Cryptography

Art of Secure Communication

Sara Ali
 Cryptography
• Cryptography means “hidden writing” (in Greek).
• The art and science of securing communication by
converting data into formats readable only by
intended recipients.
• It is the study of encoding meaningful information
(also called the message or the plaintext) using a
secret transformation function (called the cipher) so
that nobody will understand the encoded message
(called the ciphertext) unless they have knowledge
of the cipher.
• Plaintext: Original, readable data
• Ciphertext: Encrypted, unreadable data
• Cipher: Algorithm used for encryption and
decryption
• The process of encoding plaintext to ciphertext is
called encryption.
• The process of decoding ciphertext back to the
original message (plaintext) is called decryption.
 Security Mechanisms

Model for Network Security

 Mathematical Representation
In mathematical terms, encryption and decryption can be
described as follows:
– Encryption: c = F(p)
• – Decryption: p= F–1(c)
• Where the plaintext is represented by p, the ciphertext is c
and the cipher is the bijective function F.
• Basically, this means that all possible ciphertexts have unique
corresponding plaintexts (mathematical conditions of a
bijective function are that it is one- to-one and onto)
 Cipher models
• Symmetric Key Cryptography: Same key is used by
both the sender and recipient for encryption as well
as decryption.
– Examples: AES, DES, and Blowfish algorithms

• Asymmetric Key Cryptography: Uses key pair, a

public key and a private key (public key cryptography)
– Examples: RSA, Diffie-Hellman, and ECC (Elliptic Curve
Cryptography)
Symmetric cipher models
– Symmetric key cryptography is also known as shared key
cryptography
– Involves 2 people using the same key to both encrypt and
decrypt information
 Symmetric Cipher Model
• Advantages:
– Faster than other cryptographic mechanism
– Easy to implement, and generally requires less processing
power
• Disadvantage:
– Both sender and receiver must agree to use the same key
before they start transmitting secure information
– Key distribution problem—requires secure channel to
share the key
 Asymmetric Cipher Model
• Asymmetric key cryptography is also known as public key
cryptography. It uses two keys: Public & Private
• Model 1: Public key to encrypt the message and private key to
decrypt the ciphertext
– provides no confidence of sender since anyone potentially knows
public-key
 Asymmetric Cipher Model
• Model 2: Private key to encrypt the message and public key to
decrypt the ciphertext.
Provides both secrecy and authentication
 Asymmetric Cipher Model
• Advantages:
– Public key is used for encryption which does not need to
remain secure
– Does not need to share secret (private key)
– Can be used for other security services
• Disadvantage:
– Slower than other cryptographic mechanism
Block & Stream ciphers
• Block Ciphers:
– Process data in blocks and generates output in the form of
blocks
– Examples: Data Encryption Standard, Advance Encryption
Standard, etc.
 Block & Stream ciphers
• Stream Cipher
– Process data in bit or bytes and generates output
in the form of stream
– Examples: LSFR, RC4
Cryptanalysis & Brute Force Attack
Cryptanalysis
• Cryptanalysis is the study of breaking ciphers (also
called codebreaking or cracking) or reading
encrypted messages without knowledge of the key
• Goals:
– Decrypt a message
– Recover the key
• Frequency Analysis
– Counting the frequency of letters or groups of letters in a
ciphertext to break ciphers
 Frequency Analysis

A typical distribution of letters in English language text.

Cryptanalysis & Brute Force Attack
• History of Cryptanalysis
• Early Examples: Cryptanalysis dates back to ancient
civilizations. For instance, the Arabs pioneered
frequency analysis around the 9th century to break
monoalphabetic substitution ciphers.
• WWII Impact: The German Enigma machine was
famously broken by Allied cryptanalysts, including
Alan Turing, significantly impacting WWII.
Cryptanalysis & Brute Force Attack
Brute Force Search
• Always possible to simply try every key
• Most basic attack, proportional to key size
Symmetric Key Cryptography
Substitution cipher
 ROT-13 cipher
• The ROT-13 cipher was commonly used to hide the meaning of
messages on the Internet (particularly on Usenet and E-mail).
• Each letter in the plaintext is substituted with the ciphertext letter
according to the following mapping:
p: ABCDEFGHIJKLMNOPQRSTUVWXYZ
F(p): NOPQRSTUVWXYZABCDEFGHIJKLM
• Example:
– Plaintext: THIS IS A SECRET
– Ciphertext: GUVF VF N FRPERG
• The ROT-13 cipher is an involution (i.e., self-inverse) so that
encoding twice will result in the original message.
• This means that a separate decoding function F ˉ1 is not needed.
 Caeser cipher
• The Roman emperor Julius Caesar used to
substitute each letter in his diplomatic
communications with the letter that was three
letters further along in the alphabet.

