4. Ciphering or encryption: process of converting information or
data into a code, especially to prevent unauthorized access.
Objective of encryption is to protect sensitive information
transmitted online.
Plain Text
Key
Decipher or Decryption: process of taking encoded or
encrypted text converting it back into plain text that you or the
computer can read and understand.
Cipher Text
Key
Encryption
Cipher Text
Decryption Cipher Text
5. Encryption:
Decryption:
Prepend key
before every
character
(Encryption )
Hi (Data)
A (Key)
AHAI
Remove key
character which
is there before
every character
(Decryption )
AHAI
A(Key)
HI (Data)
6. Conventional Encryption involves transforming plaintext
messages into ciphertext messages that are to be decrypted
only by the intended receiver.
Both sender and receiver agree upon a secrete key to be
used in encrypting and decrypting.
Conventional Encryption Principles
7. An encryption which is using single key is called as
Symmetric Encryption.
A Symmetric encryption scheme has five ingredients
Plain Text: original message or data, which is input to the
encryption algorithm.
Encryption Algorithm: algorithm performs various
substitutions and transformations on the plain text.
Secret Key: The key is another input to the algorithm. The
substitutions and transformations performed by algorithm
depend on the key.
Cipher Text: This is the scrambled (unreadable) message which
is output of the encryption algorithm. This cipher text is
dependent on plaintext and secret key. For a given plaintext,
two different keys produce two different cipher texts.
Decryption Algorithm: This is the reverse of encryption
algorithm. It takes the cipher text and secret key as inputs and
outputs the plain text.
9. This is a substitution technique that uses a single
alphabet to replace symbols of plaintext for symbols
of ciphertext as dictated by the key.
The key often represents the number of symbols to
shift the plaintext from a circular alphabet.
These techniques are relatively easy to break due to
the fact that symbol frequencies remain invariant
Example Algorithms:
Caesar
ROT13
Four Square
Monoalphabetic
10. The action of a Caesar cipher is to replace each plaintext letter
with a different one a fixed number of places down the alphabet.
The cipher illustrated here uses a left shift of three, so that (for
example) each occurrence of E in the plaintext becomes B in the
ciphertext.
Wiki link
.
Caesar Algorithm
11.
12. #include <stdio.h>
int main()
{
char array[100], cipher[100];
int c=0, x=0, y=0;
int z;
printf("This Program will encrypt according to your needsn");
printf("Enter the cipher keyn");
scanf("%d",&z);
printf("Enter the sentence");
while((c=getchar()) != 'n')
{
array[x++]=(char)c;
cipher[y++]=(char)(c+z); //for decription need to do (c-z)
}
array[x]=0;
cipher[y]=0;
printf("%sn",cipher);
return 0;
}
13. ROT13 is a special case of the Caesar cipher, developed in
ancient Rome
ROT13 ("rotate by 13 places") is a simple letter substitution
cipher that replaces a letter with the 13th letter after it, in the
alphabet.
Wiki Link
ROT13 Algorithm
14. #include <stdio.h>
int rot13(int c){
if('a' <= c && c <= 'z'){
return rot13b(c,'a');
} else if ('A' <= c && c <= 'Z') {
return rot13b(c, 'A');
} else {
return c;
}
}
int rot13b(int c, int basis){
c = (((c-basis)+13)%26)+basis;
return c;
}
int main() {
printf("The given args will be rotated");
int c;
while((c = getchar()) != EOF){
c = rot13(c);
putchar(c);
}
return 0;
}
15. The four-square cipher is a manual symmetric encryption technique.
The technique encrypts pairs of letters (digraphs), and thus falls into
a category of ciphers known as polygraphic substitution ciphers.
as the analysis Four-square cipher algorithm provides 676 possible
digraphs rather than just 26 for monographic substitution.
The four-square cipher uses four 5 by 5 (5x5) matrices arranged in a
square.
