Unit No - 02

Cryptography

presented by: prof.Aditi S.Dahivelkar

Cryptography:
• Cryptography :
• The prefix “crypt” means “hidden” and suffix “graphy” means “writing”.

• A common cryptography definition is the practice of coding information to ensure

only the person that a message was written for can read and process the
information.
• is technique of securing information and communications through use of codes so
that only those person for whom the information is intended can understand it and
process it.
• the main objective of cryptography is preventing information from unauthorized
access.
Techniques used For Cryptography:

• In today’s age of computers cryptography is often associated with the two process i.e.

Encryption : plain text is converted to cipher text and hence this process is known as encryption.

Decryption: The process of conversion of cipher text to plain text this is known as decryption.
Features Of Cryptography are as follows:

1. Confidentiality:
• The principle specifies that only the sender and receiver will be able to access the information
shared between them.
• Confidentiality is important to protect sensitive information from being disclosed to unauthorized
parties. This includes protecting data at rest, in transit, and in use.
• Common techniques used to maintain confidentiality include encryption, access controls, and data
masking.
• 2. Integrity:
• is important to ensure that information has not been tampered with or modified in an unauthorized
way.
• Integrity gives the assurance that the information received is exact and accurate.
• If the content of the message is changed after the sender sends it but before reaching the intended
receiver, then it is said that the integrity of the message is lost.
• This includes protecting data from unauthorized modification, deletion or addition.
• Common techniques used to maintain integrity include digital signatures, message authentication
codes, and data hashing.

3. Availability:
• Is important to ensure that information and systems are accessible to authorized users when they
need them.
• Common techniques used to maintain availability include load balancing, redundancy, and disaster
recovery planning.
 4. Authentication:
• Authentication is the mechanism to identify the user or system or the entity.
• Is important to ensure that information and communication come from a trusted source.
• This includes protecting against impersonation, spoofing and other types of identity fraud.
• Common techniques used to establish authenticity include authentication, digital certificates, and
biometric identification.

5. Non-repudiation:
• Non-repudiation is important to ensure that a party cannot deny having sent or received a message
or transaction.
• In some cases the sender sends the message and later denies it. But the non-repudiation does not
allow the sender to refuse the receiver.
• This includes protecting against message tampering and replay attacks.
• Common techniques used to establish non-repudiation include digital signatures, message
authentication codes and timestamps.
 • The Symmetric Cipher Model:

• A symmetric cipher model is composed of five essential parts:

• 1. Plain Text (x): This is the original data/message. It is one of the inputs to the
encryption algorithm.

• 2. Secret Key (k): It is a value/string/textfile/Characters used by the encryption

and decryption algorithm to encode and decode the plain text to cipher text and
vice-versa respectively.
• All the substitutions and transformations done depend on the secret key.

• 3. Encryption Algorithm (E): It takes the plain text and the secret key as inputs and
produces Cipher Text as output.
• It implies several techniques such as substitutions and transformations on the plain
text using the secret key.
• 4. Cipher Text (y): It is the formatted form of the plain text (x) which is
unreadable for humans.

• 5. Decryption Algorithm (D): It performs reversal of the encryption algorithm at

the recipient’s side.
• It also takes the secret key as input and decodes the cipher text received from the
sender based on the secret key.
• It produces plain text as output.
• Requirements for Encryption:
• There are only two requirements that need to be met to perform encryption. They are,

• 1. Encryption Algorithm: There is a need for a very strong encryption algorithm that produces cipher
texts in such a way that the attacker should be unable to crack the secret key even if they have access to
one or more cipher texts.

• 2. Secure way to share Secret Key: There must be a secure and robust way to share the secret key
between the sender and the receiver. It should be leakproof so that the attacker cannot access the
secret key.
Encryption Techniques:
• There are Two Encryption Techniques:
• 1. Substitution Technique
• 2. Transposition Technique:

• 1. Substitution Technique:
• Substitution technique is a classical encryption technique where the characters
present in the original message are replaced by the other characters or numbers or
by symbols.

• If the plain text (original message) is considered as the string of bits, then the
substitution technique would replace bit pattern of plain text with the bit pattern of
cipher text.
• There are different types of Substitution Techniques are as follows:

1. Caesar Cipher
2. Monoalphabetic Cipher
3. Playfair Cipher
4. Hill Cipher
5. Polyalphabetic Cipher
6. One-Time Pad
1. Caeser Cipher:

• This the simplest substitution technique developed Julius Caesar.

