25-Feb-20

Classical Encryption
Techniques

Dr. Arshad Aziz

Encryption and Cryptography

001010010111001
100101001011001
001011100100101

Using Encryption a message in its original form (plaintext) is

encrypted into an unintelligible form (ciphertext) by a set of
procedures known as an encryption algorithm and a variable, called a
key; and the ciphertext is transformed (decrypted) back into plaintext
using the encryption algorithm and a key. Encryption forms the basis
of many technological solutions to computer and communications
security problems. 2

1
 25-Feb-20

Plan for the Lecture

• Definitions
• Types of Encryption
• History
• Classical Encryption Techniques
• Uses of Encryption
• Encryption in the OSI Model
• Security of Encryption Algorithms

Definition
• Encryption normally works in the following
way:
“ A message in its original form (plaintext) is
encrypted into an unintelligible form
(ciphertext) by a set of procedures known
as an encryption algorithm and a variable,
called a key; and the ciphertext is
transformed (decrypted) back into plaintext
using the encryption algorithm and a key.”
4

2
 25-Feb-20

Definitions - Crypto-speak
• Cryptography is the study of secret
(crypto-) writing (-graphy)
• Cryptography deals with all aspects of
secure messaging, authentication, digital
signatures, electronic money, and other
applications
• The practitioner of Cryptography is called
Cryptographer

Definitions

3
 25-Feb-20

Why Cryptography?
• Concerned with developing algorithms
which may be used to:
– Conceal the context of some message from
all except the sender and recipient (privacy or
secrecy), and/or
– Verify the correctness of a message to the
recipient (authentication)
– Forms the basis of many technological
solutions to computer and communications
security problems
7

Some Basic Terminology

• plaintext - original message
• ciphertext - coded message
• cipher - algorithm for transforming plaintext to ciphertext
• key - info used in cipher known only to sender/receiver
• encipher (encrypt) - converting plaintext to ciphertext
• decipher (decrypt) - recovering ciphertext from plaintext
• cryptography - study of encryption principles/methods
• cryptanalysis (codebreaking) - study of principles/
methods of deciphering ciphertext without knowing key
• cryptology - field of both cryptography and cryptanalysis

4
 25-Feb-20

Cryptography is Mathematical
• Encryption C = EK(P)
• Decryption P = EK-1(C)
• EK is chosen from a family of
transformations known as a cryptographic
system.
• The parameter that selects the individual
transformation is called the key K,
selected from a keyspace K

Cryptography is Mathematical
• A cryptographic system is a single
parameter family of invertible
transformations
– EK ; K in K : P  C
– with the inverse algorithm EK -1 ; K in K : C  P
– such that the inverse is unique
• Usually we assume the cryptographic
system is public, and only the key is secret
information

10

5
 25-Feb-20

Encryption is a form of Coding

• Code - an method for transforming an intelligible
message into an unintelligible one using a code-book.
• A code is a pre-arranged word, sentence, or paragraph
replacement system. Foreign languages are just like
secret code, where the English word "hi" is represented
as the word “Hola” in Spanish, or some other word in
another language.
• Most codes have a code book for encoding and
decoding.
• An important difference between coding and
encryption?
11

Cryptography
• characterize cryptographic system by:
– type of encryption operations used
• substitution / transposition / product
– number of keys used
• single-key or private / two-key or public
– way in which plaintext is processed
• block / stream

6
 25-Feb-20

Cryptanalaysis
• The study of principles and methods of
transforming an unintelligible message
back into an intelligible message without
knowledge of the key is called
Cryptanalysis.
• Also called “code breaking” sometimes.
• Whereas people who do cryptography are
cryptographers, and practitioners of
cryptanalysis are cryptanalysts.
13

Cryptology
• Cryptology is the branch of mathematics
that studies the mathematical foundations
of cryptographic methods.
• Cryptology comes from the Greek words
Kryptos, meaning hidden, and Graphen,
meaning to write. Cryptology is actually
the study of codes and ciphers.
• Cryptology = both cryptography and
cryptanalysis
14

7
 25-Feb-20

Cryptanalysis
• objective to recover key not just message
• general approaches:
– cryptanalytic attack
– brute-force attack

Definitions Summary
Plaintext Ciphertext Enciphering/encryptio
n
• An original message • The coded message
• The process of converting
from plaintext to ciphertext

Deciphering/decryption Cryptography Cryptographic

• Restoring the plaintext from the system/cipher
• The area of study of the
ciphertext many schemes used for • A scheme
encryption

Cryptanalysis Cryptology
• Techniques used for • The areas of
deciphering a message cryptography and
without any knowledge of cryptanalysis
the enciphering details

8
 25-Feb-20

Cryptanalytic Attacks
• ciphertext only
– only know algorithm & ciphertext, is statistical,
know or can identify plaintext
• known plaintext
– know/suspect plaintext & ciphertext
• chosen plaintext
– select plaintext and obtain ciphertext
• chosen ciphertext
– select ciphertext and obtain plaintext
• chosen text
– select plaintext or ciphertext to en/decrypt

9
 25-Feb-20

Symmetric Cipher Model

• There are two requirements for secure use
of conventional encryption:
– A strong encryption algorithm

– Sender and receiver must have obtained

copies of the secret key in a secure fashion
and must keep the key secure

^
X
Cryptanalyst
^
K

Message X Encryption Decryption X

Destination
Source Algorithm Y = E(K, X) Algorithm

Secure Channel
Key
Source

Figure 3.2 Model of Symmetric Cryptosystem

10
 25-Feb-20

Cryptographic Systems
• Characterized along three independent
dimensions:
The type of
operations used for The way in which
The number of keys
transforming the plaintext is
used
plaintext to processed
ciphertext
Symmetric,
single-key,
Substitution secret-key, Block cipher
conventional
encryption

Asymmetric,
two-key, or
Transposition Stream cipher
public-key
encryption

Cryptanalysis and
Brute-Force Attack

Cryptanalysis Brute-force attack

• Attack relies on the nature of the • Attacker tries every possible key
algorithm plus some knowledge of on a piece of ciphertext until an
the general characteristics of the intelligible translation into
plaintext plaintext is obtained
• Attack exploits the characteristics • On average, half of all possible
of the algorithm to attempt to keys must be tried to achieve
deduce a specific plaintext or to success
deduce the key being used

11
 25-Feb-20

(Table is on page 68
in the textbook)

