Unit – III

Cryptography
Cryptography is technique of securing information and communications through use of
codes so that only those people for whom the information is intended can understand it
and process it. Thus, preventing unauthorized access to information. The prefix “crypt”
means “hidden” and suffix graphy means “writing”. In Cryptography the techniques which
are used to protect information are obtained from mathematical concepts and a set of
rule-based calculations known as algorithms to convert messages in ways that make it
hard to decode it. These algorithms are used for cryptographic key generation, digital
signing, verification to protect data privacy, web browsing on internet and to protect
confidential transactions such as credit card and debit card transactions.
Techniques used For Cryptography: In today’s age of computers cryptography is often
associated with the process where an ordinary plain text is converted to cipher text which
is the text made such that intended receiver of the text can only decode it and hence this
process is known as encryption. The process of conversion of cipher text to plain text this
is known as decryption.
Features Of Cryptography are as follows:
1. Confidentiality: Information can only be accessed by the person for whom it is
intended and no other person except him can access it.
2. Integrity: Information cannot be modified in storage or transition between
sender and intended receiver without any addition to information being
detected.
3. Non-repudiation: The creator/sender of information cannot deny his intention
to send information at later stage.
4. Authentication: The identities of sender and receiver are confirmed. As well as
destination/origin of information is confirmed.
The most obvious use of cryptography, and the one that all of us use frequently,
is encrypting communications between us and another system. This is most commonly
used for communicating between a client program and a server. Examples are a web
browser and web server, or email client and email server.

Cryptology is the study of codes, both creating and solving them. Cryptography is the art
of creating codes. Cryptanalysis is the art of surreptitiously revealing the contents of coded
messages, breaking codes, that were not intended for you as a recipient. Secondly, there are
nomenclators and enciphers.

Encryption and Decryption

Encryption is the process of converting normal message (plaintext) into meaningless

message (Ciphertext). Whereas Decryption is the process of converting meaningless
message (Ciphertext) into its original form (Plaintext). The major distinction between
secret writing associated secret writing is that the conversion of a message into an
unintelligible kind that’s undecipherable unless decrypted. whereas secret writing is that
the recovery of the first message from the encrypted information.

1
S.NO Encryption Decryption

Encryption is the process of

While decryption is the process of converting
converting normal message into
meaningless message into its original form.
1. meaningless message.

Encryption is the process which While decryption is the process which take place
take place at sender’s end. at receiver’s end.
2.

Its major task is to convert the While its main task is to convert the cipher text
3. plain text into cipher text. into plain text.

Any message can be encrypted

Whereas the encrypted message can be
with either secret key or public
decrypted with either secret key or private key.
4. key.

In encryption process, sender Whereas in decryption process, receiver receives

sends the data to receiver after the information(Cipher text) and convert into
5. encrypted it. plain text.

The same algorithm with the The only single algorithm is used for encryption-
same key is used for the decryption with a pair of keys where each use for
encryption-decryption process. encryption and decryption.
6.

2
Substitution Cipher Technique
In the Substitution Cipher technique, each character is substituted with other
character/number or other symbol. This technique changes the identity of a character but
not its position in the string.
A substitution cipher encrypts a text sequence by replacing letters or units of text with other
letters or units of text. Substitution ciphers are an early form of cryptography that predates
the development of computers and are now largely outdated.
Like B or C, a letter is converted into another letter in a substitution cipher, encrypting the
sequence for a human reader. The problem is that basic substitution ciphers do not encrypt
adequately in terms of computer assessment.
Substitution ciphers became relatively easy for computers to crack with the emergence of
the personal computer. However, some of the substitution cipher's concepts have persisted,
for example, some versions of current encryption may encrypt data using an extensive text
set and a very clever substitution.

Transposition Cipher Technique

In the Transposition Cipher Technique, each character's position is shifted to a different
position. A transposition cipher is an encryption method in which plaintext units (usually
letters or groups of characters) are shifted in a predictable way resulting in the ciphertext
being a permutation of the plaintext. That is, the units' order is altered (the plaintext is
reordered).
To encrypt, a bijective function is applied to the locations of the characters, and to decrypt,
an inverse function is used.
The Rail Fence encryption is a type of transposition cipher named after how it is encoded.
The plaintext is written on successive "rails" of an imaginary fence in the rail fence,
downwards and diagonally, then moved up when we reach the bottom. The message is then
read aloud in a series of rows.
The Rail Fence Cipher follows a scytale-like pattern, an old Greek mechanical device for
constructing a transposition cipher. A cylinder and a ribbon wrapped around the cylinder
comprised the system. The coiled ribbon was used to write the encrypted message. When
the ribbon was uncoiled from the cylinder, the letters of the original message were
rearranged. The message was decoded when the ribbon recoiled on a cylinder with the same
diameter as the encrypting cylinder.

