INDEX

Sr Date Practical Sign

No.
1. Aim - Implementing Substitution and Transposition Ciphers:
Design and implement algorithms to encrypt and decrypt messages
using classical substitution and transposition techniques.
12/7/24 A - Caesar cipher substitution technique.
B - Vernam cipher substitution technique.
19/7/24 C - RailFence cipher substitution technique
D - Monoalphabatic cipher substitution technique
E - Simple columnar transposition technique
2. 26/7/24 Aim - RSA Encryption and Decryption :
Implement the RSA algorithm for public-key encryption and decryption,
and explore its properties and security considerations.
3. 09/8/24 Aim - Message Authentication Codes :
Implement algorithms to generate and verify message authentication
codes (MACs) for ensuring data integrity and authenticity.
4. 16/8/24 Aim - Digital Signatures :
Implement digital signature algorithms such as RSA-based signatures,
and verify the integrity and authenticity of digitally signed messages.
5. 23/8/24 Aim - Key Exchange using Diffie-Hellman :
Implement the Diffie-Hellman key exchange algorithm to securely
exchange keys between two entities over an insecure network.
6. 30/8/24 Aim - IP Security (IPsec) Configuration :
Configure IPsec on network devices to provide secure communication
and protect against unauthorized access and attacks.
7. 05/9/24 Aim - Malware Analysis and Detection :
Analyse and identify malware samples using antivirus tools, analyse
their behaviour, and develop countermeasures to mitigate their impact.
8. 14/9/24 Aim - Firewall Configuration and Rule-based Filtering :
Configure and test firewall rules to control network traffic, filter
packets based on specified criteria, and protect network resources from unauthorized
access.
 Practical 1A
Aim : -Write a python program to implement Caesar cipher substitution technique.

Code -

with open("f5.txt",'rb') as a,\

open("f6.txt",'wb') as b,\
open("f7.txt",'wb') as c:
while True:
byte = a.read(1)
if not byte :
break

b.write(byte)
encrypted_byte = (byte[0]+5)%256
c.write(bytes([encrypted_byte]))

print('file copied')

Output -

File a -

File b -

File c -
 Practical 1B
Aim - Write a python program to implement Vernam cipher substitution technique.

Code -

def vernam_cipher(text, cipher):

if len(text) != len(cipher):
raise ValueError("Text and cipher must have the same length")
encoded = [chr(ord(text_char) ^ ord(cipher_char)) for text_char, cipher_char in
zip(text, cipher)]
return ''.join(encoded)

def vernam_decipher(encoded, cipher):

if len(encoded) != len(cipher):
raise ValueError("Encoded and cipher must have the same length")
decoded = [chr(ord(encoded_char) ^ ord(cipher_char)) for encoded_char, cipher_char in
zip(encoded, cipher)]
return ''.join(decoded)

text = "hello"
cipher = "XYZHG"
encoded_text = vernam_cipher(text, cipher)
print("Encoded text:", encoded_text)
decoded_text = vernam_decipher(encoded_text, cipher)
print("Decoded text:", decoded_text)

Output -
 Practical 1C
Aim - Write a python program to implement rail fence cipher substitution technique

Code -

def rail_fence_cipher(input_str, num_rails=2):

# Create a matrix with num_rails rows
fence = [['' for _ in range(len(input_str))] for _ in range(num_rails)]

# Determine the direction of the zigzag

direction = -1
row = 0

for i, char in enumerate(input_str):

fence[row][i] = char
# Change direction if at the top or bottom rail
if row == 0 or row == num_rails - 1:
direction *= -1
row += direction

# Read off the rails

ciphered_text = ''.join([''.join(rail) for rail in fence])
return ciphered_text

input_str = "Steins;Gate"
ciphered_text = rail_fence_cipher(input_str, num_rails=2)
print("Input String:", input_str)
print("Ciphered text:", ciphered_text)

Output -
 Practical 1D
Aim - Write a python program to implement Monoalphabatic cipher substitution technique