Encryption Scheme Security

• Unconditionally secure
– No matter how much time an opponent
has, it is impossible for him or her to
decrypt the ciphertext simply because the
required information is not there
• Computationally secure
– The cost of breaking the cipher exceeds
the value of the encrypted information
– The time required to break the cipher
exceeds the useful lifetime of the
information

12
 25-Feb-20

Brute-Force Attack

Involves trying every possible key until an

intelligible translation of the ciphertext into plaintext
is obtained

On average, half of all possible keys must be tried

to achieve success

To supplement the brute-force approach, some

degree of knowledge about the expected plaintext
is needed, and some means of automatically
distinguishing plaintext from garble is also needed

Brute Force Search

• always possible to simply try every key
• most basic attack, proportional to key size
• assume either know / recognise plaintext

Key Size (bits) Number of Alternative Time required at 1 Time required at 106
Keys decryption/µs decryptions/µs
32 232 = 4.3  109 231 µs = 35.8 minutes 2.15 milliseconds
56 256 = 7.2  1016 255 µs = 1142 years 10.01 hours
128 2128 = 3.4  1038 2127 µs = 5.4  1024 years 5.4  1018 years

168 2168 = 3.7  1050 2167 µs = 5.9  1036 years 5.9  1030 years

26 characters 26! = 4  1026 2  1026 µs = 6.4  1012 years 6.4  106 years
(permutation)

13
 25-Feb-20

Strong Encryption
• The term strong encryption refers to
encryption schemes that make it
impractically difficult for unauthorized
persons or systems to gain access to
plaintext that has been encrypted
• Properties that make an encryption
algorithm strong are:
• Appropriate choice of cryptographic algorithm
• Use of sufficiently long key lengths
• Appropriate choice of protocols
• A well-engineered implementation
• Absence of deliberately introduced hidden flaws

Algorithm Secrecy
• Some cryptographic methods rely on the
secrecy of the algorithms; such algorithms
are only of historical interest and are not
adequate for real-world needs.
• Kerchoff’s Principle: If the strength of
your new cryptosystems relies on the fact
that the attacker does not know the
algorithm's inner workings,you are sunk.
Security through Obscurity Does
Not Work !!! 28

14
 25-Feb-20

The Key
• All modern algorithms
use a key to control
encryption and
decryption; a message
can be decrypted only
if the key matches the
encryption key.
• The key used for
decryption can be
different from the
encryption key, but for
most algorithms they
29
are the same.

Substitution Technique

• Is one in which the letters of plaintext

are replaced by other letters or by
numbers or symbols
• If the plaintext is viewed as a
sequence of bits, then substitution
involves replacing plaintext bit patterns
with ciphertext bit patterns

15
 25-Feb-20

Encryption Algorithm Types

• There are two classes of key-based
algorithms:
– Symmetric (or secret-key)
– Asymmetric (or public-key) algorithms
• The difference is that symmetric algorithms use
the same key for encryption and decryption (or
the decryption key is easily derived from the
encryption key), whereas asymmetric algorithms
use a different key for encryption and decryption,
and the decryption key cannot be derived from
31
the encryption key.

Symmetric Algorithms
• Symmetric algorithms can be divided into
two categories: (1) stream ciphers and (2)
block ciphers.
• Stream ciphers can encrypt a single
bit/byte of plaintext at a time, whereas …
• Block ciphers take a number of bits
(typically 64 bits in modern ciphers), and
encrypt them as a single unit.

32

16
 25-Feb-20

Asymmetric Algorithms
• Asymmetric ciphers (also called public-key
algorithms or generally public-key
cryptography) permit the encryption key to
be public (it can even be published in a
newspaper), allowing anyone to encrypt with
the key, whereas only the proper recipient
(who knows the decryption key) can decrypt
the message.
• The encryption key is also called the Public
Key and the decryption key the Private Key
or Secret Key. 33

Comparison of Symmetric and

Asymmetric Encryption
Secret Key

Original
Plaintext Ciphertext Plaintext
Encryption Decryption

Symmetric (Single Key) Cryptography

Public Key Private Key

Original
Plaintext Ciphertext Plaintext
Encryption Decryption
34
Asymmetric (Two Key) Cryptography

17
 25-Feb-20

Types of Cryptographic
Algorithms
• Block – processes information to be encrypted
in blocks of 32/64/128 bits
• Stream – processes information one bit or one
character at a time
• Symmetric – uses same key for encryption and
decryption
• Asymmetric – uses one key for encryption and
another totally different key for decryption
• Secret Key – usually refers to single key
algorithms where the key must be kept secret
• Public Key – refers to asymmetric algorithms
where one of the keys is public and does not
need to be kept secret 35

Modes of Use
• What is a mode? A mode combines:
– Basic Encryption Algorithm
– Some Feedback
– Some Simple Operation
• The security is a function of the underlying
cipher and not the mode.
• The cipher mode should not compromise the
security of the underlying algorithm.
• Benefits of modes: Patterns, Efficiency, Fault
Tolerance.
• Examples: ECB, CBC, OFB, CFB, etc.
36

18
 25-Feb-20

Crypto Algorithms are Time

Consuming
• Modern cryptographic algorithms cannot
really be executed by humans.
• Strong cryptographic algorithms are
designed to be executed by computers or
specialized hardware devices.
• In most applications, cryptography is done
in computer software, and numerous
cryptographic software packages are
available.
37

Symmetric Algorithms are

Faster
• Generally, symmetric algorithms are much
faster to execute on a computer than
asymmetric ones.
• In practice they are often used together,
so that a public-key algorithm is used to
encrypt a randomly generated encryption
key, and the random key is used to
encrypt the actual message using a
symmetric algorithm.
38

19
 25-Feb-20

Encryption Algorithms vs. Other

Encoding Algorithms
• Encryption vs. Error Detection/Correction.
• Encryption vs. Compression.

