Module 1 Introduction

Cryptography and Network Security ECS305
Introduction: Computer Security Concepts, The OSI Security

Architecture, Cryptography, cryptanalysis, attacks, services, security
mechanisms.
Classical Encryption Techniques: Substitution Techniques, Caesar

Cipher, Monoalphabetic Ciphers, Playfair Cipher, Hill Cipher
Polyalphabetic Ciphers. Transposition Techniques.
Dr. Deepak N.Biradar
GITAM
(Deemed to be University)
The art of secret writing
ajkw okf 34kfj 4ojf 4Akakk

jruidjo nsjeoj njoe nof
lkdieun menr nokr eojr koit
roj toek.
Non Readable
CRYPTOGRAPHY
Ancient Greek Language
CRYPT GRAPHY
Hidden Writing
Hidden Writing
Alice, Bob and Eve Framework
Public Network
Sender
Receiver
Attacker
CRYPTOGRAPHY
Public Network
Message
Message
Cryptography
An Enemy , A very smart Person

CRYPTOGRAPHY
Definition
Cryptography is the practice and study of

techniques for securing communication and data in
the presence of adversaries
CRYPTOGRAPHY
Definition
Cryptography is the art of achieving security by

encoding messages (plain text) to make them non-
readable (cipher text).
CRYPTOGRAPHY TERMINOLOGY
Public Network
m

m : Plain Text
Clear text or plain text signifies that can be understood by the sender, the
receiver, and also anyone else who gets an access to that message
Public Network
m
E C
𝑲𝒆
C : Cipher Text
When a plain text message is codifies using any suitable technique, the resulting
message is called as cipher text.
Public Network
m
E C
𝑲𝒆
: Encryption Key
E: Encryption Algorithm
Encryption
Public Network
m
E C
𝑲𝒆 C
D m
𝑲𝒅
: Decryption Algorithm
: Decryption Key Decryption
Public Network
m
E C ¿
𝑲𝒆 𝐶
D error
𝑲𝒅

Public Network
m
E C
𝑲 𝒆 C : Cipher Text 𝐶
m : Plain Text Encryption E: Encryption Algorithm D m
: Encryption Key Decryption : Decryption Algorithm : Decryption Key

𝑲𝒅
Crypto System
SYMMETRIC KEY CRYPTOGRAPHY
Public Network
m
E C
𝑲𝒆 .
𝐶
D m
. 𝑲𝒅
Symmetric Key Cryptography
: Encryption Ke : Decryption Key

• Symmetric key also called Symmetric Encryption, which requires
both the sender and the recipient to have the same key.
One Key On
Key eK
e ey
On
One Key
Key On
ne eK
O ey
One Key
One Key 𝑁𝑢𝑚𝑏𝑒𝑟 𝑜𝑓 𝑘𝑒𝑦𝑠=( 𝑁 ∗( 𝑁 − 1))/ 2
On ey
eK e K
ey
On
ASYMMETRIC KEY CRYPTOGRAPHY
Public Network
m
E C
𝑲𝒆 .
C
D m
. 𝑲𝒅
Asymmetric Key Cryptography y

ph
o g ra
yp t
: Encryption Ke : Decryption Key C r
Key
bl ic
Pu
• Asymmetric key also called Asymmetric Encryption, it uses two
different keys – a public key used for encryption and a private key
used for decryption.
Sender
Receiver
Public key
Public key
Public key
Key pair
Private Key
Public key
Public key
Private key Public key
Public key Public key
Public key Public key

Key pair Key pair
Key Pair
Key Pair
Key Pair
Public
keys
Key Pair Key Pair

Key Pair
𝑁𝑢𝑚𝑏𝑒𝑟 𝑜𝑓 𝑘𝑒𝑦𝑠=2 ∗ 𝑁
Key Pair
Real Time Scenario
HTTPS (Hyper Text Transfer Protocol)
Symmetric Key Cryptography Asymmetric Key Cryptography
AES ECDHE
Advance Encryption Standard Elliptic Curve Diffie-Hellman

CRYPTANALYSIS
m Public Network
E C C
𝑲𝒆
D m
𝑲𝒅
The process of trying to break any cipher text message to obtain the
original plain text message itself is called as Cryptanalysis, and the
person attempting a cryptanalysis is called a cryptanalyst
A
CRYPTANALYSIS
Knowledge
and Methods
st
a l y
tan C m is
y p lys
Cr a
p tan
r y
C
An Attacker , A very smart Person
The process of trying to break any cipher text message to obtain the
original plain text message itself is called as Cryptanalysis, and the
person attempting a cryptanalysis is called a cryptanalyst
A
CRYPTANALYTIC ATTACKS
• Based on the amount of information known to Cryptanalyst, apply

various types of cryptanalytic attacks. Few of them are:
1. Ciphertext Only
2. Known plaintext
3. Chosen plaintext
4. Chosen Ciphertext
CIPHERTEXT ONLY
CRYPTANALYSIS -
Knowledge
and Methods CRYPTANALYTIC ATTACK Crypto System
m : Plain Text
st
a l y
p tan C m C : Cipher Text
y
Cr
An Attacker , A very smart Person : Decryption Algorithm
:Encryption Key
Cipher Text Only : Decryption Key
A copy of cipher text is known to the cryptanalyst.

CIPHERTEXT ONLY -
Methods used in Ciphertext-Only attack :

1. Brute force Attack
2. Statistical Attack
CIPHERTEXT ONLY -
CRYPTANALYTIC ATTACK
Brute force Attack
• The attacker tries every possible key on a piece of cipher text until an intelligible
translation into plaintext is obtained. On average, half of all possible keys must be
tried to achieve success.
• If the key space is very large, brute force attack becomes impractical.
CIPHERTEXT ONLY -
DES
AES
Triple
DES
considers the results for a system that can process 1 million keys per microsecond.
As you can see,
at this performance level, DES can no longer be considered computationally secure
CIPHERTEXT ONLY -
Statistical Attack
• Thus, the opponent must rely on an analysis of the ciphertext itself,

generally applying various statistical tests to it.
• To use this approach, the opponent must have some general idea of the
type of plaintext that is concealed, such as English or French text, an
EXE file, a Java source listing, an accounting file, and so on.
CIPHERTEXT ONLY -
Relative frequency of the letters in English text
For Example: Letter E is the most frequently used letter in English text
Early to bed, and early to rise, makes a man healthy, wealthy and wise.
KNOWN PLAINTEXT -
Crypto System
Knowledge
and Methods
m : Plain Text
st
a l y
tan {m, c} Key C : Cipher Text
yp
Cr
:Encryption Key
: Decryption Key
Known plain Text

The cryptanalyst has a copy of the cipher text and the
corresponding plaintext
KNOWN PLAINTEXT -
• The plaintext/ciphertext pairs have been collected earlier.

