Michael Goetzman

You may be here because of CypherCon and wondered, What? Let's break this down. Cryptography and cipher turned out to be the buzz words in the post World War II era. In our time period, it's vastly modernized. Though at its prelim, only short private texts with instructions or orders were encrypted, today it is one of the most common forms of computer security. From the email and password of your online financial account to the birthday wish you sent to your friends in WhatsApp, everything is encrypted end-to-end.

In this discussion, we will introduce you to cryptography, encryption, cipher, its uses, and finally, guide you through decoding a cryptic ciphertext! Exciting, no?

Let’s first delve deeper into the terminology.

Cryptography is composed of crypto and graphy, which roughly means secret writing, or writing in a mysterious way that is not readable for most people. For converting plain texts into cryptic texts, a private and preferably secret key is used.

The algorithm of this conversion from plain text is called cipher or cypher and the resulting cryptic text is called ciphertext, or sometimes just cipher. Unless you have the key, you can’t reverse ciphertext into readable plain text.

The process of making texts mysterious, secret, and private is called encryption. And the process of breaking the secret text and make it readable is called decryption.

What is Cryptography?

XFMDPNF UP HPFUANBO

The above text probably looks like balderdash to you, because it actually is! But if you simply shift each letter of the sentence to the previous letter, this turns out a pretty nice warm greeting: WELCOME TO GOETZMAN!

The technique or process of converting easily comprehensible plain texts into a daunting unintelligible text, or vice versa, is called cryptography. It is a method being used since ancient times for storing and transmitting data in a particular form so that only the intended persons can understand.

Whether you are buying something online, browsing the dark web, or sharing a secret political manifesto, thanks to cryptography for keeping it safe, private, and untraceable.

An encrypted message has two essential parts: the cipher and the key.

The cipher is the set of rules that are using to encode the information for example shifting the alphabet by a certain number of letters. We will discuss extensively cipher in the later part of this discussion. The key tells you how to arrange those rules. Without the keys, it is almost impossible to understand the meaning of the encrypted message.

The data and privacy protection against hackers and malicious penetration depend on two factors:

1. The strength, effectiveness, and protocols or managing keys
2. The protection of the keys, namely generation, distribution, and destruction.

What is Cipher/cypher?

By definition, the cipher is the method of generating encrypted texts; a series of steps, just like a procedure, that can be followed to generate an encrypted text. The obligation of a cipher depends on a set of information, called a key.

More technically, the cipher is the algorithm of modifying plain texts with some private rules and replacing original letters with other letters, numbers, or symbols through transposition and substitution.

It is imperative to select and protect a key before encrypting a message. Otherwise, you might not understand your own message after you encrypt it! However, it is very difficult, if not impossible, to decrypt a ciphertext without the knowledge of the right key.

In most cases, ciphers work symmetrically, which means, the same key and procedure can be applied to data or message for both encrypting or decrypting that data. This advantage facilitates symmetric key encryption, also known as secret key encryption.

Traditionally, ciphers use two main forms of transformation: transposition and substitution. In transposition, the existing letters of plain text are shifted and reordered mathematically. Whereas, in substitution, the letters are replaced with another letter, number, or symbol to generate a ciphertext.

Before we discuss more the diverse types of ciphers used since WW2 to this day, let us look back at the history of using ciphers and their evolution.

History of Cipher/Cypher

One of the oldest forms of science undertaken by humans is encryption. From prehistoric times to modern days, it is always a basic human instinct to hide sensitive information from curious eyes.

Cipher has been in use long before computers have shown up. Although there is no definite proof it is known that the first encryption was done by ancient Egyptian some 4000 years ago. But things become mainstream when Sparta, one of the provinces of ancient Greece, used a method called transposition cipher to encrypt their confidential state information.

Another one of the ancient footmarks of cryptography is found during the realm of Julius Caesar. If he has anything confidential to say, he used to write in cipher. His method of cryptography is a resemblance to the modern day’s Caesar Cipher. He was the first one to use cipher for encrypting information of military significance.