• p: ABCDEFGHIJKLMNOPQRSTUVWXYZ
• F(p) : DEFGHIJKLMNOPQRSTUVWXYZABC

• Plaintext: ET TU BRUTUS
• Ciphertext: HW WX EUXWXV
 Continued…
• The cipher used by Julius Caesar can be
generalized to a function defined by a
parameter k representing the number of
letters that we “shift” each plaintext letter:
• c = Fk(p) = p + k (mod 26)
• Where Julius Caesar used k=3, and ROT-13
uses k=13.
• This cipher is called the Caesar cipher.
• The parameter k is called the key.
 Cracking the Caeser cipher
• Caesar cipher is defined by:
c = Fk(p) = p + k (mod 26)
• There are only 26 possible values of k (the key)
• Out of these 26, only 25 values of k are valid keys
(since k=0 has no effect on the plaintext)
• We can break a Caesar cipher by trying all 25
possible valid keys
• This is called an exhaustive key search.
 Exhaustive key search
Suppose we have the ciphertext:
TYQZCXLETZYDPNFCTEJ
We decrypt the ciphertext by trying all 25 possible valid
keys:
1. UZRADYMFUAZEQOGDUFK 14. HMENQLZSHNMRDBTQHSX
2. VASBEZNGVBAFRPHEVGL 15. INFORMATIONSECURITY
3. WBTCFAOHWCBGSQIFWHM 16. JOGPSNBUJPOTFDVSJUZ
4. XCUDGBPIXDCHTRJGXIN 17. KPHQTOCVKQPUGEWTKVA
5. YDVEHCQJYEDIUSKHYJO 18. LQIRUPDWLRQVHFXULWB
6. ZEWFIDRKZFEJVTLIZKP 19. MRJSVQEXMSRWIGYVMXC
7. AFXGJESLAGFKWUMJALQ 20. NSKTWRFYNTSXJHZWNYD
8. BGYHKFTMBHGLXVNKBMR 21. OTLUXSGZOUTYKIAXOZE
9. CHZILGUNCIHMYWOLCNS 22. PUMVYTHAPVUZLJBYPAF
10. DIAJMHVODJINZXPMDOT 23. QVNWZUIBQWVAMKCZQBG
11. EJBKNIWPEKJOAYQNEPU 24. RWOXAVJCRXWBNLDARCH
12. FKCLOJXQFLKPBZROFQV 25. SXPYBWKDSYXCOMEBSDI
13. GLDMPKYRGMLQCASPGRW
 Exhaustive key search
Suppose we have the ciphertext:
TYQZCXLETZYDPNFCTEJ
We decrypt the ciphertext by trying all 25 possible valid
keys:
1. UZRADYMFUAZEQOGDUFK 14. HMENQLZSHNMRDBTQHSX
2. VASBEZNGVBAFRPHEVGL 15. INFORMATIONSECURITY
3. WBTCFAOHWCBGSQIFWHM 16. JOGPSNBUJPOTFDVSJUZ
4. XCUDGBPIXDCHTRJGXIN 17. KPHQTOCVKQPUGEWTKVA
5. YDVEHCQJYEDIUSKHYJO 18. LQIRUPDWLRQVHFXULWB
6. ZEWFIDRKZFEJVTLIZKP 19. MRJSVQEXMSRWIGYVMXC
7. AFXGJESLAGFKWUMJALQ 20. NSKTWRFYNTSXJHZWNYD
8. BGYHKFTMBHGLXVNKBMR 21. OTLUXSGZOUTYKIAXOZE
9. CHZILGUNCIHMYWOLCNS 22. PUMVYTHAPVUZLJBYPAF
10. DIAJMHVODJINZXPMDOT 23. QVNWZUIBQWVAMKCZQBG
11. EJBKNIWPEKJOAYQNEPU 24. RWOXAVJCRXWBNLDARCH
12. FKCLOJXQFLKPBZROFQV 25. SXPYBWKDSYXCOMEBSDI
13. GLDMPKYRGMLQCASPGRW
 Simple substitution technique :
monoalphabetic substitution cipher
• A generalization of the Caesar cipher, called a simple
substitution cipher or monoalphabetic substitution
cipher, maps plaintext letters to ciphertext letters
according to a fixed mapping (the key).
• Example:
– p: ABCDEFGHIJKLMNOPQRSTUVWXYZ
– Fk(p) : QWERTYUIOPASDFGHJKLZXCVBNM
• Both the sender and receiver secretly share the key,
representing the plaintext-ciphertext letter mapping,
which is also called the substitution alphabet.
 Example
• Example:
–p: ABCDEFGHIJKLMNOPQRSTUVWXYZ
– Fk(p) : QWERTYUIOPASDFGHJKLZXCVBNM
• Plaintext : JUMP
• Cipher text : PXDH
 Simple substitution cipher :
Vigenère Cipher
• simplest polyalphabetic substitution cipher
• effectively multiple caesar ciphers
• key is multiple letters long K = k1 k2 ... Kd
• ith letter specifies ith alphabet to use
• use each alphabet in turn
• decryption simply works in reverse
Simple substitution cipher :
Vigenère Cipher
 Continued…
Mathematical Operation
P + K % 26 = E
Where
P = position of plaintext’s letter, starts from zero
K = position of key’s letter, starts from zero
Transposition cipher
 Railfence cipher
• A transposition cipher rearranges the plaintext
letters according to a secret transformation
defined by the key.
• The simplest example of this is the railfence cipher,
in which the plaintext is written in rows of n-letter
blocks (the number of columns n is the key) and
then the ciphertext is read in columns.
 Continued…
• Example:
– Plaintext: TRANSPOSITIONCIPHERX
– In this example, the key is: 5
– Re-write as rows of 5-letter blocks:
TRANS
POSIT
IONCI
PHERX
– Ciphertext: TPIPROOHASNENICRSTIX
• Problems with the railfence cipher:
– The first and last letters of the plaintext do not move
– The key is a number that divides the total message length
Single columnar transposition cipher
• In a single columnar transposition cipher, the key is a word
or phrase whose letters, in alphabetic order, indicate the
order of the columns as they are read
• Example:
– Plaintext: TRANSPOSITIONCIPHER
– Key is “SECRET”, so re-write as rows of 6-letter blocks:
SECRET CEERST
521436 123456
TRANSP ARSNTP
OSITIO ISITOO
NCIPHE ICHPNE
R R

– Ciphertext: AIIRSCSIHNTPTONRPOE
 Exclusive OR
• To encrypt, we simply XOR a plaintext message M
with our secret key K
– so that M⊕K = E.
• To decrypt we simply XOR the encrypted message E
with the same key,
– E⊕K = M.
 Vernam Cipher
• The basic encryption involves an randomly
long nonrepeating sequence of numbers that
are combined with the plaintext.
 Vernam Cipher
• Assign a number to each character of the plain text and the
key according to alphabetical order.