3
Difference between Substitution and Transposition Cipher Technique

Key Substitution Cipher Technique Transposition Cipher

Technique

Algorithm Each character is replaced with a Each character has been

different character, integer, or symbol. repositioned from its original
place.

Forms It comes in two forms: Mono-Alphabetic It has two forms: Key-less

Substitution Cipher and Poly- transposition cipher and keyed
Alphabetic Substitution Cipher. transposition cipher.

Change Character identity is changed but Character position is changed

position remains same. but identity remains same.

Detection A letter less frequently used can be A letter near to original position
easily traced. can be easily traced.

Example Caesar Cipher is an example of Reil Fence Cipher is an example

Substitution Cipher. of Transposition Cipher.

Caesar Cipher Technique

The Caesar Cipher technique is one of the earliest and simplest methods of encryption
technique. It’s simply a type of substitution cipher, i.e., each letter of a given text is replaced
by a letter with a fixed number of positions down the alphabet. For example, with a shift of
1, A would be replaced by B, B would become C, and so on. The method is apparently named
after Julius Caesar, who apparently used it to communicate with his officials.
Thus, to cipher a given text we need an integer value, known as a shift which indicates the
number of positions each letter of the text has been moved down.
The encryption can be represented using modular arithmetic by first transforming the
letters into numbers, according to the scheme, A = 0, B = 1, Z = 25. Encryption of a letter by
a shift n can be described mathematically as.

(Encryption Phase with shift n)

(Decryption Phase with shift n)

4
Examples:
Text: ABCDEFGHIJKLMNOPQRSTUVWXYZ
Shift: 23
Cipher: XYZABCDEFGHIJKLMNOPQRSTUVW

Text: ATTACKATONCE
Shift: 4
Cipher: EXXEGOEXSRGI

Advantages:
• Easy to implement and use thus, making suitable for beginners to learn about
encryption.
• Can be physically implemented, such as with a set of rotating disks or a set of
cards, known as a scytale, which can be useful in certain situations.
• Requires only a small set of pre-shared information.
• Can be modified easily to create a more secure variant, such as by using a
multiple shift values or keywords.
Disadvantages:
• It is not secure against modern decryption methods.
• Vulnerable to known-plaintext attacks, where an attacker has access to both
the encrypted and unencrypted versions of the same messages.
• The small number of possible keys means that an attacker can easily try all
possible keys until the correct one is found, making it vulnerable to a brute
force attack.
• It is not suitable for long text encryption as it would be easy to crack.
• It is not suitable for secure communication as it is easily broken.
• Does not provide confidentiality, integrity, and authenticity in a message.
Algorithm for Caesar Cipher:
Input:
1. A String of lower-case letters, called Text.
2. An Integer between 0-25 denoting the required shift.
Procedure:
• Traverse the given text one character at a time.
• For each character, transform the given character as per the rule, depending on
whether we’re encrypting or decrypting the text.
• Return the new string generated.

5
A program that receives a Text (string) and Shift value(integer) and returns the encrypted
text.
//A Java Program to illustrate Caesar Cipher Technique
class CaesarCipher
{
// Encrypts text using a shift of s
public static StringBuffer encrypt(String text, int s)
{
StringBuffer result= new StringBuffer();

for (int i=0; i<text.length(); i++)

{
if (Character.isUpperCase(text.charAt(i)))
{
char ch = (char)(((int)text.charAt(i) +
s - 65) % 26 + 65);
result.append(ch);
}
else
{
char ch = (char)(((int)text.charAt(i) +
s - 97) % 26 + 97);
result.append(ch);
}
}
return result;
}

// Driver code
public static void main(String[] args)
{
String text = "ATTACKATONCE";
int s = 4;
System.out.println("Text : " + text);
System.out.println("Shift : " + s);
System.out.println("Cipher: " + encrypt(text, s));
}
}

How to decrypt?
We can either write another function decrypt similar to encrypt, that’ll apply the given
shift in the opposite direction to decrypt the original text. However, we can use the cyclic
property of the cipher under modulo, hence we can simply observe
Cipher(n) = De-cipher(26-n)
Hence, we can use the same function to decrypt, instead, we’ll modify the shift value such
that shift = 26-shift

6
Columnar Transposition technique
The Columnar Transposition Cipher is a form of transposition cipher just like Rail Fence
Cipher. Columnar Transposition involves writing the plaintext out in rows, and then
reading the ciphertext off in columns one by one.

