Topic no -03 (NIS)

plain text:

plain text refers to any data or message that is stored or transmitted without
encryption. It is readable by humans and machines without needing decryption.

In network and information security, plain text (or plaintext) refers to data that is
in its original, readable, and unencrypted form. This means that anyone who
intercepts or accesses the data can read and understand it without needing any
decryption process.

Key Concepts:

1. Plaintext vs. Ciphertext

o Plaintext: The original, readable data before encryption.
o Ciphertext: The encrypted version of plaintext, which is unreadable
without a decryption key.
2. Risks of Plaintext
o If transmitted over an insecure network, plaintext can be intercepted
by attackers (e.g., through packet sniffing).
o Storing sensitive data (e.g., passwords, personal information) in
plaintext makes it vulnerable to data breaches.
3. Best Practices for Security
o Use Encryption: Convert plaintext into ciphertext using secure
encryption algorithms (e.g., AES, RSA).
o Secure Transmission: Use protocols like TLS/SSL (HTTPS) to
protect data in transit.
o Hashing for Passwords: Store passwords using cryptographic hash
functions (e.g., bcrypt, SHA-256) instead of plaintext.

Example of Plaintext vs. Ciphertext

4. Plaintext Message:

5. kotlin
6. Hello, this is a secret message.

Encrypted (Ciphertext) Message (Using AES Encryption):

 7. U2FsdGVkX1+AeP6O0+4x9zC9vlUn+GFLxQ==
8. In the encrypted form, the message is protected and can only be understood
if decrypted with the correct key.

Ciphertext

Ciphertext in network and information security refers to data that has been
encrypted using cryptographic algorithms to protect its confidentiality. When
plaintext is transformed into ciphertext, it becomes unreadable to anyone who does
not possess the correct decryption key. This ensures that sensitive information,
such as passwords, financial transactions, and private communications, remains
secure from unauthorized access. Various encryption methods, including
symmetric and asymmetric cryptography, are used to convert plaintext into
ciphertext. In secure communication protocols like SSL/TLS, ciphertext plays a
crucial role in safeguarding data transmitted over the internet. By employing strong
encryption techniques, organizations and individuals can prevent cyber threats
such as eavesdropping, data breaches, and identity theft. However, encryption
strength depends on factors such as key length and algorithm complexity. While
ciphertext enhances security, it also requires proper key management and
authentication mechanisms to ensure authorized decryption and access to critical
data.

How Ciphertext Works

1. Encryption Process:
o Plaintext (original message) → Encryption Algorithm + Key →
Ciphertext (unreadable data)
2. Decryption Process:
o Ciphertext → Decryption Algorithm + Key → Plaintext (original
message)

3. Importance of Ciphertext in Network Security

4. ✔ Confidentiality: Prevents unauthorized access to sensitive data.
✔ Data Integrity: Protects data from tampering and modification.
 ✔ Authentication: Ensures only authorized users can decrypt messages.
✔ Secure Communication: Used in SSL/TLS, VPNs, and encrypted
messaging app

Cryptography:

1. Key Principles of Cryptography

Cryptography is built on four essential principles:

1. Confidentiality – Ensures that only authorized users can access data.

2. Integrity – Guarantees that data remains unaltered during transmission.
3. Authentication – Verifies the identity of users or devices.
4. Non-Repudiation – Prevents a sender from denying the transmission of a
message.

2. Types of Cryptography

a) Symmetric Cryptography (Private Key Encryption)

 Uses a single key for both encryption and decryption.

 Fast and efficient but requires secure key distribution.
 Examples:
o AES (Advanced Encryption Standard)
o DES (Data Encryption Standard)
o 3DES (Triple DES)

b) Asymmetric Cryptography (Public Key Encryption)

 Uses a pair of keys: a public key for encryption and a private key for
decryption.
 Provides secure key exchange and digital signatures.
 Examples:
o RSA (Rivest-Shamir-Adleman)
o ECC (Elliptic Curve Cryptography)
o Diffie-Hellman Key Exchange
3. Cryptographic Hash Functions

Hash functions generate a fixed-size output (hash) from an input message, ensuring
data integrity. These functions are one-way and collision-resistant.

