GUJARAT TECHNOLOGICAL UNIVERSITY

GRADUATE SCHOOL OF ENGINEERING AND TECHNOLOGY

PRACTICAL - 1
Course Code & Name Cyber Security and Cryptography: Principles and Practices
(4715907)
Academic Term 2022-2023
Enrolment No. 2022CS12 Batch: B1
Student Name Pranav Patel

Objective:
1 To explain and apply a substitution algorithm for encryption of a plain text message.

Expected Outcome: CO
1

Brief:

Substitutions are quite simple. As the name implies, they substitute one thing for another to
encrypt plaintext into ciphertext. The key is the arrangement of the characters (if we're dealing
with an alphabet substitution) that tells us what is exchanged for what.
Consider the alphabet and a rotation cipher of 2 positions.
a b c d e f g h i j k l m n o p q r s t u v w x y z becomes
cdefghijklmnopqrstuvwxyzab
To encrypt, replace all letters in your plain text with the corresponding letter below it, as given in
the box above. For example, using this method,
pranav
becomes
rtcpcx
To decrypt, simply replace these letters with the corresponding ones above.
There are a number of different types of substitution cipher. If the cipher operates on single
letters, it is termed a simple substitution cipher; a cipher that operates on larger groups of
letters is termed polygraphic. A monoalphabetic cipher uses fixed substitution over the entire
message, whereas a polyalphabetic cipher uses a number of substitutions at different positions
in the message, where a unit from the plaintext is mapped to one of several possibilities in the
ciphertext and vice versa.
There are many types of Substitution Technique:
1. Caesar Cipher
2. Monoalphabetic Cipher
3. Polyalphabetic Cipher

1
 4. Playfair Cipher
5. Hill Cipher
6. One-Time Pad

Let discuss one of the technique:

Caesar Cipher:- The Caesar Cipher technique is one of the earliest and simplest methods of
encryption technique. It’s simply a type of substitution cipher, i.e., each letter of a given text is
replaced by a letter with a fixed number of positions down the alphabet. For example with a
shift of 1, A would be replaced by B, B would become C, and so on. The method is apparently
named after Julius Caesar, who apparently used it to communicate with his officials.  
Thus to cipher a given text we need an integer value, known as a shift which indicated the
number
of positions each letter of the text has been moved down. The encryption can be represented
using modular arithmetic by first transforming the letters into numbers, according to the
scheme, A = 0, B = 1,…, Z = 25. Encryption of a letter by a shift n can be described
mathematically as. 
 En(x) = (p+k) mod26 Encryption Phase with shift n
 Dn(x) = (c-k) mod26 Decryption Phase with shift n

Fig. 1.1 Number Substitution Cipher

Three important characteristics of this problem enabled us to use a brute-force cryptanalysis:

 The encryption and decryption algorithms are known.
 There are only 25 keys to try.
 The language of the plaintext is known and easily recognizable

Algorithm

Step 1: Select the Key to shift the Alphabet

Step 2: Apply the Key on Plain Text and try to encode it with Key.
Step 3: Same process repeat for decryption to get plain text

2
Flow chart

26 26

Fig 1.2 Flowchart of Caesar Cipher Encryption and Decryption

Pseudocode
Encryption:
For i=1 to lenght (s) do
Begin
C=ord(upcase(s[i]))-indice;
If c<65 then c=c+26;
S[i]=chr(c);
End;

Decryption:
For i=1 to lenght (s) do
Begin
C=ord(upcase(s[i]))+indice;
If c>90 then c=c-26;
S[i]=chr(c);
End;

3
Output

Evaluation Rubrics Marks Inadequate Good Excellent

0% 50% 100%
1 The understanding of the Student regarding 2
the objective of the given practical
2 Installation of Software or Hardware Setup 2
level
3 Quality of the Analysis done 2
4 Quality of the report including concluding 2
remarks and Findings
5 Question & Answer related to given practical 2
& timely submission
10
Total Marks Obtained Out of 10

4
Date of Completion: __________________ Course Co-ordinator: ____________________

GUJARAT TECHNOLOGICAL UNIVERSITY

GRADUATE SCHOOL OF ENGINEERING AND TECHNOLOGY

PRACTICAL - 2
Course Code & Name Cyber Security and Cryptography: Principles and Practices
(4715907)
Academic Term 2022-2023
Student Enrolment No. 2022CS12 Batch: B1
Student Name Pranav Patel

Objective
2 To explain and apply a transposition algorithm for encryption of a plain text message.

