Unit: 2 Conventional Cryptographic Techniques

Conventional encryption is a cryptographic system that uses the same key used by the sender to
encrypt the message and by the receiver to decrypt the message. It was the only type of encryption in
use prior to the development of public-key encryption. It was the only type of encryption in use prior
to the development of public-key encryption. It is still much preferred of the two types of encryption
systems due to its simplicity. It is a relatively fast process since it uses a single key for both encryption
and decryption in this encryption model, the sender encrypts plaintext using the receiver’s secret key,
which can be later used by the receiver to decrypt the ciphertext. Below is a figure that illustrates this
concept.

Suppose A wants to send a message to B, that message is called plaintext. Now, to avoid hackers
reading plaintext, the plaintext is encrypted using an algorithm and a secret key (at 1). This encrypted
plaintext is called ciphertext. Using the same secret key and encryption algorithm run in reverse (at 2),
B can get plaintext of A, and thus the message is read and security is maintained. The idea that uses in
this technique is very old and that’s why this model is called conventional encryption.

Conventional encryption has mainly 5 ingredients:

Plain text – It is the original data that is given to the algorithm as an input.

Encryption algorithm – This encryption algorithm performs various transformations on plain text to
convert it into ciphertext.

Secret key – The secret key is also an input to the algorithm. The encryption algorithm will produce
different outputs based on the keys used at that time.

Ciphertext – It contains encrypted information because it contains a form of original plaintext that is
unreadable by a human or computer without proper cipher to decrypt it. It is output from the
algorithm.

Decryption algorithm – This is used to run encryption algorithms in reverse. Ciphertext and Secret key
is input here and it produces plain text as output.

Requirements for secure use of conventional encryption:

1. We need a strong encryption algorithm.

2. The sender and Receiver must have obtained copies of the secret key in a secure fashion and must
keep the key secure.

Characterization of Cryptography:

We can characterize Cryptographic system by:

• Type of Encryption Operation Used

▪ Substitution / Transposition
• Number of keys
▪ Single key or secret / two key or public
• Way in which plaintext is processed
▪ Block / Stream

There are two primary ways in which in which a plain text message can be codified to obtain the
corresponding cipher text:

1. Substitution
2. Transposition

2.1 Substitution Techniques:

Substitution technique is one in which the letters of plaintext are replaced by other letters or by
numbers or symbols. If the plaintext is viewed as a sequence of bits, then substitution involves
replacing plaintext bit patterns with ciphertext bit patterns.

Caeser Cipher:

The earliest known use of a substitution cipher, and the simplest, was by Julius Caesar. The Caesar
cipher involves replacing each letter of the alphabet with the letter standing three places further down
the alphabet. It is a mono-alphabetic cipher wherein each letter of the plaintext is substituted by
another letter to form the ciphertext. It is a simplest form of substitution cipher scheme. This
cryptosystem is generally referred to as the Shift Cipher. The concept is to replace each alphabet by
another alphabet which is ‘shifted’ by some fixed number between 0 and 25. For this type of scheme,
both sender and receiver agree on a ‘secret shift number’ for shifting the alphabet. This number which
is between 0 and 25 becomes the key of encryption. The name ‘Caesar Cipher’ is occasionally used to
describe the Shift Cipher when the ‘shift of three’ is used.

Process of Shift Cipher:

In order to encrypt a plaintext letter, the sender positions the sliding ruler underneath the first set of
plaintext letters and slides it to LEFT by the number of positions of the secret shift.

The plaintext letter is then encrypted to the ciphertext letter on the sliding ruler underneath. The result
of this process is depicted in the following illustration for an agreed shift of three positions. In this case,
the plaintext ‘tutorial’ is encrypted to the ciphertext ‘WXWRULDO’. Here is the ciphertext alphabet for
a Shift of 3 –
Let us assign a numerical equivalent to each letter:

Then the algorithm can be expressed as follows. For each plaintext letter p, substitute the ciphertext
letter C:

We define a mod n to be the remainder when a is divided by n. For example, 11 mod 7 = 4.

C = E(3, p) = (p + 3) mod 26

A shift may be of any amount, so that the general Caesar algorithm is

C = E(k, p) = (p + k) mod 26

where k takes on a value in the range 1 to 25.

The decryption algorithm is simply

p = D(k, C) = (C - k) mod 26

Monoalphabetic and Polyalphabetic Ciphers

Monoalphabetic cipher is a substitution cipher in which for a given key, the cipher alphabet for each
plain alphabet is fixed throughout the encryption process. For example, if ‘A’ is encrypted as ‘D’, for
any number of occurrences in that plaintext, ‘A’ will always get encrypted to ‘D’.

All of the substitution ciphers we have discussed earlier in this chapter are monoalphabetic; these
ciphers are highly susceptible to cryptanalysis.

Polyalphabetic Cipher is a substitution cipher in which the cipher alphabet for the plain alphabet may
be different at different places during the encryption process. The next two examples, playfair and
Vigenere Cipher are polyalphabetic ciphers.

