Cryptography &

Network Security
Fall 2019
Lec#1

Dr Muhammad Imran
 Course Information
 Text/Ref:
 Cryptography and Network Security by B A Forouzan
 Cryptography and network Security by William Stalling

 Grading Policy
 Assignments/Quiz/project/participation : 20 %
 Midterm Exam : 30 %
 Final Exam : 50 %

 Instructor: Dr M Imran
 Email: mimran_047@yahoo.com
 WhatsApp Groups: contact to CR and GR
 Background
 Information Security requirements have
changed in recent times
 traditionally provided by physical and
administrative mechanisms
 computer use requires automated tools to
protect files and other stored information
 use of networks and communications links
requires measures to protect data during
transmission
 Aim of Course
 our focus is on Cryptography as well as
on Network Security
 which consists of measures to deter,
prevent, detect, and correct security
violations that involve the transmission &
storage of information
 Course Contents
Information security overview :
Goals, attacks, services,
mechanisms & techniques
Maths for Symmetric Key Cryptography:
Modular Arithmetic, Congruence,
Groups, Rings & Finite Fields.
Traditional Symmetric Key Ciphers:
Substitution, Transposition, One time pad,
Steganography
Modern Symmetric Key Ciphers:
Block cipher; DES, triple-DES, AES
Stream cipher; RC4
& modes of cipher ops,
 Course Contents…cont’d
Maths for asymmetric key cryptography:
Number Theory: Prime numbers,
Euler’s theorem, Primality testing,
Factorization, Chinese remainder
theorem, Discrete logarithm
Asymmetric key cryptography:
RSA, Elgamal & Elliptic curve
cryptosystem
 Cryptographic Hash functions:
SHA-512 & Whirlpool
Message Integrity & Authentication:
MDC, MAC, HMAC, Digital Signature
& Entity authentication
 Course Contents…cont’d

Key Management:
KDC, KERBEROS, Diffie-Hellman,
CA, X.509 & PKI
Security at Internet model layers:
Application layer; PGP & S/MIME
Transport layer; SSL & TLS
Network layer; IPsec
E-Commerce Security:
Dual Signature & SET protocol
 Lecture Objectives

 To define three security goals

 To define security attacks that threaten
security goals
 To define security services and how they
are related to the three security goals
 To define security mechanisms to provide
security services
 To define techniques used for implementing
mechanisms

1.8
 security goals

1.9
 OSI Security Architecture
 ITU-T X.800 “Security Architecture for OSI”
 a systematic way of defining and providing
security requirements
 for us it provides a useful, if abstract,
overview of concepts we will study
 considers 3 aspects of information security:
 security attacks
 security services
 security mechanisms
 ATTACKS
The three goals of securityconfidentiality, integrity, and
availabilitycan be threatened by security attacks.

Attacks Threatening Confidentiality

Attacks Threatening Integrity
Attacks Threatening Availability
Passive versus Active Attacks

Attacks Threatening Confidentiality:

Snooping refers to unauthorized access to or interception of data.
Traffic analysis refers to obtaining some other type of information by
monitoring online traffic.
1.11
 Attacks Threatening Integrity:
Modification means that the attacker intercepts the message and
changes it.
Masquerading or spoofing happens when the attacker impersonates
somebody else.
Replaying means the attacker obtains a copy of a message sent by a
user and later tries to replay it.
Repudiation means that sender of the message might later deny that
she has sent the message; the receiver of the message might later
deny that he has received the message.

Attacks Threatening Availability:

Denial of service (DoS) is a very common attack. It may slow down
or totally interrupt the service of a system.
1.12
 Taxonomy of attacks with relation to security goals

Passive attacks Active attacks

1.13
 Security Services
 enhance security of data processing systems
and information transfers of an organization
 intended to counter security attacks
 using one or more security mechanisms
 often replicates functions normally associated
with physical documents
• e.g signatures, dates; protection from disclosure, tampering,
or destruction; be notarized or witnessed; be recorded or
licensed

 X.800: “a service provided by a protocol layer of

communicating open systems, which ensures adequate
security of the systems or of data transfers”
 Security Services

