key. Thus, the
eavesdropper will only see the unintelligible data.
B. Secure Storage on Insecure Media
To store secure data in any place, encrypt the data with secrete key is good idea. However, forgetting the
key makes the data irrevocable lost.
C. Authentication
Assume two people want to communicate and shared pass phrase (key), however, someone eavesdrop
them and gain information useful for replying and later impersonating. How to prevent this kind of attack?
As a solution, the communicating parties shall authenticate each other. By authentication, we mean, to
prove knowledge of a secret without revealing it, which can be achieved using cryptography. The question
here is: how can authentication works?
Here is how:
• Suppose Alice and Bob share a key KAB and they want to verify they are speaking each other.
• They each pick a random number, which is also known as a challenge number, let Alice picks rA
and Bob picks rB.
• The value x with the encrypted KAB is known as the response to the challenge X. See figure 2 for
more information.
• Is the problem solved? Not yet. We will discuss it in detail in next lessons.

Figure 2 Mutual Authentication
D. Integrity Check
This is done by generating a fixed-length cryptographic checksum of the message to be sent. It is used to
protect accidental corruption of messages. Checksum works by breaking a message into fixed-length
blocks (for instance, 32-bit words) and adding them up.
• The sum is sent along with the message.
• The receiver repeats the operation and check with the sent checksum.
• If equal, integrity checked, otherwise message rejected.
However, cryptographic checksum unlike other checksums like CRC (Cyclic Redundancy Check) needs an
algorithm and secrete key. Given an algorithm and a key, the message produces fixed-length MAC
(Message Authentication Code). MAC sometimes called MIC (Message Integrity Code). MAC is popular,
whereas MIC is standard naming. A typical MAC is at least 48 bits long.
1. Caesar Cipher
The Caesar cipher, also known as a shift cipher, is one of the oldest and simplest cryptographic algorithms
for encryption and decryption of a message. It is a type of substitution cipher where each letter in the
original message (plaintext) is replaced with a third letter down in the alphabet. Here, the key is 3. Thus,
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
D E F G H I J K L M N O P Q R S T U V W X Y Z A B C
Table 1 Caesar cipher encryption/decryption shift of characters
Mathematically,
Let C be a cipher letter equivalence number, P be a plain letter equivalence number, and K be a key, i.e, 3.
As seen in table1, equivalent number for letter ‘T’ is 19. Using the key, 19+3 = 22. As 22 is number
equivalence of letter ‘W’, we can say that ‘T’ is encrypted as ‘W’. Thus, table1 is populated based on the
following general mathematical formula:
C = (P + K) mod 26
P = (C – K) mod 26
Encryption example: use table1 to encrypt the following plaintext.
• Plaintext: “I am a third year student”
• Ciphertext: “l dp d wklug bhdu vwxghqw”

2. Shift Cipher
In shift cipher, a random key between 0 and 25 is used. As a result, a plaintext letter is shifted around the
alphabet with the key. Thus, a Caesar cipher is a typical example of shift cipher with key = 3.
The Cipher Process
Encipher/encryption process
Input: plaintext
1) Convert a letter into its corresponding equivalence number, where A = 0, B = 1, …, Z = 25.
2) Calculate C = (P + K) mod 26, where K = key, C = cipher number, and P = plain number
3) Convert the number C into its corresponding equivalence letter 0 into A, 1 into B, ...
4) Repeat steps 1 – 3 for all letters in the plaintext.
Output: ciphertext
Decipher/decryption process
Input: ciphertext
1) Convert a letter into its corresponding equivalence number, where A = 0, B = 1, …, Z = 25.
2) Calculate P = (C - K) mod 26, where K = key, C = cipher number, and P = plain number
3) Convert the number P into its corresponding equivalence letter 0 into A, 1 into B, ...
4) Repeat steps 1 – 3 for all letters in the ciphertext.
Output: plaintext
Example: Assume, you agree with your friend to communicate securely using Shift cipher and key = 19.
Encipher the sentence “I need your help as soon as possible”. Use the above encryption process and send
the ciphertext to your friend.
• Plaintext: “I need your help as soon as possible”
• Formula: for each letter, C = (P + 19) mod 26
• Ciphertext: “b gxxw rhnk axei tl lhhg tl ihllbuex”
3. Simple Substitution Cipher

This type of cipher is a special type of mono-alphabetic substitution cipher that every plaintext letter is
substituted with jumbled letters. A key, here, is a jumbled set of letters. Example of key formation:
Plain A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
Cipher T L E N J Q R Z P A C S V B X U W D K G F Y H O I M
Table 2 sample substitute key of ABC...Z
The Cipher Process

Using table 2 above, for each plaintext letter, find its corresponding ciphertext letter in the second row.
Example: Plaintext: “I am at MIT”
Ciphertext: “P tv tg VPG”

4. Playfair Cipher
In this scheme, pairs of letters are encrypted, instead of single letters as in the cases of the 1-3 ciphers.
In playfair cipher, initially a key table is created. The key table is a 5×5 grid of letters that acts as the key
for encrypting the plaintext. Each of the 25 letters must be unique and one letter of the alphabet (usually
J) is omitted from the table as we need only 25 letters instead of 26. If the plaintext contains J, then it is
replaced by I.
The sender and the receiver decide on a key, say “plants”. In a key table, the first letter (going left to right)
in the table is the phrase, excluding the duplicate letters. The rest of the table will be filled with the
remaining letters of the alphabet, in natural order. The key table for key = “plants” works out to be −
P L A N T
S B C D E
F G H I/J K
M O Q R U
V W X Y Z
Table 3 Playfair key table for key="plants"
The Cipher Process

1. First, a plaintext message is split into pairs of two letters (digraphs). If there is an odd number of
letters, a ‘Z’ is added to the last letter. For example, to encrypt the message “come along”, it will
be written as − CO ME AL ON GZ
2. The rules of encryption are

a) If both the letters are in the same column, take the letter below each one (going back to the
top if at the bottom). E.g., KZ is encrypted as UT.
b) If both letters are in the same row, take the letter to the right of each one (going back to the
left if at the farthest right). E.g., AL is encrypted as NA.
c) If neither of the preceding two rules are true, form a rectangle with the two letters and take
the letters on the horizontal opposite corner of the rectangle. E.g., CO is encrypted as BQ
Using these rules, the result of the encryption of “come along” with the key of “plants” would be − BQ US
NA KW
Decrypting the Playfair cipher is as simple as doing the same process in reverse. Receiver has the same key
and can create the same key table, and then decrypt any messages made using that key.