However, Caesar’s key to cipher might cost you a few minutes to decode, back in those days people knew very little about the fact of encryption. So, most of his ciphertexts were protected.

Jefferson was well ahead of his time when he invented Jefferson’s Wheel Cipher, also known as the Jefferson disk, in 1795. United States Army used his method of encryption until 1942. His wheel consisted of thirty-six cylindrical disks, each inscribed with twenty-six letters on the edge of the disks.

In 1917, the British intercepted a telegram signal sent from the German and were able to decode it. This was a groundbreaking achievement and formally known as Zimmerman Telegram. On that telegram, the Germans proposed a military alliance with Mexico.

However, the development and implementation of cipher were at their apex during World War II.

World War II Ciphers/Cyphers

A plethora of cipher systems was flooded by the nations involved in World War II. The most groundbreaking and well-known cipher was developed by the Germans, you might already have heard the name; the mighty ENIGMA!

The Enigma gave the Germans a singular ability to communicate privately and securely. The machine was so advanced that the Germans were comfortable with to send the top-secret military message through electric circuits!

The Enigma machine was a small wooden box, capable of being carried by an average soldier. Once opened, it revealed a casual looking typewriter. The actual encryption was performed behind the keyboard, where three rotors can be set to any alphabet to generate a private encryption key.

In addition to inventing cryptic techniques, codebreaking was also much advanced. The allies were able to break into the Enigma machine and were able to read important parts of German radio traffic.

Different Types of Cipher/Cyphers

After World War II, the world has realized the importance of having a reliable and unbreakable cipher. This importance of cryptography was raised significantly with the innovation of computers and the internet. Over the last few decades, many different types of cryptic technology and algorithm have been developed. Some of the highly secure and overly used ciphers include:

1. Caesar Cipher
2. Monoalphabetic Cipher
3. Polygram Substitution Cipher
4. Polyalphabetic Substitution Cipher: Vigenère Cipher
5. Playfair Cipher
6. Hill Cipher
7. Block Cipher and Stream Cipher
8. The Advanced Encryption Standard (AES)

Now it’s time to introduce you to these techniques in detail.

1. Caesar Cipher

If you want to have some fun with your friend, or send a chit and avoid the risk of being understood by your class teacher, then Caesar Cipher is for you! It is the oldest real cipher used for more than a thousand years which involves a few easy steps to follow and a key.

In today’s standard, this technique is mostly fun, because this is a very weak technique of hiding a secret message. In Caesar cipher, every character of the plain text is replaced by another text, number, or symbol.

Well, if you still want to use the Caesar cipher, here is a pro tip for you. Don’t shift 3 letters just like Caesar did, shift by a different value, and don’t share that with me! So, the modified algorithm for you is as follows:

1. Read the whole plain text
2. Think of a number and memorize it
3. Decide whether you want to shift forward or backward
4. Replace each alphabet by the specified number forward or down
5. Keep doing this for all of the alphabets of plain text
6. The final form is your first ciphertext.

Now let us move forward to a more advanced cipher!

2. Monoalphabetic Cipher

If the Caesar and its modified version are easily cracked by your friends, here the monoalphabetic cipher comes in handy. Unlike Caesar cipher, this method does not involve shifting the alphabet.

Monoalphabetic cipher is one where every alphabet in plain text is assigned to another alphabet except for the original alphabet. Then the letters of the plain text are replaced or transposed by the new letters.

An example can make this clear.

• A can be substituted by any alphabet from B to Z, but not by A
• B can be substituted by any alphabet from C to Z or A; but neither by B nor by the substitution of A
• C can be substituted by any alphabet from D to Z, or A to B; but neither by B nor by the substitution of A and B
• D can be substituted by any alphabet from E to Z, or A to C; but neither by D nor by the substitution of A, B, and C
• E can be substituted by any alphabet from F to Z, or A to D; but neither by E nor by the substitution of A, B, C and D

And so on…

The substitution map is completely secret and it is always changeable. Once the substitution is determined, it is very easy to encrypt a message and decrypt it as well. Monoalphabetic cipher is very daunting to crack since there can be trillions of combinations possible with 26 letters and the substitution is random!

