Ciphers and Keys

Understanding the terminology is a large part of understanding any technology, so let’s begin with some fundamentals.

Common methods that ciphers use include the following:

Substitution: This type of cipher substitutes one character for another. The example earlier used a simple cipher that substituted each letter from the alphabet with the previous letter of the alphabet. To make it more challenging, we could have shifted more than just a single character and only chose certain letters to substitute. The exact method of substitution could be referred to as the key. If both parties involved in the VPN understand the key, they can both encrypt and decrypt data.

Polyalphabetic: This is similar to substitution, but instead of using a single alphabet, it could use multiple alphabets and switch between them by some trigger character in the encoded message.

Transposition: This uses many different options, including the rearrangement of letters. For example, if we have the message “This is secret,” we could write it out (top to bottom, left to right) as shown in Example 5-3.

Example 5-3 Transposition Example

T S S R
H I E E
I S C T

We then encrypt it as RETCSIHTSSEI, which is starting at the top right and going around like a clock, spiraling inward. To know how to encrypt/decrypt this correctly, we need the correct key.

A one-time pad (OTP) is a good example of a key that is only used once. Using this method, if we want to encrypt a 32-bit message, we use a 32-bit key, also called the pad, which is used one time only. Each bit from the pad is mathematically computed with a corresponding bit from our message, and the results are our cipher text, or encrypted content. The key in this case is the one-time use pad. The pad must also be known by the receiver if he wants to decrypt the message. (Another use of the acronym OTP is for a user’s one-time password, which is a different topic than the OTP.)