INFORMATION SECURITY LECTURE

NOTES
(Subject Code: 20ECSC402)
 Chapter 1
The meaning of information security
The meaning of the term information security has evolved in recent years. Before the problem
of data security became widely publicized in the media, most people’s idea of computer
security focused on the physical machine. Traditionally, computer facilities have been
physically protected for three reasons:

• To prevent theft of or damage to the hardware

• To prevent theft of or damage to the information

• To prevent disruption of service

Information security is security applied to computing devices such as

computers and smartphones, as well as computer networkssuch as private and public
networks, including the whole Internet. The field covers all the processes and mechanisms by
which digital equipment, information and services are protected from unintended or
unauthorized access, change or destruction, and are of growing importance in line with the
increasing reliance on computer systems of most societies worldwide. It includes physical
security to prevent theft of equipment, and information security to protect the data on that
equipment. It is sometimes referred to as "cyber security" or "IT security", though these terms
generally do not refer to physical security (locks and such).
Some important terms used in computer security are:
Vulnerability
Vulnerability is a weakness which allows an attacker to reduce a system's information
assurance. Vulnerability is the intersection of three elements: a system susceptibility or flaw,
attacker access to the flaw, and attacker capability to exploit the flaw. To exploit
vulnerability, an attacker must have at least one applicable tool or technique that can connect
to a system weakness. In this frame, vulnerability is also known as the attack surface.
Vulnerability management is the cyclical practice of identifying, classifying, remediating,
and mitigating vulnerabilities.This practice generally refers to software vulnerabilities in
computing systems.
Backdoors
A backdoor in a computer system, is a method of bypassing normal authentication, securing
remote access to a computer, obtaining access to plaintext, and so on, while attempting to
remain undetected.
The backdoor may take the form of an installed program (e.g., Back Orifice), or could be a
modification to an existing program or hardware device. It may also fake information about
disk and memory usage.
Denial-of-service attack
Unlike other exploits, denials of service attacks are not used to gain unauthorized access or
control of a system. They are instead designed to render it unusable. Attackers can deny
service to individual victims, such as by deliberately entering a wrong password enough
consecutive times to cause the victim account to be locked, or they may overload the
capabilities of a machine or network and block all users at once. These types of attack are, in
practice, very hard to prevent, because the behaviour of whole networks needs to be
analyzed, not only the behaviour of small pieces of code. Distributed denial of
service (DDoS) attacks are common, where a large number of compromised hosts
(commonly referred to as "zombie computers", used as part of a botnet with, for example;
a worm, trojan horse, or backdoor exploit to control them) are used to flood a target system
with network requests, thus attempting to render it unusable through resource exhaustion.
Direct-access attacks
An unauthorized user gaining physical access to a computer (or part thereof) can perform
many functions, install different types of devices to compromise security, including operating
system modifications, software worms, key loggers, and covert listening devices. The
attacker can also easily download large quantities of data onto backup media, for
instance CD-R/DVD-R, tape; or portable devices such as key drives, digital
cameras or digital audio players. Another common technique is to boot an operating system
contained on a CD-ROM or other bootable media and read the data from the hard drive(s)
this way. The only way to defeat this is to encrypt the storage media and store the key
separate from the system. Direct-access attacks are the only type of threat
to Standalone computers (never connect to internet), in most cases.
Eavesdropping
Eavesdropping is the act of surreptitiously listening to a private conversation, typically
between hosts on a network. For instance, programs such as Carnivore and NarusInsight have
been used by the FBI and NSA to eavesdrop on the systems of internet service providers.
Spoofing
Spoofing of user identity describes a situation in which one person or program successfully
masquerades as another by falsifying data and thereby gaining an illegitimate advantage.
Tampering
Tampering describes an intentional modification of products in a way that would make them
harmful to the consumer.
Repudiation
Repudiation describes a situation where the authenticity of a signature is being challenged.
 Information disclosure
Information Disclosure (Privacy breach or Data leak) describes a situation where information,
thought as secure, is released in an untrusted environment.
Elevation of privilege
Elevation of Privilege describes a situation where a person or a program want to gain
elevated privileges or access to resources that are normally restricted to him/it.
Exploits
An exploit is a piece of software, a chunk of data, or sequence of commands that takes
advantage of a software "bug" or "glitch" in order to cause unintended or unanticipated
behaviour to occur on computer software, hardware, or something electronic (usually
computerized). This frequently includes such things as gaining control of a computer system
or allowing privilege escalation or a denial of service attack. The term "exploit" generally
refers to small programs designed to take advantage of a software flaw that has been
discovered, either remote or local. The code from the exploit program is frequently reused
in Trojan horses and computer viruses.
Indirect attacks
An indirect attack is an attack launched by a third-party computer. By using someone else's
computer to launch an attack, it becomes far more difficult to track down the actual attacker.
There have also been cases where attackers took advantage of public anonymizing systems,
such as the tor onion router system.
Computer crime: Computer crime refers to any crime that involves a computer and
a network.

