Professional Documents
Culture Documents
UNIT 1
Cryptography is a study of different techniques used for encryption and decryption of the text to
convert the plain text into ciphertext and vice-versa.
There are many different cryptographic techniques and algorithm which have been developed so
far.These are broadly classified into two types,
1. Symmetric key cryptography
2. Asymmetric key cryptography
1
2
3
Security Attack
Passive Attacks:
The release of message contents is easily understood A telephone conversation, an
electronic mail message, and a transferred file may contain sensitive or confidential
information.We would like to prevent an opponent from learning the contents of these
transmissions.
A second type of passive attack, traffic analysis, is subtler Suppose that we had a way of
masking the contents of messages or other information traffic so that opponents, even if they
captured the message, could not extract the information from the message. The common
technique for masking contents is encryption. If we had encryption protection in place, an
opponent might still be able to observe the pattern of these messages. The opponent could
determine the location and identity of communicating hosts and could observe the frequency and
length of messages being exchanged. This information might be useful in guessing the nature of
the communication .
Active Attacks:
A masquerade takes place when one entity pretends to be a different entity .A
masquerade attack usually includes one of the other forms of active attack. For example,
authentication sequences can be captured and replayed after a valid authentication sequence has
taken place, thus enabling an authorized entity with few privileges to obtain extra privileges by
impersonating an entity that has those privileges.
Replay involves the passive capture of a data unit and its subsequent retransmission to
produce an unauthorized effect .
Modification of messages simply means that some portion of a legitimate message is
altered, or that messages are delayed or reordered, to produce an unauthorized effect . For
example, a message meaning “Allow John Smith to read confidential file accounts” is modified to
mean “Allow Fred Brown to read confidential file accounts.”
4
A Model For Network Security
This general model shows that there are four basic tasks in designing a particular security service:
1. Design an algorithm for performing the security-related transformation. The algorithm should be such
that an opponent cannot defeat its purpose.
2. Generate the secret information to be used with the algorithm.
3. Develop methods for the distribution and sharing of the secret information.
4. Specify a protocol to be used by the two principals that makes use of the security algorithm and the
secret information to achieve a particular security service.
The hacker can be someone who, with no malign intent, simply gets satisfaction from breaking
and entering a computer system. The intruder can be a disgruntled employee who wishes to do
damage or a criminal who seeks to exploit computer assets for financial gain
Viruses and worms are two examples of software attacks. Such attacks can be introduced into a
system by means of a disk that contains the unwanted logic con-cealed in otherwise useful
software.
5
Symmetric Key Encryption Asymmetric Key Encryption
It only requires a single key for both encryption It requires two keys, a public key and a private
and decryption. key, one to encrypt and the other one to decrypt.
The size of cipher text is the same or smaller than The size of cipher text is the same or larger than
the original plain text. the original plain text.
The length of key used is 128 or 256 bits The length of key used is 2048 or higher
It is efficient as it is used for handling large It is comparatively less efficient as it can handle
amount of data. a small amount of data.
Security is less as only one key is used for both It is more secure as two keys are used here- one
encryption and decryption purpose. for encryption and the other for decryption.
6
Classical Encryption Techniques
1.Substitution Technique
2.Transposition Technique
Substitution Techniques Transposition Techniques
Substitution Technique
A substitution technique is one in which the letters of plaintext are replaced by other letters
Caesar Cipher
The Caesar cipher involves replacing each letter of the alphabet with the letter standing three
places further down the alphabet.
plain: meet me after the toga party
cipher: PHHW PH DIWHU WKH WRJD SDUWB
Monoalphabetic Cipher
Monoalphabetic cipher is a substitution cipher, where the cipher alphabet for each plain text
alphabet is fixed, for the entire encryption.
In simple words, if the alphabet ‘p’ in the plain text is replaced by the cipher alphabet ‘d’,then in
the entire plain text wherever alphabet ‘p’ is used, it will be replaced by the alphabet ‘d’ to form
the ciphertext.
Polyalphabetic Cipher
In polyalphabetic substitution, each appearance of a character in the plaintext can have a different
substitution character in the ciphertext.
The relationship among a character in plaintext and a character in ciphertext is one to many.
For instance, letter ‘A’ can be restored by the letter ‘C’ and the similar letter ‘A’ can be restored
by ‘N’ later in the ciphertext.
The next two examples, playfair and Vigenere Cipher are polyalphabetic ciphers.
7
Playfair cipher
Playfair cipher is a substitution cipher which involves a 5X5 matrix. Let us discuss the technique of this
Playfair cipher with the help of an example:
Plain Text : meet me tomorrow
Key : KEYWORD
Now, we have to convert this plain text to ciphertext using the given key. We will discuss the further
process in steps.
Step 1: Create a 5X5 matrix and place the key in that matrix row-wise from left to right. Then put the
remaining alphabet in the blank space.
Note: If a key has duplicate alphabets, then fill those alphabets only once in the matrix, and I & J should
be kept together in the matrix even though they occur in the given key.
Step 2: Now, you have to break the plain text into a pair of alphabets.
