CRYPTOGRAPHY

SECURE COMMUNICATION
THROUGH OPEN
CHANNELS
Mathematics is like checkers in being
suitable for the young, not too
difficult, amusing and without peril to
the state
- Plato (429-347 BC)

"I have never done anything 'useful'.

No discovery of mine has made, or is
likely to make, directly or indirectly,
for good or ill, the least difference to
the amenity of the world.
- G.H. Hardy
(1877-1947)
Cryptography: older than channel or
source coding!

Used by Julius Caesar: Caesar Cipher

also called shift cipher.

Cryptography: Science of devising

methods that allow information to be
sent in a secure way so that only the
intended recipient can decode the
information

Cryptosystem: Collection of
 Encryption

Plain text Cipher text

Decryption
Cryptography is used for:

Military
Diplomatic ( to prevent wiki leaks!)
Commercial (banks, companies etc)

A key is used for both encryption and

decryption. Security depends on
length of the key.
Example:
Suppose following binary stream has
to be encrypted:
0110001010011111
Lets use a 4-bit long key, x = 1011 to
encrypt
Algorithm:
Divide into blocks of 4 and XOR with
the key.
The encrypted message is:
1101 1001 0010 0100
Message can be decrypted by
Same key is used for encryption and
decryption:
Symmetric key cryptography or
Single key cryptography or
Secret key cryptography
Problem:
How to send the key to the recipient
in a safe way.
Key exchange problem in
cryptography!
The key exchange problem is solved
by using different keys for encryption
and decryption, with no need to
exchange keys-
Algorithm for text messages:
Every alphabet is replaced by the xth
alphabet following it. The value of x is
contained in the key.
Another example of symmetric key
cryptography.
The key has to be transmitted
physically.
An open communication channel
cannot be used!

Operations used by encryption

algorithms:
Substitution was first used by Julius
Caesar (?).
In his method each character is
advanced by three spaces.
Eg:
THIS IS SUBSTITUTION CIPHER

becomes

WKLV LV VXEVWLWXWLRQ FLSKHU

Substitution ciphers like Casers
cipher (also known an mono-
alphabetic ciphers) can be easily
broken by frequency analysis.
Poly-alphabetic ciphers, invented by
Vigenere in the 16th century are
slightly more difficult to crack.
In poly-alphabetic ciphers, the one-
to-one correspondence between plain
text and cipher text (which is found in
mono-alphabetic ciphers) is absent.
Instead an alphabet may be
replaced by one of many characters
Example:
Suppose we are trying to encipher

ATTACK AT ONCE

with

READY

We arrange repetitions of the key

below the plaintext as shown below:
00 19 19 00 02 1000 19 14 13 02 04
17 04 00 03 24 1704 00 03 24 17 04

The columns are then added modulo

26:

17 23 19 03 00 0104 19 17 11 19 08

Or converted to letters:
RXTDAB ET RLTI

A weakness of this approach is that

once the length of the keyword is
known, a coded message can be
Transposition:
Permutes the bits in plaintext.
If the resultant cipher text is put
through more transpositions, the end
result is more security.

XOR

Length of key is critical.

Today the most secure algorithms use
128 bit keys or even longer
Minimum Key requirements for different
applications:
Type of information Lifetime Minimum
key
length
(bits)
Tactical Military Minutes/hour 56-64
s
Product Days/weeks 64
announcements
Interest rates Days/weeks 64
Trade secrets Decades 112
Nuclear bomb secrets > 50 years 128
Identities of spies > 50 years 128
Personal affairs > 60 years 128
Diplomatic > 70 years > 128
embarrassments
Even without keys, text encrypted by
substitution can be broken:
Using Frequency analysis
Want to know more:
Read The Code book
By Simon Singh

Symmetric algorithms:
Block ciphers operates on groups of
bits.
Each block is processed many
times.
Stream Cipher operates on one bit
at a time. Key stream is same
Data Encryption Standard (DES)
Created by IBM.
1. Provides a high level of security
2. The security depends on the keys,
not the secrecy of the algorithm.
3. The security is capable of being
evaluated.
4. The algorithm is completely
specified and easy to understand.
5. It is efficient to use and adaptable.
6. Must be available to all users.
DEA has a 64 bit block size and uses a
56 bit key during execution (8 parity
bits are removed from the 64 bit key).

