UNIT I

Services, Mechanisms and attacks-the OSI security architecture-Network security model-Classical

Encryption techniques (Symmetric cipher model, substitution techniques, transposition techniques,
steganography).FINITE FIELDS AND NUMBER THEORY: Groups, Rings, Fields-Modular
arithmetic-Euclid’s algorithm-Finite fields- Polynomial Arithmetic –Prime numbers-Fermat’s and
Euler’s theorem-Testing for primality -The Chinese remainder theorem- Discrete logarithms.

INTRODUCTION
Computer data often travels from one computer to another, leaving the safety of its protected physical
surroundings. Once the data is out of hand, people with bad intention could modify or forge your data,
either for amusement or for their own benefit.

Cryptography can reformat and transform our data, making it safer on its trip between computers. The
technology is based on the essentials of secret codes, augmented by modern mathematics that protects
our data in powerful ways.

• Computer Security - generic name for the collection of tools designed to protect data and to
thwart hackers
• Network Security - measures to protect data during their transmission
• Internet Security - measures to protect data during their transmission over a collection of
interconnected networks

Security Attacks, Services and Mechanisms

To assess the security needs of an organization effectively, the manager responsible for security needs
some systematic way of defining the requirements for security and characterization of approaches to
satisfy those requirements. One approach is to consider three aspects of information security:
Security attack – Any action that compromises the security of information owned by an organization.
Security mechanism – A mechanism that is designed to detect, prevent or recover from a security
attack.
Security service – A service that enhances the security of the data processing systems and the
information transfers of an organization. The services are intended to counter security attacks and they
make use of one or more security mechanisms to provide the service
Basic Concepts
Cryptography The art or science encompassing the principles and methods of transforming an
intelligible message into one that is unintelligible, and then retransforming that message back to its
original form.
Plaintext The original intelligible message
Cipher text The transformed message
Cipher An algorithm for transforming an intelligible message into one that is unintelligible by
transposition and/or substitution methods
Key Some critical information used by the cipher, known only to the sender& receiver
Encipher (encode) The process of converting plaintext to cipher text using a cipher and a key
Decipher (decode) the process of converting cipher text back into plaintext using a cipher and a key
Cryptanalysis The study of principles and methods of transforming an unintelligible message
back into an intelligible message without knowledge of the key. Also called code breaking.
Cryptology Both cryptography and cryptanalysis.
Code An algorithm for transforming an intelligible message into an unintelligible one using a code-
book
 Cryptography
Cryptographic systems are generally classified along 3 independent dimensions:

Type of operations used for transforming plain text to cipher text

All the encryption algorithms are based on two general principles: substitution, in which each element
in the plaintext is mapped into another element, and transposition, in which elements in the plaintext
are rearranged.

The number of keys used

If the sender and receiver uses same key then it is said to be symmetric key (or) single key (or)
conventional encryption.
If the sender and receiver use different keys then it is said to be public key encryption.

The way in which the plain text is processed

A block cipher processes the input and block of elements at a time, producing output block for
each input block.
A stream cipher processes the input elements continuously, producing output element one at a
time, as it goes along.

Cryptanalysis
The process of attempting to discover X or K or both is known as cryptanalysis. The strategy used by
the cryptanalysis depends on the nature of the encryption scheme and the information available to the
cryptanalyst.
There are various types of cryptanalytic attacks based on the amount of information known to the
cryptanalyst.
Cipher text only – A copy of cipher text alone is known to the cryptanalyst.
Known plaintext – The cryptanalyst has a copy of the cipher text and the corresponding plaintext.
Chosen plaintext – The cryptanalysts gains temporary access to the encryption machine. They cannot
open it to find the key, however; they can encrypt a large number of suitably chosen plaintexts and try
to use the resulting cipher texts to deduce the key.
Chosen cipher text – The cryptanalyst obtains temporary access to the decryption machine, uses it to
decrypt several string of symbols, and tries to use the results to deduce the key.

