• Cryptography Tutorial

• Cryptography Useful Resources

The first cipher Zodiac created was his longest, 408 characters. The killer split it into three pieces of equal length and mailed two to newspapers in San Francisco and one to a paper in nearby. As we can see, 'F' is the most common letter within the cipher. Now, the letter 'E' is the most common letter in the English language, so we always presume the most common letter in the cipher is 'E' as our starting letter. It may turn out to not be the case, but it's a good place to start.

Displays or alters the encryption of directories and files on NTFS volumes. If used without parameters, cipher displays the encryption state of the current directory and any files it contains. Cipher definition is - zero. How to use cipher in a sentence. B: one that has no weight, worth, or influence: nonentity It was an odd fact that the financier, a cipher in his own home, could impress all sorts of people at the office. Polyalphabetic Cipher is also known as Vigenere Cipher, which Leon Battista Alberti invents. In Polyalphabetic Substitution, Cipher is a method of encrypting alphabetic texts. It uses multiple substitution alphabets for encryption. Vigener square or Vigenere table is used to encrypt the text.

• Selected Reading

In the second chapter, we discussed the fundamentals of modern cryptography. We equated cryptography with a toolkit where various cryptographic techniques are considered as the basic tools. One of these tools is the Symmetric Key Encryption where the key used for encryption and decryption is the same.

In this chapter, we discuss this technique further and its applications to develop various cryptosystems.

Earlier Cryptographic Systems

Before proceeding further, you need to know some facts about historical cryptosystems −

• All of these systems are based on symmetric key encryption scheme.

• The only security service these systems provide is confidentiality of information.

• Unlike modern systems which are digital and treat data as binary numbers, the earlier systems worked on alphabets as basic element.

These earlier cryptographic systems are also referred to as Ciphers. In general, a cipher is simply just a set of steps (an algorithm) for performing both an encryption, and the corresponding decryption.

Caesar Cipher

It is a mono-alphabetic cipher wherein each letter of the plaintext is substituted by another letter to form the ciphertext. It is a simplest form of substitution cipher scheme.

This cryptosystem is generally referred to as the Shift Cipher. The concept is to replace each alphabet by another alphabet which is ‘shifted’ by some fixed number between 0 and 25.

For this type of scheme, both sender and receiver agree on a ‘secret shift number’ for shifting the alphabet. This number which is between 0 and 25 becomes the key of encryption.

The name ‘Caesar Cipher’ is occasionally used to describe the Shift Cipher when the ‘shift of three’ is used.

Cipher Definition

Process of Shift Cipher

• In order to encrypt a plaintext letter, the sender positions the sliding ruler underneath the first set of plaintext letters and slides it to LEFT by the number of positions of the secret shift.

• The plaintext letter is then encrypted to the ciphertext letter on the sliding ruler underneath. The result of this process is depicted in the following illustration for an agreed shift of three positions. In this case, the plaintext ‘tutorial’ is encrypted to the ciphertext ‘WXWRULDO’. Here is the ciphertext alphabet for a Shift of 3 −

• On receiving the ciphertext, the receiver who also knows the secret shift, positions his sliding ruler underneath the ciphertext alphabet and slides it to RIGHT by the agreed shift number, 3 in this case.

• He then replaces the ciphertext letter by the plaintext letter on the sliding ruler underneath. Hence the ciphertext ‘WXWRULDO’ is decrypted to ‘tutorial’. To decrypt a message encoded with a Shift of 3, generate the plaintext alphabet using a shift of ‘-3’ as shown below −

Security Value

Caesar Cipher is not a secure cryptosystem because there are only 26 possible keys to try out. An attacker can carry out an exhaustive key search with available limited computing resources.

Simple Substitution Cipher

It is an improvement to the Caesar Cipher. Instead of shifting the alphabets by some number, this scheme uses some permutation of the letters in alphabet.

