Category: cryptography

Cryptography – Transposition Techniques ”; Previous Next The transposition technique is a kind of encryption that works by performing permutation on the given plaintext. Transposition ciphers are created by using the transposition technique to map normal text into ciphertext. This chapter will cover multiple uses of the transposition technique as well as the variations between transposition and the substitution technique. On the other hand, the substitution approach substitutes a symbol in plaintext with a symbol in ciphertext. However, the transposition method generates the ciphertext by applying permutation to the original plaintext. Transposition Techniques Rail Fence Transposition Columnar Transposition Columnar Transposition – Multiple Rounds Book Cipher/Running Key Cipher Vernam Cipher Let us discuss these techniques one by one in the below sections − Rail Fence Transposition Rail-Fence is a basic Transposition method in which plaintext is written as a series of diagonals, which is then read row by row to generate the ciphertext. Algorithm Step 1: A series of diagonals is used to write the plaintext. Step 2: The text is then read as a sequence of rows in order to extract the ciphertext. To help you understand it, let me to give you an example. Plaintext: Let us meet Today We will now write this simple sentence in a diagonal format, as you can see below, following a specific order − We can see why it was given the term “Rail Fence” by looking at the image, which actually looks like a rail fence. After writing the message as a series of diagonals, you must read it as a series of rows in order to extract the ciphertext. Therefore, after reading the first row, the ciphertext”s first half will be − Ltsetoa We will decipher the second part of the ciphertext by reading the second row of the Rail Fence − eumeTdy Now, we will add the two sides of the ciphertext together to get the full ciphertext, which is as follows − Ciphertext: LTSETOAEUMETDY The rail fence cipher is simple to use and even simpler to break for a cryptanalyst. Thus, a more complex method is required. Columnar Transposition In comparison to the rail fence, the columnar transposition cipher is more complex. To get ciphertext using this method, use these steps − Algorithm Step 1: The plain text is written in a row-by-row pattern in a rectangular matrix of the given size. Step 2: To get the ciphertext, read the text from a rectangular matrix column by column. However, before reading the data column by column, you must first permute the column order. The received message is the ciphertext message. To understand columnar transposition, consider this example − Plain text: Let us meet Today Place the plaintext in a predefined−size rectangle. In our case, the rectangle”s defined size is 3×5. The image below shows plaintext placed in a 3×5 rectangle. Also, we permuted the column order. To get the ciphertext, we need to read the plaintext column by column in a permuted column order. So the ciphertext created using columnar transposition cipher is as follows − Ciphertext: LUETAESEOYEMTD Similar to the rail fence cipher, the columnar cipher can be easily broken. The cryptanalyst just needs to test a few permutations and combinations of the column order to obtain the permuted column order resulting in the original message. As a result, a more complicated method had to be used to secure the encryption. Columnar Transposition – Multiple Rounds/ Improved Columnar Transposition It is same as the simple columnar method but offers an improvement. This columnar method is applied to the plaintext more than once. The steps for using the columnar approach with multiple rounds are as follows − Algorithm Step 1: Plaintext is written in a predefined rectangle, row by row. Step 2: To get the ciphertext, read the plaintext in the rectangle, column by column. Before reading the text in a rectangle column by column, rearrange the columns in the same manner as in the basic columnar technique. Step 3: To produce the final ciphertext, repeat the steps above several times. So now we will perform first round as per the above method and after first round the ciphertext will be as mentioned below − Ciphertext: LUETAESEOYEMTD To decipher the ciphertext for round 2, arrange the first round”s ciphertext in a 3×5 rectangle and rearrange the columns. The extracted ciphertext for round 2 is LSYETMOATTEMUD. In this method, we can execute as many iterations as needed. Increasing the number of repetitions increases the complexity. Book Cipher/Running Key Cipher The book cipher, also known as the running key cipher, operates on the same basic principles as the one-time pad cipher. In onetime pad cipher, the key has the same length as the plaintext and is deleted after use. Every time a new key is used to send a new message. The key or onetime pad is extracted from the book, which is an improvement over the onetime pad in Book Cipher. Let us outline the various stages − Step 1: Convert plaintext to numeric form: A=0, B=1, C=3, …Z=25. Step 2: Take a one-time pad or key from any of the books and convert it to numeric format. But the key has to be the same length as the plain text. Step 3: Now combine the numeric forms of plain text and key, matching each plaintext letter with the corresponding key text letter. If the sum of any plaintext letter and the matching key text letter exceeds 26, subtract 26. Let us discuss this with an example − Plain text: Meet tomorrow. The key is from the book: ANENCRYPTION. Now we have to turn this plaintext and key text into numeric form and combine them to get ciphertext, as seen in the image below − Add the numeric form of plaintext and key text. So after adding both the values we will get 12 7 8 32 21 31 36 29 36 25 28 35 − Now we have some numbers in the above outcome (shown

Cryptography – Columnar Transposition ”; Previous Next One type of transposition cipher that represents plaintext in matrix form is called the Columnar Transposition Cipher. Writing the plaintext out in rows and reading the ciphertext out one column at a time is known as columnar transposition. In this tutorial, we have described the columnar transposition cipher”s encryption and decryption methods. Probably the most researched transposition cipher is columnar transposition. How it Works? The message is structured as a 2-dimensional array. The length of the message determines how many rows and columns there will be. If the message is 30 characters long (including spaces), there is a 50% chance that there will be 15 rows and 2 columns, 10 rows, 3 rows, 5 rows, or 6 rows. Keep in mind that we have to append a dummy letter at the end of the message if its length exceeds 29. Encryption See the encryption process of Columnar transposition cipher below − First, the plaintext is written in the rows that are defined in advance, with the key determining the length. The order in which the plaintext”s columns are transposed can be determined using the key. The ciphertext is then created by reading the transposed plaintext