1. Making “Good” Encryption Algorithms
Substitution algorithms “hide” the plaintext and dissipate high letter frequencies
Transposition algorithms scramble text
Many “good” algorithms combine both techniques

2. Shannon’s Characteristics of “Good” Ciphers
Amount of secrecy needed should determine the amount of labor appropriate for encryption/decryption.
Set of keys and enciphering algorithm should be free from complexity.
Implementation should be simple
Errors in ciphering should not propogate.
Size of ciphertext should be no larger than the size of the plaintext

3. Properties of “Trustworthy” Encryption Systems
Based on sound mathematics
Been analyzed by competent experts and found to be sound
Stood the “test of time”
Three Examples:
DES (data encryption standard)
RSA (Rivest-Shamir-Adelman)
AES (Advanced Encryption Standard)

4. Symmetric and Asymmetric Encryption Systems
Symmetric requires one “secret” key that is used for encryption AND decryption (e.g. Caesar cipher might use a “key” of 3 to indicate shift by 3)
As long as key remains secret, authentication is provided
Problem is key distribution; if there are n users, we need n * (n-1)/2 unique keys

5. Symmetric and Asymmetric Encryption Systems
Asymmetric requires two keys one of which is a “public key”
The public key is used for encryption and the “private” key is used for decryption
If there are n users, there are n public keys that everyone knows and n private keys known only to the user

6. Stream and Block Ciphers
Stream ciphers – convert one symbol of plaintext immediately into a symbol of ciphertext
Transformation depends on the plaintext symbol, the key, and the algorithm
Error can affect all text after the error

7. Stream and Block Ciphers
Block cipher encrypts a group of plaintext symbols as one block (e.g. columnar transposition)
Stream
Block
Advantages
Speed of transformation
Low error propagation
High diffusion
Immunity to insertation of symbols
disadvantages
Low diffusion
Susceptibility to malicious insertations and modifications
Slowness of encryption
Error propagation

8. Confusion and Diffusion
Confusion – interceptor cannot predict what will happen to the ciphertext by changing one character in the plaintext
Diffusion – information from single plaintext is distributed over the entire ciphertext

9. Cryptanalysis
Ciphertext Only – requires analysis using probabilities, distributions, and characteristics of the available ciphertext, plus any publicly known information
Full or Partial Plaintext – knows some plaintext and ciphertext (C & P in C = E(P) ); only needs to determine the algorithm; can use probable plaintext analysis
Ciphertext of Any Plaintext – analyst can insert data into plaintext to be encrypted

10. Cryptanalysis
Algorithm and Ciphertext – analyst runs the algorithm on massive amounts of plaintext to try and match one with the ciphertext and deduce the sender’s encryption key
Ciphertext and Plaintext – try and determine the encryption key
Weaknesses – cryptanalysis often succeeds because of human error and/or carelessness

11. Elementary Tips for Frequency Analysis
Count frequencies
j,k,q,x,z have frequency less than 1%
e should have frequency greater than 10% (19% in German)
Italian has 3 letters with frequency > 10% and 9 letters with frequency < 1%
In English, look for repeated letters (ss, ee, tt, ff, ll, mm, oo)
If ciphertext contains spaces, look for one, two, three letter words (a, I, of, to, in, it, is, be, as, at, so, we, he, by, or, on, do, if, me, my, up, an, go, no, us, am, the, and)
Tailor table of frequencies to message you are trying to decipher (e.g. military messages omit pronouns and articles)
Be willing to guess and use experience
If the frequency of the ciphertext matches frequency table, the cipher is transpositon
Taken from Appendix B of The Code Book by Simon Singh, Doubleday, 1999.