pe

SYLLABUS

-
it-1
unreadable ,
text that encrypted
be
can
only
-

read if you know the

.
key
↑
What is
Cryptography ? ↑
It is a technique of securing communication by converting plain text into unintelligible L
cipher
>
text. It deals with developing and analyzing protocols that prevent malicious third parties from
retrieving information being shared between two entities thereby following the various aspects
of computer and information security.
It involves various algorithms and protocols to ensure data con dentiality, integrity,
authentication and non-repudiation.

- decryption key

"Hello"
jemopon
encryption
=

kng
f
ciphertext

pecryption
"Helld

Network
--

and Internet
↳
securely &
d ·
er C
prevent Ccorrect

volations that involve

-

securely
--

· -

the transmission
of information
-
 confidentiality integrity
DATA

· and se
Security
Computer 5 &
Ste
NIS) detention Availability
-

“The protection afforded to an automated information system in order to attain the applicable
objectives of preserving the integrity, availability and con dentiality of information system
resources”
includes
telecommunications
>
- -
&
L ↳
information
hardware
software firmware data

Objectives
- - -

Ent
Confidentiality egrity Availability
ata
↑ contentiality >
-

- -integrity
Dala -
·

assures that system

X private
work
promptly
5 - changed
on the
°

eidential .
#III
find ·
serirce is not denied to
authorized
-

manner
individuals info 3 authorized users
Programs

-Rivacy i

Dala
-
,
L what
or
individual
controls
gets
or
influence
collected
stored by whom
integrity
-tem
intended function
and to whom it
⑰
performs
gets in
disclosed unimpaired manner

framdeliberate
eerr
·
fi
computer security Challenges
1. [Complexity of Security]: Security is a complex issue that requires specialized knowledge
and expertise.
2. [Anticipating Attacks]: It's important to consider potential attacks on security features and
plan accordingly.
3. [Unintuitive Procedures]: Sometimes, effective security procedures may not seem logical
or user-friendly.
4. [Choosing Security Mechanisms]: Deciding where and when to use different security
mechanisms is a critical task.
5. [Constant Vigilance]: Continuous monitoring is essential to detect and respond to security
threats.
6. [Prioritizing Security]: Security should be considered from the start, not as an
afterthought.
7. [Multi-faceted Security]: Security involves more than just technical solutions, such as
algorithms and protocols.
8. [Ongoing Battle]: Security is an ongoing battle between those trying to protect systems
and those trying to exploit them.
9. [Investing in Security]: The importance of investing in security may not be appreciated
until a security breach occurs.
10. [Balancing Security and User Experience]: Strong security measures should not hinder
ef ciency or user-friendliness.

Security tecture
.

Security Attack
I - d
aproc
e
emie
S any
action that
compromises the
security of information
security Mechanism
owned
by an
organization &
enhancesthe
data
security of
processing systems and
information transfers of an
security service
organization
fi
 Threat
violation system security
An assaulton
A potential for X
that derives from
threat ; that is , an
an
unintelligent
of security when
,
there is a
-
circu
unintelligable
act that is a deliberate
mstance ,
capability achor or event
, , attempt
that could breach
security and
to evade security services and
violate the security
cause .
harm policy of
system
a .

anger that might

possible
Attack
-
Security acks
An attempt by a person or entity to gain unauthorised access to disrupt or compromise the
security of system, network, or device. These are de ned as the actions that put at risk an
organisation’s safety.

~ W
M

1
tie
-

Pauwe
involves attacker
actively disrupti
>
-
-involves attacker
observing
monitoring system network noaltering system network
-

or or , or
,

device
..

acurly without
-

acurly
*

or device
- -
-

&

actively derrupting altering focused on causing damage or

a I
-
or

it
disruptionratherthan
a
.
going
,

focused on gathering informat

-

sender and receiver have clue

intelligence rather than
-
ion or ,
no

.
causing damage or disruption That their
data/g is being modified
>
-
sender and receiver have by intruder
.
↓ d L
no clue
of the intruder .

