cryptography

CHAPTER -1

INTRODUCTION

1.1 Introduction

Nowadays, security is always a concern for IT developers. It is not strange to see that any IT

conference that discusses this topic will always be packed out. Today the number of people

using the Internet continues to increase. This trend has increased the public awareness of the

need of secure application and the problems that are caused by failure in this area. For an e-

commerce company, breaches in computer security can reduce the public confidence in doing

online transaction with the company.

The word cryptography and the associated word cryptology have very similar etymological

origins. They are derived from the Greek words kriptos, which means “hidden”; graphos,

which translates to “writing”; andlogos, which is “word” or “speech.” In current usage,

however, they have slightly different meanings. Cryptography is the science of hiding

information. Encryption, sometimes called encipherment, is the act of concealing the

meaning of a message. Decryption or decipherment is the inverse process of returning it to its

original form. Any other, unauthorized method of recovering the original message is known

as cryptanalysis or “breaking” the message. Cryptanalysis is the combination of science, art,

and luck used to break messages or entire systems. The word cryptology nowadays refers to

the study of both cryptography and cryptanalysis. When designing a strong cryptographic

system, it is necessary to consider all possible attacks. In this essay, however, we discuss

cryptography only. We include only such references to cryptanalysis that aid the reader in

better understanding the strength of a particular cryptosystem.

1.2 Background of the Problem

Security is a fundamental issue in the development of information and communication

technology applications. Cryptography is the most established mechanism that can provide

confidentiality, integrity and authentication security services in these applications.

Cryptographic tools provide encryption, key-exchange and hashing functions. Encryption

algorithms consist of symmetric and asymmetric algorithms. Symmetric algorithms use

substitution and transposition of message symbols, while asymmetric algorithms employ

mathematics in providing the strength of the algorithms. Key-exchange provides means of

1

exchanging secret or session keys, while hashing provides means of checking integrity of

messages.

A cryptographic provider is a set of cryptographic tools provided by an organization or

company. There are several cryptographic libraries available, some of which are freely

available. One of them is SunJCE provider that is provided by JavaSoft. However, the

provider only provides implementation for a small number of algorithms.

In addition, there are no available cryptographic library tools implemented locally in

Malaysia. By using other providers, we are unsure if there exists any trapdoor or backdoor in

the coding. By developing our own code for the cryptographic tools, we are certain of the

security of the tools, and there is no restriction for using strong encryption. This project has

developed cryptographic tools, which can work with any other providers. This allows users to

incorporate our tools in existing applications, which may use tools from other providers.

Cryptography is where security engineering meets mathematics. It provides us with the tools

that underlie most modern security protocols. It is probably the key enabling technology for

protecting distributed systems, yet it is surprisingly hard to do right. Cryptography has often

been used to protect the wrong things, or used to protect them in the wrong way. We’ll see

plenty more examples when we start looking in detail at real applications.

The basic terminology is that cryptography refers to the science and art of designing ciphers;

cryptanalysis to the science and art of breaking them; while cryptology, often shortened to

just crypto, is the study of both. The input to an encryption process is commonly called the

plaintext, and the output the ciphertext. Thereafter, things get somewhat more complicated.

There are a number of cryptographic primitives— basic building blocks, such as block

ciphers, stream ciphers, and hash functions. Block ciphers may either have one key for both

encryption and decryption, in which case they’re called shared key (also secret key or

symmetric), or have separate keys for encryption and decryption, in which case they’re called

public key or asymmetric. A digital signature scheme is a special type of asymmetric crypto

primitive.

2

1.3 Objective

This project comprehends the following objectives:

a) To provide locally developed cryptographic tools that are provider independent.

b) To provide cryptographic tools, which students and researchers can do further research on.

c) To obtain comprehensive understanding of mathematic involved in cryptographic tools.

d) To identify and develop classes those are needed in developing cryptographic tools.

1.4 Scope

The scopes of this project are:

a) The provider implements encryption, key-exchange and hashing tool only.

b) Symmetric algorithms that are implemented are triple-DES, IDEA, Rijndael, RC5 and

DES.

c) For asymmetric algorithms, RSA (encryption and digital signature), DSS and ECDSA are

developed.

d) Hashing tools like MD5 and SHA algorithms are developed.

3

CHAPTER -2

IMPLEMENTATION OF CRYPTOGRAPHY

2.1 Introduction

Cryptography can essentially be classified into two types, the symmetric and asymmetric

type. With a secret or symmetric key algorithm, the key is a shared secret between two

communicating parties. Encryption and decryption both use the same key.

The Data Encryption Standard (DES) and the Advanced Encryption Standard (AES) are

examples of symmetric key algorithms. With a public key (PKA) or asymmetric key

algorithm, a pair of keys is used. One of the keys, the private key, is kept secret and not

shared with anyone. The other key, the public key, is not secret and can be shared with

anyone. When data is encrypted by one of the keys, it can only be decrypted and recovered

by using the other key. The two keys are mathematically related, but it is virtually impossible

to derive the private key from the public key. The RSA algorithm is an example of a public

key algorithm Our project includes the study of the symmetric and asymmetric system of

cryptography using DES as an example of symmetric system and RSA as an example of

asymmetric system. DES was implemented in C++ while RSA was implemented in

MATLAB.

2.2 Encryption and decryption

In cryptography, encryption is the process of transforming information (referred to as

plaintext) using an algorithm (called a cipher) to make it unreadable to anyone except those

possessing special knowledge, usually referred to as a key. The result of the process is

encrypted information (in cryptography, referred to as ciphertext). The reverse process, i.e.,

to make the encrypted information readable again, is referred to as decryption (i.e., to make

it unencrypted).

The fundamental objective of cryptography is to enable two people, usually referred to as

Alice and Bob, to communicate over an insecure channel in such a way that an opponent,

Oscar, cannot understand what is being said. This channel could be a telephone line or

computer network, for example. The information that Alice wants to send to Bob, which we

call “plaintext,” can be English text, numerical data, or anything at all — its structure is

completely arbitrary. Alice encrypts the plaintext, using a predetermined key, and sends the

4

resulting ciphertext over the channel. Oscar, upon seeing the ciphertext in the channel by

eavesdropping, cannot determine what the plaintext was; but Bob, who knows the encryption

key, can decrypt the ciphertext and reconstruct the plaintext.