Principle security
There are five principles of security. They are as follows:

 Confidentiality:
The principle of confidentiality specifies that only the sender and the intended
recipient should be able to access the content of the message.

 Integrity:
The confidential information sent by A to B which is accessed by C without the
permission or knowledge of A and B.

 Authentication:
Authentication mechanism helps in establishing proof of identification.

 Non-repudiation:
 Access control:
Access control specifies and control who can access what.
 Availability:
It means that assets are accessible to authorized parties at appropriate times
Attacks
We want our security system to make sure that no data are disclosed to unauthorized
parties.
 Data should not be modified in illegitimate ways
 Legitimate user can access the data
Types of attacks
Attacks are grouped into two types:
 Passive attacks: does not involve any modification to the contents of an original
message
 Active attacks: the contents of the original message are modified in some ways.

ELEMENTARY CRYPTOGRAPHY: SUBSTITUTION CIPHER

Encryption is the process of encoding a message so that its meaning is not obvious;
decryption is the reverse process, transforming an encrypted message back into its normal,
original form. Alternatively, the terms encode and decode or encipher and decipher are used
instead of encrypt and decrypt. That is, we say that we encode, encrypt, or encipher the
original message to hide its meaning. Then, we decode, decrypt, or decipher it to reveal the
original message. A system for encryption and decryption is called a cryptosystem.
The original form of a message is known as plaintext, and the encrypted form is called
cipher text. For convenience, we denote a plaintext message P as a sequence of individual
characters P = <p1, p2, …, pn>. Similarly, cipher text is written as C = <c1, c2, …,cm>.

Plain text Cipher

Cipher text Plain text

 For instance, the plaintext message "I want cookies" can be denoted as the message
string <I, ,w,a,n,t,c,o,o,k,i,e,s>. It can be transformed into cipher text<c1, c2, …,c14>, and
the encryption algorithm tells us how the transformation is done.

We use this formal notation to describe the transformations between plaintext and cipher text.
For example:
we write C = E (P) and P = D(C), where C represents the cipher text, E is the
encryption rule, P is the plaintext, and D is the decryption rule.

P = D (E(P)).
In other words, we want to be able to convert the message to protect it from an intruder, but
we also want to be able to get the original message back so that the receiver can read it
properly.
The cryptosystem involves a set of rules for how to encrypt the plaintext and how to decrypt
the cipher text. The encryption and decryption rules, called algorithms, often use a device
called a key, denoted by K, so that the resulting cipher text depends on the original plaintext
message, the algorithm, and the key value. We write this dependence as C =E (K, P).
Essentially, E is a set of encryption algorithms, and the key K selects one specific algorithm
from the set.
There are many types of encryption. In the next sections we look at two simple forms of
encryption: substitutions in which one letter is exchanged for another and transpositions,
in which the order of the letters is rearranged.

Cryptanalyst: cryptanalyst is a person who studies encryption and encrypted message and
tries to find the hidden meanings (to break an encryption).

Confusion: it is a technique for ensuring that ciphertext has no clue about the original
message.

Diffusion: it increases the redundancy of the plaintext by spreading it across rows and
columns.

Substitutions Cipher: It basically consists of substituting every plaintext character for a

different cipher text character.
It is of two types-
I. Mono alphabetic substitution cipher
II. Poly alphabetic substitution cipher

Mono alphabetic substitution cipher:

Relationship between cipher text symbol and plain text symbol is 1:1.
 Additive cipher:
Key value is added to plain text and numeric value of key ranges from 0 – 25.

