UNIT-I

Security Concepts
This is the age of universal electronic connectivity, where the activities like hacking,
viruses, electronic fraud are very common. Unless security measures are taken, a network
conversation or a distributed application can be compromised easily.
Some simple examples are:
Online purchases using a credit/debit card.
A customer unknowingly being directed to a false website.
A hacker sending a message to a person pretending to be someone else.
Network Security has been affected by two major developments over the last several
decades. First one is introduction of computers into organizations and the second one being
introduction of distributed systems and the use of networks and communication facilities for
carrying data between users & computers. These two developments lead to ‘computer security’ and
‘network security’, where the computer security deals with collection of tools designed to protect
data and to thwart hackers. Network security measures are needed to protect data during
transmission. But keep in mind that, it is the information and our ability to access that information
that we are really trying to protect and not the computers and networks.

Why We Need Information Security?

Because there are threats
Threats
A threat is an object, person, or other entity that represents a constant danger to an asset
The 2007 CSI survey

• 494 computer security practitioners

• 46% suffered security incidents
• 29% reported to law enforcement
• Average annual loss $350,424
• 1/5 suffered ‗targeted attack‘
• The source of the greatest financial losses?
• Most prevalent security problem
• Insider abuse of network access  Email
Threat Categories
• Acts of human error or failure
• Compromises to intellectual property
• Deliberate acts of espionage or trespass
• Deliberate acts of information extortion
• Deliberate acts of sabotage or vandalism
• Deliberate acts of theft
• Deliberate software attack
• Forces of nature
• Deviations in quality of service
• Technical hardware failures or errors
• Technical software failures or errors
• Technological obsolesce
Definitions

 Computer Security - generic name for the collection of tools designed to protect data and to
thwart hackers

 Network Security - measures to protect data during their transmission

 Internet Security - measures to protect data during their transmission over a collection of
interconnected networks

 our focus is on Internet Security

 which consists of measures to deter, prevent, detect, and correct security violations that involve the
transmission & storage of information

The CIA triad/security goals

When talking about network security, the CIA triad is one of the most important models which is
designed to guide policies for information security within an organization.
CIA stands for :
1. Confidentiality
2. Integrity
3. Availability

These are the objectives that should be kept in mind while securing a network.
1. Confidentiality :
Confidentiality means that only authorized individuals/systems can view sensitive or classified
information. The data being sent over the network should not be accessed by unauthorized
individuals. The attacker may try to capture the data using different tools available on the
Internet and gain access to your information. A primary way to avoid this is to use encryption
techniques to safeguard your data so that even if the attacker gains access to your data, he/she
will not be able to decrypt it. Encryption standards include AES(Advanced Encryption Standard)
and DES (Data Encryption Standard). Another way to protect your data is through a VPN tunnel.
VPN stands for Virtual Private Network and helps the data to move securely over the network.
2. Integrity :
The next thing to talk about is integrity. Well, the idea here is to make sure that data has not been
modified. Corruption of data is a failure to maintain data integrity. To check if our data has been
modified or not, we make use of a hash function.
We have two common types: SHA (Secure Hash Algorithm) and MD5(Message Direct 5). Now
MD5 is a 128-bit hash and SHA is a 160-bit hash if we’re using SHA-1. There are also other
SHA methods that we could use like SHA-0, SHA-2, SHA-3.
Let’s assume Host ‘A’ wants to send data to Host ‘B’ maintaining integrity. A hash function will
run over the data and produce an arbitrary hash value H1 which is then attached to the data.
When Host ‘B’ receives the packet, it runs the same hash function over the data which gives a
hash value H2. Now, if H1 = H2, this means that the data’s integrity has been maintained and the
contents were not modified.

3. Availability :
This means that the network should be readily available to its users. This applies to systems and
to data. To ensure availability, the network administrator should maintain hardware, make
regular upgrades, have a plan for fail-over, and prevent bottlenecks in a network. Attacks such as
DoS or DDoS may render a network unavailable as the resources of the network get exhausted.
The impact may be significant to the companies and users who rely on the network as a business
tool. Thus, proper measures should be taken to prevent such attacks.
OSI Security Architecture
The security of an organization is the greatest concern of the people working at the
organization. Safety and security are the pillars of cyber technology. It is hard to imagine the
cyber world without thinking about security. The architecture of security is thus a very important
aspect of the organization. The OSI (Open Systems Interconnection) Security Architecture
defines a systematic approach to providing security at each layer. It defines security services and
security mechanisms that can be used at each of the seven layers of the OSI model to provide
security for data transmitted over a network. These security services and mechanisms help to
ensure the confidentiality, integrity, and availability of the data. OSI architecture is
internationally acceptable as it lays the flow of providing safety in an organization.
OSI Security Architecture focuses on these concepts:
 Security Attack:
 Security mechanism: A security mechanism is a means of protecting a system, network, or
device against unauthorized access, tampering, or other security threats.
 Security Service:
Classification of OSI Security Architecture

Classification of OSI Security Architecture

OSI Security Architecture is categorized into three broad categories namely Security Attacks,
Security mechanisms, and Security Services. We will discuss each in detail:

1. Security Attacks:
A security attack is an attempt by a person or entity to gain unauthorized access to disrupt or
compromise the security of a system, network, or device. These are defined as the actions that
put at risk an organization’s safety. They are further classified into 2 sub-categories:
A. Passive Attack:
Attacks in which a third-party intruder tries to access the message/ content/ data being shared by
the sender and receiver by keeping a close watch on the transmission or eave-dropping the
transmission is called Passive Attacks. These types of attacks involve the attacker observing or
monitoring system, network, or device activity without actively disrupting or altering it. Passive
attacks are typically focused on gathering information or intelligence, rather than causing damage
or disruption.
Here, both the sender and receiver have no clue that their message/ data is accessible to some
third-party intruder. The message/ data transmitted remains in its usual form without any
deviation from its usual behavior. This makes passive attacks very risky as there is no
information provided about the attack happening in the communication process. One way to
prevent passive attacks is to encrypt the message/data that needs to be transmitted, this will
prevent third-party intruders to use the information though it would be accessible to them.
Passive attacks are further divided into two parts based on their behavior:
 Eavesdropping: This involves the attacker intercepting and listening to communications
between two or more parties without their knowledge or consent. Eavesdropping can be
performed using a variety of techniques, such as packet sniffing, or man-in-the-middle
attacks.
 Traffic analysis: This involves the attacker analyzing network traffic patterns and metadata
to gather information about the system, network, or device. Here the intruder can’t read the
message but only understand the pattern and length of encryption. Traffic analysis can be
performed using a variety of techniques, such as network flow analysis, or protocol analysis.
B. Active Attacks:
Active attacks refer to types of attacks that involve the attacker actively disrupting or altering
system, network, or device activity. Active attacks are typically focused on causing damage or
disruption, rather than gathering information or intelligence. Here, both the sender and receiver
have no clue that their message/ data is modified by some third-party intruder. The message/ data
transmitted doesn’t remain in its usual form and shows deviation from its usual behavior. This
makes active attacks dangerous as there is no information provided of the attack happening in the
communication process and the receiver is not aware that the data/ message received is not from
the sender.
Active attacks are further divided into four parts based on their behavior:
 Masquerade is a type of attack in which the attacker pretends to be an authentic sender in
order to gain unauthorized access to a system. This type of attack can involve the attacker
using stolen or forged credentials, or manipulating authentication or authorization controls in
some other way.
 Replay is a type of active attack in which the attacker intercepts a transmitted message
through a passive channel and then maliciously or fraudulently replays or delays it at a later
time.
 Modification of Message involves the attacker modifying the transmitted message and
making the final message received by the receiver look like it’s not safe or non-meaningful.
This type of attack can be used to manipulate the content of the message or to disrupt the
communication process.
 Denial of service (DoS) attacks involve the attacker sending a large volume of traffic to a
system, network, or device in an attempt to overwhelm it and make it unavailable to
legitimate users.
2. Security Mechanism
The mechanism that is built to identify any breach of security or attack on the
organization, is called a security mechanism. Security Mechanisms are also responsible for
protecting a system, network, or device against unauthorized access, tampering, or other security
threats. Security mechanisms can be implemented at various levels within a system or network
and can be used to provide different types of security, such as confidentiality, integrity, or
availability.
Some examples of security mechanisms include:
 Encipherment (Encryption) involves the use of algorithms to transform data into a form
that can only be read by someone with the appropriate decryption key. Encryption can be
used to protect data it is transmitted over a network, or to protect data when it is stored on a
device.
 Digital signature is a security mechanism that involves the use of cryptographic techniques
to create a unique, verifiable identifier for a digital document or message, which can be used
to ensure the authenticity and integrity of the document or message.
 Traffic padding is a technique used to add extra data to a network traffic stream in an
attempt to obscure the true content of the traffic and make it more difficult to analyze.
 Routing control allows the selection of specific physically secure routes for specific data
transmission and enables routing changes, particularly when a gap in security is suspected.

3. Security Services:
Security services refer to the different services available for maintaining the security and
safety of an organization. They help in preventing any potential risks to security. Security
services are divided into 5 types:
 Authentication is the process of verifying the identity of a user or device in order to grant or
deny access to a system or device.
 Access control involves the use of policies and procedures to determine who is allowed to
access specific resources within a system.
 Data Confidentiality is responsible for the protection of information from being accessed or
disclosed to unauthorized parties.
 Data integrity is a security mechanism that involves the use of techniques to ensure that data
has not been tampered with or altered in any way during transmission or storage.
 Non- repudiation involves the use of techniques to create a verifiable record of the origin
and transmission of a message, which can be used to prevent the sender from denying that
they sent the message.

Benefits of OSI Architecture:

Below listed are the benefits of OSI Architecture in an organization:

1. Providing Security:
 OSI Architecture in an organization provides the needed security and safety, preventing
potential threats and risks.
 Managers can easily take care of the security and there is hassle-free security maintenance
done through OSI Architecture.
2. Organising Task:
 The OSI architecture makes it easy for managers to build a security model for the
organization based on strong security principles.
 Managers get the opportunity to organize tasks in an organization effectively.
3. Meets International Standards:
 Security services are defined and recognized internationally meeting international standards.
 The standard definition of requirements defined using OSI Architecture is globally accepted.

Security approaches
In order to determine the safety of data from potential violations and cyber-attacks, the
implementation of the security model has an important phase to be carried out. In order to ensure
the integrity of the security model can be designed using two methods:
1. Bottom-Up Approach: The company’s security model is applied by system administrators or
people who are working in network security or as cyber-engineers. The main idea behind this
approach is for individuals working in this field of information systems to use their knowledge
and experience in cybersecurity to guarantee the design of a highly secure information security
model.
 Key Advantages – An individual’s technical expertise in their field ensures that every system
vulnerability is addressed and that the security model is able to counter any potential threats
possible.
 Disadvantage – Due to the lack of cooperation between senior managers and relevant
directives, it is often not suitable for the requirements and strategies of the organisation.
2. Top-Down Approach: This type of approach is initialized and initiated by the executives of
the organization.
 They formulate policies and outline the procedures to be followed.
 Determine the project’s priorities and expected results
 Determine liability for every action needed

Advantages And Disadvantages of top-down implementation:

This approach looks at each department’s data and explores how it’s connected to find
vulnerabilities. Managers have the authority to issue company-wide instructions while still
allowing each person to play an integral part in keeping data safe. Compared to an individual or
department, a management-based approach incorporates more available resources and a clearer
overview of the company’s assets and concerns.
A top-down approach generally has more lasting power and efficacy than a bottom-up approach
because it makes data protection a company-wide priority instead of placing all the responsibility
on one person or team. Data vulnerabilities exist in all offices and departments, and each
situation is unique. The only way for an information security program to work is by getting every
manager, branch, department, and employee in agreement with a company-wide plan.

The Principles of Security can be classified as follows:

1. Confidentiality:
The degree of confidentiality determines the secrecy of the information. The principle
specifies that only the sender and receiver will be able to access the information shared
between them. Confidentiality compromises if an unauthorized person is able to access a
message.
For example, let us consider sender A wants to share some confidential information with
receiver B and the information gets intercepted by the attacker C. Now the confidential
information is in the hands of an intruder C.

2. Authentication:
Authentication is the mechanism to identify the user or system or the entity. It ensures the
identity of the person trying to access the information. The authentication is mostly secured
by using username and password. The authorized person whose identity is preregistered can
prove his/her identity and can access the sensitive information.

3. Integrity:
Integrity gives the assurance that the information received is exact and accurate. If the
content of the message is changed after the sender sends it but before reaching the intended
receiver, then it is said that the integrity of the message is lost.
 System Integrity: System Integrity assures that a system performs its intended function in an
unimpaired manner, free from deliberate or inadvertent unauthorized manipulation of the
system.
 Data Integrity: Data Integrity assures that information (both stored and in transmitted
packets) and programs are changed only in a specified and authorized manner.
4. Non-Repudiation:
Non-repudiation is a mechanism that prevents the denial of the message content sent
 through a network. In some cases the sender sends the message and later denies it. But
the non-repudiation does not allow the sender to refuse the receiver.

5. Access control:
The principle of access control is determined by role management and rule management.
Role management determines who should access the data while rule management
determines up to what extent one can access the data. The information displayed is dependent on
the person who is accessing it.

6. Availability:
The principle of availability states that the resources will be available to authorize party at
all times. Information will not be useful if it is not available to be accessed. Systems
should have sufficient availability of information to satisfy the user request.
7. Issues of ethics and law
The following categories are used to categorize ethical dilemmas in the security system.
Individuals’ right to access personal information is referred to as privacy.
Property: It is concerned with the information’s owner.
Accessibility is concerned with an organization’s right to collect information.
Accuracy: It is concerned with the obligation of information authenticity, fidelity, and
accuracy.