5. Vigenere Cipher
This scheme of cipher uses a text string (or a word) as a key, which is then used for doing a number of
shifts on the plaintext. It is a poly-alphabetic cipher. For example, let’s assume the key is “word” Each
alphabet of the key is converted to its respective numeric value: In this case,
w → 22, o → 14, r → 17, and d → 3. Thus, the key is: 22 14 17 3.
The Cipher Process
1. The sender and the receiver decide on a key, say “word” is the key. Numeric representation of this
key is “22 14 17 3”.
2. The sender wants to encrypt the message, say “Meet me at MIT”. He will arrange plaintext and
numeric key as follows
Plaintext E E T M E A T M I T
Key 14 17 3 22 14 17 3 22 14 17
3. He now shifts each plaintext alphabet by the number written below it to create ciphertext as
shown below, use C = (P + K) mod 26.
Plaintext M E E T M E A T M I T
Key 22 14 17 3 22 14 17 3 22 14 17
Ciphertext I S V W I S R W I W K
4. Here, each plaintext character has been shifted by a different amount – and that amount is
determined by the key. The key must be less than or equal to the size of the message.
5. For decryption, the receiver uses the same key and shifts received ciphertext in reverse order to
obtain the plaintext. Use P = ((26 – K) + C) mod 26.
Ciphertext I S V W I S R W I W K
Key 22 14 17 3 22 14 17 3 22 14 17
Plaintext M E E T M E A T M I T
Generally, a plaintext letter, say ‘A’ can be encrypted with any key ‘A’ to ‘Z’. Here, ‘A’ is encrypted into ‘A’
if key = ‘A’, into ‘B’ if key = ‘B’, into ‘C’ if key = ‘C’, and so on. The same trend works for ‘B’ to ‘Z’. As a
result, a matrix of 26 X 26, aka Vigenere table (see table 4), is prepared for Vigenere encryption and
decryption process.
To encrypt a plaintext using the Vigenere table (see table 4), map a plain letter in column wise and key
letter row wise. Thus, the intersection would be taken as cipher letter.
Example: Encrypt a plaintext, “I put you the key under the table” with a key = “campus”.
Plain I p u t y o u t h e k e y u n d e r t h e t a b l e
Key c a m p u s c a m p u s c a m p u s c a m p u s c a
Cipher K p g i s g w t t t e w a u z s y j v h q i u t n e
Thus, the ciphertext is “KPGISGWTTTEWAUZSYJVHQIUTNE”.

A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
A A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
B B C D E F G H I J K L M N O P Q R S T U V W X Y Z A
C C D E F G H I J K L M N O P Q R S T U V W X Y Z A B
D D E F G H I J K L M N O P Q R S T U V W X Y Z A B C
E E F G H I J K L M N O P Q R S T U V W X Y Z A B C D
F F G H I J K L M N O P Q R S T U V W X Y Z A B C D E
G G H I J K L M N O P Q R S T U V W X Y Z A B C D E F
H H I J K L M N O P Q R S T U V W X Y Z A B C D E F G
I I J K L M N O P Q R S T U V W X Y Z A B C D E F G H
J J K L M N O P Q R S T U V W X Y Z A B C D E F G H I
K K L M N O P Q R S T U V W X Y Z A B C D E F G H I J
L L M N O P Q R S T U V W X Y Z A B C D E F G H I J K
J
M M N O P Q R S T U V W X Y Z A B C D E F G H I J K
J L
N N O P Q R S T U V W X Y Z A B C D E F G H I J K
J L M
O O P Q R S T U V W X Y Z A B C D E F G H I J K L M N
P P Q R S T U V W X Y Z A B C D E F G H I J K
J L M N O
Q Q R S T U V W X Y Z A B C D E F G H I J K
J L M N O P
R R S T U V W X Y Z A B C D E F G H I J K
J L M N O P Q
S S T U V W X Y Z A B C D E F G H I J K
J L M N O P Q R
T T U V W X Y Z A B C D E F G H I J K
J L M N O P Q R S
U U V W X Y Z A B C D E F G H I J K
J L M N O P Q R S T
V V W X Y Z A B C D E F G H I J K J L M N O P Q R S T U
W W X Y Z A B C D E F G H I J K J L M N O P Q R S T U V
X X Y Z A B C D E F G H I J K J L M N O P Q R S T U V W
Y Y Z A B C D E F G H I J K J L M N O P Q R S T U V W X
Z Z A B C D E F G H I J K J L M N O P Q R S T U V W X Y
Table
J 4 Vigenere table
6. One-time Pad Cipher

This cipher is a special type Vigenere cipher with the following circumstance:
• The length of key is the same as the length of the plaintext
• The key is a randomly generated string of alphabets
• The key is used only once
7. Hill Cipher
Invented by Lester S. Hill in 1929. Hill cipher is a polygraphed substitution cipher based on linear algebra.
It uses matrix and columnar vector multiplication to mix up the plaintext. To create a cipher, Hill uses a
keyword as key.
The Encryption Process
1. Form a matrix of n by n using the key written from left to right towards the bottom.