For example:
Alice has sent a secret message to Bob, but he/she has later made the contents of
the message public.
• With this knowledge, the analyst may be able to deduce the key.
• If attack succeeds in deducing the key, the effect is catastrophic.
• All future and past messages encrypted with that key are compromised.
CHOSEN PLAINTEXT -
Crypto System
Knowledge
and Methods
m : Plain Text
st
a l y
tan E key C : Cipher Text
yp
Cr
:Encryption Key
: Decryption Key
Chosen Plain Text

The cryptanalysts gains temporary access to the encryption
machine
CHOSEN PLAINTEXT -
• Method used in Chosen Plaintext attack is Differential Cryptanalysis

For example
If Eve has access to Alice’s computer, Eve can choose some
plaintext and intercept ciphertext.
CHOSEN CIPHERTEXT -
Crypto System
Knowledge
and Methods
m : Plain Text
st
a l y
tan D key C : Cipher Text
yp
Cr
:Encryption Key
: Decryption Key
Chosen Cipher Text

The cryptanalysts gains temporary access to the decryption
machine
CHOSEN CIPHERTEXT -
• Method used in Chosen Ciphertext attack is Differential Cryptanalysis

For example
If Eve has access to Bob’s computer, Eve can chooses some
ciphertext and decrypt it to form a ciphertext/plaintext pair.
CRYPTANALYSIS
• There is no encryption algorithm that is unconditionally secure except

one time pad.
• But encryption algorithm can strive if meets one or both of the below
criteria:
1. The cost of breaking the cipher text exceeds the value
of encrypted information.
2. The time required to break the cipher exceeds the
useful lifetime of the information.
These encryption algorithm said to be computationally secure
CRYPTANALYSIS
Knowledge
and Methods
st
a l y
tan C m is
y p lys
Cr a
p tan
r y
C
The art or process of deciphering coded messages without being

told the key
A
Kerckhoff's Principle
Crypto System
m : Plain Text
C : Cipher Text
Information Information : Decryption Algorithm
:Encryption Key
: Decryption Key
• Kerckhoff's principle states that Eve knows the system that Alice and Bob use for
information transfer including the coding scheme, the algorithm, the protocol,
and so on. Only unknown to Eve is Key.
Security Attacks
Security Attacks
• Security attack: Any action that compromises the security of
information owned by an organization.

Categories Security Attacks
The way in which attacker can launch the attack
Interruption Modification Fabrication Interception

Alice, Bob and Eve
Framework
Message Message
Public Network
Alice, Bob, Eve Framework

Interruption
Public Network
Message Message
• Attack on Availability – breaking the communication link

Interruption
Message Public Network

Message
• Attack on Availability – breaking the communication link

Interruption

Message
• Attack on Availability – Overload at the receiver end

Interruption
Modification
Public Network
Message
Message
• Attack on Confidentiality

Modification
Fabrication
Public Network
Message
We won lottery
Message
• Attack on Integrity (authorization)
I am Alice

Fabrication
Interception
Public Network
Message
Message
• Attack on Confidentiality – Read the message

Interception
Message
Message
Public Network

Interception
Types of Attacks
Passive
attacks Active
attacks
Passive Attack
• A passive attack attempts to learn or make use of information from the

system but does not affect system resources.
• Passive attacks are in the nature of eavesdropping on, or monitoring of,
transmissions.
• The goal of the opponent is to obtain information that is being
transmitted.
Passive attack
Public Network
Message
Message
Read the
• Attack on Confidentiality – Read the message message

Types of Passive Attack
Release of message
Passive attacks
(Interception)
contents
Traffic analysis
Release of message contents
Observe
Listen the
Communication
Release of Message Content
Message
Read the message transmitted

between Alice and Bob

Traffic Analysis
• Traffic analysis – Attacker Monitor encrypted traffic flow to

determine
1. location and identity of communicating hosts
2. Frequency and length of messages
This information might be useful in guessing the nature of the

communication that was taking place
Traffic Analysis
Message
Guessing the nature of the

communication

Passive Attacks
• Passive attacks are difficult to detect because they do not involve any
alteration of the data.
• Neither the sender nor receiver is aware that a third party has read the
messages or observed the traffic pattern
Interception Confidentiality
• Passive attacks can be prevented by applying encryption

Active Attacks
• Active attacks involve some modification of the data stream or the creation of a false
stream.
Active attacks
Masquerades Denial of Service

Modification
(Fabrication) (Interruption)
Replay attacks Alterations

Active Attacks
• Active attacks
• The aim of attacker is to make some modification to the information
that is being transmitted.
(or)
• creation of a false information and send it to destination by behaving as
genuine sender
Modification Integrity
Interruption Availability
Fabrication Authentication 67
Active Attacks
1. Masquerade of one entity as some other
2. Replay previous messages
3. Modify/alter (part of) messages in transit to produce an unauthorized effect
4. Denial of service - prevents or inhibits the normal use or management of

communications facilities
.
Masquerade (Fabrication)
• Masquerade takes place when one entity pretends to be a

different entity
• A masquerade attack is an attack that uses a fake identity, such

as a network identity, to gain unauthorized access to personal
computer information through legitimate access identification.
Public Network
Message
Message
I am Alice
Acting as sender An Enemy , A very smart Person

Masquerade takes place when one entity pretends to be a

different entity
• Attacker sends the email to receiver and sign it as sender.

