Cryptography and

Network Security
(15TE71)
Text Books:
➢ Text-1: “Cryptography and Network Security Principles and
Practice” - William Stallings, 6th Edition, Pearson Education Inc.
➢ Text-2: “Applied Cryptography Protocols, Algorithms, and Source
code in C” - Bruce Schneier, 2nd Edition, Wiley Publications
Cryptography
• Cryptography or Cryptology - The practice and study of
techniques for secure communication in the presence of
third parties.
• It is about constructing and analyzing protocols that
prevent third parties or the public from reading private
messages
Security
• What is security?
• Freedom from risk or danger; safety
• Freedom from doubt, anxiety, or fear; confidence
• Something that gives or assures safety, as
• A group or department of private guards – To prevent if visitor
acts as suspicious
• Measures adopted by a government to prevent attack.
• Why do we need security?
• Protect vital information while still allowing access to
those who need it
• Provide authentication and access control for resources
Security
• Who is vulnerable?
• Financial institutions and banks
• Internet service providers
• Pharmaceutical companies
• Government and defense agencies
• Contractors to various government agencies
• Multinational corporations
• ANYONE ON THE NETWORK
• Common security attacks and their countermeasures
• Finding a way into the network – Firewalls
• Exploiting software bugs, buffer overflows – Intrusion Detection
System (IDS)
• Denial of Service – Filtering, IDS
• Packet sniffing - Encryption
Network Security
• Measures are needed to protect data during their
transmission.
• All business, government, and academic organizations
interconnect their data processing equipment with a
collection of interconnected networks.
• Such a collection is often referred to as an internet and the
term internet security is used.
• Examples of Security violations
• User A transmits a file to user B. The file contains sensitive
information (e.g. payroll records) that is to be protected from
disclosure. User C, who is not authorized to read the file, is
able to monitor the transmission and capture a copy of the
file during its transmission.
Network Security
• Security attack:
• Any action that compromises the security of information owned by an
organization.

• Security mechanism:
• A process that is designed to detect, prevent, or recover from a security
attack.
• Security service:
• A processing or communication service that enhances the security of the
data processing systems and the information transfers of an organization.
Network Security
• Security attack:
• Passive Attacks
• Passive attacks are in the nature of eavesdropping on, or
monitoring of, transmissions.
• The goal of the opponent is to obtain information that is being
transmitted.
• Release of message contents : learning the contents from
the transmissions. E.g. Telephone conversation
• Traffic analysis : the process of intercepting and examining
messages in order to deduce information from patterns
Network Security
• Security attack:
• Active Attacks
• involve some modification of the data stream or the creation of a
false stream
• Masquerade : takes place when one entity pretends to be a
different entity

• Replay: involves the passive capture of a data unit and its

subsequent retransmission to produce an unauthorized effect.
Network Security
• Security attack:
• Active Attacks
• Modification of Messages: some portion of a legitimate
message is altered, or that messages are delayed or reordered
to produce an unauthorized effect

