Cipher: A cipher is an algorithm of well-defined steps which is used for encryption or decryption of

data.In simple words it is used to transform original data.

Types of cipher:

1. Block cipher: In this a text block is transformed or replaced with a cipher text block instead of
single character transformation.These are again divided in three categories:

P-BOX: Transformation or transposition is performed on bit level.Plaintext is transformed with digital

Bits such as 1 and 0.The size should be similar in both plain text or cipher text.

S-BOX: Substitution is performed at bit level. It contains three things:1.Decoder: Decoder transform n-
bit into 2n bit structure.2.P-Box: P-box perform permutation on this decoded data.3.Encoder: The
encoder is used to transform the permuted data into cipher text.

Product Block: If we want more reliable and secure cipher then we can combine P-Box and S-Box to
create new cipher, known as Product Block.It applies both the processing on the plain text for
transformation into cipher text.

2. Traditional cipher: Most of traditional ciphers use single alphabet or character as a unit for
transformation. Means one plain text alphabet is replaced with one cipher text alphabet.These
are again divided in two categories.

Substitution Cipher: Replace bits, characters, or character blocks in plaintext with alternate bits,
characters or character blocks to produce cipher text. A substitution cipher may be…

• Monoalphabetic cipher: A single alphabet is used to encrypt the entire plaintext message. For
example, if the letter A is enciphered as the letter K, this will be the same for the entire

message.This is an easy method but to find the key is very difficult so this is a good cipher.
Example: Plain text: Cipher is an algorithm. Then Cipher text: PVCUREVFNANYTBEVGUZ

• Polyalphabetic Cipher: A more complex substitution using a mixed alphabet to encrypt each bit,
character or character block of a plaintext message.In this Vigenere square or Vigenere table is
used.In this table multiple alternates are existing for single character.The final alternate is
depending on the character and the keyword to encrypt the text.for transformation a key is also
used and this key is different for each dataset. For example, take a plain text APPLE and the
keyword is RIGHT, so now A is used with R, P is used with I, second P is used with G, L is used
with H, and E is used with T.

• Caesar Cipher: This is very simple. In this each alphabet is replaced with its upcoming third
subsequent alphabet.Example: A is replaced by D, B is replaced by E etc.
Transpositon Cipher: A transposition cipher rearranges the order of letters or blocks according to the
specific algorithm.In a simple columnar transposition cipher, a message might be read horizontally but
would be written vertically to produce the ciphertext. . For example, using a columnar transposition
cipher with the key "2 1 4 3", the plaintext "HELLO WORLD" could be encrypted as "EHOLLLWDOR".

• Polygraphic cipher: A polygraphic cipher performs substitutions with two or more groups of

letters. It is similar as substitute cipher, but in this plain text blocks are replaced with cipher text
blocks instead of individual letters or characters.
• Premutation cipher: Permutation means rearrange the order of characters and alphabets in

plain text. This is quite opposite of substitute ciphers. In this the plaintext is rearranged in any
possible order

What is p-box in Cryptography?

 P-boxes are permutation boxes which are usually one of the main components of a modern
block cipher. They are also known as D-boxes or diffusion boxes. P-boxes are used in the block
cipher called the data encryption standard commonly known as DES in cryptography.
 Functinality: A p-box (permutation box) is used to transposition the characters for the
particular input of characters. In simple words, it transposes the bits. Here, 1,2,3,4,5
refers to the position of the bit, and the bits in those positions are transpositioned using
the predefined p-box.
 For example in the p-box, if the input is 1,2,3,4,5, the output might be 3,4,2,1,5. This
means the values of 1,2,3,4,5 are being arranged in the order of 3,4,2,1,5.
1. Straight P-box
In this type of p-box, the number of inputs and output is the same. If inputs are n and outputs are m,
then m=n. The positions of the arrangement are shown in the figure, where an equal number of bits
are transposed to different places.
2. Expansion P-box
An expansion p-box is a p-box with n inputs and m outputs where m>n, i.e., the number of outputs is
more than the number of inputs. In this type of p-box, the values get repeated as for one input there
is a possibility for more than one output.
3. Compression P-box
A compression p-box is a p-box with n inputs and m outputs where m<n, i.e., the number of outputs is
less than the number of inputs. In this type of p-box, few bits are dropped as not all input bits are
considered for output.
Invertibility of P-boxes
The invertibility property holds true only for straight p-boxes but not for expansion and compression
p-boxes.
This is because:
 In compression p-boxes, an input can be dropped while encryption and while decryption, it is not
at all possible for the decryption algorithm to find what the dropped bit was.
 In expansion p-boxes, an input may be mapped to more than one output during encryption, so
during decryption, the algorithm would not be able to guess the input as several inputs are
mapped to the output.