 Examples:
o SHA-256 (Secure Hash Algorithm-256)
o MD5 (Message Digest 5) [Not Secure for Modern Use]
o SHA-3

4. Cryptographic Applications in Network Security

a) Secure Communication Protocols

 SSL/TLS (Secure Sockets Layer / Transport Layer Security) – Encrypts

web traffic (HTTPS).
 IPSec (Internet Protocol Security) – Encrypts VPN connections.
 PGP (Pretty Good Privacy) – Encrypts emails.

b) Digital Signatures

 Ensures authenticity and integrity of messages/documents.

 Uses asymmetric cryptography (RSA, ECC).

c) Blockchain and Cryptocurrencies

 Uses cryptographic techniques for secure transactions.

 Bitcoin and Ethereum use SHA-256 and ECDSA (Elliptic Curve Digital
Signature Algorithm).

d) Password Security

 Uses hashing and salting to store passwords securely.

 Bcrypt, PBKDF2, and Argon2 are recommended for password hashing.

5. Future Trends in Cryptography

  Post-Quantum Cryptography (PQC) – Developing encryption resistant to
quantum computers.
 Zero-Knowledge Proofs (ZKP) – Enables verification of data without
revealing the actual data.
 Homomorphic Encryption – Allows computation on encrypted data
without decryption.

Cryptanalysis:
Cryptanalysis is the study of analyzing and breaking cryptographic systems to
uncover hidden information, such as plaintext messages or cryptographic keys. It
plays a crucial role in network and information security by evaluating the
strength of encryption algorithms and ensuring data confidentiality, integrity, and
authenticity.

1. Purpose of Cryptanalysis

The primary goals of cryptanalysis in network security include:

 Breaking Encryption: Attempting to decrypt messages without knowing

the encryption key.
 Identifying Weaknesses: Discovering flaws in cryptographic algorithms
that attackers could exploit.
 Strengthening Security: Helping in the development of stronger
cryptographic protocols.

Cryptology:
Cryptology is the study of techniques for secure communication, ensuring that
information is protected from unauthorized access or tampering. It is a
combination of two fields:

1. Cryptography – The practice of designing secure communication methods,

such as encryption and decryption techniques. It includes methods like
symmetric encryption (AES) and asymmetric encryption (RSA).
 2. Cryptanalysis – The science of breaking cryptographic codes and
uncovering weaknesses in security systems.

Cryptology is widely used in cybersecurity, digital communications, banking, and

military applications to ensure privacy, integrity, and authentication of data.

differences between encryption and decryption:

Feature Encryption Decryption

Definition Converts plaintext into Converts ciphertext back

ciphertext (unreadable into plaintext (readable
format) format)
Purpose Ensures data Retrieves original data
confidentiality and for authorized users
security
Process Uses an encryption Uses a decryption
algorithm and a key algorithm and a key
Input Plaintext (readable data) Ciphertext (encrypted
data)
Output Ciphertext Plaintext (original
(unreadable/encrypted readable data)
data)
Key Usage Requires an encryption Requires a decryption
key key (same or different
depending on encryption
type)
Types Symmetric & Symmetric &
Asymmetric Encryption Asymmetric Decryption
Example Algorithms AES, RSA, DES AES, RSA, DES

User Access Performed by the sender Performed by the

before transmission receiver after receiving
encrypted data
Encryption:
Encryption is the process of converting information into a coded format to prevent
unauthorized access. It transforms readable data (plaintext) into an unreadable
form (ciphertext) using an algorithm and a key. Only those with the correct
decryption key can convert the ciphertext back into plaintext.

