A seminar on

Cryptography
&
Cipher Algorithms

By
S.Meenatchisundaram
 CONTENTS

• Introduction to the concept of Cryptography

• Principles of Security
• Types of Cryptography
• Symmetric and Asymmetric Key Cryptography
• Encryption & Decryption algorithm types
• Data Encryption Standard (DES)
• International Data Encryption Algorithm (IDEA)
• RC Cipher
• RSA
 Introduction to the concept of
Cryptography
‹ Cryptography is the Science of devising methods that
allow information to be sent in a secure form in such a way
that the only person able to retrieve this information.

‹ A Cryptosystem is a collection of algorithms and

associated procedures for hiding and revealing (Un-hiding )
information.

‹ Cryptanalysis is the process of analyzing a cryptosystem,

either to verify its integrity or to break it for ulterior
motives.

‹ Attacker is a person or system that performs unauthorized

cryptanalysis in order to break a cryptosystem.

‹ The process of attacking a cryptosystem is called as

Cracking.
 Introduction to the concept of
Cryptography
‹ A message being sent is known as Plaintext.

‹ The process of encoding the plaintext using a

Cryptographic Algorithm is called Encryption.

‹ An encrypted message is called as Cipher Text.

‹ The process of retrieving plaintext from the cipher

text is called as Decryption.

‹ A key is a value that causes a Cryptographic

Algorithm to run in a specific manner and produce a
specific cipher text as an output.

‹ An attempt to use all possible permutations and

combinations, is called as a Brute – force attack.
 Introduction to the concept of
Cryptography

ENCRYPTION
PLAIN TEXT ALGORITHM

CIPHER TEXT
KEY

PLAIN TEXT DECRYPTION

ALGORITHM

KEY
Principles of Security

‹ Confidentiality
‹ Authentication
‹ Integrity
‹ Access control
‹ Availability
 Confidentiality
A sends a message to the user B. Another user
C gets access to this message, which is not
desired, defeats the purpose of confidentiality.
This type of attack is known as interception.

A B

C
 Authentication
C sends a message to the user B, as if it is send
by user A. This type of attack is known as
Fabrication.

A I am B
User A

C
 Integrity
User C tampers with a message originally sent by
user A, which is actually destined to B. User C
somehow manages to access it, change its
contents, and send the changed message to user B.
This type of attack is known as modification.

Ideal Route
A B

Transfer
Transfer
1000Rs. To
100Rs. To
C C
D
 Availability
Intentional actions of unauthorized user C, an
authorized user A may not be able to contact a
user B. This type of attack is known as
interruption.

A B

C
 Types of cryptography

‹ Substitution Techniques
• Caesar Cipher
• Mono-alphabetic Cipher
• Homophonic Substitution Cipher
• Poly-alphabetic Substitution Cipher
‹ Transposition Techniques
• Rail Fence Technique
• Simple Columnar Transposition Technique
• Simple Columnar Transposition Technique with
Multiple rounds
• Vernam Cipher
‹ In substitution cipher, the characters of plain text message are
replaced by other characters, numbers or symbols.

‹ Caesar Cipher
A character in the plain text can be shifted down or up by a
corresponding number. (Ex. A can be replaced with B, B can be
replaced with C, etc).
‹ Mono-alphabetic Cipher
In Mono-alphabetic Cipher, any character of plain text can be
replaced by any other character. Ex A can be replaced by any
other character (B to Z).
The possible combinations now become 4 x 1026.
‹ Homophonic Substitution Cipher
Homophonic substitution is also involves substitution of one
plain text character with a cipher text character at a time,
however the cipher text character can be any one of the chosen
set. (A can be replaced by D,H,P,R; B can be replaced by
E,I,Q,S, etc)
‹ Polygram Substitution Cipher
It replaces one block of plain text with a block of cipher text. It
does not work on a character by character basis. (Ex. HELLO
could be replaced by YUQQW, but HELL could be replaced by a
totally different cipher text block TEUI)
 TRANSPOSITION TECHNIQUES
‹ Rail fence technique
It involves writing plain text as sequence of diagonals and
then reading it row by row to produce cipher text.
Let the original plain text is COME HOME TOMORROW.

