Due to the fact that the knowledge of computer networking and protocols has become more widespread, it is apparent that the threat of intercepting and decoding message data during a transfer across a network has increased significantly. Inevitably this heightened knowledge has led to listening or eavesdropping - gaining access to the message contents which include passwords and other sensitive information. Perhaps more sinister, is when an intruder can use a recorded message sequence to generate a new sequence, known as masquerading.
Data encryption involves the sending party in processing all data prior to transmission so that if accidentally or deliberately intercepted while it is transferred it will be incomprehensible to the intercepting party. However, it is clear that the data must also be easily deciphered by the intended recipient. As a result most encryption methods involve the use of an encryption key, which is hopefully known only by the two correspondents. Key terminology used in the context is that prior to encryption, message data is normally referred to as plaintextciphertext.
Basic Techniques
The simplest encryption technique involves substituting the plaintext alphabet with a new alphabet, known as the ciphertext alphabet. For instance, a ciphertext alphabet can be created by simply shifting the plaintext alphabet by n places, where n is the key. Hence if 3 is the key, the resulting alphabet is:
Plaintext alphabet a b c d e f g Ciphertext d e f g h i jThe ciphertext is obtained by substituting each character in the plaintext message by the equivalent letter in the ciphertext alphabet. Obviously, a more powerful adaptation of the above is to define a ciphertext alphabet that is a random mix of the plaintext alphabet. However, shortcuts is uncovering the encryption can soon be determined because:
 | The intruder is likely to know the context in which the message data is being used and thus the type of data involved. For example, if text is being transmitted the statistical properties of text can be exploited in order to obtain short cuts to deciphering the code.
| Substituting involves replacing each character with a different character. However, the order of the symbols in the plaintext is preserved in the ciphertext.
| |
The latter disadvantage can be overcome by reordering or transposing the characters in the plaintext. For example, is a key of 4 is used then the complete message can first be divided into a set of 4-character groups.
Although more sophisticated transpositions are possible, in general, when used solely, transpositions suffer from much the same shortcomings as substitution ciphers.
Therefore most practical encryption algorithms tend to implement a combination of substitutions and transpositions - known as product ciphers. More importantly, instead of substituting/transposing the characters in a message, it is the actual order of the individual bits in each character that are transposed.
Basically there are three alternative transposition, also known as permutation, operations:
| Straight permutation - involves transposing each 8-bit input into an 8-bit output by cross-coupling each input line to a different output line, as defined by a key.
| Expanded permutation - in this instance there are a larger number of output bits than input bits - derived by reordering the input bits and passing selected input bits to more than one output.
| Compressed or choice permutation - in this case there are fewer output bits than input bits - formed by transposing only selected input bits.
| |
A practical example of product ciphers is the data encryption standard (DES), defined by the US National Bureau of Standards. Since this is now widely used various integrated circuits are now available to perform the encryption.
Lee James McMunn