Types of Encryption

1. Symmetric Encryption – Uses a single key for both encryption and

decryption. Example: AES (Advanced Encryption Standard).
2. Asymmetric Encryption – Uses a pair of keys: a public key for encryption
and a private key for decryption. Example: RSA (Rivest-Shamir-Adleman).

Common Uses of Encryption

 Securing online transactions (e.g., HTTPS for websites)

 Protecting sensitive data (e.g., passwords, emails, files)
 Ensuring privacy in messaging apps (e.g., end-to-end encryption in
WhatsApp, Signal)

Decryption:
Decryption is the process of converting encrypted or encoded data (ciphertext)
back into its original, readable form (plaintext). It is the reverse of encryption,
which transforms plaintext into ciphertext to protect it from unauthorized access.

Decryption requires a key or password, which was used during encryption, to

decode the information. It is commonly used in cybersecurity, data protection, and
secure communications.

Example:

 Encryption: "Hello" → Encrypted as "Jklmn"

 Decryption: "Jklmn" → Converted back to "Hello"

Common decryption methods include:

🔐 Symmetric Encryption (e.g., AES, DES) – Same key for encryption and
decryption
🔑 Asymmetric Encryption (e.g., RSA, ECC) – Different keys (public and private)

Substitution Techniques in Network and Information Security

Substitution techniques are cryptographic methods used to enhance data security by replacing
elements of plaintext with ciphertext according to a specific rule. These techniques are widely
used in encryption algorithms to protect sensitive information from unauthorized access.

1. Definition of Substitution Technique

A substitution cipher is a method of encryption where each unit of plaintext (such as a letter,
digit, or group of letters) is replaced with another unit based on a predetermined system. The
goal is to obscure the original message while maintaining a recoverable form through decryption.

Types of Substitution Techniques

A. Classical Substitution Ciphers

These ciphers are simple forms of encryption used in early cryptographic methods.

1. Caesar Cipher
 o Each letter in the plaintext is shifted by a fixed number of positions in the
alphabet.
o Example (Shift = 3):
 Plaintext: HELLO
 Ciphertext: KHOOR
2. Monoalphabetic Cipher
o A more complex form where each letter is replaced with a different fixed letter
(not just shifted).
o Example:
 Plaintext: HELLO
 Ciphertext: XUBBE (random substitution)
3. Playfair Cipher
o Uses a 5x5 grid of letters (key square) to encrypt digraphs (pairs of letters) instead
of single letters.
o Example:
 Plaintext: HELLO WORLD → HE LL OW OR LD
 Each pair is substituted based on the Playfair rules.
4. Vigenère Cipher
o Uses a key phrase to determine shifts for each letter based on multiple Caesar
shifts.
o Example:
 Key: KEYKEYK
 Plaintext: HELLO
 Ciphertext: RIJVS
5. One-Time Pad (OTP)
o A theoretically unbreakable cipher where a random key (equal in length to the
message) is used for substitution.
o Used in military applications for maximum security.

B. Modern Substitution Ciphers in Cryptography

In modern cryptography, substitution is used in block and stream ciphers to enhance security.

1. Substitution-Permutation Network (SPN)

o Found in symmetric key algorithms like AES (Advanced Encryption Standard).
o Uses S-Boxes (Substitution Boxes) to replace input values with different outputs
for confusion.
2. S-Box in AES
o A nonlinear substitution function that transforms input bytes.
o Protects against cryptanalysis by increasing complexity.
3. Feistel Network (Used in DES - Data Encryption Standard)
o Uses multiple rounds of substitution and permutation to encrypt data securely.
4. Homomorphic Encryption
 o Uses mathematical substitutions to allow computations on encrypted data without
decryption.

3. Importance of Substitution Techniques in Security

 Confusion Property: Prevents the relationship between plaintext and ciphertext from
being easily determined.
 Resistance to Frequency Analysis: Stronger substitution ciphers (e.g., polyalphabetic
ciphers) resist attacks based on letter frequency.
 Foundation for Modern Cryptography: Used in symmetric and asymmetric encryption
techniques.

