i. It only requires a single key for both encryption and decryption.

ii. The size of cipher text is the same or smaller than the original plain text.
iii. The encryption process is very fast.
iv. It is used when a large amount of data is required to transfer.
v. It only provides confidentiality.
vi. The length of key used is 128 or 256 bits
vii. It is efficient as it is used for handling large amount of
data.
It isviii.
effective as this technique is recommended for high amounts of text.
ix. Symmetric key cryptography is also known as secret-key cryptography or
private key cryptography.

i. It requires two keys, a public key and a private key, one to encrypt and the other
one to decrypt.
ii. The size of cipher text is the same or larger than the original plain text.
iii. The encryption process is slow.
iv. It is used to transfer small amounts of data.
v. It provides confidentiality, authenticity, and non-repudiation.
vi. The length of key used is 2048 or higher
vii. It is comparatively less efficient as it can handle a small amount of data.
viii. It is inefficient as this approach is used only for short messages.
ix. Asymmetric key cryptography is also known as public-key cryptography or a
conventional cryptographic system.

Data Encryption Standard (DES) is a block cipher with a 56-bit key length that has
played a significant role in data security. Data encryption standard (DES) has been found
vulnerable to very powerful attacks therefore, the popularity of DES has been found
slightly on the decline. DES is a block cipher and encrypts data in blocks of size of 64
bits each, which means 64 bits of plain text go as the input to DES, which produces 64 bits
of ciphertext. The same algorithm and key are used for encryption and decryption, with
minor differences. The key length is 56 bits.
The basic idea is shown below:
We have mentioned that DES uses a 56-bit key. Actually, The initial key consists of 64
bits. However, before the DES process even starts, every 8th bit of the key is discarded
to produce a 56-bit key. That is bit positions 8, 16, 24, 32, 40, 48, 56, and 64 are
discarded.

Page 1
Thus, the discarding of every 8th bit of the key produces a 56-bit key from
the original 64-bit key.
DES is based on the two fundamental attributes of cryptography: substitution (also
called confusion) and transposition (also called diffusion). DES consists of 16 steps,
each of which is called a round. Each round performs the steps of substitution and
transposition. Let us now discuss the broad-level steps in DES.
 In the first step, the 64-bit plain text block is handed over
to an initial Permutation (IP) function.
 The initial permutation is performed on plain text.
 Next, the initial permutation (IP) produces two halves of the permuted block;
saying Left Plain Text (LPT) and Right Plain Text (RPT).
 Now each LPT and RPT go through 16 rounds of the encryption process.
 In the end, LPT and RPT are rejoined and a Final Permutation (FP) is performed
on the combined block
 The result of this process produces 64-bit ciphertext.

Initial Permutation (IP)

As we have noted, the initial permutation (IP) happens only once and it happens before
the first round. It suggests how the transposition in IP should proceed, as shown in
the figure. For example, it says that the IP replaces the first bit of the original plain
text block with the 58th bit of the original plain text, the second bit with the 50th bit
of the original plain text block, and so on.
This is nothing but jugglery of bit positions of the original plain text block. the same
rule applies to all the other bit positions shown in the figure.

Page 2
As we have noted after IP is done, the resulting 64-bit permuted text block is divided into
two half blocks. Each half-block consists of 32 bits, and each of the 16 rounds, in turn,
consists of the broad-level steps outlined in the figure.

The phase of the encryption process (step 4, above) is further divided into the following five
stages:

o Key transition
o Expansion permutation
o XOR and swap
o S-Box
o P-Box permutations

Page 3
Step 1: Key transformation
We have noted initial 64-bit key is transformed into a 56-bit key by discarding every 8th
bit of the initial key. Thus, for each a 56-bit key is available. From this 56-bit key, a
different 48-bit Sub Key is generated during each round using a process called key
transformation. For this, the 56-bit key is divided into two halves, each of 28 bits. These
halves are circularly shifted left by one or two positions, depending on the round.
For example: if the round numbers 1, 2, 9, or 16 the shift is done by only one position for
other rounds, the circular shift is done by two positions. The number of key bits shifted
per round is shown in the figure.

After an appropriate shift, 48 of the 56 bits are selected. From the 48 we might obtain 64
or 56 bits based on requirement which helps us to recognize that this model is very
versatile and can handle any range of requirements needed or provided. for selecting 48 of
the 56 bits the table is shown in the figure given below. For instance, after the shift, bit
number 14 moves to the first position, bit number 17 moves to the second position, and so
on. If we observe the table , we will realize that it contains only 48-bit positions. Bit
number 18 is discarded (we will not find it in the table), like 7 others, to reduce a 56-bit
key to a 48-bit key. Since the key transformation process involves permutation as well as a
selection of a 48-bit subset of the original 56-bit key it is called Compression Permutation.

Because of this compression permutation technique, a different subset of key bits is used
in each round. That makes DES not easy to crack.
Step 2: Expansion Permutation
Recall that after the initial permutation, we had two 32-bit plain text areas called Left
Plain Text(LPT) and Right Plain Text(RPT). During the expansion permutation, the RPT is
expanded from 32 bits to 48 bits. Bits are permuted as well hence called expansion
permutation. This happens as the 32-bit RPT is divided into 8 blocks, with each block
consisting of 4 bits. Then, each 4-bit block of the previous step is then expanded to a
corresponding 6-bit block, i.e., per 4-bit block, 2 more bits are added.

Page 4
 This process results in expansion as well as a permutation of the input bit while creating
output. The key transformation process compresses the 56-bit key to 48 bits. Then the
expansion permutation process expands the 32-bit RPT to 48-bits. Now the 48-bit key
is XOR with 48-bit RPT and the resulting output is given to the next step, which is the S-
Box substitution.

 Step 3: S-Box permutation — A substitution box permutation, or S-box, is the only non-
linear component in the DES algorithm. It provides additional security to the cipher. After
the block is mixed with the subkey, it is divided into eight 6-bit parts. The S-box process
uses a lookup table to convert the eight 6-bit parts into 4-bit output each, resulting in 32-bit
output in total.
 Step 4: P-Box permutation — The 32-bit output from the S-box permutation is rearranged
according to the P-box permutation. The design of the P-box permutation ensures that the
output of each S-box is spread across four different S-boxes for the next round of
encryption.
 Step 5: ExclusiveOR (XOR) and swap — XOR is a mathematical function that compares two
sets of bits that can be either 1s or 0s. If the bits from both sets match, the XOR output is
0. On the other hand, if they don‘t match, the output is 1. This bit-wise comparison results in
stronger encryption, and XORing is something we‘ll speak more about in our next article on
how DES encryption works.

Triple DES Algorithm

Triple DES uses the DES cipher in triple and is a symmetric key-block cipher. It encrypts
with key number one (k1), decrypts with key number two (k2), and then encrypts with key
number three (k3).

Main Points

o The DES algorithm had to be replaced by the NIST because, in light of the more
powerful processing of modern computers, its 56-bit key lengths were insufficient.
Because key size affects encryption strength, DES became obsolete due to continual

Page 5
 advancements in computing technology. When the new encryption issues arose, 56-bit
encryption was no longer sufficient.
o The fact that DES is no longer the NIST federal standard should not be taken to
imply that it is no longer in use. Even though Triple DES is still in use today, it is
regarded as an old encryption algorithm. Keep in mind that starting in 2024, NIST
intends to outlaw all variations of Triple-DES.

DES Algorithm Procedure

In plain English, DES transforms 64-bit plain text into a 64-bit cipher text. The same key is
also utilized to decode the text because asymmetric methods are being employed.

The following steps comprise the algorithmic process:

o The 64-bit plain text block is first sent to an initial permutation (IP) function to start
the process.
o The plain text is subsequently subjected to the initial permutation (IP).
o The Left Plain Text (LPT) and Right Plain Text (RPT) portions of the permuted block
are then created by the initial permutation (IP).
o There are 16 rounds of encryption for each LPT and RPT.
o Finally, the LPT and RPT are reunited, and the newly combined block is subjected to a
Final Permutation (FP).
o This procedure provides the necessary 64-bit ciphertext as a result.

We employ the same procedure for decryption and arrange the 16 round keys in the other
direction.

Let's study about the several ways that DES might operate next so that we can better
comprehend what it is.