column by column. Decryption So the decryption process of the columnar transposition cipher is as follows − Using the same key that was used for encryption, the ciphertext is first transposed by columns. The plaintext can be retrieved by reading the transposed ciphertext row by row. Example of Columnar Transposition If the message says, “The attack will start on Monday,” so as we can see that it is 28 characters long. However, if we add the dummy letters “x” and “x” at the end, the message will be 30 characters long. We can figure out 30 = 10 X 3 and In the case that (2,3,1) is the key, the columns are arranged as follows − The Plaintext: “the attack will start on Monday” The Ciphertext − “HAA LSROMDXETCWLTTNOAXT TKI A NY” is the Ciphertext, which is calculated from the reading on the table by columns. We rearrange the letters of a keyword, like “TWO,” in an alphabetical order to make the key easier to recall. Thus, the array columns will be rearranged using the key (2,3,1). Key Features The key features for Columnar Transposition cipher is as follows − One kind of transposition cipher is the columnar cipher, which requires rearranging the plaintext into columns before encryption. Since the key is symmetric, it can be used for both encryption and decryption. The columnar transposition cipher allows for a variable key size. The key comprises of a permutation of the integers 1 to N, where N is the plaintext”s length. Cryptanalysis can break a columnar transposition cipher, particularly when the plaintext has repetitive patterns or the key is short. Use Cases of Columnar Transposition Cipher Applications for columnar transposition cipher are many like data protection, military communications, and espionage. It works particularly well for situations when the plaintext includes long, repetitive patterns, like binary data or DNA sequences. To increase the security of the encrypted data, columnar transposition ciphers can also be used when combined with other encryption techniques, like substitution ciphers. Implementation Now we will implement the Columnar Transposition Cipher using Python, Java, C++ and Javascript. Implement using Python The code will demonstrate how to encrypt a plaintext message and then decrypt the ciphertext back to plaintext using the Columnar Transposition Cipher in Python programming language. Example def columnar_encrypt(plaintext, keyword): matrix = create_encryption_matrix(len(keyword), plaintext) keyword_sequence = get_keyword_sequence(keyword) ciphertext = “” for num in range(len(keyword_sequence)): pos = keyword_sequence.index(num + 1) for row in range(len(matrix)): if len(matrix[row]) > pos: ciphertext += matrix[row][pos] return ciphertext def create_encryption_matrix(width, plaintext): r = 0 c = 0 matrix = [[]] for pos, ch in enumerate(plaintext): matrix[r].append(ch) c += 1 if c >= width: c = 0 r += 1 matrix.append([]) return matrix def get_keyword_sequence(keyword): sequence = [] for pos, ch in enumerate(keyword): previous_letters = keyword[:pos] new_number = 1 for previous_pos, previous_ch in enumerate(previous_letters): if previous_ch > ch: sequence[previous_pos] += 1 else: new_number += 1 sequence.append(new_number) return sequence def columnar_decrypt(ciphertext, keyword): matrix = create_encryption_matrix(len(keyword), ciphertext) keyword_sequence = get_keyword_sequence(keyword) plaintext = “” index = 0 for num in range(len(keyword_sequence)): pos = keyword_sequence.index(num + 1) for row in range(len(matrix)): if len(matrix[row]) > pos: matrix[row][pos] = ciphertext[index] index += 1 for row in range(len(matrix)): for col in range(len(matrix[row])): plaintext += matrix[row][col] return plaintext # Execution of the functions plaintext = “Tutorialspoint is best” keyword = “railfence” ciphertext = columnar_encrypt(plaintext, keyword) print(“The Encrypted Text:”, ciphertext) decrypted_text = columnar_decrypt(ciphertext, keyword) print(“The Decrypted Text:”, decrypted_text) Following is the output of the above example − Input/Output The Encrypted Text: uoelsi s rttisontaiTpb The Decrypted Text: Tutorialspoint is best Implement using Java So now we will implement the Columnar transposition cipher using Java programming language. And we will use util package of java which is used to import the Map interface and the HashMap class. So the code is as follows − Example import java.util.*; public class ColumnarCipher { // Define the Key static final String encryptionKey = “BEST”; static Map<Character, Integer> keyMap = new HashMap<>(); static void setPermutationOrder() { // Add the permutation order into the map for (int i = 0; i < encryptionKey.length(); i++) { keyMap.put(encryptionKey.charAt(i), i); } } // Encryption Function static String encrypt(String plaintext) { int rows, columns; StringBuilder ciphertext = new StringBuilder(); // Number of columns in the matrix columns = encryptionKey.length(); // Maximum number of rows in the matrix rows = (int) Math.ceil((double) plaintext.length() / columns); char[][] matrix = new char[rows][columns]; for (int i = 0, k = 0; i < rows; i++) { for (int j = 0; j < columns; ) { if (k < plaintext.length()) { char ch = plaintext.charAt(k); if (Character.isLetter(ch) || ch == ” ”) { matrix[i][j] = ch; j++; } k++; } else { /* Add padding character ”_” */ matrix[i][j] = ”_”; j++; } } } for (Map.Entry<Character, Integer> entry :

Cryptography – AES Transformation Function ”; Previous Next We will now go through each of the four AES transformations one by one. We describe the forward (encryption) algorithm, the inverse (decryption) algorithm, and the stage”s rationale for each step. Substitute Bytes Transformation The primary phase in the AES encryption process is the Substitute Bytes transformation, or SubBytes. Now we are going to study it − Purpose Making the encryption process non-linear is the goal of the SubBytes transformation. Using a pre-made substitution table called the S-box, each byte in the state matrix is changed to a new byte. This modification increases the encryption process” resilience to cryptanalysis techniques by introducing confusion. S−box An S-box is a fixed 16×16 matrix with 256 predefined byte values. Each byte in the S-box has a value that is determined by a specific mathematical process. The S-box”s one-to-one mapping of input and output bytes allows for reversibility. How it Works? During the SubBytes transformation, each byte in the state matrix is changed to match a byte from the S-box. Every byte in the state matrix is replaced individually, resulting in the creation of a new state matrix. This substitution phase improves the encryption process”s defence against various kinds of attacks, including differential cryptanalysis, by introducing non-linearity. Advantages SubBytes breaks any symmetries in the plaintext, which adds difficulty to the encryption. It increases the diffusion and confusion characteristics required for strong encryption. When a preset S-box is used, the inverse S-box ensures a constant and reversible replacement method, which makes it useful for