CNS

UNIT-1

SECURITY CONCEPTS

INTRODUCTION

Cryptography is technique of securing information and communications through

use of codes so that only those person for whom the information is intended can
understand it and process it. Thus preventing unauthorized access to information.
The prefix “crypt” means “hidden” and suffix graphy means “writing”.One is
confidentiality which basically means that we need to be sure that nobody will see
our information as it travels across a network. Authentication and access control
is also another capability provided by cryptography. Some other capabilities
provided by cryptography are non-repudiation and integrity.

In Cryptography the techniques which are use to protect information are

obtained from mathematical concepts and a set of rule based calculations known
as algorithms to convert messages in ways that make it hard to decode it. These
algorithms are used for cryptographic key generation, digital signing, verification
to protect data privacy, web browsing on internet and to protect confidential
transactions such as credit card and debit card transactions.

Basic Concepts

Cryptography The art or science encompassing the principles and methods of

transforming anintelligible message into one that is unintelligible, and then
retransforming that message back to itsoriginal form

Plaintext can refer to anything which humans can understand and/or relate to.
This may be as simple as English sentences, a script, or Java code. If you can
make sense of what is written, then it is in plaintext.

Ciphertext, or encrypted text, is a series of randomized letters and numbers

which humans cannot make any sense of. An encryption algorithm takes in a
plaintext message, runs the algorithm on the plaintext, and produces a ciphertext.
The ciphertext can be reversed through the process of decryption, to produce
the original plaintext.

1
Key Some critical information used by the cipher, known only to the sender&
receiver.

The Basic Principles

1. Encryption

In a simplest form, encryption is to convert the data in some unreadable form.

This helps in protecting the privacy while sending the data from sender to
receiver. On the receiver side, the data can be decrypted and can be brought
back to its original form. The reverse of encryption is called as decryption. The
concept of encryption and decryption requires some extra information for
encrypting and decrypting the data. This information is known as key. There may
be cases when same key can be used for both encryption and decryption while in
certain cases, encryption and decryption may require different keys.

2. Authentication

This is another important principle of cryptography. In a layman’s term,

authentication ensures that the message was originated from the originator
claimed in the message. Suppose, Alice sends a message to Bob and now Bob wants
proof that the message has been indeed sent by Alice. This can be made possible
if Alice performs some action on message that Bob knows only Alice can do. Well,
this forms the basic fundamental of Authentication.

3. Integrity

Now, one problem that a communication system can face is the loss of integrity
of messages being sent from sender to receiver. This means that Cryptography
should ensure that the messages that are received by the receiver are not
altered anywhere on the communication path. This can be achieved by using the
concept of cryptographic hash.

4. Non Repudiation

2
What happens if Alice sends a message to Bob but denies that she has actually
sent the message? Cases like these may happen and cryptography should prevent
the originator or sender to act this way. One popular way to achieve this is
through the use of digital signatures.

Types of Cryptography

There are three types of cryptography techniques :

1. Secret key Cryptography

2. Public key cryptography
3. Hash Functions

1. Secret Key Cryptography

This type of cryptography technique uses just a single key. The sender applies a
key to encrypt a message while the receiver applies the same key to decrypt the
message. Since only single key is used so we say that this is a symmetric
encryption.

The biggest problem with this technique is the distribution of key as this
algorithm makes use of single key for encryption or decryption.

2. Public Key Cryptography

This type of cryptography technique involves two key crypto system in which a
secure communication can take place between receiver and sender over insecure
communication channel. Since a pair of keys is applied here so this technique is
also known as asymmetric encryption.

3
In this method, each party has a private key and a public key. The private is secret
and is not revealed while the public key is shared with all those whom you want to
communicate with. If Alice wants to send a message to bob, then Alice will encrypt
it with Bob’s public key and Bob can decrypt the message with its private key.

This is what we use when we setup public key authentication in openssh to login
from one server to another server in the backend without having to enter the
password.

3. Hash Functions

This technique does not involve any key. Rather it uses a fixed length hash value
that is computed on the basis of the plain text message. Hash functions are used
to check the integrity of the message to ensure that the message has not be
altered,compromised or affected by virus.

So we see that how different types of cryptography techniques (described above)

are used to implement the basic principles that we discussed earlier. In the
future article of this series, we’ll cover more advanced topics on Cryptography.

THE NEED FOR SECURITY

Most initial computer applications had no or at best, very little security.

The need for security:

1. Protecting the functionality of the organization:

The decision maker in organizations must set policy and operates their
organization in compliance with the complex, shifting legislation, efficient
and capable applications.

2. Enabling the safe operation of applications:

The organization is under immense pressure to acquire and operates

integrated, efficient and capable applications. The modern organization
needs to create an environment that safeguards application using the
organizations IT systems, particularly those application that serves as
important elements of the infrastructure of the organization.

