1. Cryptography & Classical Ciphers
Ammar Karim
NUST-SEECS

2. Introduction
Computer Security - generic name for the collection of tools designed to protect data and to prevent hackers.
Network Security - measures to protect data during their transmission.
Internet Security - measures to protect data during their transmission over a collection of interconnected networks. 2

3. Security Attack
“Any action that compromises the security of information owned by an organization”
Information security is about how to prevent attacks, or failing that, to detect attacks on information-based systems
Generic types of attacks
passive
active 3

4. Security Attacks

5. Passive Attacks 5

6. Passive Attacks
“Passive attacks” attempt to learn or make use of information from the system but does not affect system resources.
By eavesdropping on, or monitoring of, transmissions to:
obtain message contents or
monitor traffic flows
Are difficult to detect because they do not involve any alteration of the data.

7. Active Attacks 7

8. Active Attacks
“Active attacks” attempt to alter system resources or affect their operation.
Passive attacks are relatively easier to detect. Measures are available to prevent their success.
On the contrary, it is quite difficult to prevent active attacks because of the wide variety of potential physical, software, and network vulnerabilities.
Instead, the goal is to detect active attacks and to recover from any disruption or delays caused by them.

9. Security Service
A processing or communication service that enhances the security of the data processing systems and the information transfer for an organization. The services are intended to defy security attacks, and they make use of one or more security mechanisms to serve the purpose. 9

10. Security Services (X.800) Authentication Access Control
Assurance that the communicating entity is the one claimed
Access Control
Prevention of the unauthorized use of a resource
Data Confidentiality
Protection of data from unauthorized disclosure
Data Integrity
Assurance that the contents of the data received are the same as sent by an authorized entity
Non-Repudiation
Protection against denial by one of the parties in a communication 10

11. Security Mechanisms
Feature designed to detect, prevent, or recover from a security attack.
There is no single mechanism to provide security of the data to be transmitted.
However the element that underlies most of the security mechanisms is the use of cryptographic techniques.
Cryptography is the art of secret writing, is the process of converting information, such as this slide, that can be read by most, into a secret code, that can only be read by those who are party to the secret.

12. Terminologies

13. Security Mechanisms

14. Cryptography vs. Steganography
Overt writing: Evident that there is a secret message.
Enemy can intercept the message
Enemy can decrypt the message
Steganography
Covert writing: Its not evident that there is a secret message.

15. Steganography Change the LSB of pixels in a random walk.
Change the LSB of subsets of pixels (i.e. around edges).
Increment/Decrement the pixel value instead of flipping the LSB.

16. Steganography- Example
News Eight Weather:
Tonight increasing snow. Unexpected precipitation Smothers Eastern towns. Be extremely cautious and use snow-tires especially heading east. The highways are knowingly slippery. Highway evacuation is suspected. Police report emergency situations in downtown ending near Tuesday.
First letter of each word yields:
Newt is upset because he thinks he is President.

17. Steganography- Example
From WWII German spy (Kahn):
Apparently neutral’s protest is thoroughly discounted and ignored. Isman hard hit. Blockade issue affects pretext for embargo on by products, ejecting suet and vegetable Oils.
Second letter of each word yields:
Pershing sails from NY June 1.

18. Cryptography-- Cæsar Cipher

19. Conventional Encryption

20. Classification of Cryptographic Systems

21. Classification of Cryptographic Systems

22. Classification of Cryptographic Systems

23. Classification of Cryptographic Systems

24. Symmetric Case
Ek (M) = C
Dk (C) = M
Dk (Ek (M)) = M

25. Asymmetric Case
Ek1 (M) = C
Dk2 (C) = M
Dk2 (Ek1 (M)) = M

26. Kerchoff’s Principle
The security of cryptosystem must not depend on keeping secret the crypto- algorithm. It must depend on keeping secret the key.
Reasons:
Details of the crypto-algorithm can be captured or reverse-engineered.
Even if so, frequently changing the key maintains the security.

27. Note:
In symmetric-key cryptography, the same key is used by the sender (for encryption) and the receiver (for decryption). The key is shared.

28. Note:
In symmetric-key cryptography, the same key is used in both directions.

29. Class Exercise

30. Polyalphabetic Substitution: Vigen`ere Cipher

31. Example: Vigen`ere Cipher

32. Example: Vigen`ere Cipher

33. Example: Vigen`ere Cipher

34. Note:
In monoalphabetic substitution, the relationship between a character in the plaintext to the character in the ciphertext is always one-to-one.

35. Note:
In polyalphabetic substitution, the relationship between a character in the plaintext and a character in the ciphertext is one-to-many.

36. Rotor Encryption

37. Rotor Encryption

38. Rotor Encryption

39. Rotor Machine

40. Transposition: The Grille

41. Transposition: The Grille

42. Transposition: The Grille

43. Transposition: The Grille

44. Transposition: The Grille

45. Transposition: The Grille

46. Hill Cipher To Encipher: To Decipher
C = KM mod n
To Decipher
K-1C mod n = K-1KM mod n = M
Where C, K and M are dx1, dxd, dx1 matrices respectively.
K should be invertible modulo 26

47. Hill Cipher To Encipher: To Decipher
C = KM mod n
To Decipher
K-1C mod n = K-1KM mod n = M
Where C, K and M are dx1, dxd, dx1 matrices respectively.
Recall the concepts of Linear Algebra 

48. Linear Algebra Revision
For the matrices A, B, C, D:
AB != BA in general
AC = AD does not necessarily imply C = D
A(BC) = (AB)C
k(AB) = (kA)B = A(kB)
(A+B)C = AC+BC
AI = IA = A
det (A) = ad - bc

49. Linear Algebra Revision
Also recall the third order determinants.
Inverse of a matrix A is possible iff:
det (A) != 0
A-1 = adj (A) / det (A)
A-1A = AA-1 = I

50. Linear Algebra Revision

51. Linear Algebra Revision

52. Back to……….Hill Cipher

53. Stream Ciphers

54. Stream Ciphers

55. Stream Ciphers

56. Stream Ciphers

57. One Time Pad

58. One Time Pad

59. One Time Pad-- Example

60. Simple Block Cipher

61. Playfair Cipher

62. Playfair Cipher

63. Playfair Example

64. Playfair Example

65. Playfair Example

66. Playfair Example

67. Class Quiz
You have intercepted a message encrypted with a cipher of the form:-
C = aM+b
where M is the plaintext and C is the ciphertext (both integers modulo 26).
The ciphertext starts with BBDJ.
The plaintext starts with OOPS.
Find the key.