Related Concepts
Definition
A substitution cipher is usually described by a sequence or list of single substitutions, each of which is commonly denoted by an arrow, like p ↦π.
Example: The Russian-English ISO transliteration (using diacritical marks) is a substitution.
A substitution may have homophones (Encryption).
A permutation is a one-to-one mapping from an alphabet to itself.
A substitution may be described by two lines: the first one being the standard alphabet and the second one being a mixed alphabet (Alphabet). An example is given below:
Note that small letters are used for the plaintext and capital letters for the ciphertext.
In mathematics, there is a commonly used, simplified notation with two lines bracketed together:
This is convenient for encryption. For decryption, it is worth while to rearrange the list:
or
There is also the cycle notation which is shorter
but this notation is inconvenient both for encryption and decryption. The cycle is generated by iterating the substitution on an arbitrarily chosen starting letter; whenever a cycle is closed, a new starting letter is chosen until all letters are exhausted.
Self-reciprocal permutations are permutations that, when applied twice, restore the original. Put equivalently, they are their own inverse. Their cycle notation shows decomposition in two-cycles and one-cycle, for example:
If a self-reciprocal permutation has no one-cycle (so n is even), there is also the following notation
The Enigma machine of the German Wehrmacht used a (properly) self-reciprocal permutation. This was thought to be particularly practical since the same machine could be used for encryption and decryption, disregarding the fact that this opened ways for a cryptanalytic attack (“Noncoincidence Exhaustion” in Cryptanalysis).
A substitution cipher in general replaces certain groups of characters by certain other groups of characters. This may be described by a list, e.g., for \({\mathbb{Z}}_{2}^{3} \rightarrow {\mathbb{Z}}_{2}^{3}\):
Some more terms that one may see in this context are given here. A monographic substitution is a substitution of single characters, while a unipartite substitution is a substitution by single characters.
A simple substitution is a substitution of single characters by single characters, so it is a monographic, unipartite substitution.
A digraphic substitution is a substitution of bigrams (ordered pairs of characters). A bipartite substitution is a substitution by bigrams. Finally, a bigram substitution is a substitution of bigrams by bigrams, so a digraphic, bipartite substitution.
In general, an n-graphic substitution is a substitution of n-tuples of characters (n-grams) and an n-partite substitution is a substitution of n-tuples of characters. Similarly, a polygraphic substitution is an n-graphic substitution, n ≥ 2, and a multipartite substitution is an n-partite substitution, n ≥ 2. A linear substitution is a block encryption \({\mathbb{Z}}_{N}^{n} \rightarrow {\mathbb{Z}}_{N}^{m}\) that is the composition of a translation t and an homogenous part ϕ which is additive with respect to addition modulo N (for all \(x,y \in {\mathbb{Z}}_{N}^{n} : \phi (x + y) = \phi (x) + \phi (y)\)).
A null is meaningless ciphertext character, the encryption image of the empty plaintext word. It is used, e.g., for swamping the plaintext statistics or masking the occurrence of idle times.
A straddling encryption or straddling cipher is a substitution with encryption steps \({V }^{(l)} \rightarrow {W}^{(m)}\), where Z (k) denotes the set of all sequences of at most k characters from Z, in formula \(\{\epsilon \} \cup Z \cup {Z}^{2} \cup {Z}^{3}\ldots \cup {Z}^{k}\), where Z n is the set of all words of length n over the alphabet Z, and ε denotes the empty word.
Example: \({Z}_{20}^{(3)} \rightarrow {\mathbb{Z}}^{(2)}\) with the homophonic substitution
Both 5 and 7 are in this example (Matteo Argenti, 1590) nulls. Other elements of \({Z}_{20}^{(3)}\) have no image, except by composition of their individual letters.
Let a block be a text of predetermined length. Then a block cipher or block encryption is a substitution with encryption steps \({V }^{n} \rightarrow {W}^{m}\), i.e., without straddling. The block length is usually rather high (for instance, the Data Encryption Standard has a block length of m = n = 64, and the Advanced Encryption Standard (Rijndael/AES) has a block length of m = n = 128, 192, or 256 bits). The same block encryption step with its key is repeated on and on, thus, each bit of ciphertext in a given block normally depends on the complete corresponding plaintext block, with as consequence the possibility of error propagation over the full block.
A stream cipher (also called stream encryption) is a substitution \({({V }^{n})}^{{_\ast}}\rightarrow {({W}^{m})}^{{_\ast}}\) between infinite series of blocks, controlled by a key generating algorithm. The generated key may have a finite period. Autokey or other cipher feedback is excluded.
A transposition cipher or tranposition does not substitute the characters of a message, but permutes their position; it may be considered as a special case of a polygraphic substitution \({V }^{n} \rightarrow {V }^{n}\) of the kind
where π is a permutation of the subscripts \(\{1,2,\ldots, n\}\). It can be performed by multiplication of \(({x}_{1},{x}_{2},\ldots, {x}_{n})\) with a permutation matrix, i.e., an \(n \times n\{0,1\}\)-matrix such that in every row and in every column, one occurs just once. This extreme property makes cryptanalysis of transposition ciphers very different from cryptanalysis of normal substitution ciphers and explains why alternating composition of substitutions and transpositions (“Pastry Dough Mixing” below) is so effective.
A grille is a tool, usually in the form of punch cards, which can be rotated to perform a transposition of the letters.
Pastry dough mixing stands for a composition of alternating substitutions and transpositions. It was already recommended by Shannon in 1949 and used, e.g., in the DES cryptosystem. The expression “pastry dough mixing” was introduced by Eberhard Hopf in the mathematical theory of compact spaces.
Recommended Reading
Bauer FL (1997) Decrypted secrets. In: Methods and maxims of cryptology. Springer, Berlin
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2011 Springer Science+Business Media, LLC
About this entry
Cite this entry
Bauer, F.L. (2011). Substitutions and Permutations. In: van Tilborg, H.C.A., Jajodia, S. (eds) Encyclopedia of Cryptography and Security. Springer, Boston, MA. https://doi.org/10.1007/978-1-4419-5906-5_176
Download citation
DOI: https://doi.org/10.1007/978-1-4419-5906-5_176
Publisher Name: Springer, Boston, MA
Print ISBN: 978-1-4419-5905-8
Online ISBN: 978-1-4419-5906-5
eBook Packages: Computer ScienceReference Module Computer Science and Engineering