1.

If you have to both encrypt and compress data during transmission, which would you do
first, and why?

Answer:- Compress first. Encrypted data (if property secure) is indistinguishable from
random data unless you know the key, and therefore not possible to compress.
Compression looks at the data and removes repetitive or empty sections,
replacing them with short codes. You should not be able to compress after you
have encrypted because the data will now be totally random and should have no
patterns and probably not even any empty space.

1. Differentiate between symmetric encryption and asymmetric encryption.

Answer - The main difference between symmetric cryptography and asymmetric

cryptography is that in symmetric cryptography, a single key is used for both encrypting
data and decrypting data. Hence it is also known as single key cryptography system. In
asymmetric cryptography, there are two keys : public key and private key. Usually Public key
is used for encrypting data and the Private key is used for decrypting data.

Due to having only one key, it is relatively easier to crack the symmetric encryption. In
asymmetric cryptography, even if one key is compromised, another key is required to
decrypt the data and hence it is harder to crack the encryption.

In assymetric encryption the private key cannot be reconstructed from the public key. The
idea of asymmetric algorithms was first published by Diffie and Hellmann in 1978.

Transport Layer Security (TLS) and Pretty Good Privacy (PGP) protocols are comprehensively
utilized and brings out by the asymmetric cryptography. Ideally, they seem to be well suited
for the real-world use. The risk of getting known is much less as the private key does not
have to be shared. Every user only required to keep one private key in secrecy and a group
of public keys that only required to be protected against being altered.

The popular symmetric cryptographic algorithms include, AES, Blowfish, RC5, DES, 3DES and
IDEA.

To encrypt the data, the sender uses this key and an encryption algorithm and likewise, to
decrypt the data, receiver uses the same key and decryption algorithm correspondingly. This
key required to be kept secret to provide privacy. It is not secure any more once someone
else gets to know the key. Also it is not preferred to use symmetric encryption method
where it uses a public network for sharing the key. The chance for malicious insertion and
modification is higher in symmetric key cryptographic techniques.
 1.

What is DES ?
Answer =
DES
Block cipher
symmetric cipher same key for encryption and decryption
64 bit plaintext block
It encrypts the data in blocks of 64 bit size using 56 bit key
16no of rounds each round is a fiestel round

Strength of DES
56 bit have 2^56 = 7.2 * 10^16 values
brute force search looks hard still
must be able to recognize plaintext
sevral analytics attack on des - statistical attacks
STEPS
initial permutation 16
fiestel rounds swapping
left right swap
final permutation / inverse intial permutation

1. Compare DES and RSA

Answer - DES operates on 64 -bit blocks of data v initial permutation v 16 rounds of
transformations each using a different encryption key Per-round key generation in DES
q Each key derived from a 56 -bit master by mangling function based on splitting,
rotating, bit extraction and combination Symmetric (secret) key cryptography q q q Fast
for encryption and decryption Difficult to break analytically Subject to brute force attacks
v q as computers get faster must increase the number of rounds and length of keys
Main problem v how to distribute the keys in the first place? Public-key cryptography q q
Use different keys for encryption and decryption Knowing the encryption key doesn’t
help you decrypt v v v q the encryption key can be made public encryption key is given
to sender decryption key is held privately by the receiver
 1.

1. When a combination of symmetric encryption and an error control code is used for
message authentication, in what order must the two functions be performed ?
Answer – Error control code then encryption
What is a firewall.?
Answer - A firewall is a type of cybersecurity tool that is used to filter traffic on a
network. ... The primary goal of a firewall is to block malicious traffic requests
and data packets while allowing legitimate traffic through.
• It acts as a shield to protect your system from the untrusted, non-reliable systems
connected to the internet.
• In technical terms firewall is a piece of software hardware or both that allows only
selected packet to pass from the internet to your private system.
• Firewall is installed on a standalone system that may or may not be networked
i.e. it usually connects to an ISP.
• a. Packet filter
• b. Application Gateway
a. Packet filter: A packet filter applies a set of rules to each packet & based on
the outcome, divides to either forward or discard the packet. It is also called as
screening router or screening filter.
• It receives each packet & check with the rule.
• Suppose the rule is block all the packets then the firewall will block all the
packets to enter the internal system.
b. Application Gateway : Application gateway is also called as 'proxy
server', this is because it acts like a proxy & decide about the flow of application
level traffic.