39

Cryptography Through History

• Cryptography has a history of at least 4000
years.
• Ancient Egyptians enciphered some of their
pictographic writing on monuments.
• Ancient Hebrews enciphered certain words in
the scriptures.
• 2000 years ago Julius Caesar used a simple
substitution cipher, now known as the Caesar
cipher.
• Roger Bacon in the middle ages described
several methods in 1200s. 40

20
 25-Feb-20

Cryptography Through History

• Geoffrey Chaucer included several ciphers
in his works (e.g. Canterbury Tales).
• Leon Alberti devised a cipher wheel, and
described the principles of frequency
analysis in the 1460s.
• Blaise de Vigenère published a book on
cryptology in 1585, & described the
polyalphabetic substitution cipher.
• Increasing use, especially in diplomacy &
war over centuries.
41

Muslim Contributions To
Cryptography
• Ground breaking research by Dr. Ibrahim
A. Al-Kadi, Associate Professor, Electrical
Engineering Department, College of
Engineering, King Saud University, SA.
• Old manuscripts show that the origin of
cryptology, and the Arab contributions to it,
are older and more extensive than
previously thought.
• The word ‘cipher’ in European languages
comes from the Arabic word sifr.
42

21
 25-Feb-20

Muslim Cryptographers
• Al-Kindi
• Ibn Adlaan
• Ibn Duraihim

43

Classical Substitution Ciphers

• where letters of plaintext are replaced by
other letters or by numbers or symbols
• or if plaintext is viewed as a sequence of
bits, then substitution involves replacing
plaintext bit patterns with ciphertext bit
patterns

22
 25-Feb-20

History - Scytale Cipher

• The Spartans enciphered and concealed a message
by using a scytale, a special stick and belt.
• The encipherer would wrap the belt around the stick
and write a message on it.
• The belt was then unwound from the stick and sent to
another person.
• Using a stick of similar size, the decipherer would
wrap the belt around the stick to watch the secret
message appear.
• If a stick of the wrong size appeared the message
would be scrambled.
• Try this with 2 or 3 pencils bound together to make a
stick, a long strip of paper, and another pencil for 45
writing.

History - Scytale Cipher

• An early Greek transposition cipher a strip of
paper was wound round a staff message written
along staff in rows, then paper removed leaving
a strip of seemingly random letters
• Not very secure as key was width of paper &
staff

T H E S C Y T A L
E I S A T R A N
S P O S I T I
ON C I P H E R 46

23
 25-Feb-20

Machine Ciphers
• Jefferson cylinder, developed in 1790s,
comprised 36 disks, each with a random alphabet
• Order of disks was key
• Message was set
Ciphertext
• Then another row became cipher
X M A W B A A W A S P A Q
J S N F L J K X V U R L H
P G Z D E Q P B C R T P A
N O W I S T H E T I M E F …
A I K M F D M Z Y W V U S
47
Plaintext
Y Q C O N O X O I O D O J

Machine Ciphers
• Wheatstone disc,
originally invented by
Wadsworth in 1817,
but developed by
Wheatstone in 1860's,
comprised two
concentric wheels
used to generate a
polyalphabetic cipher

48

24
 25-Feb-20

Enigma
• Enigma Rotor machine, one of a very
important class of cipher machines,
heavily used during 2nd world war.
• Comprised a series of rotor wheels with
internal cross-connections, providing a
substitution using a continuously changing
alphabet.

49

Figure - Enigma

50

25
 25-Feb-20

Lessons from enigma

• Weakness: a letter can never be
encrypted back to itself
• Misused encryption scheme
• Polish cryptanalysts were able to reverse
engineer enigma’s settings
• Hiding your method of Encryption is foolish
• Lessons: Encryption scheme should not
exclude any possibility

History - Manual on Cryptology

• Gabriel de Lavinde made cryptology a
more formally understood science when
he published his first Manual on
Cryptology in 1379.
• A variety of codes and mechanical devices
were developed over the next few
centuries to encode, decode, encipher,
and decipher messages.

52

26
 25-Feb-20

History - The Grille

• In the 1600's Cardinal Richelieu invented
the grille.
• He created a card with holes in it and used
it to write a secret message.
• When he was done he removed the card
and wrote a letter to fill in the blanks and
make the message look like a normal
letter.
• The grille proved to be difficult to solve
unless the decoder had the card which
53
created the encrypted message.

History - The Grille

54

27
 25-Feb-20

History - The Rosetta Stone

• The Rosetta Stone found in Egypt in 1799,
had a message encrypted on its surface in
three different languages! Greek,
Egyptian, and Hieroglyphics messages all
said the same thing.
• Once the Greek and Egyptian languages
were found to have the same message the
Hieroglyphics language was deciphered
by referencing each letter to a symbol!
55

History - Morse Code

• Morse Code, developed by Samuel Morse in 1832, is not
really a code at all.
• It is a way of enciphering (cipher) letters of the alphabet
into long and short sounds.
• The invention of the telegraph, along with Morse code,
helped people to communicate over long distances.
• Morse code can be used in any language and takes only
1 to 10 hours of instruction/practice to learn!
• The first Morse code sent by telegraph was “What hath
God wrought?”, in 1844.

56

28
 25-Feb-20

Morse Code

57

History
• The little known native Indian language of
the Navajo was used by the US in WWII
as a simple word substitution code.
• There were 65 letters and numbers that
were used to encipher a single word prior
to the use of the Navajo language.
• The Navajo language was much faster
and accurate compared to earlier ciphers
and was heavily used in the battle of Iwo-
jima. 58

29
 25-Feb-20

History
• The Germans, responsible for much of the
cipher science today, developed complex
ciphers near the end of WWII.
• They enciphered messages and sent them at
high rates of speed across radio wave bands in
Morse code.
• To the unexpecting it sounded like static in the
background.
• One gentleman tried to better understand the
static and listened to it over and over again.
• The last time he played his recording he forgot
to wind his phonograph.
• The static played at a very slow speed and was 59
soon recognized as a pattern, Morse code!

History
• The Germans in WWII used codes but also
employed other types of secret writings.
• One suspected spy was found to have large
numbers of keys in his motel room.
• After inspecting the keys it was found that some
of the keys were modified to unscrew at the top
to show a plastic nib.
• The keys contained special chemicals for
invisible ink!
• However, codes and secret ink messages were
very easily captured and decoded. 60

30
 25-Feb-20

Concealment Messages
• Some of the more fun secret writings are
concealment messages like invisible inks
made out of potato juice, lemon juice, and
other types of juices and sugars!
• Deciphering and decoding messages take
a lot of time and be very frustrating. But
with experience, strategies, and most of
all, luck, you'll be able to crack lots of
codes and ciphers.
61

Cryptography vs.
Steganography
• What is steganography?
• In an ideal world we would all be able to openly
send encrypted email or files to each other with
no fear of reprisals. However there are often
cases when this is not possible, either because
you are working for a company that does not
allow encrypted email or perhaps the local
government does not approve of encrypted
communication (a reality in some parts of the
world). This is where steganography can come
into play. 62

31
 25-Feb-20

Cryptography vs.
Steganography
• Steganography simply takes one piece of information
and hides it within another.
• Computer files (images, sounds recordings, even disks)
contain unused or insignificant areas of data.
Steganography takes advantage of these areas,
replacing them with information (encrypted mail, for
instance). The files can then be exchanged without
anyone knowing what really lies inside of them.
• An image of the space shuttle landing might contain a
private letter to a friend.
• A recording of a short sentence might contain your
company's plans for a secret new product.
• Steganography can also be used to place a hidden
“trademark” in images, music, and software, a technique63
referred to as watermarking.