decryption. As a result, the SubBytes transformation is important to the AES encryption process because it improves the non-linearity and confusion of the encrypted data, hence enhancing its security. It is a crucial component of the well-known AES encryption method that secures private information. ShiftRows Transformation The ShiftRows transformation is an important phase in the Advanced Encryption Standard (AES) encryption process. Let us see the working of this transformation − Purpose The purpose of the ShiftRows transformation is to produce diffusion in the state matrix, distributing each byte”s influence across the matrix. It contributes to creating uncertainty and raising the encryption”s complexity, which improves the ciphertext”s security. How it works? During the ShiftRows transformation, the bytes in each row of the state matrix are shifted continually to the left. The third row is moved by two positions, the fourth row by three positions, and the second row is shifted to the left by one position. The initial row remains unchanged. The shifting, which is carried out independently for each row in the state matrix, results in a new state matrix. Example Assume that our state matrix is 4×4 − [a0, a1, a2, a3] [b0, b1, b2, b3] [c0, c1, c2, c3] [d0, d1, d2, d3] Following the ShiftRows transformation − [a0, a1, a2, a3] [b1, b2, b3, b0] [c2, c3, c0, c1] [d3, d0, d1, d2] Advantages ShiftRows adds diffusion to the encryption process by rearranging the bytes within each row of the state matrix. It increases the overall security of the encryption by making sure that each byte in the state matrix influences several bytes in subsequent encryption rounds. A key component of the AES encryption process, the ShiftRows transformation adds to the difussion and confusion properties needed for robust encryption. It is essential to maintaining the security of encrypted data since it distributes each byte”s impact across the state matrix. MixColumns Transformation The MixColumns transformation is an additional step in the AES (Advanced Encryption Standard) encryption process. Let”s examine it now − Purpose The MixColumns transformation attempts to add diffusion and strengthen encryption security. It operates on the columns of the state matrix by treating each column as a polynomial over a finite field. MixColumns provide confusion and make the encryption process resistant to various cryptanalysis techniques. How it Works? During the MixColumns transformation, a fixed matrix transformation is multiplied by each column of the state matrix. This transformation requires multiplying each column by a certain matrix and then translating the output modulo a predefined polynomial. Each column of the original state matrix is multiplied and reduced independently to create a new state matrix. Example Let us consider a matix of 4×4 − [a0, a1, a2, a3] [b0, b1, b2, b3] [c0, c1, c2, c3] [d0, d1, d2, d3] After the MixColumns transformation − [a0”, a1”, a2”, a3”] [b0”, b1”, b2”, b3”] [c0”, c1”, c2”, c3”] [d0”, d1”, d2”, d3”] Advantages Diffusion is introduced into the encryption process using MixColumns, which mixes the bytes in each state matrix column. It increases overall encryption security by ensuring that each byte in the state matrix affects many bytes in subsequent encryption rounds. An integral component of the AES encryption process, the MixColumns transformation adds to the diffusion and confusion characteristics needed for strong encryption. By blending the bytes in every state matrix column, it is important for maintaining the security of encrypted data. AddRoundKey Transformation The AddRoundKey transformation is also an important step in the AES (Advanced Encryption Standard) encryption process. Let”s take a close look at it − Purpose The AddRoundKey transformation adds the encryption key to the encryption process. Because of the state matrix and a round key created from the original encryption key, every encryption round now depends on both the plaintext and the encryption key. This step integrates the secret key data into the encryption process to ensure that the resulting ciphertext is safely dependent on both the plaintext and the key. How it Works? During the AddRoundKey transformation, each byte in the state matrix is XORed with the corresponding byte of the round key. The original encryption key helps to generate the round key that is used in each round through the process of key expansion. A separate XOR operation is carried out for each byte in the state matrix, creating a new state matrix. Example Let us say we have our state matrix of 4×4 − [a0, a1, a2, a3] [b0, b1, b2, b3]

Cryptography – Key Revocation ”; Previous Next The process of discarding a compromised, expired, or now not required public key certificate or symmetric encryption secret is referred to as key revocation. The act of making and distributing a new key to update the only that was revoked is known as key renewal. A wide variety of factors can motive a key to be revoked or renewed, along with a person request, a coverage alternate, a safety breach, or the secret”s expiration date. Importance of Key Revocation The security and integrity of PKI and encryption depend on key revocation and renewal. An attacker can make use of a compromised key to access private data, fake or decode messages, or mimic the identity of someone else. An expired key can result in errors or failures when attempting to access data or communicate. A key that is no longer required may block the system and raise the possibility of misuse. Revocation and renewal of keys can avoid these issues and ensure that only valid, current keys are utilised. How to revoke a key? A key can be removed in loads of approaches, relying on its type and size. Using a Certificate Revocation List (CRL) or a list of revoked certificates posted with the aid of a Certificate Authority (CA) is the maximum famous way to achieve public key certificates. Users or apps that rely on certificates can test the CRL to verify the validity of the certificates. Implementing the Online Certificate Status Protocol (OCSP), which lets in customers or apps to question the CA immediately about the certificate reputation, is a new era. The use of a key control system (KMS), which is a system that manages the technology, distribution, garage, and revocation of symmetric encryption keys, is the maximum common technique KMS can revoke the important thing with the aid of announcing invalid or get rid of from the system. How to renew a key? Depending on the type and size of the key, there are many ways to renew it. Using a certificate renewal process, which enables the certificate holder to seek a new certificate from the CA before the current one expires, is the most popular technique for obtaining public key certificates. With the same or updated information and a new expiration date, the CA can issue a fresh certificate. Creating a new public-private key pair and requesting a new certificate from the CA with the updated public key is another way to approach things. This