Modes of Operation for DES

There are five main modes of operation available to experts utilizing DES.

o (ECB) Electronic Codebook. Each 64-bit block is separately encrypted and decrypted.
o CBC, or cypher block chaining. Each 64-bit block employs an Initialization Vector (IV)
and is dependent on the previous one.
o CFB, or Cypher Feedback. The previous unit of cipher text serves as the input for the
encryption algorithm, which generates pseudorandom output that is then XORed with
the plaintext to create the following unit of cipher text.
o OFB (Output Feedback). similar to CFB, but where the input for the encryption
technique is the result of the previous DES

Page 6
 o CTR, or counter. An encrypted counter is XORed with each plaintext piece. Following
that, the counter gets increased for each additional block.

We'll then deepen our understanding of DES by examining its implementation and testing.

The advantages of the DES algorithm:

1. It is set as a standard by the US government.

2. When compared to the software, it works faster on hardware.

3. Triple DES, used a 168-bit key which is very hard to crack.

The disadvantages of the DES algorithm:

1. Weakly secured algorithm.

2. There is a threat from Brute force attacks.

3. A DES cracker machine known as Deep Crack is available in the market.

Advanced Encryption Standard (AES) is a

specification for the encryption of electronic data established by the U.S National
Institute of Standards and Technology (NIST) in 2001. AES is widely used today as it is a
much stronger than DES and triple DES despite being harder to implement.
Points to remember

 AES is a block cipher.

 The key size can be 128/192/256 bits.
 Encrypts data in blocks of 128 bits each.
That means it takes 128 bits as input and outputs 128 bits of encrypted cipher text as
output. AES relies on substitution-permutation network principle which means it is
performed using a series of linked operations which involves replacing and shuffling of the
input data.

Working of the cipher :

AES performs operations on bytes of data rather than in bits. Since the block size is 128
bits, the cipher processes 128 bits (or 16 bytes) of the input data at a time.
The number of rounds depends on the key length as follows :

 128 bit key – 10 rounds

 192 bit key – 12 rounds
 256 bit key – 14 rounds

Page 7
Creation of Round keys :
A Key Schedule algorithm is used to calculate all the round keys from the key. So the initial
key is used to create many different round keys which will be used in the corresponding
round of the encryption.

Encryption :
AES considers each block as a 16 byte (4 byte x 4 byte = 128 ) grid in a column major
arrangement.
[ b0 | b4 | b8 | b12 |
| b1 | b5 | b9 | b13 |
| b2 | b6 | b10| b14 |
| b3 | b7 | b11| b15 ]
Each round comprises of 4 steps :

 SubBytes
 ShiftRows
 MixColumns
 Add Round Key
The last round doesn‘t have the MixColumns round.
The SubBytes does the substitution and ShiftRows and MixColumns performs the
permutation in the algorithm.

Page 8
SubBytes :
This step implements the substitution.
In this step each byte is substituted by another byte. Its performed using a lookup table
also called the S-box. This substitution is done in a way that a byte is never substituted by
itself and also not substituted by another byte which is a compliment of the current byte.
The result of this step is a 16 byte (4 x 4 ) matrix like before.

The next two steps implement the permutation.

ShiftRows :
This step is just as it sounds. Each row is shifted a particular number of times.
 The first row is not shifted
 The second row is shifted once to the left.
 The third row is shifted twice to the left.
 The fourth row is shifted thrice to the left.
(A left circular shift is performed.)

[ b0 | b1 | b2 | b3 ] [ b0 | b1 | b2 | b3 ]
| b4 | b5 | b6 | b7 | -> | b5 | b6 | b7 | b4 |
| b8 | b9 | b10 | b11 | | b10 | b11 | b8 | b9 |
[ b12 | b13 | b14 | b15 ] [ b15 | b12 | b13 | b14 ]
MixColumns :
This step is basically a matrix multiplication. Each column is multiplied with a specific
matrix and thus the position of each byte in the column is changed as a result.
This step is skipped in the last round.
[ c0 ] [ 2 3 1 1 ] [ b0 ]
| c1 | = | 1 2 3 1 | | b1 |
| c2 | | 1 1 2 3 | | b2 |
[ c3 ] [ 3 1 1 2 ] [ b3 ]
Add Round Keys :
Now the resultant output of the previous stage is XOR-ed with the corresponding round
key. Here, the 16 bytes is not considered as a grid but just as 128 bits of data.

Page 9
After all these rounds 128 bits of encrypted data is given back as output. This process is
repeated until all the data to be encrypted undergoes this process.

Decryption :
The stages in the rounds can be easily undone as these stages have an opposite to it which
when performed reverts the changes.Each 128 blocks goes through the 10,12 or 14 rounds
depending on the key size.
The stages of each round in decryption is as follows :

 Add round key

 Inverse MixColumns
 ShiftRows
 Inverse SubByte
The decryption process is the encryption process done in reverse so i will explain the steps
with notable differences.

Inverse MixColumns :
This step is similar to the MixColumns step in encryption, but differs in the matrix used to
carry out the operation.
[ b0 ] [ 14 11 13 9 ] [ c0 ]
| b1 | = | 9 14 11 13 | | c1 |
| b2 | | 13 9 14 11 | | c2 |
[ b3 ] [ 11 13 9 14 ] [ c3 ]
Inverse SubBytes :
Inverse S-box is used as a lookup table and using which the bytes are substituted during
decryption.
Applications:
AES is widely used in many applications which require secure data storage and transmission.
Some common use cases include:

 Wireless security: AES is used in securing wireless networks, such as Wi-Fi networks,
to ensure data confidentiality and prevent unauthorized access.
 Database Encryption: AES can be applied to encrypt sensitive data stored in databases.
This helps protect personal information, financial records, and other confidential data
from unauthorized access in case of a data breach.
 Secure communications: AES is widely used in protocols like such as internet
communications, email, instant messaging, and voice/video calls.It ensures that the data
remains confidential.
 Data storage: AES is used to encrypt sensitive data stored on hard drives, USB drives,
and other storage media, protecting it from unauthorized access in case of loss or
theft.
 Virtual Private Networks (VPNs): AES is commonly used in VPN protocols to secure the
communication between a user‘s device and a remote server. It ensures that data sent
and received through the VPN remains private and cannot be deciphered by
eavesdroppers.

Page 10
 Secure Storage of Passwords: AES encryption is commonly employed to store
passwords securely. Instead of storing plaintext passwords, the encrypted version is
stored. This adds an extra layer of security and protects user credentials in case of
unauthorized access to the storage.
 File and Disk Encryption: AES is used to encrypt files and folders on computers,
external storage devices, and cloud storage. It protects sensitive data stored on
devices or during data transfer to prevent unauthorized access.

Applications:

o Many applications that call for secure data storage and transfer frequently employ
AES.
o AES is used in wireless network security, such as that of Wi-Fi networks, to guarantee
data secrecy and thwart unauthorized access.
o AES may be used to encrypt private information kept in databases. This aids in
preventing unauthorized access to private data such as financial records, personal
information, and other data in the event of a data breach.
o AES is frequently used in protocols for voice/video conversations, email, instant
messaging, and internet communications. It makes sure the information is kept private.
o Data storage: To prevent unauthorized access in the event of loss or theft, sensitive
data is encrypted using AES and stored on hard discs, USB drives, and other storage
devices.
o AES is frequently used in Virtual Private Networks (VPN) protocols to protect
communication between a user's device and a remote server. It makes sure that data
transmitted and received via the VPN is secure and cannot be read by eyes droppers.
o Password Security: AES encryption is frequently used to store passwords securely.
Passwords are saved in encrypted form rather than plaintext. In the event of
unauthorized access to the storage, this adds an additional layer of protection and
safeguards user credentials.
o File and Disc Encryption: On PCs, external storage devices, and cloud storage, AES is
used to encrypt files and folders. It safeguards sensitive data during data transport
or storage to stop unauthorized access.

Characteristics

AES uses keys of lengths of 128, 192, and 256 bits.

o It is adaptable and has software and hardware implementations.

o It offers excellent security and can stop many threats.
o Since it is copyright-free, anybody can use it anywhere in the world.
o For 128 bit keys, there are 10 rounds of processing.

Page 11
Advantages

o It may be used with both software and hardware.

o It offers consumers a high level of security.
o It offers one of the top encryption open source solutions.
o This algorithm is quite reliable.

