Chapter 1 Introduction to Cryptographyshodhganga.inflibnet.ac.in/bitstream/10603/36964/9/09...1.1...

1

Chapter 1 Introduction to Cryptography

[A]Communication and Information Security

Human beings have started communicating long before they actually started

speaking. In biological world, communication need not be intentional or

cooperative. It comprises of physical or behavioral characteristics that influence

the behavior of others. Intentional communication is one in which the

communicator controls the use of signals. In case of the cooperative

communication, communicator’s goal is to help or share information with the

recipient. The information is some facts about emotions, knowledge or sense of

understanding. Humans have been using gestures, drawings, scripts and verbal

techniques for communication. Communication may done by directing the

attention of recipient spatially to something in immediate perceptual environment

or by directing imagination of recipient to something that is not in immediate

perceptual environment by simulating an action, relation, or object [72]. In tribes,

messages were used to be sent through smoke, drum beating etc. Use of verbal

and non-verbal, symbolic language to communicate was used much later and there

is no clear idea of the time with evidence, when written communication started. It

is believed that communication started with graphical symbols or drawings. There

have been proofs of use of writing about 7000 B.C. in the Indus valley civilization

that have been uncovered in Mehrgarh and other sites of the Harappan period of

2600-1900 B.C. called the Indus writing or the Sarasvati writing [104]. In fact,

Indian history enlists incidents of kings using birds like pigeons to send messages.

Some kings used the system of sending messages using foot messengers or horse

messengers. The senders have always desired to communicate information to be

available to its intended recipient only. Humans always were interested in

protecting their message information for various reasons – Trade secrets, personal

INTRODUCTION TO CRYPTOGRAPHY

2

information, business logic, secret recipe, private communications, art, religion,

military and diplomatic information etc were supposed to be communicated

securely. This intention has catalyzed the inventions of secure methods of

information transmission using some methods. There can be three approaches to

securely send the information:

1. Establish a secure communication line between users. This is never

possible, as there can be no such technology possible.

2. Use a public communication link to transmit information but in hidden in

some physical or non-physical material and one has to re-discover it. When

information is hidden in a picture, it is called steganography.

3. Transform information such that only an authorized receiver would get it

for reconstruction of original message. This is done by use of encryption

methods that transform the original information (plaintext) using some

operations and rules to ciphertext. At the receiver end, a decryption method

using operations and rules corresponding to the encryption is to be

performed to obtain back the plaintext.

Option 2 and 3 for information security have been in use for securing information

as secure communication line between each pair of users is not cost effective. In

Ramayana period, secure communication used by Sri Ram to send message to

mata Sita was by using his signatures (in form of ring) was carried along with the

message passed by Hanumaan Ji. “Pache Pawan tanay sir nawa, jaani kaaj

Prabhu Nikat Bolawa

Parsa sheesh saoruh paani, karmudrika deen jan jaani”. When Hanuman

presented the ring of Lord Ram to Sita ji, she recognized that the messenger

Hanumaan is genuine and was overjoyed. It presents a practical example that used

ring signature for authentication of message [53]. Kings used skulls of slaves for

writing the message that the sender kings wants to communicate to the recipient

SOME CRYPTOGRAPHIC ALGORITHMS FOR SECURE NETWORK COMMUNICATION

3

king. After the hair grew back to the skull, the slave travels to the recipient

carrying the secret message covered under his hairs. The recipient at other end

could receive the information by shaving the slave’s hairs from the skull [113]. In

the novel ‘Romeo and Juliet’ written by Shakespeare there are instances when

Juliet sent encrypted message to her beloved so that no villain can read the

message.

1.1 Communication Technologies

Means of mass communication used by humans have changed from time to time.

Ordinary mails needed time to deliver due to slower transportation facilities (both

water and surface) for taking the physical mails to their delivery points. The

scenario was changed to faster telegraph in 1835 when Samuel Morse, a professor

of arts and design at New York University, proved that signals could be

transmitted by wire. It used pulses of current to deflect an electromagnet that

moved a marker to produce written codes using dots and dashes on a strip of paper.

Until 1877, all long-distance communications that needs to be done faster

depended upon the telegraph. In 1879, the official arrival of another technique of

communication came into existence, the telephone system. With the invention of

telephone and now the telecommunication technologies, all brought a way to

communicate faster [70]. The use of telephone and telecommunication

technologies has been greater than its earlier means as it involved direct voice

connection between the persons involved. It was in 1962 that JCR Licklider

proposed the idea of a galactic network of computers that could talk to one another.