ASPECTS OF SECURITY

 consider 3 aspects of information security:

 Security Attack

 Security Mechanism

 Security Service

SECURITY ATTACK

 any action that compromises the security of information owned by an organization

 information security is about how to prevent attacks, or failing that, to detect attacks on
information-based systems

 often threat & attack used to mean same thing

 have a wide range of attacks

 can focus of generic types of attacks

• Passive
• Active
 Passive Attack

Active Attack

INTERRUPTION
An asset of the system is destroyed or becomes unavailable or unusable. It is an attack on
availability.

Examples:

Destruction of some hardware

Jamming wireless signals

Disabling file management systems
 INTERCEPTION
An unauthorized party gains access to an asset. Attack on confidentiality.
Examples:

Wire tapping to capture data in a network.

Illicitly copying data or programs

Eavesdropping

MODIFICATION
When an unauthorized party gains access and tampers an asset. Attack is on Integrity.

Examples:

Changing data file

Altering a program and the contents of a message
FABRICATION
An unauthorized party inserts a counterfeit object into the system. Attack on Authenticity.
Also called impersonation

Examples:

Hackers gaining access to a personal email and sending message

Insertion of records in data files

Insertion of spurious messages in a network

SECURITY SERVICES
 It is a processing or communication service that is provided by a system to give a specific
kind of production to system resources. Security services implement security policies and are
implemented by security mechanisms.
i) Confidentiality

Confidentiality is the protection of transmitted data from passive attacks. It is used to

prevent the disclosure of information to unauthorized individuals or systems. It has been defined as
“ensuring that information is accessible only to those authorized to have access”.

The other aspect of confidentiality is the protection of traffic flow from analysis.

Ex: A credit card number has to be secured during online transaction.

ii) Authentication
This service assures that a communication is authentic. For a single message transmission,
its function is to assure the recipient that the message is from intended source. For an ongoing
interaction two aspects are involved. First, during connection initiation the service assures the
authenticity of both parties. Second, the connection between the two hosts is not interfered
allowing a third party to masquerade as one of the two parties. Two specific authentication services
defines in X.800 are

Peer entity authentication: Verifies the identities of the peer entities involved in communication.
Provides use at time of connection establishment and during data transmission. Provides
confidence against a masquerade or a replay attack

Data origin authentication: Assumes the authenticity of source of data unit, but does not provide
protection against duplication or modification of data units. Supports applications like electronic
mail, where no prior interactions take place between communicating entities.
iii) Integrity
Integrity means that data cannot be modified without authorization. Like confidentiality, it
can be applied to a stream of messages, a single message or selected fields within a message. Two
types of integrity services are available. They are

Connection-Oriented Integrity Service: This service deals with a stream of messages,

assures that messages are received as sent, with no duplication, insertion, modification, reordering
or replays. Destruction of data is also covered here. Hence, it attends to both message stream
modification and denial of service.
Connectionless-Oriented Integrity Service: It deals with individual messages regardless
of larger context, providing protection against message modification only.
 An integrity service can be applied with or without recovery. Because it is related to active
attacks, major concern will be detection rather than prevention. If a violation is detected and the
service reports it, either human intervention or automated recovery machines are required to
recover.
iv) Non-repudiation
Non-repudiation prevents either sender or receiver from denying a transmitted message.
This capability is crucial to e-commerce. Without it an individual or entity can deny that he, she or
it is responsible for a transaction, therefore not financially liable.
V) Access Control
This refers to the ability to control the level of access that individuals or entities have to a
network or system and how much information they can receive. It is the ability to limit and control
the access to host systems and applications via communication links. For this, each entity trying to
gain access must first be identified or authenticated, so that access rights can be tailored to the
individuals.
vi) Availability
It is defined to be the property of a system or a system resource being accessible and usable
upon demand by an authorized system entity. The availability can significantly be affected by a
variety of attacks, some amenable to automated counter measures i.e authentication and encryption
and others need some sort of physical action to prevent or recover from loss of availability of
elements of a distributed system.

SECURITY MECHANISMS
According to X.800, the security mechanisms are divided into those implemented in a
specific protocol layer and those that are not specific to any particular protocol layer or security
service. X.800 also differentiates reversible & irreversible encipherment mechanisms. A reversible
encipherment mechanism is simply an encryption algorithm that allows data to be encrypted and
subsequently decrypted, whereas irreversible encipherment include hash algorithms and message
authentication codes used in digital signature and message authentication applications
Specific Security Mechanisms
Incorporated into the appropriate protocol layer in order to provide some of the
OSI security services,
Encipherment: It refers to the process of applying mathematical algorithms for converting data
into a form that is not intelligible. This depends on algorithm used and encryption keys.

Digital Signature: The appended data or a cryptographic transformation applied to any data unit
allowing to prove the source and integrity of the data unit and protect against forgery.
Access Control: A variety of techniques used for enforcing access permissions to the system
resources.
Data Integrity: A variety of mechanisms used to assure the integrity of a data unit or stream of
data units.
Authentication Exchange: A mechanism intended to ensure the identity of an entity by means of
information exchange.
Traffic Padding: The insertion of bits into gaps in a data stream to frustrate traffic analysis
attempts.
Routing Control: Enables selection of particular physically secure routes for certain data and
allows routing changes once a breach of security is suspected.
Notarization: The use of a trusted third party to assure certain properties of a data exchange
Pervasive Security Mechanisms
These are not specific to any particular OSI security service or protocol layer.
Trusted Functionality: That which is perceived to b correct with respect to some criteria
Security Level: The marking bound to a resource (which may be a data unit) that names or
designates the security attributes of that resource.

Event Detection: It is the process of detecting all the events related to network security. Security
Audit Trail: Data collected and potentially used to facilitate a security audit, which is an
independent review and examination of system records and activities. Security Recovery: It deals
with requests from mechanisms, such as event handling and management functions, and takes
recovery actions.

MODEL FOR NETWORK SECURITY

 Data is transmitted over network between two communicating parties, who must cooperate
for the exchange to take place. A logical information channel is established by defining a route
through the internet from source to destination by use of communication protocols by the two
parties. Whenever an opponent presents a threat to confidentiality, authenticity of information,
security aspects come into play. Two components are present in almost all the security providing
techniques.