Data Confidentiality –protection of data from unauthorized disclosure

Data Integrity - assurance that data received is as sent by an authorized
entity
Authentication - assurance that the communicating entity is the one
claimed
Non-Repudiation - protection against denial by one of the parties in a
communication
Access Control - prevention of the unauthorized use of a resource
1.15
 Security Mechanism (X.800)
 feature designed to detect, prevent, or
recover from a security attack
 no single mechanism that will support all
services required
 however one particular element underlies
many of the security mechanisms in use:
 cryptographic techniques
 hence our focus on this topic
 Security Mechanism

1.17
 Relation between Services and Mechanisms

1.18
 TECHNIQUES

Mechanisms discussed in the previous sections are

only theoretical recipes to implement security. The
actual implementation of security goals needs some
techniques. Two techniques are prevalent today:
cryptography and steganography.

Cryptography
Steganography

1.19
 Cryptography vs Steganography

Cryptography, a word with Greek origins,

means “secret writing.” However, we use the
term to refer to the science and art of
transforming messages to make them secure
and immune to attacks.

The word steganography, with origin in

Greek, means “covered writing,” in
contrast with cryptography, which means
“secret writing.”

1.20
Model for Network Security
 Requirements for Network
Security model
 using this model requires us to:
1. design a suitable algorithm for the security
transformation
2. generate the secret information (keys)
used by the algorithm
3. develop methods to distribute and share
the secret information
4. specify a protocol enabling the principals
to use the transformation and secret
information for a security service
 Cryptography

 Characterize cryptographic system by:

 type of encryption operations used
• substitution / transposition / product
 number of keys used
• single-key or private / two-key or public
 way in which plaintext is processed
• block / stream
Symmetric Cipher Model
 Symmetric Encryption

 or conventional / private-key / single-key

 sender and recipient share a common key
 all classical encryption algorithms are
private-key
 was only type prior to invention of public-
key in 1970’s
 and by far most widely used
Model of Conventional Crypto System
 Requirements
 two
requirements for secure use of
symmetric encryption:
 a strong encryption algorithm
 a secret key known only to sender / receiver
 mathematically have:
Y = EK(X)
X = DK(Y)
 assume encryption algorithm is known (why?)
 implies a secure channel to distribute key
 Level of Security
 unconditional security
 no matter how much computer power or time
is available, the cipher cannot be broken
since the ciphertext provides insufficient
information to uniquely determine the
corresponding plaintext (only one-time-pad)
 computational security
 Cost exceed the value of information
 Time exceeds the useful life of information
 Cryptanalysis

 Cryptography is the science and art of secret

writing
 Cryptanalysis science and arts of breaking
the codes
 objective to recover key not just message
 general approaches:
• cryptanalytic attack
• brute-force attack
 Cryptanalytic Attacks
 ciphertext only
 known plaintext
 chosen plaintext
 chosen ciphertext
 ciphertext only
Attack
 only know algorithm & ciphertext, is
statistical, can identify plaintext
 known plaintext

 also have some plaintext and ciphertext pairs

 chosen plaintext

 select plaintext and obtain ciphertext

 chosen ciphertext

 select ciphertext and obtain plaintext

 Brute Force Search
 always possible to simply try every key
 most basic attack, proportional to key size
 assume either know / recognise plaintext

Key Size Number of Time required at 1 Time required at

(bits) Alternative decryption/µs 106
Keys decryptions/µs
32 232 = 4.3  109 231 µs = 35.8 2.15 milliseconds
minutes
56 256 = 7.2  1016 255 µs = 1142 years 10.01 hours

128 2128 = 3.4  1038 2127 µs = 5.4  1024 5.4  1018 years
years

168 2168 = 3.7  1050 2167 µs = 5.9  1036 5.9  1030 years
years

26 26! = 4  1026 2  1026 µs = 6.4 6.4  106 years

characters  1012 years
permutation
Math for Symmetric key
Cryptography
 Objectives
 To review integer arithmetic, concentrating on divisibility
and finding the Greatest Common Divisor (GCD) using the
Euclidean algorithm.
 To understand how the extended Euclidean algorithm can be
used to solve linear Diophantine equations, linear
congruent equations, and to find the multiplicative inverses
 To emphasize the importance of modular arithmetic and
the modulo operator, because they are extensively used in
cryptography
 To emphasize and review matrices and operations on residue
matrices that are extensively used in cryptography
 To solve a set of congruent equations using residue matrices
2.37
 INTEGER ARITHMETIC

In integer arithmetic, we use a set and a few

operations. You are familiar with this set and the
corresponding operations, but they are reviewed here
to create a background for modular arithmetic.

