Network Security & Cryptography

Unit – 1 Notes
What are Plaintext and Ciphertext? How do they interact?
Plaintext can refer to anything which humans can understand and/or relate to. This may be as
simple as English sentences, a script, or Java code. If you can make sense of what is written,
then it is in plaintext.

Ciphertext, or encrypted text, is a series of randomized letters and numbers which humans
cannot make any sense of. An encryption algorithm takes in a plaintext message, runs the
algorithm on the plaintext, and produces a ciphertext. The ciphertext can be reversed through
the process of decryption, to produce the original plaintext.

Example: We will encrypt a sentence using Caesar Cipher. The key is 7, which means the
letter a becomes h.
Plaintext: This is a plaintext.
Ciphertext: Aopz pz h wshpualea.

What is plaintext?
In cryptography, plaintext is usually ordinary readable text before it is encrypted into
ciphertext, or readable text after it is decrypted.

Data input to or output from encryption algorithms is not always plaintext. For example,
when data is superencrypted, or encrypted more than once using different encryption
algorithms, only the input to the first encryption method is considered plaintext.

Plaintext vs. cleartext vs. ciphertext: What are the differences?

Plaintext and ciphertext go together like water and ice: One can be converted to the other, and
back again, with no change to the inherent composition of the useable form. But there is also
cleartext, which is not necessarily the same as plaintext.

Binary files are not usually considered plaintext, because they are not human-readable -- but
they are still accessible to end users. Examples of non-plaintext binary files include the
following:
• executable program files;
• rich media files, including images, video and audio recordings; and

• data files generated by applications like spreadsheets, databases and word processors,
which may be partially or completely stored as binary data.

In Request for Comment (RFC) 4949, "Internet Security Glossary, Version 2," the Internet
Engineering Task Force differentiates between plaintext and cleartext, noting that the two
terms are not interchangeable. For the purpose of internet security, cleartext data is not
encrypted, while plaintext data could be encrypted if it is being superencrypted.
According to the National Institute of Standards and Technology (NIST), plaintext refers to
"intelligible data that has meaning and can be understood without the application of
decryption," although this is one of several definitions NIST recognizes -- including the IETF
definition.

This table shows the differences between the three types of cryptography text -- plaintext,
cleartext and ciphertext.

What are examples of plaintext?

For most applications, plaintext is preferred. For example, a browser, word processor or
email client should display plaintext. However, network protocols used in the early internet
sometimes exchanged user ID and password pairs in plaintext. This is not good security
practice because it exposes user credentials for systems accessed remotely over a public
network like the internet. The open source Mimikatz cybersecurity tool is designed
specifically to sniff open networks for plaintext user credentials, among other functions.

Other examples where using a protocol or application that does not encrypt user ID and
password exposes credentials include the following:

• The Password Authentication Protocol described a protocol for a two-way handshake

authentication exchange, but it had no provision for encrypting credentials.

• Plaintext passwords written in application configuration files expose those credentials.

Less commonly, developers leave plaintext passwords in their source code, which also
exposes those credentials.

• Protecting passwords in PowerShell scripts. Developers must take precautions to

avoid exposing those passwords in their scripts.

• Sharing secret keys or private keys in email clients presents a common situation when
using encryption and decryption. Protocols and applications using shared secrets for
authentication should always be designed and configured to encrypt shared keys -- and early
internet protocols like were not always designed to do so. For example, the Internet Mail
Access Protocol (IMAP) is an email client protocol for retrieving and managing email
messages. IMAP originated in the 1980s, and legacy deployments did not always require
encryption for credentials.

Cyber attacks commonly target resources stored in plaintext. Many attacks succeed by
uncovering plaintext files that contain passwords or other sensitive information in plaintext
rather than encrypted.

Often, plaintext is preferred for the content in question. For example, plaintext emails are
messages that contain only text. Promotional email campaigns often use plaintext messages
to avoid strict spam-filtering systems that tend to block messages that are HyperText Markup
Language-encoded or that add other binary components.

What are the substitution techniques in information security?

Substitution technique is a classical encryption approach where the characters present in the
initial message are restored by the other characters or numbers or by symbols. If the plain text
(original message) is treated as the string of bits, thus the substitution technique would restore
bit pattern of plain text with the bit pattern of cipher text.
There are various types of substitution ciphers which are as follows −

Monoalphabetic Cipher − In monoalphabetic substitution cipher, a character in a plaintext

is always restored or changed to the similar character in the ciphertext indifferent of its
position in the text.