• Plaintext vs. Ciphertext

– P(plaintext): the original form of a message

– C(ciphertext): the encrypted form

• Basic operations

– plaintext to ciphertext: encryption: C = E(P)

– ciphertext to plaintext: decryption: P = D(C)

– requirement: P = D(E(P))

2.2.1 Encryption and Decryption Algorithms

There are two kinds of cryptosystems: symmetric and asymmetric. Symmetric

cryptosystems use the same key (a secret key) to encrypt and decrypt a message, and

asymmetric cryptosystems use one key (the public key) to encrypt a message and a

different key (the private key) to decrypt it, or vice versa. The following is a list of

some popular cryptography algorithms:

DES - the Digital Encryption Standard was developed by IBM and the National

Security Agency (NSA) of the USA in the 50s. DES uses a key of only 56 bits, and

thus it is too weak and easy to be broken with today?¡¥s technology.

IDEA - International Data Encryption Algorithm (IDEA) is a cryptosystem developed

by X. Lai and J. Massey in 1991 to replace the DES standard. It is a symmetric (same

key for encryption and decryption) block cypher, operating on 8 bytes at a time, just

like DES, but with a key of 128 bits.

RC4 - a cypher invented by Ron Rivest, a proprietary system by RSADSI, is used in a

number of commercial systems like Lotus Notes and secure Netscape.

5

Unix Crypt - Many Unix systems come supplied with an encryption system called

crypt. This routine should never be used for encrypting anything because there exist

programs on the net for producing the decrypted text and the key.

RSA - a cipher/algorithm based on the concept of a trapdoor function, which is easily

calculated, but whose inverse is extremely difficult to calculate. The RSA algorithm is

named after Ron Rivest, Adi Shamir and Len Adleman, who invented it in 1977. The

RSA algorithm can be used for both public key encryption and digital signatures. Its

security is based on the difficulty of factoring large integers.

Diffie-Hellman - Diffie-Hellman is the first published the public key cryptographic

algorithm which allows two users to exchange a secret key over an insecure medium

without any prior secrets. It has two system parameters p and g. They are both public

and may be used by all the users in a system. Parameter p is a prime number and

parameter g is an integer less than p, with the following property: for every number n

between 1 and p-1 inclusive, there is a power k of g such that n = gk mod p.

PGP - a public key system for encrypting electronic mail using the RSA public key

cypher. It encrypts the message using the IDEA cypher with a randomly generated

key. It then encrypts the key using the recipients public key. When the recipient

receives the message, PGP uses his private RSA key to decrypt the IDEA key and

then uses that IDEA key to decrypt the message.

2.3 Types of cryptography

• Symmetric Cryptosystem: KE =KD

• Asymmetric Cryptosystem: KE is not =KD

6

2.4. Ciphers

A cipher is an algorithm for performing encryption (and the reverse, decryption) — a series

of well-defined steps that can be followed as a procedure. An alternative term is

encipherment. The original information is known as plaintext, and the encrypted form as

ciphertext. The ciphertext message contains all the information of the plaintext message, but

is not in a format readable by a human or computer without the proper mechanism to decrypt

it; it should resemble random gibberish to those not intended to read it. Ciphers are usually

parameterised by a piece of auxiliary information, called a key. The encrypting procedure is

varied depending on the key which changes the detailed operation of the algorithm. Without

the key, the cipher cannot be used to encrypt, or more importantly, to decrypt.

In non-technical usage, a "cipher" is the same thing as a "(secret) code"; however, in

technical discussions they are distinguished into two concepts: codes work at the level of

meaning; that is, words or phrases are converted into something else, while ciphers work at a

lower level: the level of individual letters, or small groups of letters — or in modern ciphers,

individual bits.

Historically, cryptography was split into a dichotomy of codes and ciphers, and coding had its

own terminology, analogous to that for ciphers: "encoding, code text, decoding" and so on.

However, codes have a variety of drawbacks, including susceptibility to cryptanalysis and the

difficulty of managing a cumbersome codebook. Because of this, codes have fallen into

disuse in modern cryptography, and ciphers are the dominant paradigm.

2.4.1. Types of cipher

There are a variety of different types of encryption. Algorithms used earlier in the history of

cryptography are substantially different to modern methods, and modern ciphers can be

classified according to how they operate and whether they use one or two keys.

Encryption methods can be divided into symmetric key algorithm. A symmetric-key

algorithm is an algorithm for cryptography that uses the same cryptographic key to encrypt

and decrypt the message. Actually, it is sufficient for it to be easy to compute the decryption

key from the encryption key and vice versa. In cryptography, an asymmetric key algorithm

uses a pair of different, though related, cryptographic keys to encrypt and decrypt. The two

keys are related mathematically; a message encrypted by the algorithm using one key can be

decrypted by the same algorithm (e.g., RSA), there are two separate keys: a public key is

7

published and enables any sender to perform encryption, while a private key is kept secret by

the receiver and enables him to perform decryption. Common asymmetric encryption

algorithms available today are all based on the Diffie-Hellman key agreement algorithm.

Symmetric key ciphers can be distinguished into two types, depending on whether they work

on blocks of symbols usually of a fixed size ( block ciphers), or on a continuous stream of

symbols ( stream ciphers).

2.5 Keys

In cryptography, a key is a piece of information (a parameter) that determines the functional

output of a cryptographic algorithm or cipher. Without a key, the algorithm would produce no

useful result. In encryption, a key specifies the particular transformation of plaintext into

ciphertext, or vice versa during decryption. Keys are also used in other cryptographic

algorithms, such as digital signature schemes and message authentication codes.

Keys are of two types:

1. Symmetric.

2. Asymmetric.

Encryption algorithms which use the same key for both encryption and decryption are known

as symmetric key algorithms. A newer class of "public key" cryptographic algorithms was

invented in the 1970s which uses a pair of keys, one to encrypt and one to decrypt. These

asymmetric key algorithms allow one key to be made public while retaining the private key

in only one location. They are designed so that finding out the private key is extremely

difficult, even if the corresponding public key is known. A user of public key technology can

publish their public key, while keeping their private key secret, allowing anyone to send them

an encrypted message.