To Learn More About

Steganography
• http://members.tripod.com/steganography/
stego/info.htm

64

32
 25-Feb-20

Classical Cryptographic
Techniques
• Three Eras of Cryptography:
– Classical
– Traditional
– Modern
• We have two basic components of classical
ciphers: substitution and transposition.
• Substitution: In substitution ciphers letters are
replaced by other letters.
• Transposition: In transposition ciphers the
letters are arranged in a different order.

65

Substitution and Transposition

66

33
 25-Feb-20

Monoalphabetic and
Polyalphabetic Ciphers
• Monoalphabetic - only one substitution/
transposition is used.
• Polyalphabetic - where several
substitutions/ transpositions are used.
• Several such ciphers may be
concatenated together to form a Product
Cipher.

67

Substitution Technique

• Is one in which the letters of plaintext

are replaced by other letters or by
numbers or symbols
• If the plaintext is viewed as a
sequence of bits, then substitution
involves replacing plaintext bit patterns
with ciphertext bit patterns

34
 25-Feb-20

Caesar Cipher - A Monoalphabetic

Substitution Cipher
• Replace each letter of message by a letter a fixed
distance away e.g. use the 3rd letter on
• Reputedly used by Julius Caesar, e.g.
– L FDPH L VDZ L FRQTXHUHG
– I CAME I SAW I CONQUERED
• i.e. mapping is
– ABCDEFGHIJKLMNOPQRSTUVWXYZ
– DEFGHIJKLMNOPQRSTUVWXYZABC
• Can describe this cipher as:
– Encryption Ek : i  i + k mod 26
– Decryption Dk : i  i - k mod 26

69

History - Caesar Cipher

• Julius Caesar used a simple alphabet (letter)
substitution, offset by 3 letters.
• Taking the word “cipher" you would move ahead in
the alphabet 3 letters to get “FLSKHU”.
– c = 3  3+3 = 6  F
– i = 9  9+3 = 12  L
– p = 16  16+3 = 19  S
– h = 8  8+3 = 11  K
– e = 5  5+3 = 8  H
– r = 18  18+3 = 21  U
• This worked for a while, until more people learned to
read and studied his secret cipher. 70

35
 25-Feb-20

Caesar Cipher Key

71

A Simple Substitution Cipher

Plaintext:
abcdefghijklmnopqrstuvwxyz

QIAYMWFUBKPDGJZSOCVLXNETRH
Ciphertext:
72

36
 25-Feb-20

Caesar Cipher
• can define transformation as:
a b c d e f g h i j k l m n o p q r s t u v w x y z
D E F G H I J K L M N O P Q R S T U V W X Y Z A B C

• mathematically give each letter a number

a b c d e f g h i j k l m n o p q r s t u v w x y z
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25

• then have Caesar cipher as:

c = E(p) = (p + k) mod (26)
p = D(c) = (c – k) mod (26)

Caesar Cipher Algorithm

• Can define transformation as:
a b c d e f g h i j k l m n o p q r s t u v w x y z
D E F G H I J K L M N O P Q R S T U V W X Y Z A B C
• Mathematically give each letter a number
a b c d e f g h i j k l m n o p q r s t u v w x y z
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25
• Algorithm can be expressed as:
c = E(3, p) = (p + 3) mod (26)

– A shift may be of any amount, so that the general

Caesar algorithm is:
C = E(k , p ) = (p + k ) mod 26
• Where k takes on a value in the range 1 to 25; the
decryption algorithm is simply:
p = D(k , C ) = (C - k ) mod 26

37
 25-Feb-20

Cryptanalysis of Caesar Cipher

• only have 26 possible ciphers
– A maps to A,B,..Z
• could simply try each in turn
• a brute force search
• given ciphertext, just try all shifts of letters
• do need to recognize when have plaintext
• eg. break ciphertext "GCUA VQ DTGCM"

PHHW PH DIWHU WKH WR JD SDUWB

KEY
1 oggv og chvgt vjg vqic rctva
2 nffu nf bgufs uif uphb qbsuz
3 meet me after the toga party
4 ldds ld zesdq sgd snfz ozqsx

Brute-Force 5
6
kccr kc ydrcp rfc rmey nyprw
jbbq jb xcqbo qeb qldx mxoqv

Cryptanalysis
7 iaap ia wbpan pda pkcw lwnp u
8 hzzo hz vaozm ocz ojbv kvmot

of
9 gyyn gy uznyl nby niau julns
10 fxxm fx tymxk max mhzt itkmr
11 ewwl ew sxlwj lzw lgys hsjlq
Caesar Cipher 12
13
dvvk dv rwkvi kyv kfxr grikp
cuuj cu qvjuh jxu jewq fqhjo
14 btti bt puitg iwt idvp epgin
15 assh as othsf hvs hcu o dofhm
16 zrrg zr nsgre gur gbtn cnegl
17 yqqf yq mrfqd ftq fasm bmdfk
18 xppe xp lqepc esp ezrl alcej
19 wood wo kpdob dro dyqk zkbdi
20 vnnc vn jocna cqn cxpj yjach
21 ummb um inbmz bpm bwoi xizbg
22 tlla tl hmaly aol avnh whyaf
23 skkz sk glzkx znk zumg vgxze
24 rjjy rj fkyjw ymj ytlf ufwyd
25 qiix qi ejxiv xli xske tevxc

Figure 3.3 Brute-Force Cryptanalysis of Caesar Cipher

38
 25-Feb-20

Monoalphabetic Cipher
• rather than just shifting the alphabet
• could shuffle (jumble) the letters arbitrarily
• each plaintext letter maps to a different random
ciphertext letter
• hence key is 26 letters long

Plain: abcdefghijklmnopqrstuvwxyz
Cipher: DKVQFIBJWPESCXHTMYAUOLRGZN

Plaintext: ifwewishtoreplaceletters
Ciphertext: WIRFRWAJUHYFTSDVFSFUUFYA

Monoalphabetic Cipher Security

• now have a total of 26! = 4 x 1026 keys
• with so many keys, might think is secure
• but would be !!!WRONG!!!
• problem is language characteristics

