Cryptography and Network Security:

Principles and Practice

Eighth Edition

Chapter 3
Classical Encryption Techniques

Copyright © 2020 Pearson Education, Inc. All Rights Reserved.

Definitions (1 of 2)
• Plaintext
– An original message
• Ciphertext
– The coded message
• Enciphering/encryption
– The process of converting from plaintext to ciphertext
• Deciphering/decryption
– Restoring the plaintext from the ciphertext

Copyright © 2020 Pearson Education, Inc. All Rights Reserved.

Definitions (2 of 2)
• Cryptography
– The area of study of the many schemes used for
encryption
• Cryptographic system/cipher
– A scheme
• Cryptanalysis
– Techniques used for deciphering a message without
any knowledge of the enciphering details
• Cryptology
– The areas of cryptography and cryptanalysis

Copyright © 2020 Pearson Education, Inc. All Rights Reserved.

Figure 3.1 Simplified Model of
Symmetric Encryption

Copyright © 2020 Pearson Education, Inc. All Rights Reserved.

Symmetric Cipher Model
• There are two requirements for secure use of conventional
encryption:

– A strong encryption algorithm

– Sender and receiver must have obtained copies of the

secret key in a secure fashion and must keep the key
secure

Copyright © 2020 Pearson Education, Inc. All Rights Reserved.

Figure 3.2 Model of Symmetric
Cryptosystem

Copyright © 2020 Pearson Education, Inc. All Rights Reserved.

Cryptographic Systems
• Characterized along three independent dimensions:
• The type of operations used for transforming plaintext to
ciphertext
– Substitution
– Transposition
• The number of keys used
– Symmetric, single-key, secret-key, conventional
encryption
– Asymmetric, two-key, or public-key encryption
• The way in which the plaintext is processed
– Block cipher
– Stream cipher
Copyright © 2020 Pearson Education, Inc. All Rights Reserved.
Cryptanalysis and Brute-Force Attack
• Cryptanalysis
– Attack relies on the nature of the algorithm plus some
knowledge of the general characteristics of the
plaintext
– Attack exploits the characteristics of the algorithm to
attempt to deduce a specific plaintext or to deduce the
key being used
• Brute-force attack
– Attacker tries every possible key on a piece of
ciphertext until an intelligible translation into plaintext is
obtained
– On average, half of all possible keys must be tried to
achieve success
Copyright © 2020 Pearson Education, Inc. All Rights Reserved.
Table 3.1 Types of Attacks on
Encrypted Messages
Type of Attack Known to Cryptanalyst

Ciphertext Only • Encryption algorithm

• Ciphertext
Known Plaintext • Encryption algorithm
• Ciphertext
• One or more plaintext–ciphertext pairs formed with the secret key
Chosen Plaintext • Encryption algorithm
• Ciphertext
• Plaintext message chosen by cryptanalyst, together with its corresponding
ciphertext generated with the secret key
Chosen Ciphertext • Encryption algorithm
• Ciphertext
• Ciphertext chosen by cryptanalyst, together with its corresponding decrypted
plaintext generated with the secret key
Chosen Text • Encryption algorithm
• Ciphertext
• Plaintext message chosen by cryptanalyst, together with its corresponding
ciphertext generated with the secret key
• Ciphertext chosen by cryptanalyst, together with its corresponding decrypted
plaintext generated with the secret key

Copyright © 2020 Pearson Education, Inc. All Rights Reserved.

Encryption Scheme Security
• Unconditionally secure
– No matter how much time an opponent has, it is
impossible for him or her to decrypt the ciphertext
simply because the required information is not there
• Computationally secure
– The cost of breaking the cipher exceeds the value of
the encrypted information
– The time required to break the cipher exceeds the
useful lifetime of the information

Copyright © 2020 Pearson Education, Inc. All Rights Reserved.

Brute-Force Attack
• Involves trying every possible key until an intelligible
translation of the ciphertext into plaintext is obtained
• On average, half of all possible keys must be tried to
achieve success
• To supplement the brute-force approach, some degree of
knowledge about the expected plaintext is needed, and
some means of automatically distinguishing plaintext from
garble is also needed

Copyright © 2020 Pearson Education, Inc. All Rights Reserved.

Strong Encryption
• The term strong encryption refers to encryption schemes
that make it impractically difficult for unauthorized persons
or systems to gain access to plaintext that has been
encrypted
• Properties that make an encryption algorithm strong are:
– Appropriate choice of cryptographic algorithm
– Use of sufficiently long key lengths
– Appropriate choice of protocols
– A well-engineered implementation
– Absence of deliberately introduced hidden flaws

Copyright © 2020 Pearson Education, Inc. All Rights Reserved.

Substitution Technique
• Is one in which the letters of plaintext are replaced by other
letters or by numbers or symbols
• If the plaintext is viewed as a sequence of bits, then
substitution involves replacing plaintext bit patterns with
ciphertext bit patterns

Copyright © 2020 Pearson Education, Inc. All Rights Reserved.