This was implemented in 1965 at MIT, America and there took the birth of

ARPAnet. In the year 1970, Vinton Cerf gave the Transmission Control Protocol

and the Internet Protocol to transfer packets over the network. Later, in 1991, Tim

Berners Lee introduced the World Wide Web: an internet that can be used to

access information by anyone apart from sending and receiving files using modern


4

day Internet [109]. In the year 1992, when a group of researchers at University of

Illinois developed a browser that can be used to see words and pictures on the

same page and navigate using clickable links, Internet was used for commercial

purpose. It was this time that the Internet became a popular, powerful way of

communication.

1.2 Internet and Information

With invent of Internet and its means, the growth rate of volume of

communication has increased manifolds. Internet is not only cheaper means of

communication but also is faster than most of other modes. The rise in quality and

fall in price of communication has been a crucial factor in deciding the usage of

the medium of communication [9].

Two forces that have influenced use of means like cryptography in business and

establishment of Internet as a communication channel [46]. Internet technological

boom has made the society changed its way it create, collect, process, manipulate

and share the information. Present Internet savvy society shares the information

using various networks at the rate of millions of private messages per day [42].

Moreover, using Internet for business purpose is also on rise and this has further

promoted message communication, business, e-payments and online transactions.

Governments all over the world have also realized that the use of networks to

perform operations swiftly and have rightly promoted e-Governance. It deals

with application of Information and Communication Technology (ICT) for

delivering services, information exchange, integration of various systems and

services between Government to Citizens, Business, and Government. India and

many countries in the world have realized the importance of ICT in office

processes and interactions within the entire government framework [41, 49].

Planning Commission of India had proposed unique identification project that

provides identification for each resident across the country. It uses information

network of various organizations to link information about its citizens and aims to


5

keep track of all academic and financial activities. Even this project faced

criticism due to issues related to security and privacy of information related to

persons that poses a danger to our sovereignty [2, 96, 108]. During electronic

transactions, people are missing the digital equivalents of traditional hand written

signatures, face-to-face recognition and thus do not like to share the information

with one and all. It is noteworthy that irrespective of which communication

technology was used by the humans, there has been a serious concern about the

security and privacy of the information being shared over these communication

technologies.

1.3 Security Attacks

People are always interested in knowing what is happening in other person’s life.

They try to peek into other’s lives and try to know what others are doing. Same is

true for messages that are communicated between two persons. There are people

who wish to either know ‘what was communicated’ or will ‘try to alter the

message that was communicated’. Any action that compromises the security of

information owned by a person/organization is a security attack. These may be

broadly categorized as:

Passive attack

In such attacks information is seen but not altered by the intruder. There are no

changes in the ciphertext and thus it is difficult to detect if someone has seen the

information.

Active attack

In such attack, information is seen and used/altered by the intruder. These types of

attacks create more problems as there is alteration/loss of information.


6

Passive Attack Active Attack

Fig. 1.1: Types of Attacks

1.4 Security of Information

The situations that pose serious threat to information, call for its security. But it

doesn’t mean to lock the information in a locker and hide the locker so that one

cannot read it. In fact, it exists if the locked information, the locker along with its

design specifications are available so that one can study the mechanism and still

not able to open the safe and read the information. As per the definition given by

Wikipedia, ‘Information security means protecting information and information

systems from unauthorized access, use, disclosure, disruption, modification,

perusal, inspection, recording or destruction.’ Its goal is to provide confidentiality,

integrity and availability of information at all times [118].

Computers have become an integral part of businesses but can no longer run

without information and a reliable communication medium. High cost of setting

up own private network of communication has resulted in use of Internet for

business communication. Similar expenditure is to be borne for any other type of

organization involved in national defense, research and development, scientific


7

explorations, banking, financial transactions, medical, engineering, copyrights &

patents etc. So organizations are forced to go for using the unsafe but cheaper

medium of communication, the Internet. When the information is transferred over

Internet, there may be many threats to the information like phishing, virus, Trojan

horse etc which aim for breaching the security of the information. In all the above

cases, one would require a variety of countermeasures to safeguard the

information [72].

The countermeasures include: Securing the information: Physically, at Hardware

level and using Security Password, using Cryptography, Database Security,

Intrusion Detection System etc. Use of encryption/decryption is a primary method

of protecting valuable electronic information on a computer system or when

communicated over the Internet.

However, it is important to note that:

1. No form of security is automatic.

2. No form of security can do it all alone. Even most advanced techniques may

not work in isolation; it can do only some part of the complete job.