STEGANOGRAPHY

A plaintext message may be hidden in any one of the two ways. The methods of steganography conceal
the existence of the message, whereas the methods of cryptography render the message unintelligible to
outsiders by various transformations of the text.
A simple form of steganography, but one that is time consuming to construct is one inwhich an
arrangement of words or letters within an apparently innocuous text spells out the real message.
e.g., (i) the sequence of first letters of each word of the overall message spells out the real
(Hidden) message.
(ii) Subset of the words of the overall message is used to convey the hidden message.
Various other techniques have been used historically, some of them are
Character marking – selected letters of printed or typewritten text are overwritten in pencil. Themarks
are ordinarily not visible unless the paper is held to an angle to bright light.
Invisible ink – a number of substances can be used for writing but leave no visible trace until heat
or some chemical is applied to the paper.
Pin punctures – small pin punctures on selected letters are ordinarily not visible unless the paper is held
in front of the light. Typewritten correction ribbon – used between the lines typed with a black ribbon,
the results of typing with the correction tape are visible only under a strong light.

Drawbacks of steganography

Requires a lot of overhead to hide a relatively few bits of information.

Once the system is discovered, it becomes virtually worthless.

SECURITY SERVICES

The classification of security services are as follows:

Confidentiality: Ensures that the information in a computer system a n d transmitted
information are accessible only for reading by authorized parties.
E.g. Printing, displaying and other forms of disclosure.
Authentication: Ensures that the origin of a message or electronic document is correctly
identified, with an assurance that the identity is not false.
Integrity: Ensures that only authorized parties are able to modify computer system assets and
transmitted information. Modification includes writing, changing status, deleting, creating
and delaying or replaying of transmitted messages.
Non repudiation: Requires that neither the sender nor the receiver of a message be able to deny
the transmission.
Access control: Requires that access to information resources may be controlled by or the target
system.
Availability: Requires that computer system assets be available to authorized parties when
needed
 SECURITY MECHANISMS
One of the most specific security mechanisms in use is cryptographic techniques.
Encryption or encryption-like transformations of information are the most common means of
providing security. Some of the mechanisms are

Cryptographic Attacks
Passive Attacks
Passive attacks are in the nature of eavesdropping on, or monitoring of, transmissions. The goal
of the opponent is to obtain information that is being transmitted. Passive
attacks are of two types:
Release of message contents: A telephone conversation, an e-mail message and a transferred file
may contain sensitive or confidential information. We would like to prevent the opponent from
learning the contents of these transmissions.
Traffic analysis: If we had encryption protection in place, an opponent might still be able to
observe the pattern of the message. The opponent could determine the location and identity of
communication hosts and could observe the frequency and length of messages being
exchanged. This information might be useful in guessing the nature of communication that was
taking place.
Passive attacks are very difficult to detect because they do not involve any alteration of data.
However, it is feasible to prevent the success of these attacks.

Active attacks
These attacks involve some modification of the data stream or the creation of a false stream. These
attacks can be classified in to four categories:
Masquerade – One entity pretends to be a different entity.
Replay – involves passive capture of a data unit and its subsequent transmission to produce an
unauthorized effect.
Modification of messages – Some portion of message is altered or the messages are delayed or
recorded, to produce an unauthorized effect.
Denial of service – Prevents or inhibits the normal use or management of communication
facilities. Another form of service denial is the disruption of an entire network, either by disabling
the network or overloading it with messages so as to degrade performance.
It is quite difficult to prevent active attacks absolutely, because to do so would require physical
protection of all communication facilities and paths at all times. Instead, the goal is to detect them
and to recover from any disruption or delays caused by them.

Symmetric and public key algorithms

Encryption/Decryption methods fall into two categories.

 Symmetric key
 Public key

In symmetric key algorithms, the encryption and decryption keys are known both to sender and
receiver. The encryption key is shared and the decryption key is easily calculated from it.In many cases,
the encryption and decryption keys are the same.

In public key cryptography, encryption key is made public, but it is computationally infeasible to find
the decryption key without the information known to the receiver.