is known as the certificate reset process. The most popular technique for symmetric encryption keys is to use a key rotation process, which involves creating and distributing a new key on a regular basis or in response to specified requirements. For backward compatibility reasons, the previous key can either be removed or kept for a brief period of time. Challenges of Key Revocation PKI and encryption can have a number of problems with key revocation and renewal. One reason is that problems with scalability come when the amount and size of keys and certificates grow, adding to the complexity and overhead of handling them. Also, delays or irregularities brought on by human mistake, caching, synchronisation, or network latency can affect timeliness and risk the security and accessibility of data and communication. Lastly, when revoked or renewed, compatibility problems across various protocols, standards, platforms, or apps may surface, which could compromise data interoperability and communication functioning. Best Practices of Key Revocation By implementing best practices like automation, regulation, and monitoring, key revocation and renewal can be improved easier. Automation can increase productivity and decrease human error, while a policy can give stakeholders direction and accountability. Also, keeping an eye on the key revocation and renewal procedures can give insight into the functionality and condition of keys and certificates. Tools, logs, or alerts that monitor, record, or notify of any problems or irregularities related to key revocation and renewal can be used to accomplish this. Print Page Previous Next Advertisements ”;

Message Authentication ”; Previous Next In the last chapter, we discussed the data integrity threats and the use of hashing technique to detect if any modification attacks have taken place on the data. Another type of threat that exist for data is the lack of message authentication. In this threat, the user is not sure about the originator of the message. Message authentication can be provided using the cryptographic techniques that use secret keys as done in case of encryption. Message Authentication Code (MAC) MAC algorithm is a symmetric key cryptographic technique to provide message authentication. For establishing MAC process, the sender and receiver share a symmetric key K. Essentially, a MAC is an encrypted checksum generated on the underlying message that is sent along with a message to ensure message authentication. The process of using MAC for authentication is depicted in the following illustration − Let us now try to understand the entire process in detail − The sender uses some publicly known MAC algorithm, inputs the message and the secret key K and produces a MAC value. Similar to hash, MAC function also compresses an arbitrary long input into a fixed length output. The major difference between hash and MAC is that MAC uses secret key during the compression. The sender forwards the message along with the MAC. Here, we assume that the message is sent in the clear, as we are concerned of providing message origin authentication, not confidentiality. If confidentiality is required then the message needs encryption. On receipt of the message and the MAC, the receiver feeds the received message and the shared secret key K into the MAC algorithm and re-computes the MAC value. The receiver now checks equality of freshly computed MAC with the MAC received from the sender. If they match, then the receiver accepts the message and assures himself that the message has been sent by the intended sender. If the computed MAC does not match the MAC sent by the sender, the receiver cannot determine whether it is the message that has been altered or it is the origin that has been falsified. As a bottom-line, a receiver safely assumes that the message is not the genuine. Limitations of MAC There are two major limitations of MAC, both due to its symmetric nature of operation − Establishment of Shared Secret. It can provide message authentication among pre-decided legitimate users who have shared key. This requires establishment of shared secret prior to use of MAC. Inability to Provide Non-Repudiation Non-repudiation is the assurance that a message originator cannot deny any previously sent messages and commitments or actions. MAC technique does not provide a non-repudiation service. If the sender and receiver get involved in a dispute over message origination, MACs cannot provide a proof that a message was indeed sent by the sender. Though no third party can compute the MAC, still sender could deny having sent the message and claim that the receiver forged it, as it is impossible to determine which of the two parties computed the MAC. Both these limitations can be overcome by using the public key based digital signatures discussed in following section. Print Page Previous Next Advertisements ”;

Cryptography – Advanced Encryption Standards ”; Previous Next An FIPS-approved cryptographic technique that can be used for securing electronic data is specified by the Advanced Encryption Standard (AES). Information can be encrypted and decrypted with the symmetric block cipher method known as the AES algorithm. Data that has been encrypted is transformed into ciphertext, an unreadable form; data that has been decrypted is returned to plaintext, the original form. Data can be encrypted and decrypted in blocks of 128 bits using the AES method with cryptographic keys of 128, 192, and 256 bits. How AES encryption works? Three block ciphers, or cryptographic keys, are part of AES − AES-128 encrypts and decrypts message blocks using keys of a length of 128 bits. Message blocks are encrypted and decrypted using a 192-bit key length by AES-192. Message blocks are encrypted and decrypted using a 256-bit key length using AES-256. Each cipher uses cryptographic keys of 128, 192, and 256 bits, respectively, to encrypt and decrypt data in blocks of 128 bits. Ten, twelve, and fourteen encryption rounds are carried out to the 128-bit, 192-bit, and 256-bit keys, respectively. A round of processing involves a number of processes, like mixing, transposition, and substitution of the plaintext input to create the final ciphertext output. The original data is secure and the encryption becomes more difficult to break the more rounds there are. Many data transformations are carried out in AES. The data is first placed into an array, and then several encryption rounds are performed with the cipher transformations. Using a substitution table and an existing cipher, data substitution is the initial transformation. With the exception of the first row, every data row is moved by one in the second transformation. The Hill cipher is used in the third transformation to combine columns. Each column, or data block, undergoes the final transformation using a distinct encryption key or a subset of it. Larger keys are needed for more rounds to complete. The message recipient decrypts the message by using a copy of the cipher to remove the many encryption layers and