1.5 Cryptography

Cryptography is a key technology used for electronic data security. Cryptography

(or cryptology) has its roots in Greek language. It has been derived from Greek

word ‘kryptós’ which means ‘hidden,’ and the verb ‘gráfo’ means ‘write’ and

‘legein’ means ‘to speak’. Thus Cryptography means the study of message

secrecy. The concise Oxford Dictionary (2006) defines cryptography as the art of

writing or solving codes. Earlier, cryptography was treated as an art of

disguising/scrambling the information so that the secret writing is not

understandable to all except the actual recipient, who is aware of the technique of

knowing the actual message passed. Anything in the world can be hidden from


8

the sight and revealed again. The magician David Copperfield has made his living

from hiding enormous things like elephants and the Statue of Liberty – and then

magically revealing them again. To make things disappear and reveal again, one

should have ‘a plan of action – a formula or recipe – to make the magic work’ [25].

Similarly, cryptography needs to have a formula or logic for scrambling and then

re-order the data from time to time. This recipe for hiding data is called a

cryptographic algorithm. Prior to 1970s, cryptography was a black art, understood

and practiced by only a few government and military personnel. However, it is

now that people have practice cryptography in daily life. There are well-

established universities that teach it as a subject [46]. The cryptographic

algorithm is a precise set of instructions that tells how to scramble and unscramble

data. The designing and breaking of such algorithms relied on the creativity and

personal skills of the cryptographers. In the late half of the 20th century, the

scenario changed with invent of computers. Security of message using digital

signatures, protocols for key exchange, message authentication all required hard

mathematical operations and computationally hard problems. Cryptography is

now termed as an art and science of information security. Earlier, cryptographic

algorithms were used by the military and intelligence services. Now it is used by

almost everyone in their day to day internet communications [63].

1.5.1 Basics of Cryptography

The basic idea of any cryptographic cipher is to disguise the confidential

information in such a way that its meaning is not understandable to any

unauthorized person. There can be two possible scenarios one may require

disguising information is to save a file on a local machine or to save the

information to be transferred over an insecure medium of communication, the

Internet. The information to be concealed is called the plaintext (m) and the

operation of disguising the information is called encryption. The encrypted

plaintext is called the ciphertext or the cryptogram (c) and the set of rules used to


9

encrypt the information is called the encryption algorithm (E). Normally the

operation of this algorithm depends on some input used other than the message.

This input is called encryption key (k). The receiver of the ciphertext or

cryptogram has the decryption algorithm (D) which when used with the decryption

key, produces the plaintext from the ciphertext or cryptogram. Any person who

intercepts the message being communicated over the communication channel is

called an interceptor/adversary/eavesdropper [46].

Fig. 1.2: Basics of Cryptography

1.5.2 Objective of Cryptography

In a computer, the data is normally protected due to physical access control and

logical access control policies. During communication of information, data is no

longer in the control of originator, and originator’s access control mechanisms

cannot secure the data. In such cases, cryptography provides sufficient security of

data. It is useful in protecting data inside and outside the boundaries of a

computer system. Cryptography can be used to provide all the security services

like:

1. Data integrity. The receiver may check that the communicated message

was not modified during transmission. Using cryptography, one can add a

message authentication code (MAC) on the message using his key and

some code.

2. Authentication. The receiver should be able to verify the original sender.

m=D(c,k)

Communication

k

Decryption algorithm

m

Receiver Sender

c=E(m,k)

m

k

Encryption algorithm


10

3. Non-repudiation. The sender should not be able to deny that he has not

sent the message. Whitfield Diffie and Martin Hellman produced the

electronic equivalent to the hand-written signatures in the paper New

Directions in Cryptography, used as digital signatures that the sender

attaches with the message. The message along with the digital signatures

can be used to authenticate sender as well as to use for non-repudiation.

Moreover, sender can be identified by the receiver by checking the

combination of key and message [54].

4. Confidentiality. Transmitted message should not be visible to all. It should

only be viewed by its intended receiver. Using encryption algorithms, one

can transform the original message into some non-readable form that is

only understandable by the receiver after applying decryption algorithm.

1.5.3 Use of Cryptographic algorithms

Cryptographic encryption algorithms may be used statically and dynamically.

Encryption of data before sending it to the storage servers is generally carried out

by special cryptographic Network Interface Cards (NICs) called static encryption.

It is a fast process done offline by the desktop or intermediate server also known

as store and forward servers that are in the networks. In this case, the encryption

key is stored with the encrypted data while it is on the intermediate machine doing

encryption. If someone gains unauthorized access to that intermediate server,

entire data can be decrypted.

The newer versions of Windows (2000, XP etc) have cryptographic capabilities

built into the operating system. The Encrypted File System (EFS) works with the

drives that use New Technology File System (NTFS) format for storage of data.

Any file or folder can be encrypted where everything dropped into the folder is


11

encrypted. Data can also be encrypted on Ethernet connection known as dynamic

encryption. Data is encrypted as it is transported from the desktop to some storage

server. The interesting thing is that it is difficult to find the key used for

encryption as there would be different kind of data travelling on the connection.

