University of Maryland, University CollegeCSEC 630: Lab Assignment OneAnalysis of CrypTool

Rachel E. RussellSeptember 28, 2014

Table of Contents

Introduction..........................................1

Lab 1: Part One.......................................2

Lab 1: Part Two.......................................4

References............................................i

Appendix A: Screenshots from Lab.....................ii

R u s s e l l | 1

Introduction

In the first laboratory assignment for the course CSEC 630,

the object of the laboratory section is to understand different

forms of cryptography and their uses. The first portion of this

involves the use of different forms of cypher, namely the Caesar

cipher, the Vigenère cipher, and the Playfair cypher. For this

portion of the laboratory assignment, the text used is “This is a

test. This is only a test. If this were an actual emergency, you

would hear instructions after the beep. BEEEEP!” This data is

analyzed using both the Caesar and Vigenère cipher. Then the

famous quote, “The difference in stupidity and genius is that

genius has its limits”, by Albert Einstein is analyzed using his

name as a key in order to gain a better understanding of the

Playfair cipher. Upon completion of this exercise, several

questions are asked to help gain a better understanding of the

analysis performed. Actual data for the work performed can be

found in Appendix A.

The second portion of the laboratory assignment involves

gaining an understanding of the types of advanced cryptology

R u s s e l l | 2

functions which can be used. The first portion of the second part

of this lab seeks to differentiate between Electronic Codebook

(ECB) and Cipher-Block Chaining (CBC) as two forms of the DES

cipher. Then the block size is analyzed, to determine its effect

on security. Next, the RSA cryptosystem is analyzed to determine

some of its benefits and drawbacks, and its function as public-

key cryptosystem is discussed. Finally, the hybrid RSA-AES

cryptosystem is discussed, along with some of its improvements

over the RSA cryptosystem.

Lab 1: Part OneWhich tool or technique from the above list would be most

effective for a cryptanalyst to use to decipher a text

encrypted with the Caesar cipher, and why?

The Caesar Cipher, named after Julius Caesar, is a

substitution cipher which was used by the leader to communicate

with his armies (Savarese & Hart, 1999). In order to break a

shift cipher text, like the Caesar Cipher, one simply has to

determine the frequency of letter usage and apply known letter

usages in the English language to begin the process (Savarese &

R u s s e l l | 3

Hart, 1999). Understanding that the letter “E” is the most

frequently used letter in the English language quickly gives a

way the cipher in our example. By viewing the results, it is

clear that there is a significant increase in the use of the

letter “V” which gives away that because V=E, that the key which

would correspond to the letter “A”, is in fact “R” which is

correct. This is clearly displayed in both the Histogram and in

the N-Gram, as illustrated in Appendix A, Figure 3 and Appendix

A, Figure 4. For simplicity purposes, the histogram would be

slightly easier, just in the fact that it does give a more visual

depiction of results, which tends to be understood faster than

numerical representation by most people.

What do you notice about the histogram results when text is

encrypted with the Vigenère cipher in comparison to the

results of the Caesar cipher? Why is this the case?

One of the first things that is clearly noticeable in the

first attempt at Vigenere encryption, using the same key, is that

there is no difference in the histogram between the Vigenere and

R u s s e l l | 4

Caesar encryption, which can be seen in Appendix A, Figure 8.

Understanding that this is likely due to the simplicity of the

key, the text was re-encrypted with a variant key, “Party” which

revealed that the histogram no longer provided a clear answer as

to the key to decrypt the message. Further, it is noticeable that

the peaks and valleys of the histogram in the second attempt at

encryption provided little variance, and significantly increased

the difficulty in determining the message contents. This is

likely how the Vigenere cipher became to be known as “la chiffre

indechiffrable”, or the indecipherable cipher. The Vigenere

cipher is relatively as simple as a Caesar cipher; only made

exponentially more difficult by the presence of a key word (Bruen

& Forcinito, 2005). A Vigenere cipher is created using a key

word, which is given a numerical value between 0 and 25 based

upon its position in the alphabet, and then that number is then

added to the corresponding number of the message, it is then

added numerically up until the number of 26, and if the number is

greater than 26, then 26 is subtracted, in order to come up with

the new numerical representation (Bruen & Forcinito, 2005).

Essentially, this is due to the fact that it is poly-alphabetical

R u s s e l l | 5

in nature and therefore has a higher entropy than the Caesar

cipher.

There is an error in the following cipher text

representation of this quote, what is it? What should the

correct cipher text be? (Hint: when using the CrypTool there

are several ways to decode one that you can use is

“Playfair” encipher option, the plaintext and key provided

in the lab information, and DESELECTING the “separate

duplicate letters only within pairs” option)

SDAHFOWGRABSSRERIVBYBSCIMQTFNIVETGHBSNQCNCSDTDHBSNQCDECNICIFCTIC

In this example, the quote used is “The difference between

stupidity and genius is that genius has its limits”. The pre-

formatting of this quote for playfair encryption is “TH ED IF XF

ER EN CE BE TW EX EN ST UP ID IT YA ND GE NI US IS TH AT GE NI US

HA SI TS LI MI TS”. In this sentence the letter X is used to

separate letters which coexist next to themselves in the

sentence. For example, where the letter F repeats itself in

R u s s e l l | 6

difference, an x is added to create difxference. This produces

the encryption of “SD AH FO WG RA BS SR ER IV BY BS CI MQ TF NI

VE TG HB SN QC NC SD TD HB SN QC DE CN IC IF OT IC”. The message

above ends up stating that “The difxference betwexen stupidity

and genius is that genius has its liscts”.

Of the three ciphers discussed (Caesar, Vigenère, Playfair),

what are their relative degree of security and why?

