Professional Documents
Culture Documents
Gwalior
Department of Information Technology
Network security is any activity designed to protect the usability and integrity of
your network and data.
Confidentiality:
The degree of confidentiality determines the secrecy of the information. The
principle specifies that only the sender and receiver will be able to access the
information shared between them. Confidentiality compromises if an unauthorized
person is able to access a message.
Authentication:
Authentication is the mechanism to identify the user or system or the entity. It
ensures the identity of the person trying to access the information. The
authentication is mostly secured by using username and password.
Integrity:
Integrity gives the assurance that the information received is exact and accurate. If
the content of the message is changed after the sender sends it but before reaching
the intended receiver, then it is said that the integrity of the message is lost.
Course I/C: Neha Bhardwaj (Deptt. of IT, MITS)
Non-Repudiation:
Non-repudiation is a mechanism that prevents the denial of the message content
sent through a network. In some cases the sender sends the message and later
denies it. But the non-repudiation does not allow the sender to refuse the receiver.
Access control:
The principle of access control is determined by role management and rule
management. Role management determines who should access the data while rule
management determines up to what extent one can access the data. The information
displayed is dependent on the person who is accessing it.
Availability:
The principle of availability states that the resources will be available to authorize
party at all times. Information will not be useful if it is not available to be accessed.
Systems should have sufficient availability of information to satisfy the user
request.
Modification
◼ an unauthorized party changes the state of an asset: Integrity
Fabrication
◼ an unauthorized party counterfeits an asset
Active attacks: An Active attack attempts to alter system resources or effect their
operations. Active attack involve some modification of the data stream or creation
of false statement. Types of active attacks are as following:
Masquerade –
Masquerade attack takes place when one entity pretends to be different entity. A
Masquerade attack involves one of the other form of active attacks.
Modification of messages –
It means that some portion of a message is altered or that message is delayed or
reordered to produce an unauthorised effect. For example, a message meaning
“Allow JOHN to read confidential file X” is modified as “Allow Smith to read
confidential file X”.
Replay –
It involves the passive capture of a message and its subsequent the transmission to
produce an authorized effect.
Denial of Service –
It prevents normal use of communication facilities. This attack may have a specific
target. For example, an entity may suppress all messages directed to a particular
destination. Another form of service denial is the disruption of an entire network
wither by disabling the network or by overloading it by messages so as to degrade
performance.
Modular Arithmetic
Modular arithmetic is a system of arithmetic for integers, where values reset
to zero and begin to increase again, after reaching a certain predefined value, called
the modulus (modulo)
Let ZN be a set of all non-negative integers that are smaller than N:
ZN = {0,1,2,...,N-1} where: N is a positive integer,
if N is a prime, it will be denoted p (and the whole set as Zp).
To determine the value of an integer for a modulus N, one should divide this
number by N. Its value in ZN is equal to the remainder of the division
Caeser Cipher.
Modified version of Ceaser cipher.
Monoalphabetic cipher.
Homophonic cipher.
Polygram substitution cipher.
Polyalphabatic substitution cipher.
Caesar cipher: Caesar cipher using a left rotation of three places (the shift parameter,
here 3, is used as the key)
Plain Text: ABCDEFGHIJKLMNOPQRSTUVWXYZ
Cipher Text: DEFGHIJKLMNOPQRSTUVWXYZABC
Encryption: E_n(x) = (x + n) \mod {26} //x is plain text, n is key always =3.
Decryption: D_n(x) = (x - n) \mod {26}
Modified version of Caesar cipher: Here the value of “n” is not fixed . Hence A can
be replaced by 26 characters and similarly others. So the probability is
26*25*…*1.
E_n(x) = (x + n) \mod {26}// n=1 to 26
D_n(x) = (x - n) \mod {26}
Monoalphabetic cipher: Instead of using a shifted alphabet, allow the use of any
shuffle of the alphabet.
For encryption, look up letter in top line, write down equivalent from bottom line.
