Lakshmi Narain College Of Technology And

Science , Bhopal

Lab File

Subject name:- Cryptography and

Information Security
Subject Code:- CS703[A]
Session:-2022

Submitted to Submitted By-

Dr .Bhawana Pillai Shantanu Sahay
Enroll No.- 0157CS191158
Roll No. - 155
INDEX

EX. Name of the experiment

No.
 1. Perform encryption, decryption using the following substitution
techniques
i. Ceaser cipher ii. Playfair cipher iii. Hill Cipher iv. Vigenere cipher

2. Perform encryption and decryption using following transposition

techniques
i. Rail fence ii. Row & Column Transformation

3. Apply DES algorithm for practical applications.

4. Apply AES algorithm for practical applications.
5. Implement RSA Algorithm using HTML and JavaScript
6. Implement the Diffie-Hellman Key Exchange algorithm for a given
problem

7. Calculate the message digest of a text using the SHA-1 algorithm.

8. Implement the SIGNATURE SCHEME - Digital Signature Standard.

9. Demonstrate intrusion detection system (ids) using any tool eg. Snort or
any other software.

10. Automated Attack and Penetration Tools Exploring N-Stalker, a

Vulnerability Assessment Tool

1. Perform encryption ,decryption using the following substitution techniques

i. Ceaser cipher ii.

Playfair cipher iii.

Hill Cipher iv.

Vigenere cipher
i)Caesar Cipher
The Caesar Cipher technique is one of the earliest and simplest methods of
encryption technique. It’s simply a type of substitution cipher, i.e., each letter of
a given text is replaced by a letter with a fixed number of positions down the
alphabet. For example, with a shift of 1, A would be replaced by B, B would
become C, and so on. The method is apparently named after Julius Caesar, who
apparently used it to communicate with his officials.
Thus, to cipher a given text we need an integer value, known as a shift which
indicates the number of positions each letter of the text has been moved down.
The encryption can be represented using modular arithmetic by first
transforming the letters into numbers, according to the scheme, A = 0, B = 1,…,
Z = 25. Encryption of a letter by a shift n can be described mathematically as.
Algorithm for Caesar Cipher:
Input:
1. A String of lower-case letters, called Text.
2. An Integer between 0-25 denoting the required shift.

ii) Playfair Cipher

The Playfair cipher was the first practical digraph substitution cipher.
The scheme was invented in 1854 by Charles Wheatstone but was
named after Lord Playfair who promoted the use of the cipher. In Playfair
cipher unlike traditional cipher we encrypt a pair of alphabets(digraphs) instead
of a single alphabet.
It was used for tactical purposes by British forces in the Second Boer War and
in World War I and for the same purpose by the Australians during World War
II. This was because Playfair is reasonably fast to use and requires no special
equipment.

1. Generate the key Square(5×5):

• The key square is a 5×5 grid of alphabets that acts as the key
for encrypting the plaintext. Each of the 25 alphabets must
be unique and one letter of the alphabet (usually J) is
omitted from the table (as the table can hold only 25
alphabets). If the plaintext contains J, then it is replaced by I.

• The initial alphabets in the key square are the unique

alphabets of the key in the order in which they appear
followed by the remaining letters of the alphabet in order.
 2. Algorithm to encrypt the plain text: The plaintext is split into pairs of
two letters (digraphs). If there is an odd number of letters, a Z is
added to the last letter. For example:

PlainText: "instruments"
After Split: 'in' 'st' 'ru' 'me' 'nt' 'sz'
1. Pair cannot be made with same letter. Break the letter in single andadd a
bogus letter to the previous letter.
Plain Text: “hello”
After Split: ‘he’ ‘lx’ ‘lo’
Here ‘x’ is the bogus letter.
2. If the letter is standing alone in the process of pairing, then add an
extra bogus letter with the alone letter
Plain Text: “helloe”
AfterSplit: ‘he’ ‘lx’ ‘lo’ ‘ez’
Here ‘z’ is the bogus letter.