• Denial of Service: Prevents the normal use or management

of communications facilities
Network Security
• Security mechanism :
• A process (or a device incorporating such a process) that is
designed to detect, prevent, or recover from a security attack
• Encipherment
• The use of mathematical algorithms to transform data into a form
that is not readily intelligible.
• The transformation and subsequent recovery of the data depend on
an algorithm and zero or more encryption keys.
Network Security
• Security mechanism :
• Digital Signature
• Data appended to, or a cryptographic transformation of, a
data unit that allows a recipient of the data unit to prove the
source and integrity of the data unit and protect against
forgery.
Network Security
• Security mechanism :
• Access Control
• A variety of mechanisms that enforce access rights to resources.
• Data Integrity
• A variety of mechanisms used to assure the integrity of a data unit
or stream of data units.
• Authentication Exchange
• A mechanism intended to ensure the identity of an entity by means
of information exchange.
• Traffic Padding
• The insertion of bits into gaps in a data stream to frustrate traffic
analysis attempts.
Network Security
• Security service:
• A processing or communication service that enhances the security
of the data processing systems and the information transfers of an
organization.
• X.800 divides these services into five categories and fourteen
specific services.
1. AUTHENTICATION
2. ACCESS CONTROL
3. DATA CONFIDENTIALITY
4. DATA INTEGRITY
5. NONREPUDIATION
Network Security
• Security services:
• Authentication : The assurance that the communicating entity is the
one that it claims to be.
• Access Control: The prevention of unauthorized use of a resource.
This service controls who can have access to a resource, under what
conditions access can occur
• Data Confidentiality: The protection of data from unauthorized
disclosure
Network Security
• Security services:
• Data Integrity: The assurance that data received are exactly as sent
by an authorized entity (i.e., contain no modification, insertion,
deletion, or replay)
• Nonrepudiation: Provides protection against denial by one of the
entities involved in a communication of having participated in all or
part of the communication.
A Model for Network Security
• A message is to be transferred from one party to another across some
sort of Internet service.
• The two parties, who are the principals in this transaction, must
cooperate for the exchange to take place.
• A logical information channel is established by defining a route
through the Internet from source to destination and by the cooperative
use of communication protocols.
• A security-related transformation on the information to be sent.
• E.g. Include the encryption of the message, which scrambles the
message so that it is unreadable by the opponent.
• Some secret information shared by the two principals and, it is
hoped, unknown to the opponent.
• E.g. An encryption key used in conjunction with the transformation to
scramble the message before transmission and unscramble it on
reception.
A Model for Network Security
• A trusted third party may be needed to achieve secure transmission
SYMMETRIC CIPHERS
• A message is plaintext. The process of disguising a message
in such a way as to hide its substance is encryption. An
encrypted message is ciphertext. The process of turning
ciphertext back into plaintext is decryption
Symmetric Ciphers - Terminologies
• Plaintext
• The original message to be send
• Ciphertext
• The coded/scrambled message
• Cipher
• Algorithm for transforming plaintext to ciphertext
• Key
• Info used in cipher known only to sender/receiver
• Encipher (encrypt)
• Converting plaintext to ciphertext
• Decipher (decrypt)
• Recovering ciphertext from plaintext
Symmetric Ciphers - Terminologies
• Cryptography
• Study of encryption principles/methods
• Cryptanalysis (code breaking)
• The study of principles/ methods of deciphering ciphertext without
knowing key
• Cryptology
• The field of both cryptography and cryptanalysis
Symmetric Encryption
• A type of encryption where the same or common key is used
to encrypt and decrypt the message by sender and receiver.
Symmetric Cipher Model
• A symmetric encryption scheme has five ingredients
• Plaintext:
• Original intelligible message or data that is fed into the algorithm as input
• Encryption algorithm:
• The encryption algorithm performs various substitutions and transformations on
the plaintext
• Secret key:
• The secret key is also input to the encryption algorithm. The key is a value
independent of the plaintext and of the algorithm
• Ciphertext:
• This is the scrambled message produced as output. It depends on the plaintext
and the secret key
• Decryption algorithm:
• This is essentially the encryption algorithm run in reverse. It takes the ciphertext
and the secret key and produces the original plaintext.
If P is the plaintext, C is the ciphertext, and K is the key,

We assume that Bob creates P1; we prove that P1 = P:

Symmetric Cipher Model
• The two requirements for secure use of conventional
encryption
1. Need a strong encryption algorithm:
• An opponent who knows the algorithm and has access to one or
more ciphertexts would be unable to decipher the ciphertext or
find out the key.
2. Sender and receiver must have obtained copies of the
secret key in a secure fashion and must keep the key
secure.
Symmetric Cipher Model

• X=[X1,X2,…….XM] : plaint text produced by source

• K=[K1,K2,…….KJ] : Key generated by source
• Y=[Y1,Y2,…….YN] : cipher text produced by encryption algorithm

Encryption: Y = EK(X)
Decryption: X = DK(Y)
• Characterization of Cryptographic systems
• Type Operation used for Plaintext to Ciphertext conversion
• Encryption algorithms based on two principles:
• Substitution (Each element of PT is mapped to another element)
• Transposition (Elements in PT are rearranged)
• No information be lost (fundamental requirement)
• Number of keys used
• Same key used for encryption and decryption called symmetric, single-key
encryption
• Different keys are used : Asymmetric or public- key
• Way of processing plain text
• Block cipher: input block of elements at a time, output is also a block
• Stream cipher: input elements continuously, output one element at a time
Types of Attacks on Encrypted Messages
Cryptanalyst has complete knowledge of the encryption
algorithm used.
Ciphertext only attack:
• The cryptanalyst has the ciphertext of several messages, all of
which have been encrypted using the same encryption algorithm.
• The cryptanalyst’s job is to recover the plaintext of as many
messages as possible, or better yet to derive the key(s) used to
encrypt the messages