Disadvantages

o For encryption, multiple rounds are necessary.

o Software implementation is challenging.
o It requires extensive processing at several stages.
o Implementation is challenging when performance is a factor.

RSA Algorithm->RSA algorithm is a type of public-key encryption algorithm. To

better understand RSA, lets first understand what is public-key encryption algorithm.

Public key algorithm:

Public Key encryption algorithm is also called the Asymmetric algorithm. Asymmetric
algorithms are those algorithms in which sender and receiver use different keys for
encryption and decryption. Each sender is assigned a pair of keys:

o Public key
o Private key

The Public key is used for encryption, and the Private Key is used for decryption.
Decryption cannot be done using a public key. The two keys are linked, but the private key
cannot be derived from the public key. The public key is well known, but the private key is
secret and it is known only to the user who owns the key. It means that everybody can send a
message to the user using user's public key. But only the user can decrypt the message using
his private key.

The Public key algorithm operates in the following manner:

Page 12
 The data to be sent is encrypted by sender A using the public key of the intended
receiver
B decrypts the received ciphertext using its private key, which is known only to B. B
replies to A encrypting its message using A's public key.
A decrypts the received ciphertext using its private key, which is known only to him.

RSA algorithm:

RSA is the most common public-key algorithm, named after its inventors Rivest, Shamir,
and Adelman (RSA).

RSA algorithm uses the following procedure to generate public and private keys:

Page 13
 o Select two large prime numbers, p and q.
o Multiply these numbers to find n = p x q, where n is called the modulus for encryption
and decryption.
o Choose a number e less than n, such that n is relatively prime to (p - 1) x (q -1). It
means that e and (p - 1) x (q - 1) have no common factor except 1. Choose "e" such
that 1<e < φ (n), e is prime to φ (n),
gcd (e,d(n)) =1
o If n = p x q, then the public key is <e, n>. A plaintext message m is encrypted using
public key <e, n>. To find ciphertext from the plain text following formula is used to
get ciphertext C.
e
C = m mod n
Here, m must be less than n. A larger message (>n) is treated as a concatenation of
messages, each of which is encrypted separately.
o To determine the private key, we use the following formula to calculate the d such
that:
De mod {(p - 1) x (q - 1)} = 1
Or
De mod φ (n) = 1
o The private key is <d, n>. A ciphertext message c is decrypted using private key <d, n>.
To calculate plain text m from the ciphertext c following formula is used to get plain
text m.
d
m = c mod n

Let's take some example of RSA encryption algorithm:

Example 1:

This example shows how we can encrypt plaintext 9 using the RSA public-key encryption
algorithm. This example uses prime numbers 7 and 11 to generate the public and private keys.

Explanation:

Step 1: Select two large prime numbers, p, and q.

p=7

q = 11

Step 2: Multiply these numbers to find n = p x q, where n is called the modulus for
encryption and decryption.

First, we calculate

Page 14
n = p x q

n = 7 x 11

n = 77

Step 3: Choose a number e less that n, such that n is relatively prime to (p - 1) x (q -1). It
means that e and (p - 1) x (q - 1) have no common factor except 1. Choose "e" such that 1<e
< φ (n), e is prime to φ (n), gcd (e, d (n)) =1.

Second, we calculate

φ (n) = (p - 1) x (q-1)

φ (n) = (7 - 1) x (11 - 1)

φ (n) = 6 x 10

φ (n) = 60

Let us now choose relative prime e of 60 as 7.

Thus the public key is <e, n> = (7, 77)

Step 4: A plaintext message m is encrypted using public key <e, n>. To find ciphertext from
the plain text following formula is used to get ciphertext C.

To find ciphertext from the plain text following formula is used to get ciphertext C.

C = me mod n

C = 97 mod 77

C = 37

Step 5: The private key is <d, n>. To determine the private key, we use the following formula
d such that:

De mod {(p - 1) x (q - 1)} = 1

7d mod 60 = 1, which gives d = 43

The private key is <d, n> = (43, 77)

Step 6: A ciphertext message c is decrypted using private key <d, n>. To calculate plain
text m from the ciphertext c following formula is used to get plain text m.

Page 15
m = cd mod n

m = 3743 mod 77

m=9

In this example, Plain text = 9 and the ciphertext = 37

Example 2:

In an RSA cryptosystem, a particular A uses two prime numbers, 13 and 17, to generate the
public and private keys. If the public of A is 35. Then the private key of A is ............. ?.

Explanation:

Step 1: in the first step, select two large prime numbers, p and q.

p = 13

q = 17

Step 2: Multiply these numbers to find n = p x q, where n is called the modulus for
encryption and decryption.

First, we calculate

n = p x q

n = 13 x 17

n = 221

Step 3: Choose a number e less that n, such that n is relatively prime to (p - 1) x (q -1). It
means that e and (p - 1) x (q - 1) have no common factor except 1. Choose "e" such that 1<e
< φ (n), e is prime to φ (n), gcd (e, d (n)) =1.

Second, we calculate

φ (n) = (p - 1) x (q-1)

φ (n) = (13 - 1) x (17 - 1)

φ (n) = 12 x 16

φ (n) = 192

Page 16
g.c.d (35, 192) = 1

Step 3: To determine the private key, we use the following formula to calculate the d such
that:

Calculate d = de mod φ (n) = 1

d = d x 35 mod 192 = 1

d = (1 + k.φ (n))/e [let k =0, 1, 2, 3 ............... ]

Put k = 0

d = (1 + 0 x 192)/35

d = 1/35

Put k = 1

d = (1 + 1 x 192)/35

d = 193/35

Put k = 2

d = (1 + 2 x 192)/35

d = 385/35

d = 11

The private key is <d, n> = (11, 221)

Hence, private key i.e. d = 11

Example 3:
A RSA cryptosystem uses two prime numbers 3 and 13 to generate the public key= 3 and the
private key = 7. What is the value of cipher text for a plain text?

Explanation:

Step 1: In the first step, select two large prime numbers, p and q.

p=3

Page 17
q = 13

Step 2: Multiply these numbers to find n = p x q, where n is called the modulus for
encryption and decryption.

First, we calculate

n = p x q

n = 3 x 13

n = 39

Step 3: If n = p x q, then the public key is <e, n>. A plaintext message m is encrypted using
public key <e, n>. Thus the public key is <e, n> = (3, 39).

To find ciphertext from the plain text following formula is used to get ciphertext C.

C = me mod n

C = 53 mod 39

C = 125 mod 39

C=8

Hence, the ciphertext generated from plain text, C = 8.

Example 4:

A RSA cryptosystem uses two prime numbers, 3 and 11, to generate private key = 7. What is
the value of ciphertext for a plain text 5 using the RSA public-key encryption algorithm?

Explanation:

Step 1: in the first step, select two large prime numbers, p and q.

p=3

q = 11

Step 2: Multiply these numbers to find n = p x q, where n is called the modulus for
encryption and decryption.

First, we calculate

Page 18
n = p x q

n = 3 x 11

n = 33

Step 3: Choose a number e less that n, such that n is relatively prime to (p - 1) x (q -1). It
means that e and (p - 1) x (q - 1) have no common factor except 1. Choose "e" such that 1<
e < φ (n), e is prime to φ (n), gcd (e, d (n)) =1.

Second, we calculate

φ (n) = (p - 1) x (q-1)

φ (n) = (3 - 1) x (11 - 1)

φ (n) = 2 x 10

φ (n) = 20

Step 4: To determine the public key, we use the following formula to calculate the d such
that:

Calculate e x d = 1 mod φ (n)

e x 7 = 1 mod 20

e x 7 = 1 mod 20

e = (1 + k. φ (n))/ d [let k =0, 1, 2, 3…............. ]

Put k = 0

e = (1 + 0 x 20) / 7

e = 1/7

Put k = 1

e = (1 + 1 x 20) / 7

e = 21/7

e=3

The public key is <e, n> = (3, 33)

Page 19
Hence, public key i.e. e = 3

Hash functions are extremely useful and appear in almost

all information security applications.

A hash function is a mathematical function that converts a numerical input value into another
compressed numerical value. The input to the hash function is of arbitrary length but output
is always of fixed length.