For example, A.B…..Y.Z and Z.Y……B.A are two obvious permutation of all the letters in alphabet. Permutation is nothing but a jumbled up set of alphabets.

With 26 letters in alphabet, the possible permutations are 26! (Factorial of 26) which is equal to 4x10²⁶. The sender and the receiver may choose any one of these possible permutation as a ciphertext alphabet. This permutation is the secret key of the scheme.

Process of Simple Substitution Cipher

• Write the alphabets A, B, C,...,Z in the natural order.

• The sender and the receiver decide on a randomly selected permutation of the letters of the alphabet.

• Underneath the natural order alphabets, write out the chosen permutation of the letters of the alphabet. For encryption, sender replaces each plaintext letters by substituting the permutation letter that is directly beneath it in the table. This process is shown in the following illustration. In this example, the chosen permutation is K,D, G, ..., O. The plaintext ‘point’ is encrypted to ‘MJBXZ’.

Here is a jumbled Ciphertext alphabet, where the order of the ciphertext letters is a key.

• On receiving the ciphertext, the receiver, who also knows the randomly chosen permutation, replaces each ciphertext letter on the bottom row with the corresponding plaintext letter in the top row. The ciphertext ‘MJBXZ’ is decrypted to ‘point’.

Security Value

Simple Substitution Cipher is a considerable improvement over the Caesar Cipher. The possible number of keys is large (26!) and even the modern computing systems are not yet powerful enough to comfortably launch a brute force attack to break the system. However, the Simple Substitution Cipher has a simple design and it is prone to design flaws, say choosing obvious permutation, this cryptosystem can be easily broken.

Monoalphabetic and Polyalphabetic Cipher

Monoalphabetic cipher is a substitution cipher in which for a given key, the cipher alphabet for each plain alphabet is fixed throughout the encryption process. For example, if ‘A’ is encrypted as ‘D’, for any number of occurrence in that plaintext, ‘A’ will always get encrypted to ‘D’.

All of the substitution ciphers we have discussed earlier in this chapter are monoalphabetic; these ciphers are highly susceptible to cryptanalysis.

Polyalphabetic Cipher is a substitution cipher in which the cipher alphabet for the plain alphabet may be different at different places during the encryption process. The next two examples, playfair and Vigenere Cipher are polyalphabetic ciphers.

Playfair Cipher

In this scheme, pairs of letters are encrypted, instead of single letters as in the case of simple substitution cipher.

In playfair cipher, initially a key table is created. The key table is a 5×5 grid of alphabets that acts as the key for encrypting the plaintext. Each of the 25 alphabets must be unique and one letter of the alphabet (usually J) is omitted from the table as we need only 25 alphabets instead of 26. If the plaintext contains J, then it is replaced by I.

The sender and the receiver deicide on a particular key, say ‘tutorials’. In a key table, the first characters (going left to right) in the table is the phrase, excluding the duplicate letters. The rest of the table will be filled with the remaining letters of the alphabet, in natural order. The key table works out to be −

Process of Playfair Cipher

• First, a plaintext message is split into pairs of two letters (digraphs). If there is an odd number of letters, a Z is added to the last letter. Let us say we want to encrypt the message “hide money”. It will be written as −

  HI DE MO NE YZ

• The rules of encryption are −

  • If both the letters are in the same column, take the letter below each one (going back to the top if at the bottom)

T	U	O	R	I	‘H’ and ‘I’ are in same column, hence take letter below them to replace. HI → QC
A	L	S	B	C
D	E	F	G	H
K	M	N	P	Q
V	W	X	Y	Z

• If both letters are in the same row, take the letter to the right of each one (going back to the left if at the farthest right)

T	U	O	R	I	‘D’ and ‘E’ are in same row, hence take letter to the right of them to replace. DE → EF
A	L	S	B	C
D	E	F	G	H
K	M	N	P	Q
V	W	X	Y	Z

• If neither of the preceding two rules are true, form a rectangle with the two letters and take the letters on the horizontal opposite corner of the rectangle.