9. Differentiate the different types of attacks on data during transmission.

 Answer -

2. 9. Differentiate between threat and vulnerability.

Answer - Vulnerability:Vulnerability is a weakness in the security system, for example in
procedures,design or implementation that might be exploited to cause loss or harm. For
instance a particularsystem may be vulnerable to unauthorized data manipulation because
the system does not verifya users identity before allowing data access.Threat: A threat to
a computing system is a set of circumstances that has the potential to causeloss or harm.
To see the difference between a threat and vulnerability, consider the illustration.There
are many threats to a computer system, including human initiated and
computerinitiatedones

Differentiate between attack, service and mechanism

Answer - - [x] SECURITY ATTACK
Any action that comprimises the security of information owned by an oragnization
------------------------------------------------------------------------------------------------------------
---------
- [x] SECURITY MECHANISM
A process or a device incorporating a process that is designed to detect, prevent or
recover from a security attack
------------------------------------------------------------------------------------------------------------
---------
- [x] SECURITY SERVICE
Enhance security of data processing systems and information transfers
of an organization
Intended to counter security attacks
Using one or more security mechanisms
 Often replicates functions normally associated with physical documents
• Which, for example, have signatures, dates; need protection from
disclosure, tampering, or destruction; be notarized or
witnessed; be recorded or licensed
X.800:
“a service provided by a protocol layer of communicating open systems, which
ensures adequate security of the systems or of data transfers”
Rfc 2828:
“a processing or communication service provided by a system to give a specific kind of
protection to system resources”

3. What are the major vulnerabilities that a computer system is subjected to? Bugs.
Weak passwords.
Software that is already infected with virus.
Missing data encryption.
OS command injection.
SQL injection.
Buffer overflow.
Missing authorization.

4. What are the different mechanisms provided to assure security.

Ans - Cryptography. Message digests and digital signatures. Digital certificates.
Secure Socket Layer (SSL) Encryption. Authentication. Firewalls.

5. What are the 3 independent dimensions on which all cryptographic systems are
characterized?
Ans – Characterize cryptographic system by: Type
of encryption operations used
• Substitution / transposition / product
Number of keys used
• Single-key or private / two-key or public
Way in which plaintext is processed
• Block / stream

6. Differentiate the concepts unconditionally secure and computationally secure.

Ans – Unconditionally secure = no amount of computer power can recover the plain text
given the cipher text.

Computationally secure = The encryption algorithm has been proven through mathematical
analysis to resist any “shortcuts” which allow recovery of plain text from the cipher text.
Unconditional depends typically on the life of the secret. If the secret must be preserved for
50 years, then unconditional security will give at least 50 years of protect from cracking.

7. What is one time pad technique.

Ans – If a truly random key as long as the message is used the cipher will be
secure and called one time pad it is unbreakable since cipher text bears no
statistical relationship to the plaintext. Considered very secure method this
method involves the usage of a key which is used only once and then discarded
forever.

8. What are the different transpositions methods for encryption ?

Ans –
- [ ] Transposition cipher or permutation cipher
In transposition cipher we hide the message by rearranging the letter order
without altering the actual letters used
1) Rail Fence Cipher -> It invloves writing plain text as a sequence of diagonals
and then reading it row by row to produce cipher text.
2) Simple columnar transposition technique -> The simple transposition
technique simply arranges the plain text as a sequence of rows of a rectangle
that are read in columns randomly.
3)Vernam cipher -> Vernam cipher uses one time pad which is discarded after a
single use and therefore it suitable only for short messages.

9. What are the different techniques for steganography. Ans – An alternative to

encryption
Hides existence of message
Using only a subset of letters/words in a longer message marked in some
way
Using invisible ink
Hiding in lsb in graphic image or sound file
Has drawbacks
High overhead to hide relatively few info bits
The methods are LSB coding, echo hiding, parity coding etc

10. Differentiate between encryption and decryption algorithms. Ans – Encryption is a

process of converting a plain text into an encrypted or cipher text. Decryption
is a process of converting the encrypted or cipher text into plain text. ... Any
message to be encrypted using a secret key or public key. Any message to be
decrypted using a secret key or private key.
11. Differentiate the concepts confusion and diffusion with respect to data security. Ans –
Confusion is employed for making uninformed cipher text whereas diffusion is
employed for increasing the redundancy of the plain text over the foremost a part
of the cipher text to create it obscure. The stream cipher solely depends on
confusion, or else, diffusion is employed by each stream and block cipher.

