Cryptography: Encryption, Caesar's Cipher, Ransomware - Patrick Harris
post-template-default,single,single-post,postid-5972,single-format-standard,eltd-core-1.1.1,woocommerce-no-js,eltd-boxed,flow-ver-1.3.6,eltd-smooth-scroll,eltd-smooth-page-transitions,ajax,eltd-blog-installed,page-template-blog-standard,eltd-header-standard,eltd-sticky-header-on-scroll-up,eltd-default-mobile-header,eltd-sticky-up-mobile-header,eltd-menu-item-first-level-bg-color,eltd-dropdown-slide-from-bottom,eltd-dark-header,eltd-header-style-on-scroll,wpb-js-composer js-comp-ver-5.5.2,vc_responsive

Cryptography: Encryption, Caesar’s Cipher, Ransomware

On the go? Have Polly read to you.

Cryptography is a method of storing and transmitting data in a particular form so that only those it is intended for can read and process it. Cryptography involves constructing and analyzing protocols that prevent third parties or the public from accessing private information.


Cryptography is a young science. While the use of ciphers and codes to protect secrets can be traced back thousands of years, the study of Cryptography as a science began around 100 years ago.



Encryption is the principle application of cryptography. It makes data incomprehensible in order to ensure it remains confidential.



Encryption uses an algorithm called a cipher and a secret value called a key. You must have the key in order to decrypt the data.


Not all encryption is created equal

With symmetric encryption, the key used to decrypt and encrypt the data are the same. This differs from asymmetric encryption, or public key encryption, in which the key used to decrypt the data is different from the key used to encrypt. Blockchains use public key encryption to verify the digital transactions that take place before adding them to the public ledger.


The encryption process


When encrypting a message, plaintext refers to the unencrypted message and ciphertext to the encrypted message.


A cipher then has two functions: encryption converts plaintext into a ciphertext and decryption turns a ciphertext back into the encrypted message.


Encryption and decryption overview

Ciphertexts can be the same size as plaintext, for some slightly longer, but ciphertext cannot be shorter than plaintext.


Classic Ciphers



Classical ciphers predate computers and consequently work on letters rather than bits.


Caesar’s Cipher


The Caesar cipher is one of the earliest known and simplest ciphers. It is a type of substitution cipher in which each letter in the plaintext is ‘shifted’ a certain number of places down the alphabet.


IE with a shift of one, a becomes b, b becomes c, c becomes d, etc.


Plaintext:  defend the east wall of the castle


Ciphertext: efgfoe uif fbtu xbmm pg uif dbtumf


The key, in this case the number of positions shifted, is required to decrypt the message. Caesar was said to have used this cipher with a default secret key of 3. IE ZOO encrypts to CRR. FDHVDU decrypts to CAESAR.


The key of the Caesar’s cipher is the number of positions shifted over. Unlike other classic ciphers, such as the Vigenere cipher, all of the letters are moved the same number of positions. So the key for Cesar’s cipher will always be one number, the number of positions each letter is shifted over.


Here’s a python implementation of the Caesar’s cipher.


Run the program, then select E or D to either encrypt or decrypt text.







How Ciphers Work


A permutation is a function that transforms an item (in crypto, a letter or group of bits) such that each item has a unique inverse (Caesars 3 letter shift).  A mode of operation is an algorithm that uses a permutation to process messages of arbitrary size. The mode of Caesars cipher is simple: it repeats the same permutation for each letter.



  • Permutation should be determined by the key
  • Different keys should result in different permutations
  • The permutation should look random
  • There should be no pattern in the ciphertext after performing a permutation.



Most classical ciphers are worded by replacing each letter with another letter, by performing a substitution. In the aforementioned examples, the substitution was a shift in the alphabet.



Why Classical Ciphers are Insecure


Classical ciphers are insecure because they’re limited to operations you can compute by hand. With the advent of computers and the computational power they bring, classic ciphers are easily broken by computer programs. Let’s demonstrate this with a simple brute force in Python.



Follow the steps in the trinket below:


  1. Run the program
  2. Select e to encrypt a message
  3. Type your message
  4. Select a key (the number of spaces your cipher will shift each letter over)
  5. Rerun the Program
  6. Select b for brute force
  7. Enter your encrypted message
  8. Wah Lah





Brute Forcing Cesars Cipher



Do you understand why we were able to do that?  Think about it from an attackers’ perspective.


At most, there are only 26 possible options in our key. We just told our python program to shift the letters over each of the 26 different positions. Naturally, 25 of them were jargon. But the number of the key we selected, the number of shifts the letters of our ciphered text made, contained our encrypted message.


From Then to Now: Modern Cryptography


Classic ciphers don’t stand a chance in the age of computers. Let’s look at a more modern application of encryption.


During the Cold War, the US and Soviets developed their own ciphers. The US created the Data Encryption Standard, or DES, which was adopted as the federal standard from 1979 to 2005. The KGB developed GOST 28147-89, which is still in use today.


In 2000, the US-based National Institute of Standards and Technology (NIST) selected a successor to DES, coined the “Advanced Encryption Standard, or AES. AES was developed in Belgium and is now found in most electronic devices.


Note: AES encryption is symmetric. 


A Python Implementation of Ransomware Using AES


If script isn’t showing, refresh the page

A blackhat use of encryption can be found as the primary function of an increasingly popular form of malware. Ransomware is a type of malware that encrypts a victim’s files, making them inaccessible until a ransom is paid. When ransomware is deployed, a decryption key is created and given to the attacker which is needed to recover the files.


Below is a simple Python program that encrypts files, creates a decryption key, and displays a message to the machine the program is deployed on.


This python script uses the module Pycrypto, a reliable cryptography toolkit for programs requiring cryptographic functions.  It relies on AES to encrypt the files.


AES keys can be 128, 192, or 256 bits long.



For my fellow Mr. Robot fans out there, this type of malicious encryption was central to the plot in the first season. f society, led by Elliot, encrypted all E-corps financial records, including all recorded histories of debt. In the show’s fictitious world, e corp, the largest conglomerate, had records of more than 70% of all the worlds debt histories. Unlike a conventional ransomware attack which seeks $ in exchange for the decryption key, the hacker group deleted the key as soon as the financial records and their backups were encrypted.




Quantifying Security


Measuring Security in Bits 


You’ll often hear of different levels of bit-encryption expressed numerically, ie AES’ 128 or 256-bit encryption. (As a point of comparison, RSA, an asymmetric encryption system, has 2048 bit encryption.)

What does this mean? What is bit referring to in this context and why does it matter?


Remember, in cryptography, a key is the piece of information the determines the output of the algorithm (cipher). With encryption, it specifies the transformation of plaintext into ciphertext, and vice versa.You need the key to encrypt/decrypt the cipher.


The key size is the number of bits in a key, which is to say the length of a key used by the cipher to encrypt or decrypt the data.


Remember that a bit is the most basic unit of information in computing, represented as a 0 or a 1 (a “binary digit”). 8 bits = 1 byte and more bits = more data. For the purposes of this explanation, remember a bit is the smallest possible unit of information. Thus, the higher the “bit-encryption,” the longer the key of the cipher.


<strong>With a key of n-bits, there are 2 ^ n possible keys. A 128-bit key then has 2 ^128 possible options, and a 256-bit key has 2 ^ 256 possible options</strong>.



Why is this important?


If a cipher was currently unbreakable by exploiting vulnerabilities in the algorithm, it is possible to run through the entire space of options in a brute force attack.  Since longer symmetric keys require exponentially more work to brute force, the longer the key the more impractical this attack becomes. So a simplistic but accurate association to make is one of more bits with the more security.


Post a Comment