3.1 What are the two principal requirements for the secure use of symmetric encryption?

(1) a strong encryption algorithm;

(2) Sender and receiver must have obtained copies of the secret key in a secure fashion
and must keep the key secure.

3.2 What are the two basic functions used in encryption algorithms?

Two basic functions used in encryption algorithms are substitution and transposition.

Substitution
In this principle, letters or numbers in plain text are replaced by some other letters, symbols, or
numbers. i.e., every element(a group of letters) on the plain text is mapped to some other
element.

So by replacing the characters that represent the original message with some random characters,
the data becomes unreadable.

The simplest use of substitution cipher is Julies Caesar

Which involves replacing the letter with 3 places further down the alphabet to it.

For example:

Plain text: wedge shaped ball whirling up in the wool

Encrypted text: zhgjh vkdshg edoo zkluolqj lq wkh zrro

Transposition:
In this principle, The letters in the plain text are rearranged. The fundamental requirement is that
no information is lost (i.e., that all operations can be reversed).

The most commonly used cipher is the Rail Fence technique,

In this technique, the plain text was written down as a sequence of diagonals and read as rows
For example:

If you want to send a message to a person like

“wedge shaped ball whirling up in the wool”

WdehpdalwIlnuIteol

EgsaeblhrIgpnhwo

In So in this technique, the above message can be written down as

“wdehpedalwlinuiteolegsaeblhrigpnhwo”
In the above message, we read off the message in rows leaving the jumbled text

3.3 What is the difference between a block cipher and a stream cipher?
A stream cipher is one that encrypts a digital data stream one bit or one byte at a time. A block
cipher is one in which a block of plaintext is treated as a whole and used to produce a ciphertext
block of equal length.

3.4 What are the two general approaches to attacking a cipher?

Cryptanalysis and brute force.

List and briefly define types of cryptanalytic attacks based on what is known to the
Attacker.

Ciphertext only:
In this type of attack, the cryptanalyst/attacker knows the Encryption algorithm as well as
Ciphertext. And in many cases, he might know some plain texts too. However, This type of
attack is said to be the hardest of all, because he has very little know information to crack the
secret key.

Known plaintext:
In this type of attack, the cryptanalyst knows encryption algorithm, cyphertext, as well as One or
more plaintext–ciphertext pairs formed by the private key.

By using this information the attacker may be able to deduce the key based on how the known
plaintext is transformed.

Chosen plaintext:
In this type of attack, the attacker knows the encryption algorithm, and Plaintext message chosen
by the cryptanalyst, together with its corresponding ciphertext generated with the secret key.
If the analyst is able somehow to get the source system to insert into the system a message
chosen by the analyst, then a chosen-plaintext attack is possible.

Chosen ciphertext:
The attacker knows, Encryption algorithm and Ciphertext chosen by the cryptanalyst together
with its associated decrypted plaintext generated with the secret key and analyze this information
to deduce the secret key.

Chosen text:
In this method, the attacker knows, Encryption algorithm,Ciphertext,

A plaintext message is chosen by cryptanalyst, together with its corresponding ciphertext

generated with the secret key

Ciphertext chose by cryptanalyst, together with its corresponding decrypted plaintext generated
with the secret key.The attacker use the above information to deduce the key.

Unconditionally secure cipher:

An encryption scheme is said to be unconditionally secure, when there is not enough information
in a ciphertext to determine uniquely the plaintext, regardless of how much ciphertext available.
i.e., provably immune to the compute power or any form of attack.

Unfortunately there is no encryption algorithm that is unconditionally secure, with the exception
of the one-time pad(OTP)

Computationally secure cipher:

The encryption technique is computationally secure ifThe cost of breaking the cipher exceeds the
value of the encrypted information or The time required to break the cipher exceeds the useful
lifetime of the information.

Even if it met only one of these, it is said to be computationally secure. But, The amount of time
needed to properly cryptanalyze ciphertext is difficult to estimate.

3.8 Why is the Caesar cipher substitution technique vulnerable to a brute-force

cryptanalysi
The problem with the Caeser cipher technique is there are only 25 possible keys to decrypt the
ciphertext. So, if someone performs a brute force attack on Caesar cipher technique all he has to
do is try all possible keys from 1 to 25. One of those keys will give you the original message.

Full Explanation:

Caesar cipher technique works in such a way that all the letters in the original text are replaced
by letters some k places further down in the alphabet.

If we give alphabets a number such as…

A b c d e f g h I j k l m n o p q r s t u v w x y z

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26

If k = 3; three places further down the letter ‘a’ is ‘e’.

We can express the caesar cipher algorithm in

C = E(k, p) = (p + k) mod 26
Where C is ciphertext

E is Encryption

K is key. ( can be any number from 1 – 25)

P is plaintext.