For instance, if a letter A in the plaintext is changed to G then each appearance of A in the
plaintext will be restored by G.
Plaintext : hello
Ciphertext : IFMMP
This is a monoalphabetic cipher as both 1’s are encrypted as ‘M’.

Polyalphabetic cipher − In polyalphabetic substitution, each appearance of a character in the

plaintext can have a different substitution character in the ciphertext.

The relationship among a character in plaintext and a character in ciphertext is one to many.
For instance, letter ‘A’ can be restored by the letter ‘C’ and the similar letter ‘A’ can be
restored by ‘N’ later in the ciphertext.

In polyalphabetic cipher, frequencies of plaintext letter are not reflected in the ciphertext.
Therefore, breaking of polyalphabetic cipher is complex than monoalphabetic cipher as
statistical analysis cannot be used on it.
The main feature of polyalphabetic substitution cipher are the following −

 It is needed a set of associated monoalphabetic substitution rules.

 It need a key that decides which rule is used for which transformation.
  It can hiding the letter frequency of the underlying language including Playfair
Cipher, Vigenere Cipher, and Hill Cipher.

One-Time Pad − The one-time pad cipher recommend that the key length must be as long as
the plain text to avoid the repetition of key. Along with that, the key must be used only once
to encrypt and decrypt the individual message after that the key must be discarded.

Caesar Cipher − In this substitution technique, it can encrypt the plain text, each alphabet of
the plain text is restored by the alphabet three places further it and it can decrypt the cipher
text each alphabet of cipher text is restored by the alphabet three places before it.

Playfair Cipher − The playfair cipher is also known as Playfair Square. It is a cryptographic
technique used for manual encryption of information. This scheme was developed by Charles
Wheatstone in 1854.
The Playfair cipher was used by the British army in World War I and by the Australian in
World War II. This was applicable because the playfair cipher is perfectly fast to use and
does not demand some specific equipment to be used.

Difference between the Substitution Technique and the Transposition Technique

There are numerous encryption techniques available for protecting sensitive data.
Substitution and transposition techniques are the primary techniques of codifying the
plaintext message to obtain the ciphertext. These two approaches are the fundamental
building blocks of encryption techniques and can be combined to form a product cipher.

The substitution technique differs from the transposition technique in that the substitution
technique replaces the plaintext characters for other characters, numbers, and symbols. In
contrast, the Transposition techniques don't change the character but rather shift the symbol's
position.
In this article, you will learn about the difference between substitution and transposition
techniques. But before discussing the differences, you must know about substitution and
transposition techniques with their features.

What is Substitution Technique?

The substitution technique involves replacing letters with other letters and symbols. In simple
terms, the plaintext characters are substituted, and additional substitute letters, numerals, and
symbols are implemented in their place. The Caesar cipher employs the substitution
technique. In this technique, the alphabet is substituted with the alphabet three positions
forward of the line. The substitution cipher technique was invented by Julius Caesar and
named after him as the Caesar Cipher.

Let's take an easy example to understand this technique. The plaintext "JUMP" will be turned
into "MXPS" using Caesar Cipher. Following the Caesar cipher, various substitution
techniques were developed, including the Mono-alphabetic cipher, Polyalphabetic
substitution cipher, Polygram substitution cipher, Playfair cipher, Homophobic substitution
cipher, and Hill cipher.
The Caesar cipher was the weakest technique, but as the techniques evolved from time to
time, the new version became stronger. The substitution technique's weakness is that it is
highly predictable, and if the translation table is known, the substitution may be disrupted.

Features of Substitution Technique

There are various features of the substitution technique. Some features of substitution
techniques are as follows:

In the substitution cipher technique, the letters in plain text are substituted by other letters,
numbers, or symbols. A character's identity is changed, but its place remains constant in the
substitution technique. Some algorithms that use the substitution technique are
monoalphabetic substitution cipher, Playfair cipher, and polyalphabetic substitution cipher.
The substitution cipher approach allows for the detection of plain text by low-frequency
letters. Caesar Cipher is an example of the substitution cipher technique.

What is Transposition Technique?