Topics discussed in this section:

1 Set of Integers
2 Binary Operations
3 Integer Division
4 Divisibility
5 Linear Diophantine Equations

2.38
 1. Set of Integers

The set of integers, denoted by

Z, contains all integral numbers
(with no fraction) from negative
infinity to positive infinity .

2.39
 2 Binary Operations
In cryptography, we are interested in three binary
operations ( + , - , X ) applied to the set of integers. A
binary operation takes two inputs and creates one output.

Examples:

2.40
 3 Integer Division
In integer arithmetic, if we divide a (divident) by n
(divisor), we can get q (quotient) & r (remainder) . The
relationship between these four integers can be shown as

a=q×n+r
Example

2.41
 Integer Division Relation
(not operation as more than one output)

When we use a computer or a calculator, r and q are negative when a is

negative. How can we apply the restriction that r needs to be positive?
The solution is simple, we decrement the value of q by 1 and we add the
value of n to r to make it positive.

2.42
 4. Divisbility
If a is not zero & we get r = 0 in the division relation:-
a=q×n
If the remainder is zero,
If the remainder is not zero,

a. The integer 4 divides the integer 32 because 32 = 8 × 4. We

show this as

b. The number 8 does not divide the number 42 because

42 = 5 × 8 + 2. There is a remainder, the number 2, in the
equation. We show this as

2.43
 Greatest Common Divisor of two integers
The greatest common divisor of two
positive integers is the largest integer
that can divide both integers.

2.44
GCD (140,12) = largest(1 , 2 , 4) = 4
 Euclidean Algorithm
Fact 1: gcd (a, 0) = a
Fact 2: gcd (a, b) = gcd (b, r); r is remainder of dividing a by b

When gcd (a, b) = 1, we say that a and b are relatively prime.

2.45
 Examples: Find GCD by Euclidean Method
Find the greatest common Find the greatest common
divisor of 2740 and 1760. divisor of 25 and 60.

gcd (2740, 1760) = 20. gcd (25, 65) = 5.

2.46
 Extended Euclidean Algorithm
Given two integers a and b, we often need to
find other two integers, s and t, such that

The extended Euclidean algorithm can

calculate the gcd (a, b) and at the same
time calculate the value of s and t.

2.47
 Extended Euclidean algorithm : Process

2.48
 Extended Euclidean algorithm: Algorithm

2.49
 Examples: Extended Euclidean Agorithm
Ex1: Given a = 161 and b = 28, find gcd (a, b) & values of s and t.

We get gcd (161, 28) = 7, s = −1 and t = 6.

Ex2: Given a = 0 and b = 45, find gcd (a, b) & values of s and t.

We
2.50
get gcd (0, 45) = 45, s = 0, and t = 1.
 MODULAR ARITHMETIC

The division relationship (a = q × n + r) discussed in

the previous section has two inputs (a and n) and two
outputs (q and r). In modular arithmetic, we are
interested in only one of the outputs, the remainder r.

Topics discussed in this section:

1 Modular Operator
2 Set of Residues
3 Congruence
4 Operations in Zn
5 Addition and Multiplication Tables
6 Different Sets
2.51
 1. Modulo Operator
The modulo operator is shown as mod. The second input
divisor (n) is called the modulus. The output r is called
the residue.
Division Relation vs modulo operator

2.52
 Examples: mod operation

Find the result of the following operations:

a. 27 mod 5 b. 36 mod 12
c. −18 mod 14 d. −7 mod 10

Solution
a. Dividing 27 by 5 results in r = 2
b. Dividing 36 by 12 results in r = 0.
c. Dividing −18 by 14 results in r = −4. After adding the
modulus r = 10
d. Dividing −7 by 10 results in r = −7. After adding the
modulus to −7, r = 3.