Example:
Plain text(P)- H E L LO (H=7,E=4,L=11,L=11,O=14)
Key (K)=15
Cipher text (C)= 7+15,4+15,11+15,11+15,14+15
= 22,19, 26,26,(29%26)=3
= W T A AD
Auto key cipher:
 In this cipher, key is stream of subkeys in which subkey is used to encrypt the
corresponding character in the plain text.
 Here 1st subkey is predefined and 2nd subkey is the value of the 1st character of the
plain text 3rd subkey is the value of the 2nd plain text and so on.

Example: A T T A C K
0 19 19 0 2 10
Key=12
12 0 19 19 0 2

Cipher text(C)= (12,19,38 19,2 12)%26 MTMTCM

Playfair cipher
In playfair cipher the secret key is made of 25 characters arranged in 5x5 matrix
Rules:-
 If 2 letters in a plaintext are located in the same row of the secret key then the
corresponding encrypted character for each letter is next letter to the right.
 If 2 letters in a pair are in same column then the corresponding encrypted
character is next below in the same column.
 If 2 letters are neither in same row or in same column then encrypted
character is in its own row but in the same column as the other character.
Example:

LG D B A
QMHE C
K= U R N I/J F
XVSO K
ZYWT P
Plain text= HELLO

It is then made as pair.

Vigener cipher:
The key stream is the repetition of the initial secret key stream of length m.
(1<=m<=26)
Example:
Plaintext- A B C D E F G H
Ks= 0, 5, 8

A B C D E F G H (B=1 =>1+5=6=>G)
05805805
0 6 10 3 9 13 6 12
A G K D J N G M <= ciphertext

Transposition cipher:

A transposition cipher is a method of encryption by which the positions held by units

of plaintext (which are commonly characters or groups of characters) are shifted according to
a regular system, so that the ciphertext constitutes a permutation of the plaintext. That is, the
order of the units is changed.
The goal of substitution is confusion; the transposition method is an attempt to make
it difficult i.e diffusion.

1. Keyless transposition cipher

There are two methods for permutation of characters
 Text is written into a table column by column and transmitted row by row
Example: plaintext- meet me at the park
memateak
etethpr
ciphertext- memateaketethpr
 Text is written into the table row by row and then transmitted column by
column.
Example: m e e t
meat
thep
ark
ciphertext- mmtaeehreaekttp
2. Keyed transposition cipher
Plaintext is divided into groups and permutes the character in each group.
Example: plaintext- “enemy attack at night”

keys:

encryption 31452 decryption

12345
appended to make a group of 5 characters
e n e m y a t t a c k a t n i g h t y z (Group of 5 characters)
encryption: e e m y n t a a c t t k n i k t g y z h
decryption: e n e m y a t t a c k a t n i g h t y z
the characters exceeding the length of plaintext are discarded.
Like y and z two characters are discarded

3. Combining the two approaches:

Encryption and decryption is done in three steps.
 Text is written into a table row by row.
 Permutation is done by reordering the column.
 New table is read column by column
 Fig :Categories of Cryptography

1. Symmetric·Key Cryptography
In symmetric-key cryptography, the same key is used by both parties. The sender uses this
key and an encryption algorithm to encrypt data; the receiver uses the same key and the
corresponding decryption algorithm to decrypt the data.

Fig :Symmetric-key Cryptography

2. Asymmetric-Key Cryptography:
In asymmetric or public-key cryptography, there are two keys: a private key and a public
key. The private key is kept by the receiver. The public key is announced to the public.
Fig 7:Asymmetric-key Cryptography

PRIVATE KEY CRYPTO SYSTEM

Symmetric encryption (also called private-key encryption or secret-key encryption) involves

using the same key for encryption and decryption.