Encryption
In a transposition cipher, the order of the alphabets is re-arranged to obtain the cipher-
text.
1. The message is written out in rows of a fixed length, and then read out again
column by column, and the columns are chosen in some scrambled order.
2. Width of the rows and the permutation of the columns are usually defined by a
keyword.
3. For example, the word HACK is of length 4 (so the rows are of length 4), and the
permutation is defined by the alphabetical order of the letters in the keyword.
In this case, the order would be “3 1 2 4”.
4. Any spare spaces are filled with nulls or left blank or placed by a character
(Example: _).
5. Finally, the message is read off in columns, in the order specified by the
keyword.

Decryption
1. To decipher it, the recipient has to work out the column lengths by dividing the
message length by the key length.
2. Then, write the message out in columns again, then re-order the columns by
reforming the key word.

Difference between Substitution and Transposition Cipher

S.NO Substitution Cipher Technique Transposition Cipher Technique

In substitution Cipher Technique,

In transposition Cipher Technique, plain
plain text characters are replaced
1. text characters are rearranged with
with other characters, numbers and
respect to the position.
symbols.

Substitution Cipher’s forms are:

Transposition Cipher’s forms are: Key-
Mono alphabetic substitution cipher
2. less transposition cipher and keyed
and poly alphabetic substitution
transposition cipher.
cipher.

In substitution Cipher Technique,

While in transposition Cipher
3. character’s identity is changed while
Technique, the position of the character
its position remains unchanged.

7
S.NO Substitution Cipher Technique Transposition Cipher Technique

is changed but character’s identity is not

changed.

In substitution Cipher Technique, The While in transposition Cipher

4. letter with low frequency can detect Technique, The Keys which are nearer to
plain text. correct key can disclose plain text.

The example of substitution Cipher is The example of transposition Cipher is

5.
Caesar Cipher. Rail Fence Cipher.

Steganography

Steganography is the technique of hiding secret data within an ordinary, non-secret, file or
message in order to avoid detection; the secret data is then extracted at its destination. The
use of steganography can be combined with encryption as an extra step for hiding or
protecting data. The word steganography is derived from the Greek
words steganos (meaning hidden or covered) and the Greek root graph (meaning to write).

Steganography can be used to conceal almost any type of digital content, including text,
image, video or audio content; the data to be hidden can be hidden inside almost any other
type of digital content. The content to be concealed through steganography -- called hidden
text -- is often encrypted before being incorporated into the innocuous-seeming cover
text file or data stream. If not encrypted, the hidden text is commonly processed in some
way in order to increase the difficulty of detecting the secret content.

What are examples for steganography?

Steganography is practiced by those wishing to convey a secret message or code. While

there are many legitimate uses for steganography, malware developers have also been
found to use steganography to obscure the transmission of malicious code.

Forms of steganography have been used for centuries and include almost any technique for
hiding a secret message in an otherwise harmless container. For example, using invisible ink
to hide secret messages in otherwise inoffensive messages; hiding documents recorded on

8
microdot -- which can be as small as 1 millimetre in diameter -- on or inside legitimate-
seeming correspondence; and even by using multiplayer gaming environments to share
information.

How is steganography used today?

In modern digital steganography, data is first encrypted or obfuscated in some other way
and then inserted, using a special algorithm, into data that is part of a particular file format
such as a JPEG image, audio or video file. The secret message can be embedded into
ordinary data files in many different ways. One technique is to hide data in bits that
represent the same colour pixels repeated in a row in an image file. By applying the
encrypted data to this redundant data in some inconspicuous way, the result will be an
image file that appears identical to the original image but that has "noise" patterns of
regular, unencrypted data.

The practice of adding a watermark -- a trademark or other identifying data hidden in

multimedia or other content files -- is one common use of steganography. Watermarking is
a technique often used by online publishers to identify the source of media files that have
been found being shared without permission.