iii) Hill Cipher

Hill cipher is a polygraphic substitution cipher based on linear algebra. Each
letter is represented by a number modulo 26. Often the simple scheme A = 0, B
= 1, …, Z = 25 is used, but this is not an essential feature of the cipher. To
encrypt a message, each block of n letters (considered as an n-component
vector) is multiplied by an invertible n × n matrix, against modulus 26. To
decrypt the message, each block is multiplied by the inverse of the matrix used
for encryption. The matrix used for encryption is the cipher key, and it should
be chosen randomly from the set of invertible n × n matrices (modulo 26).
Examples:

Input : Plaintext: ACT

Key: GYBNQKURP
Output : Ciphertext: POH
Input : Plaintext: GFG

Key: HILLMAGIC

Output : Ciphertext: SWK

iv) Vigenere Cipher

It is a method of encrypting alphabetic text. It uses a simple form of polyalphabetic
substitution. A polyalphabetic cipher is any cipher based on substitution, using
multiple substitution alphabets. The encryption of the original text is done using the
VigenèresquareorVigenèretable.
• The table consists of the alphabets written out 26 times in different rows,
each alphabet shifted cyclically to the left compared to the previous
alphabet, corresponding to the 26 possible Caesar Ciphers.
• At different points in the encryption process, the cipher uses a different
alphabet from one of the rows.
• The alphabet used at each point depends on a repeating keyword.

2. Perform encryption and decryption using following transposition techniques.

Rail fence-Row & Column Transformation
Rail Fence Cipher – Encryption and Decryption
Given a plain-text message and a numeric key, cipher/de-cipher the given text
using Rail Fence algorithm.
The rail fence cipher (also called a zigzag cipher) is a form of transposition
cipher. It derives its name from the way in which it is encoded. Examples:

Encryption
Input : "peace and love "
Key = 3
Output : epacvolenda
Decryption
Input : epacvolenda
Key = 3
Output : "peace and love "

Columnar Transposition Cipher

Given a plain-text message and a numeric key, cipher/de-cipher the given text
using Columnar Transposition Cipher
The Columnar Transposition Cipher is a form of transposition cipher just
like Rail Fence Cipher. Columnar Transposition involves writing the
plaintext out in rows, and then reading the ciphertext off in columns one by
one. Examples:
Encryption
Input : Geeks for Geeks
Key = HACK
Output : e kefGsGsrekoe_
Decryption
Input : e kefGsGsrekoe_
Key = HACK
Output : Geeks for Geeks

3.Apply DES algorithm for practical applications.

Data encryption standard (DES)
Data encryption standard (DES) has been found vulnerable to very powerful
attacks and therefore, the popularity of DES has been found slightly on the
decline. DES is a block cipher and encrypts data in blocks of size of 64 bits
each, which means 64 bits of plain text go as the input to DES, which produces
64 bits of ciphertext. The same algorithm and key are used for encryption and
decryption, with minor differences. The key length is 56 bits. The basic idea is
shown in the figure:

We have mentioned that DES uses a 56-bit key. Actually, the initial key
consists of 64 bits. However, before the DES process even starts, every 8th bit
of the key is discarded to produce a 56-bit key. That is bit positions 8, 16, 24,
32, 40, 48, 56, and 64 are discarded.

Thus, the discarding of every 8th bit of the key produces a 56-bit key from
the original 64-bit key.
DES is based on the two fundamental attributes of cryptography: substitution
(also called confusion) and transposition (also called diffusion). DES consists of
16 steps, each of which is called a round. Each round performs the steps of
substitution and transposition. Let us now discuss the broad-level steps in DES.
• In the first step, the 64-bit plain text block is handed over to an initial
Permutation (IP) function.
• The initial permutation is performed on plain text.
• Next, the initial permutation (IP) produces two halves of the permuted
block; saying Left Plain Text (LPT) and Right Plain Text (RPT).
• Now each LPT and RPT go through 16 rounds of the encryption
process.
• In the end, LPT and RPT are rejoined and a Final Permutation
(FP) is performed on the combined block
• The result of this process produces 64-bit ciphertext.

