DEPARTMENT OF CSE

COURSE TITLE:
INTRODUCTION TO BLOCKCHAIN &
CRYPTO CURRENCIES

COURSE CODE:
23CS3045RB
 AIM OF THE
SESSION
To familiarize students with the basic concepts of Cryptography

INSTRUCTIONAL
OBJECTIVES
This Session is designed to:
Demonstrate Principles of Symmetric and Asymmetric Cryptography

LEARNING OUTCOMES

At the end of this session, you should be able to:

1. Define Cryptography
2. Symmetric Key Cryptography
3. Asymmetric Key Cryptography
4. Other Classical cryptographic cipher
INDEX

• Structure of cryptosystem
• Symmetric key cryptography
• Asymmetric key cryptography
• Caesar cipher
• Affine cipher
• Euclidean Algorithm for finding GCD(A,B)
• Miller–Rabin primality test
• Rabin Cryptosystem
THE LANGUAGE OF
CRYPTOGRAPHY
 SYMMETRIC KEY VS. ASYMMETRIC KEY

Symmetric/Secret key cryptography

• Requires sender/receiver know shared secret key
• Major issue: how to agree on key in first place (particularly if never “met”)?

Asymmetric/Public key cryptography

 Sender/receiver do not share the same secret key
 Public key is known to all and private key is known only to holder
 Use one for encryption, and the other for decryption
SECRET KEY CRYPTOGRAPHY
Plain-text input Cipher-text Plain-text output
“The quick brown fox “AxCv;5bmEseTfid3)fGsmWe “The quick brown
jumps over the lazy #4^,sdgfMwir3:dkJeTsY8R\ fox jumps over the
dog” s@!q3%” lazy dog”

Encryption Decryption

Same key
(shared secret)
PUBLIC KEY CRYPTOGRAPHY
 PUBLIC KEY CRYPTOGRAPHY
Clear-text Input Cipher-text Clear-text Output
“The quick brown “Py75c%bn&*)9| “The quick brown fox
fox jumps over the fDe^bDFaq#xzjFr@g5=&n jumps over the lazy
lazy dog” mdFg$5knvMd’rkvegMs” dog”

Encryption Decryption

Different keys
private
public

Recipient’s public key Recipient’s private key

SUBSTITUTION CIPHERS

A substitution cipher replaces one symbol

with another. Substitution ciphers can be
categorized as either monoalphabetic
ciphers or polyalphabetic ciphers.

A substitution cipher replaces one symbol with another.

Monoalphabetic Ciphers

In monoalphabetic
substitution, the relationship
between a symbol in the
plaintext to a symbol in the
ciphertext is always one-to-
one.
Additive Cipher
The simplest monoalphabetic cipher is the
additive cipher. This cipher is sometimes
called a shift cipher and sometimes a Caesar
cipher, but the term additive cipher better
reveals its mathematical nature.

Plaintext and ciphertext in Z26

Additive cipher

When the cipher is additive, the

plaintext, ciphertext, and key are
integers in Z26.
 Example 3

Use the additive cipher with key = 15 to

encrypt the message “hello”.

Solution
We apply the encryption algorithm to the plaintext, character
by character:
 Example 4

Use the additive cipher with key =

15 to decrypt the message
“WTAAD”.
Solution

We apply the decryption algorithm to the plaintext character

by character:
 Shift Cipher and Caesar Cipher
Historically, additive ciphers are called
shift ciphers. Julius Caesar used an
additive cipher to communicate with his
officers. For this reason, additive ciphers
are sometimes referred to as the Caesar
cipher. Caesar used a key of 3 for his
communications.
Additive ciphers are sometimes
referred to as shift ciphers or
Caesar cipher.
 Caesar Cipher
 can define transformation as:
a b c d e f g h i j k l m n o p q r s t u v w x y z = IN
D E F G H I J K L M N O P Q R S T U V W X Y Z A B C = OUT

 mathematically give each letter a number

a b c d e f g h i j k l m n o p q r s t u v w x y z
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25

 then have Caesar (rotation) cipher as:

c = E(k, p) = (p + k) mod (26)
p = D(k, c) = (c – k) mod (26)
 Eve has intercepted the ciphertext “UVACLYFZLJBYL”.
Show how she can use a brute-force attack to break
the cipher.
Eve tries keys from 1 to 7. With a key of 7, the plaintext is
“not very secure”, which makes sense.
Eve has intercepted the following ciphertext.
Using a statistical attack, find the plaintext.