While there are many different uses of steganography, including embedding sensitive
information into file types, one of the most common techniques is to embed a text file into
an image file. When this is done, anyone viewing the image file should not be able to see a
difference between the original image file and the encrypted file; this is accomplished by
storing the message with less significant bites in the data file. This process can be completed
manually or with the use of a steganography tool.

What are the advantages of steganography over cryptography?

Steganography is distinct from cryptography, but using both together can help improve the
security of the protected information and prevent detection of the secret communication. If
steganographically-hidden data is also encrypted, the data may still be safe from detection -
- though the channel will no longer be safe from detection. There are advantages to using
steganography combined with encryption over encryption-only communication.

The primary advantage of using steganography to hide data over encryption is that it helps
obscure the fact that there is sensitive data hidden in the file or other content carrying the

9
hidden text. Whereas an encrypted file, message or network packet payload is clearly
marked and identifiable as such, using steganographic techniques helps to obscure the
presence of the secure channel.

10
The various terms used to describe image steganography include:

• Cover-Image - Unique picture that can conceal data.

• Message - Real data that you can mask within pictures. The message may be in
the form of standard text or an image.

• Stego-Image − A stego image is an image with a hidden message.

• Stego-Key - Messages can be embedded in cover images and stego-images with

the help of a key, or the messages can be derived from the photos themselves.

Steganography Examples Include

• Writing with invisible ink

• Embedding text in a picture (like an artist hiding their initials in a painting they’ve
done)

• Backward masking a message in an audio file (remember those stories of evil

messages recorded backward on rock and roll records?)

• Concealing information in either metadata or within a file header

• Hiding an image in a video, viewable only if the video is played at a particular

frame rate

• Embedding a secret message in either the green, blue, or red channels of an RRB
image

Steganography can be used both for constructive and destructive purposes. For example,
education and business institutions, intelligence agencies, the military, and certified ethical
hackers use steganography to embed confidential messages and information in plain sight.

On the other hand, criminal hackers use steganography to corrupt data files or hide
malware in otherwise innocent documents. For example, attackers can use BASH and
PowerShell scripts to launch automated attacks, embedding scripts in Word and Excel
documents. When a poor, unsuspecting user clock one of those documents open, they
activate the secret, hidden script, and chaos ensues. This process is a favoured ransomware
delivery method.

11
Symmetric and Asymmetric Cryptography

At its simplest, encryption simply means to use a key to encrypt data. This key is then
required to decrypt the information as well. If the recipient doesn't have the key, they can't
decrypt the data once it arrives at its destination. If you're new to the world of data
encryption, you should also check out these basic encryption terms to gain a better
understanding.

For instance, if you encrypt an email and send it to a person, they should also receive the
encryption key, otherwise they simply can't view the contents of the email. Symmetric
encryption is the simplest form of encryption, since it requires a single key to encrypt or
decrypt information.

As you can probably guess, symmetric equation is a relatively old form of encryption,
utilizing a secret key that can be an alphanumeric string, a number, or a word. It's also quite
effective, and can even be used for full-disk encryption.

Why Use Symmetric Encryption?

The reason why symmetric encryption is popular is that it's relatively simple. This makes it
easy and quicker to execute. Generally, symmetric encryption is used for encrypting larger
amounts of data.

In most cases, the typical length of a symmetric encryption key is either 128 or 256 bits.
Since only a single key is used, it doesn't require lots of resources to encrypt the information
either.

The Problem with Symmetric Encryption

All parties must share the encryption key to allow for data transfer, exposing symmetric
encryption to key exhaustion problems. If effective rotation isn't maintained, there's a risk
that the key might be leaked.

There is also a risk that a hacker may receive bits of information that they can use to
construct the encryption key themselves. This causes issues with scaling since you can't
share the key with others.

12
Asymmetric Encryption

Instead of relying on a single shared key, asymmetric encryption uses a couple of related
keys. This includes a public and a private key, which automatically makes it more secure than
symmetric encryption.

The public key is available to all parties, and is used for decrypting the plain text message
before it is sent. But, in order to decrypt the actual message and read it, the parties must
have access to the private key.

While there's a mathematical relationship between the public and the private key, hackers
can't derive the private key using the information from the public key.

For instance, you can make available a public key to anyone who wishes to send you a
message. But, the second key is kept secret, so only you know that one. Thus, when a
message is encrypted and sent using the public key, a private key must also be required to
decrypt it fully.

