Browse Definitions :
Definition

ciphertext

Ciphertext is encrypted text transformed from plaintext using an encryption algorithm. Ciphertext can't be read until it has been converted into  plaintext (decrypted) with a key. The decryption cipher is an algorithm that transforms the ciphertext back into plaintext.

The term cipher is sometimes used as a synonym for ciphertext. However, it refers to the method of encryption rather than the result.

Types of ciphers

There are various types of ciphers, including:

  • Substitution ciphers. Replace bits, characters, or character blocks in plaintext with alternate bits, characters or character blocks to produce ciphertext. A substitution cipher may be monoalphabetic or polyalphabetic:
    • A single alphabet is used to encrypt the entire plaintext message. For example, if the letter A is enciphered as the letter K, this will be the same for the entire message.
    • A more complex substitution using a mixed alphabet to encrypt each bit, character or character block of a plaintext message. For instance, the letter A may be encoded as the letter K for part of the message, but later it might be encoded as the letter W.
  • Transposition ciphers. Unlike substitution ciphers that replace letters with other letters, transposition ciphers keep the letters the same, but rearrange their order according to a specific algorithm. For instance, in a simple columnar transposition cipher, a message might be read horizontally but would be written vertically to produce the ciphertext.
  • Polygraphic ciphers. Substituting one letter for another letter, a polygraphic cipher performs substitutions with two or more groups of letters. This masks the frequency distribution of letters, making frequency analysis attacks much more difficult.
  • Permutation ciphers. In this cipher, the positions held by plaintext are shifted to a regular system so that the ciphertext constitutes a permutation of the plaintext.
  • Private-key cryptography. In this cipher, the sender and receiver must have a pre-shared key. The shared key is kept secret from all other parties and is used for encryption, as well as decryption. This cryptography is also known as "symmetric key algorithm."
  • Public-key cryptography. In this cipher, two different keys -- public key and private key -- are used for encryption and decryption. The sender uses the public key to perform the encryption, but the private key is kept secret from the receiver. This is also known as "asymmetric key algorithm."

Uses of ciphertext

Symmetric ciphers, which are typically used to secure online communications, are incorporated into many different network protocols to be used to encrypt exchanges. For example, Transport Layer Security uses ciphers to encrypt application layer data.

Virtual private networks connecting remote workers or remote branches into corporate networks use protocols with symmetric ciphers to protect data communications. Symmetric ciphers protect data privacy in most Wi-Fi networks, online banking, e-commerce services and mobile telephony.

Other protocols, including secure shell, OpenPGP and Secure/Multipurpose Internet Mail Extensions use asymmetric cryptography to encrypt and authenticate endpoints but also to securely exchange the symmetric keys to encrypt session data. For performance reasons, protocols often rely on ciphers to encrypt session data.

Ciphertext attacks

The known ciphertext attack, or ciphertext-only attack (COA), is an attack method used in cryptanalysis when the attacker has access to a specific set of ciphertext. However, in this method, the attacker doesn't have access to the corresponding cleartext, i.e., data that is transmitted or stored unencrypted. The COA succeeds when the corresponding plaintext can be determined from a given set of ciphertext. Sometimes, the key that's used to encrypt the ciphertext can be determined from this attack.

In a chosen ciphertext attack (CCA), the attacker can make the victim (who knows the secret key) decrypt any ciphertext and send back the result. By analyzing the chosen ciphertext and the corresponding plaintext they receive, the attacker tries to guess the secret key the victim used. The goal of the CCA is to gain information that diminishes the security of the encryption scheme.

Related-key attack is any form of cryptanalysis where the attacker can observe the operation of a cipher under several different keys whose values the attacker doesn't know initially. However, there is some mathematical relationship connecting the keys that the attacker does know.

Ciphertext example

One of the earliest and simplest ciphers is the Caesar cipher, which uses a symmetric key algorithm. The key acts as a shared secret between two (or more) parties that can be used to send secret information no one can read without a copy of the key.

The Caesar cipher is a substitution cipher in which each letter in the plaintext is "shifted" a certain number of places down the alphabet. For example, with a shift of 1, A would be B, B would be replaced by C, etc. The method is named after Julius Caesar, who is said to have used it to communicate with his generals.

Here is an example of the encryption and decryption steps involved with the Caesar cipher. The text to be encrypted is "defend the east wall of the castle," with a shift (key) of 1.

  • Plaintext: defend the east wall of the castle
  • Ciphertext: efgfoe uif fbtu xbmm pg uif dbtumf 
This was last updated in April 2020

Continue Reading About ciphertext

Networking
  • firewall as a service (FWaaS)

    Firewall as a service (FWaaS), also known as a cloud firewall, is a service that provides cloud-based network traffic analysis ...

  • private 5G

    Private 5G is a wireless network technology that delivers 5G cellular connectivity for private network use cases.

  • NFVi (network functions virtualization infrastructure)

    NFVi (network functions virtualization infrastructure) encompasses all of the networking hardware and software needed to support ...

Security
  • cybersecurity

    Cybersecurity is the practice of protecting internet-connected systems such as hardware, software and data from cyberthreats.

  • Advanced Encryption Standard (AES)

    The Advanced Encryption Standard (AES) is a symmetric block cipher chosen by the U.S. government to protect classified ...

  • operational risk

    Operational risk is the risk of losses caused by flawed or failed processes, policies, systems or events that disrupt business ...

CIO
  • Risk Management Framework (RMF)

    The Risk Management Framework (RMF) is a template and guideline used by companies to identify, eliminate and minimize risks.

  • robotic process automation (RPA)

    Robotic process automation (RPA) is a technology that mimics the way humans interact with software to perform high-volume, ...

  • spatial computing

    Spatial computing broadly characterizes the processes and tools used to capture, process and interact with three-dimensional (3D)...

HRSoftware
  • OKRs (Objectives and Key Results)

    OKRs (Objectives and Key Results) encourage companies to set, communicate and monitor organizational goals and results in an ...

  • cognitive diversity

    Cognitive diversity is the inclusion of people who have different styles of problem-solving and can offer unique perspectives ...

  • reference checking software

    Reference checking software is programming that automates the process of contacting and questioning the references of job ...

Customer Experience
  • martech (marketing technology)

    Martech (marketing technology) refers to the integration of software tools, platforms, and applications designed to streamline ...

  • transactional marketing

    Transactional marketing is a business strategy that focuses on single, point-of-sale transactions.

  • customer profiling

    Customer profiling is the detailed and systematic process of constructing a clear portrait of a company's ideal customer by ...

Close