Encryption involves applying an operation (an algorithm) to the data to be encrypted using
the private key to make them unintelligible. The slightest algorithm (such as an exclusive
OR) can make the system nearly tamper proof (there being so such thing as absolute
security).
However, in the 1940s, Claude Shannon proved that to be completely secure, private-key
systems need to use keys that are at least as long as the message to be encrypted. Moreover,
symmetric encryption requires that a secure channel be used to exchange the key, which
seriously diminishes the usefulness of this kind of encryption system.
The main disadvantage of a secret-key cryptosystem is related to the exchange of keys.
Symmetric encryption is based on the exchange of a secret (keys). The problem of key
distribution therefore arises:
Moreover, a user wanting to communicate with several people while ensuring separate
confidentiality levels has to use as many private keys as there are people. For a group
of N people using a secret-key cryptosystem, it is necessary to distribute a number of keys
equal to N * (N-1) / 2.
In the 1920s, Gilbert Vernam and Joseph Mauborgne developed the One-Time Pad method
(sometimes called "One-Time Password" and abbreviated OTP), based on a randomly
generated private key that is used only once and is then destroyed. During the same period,
the Kremlin and the White House were connected by the famous red telephone, that is, a
telephone where calls were encrypted thanks to a private key according tothe one-time
pad method. The private key was exchanged thanks to the diplomatic bag (playing the role
ofsecure channel).

An important distinction in symmetric cryptographic algorithms is between stream and block

ciphers.
Stream cipher: Stream ciphers convert one symbol of plaintext directly into a symbol of
ciphertext.
Advantages:
 Speed of transformation: algorithms are linear in time and constant in space.
 Low error propogation: an error in encrypting one symbol likely will not affect
subsequent symbols.
Disadvantages:
 Low diffusion: all information of a plaintext symbol is contained in a single ciphertext
symbol.
 Susceptibility to insertions/ modifications: an active interceptor who breaks the
algorithm might insert spurious text that looks authentic.

Block ciphers: It encrypt a group of plaintext symbols as one block.

Advantages:
 High diffusion: information from one plaintext symbol is diffused into several
ciphertext symbols.
 Immunity to tampering: difficult to insert symbols without detection.
Disadvantages:
 Slowness of encryption: an entire block must be accumulated before encryption /
decryption can begin.
 Error propagation: An error in one symbol may corrupt the entire block.
Simple substitution is an example of a stream cipher. Columnar transposition is a block
cipher.

THE DATA ENCRYPTION STANDARD

The Data Encryption Standard (DES), a system developed for the U.S. government, was
intended for use by the general public. It has been officially accepted as a cryptographic
standard both in the United States and abroad.

The DES algorithm is a careful and complex combination of two fundamental building
blocks of encryption: substitution and transposition. The algorithm derives its strength from
repeated application of these two techniques, one on top of the other, for a total of 16 cycles.
The sheer complexity of tracing a single bit through 16 iterations of substitutions and
transpositions has so far stopped researchers in the public from identifying more than a
handful of general properties of the algorithm. The algorithm begins by encrypting the
plaintext as blocks of 64 bits. The key is 64 bits long, but in fact it can be any 56-bit number.
(The extra 8 bits are often used as check digits and do not affect encryption in normal
implementations.) The user can change the key at will any time there is uncertainty about the
Features: –
Block size = 64 bits
– Key size = 56 bits (in reality, 64 bits, but 8 are used as
parity-check bits for error control, see next slide)
– Number of rounds = 16
– 16 intermediary keys, each 48 bits

key 56
bit
plaintext ciphertext

64 bit 64 bit

Working principle:
64 bit plaintext

56 bit cipher key

.
.
.

The Feistel (F) function

The F-function, depicted in Figure 2, operates on half a block (32 bits) at a time and consists
of four stages:
 1. Expansion — the 32-bit half-block is expanded to 48 bits using the expansion
permutation, denoted E in the diagram, by duplicating half of the bits. The output
consists of eight 6-bit (8 * 6 = 48 bits) pieces, each containing a copy of 4
corresponding input bits, plus a copy of the immediately adjacent bit from each of the
input pieces to either side.
2. Key mixing — the result is combined with a subkey using an XOR operation. 16 48-
bit subkeys — one for each round — are derived from the main key using the key
schedule (described below).
3. Substitution — after mixing in the subkey, the block is divided into eight 6-bit pieces
before processing by the S-boxes, orsubstitution boxes. Each of the eight S-boxes
replaces its six input bits with four output bits according to a non-linear
transformation, provided in the form of a lookup table. The S-boxes provide the core
of the security of DES — without them, the cipher would be linear, and trivially
breakable.
4. Permutation — finally, the 32 outputs from the S-boxes are rearranged according to a
fixed permutation, the P-box. This is designed so that, after permutation, each S-box's
output bits are spread across 4 different S boxes in the next round.
The alternation of substitution from the S-boxes, and permutation of bits from the P-box and
E-expansion provides so-called "confusion and diffusion" respectively, a concept identified
by Claude Shannon in the 1940s as a necessary condition for a secure yet practical cipher.
Key schedule