Expected Outcome: CO
1

Brief

Transposition technique is an encryption method which is achieved by performing permutation

over the plain text. Mapping plain text into cipher text using transposition technique is
called transposition cipher.
In cryptography, a transposition cipher is a method of encryption by which the positions held by units of
plaintext (which are commonly characters or groups of characters) are shifted according to a regular
system, so that the ciphertext constitutes a permutation of the plaintext. That is, the order of the units is
changed. Mathematically a bijective function is used on the characters' positions to encrypt and an inverse
function to decrypt.
Transposition is often combined with other techniques. For example, a simple substitution cipher
combined with a columnar transposition avoids the weakness of both. Replacing high frequency
ciphertext symbols with high frequency plaintext letters does not reveal chunks of plaintext because of the
transposition. Anagramming the transposition does not work because of the substitution. The technique is
particularly powerful if combined with fractionation (see below). A disadvantage is that such ciphers are
considerably more laborious and error prone than simpler ciphers.
Following are some techniques:-
1. Rail Fence cipher
2. Columnar transposition
3. One Time Pad

Let discuss one of the techniques:-

Rail Fence Cipher:- The Rail Fence cipher is a form of transposition cipher that gets its name from the
way in which it is encoded. In the rail fence cipher, the plaintext is written downwards on successive
"rails" of an imaginary fence, then moving up when we get to the bottom. The message is then read off in

5
rows. For example, using three "rails" and a message of 'WE ARE DISCOVERED. FLEE AT ONCE', the
cipherer writes out:
W . . . . . . E . . . . .C . . . . . .R . . . . . . .L . . . . . .T . . . . . . . E
. E . . . R . . .D . .S . O . . E . . .E . . .F . . E . . .A . .O . . . C .
. . . .A . . . . . . I . . . . . V . . . . . .D . . . . . . E . . . . . . .N . .

Then reads off:

WECRL TEERD SOEEF EAOCA IVDEN

Fig. 2.1 Rail Fence Cipher

Algorithm
Step 1: Write down the plain text message as a sequence of diagonals.
Step 2: Read the plain text written in step 1 , row wise.
Step 3: Suppose plain text is “This is I secret message” if we perform rail-fence cipher operation
on this text it will be coded as TATGHSSEMAEIIERESSCS.
Step 4: It involves writing plain text in a diagonal sequence and then reading it row by row to
produce cipher text.
Step 5: It is quite clear that this technique is simple for cryptanalyst to break into.

6
Flow chart

Fig 2.2 Flowchart of Rail Fence Cipher

7
Pseudocode

for column in range(key):

pointer = column
while pointer < len(plaintext):
ciphertext[column] += plaintext[pointer]
print("ciphertext = ",ciphertext)
pointer +=key

Output

Evaluation Rubrics Marks Inadequate Good Excellent

0% 50% 100%
1 The understanding of the Student regarding 2
the objective of the given practical
2 Installation of Software or Hardware Setup 2
level
3 Quality of the Analysis done 2
4 Quality of the report including concluding 2
remarks and Findings
5 Question & Answer related to given practical 2
& timely submission
10
Total Marks Obtained Out of 10

8
Date of Completion: __________________ Course Co-ordinator: ____________________

GUJARAT TECHNOLOGICAL UNIVERSITY

GRADUATE SCHOOL OF ENGINEERING AND TECHNOLOGY

PRACTICAL - 3
Course Code & Cyber Security and Cryptography: Principles and Practices (4715907)
Name
Academic Term 2022-2023
Enrolment No. 2022CS12 Batch: B1
Student Name Pranav Patel

Objective
3 To apply the Data Encryption Algorithm (DES) for encryption of plain text.

Expected Outcome: CO
1

Brief

Data encryption standard (DES) has been found vulnerable to very powerful attacks and
therefore, the popularity of DES has been found slightly on the decline. DES is a block cipher
and encrypts data in blocks of size of 64 bits each, which means 64 bits of plain text go as the
input to DES, which produces 64 bits of ciphertext. The same algorithm and key are used for
encryption and decryption, with minor differences. The key length is 56 bits. The basic idea is
shown in the figure:

9
 Fig. 3.1 DES Process
Algorithm
DES Algorithm Steps :-
To put it in simple terms, DES takes 64-bit plain text and turns it into a 64-bit ciphertext. And
since we’re talking about asymmetric algorithms, the same key is used when it’s time to decrypt
the text.
The algorithm process breaks down into the following steps:
1. The process begins with the 64-bit plain text block getting handed over to an initial
permutation (IP) function.
2. The initial permutation (IP) is then performed on the plain text.
1. Next, the initial permutation (IP) creates two halves of the permuted block, referred to as
Left Plain Text (LPT) and Right Plain Text (RPT).
2. Each LPT and RPT goes through 16 rounds of the encryption process.
3. Finally, the LPT and RPT are rejoined, and a Final Permutation (FP) is performed on the
newly combined block.
4. The result of this process produces the desired 64-bit ciphertext.