• It is one of the technique in which , the letters of the plain text are replaced by other
letters.

• It is also called as shift cipher or Additive cipher.

• In this substitution technique, to encrypt the plain text, each alphabet of the plain text is
replaced by the alphabet three places further it.

• And to decrypt the cipher text each alphabet of cipher text is replaced by the alphabet
three places before it.
• Let us take a simple example:

• Plain Text: meet me tomorrow

• Cipher Text: phhw ph wrpruurz

• Look at the example above, we have replaced, ‘m’ with ‘p’ which occur three
places after, ‘m’. Similarly, ‘e’ is replaced with ‘h’ which occurs in three places
after ‘e’.
2.Playfair - cipher
• Playfair cipher is a substitution cipher which involves a 5X5 matrix. Let us discuss
the technique of this Playfair cipher with the help of an example:

• Plain Text: HELLO

• Key: NETWORK

• Now, we have to convert this plain text to ciphertext using the given key. We will
discuss the further process in steps.
• 1. fill the table with the key alphabets.

• 2. find out the character in the key without any repetition.

• 3. If you have find any repeated letters, you have to write only once.and ignore the repetition.

• 4. so, now fill the box, with all the alphabets, which are not available in key.

• 5. This is 5*5 Matrix table, so we have to write only 25 letters, so, here one letter should be match
with another letter, we can match I/J in a single box.
• Steps to solve the example:

1.Divide plain text to pair of letters.

2. Differentiate Repeated letters in the pair with dummy letters.

3. If pair of Plain text letters are in same row replace them with right most
letter.

4. If pair of Plain text letters are in same column then replace with downside
(Beneath ) Position.

5. If Plain text letters are in different row and column , then they replaced with the
diagonal Position.
• Plain Text: HELLO

• Key: NETWORK

• Cipher text : WFUPNS

3.Monoalphabetic Cipher:
• A mono-alphabetic cipher (simple substitution cipher) is a substitution cipher
where each letter of the plain text is replaced with another letter of the alphabet.
• It uses a fixed key which consist of the 26 letters of a “shuffled alphabet”.

• 4. Polyalphabetic Cipher:
• Polyalphabetic cipher is far more secure than a monoalphabetic cipher. As
monoalphabetic cipher maps a plain text symbol or alphabet to a ciphertext
symbol and uses the same ciphertext symbol wherever that plain text occurs in
the message.
• But polyalphabetic cipher, each time replaces the plain text with the different
ciphertext.
Transposition Techniques:
• In Transposition techniques, we will just rearrange the order of bits to provide the
security.

• In the transposition technique, the characters' identities are kept the same, but their
positions are altered to produce the ciphertext.
• A transposition cipher in cryptography is a type of encryption that scrambles the
locations of characters without altering the characters themselves.

• Transposition Techniques
• 1. Rail Fence Transposition cipher
• 2. Columnar or Row Transposition cipher
1. Rail Fence Cipher

• 1. Rail Fence Cipher

• The rail fence cipher is the simplest transposition cipher.
• The steps to obtain cipher text using this technique are as follow:
• Step 1: The plain text is written as a sequence of diagonals means, one character is above the line
and next character is below the line.
• Step 2: Then, to obtain the cipher text the text is read as a sequence of rows.
• For example: Plain Text: meet me Tomorrow
• Now, we will write this plain text sequence wise in a diagonal form as you can see below:

• Now, to obtain the complete cipher text combine both the halves of cipher text and the complete
cipher text will be:
• Cipher Text: M E M T M R O E T E O O R W
2. Columnar or Row Transposition Technique:

• The columnar transposition cipher is more complex as compared to the rail fence. The steps to
obtain cipher text using this technique are as follow:
• Step 1: The plain text is written in the rectangular matrix of the initially defined size in a row by
row pattern.
• Step 2: To obtain the cipher text read the text written in a rectangular matrix column by column.
But you have to permute the order of column before reading it column by column. The obtained
message is the cipher text message.

• For example:
• Plain Text: WELCOME TO MY SESSION
• Key: 32451
 3 2 4 5 1
W E L C O
M E T O M
Y S E S S
I O N X Y
Dummy Dummy

• Here we have to write cipher text (KEY) as lower column to higher column, Ascending order.

• The cipher text will be

• Cipher text : OMSYEESOWMYILTENCOSX
 One Time Pad - Vernam Cipher

• The One−Time Pad algorithm is the enhanced version of Vernam Cipher.