The decryption algorithm is

P = D(k, C) = (C – k) mod 26
By trying all possible values k can take, an attacker can easily deduce the key and plain text
Plaintext: wedge shaped ball whirling up in the wool

Ciphertext: zhgjh vkdshg edoo zkluolqj lq wkh zrro (for k = 3)

So in brief, these three points enable the attacker to use brute force cryptanalysis on the said
algorithm.

1. The encryption and decryption algorithms are known.

2. There are only 25 keys to try.

3. The language of the plaintext is known and easily recognizable.

3.11 What is the difference between a monoalphabetic cipher and a polyalphabetic cipher?
There are 26! Or 4 * 10^26 possible keys available for the monoalphabetic substitution cipher.

Explanation:
For monoalphabetic substitution cipher, we use a permutation of alphabets.

A permutation is explained as Let’s say S is an ordered sequence of elements, with each element
appearing exactly once.

For example, if S = {x, y, z}, there are six permutations of S:

(xyz, yxz, zyx, xzy, yzx, zxy)

In general, there are n! permutations for a set of n elements.

In this case, there are 3 elements. i.e., 3! Permutations which equal 6.

In Caeser cipher, if take key is 3,

Plain: a b c d e f g h I j k l m n o p q r s t u v w x y z

Cipher: D E F G H I J K L M N O P Q R S T U V W X Y Z A B C

If, instead of using cipher line and leaving the attacker a good chance of cracking the key(only
25 tries), we can replace the cipher line with one of the permutations of alphabets

i.e., giving 26! Or 4 * 10^26 possibilities.

Giving one hell of a headache for the attacker to find the key.
But, there is one weak point in this technique, if the cryptanalyst knows the language of
plaintext, he can exploit the frequency of letters to find the key.

This approach is known as a monoalphabetic substitution cipher. Substantially reducing the

chances of finding the key through brute force analysis.

3.10 What is the drawback of a Playfair cipher?

In a typical message or plaintext, we use some alphabets more frequently than others.for
example, we use the alphabet ‘ e ‘ more frequently than ‘ z ‘
In fig 3.6 we can see the distribution of letters in a typical plain text. (in plaintext plot)

Let’s see how the frequency distribution plot developed in fig 3.6 in the first place.

To find the frequency value of the letter, we take the number of occurrences of each letter in the
text and divide it with the occurrences of the most frequently used letter.

Such that value of letter ‘ e ‘ calculated as 12.702/12.072 = 1; (Acc to values of fig 3.5)

Value of letter ‘ t ‘ calculated as 9.056/12.072 = 0.72;

Generally, if the relative frequency of a letter’s plot is straight, flat, and horizontal then it is said
to be secure and cryptanalysis of ciphertext is nearly impossible.

But in fig 3.6 You can see the plot of the Playfair cipher plot nowhere near flat. And share much
of the same relative frequency structure as plaintext. Leaving enough data for attackers to work
with. Generally, a few hundred letters of ciphertext are said to be sufficient.

This is the main drawback of

encryption.

3.11What is the difference between a monoalphabetic cipher and a polyalphabetic cipher?

What is a Monoalphabetic Cipher?

It refers to that cipher in which all the letters of the plain text get mapped into the cipher text
letters, on the basis of one alphabetic key. The Caesar-shift cipher is one of the major examples
of a monoalphabetic cipher. Here, every letter shifts on the basis of a numeric key. The atbash
cipher is another example. Here, every letter gets mapped to its symmetric letter (symmetric to
the alphabet’s centre).
What is a Polyalphabetic Cipher?
The polyalphabetic cipher refers to the ciphers that are based on substitution with multiple
substitution alphabets. The most prominent example of this type of cipher is the Vigenère cipher,
although it is basically a special simplified case.

3.12 What are two problems with the one-time pad?

Answer

One-time pad offers complete security, but it has two major problems in practice:

First one is, one time pad requires a random key of length same as the original message.

This is where problem arises. Making large quantities of random keys for any heavily used
system might require million of random characters on daily basis. This presents an enormous
challenge to provide truly random characters

Second one, and even more challenging is, distribution and protection of the private key.

As both sender and receiver requires the same key and protecting the key is equally mammoth
task.

Because of these issues, one time pad has a limited utility and used only for the low bandwidth
channels.
EXPLAIN THE ATTACK OF DOUBLE DES THAT MOTIVATES THE USE OF TRIPLE DES

Double DES is vulnerable to a known attack called the meet-in-the-middle attack. In this attack,
an attacker captures a plaintext-ciphertext pair and tries all possible keys in the first encryption
pass and all possible keys in the second encryption pass to find a match. This significantly
reduces the effective key length of Double DES from 112 bits to 57 bits, making it vulnerable to
brute force attacks.