DEA is a 16 round symmetric

cryptosystem designed for hardware
implementation.

First a transposition is carried out

according to a set table.
The 64 bit plaintext is then split into
two 32 bit blocks and 16 identical
operations called rounds are carried
out on each half.
Public key cryptography: (Asymmetric
encryption)
Developed by Diffe and Hellman
Two keys private and public
Suppose we want to send an
encrypted message to recipient A,
then we use the public key of A to
encrypt.
When the message is received by A,
he will use his private key to decrypt.
Each person has his own set of public
and private keys.
The RSA Algorithm:
Created by Rivest Shamir and
Adleman in 1977

Public key algorithms rely on it being

computationally unfeasible to recover
the private key from the public key.

RSA relies on the fact that it is easy to

multiply two large prime numbers
together, but extremely hard (time
consuming) to factor them back.
The algorithm:
Two very large prime numbers, normally of
equal length, are randomly chosen, then
multiplied.

N=AxB
T = (A-1) x (B-1)

A third number is then chosen randomly as

the public key (E) such that it has no
common factors (i.e., is relatively co-prime)
with T.

The private key D is then:

D = E-1 mod T
Here D is the multiplicative inverse of E in
To encrypt a block of plaintext (M) into
ciphertext(C):
C = ME mod N

To decrypt:
M = CD mod N

Example:
A = 37
B = 23
N = 37 x 23 = 851
T = (37-1)x(23-1) = 792
E must have no common factors with T
(792)
D (private key) = 5-1 mod 792 = 317

To encrypt a message (M) of the

character G
Represent G as 7 (7th letter in the
alphabet)
M=7
C = 75 mod 851 = 638

To decrypt
M = 638317 mod 851 = 7

Here actually the pair of numbers E

and N form the public key, whereas
Proof of the RSA algorithm:

C M E (mod N )

D
C M E D
M 1Tn
M (mod N )

The above proof relies on Fermats

little theorem which states that:
N 1
a 1(mod N )
Where N is prime and is not a factor of
a
Proof of Fermats little theorem:
(proof of his last theorem is 300 pages
long!)
Consider the first p-1 positive
multiples of a; i.e, the
integers
a,2a,3a,.,(p-1)a
None of these numbers is congruent
modulo p ra to any
sa (mod N ) nor is it
other,
congruent to zero.
Then
Indeed,r ifis congruent to s which is
impossible. Therefore, the set of
integers mentioned above must be
congruent modulo N to 1,2,3,.,N-1
 a.2a.3a....( N 1)a 1.2.3.....( N 1)

N 1
a ( N 1)! ( N 1)!(mod p )
Note that the converse of Fermats
little theorem does not hold.
That is if some integer N satisfies the
relation it is not necessarily prime.
Questions:
1. Why does E have to co-prime with
T?

Ans: Else you cannot define a

multiplicative inverse!

2. How do we pick prime numbers?

. Sieve of Eratosthenes
. Choosing a number at random (or
which can possibly be a prime and
then testing it for primality.
For example multiply all prime
Sometimes this number,i.e, p# + 1
( where p# is the product of all primes
upto p) is not prime.

For example:
2 x 3 x 5 x 7 x 11 x 13
+1= 30031
= 59 x 509
So p# + 1 is a possible candidate, but
it has to be tested for primality.

Testing for primality:

Divide given number by all primes

Hackers try to factorize N and hence
crack the code.
Therefore length of the key has to
increased to improve the security.

