MODULE 1

 For cipher matrix with key “occurance ” and plain text “tall tree”

1. Enlist Security Goals

CIA triad(Security Goals)

1. Confidentiality, integrity and availability, also known as the CIA triad, is a model
designed to guide policies for information security within an organization.

• Confidentiality is roughly equivalent to privacy. Confidentiality measures are designed to

prevent sensitive information from unauthorized access attempts.
It is common for data to be categorized according to the amount and type of damage that
could be done if it fell into the wrong hands. More or less measures can then be
implemented according to those categories.
Measures:
 Encryption
 Access Control
 Data Classification

2. Integrity involves maintaining the consistency, accuracy and trustworthiness of data

over its entire lifecycle. Data must not be changed in transit, and steps must be taken to
ensure data cannot be altered by unauthorized people (for example, in a breach of
confidentiality).
Mechanisms:
 Hashing
 Access Control
 Data Classification
3. Availability means information should be consistently and readily accessible for
authorized parties. This involves properly maintaining hardware and technical
infrastructure and systems that hold and display the information.
 Access Control
 Isolation
 Backup
 Disaster recovery

2. Security Attacks
These attacks aim to retrieve the plaintext from the ciphertext or decode the
encrypted data.
Hackers may attempt to bypass the security of a cryptographic system by discovering
weaknesses and flaws in cryptography techniques, cryptographic protocol,
encryption algorithms, or key management strategy
Attacks are generally classified into four categories:
1) Interception:-
 ❑ It is an attack on confidentiality
❑ The main purpose is to eavesdrop (similar to hear someone’s telephonic
conversation) on the information carried in the message
2) Fabrication:-
❑ It is an attack on authentication
❑ Attacker modifies messages, parameters and other properties.
❑ This gives threats to message authenticity
❑ Primarily affect integrity but could be considered an availability attack as well
3) Modification:-
❑ It means that a party without authorization, not only accesses the data but
tampers the data
❑ This threatens message integrity.
❑ The main purpose is to create confusion or mislead the parties involved in the
communication protocol
❑ This is usually aimed at the network layer and the application layer
4) Interruption:-
❑ It is an attack on the availability of the network, e.g. physical nodes capturing
, corruption of message, malicious code insertion etc.
❑ The main purpose is to launch denial-of-service (DoS) attacks.
❑ The security attacks can be further categorized as passive attacks and active
attacks.
❑ A passive attack tries to learn or use knowledge from the system without
causing any damage to the system’s resources.
❑ An active attack tries to change the system’s resource or disrupt its activity

3. Difference Between active and passive attacks

Active Attack Passive Attack

1In an active attack, Modification in While in a passive attack, Modification in

information takes place. the information does not take place.

2.Active Attack is a danger Passive Attack is a danger

to Integrity as well as availability. to Confidentiality.
 Active Attack Passive Attack

3.In an active attack, attention is on While in passive attack attention is on

prevention. detection.

4.Due to active attacks, the execution While due to passive attack, there is no harm
system is always damaged. to the system.

5.In an active attack, Victim gets While in a passive attack, Victim does not
informed about the attack. get informed about the attack.

6.In an active attack, System While in passive attack, System resources

resources can be changed. are not changing.

7.Active attack influences the Does not influences the services of the
services of the system. system.

8.Can be easily detected. Very difficult to detect.

9.The purpose of an active attack is The purpose of a passive attack is to learn

to harm the ecosystem. about the ecosystem.

10.In an active attack, the original In passive attack original information is

information is modified. Unaffected.

11.The duration of an active attack is

The duration of a passive attack is long.
short.

12.The prevention possibility of The prevention possibility of passive attack

active attack is High is low.

13.Complexity is High Complexity is low.

4. Security Services
 Message Confidentiality − The principle of confidentiality defines
that only the sender and the intended recipient should be capable to
create the element of the message.

 Access Control − The principle of access control decides who should be capable to
access information or system through communication link. It supports the avoidance of
unauthorized use of a resource.
 Data Integrity − Data integrity is designed to secure information from modification,
insertion, deletion and rehashing by any entity
Integrity involves maintaining the consistency, accuracy and trustworthiness of data
over its entire lifecycle. Data must not be changed in transit, and steps must be taken to
ensure data cannot be altered by unauthorized people (for example, in a breach of
confidentiality).

 NON REPUDUTAION
 Nonrepudiation avoids either sender or receiver from adverse a
transmitted message. Therefore, when a message is sent, the receiver
can validate that the asserted sender actually sent the message.
 Likewise, when a message is received, the sender can validate that the
asserted receiver actually received the message.
 AUTHENTICATION
 The authentication service is concerned with likely that a connection is
authentic. In the case of a single message, including a warning or
alarm signal, the function of the authentication service is to persuade
the recipient that the message is from the source that it declare to be
from.