A message is to be transferred from one party to another across some sort of internet. The two
parties, who are the principals in this transaction, must cooperate for the exchange to take place.
A logical information channel is established by defining a route through the internet from source
to destination and by the cooperative use of communication protocols (e.g., TCP/IP) by the
two principals.
 CONVENTIONAL ENCRYPTION
• Referred conventional / private-key / single-key
• Sender and recipient share a common key
All classical encryption algorithms are private-key was only type prior to invention of publickey in
1970‟plaintext - the original message

Some basic terminologies used:

• cipher text - the coded message
• Cipher - algorithm for transforming plaintext to cipher text
• Key - info used in cipher known only to sender/receiver
• encipher (encrypt) - converting plaintext to cipher text
• decipher (decrypt) - recovering cipher text from plaintext
• Cryptography - study of encryption principles/methods
• Cryptanalysis (code breaking) - the study of principles/ methods of deciphering cipher text
without knowing key
• Cryptology - the field of both cryptography and cryptanalysis

Here the original message, referred to as plaintext, is converted into apparently random
nonsense, referred to as cipher text. The encryption process consists of an algorithm and a key.
The key is a value independent of the plaintext. Changing the key changes the output of the
algorithm. Once the cipher text is produced, it may be transmitted. Upon reception, the
cipher text can be transformed back to the original plaintext by using a decryption algorithm

and the same key that was used for encryption. The security depends on several factors. First, the
encryption algorithm must be powerful enough that it is impractical to decrypt a message on the basis
of cipher text alone. Beyond that, the security depends on the secrecy of the key, not the secrecy of the
algorithm.

• Two requirements for secure use of symmetric encryption:

– A strong encryption algorithm
– A secret key known only to sender / receiver
Y = EK(X)
X = DK(Y)

• assume encryption algorithm is known

• implies a secure channel to distribute key

A source produces a message in plaintext, X = [X1, X2… XM] where M are the number of letters in
the message. A key of the form K = [K1, K2… KJ] is generated. If the key is generated at the source,
then it must be provided to the destination by means of some secure channel.

With the message X and the encryption key K as input, the encryption algorithm forms thecipher text Y
= [Y1, Y2, YN]. This can be expressed as
Y = EK(X)

The intended receiver, in possession of the k e y , is able to invert the transformation:

X = DK(Y)

An opponent, observing Y but not having access to K or X, may attempt to recover X or K or both. It is
assumed that the opponent knows the encryption and decryption algorithms.

If the opponent is interested in only this particular message, then the focus of effort is to recover X by
generating a plaintext estimate. Often if the opponent is interested in being able to read future messages
as well, in which case an attempt is made to recover K by generating an estimate.

CLASSICAL CRYPTOSYSTEMS:
Note:
• Classical Symmetric Cipher
– Substitution Cipher
– Transposition Cipher
• Modern Symmetric Ciphers (DES)
I)Substitution cipher:
-A substitution technique is one in which the letters of plaintext are replaced by other letters or by
numbers or symbols.

Types:
1) Monoalphabetic cipher
2) Transposition cipher
II)Transposition cipher:
-The core idea is to rearrange the order of letters/bytes/bits without altering their actual values.
I)SUBSTITUTION CIPHER:
1) Monoalphabetic cipher
--In monoalphabetic cipher,a character in the plaintext is always changed to the same character in the
ciphertext regardless of its position in the text.
--ciphers in which the same plaintext letters are always replaced by the same ciphertext letters. Mono,
meaning one,indicates that each letter has a single substitute.
 --The relationship between letters in the plaintext and the ciphertext is one-to-one.
Example:
1. Additive cipher(Caesar or shift cipher)
2. Multiplicative cipher

3. Affine cipher

ADDITIVE CIPHER(CAESAR OR SHIFT CIPHER):

--Historically, additive ciphers are called shift ciphers. Julius Caesar used an additive cipher to
communicate with his officers. For this reason, additive ciphers are sometimes referred to as the Caesar
cipher. Caesar used a key of 3 for his communications.
--The simplest monoalphabetic cipher is the additive cipher. This cipher is sometimes called a shift cipher
and sometimes a Caesar cipher, but the term additive cipher better reveals its mathematical nature.