2.53
 2. Set of Residues

The modulo operation creates a set, which

in modular arithmetic is referred to as the
set of least residues modulo n, or Zn.
Examples: Some Zn sets

2.54
 3 Congruence
Two integers are congruent, if they have same residue for
a given modulus. we use the congruence operator ( ≡ ).
For example, we write:

2.55
 Residue Classes
A residue class [a] or [a]n is the set of integers
congruent modulo n. (in following example n=5)

2.56
 Comparison of Z and Zn using graphs

2.57
 4. Binary Operation in Zn
The three binary operations that we discussed for the set
Z can also be defined for the set Zn. The result may need
to be mapped to Zn using the mod operator.
Binary operations in Zn

2.58
 Examples: Binary Operations in Zn
Ex1: Perform following operations (inputs come from Zn):
a. Add 7 to 14 in Z15.
b. Subtract 11 from 7 in Z13.
c. Multiply 11 by 7 in Z20.
Solution

Ex2: Perform the following operations (the inputs come from

either Z or Zn):
a. Add 17 to 27 in Z14.
b. Subtract 43 from 12 in Z13.
c. Multiply 123 by −10 in Z19.
2.59
 Properties for Binary Operations in Zn

2.60
 Properties of mode operator

2.61
 Examples: Properties of mode operator

The following shows the application of the above properties:

1. (1,723,345 + 2,124,945) mod 11 = (8 + 9) mod 11 = 6

2. (1,723,345 − 2,124,945) mod 16 = (8 − 9) mod 11 = 10

3. (1,723,345 × 2,124,945) mod 16 = (8 × 9) mod 11 = 6

117 mod 13 ?

2.62
 Examples: Properties of mode operator

In arithmetic, we often need to find the remainder of powers of

10 when divided by an integer.

2.63
 5. Inverses in modular arithmetic

• When we are working in modular arithmetic,

we often need to find the inverse of a number
relative to an operation.
• Examples
• additive inverse (relative to an addition operation)
• multiplicative inverse (relative to a multiplication
operation).

2.64
 Additive Inverse
In modular arithmetic, each integer has an
additive inverse. The sum of an integer & its
additive inverse is congruent to 0 modulo n.
In Zn, two numbers a and b are additive inverses of each other if

In Zn, additive inverse of a can be calculated as b = n-a

Example: Find all additive inverse pairs in Z10.
Additive inverses are:- (0, 0), (1, 9), (2, 8), (3, 7), (4, 6), and (5, 5).
NOTE that in Zn
Each number has additive inverse and the inverse is unique.
Inverse of the number may be the number itself.
Additive inverses are reciprocal meaning that if a is additive inverse
of b and b is also additive inverse of a.
2.65
 Multiplicative Inverse

 In Zn, two numbers a and b are the multiplicative inverse of each

other if

The Product of the integer & its multiplicative inverse is

congruent to 1 modulo n.

 In zn,
 an integer may or may not have a multiplicative
inverse.
 An integr a will only have an multiplicative inverse iff
gcd(n,a)=1. In this case a and n are called relative prime
or coprime.
2.66
 Multiplicative Inverse

Ex1: Find the multiplicative inverse of 8 in Z10.

Since gcd (10, 8) = 2 ≠ 1. so there is no multiplicative inverse
of 8 in Z10
Ex2: Find all multiplicative inverses in Z10.
There are only three pairs: (1, 1), (3, 7) and (9, 9). The numbers
0, 2, 4, 5, 6, and 8 do not have a multiplicative inverse.
Ex3: Find all multiplicative inverse pairs in Z11.
We have seven pairs:-
(1, 1), (2, 6), (3, 4), (5, 9), (7, 8), (9, 5), and (10, 10).

2.67
 Finding Multiplicative Inverse using
Extended Euclidean algorithm

The extended Euclidean algorithm finds

the multiplicative inverses of b in Zn
when n and b are given and
gcd (n, b) = 1.
The multiplicative inverse of b is the
value of t after being mapped to Zn.

2.68
 Finding Multiplicative
Inverse using Extended
Euclidean algorithm…cont’d

2.69
 Examples: Finding Multiplicative Inverse using EEA
Ex1: Find the multiplicative inverse of 11 in Z26.

The gcd (26, 11) is 1; the inverse of 11 is -7 or 19.

Ex2: Find
mult inv
of 12 in
Z26.
2.70 The gcd (26, 12) is 2; the inverse does not exist.
 6. Addition and Multiplication Tables for Z10

2.71
 Examples: Zn , Zn* , Zp , Zp* sets
We need to use Zn when additive inverses
are needed; we need to use Zn* when
multiplicative inverses are needed.