ABCDEFGHIJKLMNOPQRSTUVWXYZ
UFKCOQRGMYTHZEJBILDVPSWANX
For decryption, look up letter in bottom line, write down equivalent from top line.
XPDSNBHLQOCRIYEUFGVKATWZJM
ABCDEFGHIJKLMNOPQRSTUVWXYZ
The only difference is that the encryption key has the columns sorted in order of their
plaintext letter, but the decryption key has them in order of their cryptotext letter.
Homophonic substitution: Plaintext letters map to more than one ciphertext symbol.
Frequency distribution is flattened, making analysis more difficult.
A = DBHK
B = KLPS etc
Polygram substitution cipher: Here blocks of plain text alphabets are replaced by
block of cipher text alphabets.
HELLO = YUQQW
HELL = TEUI etc
Rail Fence Technique: Writing plain text as a sequence of diagonals and then reading
it row by row to produce cipher text.
For example, using three "rails" and a message of 'WE ARE DISCOVERED. FLEE
AT ONCE', the cipherer writes out:
W . . . E . . . .C . . . . R . . . .L . . . . T . . . . . E .
.E . R . D . S . O . E . E . F . E . A . O . C . .
. A . . . I . . . . .V . . . . D . . . E . . . . N . .
Cipher text:
WECRL TEERD SOEEF EAOCA IVDEN
Plain Text H O W A R E Y O U
7 14 22 0 17 4 24 14 20
One Time pad N C B T Z Q A R X
13 2 1 19 25 16 0 17 23
Total 20 16 23 19 42 20 24 31 43 (Subtract 26, if >25)
20 16 23 19 16 20 24 5 17
Cipher text U Q X T Q U Y F R
Course I/C: Neha Bhardwaj (Deptt. of IT, MITS)
Transposition Techniques
PlayFair Cipher: The Playfair cipher uses a 5x5 table containing a key word or
phrase.
To generate the key table, one would first fill in the spaces in the table with the letters
of the keyword (dropping duplicate letters), then fill the remaining spaces with the
rest of the letters of the alphabet in order (put both "I" and "J" in the same space).
The key can be written in the top rows of the table, from left to right.
To encrypt a message, one would break the message (plain text) into digraphs (groups
of 2 letters). Then apply the following 4 rules:
1. If both letters are the same (or only one letter is left), add an "X" after the first
letter. Encrypt the new pair and continue. Some variants of Playfair use "Q" instead
of "X", but any uncommon monograph will do.
2. If the letters appear on the same row of your table, replace them with the letters to
their immediate right respectively (wrapping around to the left side of the row if a
letter in the original pair was on the right side of the row).
3. If the letters appear on the same column of your table, replace them with the letters
immediately below respectively (wrapping around to the top side of the column if a
letter in the original pair was on the bottom side of the column).
4. If the letters are not on the same row or column, replace them with the letters on the
same row respectively but at the other pair of corners of the rectangle defined by
the original pair. The order is important – the first encrypted letter of the pair is the
one that lies on the same row as the first plaintext letter.
Key: playfair example P L AY F
Message: Hide the gold in the tree stump I R E X M
BC DG H
J K NO S
HI DE TH EG OL DI NT HE TR EX ES TU MP T U V WZ
Cipher Text: BMNDZBXDKYBEJVDMUIXMMNUVIF
C1 9 18 10 p1
C2 = 16 21 1 p2 (mod 26)
C3 5 12 23 p3
I can’t do it
8 2 0 13 19 3 14 8 19
4 9 18 10 8
14 = 16 21 1 2 (mod 26)
12 5 12 23 0
C = Ek(P) = KP mod 26
P = Dk(C) = K-1C mod 26 = K-1KP = P
https://www.youtube.com/watch?v=KvtLWgCTwn4
http://www.crypto-it.net/eng/theory/modular-arithmetic.html
Cisco
Checkpoint
Geeksforgeeks
Cryptography and Network security by Atul kahate
Cryptography and Network security by William Stallings