• Bitwise XOR both the number (Corresponding plain-text

character number and Key character number).

• Subtract the number from 26 if the resulting number is

greater than or equal to 26, if it isn’t then leave it.

40
 Vernam Cipher
Example:
• Plain-Text: O A K
• Key: S O N
• O ==> 14 = 0 1 1 1 0
• S ==> 18 = 1 0 0 1 0
• Bitwise XOR Result: 1 1 1 0 0 = 28
• 28 - 26 = 2 ==> C CIPHER-TEXT: C
 Book Cipher
• A cipher in which book or some aspect
of book (like page number, word number, etc)
is used as the key to encrypt a plaintext
message.
– Sender and receiver agree on text to pull key from
– Bible, Koran, Phone Book
•
Hashing in Cryptography

Data Integrity
 Data Integrity

• Encryption does not protect data from modification

by another party.
• Why?
• Need a way to ensure that data arrives at destination
in its original form as sent by the

44
 What ciphers do
• Encryption ciphers
– Provide confidentiality
– Eve can’t see what Alice and Bob are saying
– Can Eve do anything?

C= Encrypt(M)

?
Alice Bob

Eve
 What ciphers don’t do
• Suppose Eve can get between Alice and Bob
– What if Eve can manipulate the data?
Alice sent
I’ll send me M’
Bob M
How can Bob tell if Alice’s
message
M wasformodified?
Now a
few M’
changes

Alice Bob

Eve replaces M with M’

Eve
 Hashing
• A hash function is a mathematical algorithm that
maps input data of arbitrary size to a fixed-size
output (hash value).
• Hashing is one-way. It can't be decrypted.
• The output is often called a digest or hash
value.

h = H(M)
 Hashing is irreversible
Basically, a hash function for any file can be generated
to create a digital fingerprint. It’s almost impossible to
alter the file in any way without changing the hash
function of that file, so this is a good way of checking if
a file has been changed or corrupted.
• The same input always produces the same output.
• The hash value is of fixed length, regardless of input size.
• Hard to deduce the input from the hash output.
 Error Detection
• An error is defined as an unwanted change in data that is stored or
transmitted (Attack on data integrity)
• Example:
• If the following data is transmitted: “0011001100” and received as:
“0010001110”
Sent: 00110011 00
Received: 0011001110
we say that 1 error has occurred
 Burst Error
• If a sequence of consecutive symbols is changed then we
say a burst error has occurred (e.g., “0011001100”
received as “0011110011”)
Sent: 0011001100
Received: 0011110011
• Error detection is the ability to detect errors in stored or
transmitted data.
 Error Detecting Codes
• Errors in data can be detected as follows:
• The sender computes some error detection
function/Hash Function F on the data x and
transmits (x, F(x))
• The result F(x) is known as an error detecting
code/Hashing Alogoritm
• The receiver receives (y, z) and computes the
function F on the data y and compares the result F(y)
with z
• If F(y) = z then no errors occurred in the data
 Burst Error
• For detection, we need to send extra bits
• (redundant bits )
 Check Digits
• A simple form of error detection, particularly with a
long sequence of numbers, is the check digit
• Examples of where check digits are used: ISBNs
(books), ISSNs (magazines or journals), credit card
numbers, national identity card numbers
 Check Digits: ISBN
• An ISBN (International Standard Book Number) is a
10-digit number containing type of error detection
code called a check digit
• The last digit in the ISBN is the check digit and it is
calculated as follows:
– Multiply each of the first nine digits by its position (1 to 9)
– Sum the result of the products and divide the result by 11,
giving a remainder in the range 0 to 10
– If the remainder is 10, the check digit is ‘X’ otherwise the
check digit is the remainder
 Check Digits: ISBN Example
• Example:
– Henry Beker and Fred Piper,
– “Cipher Systems: The Protection of Communications”, John
Wiley & Sons, 1983;
– ISBN: 0471891924
• Book’s ISBN: 0471891924
• Multiply by: 123456789-
• Result (product): 0 8 21 4 40 54 7 72 18
• Sum of products: 224
• Divide by 11: q= 20, remainder=4
• Check digit: 4
Examples of Common Hash Functions
• MD5:
– Fast but no longer secure for cryptographic purposes.
– completely broken by researchers in China in 2004
– output 128 bits
• SHA-1:
– More secure than MD5 but now deprecated.
– output 160 bits
• SHA-2 (e.g., SHA-256, SHS-512):
– Widely used and secure.
– outputs 256 and 512 bits, respectively
• SHA-3:
– A newer standard for modern cryptography.
 Password authentication
• Basic idea
– User has a secret password
– System checks password to authenticate user
• Issues
– How is password stored?
– How does system check password?
– How easy is it to guess a password?
• Difficult to keep password file secret, so best if it is hard
to guess password even if you have the password file
First Approach