Each of the 5 by 5 matrices contains the letters of the alphabet
(usually omitting "Q" or putting both "I" and "J" in the same location
to reduce the alphabet to fit)
As an example, here are the four-square matrices for the keywords
"example" and "keyword." The plaintext matrices are in lowercase
and the cipher text matrices are in caps to make this example visually
more simple:
Four-square cipher Algorithm
16. Lower case letters indicates plain text
Upper case letters indicates cipher text
Wiki link
17. Algorithm:
Split the payload message into digraphs. (hello world becomes he ll 0w or ld)
Find the first letter in the digraph in the upper-left plaintext matrix.
The first letter of the encrypted digraph is in the same row as the first plaintext letter and the same
column as the second plaintext letter. It is therefore in the upper-right ciphertext matrix.
The second letter of the encrypted digraph is in the same row as the second plaintext letter and the
same column as the first plaintext letter. It is therefore in the lower-left ciphertext matrix.
h=>F
e=>Y
18. This is a substitution technique that uses multiple
alphabets to replace symbols of plaintext for symbols
of cipher text as dictated by the key.
The keyword is repeated throughout the length of
the message.
These techniques suppress individual symbol
frequency making these ciphers harder to break.
Sample algorithms.
Running Key
Vigenere
One Time Pad
Polyalphabetic
19. The 'key' for a running key cipher is a long piece of
text.
Running Key Algorithm
20. Key : XABYX TRQNM
Pain text: HELLO WORLD
Now we take the letter we will be encoding, ‘H', and find it on the first column on the
tableau. Then, we move along the ‘H' row of the tableau until we come to the column with
the ‘x' at the top.(The ‘x' is the keyword letter for the first ‘h'), the intersection is our cipher
text character, ‘E'. Repeats same process to complete all characters of plain text.
Encryption:
H -> E
E -> E
L -> M
L -> J
O -> L
W -> P
O -> F
R -> H
L -> Y
D -> P
“”HELLO WORLD” =>
“EEMJL PFHYP”
21. Key : XABYX TRQNM
Cipher text: EEMJL PFHYP
Now we take the letter we will be decoding, ‘E', and find key ‘X’ on the first
row on the tableau. Then, we move along the ‘X' column of the tableau until
we come to ‘E’. From E left move and identify first column value ‘H’ .(The ‘x'
is the keyword letter for the first ‘E'), the value in first column is plain text .
Repeats same process to complete all characters of cipher text.
Decryption:
E -> H
E -> E
M -> L
J -> L
L -> O
P -> W
F -> O
H -> R
Y -> L
P -> D
“EEMJL PFHYP” =>
“HELLO WOR LD”
22. In the above Encryption algorithm data is mail
reference.
Encryption Uses Line Flow from Left to Right.
Decryption uses the line flow from top to bottom.
Reference Link
23. Vigenère can also be described algebraically. If the letters A–
Z are taken to be the numbers 0–25 (i.e., a=0, b=1 etc), and
addition is performed modulo 26, then Vigenère
encryption E using the key k can be written.
and decryption D using the key K.
Vigenère cipher
24. Vigenère Enryption
Plain Text : HELLO WORLD
Key : XYDZM NRCLJ
H
7
X
23
4
E
E
4
Y
24
2
C
(7+23)%26
(4+24)%2
6
L
11
D
3
14
O
(11+3)%26
L
11
D
3
14
O
(11+3)%26
O
14
M
12
0
A
(14+12)%2
6
W
22
N
13
9
J
O
14
R
17
5
F
(22+13)%2
6
(14+17)%2
6
R
17
C
2
19
T
(17+2)%26
L
11
D
3
14
O
(11+3)%26
D
3
J
9
12
M
(3+9)%26
25. Vigenère Deryption
Plain Text : EBOOA JFTOM
Key : XYDZM NRCLJ
E
4
X
23
7
h
C
2
Y
24
4
E
(4-23)%26
(2--
24)%26
O
14
D
3
11
L
(14-3)%26
O
14
D
3
11
L
(14-3)%26
A
0
M
12
14
O
(0-12)%26
J
9
N
13
22
W
F
5
R
17
14
O
(9-13)%26 (5-17)%26
T
19
C
2
17
R
(19-2)%26
O
14
D
3
11
L
(14-3)%26
M
12
J
9
3
D
(12-9)%26
26. One-time padding Cipher algorithm.
if ((Mi+Ki )<0) Then
Ci=(Mi+Ki+26)%26
Else
Ci=(Mi+Ki-26)%26
One-time padding Decipher algorithm.
