CRYPTOGRAPHY

Cryptography is the practice and study of hiding information. Modern day cryptography includes disciplines of mathematics, computer science and engineering.

Cryptography today has applications in various fields which include : Electronic Commerce ex. ATM, Credit Cards Password Authentication ex. Gmail, Facebook Transfer of secret Military Messages

Encryption is the science of changing data so that it is unrecognisable and useless to an unauthorized person. Decryption is changing it back to its original form. The most secure techniques use a mathematical algorithm and a variable value known as a key. This is the basis of the protection.... if the key (sometimes called a password) is only known by authorized individual(s), the data cannot be exposed to other parties.

The three main fields of cryptography are CIPHERS, STEGNOGRAPHY, and VISUAL CRYPTOGRAPHY

CLASSICAL CRYPTOGRAPHY

MONOALPHABETIC CIPHERS:
The key is such that each alphabetic character of plaintext is mapped to a unique alphabetic character in the cipher text. The examples include: a) SHIFT CIPHER : This is the most simplest form of encryption .the characters of plaintext are replaced by characters obtained after shifting by fixed number in the cipher text . Also referred to as Caesars cipher as Julius Caesar is supposed to have used this cipher for military dispatches he wished to keep secret!!!!! In mathematical terms it can be represented by

Ek(x) =(x+k) mod 26 Dk(x) =(y-k) mod 26 where (x, y belongs to Z26) It can be seen that x=D k (Ek(x)) For example shifting by 3: plaintext Cipher text A B C D....... D E F G........

So there can be only 25 possible shift ciphers as shifting by 26 will amount to same text and shifting by 27 will be same as shifting by 1 and so on. b) SUBSTITUTION CIPHERS: The key is any permutation of letters; need not be a shift, for example plaintext cipher text ABCDEFGH IJKLMNOPQRSTUVWXYZ CVBNMXZASDFGHJKLQWERTYUIOP

So that a b c>> c v b There can be 26! Different substitution ciphers!! Examples are Caesars cipher (mentioned above), at bash cipher in which alphabets are simply reversed a>>z, b >> y, c>> x and so on.... c) AFFINE CRYPTOSYSTEM Mathematically it can be represented as 0<=k<=25 and 0<=a<=25 Ek(x) =a*x + k mod 26 and Dk(x) =(y-k) /a mod 26 It can be observed that for a=1, it reduces to Caesars cipher Example

plaintext: A F F I N E C I P H E R x: 5x + 8 0 5 5 8 13 4 2 8 15 7 4 17 8 33 33 48 73 28 18 48 83 43 28 93

This encryption can be injective if and only if GCD (a,26) =1, so a can take only 12 possible values {1, 3 , 5, 7 , 9 ,11, 15, 17, 19, 21,23, 25} and k can take any 26 values . Thus the total possible number of affine ciphers is 12*26 = 312.

POLYALBHABETIC CIPHERS:
The mono alphabetic ciphers are relatively easy to break .a polyalphabetic cipher is a vast improvement over this technique. a) VIGENERE CIPHER The basic principal in all polyalphabetic cipher is the use of multiple but different mono alphabetic substitution techniques. In vigenere cipher, each letter key value will denote the shift to be done for that particular letter i.e. the n in the shift n cipher. It will be clearer by an example: let key = a b c Plaintext= x y z Cipher text = x z b (shift of 0, 1, 2 respectively)

Another example:

key =ad Plaintext= a b c d Cipher text = a e c g (shift of 0, 3, 0, 3)

The second example shows us an important technique, if the key is of a lesser length than the plaintext, then use the key repeatedly till whole length of the plaintext is traversed. b) HILL CIPHER Hill cipher is a polygraphic substitution cipher based on linear algebra. Each letter is first encoded as a number. Often the simplest scheme is used: A = 0, B =1...Z=25, but this is not an essential feature of the cipher. A block of n letters is then considered as a vector of n dimensions, and multiplied by an n n matrix, modulo 26. For example Consider the message 'ACT', and the key below (or GYBNQKURP in letters):

Since 'A' is 0, 'C' is 2 and 'T' is 19, the message is the vector:

Thus the enciphered vector is given by:

Which corresponds to a cipher text POH. In order to decrypt, we turn the cipher text back into a vector, then simply multiply by the inverse matrix of the key matrix (IFKVIVVMI in letters) c) PERMUTATION CIPHER The permutation cipher is a transposition cipher in which the key is a permutation. A random permutation of size e is generated. (The larger

the value of e more secure is the cipher).The plaintext is then broken into segments of size e and the letters within the segment are permuted according to this key. Because the cipher doesnt changes any of the characters, the cipher text will have exactly the same letter frequency as the underlying plaintext .There is a limitation that the plaintext has to have a length which is in multiple of e. Example: Let e = 3. Key = 2 1 3 Plaintext: CRYPTOGRAPHY Breaking the text: CRY PTO GRA PHY Cipher text: RCY TPO RGA HPY i.e. RCYTPORGAHPY.

BLOCK CIPHER
The most important symmetric (meaning the same key is used for both encryption and decryption ) algorithms are block ciphers .the general operation of all the block ciphers is the same a given number of bits of plaintext (a block) is encrypted into a block of cipher text of the same size . This is in contrast to stream ciphers which encrypt one bit at a time. There are several modes for block encryption: a) ELECTRONIC CODEBOOK (ECB) MODE It is the simplest mode of operation for a block cipher. The input data is padded out to a multiple of the block size, broken into a integer number of blocks, each of which is encrypted independently using the key.

