Ciphers & Codes

This overview provides an introduction to the basic concepts of codes and ciphers, essential elements of cryptography in cybersecurity. Codes are systems of symbols or a technical language used to convey a hidden meaning. They convert a message into a form that looks entirely different to provide confidentiality or simplify communication.

Ciphers, on the other hand, are techniques for transforming messages to hide their content. They usually work at the level of individual letters or small groups of letters. Some ciphers can be combined to enhance security, while others are standalone encryption algorithms.

Several types of ciphers exist, including stream ciphers, block ciphers, XOR ciphers, substitution ciphers, and transposition ciphers, each with unique characteristics and application methods. Understanding the differences and applications of these concepts is crucial for Certified Information Systems Security Professionals (CISSPs) as they form the building blocks of secure communications in the digital age.

Codes

In the world of cybersecurity, a code is a systems of symbols or a technical language designed to convey a hidden meaning. The idea of to convert a message, say a phrase or sentence, into something that looks entirely different. For instance, in the military, they might use the NATO phonetic alphabet code where "Alpha" stands for 'A', "Bravo" for 'B', and so on. Codes might not necessarily provide confidentiality but can simplify or standardize communication.

Even though the NATO is a well-known code, codes can still be secret. For example, the United States has a confidential NATO phonetic alphabet for an additional layer of security.

Ciphers

A cipher, on the other hand, is a method of transforming a message to hide its content. It operates at the level of individual letters (or small groups of letters), rather than whole words or phrases.

It is possible to combine multiple ciphers to enhance the security of encrypted data. In some cases, certain ciphers may rely on the usage of other ciphers to achieve their intended level of security. It's important to note that not all ciphers require such dependencies, as some ciphers are designed to be standalone encryption algorithms capable of providing robust security.

In the following sections, we will delve into the concept of using multiple ciphers together along with standalone ciphers and provide examples to illustrate this approach.

Some of the examples in this section are heavily oversimplified to make it easy to comprehend. Real, technical ciphers use will use much more complex patterns and rules than the examples below.

Stream Cipher

This is a type of symmetric key cipher where plaintext is encrypted one bit at a time, and combined with a pseudorandom cipher digit stream. The three types of stream ciphers are very similar, with the main difference being the key legenth:

Caesar Cipher

A type of stream cipher that uses a key length of one, essentially shifting the alphabet by a certain number of positions.

Alice shifts each letter in her message "HELLO" by three positions. This gives her "KHOOR", which she sends off to Bob.

Vigenère Cipher

A type of stream cipher that uses a longer key, usually a word or sentence, which repeats for the length of the message.

Alice uses the key "KEY" to encrypt her message "HELLO". Alice uses the first letter of the key to shift the first letter of the message (H shifted by K's position becomes V), the second key letter for the second message letter (E becomes J), and so on.

Once the key is exhausted, it starts again from the beginning. This means the fourth letter of the message is shifted by the position of the first letter in the key and so on. So Alice's encrypted message becomes "VJQVS".

One-Time Pad

A type of stream cipher with four strict criteria for it's keys. To meet the criteria of a one-time pad, you must make sure:

The key is as long as the message itself.
The key is randomly generated.

Furthermore,

The key is used only once.
The key is kept secret.

Now to generate her key, she randomly draws five tiles from the bag, which gives her a key of "XMCKL", the same length as her message "HELLO". She then encrypts her message by shifting each letter of her plaintext by the corresponding letter in her key, just as she did with the Vigenère Cipher. Once used, she discards the key.

Even if an identical message is sent in the future, a new, different key will make the encryption entirely unique, achieving a level of security that's harder to crack

Block Cipher

Unlike a stream cipher, block ciphers encrypt chunks or "blocks" of data rather than one bit at a time. For example, if a block cipher has a block size of 64 bits, it takes in 64 bits of plaintext and encrypts it into 64 bits of ciphertext at once. AES (Advanced Encryption Standard) is a popular example of a block cipher.

After using stream ciphers where she encrypted her messages letter by letter, Alice decides to try block ciphers. With her message "HELLO", she decides to treat the first two letters "HE" and the last three letters "LLO" as separate blocks.