However, it can also be decoded with enough time and if the message is very long, the trends of frequently used letters give a useful hint. We will look at this type of example when we will crack a ciphertext!

3. Polygram Substitution Cipher

It is sometimes possible to decrypt the monoalphabetic cipher due to its predictable substitution. For example, E, A, and R is the most abundant letter in the English language. If a ciphertext has an abundance of Z, then it is highly probable that E, A, or R is substituted by Z.

To avoid these caveats and enrich the flexibility, randomness, and obscurity, a polygraphic substitution cipher was developed. This is also known as a Polygram Substitution Cipher.

Polygraphic substitution cipher divides the plain texts into many parts and replaces the common blocks and phrases and blocks by any word, letter, symbol, or another block of the word. To decrypt the ciphertext, you need to use the substitution map reversely.

Let’s craft a nice short example to see how polygraphic substitution can increase the randomness.

The plain text is: This example problem might also be in your exam.

In this plain text, EXAMPLE can be replaced by POIUYTR. But the EXAM at the end of the sentence can be substituted by QWER. So, there is practically no way to guess the word EXAMPLE with the word EXAM in ciphertext because they don’t look similar at all. psst, this is just a blog, there is no exam btw 😛

4. Polyalphabetic Substitution Cipher

So far, all the ciphers we have discussed can be predicted, if not cracked, by frequency analysis. However, the development of polyalphabetic substitution cipher is the answer of modern cryptographers to those frequency analysis experts!

Invented by Leon Battista Alberti, the polyalphabetic substitution cipher is also known as Vigenère Cipher. O demonstrate the action of this cipher; Alberti made a rotating disk of two disks each with 26 letters.

Some of the simple yet incredible features of Vigenère Cipher are mentioned below.

• Each letter of plain text is substituted with an alternative letter following the inner disk of the wheel.
• The ciphertexts are written in small letters.
• However, at any random point of encryption, the writer changes the pattern of substitution of plaint texts by rotating the inner disk!
• To denote where the new pattern begins, Alberti used a capital letter for the first letter of each pattern.

To make this cipher even more secure, a modified version of Vigenère Cipher is developed. This is performed using a table of 26 rows and 26 columns; each row and column has one of the 26 alphabets assigned, called Vigenère Table.

5. Playfair Cipher

The Playfair cipher was invented by Wheatstone and is a manual symmetric encryption technique that uses a 5 by 5 grid or table to encrypt a pair of the alphabet at once instead of a single letter as in traditional substitution ciphers.

Since the technique is completely manual, it’s better if explained step by step with an example.

First, we need a keyword. Let’s assume our keyword is MICHAEL and the word we are going to encrypt is INSTRUCTION.

The Playfair cipher is composed of two parts: making the grid and encrypting by pair. The whole process can be divided into several steps as follows:

1. The 5 by 5 grid contains 25 letters, excluding J, and starts by tee letters of a keyword. Any repetitive letter is skipped. So, in our case, the grid looks like the following:

2. Dividing the plain text into two letters block results in:

A “z” is added to complete the pair.

3. Now for the encryption algorithm part, three simple rules are followed.
   1. If both the letters are in the same column: Take the letter below each one (going back to the top if at the bottom).
   2. If both the letters are in the same row: Take the letter to the right of each one (going back to the leftmost if at the rightmost position).
   3. If neither of the above rules is true: Form a rectangle with the two letters and take the letters on the horizontal opposite corner of the rectangle.

Now you know the rules. Can you encrypt the plain text “INSTRUCTION” with the key “MICHAEL”?