In the transposition technique, the characters' identities are kept the same, but their positions
are altered to produce the ciphertext. A transposition cipher in cryptography is a type of
encryption that scrambles the locations of characters without altering the characters
themselves. Transposition ciphers produce a ciphertext that is a permutation of the plaintext
by rearranging the components of the plaintext in accordance with a regular method. It is
distinct from substitution ciphers, which don't replace the unit's positions of plaintext but
instead substitute the units themselves. A bijective function is utilized to the character
locations to encrypt data, and an inverse function is employed to decode data. It is not a very
secure technique.

Rail Fence encryption is a sort of transposition cipher that acquires its name from how it is
encrypted the data. The plaintext is written down and diagonally on successive "rail" of an
artificial fence in the rail fence and then pushed up when you get to the bottom. After that, the
message is read aloud in a row-by-row fashion.

The Rail Fence Cipher is based on an old Greek mechanical device for building a
transposition cipher that follows a fairytale-like pattern. The mechanism consisted of a
cylinder with a ribbon wrapped around it. The encrypted message was written on the coiled
ribbon. The characters of the original message were rearranged when the ribbon was uncoiled
from the cylinder. The message was decrypted when the ribbon was wrapped in a cylinder
with a similar diameter to the encrypting cylinder.

Features of the Transposition Technique

There are various features of the transposition technique. Some main features of the
transposition techniques are as follows:

The keys that are closer to the proper key in the transposition cipher technique can reveal
plain text. The transposition cipher approach does not exchange one sign for another but
rather moves the symbol. The two most common types of transposition cipher are keyless and
keyed transpositional cipher. The Reil Fence Cipher is an excellent instance of a transposition
tehnique. The position of the character is modified in the transposition cipher technique, but
the character's identity remains unchanged.

Key Differences between Substitution Technique and Transposition Technique

There are various key differences between Substitution Technique and Transposition
Technique. Some main key differences between these techniques are as follows:

The substitution approach employs a substitute for the plaintext characters to transform them
into ciphertext. In contrast, the transposition technique essentially rearranges the plaintext
characters. The substitution technique aims to change the entity's identification. In contrast,
the transposition technique affects the entity's position instead of its identity.

The substitution technique replaces every character with an integer, character, and symbol. In
contrast, in the transposition technique, every character has been positioned from its actual
position. Some algorithms that use the substitution technique are monoalphabetic,
polyalphabetic substitution cipher, and Playfair cipher. In contrast, the transposition
techniques utilize the keyed and keyless transpositional ciphers.

The plaintext in the substitution strategy could be easily determined using the low-frequency
letter. In contrast, in the transposition technique, the keys close to the right key lead to the
plaintext discovery.

Substitution cipher and Transposition cipher are both classical techniques in cryptography,
but these techniques are now outdated. Transposition ciphers shift each character of a string
to another position. In contrast, the substitution ciphers replace every character in a string
with a different number, character or symbol.
Difference between Encryption and Decryption
What is Cryptography?
Cryptography is used to secure and protect data during communication. It is helpful to
prevent unauthorized person or group of users from accessing any confidential data.
Encryption and decryption are the two essential functionalities of cryptography.

A message sent over the network is transformed into an unrecognizable encrypted message
known as data encryption. At the receiving end, the received message is converted to its
original form known as decryption.

What is meant By Encryption?

Encryption is a process which transforms the original information into an unrecognizable
form. This new form of the message is entirely different from the original message. That’s
why a hacker is not able to read the data as senders use an encryption algorithm. Encryption
is usually done using key algorithms.

Data is encrypted to make it safe from stealing. However, many known companies also
encrypt data to keep their trade secret from their competitors.

What is meant by Decryption?

Decryption is a process of converting encoded/encrypted data in a form that is readable and
understood by a human or a computer. This method is performed by un-encrypting the text
manually or by using keys used to encrypt the original data.

KEY DIFFERENCE
Encryption is a process of converting normal data into an unreadable form whereas
Decryption is a method of converting the unreadable/coded data into its original form.

Encryption is done by the person who is sending the data to the destination, but the
decryption is done at the person who is receiving the data.
The same algorithm with the same key is used for both the encryption-decryption processes.

Why use Encryption and Decryption?

Here, are important reasons for using encryption:

 Helps you to protect your confidential data such as passwords and login id
 Provides confidentiality of private information
 Helps you to ensure that that the document or file has not been altered
 Encryption process also prevents plagiarism and protects IP
 Helpful for network communication (like the internet) and where a hacker can easily
access unencrypted data.
 It is an essential method as it helps you to securely protect data that you don’t want
anyone else to have access.