Initial Permutation (IP):

As we have noted, the initial permutation (IP) happens only once and it happens
before the first round. It suggests how the transposition in IP should proceed, as
shown in the figure. For example, it says that the IP replaces the first bit of the
original plain text block with the 58th bit of the original plain text, the second
bit with the 50th bit of the original plain text block, and so on.

Step-1: Key transformation:

We have noted initial 64-bit key is transformed into a 56-bit key by discarding
every 8th bit of the initial key. Thus, for each a 56-bit key is available. From
this 56-bit key, a different 48-bit Sub Key is generated during each round using
a process called key transformation. For this, the 56-bit key is divided into two
halves, each of 28 bits. These halves are circularly shifted left by one or two
positions, depending on the round.
For example: if the round numbers 1, 2, 9, or 16 the shift is done by only one
position for other rounds, the circular shift is done by two positions. The
number of key bits shifted per round is shown in the figure.

After an appropriate shift, 48 of the 56 bits are selected. for selecting 48 of the
56 bits the table is shown in the figure given below. For instance, after the shift,
bit number 14 moves to the first position, bit number 17 moves to the second
position, and so on. If we observe the table carefully, we will realize that it
contains only 48-bit positions. Bit number 18 is discarded (we will not find it in
the table), like 7 others, to reduce a 56-bit key to a 48-bit key. Since the key
transformation process involves permutation as well as a selection of a 48-bit
subset of the original 56-bit key it is called Compression Permutation.

4.Apply AES algorithm for practical applications.

Advanced Encryption Standard (AES) is a specification for the encryption of
electronic data established by the U.S National Institute of Standards and Technology
(NIST) in 2001. AES is widely used today as it is a much stronger than DES and
triple DES despite being harder to implement. Points to remember
• AES is a block cipher.
• The key size can be 128/192/256 bits.
• Encrypts data in blocks of 128 bits each.
That means it takes 128 bits as input and outputs 128 bits of encrypted cipher text as
output. AES relies on substitution-permutation network principle which means it is
performed using a series of linked operations which involves replacing and shuffling
of the input data.
Working of the cipher :
AES performs operations on bytes of data rather than in bits. Since the block size is
128 bits, the cipher processes 128 bits (or 16 bytes) of the input data at a time.
The number of rounds depends on the key length as follows :
• 128 bit key – 10 rounds
• 192 bit key – 12 rounds
• 256 bit key – 14 rounds Creation of Round keys :
A Key Schedule algorithm is used to calculate all the round keys from the key. So the
initial key is used to create many different round keys which will be used in the
corresponding round of the encryption.

5. Implement RSA Algorithm using HTML and JavaScript.

JavaScript
Shrink ▲
<html>

<head>
<title>Input</title>

<script language="JavaScript">
<!-- hide from old browsers
functiongcd (a, b)
{
var r; while
(b>0)
{
 r=a%b;
a=b;
b=r;
}
return a;
}

functionrel_prime(phi)
{ varrel=5
;

while (gcd(phi,rel)!=1)
rel++; returnrel;
}

function power(a, b)

{
var temp=1, i;
for(i=1;i<=b;i++)
temp*=a;
return temp;
}

function encrypt(N, e, M)
{
varr,i=0,prod=1,rem_mod=0; while
(e>0)
{
r=e % 2;
if (i++==0)
rem_mod=M % N;
else
rem_mod=power(rem_mod,2) % N;
if (r==1)
{
prod*=rem_mod;
 prod=prod % N;
}
e=parseInt(e/2);
}
return prod;
}