Values returned by a hash function are called message digest or simply hash values. The
following picture illustrated hash function −

Features of Hash Functions

The typical features of hash functions are −

 Fixed Length Output (Hash Value)

o Hash function coverts data of arbitrary length to a fixed length. This process is
often referred to as hashing the data.
o In general, the hash is much smaller than the input data, hence hash functions
are sometimes called compression functions.
o Since a hash is a smaller representation of a larger data, it is also referred to
as a digest.
o Hash function with n bit output is referred to as an n-bit hash function.
Popular hash functions generate values between 160 and 512 bits.
 Efficiency of Operation
o Generally for any hash function h with input x, computation of h(x) is a fast
operation.
o Computationally hash functions are much faster than a symmetric encryption.

Properties of Hash Functions

In order to be an effective cryptographic tool, the hash function is desired to possess

following properties −
Page 20
  Pre-Image Resistance
o This property means that it should be computationally hard to reverse a hash
function.
o In other words, if a hash function h produced a hash value z, then it should be a
difficult process to find any input value x that hashes to z.
o This property protects against an attacker who only has a hash value and is
trying to find the input.
 Second Pre-Image Resistance
o This property means given an input and its hash, it should be hard to find a
different input with the same hash.
o In other words, if a hash function h for an input x produces hash value h(x),
then it should be difficult to find any other input value y such that h(y) = h(x).
o This property of hash function protects against an attacker who has an input
value and its hash, and wants to substitute different value as legitimate value in
place of original input value.
 Collision Resistance
o This property means it should be hard to find two different inputs of any length
that result in the same hash. This property is also referred to as collision free
hash function.
o In other words, for a hash function h, it is hard to find any two different inputs
x and y such that h(x) = h(y).
o Since, hash function is compressing function with fixed hash length, it is
impossible for a hash function not to have collisions. This property of collision
free only confirms that these collisions should be hard to find.
o This property makes it very difficult for an attacker to find two input values
with the same hash.
o Also, if a hash function is collision-resistant then it is second pre-image
resistant.

Design of Hashing Algorithms

At the heart of a hashing is a mathematical function that operates on two fixed-size blocks
of data to create a hash code. This hash function forms the part of the hashing algorithm.

The size of each data block varies depending on the algorithm. Typically the block sizes are
from 128 bits to 512 bits. The following illustration demonstrates hash function −

Page 21
Hashing algorithm involves rounds of above hash function like a block cipher. Each round
takes an input of a fixed size, typically a combination of the most recent message block and
the output of the last round.

This process is repeated for as many rounds as are required to hash the entire message.
Schematic of hashing algorithm is depicted in the following illustration −

Since, the hash value of first message block becomes an input to the second hash operation,
output of which alters the result of the third operation, and so on. This effect, known as
an avalanche effect of hashing.

Avalanche effect results in substantially different hash values for two messages that differ
by even a single bit of data.

Understand the difference between hash function and algorithm correctly. The hash
function generates a hash code by operating on two blocks of fixed-length binary data.

Hashing algorithm is a process for using the hash function, specifying how the message will
be broken up and how the results from previous message blocks are chained together.

Popular Hash Functions

Let us briefly see some popular hash functions −

Message Digest (MD)

MD5 was most popular and widely used hash function for quite some years.

Page 22
  The MD family comprises of hash functions MD2, MD4, MD5 and MD6. It was adopted
as Internet Standard RFC 1321. It is a 128-bit hash function.
 MD5 digests have been widely used in the software world to provide assurance about
integrity of transferred file. For example, file servers often provide a pre-computed
MD5 checksum for the files, so that a user can compare the checksum of the
downloaded file to it.
 In 2004, collisions were found in MD5. An analytical attack was reported to be
successful only in an hour by using computer cluster. This collision attack resulted in
compromised MD5 and hence it is no longer recommended for use.

Secure Hash Function (SHA)

Family of SHA comprise of four SHA algorithms; SHA-0, SHA-1, SHA-2, and SHA-3. Though
from same family, there are structurally different.

 The original version is SHA-0, a 160-bit hash function, was published by the National
Institute of Standards and Technology (NIST) in 1993. It had few weaknesses and did
not become very popular. Later in 1995, SHA-1 was designed to correct alleged
weaknesses of SHA-0.
 SHA-1 is the most widely used of the existing SHA hash functions. It is employed in
several widely used applications and protocols including Secure Socket Layer (SSL)
security.
 In 2005, a method was found for uncovering collisions for SHA-1 within practical time
frame making long-term employability of SHA-1 doubtful.
 SHA-2 family has four further SHA variants, SHA-224, SHA-256, SHA-384, and
SHA-512 depending up on number of bits in their hash value. No successful attacks
have yet been reported on SHA-2 hash function.
 Though SHA-2 is a strong hash function. Though significantly different, its basic
design is still follows design of SHA-1. Hence, NIST called for new competitive hash
function designs.
 In October 2012, the NIST chose the Keccak algorithm as the new SHA-3 standard.
Keccak offers many benefits, such as efficient performance and good resistance for
attacks.

RIPEMD

The RIPEMD is an acronym for RACE Integrity Primitives Evaluation Message Digest. This
set of hash functions was designed by open research community and generally known as a
family of European hash functions.

 The set includes RIPEMD, RIPEMD-128, and RIPEMD-160. There also exist 256, and
320-bit versions of this algorithm.

Page 23
  Original RIPEMD (128 bit) is based upon the design principles used in MD4 and found
to provide questionable security. RIPEMD 128-bit version came as a quick fix
replacement to overcome vulnerabilities on the original RIPEMD.
 RIPEMD-160 is an improved version and the most widely used version in the family.
The 256 and 320-bit versions reduce the chance of accidental collision, but do not
have higher levels of security as compared to RIPEMD-128 and RIPEMD-160
respectively.

Whirlpool

This is a 512-bit hash function.

 It is derived from the modified version of Advanced Encryption Standard (AES). One
of the designer was Vincent Rijmen, a co-creator of the AES.
 Three versions of Whirlpool have been released; namely WHIRLPOOL-0,
WHIRLPOOL-T, and WHIRLPOOL.

Applications of Hash Functions

There are two direct applications of hash function based on its cryptographic properties.

Password Storage

Hash functions provide protection to password storage.

 Instead of storing password in clear, mostly all logon processes store the hash values
of passwords in the file.
 The Password file consists of a table of pairs which are in the form (user id, h(P)).
 The process of logon is depicted in the following illustration −

 An intruder can only see the hashes of passwords, even if he accessed the password.
He can neither logon using hash nor can he derive the password from hash value since
hash function possesses the property of pre-image resistance.

Data Integrity Check

Page 24
Data integrity check is a most common application of the hash functions. It is used to
generate the checksums on data files. This application provides assurance to the user about
correctness of the data.

The process is depicted in the following illustration −

The integrity check helps the user to detect any changes made to original file. It however,
does not provide any assurance about originality. The attacker, instead of modifying file
data, can change the entire file and compute all together new hash and send to the receiver.
This integrity check application is useful only if the user is sure about the originality of file.

Hash
Functions Message Authentication Another type of threat that exist for data is the lack
of message authentication. In this threat, the user is not sure about the originator of the
message. Message authentication can be provided using the cryptographic techniques that
use secret keys as done in case of encryption.

Message Authentication Code (MAC)

MAC algorithm is a symmetric key cryptographic technique to provide message

authentication. For establishing MAC process, the sender and receiver share a symmetric
key K.

Essentially, a MAC is an encrypted checksum generated on the underlying message that is

sent along with a message to ensure message authentication.

The process of using MAC for authentication is depicted in the following illustration −

Page 25
Let us now try to understand the entire process in detail −

 The sender uses some publicly known MAC algorithm, inputs the message and the
secret key K and produces a MAC value.
 Similar to hash, MAC function also compresses an arbitrary long input into a fixed
length output. The major difference between hash and MAC is that MAC uses secret
key during the compression.
 The sender forwards the message along with the MAC. Here, we assume that the
message is sent in the clear, as we are concerned of providing message origin
authentication, not confidentiality. If confidentiality is required then the message
needs encryption.
 On receipt of the message and the MAC, the receiver feeds the received message and
the shared secret key K into the MAC algorithm and re-computes the MAC value.
 The receiver now checks equality of freshly computed MAC with the MAC received
from the sender. If they match, then the receiver accepts the message and assures
himself that the message has been sent by the intended sender.
 If the computed MAC does not match the MAC sent by the sender, the receiver
cannot determine whether it is the message that has been altered or it is the origin
that has been falsified. As a bottom-line, a receiver safely assumes that the message
is not the genuine.