In addition to simplicity, ECB has the advantage of allowing any block to be decrypted independently of the others. Thus, lost data blocks do not affect the decryption of other blocks. The disadvantage of ECB is that it aids known-plaintext attacks. If the same block of plaintext is encrypted twice with ECB, the two resulting blocks of cipher text will be the same. b) CIPHER BLOCK CHAINING (CBC) MODE CBC is the most commonly used mode of operation for a block cipher. Prior to encryption, each block of plaintext is XOR-ed with the prior block of cipher text. After decryption, the output of the cipher must then be XOR-ed with the previous cipher text to recover the original plaintext. The first block of plaintext is XOR-ed with an initialization vector (IV), which is usually a block of random bits transmitted in the clear. CBC is more secure than ECB because it effectively scrambles the plaintext prior to each encryption step. Since the cipher text is constantly changing, two identical blocks of plaintext will encrypt to two different blocks of cipher text. The disadvantage of CBC is that the encryption of a data block becomes

dependent on all the blocks prior to it. A lost block of data will also prevent decoding of the next block of data.

[XOR is bitwise exclusive or operator. It takes two bit pattern of equal length and performs the logical XOR operation on each pair of corresponding bits. The result is each position is 1, if the two bits are different, and 0 if they are the same. ]

FEISTEL CIPHER
It is a scheme used by almost all modern day block ciphers. The input is broken into two equal size blocks, generally called left (L) and right (R), which are then repeatedly cycled through the algorithm. At each cycle, a hash function (f) is applied to the right block and the key, and the result of the hash is XOR-ed into the left block. The blocks are then swapped. The XOR-ed result becomes the new right block and the unaltered right block becomes the left block. The process is then repeated a number of times.

Examples of block ciphers are: Data Encryption Standards (DES): It is a feistel type substitution permutation network (SPN) cipher. It uses a 56 bit key. This method is now considered obsolete. Advanced Encryption Standards (AES): Each AES cipher has a 128-bit block size, with key sizes of 128, 192 and 256 bits, respectively

MODERN CRYPTOGRAPHY: PUBLIC KEY CRYPTOGRAPHY

The distinguishing technique used in public key cryptography is the use of asymmetric key algorithms, where the key used to encrypt a message is not the same as the key used to decrypt it. Each user has a pair of cryptographic keys a public key and a private key. The private key is kept secret, whilst the public key may be widely distributed. Messages are encrypted with the recipient's public key and can only be decrypted

with the corresponding private key. The keys are related mathematically, but the private key cannot be feasibly (i.e., in actual or projected practice) derived from the public key. It was the discovery of such algorithms which revolutionized the practice of cryptography beginning in the middle 1970s.Public key cryptography is a fundamental and widely used technology around the world, and is the approach which underlies such Internet standards as Transport Layer Security (TLS) (successor to SSL), PGP and GPG

In an asymmetric key encryption scheme, anyone can encrypt messages using the public key, but only the holder of the paired private key can decrypt. Security depends on the secrecy of that private key.

CRYPTOGRAPHIC ATTACKS
A cryptographic attack is a method for circumventing the security of a cryptographic system by finding a weakness in a code, cipher, cryptographic protocol or key management scheme. This process is also called "cryptanalysis .

TYPES OF CRYPTOGRAPHIC ATTACK

Known Plaintext and Cipher text Only Attacks: A known plaintext attack is an attack where a cryptanalyst has access to a plaintext and the corresponding cipher text and seeks to discover a correlation between the two. A cipher text-only attack is an attack where a cryptanalyst has access to a cipher text but does not have access to corresponding plaintext. With simple ciphers, such as the Caesar Cipher, frequency analysis can be used to break the cipher. Chosen Plaintext and Chosen Cipher text Attacks: A chosen plaintext attack is an attack where a cryptanalyst can encrypt a plaintext of his choosing and study the resulting cipher text. This is most common against asymmetric cryptography, where a cryptanalyst has access to a public key. A chosen cipher text attack is an attack where a cryptanalyst chooses a cipher text and attempts to find a matching plaintext. This can be done with a decryption oracle (a machine that decrypts without exposing the key). This is also often performed on attacks versus public key encryption; it begins with a cipher text and searches for matching publicly-posted plaintext data. Brute Force Attacks: A brute force attack systematically attempts every possible key. It is most often used in a known plaintext or cipher text-only attack.

STEGANOGRAPHY
Steganography is the science of hiding information. Whereas the goal of cryptography is to make the data unreadable by a third party, the role of steganography is to hide the data from a third party. in Greek it means covered writing .

There are a large number of steganographic methods , ranging from invisible ink and microdots to secreting a hidden message in the second letter of each word of a large body of text and spread spectrum radio communication.

LEAST SIGNIFICANT BIT (LSB) INSERTION:

The simplest approach to hiding data within an image file is called least significant bit (LSB) insertion. In this method, we can take the binary representation of the hidden data and overwrite the LSB of each byte within the cover image. If we are using 24-bit colour, the amount of change will be minimal and indiscernible to the human eye. As an

example, suppose that we have three adjacent pixels (nine bytes) with the following RGB encoding: 10010101 00001101 11001001 10010110 00001111 11001010 10011111 00010000 11001011 Now suppose we want to "hide" the following 9 bits of data (the hidden data is usually compressed prior to being hidden): 101101101. If we overlay these 9 bits over the LSB of the 9 bytes above, we get the following (where bits in bold have been changed): 10010101 00001100 11001001 10010111 00001110 11001011 10011111 00010000 11001011 Note that we have successfully hidden 9 bits but at a cost of only changing 4, or roughly 50%, of the LSBs. This description is meant only as a high-level overview. Similar methods can be applied to 8-bit colour but the changes, as the reader might imagine, are more dramatic. Gray-scale images, too, are very useful for steganographic purposes