Cryptography & Cyber

Security
Unit I

Based on William Stallings,

Chapter

Dr.N.Priya
Basic Cryptography
Terminology
 Plaintext
◦ The original, readable message or data that needs protection.
 Ciphertext
◦ The coded or unreadable version of the plaintext, created after encryption.
 Encryption (Enciphering)
◦ The process of converting plaintext into ciphertext to secure the
message.
 Decryption (Deciphering)
◦ The reverse process: converting ciphertext back into plaintext.
 Cipher / Cryptographic System
◦ A method or algorithm used for encryption and decryption.
 Cryptography
◦ The field focused on designing secure encryption methods.
 Cryptanalysis
◦ The study of breaking ciphers or deciphering messages without knowing
the key.
◦ Often called "code-breaking."
 Cryptology
◦ The combination of cryptography + cryptanalysis—the overall study of
secure communication.
Symmetric Encryption – 5 Key
Components

 Plaintext
◦ The original readable data or message to be encrypted.
◦ Input to the encryption algorithm.
 Encryption Algorithm
◦ Performs substitutions and transformations on the plaintext.
◦ Uses the secret key to determine how to scramble the data.
 Secret Key
◦ A shared, private value known to both sender and receiver.
◦ Controls the output of the encryption and decryption process.
 Ciphertext
◦ The encrypted, unintelligible message produced by the
encryption algorithm.
◦ Looks random and can't be understood without the key.
 Decryption Algorithm
◦ Reverses the encryption process using the same secret key.
◦ Converts ciphertext back into the original plaintext.
Symmetric Encryption
Requirements for Secure Symmetric
Encryption

 1. Strong Encryption Algorithm

 The algorithm must be robust against attacks, even if:
◦ The attacker knows the algorithm, and
◦ Has access to multiple ciphertexts (and even some matching
plaintexts).
 Ideally, it should be computationally infeasible to:
◦ Decrypt the ciphertext without the key, or
◦ Deduce the key even with known plaintext–ciphertext pairs.
 2. Secure Key Management
 Sender and receiver must:
◦ Obtain the secret key securely, and
◦ Keep the key secret at all times.
 If the key is compromised:
◦ The attacker can decrypt all messages encrypted with that key.
 Security depends only on the secrecy of the key, not the
algorithm.
 🔑 Key Insight:
 In symmetric encryption, the algorithm can be public, but the
key must be private.
Symmetric Encryption: Key
Concepts and Process
 🟩 1. Plaintext Message (X)
 The message to be encrypted:
X=[X1,X2,…,XM]
 Traditionally letters (A–Z), but now typically binary digits (0s and 1s).
 🟩 2. Secret Key (K)
 Key used to control encryption and decryption:
K=[K1,K2,…,KJ
 Can be:
◦ Generated by the sender, and securely sent to the receiver, or
◦ Generated by a trusted third party and securely shared with both.
 🟩 3. Encryption Algorithm (E)
 Transforms plaintext into ciphertext:
 Y=E(K,X)
 The output Y=[Y1,Y2,…,YN] is the ciphertext — appears random or
unreadable.
 🟩 4. Decryption Algorithm (D)
 Receiver uses the same key K to recover original plaintext:
 X=D(K,Y)
Symmetric Encryption: Key
Concepts and Process
Two General Approaches to
Attack Encryption
 1. Cryptanalysis
 Also called a "cipher-breaking" attack.
 Uses knowledge about the algorithm, patterns in the
plaintext, and sometimes known plaintext–ciphertext
pairs.
 Goal: To deduce the secret key or directly recover the
plaintext.
 It is intelligent and analytical, not just trial and error.
 2. Brute-force Attack
 The attacker tries every possible key until the correct one is
found.
 On average, half of all possible keys must be tested before
finding the right one.
 Relies on the size of the keyspace; the larger it is, the longer
it takes.
 Example: For a 128-bit key, there are 21282^{128}2128
possible keys — impractical to brute-force with current tech.
Types of Cryptanalytic
Attacks
Core Techniques in
Symmetric Encryption
 Allsymmetric encryption is based on two core
principles:
 1. Substitution
 Replace each element (letter, bit, block) with another.
 Examples:
◦ Caesar Cipher (shift letters)
◦ Monoalphabetic Cipher (fixed replacement)
 Bit-level:
Replace patterns like 1101 → 0110.
 2. Transposition
 Rearrange (permute) the order of elements without
changing the actual symbols.
 🔁 Combination
 Most modern ciphers combine substitution and
transposition to increase security.
caesar Cipher: Classical Substitution
Cipher

🧠 Idea:
Each letter in the plaintext is shifted a
fixed number of positions down the
alphabet. When the end of the
alphabet is reached, it wraps around to
the beginning.
🔄 Example (Shift of 3):
Plaintext: meet me after the toga
party
Ciphertext: PHHW PH DIWHU WKH
WRJD SDUWB
Caesar Cipher
Monoalphabetic Substitution
Cipher
Cryptanalysis by Frequency Analysis

 4. Despite the large keyspace, monoalphabetic

ciphers are weak due to:
 Language regularities (letter frequency patterns).
 Known frequencies of English letters (E is most
frequent, then T, A, etc.).
 🔍 Example Ciphertext:
 nginx
 CopyEdit
 UZQSOVUOHXMOPVGPOZPEVSGZWSZOPFPESXUDBM
ETSXAIZ
VUEPHZHMDZSHZOWSFPAPPDTSVPQUZWYMXUZUHS
X EPYEPOPDZSZUFPOMBZWPFUPZHMDJUDTMOHMQ
 📈 Relative Letter Frequencies in Ciphertext:
Relative Letter Frequencies in
Ciphertext:
Homophonic Substitution
 Trigram & Digram Analysis
 Frequent trigram ZWP → guessed as THE.
 Frequent digram ZW → guessed as TH.
 ZWSZ → could be THAT.
 So far:
 Z→T
 W→H
 P→E
 S→A
 Partial Deciphered Text:
 css
 CopyEdit
 UZQSOVUOHXMOPVGPOZPEVSGZWSZOPFPESXUDBMETSXAI
Z t a e e te a that e e a a ...
 → With just a few guesses, large parts of the message
become readable.
 🔁 5. Homophonic Substitution
 Countermeasure to frequency analysis.
 Use multiple ciphertext symbols for high-frequency
letters (e.g., E → {16, 35, 74}).
 Helps flatten frequency distribution, but:
◦ Digrams/trigrams still reveal patterns.
◦ More secure than monoalphabetic, but not unbreakable.
 🔐 6. Two Main Enhancements to Substitution
Ciphers
 To better hide plaintext structure:
 Encrypt multiple letters at once
◦ Examples: Playfair, Hill cipher
◦ Makes analysis harder by combining character relationships.
 Use multiple cipher alphabets
◦ Example: Vigenère cipher (polyalphabetic substitution)
◦ Letter substitutions vary across the message.
Summary Table

Type Security Level Keyspace Vulnerability

Brute-force
Caesar Cipher Very weak 25 keys
attack

Monoalphabet Frequency
Weak 26!
ic Substitution analysis

Digrams/
Homophonic
Moderate High trigrams
Substitution
survive

Polyalphabetic More resistant

Stronger Varies
Substitution to analysis