Here just attacker changes the sender identity.
• In internet, an attacker changes the IP address of the sending

messages. Example (IP SPOOFING)
• Masquerade attacks can be performed using
1. stolen passwords and log ons,
2. By locating gaps in programs,
3. By finding a way around the authentication process.

Replay Attack (Modification)
Replay involves the passive capture of a data unit and its subsequent retransmission
to produce an unauthorized effect.
• An attacker detects a data transmission and fraudulently has it delayed or repeated.
• An attacker captures the network traffic and then sends the communication to its
original destination, acting as an original sender.
• It is the combination of two attacks i.e., interception and masquerade.

Message
1. Captures the message

2. Later sends the message

• Example: - Sender asks the destination to pay Rs. 1000, the
information is captured by the attacker and he also send the same
message to receiver that the pay Rs. 1000. Now receiver receive the
two messages and he believe that Rs. 2000 should be paid to sender.
• How to overcome: - Time stamp and sequence number.

Modification Attack
• An attacker intercepts the messages and changes the contents of
the messages and send it to receiver.
• Attacker changes the some portion of a message or that message
is delayed or reordered to produce an unauthorized effect.

Modification Attack
Message
1. Interrupt
2. Fabricate An Enemy , A very smart Person
3. Sends modified
message
Modification Attack
Modification Attack
• For example, a message meaning “Allow JOHN to read
confidential file X” is modified as “Allow Smith to read
confidential file X”.
• An attacker needs to block the direct communication (DNS
hijacking) and then act as a masquerade

Denial of Service Attack
• The aim of the attacker to block the usage of network
resources. Such resources can be computers or end users or
laptops or servers or network links.

DOS (Denial of Service)
DOS (Denial of Service)
Denial of Service

Message
• Attack on Availability – Overload at the receiver end

Denial of Service
• Example: - An attacker want to overload any computer. He sends the repeated
messages to the computer so as to create heavy load on the computer.
Attacker uses intermediate system as the amplifier to generate the one packet
to 50 are more packets, and also it hides the IP address of the attacker. If
attacker uses the multiple amplifier then the attack called as distributed denial
of service attack.
• Denial of service (DoS). It may slow down or totally interrupt the service of a system
Need of Security
Protects personaltechnology
Safeguarding identification information
assests in
Protects
Enables the safe sensitive
Surveillance data
operation of applications
organizations
Security Services Related to a message
• Confidentiality: It specifies that only the sender and
the intended recipient(s) should be able to access a
message.
Confide Attack- Interception
ntiality • Integrity: It ensures that the contents of the message
remains unaltered when it reaches the recipient.
Non- Attack- Modification
repudia Integrity
• Authentication: It helps to establish proof of identities.
tion Attack- Fabrication
Security • Non-repudiation: It does not allow the sender of a
message to refute the claim of not sending that
Principles message.
Authenti Availabili Related to the overall system

• Access control: It specifies and controls who can access
cation ty what.
• Availability: It states that resources (i.e. information)
Access should be available to authorized parties at all times.
control Attack- Interruption
Authentication
• Assures recipient that the message is from the source that it claims to be
from.
• Ensures that the origin of a message or electronic document is correctly
identified, with an assurance that the identity is not false.
Two types of Authentication:
1. Peer entity authentication

It provides mutual confidence in the identities of the parties involved in a
connection. Both communicating entities provide each other with assurance of
their identity.
2. Data origin authentication
It insures the assurance about the source of the received data.

Authentication
User Device
1 Identity Table containing

I entries
I, H(P)
2
Password
P H = Hash
3
H
4
H(P)
=?
Decision
Access Control
The prevention of unauthorized use of a resource (i.e. this service controls
who can have access to a resource, under what conditions access can occur,
and what those accessing the resource are allowed to do).
Monitor
Access Request Guard Resources

Confidentiality
It is the protection of information from unauthorized disclosure (against eavesdropping).
Four types of Confidentiality:
1. Connection Confidentiality
The protection of all user data on a connection.
2. Connectionless Confidentiality
The protection of all user data in a single data block.
3. Selective-Field Confidentiality
The confidentiality of selected fields within the user data on a connection or in a
single data block.
4. Traffic-flow Confidentiality
The protection of the information that might be derived from observation of traffic
flows
Connection Confidentiality
Public Network
Data
Data
Message
The protection of all user data on a connection.
Data protected from Eve


Connectionless Confidentiality
Public Network
Data Data
The protection of all user data in a

single data block.

Selective-Field Confidentiality
Data Public Network

Data Data
Data
Data
Message
The confidentiality of selected fields

within the user data on a connection
Or in a single data block.

Selective-Field Confidentiality
Data Public Network

Data
Data
Message
Read the message transmitted

between Alice and Bob

Traffic-flow Confidentiality
Public Network
Data SSaffe Paassswoordd
Data
Message
The protection of the information that

might be derived from observation of
traffic flows.
Data Integrity
Assurance that data received are exactly as sent by an

authorized sender i.e. no modification, insertion, deletion or
replay.
Data Integrity
Five types of Integrity:
Connection Integrity with Recovery
Connection Integrity without Recovery
Selective-Field Connection Integrity
Connectionless Integrity
Selective-Field Connectionless
Integrity
Non-repudiation
It is the concept of protection against denial by one of the parties in a
communication.
There are two types of non-repudiation:
1. Origin non-repudiation
It is the proof that the message was sent by the specified party.
2. Destination non-repudiation
It is the proof that the message was received by the specified party.
Origin non-repudiation
Destination non-repudiation
Security Mechanisms
Encipherment
Data Integrity
Digital Signature
Authentication Exchange
Traffic Padding
Access Control
Notarization
Routing Control
103
Encipherment
• Encipherment is the process of translating plaintext into ciphertext.
The two main types of Encryption are:
• Asymmetric encryption
• Symmetric encryption
Encipherment - Asymmetric encryption
Public Network
Data Data
Public Key Private Key


Encipherment - Symmetric encryption
Shared Key
Public Network
Data Data

Data Integrity
Assurance that data received are exactly as sent by an

authorized sender i.e. no modification, insertion, deletion or
replay.
Digital Signature
• Digital signatures are the public-key Encryption

primitives.
• Message authentication. It proves source

authentication (Assures recipient that the
message is from the source)
• Data Integrity. It provides integrity of the Hash Decryption

data.
• Protect against intruder.