Limitations of MAC

There are two major limitations of MAC, both due to its symmetric nature of operation −

 Establishment of Shared Secret.

o It can provide message authentication among pre-decided legitimate users who
have shared key.
o This requires establishment of shared secret prior to use of MAC.
 Inability to Provide Non-Repudiation

Page 26
 o Non-repudiation is the assurance that a message originator cannot deny any
previously sent messages and commitments or actions.
o MAC technique does not provide a non-repudiation service. If the sender and
receiver get involved in a dispute over message origination, MACs cannot provide
a proof that a message was indeed sent by the sender.
o Though no third party can compute the MAC, still sender could deny having sent
the message and claim that the receiver forged it, as it is impossible to
determine which of the two parties computed the MAC.

Both these limitations can be overcome by using the public key based digital signatures
discussed in following section.

 Revelation: It means releasing the content of the message to someone who does not
have an appropriate cryptographic key.
 Analysis of Traffic: Determination of the pattern of traffic through the duration of
connection and frequency of connections between different parties.
 Deception: Adding out of context messages from a fraudulent source into a
communication network. This will lead to mistrust between the parties communicating
and may also cause loss of critical data.
 Modification in the Content: Changing the content of a message. This includes
inserting new information or deleting/changing the existing one.
 Modification in the sequence: Changing the order of messages between parties. This
includes insertion, deletion, and reordering of messages.
 Modification in the Timings: This includes replay and delay of messages sent between
different parties. This way session tracking is also disrupted.
 Source Refusal: When the source denies being the originator of a message.
 Destination refusal: When the receiver of the message denies the reception.

Message Authentication Functions:

All message authentication and digital signature mechanisms are based on two functionality
levels:

 Lower level: At this level, there is a need for a function that produces an
authenticator, which is the value that will further help in the authentication of a
message.
 Higher-level: The lower level function is used here in order to help receivers verify the
authenticity of messages.
These message authentication functions are divided into three classes:

Page 27
 Message encryption: While sending data over the internet, there is always a risk of a
Man in the middle(MITM) attack. A possible solution for this is to use message
encryption. In message encryption, the data is first converted to a ciphertext and then
sent any further. Message encryption can be done in two ways:
 Symmetric Encryption: Say we have to send the message M from a source P to
destination Q. This message M can be encrypted using a secret key K that both P and Q
share. Without this key K, no other person can get the plain text from the ciphertext.
This maintains confidentiality. Further, Q can be sure that P has sent the message. This
is because other than Q, P is the only party who possesses the key K and thus the
ciphertext can be decrypted only by Q and no one else. This maintains authenticity. At a
very basic level, symmetric encryption looks like this:

Read more about symmetric encryption here.

 Public key Encryption: Public key encryption is not as advanced as symmetric encryption
as it provides confidentiality but not authentication. To provide both authentication and
confidentiality, the private key is used.
 Message authentication code (MAC): A message authentication code is a security code
that the user of a computer has to type in order to access any account or portal. These
codes are recognized by the system so that it can grant access to the right user. These
codes help in maintaining information integrity. It also confirms the authenticity of the
message.
 Hash function: A hash function is nothing but a mathematical function that can convert
a numeric value into another numeric value that is compressed. The input to this hash
function can be of any length but the output is always of fixed length. The values that
a hash function returns are called the message digest or hash values.

Measures to deal with these attacks:

Each of the above attacks has to be dealt with differently.

Page 28
 Message Confidentiality: To prevent the messages from being revealed, care must be
taken during the transmission of messages. For this, the message should be encrypted
before it is sent over the network.

 Message Authentication: To deal with the analysis of traffic and deception issues,
message authentication is helpful. Here, the receiver can be sure of the real sender and
his identity. To do this, these methods can be incorporated:
 Parties should share secret codes that can be used at the time of identity
authentication.
 Digital signatures are helpful in the authentication.
 A third party can be relied upon for verifying the authenticity of parties.
 Digital Signatures: Digital signatures provide help against a majority of these issues.
With the help of digital signatures, content, sequence, and timing of the messages can
be easily monitored. Moreover, it also prevents denial of message transmission by the
source.
 Combination of protocols with Digital Signatures: This is needed to deal with the
denial of messages received. Here, the use of digital signature is not sufficient and it
additionally needs protocols to support its monitoring.

Birthday Attack-> Birthday attack is a type of cryptographic attack that

belongs to a class of brute force attacks. It exploits the mathematics behind the birthday
problem in probability theory. The success of this attack largely depends upon the higher
likelihood of collisions found between random attack attempts and a fixed degree of
permutations, as described in the birthday paradox problem.

Page 29
Birthday paradox problem –
Let us consider the example of a classroom of 30 students and a teacher. The teacher
wishes to find pairs of students that have the same birthday. Hence the teacher asks for
everyone‘s birthday to find such pairs. Intuitively this value may seem small. For example,
if the teacher fixes a particular date say October 10, then the probability that at least
one student is born on that day is 1 – (364/365)30 which is about 7.9%. However, the
probability that at least one student has the same birthday as any other student is
around 70% using the following formula:

1 - 365!/((365 - n!) * (365n)) (substituting n = 30 here)

Derivation of the above term:
Assumptions –
1. Assuming a non leap year(hence 365 days).
2. Assuming that a person has an equally likely chance of being born on any day of the year.
Let us consider n = 2.
P(Two people have the same birthday) = 1 – P(Two people having different birthday)
= 1 – (365/365)*(364/365)
= 1 – 1*(364/365)
= 1 – 364/365
= 1/365.
So for n people, the probability that all of them have different birthdays is:
P(N people having different birthdays) = (365/365)*(365-1/365)*(365-2/365)*….(365-
n+1)/365.
= 365!/((365-n)! * 365n)
Hash function –
A hash function H is a transformation that takes a variable sized input m and returns
a fixed size string called a hash value(h = H(m)). Hash functions chosen in cryptography
must satisfy the following requirements:

 The input is of variable length,

 The output has a fixed length,
 H(x) is relatively easy to compute for any given x,
 H(x) is one-way,
 H(x) is collision-free.

A hash function H is said to be one-way if it is hard to invert, where ―hard to invert‖ means
that given a hash value h, it is computationally infeasible to find some input x such
that H(x) = h.
If, given a message x, it is computationally infeasible to find a message y not equal to x
such that H(x) = H(y) then H is said to be a weakly collision-free hash function.
A strongly collision-free hash function H is one for which it is computationally infeasible to
find any two messages x and y such that H(x) = H(y).
Let H: M => {0, 1}n be a hash function (|M| >> 2n )

Page 30
Following is a generic algorithm to find a collision in time O(2n/2) hashes.
Algorithm:

1. Choose 2n/2 random messages in M: m1, m2, …., mn/2

2. For i = 1, 2, …, 2n/2 compute ti = H(mi) => {0, 1}n
3. Look for a collision (ti = tj). If not found, go back to step 1

We consider the following experiment. From a set of H values, we choose n values uniformly
at random thereby allowing repetitions. Let p(n; H) be the probability that during this
experiment at least one value is chosen more than once. This probability can be
approximated as:

p(n; H) = 1 - ( (365-1)/365) * (365-2)/365) * ...(365-n+1/365))

p(n; H) = e-n(n-1)/(2H) = e-n2/(2H)
Digital signature susceptibility –
Digital signatures can be susceptible to birthday attacks. A message m is typically signed
by first computing H(m), where H is a cryptographic hash function, and then using some
secret key to sign H(m). Suppose Alice wants to trick Bob into signing a fraudulent
contract. Alice prepares a fair contract m and fraudulent one m’. She then finds a number
of positions where m can be changed without changing the meaning, such as inserting
commas, empty lines, one versus two spaces after a sentence, replacing synonyms, etc. By
combining these changes she can create a huge number of variations on m which are all fair
contracts.
Similarly, Alice can also make some of these changes on m’ to take it, even more, closer
towards m, that is H(m) = H(m’). Hence, Alice can now present the fair version m to Bob
for signing. After Bob has signed, Alice takes the signature and attaches to it the
fraudulent contract. This signature proves that Bob has signed the fraudulent contract.
To avoid such an attack the output of the hash function should be a very long sequence of
bits such that the birthday attack now becomes computationally infeasible.