2.5.1. A postal analogy

An analogy which can be used to understand the advantages of an asymmetric system is to

imagine two people, Alice and Bob, sending a secret message through the public mail. In this

example, Alice has the secret message and wants to send it to Bob, after which Bob sends a

secret reply.

8

With a symmetric key system, Alice first puts the secret message in a box, and then locks the

box using a padlock to which she has a key. She then sends the box to Bob through regular

mail. When Bob receives the box, he uses an identical copy of Alice's key (which he has

somehow obtained previously) to open the box, and reads the message. Bob can then use the

same padlock to send his secret reply.

In an asymmetric key system, Bob and Alice have separate padlocks. Firstly, Alice asks Bob

to send his open padlock to her through regular mail, keeping his key to himself. When Alice

receives it she uses it to lock a box containing her message, and sends the locked box to Bob.

Bob can then unlock the box with his key and read the message from Alice. To reply, Bob

must similarly get Alice's open padlock to lock the box before sending it back to her. The

critical advantage in an asymmetric key system is that Bob and Alice never need send a copy

of their keys to each other. This substantially reduces the chance that a third party (perhaps,

in the example, an corrupted postal worker) will copy a key while is in transit, allowing said

third party to spy on all future messages sent between Alice and Bob. In addition, if Bob were

to be careless and allow someone else to copy his key, Alice's messages to Bob will be

compromised, but Alice's messages to other people would remain secret, since the other

people would be providing different padlocks for Alice to use.

Fortunately cryptography is not concerned with actual padlocks, but with encryption

algorithms which aren't vulnerable to hacksaws, bolt cutters, or liquid nitrogen attacks.

Not all asymmetric key algorithms operate in precisely this fashion. The most common have

the property that Alice and Bob own two keys; neither of which is (so far as is known)

deducible from the other. This is known as public-key cryptography, since one key of the pair

can be published without affecting message security. In the analogy above, Bob might

publish instructions on how to make a lock ("public key"), but the lock is such that it is

impossible (so far as is known) to deduce from these instructions how to make a key which

will open that lock ("private key"). Those wishing to send messages to Bob use the public

key to encrypt the message; Bob uses his private key to decrypt it.

Of course, there is the possibility that someone could "pick" Bob's or Alice's lock. Unlike the

case of the one-time pad or its equivalents, there is no currently known asymmetric key

algorithm which has been proven to be secure against a mathematical attack. That is, it is not

known to be impossible that some relation between the keys in a key pair, or a weakness in

an algorithm's operation, might be found which would allow decryption without either key, or

9

using only the encryption key. The security of asymmetric key algorithms is based on

estimates of how difficult the underlying mathematical problem is to solve. Such estimates

have changed both with the decreasing cost of computer power, and with new mathematical

discoveries. Weaknesses have been found for promising asymmetric key algorithms in the

past.

The 'knapsack packing' algorithm was found to be insecure when an unsuspected attack came

to light. Recently, some attacks based on careful measurements of the exact amount of time it

takes known hardware to encrypt plain text have been used to simplify the search for likely

decryption keys. Thus, use of asymmetric key algorithms does not ensure security; it is an

area of active research to discover and protect against new and unexpected attacks.

Another potential weakness in the process of using asymmetric keys is the possibility of a

'Man in the Middle' attack, whereby the communication of public keys is intercepted by a

third party and modified to provide the third party's own public keys instead. The encrypted

response also must be intercepted, decrypted and re-encrypted using the correct public key in

all instances however to avoid suspicion, making this attack difficult to implement in

practice.

The first known asymmetric key algorithm was invented by Clifford Cocks of GCHQ in the

UK. It was not made public at the time, and was reinvented by Rivest, Shamir, and Adleman

at MIT in 1976. It is usually referred to as RSA as a result. RSA relies for its security on the

difficulty of factoring very large integers. A breakthrough in that field would cause

considerable problems for RSA's security. Currently, RSA is vulnerable to an attack by

factoring the 'modulus' part of the public key, even when keys are properly chosen, for keys

shorter than perhaps 700 bits. Most authorities suggest that 1024 bit keys will be secure for

some time, barring a fundamental breakthrough in factoring practice, but others favor even

longer keys.

At least two other asymmetric algorithms were invented after the GCHQ work, but before the

RSA publication. These were the Ralph Merkle puzzle cryptographic system and the Diffie-

Hellman system. Well after RSA's publication, Taher Elgamal invented the Elgamal discrete

log cryptosystem which relies on the difficulty of inverting logs in a finite field. It is used in

the Secure Sockets Layer SSL and Transport Layer Security TLS , its successor, are

cryptographic protocols which provide secure communications on the Internet. A relatively

new addition to the class of asymmetric key algorithms is elliptic curve cryptography. Elliptic

10

curve cryptography (ECC is an approach to public-key cryptography based on the

mathematics of elliptic curves. Proponents claim that ECC can be faster and use smaller keys

than older methods — such as RSA — while providing an equivalent level of. While it is

more complex computationally, many believe it to represent a more difficult mathematical

problem than either the factorisation or discrete logarithm problems.

2.5. Summary

Cryptography is an interdisciplinary subject, drawing from several fields. Before the time of

computers, it was closely related to linguistics. Nowadays the emphasis has shifted, and

cryptography makes extensive use of technical areas of mathematics, especially those areas

collectively known as discrete mathematics. This includes topics from number theory,

information theory, computational complexity, statistics and combinatorics. The security of

all practical encryption schemes remains unproven, both for symmetric and asymmetric

schemes. For symmetric ciphers, confidence gained in an algorithm is usually anecdotal —

e.g. no successful attack has been reported on an algorithm for several years despite intensive

analysis. Such a cipher might also have provable security against a limited class of attacks.

For asymmetric schemes, it is common to rely on the difficulty of the associated

mathematical problem, but this, too, is not provably secure. Surprisingly, it is proven that

cryptography has only one secure cipher: the one-time pad. However, it requires keys (at

least) as long as the plaintext, so it was almost always too cumbersome to use.