Figure 3.9 Additive cipher

 Example
Use the additive cipher with key = 15 to encrypt the message “hello”.
Solution
We apply the encryption algorithm to the plaintext, character by character:

Example
Use the additive cipher with key = 15 to decrypt the message “WTAAD”.
Solution
We apply the decryption algorithm to the plaintext character by character:
Example

MULTIPLICATIVE CIPHERS
Figure 3.10 Multiplicative cipher
Example
We use a multiplicative cipher to encrypt the message “hello” with a key of 7. The ciphertext is
“XCZZU”.

AFFINE CIPHERS
Figure 3.11 Affine cipher

Example
Use an affine cipher to encrypt the message “hello” with the key pair (7, 2).
Example
Use the affine cipher to decrypt the message “ZEBBW” with the key pair (7, 2) in modulus 26.
Solution
MONOALPHABETIC SUBSTITUTION CIPHER

Because additive, multiplicative, and affine ciphers have small key domains, they are very
vulnerable to brute-force attack.
A better solution is to create a mapping between each plaintext character and the corresponding
ciphertext character. Alice and Bob can agree on a table showing the mapping for each character.
Figure An example key for monoalphabetic substitution cipher

Example
We can use the key in Figure to encrypt the message

The ciphertext

is

2)Polyalphabetic Ciphers(autokey,playfair,Hill, Vigenere, Enigma Machine )

In polyalphabetic substitution, each occurrence of a character may have a different substitute. The
relationship between a character in the plaintext to a character in the ciphertext is one-to-many.
AUTOKEY CIPHER

Example:
Assume that Alice and Bob agreed to use an autokey cipher with initial key value k1 = 12. Now Alice
wants to send Bob the message “Attack is today”. Enciphering is done character by character.
-Here the first subkey is a predetermined value secretly agreed upon by Alice and Bob.The second
subkey is the value of the first plaintext character (between 0 and 25).The third subkey is the value of
the second plaintext and so on..
PLAYFAIR CIPHER
Figure 3.13 An example of a secret key in the Playfair cipher

Let us encrypt the plaintext “hello” using the key in Figure 3.13.

Use this rules for encryption/decryption(HELLO)

1)break the plaintext into pairs.(example:HE,LL,O)
2)Insert duplicate character if pair posses similar characters (Example:LL is the pair means
,then insert X in between LL ,so that it will result in HE,LX,LO pairs).
3)If characters of a pair
 Present in same row-then replace that with character that appears very next to it(right
side).
 Present in same column –Then replace by a character which is below it .
 If not in same row or column,the corresponding encrypted character for each letter is a
letter that is in its own row but in the same column as the other letter.
VIGENERE CIPHER

Example
We can encrypt the message “She is listening” using the 6-character keyword “PASCAL”.
The initial key stream is (15, 0, 18, 2, 0, 11). The key stream is the repetition of this initial key stream
(as many times as needed).
HILL CIPHER
The plaintext is divided in to equal-sized blocks.The blocks are encrypted one at a time in such a way
that each character in the block contributes to the encryption of other characters in the block.For this
reason,the hill cipher belongs to the category of block ciphers.
Figure 3.15 Key in the Hill cipher(must be a square matrix)

Note
1)The key matrix in the Hill cipher needs to have a multiplicative inverse.
2)For Hill cipher problem refer to class notes.
ONE-TIME PAD (VERNAM CIPHER OR PERFECT CIPHER)
One of the goals of cryptography is perfect secrecy. A study by Shannon has shown that perfect secrecy
can be achieved if each plaintext symbol is encrypted with a key randomly chosen from a key domain.
This idea is used in a cipher called one-time pad, invented by Vernam.
Features:Difficult to implement.As it requires key exchange between bob and Alice aeach time she has
a message to send.
Application:Used between presidents of two country(where security matters not money).