Plain Text: meet me tomorrow
Pair: me et me to mo rx ro wz
Note
Pair of alphabets must not contain the same letter. In case, pair has the same letter then break it and add
‘x’ to the previous letter. Like in our example letter ‘rr’ occurs in pair so, we have broken that pair and
added ‘x’ to the first ‘r’.
In case while making pair, the last pair has only one alphabet left then we add ‘z’ to that alphabet to form
a pair as in our above example, we have added ‘z’ to ‘w’ because ‘w’ was left alone at last.
If a pair has ‘xx’ then we break it and add ‘z’ to the first ‘x’, i.e. ‘xz’ and ‘x_’.
Step 3: In this step, we will convert plain text into ciphertext. For that, take the first pair of plain text and
check for cipher alphabets for the corresponding in the matrix. To find cipher alphabets follow the rules
below.
Note
If both the alphabets of the pair occur in the same row replace them with the alphabet to their immediate
right. If an alphabet of the pair occurs at extreme right then replace it with the first element of that row,
i.e. the last element of the row in the matrix circularly follows the first element of the same row.
8
If the alphabets in the pair occur in the same column, then replace them with the alphabet immediate
below them. Here also, the last element of the column circularly follows the first element of the same
column.
If the alphabets in the pair are neither in the same column and nor in the same row, form a rectangle
with the two letters and take the letters on the horizontal opposite corner of the rectangle.
Pair: me et me to mo rx ro wz
Cipher Text: kn ku kn kz ks ta kc yo
Vigenere Cipher
This scheme of cipher uses a text string (say, a word) as a key, which is then used for doing a number of
shifts on the plaintext.
Process of Vigenere Cipher
Plain Text : ‘attack from south east’
Key : point
Numeric representation of key is ‘16 15 9 14 20’.[ p → 16, o → 15, i → 9, n → 14, and t → 20]
Arrange plaintext and numeric key as follows −
Now shifts each plaintext alphabet by the number written below it to create ciphertext as shown
below −
Here, each plaintext character has been shifted by a different amount – and that amount is
determined by the key. The key must be less than or equal to the size of the message.
For decryption, the receiver uses the same key and shifts received ciphertext in reverse order to
obtain the plaintext.
9
Hill Cipher
10
Repeat First 2 Columns . Next Repeat First 2
Rows . Next Remove First Row and First
Column
11
One-Time Pad
The length of the keyword is same as the length of the plaintext.
The keyword is a randomly generated string of alphabets.
The keyword is used only once to encrypt and decrypt the individual message after that the key
must be discarded.
Transposition Techniques
1. Rail Fence Transposition
2. Columnar Transposition
12
UNIT 2 SYMMETRIC KEY CRYPTOGRAPHY
Groups , Rings and Fields
13
Parameter AES DES
Meaning AES stands for advanced encryption DES stands for data encryption standard.
standard.
Key Length The key length can be 128 bits, 192 bits, The key length is 56 bits.
or 256 bits.
Rounds of The rounds of operations per key length There are 16 identical rounds of operations.
Operations 128 bits: 10
192 bits: 12
256 bits: 14
Network AES is based on a substitution and DES is based on the Feistel network.
permutation network.
Security AES is considered the standard encryption DES is considered to be a weak encryption
algorithm in the world and is more secure algorithm; triple DES is a more secure
than DES. encryption algorithm.
Rounds Key Addition, Mix Column, Byte Substitution, XOR Operation, Permutation,
Substitution, and Shift Row. and Expansion.
Size AES can encrypt plaintext of 128 bits. DES can encrypt plaintext of 64 bits.
Known There are no known attacks for AES. Brute force attacks, differential cryptanalysis,
Attacks and linear cryptanalysis.
DES is a symmetric block cipher which takes the input of 64-bit plain text along with 64-bit key
and process it, to generate the 64-bit ciphertext
DES stands for Data Encryption Standard..
DES algorithm uses a effective key of 56-bit size.
Encryption Steps:
1. The process begins with the 64-bit plain text block getting handed over to an initial permutation (IP)
function.
2. The initial permutation (IP) is then performed on the plain text.
3. Next, the initial permutation (IP) creates two halves of the permuted block, referred to as Left Plain
Text (LPT) and Right Plain Text (RPT).
4. Each LPT and RPT goes through 16 rounds of the encryption process.
5. Finally, the LPT and RPT are rejoined, and a Final Permutation (FP) is performed on the newly
combined block.
6. The result of this process produces the desired 64-bit ciphertext.
14
The encryption process step (step 4, above) is further broken down into five stages:
1. Key transformation
2. Expansion permutation
3. S-Box permutation
4. P-Box permutation
5. XOR and swap
15
16
Advanced Encryption Standard ( AES )
17
18
19
Round Functions
Each round function has four stages or four functions those are as follows:
Substitute Bytes
The input to Substitute Byte is a 4X4 state matrix of 16 bytes where each element of the matrix is of 1
byte. Now AES has defined a 16X16 matrix namely S-box which contains a permutation of 256 8-bit
values.