Figure illustrates the key schedule for encryption — the algorithm which generates the
subkeys. Initially, 56 bits of the key are selected from the initial 64 by Permuted Choice
1 (PC-1) — the remaining eight bits are either discarded or used as parity check bits. The 56
bits are then divided into two 28-bit halves; each half is thereafter treated separately. In
successive rounds, both halves are rotated left by one or two bits (specified for each round),
and then 48 subkey bits are selected by Permuted Choice 2 (PC-2) — 24 bits from the left
half, and 24 from the right. The rotations (denoted by "<<<" in the diagram) mean that a
different set of bits is used in each subkey; each bit is used in approximately 14 out of the 16
subkeys.
The key schedule for decryption is similar — the subkeys are in reverse order compared to
encryption. Apart from that change, the process is the same as for encryption. The same 28
bits are passed to all rotation boxes.

Security of the DES

Since its was first announced, DES has been controversial. Many researchers have questioned
the security it provides. Much of this controversy has appeared in the open literature, but
certain DES features have neither been revealed by the designers nor inferred by outside
analysts.
In 1990, Biham and Shamir invented a technique, differential cryptanalysis, that
investigates the change in algorithmic strength when an encryption algorithm is changed in
some way. In 1991 they applied their technique to DES, showing that almost any change to
the algorithm weakens it. Their changes included cutting the number of iterations from 16 to
15, changing the expansion or substitution rule, or altering the order of an iteration. In each
case, when they weakened the algorithm, Biham and Shamir could break the modified
version. Thus, it seems as if the design of DES is optimal.
However, Diffie and Hellman argued in 1977 that a 56-bit key is too short. In 1977, it was
prohibitive to test all 256 (approximately 1015) keys on then current computers. But they
argued that over time, computers would become more powerful and the DES algorithm
would remain unchanged; eventually, the speed of computers would exceed the strength of
DES. Exactly that has happened. In 1997 researchers using over 3,500 machines in parallel
were able to infer a DES key in four months' work. And in 1998 for approximately $100,000,
researchers built a special "DES cracker" machine that could find a DES key in
approximately four days.
In 1995, the U.S. National Institute of Standards and Technology (NIST, the renamed
NBS) began the search for a new, strong encryption algorithm. The response to that search
has become the Advanced Encryption Standard, or AES.

The AES Encryption Algorithm

The AES is likely to be the commercial-grade symmetric algorithm of choice for years, if not
decades. Let us look at it more closely.
The AES Contest
In January 1997, NIST called for cryptographers to develop a new encryption system. As
with the call for candidates from which DES was selected, NIST made several important
restrictions. The algorithms had to be
 Unclassified
 publicly disclosed
 available royalty-free for use worldwide
 symmetric block cipher algorithms, for blocks of 128 bits
 usable with key sizes of 128, 192, and 256 bits

AES is based on a design principle known as a substitution-permutation network,

combination of both substitution and permutation, and is fast in both software and
hardware.[9]Unlike its predecessor DES, AES does not use a Feistel network. AES is a variant
of Rijndael which has a fixed block size of 128 bits, and a key size of 128, 192, or 256 bits.
By contrast, the Rijndael specification per se is specified with block and key sizes that may
be any multiple of 32 bits, both with a minimum of 128 and a maximum of 256 bits.
AES operates on a 4×4 column-major order matrix of bytes, termed the state, although some
versions of Rijndael have a larger block size and have additional columns in the state. Most
AES calculations are done in a special finite field.
The key size used for an AES cipher specifies the number of repetitions of transformation
rounds that convert the input, called the plaintext, into the final output, called the ciphertext.
The number of cycles of repetition are as follows:

 10 cycles of repetition for 128-bit keys.