• which includes the following features −
1. It is an unbreakable cipher.
2. The key is exactly same as the length of message which is encrypted.
3. The key is made up of random symbols.
4. As the name suggests, key is used one time only and never used again for any other message to be
encrypted.
5. It is the only known encryption method that is unbreakable, And offering complete security.
6. This algorithm encrypts alphabetic text using the substitution technique, assigning numbers to each
character in the plaintext.
How One−Time Pad Works?
Steps:
1. consider the message as a plain text.
2. Now, Write down A to Z Alphabets with Assigned Numbers.
3. Length of Plain text = Length of Secret Key.
4. Write down the Assigned Numbers to Plain Text and Secret Key.
5. Add plain text Alphabet Number + Key Alphabet Number.
6. If In this all Numbers, There is Any Number, which is greater than 26 , then this number is
substract from 26.
7. Converting these numbers back to letters: Encrypted message: (Cipher Text).
For Example -
plain text - HELLO
Secret Key - BAXYC
Cipher text - ?

• consider the message "HELLO ".

• A secret key "BAXYC" of equal length is generated.
• Each letter is assigned a number, TEST: 7,4,11,11,14
• and the secret key = BAXYC: 1,0,23,24,2
• Adding the numbers corresponding to plaintext and secret key: 8,4,34,35,16
• Converting these numbers back to letters: Encrypted message:
• cipher text of H E L L O - I E I J Q
Cryptanalysis:

Cryptology has two parts namely,

Cryptography which focuses on creating secret codes.

Cryptanalysis which is the study of the cryptographic algorithm and

the breaking of those secret codes.

Types of Cryptanalytic attacks :

• In simple words , Cryptanalysis is a technology of Decoding Messages from Non-
readable format to readable format without knowing the key.

• Technical Defination:
• Cryptanalysis is used to break cryptographic security systems, and gain access
to the content of the encrypted messages , even if cryptographic key is unknown.

• Put simply, cryptanalysis is the practice, science, or art of decrypting encrypted

messages.
Attacks :
1.Known-Plaintext Analysis (KPA) : In this type of attack, some plaintext-ciphertext
pairs are already known.
• Attacker maps them in order to find the encryption key.
• This attack is easier to use because a lot of information is already available.

2. Chosen-Plaintext Analysis (CPA) : In this type of attack, the attacker chooses

random plaintexts and obtains the corresponding ciphertexts and tries to find the
encryption key.
• Its very simple to implement like KPA .
3. Ciphertext-Only Analysis (COA) : In this type of attack, only some cipher-text is known
and the attacker tries to find the corresponding encryption key and plaintext.
• Its the hardest to implement but is the most probable attack as only ciphertext is
required.

4. Man-In-The-Middle (MITM) attack : In this type of attack, attacker intercepts the

message/key between two communicating parties through a secured channel.

• 5. Brute-force attack: This attack involves trying every possible key until the correct
one is found.
• While this attack is simple to implement, it can be time-consuming and
computationally expensive, especially for longer keys.
• A man-in-the-middle (MITM) attack is a cyberattack in which a hacker
steals sensitive information by eavesdropping on communications
between two online targets such as a user and a web application.
Stream Cipher And Block Cipher:
• Stream Cipher:
• Stream cipher is used to convert plain text to cipher text.
• In this we take bit or 1 byte as a Plain text and then convert it into cipher text.
• A stream cipher encrypts text by applying a key and algorithm to each bit of a data stream one by
one.
• It is Symmetric key cipher Means here we use only one key for Encryption or Decryption Process.
• Stream ciphers are mainly used to encrypt one byte (8 bits) at a time.
• Generally , Key is in the form of bits.

• How to represent the stream cipher ?

• In this Diagram , Bit stream Generation Algorithm is used.
• This Algorithm is used to Create the Keys, in the form of (01010110 ) Bits.
• With the help of this algorithm, key is generated and then this key is used for finding the cipher
text, with the use of XOR operation.
• Example: Plain text- 10110110
• Find the Cipher text - ?
Example:

1) Encryption
• For Encryption,
• Plain Text and Key produces Cipher Text (Same key will be used for decryption.).
• The Plaintext will undergo XOR operation with keystream bit-by-bit and produces the Cipher Text.