If you can’t, I have the answer for you. The ciphertext is: cktusqhshkpx

6. Hill Cipher

Hill cipher is a kind of polygraphic cipher based on linear algebra where letters are replaced by letters generated by a mod of 26. Hill cipher is a bit complicated because it involves deep knowledge of matrix in algebra. For those who are interested, I can divide the whole cipher algorithm into a few steps.

• The first step is to assign a number for each alphabet sequentially, from A=0 to Z=25.
• Then the letters of plain texts are organized based on the above number format. And the resultant matrix is called a text matrix.
• Multiplying the plain text matrix with a secret private key matrix.
• Calculating the mod 26 value of the multiplied matrix will generate a value within 0 to 25.
• Finally assigned to the letters to corresponding numbers create the ciphertext.

7. Block Cipher and Stream Cipher

The symmetric key cipher is a large group of cipher schemes and two of the most used technique of this type of cipher include Block Cipher and Stream Cipher. The similarity between these two is that they both convert plain texts to ciphertext block by block, not letter by letter.

These two ciphers are best understood when compared side by side.

1. The cardinal difference also belongs to this feature; block cipher converts one block of any size of choice but stream cipher converts 1 byte at a time. So, technically, block cipher uses 64 bits or more at a time while stream cipher encrypts continuous 8-bit flow.
2. Since the block size is larger in block cipher, the stream cipher provides more complexity and thus security.
3. At the same time, the smaller block size of 8 bit only gives an advantage while decrypting.
4. The power behind the block cipher is transposition and substitution are at the core of the stream cipher.

8. The Advanced Encryption Standard (AES)

The U.S. National Institute of Standards and Technology (NIST) established a standardized specification for the encryption of electronic data in 2001. AES is now used worldwide and it supersedes all the previously developed cipher schemes. The AES is primarily is a symmetric key cipher.

AES has adopted up to 256-bit keys to ensure staggering security and privacy. The size of the possible combination will give you an idea of how hard it would be to crack such a key.

This vast number of possible combinations of keys made AES-256 nearly impenetrable by any hackers.

Decrypting CipherText

To decrypt the information, you need to know what kind of cipher was used and also have the key or you can just crack the code either by trying all possible combinations you can think of or by analyzing the code and working backward from it, known as deciphering. But do you think this is possible to analyze every possible combination?

Well, now the fun part. Let’s break a ciphertext without any clue for motivating novice hackers!

Assume this is a ciphertext you found on your balcony.

Now you want to read it with your intelligence. Let’s begin!

Step 1: Well, the only single-letter word in English is “I”. so, you can presume that the “M” of the ciphertext is “I”. It means replacing the cipher-letter with the alphabet backward to 4.

Step 2: The most abundant letter in the encrypted message is “i”, which is the most probable “e” of English. Which also meets the 4 alphabets backward assumption.

Step 3: The “e” becomes “a” and “q” becomes “m” and so on.

Step 4: Continue transforming like this and let me know what’s the message inside the ciphertext!

The answer is: I am the new hacker in the town. I prefer not to post it on the blog.

Modern Use of Cryptography

The flourish of internet-based technologies like online shopping and banking, so-called social networking, and fast methods of communicating like email has brought the term privacy forefront. Millions of dollars are transacted each day, millions of emails are sent and received every 24 hours, and all of those messages deserve a private and secure protocol without letting hackers peeking into your sensitive information.

Highly advance cipher systems like AES-256 are capable enough to secure almost all of our data. Modern cryptography does the job to protect all the intersection of computer science, electrical engineering, military and aeronautics, communication science, and physics.

Modern cryptography led to another team of hackers, who introduce themselves as Ethical Hacker! Their job is to find out the potential security bottleneck and help the authority solve the issue.

Interested in more? You found the right place, we gather together in Milweaukee, arranging password cracking contests, wireless hacking contests, game console hacking contests, in a phase... we hack all the things! Join us at Wisconsin's Security Conference: CypherCon!

~Michael Goetzman