Hash functions
play a crucial role in information security by providing data integrity, authentication, and
digital signatures. The security of a hash function is determined based on its resistance to
various attacks. The main properties of a secure hash function are:

It should be computationally infeasible to determine the original

input from the hash value.

Hash functions provide preimage resistance. This concept says that the original
function H(M)=h cannot resolve H(N)=h.
H(M)=h
h=! H(M)

Page 31
 Where M is the message input,
h is hash code,
H is a hash function.
This means it is practically impossible to obtain a message from a hash code as it is
one-way.

This ensures the security of hash functions in cryptography by ensuring that no

attacker can decode the message from the hash code(easily obtained by passing the
message through a hash function).

Given an input, it should be difficult to find another input

that produces the same hash value.

Hash functions provide second preimage resistance. This concept says that the
original function H(M) can never be equal to H(N), where n and m are different
messages.
H(M)!=H(N)
Where M and N are different message inputs,
H is a hash function.
This means it is practically impossible to obtain a different input message when we
decode a hash value. The second preimage resistance works on the one-way principle of
hash functions.

Page 32
 This ensures the security of hash functions in cryptography in the following ways:
 An attacker cannot read or observe data messages.
 An attacker cannot create a fake hash code for messages received in the absence of
security.
 An attacker cannot generate an alternative message for the same hash codes.

It should be improbable to find two different inputs that produce the

same hash value.

Hash functions provide collision resistance. This concept says that the original
function H(M) is not equal to H(N)
It is similar to the second pre-image resistance. The difference is that in collision
resistance, you cannot have two messages that indicate the same output of hash
values. Whereas in the second preimage resistance, a hash value cannot indicate a
different input message.
H(M)!=H(N)
Where M and N are different message inputs,
H is a hash function.
This means that it is practically impossible to create a hash value that indicates two
distinct message inputs.

Page 33
 This ensures the security of hash functions in cryptography, not creating confusion
and providing one message input that is authenticated.

A message authentication code (MAC) algorithm takes a message to be

authenticated & a secret key that is known only to the sender of the message and the
receiver of the message & produces a MAC as an output. By using MAC, a receiver can check
the integrity of the message & authenticity of the message i.e., whether it is coming from
the correct sender or not. MAC does not provide Non-Repudiation.

In electronic money transfers, message authentication codes (MACs) are employed to ensure
information integrity.

Now, let‘s see the types of message authentication code (MAC) in Cryptography.

There are different types of models Of Message Authentication Code (MAC) as following
below:

1. MAC without encryption –

This model can provide authentication but not confidentiality as anyone can see the
message.

2. Internal Error Code –

In this model of MAC, sender encrypts the content before sending it through network
for confidentiality. Thus this model provides confidentiality as well as authentication.

Page 34
 M' = MAC(M, k)

3. External Error Code –

For cases when there is an alteration in message, we decrypt it for waste, to overcome
that problem, we opt for external error code. Here we first apply MAC on the
encrypted message ‗c‘ and compare it with received MAC value on the receiver‘s side and
then decrypt ‗c‘ if they both are same, else we simply discard the content received.
Thus it saves time.
4. c = E(M, k')
M' = MAC(c, k)

Problems in MAC –
If we do reverse engineering we can reach plain text or even the key. Here we have mapped
input to output, to overcome this we move on to hash functions which are ―One way‖.

How message authentication code (MAC) works?

There are four important components used for generating a Message Authentication Code
(MAC):

1. The message of arbitrary length

2. Key

3. MAC algorithm

4. MAC value

Page 35
The sender and receiver share the same secret key to produce a Message Authentication
Code or Cryptographic Checksum. This generated MAC is appended to the message and sent
to the receiver. At the receiving end, the receiver also generates the Message
Authentication Code (MAC) with the same shared key which is compared with the MAC
generated by the sender. If both the MACs are equal, then the message is valid and coming
from the correct sender, otherwise, the message is invalid.

A message‘s hash value would be different if a sender didn‘t know the secret key, indicating
to a receiver that it wasn‘t from the original sender.

MD5 is a cryptographic hash function algorithm that

takes the message as input of any length and changes it into a fixed-length message of 16
bytes. MD5 algorithm stands for the message-digest algorithm. MD5 was developed as an
improvement of MD4, with advanced security purposes. The output of MD5 (Digest size) is
always 128 bits. MD5 was developed in 1991 by Ronald Rivest.
Use Of MD5 Algorithm:
 It is used for file authentication.
 In a web application, it is used for security purposes. e.g. Secure password of users etc.
 Using this algorithm, We can store our password in 128 bits format.

MD5 Algorithm

Working of the MD5 Algorithm:

Page 36
MD5 algorithm follows the following steps

1. Append Padding Bits: In the first step, we add padding bits in the original message in
such a way that the total length of the message is 64 bits less than the exact multiple of
512.
Suppose we are given a message of 1000 bits. Now we have to add padding bits to the
original message. Here we will add 472 padding bits to the original message. After adding
the padding bits the size of the original message/output of the first step will be 1472 i.e.
64 bits less than an exact multiple of 512 (i.e. 512*3 = 1536).

Length(original message + padding bits) = 512 * i – 64 where i = 1,2,3 . . .

2. Append Length Bits: In this step, we add the length bit in the output of the first step
in such a way that the total number of the bits is the perfect multiple of 512. Simply, here
we add the 64-bit as a length bit in the output of the first step.
i.e. output of first step = 512 * n – 64
length bits = 64.
After adding both we will get 512 * n i.e. the exact multiple of 512.
3. Initialize MD buffer: Here, we use the 4 buffers i.e. J, K, L, and M. The size of each
buffer is 32 bits.
- J = 0x67425301
- K = 0xEDFCBA45

- L = 0x98CBADFE

- M = 0x13DCE476

4. Process Each 512-bit Block: This is the most important step of the MD5 algorithm.
Here, a total of 64 operations are performed in 4 rounds. In the 1st round, 16 operations
will be performed, 2nd round 16 operations will be performed, 3rd round 16 operations will
be performed, and in the 4th round, 16 operations will be performed. We apply a different
function on each round i.e. for the 1st round we apply the F function, for the 2nd G
function, 3rd for the H function, and 4th for the I function.
We perform OR, AND, XOR, and NOT (basically these are logic gates) for calculating
functions. We use 3 buffers for each function i.e. K, L, M.
- F(K,L,M) = (K AND L) OR (NOT K AND M)
- G(K,L,M) = (K AND L) OR (L AND NOT M)

- H(K,L,M) = K XOR L XOR M

- I(K,L,M) = L XOR (K OR NOT M)

After applying the function now we perform an operation on each block. For performing
operations we need

 add modulo 232

 M[i] – 32 bit message.
 K[i] – 32-bit constant.

Page 37
 <<<n – Left shift by n bits.
Now take input as initialize MD buffer i.e. J, K, L, M. Output of K will be fed in L, L will be
fed into M, and M will be fed into J. After doing this now we perform some operations to
find the output for J.

 In the first step, Outputs of K, L, and M are taken and then the function F is applied to
them. We will add modulo 232 bits for the output of this with J.
 In the second step, we add the M[i] bit message with the output of the first step.
 Then add 32 bits constant i.e. K[i] to the output of the second step.
 At last, we do left shift operation by n (can be any value of n) and addition modulo by
232.
After all steps, the result of J will be fed into K. Now same steps will be used for all
functions G, H, and I. After performing all 64 operations we will get our message digest.

Application Of MD5 Algorithm:

 We use message digest to verify the integrity of files/ authenticates files.

 MD5 was used for data security and encryption.
 It is used to Digest the message of any size and also used for Password verification.
 For Game Boards and Graphics.

Benefits of the MD5 Algorithm:

o Faster and easier to comprehend is MD5.

o A 16-byte strong password is generated by the MD5 algorithm. To safeguard user
passwords, all developers, including web developers, employ the MD5 algorithm.
o The MD5 method requires a relatively little amount of memory to be integrated.
o Generating a digest message from the original message is simple and quick.

Advantages of MD5 Algorithm:

 MD5 is faster and simple to understand.