11

CHAPTER -3

DES ALGORITHM

3.1 DES ALGORITHM

The DES (Data Encryption Standard) algorithm is the most widely used encryption algorithm

in the world. For many years, and among many people, "secret code making" and DES have

been synonymous. And despite the recent coup by the Electronic Frontier Foundation in

creating a $220,000 machine to crack DES-encrypted messages, DES will live on in

government and banking for years to come through a life- extending version called "triple-

DES."

How does DES work? This article explains the various steps involved in DES encryption,

illustrating each step by means of a simple example. Since the creation of DES, many other

algorithms (recipes for changing data) have emerged which are based on design principles

similar to DES. Once you understand the basic transformations that take place in DES, you

will find it easy to follow the steps involved in these more recent algorithms.

But first a bit of history of how DES came about is appropriate, as well as a look toward the

future.

The National Bureau of Standards Coaxes the Genie from the Bottle On May 15, 1973,

during the reign of Richard Nixon, the National Bureau of Standards (NBS) published a

notice in the Federal Register soliciting proposals for cryptographic algorithms to protect data

during transmission and storage. The notice explained why encryption was an important

issue.

Over the last decade, there has been an accelerating increase in the accumulations and

communication of digital data by government, industry and by other organizations in the

private sector. The contents of these communicated and stored data often have very

significant value and/or sensitivity. It is now common to find data transmissions which

constitute funds transfers of several million dollars, purchase or sale of securities, warrants

for arrests or arrest and conviction records being communicated between law enforcement

agencies, airline reservations and ticketing representing investment and value both to the

airline and passengers, and health and patient care records transmitted among physicians and

treatment centers. The increasing volume, value and confidentiality of these records regularly

12

transmitted and stored by commercial and government agencies has led to heightened

recognition and concern over their exposures to unauthorized access and use. This misuse can

be in the form of theft or defalcations of data records representing money, malicious

modification of business inventories or the interception and misuse of confidential

information about people. The need for protection is then apparent and urgent.

It is recognized that encryption (otherwise known as scrambling, enciphering or privacy

transformation) represents the only means of protecting such data during transmission and a

useful means of protecting the content of data stored on various media, providing encryption

of adequate strength can be devised and validated and is inherently integrable into system

architecture. The National Bureau of Standards solicits proposed techniques and algorithms

for computer data encryption. The Bureau also solicits recommended techniques for

implementing the cryptographic function: for generating, evaluating, and protecting

cryptographic keys; for maintaining files encoded under expiring keys; for making partial

updates to encrypted files; and mixed clear and encrypted data to permit labelling, polling,

routing, etc. The Bureau in its role for establishing standards and aiding government and

industry in assessing technology, will arrange for the evaluation of protection methods in

order to prepare guidelines.

NBS waited for the responses to come in. It received none until August 6, 1974, three days

before Nixon's resignation, when IBM submitted a candidate that it had developed internally

under the name LUCIFER. After evaluating the algorithm with the help of the National

Security Agency (NSA), the NBS adopted a modification of the LUCIFER algorithm as the

new Data Encryption Standard (DES) on July 15, 1977. DES was quickly adopted for non-

digital media, such as voice-grade public telephone lines. Within a couple of years, for

example, International Flavors and Fragrances was using DES to protect its valuable

formulas transmitted over the phone ("With Data Encryption, Scents Are Safe at IFF,"

Computerworld 14, No. 21, 95 (1980).) Meanwhile, the banking industry, which is the largest

user of encryption outside government, adopted DES as a wholesale banking standard.

Standards for the wholesale banking industry are set by the American National Standards

Institute (ANSI). ANSI X3.92, adopted in 1980, specified the use of the DES algorithm.

13

Some Preliminary Examples of DES

DES works on bits, or binary numbers--the 0s and 1s common to digital computers. Each

group of four bits makes up a hexadecimal, or base 16, number. Binary "0001" is equal to the

hexadecimal number "1", binary "1000" is equal to the hexadecimal number "8", "1001" is

equal to the hexadecimal number "9", "1010" is equal to the hexadecimal number "A", and

"1111" is equal to the hexadecimal number "F". DES works by encrypting groups of 64

message bits, which is the same as 16 hexadecimal numbers. To do the encryption, DES uses

"keys" where are also apparently 16 hexadecimal numbers long, or apparently 64 bits long.

However, every 8th key bit is ignored in the DES algorithm, so that the effective key size is

56 bits. But, in any case, 64 bits (16 hexadecimal digits) is the round number upon which

DES is organized.

For example, if we take the plaintext message "8787878787878787", and encrypt it with the

DES key "0E329232EA6D0D73", we end up with the ciphertext "0000000000000000". If the

14

ciphertext is decrypted with the same secret DES key "0E329232EA6D0D73", the result is

the original plaintext "8787878787878787".

This example is neat and orderly because our plaintext was exactly 64 bits long. The same

would be true if the plaintext happened to be a multiple of 64 bits. But most messages will

not fall into this category. They will not be an exact multiple of 64 bits (that is, an exact

multiple of 16 hexadecimal numbers).

For example, take the message "Your lips are smoother than vaseline". This plaintext

message is 38 bytes (76 hexadecimal digits) long. So this message must be padded with some

extra bytes at the tail end for the encryption. Once the encrypted message has been decrypted,

these extra bytes are thrown away. There are, of course, different padding schemes--different

ways to add extra bytes. Here we will just add 0s at the end, so that the total message is a

multiple of 8 bytes (or 16 hexadecimal digits, or 64 bits).

The plaintext message "Your lips are smoother than vaseline" is, in hexadecimal,

"596F7572206C6970 732061726520736D 6F6F746865722074 68616E2076617365

6C696E650D0A".

(Note here that the first 72 hexadecimal digits represent the English message, while "0D" is

hexadecimal for Carriage Return, and "0A" is hexadecimal for Line Feed, showing that the

message file has terminated.) We then pad this message with some 0s on the end, to get a

total of 80 hexadecimal digits: "596F7572206C6970 732061726520736D

6F6F746865722074 68616E2076617365 6C696E650D0A0000".

If we then encrypt this plaintext message 64 bits (16 hexadecimal digits) at a time, using the

same DES key "0E329232EA6D0D73" as before, we get the ciphertext:

"C0999FDDE378D7ED 727DA00BCA5A84EE 47F269A4D6438190 9DD52F78F5358499

828AC9B453E0E653".