Masquerade Replay modification DOS

I message attacker
↳ ofattacker
·

attacker sends a
attackerpretendsto ·

modifies
· -

delays
·
Darge volcune
be authenticsender
. replays or
later time transmitted of traffic
M it at msg
Traffic
a

Eavesdropping
analysis Internet or other comm ·

facility

Internet or other comm ·

facility -
LICE
Al
BOB
-

~
BOB ALICE

DARTH
DARTH
fi
Security Mechanisms
● Built to identify any breach of security or attack on the organisation.
● Responsible for protecting a system, network or device against unauthorised access,
tampering, or other security threats.
● Can be implemented at different levels within a system or network.
● Divided into:
Pervasive security
Security
Specific
Mechanisms Mechanisms
maybe incorporated specific to any particular
·
·
f
into the not
>
-

OSL
appropriate protocol layer in order to security service or protocol
provide some of the OSI security
-
layer .

services Y

Encipherment Functionality
Isted
-

Use of mathematical algorithms to transform That which is perceived to be correct with

data into a form that is not readily intelligible. respect to some criteria(e.g., established by a
Recovery and transformation of data depend security policy)
on algorithm and zero or more encryption keys
security
Label

gitat
signature The marking bound to a resource that names or
Involves the use of cryptographic techniques designates the security attributes of that
to create a unique,veri able identi er for a resource.
digital document or message. Detection
ent
Access Control
- -
Detection of security-relevant events.
Enforce access rights to resources.
security
Audit Trail
ta
↳
Integrity Data collected and potentially used to facilitate a
Used to assure the integrity of a data unit or security audit, which is an independent review
stream of data units. and examination of system records and

entication
Exchange activities.
Intended to ensure identity of an entity by curity
Recovery
means of information exchange. Deals with requests from mechanisms such as
event handling and management functions, and
takes recovery actions.
fi
fi
 Padding
Traffic
Insertion of bits into gaps in a data stream.
Helps to thwart traffic analysis attempts

ting
Control
Enables selection of particular physically secure
routes for certain data transmission and allows
routing changes,especially when a breach occurs.

Notarization
Use of trusted third party to assure certain property
of a data exchange.

security services
Refer to different services available for maintaining the security and safety of an organisation.
Help in preventing any potential risks to security.
Divided into ve types:

alah-ge entig Non-repudiation

W
Authentication

patadentiality I
epe

↳-Greg
e
I5selectivee e I
>
- Connection
, >
-
Data-Origin
Connectionless
-connection
>
-

(without
Recovery)
> seclective-field
-

↳ connectioner

selective-field
Connectionless
fi
 AVAILABILITY OF SERVICE

A system is available if it provides

services according to the system

design whenever users request

them
.
Despite years of research and development, it has not been possible to develop
security design and implementation techniques that systematically exclude security
flaws and prevent all unauthorized actions. In the absence of such foolproof
techniques, it is useful to have a set of widely agreed design principles that can guide
the development of protection mechanisms. The National Centers of Academic
Excellence in Information Assurance/Cyber Defense, which is jointly sponsored by
the U.S. National Security Agency and the U.S. Department of Homeland Security,
list the above as fundamental security design principles.
Attack Surfaces
Consists of reachable and exploitable vulnerabilities in a system.
For Example:
● Open ports on outward facing web and other servers, and code listening on those ports.
● Services available on the inside of a rewall.
● Code that processes incoming data, email, XML, of ce documents, and industry speci c
custom data exchange formats.
● Interfaces, SQL and Web forms.
● An employee with access to sensitive information vulnerable to a social engineering
attack.
Attack Surface Categories
1. Network attack surface
Refers to vulnerabilities over an enterprise network,wide-area network, or the Internet.

2. Software attack surface

Vulnerabilities in application, utility, or operating system code.

3. Human attack surface

Vulnerabilities created by personnel or outsiders.

An attack surface analysis is a useful technique for

assessing the scale and severity of threats to a system.
A systematic analysis of points of vulnerability makes
developers and security analysts aware of where
security mechanisms are required. Once an attack
surface is de ned, designers may be able to nd ways to
make the surface smaller, thus making the task of the
adversary more dif cult. The attack surface also provides
guidance on setting priorities for testing, strengthening
Security measures and modifying the service or app.
fi
fi
fi
fi
fi
Attack Tree
● A branching,hierarchical data structure that represents a set of potential techniques for
exploiting security vulnerabilities.