Steps for Encryption :-

There are multiple steps involved in the steps for data encryption. They are:
1. Permutate the 64-bits in the plain text and divide them into two equal halves.
2. These 32-bit chunks of data will undergo multiple rounds of operations.
3. Apply XOR operation in between expanded right plain text and the compressed key of
48-bit size.
4. The resultant output is sent to the further step known as S-box substitution.
5. Now apply the XOR function to the output and the left plain text and store it in the right
plain text.
6. Store the initial right plain text in the left plain text.

10
 5. Both the LPT and RPT halves are forwarded to the next rounds for further operations.
6. At the end of the last round, swap the data in the LPT and RPT.
7. In the last step, apply the inverse permutation step to get the cipher text.

Steps for Decryption :-

The steps involved in the steps for data decryption are:
1. The order of the 16 48-bit keys is reversed such that key 16 becomes key 1, and so on.
2. The steps for encryption are applied to the ciphertext.

Flow chart

Fig 3.2 Flowchart of DES Algorithm

Pseudocode
rounds <-- generate 15 rounds with 15 different keys using the key
generator

11
 rounds <-- add a 16th round with just the Mixer component
function encrypt(sequence):
ciphertext <-- initial permutation on sequence
for round in rounds [i = 1... 16]
ciphertext = round.encrypt(ciphertext)
endfor
return final permutation on ciphertext
endfunction
function decrypt(sequence):
plaintext <-- final permutation inverse on sequence
for round in rounds [i = 16... 1] // going in
reverse
plaintext = round.decrypt(plaintext)
endfor
return initial permutation inverse on plaintext
endfunction

Output

12
 Evaluation Rubrics Marks Inadequate Good Excellent
0% 50% 100%
1 The understanding of the Student regarding 2
the objective of the given practical
2 Installation of Software or Hardware Setup 2
level
3 Quality of the Analysis done 2
4 Quality of the report including concluding 2
remarks and Findings
5 Question & Answer related to given practical 2
& timely submission
10
Total Marks Obtained Out of 10

Date of Completion: __________________ Course Co-ordinator: ____________________

GUJARAT TECHNOLOGICAL UNIVERSITY

GRADUATE SCHOOL OF ENGINEERING AND TECHNOLOGY

PRACTICAL - 4
Course Code & Cyber Security and Cryptography: Principles and Practices (4715907)
Name
Academic Term 2022-2023
Enrolment No. 2022CS12 Batch: B1
Student Name Pranav Patel

Objective
4 To apply the Advance Encryption standard (AES) for encryption of plain text.

Expected Outcome: CO
1

Brief

Advanced Encryption Standard (AES) is a specification for the encryption of electronic data
established by the U.S National Institute of Standards and Technology (NIST) in 2001. AES is
widely used today as it is a much stronger than DES and triple DES despite being harder to
implement.
Points to remember
 AES is a block cipher.

13
  The key size can be 128/192/256 bits.
 Encrypts data in blocks of 128 bits each.
That means it takes 128 bits as input and outputs 128 bits of encrypted cipher text as output. AES
relies on substitution-permutation network principle which means it is performed using a series
of linked operations which involves replacing and shuffling of the input data.
Operation of AES
AES is an iterative rather than Feistel cipher. It is based on ‘substitution–permutation network’.
It comprises of a series of linked operations, some of which involve replacing inputs by specific
outputs (substitutions) and others involve shuffling bits around (permutations).
Interestingly, AES performs all its computations on bytes rather than bits. Hence, AES treats the
128 bits of a plaintext block as 16 bytes. These 16 bytes are arranged in four columns and four
rows for processing as a matrix –
Unlike DES, the number of rounds in AES is variable and depends on the length of the key. AES
uses 10 rounds for 128-bit keys, 12 rounds for 192-bit keys and 14 rounds for 256-bit keys. Each
of these rounds uses a different 128-bit round key, which is calculated from the original AES
key.

Fig. 4.1 AES Process

Algorithm for AES Encryption:

Each round comprise of four sub-processes. The first round process is depicted below –
1) Byte Substitution (SubBytes): The 16 input bytes are substituted by looking up a fixed table
(S-box) given in design. The result is in a matrix of four rows and four columns.