Firewall
• A hardware/software that monitors the incoming and outgoing traffic based on predefined rules.
• A firewall in an information security program.it is similar to a building’s firewall.it prevents
specific types of information from moving between the outside world, known as the untrusted
network (for example, the Internet), and the inside world, known as the trusted network.
• The firewall may be a separate computer system, a software service running on an existing router
or server, or a separate network containing a number of supporting devices.
• Acts like a barrier.
• Host based (software) and network based (hardware)

Packet filtering firwall

• The packet-filtering firewall, also simply called a filtering firewall.

• Examines the header information of data packets that come into a network.
• Works on network and transport layer.
• A packet-filtering firewall installed on a TCP/IP- based network typically functions at the IP
level and determines whether to drop a packet (deny) or forward it to the next network connection
(allow) based on the rules programmed into the firewall.
• Filtering firewalls inspect packets at the network layer, or Layer 3, and 4 of the Open Systems
Interconnect (OSI) model, which represents the seven layers of networking processes.
• Can block IP address or full network
• Can block a service e.g. HTTP
• The restrictions most commonly implemented in packet-filtering firewalls are based on a
combination of the following:
• IP source and destination address
• Direction (inbound or outbound)
• Protocol (for firewalls capable of examining the IP protocol layer)
• A dynamic filtering firewall can react to an emergent event and update or create rules to deal
with that event.
• Operation: They maintain state information about connections such as TCP handshakes,
ensuring only legitimate traffic is allowed based on the established session .
• A static filtering firewalls allow entire sets of one type of packet to enter in response to
authorized requests
• Operation: They examine incoming and outgoing packets using predetermined rules like source
IP address, destination IP address, port numbers, and protocols.

Application Gateway

• The application gateway, also known as an application-level firewall or application firewall.

• For example, an organization that runs a Web server can avoid exposing the server to direct user
traffic by installing a proxy server configured with the registered domain’s URL.
• This proxy server receives requests for Web pages, accesses the Web server on behalf of the
external client, and returns the requested pages to the users.
• These servers can store the most recently accessed pages in their internal cache, and are thus also
called cache servers.
• One common example of an application-level firewall (or proxy server) is a firewall that blocks
all requests for and responses to requests for Web pages and services from the internal computers
of an organization, and instead makes all such requests and responses go to intermediate
computers (or proxies) in the less protected areas of the organization’s network.
• The primary disadvantage of application-level firewalls is that they are designed for one or a few
specific protocols and cannot easily be reconfigured to protect against attacks on other protocols.
 Since application firewalls work at the application layer (hence the name), they are typically
restricted to a single application (e.g., FTP, Telnet, HTTP, SMTP, and SNMP).

Circuit Gatway firewall

• The circuit gateway firewall operates at the transport layer. Again, connections are authorized
based on addresses. Like filtering firewalls, circuit gateway firewalls do not usually look at traffic
flowing between one network and another, but they do prevent direct connections between one
network and another.
• Advantage: A circuit-level gateway acts as a proxy for hiding the internal host from the serving
host.
• It avoids the filtering of individual packets.
• These gateways are inexpensive.
• Address schemes can easily develop.
• Simple to implement.
• Every application does not require a separate proxy server.
• Disadvantage: Circuit-level Gateway does not filter the individual packets
• Frequent updates are required
• Within the firewall, it does not offer protection against data leakage from devices.
• For using Circuit level gateways the TCP/IP stacks are mandatory to be modified by the vendor .

MAC layer firewall

• MAC layer firewalls are designed to operate at the media access control sublayer of the data link
layer of the OSI network model.
• This enables these firewalls to consider the specific host computer’s identity, as represented by its
MAC or network interface card (NIC) address in its filtering decisions.
• Thus, MAC layer firewalls link the addresses of specific host computers entries that identify the
specific types of packets that can be sent to each host, and block all other traffic