This is the secret code that can be transmitted or stored. Decrypting the ciphertext restores the

original message "Your lips are smoother than vaseline". (Think how much better off Bill

Clinton would be today, if Monica Lewinsky had used encryption on her Pentagon

computer!)

DES Working in Detail

15

Figure 3.2 Simplified DES encryption

DES is a block cipher--meaning it operates on plaintext blocks of a given size (64-bits) and

returns ciphertext blocks of the same size. Thus DES results in a permutation among the 2^64

(read this as: "2 to the 64th power") possible arrangements of 64 bits, each of which may be

either 0 or 1. Each block of 64 bits is divided into two blocks of 32 bits each, a left half block

L and a right half R. (This division is only used in certain operations.)

Example: Let M be the plain text message M = 0123456789ABCDEF, where M is in

hexadecimal (base 16) format. Rewriting M in binary format, we get the 64-bit block of text:

M = 0000 0001 0010 0011 0100 0101 0110 0111 1000 1001 1010 1011 1100 1101 1110

1111

16

L = 0000 0001 0010 0011 0100 0101 0110 0111

R = 1000 1001 1010 1011 1100 1101 1110 1111

The first bit of M is "0". The last bit is "1". We read from left to right. DES operates on the

64-bit blocks using key sizes of 56- bits. The keys are actually stored as being 64 bits long,

but every 8th bit in the key is not used (i.e. bits numbered 8, 16, 24, 32, 40, 48, 56, and 64).

However, we will nevertheless number the bits from 1 to 64, going left to right, in the

following calculations. But, as you will see, the eight bits just mentioned get eliminated when

we create subkeys.

Example: Let K be the hexadecimal key K = 133457799BBCDFF1. This gives us as the

binary key (setting 1 = 0001, 3 = 0011, etc., and grouping together every eight bits, of which

the last one in each group will be unused):

K = 00010011 00110100 01010111 01111001 10011011 10111100 11011111 11110001

The DES algorithm uses the following steps:

Step 1: Create 16 subkeys, each of which is 48-bits long.

The 64-bit key is permuted according to the following table, PC-1. Since the first entry in the

table is "57", this means that the 57th bit of the original key K becomes the first bit of the

permuted key K+. The 49th bit of the original key becomes the second bit of the permuted

key. The 4th bit of the original key is the last bit of the permuted key. Note only 56 bits of the

original key appear in the permuted key.

PC-1

57 49 41 33 25 17 9

1 58 50 42 34 26 18

10 2 59 51 43 35 27

19 11 3 60 52 44 36

63 55 47 39 31 23 15

7 62 54 46 38 30 22

14 6 61 53 45 37 29

21 13 5 28 20 12 4

17

Example: From the original 64-bit key

K = 00010011 00110100 01010111 01111001 10011011 10111100 11011111 11110001

we get the 56-bit permutation

K+ = 1111000 0110011 0010101 0101111 0101010 1011001 1001111 0001111

Next, split this key into left and right halves, C0 and D0, where each half has 28 bits.

Example: From the permuted key K+, we get

C0 = 1111000 0110011 0010101 0101111 D0 = 0101010 1011001 1001111 0001111 With

C0 and D0 defined, we now create sixteen blocks Cn and Dn, 1<=n<=16. Each pair of blocks

Cn and Dn is formed from the previous pair Cn-1 and Dn-1, respectively, for n = 1, 2, ..., 16,

using the following schedule of "left shifts" of the previous block. To do a left shift, move

each bit one place to the left, except for the first bit, which is cycled to the end of the block.

Iteration Number of

Number Left Shifts

1 1

2 1

3 2

4 2

5 2

6 2

7 2

8 2

9 1

10 2

11 2

12 2

13 2

14 2

15 2

16 1

18

This means, for example, C3 and D3 are obtained from C2 and D2, respectively, by two left

shifts, and C16 and D16 are obtained from C15 and D15, respectively, by one left shift. In all

cases, by a single left shift is meant a rotation of the bits one place to the left, so that after one

left shift the bits in the 28 positions are the bits that were previously in positions 2, 3,..., 28, 1.

Example: From original pair pair C0 and D0 we obtain:

C0 = 1111000011001100101010101111

D0 = 0101010101100110011110001111

C1 = 1110000110011001010101011111

D1 = 1010101011001100111100011110

C2 = 1100001100110010101010111111

D2 = 0101010110011001111000111101

C3 = 0000110011001010101011111111

D3 = 0101011001100111100011110101

C4 = 0011001100101010101111111100

D4 = 0101100110011110001111010101

C5 = 1100110010101010111111110000

D5 = 0110011001111000111101010101

C6 = 0011001010101011111111000011

D6 = 1001100111100011110101010101

C7 = 1100101010101111111100001100

D7 = 0110011110001111010101010110

C8 = 0010101010111111110000110011

D8 = 1001111000111101010101011001

C9 = 0101010101111111100001100110

19

D9 = 0011110001111010101010110011

C10 = 0101010111111110000110011001

D10 = 1111000111101010101011001100

C11 = 0101011111111000011001100101

D11 = 1100011110101010101100110011

C12 = 0101111111100001100110010101

D12 = 0001111010101010110011001111

C13 = 0111111110000110011001010101

D13 = 0111101010101011001100111100

C14 = 1111111000011001100101010101

D14 = 1110101010101100110011110001

C15 = 1111100001100110010101010111

D15 = 1010101010110011001111000111

C16 = 1111000011001100101010101111

D16 = 0101010101100110011110001111

We now form the keys Kn, for 1<=n<=16, by applying the following permutation table to

each of the concatenated pairs CnDn. Each pair has 56 bits, but PC-2 only uses 48 of these.

PC-2

14 17 11 24 1 5

3 28 15 6 21 10

23 19 12 4 26 8

16 7 27 20 13 2

41 52 31 37 47 55

20

30 40 51 45 33 48

44 49 39 56 34 53

46 42 50 36 29 32

Therefore, the first bit of Kn is the 14th bit of CnDn, the second bit the 17th, and so on,

ending with the 48th bit of Kn being the 32th bit of CnDn.