A security-related transformation on the information to be sent making it unreadable

by the opponent, and the addition of a code based on the contents of the message, used to verify the
identity of sender.
Some secret information shared by the two principals and, it is hoped, unknown to the
opponent. An example is an encryption key used in conjunction with the transformation to
scramble the message before transmission and unscramble it on reception
A trusted third party may be needed to achieve secure transmission. It is responsible for
distributing the secret information to the two parties, while keeping it away from any opponent. It
also may be needed to settle disputes between the two parties regarding authenticity of a message
transmission. The general model shows that there are four basic tasks in designing a particular
security service:
1. Design an algorithm for performing the security-related transformation. The algorithm should be
such that an opponent cannot defeat its purpose
2. Generate the secret information to be used with the algorithm
3. Develop methods for the distribution and sharing of the secret information
4. Specify a protocol to be used by the two principals that makes use of the security algorithm and the
secret information to achieve a particular security service
Various other threats to information system like unwanted access still exist. The existence of
hackers attempting to penetrate systems accessible over a network remains a concern. Another
 threat is placement of some logic in computer system affecting various applications and utility
programs. This inserted code presents two kinds of threats. Information access threats intercept
or modify data on behalf of users who should not have access to that data
Service threats exploit service flaws in computers to inhibit use by legitimate users Viruses
and worms are two examples of software attacks inserted into the system by means of a disk or also
across the network. The security mechanisms needed to cope with unwanted access fall into two
broad categories.
Some basic terminologies used
• CIPHER TEXT - the coded message

• CIPHER - algorithm for transforming plaintext to ciphertext

• KEY - info used in cipher known only to sender/receiver

• ENCIPHER (ENCRYPT) - converting plaintext to ciphertext

• DECIPHER (DECRYPT) - recovering ciphertext from plaintext

• CRYPTOGRAPHY - study of encryption principles/methods

• CRYPTANALYSIS (CODEBREAKING) - the study of principles/ methods of deciphering
cipher text without knowing key

• CRYPTOLOGY - the field of both cryptography and cryptanalysis

CRYPTOGRAPHY CONCEPTS AND TECHINIQUES

Plaintext can refer to anything which humans can understand and/or relate to. This may be as
simple as English sentences, a script, or Java code. If you can make sense of what is written, then it
is in plaintext.

Ciphertext, or encrypted text, is a series of randomized letters and numbers which humans cannot
make any sense of. An encryption algorithm takes in a plaintext message, runs the algorithm on the
plaintext, and produces a ciphertext. The ciphertext can be reversed through the process
of decryption, to produce the original plaintext.

Example: We will encrypt a sentence using Caesar Cipher. The key is 7, which means the letter a
becomes h.

Plaintext: This is a plaintext.

Ciphertext: Aopz pz h wshpualea.

Encryption is the process of converting normal message (plaintext) into meaningless message
(Ciphertext).

Decryption is the process of converting meaningless message (Ciphertext) into its original form
(Plaintext).

The major distinction between secret writing associated secret writing is that the conversion of a
message into an unintelligible kind that’s undecipherable unless decrypted. whereas secret
writing is that the recovery of the first message from the encrypted information.
Let’s see that the difference between encryption and decryption:

S.N
O Encryption Decryption

Encryption is the process of

converting normal message into While decryption is the process of converting
1. meaningless message. meaningless message into its original form.

Encryption is the process which While decryption is the process which take place at
2. take place at sender’s end. receiver’s end.

Its major task is to convert the plain While its main task is to convert the cipher text into
3. text into cipher text. plain text.

Any message can be encrypted Whereas the encrypted message can be decrypted
4. with either secret key or public key. with either secret key or private key.

In encryption process, sender sends

the data to receiver after encrypted Whereas in decryption process, receiver receives the
5. it. information(Cipher text) and convert into plain text.

The same algorithm with the same The only single algorithm is used for encryption-
key is used for the encryption- decryption with a pair of keys where each use for
6. decryption process. encryption and decryption.

A cryptosystem is an implementation of cryptographic techniques and their accompanying

infrastructure to provide information security services. A cryptosystem is also referred to as
a cipher system.
Let us discuss a simple model of a cryptosystem that provides confidentiality to the information
being transmitted. This basic model is depicted in the illustration below −
 Asymmetric Key Encryption
The main difference between these cryptosystems is the relationship between the encryption and
the decryption key. Logically, in any cryptosystem, both the keys are closely associated. It is
practically impossible to decrypt the ciphertext with the key that is unrelated to the encryption key.

CRYPTOGRAPHY
Cryptographic systems are generally classified along 3 independent dimensions:
Type of operations used for transforming plain text to cipher text
All the encryption algorithms are abased on two general principles: substitution, in which
each element in the plaintext is mapped into another element, and transposition, in which elements
in the plaintext are rearranged.

The number of keys used

If the sender and receiver uses same key then it is said to be symmetric key (or) single key
(or) conventional encryption. If the sender and receiver use different keys then it is said to be
public key encryption.

The way in which the plain text is processed

A block cipher processes the input and block of elements at a time, producing output block
for each input block. A stream cipher processes the input elements continuously, producing output
element one at a time, as it goes along.

CRYPTANALYSIS

The process of attempting to discover X or K or both is known as cryptanalysis. The

strategy used by the cryptanalysis depends on the nature of the encryption scheme and the
information available to the cryptanalyst. There are various types of cryptanalytic attacks based
on the amount of information known to the cryptanalyst.
Cipher text only – A copy of cipher text alone is known to the cryptanalyst.

Known plaintext – The cryptanalyst has a copy of the cipher text and the corresponding plaintext.
Chosen plaintext – The cryptanalysts gains temporary access to the encryption machine. They
cannot open it to find the key, however; they can encrypt a large number of suitably chosen
plaintexts and try to use the resulting cipher texts to deduce the key.
Chosen cipher text – The cryptanalyst obtains temporary access to the decryption machine, uses it
to decrypt several strings of symbols, and tries to use the results to deduce the key.

CLASSICAL ENCRYPTION TECHNIQUES

There are two basic building blocks of all encryption techniques: substitution and
transposition.

SUBSTITUTION TECHNIQUES
A substitution technique is one in which the letters of plaintext are replaced by other letters or by
numbers or symbols. If the plaintext is viewed as a sequence of bits, then substitution involves
replacing plaintext bit patterns with cipher text bit patterns.

These techniques involve substituting or replacing the contents of the plaintext by other letters,
numbers or symbols. Different kinds of ciphers are used in substitution technique.
Substitution Techniques:

1. Caesar Cipher
2. Monoalphabetic Cipher
3. Playfair Cipher
4. Hill Cipher
5. Polyalphabetic Cipher
6. One-Time Pad

Caesar Ciphers:
It is the oldest of all the substitution ciphers. A Caesar cipher replaces each letter of the
plaintext with an alphabet. Two examples can be given:
ABCDEFGHIJKLMNOPQRSTUVWXY
Z Choose k, Shift all letters by k
For example, if k = 5

A becomes F, B becomes G, C becomes H, and so on…

Mathematically give each letter a number,

abcdefghij klm nopqrst uvwxyz
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25

then have Caesar cipher as:
c = E(p) = (p + k) mod (26)

p = D(c) = (c – k) mod (26)

With a Caesar cipher, there are only 26 possible keys, of which only 25 are of any use, since
mapping A to A etc doesn't really obscure the message!
Monoalphabetic Ciphers :
Here, Plaintext characters are substituted by a different alphabet stream of characters shifted
to the right or left by n positions. When compared to the Caesar ciphers, these monoalphabetic
ciphers are more secure as each letter of the ciphertext can be any
26
permutation of the 26 alphabetic characters leading to 26! or greater than 4 x 10 possible
keys. But it is still vulnerable to cryptanalysis, when a cryptanalyst is aware of the nature of the
plaintext, he can find the regularities of the language. To overcome these attacks, multiple
substitutions for a single letter are used. For example, a letter can be substituted by different
numerical cipher symbols such as 17, 54, 69….. etc. Even this method is not completely secure as
each letter in the plain text affects on letter in the ciphertext.