return the ciphertext to plaintext. They can read the communication after conversion and be sure that no one else has intercepted or read it. Applicability AES development was initiated in 1997 by the National Institute of Standards and Technology, also known as NIST. AES was adopted as the standard method of encryption in June 2003 for securing classified information, including data from the government. In addition, it became the first open cipher that the National Security Agency has authorised for use in the public domain to protect national security systems and Top Secret data. The ISO/IEC 18033-3 standard from the International Organisation for Standardisation also includes AES and describes block ciphers that improve data confidentiality. One of the most widely used symmetric key cryptography algorithms nowadays for a variety of encryption uses in both commercial and government settings is AES. Here are a few examples − Information on storage devices, like USB drives and hard drives. Apps for electronic communication. Libraries for programming. Web Browsers. Compression of Files and Discs. Wireless Systems. Databases. Passwords and Login Credentials. VPNs. Federal departments and agencies can use this standard if they decide that cryptographic protection is required for sensitive (unclassified) information, as that term is defined in P. L. 100-235. This standard can be used in addition to, or instead of, other FIPS-approved cryptographic algorithms. Instead of using this standard, federal departments or agencies that use cryptographic devices to secure sensitive (unclassified) information can use the same devices to protect sensitive data. Additionally, organisations outside of the federal government can adopt and apply this standard. Features of AES The main features of AES encryption is as follows − AES is a subset of Rijndael block cipher. It is a successor of Data Encryption Standard (DES) and is stronger and faster than DES. It is a symmetric key symmetric block cipher. It operates on 128-bit (16 bytes) data. The cipher key may be of 128, 192 or 256 bits. All computations are performed on bytes rather than bits. AES gives full specification and design details. It can be implemented using languages C and Java for software protection. Analysis of AES In present day cryptography, AES is widely adopted and supported in both hardware and software. Till date, no practical cryptanalytic attacks against AES has been discovered. Additionally, AES has built-in flexibility of key length, which allows a degree of ”future-proofing” against progress in the ability to perform exhaustive key searches. However, just as for DES, the AES security is assured only if it is correctly implemented and good key management is employed. Advantages Comparing the AES algorithm to prior algorithms like the Data Encryption Standard (DES), there are a number of benefits − Since AES uses several encryption rounds, it is more difficult to break and more difficult for attackers to intercept or steal encrypted data using brute-force attacks. As a result, AES offers higher protection. AES is an open source solution that is easily accessible, which lowers the cost of adoption and implementation. Due to its simplicity and flexibility, AES can be implemented in both software and hardware. Since the 2000 standard”s finalisation, research on AES encryption attacks has continued. Numerous investigators have disseminated assaults against AES variants with decreased rounds. AES Security In order to protect official government data, the National Security Agency (NSA) authorised the use of AES (Advanced Encryption Standard) in 2003. It can handle keys with lengths of 192, 256, or 128 bits; longer keys are recommended for material that is more highly classified. While there have been AES attacks, most of them are conditional or unknown. Implementation flaws are used by side-channel attacks that have been demonstrated. Quantum computers can be a threat to AES-192 and AES-128, but AES-256 is generally unaffected. Taking everything into account, AES is still widely used and safe when used correctly. Prevent Attack on AES It is important to take the

Cryptography – MonoAlphabetic Cipher ”; Previous Next The substitution cipher is one of the oldest types of encryption algorithms because it produces each character in a plaintext message and then uses a substitution method to replace it with a new character in the ciphertext. The Monoalphabetic Substitution Cipher is also known as the “Simple Substitution Cipher”. Monoalphabetic Substitution Ciphers use an individual key mapping function K to replace a specific character α with a character from the mapping K (α). A mono-alphabetic substitution cipher is one in which the equivalent letters of the plaintext are replaced with the identical letters from the ciphertext. Mono, which means one, indicates that each letter of the plaintext has a single substitution in the ciphertext. Characteristics Mono-alphabetic ciphers are a type of substitution wherein the connection among a symbol in the plaintext and a symbol in the ciphertext is continually one-to-one and remains regular during the encryption system. Example: Caesar cipher Caesar cipher is a monoalphabetic cipher. It uses a similar replacement mechanism to get the ciphertext characters for each plaintext character. Caesar cipher makes it easy for a hacker to crack the key because it only supports 25 keys in total. This pit is covered with a monoalphabetic cipher. Example Analysis If the plaintext is “TREE”, the ciphertext can be “ADOO”, indicating that the cipher is potentially mono-alphabetic because both “O”s in the plaintext are encrypted with “E”s in the cypher text. Types of Monoalphabetic Ciphers There are mainly 4 types of Mono-alphabetic Ciphers − Additive Ciphers Additive ciphers are monoalphabetic ciphers that change each individual character in the plaintext to a different character within the ciphertext based totally on the key value utilised. For example, if the plaintext carries the character ”a” and the value of the key is 4, ”a” will be replaced with ”e” because to the fact that ”e” is 4 characters away from ”a” according to the key we have used for the additive monoalphabetic cipher process. The additive cipher is mathematically represented as follows − To encrypt plaintext using an additive monoalphabetic cipher, use the formula C=(P+k) mod 26. In this, P represents the plaintext character, k is the encryption key, and C offers the needed ciphertext. The formula for decrypting ciphertext to plaintext in additive ciphers is P=(C-k) mod 26. Here, P is the plaintext, C is the ciphertext to be converted, and k is the key. Caeser Cipher Caeser cipher is a monoalphabetic cipher in which each character in plaintext is transferred to another character by a distance of three. It is simply an additive cipher with a constant key value of 3. For example, if the plaintext contains the character ”a”, the ciphertext counterpart will have the value ”d” because the Caeser cipher”s key value is 3. The