Playfair Cipher:

In this scheme, pairs of letters are encrypted, instead of single letters as in the case of simple
substitution cipher. In playfair cipher, initially a key table is created. The key table is a 5×5 grid of
alphabets that acts as the key for encrypting the plaintext. Each of the 25 alphabets must be unique
and one letter of the alphabet (usually J) is omitted from the table as we need only 25 alphabets
instead of 26. If the plaintext contains J, then it is replaced by I.
The sender and the receiver deicide on a particular key, say ‘tutorials’. In a key table, the first characters
(going left to right) in the table is the phrase, excluding the duplicate letters. The rest of the table will
be filled with the remaining letters of the alphabet, in natural order. The key table works out to be

Process of Playfair Cipher:

First, a plaintext message is split into pairs of two letters (digraphs). If there is an odd number of
letters, a Z is added to the last letter. Let us say we want to encrypt the message “hide money”. It will
be written as –

HI DE MO NE YZ

The rules of encryption are –

If both the letters are in the same column, take the letter below each one (going back to the top if at
the bottom)

T U O R I

A L S B C
‘H’ and ‘I’ are in same column, hence take letter below them to replace. HI →
D E F G H
QC
K M N P Q

V W X Y Z

If both letters are in the same row, take the letter to the right of each one (going back to the left if at
the farthest right)

T U O R I

A L S B C
‘D’ and ‘E’ are in same row, hence take letter to the right of them to replace. DE
D E F G H
→ EF
K M N P Q

V W X Y Z
 If neither of the preceding two rules are true, form a rectangle with the two letters and take the letters
on the horizontal opposite corner of the rectangle.

Using these rules, the result of the encryption of ‘hide money’ with the key of ‘tutorials’ would be –

QC EF NU MF ZV

Decrypting the Playfair cipher is as simple as doing the same process in reverse. Receiver has the same
key and can create the same key table, and then decrypt any messages made using that key.

One Time Pad

An Army Signal Corp officer, Joseph Mauborgne, proposed an improvement to the Vernam cipher that
yields the ultimate in security. Mauborgne suggested using a random key that is as long as the message,
so that the key need not be repeated. In addition, the key is to be used to encrypt and decrypt a single
message, and then is discarded. Each new message requires a new key of the same length as the new
message. Such a scheme, known as a one-time pad, is unbreakable. It produces random output that
bears no statistical relationship to the plaintext. Because the ciphertext contains no information
whatsoever about the plaintext, there is simply no way to break the code.

The one-time pad offers complete security but, in practice, has two fundamental difficulties:

i. There is the practical problem of making large quantities of random keys. Any heavily used system
might require millions of random characters on a regular basis. Supplying truly random characters in
this volume is a significant task.

ii. Even more daunting is the problem of key distribution and protection. For every message to be sent,
a key of equal length is needed by both sender and receiver. Thus, a mammoth key distribution
problem exists.

Because of these difficulties, the one-time pad is of limited utility, and is useful primarily for low-
bandwidth channels requiring very high security.
2.2 Transposition Techniques:

All the techniques examined so far involve the substitution of a ciphertext symbol for a plaintext
symbol. A very different kind of mapping is achieved by performing some sort of permutation on the
plaintext letters. This technique is referred to as a transposition cipher.

The simplest such cipher is the rail fence technique, in which the plaintext is written down as a
sequence of diagonals and then read off as a sequence of rows. For example, to encipher the message
"meet me after the toga party" with a rail fence of depth 2, we write the following:

mematrhtgpry
etefeteoaat

The encrypted message is

MEMATRHTGPRYETEFETEOAAT

This sort of thing would be trivial to cryptanalyze. A more complex scheme is to write the message in
a rectangle, row by row, and read the message off, column by column, but permute the order of the
columns. The order of the columns then becomes the key to the algorithm. For example,

Key: 4 3 1 2 5 6 7

Plaintext: a t t a c k p

ostpone

duntilt

woamxyz

Ciphertext:

TTNAAPTMTSUOAODWCOIXKNLYPETZ

A pure transposition cipher is easily recognized because it has the same letter frequencies as the
original plaintext. For the type of columnar transposition just shown, cryptanalysis is fairly
straightforward and involves laying out the ciphertext in a matrix and playing around with column
positions. Diagram and trigram frequency tables can be useful. The transposition cipher can be made
significantly more secure by performing more than one stage of transposition. The result is a more
complex permutation that is not easily reconstructed.

2.3 Block cipher:

A block cipher is a method of encrypting data in blocks to produce ciphertext using a cryptographic
key and algorithm. The block cipher processes fixed-size blocks simultaneously, as opposed to a
stream cipher, which encrypts data one bit at a time. Most modern block ciphers are designed to
encrypt data in fixed-size blocks of either 64 or 128 bits. Block ciphers are invertible symmetric key
cryptographic algorithms. Here, symmetric means that the same cryptographic key is used to both
encrypt and decrypt messages. The key is used to transform (encrypt) one block of information at a
time. Block cipher algorithms take in input of some fixed-size (fixed-length) blocks and produce a
ciphertext output block that has the same length as the input block.