Using these rules, the result of the encryption of ‘hide money’ with the key of ‘tutorials’ would be −

QC EF NU MF ZV

Decrypting the Playfair cipher is as simple as doing the same process in reverse. Receiver has the same key and can create the same key table, and then decrypt any messages made using that key.

Security Value

It is also a substitution cipher and is difficult to break compared to the simple substitution cipher. As in case of substitution cipher, cryptanalysis is possible on the Playfair cipher as well, however it would be against 625 possible pairs of letters (25x25 alphabets) instead of 26 different possible alphabets.

The Playfair cipher was used mainly to protect important, yet non-critical secrets, as it is quick to use and requires no special equipment.

Vigenere Cipher

This scheme of cipher uses a text string (say, a word) as a key, which is then used for doing a number of shifts on the plaintext.

For example, let’s assume the key is ‘point’. Each alphabet of the key is converted to its respective numeric value: In this case,

p → 16, o → 15, i → 9, n → 14, and t → 20.

Thus, the key is: 16 15 9 14 20.

Process of Vigenere Cipher

• The sender and the receiver decide on a key. Say ‘point’ is the key. Numeric representation of this key is ‘16 15 9 14 20’.

• The sender wants to encrypt the message, say ‘attack from south east’. He will arrange plaintext and numeric key as follows −

• He now shifts each plaintext alphabet by the number written below it to create ciphertext as shown below −

• Here, each plaintext character has been shifted by a different amount – and that amount is determined by the key. The key must be less than or equal to the size of the message.

• For decryption, the receiver uses the same key and shifts received ciphertext in reverse order to obtain the plaintext.

Security Value

Vigenere Cipher was designed by tweaking the standard Caesar cipher to reduce the effectiveness of cryptanalysis on the ciphertext and make a cryptosystem more robust. It is significantly more secure than a regular Caesar Cipher.

In the history, it was regularly used for protecting sensitive political and military information. It was referred to as the unbreakable cipher due to the difficulty it posed to the cryptanalysis.

Variants of Vigenere Cipher

There are two special cases of Vigenere cipher −

• The keyword length is same as plaintect message. This case is called Vernam Cipher. It is more secure than typical Vigenere cipher.

• Vigenere cipher becomes a cryptosystem with perfect secrecy, which is called One-time pad.

One-Time Pad

The circumstances are −

• The length of the keyword is same as the length of the plaintext.
• The keyword is a randomly generated string of alphabets.
• The keyword is used only once.

Security Value

Let us compare Shift cipher with one-time pad.

Shift Cipher − Easy to Break

In case of Shift cipher, the entire message could have had a shift between 1 and 25. This is a very small size, and very easy to brute force. However, with each character now having its own individual shift between 1 and 26, the possible keys grow exponentially for the message.

One-time Pad − Impossible to Break

Let us say, we encrypt the name “point” with a one-time pad. It is a 5 letter text. To break the ciphertext by brute force, you need to try all possibilities of keys and conduct computation for (26 x 26 x 26 x 26 x 26) = 26⁵ = 11881376 times. That’s for a message with 5 alphabets. Thus, for a longer message, the computation grows exponentially with every additional alphabet. This makes it computationally impossible to break the ciphertext by brute force.

Transposition Cipher

It is another type of cipher where the order of the alphabets in the plaintext is rearranged to create the ciphertext. The actual plaintext alphabets are not replaced.

An example is a ‘simple columnar transposition’ cipher where the plaintext is written horizontally with a certain alphabet width. Then the ciphertext is read vertically as shown.

For example, the plaintext is “golden statue is in eleventh cave” and the secret random key chosen is “five”. We arrange this text horizontally in table with number of column equal to key value. The resulting text is shown below.

The ciphertext is obtained by reading column vertically downward from first to last column. The ciphertext is ‘gnuneaoseenvltiltedasehetivc’.

