Secret Key Cryptography
This article continues on Secret Key Cryptography from the article Cryptographic alogrithms (and if you don’t know what “cryptography” is check out the article Introduction to cryptography ).
Secret Key Cryptography (SKC) methods employ a single key for both encryption and decryption. Hence, the privacy of the key is integral to the security of the system. Since the same key is used at both ends of the communication, it is also called as Symmetric Key Cryptography. Secret key cryptography (SKC) was the only method used before 1976! One of the simplest and most widely known encryption techniques is the Caesar cipher, employed by Julius Ceasar.
Caesar cipher
It is a type of substitution cipher in which each letter in the plaintext is replaced by a letter some fixed number of positions down the alphabet. Hence, it is equivalent to shifting the alphabet by a specific number. For example, if we have shift value, which is the key to the cipher, as \(1\), \(A\) becomes \(Z\), \(B\) becomes \(A\) and so on till \(Y\) becomes \(X\) and finally, \(Z\) becomes \(Y\). Example for shift value as \(3\):
|
Plain: ABCDEFGHIJKLMNOPQRSTUVWXYZ Cipher: XYZABCDEFGHIJKLMNOPQRSTUVW |
Example of encryption using this cipher:
|
Plaintext: THE QUICK BROWN FOX JUMPS OVER THE LAZY DOG Ciphertext: QEB NRFZH YOLTK CLU GRJMP LSBO QEB IXWV ALD |
As you may have figured, deciphering is just shifting the cipher to the right by the same shift value \(n\), or equivalently, make a Cipher with shift value \(26-n\).
SKC algortihms can be majorly categorised into Stream ciphers and Block ciphers.
Stream ciphers
As the name suggests, we deal with a “stream” of information, which means the encryption/decryption takes place character by character for a text. So if we were to encrypt the word “dog” to “bxz”, we would have the encryption of a stream of individual characters – first ‘d’ to ‘b’, then ‘o’ to ‘x’, and finally ‘g’ to ‘z’. Now we can look at a more accurate, computer-based approach. As we know, computers store everything in 1’s and 0’s, called as ‘bits’ (for text, we use Unicode). So we essentially get a stream of these. Alongside this plaintext P, we have a “keystream” S, with which we combine to get the ciphertext C. The combination is done with the method:
| $$ ( P_{i} + S_{i} ) \mod 2 = C_{i} $$ for each position 'i' in a stream |
You may have realised that this is essentially the XOR operation. For example, we take P = “1000001” and S = “0101111” to get C = “1101110” (spoiler so that you may DIY), which means we encrypted ‘A’ to ‘n’. Although the importance of S is evident, it further increases when we realise the decryption is also of the form
| $$ ( C_{i} + S_{i} ) \mod 2 = P_{i} $$ for each position 'i' in a stream |
Now the name keystream must make more sense since it is clearly a stream of bits which act as a key. Also, notice that the keystream is same for both encryption and decryption, thus reinforcing our belief that it is an SKC cipher. So, for excellent security, the keystream must be something difficult to crack, something unpredictable (to those with greater knowledge, different from “irreproducible” here). Here we arrive at the vital idea of “randomness” in the keystream. Although covering this in-depth is outside the scope of the article, we now know that S must somehow be randomly produced.
Stream ciphers are further classified based on the method of production of the keystream into Synchronous stream ciphers, which generate the keystream in a fashion independent of the message stream but by using the same keystream generation function at sender and receiver and Self-synchronizing (or Asynchronous) stream ciphers which calculate each bit in the keystream as a function of the previous \(n\) bits in the keystream. As you may have realised, the example above was of a Synchronous cipher. For Asynchronous ciphers, the decryption can stay synchronised with the encryption merely by knowing how far into the \(n-bit\) keystream it is.
Stream ciphers are often used for their speed and simplicity of implementation in hardware, and in applications where plaintext comes in quantities of unknowable length like a secure wireless connection.
Block ciphers
Block ciphers treat the plaintext as a combination of fixed-length blocks. They consist of an invertible encryption function and its inverse, which is used for decryption. A formal definition of the Encryption function would be:
| $$E_K(P) := E(K,P): \{0,1\}^k \times \{0,1\}^n \rightarrow \{0,1\}^n$$ |
This means it is a function that takes the Key \(K\) of length \(k\) bits and the Plaintext \(P\) of length \(n\), called as the “block size” and gives a \(n-bit\) Ciphertext \(C\) as output. Its inverse \(D_K(P)\) will also have this definition (of course, with the addition of it being the inverse of E).
This definition may sound very vague as compared to Stream ciphers, and this is because Block ciphers are very generic. In addition to being used for encryption as discussed, they could be modified to use as a Stream cipher, a PRNG, Hash functions and much more! This is possible because there are several ways to use them, called as “Modes of Operation”, depending on whether they have a Deterministic end (ECB mode) or a Probabilistic end, which, based on an additional input value (called as an initialization vector), creates randomization of the plaintext data (CBC mode). The most famous and most used Block ciphers are AES and DES. Most Block ciphers are based on the Feistel Cipher.
That may have been a lot to take in, so let us look at an example for Block cipher. Suppose \(P = \text{"parent"}\) and \(K = 125\) with \(n=2\). This means we will break our Plaintext \(P\) into blocks of length 2 (since \(n\) is \(2\)) and operate our key as \(1\) for “pa”, \(2\) for “re” and then \(5\) for “nt”. Now we have to define an encryption method. Let us take it as a Caesar cipher, where key ‘t’ tells us that there is a t-shift Caesar cipher. Hence, we get the following encryption process:
“pa” \(\rightarrow\) “oz”
“re” \(\rightarrow\) “pc”
“nt” \(\rightarrow\) “io”
So we get Ciphertext \(C\) as “ozpcio”.
Criticism
SKC methods are really fast, but the biggest hole in these is the problem of transfering the key. This problem was solved by the introduction of Public Key Cryptosystems.