ENIGMA MACHINE
Figure A schematic of the Enigma machine

The Nazi Enigma machine is undoubtedly the most famous cipher machine in history. This machine,
first offered commercially in 1923, looked like a typewriter keyboard with a light panel to display
rather than print the output. It used three interchangeable rotors to encipher each letter of a message
multiple times with a different cipher alphabet.
For example,When the operator presses the letter 'T' on the keyboard it creates an electric signal that
begins the journey through the Enigma machine wiring that will end with a lamp flashing on the
lampboard(the flash on a character indicates ,it is the encrypted character of ‘T’).
II)TRANSPOSITION CIPHERS
A transposition cipher does not substitute one symbol for another, instead it changes the
location of the symbols.
Keyless Transposition Ciphers
Example
A good example of a keyless cipher using the first method is the rail fence cipher. The
ciphertext is created reading the pattern row by row. For example, to send the message “Meet me at the
park” to Bob, Alice writes
 Example
Alice and Bob can agree on the number of columns and use the second method. Alice writes the same
plaintext, row by row, in a table of four columns.

The cipher in Example 3.23 is actually a transposition cipher. The following shows the permutation of
each character in the plaintext into the ciphertext based on the positions.
Keyed Transposition Ciphers
The keyless ciphers permute the characters by using writing plaintext in one way and reading it in
another way The permutation is done on the whole plaintext to create the whole ciphertext. Another
method is to divide the plaintext into groups of predetermined size, called blocks, and then use a key to
permute the characters in each block separately.
Example
Alice needs to send the message “Enemy attacks tonight” to Bob..

The key used for encryption and decryption is a permutation key, which shows how the character are
permuted.

The permutation yields

 Euclid Algorithm:

 Greatest Common Divisor (GCD) of two integers A and B is the largest integer that
divides both A and B.

The Algorithm:

The Euclidean Algorithm for finding GCD(A,B) is as follows:

 If A = 0 then GCD(A,B)=B, since the GCD(0,B)=B, and we can stop.
 If B = 0 then GCD(A,B)=A, since the GCD(A,0)=A, and we can stop.
 Write A in quotient remainder form (A = B⋅ Q + R)
 Find GCD(B,R) using the Euclidean Algorithm since GCD(A,B) = GCD(B,R)

Example:
Find the GCD of 270 and 192
 A=270, B=192
 A ≠0
 B ≠0
 Use long division to find that 270/192 = 1 with a remainder of 78. We can write this as: 270 =
192 * 1 +78
 Find GCD(192,78), since GCD(270,192)=GCD(192,78)
A=192, B=78
 A ≠0
 B ≠0
 Use long division to find that 192/78 = 2 with a remainder of 36. We can write this as:
 192 = 78 * 2 + 36
 Find GCD(78,36), since GCD(192,78)=GCD(78,36)
A=78, B=36
 A ≠0
 B ≠0
 Use long division to find that 78/36 = 2 with a remainder of 6. We can write this as:
 78 = 36 * 2 + 6
 Find GCD(36,6), since GCD(78,36)=GCD(36,6)
A=36, B=6
 A ≠0
 B ≠0
 Use long division to find that 36/6 = 6 with a remainder of 0. We can write this as:
 36 = 6 * 6 + 0
 Find GCD(6,0), since GCD(36,6)=GCD(6,0)
A=6, B=0
 A ≠0
 B =0, GCD(6,0)=6
So we have shown:
GCD(270,192) = GCD(192,78) = GCD(78,36) = GCD(36,6) = GCD(6,0) = 6
GCD(270,192) = 6