5. Security mechanism
 6. Eulers
Calculate Eulers totient find
i) Φ(11)
ii) Φ(240)
iii) Φ(49)
iv) Φ(10)
v) Φ(343)
7. Euclidean Algo(numerical)
8. Playfair cipher(numerical)
 Plain text = “why don’t you” , key = “keyword” construct play fair cipher
 Encrypt the given message using ceaser cipher key = 7
Msg = The house is being sold tonight
 Plain text = “The key is hidden under the door” , key = “domestic”
9. Explain Transportation key and keyless & (numerical)

Transposition Cipher:

 A transposition cipher does not substitute one symbol for another (as in
substitution cipher), but changes the location of these symbols.
 It reorders (jumbles) the given plain-text to give the cipher-text.
 They are of two types: Keyed and Keyless Transposition Cipher.

Keyless Transposition Cipher:

 In this cipher technique, the message is converted to ciphertext by either of two
permutation techniques:
a. Text is written into a table column-by-column and is then transmitted row-by-
row.
b. Text is written into a table row-by-row and is then transmitted column-by-
column

 The first method (a) is also popularly known as Rail-fence cipher

Keyed Transposition cipher:

  In this approach, rather than permuting all the symbols together, we divide the
entire plaintext into blocks of predetermined size and then permute each block
independently.

10. Draw Relationship between security sources and mechanism

11. Define Non- reputation and authentication (4th ans)

12. Enlist substitution methods and explain one

Substitution technique is a classical encryption approach where the

characters present in the initial message are restored by the other characters
or numbers or by symbols.

If the plain text (original message) is treated as the string of bits, thus the
substitution technique would restore bit pattern of plain text with the bit
pattern of cipher text.

There are various types of substitution ciphers which are as follows −

 Monoalphabetic Cipher − In monoalphabetic substitution cipher, a character in a

plaintext is always restored or changed to the similar character in the ciphertext
For instance, if a letter A in the plaintext is changed to G then each appearance of A in the
plaintext will be restored by G.
Plaintext : hello
Ciphertext : IFMMP
This is a monoalphabetic cipher as both 1’s are encrypted as ‘M’.
 Polyalphabetic cipher –
o In polyalphabetic substitution, each appearance of a character in the plaintext can
have a different substitution character in the ciphertext.
o The relationship among a character in plaintext and a character in ciphertext is
one to many
. For instance, letter ‘A’ can be restored by the letter ‘C’ and the similar letter ‘A’ can be
restored by ‘N’ later in the ciphertext.
In polyalphabetic cipher, frequencies of plaintext letter are not reflected in the ciphertext.

6 It is a simple substitution cipher. It is multiple substitutions

 cipher.

Monoalphabetic ciphers are not that strong as Polyalphabetic ciphers are

8
compared to polyalphabetic cipher. much stronger.

 One-Time Pad − The one-time pad cipher recommend that the key length must be as
long as the plain text to avoid the repetition of key. Along with that, the key must be used
only once to encrypt and decrypt the individual message after that the key must be
discarded.
 Caesar Cipher – (eg explain)
 Playfair Cipher − The playfair cipher is also known as Playfair Square. It is a
cryptographic technique used for manual encryption of information. This scheme was
developed by Charles Wheatstone in 1854.
The Playfair cipher was used by the British army in World War I and by the Australian in
World War II. This was applicable because the playfair cipher is perfectly fast to use and
does not demand some specific equipment to be used.

MODULE 2

1.Block cipher modes

Encryption algorithms are divided into two categories based on the input type,
as a block cipher and stream cipher. Block cipher is an encryption algorithm
that takes a fixed size of input say b bits and produces a ciphertext of b bits
again. If the input is larger than b bits it can be divided further. For different
applications and uses, there are several modes of operations for a block
cipher.

Electronic Code Book (ECB) –

Electronic code book is the easiest block cipher mode of functioning. It is
easier because of direct encryption of each block of input plaintext and output
is in form of blocks of encrypted ciphertext. Generally, if a message is larger
than b bits in size, it can be broken down into a bunch of blocks and the
procedure is repeated.