12. What do you mean by avalanche effect.

Ans – The Avalanche Effect refers to the fact that for a good cipher, changes in
the plaintext affect the ciphertext. The algorithm produces a completely different
output for a minimally changed input. For example, the SHA-1 checksum
algorithm and the AES encryption algorithm show a strong avalanche effect.

13. How can you provide authentication to your messages using public key cryptography?
Ans – Authentication is provided by taking a piece of text, encrypting it using
the private key which is only known by you. If it can be decrypted using your
public key, then it is known to be encrypted by you. This then functions to
authenticate the text. In this way, a recipient with the sender's public key can
verify that it was indeed the sender who originated the message. This is called a
digital signature. Public-key encryption thus provides for both confidentiality
and authentication. The benefits of public-key encryption are clear.

14. How can you provide both secrecy and authentication to your messages using public key
cryptography?
Ans – The public key is used to encrypt the data and private key is used to
decrypt when the message confidentiality has to be maintained.
Authentication can be provided by using the PKC system and RSA algorithm
(RFC 3447). The message is encrypted using the private key of the sender to
authenticate the sender. Public-key encryption thus provides for both
confidentiality and authentication. The benefits of publickey encryption are
clear. The sender and recipient no longer need to communicate previously, nor
do they need to exchange private keys to send a communication that is signed
and secure.

15. Ans – What is a public key certificate?

Ans - In cryptography, a public key certificate, also known as a digital
certificate or identity certificate, is an electronic document used to prove the
ownership of a public key.
A public key certificate is a digitally signed document that serves to validate the
sender's authorization and name

16. What is a digital signature?

Ans-
Digital signatures are the public-key primitives of message authentication. In the physical
world, it is common to use handwritten signatures on handwritten or typed messages.
They are used to bind signatory to the message.
Similarly, a digital signature is a technique that binds a person/entity to the digital data.
This binding can be independently verified by receiver as well as any third party.
Digital signature is a cryptographic value that is calculated from the data and a secret
key known only by the signer.

17. What is the difference between direct and arbitrated digital signature.
Ans –
The Direct Digital Signature is only include two parties one to send
message and other one to receive it. According to direct digital signature
both parties trust each other and knows there public key. The message are
prone to get corrupted and the sender can declines about the message
sent by him any time. The Arbitrated Digital
Signature includes three parties in which one is sender, second is receiver
and the third is arbiter who will become the medium for sending and
receiving message between them. The message are less prone to get
corrupted because of timestamp being included by default.

18. What is R64 conversion? How is it useful for an e-mail application.

Ans – The reason R64 conversion is useful for an email application is
because it blindly converts the input stream to radix-64 format regardless of the
content, even if the input happens to be ASCII text. Most email mail systems only
permit the use of blocks consisting of ASCII text, so PGP must provide a service
(Radix-64, or R64) of converting the raw 8-bit binary stream to a stream of
printable ASCII characters. The reason R64 conversion is useful for an email
application is because it blindly converts the input stream to radix-64 format
regardless of the content, even if the input happens to be ASCII text. In other
words, if the message is signed (but not encrypted) and the conversion is applied
to the entire block, the output will still be unreadable to the casual observer. This
provides a certain degree of confidentiality.

19. What are the two common techniques used to protect a password file?
Ans – hashed passwords as well as a salt value or password file access
control.
# One way function:
The system stores only the value of the function based on the user's
password. When the user presents a password, the system transforms that
password and compares it with the stored value. In practice, the system
 usually performs a one way transformation .its means not reversible in which
the password is used to generate a key for the one way function and in
which a fixed length output is the produced.

# Access control:
The Access to the password file is limited to one or a very few accounts.

20. What are the 3 different types of indruders.?

Ans

• Masquerader – unauthorized user who penetrates a

system exploiting a legitimate user’s account (outside)
• Misfeasor - legitimate user who makes unauthorized
accesses or misuses his privileges (inside)
• Clandestine user - seizes supervisory control to evade
auditing and access controls or suppress audit collection
(inside|outside)

21. What are the different types of virus?

Ans
• Macro Virus. This type of computer virus is normally found in Microsoft Office
programs. ...
• Boot Sector Virus. ...
• Trojan Horses. ...
• Overwrite Virus. ...
• Browser Hijacker. ...
• Web Scripting Virus. ...
• Polymorphic Virus. ...
• Resident Virus.