if ((Mi-Ki )<0) Then
Ci=(Mi-Ki+26)%26
Else
Ci=(Mi-Ki-26)%26
Wiki Link
One-time pad Cipher
27. The Playfair Cipher is a manual symmetric encryption cipher
invented in 1854 by Charles Wheatstone, however it’s name and
popularity came from the endorsement of Lord Playfair.
The Playfair cipher encrypts pairs of letters (digraphs), instead of
single letters as is the case with simpler substitution ciphers such as
the Caesar Cipher.
Frequency analysis is still possible on the Playfair cipher, however it
would be against 600 possible pairs of letters instead of 26 different
possible letters.
For this reason the Playfair cipher is much more secure than older
substitution ciphers, and it’s use continued up until WWII.
The playfair cipher starts with creating a key table. The key table is a
5×5 grid of letters that will act as the key for encrypting your
plaintext.
Each of the 25 letters must be unique and one letter of the alphabet
(usually Q) is omitted from the table (as there are 25 spots and 26
letters in the alphabet).
Playfair Cipher
28. Playpair Algorithm:
The 'key' for a playfair cipher is generally a word, for the
sake of example we will choose ‘MONARCHY'. This is then
used to generate a 'key square', e.g.
Any sequence of 25 letters can be used as a key, so long as
all letters are in it and there are no repeats. Note that there
is no 'j', it is combined with 'i'. We now apply the
encryption rules to encrypt the plaintext.
M O N A R
C H Y B D
E F G I K
L P Q S T
U V W X Z
29. 1. Remove any punctuation or characters that are not present in the key square
(this may mean spelling out numbers, punctuation etc.).
2. Identify any double letters in the plaintext and replace the second occurence
with an 'x' e.g. 'hammer' -> 'hamxer'.
3. If the plaintext has an odd number of characters, append an 'x' to the end to
make it even.
4. Break the plaintext into pairs of letters, e.g. 'hamxer' -> 'ha mx er'
5. The algorithm now works on each of the letter pairs.
6. Locate the letters in the key square, (the examples given are using the key
square above)
1. If the letters are in different rows and columns, replace the pair with the
letters on the same row respectively but at the other pair of corners of the
rectangle defined by the original pair. The order is important – the first
encrypted letter of the pair is the one that lies on the same row as the first
plaintext letter. 'ha' -> 'bo', 'es' -> 'il'
2. If the letters appear on the same row of the table, replace them with the
letters to their immediate right respectively (wrapping around to the left side
of the row if a letter in the original pair was on the right side of the row). 'ma'
-> 'or', 'lp' -> 'pq'
3. If the letters appear on the same column of the table, replace them with the
letters immediately below respectively (wrapping around to the top side of
the column if a letter in the original pair was on the bottom side of the
column). 'rk' -> 'dt', 'pv' -> 'vo'
30. Encryption:
Plain Text: HELLO WORLD (HE LL OW OR LD)
KEY : MONARCHY
M O N A R
C H Y B D
E F G I K
L P Q S T
U V W X Z
HE CF
LL VV
OW NV
OR NM
LD TC
HE LL OW OR LD = CF VV NV NM TC
31. Decryption: opposite actions to right move to left move.
Bottom move to top move.