functioncalculate_d(phi,e)
{
var x,y,x1,x2,y1,y2,temp,r,orig_phi;
orig_phi=phi;
x2=1;x1=0;y2=0;y1=1;
while (e>0)
{
temp=parseInt(phi/e);
r=phi-temp*e; x=x2-
temp*x1; y=y2-
temp*y1; phi=e;e=r;
x2=x1;x1=x;
y2=y1;y1=y;

if (phi==1)
{ y2+=orig_phi;
break;
}
}
return y2;
}

function decrypt(c, d, N)
{
var phi=(p-1)*(q-1); var e=rel_prime(phi); var
c=encrypt(N,e,M); var d=calculate_d(phi,e);
subWindow.document.Output.N.value=N;
subWindow.document.Output.phi.value=phi;
subWindow.document.Output.e.value=e;
subWindow.document.Output.c.value=c;
subWindow.document.Output.d.value=d;
subWindow.document.Output.M.value=decrypt(c,d,N);
}

// end scripting here -->

</script>

</head>

<body>

<p><font size="6">Input Form</font></p>

<hr>
<form name="Input">
<table border="0" width="100%" height="109">
<tr>
<td width="24%" height="23">
<font color="#0000FF">Enter P</font></td>
<td width="76%" height="23">
<input type="text" name="p" size="20"></td>
</tr>
<tr>

<td width="24%" height="23"><font color="#0000FF">

Enter Q</font></td>
<td width="76%" height="23">
<input type="text" name="q" size="20"></td>
</tr>
<tr>
<td width="24%" height="20">
<font color="#0000FF">Enter any Number ( M )</font></td>
<td width="76%" height="20"><input type="text" name="M" size="20">
<font size="1" color="#FF0000">(1-1000)</font></td> </tr>
<tr>
<td width="24%" height="19"><input type="button" value="Submit"
name="Submit"onClick="openNew()"></td>
<td width="76%" height="19"><input type="reset" value="Reset"
name="Reset"></td>
</tr>
</table>
</form>
<p>&nbsp;</p>

</body>

</html>
6. Implement Diffie Helman key exchange algorithm for a givenalgorithm.

from random import randint if

__name__ == '__main__':
# Both the persons will be agreed upon the
# public keys G and P
# A prime number P is taken P =
23

# A primitive root for P, G is taken

G=9
print('The Value of P is :%d'%(P)) print('The
Value of G is :%d'%(G)) # Alice will choose
the private key a a = 4
print('The Private Key a for Alice is :%d'%(a))

# gets the generated key x =

int(pow(G,a,P))

# Bob will choose the private key b b = 3

print('The Private Key b for Bob is :%d'%(b))

# gets the generated key y =

int(pow(G,b,P))

# Secret key for Alice ka =

int(pow(y,a,P))

# Secret key for Bob kb =

int(pow(x,b,P))

print('Secret key for the Alice is : %d'%(ka)) print('Secret Key

for the Bob is : %d'%(kb))

7.Calculate the message digest of a text using the SHA-1 algorithm.

SHA-1 Hash
SHA-1 or Secure Hash Algorithm 1 is a cryptographic hash function which
takes an input and produces a 160-bit (20-byte) hash value. This hash value is
known as a message digest. This message digest is usually then rendered as a
hexadecimal number which is 40 digits long. It is a U.S. Federal Information
Processing Standard and was designed by the United States National Security
Agency. SHA-1 is now considered insecure since 2005. Major tech giant’s
browsers like Microsoft, Google, Apple and Mozilla have stopped accepting
SHA-1 SSL certificates by 2017. To calculate cryptographic hashing value in
Java, Message Digest Class is used, under the package java.security. Message
Digest Class provides following cryptographic hash function to find hash value
of a text as follows:
• MD2
• MD5
• SHA-1
• SHA-224  SHA-256
• SHA-384
• SHA-512
These algorithms are initialized in static method called getInstance(). After
selecting the algorithm, the message digest value is calculated and the results
are returned as a byte array. BigInteger class is used, to convert the resultant
byte array into its signum representation. This representation is then converted
into a hexadecimal format to get the expected MessageDigest. Examples:
Input : hello world Output :
2aae6c35c94fcfb415dbe95f408b9ce91ee846ed Input :Revelation Output :
addf120b430021c36c232c99ef8d926aea2acd6b