22. Differentiate between email virus and macrovirus

Ans A macro virus is a computer virus written in the same macro language
used for software programs, including Microsoft Excel or word processors
such as Microsoft Word. When a macro virus infects a software application, it
 causes a sequence of actions to begin automatically when the application is
opened.

Since a macro virus centers on an application and not an operating system, it

typically can infect any computer running any operating system, even those
running MacOS and Linux.

An email virus consists of malicious code that is distributed in email messages,

and it can be activated when a user clicks on a link in an email message, opens
an email attachment or interacts in some other way with the infected email
message.

23. What are the two categories of malicious program? Ans

• Computer Virus. A computer virus is a malicious software which self-replicates and
attaches itself to other files/programs. ...
• Worms. ...
• Trojan Horses. ...
• Spyware/Adware. ...
• Rootkit. ...
:
24. Diffrentiate between a logic bomb and time bomb.
Ans The main differences between logic bombs and time bombs is that a
logic bomb may have a timing function implemented into it as a failsafe if the
conditions are not met in a certain time period (it may delete itself or activate its
payload using the timing system), while time bombs only use timing functions
to (de)

25. What is Trojan horse.

Ans A trojan, or trojan horse, is a malware widely used for hacking and stealing
data. ... Trojans don't auto-replicate or infect other files, unlike their fellow viruses
and worms. In order to spread, trojans require user interaction, such as opening
an email attachment or running a downloaded file from the internet.

26. What is a honeypot?

A honeypot is an information system resource whose value lies in unauthorized
or illicit use of that resource.

1. Differential Encryption key

Ans - It is used to analyse most current block ciphers with varying degrees of success
It is a statistical attack against FEistel ciphers it
uses cipher structure which is not previously used
it compares two related pairs of encryptions with a known difference in the input
searching for a known difference in output when same subkeys are used

2. DES Algo Ans - Block cipher

symmetric cipher same key for encryption and decryption
64 bit plaintext block
It encrypts the data in blocks of 64 bit size using 56 bit key
16no of rounds each round is a fiestel round
Strength of DES
56 bit have 2^56 = 7.2 * 10^16 values brute
force search looks hard still must be able to
recognize plaintext sevral analytics attack on
des - statistical attacks
STEPS
initial permutation 16
fiestel rounds swapping
left right swap
final permutation / inverse intial permutation

Elgamal
Ans -
What is confidentiality
How to achieve confidentiality
How 3rd party is useful in transaction of message
Port no of https
Passive attack active attack
Draw any transposition technique What
is digital signature x.509 certificate
format key distribution technique
format with kdc phases how to share
secret key what is cyber crime
he use of a computer as an instrument to further illegal ends, such as committing
fraud, trafficking in child pornography and intellectual property, stealing identities, or
violating privacy. what is patent copyright
Copyrights protect “original works of authorship,” such as writings, art,
architecture, and music. Copyright secures Creative or intellectual creations.
Trademarks secure the branding under which products and services are sold.
Patent secures inventions that are useful for the world and has some use
explain about DES
explain about HMAC
how to attain integrity confidentiality authenticity
 explain RSA Elgamal what
is ssh
hash value – fixed or variable value what
is message digest

Asymmetric Keys Two related keys, a public key and a private key, that are used to perform complementary
operations, such as encryption and decryption or signature generation and signature verification.

Public Key Certificate

A digital document issued and digitally signed by the private key of a Certification Authority that binds the
name of a subscriber to a public key. The certificate indicates that the subscriber identified in the certificate
has sole control and access to the corresponding private key.

Public Key (Asymmetric) Cryptographic Algorithm

A cryptographic algorithm that uses two related keys, a public key and a private key. The two keys have the
property that deriving the private key from the public key is computationally infeasible.

Public Key Infrastructure (PKI)

A set of policies, processes, server platforms, software and workstations used for the purpose of
administering certificates and public-private key pairs, including the ability to issue, maintain, and revoke
public key

certificates.

Asymmetric algorithms rely on one key for encryption and a different but related key for decryption. These
algorithms have the following important characteristic. ■ It is computationally infeasible to determine the
decryption key given only knowledge of the cryptographic algorithm and the encryption key. In addition,
some algorithms, such as RSA, also exhibit the following characteristic. ■ Either of the two related keys can
be used for encryption, with the other used for decryption. A public-key encryption scheme has six
ingredients (Figure 9.1a; compare

with Figure 3.1). ■ Plaintext: This is the readable message or data that is fed into the algorithm as input.