Stealing
Second Approach

Dictionary Attacks
 Third Approach

Eavesdropping
 Limitation of Hash
• So far we discussed the data integrity threats
and the use of hashing technique to detect if
any modification attacks have taken place on
the data.
• Another type of threat that exist for data is
the lack of message authentication. In this
threat, the user is not sure about the
originator of the message.
 Message Authentication Code (MAC)
• A message authentication code (MAC) is a short
piece of information that verifies the authenticity
and integrity of a message. It's used to confirm
that a message came from the intended sender
and that it hasn't been altered.
• MAC is an encrypted checksum (shared key)
generated on the underlying message that is sent
along with a message to ensure message
authentication.
Message Authentication Code (MAC)

Message
 Digital signature
• A digital signature is a cryptographic technique that
verifies the authenticity and integrity of a digital
document or message and provides non-repudiation
• How it works: A digital signature uses a mathematical
algorithm to create a unique hash of a document or
message. The sender then encrypts the hash with their
private key and sends the signed document to the
recipient. The recipient verifies the signature by:
– Generating their own hash of the document
– Decrypting the sender's hash with the sender's public key
– Comparing the two hashes
Confidentiality can be provided by further
encrypting the entire message and hash with
shared secrete key
 Summary
• Hashing
– ensures that data hasn’t changed, but it doesn’t verify
who created or modified it.
• MAC
– builds on hashing by adding authentication using a
shared secret key but lacks non-repudiation.
• Digital signatures
– combine integrity, authentication, and non-
repudiation using public/private key pairs, making
them suitable for critical applications like signing
documents or securing transactions.
 ??
A manager sends a confidential financial report
to the finance team using email. The report is
digitally signed but not encrypted.
• How does the finance team verify that the
document has not been tampered with?
• What risks still exist since the document was
not encrypted?
• How can encryption be incorporated to ensure
confidentiality?
 Weaknesses of DS
• The validity depends on security of sender’s
private key
• Sender can deny sending a message and claim
that the private key was stolen
• The key actually is stolen
Public Key Infrastructure (PKI)
Public Key Infrastructure (PKI)
Public Key Infrastructure (PKI)
Public Key Infrastructure (PKI)
Protection of public keys
 Protection of public keys
• A Digital certificate proves the ownership of a
public key. It is a digital document that links a
public key to an entity (e.g., a website or user).
– Includes details like the public key, certificate owner,
expiration date, and CA signature.
• A Certificate Authority (CA) is a trusted
organization or entity responsible for issuing,
managing, and verifying digital certificates.
– A digital certificate is issued by a CA and is signed
with CA’s private key.
X.509 Certificate
X.509 Certificate
CA Signature
 X.509 Certificate
• Some certificate components in X.509v3:
– Version
– Serial number
– Signature algorithm identifier: hash algorithm
– Issuer’s name; uniquely identifies issuer
– Interval of validity
– Subject’s name; uniquely identifies subject
– Subject’s public key
– Signature: encrypted hash

82
 How PKI works!
• Key Pair Generation
• Certificate Request
• Identity Verification
• Certificate Issuance
• Certificate Usage
• Verification
• Revocation and Renewal
 Public Key Infrastructure (PKI)
• Signature: The CA’s private key is used to sign
a hash of the certificate’s data. The signature
proves that the CA has verified the data and
that it hasn’t been altered.
• Verification: Anyone can use the CA’s public
key to decrypt the signature.
– If the decrypted hash matches the computed hash
of the certificate, then the certificate is valid and
authentic.
 Use
• Bilal gets Alia’s certificate
– If he knows Choudhary’s public key, he can validate the certificate
• Decrypt encrypted hash using Choudhary’s public key
• Re-compute hash from certificate and compare
• Check validity
• Is the principal Alia?
– Now Bilal has Alia’s public key
• Problem: Bilal needs Choudhary’s public key to validate
certificate
– That is, secure distribution of public keys
– Solution: Public Key Infrastructure (PKI) using trust anchors called
Certificate Authorities (CAs) that issue certificates

85
 PKI Trust Models Root CA is
normally
distinguished
by the fact
• A Single Global CA • Hierarchical CAs (Tree) That it has a
– Unmanageable, inflexible self-signed
– There is no universally Root CA
certificate
trusted organization
Levell I CA … Levell I CA
Job of all CAs is to ensure that
The public key they are signing
is valid. Levell n CA

User

– Offloads burden on multiple CAs

– Need to verify a chain of
certificates
– Still depends on a single trusted
root CA
86
 Validation and Cross-Certifying
• Alia’s CA is Choudhary; Bilal’s CA is Daud; how can Alia validate Bilal’s
certificate?
– Have Choudhary and Daud cross-certify
– Each issues certificate for the other
• Certificates:
– Choudhary<<Alia>>
– Daud<<Bilal>
– Choudhary<<Daud>>
– Daud<<Choudhary>>
• Alia validates Bilal’s certificate
– Alia obtains Choudhary<<Daud>>
– Alia uses (known) public key of Choudhary to validate Choudhary<<Daud>>
– Alia uses Choudhary<<Daud>> to validate Daud<<Bilal>>