Digital Signature
Public Network
Data Data
Bob received the

data with signature
Public Key Private Key attached
Verify the signature Bob hash the
Initially, Data will be hashed and use Alice using Alice Public Key received data and
Private Key to sign the data. compares.

Authentication Exchange
• A mechanism intended to ensure the identity of an entity by means of

information exchange
Traffic Padding
Public Network
Data SSaffe Paassswoordd
Data
Message
The protection of the information that

might be derived from observation of
traffic flows.
Access Control
The prevention of unauthorized use of a resource (i.e. this service controls
who can have access to a resource, under what conditions access can occur,
and what those accessing the resource are allowed to do).
Monitor
Access Request Guard Resources

Notarization
• The use of trusted third party to assure certain properties of a data

exchange.
• The receiver involved a third party to store the sender request in order
to prevent the sender from later denying that he has not made such
request
Routing Control
Enables selection of particular physically secure routes for certain data and allows
routing changes, especially when a breach of security is suspected.
114
Relationship between security services and
mechanisms
115
mechanisms
Attacks
Cryptography and Network Security ECS401
Module 1 – Part - 2
• Classical Encryption Techniques:
1. Substitution Techniques, Caesar Cipher, Monoalphabetic Ciphers, Playfair Cipher, Hill Cipher
Polyalphabetic Ciphers.
2. Transposition Techniques
Symmetric Key Cryptography
Shared Key
Public
Network
Data Data
An Enemy , A very smart

Person

Introduction
Cryptography is the art of achieving security by encoding messages to

make them non-readable
1. Plain text
Clear text or plain text signifies that can be understood by the sender, the
receiver, and also anyone else who gets an access to that message
2. Cipher text
When a plain text message is codifies using any suitable technique, the
resulting message is called as cipher text.
Classical Encryption Techniques
• Have two basic components of Classical techniques:
Substitution
Technique Transposition
Technique
Substitution Techniques
• In the substitution cipher technique the characters of a plain text

message are replaced by other characters, or numbers or symbols.
Types of Substitution Techniques
Caesar Cipher
Monoalphabetic Cipher
Polyalphabetic Cipher
Play fair Cipher
Hill Cipher
Caesar Cipher
• Caesar Cipher replaces each alphabet with the alphabet after shifting
“x” times to the right.
• The amount of the shift (x) is the encryption key.
• The shift is a cyclic shift (after the alphabet Z will follow the alphabet
A).
• For decryption you reverse the process and replace the cipher text
alphabet with the alphabet after doing a left shift by x alphabets.
Example of Caesar Cipher
• Let us assign a numerical equivalent to each other.
• Let's consider an example when the key is 2.

If X = 2 is a key
A C, B D and so on….
Key = 2
• Plaintext : meet me later
• Ciphertext : OGGV OG NCVGT
Key = 3
A shift may be of any amount, the general Caesar algorithm is:

C = E(p) = (p + k) mod (26)
If k = 4
C = E(gitam) = (g + 4) mod (26)
= (6 + 4) mod (26) = (10) mod (26) = 10 = K
Plain text = gitam
Cipher text = KMXDQ
Shift of 0 Shift of 7 Shift of 19
Plaintext : meet me after toga party (Key = 3)
Ciphertext : ?
Characteristics
• Three important characteristics of Caesar Cipher
enabled attacker to use a Brute-force attack.
1. The Encryption and Decryption algorithms
are known.
2. There are only 25 keys to try.
3. The language of the plaintext is known.
Example
Plaintext:
Meet me after the toga party
Ciphertext: shift of 3
PHHW PH DIWHU WKH WRJD SDUWB
Applying Brute force attack on the above Ciphertext

Questions
1. You agreed to use a Caesar cipher with a key of k=5 with a friend. While sitting in a
group, the friend hands you over a message that says "QNGWFWD". Decrypt the
message.
2.Suppose you actually forgot the key. How many decryption computations of the
cipher text "QNGWFWD" do you need to perform to reach to the plaintext? (Consider
the worst case.)
• When using Caesar cipher on English letters, the key size is limited to
26, the key size is 26.
• An attacker can easily brute force such cipher by trying all 26 possible
options for the key.
• With only 26 possible keys, Caesar Cipher is far from secure.
• Each plaintext alphabet is assigned to a different unique ciphertext

alphabet.
• Key assigns the mapping for each alphabet.
• Key is a permutation of alphabet set
(n! permutations for n-element set)
26! >= 4 * 10^26
Monoalphabetic Cipher Example
A B C D E F G H I J K L MN O P Q R S T U V WX Y Z
Key D K V Q F I B J WP E S C X H T MY A U O L R G Z N
• Plaintext: MEETMELATER
• Ciphertext :?
DKVQFIBJWPESCXHTMYAUOLRGZN
• Ciphertext : AOVVFAA
• Plaintext: ?
There are five alphabets (e.g., symbols or letters) in an alphabet set. What is
the number of possible keys for a Monoalphabetic cipher using such alphabet
system?
• The Monoalphabetic ciphers do not change the frequency of characters in the

ciphertext.
• Which makes the ciphers vulnerable to statistical attack.
• For example,
• Using a pair of letters (digrams), the letter H is more likely to follow the letter T
than others,
• While the letter U is likely to follow the letter Q.
• Also, among the triplet (trigrams) of letters T, H, E occur very often as well.
• Therefore, such frequency based cryptanalysis technique can also be used by
analyzing the sequence of alphabets.
• For example,
• The letter E occurs the most often, followed by the letter T.
And, there are other alphabets that occur less frequently.
• For example,
• The letter Z occurs the least frequently and the letter Q is the
second to least frequent.
• Such alphabet frequency biases that are natural in plaintext

use, can produce vulnerability to the attacker who wishes to break
the cipher.
Relative frequency of the letters in English text
For Example: Letter E is the most frequently used letter in English text
Early to bed, and early to rise, makes a man healthy,

Statistical Attack
• Below Cipher text ZW appears three times.