8. Implement the SIGNATURE SCHEME – Digital Signature Standard. import

java.io.*; //input the file data to be signed

import java.security.*; //provides methods for signing the data public class
GenerateDigitalSignature
{
public static void main(String args[])
{
/* Generate a DSA signature */ if
(args.length != 1)
{
 System.out.println("Usage: nameOfFileToSign");
}
else try
{
// the rest of the code goes here
}
catch (Exception e)
{
System.err.println("Caught exception " + e.toString());
}
}
}
9.Demonstrate intrusion detection system (ids) using any tool eg. Snort or any
other software.
An Intrusion Detection System (IDS) is a system that monitors network traffic
for suspicious activity and issues alerts when such activity is discovered. It is a
software application that scans a network or a system for the harmful activity or
policy breaching. Any malicious venture or violation is normally reported either
to an administrator or collected centrally using a security information and event
management (SIEM) system. A SIEM system integrates outputs from multiple
sources and uses alarm filtering techniques to differentiate malicious activity
from false alarms.

Classification of Intrusion Detection System:

IDS are classified into 5 types:
1. Network Intrusion Detection System (NIDS):
Network intrusion detection systems (NIDS) are set up at a planned point
within the network to examine traffic from all devices on the network. It
performs an observation of passing traffic on the entire subnet and matches
the traffic that is passed on the subnets to the collection of known attacks.
Once an attack is identified or abnormal behavior is observed, the alert can
be sent to the administrator.
2. Host Intrusion Detection System (HIDS):
Host intrusion detection systems (HIDS) run on independent hosts or
devices on the network. A HIDS monitors the incoming and outgoing
packets from the device only and will alert the administrator if suspicious or
malicious activity is detected. It takes a snapshot of existing system files and
compares it with the previous snapshot.
3. Protocol-based Intrusion Detection System (PIDS):
Protocol-based intrusion detection system (PIDS) comprises a system or
agent that would consistently resides at the front end of a server, controlling
and interpreting the protocol between a user/device and the server. It is
trying to secure the web server by regularly monitoring the HTTPS protocol
stream and accept the related HTTP protocol.
4. Application Protocol-based Intrusion Detection System (APIDS):
Application Protocol-based Intrusion Detection System (APIDS) is a system
or agent that generally resides within a group of servers. It identifies the
intrusions by monitoring and interpreting the communication on application-
specific protocols.
5. Hybrid Intrusion Detection System :
Hybrid intrusion detection system is made by the combination of two or
more approaches of the intrusion detection system. In the hybrid intrusion
detection system, host agent or system data is combined with network
information to develop a complete view of the network system. Hybrid
intrusion detection system is more effective in comparison to the other
intrusion detection system. Prelude is an example of Hybrid IDS.

10.Automated Attack and Penetration Tools Exploring N-Stalker, a Vulnerability

Assessment Tool.
N-Stalker Web Application Security Scanner is a Web security assessment tool.
• It incorporates with a well-known N-Stealth HTTP Security
Scanner and 35,000
• Web attack signature database.
• This tool also comes in both free and paid version.
• Before scanning the target, go to “License Manager” tab, perform the
update.
• Once update, you will note the status as up to date.
• You need to download and install N-Stalker from www.nstalker.com.

1. Start N-Stalker from a Windows computer. The program is installedunder

Start ➪ Programs ➪ N-Stalker ➪ N-Stalker Free Edition.
2. Enter a host address or a range of addresses to scan.
3. Click Start Scan.
4. After the scan completes, the N-Stalker Report Manager will prompt
5. you to select a format for the resulting report as choose GenerateHTML.
6. Review the HTML report for vulnerabilities.