39
 25-Feb-20

Language Redundancy and

Cryptanalysis
• human languages are redundant
• eg "th lrd s m shphrd shll nt wnt"
• letters are not equally commonly used
• in English E is by far the most common letter
– followed by T,R,N,I,O,A,S
• other letters like Z,J,K,Q,X are fairly rare
• have tables of single, double & triple letter
frequencies for various languages

Frequency-based Cryptanalytic
Attacks
• Cryptanalyst knows the letter-frequency
distribution of the language.
• Cryptanalyst constructs the letter
frequency table of the cipher-text.
• Cryptanalyst tries to find letter pairs with
the same frequency distribution in the
plain text and cipher text.
• Also uses the frequencies of di-grams and
tri-grams.
• Finally a little bit of trial and error. 80

40
 25-Feb-20

Frequency Distribution of
Letters in Standard English
A 8.167 J 0.153 S 6.327
B 1.492 K 0.772 T 9.056
C 2.782 L 4.025 U 2.758
D 4.253 M 2.406 V 0.978
E 12.702 N 6.749 W 2.360
F 2.228 O 7.507 X 0.150
G 2.015 P 1.929 Y 1.974
H 6.094 Q 0.095 Z 0.074
I 6.966 R 5.987 81

English Letter Frequencies

41
 25-Feb-20

Monoalphabetic Ciphers
• Easy to break because they reflect the
frequency data of the original alphabet
• Countermeasure is to provide multiple
substitutes (homophones) for a single
letter
• Digram
– Two-letter combination
– Most common is th
• Trigram
– Three-letter combination
– Most frequent is the

Very easy to break

• Trivial attack: Only 26 keys.

• Lesson: A good computational

encryption scheme needs long keys.

• How large must a key be?

– It should require at least 2 operations to
break the key

42
 25-Feb-20

Exercise

• Decrypt
OVDTHUFWVZZPISLRLFZHYLAOLYL

• Encrypt a random message with a random

key
• Give someone else your encrypted
message and ask them to decrypt them
(without )

Useful for writing spoilers on the

internet

• Use caesar cipher (mod 13) to write

spoilers on the internet

• Game of throne spoiler

– Tnzr bs guebar fcbvyre vf jung vf jevggra

43
 25-Feb-20

Obscurity does not help

• Trying to hide the encryption algorithm is a

bad idea
– Enigma fell into the hands of allies
– Untested assumptions
– Insider attacks
– Difficulty of evaluating parameters

Permutation cipher

• Key generation
– Sample permutation 𝜋: 𝑎, … , 𝑧 → 𝑎, … , 𝑧

• Encryption
–𝑐 ←𝜋 𝑚

• Decryption
–𝑚 ←𝜋 𝑐

44
 25-Feb-20

Frequency of letters in the

English language

Most common two letter pairs

45
 25-Feb-20

Other attack vectors

• Most common words.

• Most common expressions

• Knowledge about the plaintext

Which princess are they plotting

to kidnap?

WMMW

Anna Elsa

46
 25-Feb-20

Security of permutation cipher

• # Keys = 26! = 2^88

• Lesson: Encryption scheme should

break correlations

Mary Queen of Scots

• Planned to depose the queen

• Sent secret messages using
• the cipher on the right

47
 25-Feb-20

Cryptanalysis of Mary’s
cipher
and ultimate faith of Mary

Thomas Phelippes

Broke the cipher using statistical

analysis.

Problem with substitution cipher

• Map each symbol (letter, place or thing) to

a set of symbols.
– Caesar cipher
– Permutation cipher
– Using special symbols for places, locations
and things

48
 25-Feb-20

Midway islands

• Site of one of the

most important
battles of world
war two

• Americans
cryptographers
were able to
predict the attack
ahead of time.

Midway islands

• American cryptanalysts: Does ∗

𝑚𝑖𝑑𝑤𝑎𝑦 𝑖𝑠𝑙𝑎𝑛𝑑𝑠 ?

• Americans sent: “Midway is low on water”

• Japanese sent an encrypted message with “*” in it.

• Confirmation: ∗ 𝑚𝑖𝑑𝑤𝑎𝑦 𝑖𝑠𝑙𝑎𝑛𝑑𝑠 ?

• Lesson: Adversaries can influence the message.

49
 25-Feb-20

Playfair Cipher
• Best-known multiple-letter encryption cipher
• Treats digrams in the plaintext as single units
and translates these units into ciphertext
digrams
• Based on the use of a 5 x 5 matrix of letters
constructed using a keyword
• Invented by British scientist Sir Charles
Wheatstone in 1854
• Used as the standard field system by the
British Army in World War I and the U.S. Army
and other Allied forces during World War II

Playfair Key Matrix

• Fill in letters of keyword (minus duplicates) from left to
right and from top to bottom, then fill in the remainder
of the matrix with the remaining letters in alphabetic
order
• Using the keyword MONARCHY:

M O N A R
C H Y B D
E F G I/J K
L P Q S T
U V W X Z

50
 25-Feb-20

Hill Cipher
• Developed by the mathematician Lester
Hill in 1929
• Strength is that it completely hides single-
letter frequencies
– The use of a larger matrix hides more
frequency information
– A 3 x 3 Hill cipher hides not only single-letter
but also two-letter frequency information
• Strong against a ciphertext-only attack
but easily broken with a known plaintext
attack

51
 25-Feb-20

Polyalphabetic Substitution
Cipher
• Polyalphabetic Substitution - several
substitutions are used.
• Used to hide the statistics of the plain-text.

103

Polyalphabetic Ciphers
• Polyalphabetic substitution cipher
– Improves on the simple monoalphabetic technique by
using different monoalphabetic substitutions as one
proceeds through the plaintext message

All these techniques have the following

features in common:
• A set of related monoalphabetic
substitution rules is used
• A key determines which particular rule
is chosen for a given transformation

52
 25-Feb-20

Polyalphabetic
Substitution Example
Suppose that a polyalphabetic cipher of period 3 is being used, with the three
monoalphabetic ciphers M1, M2, M3 as defined below. To encrypt a message,
the first 3 letters of the plaintext are enciphered according to ciphers M1, M2,
M3 respectively, with the process being repeated for each subsequent block of
3 plaintext letters.
a b c d e f g h i j k l m n o p q r s t u v w x y z
M1: K D N H P A W X C Z I M Q J B Y E T U G V R F O S L
M2: P A G U K H J B Y D S O E M Q N W F Z I T C V L X R
M3: J M F Z R N L D O W G I A K E S U C Q V H Y X T P B
Plaintext
now is the time for every good man
Ciphertext
JQX CZ VXK VCER AQC PCRTX LBQZ QPK
Note:
The two o’s in good have been enciphered as different letters. Also the 105
three letters “X” in the ciphertext represent different letters in the plaintext.