4
 3. Protecting the data that the organization collect and use:

Data in the organization can be in two forms are either in rest or in motion,
the motion of data signifies that data is currently used or processed by
the system. The values of the data motivated the attackers to steal or
corrupts the data. This is essential for the integrity and the values of the
organization’s data. Information security ensures the protection of both
data in motion as well as data in rest.

4. Safeguarding technology assets in organizations:

The organization must add intrastate services based on the size and scope
of the organization. Organizational growth could lead to the need for public
key infrastructure, PKI an integrated system of the software, encryption
methodologies. The information security mechanism used by large
organizations is complex in comparison to a small organization. The small
organization generally prefers symmetric key encryption of data.

SECURITY APPROACHES

1. Trusted Systems:

A trusted system is a computer system that can be trusted to a specified extent

to enforce aspecified security policy.

Trusted systems were initially of primary interest to the military. However, these
days, the concept hasspanned across various areas, most prominently in the
banking and financial community, but the conceptnever caught on. Trusted
systems often use the term reference monitor.

5
It is mainly responsible for all the decisions related to access controls. Naturally,
following are the expectations from the reference monitor:

(a) It should be tamperproof

(b) It should always be invoked

(c) It should be small enough so that it can be independently tested

2. Security Models

An organization can take several approaches to implement its security model.

Let us summarize theseapproaches.

• No securityIn this simplest case, the approach could be a decision to

implement no security at all.
• Security through obscurityIn this model, a system is secure simply
because nobody knows about its existence and contents. This approach
cannot work for too long, as there are many ways an attackercan come to
know about it.

6
 • Host securityIn this scheme, the security for each host is enforced
individually. This is a very safe approach, but the trouble is that it cannot
scale well. The complexity and diversity of modern sites/organizations
makes the task even harder.
• Network security Host security is tough to achieve as organizations grow
and become more diverse. In this technique, the focus is to control network
access to various hosts and their services, ratherthan individual host
security. This is a very efficient and scalable model

3. Security Management Practices

Good security management practices always talk of a security policy being in place.
Putting a securitypolicy in place is actually quite tough.

A good security policy generally takes careoffour key aspects, as follows:

• Affordability Cost and effort in security implementation.

• Functionality Mechanism of providing security.
• Cultural issues Whether the policy gels well with people’s expectations,
working style and beliefs.
• Legality Whether the policy meets the legal requirements.

Once a security policy is in place, the following points should be ensured.

(a) Explanation of the policy to all concerned.

(b) Outline everybody’s responsibilities.
(c) Use simple language in all communications.
(d) Establishment of accountability.
(e) Provision for exceptions and periodic reviews.

PRINCIPLES OF SECURITY

There are six principles

1. Confidentiality.
2. Authentication.
3. Integrity.
4. Non-repudiation.
5. Access control
6. Availability
.

7
 1. Confidentiality
The principle of confidentiality specifies that only the sender and the intended
recipient(s) should be ableto access the contents of a message. Confidentiality
gets compromised if an unauthorized person is ableto access a message. Example
of compromising the confidentiality of a message is shown in Fig. Here, the user
of computer A sends a message to user of computer B.

Loss of confidentiality
Another user C gets access to this message, which is not desired andtherefore,
defeats the purpose of confidentiality. Example of this could be a confidential
email messagesent by A to B, which is accessed by C without the permission or
knowledge of A and B. This type ofattack is called as interception.
Interception causes loss of message confidentiality.
2. Authentication
Authentication mechanisms help establish proof of identities. The authentication
process ensures thatthe origin of a electronic message or document is correctly
identified.
suppose that user Csends an electronic document over the Internet to user B.
However, the trouble is that user C had posedas user A when she sent this
document to user B.
A real life example of this could be the case of a user C, posing asuser A, sending
a funds transfer request (from A’s account to C’s account) to bank B. The bank
mighthappily transfer the funds from A’s account to C’s account – after all, it
would think that user A hasrequested for the funds transfer! This concept is
shown in Fig.

8
 Absence of authentication
3. Integrity
When the contents of a message are changed after the sender sends it, but
before it reaches the intendedrecipient, we say that the integrity of the message
is lost. For example, suppose you write a check forRs. 100 to pay for the goods
bought from the US. However, when you see your next account statement, youare
startled to see that the check resulted in a payment of Rs. 1000. This is the case
for loss of messageintegrity. Conceptually, this is shown in Fig.

Loss of integrity
4. Non-repudiation
There are situations where a user sends a message and later on refuses that she
had sent that message. Forinstance, user A could send a funds transfer request
to bank B over the Internet. After the bank performsthe funds transfer as per
A’s instructions, A could claim that she never sent the funds transfer
instructionto the bank! Thus, A repudiates or denies, her funds transfer
instruction. The principle of non-repudiation defeats such possibilities of denying
something, having done it. This is shown in Fig.