■ Encryption algorithm: The encryption algorithm performs various transfor-

mations on the plaintext.

Public and private keys: This is a pair of keys that have been selected so that if one is used for encryption,
the other is used for decryption. The exact transformations performed by the algorithm depend on the
public or private key that is provided as input.
■ Ciphertext: This is the encrypted message produced as output. It depends on the plaintext and the key.
For a given message, two different keys will produce

two different ciphertexts.

use of public-key cryptosystems into three categories ■ Encryption/decryption: The sender encrypts a
message with the recipient’s

public key, and the recipient decrypts the message with the recipient’s private key.

■ Digital signature: The sender “signs” a message with its private key. Signing is achieved by a cryptographic
algorithm applied to the message or to a small block of data that is a function of the message.

■ Key exchange: Two sides cooperate to exchange a session key, which is a secret key for symmetric
encryption generated for use for a particular transaction (or session) and valid for a short period of time.
Several different approaches are

possible, involving the private key(s) of one or both parties

Unit I
******************************************************************************
******************************
- [x] Overview and Classical Encryption Techniques:
- [x] Computer Security Concepts,
- [x] The OSI Security Architecture,
- [x] Security Attacks,
- [x] Security Services,
- [x] Security Mechanisms,
- [x] A Model for Network Security.
- [x] Symmetric Cipher Model,
- [x] Substitution Techniques,
- [x] Transposition Techniques,
- [x] Rotor Machines.
- [x] Block Cipher Principles,
- [x] The Data Encryption Standard (DES),
- [x] A DES Example, The Strength of DES, Differential and Linear Cryptanalysis,
- [x] Block Cipher Design Principles.

-----------------------------------------------------------------------------------

- [x] For converting plain text into cipher text we use classical encryption techniques :
- [x] Substitution Technique
- [x] Transposition Technique
- [x] Product cipher -> Substitution Technique + Transposition Technique
 Substitutio- [ ]n Technique
1) Caesar cipher -> where letters of plain text are replaced by other characters or letters or
numbers or symbols. replaced each letter by 3rd letter on.
2) Mono alphabetic cipher -> jumble the letters arbitrarily each plain text maps to a different
random ciphertext letter hence key is 26 letters long
3) Play fair cipher -> plaintext is encrypted two letters at a time
4) Polyalbhabetic cipher -> improve security using multiple cipher alphabets use a key to select
which alphabet is used for each letter of the message use each alphabet in turn
5) Vignere cipher -> simplest polyalphabetic substitution cipher
6) Auto key cipher -> keuword is prefixed to message as key

- [x] One time pad -> If a truly random key as long as the message is used the cipher will be
secure and called one time pad it is unbreakable since cipher text bears no statistical
relationship to the plaintext. Considered very secure method this method involves the usage of
a key which is used only once and then discarded forever.

********************************
SUBSTITUTION TECHNIQUE
*******************************

- [x] CAESAR CIPHER

- [x] MONOALPHABETIC CIPHER
- [x] PLAYFAIR CIPHER
- [x] POLYALPHABETIC CIPHER
- [x] VIGNERE CIPHER
- [x] AUTOKEY CIPHER

- [x] Transposition cipher or permutation cipher

In transposition cipher we hide the message by rearranging the letter order without altering the
actual letters used
1) Rail Fence Cipher -> It invloves writing plain text as a sequence of diagonals and then reading
it row by row to produce cipher text.
2) Simple columnar transposition technique -> The simple transposition technique simply
arranges the plain text as a sequence of rows of a rectangle that are read in columns randomly.
3)Vernam cipher -> Vernam cipher uses one time pad which is discarded after a single use and
therefore it suitable only for short messages.