Transposition Ciphers
• Transposition or permutation ciphers hide
the message contents by rearranging the
order of the letters.
• Scytale Cipher is an example of a
transposition cipher.
• How does a cryptanalyst know that a
transposition cipher has been used?
• Single transposition vs. double
transposition
106

53
 25-Feb-20

Transposition Cipher Example

(1)
M E G A B U C K Key

7 4 5 1 2 8 3 6 Weights to be used for double

transposition
p l e a s e t r
Plaintext
a n s f e r o n pleasetransferonemilliondollarstomyswissbankaccount
sixtwotwo
e m i l l i o n
d o l l a r s t
o m y s w i s s Ciphertext
b a n k a c c o AFLLSKSOSELAWAIATOOSSCTCLNMOMANTESILY
NTWRNNTSOWDPAEDOBUOERIRICXB
u n t s i x t w
o t w o a b c d 107

Transposition Cipher Example

(2)
Key S H O E S
Weights to be used for double 1 3 5 4 2
transposition
p a y m e
Plaintext
paymebysundayorsuffertheconsequences b y s u n
d a y o r
s u f f e

Ciphertext r t h e c
PBDSROUSENRECQEZAYAUTNEZMUOF o n s e q
EECZYSYFHSNZ
u e n c e
s z z z z 108

54
 25-Feb-20

Types of Encryption Systems

• There are two types of encryption
algorithms:
– Symmetric or Private Key systems
– Asymmetric or Public Key systems

109

Symmetric or Private Key

Systems
• A Private-Key (or secret-key, or single-key)
encryption algorithm is one where the sender
and the recipient share a common, or closely
related, key.
• “Symmetric” means it uses the same key for
encryption as for decryption. As with all
symmetric ciphers, the sender must transmit
the key to the recipient via some secure and
tamperproof channel, otherwise the recipient
won’t be able to decrypt the ciphertext.
• All traditional encryption algorithms are private-
key. 110

55
 25-Feb-20

One Time Pad - OTP

• A one-time pad is a very simple yet completely
unbreakable symmetric cipher.
• A one-time pad involves sheets of paper with
random numbers on them: These numbers are
used to transform the message; each number
or sequence of numbers is used only once.
• The recipient of the message has an identical
pad to use to decrypt the message. One-time
pads have been proven to be foolproof-without
having a copy of the pad.
• Supposedly, mathematicians can prove that a111
one-time pad is impossible to break.

What is a One-Time Pad?

• The key for a one-time pad cipher is a string of random
bits, usually generated by a cryptographically strong
pseudo-random number generator (CSPRNG).
• It is better to generate the key using the natural
randomness of quantum mechanical events (such as
those detected by a Geiger counter), since quantum
events are believed by many to be the only source of
truly random information in the universe.
• One-time pads that use CSPRNGs are open to attacks
which attempt to compute part or all of the key.

112

56
 25-Feb-20

What is a One-Time Pad?

• With a one-time pad, there are as many
bits in the key as in the plaintext.
• This is the primary drawback of a one-time
pad, but it is also the source of its perfect
security.
• It is essential that no portion of the key
ever be reused for another encryption
(hence the name "one-time pad"),
otherwise cryptanalysis can break the
cipher. 113

One Time Pad Algorithm

• The cipher itself is exceedingly
simple. To encrypt plaintext, P,
with a key, K, producing
ciphertext, C, simply compute the
bitwise exclusive-or of the key and
the plaintext:
– C = K XOR P
P
+ C

• To decrypt ciphertext, C, the

recipient computes K
– P = K XOR C
• It's that simple, and it’s perfectly
C
+ P

secure, as long as the key is

random and is not compromised.
K 114

57
 25-Feb-20

Why are One-Time Pads

Perfectly Secure?
• If the key is truly random, an xor-based
one-time pad is perfectly secure against
ciphertext-only cryptanalysis.
• This means an attacker can’t compute the
plaintext from the ciphertext without
knowledge of the key, even via a brute
force search of the space of all keys!
• Trying all possible keys doesn't help you at
all, because all possible plaintexts are
equally likely decryptions of the ciphertext.
115

Why are One-Time Pads

Perfectly Secure?
• This result is true regardless of how few bits the
key has or how much you know about the
structure of the plaintext.
• To see this, suppose you intercept a very small,
8-bit, ciphertext. You know it is either the ASCII
character 'S' or the ASCII character 'A'
encrypted with a one-time pad. You also know
that if it's 'S', the enemy will attack by sea, and if
it's 'A', the enemy will attack by air. That's a lot to
know. All you are missing is the key, a silly little
8-bit one-time pad. 116

58
 25-Feb-20

Why are One-Time Pads

Perfectly Secure?
• You assign your crack staff of cryptanalysts to
try all 256 8-bit one-time pads. This is a brute
force search of the keyspace.
• The results of the brute force search of the
keyspace is that your staff finds one 8-bit key
that decrypts the ciphertext to 'S' and one that
decrypts it to 'A'. And you still don't know which
one is the actual plaintext.
• This argument is easily generalized to keys (and
plaintexts) of arbitrary length.

117

Cryptography Meets Computers

• The invention of computers in the 20th
century revolutionized cryptology.
• IBM corporation created a code, Data
Encryption Standard (DES), that has not
been broken to this day.
• Thousands of complex codes and ciphers
have been programmed into computers so
that computers can algorithmically
unscramble secret messages and
encrypted files. 118

59
 25-Feb-20

Example Symmetric Encryption

Algorithm - DES
• The most well known symmetric system is
the Data Encryption Standard (DES).
• Data Encrypt Standard (DES) is a private
key system adopted by the U.S.
government as a standard “very secure”
method of encryption.