9
 Establishing the non-repudiation
5. Access Control
The principle of access control determines who should be able to access what.
For instance, we shouldbe able to specify that user A can view the records in a
database, but cannot update them. However, userB might be allowed to make
updates as well. An access control mechanism can be set up to ensure this.Access
control is broadly related to two areas: role management and rule management.
Rolemanagement concentrates on the user side (which user can do what), whereas
rule management focuseson the resources side (which resource is accessible and
under what circumstances).
6. Availability
The principle of availability states that resources (i.e. information) should be
available to authorizedparties at all times. For example, due to the intentional
actions of an unauthorized user C, an authorizeduser A may not be able to contact
a server computer B, as shown in Fig.

Attack on availability
TYPES OF SECURITY ATTACKS

We shall classify attacks with respect to two views: the common person’s view
and a technologist’s view.
1. General Attacks:
A General ViewFrom a common person’s point of view, we can classify
attacks into three categories, as shown inFig.

10
 Classification of attacks in general terms
Criminal Attacks Criminal attacks are the simplest to understand. Here, the sole
aim of the attackersis to maximize financial gain by attacking computer systems.
The following table gives some of the criminal attacks.
Publicity Attacks Publicity attacks occur because the attackers want to see their
names appear ontelevision news channels and newspapers. History suggests that
these types of attackers are usually nothardcore criminals. They are people such
as students in universities or employees in large organizations,
who seek publicity by adopting a novel approach of attacking computer systems.

Legal Attacks This form of attack is quite novel and unique. Here, the attacker
tries to make the judgeor the jury doubtful about the security of a computer
system. This works as follows. The attacker attacksthe computer system and the
attacked party (say a bank or an organization) manages to take the attacker
to the court.

11
 2. ATTACKS: A TECHNICAL VIEW
From the technical point of view, we can classify the types of attacks on
computers and network systemsinto two categories for better understanding: (a)
Theoretical concepts behind these attacks.
(b)Practical approaches used by the attackers.

(a) Theoretical Concepts

These attacks are generally classified into four categories.
• Interception –It means that an unauthorizedparty has gained access to a
resource. The party can be a person, program or computer-basedsystem.
Examples of interception are copying of data or programs and listening to
network traffic.
• Fabrication –This involves creation of illegalobjects on a computer system.
For example, the attacker may add fake records to a database.
• Modification –For example the attacker may modifythe values in a
database.

12
 • Interruption – Here, the resource becomesunavailable, lost or
unusable. Examples of interruption are causing problems to a
hardware device,erasing program, data or operating system
components.
These attacks are further grouped into twotypes:
• Passive attacks.
• Active attacks.
Passive attacks: Passive attacks are those,wherein the attacker indulges in
eavesdropping ormonitoring of data transmission. In other words,the attacker
aims to obtain information that is intransit. The term passive indicates that the
attackerdoes not attempt to perform any modifications tothe data.
Passive attacks do not involve any modifications to the contents of an original
message.
Active attacksUnlike passive attacks, the active attacks are based on
modification of the originalmessage in some manner or the creation of a false
message. These attacks cannot be prevented easily.However, they can be
detected with some effort and attempts can be made to recover from them.
Theseattacks can be in the form of interruption, modification and fabrication.
In active attacks, the contents of the original message are modified in some way.

Active attacks
Masquerade is caused when an unauthorized entity pretends to be another entity.
Replay attack, a user captures a sequence of events or some data units and re-
sends them.
Alteration of messages involves some change to the original message. For
instance, suppose user Asends an electronic message Transfer $1000 to D’s
account to bank B. User C might capture this andchange it to Transfer $10000
to C’s account.

13
Denial Of Service (DOS) attacks make an attempt to prevent legitimate users
from accessing someservices, which they are eligible for. For instance, an
unauthorized user might send too many loginrequests to a server using random
user ids one after the other in quick succession, so as to flood thenetwork and
deny other legitimate users from using the network facilities.
3. PROGRAMS THAT ATTACK
Let us now discuss a few programs that attack computer systems to cause some
damage or to createconfusion.
Virus One can launch an application-level attack or a network level attack using a
virus. In simpleterms, a virus is a piece of program code that attaches itself to
legitimate program code and runs whenthe legitimate program runs. It can then
infect other programs in that computer or programs that are inother computers
but on the same network.

Virus
A virus is a computer program that attaches itself to another legitimate program
and causes damageto the computer system or to the network.
During its lifetime, a virus goes through four phases:
(a) Dormant phase: Here, the virus is idle. It gets activated based on certain
action or event (e.g. theuser typing a certain key or certain date or time is
reached, etc). This is an optional phase.
(b) Propagation phase: In this phase, a virus copies itself and each copy starts
creating more copies ofself, thus propagating the virus.
(c) Triggering phase: A dormant virus moves into this phase when the
action/event for which it waswaiting is initiated.
(d) Execution phase: This is the actual work of the virus, which could be harmless
(display somemessage on the screen) or destructive (delete a file on the disk).