 MD5 algorithm generates a strong password in 16 bytes format. All developers like web
developers etc use the MD5 algorithm to secure the password of users.
 To integrate the MD5 algorithm, relatively low memory is necessary.
 It is very easy and faster to generate a digest message of the original message.

Disadvantages of MD5 Algorithm:

 MD5 generates the same hash function for different inputs.

 MD5 provides poor security over SHA1.
 MD5 has been considered an insecure algorithm. So now we are using SHA256 instead
of MD5
Page 38
 MD5 is neither a symmetric nor asymmetric algorithm.

SHA stands for secure hashing algorithm. SHA is a

modified version of MD5 and used for hashing information and certificates. A hashing
algorithm shortens the input information into a smaller form that cannot be learned by
utilizing bitwise operations, modular additions, and compression functions.

SHAs also help in revealing if an original message was transformed in any way. By imputing
the original hash digest, a user can tell if even an individual letter has been shifted, as the
hash digests will be effectively different.

The important element of SHAs are that they are deterministic. This define that consider
the hash function used is known, any computer or user can regenerate the hash digest. The
determinism of SHAs is one of main reasons that each SSL certificate on the Internet is
needed to have been hashed with a SHA-2 function.

A secure hash algorithm is generally a pair of algorithms invented by the National Institutes
of Standards and Technology (NIST) and other government and private parties

SHA1 SHA2

It is a cryptographic hash function It is a cryptographic hash function

designed by U.S National Security designed by U.S National Security
Agency to replace SH0. Agency to replace SH1.

It was published in 1995. While it was published in 2001.

It produces 224, 256, 384 or 512

It produces 160 bits hash value.
bits hash value.

It is successor to SH0 and It is successor to SH1 and

predecessor to SH2. predecessor to SH3.

It is less secure. While it is more secure.

Its structure is based on Merkle–

Its structure is based on Merkle–
Damgard structure with Davies–
Damgard construction.
Meyer compression function.

SHA1 certificates are not reliable. SHA2 has more improved

Page 39
 SHA1 SHA2

certificates.

It generates smaller hash. While it generates larger hash.

While hash generated by SHA2 is

Hash generated by SHA1 is weak.
strong.

It is not widely used now-a-days. While it is used widely.

S.No. SHA1 SHA256

SHA1 is a first version of SHA SHA256 is type of SHA2 that

1. that generates a 160-bit hash generates a 256-bit hash
value. value.

The internal state size of SHA1 The internal state size of

2.
is 160. SHA256 is 256.

3. It is less secure as compared. It is more secure than SHA1.

The output size of SHA1 is 160 The output size of SHA256 is

4.
bits. 256 bits.

It is used by SSL certificate It is hash function commonly

5.
authorities to sign certificates. used in blockchain.

It has smaller bit size, so it

It has 256 bits so it has
6. become more susceptible to
improved security.
attacks.

Digital Signature
A digital signature is a mathematical technique which validates the authenticity and integrity
of a message, software or digital documents. It allows us to verify the author name, date and
time of signatures, and authenticate the message contents. The digital signature offers far

Page 40
more inherent security and intended to solve the problem of tampering and impersonation
(Intentionally copy another person's characteristics) in digital communications.

The computer-based business information authentication interrelates both technology and

the law. It also calls for cooperation between the people of different professional
backgrounds and areas of expertise. The digital signatures are different from other
electronic signatures not only in terms of process and result, but also it makes digital
signatures more serviceable for legal purposes. Some electronic signatures that legally
recognizable as signatures may not be secure as digital signatures and may lead to
uncertainty and disputes.

The steps followed in creating digital signature are :

1. Message digest is computed by applying hash function on the message and then message
digest is encrypted using private key of sender to form the digital signature. (digital
signature = encryption (private key of sender, message digest) and message digest =
message digest algorithm(message)).
2. Digital signature is then transmitted with the message.(message + digital signature is
transmitted)
3. Receiver decrypts the digital signature using the public key of sender.(This assures
authenticity, as only sender has his private key so only sender can encrypt using his
private key which can thus be decrypted by sender‘s public key).
4. The receiver now has the message digest.
5. The receiver can compute the message digest from the message (actual message is sent
with the digital signature).
6. The message digest computed by receiver and the message digest (got by decryption on
digital signature) need to be same for ensuring integrity.
Message digest is computed using one-way hash function, i.e. a hash function in which
computation of hash value of a message is easy but computation of the message from hash
value of the message is very difficult.

Application of Digital Signature

The important reason to implement digital signature to communication is:

Page 41
 o Authentication
o Non-repudiation
o Integrity

Authentication

Authentication is a process which verifies the identity of a user who wants to access the
system. In the digital signature, authentication helps to authenticate the sources of
messages.

Non-repudiation

Non-repudiation means assurance of something that cannot be denied. It ensures that

someone to a contract or communication cannot later deny the authenticity of their
signature on a document or in a file or the sending of a message that they originated.

Integrity

Integrity ensures that the message is real, accurate and safeguards from unauthorized user
modification during the transmission.

Algorithms in Digital Signature

A digital signature consists of three algorithms:

1. Key generation algorithm

The key generation algorithm selects private key randomly from a set of possible private
keys. This algorithm provides the private key and its corresponding public key.

2. Signing algorithm

A signing algorithm produces a signature for the document.

3. Signature verifying algorithm

A signature verifying algorithm either accepts or rejects the document's authenticity.

How digital signatures work

Digital signatures are created and verified by using public key cryptography, also known as
asymmetric cryptography. By the use of a public key algorithm, such as RSA, one can
generate two keys that are mathematically linked- one is a private key, and another is a
public key.

Page 42
The user who is creating the digital signature uses their own private key to encrypt the
signature-related document. There is only one way to decrypt that document is with the use
of signer's public key.

This technology requires all the parties to trust that the individual who creates the
signature has been able to keep their private key secret. If someone has access the signer's
private key, there is a possibility that they could create fraudulent signatures in the name of
the private key holder.

The steps which are followed in creating a digital signature are:

1. Select a file to be digitally signed.

2. The hash value of the message or file content is calculated. This message or file
content is encrypted by using a private key of a sender to form the digital signature.
3. Now, the original message or file content along with the digital signature is
transmitted.
4. The receiver decrypts the digital signature by using a public key of a sender.
5. The receiver now has the message or file content and can compute it.
6. Comparing these computed message or file content with the original computed
message. The comparison needs to be the same for ensuring integrity.

Types of Digital Signature

Different document processing platform supports different types of digital signature. They
are described below:

Certified Signatures

The certified digital signature documents display a unique blue ribbon across the top of the
document. The certified signature contains the name of the document signer and the
certificate issuer which indicate the authorship and authenticity of the document.

Approval Signatures

Page 43
The approval digital signatures on a document can be used in the organization's business
workflow. They help to optimize the organization's approval procedure. The procedure
involves capturing approvals made by us and other individuals and embedding them within the
PDF document. The approval signatures to include details such as an image of our physical
signature, location, date, and official seal.

Visible Digital Signature

The visible digital signature allows a user to sign a single document digitally. This signature
appears on a document in the same way as signatures are signed on a physical document.

Invisible Digital Signature

The invisible digital signatures carry a visual indication of a blue ribbon within a document in
the taskbar. We can use invisible digital signatures when we do not have or do not want to
display our signature but need to provide the authenticity of the document, its integrity, and
its origin.

Benefits of Digital Signatures

 Legal documents and contracts: Digital signatures are legally binding. This makes them
ideal for any legal document that requires a signature authenticated by one or more
parties and guarantees that the record has not been altered.
 Sales contracts: Digital signing of contracts and sales contracts authenticates the
identity of the seller and the buyer, and both parties can be sure that the signatures
are legally binding and that the terms of the agreement have not been changed.
 Financial Documents: Finance departments digitally sign invoices so customers can trust
that the payment request is from the right seller, not from a bad actor trying to trick
the buyer into sending payments to a fraudulent account.
 Health Data: In the healthcare industry, privacy is paramount for both patient records
and research data. Digital signatures ensure that this confidential information was not
modified when it was transmitted between the consenting parties.
 Federal, state, and local government agencies have stricter policies and regulations than
many private sector companies. From approving permits to stamping them on a
timesheet, digital signatures can optimize productivity by ensuring the right person is
involved with the proper approvals.
 Shipping Documents: Helps manufacturers avoid costly shipping errors by ensuring
cargo manifests or bills of lading are always correct. However, physical papers are
cumbersome, not always easily accessible during transport, and can be lost. By digitally
signing shipping documents, the sender and recipient can quickly access a file, check
that the signature is up to date, and ensure that no tampering has occurred.