One cannot identify which data is to be picked. However, this scheme requires a

lot of processing and can make large traffic flow over the networks [25].

1.5.4 Effectiveness of Cryptographic algorithms

Cryptographic algorithms use key and algorithm that is used to convert the

message to ciphertext using a key. The ciphertext is then converted back to the

original message using decryption algorithm and a key at the receivers’ end.

Hence, encryption-decryption is the procedure that is used to apply the science of

cryptography to ensure the confidentiality of messages being communicated.

Generally, the algorithm is large, usually a combination of mechanical or

electronic device(s), or based on some complex mathematical procedure. But the

algorithm cannot be kept secret. Thus the overall security of any cryptographic

system is dependent on the secrecy of the key. Moreover, one cannot be sure

about the breaking of any of the cryptosystems even after providing some

mathematical proof that the system cannot be cracked. A cryptographic system

may be secure for one purpose but not for other depending on the demand of

keeping the information secure for certain period of time. A cryptosystem that

cannot be broken at present may succumb to cryptanalysts in the near future [79].

[B] Mathematics of Cryptography

Every cryptographic algorithm uses certain mathematical background. The

working of most of the cryptographic algorithms and the basis of their strength

reside in the mathematical operations used in the cryptographic algorithms.

Generally these are some operations that are reversible and fast to decrypt, if


12

known. If one is not aware of it and tries to make a guess, it would be difficult to

decrypt. This section deals with the mathematical structures and operations that

are used by cryptographic algorithms. It aims at identifying structures and

operations used in some popular algorithms.

1.6 Data Structures

Data Structures are the mathematical structures that can be used for data storage,

access and manipulation of data and it also involves analysis of structures with

respect to their time and space requirements during operation(s) on it. According

to Chris Okasaki, data structures has at least four distinct but related features: an

abstract data type (abstraction), a concrete realization (implementation), an

instance of a data type (object or version) and a unique identity that is invariant

under updates (persistent identity) [26]. The choice of structure affects the way

and speed of access, and manipulation time on data stored in the structures. The

strength and limitations can be analyzed on the basis of ease of

insert/delete/update operations, the use of extra memory space while applying

operations and complexity of writing their code.

1.6.1 Arrays

Arrays are set of homogeneous elements that are stored at contiguous locations in

the memory and are accessed using index values and a common name. A series of

memory locations that use the same name to access the elements using index value

containing a particular type of information is an array. By ‘type’, it means some

basic data type like char, int, float or pointer etc [61]. This structure makes

working with larger amounts of data very easy. The arrays can be one

dimensional, two dimensional or multi-dimensional depending on the number of

index values used to access an individual element of it. Consider the C statement

int a[5];


13

It defines a one dimensional array of integers that can store 5 elements. Elements

can be accessed using common array name ‘a’ and index number between 0 and 4

(included). Mostly two-dimensional arrays have been used in the encryption

algorithms.

Use in Security

Most of the substitution ciphers and block ciphers like Data Encryption Standard

(DES), triple DES, Advance Encryption Standard (AES), Caesar cipher use basic

array structure [37]. DES originally published by National Bureau of Standards

(NBS) – a branch of the Department of Commerce in USA, now called NIST, used

64-bit block plaintexts. This plaintext and the corresponding S-box used in the

algorithm is a one dimensional array [55]. Rijndael algorithm designed by Joan

Daemen (Proton World International, Belgium) and Vincent Rijmen used a two

dimensional square of 128 bits message block. It was a 4X4 square matrix of

bytes on which some operations of byte-wise substitution, circular shift of rows,

Mix columns and bitwise XOR operations were applied [103]. Arrays, one

dimensional/two dimensional/multi-dimensional, have been the most popular

choice amongst cryptographers due to storage in contiguous memory locations and

direct access using proper choice of index value. Generally, algorithms use arrays

to manipulate information at various index values randomly. The operation of

insert/delete that requires some re-arrangement of data is not used in generation of

cryptographic algorithms frequently. It requires single cluster of memory but that

has not been an issue now-a-days with larger RAM and other memory devices.

1.6.2 Trees

Trees are non-linear hierarchical structures whose performance is good while

searching an element from the information. It is an acyclic connected graph where

each node has zero or more child nodes and at most one parent node. The quest

for reaching the minimal time of O(log2 n) has resulted in formulation of various


14

types of trees. However, trees suffer from accessibility problems due to searching

from a fixed ‘root’ node and traversing various branches for an item. It is also

important to note that the tree is implemented using linked list or arrays only.

Thus, the advantages and limitations of tree depend upon the type of internal

structure used for implementation of various forms of tree.