C M H M T M R O

O E O E O O R W

Cipher Text will become CMHMTMROOEOEOORW

 TRANSPOSITION TECHNIQUES
‹ Simple Columnar Transposition technique

It involves writing plain text row by row in a rectangle of a

pre defined size.
Read the message column by column.
Column order can be randomly selected.
Let the original plain text is COME HOME TOMORROW.

C O M E H O
M E T O M O
R R O W

Cipher Text will become EOWOOCMROERHMMTO if

the column order is 4,6,1,2,5,3.
 TRANSPOSITION TECHNIQUES

‹ Simple Columnar Transposition technique with

multiple rounds

1. It involves writing plain text row by row in a rectangle of

a pre defined size.
2. Read the message column by column. Column order can
be randomly selected.
3. The message thus obtained is the cipher text message of
round 1.
4. Repeat steps 1 to 3 as many times as desired.
 TRANSPOSITION TECHNIQUES
‹ Vernam Cipher
• Treat each plain text alphabet as a number in an increasing
sequence, i.e. A=0, B=1, C=2, ---Z=25.
• Use a one time pad as key.
• Add each number corresponding to the plain text alphabet to
the corresponding input cipher text alphabet number.
• If the number is >25, subtract 25 from it.
• Translate each number of the sum back to the corresponding
alphabet. This gives the output cipher text.

Plain Text H O W A R E Y O U

7 14 22 0 17 4 24 14 20
13 2 1 19 25 16 0 17 23
One time Pad
N C B T Z Q A R X
Initial Total 20 16 23 19 42 20 24 31 43

Subtract 26, if >25 20 16 23 19 16 20 24 5 17

Cipher text U Q X T Q U Y F R
 Symmetric and Asymmetric Key
Cryptography
‹ The key used for encryption is also used
for decryption is called as symmetric key
cryptography. The key distribution itself is
a big task to do.
‹ In asymmetric key cryptography, a pair
of keys are used. One for encryption and
one more for decryption. The key used for
encryption cannot be used for decryption.
The problem due to key distribution can
be totally avoided.
 Encryption & Decryption
algorithm types
1. Stream Ciphers
It involves the encryption of one plain
text bit at a time. The decryption also
happens one bit at a time.
2. Block Ciphers
It involves encryption of one block of
text at a time. Decryption also takes one
block of encrypted text at a time.
 Data Encryption Standard (DES)
General
Designer(s) IBM
First published 1975 (January 1977 as the standard)
Derived from Lucifer (cipher)
Cipher(s) based on this design Triple DES, G-DES, DES-X, LOKI89, ICE

Algorithm detail
Block size(s) 64 bits
Key size(s) 56 bits
Structure Feistel network
Number of rounds 16
 Data Encryption Standard (DES)
DES is a symmetric cryptosystem: when used for
communication, both sender and receiver must know
the same secret key, which is used both to encrypt
and decrypt the message.
DES can also be used for single-user encryption, such
as to store files on a hard disk in encrypted form.
In a multi-user environment, secure key distribution
may be difficult; public-key cryptography provides an
ideal solution to this problem.
DES has a 64-bit block size and uses a 56-bit key
during encryption. It is a 16-round Feistel cipher and
was originally designed for implementation in
hardware.
Various proposals for a DES-cracking machine were advanced.
In 1977, Diffie and Hellman proposed a machine costing an
estimated US$20 million which could find a DES key in a single
day.
By 1993, Wiener had proposed a key-search machine costing
US$1 million which would find a key within 7 hours. The
vulnerability of DES was practically demonstrated in the late
1990s.
In 1997, RSA Security sponsored a series of contests, offering a
$10,000 prize to the first team that broke a message encrypted
with DES for the contest. That contest was won by the
DESCHALL Project, led by Rocke Verser, Matt Curtin, and Justin
Dolske, using idle cycles of thousands of computers across the
Internet.
The feasibility of cracking DES quickly was demonstrated in 1998
when a custom DES-cracker was built by the Electronic Frontier
Foundation (EFF), a cyberspace civil rights group, at the cost of
approximately US$250,000. Their motivation was to show that
DES was breakable in practice as well as in theory.
 Data Encryption Standard (DES)

The EFF's US$250,000 DES cracking machine contained over 18,000

custom chips and could brute force a DES key in a matter of days — the
photo shows a DES Cracker circuit board fitted with several Deep Crack
chips.
 Data Encryption Standard (DES)