Worm Similar in concept to a virus, a worm is actually different in implementation.

A virus modifiesa program (i.e. it attaches itself to the program under attack). A
worm, however, does not modify aprogram. Instead, it replicates itself again and
again.
14
 Worm
Trojan HorseA Trojan horse is a hidden piece of code, like a virus. However, the
purpose of aTrojan horse is different. Whereas the main purpose of a virus is to
make some sort of modifications tothe target computer or network, a Trojan
horse attempts to reveal confidential information to an attacker.

A Trojan horse allows an attacker to obtain some confidential information about

a computeror a network.

Trojan horse
4. Specific Attacks

15
There are two specific attacks.
1. Sniffing
2. Spoofing
On the Internet, computers exchange messages with each other in the form of
small blocks of data, called as packets. A packet, like a postal envelope contains
the actual data to besent and the addressing information. Attackers target these
packets, as they travel from the sourcecomputer to the destination computer
over the Internet.
These attacks take two main forms:
(a) Packetsniffing
(b) Packet spoofing
(a) Packet sniffing: Packet sniffing is a passive attack on an on-going
conversation. An attacker neednot hijack a conversation, but instead, can simply
observe (i.e. sniff ) packets as they pass by.
Clearly, to prevent an attacker from sniffing packets, the information that is
passing needs to beprotected in some ways.
This can be done at two levels:
(i) The data that is traveling can be encoded in some ways
(ii) The transmission link itself can be encoded.
To read a packet, theattacker somehow needs to access it in the first place.
(B) Packet spoofing: In this technique, an attacker sends packets with a false
source address. Whenthis happens, the receiver (i.e. the party who receives these
packets containing false address)would inadvertently send replies back to this
forged address (called as spoofed address) and not tothe attacker.
This can lead to three possible cases:
(i) The attacker can intercept the reply – If the attacker is between the
destination and theforged source, the attacker can see the reply and use that
information for hijacking attacks.
(ii) The attacker need not see the reply – If the attacker’s intention was a
Denial Of Service(DOS) attack, the attacker need not bother about the reply.
(iii) The attacker does not want the reply – The attacker could simply be angry
with the host,so it may put that host’s address as the forged source address and
send the packet to thedestination.

Phishing has become a big problem in recent times.

The attacker’s module works as follows
➢ The attacker decides to create her own Web site, which looks very
identical to a real Web site.Forexample, the attacker can clone Citibank’s

16
 Web site. The cloning is so clever that human eye willnot be able to
distinguish between the real (Citibank’s) and fake (attacker’s) sites now
➢ The attacker can use many techniques to attack the bank’s customers.
➢ When the customer (i.e. the victim) innocently clicks on the URL specified
in the email, she istaken to the attacker’s site and not the bank’s original
site.

➢ There, the customer is prompted to enterconfidential information, such as

her password or PIN. Since the attacker’s fake site looks exactlyike the
original bank site, the customer provides this information.

SECURITY SERVICES

• Authentication: assures recipient that the message is from the source

that it claims to be from.
• Access Control: controls who can have access to resource under what
condition
• Availability: available to authorized entities for 24/7.
• Confidentiality: information is not made available to unauthorized
individual
• Integrity: assurance that the message is unaltered

17
 • Non-Repudiation: protection against denial of sending or receiving in the
communication

SECURITY MECHANISMS

Network Security is field in computer technology that deals with ensuring

security of computer network infrastructure. As the network is very necessary
for sharing of information whether it is at hardware level such as printer,
scanner, or at software level.

1. Encipherment :

This security mechanism deals with hiding and covering of data which helps
data to become confidential. It is achieved by applying mathematical
calculations or algorithms which reconstruct information into not readable
form. It is achieved by two famous techniques named Cryptography and
Encipherment. Level of data encryption is dependent on the algorithm used
for encipherment.

2. Access Control :

This mechanism is used to stop unattended access to data which you are
sending. It can be achieved by various techniques such as applying
passwords, using firewall, or just by adding PIN to data.

3. Notarization :

This security mechanism involves use of trusted third party in

communication. It acts as mediator between sender and receiver so that if
any chance of conflict is reduced. This mediator keeps record of requests
made by sender to receiver for later denied.

4. Data Integrity :

18
 This security mechanism is used by appending value to data to which is
created by data itself. It is similar to sending packet of information known
to both sending and receiving parties and checked before and after data
is received. When this packet or data which is appended is checked and is
the same while sending and receiving data integrity is maintained.

5. Authentication exchange :

This security mechanism deals with identity to be known in communication.