Of the three different types of ciphers, it is clear that

Vigenere, with an entropy of 4.44 is significantly more difficult

to break than the Playfair and Caesar, with respective entropies

of 4.02 and 3.88. This is likely due to the fact that the

Vigenere does not just assign letters to other letters, but also

incorporates a numerical value to the cipher.

Lab 1: Part Two

For each of the following say whether ECB or CBC would be

most appropriate and give a brief explanation as to why.

An online bank statement- An online bank statement would

benefit most from a stronger form of encryption and given

R u s s e l l | 7

the contents of an online bank statement, with repetitive

deposits, automatic teller machine withdraws, point of sale

purchases, and the like which are so often found on bank

statements, one with an ability to hide obvious patterns.

Accordingly, online bank statements would benefit most from

CBC encryption.

An encrypted VoIP session- Given that CBC requires a strict

order of package and errorless transmittal in order to allow

for accurate deciphering by the receiver, an encrypted VoIP

session, would benefit most from using ECB encryption, due

to the inability to guarantee the delivery of all of the

packets due to the cconnectionless protocol of the VoIP

session.

Viewing of a website using TCP/ IP-Since the level of

security desired is higher, and there are no concerns about

the delivery of packets and their order, the most secure

option would be the use of CBC encryption.

R u s s e l l | 8

What difference do you notice in the block size, discuss

whether or not this cipher would be susceptible to

statistical analysis and why?

The block size is dependent on the key used to encrypt the

information. For instance, with a small value in the “p” and “q”,

the block size is significantly reduced, while the number of

blocks is increased. When a larger value is input for the “p” and

“q”, the block size is increased, while reducing the number of

the blocks. When using a smaller key, it would be susceptible to

statistical analaysis; however, with a large key, statistical

analysis becomes less and less functional, to the point of

ineffectiveness.

Analyze the data encrypted with the RSA cipher. How does

this encryption method compare to the other methods the Lab

has covered?

RSA ciphers have a much higher entropy than the other

ciphers which means that it is more secure than the others. Since

RSA works with both a public key and a private key, it generates

R u s s e l l | 9

exceptionally large key lengths which make for an incredibly

difficult and laborious endeavor to analyze the data. One of the

draw backs of this type of encryption is that the RSA cipher

moved incredibly slowly in comparison to the other ciphers.

What are the advantages of the Hybrid RSA-AES cipher? How

does this encryption method compare to the other methods the

Lab has covered?

There are three specific advantages of the Hybrid RSA-AES

cipher. These are there is low latency, the AES cipher and

cipher-text are synchronous, and most importantly, the Hybrid

RSA-AES cipher is more secure (Yang & Yang, 2007). One of the

most important pieces to note is that the Hybrid RSA-AES uses a

public key to encrypt the data, and requires a private key to

decrypt the cipher. One notable downfall in this hybrid is that

it does not allow authentication like the other ciphers used in

this lab.

References 

Bruen, A. A., & Forcinito, M. (2005). The Vigenere Cipher.

In Cryptography, information theory, and error-correction: A handbook for the

21st century(pp. 21-22). Hoboken, NJ: Wiley-Interscience.

CSEC 630 Lab Assignment 1 – Introduction to Cryptography. (n.d.).

University of Maryland University College. Retrieved from

http://tychong.umuc.edu/tycho/CSEC/630/1209/9046/conference/

getAttachment.tycho?

attachId=7a6e03f683ab255031731b2feb167cef&noteId=7a6dfdc183a

b255031731b2fb028ad58

Savarese, C., & Hart, B. (1999). The Caesar Cipher. Retrieved

September 28, 2014, from

http://www.cs.trincoll.edu/~crypto/historical/caesar.html

Yang, L., & Yang, S. (2007). A framework of security and safety

checking for internet-based control systems. International

Journal of Information and Computer Security, 1(1/2), 185.

doi: 10.1504/IJICS.2007.012249

Appendix A

Appendix A: Screenshots from Lab

Contents

Figure 1: Entropy of Caesar Encryption........................ii

Figure 2: Floating Frequency of Caesar Encryption.............ii

Figure 3: Histogram of Caesar Encryption.....................iii

Figure 4: NGram of Caesar Encryption.........................iii

Figure 5: Periodicity of Caesar Encryption....................iv

Figure 6: Autocorrelation of Caesar Encryption................iv

Figure 7: Histogram of Vigenere Encryption: Key R..............v

Figure 8: Histogram of Vignere beside Histogram of Caesar......v

Figure 9: Histogram of Vigenere Encryption: Key "Party".......vi

Figure 10: Playfair Encryption: Key "Albert Einstein”.........vi

Appendix A

Figure 11: Playfair Encryption: Key "Albert Einstein" Deselected

.............................................................vii

Figure 12: Entropy of Caesar, Vigenere, and Playfair........viii

Appendix A

Figure 1: Entropy of Caesar Encryption

Figure 2: Floating Frequency of Caesar Encryption

4

Appendix A

Figure 3: Histogram of Caesar Encryption

Figure 4: NGram of Caesar Encryption

5

Appendix A

Figure 5: Periodicity of Caesar Encryption

Figure 6: Autocorrelation of Caesar Encryption

6

Appendix A

Figure 7: Histogram of Vigenere Encryption: Key R

Figure 8: Histogram of Vignere beside Histogram of Caesar

7

Appendix A

Figure 9: Histogram of Vigenere Encryption: Key "Party"

Figure 10: Playfair Encryption: Key "Albert Einstein”

8

Appendix A

Figure 11: Playfair Encryption: Key "Albert Einstein" Deselected

9

Appendix A

Figure 12: Entropy of Caesar, Vigenere, and Playfair

10