Use in Security

Various forms of trees are used in information security. Trees can be used to

monitor verification of the file structure. Trees are also used in identification of

the security level to be provided as per the type of information. While building

software systems, security testing approach uses threat trees to build secure and

dependable systems [1]. Attack trees are used to comprehensively evaluate

security breaches that are possible in a system and make a strategy of attack [17].

Most recent use of advance form of trees, the Merkle Hash Trees has been in the

verification of online data in the cloud servers using Merkle Signature Scheme a

reasonable alternative to conventional signature schemes [50].

1.6.3 Preferred Structures

Due to the contiguous storage, ease of direct access & manipulation of elements

and non requirement of sorted data, arrays have been the first choice of almost all

the cryptographers. Generally, one dimensional array has been used in most of the

block ciphers like AES, DES, and Blowfish etc [55, 18]. Some cryptographic

algorithms have used two dimensional arrays for manipulation of the information

like Rijndael algorithm. Moreover, tree and its forms have been in use for

verification of sender/receiver or information placed in some other data structures

[37].


15

1.7 Mathematical Operations

The art of disguising the information involves the use of some mathematical

operations that are reversible in nature and can be applied with ease.

Cryptography is based on number theory, linear algebra, and algebraic structures.

In this section, we try to understand integer arithmetic, concentrating on modular

arithmetic, emphasize and review matrices for use in cryptographic algorithms

[72]. Until 1970s, cryptographic algorithms were based on private key. It means

that someone who has enough information to encrypt the message has enough

information to decipher it. These are based on the invertible functions. Later a

different class of cryptographic algorithms was suggested by Diffie and Hellman

that initiated the use of different key for encryption and decryption and

revolutionized the world of information security. A brief introduction to some of

the mathematics used in cryptography is given in the coming section.

1.7.1 Functions

A set consists of distinct objects which are called elements of the set. For example,

a set X might consist of the elements a, b, c, and this is denoted X = {a, b, c}.

A function is defined by two sets X and Y and a rule ‘f’ that assigns to each

element in X precisely one element in Y. The set X is called the domain of the

function and Y the co-domain. If x is an element of X (usually written x ε X) the

image of x is the element in Y which the rule f associates with x; the image y of x

is denoted by y = f(x). Standard notation for a function f from set X to set Y is f :

X -> Y . If y ε Y , then a pre-image of y is an element x ε X for which f(x) = y.

The set of all elements in Y which have at least one pre-image is called the image

of f, denoted Im(f).


16

Fig. 1.3: A function

One-way functions

A function f from a set X to a set Y is called a one-way function if f(x) is ‘easy’ to

compute for all x ε X but for ‘essentially all’ elements y ε Im(f) it is

‘computationally infeasible’ to find any x ε X such that f(x) = y.

Take X = {1, 2, 3,…, 16} and define f(x) = rx for all x ε X where rx is the

remainder when 3x is divided by 17. Explicitly,

Table 1.1: One-way function of f(x) = rx

x 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16

f(x) 3 9 10 13 5 15 11 16 14 8 7 4 12 2 6 1

Given a number between 1 and 16, it is relatively easy to find the image of it under

f. However, given a number such as 7, without having the table in front of you, it

is harder to find x given that f(x) = 7. Of course, if the number you are given is 3

then it is clear that x = 1 is what you need; but for most of the elements in the co-

domain it is not that easy.

Diffie-Hellman key exchange is based on the one-way function, an arithmetic

operation that is easy to do or perform but extremely difficult to undo or reverse.

Gx mod P function is used given the values of G and P it is straightforward.

However, given the result of calculation, it is extremely difficult to determine the

value of x [60].


17

Trapdoor one-way functions

A trapdoor one-way function is a one-way function f: X -> Y with the additional

property that given some extra information (called the trapdoor information) it

becomes feasible to find for any given y ε Im(f), an x ε X such that f(x) = y. Most

of the functions based on the above type are deterministic in nature that plaintext

will always be converted to the same ciphertext. The art of cryptography was

radically altered when Diffie and Hellman invented an entirely new type of

cryptography called public key cryptography that has its base in use of trapdoor

function [79].

Permutations

Let S be a finite set of elements. A permutation p on S is a bijection from S to

itself (i.e., p: S ->S).

Example

Let S = {1, 2, 3, 4, 5}. A permutation p: S ->S is defined as follows:

p(1) = 3, p(2) = 5, p(3) = 4, p(4) = 2, p(5) = 1

A permutation can be described in various ways. It can be displayed as above or as

an array:

1 2 3 4 5

3 5 4 2 1p

=

Most of the cryptographic algorithms have been using the permutations during the

key shuffling process or the scrambling of the data. In DES algorithm, there are

eight secret fixed tables S- boxes used to perform substitution operation of the

different blocks [11]. However, in some ciphers the tables are generated

dynamically from the key; e.g. Blowfish, a 128-bit block cipher that accepts a


18

variable-length key up to 256 bits and is a 16-round Feistel network with a

bijective F function made up of four key-dependent 8-by-8-bit S-boxes and

Twofish encryption algorithms.

