According to Wikipedia, Transposition Cipher is a method of encryption by which the positions held by units of plaintext are shifted according to a regular system, so that the ciphertext constitutes a permutation of the plaintext. That is, the order of the units is changed. Transposition ~ the position of each character is modified according to the key and method used.
The examples of Transposition cipher are Rail Fence, Route cipher, Double Transposition, Myszkowski Transposition. There are some drawbacks associated with some of the transposition ciphers, and the worst is its vulnerability to frequency count. If the ciphertext exhibits a frequency distribution very similar to plaintext, it is mostly a transposition. They can be attacked with anagramming, meaning through sliding pieces of ciphertext and looking for sections that look like anagrams and solving them.
Transposition can be made more secure by combining it with other techniques like substitution cipher. It is also mentioned that Fractionation can enhance the technique, and at last binary technique is mentioned, but there is no considerable work done on the binary side. Yesterday night when I was solving some challenges at my favourite site, it came to my mind about enhancing the transposition techniques by working with binary numbers. When we convert the plaintext to binary, we can have better chances of making the ciphertext more unpredictable through transposition. Here I am presenting the ouline of how to randomize the transposition cipher by using 2 symmetric keys and the hash of plaintext. Hash functions like md5, sha256-512 or whirlpool.
We will need the following:
- Key-1 (alphanumeric)
- Key-2 (numeric – even length)
- Hash Function
1. Convert the plaintext(ASCII) to binary.
It can be done with a simple python function. (ref: A stackoverflow post) Here a space is used to differentiate the different ASCII characters, but in real we dont use the space between them.
1(a). Take the Hash of plaintext and store it in a variable.
2. User provides an alphanumeric key, of random length. For example, lets take it of length 10 bits. While, we assume that the plain text is of 20 bits.
3. Make the total length a multiple of 4. The total length here is 20+10 = 30 bits, and we add 2 bits here. Preferrably, in this case we add two ‘1’ bits. Total length = 32.
4. Now the first-last step comes. We have a string of 32 bits, without any spaces. We create a new string / modify our string by placing the bits in this order >> first bit – last bit – second bit – second-last bit – third bit – third-last bit – … … – sixteenth bit – seventeenth bit
This step will kind-of randomize the string.
5. User provides a numeric key of random length. Suppose the key here is 317325.
6. Our string is of 32 bits (a multiple of 4). Hence there can be 8 (= 32/4) groups of bits. Lets name them with numbers, like 1 2 3 4 5 6 7 8.
Transposition is done once again, in a different manner. The key here is 317325. First, we replace ‘3-1’7325.
So in our string, the groups of bits numbered 3 and 1 will be swapped. It becomes
3 2 1 4 5 6 7 8
Again, according to the key, one more swapping of 31’7-3’25. (Here comes a small trick: The 3rd group became the first group, and 1st group is at number 3. So the group at position 7 and at position 3 will be swapped.)
3 2 7 4 5 6 1 8
The last transposition according to the key 3173’2-5’:
3 5 7 4 2 6 1 8
7. The string is randomized. For making it complex, we reverse the first-last step. The new arrangement of bits will be >> first bit – third bit – fifth bit – … … – sixth bit – fourth bit – second bit
The string is again randomized.
8. Now we convert it back to ASCII for some more computation. The hash of the plaintext is available to us.
We take one char of our string, one char of hash, next char from string, next char of hash, … …
Continue the above process till the end of hash, and then keep the characters as-it-is.
Hence, if we consider our string characters as s(1,2,3,4,…) and hash as h(1,2,3,4,…), the new string becomes
s1 h1 s2 h2 s3 h3 … …
The length of hash depends on the Hash function used. For example, if it is md5 then 128 bits, and for whirlpool it is 512 bits.
9. Send the string to the receiver. The receiver knows which hash function was used, and hence can directly take away the bits of hash and save it for verification of plaintext.
10. The reverse process to the above given steps will decrypt the ciphertext.
Why one more transposition cipher?
The well-know ciphers which currently exist do have some or the other flaws, along with that one is common – frequency analysis. In the above given technique, the frequency analysis is nearly impossible. Also, it is much reinforced against anagram attacks.
Why one more transposition cipher in the era of asymmetric-key ciphers?
Take example of emails. People are provided with the public key encryption techniques in their mail-clients, but they seldom use it. Reason is complexity and because they dont like configuring the keys for each user and spending some time decrypting the received message. In the above given technique, the computing is less compared to the public key ciphers, and a one-time setup will work forever. Though user needs to keep changing the keys/hash-functions.
How is it different from the other techniques?
The security. Its sheild against attacks. The cryptanalyst will need to spend more time computing and guessing and playing with the binary data. Although it is vulnerable against brute-force attack, it will need intensive resources as compared to the resources which can crack the traditional transposition ciphers. One more advantage is that this technique can be used for any kind of data – text, video, image. And further this data can be converted to a different kind of data because the encryption is done at bit level. Hence it becomes expensive for the attacker to detect the type of data before doing the cryptanalysis.
I have just started working on the technique, and implementation on real-world scenarios and cryptanalysis through brute-forcing and other techniques are yet to be performed. Here I have just provided my idea on how binary translation can provide better security in transposition ciphers without the intention of criticising any of the prevelant cipher techniques.