2. Arrange the plaintext in numbers of n-sized columnar vector.
3. Convert the plaintext and key letters to their corresponding numeric representations, A = 0, B =
1, …, Z = 25.
4. Multiply the key matrix with each columnar vector of the plaintext
a. Use modular algebra to get output of numbers in [0, 25]
5. Finally, convert the output numbers into their corresponding letters
The Decryption Process
The same process as the encryption process except that the key matrix needs to be inverted. Thus, the
inverse key matrix will be used instead of the original key matrix. Besides, the columnar vector shall be
created for the ciphertext, not for the plaintext. [Ciphertext] = [Key] X [Plaintext]
Example: Use Hill cipher to encrypt the plaintext “show me” with a key = “key”.
𝑘 𝑒 𝑠 𝑜 𝑚 10 4 18 14 12
[ ]X( )( )( ) =[ ] X ( ) ( ) ( ), where A=0, B=1, C=2, …, X=23, Y=24, Z=25.
𝑦 𝑘 ℎ 𝑤 𝑒 24 10 7 22 4
10 4 18 10 ∗ 18 + 4 ∗ 7 208 0
SH => [ ]X( )=( )=( ) % 26 = ( ) = AI
24 10 7 24 ∗ 18 + 10 ∗ 7 502 8
10 4 14 10 ∗ 14 + 4 ∗ 22 228 20
OW => [ ]X( )=( )=( ) % 26 = ( ) = UK
24 10 22 24 ∗ 14 + 10 ∗ 22 556 10
10 4 12 10 ∗ 12 + 4 ∗ 4 136 6
ME => [ ]X( )=( )=( ) % 26 = ( ) = GQ
24 10 4 24 ∗ 12 + 10 ∗ 4 328 16
Therefore, the ciphertext of “Show me” with a key, “key” is “Aiuk gq”
Exercise 1:
• Use Hill cipher to decrypt the ciphertext “Ajuk gq” with a key = “key”.
• Use Hill cipher to encrypt a plaintext “Show me” with a key = “plaintext”.
o What difference from the above example do you get?
• How do two communicating parties secure their communication in unsecure channel? Please
discuss the way the parties communicate from different locations.
8. Beaufort Cipher
This cipher uses the same table as Vigenere cipher but has different algorithm to encrypt and decrypt a
message. This cipher considers the top most row as location of a plaintext, and the left most column as
location of a ciphertext.
Encryption Process
Key and plaintext are given as input. Then, follow the following procedures.
1. Locate the plaintext letter on the topmost horizontal row
2. Move down the column until you find the key letter
3. The leftmost letter of the row that the key letter is located is the ciphertext letter.

Example: P = ‘J’, key=’U’, and C will be the leftmost letter in the row where ‘U’ down the column ‘J’ is
located, i.e., ‘L’.
Exercise 2: Encrypt the following plaintext “I am here for you” using a key = “where”.
Decryption Process
Key and ciphertext are given as input. Then, follow the following procedures.
1. Locate the ciphertext letter on the leftmost vertical column
2. Move right the row until you find the key letter
3. The topmost letter of the column that the key letter is located is the plaintext letter.
Example: C = ‘L’, key=’U’, and P will be the topmost letter in the column where ‘U’ along the row ‘J’ is
located, i.e., ‘J’.
Exercise 3: Decrypt the following ciphertext “DIMBUSQJKLUGXVUEWUMFWXIX” using a key = “lemon”.
Exercise 4: In Vigenere Cipher, a key is added with a plaintext to get a ciphertext. How about in the Beaufort
cipher?

Transposition Cipher
It is another type of cipher process, where letters in the plaintext are rearranged to create a corresponding
ciphertext. The letters of the plaintext are moved around. The actual plaintext alphabets are not replaced.
Example Ciphers such as simple columnar transposition, row transposition, double transposition, Rail
Fence cipher, etc. are transposition ciphers.
1. Rail Fence Cipher

Letters of the plaintext are ordered diagonally (in a zigzag way) and ciphertext is generated by reading row-
wise. A key in this cipher is a number to represent number of rows.
Example: Encrypt a plaintext “Hello IT students” with:
Key = 2
H l o t t d n s
E L i s u e t
The cipher output: Hlottdnselisuet
Key = 3
H o t n
E L i s u e t
l t d s
The cipher output: Hotnelisuetltds
Decryption process
It involves reconstructing the diagonal grid used to encrypt the message. Start writing the cipher message
but leaving a dash in place of the spaces yet to be occupied. Number of rows of the table shall be
represented by the key, and number of columns shall be the length of the ciphertext.
Exercise 5: Decrypt the above encrypted ciphertext with the same key and algorithm as in the encryption
process.
2. Columnar Transposition Cipher

It involves writing the plaintext out in rows and reading the ciphertext off from columns. A key can be a
keyword, thus the number of the letters in the keyword represents number of columns and the natural
order of the alphabets tell the order to read off the columns. For example, a keyword “monkey” tells us
that the table shall have 6 columns with a natural order of 3 5 4 2 1 6, where e is 1st, k is 2nd, …, y is 6th out
of the total character in the keyword. This means, the fifth column shall be read off the table first, then
the fourth column, then first column, and so on.
However, if the columns are ordered in their natural order like 1 2 3 4 5 6 (for a table with 6 columns), it is
called route cipher. Here, a route cipher is a special type of columnar cipher.
Encryption Process
1. Create a table of #character in the keyword,
2. Write out the plaintext row-wise top to bottom
3. Read of the ciphertext from the table according to the order of the letter in the keyword.
10 | P a g e Asmelash Girmay
Example: Encrypt a plaintext “why should I come to you” using a key = “yes”.
Y E S According to the rule above, we shall read the second column, and thus, “hhlcey”,
3 1 2 Then read off the third column, hence, “yodoto”,
w h y Finally, read the first column, which is, “wsuimou”
s h o Concatenating each output, the ciphertext can be constructed as
u l d “hhlcey yodoto wsuimou”
i c o
m e t
Exercise 6: Use a keyword “mahder” and columnar transformation cipher to encrypt
o y o a plaintext “why should I come to you”.
u
Decryption Process:
The second communicating party gets a ciphertext and already has the key. Thus, the ciphertext shall be
decrypted in order to get the original message. To decrypt the ciphertext,
1. First, prepare a table with