 12 cycles of repetition for 192-bit keys.
 14 cycles of repetition for 256-bit keys.
Each round consists of several processing steps, each containing four similar but different
stages, including one that depends on the encryption key itself. A set of reverse rounds are
applied to transform ciphertext back into the original plaintext using the same encryption key.

High-level description of the algorithm

1. KeyExpansions—round keys are derived from the cipher key using Rijndael's key
schedule. AES requires a separate 128-bit round key block for each round plus one
more.
2. InitialRound
1. AddRoundKey—each byte of the state is combined with a block of the round
key using bitwise xor.
3. Rounds
1. SubBytes—a non-linear substitution step where each byte is replaced with
another according to a lookup table.
2. ShiftRows—a transposition step where the last three rows of the state are
shifted cyclically a certain number of steps.
3. MixColumns—a mixing operation which operates on the columns of the state,
combining the four bytes in each column.
4. AddRoundKey
4. Final Round (no MixColumns)
1. SubBytes
2. ShiftRows
3. AddRoundKey.
The SubBytes steps

In the SubBytes step, each byte in the state matrix is replaced with a SubByte
using an 8-bit substitution box, the Rijndael S-box. This operation provides the non-linearity
in the cipher. The S-box used is derived from the multiplicative inverse over GF(28), known
to have good non-linearity properties. To avoid attacks based on simple algebraic properties,
the S-box is constructed by combining the inverse function with an invertible affine
transformation. The S-box is also chosen to avoid any fixed points (and so is a derangement),
i.e., , and also any opposite fixed points, i.e., .
While performing the decryption, Inverse SubBytes step is used, which requires first taking
the affine transformation and then finding the multiplicative inverse (just reversing the steps
used in SubBytes step).

The ShiftRows step

The ShiftRows step operates on the rows of the state; it cyclically shifts the bytes in each row
by a certain offset. For AES, the first row is left unchanged. Each byte of the second row is
shifted one to the left. Similarly, the third and fourth rows are shifted by offsets of two and
three respectively. For blocks of sizes 128 bits and 192 bits, the shifting pattern is the same.
Row n is shifted left circular by n-1 bytes. In this way, each column of the output state of
the ShiftRows step is composed of bytes from each column of the input state. (Rijndael
variants with a larger block size have slightly different offsets). For a 256-bit block, the first
row is unchanged and the shifting for the second, third and fourth row is 1 byte, 3 bytes and 4
bytes respectively—this change only applies for the Rijndael cipher when used with a 256-bit
block, as AES does not use 256-bit blocks. The importance of this step is to avoid the
columns being linearly independent, in which case, AES degenerates into four independent
block ciphers.
The MixColumns step

In the MixColumns step, the four bytes of each column of the state are combined using an
invertible linear transformation. The MixColumns function takes four bytes as input and
outputs four bytes, where each input byte affects all four output bytes. Together
with ShiftRows, MixColumns provides diffusion in the cipher.
During this operation, each column is multiplied by a fixed matrix:
Matrix multiplication is composed of multiplication and addition of the entries, and here
the multiplication operation can be defined as this: multiplication by 1 means no change,
multiplication by 2 means shifting to the left, and multiplication by 3 means shifting to
the left and then performing XOR with the initial unshifted value. After shifting, a
conditional XOR with 0x1B should be performed if the shifted value is larger than 0xFF.
(These are special cases of the usual multiplication in GF. Addition is simply XOR.
In more general sense, each column is treated as a polynomial over GFand is then
multiplied modulo x4+1 with a fixed polynomial c(x) = 0x03 · x 3 + x2 + x + 0x02. The
coefficients are displayed in their hexadecimal equivalent of the binary representation of
bit polynomials from GF(2)[x]. The MixColumns step can also be viewed as a
multiplication by the shown particular MDS matrix in the finite field GF(28). This
process is described further in the article Rijndael mix columns.
The AddRoundKey step

In the AddRoundKey step, the subkey is combined with the state. For each round, a
subkey is derived from the main keyusing Rijndael's key schedule; each subkey is the
same size as the state. The subkey is added by combining each byte of the state with the
corresponding byte of the subkey using bitwise XOR.
Optimization of the cipher
On systems with 32-bit or larger words, it is possible to speed up execution of this cipher
by combining the SubBytes andShiftRows steps with the MixColumns step by
transforming them into a sequence of table lookups. This requires four 256-entry 32-bit
tables, and utilizes a total of four kilobytes (4096 bytes) of memory — one kilobyte for
 each table. A round can then be done with 16 table lookups and 12 32-bit exclusive-or
operations, followed by four 32-bit exclusive-or operations in the AddRoundKey steps.
If the resulting four-kilobyte table size is too large for a given target platform, the table
lookup operation can be performed with a single 256-entry 32-bit (i.e. 1 kilobyte) table
by the use of circular rotates.
Using a byte-oriented approach, it is possible to combine the SubBytes, ShiftRows,
and MixColumns steps into a single round operation.