Types of Keys
Symmetric Key:
Symmetric-key encryption are algorithms which use the same cryptographic keys for both
encryption of plaintext and decryption of ciphertext.

Asymmetric Key:
Asymmetric encryption uses 2 pairs of key for encryption. Public key is available to anyone
while the secret key is only made available to the receiver of the message. This boots
security.

Public Key:
Public key cryptography is an encryption system which is based on two pairs of keys. Public
keys are used to encrypt messages for a receiver.

Private Key:
Private key may be part of a public/ private asymmetric key pair. It can be used in
asymmetric encryption as you can use the same key to encrypt and decrypt data.

Pre-Shared Key:
In cryptography, a pre-shared key (PSK) is a shared secret which was earlier shared between
the two parties using a secure channel before it is used.

Difference between Encryption and Decryption

Parameter Encryption Decryption

It is a process of converting normal

It is a method of converting the
data into an unreadable form. It helps
What is unreadable/coded data into its original
you to avoid any unauthorized access
form.
to data

Whenever the data is sent between

The receiver of the data automatically
two separate machines, it is
Process allows you to convert the data from the
encrypted automatically using a
codes into its original form.
secret key.

Location of The person who is sending the data The receiver receives the data and
Conversion to the destination. converts it.
Parameter Encryption Decryption

An employee is sending essential The manager is receiving the essential

Example
documents to his/her manager. documents from his/her employee.

The only single algorithm is used for

The same algorithm with the same
Use of encryption and decryption with a pair
key is used for the encryption-
Algorithm of keys where each use for encryption
decryption process.
and decryption.

Transforming humanly It is a conversion of an obscure

Major understandable messages into an message into an understandable form
function incomprehensible and obscure form which is easy to understand by a
that can not be interpreted. human.

Summary

 Cryptography is used to secure and protect data during communication.

 Encryption is a process which transforms the original information into an
unrecognizable form.
 Decryption is a process of converting encoded/encrypted data in a form that is
readable and understood by a human or a computer.
 Encryption method helps you to protect your confidential data such as passwords and
login id.
 Public, Private, Pre-Shared and Symmetric are important keys used in cryptography.
 An employee is sending essential documents to his/her manager is an example of an
encryption method.
 The manager is receiving the essential encrypted documents from his/her employee
and decrypting it is an example of a decryption method.

Difference Between Symmetric and Asymmetric Key Encryption

Symmetric Key Encryption: Encryption is a process to change the form of any message in
order to protect it from reading by anyone. In Symmetric-key encryption the message is
encrypted by using a key and the same key is used to decrypt the message which makes it
easy to use but less secure. It also requires a safe method to transfer the key from one party to
another.

Asymmetric Key Encryption: Asymmetric Key Encryption is based on public and private
key encryption techniques. It uses two different key to encrypt and decrypt the message. It is
more secure than the symmetric key encryption technique but is much slower.

Symmetric Key Encryption Asymmetric Key Encryption

Symmetric Key Encryption Asymmetric Key Encryption

It requires two keys, a public key and a

It only requires a single key for both private key, one to encrypt and the other
encryption and decryption. one to decrypt.

The size of cipher text is the same or smaller The size of cipher text is the same or larger
than the original plain text. than the original plain text.

The encryption process is very fast. The encryption process is slow.

It is used when a large amount of data is

required to transfer. It is used to transfer small amounts of data.

It provides confidentiality, authenticity, and

It only provides confidentiality. non-repudiation.

The length of key used is 128 or 256 bits The length of key used is 2048 or higher

In symmetric key encryption, resource

utilization is low as compared to asymmetric In asymmetric key encryption, resource
key encryption. utilization is high.

It is efficient as it is used for handling large It is comparatively less efficient as it can

amount of data. handle a small amount of data.

It is more secure as two keys are used here-

Security is less as only one key is used for one for encryption and the other for
both encryption and decryption purpose. decryption.

The Mathematical Representation is as

The Mathematical Representation is as follows-
follows- P = D(Kd, E (Ke,P))
P = D (K, E(P)) where Ke –> encryption key
where K –> encryption and decryption key Kd –> decryption key
P –> plain text D –> Decryption
D –> Decryption E(Ke, P) –> Encryption of plain text using
E(P) –> Encryption of plain text encryption key Ke . P –> plain text

Examples: Diffie-Hellman, ECC, El Gamal,

Examples: 3DES, AES, DES and RC4 DSA and RSA