Procedure of ECB is illustrated below:

  Cipher Block Chaining –
Cipher block chaining or CBC is an advancement made on ECB since
ECB compromises some security requirements
 . In CBC, the previous cipher block is given as input to the next
encryption algorithm after XOR with the original plaintext block
 . In a nutshell here, a cipher block is produced by encrypting an XOR
output of the previous cipher block and present plaintext block.
The process is illustrated here:
 Cipher Feedback Mode (CFB) –
In this mode the cipher is given as feedback to the next block of
encryption with some new specifications:
 first, an initial vector IV is used for first encryption and output bits are
divided as a set of s and b-s bits
 .The left-hand side s bits are selected along with plaintext bits to which
an XOR operation is applied.
 The result is given as input to a shift register having b-s bits to lhs,s bits
to rhs and the process continues.
 The encryption and decryption process for the same is shown below,
both of them use encryption algorithms.

 Output Feedback Mode –

The output feedback mode follows nearly the same process as the
Cipher Feedback mode except that it sends the encrypted output as
feedback instead of the actual cipher which is XOR output.
 In this output feedback mode, all bits of the block are sent instead of
sending selected s bits.
 The Output Feedback mode of block cipher holds great resistance
towards bit transmission errors.
 It also decreases the dependency or relationship of the cipher on the
plaintext.
Counter Mode –
The Counter Mode or CTR is a simple counter-based block cipher
implementation.
Every time a counter-initiated value is encrypted and given as input to XOR
with plaintext which results in ciphertext block.
The CTR mode is independent of feedback use and thus can be implemented
in parallel.

Its simple implementation is shown below:

Applications of Block Ciphers

1. Data Encryption:
2. File and Disk Encryption:
3. Virtual Private Networks (VPN):
4. Secure Sockets Layer (SSL) and Transport Layer Security
(TLS):
5. Digital Signatures:

2.RSA (numerical)
3.AES (diagram and one line explaination explain size and explain key)

Advanced Encryption Standard (AES) is a specification for the encryption of

electronic data
Points to remember
 AES is a block cipher.
 The key size can be 128/192/256 bits.
 Encrypts data in blocks of 128 bits each.
AES performs operations on bytes of data rather than in bits. Since the block
size is 128 bits, the cipher processes 128 bits (or 16 bytes) of the input data at
a time.
The number of rounds depends on the key length as follows :
128 bit key – 10 rounds
 192 bit key – 12 rounds
 256 bit key – 14 rounds
Creation of Round keys :
A Key Schedule algorithm is used to calculate all the round keys from the key.
Encryption :
AES considers each block as a 16 byte (4 byte x 4 byte = 128 ) grid in a
column major arrangement.
[ b0 | b4 | b8 | b12 |
| b1 | b5 | b9 | b13 |
| b2 | b6 | b10| b14 |
| b3 | b7 | b11| b15 ]
Each round comprises of 4 steps :
SubBytes
 ShiftRows
 MixColumns
 Add Round Key
The last round doesn’t have the MixColumns round.
The SubBytes does the substitution and ShiftRows and MixColumns performs
the permutation in the algorithm.
SubBytes :
This step implements the substitution.
 In this step each byte is substituted by another byte.
 Its performed using a lookup table also called the S-box. This
substitution is done in a way that a byte is never substituted by itself and
also not substituted by another byte which is a compliment of the
current byte.
 The result of this step is a 16 byte (4 x 4 ) matrix like before.
 The next two steps implement the permutation.
ShiftRows :
This step is just as it sounds. Each row is shifted a particular number of times.
 The first row is not shifted
 The second row is shifted once to the left.
 The third row is shifted twice to the left.
 The fourth row is shifted thrice to the left.
(A left circular shift is performed.)
[ b0 | b1 | b2 | b3 ] [ b0 | b1 | b2 | b3 ]
| b4 | b5 | b6 | b7 | -> | b5 | b6 | b7 | b4 |
| b8 | b9 | b10 | b11 | | b10 | b11 | b8 | b9 |
[ b12 | b13 | b14 | b15 ] [ b15 | b12 | b13 | b14 ]
MixColumns :
This step is basically a matrix multiplication. Each column is multiplied with a
specific matrix and thus the position of each byte in the column is changed as
a result.
This step is skipped in the last round.
[ c0 ] [ 2 3 1 1 ] [ b0 ]
| c1 | = | 1 2 3 1 | | b1 |
| c2 | | 1 1 2 3 | | b2 |
[ c3 ] [ 3 1 1 2 ] [ b3 ]
Add Round Keys :
Now the resultant output of the previous stage is XOR-ed with the
corresponding round key. Here, the 16 bytes is not considered as a grid but just
as 128 bits of data.