119

Private Key Problems

• Keys must be exchanged before transmission
with any recipient or potential recipient of your
message.
• So, to exchange keys you need a secure
method of transmission, but essentially what
you've done is create a need for another secure
method of transmission.
• Secondly the parties are not protected against
each other, if one of the parties leaks the keys it
could easily blame the other party for the
compromise. 120

60
 25-Feb-20

Model of Conventional
Cryptosystem

121

Public Key Encryption

• To overcome the drawbacks of private key
systems, a number of mathematicians
have invented public key systems.
• Unknown until about 30 years ago, public
key systems were developed from some
very subtle insights about the mathematics
of large numbers and how they relate to
the power of computers.

122

61
 25-Feb-20

Public Key Encryption

• Public key means that anyone can publish
his or her method of encryption, publish a
key for his or her messages, and only the
recipient can read the messages.
• This works because of what is known in
math as a trapdoor problem.

123

Trapdoor Problem
• A trapdoor is a mathematical formula that is easy to work
forward but very hard to work backward. In general it is
easy to multiply two very large numbers together, but it is
very difficult to take a very large number and find its two
prime factors. Public key algorithms depend on a person
publishing a large public key and others being unable to
factor this public key into its component parts. Because
the creator of the key knows the factors of his or her
large number, he or she can use those factors to decode
messages created by others using his or her public key.
Those who only know the public key will be unable to
discover the private key, because of the difficulty of
factoring the large number. 124

62
 25-Feb-20

Public Key Encryption Systems

• In public key systems there is a public key,
which may be known to many people and a
secret key, which is unique and known only to
the sender. Because a different key is used on
each side of the process, public key systems are
also known as 'asymmetric systems'. The
distribution of keys for public key systems is
generally much easier because it is not normally
necessary to keep the public key secret. The
private key, on the other hand, must remain
secret or else security is compromised.
125

Public Key Encryption

• Key Pairs (Public and Private).
• Publish one key, keep the other secret.
• Anyone who wants to send you a message
encrypts it using your public key.
• To read a message you decrypt it with the private
key.
Public Key Private Key

Original
Plaintext
Plaintext Ciphertext
Encryption Decryption
126

63
 25-Feb-20

Public Key Encryption

• A good public key algorithm:
– Infeasible to derive one key from the other
– Keys are interchangeable
• Simplifies (but does not solve) key distribution
problem
• Public key is slower than secret key algorithms
– RSA is about 1000-5000 times slower than DES
– Public key encryption is sometimes used to encrypt a
secret key algorithm’s session key

127

RSA
• The best known public key system is RSA,
named after its authors, Rivest, Shamir
and Adelman.
• It has recently been brought to light that an
RSA-like algorithm was discovered several
years before the RSA guys by some
official of the British Military Intelligence
Cryptography Wing

128

64
 25-Feb-20

Comparison of SK and PK
Cryptography
Secret Key

Original
Plaintext Ciphertext Plaintext
Encryption Decryption

Symmetric (Single Key) Cryptography

Public Key Private Key

Original
Plaintext Ciphertext Plaintext
Encryption Decryption
129
Asymmetric (Two Key) Cryptography

Comparison of SK and PK
Cryptography
DISTINCT SECRET KEY PUBLIC KEY
FEATURES
NUM BER OF Single key. Pair of keys.
KEYS
TYPES O F Key is secret. One key is
KEYS private, and
one key is
public.
LENGTH O F 40-200 bits 512-2048 bits
KEYS
RELATIVE Faster. Slower.
SPEEDS
130

65
 25-Feb-20

Uses of Encryption
• Protecting data from prying eyes is not the only security
issue in networking.
• One can imagine at least four security services:
– Protecting data from being read by unauthorized persons
– Verifying the sender of each message (authentication)
– Preventing unauthorized persons from inserting or deleting
messages
– Making it possible for users to send signed documents
electronically
• Encryption can be used to achieve all these goals.

131

Uses of Encryption
• Encryption may be used for:
– Confidentiality
– Error Detection
– User Authentication
– Message Authentication
– Proof of Origin

132

66
 25-Feb-20

Confidentiality - Secrecy
• Confidentiality - encrypted data cannot
normally be understood by anyone other
than the sender or the receiver.
• How?

M E EK(M) EK(M) D M

K K

133

Error Detection
• Error Detection - checking that the
contents of a message have not
accidentally changed.
• How?

M E EK(M) (EK(M))’ D M’

K K

134

67
 25-Feb-20

User Authentication
• User authentication - verification by the
receiver that the sender is the genuine
author and not somebody else.
• How?

M H || T

H(M)

EK(H(M))
K E
135

Message Authentication
• Message authentication - verification that
messages have not been lost or tampered
with.
• How?

M H || T

H(M)

EK(H(M))
K E
136

68
 25-Feb-20

Proof of Origin
• Proof or origin - proving to a third party
that the message came from the stated
sender.
• How?

M H || T

H(M)

EK(H(M))
K E
137

Location of Encryption in OSI

Model
• The location of encryption in the OSI
model has been so controversial that all
mention of the subject was omitted from
the initial standard.
• In theory, encryption can be done in any
layer, but in practice three layers seem the
most suitable: physical, transport, and
presentation.

138

69
 25-Feb-20

Encryption at the Physical Layer

• When encryption is done on the physical
layer, an encryption unit is inserted between
each computer and the physical medium.
• Every bit leaving the computer is encrypted
and every bit entering a computer is
decrypted. This scheme is called link
encryption.
• It is simple , but relatively inflexible.
• Examples:
– PPP-ECP
– WEP 139

Link Encryption

PRIVATE LINE
(DIALUP, T1, ETC.)

Internal R ENCRYPTED TRAFFIC R Internal

Network Network

MAIN ENCRYPTING BRANCH

OFFICE ROUTERS OFFICE

PRIVATE WAN LINK (ENCRYPTED)

140

70
 25-Feb-20

Encryption at the Transport

Layer
• When encryption is done in the transport
layer, the entire session is encrypted.
• A more sophisticated approach is to put it in
the presentation layer, so that only those data
structures or fields requiring encryption must
suffer the overhead of it.
• Examples:
– TLS (SSL)
– IPSec (Transport Mode)
141

Session Encryption

INTERNET

WEB
CLIENT WEB
SERVER

NEGOTIATED SECURE SESSION

142

71
 25-Feb-20

Secure Internet Tunnels

SECURE INTERNET TUNNELS
INTERNET

Internal R ENCRYPTED TUNNEL R Internal

Network Network

MAIN BRANCH
OFFICE OFFICE

Examples: TUNNELING
PPTP ENCRYPTION
IPSec ROUTERS
143

Strength of Cryptographic
Algorithms
• Good cryptographic systems should always be
designed so that they are as difficult to break as
possible.
• It is possible to build systems that cannot be broken
in practice (though this cannot usually be proved).
• This does not significantly increase system
implementation effort; however, some care and
expertise is required. There is no excuse for a
system designer to leave the system breakable.
• Any mechanisms that can be used to circumvent
security must be made explicit, documented, and
brought into the attention of the end users.
144