Cipher Text: CF VV NV NM TC
KEY : MONARCHY
M O N A R
C H Y B D
E F G I K
L P Q S T
U V W X Z
HE
CF
LL
VV
OW
NV
OR
NM
LD
TC
CF VV NV NM TC = HE LL OW OR LD
32. It is also a multiletter encryption cipher. It involves
substitution of ‘m’ ciphertext letters for ‘m’
successive plaintext letters. For substitution purposes
using ‘m’ linear equations, each of the characters are
assigned a numerical values i.e. a=0, b=1, c=2,
d=3,…….z=25.
For example if m=3, the system can be defined as:
c1 = (k11p1 + k12p2 + k13p3) mod 26
c2 = (k21p1 + k22p2 + k23p3) mod 26
c3 = (k31p1 + k32p2 + k33p3) mod 26
Hill Cipher
33. For decryption process, inverse of matrix K i.e. K -1 is
required which is defined by the equation KK-1 = K1 K =
I, where I is the identity matrix that contains only 0’s
and 1’s as its elements. Plaintext is recovered by
applying K1 to the cipher text. It is expressed as
34. Example: The plain text is “I can’t do it” and the size of m is 3
and key K is chosen as
Plain Text :
7 11
4 15
H E L P
7 4 11 15
39. Use Different keys at different end points.
Encryption using Public-Key System
Asymmetric Encryption
40. Ciphering two types based on the ciphering entire plain
text or block of the pain text.
Ciphering entire plain text at a time is called Stream
Ciphering.
Ciphering block wise (separate the plain text in to parts and
Ciphering each part) is called Block Ciphering.
Block Ciphering modes of operations.
Electronic Code Book (ECB)
Cipher Block Chaining Mode (CBC)
Cipher Feed Back Mode (CFB)
Output Feedback Mode (OFB)
Counter Mode (CTR)
Block Cipher modes of operations
44. Advantages & Disadvantages of ECB:
● Advantages
● Encryption/Decryption of each block could be parallelized.
● Disadvantages
1. Two blocks with identical plaintext produces identical ciphertext
2. Bit error in one block affect the whole block.
3. Plaintext patterns are still visible after encryption
48. Advantages & Disadvantages of CBC:
● Advantages
● Diffusion is not easy.
● Decryption could be parallelized
● Disadvantages
1. Encryption has to be done sequential
2. Bit error in one block effects two blocks
55. Advantages & Disadvantages of OFB:
● Advantages
● Keystream can be pre-computed.
● No padding
● Bit error only affect one bit
● Disadvantages
● Keystream computation cannot be parallelized
● Reusing of key an initialization vector is dangerous
● Bit-flipping attacks are easy
58. Advantages & Disadvantages of OFB:
●Advantages
● No padding
● Bit error only affect one bit
● Decryption can be parallelized
●Disadvantages
● Bit-flipping attacks are easy
● Encryption cannot be parallelized
● No pre-computation of the keystream
61. Advantages & Disadvantages of OFB:
●Advantages
● No padding
● En-/decryption of each block could be parallelized
● Keystream can be pre-computed
●Disadvantages
● Bit-flipping attacks are easy
● Reusing of key and nonce/counter is dangerous
63. •Link encryption:
–A lot of encryption devices
–High level of security
–Decrypt each packet at every switch
•End-to-end encryption
–The source encrypts and the receiver decrypts
–Payload encrypted
–Header in the clear
•High Security
–Both link and end-to-end encryption are needed
64. 64
Key Distribution
1. Physical delivery
A key could be selected by A and physically delivered to
B.
A third party could select the key and physically deliver it
to A and B.
2. Network transfer
If A and B have previously used a key, one party could
transmit the new key to the other, encrypted using the old
key.
If A and B each has an encrypted connection to a third
party C, C could deliver a key on the encrypted links to A
and B.
Diffie-Hellman key exchange
65. Session and Permanent Key
65
•Session key:
–Data encrypted with a one-time session key
–At the conclusion of the session, the key is
destroyed
•Permanent key:
–Used between entities for the purpose of
distributing session keys
66.