This is achieved at the TCP/IP layer where two-way handshaking
mechanism is used to ensure data is sent or not

6. Bit stuffing :

This security mechanism is used to add some extra bits into data which is
being transmitted. It helps data to be checked at the receiving end and is
achieved by Even parity or Odd Parity.

7. Digital Signature :

This security mechanism is achieved by adding digital data that is not

visible to eyes. It is form of electronic signature which is added by sender
which is checked by receiver electronically. This mechanism is used to
preserve data which is not more confidential but sender’s identity is to be
notified.

CRYPTOGRAPHY CONCEPTS AND TECHNIQUES

INTRODUCTION:

Cryptography is the art and science of achieving security by encoding messages

to makethem non-readable.

Cryptographic system

19
Cryptanalysis is the technique of decoding messages from a non-readable format
back toreadable format without knowing how they were initially converted from
readable format tonon-readable format.

Cryptanalysis
Cryptology is a combination of cryptography and cryptanalysis.

PLAIN TEXT AND CIPHER TEXT

Plain text or clear text is a message that can be understood by anybody knowing
the languageas long as the message is not codified in any manner.
Clear text or plain text signifies a message that can be understood by the sender,
the recipientand also by anyone else who gets an access to that message.
an example, they replace each alphabet with the alphabet that is actually three
alphabetsdown the order. So, each A will be replaced by D, B will be replaced by
E, C will be replaced by F andso on. To complete the cycle, each W will be replaced
by Z, each X will be replaced by A, each Y will bereplaced by B and each Z will be
replaced by C. We can summarize this scheme as shown in Fig.Thefirst row shows
the original alphabets and the second row shows what each original alphabet will
bereplaced with.

20
 A scheme for codifying messages by replacing each alphabet with an alphabet
threeplaces down the line
ANNAMACHARYA can be coded as DQQDPDFKDUBD

A N N A M A C H A R Y A
D Q Q D P D F K D U B D
Each alphabet in the original message can be replaced by another to hidethe
original contents of the message. The codified message is called as cipher text.
Cipher means a codeor a secret message.

When a plain text message is codified using any suitable scheme, the resulting
message iscalled as cipher text.
SUBSTITUTION TECHNIQUES
1. CAESAR CIPHER
This was first proposed by Julius Caesar and is termed as Caesar Cipher.
Caesar Cipher is a special case of substitution techniques wherein eachalphabet
in a message is replaced by an alphabet three places down the line. For instance,
using theCaesar Cipher, the plain text ATUL will become cipher text DWXO.

Elements of cryptographic operations

In the substitution cipher technique, the characters of a plain text message
are replaced byother characters, numbers or symbols.

21
An attack on a cipher text message,wherein the attacker attempts to use all
possible permutations and combinations, is called as a Bruteforceattack. The
process of trying to break any cipher text message to obtain the original plain
textmessage itself is called as Cryptanalysis and the person attempting a
cryptanalysis is called as acryptanalyst.

MONO-ALPHABETIC CIPHER

Mono-alphabetic ciphers pose a difficult problem for a cryptanalyst because it

can be verydifficult to crack thanks to the high number of possible permutations
and combinations.
Use random substitution. This means that in a given plain text message, each A
can be replaced by any other alphabet (B through Z), each B can also be
replaced by any other random alphabet (A or C through Z) and so on. The
crucial difference being, there is no relation between thereplacement of B and
replacement of A. That is, if we have decided to replace each A with D, we
neednot necessarily replace each B with E – we can replace each B with any other
character!

0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25

A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

samba
the Cipher text is : HOSKO
Homophonic Substitution Cipher

Homophonic Substitution Cipher also involves substitution of one plain text

character with acipher text character at a time, however the cipher text
character can be any one of thechosen set.
The Homophonic Substitution Cipher is very similar to Mono-alphabetic Cipher.
Like a plainsubstitution cipher technique, we replace one alphabet with another in
this scheme. However, thedifference between the two techniques is that whereas
the replacement alphabet set in case of the simplesubstitution techniques is
fixed (e.g. replace A with D, B with E, etc.), in the case of HomophonicSubstitution
Cipher, one plain text alphabet can map to more than one cipher text
alphabet. For instance,A can be replaced by D, H, P, R; B can be replaced by E, I,
Q, S, etc.

22
Polygram Substitution Cipher
In Polygram Substitution Cipher technique, rather than replacing one plain text
alphabet with one cipher text alphabet at a time, a block of alphabets is
replaced with another block. For instance, HELLOcould be replaced by YUQQW,
but HELL could be replaced by a totally different cipher text block
TEUI, as shown in Fig.

Polyalphabetic Substitution Cipher

A poly-alphabetic cipher is any cipher based on substitution, using several

substitution alphabets. In polyalphabetic substitution ciphers, the plaintext
letters are enciphered differently based upon their installation in the text.
Rather than being a one-to-one correspondence, there is a one-to-many
relationship between each letter and its substitutes.