It's important to understand that the private key is only known to the person who owns it.
Even the sender doesn't know the private key and can't decrypt the file once it is sent. Every
authorized party in this exchange has their own private key that they can use to decrypt
information.

Why Is Asymmetric Encryption Considered More Secure?

Asymmetric encryption can be carried out automatically or manually, depending on the
key's length. It's important to understand that the security of either lies primarily on the size
of the key.

However, a significant reason why asymmetric encryption is considered more secure and
reliable is because it doesn't involve the exchange of public keys between multiple parties.
Even if a hacker gains access to a public key, there's no risk of them using it for decrypting
the data (since the public key is used for encryption only), as they don't know the private
keys.

More importantly, asymmetric encryption also supports digital signature algorithms and
authentication, unlike symmetric encryption. This allows users to digitally sign documents or

13
messages using their private keys, and others can use the corresponding public keys to
confirm that the signatures are authentic and came from the verified sender.

The Problem with Asymmetric Encryption

Since it's obviously the more secure choice, why isn't asymmetric encryption the only
standard in the world of encryption today? That's because when compared with symmetric
encryption, it's considerably slower.

This has to do with the longer key lengths, and more importantly, the mathematical
calculations involved in asymmetric encryption are considerably more complex, which
means they require more CPU resources for decryption.

Even though there's a link between the public and private keys, asymmetric encryption
relies primarily on longer key lengths to beef up security. It's essentially a compromise
between speed and security.

For instance, as mentioned above, symmetric encryption relies on 128 or 256-bit keys. In
comparison, the RSA encryption key size is generally 2048 bits or higher. And, with quantum
computers seemingly becoming a reality very soon, even that might not be enough to
protect information.

Block Cipher and Stream Cipher belongs to the symmetric key cipher. These two block
ciphers and stream cipher are the methods used for converting the plain text into
ciphertext.
The main difference between a Block cipher and a Stream cipher is that a block cipher
converts the plain text into cipher text by taking plain text’s block at a time. While stream
cipher Converts the plain text into cipher text by taking 1 byte of plain text at a time.
Difference between Block cipher and Stream cipher

S.NO Block Cipher Stream Cipher

Block Cipher Converts the plain text Stream Cipher Converts the plain
1. into cipher text by taking plain text into cipher text by taking 1
text’s block at a time. byte of plain text at a time.

14
S.NO Block Cipher Stream Cipher

Block cipher uses either 64 bits or

2. While stream cipher uses 8 bits.
more than 64 bits.

The complexity of block cipher is While stream cipher is more

3.
simple. complex.

Block cipher Uses confusion as well While stream cipher uses only
4.
as diffusion. confusion.

In block cipher, reverse encrypted While in-stream cipher, reverse

5.
text is hard. encrypted text is easy.

The algorithm modes which are
used in block cipher are ECB
6.
(Electronic Code Book) and CBC
(Cipher Block Chaining).
The algorithm modes which are
used in stream cipher are CFB
(Cipher Feedback) and OFB
(Output Feedback).

Block cipher works on transposition While stream cipher works on

techniques like rail-fence technique, substitution techniques like
7.
columnar transposition technique, Caesar cipher, substitution cipher,
etc. etc.

Block cipher is slow as compared to While stream cipher is fast in

8.
a stream cipher. comparison to block cipher.

Data Encryption Standard

DES is a block cipher and encrypts data in blocks of size of 64 bits each, which means 64
bits of plain text go as the input to DES, which produces 64 bits of ciphertext. The same
algorithm and key are used for encryption and decryption, with minor differences. The key
length is 56 bits.

DES is based on the two fundamental attributes of cryptography: substitution (also called
confusion) and transposition (also called diffusion). DES consists of 16 steps, each of which

15
is called a round. Each round performs the steps of substitution and transposition. Let us
now discuss the broad-level steps in DES.

• In the first step, the 64-bit plain text block is handed over to an initial
Permutation (IP) function.
• The initial permutation is performed on plain text.
• Next, the initial permutation (IP) produces two halves of the permuted block;
saying Left Plain Text (LPT) and Right Plain Text (RPT).
• Now each LPT and RPT go through 16 rounds of the encryption process.
• In the end, LPT and RPT are re-joined and a Final Permutation (FP) is performed
on the combined block
• The result of this process produces 64-bit ciphertext.

