Search icon CANCEL
Subscription
0
Cart icon
Your Cart (0 item)
Close icon
You have no products in your basket yet
Save more on your purchases! discount-offer-chevron-icon
Savings automatically calculated. No voucher code required.
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Newsletter Hub
Free Learning
Arrow right icon
timer SALE ENDS IN
0 Days
:
00 Hours
:
00 Minutes
:
00 Seconds
Arrow up icon
GO TO TOP
Modern Cryptography for Cybersecurity Professionals

You're reading from   Modern Cryptography for Cybersecurity Professionals Learn how you can leverage encryption to better secure your organization's data

Arrow left icon
Product type Paperback
Published in Jun 2021
Publisher Packt
ISBN-13 9781838644352
Length 286 pages
Edition 1st Edition
Arrow right icon
Author (1):
Arrow left icon
Lisa Bock Lisa Bock
Author Profile Icon Lisa Bock
Lisa Bock
Arrow right icon
View More author details
Toc

Table of Contents (16) Chapters Close

Preface 1. Section 1: Securing Our Data
2. Chapter 1: Protecting Data in Motion or at Rest FREE CHAPTER 3. Chapter 2: The Evolution of Ciphers 4. Chapter 3: Evaluating Network Attacks 5. Section 2: Understanding Cryptographic Techniques
6. Chapter 4: Introducing Symmetric Encryption 7. Chapter 5: Dissecting Asymmetric Encryption 8. Chapter 6: Examining Hash Algorithms 9. Section 3: Applying Cryptography in Today's World
10. Chapter 7: Adhering to Standards 11. Chapter 8: Using a Public Key Infrastructure 12. Chapter 9: Exploring IPsec and TLS 13. Chapter 10: Protecting Cryptographic Techniques 14. Assessments 15. Other Books You May Enjoy

Outlining substitution and transposition

We can define cryptography as hidden or secret writing. The concept of concealing information using secret codes began thousands of years ago. Some of the early methods to encrypt data used pen, paper, or even rings, such as the pigpen, or Freemason, cipher.

In this section, we'll take a look at early encryption techniques, called classic cryptography, which mainly used transposition and substitution. The two work in the following manner:

  • Transposition ciphers transpose letters according to a pattern.
  • Substitution ciphers substitute each letter with a different letter according to the key.

In addition, we'll also take a look at methods to break the encryption. Let's start with seeing how substitution works, along with an example using the pigpen cipher.

Substituting characters

Substitution techniques to encode text work by substituting one character for another. The characters can be letters, numbers, or special characters. There are several substitution ciphers. One example is the pigpen or Freemason cipher. This cipher uses a grid formation with symbols that represent the different letters, as shown in the following figure:

Figure 1.7 – Pigpen cipher code

Figure 1.7 – Pigpen cipher code

To generate a code, you would substitute each letter with the corresponding symbol. For example, the phrase Secret message converted using a pigpen cipher would appear as the following code:

Figure 1.8 – The phrase "Secret message" converted to code using a pigpen cipher

Figure 1.8 – The phrase "Secret message" converted to code using a pigpen cipher

Try this yourself by going to https://www.boxentriq.com/code-breaking/pigpen-cipher.

Another technique to scramble data is by using transposition, as we'll see next.

Transposing the text

There are several techniques to transpose text. Unlike substitution, which substitutes one character for another, transposition transposes or rearranges the characters according to a pattern.

One method to transpose characters is reversing the order of letters in a phrase. The phrase confidentiality is keeping private data private will become etavirp atad etavirp gnipeek si ytilaitnedifnoc.

Even though this is a simple transposition of characters, you might have difficulty determining what the phrase means, unless you know that the letters have been reversed.

The rail fence, or zig-zag, cipher is another transposition cipher that conceals data by using rails or separate lines of text.

For example, if we were to transpose the word TRANSPOSE by using three rails and filling in the blank spaces using other letters, we would have the following output:

Figure 1.9 – The rail fence cipher concealing text

Figure 1.9 – The rail fence cipher concealing text

If someone were to look at the three lines of text, they may not be able to determine the meaning, unless they know the pattern, as shown:

Figure 1.10 – The rail fence cipher with the text exposed

Figure 1.10 – The rail fence cipher with the text exposed

Both the substitution and transposition ciphers are simple ciphers where it is fairly easy to break the code to determine the plaintext. When working with methods to conceal text such as substitution and transposition, we can use various methods to break the code, as outlined next.

Breaking the code

Concurrent to creating ways to conceal data using basic cryptographic techniques came the need to break codes and ciphers by using various methods.

With classic cryptography, code-breaking is a lot like a word puzzle, where the key is found by substituting letters until you determine a match. Because some methods use transposition, you might need to evaluate the text for alternate patterns that rearrange the text in some way.

Ciphers that use one alphabet are called mono-alphabetic ciphers. If only one alphabet is used, we can employ letter frequency analysis, as described next.

Analyzing the frequency of the letters

Letter frequency analysis is a cryptographic tool. The analysis begins by determining the frequency of the letters so that the actual message can be found.

When using letter frequency analysis, English characters can be divided into groups that include the following:

  • The high-frequency group includes letters such as A, E, and T.
  • The low-frequency or rare group includes letters such as K, Q, X, and Z.
  • Digrams are pairs of letters that include th, he, of, and it. You'll also want to consider pairs using repeating letters such as ll, oo, or ee.
  • Trigrams are collections of three letters that include the, est, and, for, and his.

To adequately produce a frequency profile, you need a generous amount of characters. You can manually count the characters or use one of the applications available online, such as the one found at http://www.richkni.co.uk/php/crypta/freq.php.

If the cipher uses more than one alphabet, this will make the code more difficult to decrypt. You might even find text that doesn't use an alphabet. For example, try to decode the following message:

Figure 1.11 – Secret code

Figure 1.11 – Secret code

You can find the answer at the end of this chapter under the Assessments section.

As we can see, even simple cryptographic methods can conceal information from someone. The downside is the simpler the method, the easier it is to obtain the plaintext message.

You have been reading a chapter from
Modern Cryptography for Cybersecurity Professionals
Published in: Jun 2021
Publisher: Packt
ISBN-13: 9781838644352
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Renews at $19.99/month. Cancel anytime
Banner background image