• Number of columns = number of characters in the keyword
• Number of rows = number of cipher characters divided by number of columns. In this case,
the number shall always take the roof not the ceiling. For example, if number of cipher
characters are 19 and key length is 3, 19/3 = 6 remainder 1. Thus, the number of rows
shall be 7, where the first column will contain one character at the last row, while the
other columns empty. Another example: if length of the ciphertext is 21 and key length is
6, #rows = 21/6 = 3 remainder 3. This implies that total number of rows are 4, where in
the last row, the first three columns are occupied with the cipher characters while the
other columns left empty.
2. Populate the table with the ciphertext letters down the columns according to their natural order.
3. Finally, read off the plaintext in a row-wise from the table.
Exercise 7: Decrypt the above ciphertexts with the same key and algorithm as the encryption process.
Exercise 8: Discuss the cryptography three-dimensions and differentiate substitution cipher and
transposition cipher.
3. Row Transposition Cipher

Like the columnar transposition, this cipher uses a keyword as a key, and their natural order for the
ciphertext reading off. However, the row transposition has the following different approaches:
Cipher Process
• A plaintext is written row by row like in the column transposition from top to bottom.
• Then, before the cyphertext is read off row by row, the columns shall be reordered according to
their natural order.
• Finally, a ciphertext is read off row-wise from left to right down to the bottom row.
Example: encipher the plaintext “Cryptography is one of the thematic areas of IT” using a key “crypto”.
C R Y P T O C O P R T Y
1 4 6 3 5 2 1 2 3 4 5 6 Now, read off the ciphertext row-
C R Y P T O C O P R T Y wise from left to right down to the
G R A P H Y Rearrange columns in G Y P R H A bottom. Thus, the ciphertext is:
I S O N E O ascending order I O N S E O
F T H E T H F H E T T H
E M A T I C E C T M I A COPRTYGYPRHAIONSEOFHETTHEC
A R E A S O A O A R S E TMIAAOARSEFXXIXT
F I T F X X I X T
Exercise 1: Decipher the ciphertext in the example above with the key “crypto”.
4. Double Transposition Cipher

Encryption uses twice a transposition cipher, usually the first transposition is in columns and the second
in lines. It may also involve a double transposition with the same algorithm and key.
Exercise 2: encipher the plaintext “Cryptography is one of the thematic areas of IT” using a key “crypto”
with double transposition cipher (columnar transposition then row transposition).
A double cipher is a cipher with twice substitution or twice transposition. It is categorized into two:
1. Double transposition cipher (see above)
2. Double substitution cipher: it is constructed from two consecutive substitution ciphers.
5. Product Cipher
A cipher that involves two or more transformations to create a combined secure cipher to make it resistant
to cryptanalysis. For example, a cipher may involve combinations of substitution like S-box and
transposition/permutations like P-box. S-box and P-box are to be discussed later lessons. Here, neither
substitution alone nor transposition are secure because of language characteristics. For this, a cipher is
recommended to involve combination of them, for example:
• Two substitutions make a more complex substitution
• Two transpositions make a more complex transposition
• But a substitution followed by a transposition makes much harder cipher
This is a bridge from classical to modern ciphers.

Exercise 3: encipher the plaintext “Cryptography is one of the thematic areas of IT” using a key “crypto”
with product cipher (Beaufort cipher then row transposition).
Stream Cipher
One of the types of cipher processes where encryption and decryption is done one bit or byte at a time.
Example ciphers of this type are Vernam cipher and the others discussed above.
Vernam Cipher
It is proposed by Gilbert Vernam in 1918 for binary string encoding. It encryption and decryption is done
using bit-wise XOR operation. Assume, Ci be ith ciphertext bit, Pi be ith plaintext bit, and Ki be ith key bit,
Ci = Pi  Ki
Pi = Ci  Ki
Example: P = 01101110, K = 11011001, C = P  K = 10110111
Exercise 4: Decrypt the above ciphertext bits to get the original plaintext bits.
Cryptanalysis: The strength of the key lies in the length of the key.
Exercise 5: Discuss how strong is this cipher in detail.
Exercise 6: What it the concrete difference between double transposition and product cipher?
Rotor Machine
Rotor machine was used as a cryptographic systems product before modern ciphers were invented. This
machine was used in the world war 2 (WW2) by German Enigma, Allied Hagelin, Japanese Purple, etc. It
was implemented with a very complex varying substitution cipher using a series of cylinders, each giving
one substitution, which rotated and changed after each letter was encrypted. For example, with three
cylinders, we could have 263 = 17576 alphabets.
Steganography
An alternative way of hiding a plaintext to the encryption. It is the process of hiding the existence of a
message using only a subset of letters/words in a longer message marked in some way, using invisible inks,
in graphic images, sounds, videos, PDF files, etc. However, it has high overhead to hide relatively few
information bits.
Block Cipher
The process of enciphering and deciphering multiple bits at once as a block, where each block is
enciphered independently. However, identical plaintext blocks produce identical ciphertext blocks. In this
cipher, each block plaintext is treated at once. Example of block ciphers are S-DES (Simplified Data
Encryption Standard), DES, Double DES (2DES), triple DES (3DES), International Data Encryption Algorithm
(IDEA), and AES (Advanced Encryption Standard). The DES family are based on Feistel cipher. What is
Feistel cipher, let’s discuss here below.
1. Simplified Data Encryption Standard (S-DES) Cipher