When Eve tabulates the frequency of letters in

this ciphertext, she gets: I =14, V =13, S =12,
and so on. The most common character is I with
14 occurrences. This means key = 4.
 Cryptanalysis of Caesar Cipher
 only have 26 possible ciphers
A maps to A,B,..Z
 could simply try each in turn
 a brute force search
 given ciphertext, just try all shifts of letters
 do need to recognize when have plaintext
 eg. break ciphertext "GCUA VQ DTGCM"
Multiplicative Ciphers

In a multiplicative cipher, the plaintext and ciphertext are

integers in Z26; the key is an integer in Z26*.
 What is the key domain for any
multiplicative cipher?
Solution
The key needs to be in Z26*. This set has only 12 members:
1, 3, 5, 7, 9, 11, 15, 17, 19, 21, 23, 25.
We use a multiplicative cipher to encrypt the message
“hello” with a key of 7. The ciphertext is “XCZZU”.
 Affine Cipher
broaden to include multiplication
can define affine transformation as:
c = E(k, p) = (ap + b) mod (26)
p = D(k, c) = (a-1c – b) mod (26)
key k=(a,b)
a must be relatively prime to 26
so there exists unique inverse a-1
Affine Ciphers
Affine Cipher - Example
 example k=(17,3):
a b c d e f g h i j k l m n o p q r s t u v w x y z = IN
D U L C T K B S J A R I Z Q H Y P G X O F W N E V M = OUT
 example:
meet me after the toga party
ZTTO ZT DKOTG OST OHBD YDGOV
 Now how many keys are there?
12 x 26 = 312
 Still can be brute force attacked!
 Note: Example of product cipher
The affine cipher uses a pair of keys in which
the first key is from Z26* and the second is from
Z26. The size of the key domain is
26 × 12 = 312.

Use an affine cipher to encrypt the message

“hello” with the key pair (7, 2).
Use the affine cipher to decrypt the message “ZEBBW” with
the key pair (7, 2) in modulus 26.

Solution

The additive cipher is a special case of an affine cipher in which

k1 = 1. The multiplicative cipher is a special case of affine cipher
in which k2 = 0.
Monoalphabetic Substitution Cipher
Because additive, multiplicative, and affine
ciphers have small key domains, they are very
vulnerable to brute-force attack.
A better solution is to create a mapping
between each plaintext character and the
corresponding ciphertext character. Alice and
Bob can agree on a table showing the
mapping for each character.
An example key for monoalphabetic substitution cipher
We can use the key to encrypt the
message

The ciphertext is
 HOW DO YOU CALCULATE A GCD?

• Find the prime factorization of each

• Take all the common ones. E.g.
• gcd(24,20)=gcd(.
 TWO USEFUL FACTS

gcd Fact 1
If are positive integers, then gcd( = gcd()

gcd Fact 2
Let be a positive integer: gcd(
public int X(int m, int n){
if(m<n){
int temp = m;
m=n;
n=temp;
}
while(n != 0) {
int rem = m % n;
m=n;
n=rem;
}
return m;
}
EUCLID’S ALGORITHM

• gcd(660,126) while(n != 0) {
int rem = m % n;
m=n;
n=rem;
}
EUCLID’S ALGORITHM

• gcd(660,126)