• Based on alphabet frequency th digram are more frequent then Z replace with t and W replace with h.
• Similarly in trigram along with th alphabet e is more frequent.
• Only four letters have been identified, but already we have quite a bit of message.
• Continued analysis of frequencies plus trial and error should easily yield a solution.
• The complete plaintext, with spaces added between words as follows:
Polyalphabetic Cipher
• As discussed, Monoalphabetic cipher is vulnerable to cryptanalysis using

frequency analysis.
• To avoid producing the same biased frequency distribution for the ciphertext.
• Polyalphabetic cipher uses multiple substitution ciphers for plaintext alphabet.
• So that the same plaintext alphabet can be mapped into different ciphertext
alphabets.
• A key is used to specify such mapping.
• Vigenere cipher is one of the simpler algorithms that implements polyalphabetic
cipher.
Polyalphabetic Cipher Example
• Key: LEMON
• Plaintext : MEET ME LATER
• Ciphertext : XIQH ZP PMHRC
Plaintext M E E T M E L A T E R
Key L E M O N L E M O N L
Ciphertext X I Q H Z P P M H R C
• The repeated key, LEMON LEMON LEMON and so on, until the last
alphabet of the plaintext.
• How will get this ciphertext?
How will get this ciphertext?
• Apply Caesar Cipher using the corresponding key alphabet.

• The first letter is encrypted using the key alphabet L, which corresponds to
shifting plaintext letter M by 11 alphabets to become the letter X.
• The next alphabet E is encrypted using the key alphabet E, which corresponds to
4 shifts and will produce the letter I .
• The third plaintext letter which is also E is encrypted with the key letter N and
produces the ciphertext alphabet Q.
Polyalphabetic Cipher Example
Plaintext M E E T M E L A T E R
Key L E M O N L E M O N L
Ciphertext X I Q H Z P P M H R C
• Encryption:
Ci = (pi + ki mod m) mod 26
= (p1 + k1 mod 5) mod 26
= (M + L) mod 26
= (12 + 11) mod 26
= (23) mod 26
= 23 = X
Examples
1. Key : GITAM
• Plaintext : online classes
• Ciphertext : ?
2. Key : LEMON
• Plaintext :?
• Ciphertext :LXFOPVEFRNHR
Vigenere Table
KEY
Key : GITAM
Plaintext: security
Ciphertext:?
Plaintext
Key: DECEPTIVE
Plaintext: we are discovered
save yourself
Ciphertext:?
Key : LEMON
Plaintext: ?
Ciphertext: DTXSAOMP
Which attack is possible to Eve on Polyalphabetic Cipher?
• Given the modulus n (Ci = (pi + ki mod m) mod 26) and a key length m,
• The number of possible keys attempts on Vigenere Cipher is nm.
• To improve the difficulty grows exponentially with m.
• In the LEMON example, the key is 5 alphabet long i.e., possible keys attempts 265. The brute
force difficulty for the attacker, is only (265).
• To improve the security, increases the key length m, the brute force difficulty
grows exponentially with m.
• Increasing the key length alphabet frequency also improves Which makes the
ciphers vulnerable to statistical attack.
Questions
• Eve has intercepted the Ciphertext : UVACLYFZLJBYL.
Show how eve can use a brute-force attack to break
the cipher.
• Use the Vigenere cipher with keyword “HEALTH” to
encipher the message “life is full of surprises”.
• If keyword length is 7 then how may possible key
attempts require to break in Polyalphabetic cipher.
Playfair Cipher
As we discussed in early sessions,
• With only 25 possible keys, the Caesar cipher is far

from secure.
• Monoalphabetic cipher is easy to break because they
reflect the frequency data.
• Polyalphabetic cipher is suspected, security strength
depends on the length of keyword.
• An improvement is achieved over the Playfair cipher.
Playfair Cipher
• Multiple letter encryption cipher.
• Digrams in the plaintext as single units and translates these

into ciphertext.
• It is based on the use of 5 * 5 matrix of letters constructed
using a keyword.
F I V E *
F I V E M
A T R I X
O F L E T
T E R S .
Playfair Cipher Rules
1. The matrix is constructed by filling in the letters of the keyword (Minus
duplicate) from left to right and from top to bottom. Example Key is
MONARCHY
2. Then filling in the remainder of the matrix with the remaining letters in
alphabetic order.
3. Letter I and J count as one letter
M O N A R
C H Y B D
E F G I/J K
L P Q S T
U V W X Z
Rules
4. Plaintext is encrypted two letters at a time.
5. Two plaintext letters that fall in the same row of the matrix are each
replaced by the letter to the right.
Example: ar in the plaintext that falls in the same row then ciphertext
will be RM
Rules
6. Two plaintext letters that fall in the same column are each replaced
by the letter beneath.
Example: mu in the plaintext that falls in the same column then

ciphertext will be CM
M O N A R
C H Y B D
E F G I/J K
L P Q S T
U V W X Z
Rules
7. Otherwise, each plain text letter in a pair is replaced by the letter that
lies in its own row and column occupied by the other plain text
letter.
Example: hs in the plaintext becomes BP and ea becomes IM

Rules
8. If the two letters of plaintext in a pair are the same, a

bogus letter is inserted to separate them.
Example: balloon is a plaintext by inserting a bogus letter,

plaintext become ba lx lo on
Example: hello is a plaintext by inserting a bogus letter,
plaintext become he lx lo
Rules
9. If the number of characters in the plaintext is odd, one extra bogus

letter is added at the end to make the number of characters even.
Example: gitam is a plaintext by adding a bogus letter at end, plaintext
become gitams
Playfair Cipher Example
Key : MONARCHY
Plaintext : herole
Ciphertext : CFMNUL M O N A R
C H Y B D
E F G I/J K
Key : MONARCHY L P Q S T
Plaintext : balloon U V W X Z
Ciphertext : ?
Playfair Cipher Example
Key : PLAYFAIR
Plaintext : Secure
Plaintext : Education
Ciphertext :?
Key : KEYWORD
Plaintext : Crypt
Plaintext : Secret Message
Ciphertext :?
Hill Cipher
Hill Cipher
• Another interesting multiple letter cipher is the Hill cipher.