For example, ‘a’ can be enciphered as ‘d’ in the starting of the text, but as ‘n’ at
the middle. The polyalphabetic ciphers have the benefit of hiding the letter
frequency of the basic language. Therefore attacker cannot use individual letter
frequency static to divide the ciphertext.

As the name polyalphabetic recommend this is achieved by using multiple keys

rather than only one key. This implies that the key should be a stream of
subkeys, in which each subkey depends somehow on the position of the plaintext
character that needs subkey for encipherment.

Vigenere cipher is one of the simplest and popular algorithms in polyalphabetic

cipher. In this approach, the alphabetic text is encrypted using a sequence of
multiple Caesar ciphers based on the letters of a keyword.
The Vigenère cipher includes several simple substitution ciphers in sequence with
several shift values. In this cipher, the keyword is repeated just before it
connects with the duration of the plaintext.

23
Encryption Process:
Ci=(Pi+Ki) mod 26
In this process sum of ith position of plain text and ith position of key will be added
and applied modulus 26 on the result , the generated positional value will be
considered as Cipher text.
Decryption Process
Pi=(Ci-Ki) mod 26
In this process sum of ith position of Cipher text and ith position of key will be
subtracted and applied modulus 26 on the result , the generated positional value
will be considered as Plain text.
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25

A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

Key: samba
Plain text: hello students how are you
Cipher text:
Key s a m B a s a m b a s a m b a s a m b a s A
PT h e l L o s t u d e n t s h o w a r e y o U
CT z e x M o k t g E e f t e i o o a c f y g U

Apply Encryption process to generate cipher text

That is ‘s’ position is 18 and ‘h’ position is 7 so now

C1=(p1+k1)mod26
= (18+7)mpd26
=(25)mod26
=25 (which is equalent to ‘z’)
Like wise generate the table accordingly.

Playfair Cipher:
The Playfair Cipher, also called as Playfair Square, is a cryptographic technique
that is used formanual encryption of data.

The Playfair encryption scheme uses two main processes, as shown in Fig

24
 Playfair cipher steps
Step 1: Creation Population of Matrix and The Playfair Cipher makes use of a 5
x 5 matrix(table), which is used to store a keyword or phrase that becomes the
key for encryption and decryption.
The way this is entered into the 5 x 5 matrix is based on some simple rules, as
shown below

1. Enter the keyword in the matrix row-wise: left-to-right, and then top-to-
bottom.
2. Drop duplicate letters.
3. Fill the remaining spaces in the matrix with the rest of the English alphabets
(A-Z)that were not a part of our keyword. While doing so, combine I and J in the
same cell of the table. In otherwords, if I or J is a part of the keyword, disregard
both I and J while filling the remaining slots.

Algorithm to encrypt the plain text: The plaintext is split into pairs of two
letters (digraphs). If there is an odd number of letters, a Z is added to the
last letter.
For example:

PlainText: "instruments"
After Split: 'in' 'st' 'ru' 'me' 'nt' 'sz'

1. Pair cannot be made with same letter. Break the letter in single and add a
bogus letter to the previous letter.
Plain Text: “hello”
After Split: ‘he’ ‘lx’ ‘lo’
Here ‘x’ is the bogus letter.

2. If the letter is standing alone in the process of pairing, then add an extra
bogus letter with the alone letter
Plain Text: “helloe”
AfterSplit: ‘he’ ‘lx’ ‘lo’ ‘ez’

25
 Here ‘z’ is the bogus letter.
Rules for Encryption:

• If both the letters are in the same column: Take the letter below each
one (going back to the top if at the bottom).
For example:

Diagraph: "me"
Encrypted Text: cl
Encryption:
m -> c
e -> l

If both the letters are in the same row: Take the letter to the right of each
one (going back to the leftmost if at the rightmost position).
Diagraph: "ST"
Encrypted Text: TL
Encryption:
S -> T
T -> L

If neither of the above rules is true: Form a rectangle with the two letters
and take the letters on the horizontal opposite corner of the rectangle.
For example:

Diagraph: "nt"
Encrypted Text:rq
Encryption:
n -> r
t -> q

26
Plain Text: "instrumentsz"
Encrypted Text: gatlmzclrqtx
Encryption:
i -> g
n -> a
s -> t
t -> l
r -> m
u -> z
m -> c
e -> l
n -> r
t -> q
s -> t
z -> x

Hill Cipher
Hill cipher is a polygraphic substitution cipher based on linear algebra.Each letter
is represented by a number modulo 26. Often the simple scheme A = 0, B= 1, …, Z
= 25 is used, but this is not an essential feature of the cipher. To encrypt a
message, each block of n letters (considered as an n-component vector) is
multiplied by an invertible n × n matrix, against modulus 26. To decrypt the

27
message, each block is multiplied by the inverse of the matrix used for
encryption.
The matrix used for encryption is the cipher key, and it should be chosen
randomly from the set of invertible n × n matrices (modulo 26).