********************************
TRANSPOSITION TECHNIQUE
********************************
- [x] RAIN FENCE TECHNIQUE
- [x] SIMPLE COLUMNAR TRANSPOSITION TECHNIQUE
- [x] VERNAM CIPHER
---------------------------------------------------------------------------------------------------------------
- [x] CONFIDENTIALITY
It assures that private or confidential information not made available or diclosed to
unauthorized individuals
---------------------------------------------------------------------------------------------------------------
- [x] INTEGRITY
It ensures that received is as sent by an authorized entity. A loss of integrity is the unauthorized
modification or destruction of information.
----------------------------------------------------------------------------------------------------------------
- [x] AVAILABILITY
Ensuring timely and reliable access to and use of information. A loss of availability is the
disruption of access to or use of information or an information system.
------------------------------------------------------------------------------------------------------------------
- [x] AUTHENTICITY
Verifying that users are who they say they are and that each input arriving at the system came
from a trusted source.
----------------------------------------------------------------------------------------------------------------------
- [x] ACCOUNTABILITY
Protection against denial by one of the parties in a
communication (Non-repudiation)
---------------------------------------------------------------------------------------------------------------------
- [x] ACCESS CONTROL
Prevention of the unauthorized use of a resource
--------------------------------------------------------------------------------------------------------------------
- [x] SECURITY ATTACK
Any action that comprimises the security of information owned by an oragnization
----------------------------------------------------------------------------------------------------------------------
- [x] SECURITY MECHANISM
A process or a device incorporating a process that is designed to detect, prevent or recover from
a security attack
----------------------------------------------------------------------------------------------------------------------
- [x] SECURITY SERVICE
Enhance security of data processing systems and information
transfers of an organization
Intended to counter security attacks
Using one or more security mechanisms
Often replicates functions normally associated with physical
documents
• Which, for example, have signatures, dates; need protection
from disclosure, tampering, or destruction; be notarized or
witnessed; be recorded or licensed
X.800:
“a service provided by a protocol layer of communicating open systems, which
ensures adequate security of the systems or of data transfers”
Rfc 2828:
“a processing or communication service provided by a system to give a specific kind
of protection to system resources”
-----------------------------------------------------------------------------------------------------------------
- [x] ACTIVE ATTACK AND PASSIVE ATTACK
A passive attack attempts to learn or make use of information from the system but does not
affect system re-
sources. An active attack attempts to alter system resources or affect their operation.
-------------------------------------------------------------------------------------------------------------
- [x] PASSIVE ATTACK
release of message contents
traffic analysis
---------------------------------------------------------------------------------------------------------------
- [x] ACTIVE ATTACK
A masquerade takes place when one entity pretends to be a different entity
Replay involves the passive capture of a data unit and its subsequent retransmission to produce
an unauthorized effect
Modification of messages simply means that some portion of a legitimate message is altered, or
that messages are delayed or reordered, to produce an unauthorized effect
The denial of service prevents or inhibits the normal use or management of communications
facilities
----------------------------------------------------------------------------------------------------------------
- [x] SYMMETRIC ENCRYPTION
Sender and recipient share a common key
All classical encryption algorithms are private-key
Was only type prior to invention of public-key in 1970’s
And by far most widely used
--------------------------------------------------------------------------------
- [x] SOME BASIC TERMINOLOGY
Plaintext - original message
Ciphertext - coded message
Cipher - algorithm for transforming plaintext to ciphertext
Key - info used in cipher known only to sender/receiver
Encipher (encrypt) - converting plaintext to ciphertext
Decipher (decrypt) - recovering ciphertext from plaintext
Cryptography - study of encryption principles/methods
Cryptanalysis (codebreaking) - study of principles/ methods of
deciphering ciphertext without knowing key
Cryptology - field of both cryptography and cryptanalysis
--------------------------------------------------------------------------------
- [x] CRYPTOGRAPHY
Characterize cryptographic system by:
Type of encryption operations used
• Substitution / transposition / product
Number of keys used
• Single-key or private / two-key or public
Way in which plaintext is processed
• Block / stream
-----------------------------------------------------------------
- [x] CRYPTANALYSIS
Objective to recover key not just message
General approaches:
Cryptanalytic attack
Brute-force attack
-------------------------------------------------------------------
- [x] CRYPTANALYTIC ATTACKS
Ciphertext only
Only know algorithm & ciphertext, is statistical, know or can identify
plaintext
Known plaintext
Know/suspect plaintext & ciphertext
Chosen plaintext
Select plaintext and obtain ciphertext
Chosen ciphertext
Select ciphertext and obtain plaintext
Chosen text
Select plaintext or ciphertext to en/decrypt
Unconditional security
No matter how much computer power or time is available, the cipher
cannot be broken since the ciphertext provides insufficient
information to uniquely determine the corresponding plaintext
Computational security
Given limited computing resources (eg time needed for calculations is
greater than age of universe), the cipher cannot be broken
------------------------------------------------------
- [x] BRUTE FORCE SEARCH
Always possible to simply try every key
Most basic attack, proportional to key size
Assume either know / recognise plaintext
---------------------------------------------------------------------------
- [x] STEGANOGRAPHY
An alternative to encryption
Hides existence of message
Using only a subset of letters/words in a longer message marked in
some way
Using invisible ink
Hiding in lsb in graphic image or sound file
 Has drawbacks
High overhead to hide relatively few info bits
-- ----------------------------------------------------------------
- [x] MODERN BLOCK CIPHERS
Now look at modern block ciphers
One of the most widely used types of cryptographic algorithms
Provide secrecy /authentication services
Focus on des (data encryption standard)
To illustrate block cipher design principles
-----------------------------------------------
- [x] BLOCK VS STREAM CIPHERS
Block ciphers process messages in blocks, each of which is then
en/decrypted
Like a substitution on very big characters
64-bits or more
Stream ciphers process messages a bit or byte at a time when en/decrypting
Many current ciphers are block ciphers
Broader range of applications