● The security incident(the goal of the attack)——> root node of the tree
● Ways that an attacker could reach that goal——> branches and sub-nodes of the tree
● Different ways to initiate an attack——> nal nodes on the paths outward from the root

● Motivation behind this is to effectively exploit the information available on attack patters.
The root of the tree is the objective of the attacker, which is to compromise a user’s account.
The shaded boxes on the tree are the leaf nodes, which represent events that comprise the
attacks. Note that in this tree, all the nodes other than leaf nodes are OR-nodes.
The analysis to generate this tree considered the three components involved in
authentication:
■ User terminal and user (UT/U): These attacks target the user equipment,
including the tokens that may be involved, such as smartcards or other password
generators, as well as the actions of the user.
■ Communications channel (CC): This type of attack focuses on communication
links.
■ Internet banking server (IBS): These types of attacks are of ine attacks against
the servers that host the Internet banking application.

Five overall attack strategies can be identi ed, each of which exploits one or
more of the three components. The ve strategies are as follows:
■ User credential compromise: This strategy can be used against many elements
of the attack surface. There are procedural attacks, such as monitoring
a user’s action to observe a PIN or other credential, or theft of the user’s
token or handwritten notes. An adversary may also compromise token
information using a variety of token attack tools, such as hacking the smartcard
or using a brute force approach to guess the PIN. Another possible
fi
fi
fi
strategy is to embed malicious software to compromise the user’s login and
password. An adversary may also attempt to obtain credential information
via the communication channel (snif ng). Finally, an adversary may use
various means to engage in communication with the target user.
■ Injection of commands: In this type of attack, the attacker is able to intercept
communication between the UT and the IBS. Various schemes can be used
to be able to impersonate the valid user and so gain access to the banking
system.
■ User credential guessing: It is reported in [HILT06] that brute force attacks
against some banking authentication schemes are feasible by sending random
usernames and passwords. The attack mechanism is based on distributed
zombie personal computers, hosting automated programs for username- or
password-based calculation.
■ Security policy violation: For example, violating the bank’s security policy
in combination with weak access control and logging mechanisms, an employee
may cause an internal security incident and expose a customer’s
account.
■ Use of known authenticated session: This type of attack persuades or forces
the user to connect to the IBS with a preset session ID. Once the user authenticates
to the server, the attacker may utilize the known session ID to send
packets to the IBS, spoo ng the user’s identity.
fi
fi
A message is to be transferred from one party to another across some sort of Internet
service. The two parties, who are the principals in this transaction, must cooperate for the
exchange to take place. A logical information channel is established by de ning a route
through the Internet from source to destination and by the cooperative use of communication
protocols (e.g., TCP/IP) by the two principals.
Security aspects come into play when it is necessary or desirable to protect the
information transmission from an opponent who may present a threat to con dentiality,
authenticity, and so on. All the techniques for providing security have two components:

■ A security-related transformation on the information to be sent. Examples

include the encryption of the message, which scrambles the message so that it
is unreadable by the opponent, and the addition of a code based on the contents
of the message, which can be used to verify the identity of the sender.

■ Some secret information shared by the two principals and, it is hoped,

Unknown to the opponent. An example is an encryption key used in conjunction
with the transformation to scramble the message before transmission and unscramble it on
reception.
A trusted third party may be needed to achieve secure transmission. For
example, a third party may be responsible for distributing the secret information
to the two principals while keeping it from any opponent. Or a third party may be
needed to arbitrate disputes between the two principals concerning the authenticity
of a message transmission.

This general model shows that there are four basic tasks in designing a particular
security service:
1. Design an algorithm for performing the security-related transformation. The algorithm
should be such that an opponent cannot defeat its purpose.
2. Generate the secret information to be used with the algorithm.
3. Develop methods for the distribution and sharing of the secret information.
4. Specify a protocol to be used by the two principals that makes use of the security
algorithm and the secret information to achieve a particular security service.
There are other security-related situations of interest that do not neatly t in the model for
network security but are considered important . A general model of these other situations is
illustrated in Figure 1.6, which re ects a concern for protecting an information system from
unwanted access. Most readers are familiar with the concerns caused by the existence of
hackers, who attempt to penetrate systems that can be accessed over a network.

