## Background

Early cryptographic algorithms [KAHN67, BECK82] manipulated the plaintext
input character by character using the methods of substitution and
transposition. A substitution operation, also referred to as a permutation,
replaces a character of the input stream by a character from the alphabet set of
the target ciphertext. A transposition, on the other hand, replaces a character
from the input stream by another character of that same input, resulting in
shuffling character positions and preserving all characters of the plaintext in
the final ciphertext. An example of a substitution is the famous Caesar cipher
which is said to have been used by Julius Caesar to communicate with his army.
The cipher replaces each character of the input text by the third character to
its right in the alphabet set augmented with the blank character. Formally, this
transformation consists of adding 3 to the position of the input character then
taking *modulo 26* to yield the substituting character. If we assign
numerical equivalents of *0-25* to the *26*-letter alphabet A-Z, the
transformation sends each plain character *P* onto *f(P) = P + 3 modulo
26*. Figure 1.1 shows how this simple transformation is applied to the input
"RETURN TO BASE" to yield the ciphertext "UHWXUQ WR
EDVH".

**FIGURE 1.1 A simple substitution cipher**

A transposition cipher, generally, consists of first breaking the plaintext into separate blocks. A deterministic procedure is then applied to shuffle characters across different blocks. Figure 1.2 illustrates a character transposition example in which the secret message "RETURN TO BASE" is split into two blocks consisting of "RETURN" and "TO BASE" then characters are shuffled across the two blocks in a cyclic fashion to result in the ciphertext of "ROTBRS TE UANE".

**FIGURE 1.2 An example of a transposition ciphering/deciphering transformation**

Another example of a simple transposition cipher is writing the plaintext along a two-dimensional matrix of fixed rows and columns then simply transposing the matrix. Figure 1.3 illustrates the plaintext of "RETURN TO BASE" inserted into a 2 by 9 matrix which is then transposed to result in a columnar transposition cipher. To decrypt the ciphertext, the inverse transposition is applied by first rearranging the ciphertext into a 9 by 2 matrix then taking the transpose as shown in Figure 1.3

**FIGURE 1.3 A columnar transposition cipher**

Generally, transposition ciphers are easy to break but composing them by setting the result of one transposition as the input of another one, greatly enhances the ciphering against attacks.

Even though it employs a very basic algorithm, the substitution example points to the concept of secret key cryptography (the number of positions to shift right). Keeping the key secret while divulging the algorithm will, in this case, lead to recovering the plaintext through an exhaustive process of the key space which simply consists of the set of integers {1, 2, 3, 4, ..., 26}. The strength of the methods used in this era rested on the secrecy of the encryption algorithm itself. Note that in our simple example revealing the encryption algorithm leads almost immediately to the compromise of any data that it protects.

With the advent of electronic computers, early modern cryptography [KONH81,
BECK82, DENN83] carried on these same concepts, employing transposition and
substitution transformations. The primary difference is that these
transformations now apply at the bit level of the binary representation of data
instead of characters only. A common such transformation is the **XOR**
operation that we discuss next.