87
 Example Scenario
• You visit a secure website
(https://example.com).
• The website sends its digital certificate to your
browser.
• Your browser:
– Verifies the certificate with the CA.
– Ensures the website is legitimate.
– Establishes an encrypted connection using the
website’s public key.
 Conclusion
• A digital certificate ensures the authenticity of
the public key and proves the identity of the
key owner, but it does not provide direct
security for the private key.
• The private key must be kept secure by the
entity that owns it using appropriate key
management and protection techniques.
 ??
An employee digitally signs an agreement to
purchase software for the company. Later, the
employee denies having signed the document.
• How can the digital signature be used to prove
the employee signed the agreement?
• What role does the certificate authority (CA)
play in this situation?
• What additional steps can the company take
to strengthen the non-repudiation process?
Data Encryption Standard
 Cryptographic system
• Characterized cryptographic system by:
– The type of encryption operations used
• All encryption algorithms based on two general
• principles
– Substitution: Each element in the plain text is mapped into
another element.
– Transposition: Elements in the plaintext are rearranged.
multiple stages of substitution &
transformation
 Confusion and Diffusion
• Cipher needs to completely obscure statistical
properties of original message
– a one-time pad does this
• More practically Claude Shannon suggested
combining S & P elements to obtain:
– diffusion – spreads the influence of each plaintext bit over
many ciphertext bits
– confusion – makes relationship between ciphertext and
key as complex as possible
 Overview of DES
• Most widely used block cipher in world
• Adopted in 1977 by NBS (now NIST)
• – as FIPS PUB 46
• A block cipher:
– encrypts blocks of 64 bits using a 56 bit key
– outputs 64 bits of ciphertext
• A product cipher
– basic unit is the bit
– performs both substitution (S-box) and transposition
(permutation) (P-box) on the bits
• Cipher consists of 16 rounds (iterations) each with a
round key generated from the user-supplied key
DES encryption overview
 Initial Permutation - IP
• The 64-bit input data (message) block is first bitwise
permutated (i.e., the bits within the block are rearranged)
• This is done using the following permutation table:

• Example: 35th bit of output block is equal to the 41 bit of the

input block.
 DES Round structure
• Uses two 32-bit L & R halves
• Li = Ri-1
• Ri = Li-1 ⊕ F(Ri–1, Ki)
• F takes 32-bit R half and 48-bit subkey:
– expands R to 48-bits using perm E
– adds to subkey using XOR
– passes through 8 S-boxes to get 32-bit result
– finally permutes using 32-bit perm P
DES Round Structure
 DES Round Structure

Li = Ri-1
Ri = Li-1 ⊕ F(Ri–1, Ki)
Expansion permutation - E
• The expansion permutation acts on the 32-bit input to
the cipher function
• It expands the 32-bit input block to a 48-bit output
block by duplicating some input bits at specified
positions
• The permutation is given by the following table:

• Example: 46 bit of output block (counting from left,

starting from bit 1) is equal to the 31st bit of input block
Expansion permutation - E
 Substitution Boxes - S
• The substitution boxes (S-boxes) map a 6-bit input
block to a 4-bit output block
• There are 8 S-boxes, so the 48-bit input block is
mapped to a 32-bit output block
Substitution Boxes - S
DES S-Boxes
• Each S-box has 4 rows and
16 columns.
• Suppose that the 6-bit input
to an S-box is denoted
abcdef.
• Let R = af (2 bit) and
• let C = bcde (4 bit).
• Look up the number at row
R and column C; this
number is the 4-bit output
of the S-box.
DES S-Boxes

Example: Input
101011 to S-box 5
corresponds to row
11 = 3 -> 4th and
column 0101 = 5 ->
6th column; output is
14 = 1110
DES Encryption Overview
Permutation (32-bit swap) - P
• The 32-bit output of the S-boxes is then bitwise
permutated (i.e., the bits within the block are
rearranged)
• This is done using the following permutation table:

• Example: 25th bit of output block is equal to the 19 bit of

the input block.
DES Encryption Overview
 Final permutation - IP-1
• The 32-bit output after 16 rounds is finally bitwise
permutated (i.e., the bits within the block are
rearranged)
• This is done using the following permutation table:

• Example: 41st bit of output block is equal to the 35th bit

of the input block.
 DES Decryption
• Decrypt must unwind steps of data computation
• Do encryption steps again using subkeys in reverse
order (SK16 … SK1)
– IP undoes final FP step of encryption
– 1st round with SK16 undoes 16th encrypt round
– –….
– 16th round with SK1 undoes 1st encrypt round
– then final FP undoes initial encryption IP
– thus recovering original data value
 Avalanche effect
• Key desirable property of an encryption algorithm
• Where a change of one input or key bit results in
changing approx. half of the output bits
• If the change were small, this might provide a way to
reduce the size of the key space to be searched
• DES exhibits strong avalanche
 Strength of DES – Key size
• 56-bit keys have 256 = 7.2 x 1016 values
• Brute force search looks hard
• Broken DES Encryption
– in 1997 on Internet in a few months
– in 1998 on dedicated h/w (EFF) in a few days
– in 1999 above combined in 22hrs!
• Still must be able to recognize plaintext