The hacker can be someone who, with no malign intent, simply gets satisfaction from
breaking and entering a computer system. The intruder can be a disgruntled employee who
wishes to do damage or a criminal who seeks to exploit computer assets for nancial gain
(e.g., obtaining credit card numbers or performing illegal money transfers).

Viruses and worms are two examples of software attacks. Such attacks can be introduced
into a system by means of a disk that contains the unwanted logic concealed in otherwise
useful software. They can also be inserted into a system across a network; this latter
mechanism is of more concern in network security.
fl
The security mechanisms needed to cope with unwanted access fall into
two broad categories (see Figure 1.6).
The rst category might be termed a gatekeeper function. It includes password-based login
procedures that are designed to deny access to all but authorized users and screening logic
that is designed to detect and reject worms, viruses, and other similar attacks.
Once either an unwanted user or unwanted software gains access, the second line of
defence consists of a variety of internal controls that monitor activity and analyze stored
information in an attempt to detect the presence of unwanted intruders.
fi
TERMINOLOGY ↑
& I
E SECURITY -

& -

cryptology
/ -

L >

Cryptography Cryplanaties
-

L ↳

symmetric
↓ at
d ↓ -d
social
Implementation Engineering
Assymmetric clarucal
·

attacks attacks

Key L ↳
Hashing Brute-force
-O

Analytical

Symmetric Key Cryptography

-

● Involves usage of one secret key along with encryption and deccryption algorithms which
help in securing of the contents of the message.
● Strength depends on number of key bits.
● Faster than asymmetric key cryptography.
● Arises a key distribution problem as the key has to be transferred from sender to receiver
through a secure channel.
Secret key shared sect key shared
by sender and recipient by
sender and recipient
K K
Transmitted
X ciphertext
-
- -
-

Encryption Decryption S =
> > Algorithm
- -

X = D(K, Y)
-

--
algorithm y = E(k , X) (reverse of encryp
-

Plaintext (e g AES)
. . tion algorithm) Plaintext
input output
simplified model of
Symmetric Encryption
Asymmetric Rey Cryptography
● Also known as Public-Key Cryptography
● Involves usage of a public-key along with a secret key.
● Solves problem of key distribution as both parties use different keys of encryption/
decryption.
● Not feasible to use for decrypting bulk messages
● Very slow compared to symmetric key cryptography.
Public Private
key key
K
*

K
Transmitted
ciphertext
-
- -

Encryption Decryption
-

S
-

> > Algorithm

- - --
- --
--
algorithm -

Plaintext Plaintext
input output
simplified model of Asymmetric Encryption

Hashing
-

● Involves taking plain text and converting it to hash value of xed size by a hash function.
● Ensures integrity of message as hash value on both sides should match if message is
unaltered.
 >
-

BOB -key ALICE

>
-
D(C, k)
key
C E(M k) m =
=
,
↳ Pciphertext
ciphertext ( message message (Decryption
Encryption argo algo

Of Cryptography
History
Krypto graphene ↓ d d

werling
-

hidden
-

Clanical
Cryptography .
Roots are
found in Roman & Egyptian Civilizations
1)
>
-
Hieroglyphs
earliest known
Cryptography
me
of Cryptography
Heiroglyphs communication
>
-
was a sect
form of

2)
>
-
Cassar
Cipher
each character in a word is
replaced by a fixed number
of poulous
---

>
-
Ka shift cipher
also

3) Vigenere cipher
designed by rigene
>
-

Encryption key is repeated multiple times spanning the

-
e

entire
message
cipher text is generated by addingthe message character
>
-

with key character modulo 26

.
4) Hebern Rotating Machine
designed by Hebern
=

>
-

embedded in the
singlerotor used is where secret key
>
-
is
and the
rolling dire
&

key has an embedded substitution

- -

table
-

ciphertext out
to the
=
key
each pless from
Keyboard
rated
5) Enigma Machine
>
- -

combination
a electro-mechanical of subsystems
>
-
consisted of 3-5 rotors
broken Poland
by
>
-

a key pressed rotors rotat-

>
-
whenever was
,
one or more

ed on the
spindle and accordingly the key was
scrambled to
something one
.