The initial permutation (IP) happens only once and it happens before the first round. It
suggests how the transposition in IP should proceed, as shown in the figure. For example,
it says that the IP replaces the first bit of the original plain text block with the 58th bit of
the original plain text, the second bit with the 50th bit of the original plain text block, and
so on.
This is nothing but jugglery of bit positions of the original plain text block. the same rule
applies to all the other bit positions shown in the figure.

16
As we have noted after IP is done, the resulting 64-bit permuted text block
is divided into two half blocks. Each half-block consists of 32 bits, and each
of the 16 rounds, in turn, consists of the broad-level steps outlined in the
figure.

Asymmetric Key Cryptography

Asymmetric encryption, also known as public-key cryptography, is a type of encryption that
uses a pair of keys to encrypt and decrypt data. The pair of keys includes a public key, which
can be shared with anyone, and a private key, which is kept secret by the owner. In
asymmetric encryption, the sender uses the recipient’s public key to encrypt the data. The
recipient then uses their private key to decrypt the data. This approach allows for secure
communication between two parties without the need for both parties to have the same
secret key. Asymmetric encryption has several advantages over symmetric encryption,

17
which uses the same key for both encryption and decryption. One of the main advantages
is that it eliminates the need to exchange secret keys, which can be a challenging process,
especially when communicating with multiple parties. Additionally, asymmetric encryption
allows for the creation of digital signatures, which can be used to verify the authenticity of
data. Asymmetric encryption is commonly used in various applications, including secure
online communication, digital signatures, and secure data transfer. Examples of asymmetric
encryption algorithms include RSA, Diffie-Hellman, and Elliptic Curve Cryptography (ECC).
Asymmetric encryption, commonly known as public-key cryptography, employs two distinct
keys for encryption and decoding. The private key is a separate key from the public key that
is kept private by the owner of the public key while the public key is made available to
everyone. Anyone can encrypt a message using the public key, but only the holder of the
private key can unlock it. With no chance of the communication being intercepted and read
by a third party, anyone can send a secure message to the public key’s owner. Asymmetric
encryption is frequently used for secure internet communication, including email
encryption, e-commerce, and online banking. Digital signatures, which are used to confirm
the legitimacy of digital documents and messages, are another application for it.

Advantages of Asymmetric Encryption

Asymmetric encryption also known as public key cryptography is a method of cryptography

that uses two different keys to encrypt and decrypt data, here are some advantages of
asymmetric encryption: –

• Enhanced Security: Asymmetric encryption provides a higher level of security

compared to symmetric encryption where only one key is used for both
encryption and decryption with asymmetric encryption a different key is used for
each process and the private key used for decryption is kept secret by the receiver
making, it harder for an attacker to intercept and decrypt the data.

18
 • Authentication: Asymmetric encryption can be used for authentication
purposes which means that the receiver can verify the sender s identity. This is
achieved by the sender encrypting a message with their private key which can
only be decrypted with their public key if the receiver can successfully decrypt
the message, it proves that it was sent by the sender who has the corresponding
private key.
• Non-repudiation: Asymmetric encryption also provides non-repudiation which
means that the sender cannot deny sending a message or altering its contents
this is because the message is encrypted with the sender s private key and only
their public key can decrypt it . Therefore, the receiver can be sure that the
message was sent by the sender and has not been tampered with.
• Key distribution: Asymmetric encryption eliminates the need for a secure key
distribution system that is required in symmetric encryption with symmetric
encryption, the same key is used for both encryption and decryption and the key
needs to be securely shared between the sender and the receiver asymmetric
encryption, on the other hand, allows the public key to be shared openly and the
private key is kept secret by the receiver.
• Versatility: Asymmetric encryption can be used for a wide range of applications
including secure email communication online banking transactions and e-
commerce it is also used to secure SSL/TSL connections which are commonly
used to secure internet traffic.
Overall, the use of asymmetric encryption offers enhanced security authentication non-
repudiation key distribution, and versatility these advantages make it a widely used and
effective method for protecting sensitive data in various applications.

Digital Signature
Digital signatures are the newer, faster, better way of signing documents online. They cut
your costs, require less time, are more environmentally friendly, and make the whole
process easier and faster for everyone involved.

Digital signatures are the digital equivalent of regular ink signatures. Just like ink signatures
signal your approval or involvement in a paper document and its contents, a digital
signature does the same on digital documents.