How does a block cipher work?

A block cipher uses a symmetric key and algorithm to encrypt and decrypt a block of data whose
length remains fixed. The block size of a block cipher refers to the number of bits that are processed
together.

All block ciphers require an initialization vector (IV) -- a random binary value that is added to the
input plaintext to initialize the algorithm. The IV is derived from a random number generator, which
is combined with text in the first block and the key to ensure all subsequent blocks result in
ciphertext that does not match that of the first encryption block. In other words, the same plaintext
message encrypted with the same key results in different ciphertext output -- as long as different IVs
are used. The IV, which does not need to be secret but must be random and unpredictable, increases
the keyspace of the cipher and makes it more difficult for an attacker to use brute force to break the
key and compromise the cipher. By making it harder to identify patterns in the ciphertext, the IV
increases security and helps prevent dictionary attacks and other types of cyberattacks.

Here's how a block cipher works:

1. It breaks down the plaintext input into blocks of fixed length, e.g., 64 bits or 128 bits.
2. If the plaintext length is not a multiple of the block size, it is padded with redundant
information to provide a complete final block.
3. Each block is encrypted using the cipher key.
4. The ciphertext is generated by connecting the encrypted blocks.
5. The message recipient receives the same key and uses it to decrypt the message into the
original plaintext.
2.4 Stream Cipher

In stream cipher, one byte is encrypted at a time while in block cipher ~128 bits are encrypted at a
time. Initially, a key(k) will be supplied as input to pseudorandom bit generator and then it
produces a random 8-bit output which is treated as keystream. The resulted keystream will be of
size 1 byte, i.e., 8 bits. Stream ciphers are fast because they encrypt data bit by bit or byte by byte,
which makes them efficient for encrypting large amounts of data quickly.Stream ciphers work well
for real-time communication, such as video streaming or online gaming, because they can encrypt
and decrypt data as it’s being transmitted.

Key Points of Stream Cipher

1. Stream Cipher follows the sequence of pseudorandom number stream.

2. One of the benefits of following stream cipher is to make cryptanalysis more difficult, so the
number of bits chosen in the Keystream must be long in order to make cryptanalysis more
difficult.
3. By making the key more longer it is also safe against brute force attacks.
4. The longer the key the stronger security is achieved, preventing any attack.
5. Keystream can be designed more efficiently by including more number of 1s and 0s, for making
cryptanalysis more difficult.
6. Considerable benefit of a stream cipher is, it requires few lines of code compared to block
cipher.

Encryption

Plain Text and Keystream produces Cipher Text (Same keystream will be used for decryption.).

The Plaintext will undergo XOR operation with keystream bit-by-bit and produces the Cipher Text.

Example:

Plain Text : 10011001

Keystream : 11000011

Cipher Text : 01011010

 Decryption

Cipher Text and Keystream gives the original Plain Text (Same keystream will be used for encryption).
The Ciphertext will undergo XOR operation with keystream bit-by-bit and produces the actual Plain
Text.

Example:

Cipher Text : 01011010

Keystream : 11000011

Plain Text : 10011001

Decryption is just the reverse process of Encryption i.e. performing XOR with Cipher Text.

2.5 Steganography:

A plaintext message may be hidden in one of two ways. The methods of steganography conceal the
existence of the message, whereas the methods of cryptography render the message unintelligible to
outsiders by various transformations of the text.

A simple form of steganography, but one that is time-consuming to construct, is one in which an
arrangement of words or letters within an apparently innocuous text spells out the real message. For
example, the sequence of first letters of each word of the overall message spells out the hidden
message.

Various other techniques have been used historically; some examples are the following:

• Character marking: Selected letters of printed or typewritten text are overwritten in pencil. The marks
are ordinarily not visible unless the paper is held at an angle to bright light.
• Invisible ink: A number of substances can be used for writing but leave no visible trace until heat or
some chemical is applied to the paper.
• Pin punctures: Small pin punctures on selected letters are ordinarily not visible unless the paper is held
up in front of a light.
• Typewriter correction ribbon: Used between lines typed with a black ribbon, the results of typing with
the correction tape are visible only under a strong light.

One of the methods is hiding a message by using the least significant bits of frames on a CD. For
example, the Kodak Photo CD format's maximum resolution is 2048 by 3072 pixels, with each pixel
containing 24 bits of RGB colour information. The least significant bit of each 24-bit pixel can be
changed without greatly affecting the quality of the image. The result is that you can hide a 2.3-
megabyte message in a single digital snapshot.

Steganography has a number of drawbacks when compared to encryption. It requires a lot of overhead
to hide a relatively few bits of information, although using some scheme like that proposed in the
preceding paragraph may make it more effective. Also, once the system is discovered, it becomes
virtually worthless. This problem, too, can be overcome if the insertion method depends on some sort
of key. Alternatively, a message can be first encrypted and then hidden using steganography.
The advantage of steganography is that it can be employed by parties who have something to lose
should the fact of their secret communication (not necessarily the content) be discovered. Encryption
flags traffic as important or secret or may identify the sender or receiver as someone with something
to hide.