Example: For the first key we have C1D1 = 1110000 1100110 0101010 1011111

1010101 0110011 0011110 0011110

which, after we apply the permutation PC-2, becomes

K1 = 000110 110000 001011 101111 111111 000111 000001 110010

For the other keys we have

K2 = 011110 011010 111011 011001 110110 111100 100111 100101

K3 = 010101 011111 110010 001010 010000 101100 111110 011001

K4 = 011100 101010 110111 010110 110110 110011 010100 011101

K5 = 011111 001110 110000 000111 111010 110101 001110 101000

K6 = 011000 111010 010100 111110 010100 000111 101100 101111

K7 = 111011 001000 010010 110111 111101 100001 100010 111100

K8 = 111101 111000 101000 111010 110000 010011 101111 111011

K9 = 111000 001101 101111 101011 111011 011110 011110 000001

K10 = 101100 011111 001101 000111 101110 100100 011001 001111

K11 = 001000 010101 111111 010011 110111 101101 001110 000110

K12 = 011101 010111 000111 110101 100101 000110 011111 101001

K13 = 100101 111100 010111 010001 111110 101011 101001 000001

K14 = 010111 110100 001110 110111 111100 101110 011100 111010

21

K15 = 101111 111001 000110 001101 001111 010011 111100 001010

K16 = 110010 110011 110110 001011 000011 100001 011111 110101

So much for the subkeys. Now we look at the message itself.

Step 2: Encode each 64-bit block of data.

There is an initial permutation IP of the 64 bits of the message data M. This rearranges the

bits according to the following table, where the entries in the table show the new arrangement

of the bits from their initial order. The 58th bit of M becomes the first bit of IP. The 50th bit

of M becomes the second bit of IP. The 7th bit of M is the last bit of IP.

IP

58 50 42 34 26 18 10 2

60 52 44 36 28 20 12 4

62 54 46 38 30 22 14 6

64 56 48 40 32 24 16 8

57 49 41 33 25 17 9 1

59 51 43 35 27 19 11 3

61 53 45 37 29 21 13 5

63 55 47 39 31 23 15 7

Example: Applying the initial permutation to the block of text M, given previously, we

get

M = 0000 0001 0010 0011 0100 0101 0110 0111 1000 1001 1010 1011 1100 1101 1110

1111

IP = 1100 1100 0000 0000 1100 1100 1111 1111 1111 0000 1010 1010 1111 0000 1010

1010

22

Here the 58th bit of M is "1", which becomes the first bit of IP. The 50th bit of M is "1",

which becomes the second bit of IP. The 7th bit of M is "0", which becomes the last bit of IP.

Next divide the permuted block IP into a left half L0 of 32 bits, and a right half R0 of 32 bits.

Example: From IP, we get L0 and R0

L0 = 1100 1100 0000 0000 1100 1100 1111 1111

R0 = 1111 0000 1010 1010 1111 0000 1010 1010

We now proceed through 16 iterations, for 1<=n<=16, using a function f which operates on

two blocks--a data block of 32 bits and a key Kn of 48 bits--to produce a block of 32 bits. Let

+ denote XOR addition, (bit-by-bit addition modulo 2). Then for n going from 1 to 16 we

calculate

Ln = Rn-1

Rn = Ln-1 + f(Rn-1,Kn)

This results in a final block, for n = 16, of L16R16. That is, in each iteration, we take the

right 32 bits of the previous result and make them the left 32 bits of the current step. For the

right 32 bits in the current step, we XOR the left 32 bits of the previous step with the

calculation f .

Example: For n = 1, we have

K1 = 000110 110000 001011 101111 111111 000111 000001 110010

L1 = R0 = 1111 0000 1010 1010 1111 0000 1010 1010

R1 = L0 + f(R0,K1)

It remains to explain how the function f works. To calculate f, we first expand each block Rn-

1 from 32 bits to 48 bits. This is done by using a selection table that repeats some of the bits

in Rn-1 . We'll call the use of this selection table the function E. Thus E (Rn-1) has a 32 bit

input block, and a 48 bit output block.

Let E be such that the 48 bits of its output, written as 8 blocks of 6 bits each, are obtained by

selecting the bits in its inputs in order according to the following table:

23

E BIT-SELECTION TABLE

32 1 2 3 4 5

4 5 6 7 8 9

8 9 10 11 12 13

12 13 14 15 16 17

16 17 18 19 20 21

20 21 22 23 24 25

24 25 26 27 28 29

28 29 30 31 32 1

Thus the first three bits of E(Rn-1) are the bits in positions 32, 1 and 2 of Rn-1 while the last

2 bits of E(Rn-1) are the bits in positions 32 and 1.

Example: We calculate E(R0) from R0 as follows:

R0 = 1111 0000 1010 1010 1111 0000 1010 1010

E(R0) = 011110 100001 010101 010101 011110 100001 010101 010101

(Note that each block of 4 original bits has been expanded to a block of 6 output bits.) Next in

the f calculation, we XOR the output E(Rn-1) with the key Kn:

Kn + E(Rn-1).

Example: For K1 , E(R0), we have

K1 = 000110 110000 001011 101111 111111 000111 000001 110010

E(R0) = 011110 100001 010101 010101 011110 100001 010101 010101

K1+E(R0) = 011000 010001 011110 111010 100001 100110 010100 100111.

We have not yet finished calculating the function f . To this point we have expanded Rn- 1

from 32 bits to 48 bits, using the selection table, and XORed the result with the key Kn . We

now have 48 bits, or eight groups of six bits. We now do something strange with each group

24

of six bits: we use them as addresses in tables called "S boxes". Each group of six bits will

give us an address in a different S box. Located at that address will be a 4 bit number. This 4

bit number will replace the original 6 bits. The net result is that the eight groups of 6 bits are

transformed into eight groups of 4 bits (the 4-bit outputs from the S boxes) for 32 bits total.