Data Encryption
created
Standard
by IBM
>
-

designed Lucifer cipher later called DES

>
-

symmetric-key algorithm based on Fiestel Lither

>
-
a

used
for encryption of electronic data
>
-

encrypted 64 bits or Schar at a time

d

key size 56 ble ;

--

>
- >
- >
- .

>
-
broken exhaustive search attack in 1997
was
by an .

later discontinued insecure against buite

force attacks
>
-

1dvance
-

Encryption
kind
Standard
of block cipher
Rinda
a citer
a new see
-
>
-

renamed AEP replaced

>
-
as
,
-

based substitution
permutation network
>
-
on -

sub-set
>
-
of Rindael
>
-
family of ciphers with different key and block sizes
.
>
-
block size-128 bits or 16 characters
128 bit , 192 bit & 256 bit
different key sizes -
>
-
3 >
 What is
Cryptanalyses?
Study of Cryptographic algorithm and the breaking of secret codes developed under proess
of cryptography.
Person practicing cryptanalysis is called a Cryptanalyst.

Classical Attacks
1) Cryptanalytic Attacks
It’s a type of attack that takes advantage of structural aws in a speci c algorithm.
& Relies on the nature of algorithm plus some knowledge of the general characteristics of
plaintext or even some sample plaintext - cipher text pairs.
>
- Exploits the characteristics of algorithm to attempt to deduce a speci c plaintext or to deduce
the key being used.

2) Brute-force Attacks
>
-
Attackers tries all potential keys in order to gure out the key.
>
-
Longer the key, longer the time to execute the attack.
>
-
Run the encryption algorithms for all possible cases of the keys until a match is found.
>
- Encryption algorithm is treated as a black box.

Social
>
-
Engineering Attack
Something that is dependent on the human factor.
>
-
Tricking someone to reveal their passwords to the attacker or allowing access to restricetd
area comes under this attack.
- People should be cautious when revealing their passwords to any third party which is not
trusted.

Implementation Attack
Attacks such as side-channel analysis can be used to obtain a secret key.
fi
fl
Based amouninformation
on know Crystone
to a
--

(easier to
defend)

(rarely used)

parely used)

Two basic requirements

of encryption are
:-

- should
1) Encryption algo be
strong
2) key shared by sender and receiver should be
secret
.

Let
plaintextsKX
=
<X, X2 ,
--

- XM)
key ,
=
/K1 , K2
, -.., kj ]
ciphertext , Y =
/ X1 ,
X2
, -. ., YN]
then , y= Encryption argo. --

receiver's end **Decrypton algo.

=> O
Cryptographic systems
characterized along 3 dimensions
independent :-

A-B share

& same
key
process a block
at a time
E
output block
for each input
block

process infest
continuously
E
E
produce output
one element
↳ A-B at time
use
diff a

- keys .

basic
reqG
,

no
intolast

Symmetric Cipher Model

Encryption scheme Security
1)
-

Unconditionally secure
·

aiphertext generated by scheme does not contain

>
-

if
enough information to determine
uniquely corresponding
plaintext
Except One time pad encryption algorithm
>
-
,
no is urcon-

ditionally secure
>
-
All users
of an
encryption algorithm can strive for is
both of
following criteria :
I

an
algo . That meets one or

① Cost of breaking cipher exceeds value of encrypted info

.

⑧ time req to break cipher exceeds useful lifetime of info.

2) Computationally secure
the above criteria met.