Or, using a common key which substitutes every letter of the plain text.
The key ABCDEFGH IJ KLMNOPQRSTUVWXYZ

QWERTYU IOPAS DFGHJ KLZXCV BNM

Would encrypt the message I think therefore I am Into

OZIIOFAZIITKTYGKTOQD
But any attacker would simply break the cipher by using frequency analysis by observing the
number of times each letter occurs in the cipher text and then looking upon the English letter
frequency table. So, substitution cipher is completely ruined by these attacks. Monoalphabetic
ciphers are easy to break as they reflect the frequency of the original alphabet. A countermeasure is
to provide substitutes, known as homophones for a single letter.

Playfair Ciphers:
It is the best known multiple –letter encryption cipher which treats digrams in the plaintext as
single units and translates these units into ciphertext digrams. The Playfair Cipher is a digram
substitution cipher offering a relatively weak method of encryption. It was used for tactical
purposes by British forces in the Second Boer War and in World War I and for the same purpose
by the Australians and Germans during World War II. This was because Playfair is reasonably fast
to use and requires no special equipment. A typical scenario for Playfair use would be to protect
important but non-critical secrets during actual combat. By the time the enemy cryptanalysts could
break the message, the information was useless to them.
It is based around a 5x5 matrix, a copy of which is held by both communicating parties,
into which 25 of the 26 letters of the alphabet (normally either j and i are represented by the same
letter or x is ignored) are placed in a random fashion.
For example, the plain text is Shi Sherry loves Heath Ledger and the agreed key is sherry. The
matrix will be built according to the following rules.
in pairs,

without punctuation,
All Js are replaced with Is.

SH IS HE RR YL OV ES HE AT HL ED GE R
Double letters wh ich occur in a pair must be divided by an X or a Z.


E.g. LI TE RA LL Y LI TE RA LX LY
SH IS HE RX RY LO VE SH EA TH LE DG ER
The alphabet square is prepared using, a 5*5 matrix, no repetition letters, no Js and key is
written first followed by the remaining alphabets with no i and j.
SHERY

ABCDF

GIKLM

NOPQT

UVWXZ

For the generation of cipher text, there are three rules to be followed by each pair of letters.
letters appear on the same row： replace them with the letters to their immediate right
respectively

letters appear on the same column： replace them with the letters immediately below
respectively

not on the same row or column： replace them with the letters on the same row
respectively but at the other pair of corners of the rectangle defined by the original pair.

Based on the above three rules, the cipher text obtained for the given plain text is

HE GH ER DR YS IQ WH HE SC OY KR AL RY

Another example which is simpler than the above one can be given
as: Here, key word is playfair. Plaintext is Hellothere
f p l a y
hellothere becomes------------------------he lx lo th er ex . i r b c
e g h k d
Applying the rules again, for each pair,
n o q s
m u v w x

If they are in the same row, replace each with the letter to its right (mod 5) he t

KG
 z
If they are in the same column, replace each with the letter below it (mod 5) lo
RV

Otherwise, replace each with letter we’d get if we swapped their column indices lx

YV
So the cipher text for the given plain text is KG YV RV QM GI KU

To decrypt the message, just reverse the process. Shift up and left instead of down
and right. Drop extra x’s and locate any missing I’s that should be j’s. The message will be
back into the original readable form. no longer used by military forces because of the advent
of digital encryption devices. Playfair is now regarded as insecure for any purpose because
modern hand-held computers could easily break the cipher within seconds.

Hill Cipher:
It is also a multiletter encryption cipher. It involves substitution of ‘m’ ciphertext letters
for ‘m’ successive plaintext letters. For substitution purposes using ‘m’ linear equations, each
of the characters are assigned a numerical values i.e. a=0, b=1, c=2, d=3,…….z=25.
For example if m=3, the system can be defined as:
c1 = (k11p1 + k12p2 + k13p3) mod 26

c2 = (k21p1 + k22p2 + k23p3) mod 26

c3 = (k31p1 + k32p2 + k33p3) mod 26

If we represent in matrix form, the above statements as matrices and column vectors:
 c1 k11 k12 k13 p1
c2 = k21 k22 k23 p2 mod 26
c3 k31 k32 k33 p3

P = Column vectors of length 3

K = 3x3 encryption key matrix.
-1
For decryption process, inverse of matrix K i.e. K is required which is defined by the
equation -1 1
KK K = I, where I is the identity matrix that contains only 0’s
and 1’s as
its elements. Plaintext is recovered by applying K- to the cipher text. It is expressed as
C = EK(P) = KP mod26 P-1
= DK(C) = K(inverse)C mod26.
= K(inverse) KP = IP = PExample: The plain text is I can’t do it and the size of m is 3 and key K
is chosen as following:

The encryption process is carried out as follows

So, the encrypted text will be given as EOM TMY SVJ

The main advantages of hill cipher are given below:

It perfectly hides single-letter frequencies.

Use of 3x3 Hill ciphers can perfectly hide both the single letter and two-letter frequency
information.

Strong enough against the attacks made only on the cipher text.
But, it still can be easily broken if the attack is through a known plaintext.

Polyalphabetic Ciphers

In order to make substitution ciphers more secure, more than one alphabet can be used. Such
ciphers are called polyalphabetic, which means that the same letter of a message can be
represented by different letters when encoded. Such a one-to-many correspondence makes
the use of frequency analysis much more difficult in order to crack the code. We describe one
such cipher named for Blaise de Vigenere a 16-th century Frenchman.
 The Vigenere cipher is a polyalphabetic cipher based on using successively shifted
alphabets, a different shifted alphabet for each of the 26 English letters. The procedure is
based on the tableau shown below and the use of a keyword. The letters of the keyword
determine the shifted alphabets used in the encoding process.
 For the message COMPUTING GIVES INSIGHT and keyword LUCKY we proceed by repeating the
keyword as many times as needed above the message, as follows.