Involutions

Let S be a finite set and let f be a bijection from S to S (i.e., f: S -> S).

The function f is called an involution if f = f-1. An equivalent way of stating this is

f(f(x)) = x for all x ε S.

Fig. 1.4: An involution on a set S of 5 elements

The number of involutions, including the identity involution, on a set with n = 0, 1,

2, …and so on, elements is given by a recurrence relation found by Heinrich

August Rothe in 1800:

a0 = a1 = 1;

an = an−1 + (n − 1)an−2, for n > 1

The first few terms of this sequence are 1, 1, 2, 4, 10, 26, 76, 232 and so on [4].

This gives a clear idea about the number of involutions. 232 involutions are

possible for set containing 7 elements. If one uses some number of involutions in

series for creating an encryption/decryption algorithm, the complexity of actually

finding out the correct involutions used turns out to be a very difficult job for the

intruders.


19

1.7.2 Prime Numbers

A prime number (or prime integer, often simply called a ‘prime’ for short) is a

positive integer p > 1 that has no positive integer divisors other than 1 and p itself.

There are infinite numbers of prime numbers and Cryptography, especially public-

key cryptography, uses large primes. Cryptography uses ‘strong primes’ that make

the product of two primes say, n, hard to factor by specific factoring methods. It is

difficult to find the existence of a large prime factor of p-1 and a large prime factor

of p+1. In fact, the large prime numbers are used in defining key combination in

Public Key Cryptography.

The key idea behind the Public Key Cryptography is based on the complexity of

calculating the factorization of large numbers is very difficult. In RSA algorithm,

prime numbers p and q (of 200-300 digits in base 10) are taken and N = p.q is

computed. Then we take a function ϕ(N) = (p-1)(q-1) is calculated. Now, a

natural number that is co-prime with ϕ(N) is taken say e < ϕ(N) and calculate

another natural number d<ϕ(N) such that d.e≡(mod ϕ(N)). The numbers N, p, q, d

and e are used in encryption algorithms such that no one can read the actual text

being communicated without computing the numbers mentioned, which is very

difficult job [5].

1.7.3 Greatest Common Divisor (GCD)

GCD of two non-zero integers, is the largest positive integer that divides both

numbers without remainder. The greatest common divisor of a and b is written as

gcd(a, b), or sometimes simply as (a, b).

e.g. gcd(12, 18) = 6, gcd(−4, 14) = 2 and gcd(5, 0) = 5. Two numbers are called

co-prime or relatively prime if their greatest common divisor equals 1. For

example, 9 and 28 are relatively prime.


20

1.7.4 Exclusive-OR (XOR) Operation

Exclusive OR (XOR) is one of the fundamental mathematical operations used in

cryptography (and many other applications). George Boole, a mathematician in the

late 1800s, invented a new form of ‘algebra’ later named Boolean algebra that

provides the basis for building electronic computers and microprocessor chips.

George Boole defined a set of primitive logical operations where there are one or

two inputs and a single output depending upon the operation. The Input and

Output are either TRUE or FALSE. The most elemental Boolean operations are:

1. NOT: The output value is the inverse of the input value (i.e., the output is

TRUE if the input is false, FALSE if the input is true)

2. AND: The output is TRUE if all inputs are true, otherwise FALSE. (e.g.,

“the sky is blue AND the world is flat” is FALSE while “the sky is blue

AND security is a process” is TRUE.)

3. OR: The output is TRUE if either or both inputs are true, otherwise FALSE.

(e.g., “the sky is blue OR the world is flat” is TRUE and “the sky is blue

OR security is a process” is TRUE.)

4. XOR (Exclusive OR): The output is TRUE if exactly one of the inputs is

TRUE, otherwise FALSE. (e.g., “the sky is blue XOR the world is flat” is

TRUE while “the sky is blue XOR security is a process” is FALSE.)

In computers, Boolean logic is implemented in logic gates; for design purposes,

XOR has two inputs and a single output, and its logic diagram looks like this:

XOR 0 1

0 0 1

1 1 0

Fig. 1.4: XOR Table


21

So, in an XOR operation, the output will be a 1 if exactly one input is a 1;

otherwise, the output is 0. The real significance of this is to look at the ‘identity

properties’ of XOR. In particular, any value XORed with itself is 0 and any value

XORed with 0 is just itself. Also, if X and Y are two binary values then

X XOR Y = Z (say) and

Z XOR Y = X

This is the most widely used operation in the cryptographic algorithms due to self

–inverse property like involution. Most of the stream ciphers, SEAL, WAKE,

RC4, A5/1, A5/2 etc and block ciphers, Vernam cipher, SAFER K-64 cipher, DES,

GOST, IDEA etc use XOR operation to encrypt the data. Even the cipher E0, a

stream cipher used in Bluetooth standard used this operation like the Vernam

cipher [71, 103]. This is due to the fact that the effect of this operation can be

reverted back by applying the same operation again on the resultant value.