This cryptographic algorithm is one of the block ciphers with the following characteristics:
• It has 8-bits block size of plaintext and ciphertext,
• Its original key size is 10-bits. Based on the original key, other two keys with each size of 8-bits are
generated and used in the encryption and decryption process.
• It is asymmetric cipher,
• It uses Feistel cipher approach with two rounds that will be discussed in lesson 6.
The Cipher Process
1. Two keys shall be generated using eight steps. Each of them shall be generated from the original
key.
2. Encrypt the plaintext with each block in 13 steps
3. Decrypt the ciphertext with each block in 13 steps
Figure 3 S-DES cipher process
Key Generation
Figure 4 S-DES key generation
Step 1: select a random key of 10-bits size, which only should be shared by between the communicating
parties. For example: 10011 00101
Step 2: put the selected key into the P10 table and permute the bits.
Input 1 2 3 4 5 6 7 8 9 10
Output 3 5 2 7 4 10 1 9 8 6
Table 5 S-DES P10 table
Input bits 1 0 0 1 1 0 0 1 0 1
Output bits 0 1 0 0 1 1 1 0 1 0
Table 6 Input key on S-DES P10 table
Now the output is 01001 11010

Step 3: divide the output key into two halves, left half and right half.
LH = 01001, RH = 11010
Step 4: apply one-bit round shift on each half. After round shift: LH = 10010, RH=10101
Step 5: combine both halves and put them into P8 table to get the first key, K1.
Combine = 10010 10101
Input 1 2 3 4 5 6 7 8 9 10
Output 6 3 7 4 8 5 10 9
Input bits 1 0 0 1 0 1 0 1 0 1
Output bits 1 0 0 1 1 0 1 0
Table 8 Processed key bits on S-DES P8 table
The output is an 8-bits key, the first key (K1). Thus, K1 = 1001101 0
Step 6: since S-DES has two rounds for its cipher process, it needs to have two keys. The first key is already
generated in step 5. While the second key is to be generated on the next steps (6-8).
Go to the step 4 and take the output of the first-round halves: LH = 10010, RH=10101
Step 7: make two rounds on each half. The output is LH = 01010, RH=10110
Step 8: Combine the two halves from step 7 and then put them into the P8 table (see table 3 above) to
generate the second key.
Input bits 0 1 0 1 0 1 0 1 1 0
Output bits 1 0 0 1 1 0 0 1
Table 9 Processed key bits on S-DES P8 table
Therefore, the second key, K2 = 1001 1001

Finally, both keys are created, thus K1 = 10011010 and K2 = 1001 1001
Encryption Process
The five functions to encrypt

• IP – an initial permutation
• fk - a complex, 2-input function
• SW – a simple permutation that swaps the two nybles (4-bits)
• fk - a complex, 2-input function; again
• IP – inverse permutation of the initial permutation
Figure 5 S-DES encryption process
Let’s encrypt a plaintext to ciphertext with the following steps. For this, assume that a plaintext’s one
block is given as 0011 1001.
Step 1: Given plaintext block be 0011 1001
Step 2: Initial Permutation (IP8)
Put the plaintext block into IP8 table and permute the table.
Input bit numbers 1 2 3 4 5 6 7 8
Permutated bit numbers 2 6 3 1 4 8 5 7
Table 10 S-DES IP8 table
Input plaintext block bits 0 0 1 1 1 0 0 1

Permutated bits 0 0 1 0 1 1 1 0
Table 11 Plaintext block bits on S-DES IP8 table
Output = 0010 1110

Step 3: Break the bits into two halves, right half and left half. LH = 0010, RH=1110
Step 4: Apply Expand and Permutate (EP)
Take the right half bits and put them into EP table. RH = 1110
Number 1 2 3 4 5 6 7 8
Expanded bit numbers 4 1 2 3 2 3 4 1
Table 12 S-DES EP table
Input bits 1 1 1 0
Expanded bits 0 1 1 1 1 1 0 1
Table 13 RH bits on S-DES EP table
Output = 0111 1101