= gcd(126, 660 mod 126) =

gcd(126, 30)
= gcd(30, 126 mod 30) = gcd(30,
while(n != 0) { 6)
int rem = m % n; = gcd(6, 30 mod 6) = gcd(6,
m=n; 0)
n=rem; =6
}
 BÉZOUT’S THEOREM

Bézout’s Theorem
If and are positive integers, then there exist
integers and such that
gcd(a,b)
 EXTENDED EUCLIDIAN ALGORITHM

• Step 1 compute gcd(a,b);

• Step 2 solve all equations for the remainder.
• Step 3 substitute backward

gcd(35,27)
 EXTENDED EUCLIDIAN ALGORITHM

• Step 1 compute gcd(a,b);

• Step 2 solve all equations for the remainder.
• Step 3 substitute backward

gcd(35,27) = gcd(27, 35%27) = gcd(27,8)

= gcd(8, 27%8) = gcd(8, 3)
= gcd(3, 8%3) = gcd(3, 2)
= gcd(2, 3%2) = gcd(2,1)
= gcd(1, 2%1) = gcd(1,0)
 EXTENDED EUCLIDIAN ALGORITHM

• Step 1 compute gcd(a,b); keep tableau information.

• Step 2 solve all equations for the remainder.
• Step 3 substitute backward
 EXTENDED EUCLIDIAN ALGORITHM

• Step 1 compute gcd(a,b);

• Step 2 solve all equations for the remainder.
• Step 3 substitute backward
 EXTENDED EUCLIDIAN
ALGORITHM

• Step 1 compute gcd(a,b); keep tableau information.

• Step 2 solve all equations for the remainder.
• Step 3 substitute backward
 EXTENDED EUCLIDIAN
ALGORITHM
• Step 1 compute gcd(a,b); keep tableau information.
• Step 2 solve all equations for the remainder.
• Step 3 substitute backward
 EXTENDED EUCLIDIAN ALGORITHM

• Step 1 compute gcd(a,b); keep tableau information. When

substituting
• Step 2 solve all equations for the remainder. back, you
• Step 3 substitute backward keep the
larger of
and the
number you
just
substituted.
Don’t
simplify
further! (or
gcd(27,35) = you lose the
form you
need)
 Prime Numbers
 prime numbers only have divisors of 1 and self

they cannot be written as a product of other numbers

note: 1 is prime, but is generally not of interest
 eg. 2,3,5,7 are prime, 4,6,8,9,10 are not
 prime numbers are central to number theory
 list of prime number less than 200 is:
2 3 5 7 11 13 17 19 23 29 31 37 41 43 47 53 59 61 67 71
73 79 83 89 97 101 103 107 109 113 127 131 137 139 149
151 157 163 167 173 179 181 191 193 197 199
 Prime Factorization
 to factor a number n is to write it as a product of other numbers: n=a
x b x c
 note that factoring a number is relatively hard compared to
multiplying the factors together to generate the number
 Fundamental theorem of arithmetic
 the prime factorization of a number n is when its written as a
product of primes

eg. 91=7x13 ; 3600=24x32x52
 Relatively Prime Numbers & GCD
 two numbers a, b are relatively prime if have no common
divisors apart from 1

eg. 8 & 15 are relatively prime since factors of 8 are 1,2,4,8 and of 15 are
1,3,5,15 and 1 is the only common factor
 conversely can determine the greatest common divisor by
comparing their prime factorizations and using least powers

eg. 300=21x31x52 18=21x32 hence GCD(18,300)=21x31x50=6
 Fermat's Theorem
 ap-1 = 1 (mod p)

where p is prime and gcd(a,p)=1
 also known as Fermat’s Little Theorem
 also have: ap = a (mod p)
 useful in public key and primality
testing
Euler Totient Function ø(n)
 when doing arithmetic modulo n
 complete set of residues is: 0..n-1
 reduced set of residues is those numbers (residues) which
are relatively prime to n