• Plain Text : 10110110

• Key: 01010101
• Cipher Text : 11100011
2) Decryption:
• For Decryption,

• Cipher Text and Key gives the original Plain Text (Same key will be used for
encryption.).
• The Ciphertext will undergo XOR operation with key bit-by-bit and produces the actual
Plain Text.
• Example:

• Cipher Text 11100011

• Keystream : 01010101
• Plain Text : 10110110
Block Cipher:
• Block cipher is an encryption method which divides the plain text into blocks of
fixed size.
• A block cipher creates a ciphertext the same size by operating on fixed-size input
blocks made up of b bits.
• Key will be applied in each blocks.
• Each block has an equal number of bits.
• Data Encryption Standard (DES) is the best example of Block Cipher.
Advantages of Stream Ciphers:
• Advantages of Stream Ciphers:
• Stream ciphers have many advantages, such as:
• Speed: Generally, this type of encryption is quicker than others, such as block ciphers.
• Low complexity: Stream ciphers are simple to implement into contemporary software, and
developers don’t require sophisticated hardware to do so.
• Sequential in nature: Certain companies handle communications written in a continuous manner.
Stream ciphers enable them to transmit data when it’s ready instead of waiting for everything to be
finished because of their bit-by-bit processing.
• Accessibility: Using symmetrical encryption methods like stream ciphers saves businesses from
having to deal with public and private keys. Additionally, computers are able to select the
appropriate decryption key to utilize thanks to mathematical concepts behind current stream
ciphers.
 Disadvantages of Stream cipher:
• Disadvantages of Stream Ciphers
• If an error occurs during transmission, it can affect subsequent bits, potentially
corrupting the entire message because stream ciphers rely on previously stored cipher
bits for decryption
• Maintaining and properly distributing keys to stream ciphers can be difficult,
especially in large systems or networks.
• Some stream ciphers may be predictable or vulnerable to attack if their key stream is
not properly designed, potentially compromising the security of the encrypted data.
Data Encryption Standard:

• The Data Encryption Standard (DES) is a symmetric-key block cipher published by the National
Institute of Standards and Technology (NIST).
• DES is an implementation of a Feistel Cipher.
• DES is a block cipher and encrypts data in blocks of size of 64 bits each, which means 64 bits of plain
text go as the input to DES, which produces 64 bits of ciphertext.
• The same algorithm and key are used for encryption and decryption, with minor differences. The key
length is 56 bits.
• DES has an effective key length of 56 bits, since 8 of the 64 bits of the key are not used by the
encryption algorithm (function as check bits only).
• DES is based on the two fundamental attributes of cryptography:
• substitution (also called confusion) and transposition (also called diffusion).
• DES consists of 16 steps, each of which is called a round.
• Each round performs the steps of substitution and transposition.
For Example:
• We have mentioned that DES uses a 56-bit key.
• Actually, The initial key consists of 64 bits.
• However, before the DES process even starts, every 8th bit of the key is discarded to produce a
56-bit key.
• That is bit positions 8, 16, 24, 32, 40, 48, 56, and 64 are discarded.
• Overview of DES:

• In the first step, the 64-bit plain text block is handed over to an initial Permutation (IP) function.
• The initial permutation is performed on plain text.
• Next, the initial permutation (IP) produces two halves of the permuted block; saying Left Plain
Text (LPT) and Right Plain Text (RPT).
• Now each LPT and RPT go through 16 rounds of the encryption process.
• In the end, LPT and RPT are rejoined and a Final Permutation (FP) is performed on the combined
block
• The result of this process produces 64-bit ciphertext.
Diffie Hellman Key Exchange Algorithm:

• The Diffie-Hellman key exchange (also known as exponential key exchange) .

• It is a method for securely exchanging cryptographic keys over an insecure channel.
• It is a building block of many secure communication protocols, including SSL/TLS and SSH.
• It is a widely used and trusted technique for securely exchanging cryptographic keys.
• It is used in many different contexts, including −

1. Secure communication protocols −

• The Diffie-Hellman key exchange is used in many secure communication protocols, such as SSL/TLS and
SSH, to establish a secure channel between two parties.
• It allows the parties to agree on a shared secret key that can be used to encrypt and decrypt messages
exchanged over the channel.
2.Virtual private networks (VPNs) −
• The Diffie-Hellman key exchange is often used in VPNs to establish a secure connection between a
client and a server.
3. Secure file transfer protocols −
• The Diffie-Hellman key exchange is used in many secure file transfer protocols,such as SFTP and
FTPS, to establish a secure channel for transferring files between two parties.

4. Other applications −
• The Diffie-Hellman key exchange is also used in many other applications where secure
communication is required, such as secure email, secure web browsing, and secure voice over IP
(VoIP).
• It is a flexible and widely supported technique for establishing secure communication channels.
Thank You !