Currently RSA laboratories

recommend key sizes of 768 bits for
personal use, 1024 bits for corporate
use and 2048 bits for extremely
valuable keys (those used by
certifying authorities .

Security can be increased by

frequently changing the keys,
It has been estimated that the
quickest factoring algorithm known,
will use approximately 1023 computer
operations to resolve an integer with
200 digits into its prime factors.
Assuming that each operation takes 1
nanosecond,
The factorization time would be
approximately
3 x 106 years.
However, the time is a lot less if we
use networks of computers.
In 1994, a 129 digit number was
factorized into its prime factors using
Even without using huge keys, RSA is
about 1000 times slower to
encrypt/decrypt than DES.
Therefore it is not used as a
standalone cryptosystem.
It is used in hybrid cryptosystems like
PGP (Pretty Good Privacy)

In hybrid cryptosystems we encrypt

the plaintext with a symmetric
algorithm (usually DES or IDEA).
The symmetric algorithms key is then
encrypted with a public key algorithm
like RSA.
This is faster than using RSA
throughout, and allows a different key
to be used each time, enhancing the
security.
PGP:
1. A symmetric Cipher IDEA for
message encryption
2. A public key algorithm RSA to
encrypt the iDEA key
3. A one-way hash function for signing
4. A random number generator
The body of the message is encrypted
with IDEA
Therefore, PGP e-mails are faster
than ones using simple RSA.
The key for the IDEA module is
randomly generated each time as a
one-off session key.
MD5 is used to produce a hash of the
message, which can then be signed
by the senders private key (Digital
signature)
Digital Signature:
Provides authentication as well as
security.
Sender encrypts with his private key,
Then encrypts it again with the public
key of the recipient.
The recipient uses his private key to
open the message and then uses the
public key to verify the authenticity.

PGP uses a complex protocol for key

management.
Each user generates and distributes
their public key.

If James (a user) is happy that a

persons public key belongs to who it
claims to belong to,
then he can sign that persons public
key and
James program will then accept
messages from that person as valid.
The user can allocate levels of trust to
other users.
PGP allows many levels of trust to be
assigned to people as shown in figure:
 Fully partially partially
trusted trusted trusted (lesser
degree)
Key signing protocol

JAMES

EAR SARA JACO KAT

L H B E
SAM RACH BOB ARCHIE
EL
MIK
E HAL LOUISE
unsigned
Very hard to generate true random
numbers on a computer!
Why?
A computer is a deterministic
machine.
PGP measures the time interval
between key presses.
These measurements are used to
trigger a pseudo-random generator
Water-marks:
In invisible digital watermarking,
information is added as digital data
to audio, picture, or video, but it
cannot be perceived as such.
Steganography is closely related
(hiding messages within the least
significant bits of the image file).
Secure Communication using Chaos
functions:
Chaos functions have the property of
unpredictability.
If a hacker intercepts part of a
message, he will have no information
on how to predict what comes next.
Chaotic x behaviour
ax (1 x ) is exhibited by
n 1 n n
certain difference equations.
For a = 4, this function behaves like a
chaos function
0.1500 0.5100 0.9996
0.0016 0.0064 0.0254
0.0990 0.3567 0.9178
0.3016

Of course, it does not work for all

values of xo
Try xo = 0.5.
The sequence can be used in its
binary representation for
generating the key.
Chaos functions are extremely sensitive
to initial conditions (upto 10-30).
Therefore a hacker who knows the chao
function and the encryption algortihm
has to try 1030 keys.
However, chaos functions require a high
computational overhead to generate th
chaos values
as well as high computational speeds.
Hence not suitable for bulk encryption
Public key cryptography using the
Knapsack problem:
Knapsack problem: example