Caesar Cipher
• Simplest and earliest known use of a substitution cipher
• Used by Julius Caesar
• Involves replacing each letter of the alphabet with the
letter standing three places further down the alphabet
• Alphabet is wrapped around so that the letter following Z
is A
plain: meet me after the toga party
cipher: PHHW PH DIWHU WKH WRJD SDUWB

Copyright © 2020 Pearson Education, Inc. All Rights Reserved.

Caesar Cipher Algorithm
• Can define transformation as:
abcdefghijklmnopqrstuvwxyz
DEFGHIJKLMNOPQRSTUVWXYZABC
• Mathematically give each letter a number
abcdefghij k l m n o p q r s t u v w x y z
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25
• Algorithm can be expressed as:
c = E(3, p) = (p + 3) mod (26)
• A shift may be of any amount, so that the general Caesar algorithm is:
C = E(k , p ) = (p + k ) mod 26
• Where k takes on a value in the range 1 to 25; the decryption algorithm is
simply:
p = D(k , C ) = (C − k ) mod 26

Copyright © 2020 Pearson Education, Inc. All Rights Reserved.

Figure 3.3 Brute-Force Cryptanalysis
of Caesar Cipher

Copyright © 2020 Pearson Education, Inc. All Rights Reserved.

Monoalphabetic Cipher
• Permutation
– Of a finite set of elements S: is an ordered sequence of
all the elements of S , with each element appearing
exactly once.
– For example, if S = {a, b, c}, there are six permutations
of S:
– abc, acb, bac, bca, cab, cba
• If the “cipher” line can be any permutation of the 26
alphabetic characters, then there are 26! or greater than
4 x 1026 possible keys
– Approach is referred to as a monoalphabetic
substitution cipher because a single cipher alphabet is
used per message
Copyright © 2020 Pearson Education, Inc. All Rights Reserved.
Monoalphabetic Cipher

Copyright © 2020 Pearson Education, Inc. All Rights Reserved.

Monoalphabetic Cipher

• As a first step, the relative frequency of the letters can

be determined and compared to a standard frequency
distribution for English, such as is shown in Figure 3.5
(based on [LEWA00]).
• If the message were long enough, this technique alone
might be sufficient, but because this is a relatively short
message, we cannot expect an exact match. In any case,
the relative frequencies of the letters in the ciphertext
(in percentages) are as follows:

Copyright © 2020 Pearson Education, Inc. All Rights Reserved.

Monoalphabetic Cipher

• Comparing this breakdown with Figure 3.5, it seems

likely that cipher letters P and Z are the equivalents of
plain letters e and t, but it is not certain which is which.
The letters S, U, O, M, and H are all of relatively high
frequency and probably correspond to plain letters from
the set {a, h, i, n, o, r, s}.
• The letters with the lowest frequencies (namely, A, B,
G, Y, I, J) are likely included in the set {b, j, k, q, v, x,
z}.

Copyright © 2020 Pearson Education, Inc. All Rights Reserved.

Figure 3.5 Relative Frequency of
Letters in English Text

Copyright © 2020 Pearson Education, Inc. All Rights Reserved.

Monoalphabetic Ciphers
• Easy to break because they
reflect the frequency data of the
original alphabet
• Countermeasure is to provide
multiple substitutes
(homophones) for a single letter
• Digram
– Two-letter combination
– Most common is th
• Trigram
– Three-letter combination
– Most frequent is the

Copyright © 2020 Pearson Education, Inc. All Rights Reserved.

Playfair Cipher
• Best-known multiple-letter encryption cipher
• Treats diagrams in the plaintext as single units and
translates these units into ciphertext diagrams
• Based on the use of a 5 × 5 matrix of letters constructed
using a keyword
• Invented by British scientist Sir Charles Wheatstone in
1854
• Used as the standard field system by the British Army in
World War I and the U.S. Army and other Allied forces
during World War II

Copyright © 2020 Pearson Education, Inc. All Rights Reserved.

Playfair Key Matrix
• Fill in letters of keyword (minus duplicates) from left to right
and from top to bottom, then fill in the remainder of the
matrix with the remaining letters in alphabetic order
• Using the keyword MONARCHY:

M O N A R
C H Y B D
E F G I/J K
L P Q S T
U V W X Z

Copyright © 2020 Pearson Education, Inc. All Rights Reserved.

Playfair
• The letters I and J count as one letter. Plaintext is
encrypted two letters at a time, according to the following
rules:
• 1. Repeating plaintext letters that are in the same pair are
separated with a filler letter, such as x, so that balloon
would be treated as ba lx lo on.
• 2. Two plaintext letters that fall in the same row of the
matrix are each replaced by the letter to the right, with the
first element of the row circularly following the last. For
example, ar is encrypted as RM.