To decrypt, the receiver prepares similar table. The number of columns is equal to key number. The number of rows is obtained by dividing number of total ciphertext alphabets by key value and rounding of the quotient to next integer value.

Cipher Decoder

The receiver then writes the received ciphertext vertically down and from left to right column. To obtain the text, he reads horizontally left to right and from top to bottom row.

In cryptography, a cipher (or cypher) is an algorithm for performing encryption or decryption—a series of well-defined steps that can be followed as a procedure. An alternative, less common term is encipherment. To encipher or encode is to convert information into cipher or code. In common parlance, 'cipher' is synonymous with 'code', as they are both a set of steps that encrypt a message; however, the concepts are distinct in cryptography, especially classical cryptography.

Codes generally substitute different length strings of character in the output, while ciphers generally substitute the same number of characters as are input. There are exceptions and some cipher systems may use slightly more, or fewer, characters when output versus the number that were input.

Codes operated by substituting according to a large codebook which linked a random string of characters or numbers to a word or phrase. For example, 'UQJHSE' could be the code for 'Proceed to the following coordinates.' When using a cipher the original information is known as plaintext, and the encrypted form as ciphertext. The ciphertext message contains all the information of the plaintext message, but is not in a format readable by a human or computer without the proper mechanism to decrypt it.

The operation of a cipher usually depends on a piece of auxiliary information, called a key (or, in traditional NSA parlance, a cryptovariable). The encrypting procedure is varied depending on the key, which changes the detailed operation of the algorithm. A key must be selected before using a cipher to encrypt a message. Without knowledge of the key, it should be extremely difficult, if not impossible, to decrypt the resulting ciphertext into readable plaintext.

Most modern ciphers can be categorized in several ways

• By whether they work on blocks of symbols usually of a fixed size (block ciphers), or on a continuous stream of symbols (stream ciphers).
• By whether the same key is used for both encryption and decryption (symmetric key algorithms), or if a different key is used for each (asymmetric key algorithms). If the algorithm is symmetric, the key must be known to the recipient and sender and to no one else. If the algorithm is an asymmetric one, the enciphering key is different from, but closely related to, the deciphering key. If one key cannot be deduced from the other, the asymmetric key algorithm has the public/private key property and one of the keys may be made public without loss of confidentiality.

Etymology[edit]

The word 'cipher' (minority spelling 'cypher') in former times meant 'zero' and had the same origin: Middle French as cifre and Medieval Latin as cifra, from the Arabic صفرsifr = zero (see Zero—Etymology). 'Cipher' was later used for any decimal digit, even any number. There are many theories about how the word 'cipher' may have come to mean 'encoding'.

• Encoding often involved numbers.
• The Roman number system was very cumbersome because there was no concept of zero (or empty space). The concept of zero (which was also called 'cipher'), led to cipher meaning concealment of clear messages or encryption.
  • The French formed the word 'chiffre' and adopted the Italian word 'zero'.
  • The English used 'zero' for '0', and 'cipher' from the word 'ciphering' as a means of computing.
  • The Germans used the words 'Ziffer' (digit) and 'Chiffre'.
  • The Dutch still use the word 'cijfer' to refer to a numerical digit.
  • The Slovaks, similarly, also sometimes use the word 'cifra' ('číslica' in Slovak) to refer to a numerical digit, they use word 'číslo' for a number.
  • The Bosnians, Croats and Serbians use the word 'cifra', which refers to a digit, or in some cases, any number. Besides 'cifra', they use word 'broj' for a number.
  • The Italians and the Spanish also use the word 'cifra' to refer to a digit.
  • The Swedes use the word 'siffra' which refers to a digit, and 'chiffer'.
  • The Greeks use the word 'τζίφρα' ('tzifra') to refer to a hard-to-read signature, especially one written with a single stroke of the pen.