The Substitute Bytes function maps each byte element of state matrix to the new value using the
following procedure.
Step 1: A byte element in the state matrix would have 8-bits. The leftmost 4-bit is used to retrieve
the row value of S-box and the rightmost 4-bit are used to retrieve the column value of S-box.
Step 2: This row value and column value act as an index to get the new value from the S Box.
Let’s suppose a byte element S2,2 has a value 25 whose binary representation is 00011001. So, the leftmost
4-bit 0001 represents ‘1’ and the rightmost 1001 represents ‘9’. So, intersection value at row 1 and
column 9 in S-box is ‘D4’. In this way, the value 25 is mapped to the new value D4.
The Substitute Byte function maps each element of 4X4 state matrix to the new value and forwards this
newly formed 4X4 State matrix to Shift Rows function.
Shift Rows
The input to Shift Row function is a 4X4 state matrix forwarded from the Substitute Bytes function. The
Shift row performs the circular left shift on the rows of the matrix. On the first row, the circular left
shift is performed by 0 bytes.
20
On the second row, a circular left shift is performed by 1 byte. On the third row, the circular left shift is
performed by 2 bytes. On the fourth row of the input state matrix, the circular let shift is performed by 3
bytes. The resultant 4X4 state matrix of Shift Rows function is forwarded to the Mix Column function.
Mix Columns
The input 4X4 state matrix is multiplied with a constant predefined matrix
Each byte element of the resultant matrix of Mix Column function is the sum of the product of one row of
the defined matrix and one column of state matrix.
The product matrix of the Mix Column is forwarded to the last function of a round i.e. Add Round Key.
21
AES Decryption
The 16-byte cipher text in the form of 4X4 state matrix is XORed with the unique 4-word key.
The key sequence in encryption is reversed during the decryption.
And all the other round functions are also inversed in the decryption process to retrieve the
original 16-byte plain text block.
Advantages
1. AES can be implemented on both hardware and software.
2. AES has three key length 128-bits,192-bits and 256-bits.
3. AES is implemented in a wide range of application as it is defined as the standard by NIST.
Disadvantage
The key used in AES if not employed properly it can cause a cryptanalytic attack. Therefore, key
scheduling should be done carefully.
22
23
24
25
26
RC4 Algorithm
Initialization of S
/* Initialization */
for i = 0 to 255 do Stream Generation
S[i] = i; /* Stream Generation */
T[i] = K[i mod keylen]; i, j = 0;
while (true)
/* Initial Permutation of S */ i = (i + 1) mod 256;
j = 0; j = (j + S[i]) mod 256;
for i = 0 to 255 do Swap (S[i], S[j]);
j = (j + S[i] + T[i]) mod 256; t = (S[i] + S[j]) mod 256;
Swap (S[i], S[j]); k = S[t];
To encrypt, XOR the value with the next byte of plaintext. To decrypt, XOR the value with the
next byte of ciphertext.
27
UNIT 3 - RSA Algorithm
Choose p = 3 and q = 11
Compute n = p * q = 3 * 11 = 33
Compute φ(n) = (p - 1) * (q - 1) = 2 * 10 = 20
Choose e such that 1 < e < φ(n) and e and φ (n) are coprime. Let e = 7
Compute a value for d such that (d * e) % φ(n) = 1.
One solution is d = 3 [(3 * 7) % 20 = 1]
Public key is (e, n) => (7, 33)
Private key is (d, n) => (3, 33)
The encryption of m = 2 is c = 27 % 33 = 29
The decryption of c = 29 is m = 293 % 33 = 2
28
DIFFIE-HELLMAN KEY EXCHANGE
This method is for securely or secretly exchanging cryptographic keys or a key use in encryption
or decryption over a public communications channel or away.
It is named after their inventors who invent this is Whitfield Diffie and Martin Hellman.
Example.
Select prime number q=353 and a primitive root of 353, in this case α=3.
A and B select secret keys
XA = 97
XB = 233
Each computes its public key:
A computes YA = 391 mod 353 = 40.
B computes YB = 3233 mod 353 = 248.
After they exchange public keys, each can compute the common secret key:
A computes K = (YB)XA mod 353 = 24897 mod 353 = 160.
B computes K = (YA)XB mod 353 = 40233 mod 353 = 160.
29
ELGAMAL CRYPTOGRAPHIC SYSTEM
30
ELIPTIC CURVE CRYPTOGRAPHY
It is a public key encryption technique in cryptography which depends on the elliptic curve theory which
helps us to create faster, smaller, and most efficient or valuable cryptographic keys.
It is certificated to allow key size to remain small while providing a higher level of security to the system.
31
SECURE HASH ALGORITHM ( SHA )
32
33
Message Authentication Function
• Hash function: A function that maps a message of any length into a fixedlength hash value,
which serves as the authenticator
• Message encryption: The ciphertext of the entire message serves as its authenticator
• Message authentication code (MAC): A function of the message and a secret key that
produces a fixed-length value that serves as the authenticator
Message Encryption:
34
MESSAGE AUTHENTICATION CODE ( MAC )
35
DIGITAL SIGNATURE
36