19
And they do it far better than ink signatures can.

Digital signatures use a Public Key Infrastructure (PKI), a standard format that provides high
security and acceptance to your document. This combination of a public key and a private
key is what makes a digital signature so safe.

Through the PKI and the processes involved in creating electronic signatures and storing
digitally signed documents, you can be sure that your signature cannot be forged, and once
signed. The document cannot be altered.

This makes a digital document with an e-signature secure enough to be valid worldwide,
including anywhere within the United States and the European Union.

20
Vernam Cipher

Vernam Cipher is a method of encrypting alphabetic text. It is one of the Substitution

techniques for converting plain text into cipher text. In this mechanism we assign a
number to each character of the Plain-Text, like (a = 0, b = 1, c = 2, … z = 25).
Method to take key: In the Vernam cipher algorithm, we take a key to encrypt the plain
text whose length should be equal to the length of the plain text.
Encryption Algorithm:
1. Assign a number to each character of the plain-text and the key according to
alphabetical order.
2. Bitwise XOR both the number (Corresponding plain-text character number and
Key character number).
3. Subtract the number from 26 if the resulting number is greater than or equal to
26, if it isn’t then leave it.

Plain-Text: O A K
Key: S O N
O ==> 14 = 0 1 1 1 0
S ==> 18 = 1 0 0 1 0
Bitwise XOR Result: 1 1 1 0 0 = 28
Since the resulting number is greater than 26, subtract 26 from it. Then convert the
Cipher-Text character number to the Cipher-Text character.
28 - 26 = 2 ==> C
CIPHER-TEXT: C
Similarly, do the same for the other corresponding characters,
PT: O A K
NO: 14 00 10

KEY: S O N
NO: 18 14 13
New Cipher-Text is after getting the corresponding character from the resulting number.
CT-NO: 02 14 07
CT: C O H
Example 2:
Plain-Text: RAMSWARUPK
Key: RANCHOBABA
Now according to our encryption algorithm, we assign a number to each character of our
plain text and key.
PT: R A M S W A R U P K
NO: 17 0 12 18 22 0 17 20 15 10

KEY: R A N C H O B A B A
NO: 17 0 13 2 7 14 1 0 1 0

21
Now Bitwise XOR the number of Plain-Text and Key and after doing the XOR operation and
subtraction operation (if required), we will get the corresponding Cipher-Text character
number.
CT-NO: 0 0 1 16 17 14 16 20 14 10
Since there are no numbers that are greater than or equal to 26 we do not have to
subtract 26 from any of them.
New Cipher-Text is after getting the corresponding character from the number.
CIPHER-TEXT: A A B Q R O Q U O K

One Time Pad algorithm is the improvement of the Vernam Cipher, proposed by An Army
Signal Corp officer, Joseph Mauborgne. It is the only available algorithm that is
unbreakable (completely secure). It is a method of encrypting alphabetic plain text. It is
one of the Substitution techniques which converts plain text into ciphertext. In this
mechanism, we assign a number to each character of the Plain-Text.
The two requirements for the One-Time pad are
• The key should be randomly generated as long as the size of the message.
• The key is to be used to encrypt and decrypt a single message, and then it is
discarded.
So encrypting every new message requires a new key of the same length as the new
message in one-time pad.
The ciphertext generated by the One-Time pad is random, so it does not have any
statistical relation with the plain text.

The assignment is as follows:

A B C D E F G H I J

0 1 2 3 4 5 6 7 8 9

K L M N O P Q R S T

10 11 12 13 14 15 16 17 18 19

U V W X Y Z

20 21 22 23 24 25

22
The relation between the key and plain text: In this algorithm, the length
of the key should be equal to that of plain text.

Examples:
Input: Message = HELLO, Key = MONEY Output: Cipher – TSYPM, Message
– HELLO
Explanation: Part 1: Plain text to Ciphertext
Plain text — H E L L O → 7 4 11 11 14
Key — M O N E Y → 12 14 13 4 24
Plain text + key → 19 18 24 15 38 → 19 18 24 15 12 (= 38 – 26)
Cipher Text → T S Y P M
Part 2: Ciphertext to Message
Cipher Text — T S Y P M → 19 18 24 15 12
Key — M O N E Y→ 12 14 13 4 24
Cipher text – key → 7 4 11 11 -12 → 7 4 11 11 14
Message → H E L L O
Input: Message = SAVE, Key = LIFE
Output: Cipher – DIAI Message – SAVE

Advantages
• One-Time Pad is the only algorithm that is truly unbreakable and can be used
for low-bandwidth channels requiring very high security(ex. for military uses).
Disadvantages
• There is the practical problem of making large quantities of random keys. Any
heavily used system might require millions of random characters on a regular
basis.
• For every message to be sent, a key of equal length is needed by both sender
and receiver. Thus, a mammoth key distribution problem exists.