Must now consider alternatives to DES

 Elements to define strength of
Algorithm
• Block size
• Key size
• Number of rounds
• Subkey generation algorithm
• Round function
• Fast software en/decryption
• Ease of analysis
 Triple-DES with two keys
• Hence must use 3 encryptions
• would seem to need 3 distinct keys
• We can use 2 keys with E-D-E sequence
– C = EK1(DK2(EK1(P)))
– encrypt & decrypt equivalent in security
– if K1=K2 then can work with single DES
• Standardized in ANSI X9.17 & ISO8732
• No current known practical attacks
 Triple-DES with three keys
• Although there are no practical attacks on
two-key Triple-DES have some indications
• Can use Triple-DES with Three-Keys to avoid
even these
– C = EK3(DK2(EK1(P)))
• Has been adopted by some Internet
applications, eg PGP, S/MIME
3-DES
 Practice Questions
Given the 64-bit block of plaintext:
11010101 10101100 01111000 00100010 10010011
10110110 00001111 10101101, and a 56-bit key:
11110000 11001111 10101010 01110101 01011000
11001101 10010101, perform the Initial Permutation
(IP) and output the permuted block.
 Practice Questions
Given the 6-bit input block:
110010 and the following S-box (S1) used in the DES
encryption algorithm, find the 4-bit output after
applying the S-box.
 Practice Questions
Given two 32-bit halves from the plaintext:
Left half:
11010110 01101101 11011001 10101011
Right half:
10111011 01100110 11001100 11100111
The 48-bit subkey (K1) for round 1:
10110001 11010011 01010101 11001110
10100010 10110011 01101001 11001100
11110000
Perfom DES round operations.
Advanced Encryption Standard
(AES)

Sara Ali
Origins
 Clear a replacement for DES was needed
◦ – have theoretical attacks that can break it
◦ – have demonstrated exhaustive key search attacks
 For secure transmission Triple-DES can be used
but it is slow
 US NIST issued call for ciphers in 1997
 15 candidates accepted in June, 98
 5 were short-listed in Aug-99
 Rijndael was selected as the AES in Oct-2000
 Issued as FIPS PUB 197 standard in Nov-2001
Advanced Encryption Standard
 This standard specifies the Rijndael algorithm
 It is a symmetric block cipher that can process
data blocks of 128 bits
 Rijndael was designed to handle additional block
sizes
 Cipher keys with lengths of 128, 192, and 256
bits.
AES Algorithm
 For the AES algorithm, the length of the input
block, the output block and the State is 128
bits.
 This is represented by Nb= 4, which reflects the
number of 32-bit words (number of columns) in
the State.
 For the AES algorithm, the length of the Cipher
Key, K, is 128, 192, or 256 bits. The key length is
represented by Nk= 4, 6, or 8, which reflects
the number of 32-bit words (number of
columns) in the Cipher Key.
AES Algorithm
 For the AES algorithm, the number of rounds to
be performed during the execution of the
algorithm is dependent on the key size.
 The number of rounds is represented by Nr,
where
◦ Nr = 10 when Nk= 4
◦ Nr = 12 when Nk= 6
◦ Nr = 14 when Nk= 8
AES Algorithm
AES Round
 For Cipher, the AES algorithm uses a
round function that is composed of four
different byte oriented transformations:
◦ byte substitution using a substitution table (S-
box)
◦ shifting rows of the State array by different
offsets
◦ mixing the data within each column of the
State array
◦ Adding a Round Key to the State.
AES: Rijndael
AES
Byte Substitution
 A simple substitution of each byte
 Uses one table of 16x16 bytes containing a
permutation of all 256 8-bit values
 Each byte of state is replaced by byte indexed
by row (left 4-bits) & column (right 4-bits)
◦ eg. byte {95} is replaced by byte in row 9 column 5
◦ which has value {2A}
 Designed to be resistant to all known attacks
Byte Substitution
Substitution Box
Shift Rows
 A circular byte shift in each row
◦ 1st row is unchanged
◦ 2nd row does 1 byte circular shift to left
◦ 3rd row does 2 byte circular shift to left
◦ 4th row does 3 byte circular shift to left
 Since state is processed by columns, this step
permutes bytes between the columns
Shift Rows
Mix Columns
 Each column is processed separately
 Each byte is replaced by a value
dependent on all 4 bytes in the column
Mix Columns
Add Round Key
 XOR state with 128-bits of the round key
 • Again processed by column (though
 effectively a series of byte operations)
 • Designed to be as simple as possible
AES - Round
AES Decryption
 AES decryption is not identical to encryption
since steps done in reverse
 but can define an equivalent inverse cipher with
steps as for encryption
◦ using inverses of each step
◦ with a different key schedule
 works since result is unchanged when
◦ swap byte substitution & shift rows
◦ swap mix columns & add (tweaked) round key
AES Decryption
Reference
https://www.youtube.com/watch?v=gP4PqV
Gudtg
 Public-key encryption
• Developed to address key issues:
– key distribution – how to have secure
communications in general without having to trust at
KDC with your key
– digital signatures – how to verify a message comes
intact from the claimed sender
• Idea proposed in 1976 by Diffie-Hellman
– Each user generated a pair of keys
– Each user places one key in public ring and second is
private key
 Characteristics of public-key
encryption
• Public-Key algorithms rely on two keys which have
following characteristics:
– Computationally infeasible to find decryption key
knowing only algorithm & encryption key
– Computationally easy to en/decrypt messages when the
relevant (en/decrypt) key is known
– Either of the two related keys can be used for encryption,
with the other used for decryption (in some schemes)
Public-key encryption
 Public-key encryption
• If public key encryption is used:
– Encryption provides no confidence of sender
• Since anyone potentially knows public key
– However if
• Sender signs message using their private key
• Then encrypts with recipient's public key
• Have both secrecy and authentication
Public-key crypto systems
 Diffie-Hellman
• Alice and Bob want to share a secret key using Diffie-Hellman
• Alice chooses a large prime number p and a large number
called the generator g which is less than p; these two values (g
and p) are sent to Bob
• Alice chooses a number a and calculates A = ga (mod p); the
value A is sent to Bob
• Bob chooses a number b and calculates B = gb (mod p); the
value B is sent to Alice
• Alice calculates the shared secret K = Ba = gab (mod p)
• Bob calculates the shared secret K = Ab = gab (mod p)
Diffie-Hellman
Diffie-Hellman
 Question
• Suppose p=17 and g=3.
• Alice chooses a=7 and Bob chooses b=9.
• Calculate Alice's and Bob’s public keys.
• Calculate the shared secret S.
 Question
• Alice and Bob agree on p=37 and g=7.
Alice's private key is a=5, and Bob's private key is
b=12.
• Calculate Alice's public key A and Bob's public key
B.
• Compute the shared secret S.
 RSA
• RSA (Rivest-Shamir-Adleman)
– Developed in 1977
• Each person that wants to be able to receive encrypted
messages must generate a RSA key pair
• The RSA key pair is comprised of a
– public key (that is shared with the sender and anyone else that may
want to send encrypted messages to the receiver) and a
– private key (that is kept secret by the receiver)
• The public key is used by the sender to encrypt messages to
the receiver
• The private key is used by the receiver to decrypt messages
• The RSA key generation algorithm generates a public key
and a secret key (RSA key pair)
 RSA
• Bob wants to generate an RSA key pair so that his friends can
send him encrypted messages over an insecure channel
• He chooses two large prime numbers p and q and calculates
their product n = pq
• He chooses a number e that has no common factors with
φ(n) = (p-1)(q-1)
• The public key is the pair of numbers (e, n)
• Bob calculates:
d = e-1 (mod φ(n) )
• d is called the multiplicative inverse of e mod φ(n) ) and is
calculated using Euclid’s extended gcd algorithm
• Bob’s private key is the pair of numbers (d, n)
Information Security