Plain text 10011 11010 01011 00000

1 6 8 15 1 6 8 15 1 6 8 15 1 6 8 15
Knapsack
24 24 24 24
1 + 15 + 1 + 6 + 15 6 + 15 +
Cipher text 0=0
24 = 40 = 22 24 = 45
When the Knapsack Algorithm is used
in public key cryptography, the idea is
to create two different knapsack
problems.
One is easy to solve, the other not.
The hard knapsack is derived from the
easy knapsack.
The hard knapsack becomes the public
key.
The easy knapsack is the private key.
The public key can be used to encrypt
messages, but cannot be used to
decrypt messages.
The private key decrypts the
Whats an easy knapsack problem?
The superincreasing knapsack
problem
A superincreasing sequence is one in
which the next term of the sequence
is greater than the sum of all
preceding terms.
For example, the set {1, 2, 4, 9, 20,
38} is superincreasing,
but the set {1, 2, 3, 9, 10, 24} is not
because 10 < 1+2+3+9.
Why is this easy to solve?
It is easy to solve a superincreasing
knapsack.
Simply take the total weight of the
knapsack and compare it with the
largest weight in the sequence.
If the total weight is less than the
number, then it is not in the
knapsack.
If the total weight is greater then
the number, it is in the knapsack.
Subtract the number from the total,
and compare with the next highest
number.
Keep working this way until the total
So, for example, if you have a
knapsack that weighs 23 that has
been made from the weights of the
superincreasing series (1, 2, 4, 9, 20,
38}

then it does not contain the weight 38

(as 38 > 23}

but it does contain the weight 20;

leaving 3;

which does not contain the weight 9

still leaving 3;
It is much harder to decrypt a non-
superincreasing knapsack problem

Example:
Consider the set {2,3,4,5,6,9,12} and if the
encrypted output is 17. How do you decode
it?

One algorithm that uses a superincreasing

knapsack for the private (easy) key and a
non-superincreasing knapsack for the public
key was created by Merkle and Hellman.
They did this by taking a superincreasing
knapsack problem and converting it into a
non-superincreasing one that could be
made public, using modular arithmetic.
Making the Public Key

To produce a normal knapsack

sequence, take a superincreasing
sequence; e.g. {1, 2, 4, 10, 20, 40}.
Multiply all the values by a number, n,
modulo m.
The modulus should be a number
greater than the sum of all the
numbers in the sequence, for
example, 110.
The multiplier should have no factors
in common with the modulus.
The normal knapsack sequence would be:

1 x 31 mod(110) = 31

2 x 31 mod(110) = 62

4x 31 mod(110) = 14

10 x 31 mod(110) = 90

20 x 31 mod(110) = 70

40 x 31 mod(110) = 30
So the public key is: {31, 62, 14, 90,
70, 30} and
the private key is {1, 2, 4, 10, 20, 40}.

Let's try to send a message that is in

binary code:
100100111100101110

The knapsack contains six weights so

we need to split the message into
groups of six:

100100
111100
This corresponds to three sets of
weights with totals as follows:

100100 = 31 + 90 = 121

111100 = 31+62+14+90 = 197

101110 = 31+14+90+70 =205

So the coded message is 121 197 205.

Now the receiver has to decode the
message...

The person decoding must know the

two numbers 110 and 31 (the modulus
and the multiplier).
Let's call the modulus "m" and the
number you multiply by "n".
We need n1, which is a multiplicative
inverse of n mod m, i.e. n(n1) = 1 mod
m
In this case n1 is 71.
All you then have to do is multiply
each of the codes by 71 mod 110 to
find the total in the knapsack which
contains {1, 2, 4, 10, 20, 40}
and hence decode the message.

The coded message is 121 197 205:

121*71 mod(110) = 11 = 100100

197*71 mod(110) = 17 = 111100

205*71 mod(110) = 35 = 10111

The decoded message is:

100100111100101110.

Warning:
Simple and short knapsack codes are
far too easy to break to be of any real
use.
For a knapsack code to be reasonably
secure it would need well over 200
terms each of length 200 bits.
It has been shown that Knapsack
problem is solvable in Polynomial
time! This was done by Shamir (of