Encryption is simple: Given a key letter x and a plaintext letter y, the ciphertext letter is at the
intersection of the row labeled x and the column labeled y; so for L, the ciphertext letter would
be N. So, the ciphertext for the given plaintext would be given as:

Decryption is equally simple: The key letter again identifies the row and position of
ciphertext letter in that row decides the column and the plaintext letter is at the top of that
column. The strength of this cipher is that there are multiple ciphetext letters for each
plaintext letter, one for each unique letter of the keyword and thereby making the letter
frequency information is obscured. Still, breaking this cipher has been made possible
because this reveals some mathematical principles that apply in cryptanalysis. To overcome
the drawback of the periodic nature of the keyword, a new technique is proposed which is
referred as an autokey system, in which a key word is concatenated with the plaintext itself
to provide a running key. For ex
In the above example, the key would be luckycomputinggivesin

Still, this scheme is vulnerable to cryptanalysis as both the key and plaintext
share the same frequency distribution of letters allowing a statistical technique to be
applied. Thus, the ultimate defense against such a cryptanalysis is to choose a keyword that
is as long as plaintext and has no statistical relationship to it. A new system which works on
binary data rather than letters is given as
pi = ith binary digit of plaintext ki =
Ci = p i i where,
ith binary digit of key

Ci= ith binary digit of ciphertext

= exclusive-or operation.

Because of the properties of XOR, decryption is done by performing the same bitwise
operation.
pi = Ci i

A very long but, repeation key word is used making cryptanalysis difficult.
10
Pigpen Cipher
Pigpen cipher is a variation on letter substitution. Alphabets are arranged as follows:

Alphabets will be represented by the corresponding diagram. E.g., WAG would be

This is a weak cipher.

TRANSPOSITION TECHNIQUES

All the techniques examined so far involve the substitution of a cipher text symbol for a plaintext
symbol. A very different kind of mapping is achieved by performing some sort of permutation on
the plaintext letters. This technique is referred to as a transposition cipher.
Transposition Techniques

1. Rail Fence Transposition

2. Columnar Transposition
3. Improved Columnar Transposition
Rail Fence Cipher
The rail fence cipher is the simplest transposition cipher. The steps to obtain cipher
text using this technique are as follow:

Step 1: The plain text is written as a sequence of diagonals.

Step 2: Then, to obtain the cipher text the text is read as a sequence of rows.
To understand this in a better way, let us take an example:

Plain Text: meet me Tomorrow

Now, we will write this plain text sequence wise in a diagonal form as you can see
below:

Looking at the image, you would get it why it got named rail fence because it
appears like the rail fence.

Once you have written the message as a sequence of diagonals, to obtain the cipher
text out of it you have to read it as a sequence of rows. So, reading the first row the first
half of cipher text will be:

memtmro
reading the second row of the rail fence, we will get the second half of the cipher
text:

eteoorw
Now, to obtain the complete cipher text combine both the halves of cipher text and
the complete cipher text will be:

Cipher Text: M E M T M R O E T E O O R W
Rail fence cipher is easy to implement and even easy for a cryptanalyst to break this
technique. So, there was a need for a more complex technique.

Columnar Transposition Technique

The columnar transposition cipher is more complex as compared to the rail fence.
The steps to obtain cipher text using this technique are as follow:

Step 1: The plain text is written in the rectangular matrix of the initially defined
size in a row by row pattern.
 Step 2: To obtain the cipher text read the text written in a rectangular matrix
column by column. But you have to permute the order of column before reading it column
by column. The obtained message is the cipher text message.
To understand the columnar transposition let us take an example:

Plain text: meet Tomorrow

Now, put the plain text in the rectangle of a predefined size. For our example, the
predefined size of the rectangle would be 3×4. As you can see in the image below the plain
text is placed in the rectangle of 3×4. And we have also permuted the order of the column.

Now, to obtain the cipher text we have to read the plain text column by column as
the sequence of permuted column order. So, the cipher text obtained by the columnar
transposition technique in this example is:

Cipher Text: MTREOREMOTOW.

Similar to the rail fence cipher, the columnar cipher can be easily broken. The
cryptanalyst only has to try few permutation and combination over the order of column to
obtain the permuted order of column and the get the original message. So, a more
sophisticated technique was required to strengthen the encryption.

Columnar Transposition Technique with Multiple Rounds

It is similar to the basic columnar technique but is introduced with an improvement.

The basic columnar technique is performed over the plain text but more than once. The
steps for columnar technique with multiple rounds are as follow:

Step 1: The plain text is written in the rectangle of predetermined size row by row.
Step 2: To obtain the cipher text, read the plain text in the rectangle, column by
column. Before reading the text in rectangle column by column, permute the order of
columns the same as in basic columnar technique.
Step 3: To obtain the final cipher text repeat the steps above multiple time.
Let us discuss one example of a columnar transposition technique for better
understanding. We will consider the same example of a basic columnar technique which
will help in understanding the complexity of the method:
 Plain Text: meet Tomorrow
Let us put this plain text in the rectangle of predefined size of 3×4. Proceeding with
the next step, the order of the columns of the matrix is permuted as you can see in the
image below:

Now after the first round the cipher text obtained is as follow:

Cipher Text round 1: MTREOREMOTOW

Now, again we have to put the cipher text of round 1 in the rectangle of size 3×4
row by row and permute the order of columns before reading the cipher text for round 2. In
the second round, the permuted order of the column is 2, 3, 1, 4.

So, the obtained cipher text for round 2 is MOOTRTREOEMW. In this way, we
can perform as many iterations as requires. Increasing the number of iterations increases
the complexity of the techniques.

Symmetric Key Encryption

The encryption process where same keys are used for encrypting and decrypting the
information is known as Symmetric Key Encryption.
The study of symmetric cryptosystems is referred to as symmetric cryptography.
Symmetric cryptosystems are also sometimes referred to as secret key cryptosystems.
A few well-known examples of symmetric key encryption methods are − Digital
Encryption Standard (DES), Triple-DES (3DES), IDEA, and The illustration shows a
sender who wants to transfer some sensitive data to a receiver in such a way that any party
intercepting or eavesdropping on the communication channel cannot extract the data.
The objective of this simple cryptosystem is that at the end of the process, only the sender
and the receiver will know the plaintext.
 Components of a Cryptosystem