4. Limitations and Attacks on Substitution Techniques

 Simple substitution ciphers are vulnerable to frequency analysis.

 Brute-force attacks can break substitution ciphers with small keyspaces.
 Cryptanalysis methods (e.g., differential and linear cryptanalysis) can weaken
modern ciphers if poorly implemented.

Modified Caesar Cipher:

A Modified Caesar Cipher is an enhanced version of the traditional Caesar cipher,
used in network and information security to provide better encryption. The classic
Caesar cipher shifts each letter in the plaintext by a fixed number of positions in the
alphabet. However, in the modified version, additional security measures are
introduced, such as varying shift values for different characters, using a keyword-based
shift, or applying mathematical functions like modular arithmetic for dynamic shifting.
These modifications make it harder for attackers to decrypt messages through
frequency analysis. The modified Caesar cipher can be useful for lightweight
encryption in low-resource environments, but for robust security, it is often combined
with other cryptographic techniques. While still vulnerable to advanced cryptanalysis, it
serves as an introductory method for understanding encryption principles in network
security.

Transposition Techniques:

Transposition techniques are a class of encryption methods used in cryptography where

the positions of characters in plaintext are shifted according to a specific pattern or
algorithm, while their actual values remain unchanged. These techniques provide
confidentiality by making it difficult for unauthorized entities to recognize the original
message without knowledge of the key.

1. How Transposition Techniques Work

In a transposition cipher, plaintext characters are rearranged based on a fixed rule or key. Unlike
substitution ciphers (which replace characters with others), transposition ciphers only modify the
order of characters, preserving their original identity. The security of a transposition cipher relies
on the complexity of the permutation pattern.

Transposition Ciphers are an essential part of cryptography that

uses systematic shuffling of plain text characters or bits to secure
data by altering their positions based on some defined way or
algorithm. Moreover, unlike substitutive codes where different
letters substitute others, in these, you just shift about original
letters hence it does not at all look like any message.
The utilization of these strategies in relatively primitive encryption
methodologies, which in their simplicity formed the basis for more
sophisticated forms of encoding is shown by other historical ciphers
like Rail Fence and Columnar Transposition. Columnar
transpositions are still being explored and employed today within
complex systems. For instance, such as those involving hierarchical
structures that are meant to increase message secrecy through
extra levels of obscurity.
In this article, we will learn about techniques used to encrypt the
message earlier. This article will provide details about the
Transposition Cipher Technique. Then we are going to explore
various types of Transposition Cipher Technique.
Transposition Cipher Technique
The Transposition Cipher Technique is an encryption method used
to encrypt a message or information. This encryption method is
done by playing with the position of letters of the plain text. The
positions of the characters present in the plaintext are rearranged
or shifted to form the ciphertext. It makes use of some kind of
permutation function to achieve the encryption purpose. It is very
easy to use and so simple to implement.
Types of Transposition Cipher Techniques
There are three types of transposition cipher techniques
 Rail Fence Transposition Cipher
 Block (Single Columnar) Transposition Cipher
 Double Columnar Transposition Cipher
Rail Fence Transposition Cipher
Rail Fence Transposition cipher technique is the simplest
transposition cipher techniqueits. It is also termed as a zigzag
cipher. It gets its name from the way through which it performs
encryption of plain text. The steps to get cipher text with the help
of the Rail Fence Transposition cipher technique are as follow-
Technique of Rail Fence Transposition Cipher
Example: The plain text is "Hello Krishna"
Now, we will write this plain text in the diagonal form:

Rail Fence Transposition Cipher

Now, following the second step we get our cipher text.
Cipher Text = "rsnelkiha"
Block (Single Columnar) Transposition Cipher
Block Transposition Cipher is another form of Transposition Cipher
which was used to encrypt the message or information. In this
technique, first, we write the message or plaintext in rows. After
that, we read the message column by column. In this technique, we
use a keyword to determine the no of rows.
 Step 1: First we write the message in the form of rows and
columns, and read the message column by column.
 Step 2: Given a keyword, which we will use to fix the
number of rows.
 Step 3: If any space is spared, it is filled with null or left
blank or in by (_).
 Step 4: The message is read in the order as specified by the
keyword.
Block Columnar Transposition Cipher
For example: The plaintext is "KRISHNA RANJAN"
Now we will write the plaintext in the form of row and column.
Cipher Text = IAN_RNANS_J_KHRA
Double Columnar Transposition Cipher
Double Columnar Transposition Cipher is another form of
Transposition Cipher Technique. It is just similar to the columnar
transposition technique. The main objective of using a
Double Columnar Transposition Cipher is to encrypt the message
twice. It makes use of the Single Columnar Transposition technique
but uses two times. It can use the same or different secret keys.
The output obtained from the first encryption will be the input to
the second encryption.
 Step 1: First we write the message in the form of rows and
columns, and read the message column by column.
  Step 2: Given a keyword, which we will use to fix the
number of rows.

Double Columnar Transposition Cipher:Step 1

Step 3: If any space is spared, it is filled with null or left

blank or in by (_).
Now applying keyword 2:
Double Columnar Transposition Cipher: Step 2
 Step 4: The message is read in the order in by the keyword.
Now apply step 3:
Double Columnar Transposition Cipher: Step 3
 Step 5: Then the output from the first encryption is input to
the second.
 Step 6: Now the message is read in Technique in the order
specified by the second keyword.
Double Columnar Transposition Cipher: Step 4
The Cipher Text is: "S_J_IAN_RNANKHRA"

Steganography:
Steganography is defined as which involves caching of secret
information. This word is derived from two Greek words- ‘stegos’
meaning ‘to cover’ and ‘grayfia’, meaning ‘writing’, thus translating
to ‘covered writing’, or ‘hidden writing’. The sensitive information
will also be uprooted from the ordinary train or communication at
its discovery. With the help of Steganography, we can hide any
digital thing like textbook, image, videotape, etc behind a medium.
Different Types of Steganography
Text Steganography
Text Steganography is defined as a type of steganography which
involves caching dispatches or secret information within a textbook
document or other textual data. In this system, we try to hide
secret data with the help of each letter of the word. It is
challenging to describe especially when the variations or changes
made are subtle.
Image Steganography
Image Steganography is defined as a type of steganography which
involves caching dispatches or secret information within digital
images. It is achieved by making changes in the pixels of the image
to render the information. It is generally used for watermarking,
covert communication, brand protection, etc.
Audio Steganography
Audio Steganography is defined as a type of steganography which
involves caching dispatches or secret information within audio
lines. The ideal behind using this fashion is to hide information in
such a way that people cannot notice it when they hear the audio.
It's generally used for digital rights operation in audio lines.
Video Steganography
Video Steganography is defined as a type of steganography which
involves caching dispatches or secret information within digital
videotape lines. The ideal way to use Video Steganography is to
detect secret information in a videotape in such a way that normal
people won't notice it.
Network or Protocol Steganography
Network or Protocol Steganography is defined as a type of
steganography which involves caching dispatches or secret
information within network protocols or dispatches. It tries to hide
secret information in the usual inflow of internet or network
exertion so that nothing can describe it.
Advantages of Steganography
 It offers better security for data sharing and
communication.
 It's veritably important delicate to descry. It can only be
detected by the receiver party.
 It can apply through colorful means like images, audio,
videotape, textbook,etc.
 It plays a vital part in securing the content of the
communication.
 It offers double subcaste of protection, first being the train
itself and second the data decoded.
 With the help of Steganography advanced functional
agency can communicate intimately.
Difference between Steganography and
Cryptography
Steganography Cryptography

Steganography is defined as a Cryptography is defined as the

system of concealing data or system of guarding information
information underknown-secret and communication with the help
data or training. of colorful ways.

