Symmetric Encryption

By : Sashika Suren
Network & Cloud Security
 Symmetric Encryption
● Symmetric Encryption, also referred to as conventional encryption, Secret key or Single key encryption.
● It was the only type of encryption in use prior to the development of public key in the late 1970s.

Symmetric Encryption Principles

➢ Plaintext : This is the original intelligible message or data that is fed into the algorithm as input.

➢ Encryption Algorithm: The encryption algorithm performs various substitutions and transformations on the plain
text

➢ Secret Key: The secret key is also input to the encryption algorithm. The key is a value independent of the plain text
and of the algorithm.

➢ Cipher text: This is the scrambled message produced as output. It depends on the plaintext and the secret key.

➢ Decryption algorithm: This is essentially the encryption algorithm run in reverse.

Symmetric Encryption
There are two requirements for secure use of conventional encryption
1. It require a strong encryption algorithm. At minimum, the algorithm may know the attacker such that cipher text
should unable to decrypt cipher text.
2. Sender and receiver must have obtained copies of the secret key in a secure fashion and must keep the key secure.
Model of Symmetric Cryptosystem
Cryptography
Cryptographic systems are characterized along three independent dimensions:

The type of operations used for transforming plaintext to ciphertext: All encryption algorithms are based on two general
principles. Substitution and Transposition. Most production systems, involve multiple stage of substitutions and
transpositions.

The number of keys used:

The way in which the plain text is processed: A block cipher processes the input one block of elements at a time,
producing the output block for each input block. A stream cipher processes the input elements continuously, producing
output one element at a time, as it goes along.

Cryptanalysis and Brute-Force Attack

Cryptanalysis: Cryptanalytic attacks rely on the nature of the algorithm plus perhaps some knowledge of the general
characteristics of the plaintext or even some sample plaintext–ciphertext pairs.

Brute-force attack: The attacker tries every possible key on a piece of cipher-text until an intelligible translation into
plaintext is obtained. On average, half of all possible keys must be tried to achieve success.
Cryptanalytic attacks
 Cryptanalysis continue
➢ The cost of breaking the cipher exceeds the value of the encrypted information.
➢ The time required to break the cipher exceeds the useful lifetime of the information.

An encryption scheme is said to be computationally secure if either of the foregoing two criteria are met. Unfortunately,
it is very difficult to estimate the amount of effort required to cryptanalyze ciphertext successfully.
SUBSTITUTION TECHNIQUES
The two basic building blocks of all encryption techniques are substitution and transposition.

A substitution technique is one in which the letters of plaintext are replaced by other letters or by numbers or symbols.1 If
the plaintext is viewed as a sequence of bits, then substitution involves replacing plaintext bit patterns with ciphertext bit
patterns.

Caesar Cipher

The earliest known, and the simplest, use of a substitution cipher was by Julius Caesar. The Caesar cipher involves
replacing each letter of the alphabet with the letter standing three places further down the alphabet.

For example,

plain: meet me after the toga party

cipher: PHHW PH DIWHU WKH WRJD SDUWB
SUBSTITUTION TECHNIQUES
Note that the alphabet is wrapped around, so that the letter following Z is A. We can define the transformation by listing
all possibilities, as follows:

Let us assign a numerical equivalent to each letter:

Then the algorithm can be expressed as follows. For each plaintext letter p , substitute the ciphertext letter C:
C = E(3, p) = (p + 3) mod 26
SUBSTITUTION TECHNIQUES
A shift may be of any amount, so that the general Caesar algorithm is
C = E(k, p) = (p + k) mod 26

where k takes on a value in the range 1 to 25. The decryption algorithm is simply
p = D(k, C) = (C - k) mod 26

If it is known that a given ciphertext is a Caesar cipher, then a brute-force cryptanalysis is easily performed: simply try all
the 25 possible keys.

Monoalphabetic Ciphers
With only 25 possible keys, the Caesar cipher is far from secure. A dramatic increase in the key space can be achieved by
allowing an arbitrary substitution.