The various components of a basic cryptosystem are as follows −

 Plaintext. It is the data to be protected during transmission.
 Encryption Algorithm. It is a mathematical process that produces a ciphertext for any
given plaintext and encryption key. It is a cryptographic algorithm that takes plaintext and
an encryption key as input and produces a ciphertext.
 Ciphertext. It is the scrambled version of the plaintext produced by the encryption
algorithm using a specific the encryption key. The ciphertext is not guarded. It flows on
public channel. It can be intercepted or compromised by anyone who has access to the
communication channel.
 Decryption Algorithm, It is a mathematical process, that produces a unique plaintext for
any given ciphertext and decryption key. It is a cryptographic algorithm that takes a
ciphertext and a decryption key as input, and outputs a plaintext. The decryption algorithm
essentially reverses the encryption algorithm and is thus closely related to it.
 Encryption Key. It is a value that is known to the sender. The sender inputs the encryption
key into the encryption algorithm along with the plaintext in order to compute the
ciphertext.
 Decryption Key. It is a value that is known to the receiver. The decryption key is related to
the encryption key, but is not always identical to it. The receiver inputs the decryption key
into the decryption algorithm along with the ciphertext in order to compute the plaintext.
For a given cryptosystem, a collection of all possible decryption keys is called a key space.
An interceptor (an attacker) is an unauthorized entity who attempts to determine the
plaintext. He can see the ciphertext and may know the decryption algorithm. He, however,
must never know the decryption key.
Types of Cryptosystems
Fundamentally, there are two types of cryptosystems based on the manner in which
encryption-decryption is carried out in the system −
 Symmetric Key Encryption
BLOWFISH.
 Prior to 1970, all cryptosystems employed symmetric key encryption. Even today, its
relevance is very high and it is being used extensively in many cryptosystems. It is very
unlikely that this encryption will fade away, as it has certain advantages over asymmetric
key encryption.
The salient features of cryptosystem based on symmetric key encryption are −
 Persons using symmetric key encryption must share a common key prior to exchange of
information.
 Keys are recommended to be changed regularly to prevent any attack on the system.
 A robust mechanism needs to exist to exchange the key between the communicating
parties. As keys are required to be changed regularly, this mechanism becomes expensive
and cumbersome.
 In a group of n people, to enable two-party communication between any two persons, the
number of keys required for group is n × (n – 1)/2.
 Length of Key (number of bits) in this encryption is smaller and hence, process of
encryption-decryption is faster than asymmetric key encryption.
 Processing power of computer system required to run symmetric algorithm is less.

Challenge of Symmetric Key Cryptosystem

There are two restrictive challenges of employing symmetric key cryptography.
 Key establishment − Before any communication, both the sender and the receiver need to
agree on a secret symmetric key. It requires a secure key establishment mechanism in
place.
 Trust Issue − Since the sender and the receiver use the same symmetric key, there is an
implicit requirement that the sender and the receiver ‘trust’ each other. For example, it may
happen that the receiver has lost the key to an attacker and the sender is not informed.
These two challenges are highly restraining for modern day communication. Today, people
need to exchange information with non-familiar and non-trusted parties. For example, a
 communication between online seller and customer. These limitations of symmetric key
encryption gave rise to asymmetric key encryption schemes.
Asymmetric Key Encryption
The encryption process where different keys are used for encrypting and decrypting the
information is known as Asymmetric Key Encryption. Though the keys are different, they
are mathematically related and hence, retrieving the plaintext by decrypting ciphertext is
feasible. The process is depicted in the following illustration −

Asymmetric Key Encryption was invented in the 20 th century to come over the necessity of
pre-shared secret key between communicating persons. The salient features of this
encryption scheme are as follows −
 Every user in this system needs to have a pair of dissimilar keys, private key and public
key. These keys are mathematically related − when one key is used for encryption, the
other can decrypt the ciphertext back to the original plaintext.
 It requires to put the public key in public repository and the private key as a well-guarded
secret. Hence, this scheme of encryption is also called Public Key Encryption.
 Though public and private keys of the user are related, it is computationally not feasible to
find one from another. This is a strength of this scheme.
 When Host1 needs to send data to Host2, he obtains the public key of Host2 from
repository, encrypts the data, and transmits.
 Host2 uses his private key to extract the plaintext.
 Length of Keys (number of bits) in this encryption is large and hence, the process of
encryption-decryption is slower than symmetric key encryption.
  Processing power of computer system required to run asymmetric algorithm is higher.
Symmetric cryptosystems are a natural concept. In contrast, public-key cryptosystems are
quite difficult to comprehend.
You may think, how can the encryption key and the decryption key are ‘related’, and yet it
is impossible to determine the decryption key from the encryption key? The answer lies in
the mathematical concepts. It is possible to design a cryptosystem whose keys have this
property. The concept of public-key cryptography is relatively new. There are fewer
public-key algorithms known than symmetric algorithms.
Challenge of Public Key Cryptosystem
Public-key cryptosystems have one significant challenge − the user needs to trust that the
public key that he is using in communications with a person really is the public key of that
person and has not been spoofed by a malicious third party.
This is usually accomplished through a Public Key Infrastructure (PKI) consisting a trusted
third party. The third party securely manages and attests to the authenticity of public keys.
When the third party is requested to provide the public key for any communicating person
X, they are trusted to provide the correct public key.
The third party satisfies itself about user identity by the process of attestation, notarization,
or some other process − that X is the one and only, or globally unique, X. The most
common method of making the verified public keys available is to embed them in a
certificate which is digitally signed by the trusted third party.
Relation between Encryption Schemes
A summary of basic key properties of two types of cryptosystems is given below −

Symmetric Public Key Cryptosystems

Cryptosystems

Relation between Same Different, but mathematically

Keys related

Encryption Key Symmetric Public

Decryption Key Symmetric Private

Due to the advantages and disadvantage of both the systems, symmetric key and public-key
cryptosystems are often used together in the practical information security systems.
 Cryptography:

Cryptography is classified into symmetric cryptography and asymmetric

cryptography. Below are the description of these types.
1. Symmetric key cryptography – It involves the usage of one secret key along with
encryption and decryption algorithms which help in securing the contents of the
message. The strength of symmetric key cryptography depends upon the number of
key bits. It is relatively faster than asymmetric key cryptography. There arises a key
distribution problem as the key has to be transferred from the sender to the receiver
through a secure channel.

2. Asymmetric key cryptography: It is also known as public-key cryptography

because it involves the usage of a public key along with the secret key. It solves the
 problem of key distribution as both parties use different keys for
encryption/decryption. It is not feasible to use for decrypting bulk messages as it is
very slow compared to symmetric key cryptography.

What Is Steganography?

A steganography technique involves hiding sensitive information within an ordinary, non-secret

file or message, so that it will not be detected. The sensitive information will then be extracted
from the ordinary file or message at its destination, thus avoiding detection. Steganography is an
additional step that can be used in conjunction with encryption in order to conceal or protect
data.

Steganography is a means of concealing secret information within (or even on top of) an
otherwise mundane, non-secret document or other media to avoid detection. It comes from the
Greek words steganos, which means “covered” or “hidden,” and graph, which means “to write.”
Hence, “hidden writing.”

You can use steganography to hide text, video, images, or even audio data. It’s a helpful bit of
knowledge, limited only by the type of medium and the author’s imagination.

Different Types of Steganography

1. Text Steganography − There is steganography in text files, which entails secretly storing
information. In this method, the hidden data is encoded into the letter of each word.

2. Image Steganography − The second type of steganography is image steganography, which

entails concealing data by using an image of a different object as a cover. Pixel intensities are the
key to data concealment in image steganography.

Since the computer description of an image contains multiple bits, images are frequently used as
a cover source in digital steganography.
The various terms used to describe image steganography include:

 Cover-Image - Unique picture that can conceal data.