Ifeitherdifficult ente
>
-
to are
-
a
amountof effecte o
Substitution Techniques letters
One in which letters
of plaintext are
replaced by other
or numbers or symbols
.
↳Plaintest
-a Selene beh
of t bit
see
pas
Cassar Cipher
replace each letter
of alphabet with letter
standing 3
>
-

places further down the

alphabet
=2
around
wrapped follows A
>
-
alphabet is
Plaintext - lower ; Ciphertext >
Upper Case
>
-
case
>
-
for e .

g,
plaintext
>
-
///
meet at
/I party
ILL
ciphertext >
- PHHW DW SDUWB

substitution
different keys- -
different
>
-
>

b = 10 so on,
-

a= 0
Mathematically starting from
-
>
-
-

S ,

Casser Cipher key

-

eller
: >
-
= p + k) mod (26)
E(p)
D(C) (C K) mod (26)
= -

↳
ciphertext

for e .

g., M =
E(M) =
(12+ 3) Mode6 =
15 + P
(15 3) modes 12 =
m
DIP)
=
= -

This
cipher be broken
>
- :-
can

d
one
plaintext-ciphertext -y applying brute
force
attack
Pair is known

shift cipher with

key 3t carrar
Cipher
>
- =
recher
cons :
consi
- -
-

.
-
Encryption decryption algos are
-

know
Easy to implement
>
-

>
-
vulnerable to Brute-force attack

language of plaint ext known -s

easily
>
-

recognizable

a c substitution
M enoalphabetig Litter
Unlike Caesar ,
permutation
*

random
cipher any
>
- is

assigned alphabets to the

A -Q , B- D 7
for <
>
- +>
e g .

. ,

of alternative keys !
26
possible
>
- =
no .

impractical
D

Brute attack is
>
-
force
>
-
Human languages are
redundant-fact can be exploited
be used to
table
of frequency of letters list
>
- - can

guess plaintext if plaintext is in uncompressed

the

Engesch canguage
-

>
-
- most common 2 letter combination
>

th in ev re 2 an
for e g .
- -

, ,
.

,
combination
Trigrams most common 3 letter
>
- -
- -

for e g the, and , ion--

.
..
ing ,

Homophonic
- -
Polygram -

letters are
groups of
>
-

single plaintext letter

canbe
representedin by replaced
mustdiffrent ee
for e g
.
HELLO" DTG
>
- .

or
different p can be represented
by same C . >
- broken
using
fore g.
world >
-
DTTHE plaintext attacks of
brute force attacks
>
- can be broken using
wordpatterns
a
 Po Iyalphabetic Substitution either
mapping blw PC C changes over the course
of message
-
.
multiple one-character keys
>
-
uses

for every char Keys are different

Y
>
-
-

one-letter keys
period of cipher- of
>
-
no
>
-
for key letter p4 plantext letter q
titled
cipher text letter intersection
eow
of
>
-
p6
column filled
9
size
size of key of plaintext
>
- =

Hello
for
>
-
e .

.
g P
=

↳= bur "

Vignore
I
-
·
apher
-

type of polyalphabetic subs .

Cipher
substitution is used
>
-
key determines which particular .
>
- size /key) =
size
(mg)
Regard
key is usually
e
a pating
>
-

>
-
for g.
e .

plantext "

Ciphertext "ZICUTWQNG
RIGUTM =

>
-
Ci (Pi + Kimodm) mod (26)
=

Decryption is equally simple

-

key letter-identifies
·
↳
E
the row

position of ciphertext determines colum -

>
>
-

plaintext letter at
top of column

strength multiple lettersor

phertext
each
plaintext see lete
>
-

of keyword
Vernam either
system works binary data (bit) rather
>
-
on than
letters -

im binary digit of plaintext

algo
-
>
-
--

Encryption
--
ith binary
of cibhertext
&
O
Ci =
Pi ④ >
- ith
binary digit of key
T
- -

(substract I
XOR
is
Ci Ki tp
he
Decryption Pi =

- -

construction
of this is
of key
-
essence means
of
for Plaintext - OAK
- >
e
.,
g
-

SON
key
>
-

O =>> 14 =
0 ///0
8 = > 18 = 10010

XOR-11110 =
28 = 28 26 -
= 2 = C
can be broken with a
very long ciphertext or known
>
-

plaintent as the
key is repeated
.

One-time Pad
updation of Vernam apher
·
>
-

>
-
key used to encrypt as decrypt a single menage
then descarded
-
M

each new
menage requires key
>
-
a new
> size /key) size
(msg)
- =

>
- scheme is unbreakable (i .e
.