Caeser cipher is mathematically represented as follows − Encryption Process − The Caeser cipher uses the formula C=(P+3) mod 26 to encode plaintext into ciphertext. Here, P is the plaintext, C is the ciphertext, and 3 is the key, which is always the same in the Caeser cipher. Decryption process − To decrypt ciphertext into plaintext using Caeser cipher, use the formula P=(C-3) mod 26. In this example, P and C represent plaintext and ciphertext, respectively, while 3 is the key. Multiplicative Cipher A multiplicative cipher is a sort of monoalphabetic cipher in which a character in the plaintext is multiplied by the key, followed by the modulus function. For example, if the plaintext contains the character ”h” and the key is set to 4, the value of the ciphertext is ”x”. Multiplicative cipher is mathematically represented as follows − Encryption Process − To encrypt plaintext using a multiplicative cipher, use the formula C=(P*k) mod 26. Here, P represents plaintext, C is ciphertext, and K is the key. Decryption Process − The formula for decrypting ciphertext to plaintext in multiplicative ciphers is P=(C*multiplicative inverse of k) mod 26. Affine Cipher Affine cIpher is one of the most powerful monoalphabetic ciphers. The affine cipher has two keys and uses a combination of additive and multiplicative ciphers to generate ciphertext from plaintext. The mathematical representation of the affine cipher is − Encryption process − To encrypt plaintext in an affine cipher, use the formula C=(P*k1+k2) mod 26. Here, C represents ciphertext, P represents plaintext, and k1 and k2 are the two keys used in an affine cipher. Decryption Process − The formula for decrypting ciphertext to plaintext in an affine cipher is P=((C-k2)/k1) mod 26. Advantages The substitute character symbols in Monoalphabetic cipher allow for a random permutation of 26 letters of the alphabet 26! The maximum number of alphabet permutations is 4*10^26. This complicates the hacker”s ability to get the key using brute force attacks. Vulnerability The Monoalphabetic Substitution cipher is vulnerable to frequency analysis attacks; such ciphers are not safe and are susceptible to a variety of attacks, one of them being their fixed key substitution. We will look at how frequency analysis-based attacks can be used against various ciphers. The concept behind frequency analysis depends on the fact that each letter in any language has a unique personality. The most noticeable characteristic of letters is the frequency with which they appear in a language. In English, the letter “Z” appears significantly less frequently than “A”. In the past, if you wanted to determine the frequencies of letters inside a language, you had to discover a significant amount of text and count each frequency. Now, however, we have computers that can do all of the work for us. But we do not even need to go to this phase because most languages have very precise letter frequency databases compiled from millions of documents. For example, if ”N” is encrypted with ”R” multiple times in a plaintext message, it will always be encrypted to ”R”. Summary Although the hacker will not be able to use brute force attacks, it is possible to consider the key utilising the All-Fearsome Statistical Attack. If a hacker

Cryptography – Decryption Transposition Cipher ”; Previous Next In the last chapter we learned about transposition cipher encryption. Now we will see decryption of transposition ciphers and its implementations using different methods. The decryption process simply involves reversing the steps of the encryption algorithm. We use the same key to find the correct order of reading the columns to recover the actual message. Algorithm for Transposition Cipher Decryption Below is the algorithm for Transposition Cipher decryption − Inputs Ciphertext − The encrypted message. Key − The same key used for encryption. Steps First we need to divide the ciphertext into rows as per the key length. Means we will create one row for each character in the key. Now we will create an empty grid with the same number of rows as the key length and a number of columns equal to the length of the ciphertext divided by the key length. Next we have to fill the grid as per the key. So iterate over the ciphertext characters to determine its column index. And add the character to the respective cell in the grid. Start with the first column and read characters downwards, moving to the next column once you reach the bottom. Continue this process for all columns. This rearranges the characters as per the original transposition order. Print the plaintext message. Example Inputs Ciphertext: OLHEL LWRDO Key: SECRET For example, if we know the key that is “SECRET” and the original message was transposed as per the order of the letters in the key. We can rearrange the columns like below − Key: S E C R E T Columns: 5, 1, 2, 4, 6, 3 Now, we will reorder the columns of the transposed message “OLHEL LWRDO” as per the key like this − S: O L E: H E C: L W R: H R E: E D T: L O Finally, we read the characters row by row to get the original message − Original Message: HELLO WORLD So, the decrypted message for the encrypted message “OLHEL LWRDO” using the key “SECRET” is “HELLO WORLD”. Yay! We have decrypted our message using a transposition cipher. Implementation using Python The decryption for transposition cipher can be implemented using different methods − Using Math Module Using Pyperclip module So let us see these two methods one by one in the following sections − Using Math Module This Python code decrypts a message that has been encrypted using a transposition cipher. And we will use a math module to perform mathematical operations mainly to calculate the number of columns needed to decrypt the message. And math.ceil() is used to round up the result of dividing the length of the message by the key. So this code efficiently decrypts transposition cipher messages. Example Below is a Python code for the transposition cipher decryption algorithm using the Math module. See the program below − import math def transposition_decrypt(key, message): num_of_columns = math.ceil(len(message) / key) num_of_rows = key num_of_shaded_boxes = (num_of_columns * num_of_rows) – len(message) plaintext = [””] * num_of_columns col = 0 row = 0 for symbol in message: plaintext[col] += symbol col += 1 if (col == num_of_columns) or (col == num_of_columns – 1 and row >= num_of_rows – num_of_shaded_boxes): col = 0 row += 1 return ””.join(plaintext) ciphertext = ”Toners raiCntisippoh” key = 6 plaintext = transposition_decrypt(key, ciphertext) print(“Cipher Text: “, ciphertext) print(“The plain text is: “, plaintext) Following is the output of the above example − Input/Output Cipher Text: Toners raiCntisippoh The plain text is: Transposition Cipher In the above output you can see that the ciphertext message was Toners raiCntisippoh and the decrypted message is Transposition Cipher. Using Pyperclip module In this example we will use the pyperclip module of Python and it is used to copy and paste clipboard