14
2) Shiftrows: Each of the four rows of the matrix is shifted to the left. Any entries that ‘fall off’
are reinserted on the right side of row. Shift is carried out as follows −
 First row is not shifted.
 Second row is shifted one (byte) position to the left.
 Third row is shifted two positions to the left.
 Fourth row is shifted three positions to the left.
 The result is a new matrix consisting of the same 16 bytes but shifted with respect to each
other.

3) MixColumns: Each column of four bytes is now transformed using a special mathematical
function. This function takes as input the four bytes of one column and outputs four completely
new bytes, which replace the original column. The result is another new matrix consisting of 16
new bytes. It should be noted that this step is not performed in the last round.

4) Addroundkey: The 16 bytes of the matrix are now considered as 128 bits and are XORed to
the 128 bits of the round key. If this is the last round then the output is the ciphertext. Otherwise,
the resulting 128 bits are interpreted as 16 bytes and we begin another similar round.

Flow chart

15
 Fig 4.2 Flowchart of AES Algorithm
Pseudocode
function AESdecrypt(ciphertext, key) {

blocks := divideIntoBlocks(ciphertext);
roundKeys = getRoundKeys(key)
for (block in blocks) {
//first round
addRoundKey(roundKeys[numRounds - 1], block);
shiftRowsInv(block);
subBytesInv(block);
//intermediate rounds
for (8, 10 or 12 rounds) {
addRoundKey(roundKeys[..], block);
mixColumnsInv(block);
shiftRowsInv(block);
subBytesInv(block);
}
//last round
addRoundKey(roundKeys[0], block);
}
plaintext := reassemble(blocks);

16
 return plaintext;
}

Output

Evaluation Rubrics Marks Inadequate Good Excellent

0% 50% 100%
1 The understanding of the Student regarding 2
the objective of the given practical
2 Installation of Software or Hardware Setup 2
level
3 Quality of the Analysis done 2
4 Quality of the report including concluding 2
remarks and Findings
5 Question & Answer related to given practical 2
& timely submission
10
Total Marks Obtained Out of 10

Date of Completion: __________________ Course Co-ordinator: ____________________

GUJARAT TECHNOLOGICAL UNIVERSITY

17
 GRADUATE SCHOOL OF ENGINEERING AND TECHNOLOGY

PRACTICAL - 5
Course Code & Cyber Security and Cryptography: Principles and Practices (4715907)
Name
Academic Term 2022-2023
Enrolment No. 2022CS12 Batch: B1
Student Name Pranav Patel

Objective
5 To analyze the working of MD5 for data integrity

Expected Outcome: CO
1

Brief
MD5 is a cryptographic hash function algorithm that takes the message as input of any length
and changes it into a fixed-length message of 16 bytes. MD5 algorithm stands for the message-
digest algorithm. MD5 was developed as an improvement of MD4, with advanced security
purposes. The output of MD5 (Digest size) is always 128 bits. MD5 was developed in 1991
by Ronald Rivest.
Use Of MD5 Algorithm:
 It is used for file authentication.
 In a web application, it is used for security purposes. e.g. Secure password of users etc.
 Using this algorithm, We can store our password in 128 bits format. 
MD5 algorithm follows the following steps:-
1. Append Padding Bits:- In the first step, we add padding bits in the original message in
such a way that the total length of the message is 64 bits less than the exact multiple of
512.  
2. Append Length Bits:- In this step, we add the length bit in the output of the first step in
such a way that the total number of the bits is the perfect multiple of 512. Simply, here
we add the 64-bit as a length bit in the output of the first step. 
3. Initialize MD buffer:- Here, we use the 4 buffers i.e. J, K, L, and M. The size of each
buffer is 32 bits. 
4. Process Each 512-bit Block:- This is the most important step of the MD5 algorithm.
Here, a total of 64 operations are performed in 4 rounds. In the 1st round, 16 operations
will be performed, 2nd round 16 operations will be performed, 3rd round 16 operations
will be performed, and in the 4th round, 16 operations will be performed. We apply a
different function on each round i.e. for the 1st round we apply the F function, for the 2nd
G function, 3rd for the H function, and 4th for the I function. 

18
 Fig. 5.1 MD5 Process

Algorithm
MD5 Algorithm:-
There are four major sections of the algorithm:

Fig 5.2MD5 Process Overview

Padding Bits:-
When you receive the input string, you have to make sure the size is 64 bits short of a multiple of
512. When it comes to padding the bits, you must add one(1) first, followed by zeroes to round
out the extra characters.

