Outlining substitution and transposition

We can define cryptography as hidden or secret writing. The concept of concealing information using secret codes began thousands of years ago. Some of the early methods to encrypt data used pen, paper, or even rings, such as the pigpen, or Freemason, cipher.

In this section, we'll take a look at early encryption techniques, called classic cryptography, which mainly used transposition and substitution. The two work in the following manner:

• Transposition ciphers transpose letters according to a pattern.
• Substitution ciphers substitute each letter with a different letter according to the key.

In addition, we'll also take a look at methods to break the encryption. Let's start with seeing how substitution works, along with an example using the pigpen cipher.

Substituting characters

Substitution techniques to encode text work by substituting one character for another. The characters can be letters, numbers, or special characters. There are several substitution ciphers. One example is the pigpen or Freemason cipher. This cipher uses a grid formation with symbols that represent the different letters, as shown in the following figure:

Figure 1.7 – Pigpen cipher code

To generate a code, you would substitute each letter with the corresponding symbol. For example, the phrase Secret message converted using a pigpen cipher would appear as the following code:

Figure 1.8 – The phrase "Secret message" converted to code using a pigpen cipher

Try this yourself by going to https://www.boxentriq.com/code-breaking/pigpen-cipher.

Another technique to scramble data is by using transposition, as we'll see next.

Transposing the text

There are several techniques to transpose text. Unlike substitution, which substitutes one character for another, transposition transposes or rearranges the characters according to a pattern.

One method to transpose characters is reversing the order of letters in a phrase. The phrase confidentiality is keeping private data private will become etavirp atad etavirp gnipeek si ytilaitnedifnoc.

Even though this is a simple transposition of characters, you might have difficulty determining what the phrase means, unless you know that the letters have been reversed.

The rail fence, or zig-zag, cipher is another transposition cipher that conceals data by using rails or separate lines of text.

For example, if we were to transpose the word TRANSPOSE by using three rails and filling in the blank spaces using other letters, we would have the following output:

Figure 1.9 – The rail fence cipher concealing text

If someone were to look at the three lines of text, they may not be able to determine the meaning, unless they know the pattern, as shown:

Figure 1.10 – The rail fence cipher with the text exposed

Both the substitution and transposition ciphers are simple ciphers where it is fairly easy to break the code to determine the plaintext. When working with methods to conceal text such as substitution and transposition, we can use various methods to break the code, as outlined next.

Breaking the code

Concurrent to creating ways to conceal data using basic cryptographic techniques came the need to break codes and ciphers by using various methods.

With classic cryptography, code-breaking is a lot like a word puzzle, where the key is found by substituting letters until you determine a match. Because some methods use transposition, you might need to evaluate the text for alternate patterns that rearrange the text in some way.

Ciphers that use one alphabet are called mono-alphabetic ciphers. If only one alphabet is used, we can employ letter frequency analysis, as described next.

Analyzing the frequency of the letters

Letter frequency analysis is a cryptographic tool. The analysis begins by determining the frequency of the letters so that the actual message can be found.

When using letter frequency analysis, English characters can be divided into groups that include the following:

• The high-frequency group includes letters such as A, E, and T.
• The low-frequency or rare group includes letters such as K, Q, X, and Z.
• Digrams are pairs of letters that include th, he, of, and it. You'll also want to consider pairs using repeating letters such as ll, oo, or ee.
• Trigrams are collections of three letters that include the, est, and, for, and his.

To adequately produce a frequency profile, you need a generous amount of characters. You can manually count the characters or use one of the applications available online, such as the one found at http://www.richkni.co.uk/php/crypta/freq.php.

If the cipher uses more than one alphabet, this will make the code more difficult to decrypt. You might even find text that doesn't use an alphabet. For example, try to decode the following message:

Figure 1.11 – Secret code

You can find the answer at the end of this chapter under the Assessments section.

As we can see, even simple cryptographic methods can conceal information from someone. The downside is the simpler the method, the easier it is to obtain the plaintext message.