Its main purpose is to maintain Its main ideal is to give data

communication security. protection.

The structure of data is not

The structure of data is modified
modified in the case of
in the case of Cryptography.
Steganography.

It is less popular. It is further popular.

The use of key is not obligatory,

The use of key is obligatory in the
but if it is used it enhances
case of Cryptography.
security.

But, in Cryptography, there is use

In Steganography, the use of fine
of fine metamorphoses to play
metamorphoses is not involved
with the data and increase
importantly.
protection.

Symmetric Key Cryptography:

ymmetric key cryptography often referred to as secret key
cryptography involves the use of a single key for both the
encryption and decryption of the message. In this system, the
same key is implemented in the sender and receiver to make
certain only they can unscramble the information. This method
depends on the key and the key is sensitive such that if it comes
into the wrong hands the messages being transmitted are at a high
risk of being intercepted. It is used when there is a necessity to
transfer a large amount of data, often it is faster and consumes
fewer resources than asymmetric key cryptography.
Features of Symmetric Key Cryptography
 Efficiency: Often, symmetric key cryptography may take
less time and is more effective as it is a good choice for
large amounts of data.
 Simplicity: It only requires one key- the secret key to both
encrypt and decrypt the text, making it easier in
cryptology.
 Security: Security is with the key used in the
communication, and it thus means that the two parties in
the communication should ensure the secrecy of the key.
 Speed: These cryptographic algorithms like AES(Advanced
Encryption Standard) and DES(Data Encryption Standard)
are specifically designed to work with the speed of
encryption and decryption hence making them real-time.
 Symmetry: The same key is used both for the encryption
method and the decryption method, therefore, the
communicating parties require secure methods of key
distribution.
Asymmetric Key Cryptography:

Public-key cryptography or asymmetric-key cryptography is

another type where the same key is not used for the encryption
and decryption processes, instead, it involves the use of two keys –
the public key and the private key. The public semi-identical key is
employed for the encryption of the data and the private unique key
for decryption of the data. This method does not require the users
to exchange secret keys which coupled with the asymmetrical key
system makes the method sound and secure to implement in other
unsecured networks. Based on the asymmetric cryptography
mechanism, digital signatures and secure key exchange
mechanisms are essential in numerous security protocols.
Features of Asymmetric Key Cryptography
 Key Pair: Encrypts and decrypts data using a combination
of two keys, the public and the private thereby increasing
the level of security.
 Confidentiality: Public keys do not require secrecy while
private keys are only known to the clients to enhance
security.
  Digital Signatures: Allows generating of digital
signatures, guaranteeing the message's noninterest and
originality.
 Key Distribution: More secure as only the public key has
to be exchanged and not the private key, which helps
prevent an opponent from getting access to those keys.
 Resource Intensive: The typical attributes of asymmetric
key cryptography are usually that it is marginally slower
and more resource-consuming than symmetric one and
therefore is not well applicable to large amounts of data
including massive files.

Feature Symmetric Cryptography Asymmetric Cryptography

Definition Uses a single key for both encryption Uses a pair of keys: a public
and decryption. key for encryption and a
private key for decryption.
Key Usage Same key is shared between sender Public key is shared, but
and receiver. private key is kept secret.

Speed Faster due to simpler algorithms. Slower due to complex

mathematical operations

Security Less secure because if the key is More secure as private key
compromised, all communications are remains confidential.
exposed.
Key Distribution Difficult, as the key must be securely Easier, as only the public
shared between parties key needs to be shared.

Examples AES, DES, 3DES, Blowfish RSA, ECC, Diffie-Hellman,

DSA

Use Cases Encrypting large amounts of data, Digital signatures, SSL/TLS,

VPNs, file encryption email encryption.

Computational Low, as encryption and decryption High, due to complex key

Cost require minimal resources. generation and encryption
processes.