Padding Length:-
You need to add a few more characters to make your final string a multiple of 512. To do so,
take the length of the initial input and express it in the form of 64 bits. On combining the two, the
final string is ready to be hashed.
Initialize MD Buffer:-
The entire string is converted into multiple blocks of 512 bits each. You also need to initialize
four different buffers, namely A, B, C, and D. These buffers are 32 bits each and are initialized
as follows:
A = 01 23 45 67
B = 89 ab cd ef
C = fe dc ba 98

19
D = 76 54 32 10
Process Each Block:-
Each 512-bit block gets broken down further into 16 sub-blocks of 32 bits each. There are four
rounds of operations, with each round utilizing all the sub-blocks, the buffers, and a constant
array value.
This constant array can be denoted as T[1] -> T[64].
Each of the sub-blocks are denoted as M[0] -> M[15].

Fig 5.3 MD5 Process Blocks

Flowchart

Fig. 5.4 Flowchart of MD5 Hash

Pseudocode

20
public class MD5 {
public static String getMd5(String input){
try {
// Static getInstance method is called with hashing MD5
MessageDigest md = MessageDigest.getInstance("MD5");
// digest() method is called to calculate message digest
// of an input digest() return array of byte
byte[] messageDigest = md.digest(input.getBytes());
// Convert byte array into signum representation BigInteger no =
new BigInteger(1, messageDigest);
// Convert message digest into hex value String hashtext =
no.toString(16);
while (hashtext.length() < 32) { hashtext = "0" + hashtext;}
return hashtext;}
// For specifying wrong message digest algorithms catch
(NoSuchAlgorithmException e) {
throw new RuntimeException(e);}

Output

Evaluation Rubrics Marks Inadequate Good Excellent

0% 50% 100%
1 The understanding of the Student regarding 2
the objective of the given practical
2 Installation of Software or Hardware Setup 2
level
3 Quality of the Analysis done 2
4 Quality of the report including concluding 2
remarks and Findings
5 Question & Answer related to given practical 2
& timely submission
10
Total Marks Obtained Out of 10

Date of Completion: __________________ Course Co-ordinator: ____________________

GUJARAT TECHNOLOGICAL UNIVERSITY

21
 GRADUATE SCHOOL OF ENGINEERING AND TECHNOLOGY

PRACTICAL - 6
Course Code & Cyber Security and Cryptography: Principles and Practices (4715907)
Name
Academic Term 2022-2023
Enrolment No. 2022CS12 Batch: B1
Student Name Pranav Patel

Objective
6 To analyze the Hashing algorithm SHA for data authenticity.

Expected Outcome: CO
1

Brief
SHA-1 or Secure Hash Algorithm 1 is a cryptographic hash function which takes an input and
produces a 160-bit (20-byte) hash value. This hash value is known as a message digest. This
message digest is usually then rendered as a hexadecimal number which is 40 digits long. It is a
U.S. Federal Information Processing Standard and was designed by the United States National
Security Agency. SHA-1 is now considered insecure since 2005. Major tech giants browsers like
Microsoft, Google, Apple and Mozilla have stopped accepting SHA-1 SSL certificates by 2017.
To calculate cryptographic hashing value in Java, MessageDigest Class is used, under the
package java.security. MessageDigest Class provides following cryptographic hash function to
find hash value of a text as follows:2
1. MD5
2. SHA-1
3. SHA-224
4. SHA-256
5. SHA-384
6. SHA-512
These algorithms are initialized in static method called getInstance(). After selecting the
algorithm the message digest value is calculated and the results are returned as a byte array.
BigInteger class is used, to convert the resultant byte array into its signum representation. This
representation is then converted into a hexadecimal format to get the expected MessageDigest.

Flow chart

22
 Fig 6.2 Flowchart of SHA-512 Algorithm
Pseudocode
For each 512-bit chunk of message
break chunk into sixteen 32-bit little-endian words
w[i] for(i=0;i<15;i++)
/* Initialize hash value for this chunk: (recall ho,h1, h2,
h3 were declared as constants earlier) */
var int a = ho
var int b := h1
var int c := h2
var int d := h3

Output

Evaluation Rubrics Marks Inadequate Good Excellent

0% 50% 100%
1 The understanding of the Student regarding 2

23
 the objective of the given practical
2 Installation of Software or Hardware Setup 2
level
3 Quality of the Analysis done 2
4 Quality of the report including concluding 2
remarks and Findings
5 Question & Answer related to given practical 2
& timely submission
10
Total Marks Obtained Out of 10

Date of Completion: __________________ Course Co-ordinator: ____________________

24