67. Approaches to Message
Authentication
●Authentication Using Conventional Encryption
●Only the sender and receiver should share a key
●Message Authentication without Message
Encryption
●An authentication tag is generated and appended to
each message
●Message Authentication Code
●Calculate the MAC as a function of the message and
the key. MAC = F(K, M)
68. Main objective of the MAC code to make sure data integrity
and authenticity.
Make sure the data not altered(data integrity) and data
received from proper sender(authenticity)
Message Authentication Code
69. A hash function is a mathematical function that converts a
numerical input value into another compressed numerical
value.
The input to the hash function is of arbitrary length but
output is always of fixed length.
Values returned by a hash function are called message digest
or simply hash values.
Hash Functions
70. Fixed Length Output (Hash Value)
Hash function coverts data of arbitrary length to a fixed length.
This process is often referred to as hashing the data.
the hash is much smaller than the input data, hence hash
functions are sometimes called compression functions.
Since a hash is a smaller representation of a larger data, it is also
referred to as a digest.
Hash function with n bit output is referred to as an n-bit hash
function. Popular hash functions generate values between 160
and 512 bits.
Efficiency of Operation
Generally for any hash function h with input x, computation of
h(x) is a fast operation.
Computationally hash functions are much faster than a
symmetric encryption.
Features of Hash Functions
71. Pre-Image Resistance:
if a hash function h produced a hash value z, then it should be a difficult process to find any
input value x that hashes to z.
This property protects against an attacker who only has a hash value and is trying to find
the input.
Second Pre-Image Resistance:
if a hash function h for an input x produces hash value h(x), then it should be difficult to
find any other input value y such that h(y) = h(x).
This property of hash function protects against an attacker who has an input value and its
hash, and wants to substitute different value as legitimate value in place of original input
value.
Collision Resistance
This property means it should be hard to find two different inputs of any length that result
in the same hash. This property is also referred to as collision free hash function.
In other words, for a hash function h, it is hard to find any two different inputs x and y such
that h(x) = h(y).
This property makes it very difficult for an attacker to find two input values with the same
hash.
Also, if a hash function is collision-resistant then it is second pre-image resistant.
Properties of Hash Functions
73. The input parameters ipad and opad are used to modify the
secret key. They may have various values assigned. It is
recommended to choose the values that would make both
inputs to the hash functions look as dissimilar as possible
(that is, that modify the secret key in two different ways).
Using a secure hash function (that means the function which
doesn't produce the same outputs for different input data)
guarantees the security of the HMAC algorithm.
Nowadays, the HMAC algorithm is used in many systems,
including some popular Internet protocols (SSL, IPsec, SSH).
Hash based Message Authentication
Code
74. 1. Select K (0 < K < b)
1. generate K+
1. (If K bits<b bits then pad 0's left side until K bits=b bits)
2. S1=K+ EXOR iPad ( where K+ and iPad are b-bits, so S1 is b-bits,
iPad=0x36=0b0110110)
3. Append Message M to S1( S1 || M)
4. Apply Sha-512 on (S1 || M) => generated Hash is n-bits
5. pad n-bits until length equals to b-bits => output1
6. S2= K+ EXOR oPad(where k+ and oPad are b-bits, so S2 is b-bits,
0x5c=0b1011100)
7. append output of step 5 to S2 ( S2 || output1)
8. apply sha-512 on (S2 || output1) => generated Hash is n-bit
HMAC Algorithm
76. The input parameters ipad and opad are used to
modify the secret key. They may have various values
assigned. It is recommended to choose the values that
would make both inputs to the hash functions look as
dissimilar as possible (that is, that modify the secret
key in two different ways).
Using a secure hash function (that means the function
which doesn't produce the same outputs for different
input data) guarantees the security of the HMAC
algorithm.
Nowadays, the HMAC algorithm is used in many
systems, including some popular Internet protocols
(SSL, IPsec, SSH).