Symmetric ENCRYPTION

A Symmetric cipher is an algorithm which uses only 1 key for both encryption and decryption. So the same key is used to convert the plain text to encoded text and to convert the encoded text back to plain text.
This is under assumption that the key remains in safe hands, the key is easy to remember or convey in a secure manner.
The algorithms which use the keys are generally known, or can be acquired by a bad actor, so the only thing which is holding the encrypted text safe is supposedly the secret key.

The whole encryption logic at the heart is transposing the data and un-transposing it back to decrypt. There are 3 main operations which are performed in generating the encrypted text and they should be reversible.

Substitution

Replacing one piece of text by another known piece. This can be plain like incrementing a char by a fixed quantity as P + 2 = R or having a lookup table to have a character replaced by another character

Permutation

This is switching position of characters based on a predefined pattern. So character at position 5 goes to position 7 and position 7 character goes to position 15 and so on.

XOR

The bitwise XOR has a incredible feature ‘involution‘ which means the function is an inverse of itself. So if we have an input bit array, and we apply a XOR operation to it with a key, we get an output. Now if we take the output and XOR it with the original key again, we get back the input. This bidirectional nature makes it convenient for cipher algorithms.

substitution and Permutation boxes

Substitution box (S-box)

This mechanism refers to a table of data and picks the corresponding value from the table based on input.
In below case if input is 110000, in DES algorithm, it picks the most and least significant bits 110000 to form 10 to identify the row and picks the middle 4 bits of 110000 to identify the column, and makes the appropriate selection of a 4 bit number. This way it translates a 6 bit sequence to a 4 bit sequence.

Permutation box

This is simple transposition of bits from one location to the next. In DES a block of 32 bits is transposed using the following matrix

So bit at 0 comes from 16th place from input, the 2nd bit comes from 7th bit of input and so on. This can also be used to expand the data to introduce randomness, so destination block can be bigger and some bits may be repeated. This usage is then called the expansion box.

Cracking the ciphers

There are many approaches to break a cipher and regenerate the plain text without the key.

Brute force – Uses all possible combination of the keys with some optimizations.

Information leaking – Analyzing the encrypted text for repeated patterns which can give a way to identify the key.

Frequency analysis – Relies on Information leaking, it relies on statistics to identify most common characters, pattern spread to come up with next steps which can help identify the key

Dictionary attack – From the generated options, the bad actor can narrow down best options by running all outputs against a dictionary to filter out wrong options resulting in less need of a manual analysis.

Preventing the cracking

The ciphertext should give no clue about the plaintext or the key. Information leaking is the main reason how cipher can get cracked. A bad actor can attempt multiple options after identifying some pattern in the output.

Shannon Confusion
We need destroy pattern present in the plaintext. This will make it hard to find the key even if large number of plaintext<->ciphertext pairs are available. This is achieved by using substitution boxes which are large and randomize the input properly.

Shannon Diffusion
The assumption here is that if we change a single bit in the input (plaintext) then half of the digits in the output (ciphertext) should change. Which prevents a bad actor from deriving the key by mapping output bits to specific bits in input key. This is achieved by using permutation boxes.

Caesar cipher

The Caesar Cipher, used by Julius Caesar around 58 BC, is a substitution cipher that shifts letters in a message to make it unreadable if intercepted.
In the below diagram, a key of 2 is used to shift all characters by 2.

Based on above mapping, the input text is translated to a encrypted text. To decrypt the text we just have to go back 2 characters at each spot

Cracking Caesar cipher

  • Brute force – Since we have only 26 possible shifts, we can try 1 at a time and find out which one is correct
  • Frequency analysis – We know E, A, I etc. are having more frequency in English text, so we find the most frequent occurring character and get its distance from E, A and I and those 3 may become our keys, so instead of 26 iterations, we can solve it in 3 iterations.

Vigenère cipher

This is very similar to Caesar Cipher, instead of using a numerical key, we use a word as key. From that word we take the numerical value of each character and apply the Caesar transformation sequentially and repeatedly to the plain text.

Cracking Vigenère cipher

  1. First we have to identify the length of the secret key. This is done by Frequency analysis, In large texts we will have repetitions and by luck we will have part of the key line up exactly over the repetitions, so we will be able to identify the gap between the repetition and use the possibly factors. Then we identify more repetitions and get their factors, and get a common possible factor among all repetitions. This requires some work, but is not hard.
  2. Once we have the key length(N), we can take every (Nth) char and build N strings and apply frequency analysis or brute force to the N strings to identify its possible key (Nth value)
  3. We can reassemble the N strings into the output string, but since we will have to many outputs to visually analyze, we can look up generated words in output string against a dictionary and display only possible valid output strings to user to finalize

DES (Data Encryption Standard) cipher

The Data Encryption Standard is a symmetric-key algorithm for the encryption of digital data. Although its short key length of 56 bits makes it too insecure for modern applications, it has been highly influential in the advancement of cryptography.
Even though it takes input as 64 bit key, it discards 8 bits to work with only 56 bit key.

As you see above, it repeats the encryption process 16 times, using a different derived key every time. Most of the operations are permutations (swapping bits based on a predefined table). The keys are also derived using permutation logic only.

Inside the round function there are 2 XOR functions and permutation functions, expansion is also a permutation with repeated values.

Cracking DES

Brute force method was used over the 2^56 combination of keys in 1990s to break the encryption in 22 hrs. It will be a matter of minutes now to crack it simply using Brute force.
Linear and Differential cryptoanalysis are ways to detect a linear function between the key, the plain text and the encrypted text as Encrypted = f(plainText, key). This is possible because of Block oriented approach of DES and possible information leaking because of weak permutation combinations where data is not properly diffused. The differential method looks for delta changes between input and output and relies on poor mappings in Substitution box resulting in information leaking.

AES (Advanced Encryption Standard) cipher

AES is block cipher with a block size of 128 bits (16 bytes – or 4 words of 4 bytes each) and key size of 128/192/256 bits which make it secure against brute force hacking.
The core of AES also is permutation boxes and substitution boxes.

The main transformations are very similar to DES, but because of large sizes of permutation and substitution boxes, and an added feature of mix columns (multiplication matrix) it results in less information leaking which can be detected by Linear and Differential cryptoanalysis. The sub-key generation algorithm here also deploys a combination of XOR and permutation boxes while feeding in outputs from previous steps as inputs of next steps.

Cracking AES

The DES key space is 2^56 bits whereas the AES key space is 2^256 bits making brute force attacks virtually impossible.
The permutation and substitution boxes used in conjunction with matrix multiplications and complex sub key generation gives it excellent diffusion and confusion metrics. This help it in avoiding information leaks which can be detected using linear and differential cryptoanalysis making it very secure symmetric cipher.

 

Cheers – Amit Tomar