eg for n=10,

complete set of residues is {0,1,2,3,4,5,6,7,8,9}

reduced set of residues is {1,3,7,9}
 number of elements in reduced set of residues is called the
Euler Totient Function ø(n)
 Euler Totient Function ø(n)
 to compute ø(n) need to count number of residues to
be excluded
 in general need prime factorization, but

for p (p prime) ø(p)=p-1

for p.q (p,q prime) ø(p.q)=(p-1)x(q-1)
 eg.
ø(37) = 36
ø(21) = (3–1)x(7–1) = 2x6 = 12
Euler's Theorem
 a generalisation of Fermat's Theorem
 aø(n) = 1 (mod n)

for any a,n where gcd(a,n)=1
 eg.
a=3;n=10; ø(10)=4;
hence 34 = 81 = 1 mod 10
a=2;n=11; ø(11)=10;
hence 210 = 1024 = 1 mod 11
 also have: aø(n)+1 = a (mod n)
 Primality Testing
 often need to find large prime numbers
 traditionally sieve using trial division

ie. divide by all numbers (primes) in turn less than the square root of
the number

only works for small numbers
 alternatively can use statistical primality tests based on properties of
primes

for which all primes numbers satisfy property

but some composite numbers, called pseudo-primes, also satisfy the
property
 can use a slower deterministic primality test
 Miller Rabin Algorithm
 a test based on prime properties that result from Fermat’s Theorem
 algorithm is:
TEST (n) is:
1. Find integers k, q, k > 0, q odd, so that (n–1)=2kq
2. Select a random integer a, 1<a<n–1
3. if aq mod n = 1 then return (“inconclusive");
4. for j = 0 to k – 1 do
j
5. if (a2 q
mod n = n-1)
then return(“inconclusive")
6. return (“composite")
Probabilistic Considerations
 if Miller-Rabin returns “composite” the number is definitely not
prime
 otherwise is a prime or a pseudo-prime
 chance it detects a pseudo-prime is < 1/4
 hence if repeat test with different random a then chance n is
prime after t tests is:

Pr(n prime after t tests) = 1-4-t

eg. for t=10 this probability is > 0.99999
 could then use the deterministic AKS test
 Prime Distribution
 prime number theorem states that primes occur
roughly every ln(n) integers
 but can immediately ignore evens
 so in practice need only test 0.5 ln(n) numbers of
size n to locate a prime

note this is only the “average”

sometimes primes are close together

other times are quite far apart
RABIN CRYPTOSYSTEM

The Rabin cryptosystem can be thought of as an

RSA cryptosystem in which the value of e and d are
fixed. The encryption is C ≡ P2 (mod n) and the
decryption is P ≡ C1/2 (mod n).
Rabin cryptosystem
Procedure
Key Generation
Encryption
 Decryption

The Rabin
cryptosystem is not
deterministic:
Decryption creates
four plaintexts.
Here is a very trivial example to show the idea.
1. Bob selects p = 23 and q = 7. Note that both are
congruent to 3 mod 4.
2. Bob calculates n = p × q = 161.
3. Bob announces n publicly; he keeps p and q private.
4. Alice wants to send the plaintext P = 24. Note that 161 and 24 are
relatively prime; 24 is in Z161*. She calculates C = 242 = 93 mod 161, and
sends the ciphertext 93 to Bob.
5. Bob receives 93 and calculates four values:
a1 = +(93 (23+1)/4) mod 23 = 1 mod 23
a2 = −(93 (23+1)/4) mod 23 = 22 mod 23
b1 = +(93 (7+1)/4) mod 7 = 4 mod 7
b2 = −(93 (7+1)/4) mod 7 = 3 mod 7
6. Bob takes four possible answers, (a1, b1), (a1, b2), (a2, b1), and (a2, b2), and uses
the Chinese remainder theorem to find four possible plaintexts: 116, 24, 137,
and 45. Note that only the second answer is Alice’s plaintext.
 Netbeans 8.2
https://netbeans-ide.informer.com/8.2/
Thanks