Code -

def encrypt(a): # Encrypts a single character based on the substitution key

pos = ord(a) - 65 # Convert character to position (A=0, B=1, ..., Z=25)
return key[pos] # Substitute with the corresponding character in the key

def decrypt(a): # Decrypts a single character based on the substitution key

pos = key.find(a) # Find the position of the character in the key
if pos == -1:
return a # Return the character unchanged if not found in key
return chr(pos + 65) # Convert position back to character (0=A, 1=B, ..., 25=Z)

key = "ISYVKJRUXEDZAOMCTPLOFMNBWGAH"
choice = int(input("Enter 1 to Encrypt or 2 to Decrypt: "))
text = input("Enter plain/cipher text: ").upper().replace(" ", "")
result = ""

if choice == 1:
for char in text:
if char.isalpha(): # Only process alphabetic characters
result += encrypt(char)
else:
result += char # Preserve non-alphabetic characters unchanged
elif choice == 2:
for char in text:
if char.isalpha(): # Only process alphabetic characters
result += decrypt(char)
else:
result += char # Preserve non-alphabetic characters unchanged
else:
print("Invalid Choice!")

print("Result:", result)

Output -
 Practical 1E
Aim - Write a python program to implement simple columnar transposition technique

Code -

def encrypt(plain_text, key):

column_count = len(key)
row_count = (len(plain_text) + column_count - 1) // column_count
plain_text = plain_text.ljust(row_count * column_count, 'x') # Pad with 'x' if needed

# Create the matrix

cipher_text = [['' for _ in range(column_count)] for _ in range(row_count)]

# Fill the matrix

k = 0
for i in range(row_count):
for j in range(column_count):
cipher_text[i][j] = plain_text[k]
k += 1

# Create a list of column indices based on the key

key_indices = sorted(range(column_count), key=lambda x: key[x])

# Read columns according to the key

encrypted_text = ''
for j in key_indices:
for i in range(row_count):
encrypted_text += cipher_text[i][j]

return encrypted_text

def decrypt(cipher_text, key):

column_count = len(key)
row_count = len(cipher_text) // column_count

# Create the matrix

plain_text = [['' for _ in range(column_count)] for _ in range(row_count)]

# Create a list of column indices based on the key

key_indices = sorted(range(column_count), key=lambda x: key[x])

# Fill the matrix

k = 0
for j in key_indices:
 for i in range(row_count):
if k < len(cipher_text):
plain_text[i][j] = cipher_text[k]
k += 1

# Read rows to get the decrypted text

decrypted_text = ''
for i in range(row_count):
for j in range(column_count):
if plain_text[i][j] != 'x': # Avoid including padding characters
decrypted_text += plain_text[i][j]

return decrypted_text

def main():
print("\nEnter plaintext (enter in lower case): ")
message = input().strip().lower() # Ensure lowercase input
print("Enter key in numbers (e.g., 3124): ")
key_str = input().strip()
key = [int(ch) for ch in key_str]

encrypted_text = encrypt(message, key)

print("\n---Encryption----")
print("Cipher Text:", encrypted_text)

decrypted_text = decrypt(encrypted_text, key)

print("\n-----Decryption-----")
print("Plain Text:", decrypted_text)

if __name__ == "__main__":
main()

Output -
 Practical 2
Aim - Implement the RSA algorithm for public-key encryption and decryption, and explore its
properties and security considerations.

Code -

from Crypto.PublicKey import RSA

from Crypto.Signature import pkcs1_15
from Crypto.Hash import SHA256

key = RSA.generate(2048) # Generate RSA keys

private_key = key.export_key()
public_key = key.publickey().export_key()

# Original and modified documents

original_document = b"This is the original document content."
modified_document = b"This is the modified document content."

# Hash of the original and modified documents

original_hash = SHA256.new(original_document)
modified_hash = SHA256.new(modified_document)

# Sign the original document hash

signature = pkcs1_15.new(RSA.import_key(private_key)).sign(original_hash)

# Verify the signature against the original document hash

try:
pkcs1_15.new(RSA.import_key(public_key)).verify(original_hash, signature)
print("Signature is valid.")
except (ValueError, TypeError):
print("Signature is invalid.")