Sara Ali
64
Protocols for Secure Communications
Internet Security
 S-HTTP (Secure Hypertext Transfer
Protocol)
• Provides encryption for individual web pages or files.
• Operates on the application layer to encrypt data only,
not the whole session.
• Focuses on confidentiality and data security for
specific HTTP messages.
• Largely replaced by HTTPS in modern usage due to
broader encryption scope.
 SSL/TLS (Secure Sockets Layer /
Transport Layer Security)
• SSL (deprecated) and TLS are cryptographic
protocols for secure communication.
• Encrypts the entire communication session between a
client (browser) and server.
• TLS is widely used for HTTPS (port 443), securing
web traffic.
• Ensures confidentiality, authentication, and integrity.
 Key Features of SSL/TLS
• Authentication: Uses digital certificates to verify
server identity.
– During the handshake phase, digital signatures verify the
identity of the server (and optionally the client).
– Uses public key infrastructure (PKI) with certificates issued
by Certificate Authorities (CAs).
• Encryption: Ensures data confidentiality through
encryption algorithms.
• Integrity: Prevents tampering using Message
Authentication Codes (MAC).
 Key Features of SSL/TLS
Common Use Cases:
• HTTPS: Secures web traffic (port 443).
• Email Security: Used in protocols like SMTPS,
IMAPS.
• VPNs: Used in some VPN implementations.
• VoIP: Secures voice communication.
Email Security
 PEM (Privacy-Enhanced Mail)
• Secure email transmission using encryption and
authentication.
• Encrypts messages and uses digital signatures for
authentication.
• Largely obsolete, replaced by S/MIME.
 S/MIME (Secure/Multipurpose
Internet Mail Extensions)
• Encrypts and digitally signs email messages.
• Uses X.509 certificates for encryption and
authentication.
• Provides confidentiality through encryption.
• Ensures integrity and authenticity with digital
signatures.
• Compatible with major email clients like Outlook,
Gmail and Apple Mail.
 PGP (Pretty Good Privacy)
• Encrypts and signs emails and files for confidentiality
and authenticity.
– uses symmetric encryption (e.g., AES) for encrypting the
actual content of the message or file and asymmetric
encryption to encrypt the symmetric encryption key.
• Decentralized 'web of trust' model for key
verification.
• Provides both encryption and digital signatures.
• Tools like Thunderbird with Enigmail and ProtonMail
integrate PGP encryption.
Web Security
 Wired Equivalent Privacy
• WEP is the first security protocol used to secure
wireless networks.
• Designed to provide data confidentiality and
network access control.
• Uses RC4 stream cipher for encryption which is
vulnerable to attacks
• WEP is considered insecure and obsolete.
 WPA
• was introduced to address WEP's vulnerabilities and
enhance wireless network security.
• Two versions: WPA (for home networks) and WPA2
(for both home and enterprise networks).
• Uses TKIP (Temporal Key Integrity Protocol) or
AES (Advanced Encryption Standard) for stronger
encryption.
• Unlike WEP, WPA uses per-session keys to increase
security.
 WPA 2
• Improved version of WPA.
• Uses AES for encryption, which is much stronger
than TKIP.
• Requires devices to support AES encryption,
providing more robust protection.
• Mandatory for Wi-Fi Certified networks since
2006.
Steganography
 Definition

• Digital steganography refers to concealment

of data within the bits and bytes of a cover
file.
– “Hiding in plain sight”
 Ancient Technique
• Steganography is an ancient technique. It is derived
from Greek words
– ‘Steganos’ meaning covered and
– ‘Graphein’ meaning to write.
• Most frequently, steganography
is applied to images, but many
other data or file types are
possible
• Audio
• Video
• Text
• Executable programs
• Links
 Steganography
Steganography simply takes one piece of information and hides
it within another
• Computer files (images, sounds recordings, even disks)
contain unused or insignificant areas of data
• Steganography takes advantage of these areas, replacing
them with information (encrypted mail, for instance).
• The files can then be exchanged without anyone knowing
what really lies inside of them
• An image of the space shuttle landing might contain a
private letter to a friend.
• Rumor has it that terrorists used steganography to transmit
messages to one another.
(http://www.wired.com/news/politics/0,1283,41658,00.html)