• Invented by L. S. Hill in 1929.
• Inputs : String of English letters, A,B,…,Z.
Identify A=0, B=1, C=2, …, Z=25.
An nn matrix K, with entries drawn from 0,1,…,25.
(The matrix K serves as the secret key. )
• Divide the input string into blocks of size n.
• Encryption: Multiply each block by K and then reduce mod 26.
• Decryption: Multiply each block by the inverse of K, and reduce
mod 26.
Hill Cipher Encryption
3 * 3 Matrix
C1 = (k11 p1 + k12 p2 + k13 p3) mod 26
C2 = (k21 p1 + k22 p2 + k23 p3) mod 26
C3 = (k31 p1 + k32 p2 + k33 p3) mod 26
This can be expressed in terms of columns vectors and
matrices: C = KP mod26
C1 k11 k12 k13 p1
C2 = k21 k22 k23 p2 mod 26
C3 k31 k32 k33 p3
Hill Cipher Encryption
Example:
Plaintext : pay more money

Key : rrtvsvcct
Ciphertext : LNSHDLEWMTRW
How will get the Ciphertext?
• Divide the input string into blocks of size n
p m e n
a o m e
y r o y
Key : rrtvsvcct
r r t v s v
c c t 3*3
Identify A=0, B=1, C=2, …, Z=25 for plaintext.
15 12 4 13
0 14 12 4
24 17 14 24
Key : rrtvsvcct
17 17 5 21 18 21
2 2 19
3*3
Multiply each block of plaintext with key K
17 17 5 15 17*15 + 17*0 + 5*24 21 18 21 * 0 =

21*15 + 18*0 + 21*24 mod26 2 2 19 24 2*15 + 2*0 + 19*24
375 = 819 mod 26

486
11 L = 13 = N 18 S
Hill Cipher Decryption
Ciphertext : LNSHDLEWMTRW
Multiply each block by the inverse of K.
How to calculate inverse of K?
K-1 = * Adj (K) mod 26
det = Determinant
Adj = Adjoint
Determinants
2 * 2 Matrix
a b = ad - bc
c d
3 * 3 Matrix
a11(a22a33 - a23a32) - a12(a21a33 – a23a31) + a13(a21a32 - a22a31)

Determinant
17 17 5
K= 21 18 21 mod 26 2 2 19
= 17(18 * 19 – 21 * 2) – 17(21 * 19 – 2 * 21) + 5(21 * 2 – 18 * 2)
= 17(342 – 42) – 17(399 – 42) + 5(42 – 36)
= 17(300) – 17(357) + 5(6)
= 5100 – 6069 + 30
= 5130 – 6069
= - 939 mod 26 = 23
How will get 23?
To convert negative to positive
n=q*m+r
where n = (-ve)value, q = Quotient, m = modulus and
r = remainder
- 939 = q * 26 + r
- 939 = -37 * 26 + r
( selected q value multiplies with m the value must be < n)
- 939 = -962 + r (-962 < -939)
- 939 + 962 = r
23 = r
Multiplicative Inverse
K-1 = * Adj (K) mod 26
K-1 = 23-1 * Adj (K) mod 26

• Find the multiplicative inverse of 23?
• Just try all 26 possibilities for n :
23 * n mod 26 = 1
(we can also do with Euclidean distance, see in further session)
23 * 17 mod 26 = 1
391 mod 26 = 1
Adjoint of K
K-1 = * Adj (K) mod 26
cofactors
K-1 = Row 1
Row 2
Row 3
Usually called the adjoint of K

Cofactor
The cofactor of the (i,j)-entry of a matrix K, denoted by Cij, is defined as (–1)i+j Kij, where K is
the determinant of the sub-matrix obtained by removing the i-th row and the j-th column.
17 17 5
K= 21 18 21 mod 26 2 2 19
Row 1 = (18 * 19 – 21 * 2) = 300
(21 * 19 – 2 * 21) = 357

(21 * 2 – 18 * 2) = 6
Row 2 = (17 * 19 – 2 * 5) = 313
(17 * 19 – 2 * 5)= 313
(17 * 2 – 2 * 17)= 0
Row 3 = (17 * 21 – 5 * 18) = 267
(17 * 21 – 21 * 5) = 252
(17 * 18 – 21 * 17) = -51
Substitution
• Substitute Rows values in the following matrices:
+ - +
- + -
+ - +
300 -357 6
-313 313 0
267 -252 -51
Transpose
Transpose change columns of matrix in to rows.
300 -357 6 300 -313
267
-313 313 0 = -357 313 -252

267 -252 -51 6 0 -51
Remove –negative values from above matrix by using:

n=q*m+r
300 25 267 7 313

8 6 0 1
Inverse of K
K-1 = * Adj (K) mod 26
300 25 267
K-1 = 17 * 7 313 8 mod 26

6 0 1
5100 425 4539

K-1 = 119 5321 136 mod 26
102 0 17
Inverse of K
4 9 15
K-1 = 15 17 21
2 2 19
The inverse K-1 of a matrix K is defined by the equation
K * K-1 = K-1 * K = I
Multiply K and inverse of K ?

I is a matrix that is all zeros except for ones along the main diagonal from upper
left to lower right.
Hill Cipher Decryption
P = DK(C) = K-1 C mod 26
Try ?
Example
• Plain text: “LOVE”, Secret Key:
• “LO” 
• “VE” 
• 2, 3, 16, 5 are transformed to cipher text “CDQF”

A B C D E F G H I J K L M
0 1 2 3 4 5 6 7 8 9 10 11 12
N O P Q R S T U V W X Y Z
13 14 15 16 17 18 19 20 21 22 23 24 25
How to decode?
• Given “CDQF”, and the Secret key is
• How do we decrypt?
– We need to compute the inverse of
• Remind that all arithmetic are mod 26.