Write the previous result, which is 48 bits, in the form:

Kn + E(Rn-1) =B1B2B3B4B5B6B7B8, where each Bi is a group of six bits. We now

calculate S1(B1)S2(B2)S3(B3)S4(B4)S5(B5)S6(B6)S7(B7)S8(B8) where Si(Bi) referres to

the output of the i-th S box. To repeat, each of the functions S1, S2,..., S8, takes a 6-bit block

as input and yields a 4- bit block as output. The table to determine S1 is shown and explained

below:

S1

Column Number

Row

No. 0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15

0 14 4 13 1 2 15 11 8 3 10 6 12 5 9 0 7

1 0 15 7 4 14 2 13 1 10 6 12 11 9 5 3 8

2 4 1 14 8 13 6 2 11 15 12 9 7 3 10 5 0

3 15 12 8 2 4 9 1 7 5 11 3 14 10 0 6 13

If S1 is the function defined in this table and B is a block of 6 bits, then S1(B) is determined

as follows: The first and last bits of B represent in base 2 a number in the decimal range 0 to

3 (or binary 00 to 11). Let that number be i. The middle 4 bits of B represent in base 2 a

number in the decimal range 0 to 15 (binary 0000 to 1111). Let that number be j. Look up in

the table the number in the i-th row and j-th column. It is a number in the range 0 to 15 and is

uniquely represented by a 4 bit block. That block is the output S1(B) of S1 for the input B.

For example, for input block B = 011011 the first bit is "0" and the last bit "1" giving 01 as

the row. This is row 1. The middle four bits are "1101". This is the binary equivalent of

decimal 13, so the column is column number 13.

25

In row 1, column 13 appears 5. This determines the output; 5 is binary 0101, so that the

output is 0101. Hence S1(011011) = 0101.

The tables defining the functions S1,...,S8 are the following:

S1

14 4 13 1 2 15 11 8 3 10 6 12 5 9 0 7

0 15 7 4 14 2 13 1 10 6 12 11 9 5 3 8

4 1 14 8 13 6 2 11 15 12 9 7 3 10 5 0

15 12 8 2 4 9 1 7 5 11 3 14 10 0 6 13

S2

15 1 8 14 6 11 3 4 9 7 2 13 12 0 5 10

3 13 4 7 15 2 8 14 12 0 1 10 6 9 11 5

0 14 7 11 10 4 13 1 5 8 12 6 9 3 2 15

13 8 10 1 3 15 4 2 11 6 7 12 0 5 14 9

S3

10 0 9 14 6 3 15 5 1 13 12 7 11 4 2 8

13 7 0 9 3 4 6 10 2 8 5 14 12 11 15 1

13 6 4 9 8 15 3 0 11 1 2 12 5 10 14 7

1 10 13 0 6 9 8 7 4 15 14 3 11 5 2 12

S4

7 13 14 3 0 6 9 10 1 2 8 5 11 12 4 15

13 8 11 5 6 15 0 3 4 7 2 12 1 10 14 9

10 6 9 0 12 11 7 13 15 1 3 14 5 2 8 4

3 15 0 6 10 1 13 8 9 4 5 11 12 7 2 14

26

S5

2 12 4 1 7 10 11 6 8 5 3 15 13 0 14 9

14 11 2 12 4 7 13 1 5 0 15 10 3 9 8 6

4 2 1 11 10 13 7 8 15 9 12 5 6 3 0 14

11 8 12 7 1 14 2 13 6 15 0 9 10 4 5 3

S6

12 1 10 15 9 2 6 8 0 13 3 4 14 7 5 11

10 15 4 2 7 12 9 5 6 1 13 14 0 11 3 8

9 14 15 5 2 8 12 3 7 0 4 10 1 13 11 6

4 3 2 12 9 5 15 10 11 14 1 7 6 0 8 13

S7

4 11 2 14 15 0 8 13 3 12 9 7 5 10 6 1

13 0 11 7 4 9 1 10 14 3 5 12 2 15 8 6

1 4 11 13 12 3 7 14 10 15 6 8 0 5 9 2

6 11 13 8 1 4 10 7 9 5 0 15 14 2 3 12

S8

13 2 8 4 6 15 11 1 10 9 3 14 5 0 12 7

1 15 13 8 10 3 7 4 12 5 6 11 0 14 9 2

7 11 4 1 9 12 14 2 0 6 10 13 15 3 5 8

2 1 14 7 4 10 8 13 15 12 9 0 3 5 6 11

Example: For the first round, we obtain as the output of the eight S boxes:

K1 + E(R0) = 011000 010001 011110 111010 100001 100110 010100 100111.

S1(B1)S2(B2)S3(B3)S4(B4)S5(B5)S6(B6)S7(B7)S8(B8) = 0101 1100 1000 0010 1011

27

0101 1001 0111

The final stage in the calculation of f is to do a permutation P of the S-box output to obtain

the final value of f:

f = P(S1(B1)S2(B2)...S8(B8))

The permutation P is defined in the following table. P yields a 32-bit output from a 32- bit

input by permuting the bits of the input block.

P

16 7 20 21

29 12 28 17

1 15 23 26

5 18 31 10

2 8 24 14

32 27 3 9

19 13 30 6

22 11 4 25

Example: From the output of the eight S boxes:

S1(B1)S2(B2)S3(B3)S4(B4)S5(B5)S6(B6)S7(B7)S8(B8) = 0101 1100 1000 0010 1011

0101 1001 0111 we get

f = 0010 0011 0100 1010 1010 1001 1011 1011

R1 = L0 + f(R0 , K1 ) = 1100 1100 0000 0000 1100 1100 1111 1111 + 0010 0011 0100 1010

1010 1001 1011 1011 = 1110 1111 0100 1010 0110 0101 0100 0100

In the next round, we will have L2 = R1, which is the block we just calculated, and then we

must calculate R2 =L1 + f(R1, K2), and so on for 16 rounds. At the end of the sixteenth

round we have the blocks L16 and R16. We then reverse the order of the two blocks into the

64-bit block R16L16 and apply a final permutation IP-1 as defined by the following table:

28

IP-1

40 8 48 16 56 24 64 32

39 7 47 15 55 23 63 31

38 6 46 14 54 22 62 30

37 5 45 13 53 21 61 29

36 4 44 12 52 20 60 28

35 3 43 11 51 19 59 27

34 2 42 10 50 18 58 26

33 1 41 9 49 17 57 25

That is, the output of the algorithm has bit 40 of the preoutput block as its first bit, bit 8 as its

second bit, and so on, until bit 25 of the preoutput block is the last bit of the output.