Reference: http://members.tripod.com/steganography/stego.html
 History
The concept of message hiding is not new – it’s been
around for centuries
– A Greek shaved the head of a slave, wrote a message,
then waited for the hair to grow back before sending the
slave to his destination
– Steganography (in the form of invisible ink) was used by
Washington in the Revolutionary War
– Prior to the Civil War, quilts were sewn with special
patterns to tell escaping slaves which direction to go and
what to do
– In the 1980’s, some of Margaret Thatcher’s cabinet
documents were leaked to the press. She ordered that
the word processors being used by government
employees, encode their identity in the word spacing of
the documents
How Does it Work?

STEGANOGRAPHY FLOW
Examples of Text Steganography
 Examples of Text Steganography
• Fishing freshwater bends and saltwater coasts
rewards anyone feeling stressed. Resourceful anglers
usually find masterful leapers fun and admit
swordfish rank overwhelming anyday.
• By taking the third letter in each word, the following
message emerges

“Send Lawyers, Guns, and Money“

Null ciphers (unencrypted messages). The real message is "camouflaged" in

an innocent sounding message.
Examples of Text Steganography
Since everyone can read, encoding text
in neutral sentences is doubtfully effective

Since Everyone Can Read, Encoding Text

In Neutral Sentences Is Doubtfully Effective

‘Secret inside’
Embedding Text in Pictures
 Embedding Messages within
photos
• A 24-bit bitmap will have 8 bits representing each of
the three color values (red, green, and blue) at each
pixel.
• The difference between 11111111 and 11111110 in
the value for blue intensity is likely to be
undetectable by the human eye.
• Therefore, the least significant bit can be used for
something else other than color information.
 Image steganography: LSB
Substitution
• Least Significant Bit (LSB) is the right most bit in a
sequence of bits.
• Changing this bit results in ±1 in the value of bit
string which is the smallest possible change.
LSB Substitution in Image Files
 How is this different from
Cryptography?
• Steganography is a complex
subject, but it is not
cryptography.

• While both hide a message,

steganography is meant to
make the message invisible,
while cryptography changes
the message’s form, by means
of replacement and/or
algorithm.
 How is this different from
Cryptography?
• The main goal is not to hide only the secret message
but also the existence of communication and secure
data transferring.
 Steganalysis
• Steganalysis is the detection of data that has been
hidden
• It is a cat and mouse game
– as one group of researchers come up with better ways to
hide stuff, another group figures out how to detect it or
perhaps just destroy it
Digital Forensics
 What is Forensic Science?
• …the application of science to those criminal
and civil laws that are enforced by police
agencies in a criminal justice system.
 Forensic Science is…
• Applied Science
• Often called “criminalistics”
Punjab Forensics Science Agency
 Digital Forensics
• Analyzes digital evidence obtained from laptops,
computers, and storage media to support ongoing
investigations and legal proceedings
• Used to investigate what happened during attack on
assets and how attack occurred
• Based on the field of traditional forensics
• Involves identifying, acquiring, processing,
analyzing, and reporting on data stored
electronically.
• Evidentiary material (EM): any information that could
potentially support organizations legal or policy-
based case against suspect
 Digital Forensics (cont’d.)
• Used for two key purposes:
– To investigate allegations of digital malfeasance
– To perform root cause analysis
• Organization chooses one of two approaches:
– Protect and forget (patch and proceed): defense of data
and systems that house, use, and transmit it
– Apprehend and prosecute (pursue and prosecute):
identification and apprehension of responsible individuals,
with additional attention on collection and preservation of
potential EM that might support administrative or criminal
prosecution
 Scope of Digital Forensics
• Mobile Device Forensics
• Network Forensics
• Digital Image Forensics
• Digital Video/Audio Forensics
• Memory Forensics
and the list goes on…
 The Digital Forensics Team
• Most organizations
– Cannot sustain a permanent digital forensics team
– Collect data and outsource analysis
• Information security group personnel should be
trained to understand and manage the forensics
process to avoid contamination of potential EM
• Expertise can be obtained by training
 Affidavits and Search Warrants
• After the crime is reported, the investigating agent
would create an affidavit requesting a search
warrant.
• Affidavit
– Sworn testimony that certain facts are in the possession of
the investigating officer that they feel warrant the
examination of specific items located at a specific place
– The facts, the items, and the place must be specified
• When an approving authority signs the affidavit, it
becomes a search warrant, giving permission to:
– Search the EM at the specified location
– Seize items to return to the investigator for examination
 Digital Forensics Methodology
• All investigations follow the same basic methodology
– Identify relevant items of evidentiary value (EM)
– Acquire (seize) the evidence without alteration or damage
• Take steps to assure that the evidence is at every step verifiably
authentic and is unchanged from the time it was seized
– Analyze the data without risking modification or
unauthorized access
– Report the findings to the proper authority
 Evidentiary Procedures
• Strong procedures for the handling of potential
evidentiary material can minimize the probability of
an organization’s losing a legal challenge
• Organizations should develop specific procedures
with guidance, for example:
– Who may conduct an investigation and who is authorized
in an investigation
– What affidavit- and search warrant-related issues are
required
– The methodology to be followed
– The final report format