Step 5: Take the output and XOR with the first key, K1.
New output = OP ⊕ K1 = 0111 1101 ⊕ 1001 1010 = 1110 0111
Step 6: Once again split the XOR output into two halves, LH = 1110 and RH 0111. Now, put each half into
S-boxes, S0 and S1 respectively. This means, put LH into S0 and RH into S1.
0 1 2 3 0 1 2 3
0 01 00 11 10 0 00 01 10 11
1 11 10 01 00 T
1 10 00 01 11
2 00 10 01 11 a2 11 00 01 00
3 11 01 11 10 b3 10 01 00 11
S0 l S1
Table 15 S-DES S-boxes
e
The question is how to put them in to their respective table?1
4
Take any half, combine first most and last most bits into oneS to map a row, and then combine the
remaining bits (2nd and 3rd position) to map a column. -
LH = 1110, row = 10 = 2, column =11= 3. The intersection ofDthe second row and third column on S0 is 11.
RH = 0111, row = 01 = 1, column = 11 = 3. The intersection ofE the first row and third column on S1 is 00.
S
Step 7: Now, combine the two halves, OP1 = 1100. S
0
Step 8: Apply permutation 4 (P4) t
Take these four bits and put them in P4 table. a
b
17 | P a g e l Asmelash Girmay
e Department of Information Technology
Input bit positions 1 2 3 4
Output bit positions 2 4 3 1
Input bits 1 1 0 0
Output bits 1 0 0 1
Table 17 LH on P4 table
Output = 1001
Step 9: XOR the output with the permutated left half in step 3. 1001 ⊕ 0010 = 1011
Step 10: Combine the output in step 9 with the permutated right half in step 3. 1011 1110
Step 11: Once again, break the output into left half and right half bits. LH = 1011, RH = 1110
Step 12: Swap the halves. LH = 1110, RH = 1011, thus the output in this step is = 1110 1011
Step 13: Now let’s take these halves and once again start the same procedure from step 2 or initial
permutation. However, in this step, we are going to use the second key, K2. And put the output into IP-1
(IP inverse) table. What you get will be your final ciphertext. Let’s workout briefly as follows:
2. Apply EP for RH=1011, thus, output = 1101 0111
3. XOR the output = 1101 0111 with K2 = 1001 1001, 1101 0111 ⊕ 1001 1001 = 0100 1110
4. Split output into two halves and apply S-boxes, LH2 = 0100 and RH2 = 1110
a. LH2: 0100, row = 00 = 0, column = 10 = 2. S0 at 0 row and 2nd column is 11.
b. RH2: 1110, row = 10 = 2, column = 11 = 3. S1 at 2nd row and 3rd column is 00.
5. Combine the output and apply P4. Output = 1100. After permutated on P4 table = 1001
6. XOR the previous output with RH2 (see above), 1001 ⊕ 1110 = 0111
7. Rewrite the swapped result in step 13 by replacing the LH with the previous output, thus, 1101 0111
will be rewritten as 0111 0111
8. Finally, apply inverse initial permutation IP-1 to the previous output = 0111 0111.
IP-1
4 1 3 5 7 2 8 6
Table 18 S-DES inverse initial permutation (IP-1)
Output = 1010 1111

The output of the IP-1, i.e., 1010 1111 is the ciphertext of the plaintext given above, i.e., 0011 1001.
Using S-DES block symmetric cryptographic algorithm, the plaintext = 0011 1001 with key = 10011 00101
produces a ciphertext = 1010 1111.
Exercise 7: Using S-DES, encipher a plaintext = 0110 1001 with a key = 10101 01010.
Decryption process in S-DES is based on Fig. 1. You can work out easily using the encryption process above.
Exercise 2: Using S-DES to decrypt a ciphertext = 1010 1111 with a key = 10011 00101.
P.S., S-DES is being used for educational purpose. It is not used for production purposes. If you get general
understanding on S-DES, then you can simply understand what a Feistel cipher mean, how cipher process
managed, etc.
Claude Shannon and Substitution-Permutation Ciphers

Claude Shannon introduced idea of substitution-permutation (S-P) networks in 1949 paper. It is based on
the product cipher principles. This forms basis of modern block ciphers. S-P nets are based on the two
primitive cryptographic operations, namely, substitution (S-box) and permutation (P-box). The
combination of the operations provides confusion & diffusion of message (plaintext) and key.
Diffusion – dissipates statistical structure of a plaintext over bulk of ciphertext, particularly, one change in
the plaintext triggers many changes in the ciphertext.
Confusion – makes relationship between ciphertext and key as complex as possible, particularly, each
character of the ciphertext depends on many parts of the key.
Avalanche Effect
A desirable property of any encryption algorithm is that a small change in either the plaintext or the key
should produce a major change in the ciphertext.
Feistel Cipher
Horst Feistel devised the Feistel cipher based on the concept of invertible product cipher. Feistel cipher
implements the S-P network concept. It partitions input block into two halves which are processed through
multiple rounds which perform a substitution on left data half, based on round function of right half and
subkey, and then have permutation swapping halves. Essentially the same hardware or software is used
for both encryption and decryption, with just a slight change in how the keys are used. One layer of S-
boxes and the following P-box are used to form the round function. It has the following summarized
characteristics:
• It is not specific scheme of block cipher
• It is a design model, where many different block ciphers are derived
• A crypto algorithm designed based on Feistel cipher uses the same algorithm for both encryption
and decryption
• Input block to each round is divided into two halves, left half and right half
• In each round, right half goes through unchanged. Whereas left half goes through an operation
that depends on the right half and the key.
o Output of each round is L (+) f (R, K), where f (R, K) means encryption right half, R with
key, K.
• Each round uses different round keys
• The permutation step at the end of each round swaps the modified left half, L and unmodified
right half, R
Encryption Process (see figure 2 (a))

• It consists of multiple rounds. As number of rounds increases,
o Security of the algorithm increases,
o Efficiency of the algorithm decreases
o Complexity of the algorithm increases
o Performance of the algorithm decreases
• Each round consists of substitution and permutation (transposition) as seen in figure 1.
• Number of rounds are specified by the respective algorithm
• Once the last round is completed then the two sub blocks, left, L and right, R are concatenated to
form the ciphertext block.
• The difficult here is to get the round function, f.
Decryption Process (see figure 2 (b))

• It is similar to the encryption process, but
o It starts with ciphertext blocks
o Keys used in reverse order
Figure 7 Encryption and decryption in Feistel cipher respectively
Figure 6 Feistel cipher encryption process
In the secret key cryptography, some block ciphers such as DES and its families (S-DES, 2DES, 3DES) follow
the Feistel cipher standard technique. Let’s summarize what each of the block ciphers look like including
those that do not follow the Feistel approach such as AES, IDEA, RC4, etc.
I am going to summarize the widely used and known symmetric block ciphers here below. P.S., the detailed
discussion of each of the algorithms is expected from each respective group in the course project.
1. Data Encryption Standard

• It has a plaintext and ciphertext block size of 64-bits.
• It uses input key size of 56-bits.
• It has 16-totl rounds. Each round has Feistel structure.
o Thus, it shall generate 16 round keys from the input key for each round.
o Round keys numbered from zero (0) to fifteen (15) as K0, K1, K2, …, K15.
o Each round key has 48-bits size.
o From the 56-bits of the input key, 8-bits are used for parity checking.
Figure 8 DES encryption and decryption
Figure 9 DES - general structure
2. Double Data Encryption Standard (2-DES)