PUBLIC KEY CRYPTOSYSTEM

Public-key cryptography, also known as asymmetric cryptography, is a class
of cryptographic algorithms which requires two separate keys, one of which
is secret (or private) and one of which is public.
Public-key cryptography is often used to secure electronic communication over an open
networked environment such as the internet. Open networked environments are susceptible to
a variety of communication security problems such as man-in-the-middle attacks and other
security threats. Sending a secure communication means that the communication being sent
must not be readable during transit (preserving confidentiality), the communication must not
be modified during transit (preserving the integrity of the communication) and to
enforce non-repudiation or non-denial of the sending of the communication. Combining
public-key cryptography with an Enveloped Public Key Encryption (EPKE) method, allows
for the secure sending of a communication over an open networked environment.
The distinguishing technique used in public-key cryptography is the use of asymmetric key
algorithms, where the key used to encrypt a message is not the same as the key used
to decrypt it. Each user has a pair of cryptographic keys – a public encryption key and
a private decryption key. Similarly, a key pair used for digital signatures consists of
aprivate signing key and a public verification key. The public key is widely distributed,
while the private key is known only to its proprietor. The keys are related mathematically, but
the parameters are chosen so that calculating the private key from the public key is either
impossible or prohibitively expensive.
In contrast, symmetric-key algorithms – variations of which have been used for thousands of
years – use a single secret key, which must be shared and kept private by both the sender and
the receiver, for both encryption and decryption. To use a symmetric encryption scheme, the
sender and receiver must securely share a key in advance.
Fig : Public Key cryptosystem

USE OF ENCRYPTION
Encryption has long been used by militaries and governments to facilitate secret
communication. It is now commonly used in protecting information within many kinds of
civilian systems. For example, the Computer Security Institute reported that in 2007, 71% of
companies surveyed utilized encryption for some of their data in transit, and 53% utilized
encryption for some of their data in storage.Encryption can be used to protect data "at rest",
such as files on computers and storage devices (e.g. USB flash drives). In recent years there
have been numerous reports of confidential data such as customers' personal records being
exposed through loss or theft of laptops or backup drives. Encrypting such files at rest helps
protect them should physical security measures fail. Digital rights management systems,
which prevent unauthorized use or reproduction of copyrighted material and protect software
against reverse engineering (see also copy protection), is another somewhat different example
of using encryption on data at rest.
Encryption is also used to protect data in transit, for example data being transferred
via networks (e.g. the Internet, e-commerce), mobile telephones, wireless
microphones,wireless intercom systems, Bluetooth devices and bank automatic teller
machines. There have been numerous reports of data in transit being intercepted in recent
years.Encrypting data in transit also helps to secure it as it is often difficult to physically
secure all access to networks.
Let us look more closely at four applications of encryption: cryptographic hash functions, key
exchange, digital signatures, and certificates.
Message verification
Encryption, by itself, can protect the confidentiality of messages, but other techniques are still
needed to protect the integrity and authenticity of a message; for example, verification of
a message authentication code (MAC) or a digital signature. Standards for cryptographic
software and hardware to perform encryption are widely available, but successfully using
encryption to ensure security may be a challenging problem. A single error in system design
or execution can allow successful attacks. Sometimes an adversary can obtain unencrypted
information without directly undoing the encryption. See, e.g., traffic analysis, TEMPEST,
or Trojan horse.
Digital signature and encryption must be applied to the ciphertext when it is created (typically
on the same device used to compose the message) to avoid tampering; otherwise any node
between the sender and the encryption agent could potentially tamper with it. Encrypting at
the time of creation is only secure if the encryption device itself has not been tampered with.