 Message - Real data that you can mask within pictures. The message may be in the form
of standard text or an image.
 Stego-Image − A stego image is an image with a hidden message.
 Stego-Key - Messages can be embedded in cover images and stego-images with the help
of a key, or the messages can be derived from the photos themselves.
3. Audio Steganography − It is the science of hiding data in sound. Used digitally, it protects
against unauthorized reproduction. Watermarking is a technique that encrypts one piece of data
(the message) within another (the "carrier"). Its typical uses involve media playback, primarily
audio clips.

4. Video Steganography − Video steganography is a method of secretly embedding data or

other files within a video file on a computer. Video (a collection of still images) can function as
the "carrier" in this scheme. Discrete cosine transform (DCT) is commonly used to insert values
that can be used to hide the data in each image in the video, which is undetectable to the naked
eye. Video steganography typically employs the following file formats: H.264, MP4, MPEG, and
AVI.

5. Network or Protocol Steganography − It involves concealing data by using a network

protocol like TCP, UDP, ICMP, IP, etc., as a cover object. Steganography can be used in the case
of covert channels, which occur in the OSI layer network model.

Steganography vs. Cryptography

It's a method to conceal the fact

that communication is taking It's a method for making information
Explanation place unintelligible

Maintain communication
Aim security Enable data protection

Optional, but increases security

Key when utilized Necessary prerequisite
 Data
Visibility No Yes

Once hidden information is You can recover the original message

decoded, the data can be used by from the ciphertext if you can access the
Failure anyone decryption key

Data Does not modify the data's

Structure general structure Modifies the overall data structure

Cryptographic Attacks
The basic intention of an attacker is to break a cryptosystem and to find the
plaintext from the ciphertext. To obtain the plaintext, the attacker only needs to find out the
secret decryption key, as the algorithm is already in public domain.
Hence, he applies maximum effort towards finding out the secret key used in the
cryptosystem. Once the attacker is able to determine the key, the attacked system is
considered as broken or compromised.
Based on the methodology used, attacks on cryptosystems are categorized as
follows −
Ciphertext Only Attacks (COA) − In this method, the attacker has access to a

set of ciphertext(s). He does not have access to corresponding plaintext. COA is said to be
successful when the corresponding plaintext can be determined from a given set of
ciphertext. Occasionally, the encryption key can be determined from this attack. Modern
cryptosystems are guarded against ciphertext-only attacks.
 Known Plaintext Attack (KPA) − In this method, the attacker knows the
plaintext for some parts of the ciphertext. The task is to decrypt the rest of the ciphertext
using this information. This may be done by determining the key or via some other method.
The best example of this attack is linear cryptanalysis against block ciphers.
 Chosen Plaintext Attack (CPA) − In this method, the attacker has the text of his
choice encrypted. So he has the ciphertext-plaintext pair of his choice. This simplifies his
task of determining the encryption key. An example of this attack is differential
cryptanalysis applied against block ciphers as well as hash functions. A popular public key
cryptosystem, RSA is also vulnerable to chosen-plaintext attacks.
 Dictionary Attack − This attack has many variants, all of which involve
compiling a ‘dictionary’. In simplest method of this attack, attacker builds a dictionary of
ciphertexts and corresponding plaintexts that he has learnt over a period of time. In future,
 when an attacker gets the ciphertext, he refers the dictionary to find the corresponding
plaintext.
 Brute Force Attack (BFA) − In this method, the attacker tries to determine the
key by attempting all possible keys. If the key is 8 bits long, then the number of possible
keys is 28 = 256. The attacker knows the ciphertext and the algorithm, now he attempts all
the 256 keys one by one for decryption. The time to complete the attack would be very
high if the key is long.
 Birthday Attack − This attack is a variant of brute-force technique. It is used
against the cryptographic hash function. When students in a class are asked about their
birthdays, the answer is one of the possible 365 dates. Let us assume the first student's
birthdate is 3rd Aug. Then to find the next student whose birthdate is 3 rd Aug, we need to
enquire 1.25*√365 ≈ 25 students.
Similarly, if the hash function produces 64 bit hash values, the possible hash values
are 1.8x1019. By repeatedly evaluating the function for different inputs, the same output is
expected to be obtained after about 5.1x109 random inputs.
If the attacker is able to find two different inputs that give the same hash value, it is
a collision and that hash function is said to be broken.
 Man in Middle Attack (MIM) − The targets of this attack are mostly public key
cryptosystems where key exchange is involved before communication takes place.
o Host A wants to communicate to host B, hence requests public key of B.
o An attacker intercepts this request and sends his public key instead.
o Thus, whatever host A sends to host B, the attacker is able to read.
o In order to maintain communication, the attacker re-encrypts the data after
reading with his public key and sends to B.
o The attacker sends his public key as A’s public key so that B takes it as if it is
taking it from A.
 Side Channel Attack (SCA) − This type of attack is not against any particular
type of cryptosystem or algorithm. Instead, it is launched to exploit the weakness in
physical implementation of the cryptosystem.
 Timing Attacks − They exploit the fact that different computations take different
times to compute on processor. By measuring such timings, it is be possible to know about
a particular computation the processor is carrying out. For example, if the encryption takes
a longer time, it indicates that the secret key is long.
 Power Analysis Attacks − These attacks are similar to timing attacks except that
the amount of power consumption is used to obtain information about the nature of the
underlying computations.
 Fault analysis Attacks − In these attacks, errors are induced in the cryptosystem
and the attacker studies the resulting output for useful information.

KEY RANGE AND KEY SIZE

The concept of key range and key-size are related to each other. Key Range is total
number of keys from smallest to largest available key. An attacker usually is armed with
the knowledge of the cryptographic algorithm and the encrypted message, so only the
actual key value remains the challenge for the attacker.
• If the key is found, the attacker can get original plaintext message. In the brute force
attack, every possible key in the key-range is tried, until we get the right key.
• In the best case, the right key is found in the first attempt, in the worst case, the key is
found in the last attempt. On an average, the right key is found after trying half of the
possible keys in the key-range. Therefore by expanding the key range to a large extent,
longer it will take for an attacker to find the key using brute-force attack.
• The concept of key range leads to the principle of key size. The strength of a
cryptographic key is measured with the key size
• Key size is measured in bits and is represented using binary number system. Thus if the
key range from 0 to 8, then the key size is 3 bits or in other words we can say if the size is
bits then the key range is 0 to 256. Key size may be varying, depending upon the
applications and the cryptographic algorithm being used, it can be 40 bits, 56 bits, 128 bits
& so on. In order to protect the cipher-text against the brute-force attack, the key-size
should be such that the attacker can not crack it within a specified amount of time.
• From a practical viewpoint, a 40-bit key takes about 3 hours to crack, however a 41-bit
key would take 6 hours and 42-bit key would take 12 hours & so on. This means every
additional bit doubles the amount of time required to crack the key. We can assume that
128 bit key is quite safe, considering the capabilities of today’s computers. However as the
computing power and techniques improve, these numbers will change in future.