1.7.5 Modulo Operation

Modulo operation is the remainder function. To calculate X modulo Y (usually

written X mod Y), we determine the remainder after removing all multiples of Y

from X. Clearly, the value X mod Y will be in the range from 0 to Y-1. e.g.:

15 mod 7 = 1

25 mod 5 = 0

33 mod 12 = 9

203 mod 256 = 203

Modulo arithmetic is useful in cryptography because it allows us to set the size of

an operation and be sure that we will never get numbers that are too large. Caesar

Cipher, simplest cipher based on number theory is based on shift register using

modulus operation. E(m) = (m + shifts) (mod 26) = s and D(s) = (s − shifts) (mod


22

26) = m, for some letter m. Notice that the message m is encrypted to s, and get m

when decrypted. It’s important that our encryption function E and our decryption

function D have this relationship. In the popular RSA algorithm also called full-

fledged public- key algorithm, the security relies on the difficulty of factoring

large numbers. The public and private keys are functions of a pair of large (100 to

200 digits or even larger) prime numbers. Recovering the plaintext from the

public key and the ciphertext is conjectured to be equivalent to factoring the

product of the two primes. The process need to use modulo functions as discussed

in the coming Chapters [93]. SAFER K, a 64 block cipher also uses modulo

operations for encryption [103]. Diffie-Hellman key exchange is also based on

the modular arithmetic. It was the combined use of exponential and modular

arithmetic that provided the breakthrough needed to arrive at the scheme.

1.7.6 Swapping

It was observed that the operation of swapping value of two variables is explained

while discussing programming to students. Generally, it is performed with or

without using the third variable. It was identified that if the same operation is

carried out again on the same variables, the variables will have their original

values. It means the swap operation also has involution property.

X=10; Y=20 X=20; Y=10 X=10; Y=20

Original values values after swap operation values after two times swapping

Fig. 1.6: Swap operation

1.7.7 Random Numbers

Random numbers are a set of numbers arranged in a random order. These are

numbers arranged in order such that the occurrence of one digit in a series of

random numbers bears no relationship to the occurrence of any other digit. The


23

numbers abide by the following two conditions: (1) the values are uniformly

distributed over a defined interval or set, and (2) it is impossible to predict future

values based on past or present ones.

Generation of Random Numbers

Random numbers can be obtained from a sack of numbered beads as in bingo; or

from rotations of roulette wheel; or from any other randomizing device. However,

such physical generators of random numbers are not suitable for security aspects

due to (i) Excessive laborious and time consuming process (ii) a sequence of

numbers generated should not be reproduced at a later time or by another person

for repeating a security process in general. People around the world have been

working on producing random numbers using some alternate techniques other than

using physical generators [64, 114]. Many events were simulated on computer

programs to produce such numbers in the past [117, 110, 39].

Pseudorandom Numbers

A pseudo-random variable is a variable which is created by some deterministic

procedure. A computer program or subroutine that which takes some input and

produces some number sequence that may be categorized as random are called

pseudo-random number generators. The prefix ‘pseudo’ is used to distinguish this

type of number from a ‘true’ random numbers generated by a random physical

process such as radioactive decay and roulette wheel selection [75].

A Sequence generator is pseudo-random if it has the property:

1. It looks random. This means that it passes all the statistical tests of

randomness.

2. The distribution of the numbers should be even in the respective classes.


24

1.8 Organization of the thesis

Chapter 1: Introduction to Cryptography

This Chapter explains the conception of communication and technologies from

ancient to present perspectives. The reasons of using these approaches are cited

using examples taken from the history. The introduction of computers and then

the internet made the transfer of information possible at lightening fast pace.

However, the need of securely transferring the data gave birth to new domains that

intend to develop some techniques for secure communication. One such domain,

Cryptography, the art of secret writing, became popular for secure transfer of

information to the intended receiver. Mathematics of the subject has also been

included in this Chapter to provide an understanding of its basics.

Chapter 2: Survey of Literature

This Chapter focuses on some present the cryptographic algorithms on the basis of

their categorization. It studies the structures and operations used in development

of cryptographic algorithms and techniques. Categorization of the operations has

been done on the basis of their nature. The basic mathematical structures,

operations and evaluations from the literature have been cited in this Chapter. The

existing techniques of using the key(s) for encryption and decryption have also

been elucidated.