Copyright © 2020 Pearson Education, Inc. All Rights Reserved.

Playfair
• 3. Two plaintext letters that fall in the same column are
each replaced by the letter beneath, with the top element
of the column circularly following the last.
• For example, mu is encrypted as CM.
4. Otherwise, each plaintext letter in a pair is replaced by the
letter that lies in its own row and the column occupied by the
other plaintext letter. Thus, hs becomes BP and ea becomes
IM (or JM, as the encipherer wishes).

Copyright © 2020 Pearson Education, Inc. All Rights Reserved.

Vigenère Cipher
• Best known and one of the simplest polyalphabetic
substitution ciphers
• In this scheme the set of related monoalphabetic
substitution rules consists of the 26 Caesar ciphers with
shifts of 0 through 25
• Each cipher is denoted by a key letter which is the
ciphertext letter that substitutes for the plaintext letter a.
Thus, a Caesar cipher with a shift of 3 is denoted by the
key value 3.

Copyright © 2020 Pearson Education, Inc. All Rights Reserved.

Example of Vigenère Cipher
• To encrypt a message, a key is needed that is as long as
the message
• Usually, the key is a repeating keyword
• For example, if the keyword is deceptive, the message “we
are discovered save yourself” is encrypted as:
key: deceptivedeceptivedeceptive
plaintext: wearediscoveredsaveyourself
ciphertext: ZICVTWQNGRZGVTWAVZHCQYGLMGJ

Copyright © 2020 Pearson Education, Inc. All Rights Reserved.

Example of Vigenère Cipher
• We can express the Vigenère cipher in the following manner.
Assume a sequence of plaintext letters P = p0, p1, p2, …, pn - 1
and a key consisting of the sequence of letters K = k0, k1, k2,
… , km - 1, where typically m < n. The sequence of ciphertext
letters C = C0, C1, C2, … , Cn - 1 is calculated as follows:

Copyright © 2020 Pearson Education, Inc. All Rights Reserved.

Example of Vigenère Cipher

Copyright © 2020 Pearson Education, Inc. All Rights Reserved.

Example of Vigenère Cipher

Copyright © 2020 Pearson Education, Inc. All Rights Reserved.

Vigenère Autokey System
• A keyword is concatenated with the plaintext itself to
provide a running key
• Example:
key: deceptivewearediscoveredsav
plaintext: wearediscoveredsaveyourself
ciphertext: ZICVTWQNGKZEIIGASXSTSLVVWLA
• Even this scheme is vulnerable to cryptanalysis
– Because the key and the plaintext share the same
frequency distribution of letters, a statistical technique
can be applied

Copyright © 2020 Pearson Education, Inc. All Rights Reserved.

Vernam Cipher
Figure 3.7 Vernam Cipher

Copyright © 2020 Pearson Education, Inc. All Rights Reserved.

One-Time Pad
• Improvement to Vernam cipher • Scheme is unbreakable
proposed by an Army Signal – Produces random output
Corp officer, Joseph that bears no statistical
Mauborgne relationship to the
• Use a random key that is as plaintext
long as the message so that – Because the ciphertext
the key need not be repeated contains no information
whatsoever about the
• Key is used to encrypt and plaintext, there is simply
decrypt a single message and no way to break the code
then is discarded
• Each new message requires a
new key of the same length as
the new message

Copyright © 2020 Pearson Education, Inc. All Rights Reserved.

Difficulties
• The one-time pad offers complete security but, in practice, has two
fundamental difficulties:
– There is the practical problem of making large quantities of
random keys
 Any heavily used system might require millions of random
characters on a regular basis
– Mammoth key distribution problem
 For every message to be sent, a key of equal length is needed
by both sender and receiver
• Because of these difficulties, the one-time pad is of limited utility
– Useful primarily for low-bandwidth channels requiring very high
security
• The one-time pad is the only cryptosystem that exhibits perfect
secrecy (see Appendix F)

Copyright © 2020 Pearson Education, Inc. All Rights Reserved.

Rail Fence Cipher
• Simplest transposition cipher
• Plaintext is written down as a sequence of diagonals and
then read off as a sequence of rows
• To encipher the message “meet me after the toga party”
with a rail fence of depth 2, we would write:
mematrhtgpry
etefeteoaat
Encrypted message is:
MEMATRHTGPRYETEFETEOAAT

Copyright © 2020 Pearson Education, Inc. All Rights Reserved.

Row Transposition Cipher
• Is a more complex transposition
• Write the message in a rectangle, row by row, and read the
message off, column by column, but permute the order of
the columns
– The order of the columns then becomes the key to the
algorithm
Key: 4312 5 67
Plaintext: atta c kp
ostpone
dunt i l t
w o a mx y z
Ciphertext: TTNAAPTMTSUOAODWCOIXKNLYPETZ
Copyright © 2020 Pearson Education, Inc. All Rights Reserved.