After all these rounds 128 bits of encrypted data is given back as output. This
process is repeated until all the data to be encrypted undergoes this process.
Decryption :
The stages in the rounds can be easily undone as these stages have an opposite
to it which when performed reverts the changes.Each 128 blocks goes through
the 10,12 or 14 rounds depending on the key size.
The stages of each round in decryption is as follows :
Add round key

 Inverse MixColumns
 ShiftRows
 Inverse SubByte
The decryption process is the encryption process done in reverse so i will
explain the steps with notable differences.
Inverse MixColumns :
This step is similar to the MixColumns step in encryption, but differs in the
matrix used to carry out the operation.
[ b0 ] [ 14 11 13 9 ] [ c0 ]
| b1 | = | 9 14 11 13 | | c1 |
| b2 | | 13 9 14 11 | | c2 |
[ b3 ] [ 11 13 9 14 ] [ c3 ]
Inverse SubBytes :
Inverse S-box is used as a lookup table and using which the bytes are
substituted during decryption.

4.DES
  Data Encryption Standard (DES) is a block cipher with a 56-bit key
length that has played a significant role in data security.
 Data encryption standard (DES) has been found vulnerable to very
powerful attacks therefore, the popularity of DES has been found
slightly on the decline.
 DES is a block cipher and encrypts data in blocks of size of 64
bits each, which means 64 bits of plain text go as the input to DES,
which produces 64 bits of ciphertext. The same algorithm and key are
used for encryption and decryption, with minor differences.
 The key length is 56 bits.
 DES is a block cipher that operates on data blocks of 64 bits in size. DES uses a 64-
bit key 8 × 8 including 1 bit for parity, so the actual key is 56 bits.

 As we have noted after IP is done, the resulting 64-bit permuted text

block is divided into two half blocks.
 Each half-block consists of 32 bits, and each of the 16 rounds, in turn,
consists of the broad-level steps outlined in the figure.

Step 2: Expansion Permutation

 Recall that after the initial permutation, we had two 32-bit plain text
areas called Left Plain Text(LPT) and Right Plain Text(RPT).
 During the expansion permutation, the RPT is expanded from 32 bits to
48 bits.
 Bits are permuted as well hence called expansion permutation.
This process results in expansion as well as a permutation of the input bit
while creating output.
The key transformation process compresses the 56-bit key to 48 bits. Then the
expansion permutation process expands the 32-bit RPT to 48-bits. Now the
48-bit key is XOR with 48-bit RPT and the resulting output is given to the
next step, which is the S-Box substitution.

The S-box substitution is the critical step in DES. The algorithm's other opera- tions
are linear and easy to analyze.
The S-boxes are nonlinear and, more than any- thing else, give DES its security.
The result of this substitution phase is eight 4-bit blocks which are recombined into a
single 32-bit block.

Types of Attacks on Encrypted Messages

1. Brute Force Attack: In this attack, the attacker tries all possible combinations of
keys until the correct one is found. It is time-consuming and requires significant
computational power.
2. Cipher Text Only Attack: The attacker only has access to the encrypted message
and tries to analyze patterns or statistical properties of the cipher text to deduce
information about the original message.
3. Known Plaintext Attack: The attacker has access to both the encrypted message and
the corresponding plaintext. By analyzing the relationship between the two, the
attacker tries to deduce the encryption key.
4. Chosen Plaintext Attack: The attacker can choose specific plaintexts and observe
their corresponding ciphertexts. By analyzing the patterns in the chosen plaintext-
ciphertext pairs, the attacker tries to deduce the encryption key.
5. Chosen Ciphertext Attack: The attacker can choose specific ciphertexts and obtain
their corresponding plaintexts. By analyzing the patterns in the chosen ciphertext-
plaintext pairs, the attacker tries to deduce the encryption key.
6. Man-in-the-Middle Attack: In this attack, the attacker intercepts the communication
between two parties and impersonates each party to the other. The attacker can
modify or read the encrypted messages exchanged between the parties.
7. Dictionary Attack: The attacker uses a precomputed list of possible encryption keys
(dictionary) and tries each key to decrypt the message. This attack is effective against
weak or commonly used encryption keys.
8. Birthday Attack: This attack exploits the birthday paradox, which states that in a
group of a relatively small number of people, there is a high probability that two
people share the same birthday. In the context of encryption, this attack tries to find a
collision (two different inputs producing the same output) in the encryption function.

Define Non-Repudiation and Authentication as a security service and show with example
Nonrepudiation is achieved through
how each one can be achieved.
cryptography, like digital signatures, and includes other
services for authentication, auditing and logging. In online
transactions, digital signatures ensure that a party cannot later
deny sending information or deny the authenticity of its
signature.