# Attempt to verify the signature with the modified document hash

try:
pkcs1_15.new(RSA.import_key(public_key)).verify(modified_hash, signature)
print("Signature is valid for modified document (unexpected).")
except (ValueError, TypeError):
print("Signature is invalid for modified document (expected).")

Output -
 Practical 3
Aim : Implement algorithms to generate and verify message authentication codes (MACs) for
ensuring data integrity and authenticity.

Code :

import hashlib

result = hashlib.md5(b'shreesh')
result1 = hashlib.md5(b'shreesh')

# printing the equivalent byte value.

print("The byte equivalent of hash is", end = "")
print(result.digest())
print("The byte equivalent of hash is", end="")
print(result1.digest())

Output :
 Practical 4
Aim : Implement digital signature algorithms such as RSA-based signatures, and verify the
integrity and authenticity of digitally signed messages.

Code :

from Crypto.Signature import pkcs1_15

from Crypto.Hash import SHA256
from Crypto.PublicKey import RSA
from Crypto import Random

def generate_signature(private_key, message):

key = RSA.import_key(private_key)
hashed_message = SHA256.new(message.encode('utf-8'))
signer = pkcs1_15.new(key)
signature = signer.sign(hashed_message)
return signature
def verify_signature(public_key, message, signature):
key = RSA.import_key(public_key)
hashed_message = SHA256.new(message.encode('utf-8'))
verifier = pkcs1_15.new(key)
try:
verifier.verify(hashed_message, signature)
return True
except (ValueError, TypeError):
return False

random_generator = Random.new().read # Generate RSA key pair

key_pair = RSA.generate(2048, random_generator)
public_key = key_pair.publickey().export_key() # Extract public and private keys
private_key = key_pair.export_key()
message = "Hello, World!" # Example usage
signature = generate_signature(private_key, message) # Generate a digital signature
print("Generated Signature:", signature)
is_valid = verify_signature(public_key, message, signature) # Verify the digital signature
print("Signature Verification Result:", is_valid)

Output :
 Practical 5
Aim : Implement the Diffie-Hellman key exchange algorithm to securely exchange keys
between two entities over an insecure network.

Code :

from random import randint as rand

P = 23
G = 9

print(f"The value of P's : {P}")

print(f"The value of G's : {G}")

a = 4

print(f"Secret number for Alice is : {a}")

x = int(pow(G,a,P))
b = 6

print(f"Secret number for Bob is : {b}")

y = int(pow(G,b,P))
key_a = int(pow(y,a,P))
key_b = int(pow(x,b,P))

print(f'Secret key for Alice is : {key_a}')

print(f'Secret key for Alice is : {key_b}')

Output :
 Practical 6
Aim : Configure IPsec on network devices to provide secure communication and protect against
unauthorized access and attacks.
Topology :

Configurations

PC0 and PC1 -

Router0 – GigabitEthernet 0/0 and 0/1

Router1 – GigabitEthernet 0/0 and 0/1

Router2 – GigabitEthernet 0/0 and 0/1

Checking and Enabling the Security features in Router R1 and R2:

Enter the following command in the CLI mode of Router1

Router(config)#ip route 0.0.0.0 0.0.0.0 20.0.0.2

Router(config)#hostname R1
R1(config)#exit
R1#show version

We see that the security feature is not enabled, hence we need to enable the security package

R1#
R1#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
R1(config)#
R1(config)#license boot module c1900 technology-package securityk9
R1(config)#exit
R1#
R1#copy run startup-config

(The security package is enabled)

Enter the following command in the CLI mode of Router2

Router(config)#ip route 0.0.0.0 0.0.0.0 30.0.0.2

Router(config)#hostname R2
R2(config)#exit
R2#show version

We see that the security feature is not enabled, hence we need to enable the security package

R2#
R2#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
R2(config)#
R2(config)#license boot module c1900 technology-package securityk9
R2(config)#exit
R2#
R2#copy run startup-config
R2#reload
R2>enable
R2#show version
(The security package is enabled)