Understanding the Euclidean Algorithm

If we examine the Euclidean Algorithm we can see that it makes use of the following properties:
 GCD(A,0) = A
 GCD(0,B) = B
 If A = B⋅ Q + R and B≠0 then GCD(A,B) = GCD(B,R) where Q is an integer, R is an integer
between 0 and B-1
The first two properties let us find the GCD if either number is 0. The third property lets us take a
larger, more difficult to solve problem, and reduce it to a smaller, easier to solve problem.
The Euclidean Algorithm makes use of these properties by rapidly reducing the problem into easier and
easier problems, using the third property, until it is easily solved by using one of the first two
properties.
We can understand why these properties work by proving them.
We can prove that GCD(A,0)=A is as follows:
 The largest integer that can evenly divide A is A.
 All integers evenly divide 0, since for any integer, C, we can write C ⋅ 0 = 0. So we can
conclude that A must evenly divide 0.
 The greatest number that divides both A and 0 is A.
The proof for GCD(0,B)=B is similar. (Same proof, but we replace A with B).
To prove that GCD(A,B)=GCD(B,R) we first need to show that GCD(A,B)=GCD(B,A-B).

Introduction to Number theory:

-As a result of the fears of (say) the improved methods of factoring large numbers,
cryptographers have turned to other methods such as abstract algebra to find security.
-As with number theory, the level of maths introduced will be enough to provide a
basic understanding of the common cryptographic algorithms. Some topics that will
be discussed are:

•Groups
•Rings
•Fields
•Polynomial arithmetic

Before continuing here are some explanations of what some of the notation used repre-
sents. Don’t let the notation confuse you, it is only used to explain the concepts using
as little English as possible.
-If a group has a finite number of elements it is referred to as a finite group and the
order of the group is equal to the number of elements in the group. Otherwise, the group is an infinite
group.
 Modular Arithmetic:

In Modular Arithmetic, we add, subtract , multiply, divide and exponentiate as

follows:

A) Mod Addition

Let's start simple: What time is it 10 hours after 11:00? It is 11+10 = 21 o'clock, and 21 minus the
modulus 12 leaves a remainder of 9, thus 9 o'clock.

Let's write the two examples in mod notation:

11+10 = 21 mod 12 = 9 and 11 + 22 = 33 mod 12 = 9.

How to perform Mod Addition:

 First add the two numbers,

 Secondly, divide the sum by the modulus to compute the remainder

B) Mod Subtraction

Subtraction is performed in a similar fashion:

 First subtract,
 secondly compute the remainder.
Example 1:
25 - 8 = 17 MOD 12 = 5
Example 2:
50 - 11 = 39 MOD 12 = 3

What if we obtain a negative answer?

Thus, if the answer is negative,

add the modulus you get a positive number. That number must be between 0 and the modulus.

Example 3:
3 - 50 = -47 MOD 12 = 1 since - 1 + 12 =11.
Example 4:
14 - 77 = -63 MOD 12 = 9 since -63 + 12 + 12 + 12 + 12 + 12 + 12 = 9.
Example 5:
50 - 11 = -39 MOD 15 = 6 since -39 + 15 + 15 + 15 = 6

C) Mod Multiplication

Since multiplication of positive numbers is repeated addition it can be reduced to the above mod
addition.

How do we compute 5 * 8 MOD 12?

First we multiply: 5 * 8 = 40
secondly we find the remainder: 40 MOD 12 = 4.

3 Computation Rules for Mod Arithmetic

1) a + b mod m = (a mod m) + (b mod m)
2) a - b mod m = (a mod m) - (b mod m)
3) a * b mod m = (a mod m) * (b mod m)

D) Mod Division
Division is the inverse operation of multiplication. This means that every division question can be
answered by answering a "find the missing number" multiplication question.

I.e. Since 5*8 = 4 MOD

12 dividing
by 5 yields
8 = 4/5 MOD 12.
Thus, if I had asked you: Compute 4/5 MOD 12, the answer is apparently 8.
Example 1:
To compute 5 / 7 mod 12, we introduce an x
x = 5 / 7 mod 12 to multiply both sides by 7.
7x = 5 mod 12.
We find x by testing the 12 different remainders 0, 1, ...11.
Trial and error yields x=11 since
7 * 11 mod 12 = 77 mod 12 = 5