Determinant
• The determinant of equals 20(7)-3(15),
which is 17 mod 26.
• Find the multiplicative inverse of 17 mod 26, i.e., find integer n
such that 17 * n mod 26 =1
(17* n = 1 mod 26)
• Just try all 26 possibilities for n :
171 = 17 mod 26 178 = 6 mod 26 1715 = 21 mod 26

172= 8 mod 26 179= 23 mod 26 1716= 12 mod 26 1722 = 10 mod 26
173 = 25 mod 26 1710 = 14 mod 26 1717 = 3 mod 26 1723= 1 mod 26
174 = 16 mod 26 1711 = 5 mod 26 1718 = 20 mod 26 1724 = 18 mod 26
175 = 7 mod 26 1712 = 22 mod 26 1719 = 11 mod 26 1725 = 9 mod 26
176 = 24 mod 26 1713 = 13 mod 26 1720 = 2 mod 26 170 = 0 mod 26
177 = 15 mod 26 1714 = 4 mod 26 1721 = 19 mod 26
Computing the inverse mod 26
• From 1723= 1 mod 26, we know that the multiplicative inverse of 17

mod 26 is 23.
• Using the formula for 2  2 matrix inverse
we get Replace (17)-1 mod 26 by 23

Decryption
• Given the ciphertext “CDQF”, we decrypt by multiplying by
• 11, 14, 21, 4 = “LOVE”.

Examples
• Secret key = DDCE

• Plaintext = friday
• Ciphertext = ?
• Secret key = VIEW

• Plaintext = attack
• Ciphertext = ?
Disadvantages
Hill cipher is harder to crack than Playfair cipher?

• Both hill cipher and Playfair cipher are less vulnerable to frequency
analysis.
• But hill cipher is quite vulnerable and less secure than Playfair cipher.
• A main drawback of this algorithm is that it encrypts identical
plaintext blocks to identical ciphertext blocks.
Transposition Techniques
• A transposition or permutation cipher is one in which

the order is changed to obscure the message.
• Re-arrange the order/positions of the alphabets
without altering their values.
Types of Transposition Techniques
Rail Fence
Columnar Transposition
Rail fence
• Plaintext is written down as a sequence of diagonals in a zigzag

pattern.
• Read off as a sequence of rows.

• Ciphertext is based on rail fence of depth.
• The security of the cipher can be improved by choosing rail fence
depth more than 2.
Rail fence
Example:
Plaintext : stay home stay safe
Depth :2
Ciphertext : SAHMSASFTYOETYAE
s a h m s a s f
t y o e t y a e
Rail Fence Encryption
The security of the cipher can be improved by choosing
rail fence depth more than 2.
Plaintext : This is a secret message

Rail fence Depth : 4
Ciphertext :?
Rail Fence Decryption
• Cipher Text: TATGHSSEMAEIIERESSCS
• Retrieve Plaintext row by row.
• Start by placing the “first character“ of ciphertext in
the first square.
• Then dash the diagonal down spaces until you get
back to the top row.
• Continuing to fill the top row you get the pattern
below.
Examples
• Plaintext : cns exam is on twenty first

• Depth : 2 / 4
• Ciphertext : ?
• Plaintext : ?
• Depth : 2 / 4
• Ciphertext : MEMATRHTGPRYETEFETEOAAT
Columnar Transposition
Columnar
Transposition
Doubl
Simple
e
Columnar Transposition involves writing the plaintext out

in rows, and then reading the ciphertext off in columns one by
one.
Simple Columnar Transposition
• In this method the message is written in rows of fixed
length and then read out column by column.
• Column are selected in some scrambled order.
• The number of columns are defined by the length of
key.
• STEPS:
1. Write the plaintext message row by row in a
rectangle of predefined size.(length of key)
2. Read the message column by column according to
the selected order thus obtained message is a
ciphertext.
Simple Columnar Encryption
Example:
Plaintext : meet me later
Key : 4312
Ciphertext : ELRTAXEEEMMT
KEY 4 3 1 2
M E E T
M E L A
T E R X
Simple Columnar Decryption
• STEPS:
1. Write the ciphertext column by column in a rectangle of predefined
size.(based on order of key)
2. Read the message row by row according to the selected order thus
obtained message is a plaintext.
KEY 4 3 1 2
Example: M E E T
Ciphertext : ELRTAXEEEMMT M E L A
Key : 4312 T E R X

Double Columnar Transposition
• Single columnar transposition can be attack by guessing possible

column lengths.
• Therefore to make it stronger double transposition is used.
• This is simple columnar transposition technique applied twice.
• Here same key can be used for transposition or two different keys can
be used.
Double Columnar Encryption
Example:
Key : 4312
Ciphertext Single : ELRTAXEEEMMT
Ciphertext Double KEY: REMTETLXMEAE
4 3 1 2 4 3 1 2
M E E T E L R T
M E L A A X E E
T E R X E M M T
Double Columnar Encryption
Example:
Plaintext :?
Key : 4312
Ciphertext Single : ELRTAXEEEMMT
Ciphertext Double : REMTETLXMEAE
Try?
Examples
• Plaintext : cns exam is on twenty first

• Key : 4312567
• Ciphertext : ?
• Plaintext : ?
• Key (single) : 4312567
• Ciphertext : NSCYAUOPTTWLTMDNAOIEPAXTTOKZ
known/chosen plaintext attack
The alphabet values do not change