72
 25-Feb-20

Strength of Cryptographic
Algorithms
• In theory, any cryptographic method with a key
can be broken by trying all possible keys in
sequence. If using brute force to try all keys is
the only option, the required computing power
increases exponentially with the length of the
key. A 32 bit key takes 2^32 (about 10^9) steps.
This is something any amateur can do on his/her
home computer. A system with 40 bit keys (e.g.
US-exportable version of RC4) takes 2^40 steps
- this kind of computing power is available in
most universities and even smallish companies.
145

Strength of Cryptographic
Algorithms
• A system with 56 bit keys (such as DES) takes a substantial
effort, but is quite easily breakable with special hardware.
The cost of the special hardware is substantial but easily
within reach of organized criminals, major companies, and
governments.
• Keys with 64 bits are probably breakable now by major
governments, and will be within reach of organized criminals,
major companies, and lesser governments in a few years.
• Keys with 80 bits may become breakable in future.
• Keys with 128 bits will probably remain unbreakable by brute
force for the foreseeable future.
• Even larger keys are possible; in the end we will encounter a
limit where the energy consumed by the computation, using
the minimum energy of a quantum mechanic operation for
the energy of one step, will exceed the energy of the mass 146of
the sun or even of the universe.

73
 25-Feb-20

Strength of Cryptographic
Algorithms
• However, key length is not the only relevant
issue.
• Many ciphers can be broken without trying all
possible keys.
• In general, it is very difficult to design ciphers
that could not be broken more effectively using
other methods.
• Designing your own ciphers may be fun, but it is
not recommended in real applications unless
you are a true expert and know exactly what you
147
are doing.

Strength of Cryptographic
Algorithms
• One should generally be very cautious of
unpublished or secret algorithms. Quite often the
designer is then not sure of the security of the
algorithm, or its security depends on the secrecy
of the algorithm.
• Generally, no algorithm that depends on the
secrecy of the algorithm is secure. Particularly in
software, anyone can hire someone to
disassemble and reverse-engineer the
algorithm.
• Experience has shown that a vast majority of
secret algorithms that have become public
knowledge later have been pitifully weak in
reality. 148

74
 25-Feb-20

Why PKC Requires Longer

Keys than SKC
• The key lengths used in public-key
cryptography are usually much longer than
those used in symmetric ciphers.
• There the problem is not that of guessing
the right key, but deriving the matching
secret key from the public key.
• In the case of RSA, this is equivalent to
factoring a large integer that has two large
prime factors.
149

Why PKC Requires Longer

Keys than SKC
• To give some idea of the complexity, for the RSA
cryptosystem, a 256 bit modulus is easily
factored by ordinary people.
• 384 bit keys can be broken by university research
groups or companies.
• 512 bits is within reach of major governments.
Keys with 768 bits are probably not secure in the
long term.
• Keys with 1024 bits and more should be safe for
now unless major algorithmic advances are made
in factoring; keys of 2048 bits are considered by
many to be secure for decades. 150

75
 25-Feb-20

Conventional vs Public-Key vs
ECC Key Sizes
• Conventional Public-key ECC
• (40 bits) — —
• 56 bits (400 bits) —
• 64 bits 512 bits —
• 80 bits 768 bits —
• 90 bits 1024 bits 160 bits
• 112 bits 1792 bits 195 bits
• 120 bits 2048 bits 210 bits
• 128 bits 2304 bits 256 bits

151

Key Sizes and Algorithms

(cont’d)
• 512 bit public key vs 40 bit conventional key is a
good balance for weak security
• Recommendations for public keys:
– Use 512-bit keys only for micropayments/smart cards
– Use 1K bit key for short-term use (1 year expiry)
– Use 1.5K bit key for longer-term use
– Use 2K bit key for certification authorities (keys
become more valuable further up the hierarchy), long-
term contract signing, long-term secrets
– The same holds for equivalent-level conventional and
ECC keys
152

76
 25-Feb-20

Strength of Cryptographic
Algorithms
• It should be emphasized that the strength
of a cryptographic system is usually
equal to its weakest point.
• No aspect of the system design should be
overlooked, from the choice algorithms to
the key distribution and usage policies.

153

Crypto is Becoming Ubiquitous

• Crypto is not just for internet e-mail. You
will find it in:
• – Cellular phones
• – Cable/Sat TV broadcasts
• – radio modems
• – Smart cards
• – DVD
• – Garage door openers
154

77
 25-Feb-20

Cryptography and Patents

• Many of the Public Key algorithms are
patented.
• RSA is patented.
• Patent is granted by US Patent Office in
the USA. Other countries have some
procedure too.
• Patent is valid for 17 years, after it is
issued not when it is filed
• Patent vs. Public Domain. 155

Cryptography is Not Security

• Encryption is a key enabling technology to
implement computer security
• But Encryption is to security what bricks
are to buildings
Services
SSL (Security Protocols)

Signatures Encryption Hashing Mechanisms

DSA RSA RSA DES SHA1 MD5 Algorithms

156

78
 25-Feb-20

References
• Cryptography - Theory and Practice by Douglas
Stinson
CRC Press
Boca Raton, 1995
• Applied Cryptography by Bruce Schneier
Second Edition
John Wiley & Sons, Inc.
New York, c. 1996
• Handbook of Applied Cryptography by Alfred J.
Menezes and others, Available freely on the web
• RSA Laboratories’ Frequently Asked Questions
About Today’s Cryptography, Version 4.1
RSA Laboratories, 2000
RSA Security Inc.
Available at http://www.rsadsi.com
• Internet Cryptography by Richard E. Smith 157
Low Priced Edition, Pearson Education Asia
Addison Wesley Longman 1997

Summary
• have considered:
– classical cipher techniques and terminology
– monoalphabetic substitution ciphers
– cryptanalysis using letter frequencies
– Playfair cipher
– polyalphabetic ciphers
– transposition ciphers
– product ciphers and rotor machines
– stenography

79
 25-Feb-20

Assignment
• Review Questions
• 2.2, 2.3, 2.7, 2.11 and 2.14
• Problems
• 2.4, 2.5 and 2.8

80