., unconditionally secure)
>
-
produces random output that bears no statistical
relationships to plaintext
I

>
-
security-randomness of key
>
-
offers &
perfect secrecy-nocomputational o
potter ocanguesorbtain
ane
ciphertext or
>
-
One time pad has 2 fundamental
difficulties :-

E -
>
making of large no of
distribution
key a
protection
random keys

used only is needed

where
very high security
>
-

>
- can be used
for low bandwidth channels for e g
.

military use

Playfavs either
-

A pair of alphabets (digraph) is encrypted

>
-

>
-
kla playfair square or Wheatstone Playfair Cipher
also .

symmetric encryption technique

>
-
manual
1845 Wheatstone
invented by Charles
by
>
-

>
-
multiple letter encryption cipher
5x5 matrix constructed
using a keyword (for e g,
>
- .

>
-
MONAMarniie
Rules
ame rectangle
↓

Repeating ro
·

Digrams me H
filler wrap
H
wrap around
1>
Trap/
around
It
Plaintext-attack = at to ck
forg
-
.

Mp Su de
>
-
same key is used
for encryption & decryption
possible digrams 262
- >
-

Pros Cons
cons
>
-
harder to bleak >
-
substitution is self-inverse
>
-
more cipher text AB-URBA =
RU
req .

fore g
. s
:

to crack
encryption >
-
uses cipheries
symmetric
same key used for ECeD -

Hill ce cher -

multi-letter
apher
>
-

>
-

developed by Lester fill in 1929

>
-
encrypts a
group of letters :
, trigraph
digraph ,

polygraph
>
-
Rey 2x2, 3x3 , or nXW
:

Based on linear
-
algebra
↳ matrix arithmetic modulo 26
↳ matrix
square
↳ determinant
↳
multiplicative inverse

Hill Algorithm
>
-

c =
E(k , p) =
(P x k) mod (26)
P =
D(K , c)
=
<k
+
mod26 =
(Pxkxk ) mod (26)

Encryption(P P2P3) (R1 12 R13 , s

en
using row-vector approach ,

G =
(P, K 11 + P2R21 +
P3K31) mod 26
+
C2= (P , R12 P2K22+ P2Koz) mod 26
C3 =
(P3K 13 + P3K23 + P3R
33) mod 26

15
& <24 glYs4 &Y -Y
-for g. , ng
e .
=

"pay more money"

o it it is it
324

It itsa
k =

emo
my
I
mor
P pay
Pay => 15 0 24 17 5
17
21 18 21
2 2 19

c =

(1/17) +ORD + 24(2) (5/17) + 0 (16) + 24(2) 15/5) + 0 (21) + 24(19)]

=
[303 303
5315 mod26
=
/ 17 17 11)
R R L

O
-

Decryption
Decryption requires K" inverse matrix K
>
-
,

adj(k)
+
K =
1
(k) (k) =
/ K/ mod26

strength completely hides single-letter frequencies

>
-
:

easily broken with a known plaintext allack

- -

strong against iphertext only attack

>
-
-
Transposition Techniqnes
-
achieved by performing permutation over
plain text .

Rail Fence Technique

involves
writing plaintext letters
diagonally
>
-
over a

number
of rows, then read cipher
off row
by row
.
>
-
for e .

:
g
"meet me
after party"
there deftione
mat Upaty
>
me
-

=>
mcmatratetefepry
keyword required
>
-

vary easy as no

for dept B
>
- -
=

Met me f epr
I

= mutactefepryeast
Row Column
Transposition
complex scheme
>
-
a more
a receiver
rectangle-depending upon sender
>
-

>
- write
read :
: row
by
column
row
colum
by
order 34521
key :
of the column

Patie
for e .
-
g
.

"
"kill her at two am
plet
=

Ur 3 ; Nc= =
5

k
LOVED
=

B 45

C =
Cityltmkecirolaa >
- this
give as input to a
sect
 Steganography
art
of hiding secret data in plain-sight
.
>
-

>
- conceal the the existence of message
>
-
not an
encryption scheme
>
-
for e .

g. f
Simplyencrypt
b ce
reading exactly tre
correct
g e C r f t
-

overhead hide
a
rela
requires
atot
-
to a
-
a
①

few bet
the discovered is it becomes
system
>
-
-

once
-

virtually worthless