functions. So we will use this module to copy our decrypted message on the clipboard. This code is similar to the above code but in this code we are using pyperclip module to copy the decrypted message to the clipboard. Example Below is a Python code for transposition cipher decryption algorithm using pyperclip module. Please check the code below − import math import pyperclip def transposition_decrypt(key, message): num_of_columns = math.ceil(len(message) / key) num_of_rows = key num_of_shaded_boxes = (num_of_columns * num_of_rows) – len(message) plaintext = [””] * num_of_columns col = 0 row = 0 for symbol in message: plaintext[col] += symbol col += 1 if (col == num_of_columns) or (col == num_of_columns – 1 and row >= num_of_rows – num_of_shaded_boxes): col = 0 row += 1 return ””.join(plaintext) ciphertext = ”Toners raiCntisippoh” key = 6 plaintext = transposition_decrypt(key, ciphertext) print(“Cipher Text:”, ciphertext) print(“The plain text is:”, plaintext) # Copy the decrypted plaintext to the clipboard pyperclip.copy(plaintext) print(“The Decrypted Message is Copied to the Clipboard”) Following is the output of the above example − Input/Output Cipher Text: Toners raiCntisippoh The plain text is: Transposition Cipher The Decrypted Message is Copied to the Clipboard In the above output we can see that the plain text is copied to the clipboard and there is a message seen that “The Decrypted Message is Copied to the Clipboard”. Implementation using Java In this we are going to use Java programming langugage to implement the decryption of transposition cipher. Basically we will reverse the process of encryption in this implementation using Java. See the code below in Java − Example public class TranspositionCipher { // Function to decrypt using transposition cipher public static String decrypt(String ciphertext, int key) { StringBuilder plaintext = new StringBuilder(); int cols = (int) Math.ceil((double) ciphertext.length() / key); char[][] matrix = new char[cols][key]; // Fill matrix with ciphertext characters int index = 0; for (int j = 0; j < key; ++j) { for (int i = 0; i < cols; ++i) { if (index < ciphertext.length()) matrix[i][j] = ciphertext.charAt(index++); else matrix[i][j] = ” ”; } } // Read matrix row-wise to get plaintext for (int i = 0; i <

Cryptography – Hacking Monoalphabetic Cipher ”; Previous Next In recent years, technology has become taken over in everyday life. It streamlines tasks like bill payment and online shopping. However, people often store sensitive information in online accounts, unaware of the ease with which hackers can access it. To understand this vulnerability, one must adopt the mindset of a hacker to recognize how they bypass security measures employed by companies. In cybersecurity, while companies are responsible for 50% of the protection, the other half lies with users and their effective use of provided security tools. Hackers employ techniques such as Frequency Analysis, Brute Force, and Phishing. Frequency Analysis is a basic cryptanalytic method used to crack monoalphabetic ciphers. Methods for Hacking Monoalphabetic Cipher Here are some of the methods for hacking or cryptanalysis a monoalphabetic cipher − Frequency Analysis − Different letters show up more often in English. The most common one is “E.” Studying how often letters pop up in the coded text can help you figure out which letter might stand for “E.” Once you know that, you can figure out the other letters. Pattern Spotting − See if there are any sequences that keep coming up in the coded text. Some combos of letters, like “TH” or “ING,” happen a lot in English. If you notice these combos, you can take a stab at which letters they represent. Guess and Check − Make smart guesses based on context. Example: If you suspect a word is “THE,” guess the letters that likely represent “T,” “H,” and “E.” Use this to uncover additional letters. Known Plaintext Attack − If you have both the original message (plaintext) and the encrypted message (ciphertext), you can use this information to figure out the encryption key. This method is very effective but often requires more resources. Brute Force − As a last resort, try every possible combination of letters until you find the correct one. This method takes a lot of time and is usually only feasible for short messages. Implementation using Python A monoalphabetic cipher uses a fixed substitution to encrypt the entire message. A monoalphabetic cipher utilising a Python dictionary and JSON objects. With the use of this dictionary, we can encrypt the letters and store the corresponding letters as values in JSON. The following program creates a monoalphabetic program in the form of a class that includes all encryption and decryption functions. Example from string import ascii_letters, digits from random import shuffle def random_monoalpha_cipher(pool=None): if pool is None: pool = ascii_letters + digits original_pool = list(pool) shuffled_pool = list(pool) shuffle(shuffled_pool) return dict(zip(original_pool, shuffled_pool)) def inverse_monoalpha_cipher(monoalpha_cipher): inverse_monoalpha = {} for key, value in monoalpha_cipher.items(): inverse_monoalpha[value] = key return inverse_monoalpha def encrypt_with_monoalpha(message, monoalpha_cipher): encrypted_message = [] for letter in message: encrypted_message.append(monoalpha_cipher.get(letter, letter)) return ””.join(encrypted_message) def decrypt_with_monoalpha(encrypted_message, monoalpha_cipher): return encrypt_with_monoalpha( encrypted_message, inverse_monoalpha_cipher(monoalpha_cipher) ) # Generate a random monoalphabetic cipher cipher = random_monoalpha_cipher() print(“Cipher:”, cipher) # Encrypt a message message = ”Hello all you hackers out there!” encrypted = encrypt_with_monoalpha(message, cipher) print(“Encrypted:”, encrypted) # Decrypt the message decrypted = decrypt_with_monoalpha(encrypted, cipher) print(“Decrypted:”, decrypted) When you implement the code given above, you will get the following output. Input/Output As a result, you can crack a monoalphabetic cipher using a defined key value combination, converting the ciphertext to plaintext. Implementation using Java The Java code is provided below has similar functionality to the Python code we have mentioned above. It can create a random monoalphabetic cipher, encrypt messages using that cipher, and decrypt the encrypted messages. See the code below − Example import java.util.