Given: C1 = Ek(P1), C2 = Ek(P2),...Ci = Ek(Pi) Deduce: Either P1, P2,...Pi; k;

Types of Attacks on Encrypted Messages
Known-plaintext attack.
• The cryptanalyst has access not only to the ciphertext of
several messages, but also to the plaintext of those messages.
• Cryptanalyst job is to deduce the key (or keys) used to
encrypt the messages or an algorithm to decrypt any new
messages encrypted with the same key (or keys).

Given: P1, C1 = Ek(P1), P2, C2 = Ek(P2),...Pi, Ci = Ek(Pi)

Deduce: Either k, or an algorithm to infer Pi+1 from Ci+1 =
Ek(Pi+1)
Types of Attacks on Encrypted Messages
Chosen-plaintext attack.
• The cryptanalyst not only has access to the ciphertext and associated
plaintext for several messages, but he also chooses the plaintext that
gets encrypted.
• This is more powerful than a known-plaintext attack, because the
cryptanalyst can choose specific plaintext blocks to encrypt, ones that
might yield more information about the key.
• His job is to deduce the key (or keys) used to encrypt the messages or
an algorithm to decrypt any new messages encrypted with the same
key (or keys)
Symmetric Encryption – Key Strength
• Strength of algorithm is determined by the size of the key
• The longer the key the more difficult it is to crack
• Key length is expressed in bits
• Typical key sizes vary between 48bits and 448 bits
• Set of possible keys for a cipher is called key space
• For 40-bit key there are 240 possible keys
• For 128-bit key there are 2128 possible keys
• Each additional bit added to the key length doubles the security
• To crack the key the hacker has to use brute-force
(i.e. try all the possible keys till a key that works is found)
• Super Computer can crack a 56-bit key in 24 hours
• It will take 272 times longer to crack a 128-bit key
 Brute Force Search
Number of Time required at 1 Time required at 106
Key Size (bits)
Alternative Keys decryption/µs decryptions/µs

32 232 = 4.3  109 231 µs= 35.8 minutes 2.15 milliseconds

56 256 = 7.2  1016 255 µs= 1142 years 10.01 hours

128 2128 = 3.4  1038 2127 µs= 5.4  1024 years 5.4  1018 years

168 2168 = 3.7  1050 2167 µs= 5.9  1036 years 5.9  1030 years

26 characters
26! = 4  1026 2  1026 µs= 6.4  1012 years 6.4  106 years
(permutation)
SUBSTITUTION TECHNIQUES
• A substitution technique is one in which the letters of
plaintext are replaced by other letters or by numbers or
symbols.
• Caesar Cipher or Shift Cipher
• The earliest known, and the simplest form of substitution cipher
was by Julius Caesar.
• It involves replacing each letter of the alphabet with the letter
standing three places further down the alphabet
SUBSTITUTION TECHNIQUES
• Replace letters of a message by other distinct letters a fixed
distance away
• Plaintext: I CAME I SAW I CONQUERED
• Ciphertext: L FDPH L VDZ L FRQTXHUHG
• Shift by 3 letters
• Additive Cipher
• A shift cipher can also be described as
• Encryption, EK(X) = X + K mod 26
• Decryption, DK(X) = X - K mod 26
• for English alphabet by setting up a correspondence between
alphabetic characters and residues modulo 26
• K=3 in Caesar Cipher.
• When the cipher is additive, the plaintext, ciphertext, and key are
integers in Z26.
Example 1:
Use the additive cipher with key = 15 to encrypt the
message “hello”.
Example 2:
• Use the additive cipher with key = 15 to decrypt the
message “WTAAD”.
• We apply the decryption algorithm to the plaintext
character by character:

Decryption DK(X) = X - K mod 26

• Example 3:
• Eve has intercepted the ciphertext “UVACLYFZLJBYL”.
• Show how she can use a brute-force attack to break the
cipher.
Playfair Cipher
• Playfair cipher is a multiple letter cipher
• Each plaintext letter is replaced by a digram in this cipher
• User chooses a keyword and puts it in the cells of a 5 x 5
matrix. I and J stay in one cell. Duplicate letters appear only
once.
• Alphabets that are not in the keyword are arranged in the
remaining cells from left to right in successive rows in
ascending order
Playfair Cipher
• Plaintext is encrypted two letters at a time, according to the following
rules
1. Repeating plaintext letters that are in the same pair are separated with a
filler letter, such as x, so that balloon would be treated as ba lx lo on.
2. Two plaintext letters that fall in the same row of the matrix are each
replaced by the letter to the right, with the first element of the row
circularly following the last.
• For example, ar is encrypted as RM.
3. Two plaintext letters that fall in the same column are each replaced by
the letter beneath, with the top element of the column circularly
following the last.
• For example, mu is encrypted as CM.
4. Otherwise, each plaintext letter in a pair is replaced by the letter that
lies in its own row and the column occupied by the other plaintext letter.
• Thus, hs becomes BP and ea becomes IM
Playfair Cipher
• Keyword “MONARCHY”
M O N A R

C H Y B D

E F G I/J K

L P Q S T

U V W X Z
Playfair Cipher
• Keyword “INFOSEC”
I/J N F O S

E C A B D

G H K L M

P Q R T U

V W X Y Z
Playfair Cipher
• E.g., Plaintext: “CRYPTO IS TOO EASY”
• Keyword is “INFOSEC”
• Grouped text: CR YP TO IS TO OE AS YX
• Ciphertext: AQ VT YB NI YB IB DF ZY
• To decrypt, the receiver reconstructs the 5 x 5
matrix using the keyword and then uses the same
rules as for encryption
Playfair cipher: Example
GLOW WORM
S T A N D
E R C H B
K F G I L GL OW WO RM
M O P Q U
V W X Y Z
IK WT TW EO
Hill Cipher
• Multi letter cipher developed by Lester Hill in 1929
• Encryption algorithm takes successive m plain text
letters and substitutes for m ciphertext letter
• Substitution is determined by m linear equations in
which each character is assigned a numerical value
• Takes two or three or more letter combinations to
the same size combinations, e.g. “the” → “rqv”
• An example of a “block” cipher encrypting a block
of text at a time
• Hill Algorithm
• The substitution is determined by linear equations in
which each character is assigned a numerical value (a
= 0, b= 1, …….z = 25)
• For m = 3, the system can be described as
• For example, consider the plaintext “PAYMOREMONEY” and use the
encryption key.
17 17 5
• K = 21 18 21
2 2 19
• Encryption : C = KP (mod26)
• Decryption : P = CK-1 (mod26)

C1 9 18 10 p1
C2 = 16 21 1 p2 (mod 26)
C3 5 12 23 p3

C1 = (9*p1 + 18*p2 + 10*p3)mod 26

C2 = (16*p1 + 21*p2 + 1*p3)mod 26
C3 = (5*p1 + 12*p2 + 23*p3)mod 26
I can’t do it
→ EOM TMY SVJ
8 2 0 13 19 3 14 8 19

4 9 18 10 8
14 = 16 21 1 2 (mod 26)
12 5 12 23 0

19 9 18 10 13
12 = 16 21 1 19 (mod 26)
14 5 12 23 3

18 9 18 10 14
21 = 16 21 1 8 (mod 26)
9 5 12 23 19
Hill Cipher
• Decryption
• Decryption requires using the inverse of the matrix
K.
Transposition Cipher
• Method of encrypting by performing some sort of
permutation on the plain text letters
• Two methods involved
• Rail fence Method
• Columnar Transposition Method
• Rail fence Method
• The Rail Fence cipher is a form of transposition cipher that gets its
name from the way in which it is encoded.
• In the rail fence cipher, the plaintext is written downwards on
successive "rails" of an imaginary fence, then moving up when we
get to the bottom.
• The message is then read off in rows.
• For example, using three "rails" and a message of 'WE ARE
DISCOVERED. FLEE AT ONCE', the cipher writes out:
Transposition Method
• Columnar Transposition
• More complex scheme where message is written in a rectangle, row
by row, and read the message off, column by column, but permute
the order of the columns.
• The order of the columns then becomes the key to the algorithm.

Double Columnar Transposition