Example: If we process all 16 blocks using the method defined previously, we get, on the

16th round,

L16 = 0100 0011 0100 0010 0011 0010 0011 0100

R16 = 0000 1010 0100 1100 1101 1001 1001 0101

We reverse the order of these two blocks and apply the final permutation to

R16L16 = 00001010 01001100 11011001 10010101 01000011 01000010 00110010

00110100

IP-1 = 10000101 11101000 00010011 01010100 00001111 00001010 10110100 00000101

which in hexadecimal format is 85E813540F0AB405.

This is the encrypted form of M = 0123456789ABCDEF: namely, C = 85E813540F0AB405.

Decryption is simply the inverse of encryption, follwing the same steps as above, but

reversing the order in which the subkeys are applied.

29

3.2. RSA algorithm

RSA it is an asymmetric algorithm and plays a key role in public key cryptography. It is

widely used in electronic commerce protocols. The algorithm was described in 1977 by Ron

Rivest, Adi Shamir and Len Adleman who were all at MIT at the time; the letters RSA are

the initials of their surnames. Clifford Cocks, a British mathematician working for GCHQ,

described an equivalent system in an internal document in 1973. His discovery, however, was

not revealed until 1997 due to its top-secret classification.

The security of the RSA system relies on the difficulty of factoring very large numbers; were

such factorization to be quick, cryptanalysis of RSA messages would be quick as well. New

fast algorithms in this field could render the RSA algorithm insecure. A working quantum

computer Molecule of alanine used in NMR implementation of error correction. Qubits are

implemented by spin states of carbon atoms. A quantum computer is any device for

computation that makes direct use of distinctively quantum mechanical phenomena, such as

superp implementing Shor's algorithmShor's algorithm is a quantum algorithm for factoring a

number N in O((log N 3) time and O(log N space, named after Peter Shor. Many public key

cryptosystems, such as RSA, will become obsolete if Shor's algorithm is ever implemented in

a practical quantum could render RSA insecure through fast factorization. However, this is

generally considered not a problem in the short term.

At the moment, just as for all ciphers, inadequately long RSA keys are vulnerable to a brute

force search approach. The likely effect of an improvement in factoring technique will be to

increase the size of adequately long RSA keys. As of 2004, there is no known method of

attack which is feasible against the basic algorithm, and sufficiently long. In cryptography,

the key size (alternatively key length is a measure of the number of possible keys which can

be used in a cipher. Because modern cryptography uses binary keys, the length is usually

specified in bits. The length of a key is critical in de RSA keys make brute force attacks

infeasible -- that is, effectively impossible [7]. The algorithm was patented by MIT in 1983.

Suppose a user Alice wishes to allow Bob to send her a private message over an insecure

transmission medium. She takes the following steps to generate a public key and a private

key:

1. Choose two large prime numbers. In mathematics, a prime number or prime for short, is a

natural number whose only distinct positive divisors are 1 and itself; otherwise it is called a

30

composite number. Hence a prime number has exactly two divisors. The number 1 is neither

prime nor com p ≠ q randomly and independently of each other. Compute N = p q.

2. Choose an integer 1 < e < N which is coprime to (p-1)(q-1).

3. Compute d such that d e ≡ 1 (mod (p-1)(q-1)).

• (Steps 2 and 3 can be performed with the extended Euclidean algorithm; see modular

arithmetic.)

• (Step 3, rewritten, can also be found by finding integer x which causes d = (x(p-1)(q-1) +

1)/e to be an integer, then using the value of d (mod (p-1)(q-1)). N and e are the public key,

and N and d are the private key. Note that only d is a secret as N is known to the public. Alice

transmits the public key to Bob, and keeps the private key secret. p and q are also very

sensitive since they are the factors of N, and allow computation of d given e. They are

sometimes securely deleted, and sometimes kept secret along with d in order to speed up

decryption and signing using the Chinese Remainder Theorem.

A working example

Here is an example of RSA encryption and decryption. The parameters used here are

artificially small, but one can also use OpenSSL to generate and examine a real keypair.

Choose two distinct prime numbers, such as

and .

Compute giving

n = 61 × 53 = 3,233.

Compute the totient of the product as giving

.

Choose any number that is coprime to 3,120. Choosing a prime number for

leaves us only to check that is not a divisor of 3120.

Let .

31

Compute , the modular multiplicative inverse of yielding

.

The public key is ( , ). For a padded plaintext message , the

encryption function is .

The private key is ( , ). For an encrypted ciphertext , the

decryption function is .

For instance, in order to encrypt , we calculate

.

To decrypt , we calculate

.

Both of these calculations can be computed efficiently using the square-and-multiply

algorithm for modular exponentiation. In real life situations the primes selected would be

much larger; in our example it would be relatively trivial to factor , 3,233, obtained from

the freely available public key back to the primes and . Given , also from the public key,

we could then compute and so acquire the private key.

Practical implementations use the Chinese remainder theorem to speed up the calculation

using modulus of factors (mod pq using mod p and mod q).

The values dp, dq and qInv, which are part of the private key are computed as follows:

Here is how dp, dq and qInv are used for efficient decryption. (Encryption is efficient by

choice of public exponent e)

32

.

33

CONCLUSION

Cryptography hides the contents of a secret message from a malicious people, whereas

steganography even conceals the existence of the message. Steganography must not be

confused with cryptography, where we transform the message so as to make it meaning

obscure to a malicious people who intercept it. Therefore, the definition of breaking the

system is different. In cryptography, the system is broken when the attacker can read the

secret message. Breaking a steganographic system need the attacker to detect that

steganography has been used and he is able to read the embedded message.

Cryptography is used to send confidential data in order to provide security to the data.

Cryptography as a whole has existed in many forms throughout much of history.

Lossless compression of images with a great deal of color variation work best as a

cover image to embedded a message in steganography.

Steganography can be used as beneficial tool for privacy than cryptography.

34

BIBLIOGRAPHY

1. www.google.com.

2. Wikipedia.

3. www.eprints/1/71847.pdf.

35