*; public class MonoalphabeticCipher { public static Map<Character, Character> randomMonoalphaCipher(String pool) { List<Character> originalChar = new ArrayList<>(); List<Character> ShuffledChar = new ArrayList<>(); for (char c : pool.toCharArray()) { originalChar.add(c); ShuffledChar.add(c); } Collections.shuffle(ShuffledChar); Map<Character, Character> cipher = new HashMap<>(); for (int i = 0; i < originalChar.size(); i++) { cipher.put(originalChar.get(i), ShuffledChar.get(i)); } return cipher; } public static Map<Character, Character> inverseCharCipher(Map<Character, Character> monoalphaCipher) { Map<Character, Character> inverseChar = new HashMap<>(); for (Map.Entry<Character, Character> entry : monoalphaCipher.entrySet()) { inverseChar.put(entry.getValue(), entry.getKey()); } return inverseChar; } public static String encryptMessage(String message, Map<Character, Character> monoalphaCipher) { StringBuilder etMsg = new StringBuilder(); for (char letter : message.toCharArray()) { etMsg.append(monoalphaCipher.getOrDefault(letter, letter)); } return etMsg.toString(); } public static String decryptMessage(String etMsg, Map<Character, Character> monoalphaCipher) { return encryptMessage(etMsg, inverseCharCipher(monoalphaCipher)); } public static void main(String[] args) { String characters = “abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789”; Map<Character, Character> cipher = randomMonoalphaCipher(characters); System.out.println(“Cipher: ” + cipher); String message = “Hello all you hackers out there!”; String encrypted = encryptMessage(message, cipher); System.out.println(“Encrypted: ” + encrypted); String decrypted = decryptMessage(encrypted, cipher); System.out.println(“Decrypted: ” + decrypted); } } Following is the output of the above example − Input/Output Print Page Previous Next Advertisements ”;

Cryptography – ECDSA Algorithm ”; Previous Next The Elliptic Curve Digital Signature Algorithm, or ECDSA, is one of the most complex public key cryptography encryption techniques. Elliptic curve cryptography generates smaller keys than digital signature methods. A kind of public key encryption known as elliptic curve cryptography takes advantage of the algebraic structure of elliptic curves over finite fields. Elliptic curve cryptography is mostly used for creating pseudo-random numbers and digital signatures, among other things. A digital signature is an authentication mechanism that uses a public key pair and a digital certificate to validate the identity of the recipient or sender of information. What is Elliptic Curve Digital Signature Algorithm? ECDSA performs the same function as any other digital signature, but more efficiently. This is so that ECDSA, like other digital signature algorithms, can offer the same level of security using smaller keys. ECDSA is used to create ECDSA certificates, which are electronic documents used to authenticate the certificate”s owner. Certificates contain information on the key used to create the certificate, the certificate”s owner, and the issuer”s signature, which is a verified trusted entity. This trusted issuer is typically a certificate authority with a signed certificate that can be tracked back through the chain of trust to the original issuing certificate authority. ECDSA operates on elliptic curves by analysing them and selecting a point on the curve. That point is multiplied by another number, resulting in a new point on the curve. Even with the original point available, locating the new point on the curve is quite challenging. ECDSA”s complexity means that it is more secure than current encryption cracking methods. Along with being more secure against current attack methods, ECDSA has a number of additional benefits. Key and Signature Size The bit size of the private key considered to be required by ECDSA is approximately two times that of the security level, in bits, similar to elliptic-curve cryptography in general. For example, an ECDSA private key is approximately 160 bits in size at a security level of 80 bits, which needs an attacker to perform a maximum of around 280 operations to discover the private key. However, the signature size for DSA and ECDSA is the same: approximately 4t bits, where t is the exponent in the formula 2t for an 80 bit security level, that is, approximately 320 bits, or 280 operations. Signature Generation Imagine Alice wants to give Bob a signed message. They have to first agree on the parameters of the curve (CURVE, G, n). G, a base point of prime order on the curve, is required in addition to the field and equation of the curve; n is the multiplicative order of the point G. Parameter CURVE − the equation and field for elliptic curves used. G − base point of an elliptic curve; a point on the curve that produces a big prime order subgroup n. n − integer order of G, this indicates that n x G = O, where O is the identity element. dA − the randomly chosen private key. QA − the key public dA x G (elliptic curve calculation) m − the text to be transmitted The starting point G”s order n needs to be prime. In fact, Z/nZ has to be a field because we assume that each nonzero element of the ring is invertible. It means n has to be a prime number. Alice generates a pair of keys that consist of a public key curve point QA = dA x G and a private key integer dA, which is chosen at random from the interval [1, n-1]. The elliptic curve point multiplication by a scalar is represented by the symbol x. Sign a Message Alice does the following steps in order to sign a message − Determine e = HASH(m). (Here, HASH refers to a cryptographic hash algorithm that converts the output to an integer, like SHA-2.) Let z represent the leftmost Ln bits of e, where Ln denotes the group order n bit length. (Take note that z is not longer than n, although it can be.) Choose k, a random integer that is cryptographically secure, from [1, n-1]. Calculate the curve point where k x G = (x1, y1) = 0. Calculate r by taking x1 mod n. Refer back to step 3 if r = 0. S = k-1 (z + rdA) mod n, must be calculated. Refer back to step 3 if s = 0. The pair (r, s) is the signature. In addition, (r, -s mod n) is a valid signature. An additional method that the ECDSA signature could reveal private keys is if k is produced by an unreliable random number generator. August 2013, users of Android Bitcoin Wallet lost their money due to a random number creation error. You can produce deterministic signatures by deriving k from the message and the private key, so avoiding random number creation completely and ensuring that k is unique for every communication. Implementation of ECDSA using Python So basically we are going to use ecdsa library of python which provides functionality to work with the ECDSA algorithm. And also we will use hashlib library to convert the given message in the hash form. Here is a simple Python implementation of ECDSA with the help of the ecdsa and haslib library − Example from ecdsa import SigningKey, VerifyingKey, SECP256k1 import hashlib # Create a new private key private_key = SigningKey.generate(curve=SECP256k1) # Derive the public key from the private key public_key = private_key.verifying_key # Some message to sign message = b”Hello, Tutorialspoint!” # Hash the message hash_message = hashlib.sha256(message).digest() # Sign the hashed message with the private key signature = private_key.sign(hash_message) # Verify the signature using the public key is_valid = public_key.verify(signature, hash_message) if is_valid: print(“Signature is valid.”) else: print(“Signature is not valid.”) Following is the output of the above example − Input/Output To run the above code we need to install hashlib and ecdsa libraries of Python. To