28
29
30
TRANSPOSITION TECHNIQUES

Transposition techniques differ from substitution techniques in the way that

they do not simplyreplace one alphabet with another: they also perform some
permutation over the plain text alphabets.

Rail Fence Technique

Rail fence technique involves writing plain text as sequence of diagonals and then
reading itrow-by-row to produce cipher text.
Suppose that we have a plain textmessage Come home tomorrow. How would we
transform that into a cipher text message using the RailFence Technique? This
is shown in Fig.

1. Write down the plain text message as a sequence of diagonals.

2. Read the plain text written in Step 1 as a sequence of rows.
3. here depth=2

Example of rail technique

31
Simple Columnar Transposition Technique

Basic Technique Variations of the basic transposition technique such as Rail

Fence Technique exist.Such a scheme call as Simple Columnar Transposition
Technique.
➢ Write the plain text message row-by-row in a rectangle of a pre-defined
size.
➢ Read the message column-by-column. However, it need not be in the order
of columns 1,2, 3 etc. It can be any random order such as 2, 3, 1, etc.
➢ The message thus obtained is the cipher text message.

The Simple Columnar Transposition Technique simply arranges the plain text as
a sequenceof rows of a rectangle that are read in columns randomly.

Example of simple columnar technique

A MODEL FOR NETWORK SECURITY

A message is to be transferred from one party to another across some sort of
internet. Thetwo parties, who are the principals in this transaction, must
cooperate for the exchange to takeplace. A logical information channel is
established by defining a route through the internetfrom source to destination
and by the cooperative use of communication protocols (e.g.,TCP/IP) by the two
principals. Security aspects come into play when it is necessary ordesirable to
protect the information transmission from an opponent who may present a
threatto confidentiality, authenticity, and so on.
All the techniques for providing security have twocomponents:
A security-related transformation on the information to be sent. Examples
include the encryption of the message, which scrambles the message so that it is
unreadable bythe opponent, and the addition of a code based on the contents of
the message, whichcan be used to verify the identity of the sender Some secret

32
information shared by thetwo principals and, it is hoped, unknown to the opponent.
An example is an encryptionkey used in conjunction with the transformation to
scramble the message beforetransmission and unscramble it on reception.

The general model shows that there are four basic tasks in designing a particular
securityservice:
1. Design an algorithm for performing the security-related transformation.
Thealgorithm should be such that an opponent cannot defeat its purpose.
2. Generate the secret information to be used with the algorithm .
3. Develop methods for the distribution and sharing of the secret
information.
4. Specify a protocol to be used by the two principals that makes use of the
securityalgorithm and the secret information to achieve a particular
security service

A general model is illustrated by the above Figure 1.6, which reflects a concern
forprotecting an information system from unwanted access. Most readers are

33
familiar with theconcerns caused by the existence of hackers, who attempt to
penetrate systems that can beaccessed over a network. The hacker can be
someone who, with no malign intent, simply getssatisfaction from breaking and
entering a computer system. Or, the intruder can be adisgruntled employee who
wishes to do damage, or a criminal who seeks to exploit computerassets for
financial gain.
ENCRYPTION AND DECRYPTION

The process of encoding plain text messagesinto cipher text messages is called
as encryption.
The process of transforming cipher textmessages back to plain text messages is
called asdecryption.

Every encryption and decryption process has two aspects: the algorithm and the
key used forencryption and decryption.
let us take the example ofa combination lock, which we use in real life. We need
to remember the combination (which is a number, suchas 871) needed to open up
the lock. The facts that it is acombination lock and how to open it (algorithm)
arepieces of public knowledge. However, the actual valueof the key required for
opening a specific lock (key),which is 871 in this case, is kept secret. The idea
isillustrated in Fig

34
Broadly, there are two cryptographic mechanisms, depending on what keys are
used. If the same keyis used for encryption and decryption, we call the
mechanism as Symmetric Key Cryptography.However, if two different keys are
used in a cryptographic mechanism, wherein one key is used forencryption and
another, different key is used for decryption; we call the mechanism as
Asymmetric KeyCryptography.

Symmetric and Asymmetric Key Cryptography

The sender andthe receiver will use the same key to lock and unlock, this is called
as symmetric key operation (whenused in the context of cryptography, this
operation is called as symmetric key cryptography).
Person A wants to send a highly confidential letter to another person B. A and B
both residein the same city, but are separated by a few miles and for some
reason, cannot meet eachother.
With the symmetric key cryptography A can send securely to the B.