• Repeats DES twice in both the encryption and decryption processes. This means, it makes two
successive DES cipher processes.
• Input block size is the same as DES, i.e., 64-bits.
• Key size used 112 bits. Here, two keys of size 56 bits each.
• Has twice of DES’s rounds, thus, round keys.
• Size of each round key is 48-bits like DES.
3. Triple Data Encryption Standard (3-DES)

• Repeats DES three-times in both the encryption and decryption processes. This means, it makes
three successive DES cipher processes – encryption with key 1, decryption with key 2, then
encryption with key 3 (see figure xx below).
• Input block size is the same as DES, i.e., 64-bits.
• Key size used 168 bits. Here, three keys of size 56 bits each.
• Has three-times DES’s rounds, thus, round keys.
• Size of each round key is 48-bits like DES.
Figure 11 Cipher process with 3-DES2
Key: DES for encryption, DES1 for decryption
Figure 10 Encryption with 3-DES1
4. Advanced Encryption Standard (AES)

Depending the block size used, AES has three divisions, namely, with 128 bits, 192 bits, and 256 bits block
size.
• It is symmetric block cipher algorithm
• Plaintext block size 128 bits
• Size of key used 128/192/256 bits
• Stronger and faster than 3-DES
• It is iterative than Feistel cipher
• It is based on S-P network
• Performs its computations on bytes rather than bits
• Treats the 128 bits block in 16 bytes
o Arranged in 4 X 4 matrix for further cipher process
• Unlike DES it has variable number of rounds depending on the length of key used
o 10 rounds for key size 128 bits
• Each round use 128 bits sized round key, which is calculated based on the original AES key
• Encryption from top to down and decryption in reverse order are processed
• In each round, there are four sub-processes, namely, substitute bytes, shift rows, mix columns,
add round key.
• Each round uses one round key
1
https://community.cisco.com/t5/security-documents/3des/ta-p/3113951
2
https://www.researchgate.net/figure/The-diagram-of-3DES-encryption-decryption-implementation_fig6_297310056
Figure 12 Cipher process in AES3
5. International Data Encryption Algorithm (IDEA)

• It is symmetric block cipher algorithm
• Designed to replace DES
• Was used in PGP v2. PGP – Pretty Good Privacy (PGP)
• Has plaintext/ciphertext block size of 64-bits
• Key size used 128 bits
o It is subdivided into 52 sub keys.
• Has eight (8) identical rounds, where in each round six (6) keys are used
• Last special round uses four (4) keys
o Here, total sub keys used 52 = 6*8 + 4 = 48 + 4 = 52.
o Theses keys are used for both encryption and decryption.
Figure 13An encryption round of IDEA 4
6. Temporal Key Integrity Protocol

TKIP (Temporal Key Integrity Protocol) is an encryption protocol for wireless LANs (WLANs). It is a protocol
based on some block cipher algorithms such as RC4.
3 https://www.researchgate.net/figure/The-basic-AES-128-cryptographic-architecture_fig1_230853805
4 https://en.wikipedia.org/wiki/International_Data_Encryption_Algorithm
7. RC4
• RC4 is a stream cipher designed by Ron Rivest.
• It generates a one-time pad and applies it to a stream of plaintext with ⊕.
• It is extremely simple and fast.
• The key can be from 1 to 256 octets.
• RC4 keeps 258 octets of state information, 256 octets of which are a permutation of 0, 1, …, 255
that is initially computed from the key and then altered as each pad octet is generated.
Figure 14 RC4 sample encryption5
5https://www.researchgate.net/figure/RC4-Stream-Cipher-This-mode-of-operation-makes-stream-ciphers-vulnerable-to-
several_fig1_260419842
Ciphers Modes of Operation

As summarized above, in DES/IDES 64-bits and 128-bits in AES are encrypted as a block. But it doesn’t tell
how to use the algorithms. Let’s assume a plaintext message is more than one block. It is advisable to
answer the way used encrypt such kinds of messages.
1. Encrypting a Large Message

How to encrypt a message larger than 64-bit using DES block cipher algorithm? There are several schemes
defined in DES81. These schemes equally applicable for IDES or any secret key scheme that encrypts fixed-
length blocks. The schemes are:
• Electronic Code Book (ECB)
• Cipher Block Chaining (CBC)
• K-Bit Output Feedback Mode (OFB)
• K-Bit Cipher Feedback Mode (CFB)
• Counter Mode (CTR)
1.1. Electronic Code Book (ECB)
It is just doing the obvious thing and it is usually the worst method. It is the way a sender breaks a message
into 64-bits blocks (padding the last one out to a full 64 bits) and encrypt each block with the secret key.
The receiving side decrypts each block (removing padded bits from the last block) to construct the original
message.
Figure 15 ECB Encryption Figure 16 ECB Decryption
Cryptanalysis on ECB
• If the plaintext contains two identical blocks, the corresponding ciphertext blocks will be identical.
o This will give eavesdropper some information,
• Another, a man in the middle can rearrange blocks to modify blocks to his own advantage.
• Thus, it is rarely used to encrypt messages.
1.2. Cipher Block Chaining (CBC)