• The frequency distribution is the same Vulnerable to cryptanalysis.
• The attack performed on ciphertext by known/chosen plaintext
attack.
Improve security
• Combinations of substitution ciphers and

transposition ciphers in succession.
• This combination called Product cipher.
Questions?
• The plaintext MEETMELATER gets processed by a Permutation
Cipher or transposition cipher (with a key of [2 3 5 4 1] and no
padding with extra letters. What is the corresponding
ciphertext?
• The plaintext MEETMELATER gets processed by a Permutation
Cipher (with a key of [2 3 5 4 1] and with padding using the
letter “x" (Alice and Bob agree to use the letter z for padding).
What is the corresponding ciphertext?
• The plaintext MEETMELATER gets processed by a product
cipher, comprised of Caesar Cipher (with a key of 23) and
Permutation Cipher (with a key of [5 3 1 4 2] and no padding
with extra letters). What is the corresponding ciphertext?
One-Time Pad
Vernam Cipher
OTP
OTP
• The one-time pad (OTP) is valid for only one login session or
transaction.
• Random key that was truly as long as the message, with no
repetitions.
• OTP is unbreakable.
• Each key should be used once and destroyed by both
sender and receiver.
• OTP provides perfect secrecy.
Vernam Cipher
Question
• Suppose a message gets encrypted using a bit-by-bit XOR with a key,

i.e., the key bit of one flips the message bit at the corresponding
location. For example, if p=010, and k=110, then c=100.
• If Alice wants to send a 1-Byte message, p=01100011, and Alice and
Bob agrees on the key, k=11010001, then what is the ciphertext, c?
Rotor Machine
Rotor Machine
• The machine consists of a set of independently rotating cylinders
through which electrical pulses can flow.
• Each cylinder has 26 input pins and 26 unique output pins.

Rotor Machine
• If we associate each input and output pin with a letter then a
single cylinder defines Monoalphabetic substitution.
Rotor Machine
• After 26 letters of plaintext, the cylinder would be back to the
initial position. Then behaves like Polyalphabetic substitution.
• The power of the rotor machine is in the use of multiple
cylinders, in which the output pins of one cylinder are
connected to the to the input pins of the next.
Rotor Machine
• With multiple (three) cylinders, input rotates one pin
position with each keystroke.
• For every complete rotation of the outer cylinder, the
middle cylinder rotates one pin position and so.
• The result is 26 * 26 * 26 = 17,576 permutations.
• The addition of fourth and fifth cylinder results
456,976 and 11,881376.
Rotor Machine
Steganography
Steganography
• The ancient Greek having hidden messages on the
messenger's head which will be hidden by the hair
that is grown after encryption.
Steganography
• Steganography is a method of hiding secret data, by embedding it

into an audio, video, image or text file.
• It is one of the methods employed to protect secret or sensitive data

from malicious attacks.
Steganography
• A simple form of steganography is arrangement of
letters or words within a real message.
Example:
• What is the steganographic message hidden in the
following? (letters)
• Since everyone can read, encoding text in neutral
sentences is doubtfully effective.
SECRET INSIDE
Steganography
Example:
• What is the steganographic message hidden in the following? (words)
Types of Steganography
Character Marking Invisible Ink
Steganography
Techniques
Typewriter Correction
Pin Punctures Ribbon
• Character Marking :
Selected letters are overwritten in pencil. The
marks are not visible unless the paper is held at an
angle to bright light.
• Invisible Ink :
A number of substances can be used for writing but
leave no visible trace until heat or some chemical
applied to the paper.
• Pin Punctures
Small pin punctures on selected letters are ordinary
not visible unless the paper is held up in front of a
light.
• Typewriter Correction Ribbon

Used between lines typed with a black ribbon, the
result of typing with the correction tape are visible
only under a strong light.

Module 1 Introduction

Uploaded by

Document Information

Original Description:

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Module 1 Introduction

Uploaded by

Copyright:

Available Formats

Cryptography and Network Security ECS305

Introduction: Computer Security Concepts, The OSI Security

Classical Encryption Techniques: Substitution Techniques, Caesar

ajkw okf 34kfj 4ojf 4Akakk

An Enemy , A very smart Person

Cryptography is the practice and study of

Cryptography is the art of achieving security by

An Enemy , A very smart Person

An Enemy , A very smart Person

An Enemy , A very smart Person

: Encryption Key Decryption : Decryption Algorithm : Decryption Key

Symmetric Key Cryptography

: Encryption Ke : Decryption Key

One Key 𝑁𝑢𝑚𝑏𝑒𝑟 𝑜𝑓 𝑘𝑒𝑦𝑠=( 𝑁 ∗( 𝑁 − 1))/ 2

Asymmetric Key Cryptography y

Private key Public key

Public key Public key

Public key Public key

Key Pair Key Pair

HTTPS (Hyper Text Transfer Protocol)

Symmetric Key Cryptography Asymmetric Key Cryptography

Advance Encryption Standard Elliptic Curve Diffie-Hellman

An Enemy , A very smart Person

• Based on the amount of information known to Cryptanalyst, apply

An Attacker , A very smart Person : Decryption Algorithm

A copy of cipher text is known to the cryptanalyst.

Methods used in Ciphertext-Only attack :

• Thus, the opponent must rely on an analysis of the ciphertext itself,

An Attacker , A very smart Person : Decryption Algorithm

Known plain Text

• The plaintext/ciphertext pairs have been collected earlier.

• If attack succeeds in deducing the key, the effect is catastrophic.

An Attacker , A very smart Person : Decryption Algorithm

Chosen Plain Text

• Method used in Chosen Plaintext attack is Differential Cryptanalysis

An Attacker , A very smart Person : Decryption Algorithm

Chosen Cipher Text

• Method used in Chosen Ciphertext attack is Differential Cryptanalysis

• There is no encryption algorithm that is unconditionally secure except

The art or process of deciphering coded messages without being

Information Information : Decryption Algorithm

• Security attack: Any action that compromises the security of

information owned by an organization.

An Attacker , A very smart Person

An Attacker , A very smart Person

The way in which attacker can launch the attack

Interruption Modification Fabrication Interception

An Enemy , A very smart Person

Alice, Bob, Eve Framework

• Attack on Availability – breaking the communication link

An Enemy , A very smart Person

Alice, Bob, Eve Framework

Message Public Network

• Attack on Availability – breaking the communication link

An Enemy , A very smart Person

Alice, Bob, Eve Framework

Message Public Network

• Attack on Availability – Overload at the receiver end

An Enemy , A very smart Person

Alice, Bob, Eve Framework

An Enemy , A very smart Person

Alice, Bob, Eve Framework

• Attack on Integrity (authorization)