----------------------------------------------------------------------------------
- [x] BLOCK CIPHER PRINCIPLES
Most symmetric block ciphers are based on a feistel cipher structure
Needed since must be able to decrypt ciphertext to recover messages
efficiently
Block ciphers look like an extremely large substitution
Would need table of 264 entries for a 64-bit block
Instead create from smaller building blocks
Using idea of a product cipher
--------------------------------------------------------------
- [x] Block cipher characteristics
• Features seen in modern block ciphers are:
– Variable key length / block size / no rounds
– Mixed operators, data/key dependent rotation
– Key dependent s-boxes
– More complex key scheduling
– Operation of full data in each round
– Varying non-linear functions
Stream ciphers
• Process the message bit by bit (as a stream)
• Typically have a (pseudo) random stream key
• Combined (xor) with plaintext bit by bit
• Randomness of stream key completely destroys any statistically properties
in the message
– Ci = mi xor streamkeyi
• What could be simpler!!!!
• But must never reuse stream key
– Otherwise can remove effect and recover messages
----------------------------------------------------------------------------------
- [x] ROTOR MACHINE
- [x] In cryptography, a rotor machine is an electro-mechanical stream cipher device used for
encrypting and decrypting messages. Rotor machines were the cryptographic state-of-the-art
for a prominent period of history; they were in widespread use in the 1920s–1970s.
---------------------------------------------------------------------------------------------------------------------
- [x] National Institute of Standards and Technology: NIST
- [ ] Internet Society: ISOC
- [ ] ITU-T: The International Telecommunication Union (ITU)
- [ ] ISO: The International Organization for Standardization (ISO)
---------------------------------------------------------------------------------------------------
- [x] The Data Encryption Standard (DES),
- [x] A DES Example
- [x] The Strength of DES
- [x] Differential and Linear Cryptanalysis

DES
Block cipher
symmetric cipher same key for encryption and decryption
64 bit plaintext block
It encrypts the data in blocks of 64 bit size using 56 bit key
16no of rounds each round is a fiestel round

Strength of DES
56 bit have 2^56 = 7.2 * 10^16 values
brute force search looks hard
still must be able to recognize plaintext
sevral analytics attack on des - statistical attacks
STEPS
initial permutation
16 fiestel rounds
swapping left right swap
final permutation / inverse intial permutation

64 bit plain text initial key = 64 bit

| 56 bit
initial permutation <- 48 bit key | 48 bt
Round 1 <-
.
.
.
 Round 16
|
inverse initial permutation
|
64 bit cipher text

fiestel round

Differential Cryptanalysis
It is used to analyse most current block ciphers with varying degrees of success
It is a statistical attack against FEistel ciphers
it uses cipher structure which is not previously used
it compares two related pairs of encryptions with a known difference in the input
searching for a known difference in output when same subkeys are used

Linear Cryptanalysis
stastitcal methos
must be iterated over rounds with decreasing probabilities
based on finding linear approximations
can attack des with 2^43 known plaintexts easier but still in practise infeasible

DES design criteria

& criteria for Sboxes provide for
non lineraty
resistance to differential cryptanalysis
good confusion
3 criteria for permutation provide for increased diffusion