CBC is designed to solve some of the problems of ECB. For example, in CBC, even the repeated plaintext
blocks will not cause repeats in the ciphertext blocks. This is achieved as follows:
• CBC generates its own “random numbers”. Here, it uses Ci as ri+1, where C – ciphertext block, and
r – random number. On other words, it takes the previous ciphertext block as random number and
XORed with the next plaintext block to generate the next ciphertext.
• However, it selects one random number for the first block cipher. The initial random number is
called an initialization vector (IV).
• Decryption is also simple, because XOR is its own inverse.
Figure 17 Encryption in CBC
Figure 18 Decryption in CBC
Cryptanalysis on CBC
• The overhead is generating the IV and transmitting it. However, the cost of XOR is trivial compared
to the encryption
o Omitting the IV (replacing with 0) would not be adversely affected. However, if the same
message is being sent repeatedly, and then some parts of the message are changed some
other days, eavesdropper can detect the change, thus, alerted with the change what so
ever it is.
o The IV always changes even the same plaintext
1.3. K-Bit Output Feedback Mode (OFB)
Output feedback mode is stream cipher. Encryption is performed by XORing the message with one-time
pad generated by the OFB. The process:
• Let’s assume, the stream is created 64 bits at a time.
• To start, a random 64-bit IV (as in the CBC mode) is generated. Let’s call that b0.
• Then the b0 is encrypted with the key to get b1, which in turn encrypted to get b2, and so forth.
Thus, the resulting one-time pad is b0|b1|b2|b3|…
• To encrypt a message, XORing it with as many bits of the one-time pad as necessary.
• The result is transmitted along with the IV.
• The receiver computes the same one-time pad based on knowledge of the secret key and the IV.
• To decrypt the ciphertext, XORing with as many bits of the one-time pad as necessary.
1.4. K-Bit Cipher Feedback Mode (CFB)
It is very similar to OFB, in that K-bits at a time are generated and XORed with K-bits of plaintext.
Exercise: Compare and contrast OFB with CFB.
1.5. Counter Mode (CTR)
It is very similar with OFB mode, in that one-time pad is generated and XORed with the data. It is however
different in that instead of chaining by encrypting each one-time pad block to get the next one, OFB
increments the IV and encrypts the result to get successive blocks of the one-time pad.
Figure 19 Counter mode (CTR)
Cryptanalysis on CTR
• Like OFB, the cryptography can be pre-computed, and encryption is simple an XOR. But, like CBC,
you can decrypt the message starting at any point rather than being forced to start from the
beginning.
• This makes CTR an ideal model for applications.
• Like OFB, CTR loses security if different plaintext is encrypted with the same key and IV.
Generating Message Authentication Code (MAC)

A secret key system can be used to generate a cryptographic checksum known as MAC (Message
Authentication Code) also known as MIC (Message Integration Code). MAC is popular, while MIC is
standard naming of the checksum.
While CBC, OFB, CFB, and CTR provide good protection against eavesdropper who can decipher a message.
However, they cannot protect any modification even for the undecrypted messages.
A standard way for protecting against undetected modifications is to compute the CBC but send only the
last block along with the plaintext message. The last block is called CBC residue. To calculate the CBC
residue, knowing the secret key is a must. If attacker make some modification on the portion of the
transmitting message, the CBC residue will no longer be correct (except the probability 1 in 264).
The receiver computes the CBC residue on the plaintext and check if it matches with the one sent. MAC
can be computed by the one who knew the shared key. In that case, sending the plaintext with its MAC
code for non-private messages is good idea.
Figure 20 Cipher Block Chaining Residue
To be continued…
View publication stats

Ch3-SecretKeyCryptography

Uploaded by

Copyright:

Available Formats

Ch3-SecretKeyCryptography

Uploaded by

Document Information

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Ch3-SecretKeyCryptography

Uploaded by

Copyright:

Available Formats

See discussions, stats, and author profiles for this publication at: https://www.researchgate.

Cryptography and Network Security Course Lessons

Presentation · February 2019

The user has requested enhancement of the downloaded file.

Figure 1 Cipher process in Secret Key Cryptography

1|Page Asmelash Girmay

Mono-alphabetic and Poly-alphabetic Substitution Cipher

Application of Secret Key Cryptography

2|Page Asmelash Girmay

Figure 2 Mutual Authentication

3|Page Asmelash Girmay

3. Simple Substitution Cipher

The Cipher Process

4|Page Asmelash Girmay

The Cipher Process

2. The rules of encryption are

5|Page Asmelash Girmay

Thus, the ciphertext is “KPGISGWTTTEWAUZSYJVHQIUTNE”.

6|Page Asmelash Girmay

6. One-time Pad Cipher

7|Page Asmelash Girmay

8|Page Asmelash Girmay

9|Page Asmelash Girmay

1. Rail Fence Cipher

2. Columnar Transposition Cipher

1. First, prepare a table with

3. Row Transposition Cipher

4. Double Transposition Cipher

This is a bridge from classical to modern ciphers.

1. Simplified Data Encryption Standard (S-DES) Cipher

Figure 3 S-DES cipher process

Figure 4 S-DES key generation

Now the output is 01001 11010

Therefore, the second key, K2 = 1001 1001

The five functions to encrypt

Figure 5 S-DES encryption process

Input plaintext block bits 0 0 1 1 1 0 0 1

Output = 0010 1110

Output = 0111 1101

Output = 1010 1111

Claude Shannon and Substitution-Permutation Ciphers

Encryption Process (see figure 2 (a))

Decryption Process (see figure 2 (b))

Figure 7 Encryption and decryption in Feistel cipher respectively

Figure 6 Feistel cipher encryption process

1. Data Encryption Standard

Figure 8 DES encryption and decryption

Figure 9 DES - general structure

2. Double Data Encryption Standard (2-DES)

3. Triple Data Encryption Standard (3-DES)

Figure 11 Cipher process with 3-DES2

Key: DES for encryption, DES1 for decryption

Figure 10 Encryption with 3-DES1

4. Advanced Encryption Standard (AES)

Figure 12 Cipher process in AES3

5. International Data Encryption Algorithm (IDEA)

Figure 13An encryption round of IDEA 4

6. Temporal Key Integrity Protocol

Figure 14 RC4 sample encryption5

Ciphers Modes of Operation