To mitigate this vulnerability, Triple DES was introduced. Triple DES applies the DES algorithm
three times with three different keys, making it much more secure than Double DES. With Triple
DES, even if an attacker successfully performs a meet-in-the-middle attack on the first two
passes, they would still need to perform another attack on the third pass with a different key,
significantly increasing the complexity of the attack. Triple DES effectively increases the key
length to 168 bits, making it more resistant to brute force attacks and other cryptographic attacks.

Under which conditions is the Vignere cipher unconditionally

secure?

The Vigenère cipher is considered unconditionally secure when the key used for encryption is
truly random, is at least as long as the plaintext message, and is never reused. In this scenario, the
key serves as a one-time pad, where each character of the key is used only once to encrypt a
single character of the plaintext.

When these conditions are met, the Vigenère cipher becomes unbreakable because each character
of the ciphertext is produced by combining the corresponding character of the plaintext with a
unique character from the key. Without knowing the exact key used for encryption, an attacker
would have no way to determine the original plaintext.

However, achieving unconditional security with the Vigenère cipher in practice can be
challenging due to the requirements of generating truly random keys that are as long as the
plaintext and ensuring that keys are never reused. If these conditions are not met, the Vigenère
cipher is vulnerable to frequency analysis and other cryptanalysis techniques.

Strength of DES
DES (Data Encryption Standard) is a symmetric encryption algorithm that was widely used for
secure communication and data protection. The strength of DES lies in its key size and the
complexity of its encryption process. Here are some key points that highlight the strength of
DES:

1. Key Size: DES uses a 56-bit key for encryption, which means there are 2^56 possible
keys that can be used to encrypt data. This key size was considered strong when DES was
first introduced in the 1970s, but over time, advances in computing power made it
vulnerable to brute force attacks.
 2. Feistel Cipher Structure: DES is based on a Feistel network structure, which involves
multiple rounds of substitution and permutation operations. This complex structure adds
to the security of the algorithm by creating confusion and diffusion in the encryption
process.

3. S-boxes: DES uses S-boxes (Substitution boxes) to perform non-linear substitutions

during the encryption process. The use of S-boxes enhances the confusion and diffusion
properties of the algorithm, making it more resistant to cryptanalysis techniques.

4. Avalanche Effect: DES exhibits a strong avalanche effect, meaning that small changes in
the input (plaintext or key) result in significant changes in the output (ciphertext). This
property makes it difficult for attackers to predict the relationship between plaintext,
ciphertext, and keys.

5. Standardization and Scrutiny: DES was developed by IBM and adopted as a federal
standard by the U.S. government. It underwent rigorous scrutiny and testing before being
widely adopted, which contributed to its perceived strength and reliability.

Despite its strengths, DES is no longer considered secure for modern cryptographic applications
due to its small key size and vulnerability to brute force attacks. As a result, it has been replaced
by more secure encryption algorithms such as AES (Advanced Encryption Standard).

CAESAR QUESTION ASSIGNMENT 2

Question
A generalization of the Caesar cipher, known as the affine Caesar cipher, has
the following form: For each plaintext letter p, substitute the ciphertext letter
C:
 C = E([a, b], p) = (ap + b) mod 26

A basic requirement of any encryption algorithm is that it be one-to-one. That

is, if p ≠ q, then E(k, p) ≠ E(k, q). Otherwise, decryption is impossible, because
more than one plaintext character maps into the same ciphertext character.
The affine Caesar cipher is not one-to-one for all values of a. For example, for
a = 2 and b = 3, then E([a, b], 0) = E([a, b], 13) = 3.
A. Are there any limitations on the value of b? Explain why or why not.
b. Determine which values of a are not allowed.

c. Provide a general statement of which values of a are and are not allowed.
Justify
your statement.

a.

There are no limitations on the value of b in the affine Caesar cipher.

The value of b determines the shift applied to each plaintext letter before
modular arithmetic is performed. Since modular arithmetic wraps around the
alphabet, any value of b will produce a unique ciphertext letter for each
plaintext letter, ensuring a one-to-one mapping.

b.

To determine which values of a are not allowed in the affine Caesar cipher, we
need to find values of a that result in a non-one-to-one mapping. This occurs
when the value of a shares a common factor with the modulus (26 in this case).
The common factor means that some plaintext letters will map to the same
ciphertext letter, making decryption impossible.
In the case of the affine Caesar cipher, the modulus is 26. So, we need to find
values of a that have a common factor with 26. The common factors of 26 are
1, 2, 13, and 26. Therefore, the values of a that are not allowed in the affine
Caesar cipher are 2, 13, and 26.
c.

In general, the values of a that are allowed in the affine Caesar cipher are the
ones that are coprime (have no common factors) with the modulus (26 in this
case).

This ensures a one-to-one mapping between plaintext and ciphertext letters.

Conversely, the values of a that are not allowed are the ones that share a
common factor with the modulus, as they result in a non-one-to-one mapping.