64 bit Plain 64 bit Plain

Text Text

56 bit key 56 bit key

DES DES

64 bit 64 bit
Cipher Text Cipher Text

BLOCK
Block 1 Block 2
n
 Data Encryption Standard (DES)

The Feistel (F) function

E – Expansion Permutation
S – S box Permutation
P – P box Permutation Key Transformation
Cipher Text (64 Bits)
 The Feistel (F) function
1. Expansion — the 32-bit half-block is expanded to 48 bits
using the expansion permutation, denoted E in the diagram,
by duplicating some of the bits.
2. Key mixing — the result is combined with a subkey using
an XOR operation. Sixteen 48-bit subkeys — one for each
round — are derived from the main key using the key
schedule.
3. Substitution — after mixing in the subkey, the block is
divided into eight 6-bit pieces before processing by the S-
boxes, or substitution boxes. Each of the eight S-boxes
replaces its six input bits with four output bits according to a
non-linear transformation, provided in the form of a lookup
table. The S-boxes provide the core of the security of DES —
without them, the cipher would be linear, and trivially
breakable.
4. Permutation — finally, the 32 outputs from the S-boxes
are rearranged according to a fixed permutation, the P-box.
 Data Encryption Standard (DES)
1 2 3 4 5 6 7 8
9 10 11 12 13 14 15 16
17 18 19 20 21 22 23 24
25 26 27 28 29 30 31 32
Plain Text (64 bit)
33 34 35 36 37 38 39 40
41 42 43 44 45 46 47 48
49 50 51 52 53 54 55 56
57 58 59 60 61 62 63 64

58 50 42 34 26 18 10 2
60 52 44 36 28 20 12 4
62 54 46 38 30 22 14 6
Input Permutation (IP) 64 56 48 40 32 24 16 8
57 49 41 33 25 17 9 1
59 51 43 35 27 19 11 3
61 53 45 37 29 21 13 5
63 55 47 39 31 23 15 7
 EXPANSION PERMUTATION

‹ Original Plain text will be divided into two blocks with 32bit
each called as RPT & LPT.
‹ Considering RPT or LPT, it is divided further into 8 blocks,
with each block consisting of 4 bits.
‹ Each 4 bits will be added with 2 bits as shown in the figure
to get a 48 bit text with 8 blocks each with 6 bits.

1 2 3 4 5 6 7 8 29 30 31 32

1 2 3 4 5 6 7 8 9 10 11 12 43 44 45 46 47 48
 Key Transformation
Step1: The multiples of 8th bit will be discarded to get a 56 bit key.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16
17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32
33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48
49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64

Step2: Circular shift the 56 bit key and discard 8 bits

Ex: temp = ((left >>> 4) ^ right) & 0x0f0f0f0f; right ^= temp; left ^=
(temp << 4);

57 49 41 33 25 17 9 1
58 50 42 34 26 18 10 2
59 51 43 35 27 19 11 3
60 52 44 36 0 0 0 0
Step3 - 16: Repeat step 2
63 55 47 39 31 23 15 7
62 54 46 38 30 22 14 6
61 53 45 37 29 21 13 5
28 20 12 4 0 0 0 0
International Data Encryption Algorithm (IDEA)
General

Designer(s) James Massey, Xuejia Lai

First published 1991

Derived from PES (Proposed Encryption Standard)

Cipher(s) based on this design MESH, Akelarre, FOX (IDEA NXT)

Algorithm detail

Block size(s) 64 bits

Key size(s) 128 bits (16bits for subkeys)

Structure Substitution-permutation network

Number of rounds 8.5

International Data Encryption Algorithm (IDEA)
IDEA is the second version of a block cipher designed and
presented by Lai and Massey.
It is a 64-bit iterative block cipher with a 128-bit key and eight
rounds.
While the cipher is not Feistel, decryption is carried out in the
same manner as encryption once the decryption subkeys have
been calculated from the encryption subkeys.
The cipher structure was designed to be easily implemented in
both software and hardware, and the security of IDEA relies on
the use of three incompatible types of arithmetic operations on
16-bit words.
The speed of IDEA in software is similar to that of DES.
One of the principles during the design of IDEA was to facilitate
analysis of its strength against differential cryptanalysis;
IDEA is considered to be immune from differential
cryptanalysis. In addition, no linear cryptanalytic attacks on
IDEA have been reported and there is no known algebraic
weakness in IDEA.
International Data Encryption Algorithm (IDEA)
INPUT PLAIN TEXT (64 BITS)