Ibrahim Al-Kadi concluded that the Arabic word sifr, for the digit zero, developed into the European technical term for encryption.^[1]

As the decimal zero and its new mathematics spread from the Arabic world to Europe in the Middle Ages, words derived from sifr and zephirum came to refer to calculation, as well as to privileged knowledge and secret codes. According to Ifrah, 'in thirteenth-century Paris, a 'worthless fellow' was called a '... cifre en algorisme', i.e., an 'arithmetical nothing'.'^[2] Cipher was the European pronunciation of sifr, and cipher came to mean a message or communication not easily understood.^[3]

Versus codes[edit]

In non-technical usage, a '(secret) code' typically means a 'cipher'. Within technical discussions, however, the words 'code' and 'cipher' refer to two different concepts. Codes work at the level of meaning—that is, words or phrases are converted into something else and this chunking generally shortens the message.

An example of this is the commercial telegraph code which was used to shorten long telegraph messages which resulted from entering into commercial contracts using exchanges of telegrams.

Another example is given by whole word ciphers, which allow the user to replace an entire word with a symbol or character, much like the way Japanese utilize Kanji (Japanese) characters to supplement their language. ex 'The quick brown fox jumps over the lazy dog' becomes 'The quick brown 狐 jumps 上 the lazy 犬'.

Ciphers, on the other hand, work at a lower level: the level of individual letters, small groups of letters, or, in modern schemes, individual bits and blocks of bits. Some systems used both codes and ciphers in one system, using superencipherment to increase the security. In some cases the terms codes and ciphers are also used synonymously to substitution and transposition.

Historically, cryptography was split into a dichotomy of codes and ciphers; and coding had its own terminology, analogous to that for ciphers: 'encoding, codetext, decoding' and so on.

However, codes have a variety of drawbacks, including susceptibility to cryptanalysis and the difficulty of managing a cumbersome codebook. Because of this, codes have fallen into disuse in modern cryptography, and ciphers are the dominant technique.

Types[edit]

There are a variety of different types of encryption. Algorithms used earlier in the history of cryptography are substantially different from modern methods, and modern ciphers can be classified according to how they operate and whether they use one or two keys.

Historical[edit]

Historical pen and paper ciphers used in the past are sometimes known as classical ciphers. They include simple substitution ciphers (such as ROT13) and transposition ciphers (such as a Rail Fence Cipher). For example, 'GOOD DOG' can be encrypted as 'PLLX XLP' where 'L' substitutes for 'O', 'P' for 'G', and 'X' for 'D' in the message. Transposition of the letters 'GOOD DOG' can result in 'DGOGDOO'. These simple ciphers and examples are easy to crack, even without plaintext-ciphertext pairs.^[4]

Simple ciphers were replaced by polyalphabetic substitution ciphers (such as the Vigenère) which changed the substitution alphabet for every letter. For example, 'GOOD DOG' can be encrypted as 'PLSX TWF' where 'L', 'S', and 'W' substitute for 'O'. With even a small amount of known or estimated plaintext, simple polyalphabetic substitution ciphers and letter transposition ciphers designed for pen and paper encryption are easy to crack.^[5] It is possible to create a secure pen and paper cipher based on a one-time pad though, but the usual disadvantages of one-time pads apply.

During the early twentieth century, electro-mechanical machines were invented to do encryption and decryption using transposition, polyalphabetic substitution, and a kind of 'additive' substitution. In rotor machines, several rotor disks provided polyalphabetic substitution, while plug boards provided another substitution. Keys were easily changed by changing the rotor disks and the plugboard wires. Although these encryption methods were more complex than previous schemes and required machines to encrypt and decrypt, other machines such as the British Bombe were invented to crack these encryption methods.

Modern[edit]

Modern encryption methods can be divided by two criteria: by type of key used, and by type of input data.

By type of key used ciphers are divided into:

• symmetric key algorithms (Private-key cryptography), where one same key is used for encryption and decryption, and
• asymmetric key algorithms (Public-key cryptography), where two different keys are used for encryption and decryption.