Enter the following command in the CLI mode of Router0

Router>enable
Router#configure terminal
Router(config)#hostname R0
R0(config)#

Defining the Hostname for all Routers and Configuring the Routers R1 and R2 for IPSec VPN tunnel

R1#configure terminal
R1(config)#access-list 100 permit ip 192.168.1.0 0.0.0.255 192.168.2.0 0.0.0.255
R1(config)#crypto isakmp policy 10
R1(config-isakmp)#encryption aes 256
R1(config-isakmp)#authentication pre-share
R1(config-isakmp)#group 5
R1(config-isakmp)#exit
R1(config)#crypto isakmp key ismile address 30.0.0.1
R1(config)#crypto ipsec transform-set R1->R2 esp-aes 256 esp-sha-hmac
R1(config)#
R2#
R2#configure terminal
R2(config)#access-list 100 permit ip 192.168.2.0 0.0.0.255 192.168.1.0 0.0.0.255
R2(config)#crypto isakmp policy 10
R2(config-isakmp)#encryption aes 256
R2(config-isakmp)#authentication pre-share
R2(config-isakmp)#group 5
R2(config-isakmp)#exit
R2(config)#crypto isakmp key ismile address 20.0.0.1
R2(config)#crypto ipsec transform-set R2->R1 esp-aes 256 esp-sha-hmac
R2(config)#

R1>enable
R1#configure terminal
R1(config)#crypto map IPSEC-MAP 10 ipsec-isakmp
R1(config-crypto-map)#set peer 30.0.0.1
R1(config-crypto-map)#set pfs group5
R1(config-crypto-map)#set security-association lifetime seconds 86400
R1(config-crypto-map)#set transform-set R1->R2

R1(config-crypto-map)#match address 100

R1(config-crypto-map)#exit
R1(config)#interface g0/0
R1(config-if)#crypto map IPSEC-MAP
R2>enable
R2#configure terminal
R2(config)#crypto map IPSEC-MAP 10 ipsec-isakmp
R2(config-crypto-map)#set peer 20.0.0.1
R2(config-crypto-map)#set pfs group5
R2(config-crypto-map)#set security-association lifetime seconds 86400
R2(config-crypto-map)#set transform-set R2->R1
R2(config-crypto-map)#match address 100
R2(config-crypto-map)#exit
R2(config)#interface g0/0
R2(config-if)#crypto map IPSEC-MAP

We verify the working of the IPSec VPN tunnel using the ping command as follows

Output: Pinging PC1(192.168.2.2) from PC0 and then PC0(192.168.1.2) from PC1
 Practical 7
Aim – Analyse and identify malware samples using antivirus tools, analyse their behaviour, and
develop countermeasures to mitigate their impact.

Analysis -

For analysing the Malware, we need one. A clean sample of the Malware needs to be downloaded from a
trusted website, the downloading and analysis is demonstrated by the following steps
1) We select the website https://www.virustotal.com/gui/user/malware1 for downloading the clean sample
of Malware(an account needs to be created for the same). Any other source can be selected to download
the Malware (clean sample and authorised site)

2) Copy the link of any file and open the link on a new tab

3) A zip file will be downloaded –

4) Extract the zip to get this folder –

5) Upload the file inside this folder on the site –

6) Result -

We interpret the following findings

A) 58 security vendors out of 73 flagged this file as malicious
B) The detection tab shows the threats-type which were flagged by the vendors
 Practical 8
Aim - Configure and test firewall rules to control network traffic, filter packets based on specified
criteria, and protect network resources from unauthorized access.

Blocking the HTTP and HTTPS (Port 80 and Port 443) using the Firewall

Before starting with the blocking port process, we note that the applications running at the server-
end are identified with the well-known Port numbers, some of the commonly used are as follows

Step 1 - Open the windows defender advanced application

Step 2 - Create an Inbound Rule

Step 3 - Select Port and click Next

Step 4 - Enter port(s) and click Next

Step 5 - Choose Block the Connection and click Next

Step 6 - Application of rules , select where you want and click next
Step 7 - Name the block and provide description as you wish and click on Finish

Step 8 - Create an Outbound Rule and Repeat all steps

As we see this site is blocked now