K1
ROUND 1
K6

K7
ROUND 2
K12

K43
ROUND 8
K48

K49
OUTPUT TRANSFORMATION
K52

OUTPUT PLAIN TEXT (64 BITS)

 XOR

MODULO
216 + 1
MULTIPLICATION

MODULO
216
ADDITION
International Data Encryption Algorithm (IDEA)

Output transformation process

K1 K2

K2 K2

OUTPUT CIPHER TEXT (64 BITS)

 SUB KEY GENERATION PROCESS FOR EACH
ROUND

1. Bit positions 1 – 96 of the key is used. Positions

97 – 128 remain unused, they are given to
round 2.

2. Unused bit positions 97 – 128 (32 bits) from

round 1 are used first. Key is exhausted.
Circular left shift of 25 bits occurs. New starting
position:26, New ending position: 25). Bit
positions 25 to 89 are used (64 bits).

3. This process will continue up to 8th round.

4. For output transformation, first circular left shift

of 25 bits will be made and the bit positions 23
to 86 will be used.
 RC 5
General
Designer(s) Ron Rivest (Ron’s or Rivest Cipher)
First published 1994
Derived from -
Cipher(s) based on this design RC6, Akelarre

Algorithm detail
Block size(s) 32, 64 or 128 bits (64 suggested)
Key size(s) 0 to 2040 bits (128 suggested)
Structure Feistel network
Number of rounds 12 suggested originally
 RC 5
RC5 has a variable block size (32, 64 or 128 bits),
key size (0 to 2040 bits) and
number of rounds (0 to 255).

The original suggested choice of parameters were a block size

of 64 bits, a 128-bit key and 12 rounds.

A key feature of RC5 is the use of data-dependent rotations.

RC5 also consists of a number of modular additions and

eXclusive_OR_(XOR)s.

The general structure of the algorithm is a Feistel-like network.

The encryption and decryption routines can be specified in a
few lines of code, although the key schedule is more complex.

The tantalizing simplicity of the algorithm together with the

novelty of the data-dependent rotations has made RC5 an
attractive object of study for cryptanalysts.
 RC 5
Divide the plain text into two
blocks. Call them as A & B

C = A+s[0]; D= B+s[1]

E=C D G=D F

<<< E by D bits <<< G by F bits

F = E + s[2i] H = G + s[2i+1]

Increment i by 1

C = F; D = H Check is Stop
i>r?
 SUB KEY GENERATION

1. Two constants P & Q are used.

2. The first sub key s[0] is initialized with the value

of P.

3. Each next sub key is calculated on he basis of

the previous sub key and the constant value Q,
using addition modulo 232 operations.

4. This process is done 2(r+1)-1 times

 RSA
General
Designer(s) Ron Rivest, Adi Shamir and
Leonard Adleman
First published 1977
Derived from -
Cipher(s) based on this design -
 RSA
1. Choose two large prime number P & Q.
2. Calculate N = P x Q
3. Select the public key (i.e. the encryption key) E
such that it is not a factor of (P–1) and (Q-1)
4. Select the private key (i.e. the decryption key)
D such that the following equation is true:
(D X E) mod (P–1) X (Q–1) = 1
5. For encryption, calculate the cipher text CT
from the plain text PT as follows:
CT=PTE mod N.
6. Send CT as the cipher text to the receiver.
7. For decryption, calculate the plain text PT from
the cipher text CT as follows:
PT=CTD mod N.
 RSA
1. Consider P = 7 & Q = 17.
2. N = P X Q = 119.
3. To select Public key E: (P-1)x(Q-1)=6x16=96.
The factors are 2,2,2,2,2,3. Select 5.
4. To select Decryption key D: (D X E) mod (P–1)
X (Q–1) = 1; Choose D=77. (77x5) mod
(96)=1.
5. CT=PTE mod N.
6. PT=CTD mod N.
 QUERIES?
? ? ? ? ? ? ? ?
? ? ? ? ? ? ? ?
? ? ? ?
? ? ? ?
? ? ? ?
? ? ? ?
? ? ? ? ? ? ? ?
? ? ? ? ? ? ? ?