A permutation of a finite set of elements S is an ordered sequence of all the elements of S, with each element appearing
exactly once. For example, if S = {a, b, c} , there are six permutations of S:
abc, acb, bac, bca, cab, cba
SUBSTITUTION TECHNIQUES
In general, there are n! permutations of a set of n elements, because the first element can be chosen in one of n ways,
the second in (n - 1) ways, the third in (n - 2) ways, and so on.

Such an approach is referred to as a monoalphabetic substitution cipher, because a single cipher alphabet (mapping
from plain alphabet to cipher alphabet) is used per message.

Playfair Cipher
The Playfair cipher was the first practical digraph substitution cipher. The scheme was invented in 1854 by Charles
Wheatstone but was named after Lord Playfair who promoted the use of the cipher. In playfair cipher unlike traditional
cipher we encrypt a pair of alphabets(digraphs) instead of a single alphabet.

The Playfair Cipher Encryption Algorithm:

The Algorithm consists of 2 steps:

1. Generate the key Square(5×5):
➢ The key square is a 5×5 grid of alphabets that acts as the key for encrypting the plaintext. Each of the 25
alphabets must be unique and one letter of the alphabet (usually J) is omitted from the table (as the table
can hold only 25 alphabets). If the plaintext contains J, then it is replaced by I.
➢ The initial alphabets in the key square are the unique alphabets of the key in the order in which they appear
followed by the remaining letters of the alphabet in order.
SUBSTITUTION TECHNIQUES Plain Text: "instrumentsz"
Encrypted Text: gatlmzclrqtx
Encryption:
For example: i -> g
n -> a
The key is "monarchy" s -> t
Thus the initial entries are t -> l
'm', 'o', 'n', 'a', 'r', 'c', 'h', 'y' r -> m
followed by remaining characters of u -> z
a-z(except 'j') in that order. m -> c
e -> l
n -> r
t -> q
s -> t
z -> x
SUBSTITUTION TECHNIQUES
2. Algorithm to encrypt the plain text: The plaintext is split into pairs of two letters (digraphs). If there is an odd
number of letters, a Z is added to the last letter.
For example:

PlainText: "instruments"
After Split: 'in' 'st' 'ru' 'me' 'nt' 'sz'

Rules for Encryption:

If both the letters are in the same column: Take the letter below each one (going back to the top if at the bottom).

For example:

Diagraph: "me"
Encrypted Text: cl
Encryption:
m -> c
e -> l
SUBSTITUTION TECHNIQUES
If both the letters are in the same row: Take the letter to the right of each one (going back to the leftmost if at the rightmost
position).

For example:

Diagraph: "st"
Encrypted Text: tl
Encryption:
s -> t
t -> l

If neither of the above rules is true: Form a rectangle with the two letters and take the letters on the horizontal opposite corner of the
rectangle.

For example:

Diagraph: "nt"
Encrypted Text: rq
Encryption:
n -> r
t -> q
SUBSTITUTION TECHNIQUES
Affine Ciphers

An affine cipher, (like a shift cipher), is an example of a substitution cipher: In encryption using a substitution cipher, each
time a given letter occurs in the plaintext, it always is replaced by the same ciphertext letter.

The encryption key for an affine cipher is an ordered pair of integers, both of which come from the set{0, . . . , n−1}, where
n is the size of the character set being used (for us, the character set is the English alphabet, so we haven= 26).

The ‘key’ for the Affine cipher consists of 2 numbers, we’ll call them a and b. The following discussion assumes the use of a
26 character alphabet (m = 26). a should be chosen to be relatively prime to m (i.e. a should have no factors in common
with m).

Encryption

It uses modular arithmetic to transform the integer that each plaintext letter corresponds to into another integer that
correspond to a ciphertext letter. The encryption function for a single letter is

E ( x ) = ( a x + b ) mod m
modulus m: size of the alphabet
a and b: key of the cipher. a must be chosen such that a and m are coprime.
SUBSTITUTION TECHNIQUES
Decryption

In deciphering the ciphertext, we must perform the opposite (or inverse) functions on the ciphertext to retrieve the
plaintext. Once again, the first step is to convert each of the ciphertext letters into their integer values. The decryption
function is

D ( x ) = a^-1 ( x - b ) mod m
a^-1 : modular multiplicative inverse of a modulo m. i.e., it satisfies the equation 1 = a a^-1 mod m .
~ END ~