Drawbacks of Digital Signatures

 Dependence on Key Management: Digital signatures rely on the secure management of
cryptographic keys. This means that the sender must keep their private key safe and
Page 44
 secure from unauthorized access, while the recipient must verify the sender‘s public key
to ensure its authenticity. Any failure in key management can compromise the security
of the digital signature.
 Complexity: Digital signatures require a complex process of key generation, signing, and
verification. This can make them difficult to implement and use for non-technical users.
 Compatibility: Different digital signature algorithms and formats may not be
compatible with each other, making it difficult to exchange signed messages across
different systems and applications.
 Legal Recognition: Although digital signatures have legal recognition in many countries,
their legal status may not be clear in all jurisdictions. This can limit their usefulness in
legal or regulatory contexts.
 Revocation: In case of key compromise or other security issues, digital signatures must
be revoked to prevent their misuse. However, the revocation process can be complex
and may not be effective in all cases.
 Cost: Digital signatures may involve additional costs for key management, certificate
issuance, and other related services, which can make them expensive for some users or
organizations.
 Limited Scope: Digital signatures provide authentication and integrity protection for a
message, but they do not provide confidentiality or protection against other types of
attacks, such as denial-of-service attacks or malware.

Authentication Protocols
When we develop software, our first and most important priority is user authentication. To
authenticate the user there are several mechanisms by which we can authenticate the data
that are given by the user. In this article, we are going to learn the most common types of
the authentication protocol and their advantages and disadvantages.

Why is user authentication important?

Requiring users to provide and prove their identity adds a layer of security between
adversaries and sensitive data. With authentication, IT teams can employ the least
privileged access to limit what employees can see. The average employee, for example,
doesn't need access to company financials, and accounts payable doesn't need to touch
developer projects. When selecting an authentication type, companies must consider UX
along with security. Some user authentication types are less secure than others, but too
much friction during authentication can lead to poor employee practices.

1. Kerberos

Kerberos is a type of protocol that is used to authenticate users. It validates the client and
server during networking with the help of a cryptographic key. It is designed to strongly

Page 45
authenticate the users during the reporting of the application. All the proposals of Kerberos
are available at MIT. The main use of the Kerberos is in the product-based companies.

Advantages

1. The various operating systems are supported by the Kerberos.

2. In Kerberos, the authentication key is shared very efficiently in comparison to public
sharing.

Disadvantages

1. The client and service can only authenticate themselves with the help of Kerberos.
2. When we use a soft or weak password, it always shows vulnerability.

2. Lightweight Directory Access Protocol(LDAP)

LDAP stands for Lightweight Directory Access Protocol. With the help of this protocol, we
can determine the organization, individual, or any other devices during the networking over
the internet. It is also called a Directory as a service. Lightweight Directory Access Protocol
(LDAP) is the ground for Microsoft Building Activity Directory.

Advantages for Lightweight Directory Access Protocol (LDAP)

1. It is a type of automated protocol that is why it is very easier for the organization.
2. All the existing software is supported by Lightweight Directory Access Protocol
(LDAP).
3. Multiple directories can be allowed in Lightweight Directory Access Protocol(LDAP)

Some disadvantages of LDAP

1. It requires the experience of deployment.

2. The directory servers are required to be LDAP-obedient for deployment.

3. OAuth2

OAuth2 is a type of authentication protocol for the framework. It provides permission to

the users which are coming through the HTTP servers. When the user makes a request to
access the resources, suddenly, an API call is created, and after that, the authentication
token is generated.

Advantages of OAuth2

1. It is a very simple type of authentication protocol, and it is very easy to use.

Page 46
 2. It provides the code for server-side authentication.

Disadvantages for OAuth2

1. It is a little bit difficult to manage the different sets of codes.

2. When we connect it to an affected system, it also shows some serious effects.

4. SAML

SAML stands for Security Assertion Markup Language. It is based on an XML-based

authentication protocol. It provides authorization between the service provider and the
identity provider. It is also a product of the OASIS Security Service Technical Committee.

Advantages of SAML

1. The administrative cost is reduced for the end user with the help of SAML (Security
Assertion Markup Language).
2. It provides a single window for authentication for all the services.

Disadvantages of SAML

1. It is fully dependent on the identity provider.

2. A single XML format manages all the data.

5. RADIUS

RADIUS stands for Remote Authentication Dial-In User Service. It is a type of network
protocol that provides accounting, centralized authentication, and authorization. When the
user makes a request to access all the resources, the RADIUS server creates a temporary
credential to access all the resources. After this, the temporary credential is saved on the
local database and provides access to the user.

Advantages of RADIUS

1. It has a feature to provide multiple accesses to the admin.

2. It also provides a unique id for every session of the user.

The disadvantage of RADIUS

1. The mechanism for initial implementation is very hard on hardware.

2. It has a variety of models that may require a special team which is cost-consuming.

Page 47
 As we have studied,
signature is a way of authenticating the data coming from a trusted individual.
Similarly, digital signature is a way of authenticating a digital data coming from a trusted
source. Digital Signature Standard (DSS) is a Federal Information Processing
Standard(FIPS) which defines algorithms that are used to generate digital signatures with
the help of Secure Hash Algorithm(SHA) for the authentication of electronic documents.
DSS only provides us with the digital signature function and not with any encryption or key
exchanging strategies.

Sender
Side : In DSS Approach, a hash code is generated out of the message and following inputs
are given to the signature function –
1. The hash code.
2. The random number ‗k‘ generated for that particular signature.
3. The private key of the sender i.e., PR(a).
4. A global public key(which is a set of parameters for the communicating principles) i.e.,
PU(g).
These input to the function will provide us with the output signature containing two
components – ‗s‘ and ‗r‘. Therefore, the original message concatenated with the signature is
sent to the receiver. Receiver Side : At the receiver end, verification of the sender is
done. The hash code of the sent message is generated. There is a verification function
which takes the following inputs –
1. The hash code generated by the receiver.
2. Signature components ‗s‘ and ‗r‘.
3. Public key of the sender.
4. Global public key.
The output of the verification function is compared with the signature component ‗r‘. Both
the values will match if the sent signature is valid because only the sender with the help of
it private key can generate a valid signature.

Page 48
Benefits of advanced signature:
1. A computerized signature gives better security in the exchange. Any unapproved
individual can‘t do fakeness in exchanges.
2. You can undoubtedly follow the situation with the archives on which the computerized
mark is applied.
3. High velocity up record conveyance.
4. It is 100 percent lawful it is given by the public authority approved ensuring authority.
5. In the event that you have marked a report carefully, you can‘t deny it.
6. In this mark, When a record is get marked, date and time are consequently stepped on it.
7. It is preposterous to expect to duplicate or change the report marked carefully.
8. ID of the individual that signs.
9. Disposal of the chance of committing misrepresentation by a sham.

Burdens of computerized signature:

1. You really want to investigate all the similarity issues. In there are a great deal of
similarity settings like a refreshed rendition of driver and programming.
2. Programming is one of the main pressing concerns while utilizing a computerized signature
testament.
3. On the off chance that you are having a place with the corporate world and running a
commodity import association, you want to create a computerized signature for E-tagging.
4. In this signature, Lost or burglary of keys and the utilization of weak storage spaces.
5. There is a more grounded need for a norm through which these various strategies can
cooperate.
In this period of quick mechanical headway, a considerable lot of these tech items have a
short timeframe of realistic usability.
6. To successfully utilize a computerized signature, the two shippers and beneficiaries
might need to purchase computerized endorsements.
7. To work with computerized endorsements, the shipper and beneficiaries need to purchase
check programming at an expense.
8. A computerized signature includes the essential road for any business is cash.
Unlock the Power of Placement Preparation!
Feeling lost in OS, DBMS, CN, SQL, and DSA chaos? Our Complete Interview
Preparation Course is the ultimate guide to conquer placements. Trusted by over 100,000+
geeks, this course is your roadmap to interview triumph.
Ready to dive in? Explore our Free Demo Content and join our Complete Interview
Preparation course.

Page 49