Cryptography often uses two more sets: Zp and Zp*.

The modulus in these two sets is a prime number.

2.72
 MATRICES

In cryptography we need to handle matrices. So we

briefly review of matrices for the study of cryptography.

Topics discussed in this section:

1 Definitions
2 Operations and Relations
3 Determinants
4 Residue Matrices

2.73
 1 Definition
A matrix of size l  m

Examples of matrices

2.74
 2 Operations and Relations
Ex1: Addition and subtraction of matrices

Ex2: Scalar multiplication

2.75
 2 Operations and Relations….cont’d
Ex3:Multiplication of a row matrix (1 × 3) by a column matrix (3 × 1)
The result is a matrix of size 1 × 1.

Ex4: Multiplication of a 2 × 3 matrix by a 3 × 4 matrix.

The result is a 2 × 4 matrix.

2.76
 3 Determinant
The determinant of a square matrix A of size m × m
denoted as det (A) is a scalar calculated recursively
as shown below:

The determinant is defined only for a

square matrix.
2.77
 Examples: Determinant of a matrix
Ex1: we can calculate the determinant of a 2 × 2 matrix
based on the determinant of a 1 × 1 matrix.

Ex2: calculation of the determinant of a 3 × 3 matrix.

2.78
 4 Multiplicative Inverse of a Matrix

Multiplicative inverses are only defined

for square matrices.

2.79
 5 Residue Matrices

 Cryptography uses residue matrices: matrices where

all elements are in Zn.

 All matrix operations on residue matrix are same as

in integer matrices, but using modular arithmetic

A residue matrix (A) in Zn has multiplicative Inverse,

if the determinant of A has mult Inv in Zn.

It means A has a multiplicative inverse

if gcd (det(A), n) = 1.
 Example: A residue matrix A in Z26 has det(A)= 21, as gcd (21, 26)=1,
multiplicative Inverse of det(A) = 5 in Z26, so we can find matrix A-1 such
that A x A-1 = I
2.80
 Example: Find MI of following matrix A:-
5 Residue Matrices
A= 5 8
17 3

det(A) = (15-136)mod26 = -121mod 26 = -17mod 26

=9

Adj(A)= 3 -17
-8 5
3 -17 3 9
A-1= i/det(A) * adj(A) = 1/9 x -8 5 mod 26 18 5

= 9-1 x

2.81
 LINEAR CONGRUENCE

Cryptography often involves solving an equation

or a set of equations of one or more variables with
coefficient in Zn. This section shows how to solve
equations when the power of each variable is 1
(linear equation).

Topics discussed in this section:

1 Single-variable Linear Equations
2 Set of single-variable Linear Equations

2.82
 1. Single-Variable Linear Equations
Equations of the form ax ≡ b (mod n ) might have no
solution or a limited number of solutions.

 How we can solve d solutions

 Reduce the equation by dividing both sides
of the equation (including the modulus) by d.
 Multiply both sides of the reduced equation by
multiplicative inverse of a to find the particular solution x0
 The general solution are x=x0 + k(n/d)

Ex1: Solve the equation 10 x ≡ 2(mod 15).

First we find the gcd (10 and 15) = 5.
Since 5 does not divide 2, we have no solution.
2.83
 Examples: Single-Variable Linear Equations
Ex2: Solve the equation 14 x ≡ 12 (mod 18).

Ex3: Solve the equation 3x + 4 ≡ 6 (mod 13).

First we change the equation to the form ax ≡ b (mod n).
We add −4 (the additive inverse of 4) to both sides,
which gives 3x ≡ 2 (mod 13).
Because gcd (3, 13) = 1, equation has only one solution,
which is x0 = (2 × 3−1) mod 13 = 18 mod 13 = 5.
We can see that the answer satisfies the original
equation:
2.84
3 × 5 + 4 ≡ 6 (mod 13).
 2. Set of Single-Variable Linear Equations
We can also solve a set of linear equations with the
same modulus if the matrix formed from the
coefficients of the variables is invertible.

2.85
 Example: Set of Linear Equations (Single-Variable)
Ex: Solve the set of following three equations:

Solution
The result is x ≡ 15 (mod 16),
y ≡ 4 (mod 16), &
z ≡ 14 (mod 16).
We can check the answer by inserting these
values into the equations.
2.86