Cryptographic Hash is a Hash function that takes random size input and yields a fixed-size
output. It is easy to calculate but challenging to retrieve the original data. It is strong and
difficult to duplicate the same hash with unique inputs and is a one-way function so revert
is not possible. Hashing is also known by different names such as Digest, Message
Digest, Checksum, etc.

23
Properties Of Cryptography Hash Function
The ideal cryptographic hash function has the following main properties:
1. Deterministic: This means that the same message always results in the same
hash.
2. Quick: It is quick to compute the hash value for any given message.
3. Avalanche Effect: This means that every minor change in the message results in
a major change in the hash value.
4. One-Way Function: You cannot reverse the cryptographic hash function to get
to the data.
5. Collision Resistance: It is infeasible to find two different messages that produce
the same hash value.
6. Pre-Image Resistance: The hash value shouldn’t be predictable from the given
string and vice versa.
7. Second Pre-Image Resistance: Given an input, it should be difficult to find
another input that has the same hash value.

Rail Fence Technique

The rail fence technique is a simple form of transposition cipher. It’s a type
of cryptographic algorithm that rearranges the positions of the letters in a message to
create a new, seemingly unrelated message. The technique gets its name from the way we

24
write the message. Applying the rail fence technique in a given text results in a zigzag
pattern, with each letter in a row written out before moving to the next row.
To encrypt a message using the rail fence technique, first, we need to write the message in
the first row of a table. Furthermore, we have to write the second letter of the message in
the second row. We need to continue this process until we’ve written all the letters in the
message. Finally, in order to generate the encrypted message, we read the table row-wise.
Now let’s talk about how we can decrypt a message. To decrypt an encrypted message, the
first step is to determine the number of rows in the table based on the length of the
encrypted message. Furthermore, we need to write the first letter of the encrypted
message in the first row, the second letter in the second row, and so on. We need to
continue this process until we’ve written all the letters in the message.
Overall, the rail fence technique is a relatively simple form of encryption. However, it
doesn’t provide strong security. Someone can easily break it with even a basic
understanding of cryptography. Although, it can still be helpful for simple communication
where a high level of security is not required.

3. Example

First, let’s look at an example of the encryption of a message using the rail fence
technique. Here, we want to encrypt a message with two rows: HELLO SAM. First, we would
write the message in rows:

Now, in order to generate encrypted text, we need to write the first row, followed by the
second row. Hence, our encrypted message is HLOAELSM.
Now let’s start the decryption process. First, we must determine the number of rows
needed to decrypt the message. We already know the number of rows is two here. The total
length of the encrypted message is 8. Hence, each row will contain four letters:

25
The first letter of the plaintext would be the first letter of the first row of the table. Similarly,
the second letter of the plaintext would be the first letter of the second row of the table.
We need to continue this process until we cover all the letters in the encrypted message:

Therefore, we get our plaintext after applying the decryption process: HELLO SAM.

Advantages and Disadvantages

Now we know the basic idea behind the rail fence technique. Let’s talk about the
advantages and disadvantages.
Some advantages of the rail fence technique include simplicity, ease of use, and flexibility.
The rail fence technique is relatively simple to understand and implement, making it a good
choice for basic communication where a higher level of security is not required. We can
manually perform the rail fence technique without requiring specialized equipment or
software.
Finally, we can use the rail fence technique with any number of rows. It allows the user to
choose a level of complexity appropriate to their needs.
The main disadvantages of this technique are lack of security, limited effectiveness, and
vulnerability to attacks.

26
The rail fence technique is not a secure form of encryption, as someone can easily break it
with even a basic understanding of cryptography. Additionally, this technique is not highly
effective for longer messages.
Furthermore, the rail fence technique is vulnerable to certain types of attacks, such
as known-plaintext attacks. Therefore, an attacker can easily break the encryption by
launching attacks.

27