Chapter 3: A 3D Parity Bit Structure

This Chapter details about three dimensional array that can be used for error

detection/correction using parity bits. The results of the proposed scheme are also

presented by identifying the number of errors that can be corrected and/or detected

using this technique. It details the entire process of using the parity bits for such a


25

structure along with categorization of errors and their detection/correction, if

possible.

This Chapter is based on the paper:

“3D Parity Bit Structure: A novel technique to correct maximal number of bits in a

simpler way”, International Journal of Computer Science and Information Security,

Vol. 9 No. 8, August 2011, pp. 182-186, Published from Pittsburgh, PA 15213, USA,

ISSN: 1947-5500.

Chapter 4: A 3D Array Block Rotation Cipher

This Chapter elaborates a new approach of encrypting data using three

dimensional (3D) arrays. It uses a key of specified length that may be either

transferred with the ciphertext or can be obtained by an agreed upon Random

Number Generator (RNG). It uses circular shifts and entire 2D block rotations

through some axis of rotation to produce diffusion of information bits. It explains

the proposed algorithm by describing structure and operations used, key, its length

dependencies along with policy of rotational operations along with information on

its number of rounds. It gives the analysis of resulted ciphertext for the simulated

run using some test of randomness.

This Chapter is based on the papers:

“A Cipher based on 3D Array Block Rotation”, International Journal of Computer

Science and Network Security, Vol. 10 No. 2, February 2011, pp. 186-191, Published

from Korea, ISSN: 1738-7906.

“3D Array Block Rotation Cipher: an Improvement using lateral shift”, Global

Journal of Computer Science and Technology, Vol. 11, Issue 19, Version 1.0,

October/November 2011, pp. 17-23, Published from Cambridge (Massachusetts), USA,

SSN Numbers: Online: 0975-4172, Print:0975-4350, Print Estd.: 2001


26

Chapter 5: Modified Rijndael algorithm

The Chapter is devoted to modifications done in Rijndael algorithm that was

selected as Advanced Encryption Standard (AES) in June 2000 by NIST. The

algorithm was accepted for commercial use due to its symmetric and parallel

structure well adapted to modern processors and its suitability towards modern

technologies. It explains a use of two dimensional rotational step of the original

array block without increasing key length of the algorithm. The proposed scheme

increases the complexity of algorithm for a 128 and 256 bits block length. The

suggested alteration is capable to provide backward compatibility in the scenarios

wherever required.


“Design of a modified Rijndael algorithm using 2D Rotations”, International Journal

of Computer Science and Network Security, Vol. 11 No. 9, September 2011, pp. 141-

145, Published from Korea, ISSN: 1738-7906.

Chapter 6: A cipher based on Multiple Circular Arrays

The Chapter emphasizes on a novel a novel symmetric key algorithm is proposed

that uses Multiple Circular Array (MCA) structure. It uses a swap-merge

operation that has been designed to be used in conjunction with the multiple array

structure along with some more basic operations. The details like structure,

operations, key and proposed algorithm. Data collected after the test runs of the

cipher has been put to test of randomness to ensure the diffusion of plaintext bits.

The result analysis of proposed scheme has provided at the end of the Chapter.


“A cipher based on Multiple Circular Arrays”, International Journal of Computer

Science Issues, Vol. 10, Issue 5, September 2013, Accepted for Publication, Published

from Mauritus, ISSN (Online): 1694-0784, ISSN (Print): 1694-0814.


27

Chapter 7: Conclusion, Suggestions & Future Scope

The thesis was aimed at finding new dimensions in the area of security and

cryptography. It had explored and found use of some higher dimensional

structures in development of cryptographic algorithms. The study also reveals

some new operations on structures like the entire block rotation on matrices and

older swap operations used on elements of array for mixing of the data values of

plaintext in a new manner.

In nutshell, this thesis is an effort in designing some cryptographic algorithms for

secure network communication. Important observations regarding structures and

operations of some available algorithms were used to develop block ciphers. The

analysis of proposed and modified algorithms is provided by putting to

randomness tests that verify that diffusion of data. The proposed algorithms have

been implemented in C language. The results were collected and put to tests of

randomness. The analysis of tests is provided at the end of each Chapter. It also

elaborates use of parity bits in a novel manner for error detection and correction.

The future scope of research in the same direction is also provided so that

researchers working in this domain may develop the subject line. There have

already been some efforts made in this regard by some researchers before the

present work was presented as this thesis.

Chapter 1 Introduction to Cryptographyshodhganga.inflibnet.ac.in/bitstream/10603/36964/9/09...1.1...

Documents

Transcript of Chapter 1 Introduction to Cryptographyshodhganga.inflibnet.ac.in/bitstream/10603/36964/9/09...1.1...