In a symmetric key algorithm (e.g., DES and AES), the sender and receiver must have a shared key set up in advance and kept secret from all other parties; the sender uses this key for encryption, and the receiver uses the same key for decryption. The Feistel cipher uses a combination of substitution and transposition techniques. Most block cipher algorithms are based on this structure. In an asymmetric key algorithm (e.g., RSA), there are two separate keys: a public key is published and enables any sender to perform encryption, while a private key is kept secret by the receiver and enables only that person to perform correct decryption.

Ciphers can be distinguished into two types by the type of input data:

• block ciphers, which encrypt block of data of fixed size, and
• stream ciphers, which encrypt continuous streams of data.

Key size and vulnerability[edit]

In a pure mathematical attack, (i.e., lacking any other information to help break a cipher) two factors above all count:

• Computational power available, i.e., the computing power which can be brought to bear on the problem. It is important to note that average performance/capacity of a single computer is not the only factor to consider. An adversary can use multiple computers at once, for instance, to increase the speed of exhaustive search for a key (i.e., 'brute force' attack) substantially.
• Key size, i.e., the size of key used to encrypt a message. As the key size increases, so does the complexity of exhaustive search to the point where it becomes impractical to crack encryption directly.

Since the desired effect is computational difficulty, in theory one would choose an algorithm and desired difficulty level, thus decide the key length accordingly.

An example of this process can be found at Key Length which uses multiple reports to suggest that a symmetric cipher with 128 bits, an asymmetric cipher with 3072 bit keys, and an elliptic curve cipher with 512 bits, all have similar difficulty at present.

Claude Shannon proved, using information theory considerations, that any theoretically unbreakable cipher must have keys which are at least as long as the plaintext, and used only once: one-time pad.^[6]

See also[edit]

Notes[edit]

1. ^Ibrahim A. Al-Kadi, 'Cryptography and Data Security: Cryptographic Properties of Arabic', proceedings of the Third Saudi Engineering Conference. Riyadh, Saudi Arabia: Nov 24-27, Vol 2:910-921., 1991.
2. ^Ifrah, Georges (2000). The Universal History of Numbers: From Prehistory to the Invention of the Computer. Wiley. ISBN0-471-39340-1.
3. ^The Muslim next door : the Qur'an, the media, and that veil thing, Sumbul Ali-Karamali, 2008, pp. 240-241
4. ^Saltzman, Benjamin A. 'Ut hkskdkxt: Early Medieval Cryptography, Textual Errors, and Scribal Agency (Speculum, forthcoming)'. Speculum.
5. ^Stinson, p. 45 harvnb error: no target: CITEREFStinson (help)
6. ^'Communication Theory of Secrecy Systems'(PDF). Retrieved February 3, 2019.

References[edit]

• Richard J. Aldrich, GCHQ: The Uncensored Story of Britain's Most Secret Intelligence Agency, HarperCollins July 2010.
• Helen Fouché Gaines, 'Cryptanalysis', 1939, Dover. ISBN0-486-20097-3
• Ibrahim A. Al-Kadi, 'The origins of cryptology: The Arab contributions', Cryptologia, 16(2) (April 1992) pp. 97–126.
• David Kahn, The Codebreakers - The Story of Secret Writing (ISBN0-684-83130-9) (1967)
• David A. King, The ciphers of the monks - A forgotten number notation of the Middle Ages, Stuttgart: Franz Steiner, 2001 (ISBN3-515-07640-9)
• Abraham Sinkov, Elementary Cryptanalysis: A Mathematical Approach, Mathematical Association of America, 1966. ISBN0-88385-622-0
• William Stallings, Cryptography and Network Security, principles and practices, 4th Edition
• Stinson, Douglas R. (1995), Cryptogtaphy / Theory and Practice, CRC Press, ISBN0-8493-8521-0

External links[edit]

Ciphering