Let us now imagine that not only A and B but also thousands of people want to
send such confidentialletters securely to each other. What would happen if they
decide to go for symmetric key operation? Ifwe examine this approach more
closely, we can see that it has one big drawback if the number of peoplethat want
to avail of its services is very large.

Use of separate locks and keys per communication pair

we have the following situation:

35
 ➢ When A wanted to communicate only with B, we needed one lock-and-key
pair (A-B).
➢ When A wants to communicate with B and C, we need two lock-and-key pairs
(A-B and A-C).
Thus, we need one lock-and-key pair per person with whom A wants to
communicate. If B alsowants to communicate with C, we have B-C as the third
communicating pair, requiring its ownlock-and-key pair. Thus, we would need three
lock-and-key pairs to serve the needs of threecommunicating pairs.

Therefore, can we see that, in general, for n persons, the number of lock-and-key
𝑛∗(𝑛−1)
pairs is
2

Diffie–Hellman Key Exchange/Agreement Algorithm

In this scheme the two parties, who want to communicatesecurely, can agree on
a symmetric key using this technique. This key can then be used for encryption/
decryption. However, we must note that Diffie–Hellman key exchange algorithm
can be used only forkey agreement, but not for encryption or decryption of
messages. Once both the parties agree on the keyto be used, they need to use
other symmetric key encryption algorithms for actual encryption or decryption
of messages.

Description of the Algorithm

36
 Diffie–Hellman key exchange algorithm

Example of the Algorithm

37
Asymmetric Key Operation

In this scheme, (Alice) A and (Bob) B do not have to jointly approach (Tom) T for
a lock-and-key pair. Instead, B aloneapproaches T, obtains a lock and a key (K1)
that can seal the lock and sends the lock and key K1 to A. Btells A that A can use
that lock and key to seal the box before sending the sealed box to B.

An interesting property of this scheme is that B possesses a different but

related key (K2), which isobtained by B from T along with the lock and key K1,
only which can open the lock. It is guaranteed thatno other key and of course,
including the one used by A (i.e. K1) for locking, can open the lock. Sinceone key
(K1) is used for locking and another, different key (K2) is used for unlocking; we
will call thisscheme as asymmetric key operation. Also, T is clearly defined here
as a trusted third party. T iscertified as a highly trustworthy and efficient
agency by the government.

38
STEGANOGRAPHY

Steganography is a technique that facilitates hiding of a message that is to be

kept secret inside othermessages.

The sender usedmethods such as invisible ink, tiny pin punctures on specific
characters, minute variations betweenhandwritten characters, pencil marks on
handwritten characters, etc.

KEY RANGE AND KEY SIZE

The cryptanalystis armed with the following information:

• The encryption/decryption algorithm

• The encrypted message
• Knowledge about the key size (e.g. the value of the key is a number between
0 and 100 billion).

39
For example consider the brute force attack here, which works onthe principle
of trying every possible key in the key range, until you get the right key.

Brute forceattack

Understanding key range

With every incremental bit, the attacker has to perform double the number of
operations ascompared to the previous key size. It is found that for a 56-bit key,

40
it takes 1 second to search 1 percentof the key range. Taking this argument
further, it takes about 1 minute to search about half of the keyrange (which is
what is required, on an average, to crack a key). Using this as the basis, let us
have a lookat the similar values (time required for a search of 1 percent and 50
percent of the key space) for variouskey sizes. This is shown in Table

We can represent the possible values in the key range using hexadecimal notation
and see visuallyhow an increase in the key size increases the key range and
therefore, the complexity for an attacker.

Key sizes and ranges

POSSIBLE TYPES OF ATTACKS

When the sender of a message encrypts a plain text message into

itscorresponding cipher text, there are five possibilities for an attack on this
message.

41
Cipher text only attack: In this type of attack, the attacker does not have any
clue about the plaintext and has some or all of the cipher text.The attacker
analyzes the cipher text at leisure to try andfigure out the original plain text.

Known plain text attack: In this case, the attacker knows about some pairs of
plain text andcorresponding cipher text for those pairs. Using this information,
the attacker tries to find otherpairs and therefore, know more and more of the
plain text. Examples of such known plain texts arecompany banners, file headers,
etc. which are found commonly in all the documents of a particularcompany.

Known plain text attack

Chosen plain text attack: Here, the attacker selects a plain text block and tries
to look for theencryption of the same in the cipher text. Here, the attacker is
able to choose the messages toencrypt. Based on this, the attacker intentionally

42
picks patterns of cipher text that result inobtaining more information about the
key.

Chosen plain text attack

Chosen cipher text attack: In the chosen cipher text attack, the attacker knows
the cipher text tobe decrypted, the encryption algorithm that was used to
produce this cipher text and thecorresponding plain text block. The attacker’s
job is to discover the key used for encryption.

Chosen text attack: The chosen text attack is essentially a combination of

chosen plain textattack and chosen cipher text attack.

43