She applies her secret key to both blocks, which transforms "HE" and "LLO" completely into two different combinations of letters, "AZ" and "BNM". Even though she uses the same key, the encryption process makes the blocks look different. Her new message becomes "AZBNM".

XOR Cipher

The XOR (Exclusive OR) operation is used heavily in cryptography. It's a binary operation that flips bits. If the two binary values being XORed are the same, the result is 0; if they're different, the result is 1. It's like saying, "either this or that, but not both."

Original Value	Key Value	Cipher Value
1	1	0
1	0	1
0	1	1
0	0	0

A phrase I tell myself to remember is one of those things you might hear a motivational speaker trying to sell you a course say:

Embrace change to switch on (1); staying the same leads to a standstill (0).

Substitution Cipher

A random bit string (a nonce), which is XORed into the message, and IVs used to create unique ciphertexts. Each unit of plaintext (it could be a bit, a letter, etc.) is replaced with another symbol or group of symbols. The substitution is determined by a key, which can be changed to provide a different mapping of plaintext to ciphertext.

Alice creates a table where each letter is specifically mapped to another letter in the alphabet. This table maps 'H' to 'K', 'E' to 'H', 'L' to 'Q', and 'O' to 'Z'. Following her table, Alice substitutes each letter in her message with its counterpart, turning "HELLO" into "KHQQZ".

Initialization Vector (IV)

An IV is a random bit string (nonce) used in encryption to ensure that the same plaintext encrypted with the same key yields a different ciphertext each time. It's combined with the plaintext before the actual encryption, often using the XOR operation. This ensures even identical messages produce distinct ciphertexts, enhancing security.

Alice wants to send the same message ("HELLO") to Bob multiple times without anyone realizing it's the same. She comes up with a random string of bits that's the same length as her message. For each bit in her message, she combines it with the corresponding bit in the IV using XOR operation.

Imagine her message "HELLO" and IV "XMCKL" are both converted into a binary form. Alice then performs a bit-by-bit XOR operation between the two. This creates a unique and seemingly random binary string each time, which is then converted back into text form to create the ciphertext. When Bob receives the message, he applies the same IV in the reverse way to retrieve the original message.

This ensures that even when Alice sends "HELLO" multiple times, the encrypted message will look different every time because of the different IV used for each encryption.

Transposition Cipher

In a transposition cipher, the pieces of the plaintext are rearranged according to a specific rule defined by the key.

Instead of changing the letters in her message, Alice changes their order based on a secret key. For example, she and Bob agree on a rule to reverse the entire message. So, "HELLO" becomes "OLLEH".

Think like a C-Suite

Risk Analysis Formulas

Threat Modeling

Types of Law

Domain 2: Asset Security

Introduction & New Concepts

Frameworks

Technological Architectures

Computing Programs

Authentication & Access

Cloud & Network Security

Hardware & System Infrastructure

Threats & Countermeasures

Physical Security

Cryptographic Systems

Introduction & Concepts

Ciphers & Codes

Public Key Infrastructure (PKI)

Asymmetric vs. Symmetric

Hashing vs. Encryption

Types of Attacks

Introduction & Concepts

Net. Topologies and Cabling

Communication Models

Advanced Network Concepts

Network Architecture

Wireless & Cellular Networks

Advanced Technologies

Network Security

Network Devices & Infrastructure

Introduction & Concepts

Security Controls

Risk Management

Access Control Attacks

Identity, Access Management

Summary

Introduction & Concepts

Access Management and Operational Controls

Configuration and Vulnerability Management

Intrusion Detection and Response

Monitoring and Auditing

Computer Crime and Investigations

BCP & DRP

Introduction & Concepts

Database Concepts and Threats

Machine Learning and Artificial Intelligence

Software Development Concepts

Software Security and Threats

Systems Security Concepts

Exam 2

Ciphers & Codes

Codes

Ciphers

Stream Cipher

Caesar Cipher

Vigenère Cipher

One-Time Pad

Block Cipher

XOR Cipher

Substitution Cipher

Initialization Vector (IV)

Transposition Cipher