A Technical Seminar Report

On

“CRYPTOGRAPHY AND NETWORK SECURITY”

Submitted to

JAWAHARLAL NEHRU TECHNOLOGICAL UNIVERSITY,

HYDERABAD

In partial fulfillment of the requirement for the award of Degree of

BACHELOR OF TECHNOLOGY

In

“Computer Science & Engineering”

By

L Nandhini [21E31A0549]

Under the supervision of

V. Spandana

Assistant Professor C.S.E

Department of Computer Science & Engineering

MAHAVEER INSTITUTE OF SCIENCE & TECHNOLOGY

(Affiliated to JNTU Hyderabad, Approved by AICTE, Accridited with NAAC A Grade)

Vyasapuri, Bandlaguda, Post: Keshavgiri, Hyderabad-500005

2024-2025

i
 MAHAVEER INSTITUTE OF SCIENCE & TECHNOLOGY
(Affiliated to JNTU Hyderabad, Approved by AICTE, Accridited with NAAC A Grade)
Vyasapuri, Bandlaguda, Post: Keshavgiri, Hyderabad-500005

CERTIFICATE

This is to certify Technical seminar report entitled “Cryptography and Network Security”
which is being submitted by L Nandhini [21E31A0549], in partial fulfillment for the award of
the Degree of Bachelor of Technology in Computer Science and Engineering of Jawaharlal
Nehru Technology University, is a record of the bona fide work carried out by them under our
supervision.

V Spandana Dr. R. Nakkeeran, M.E, PhD

Assistant Professor Professor and HOD Of CSE

Dr. V. Usha Shree

Principal

ii
 ACKNOWLEDGEMENT

I would like to express my deep-felt appreciation and gratitude to V. Spandana,

Assistant Professor, Department of CSE, technical seminar supervisor, for her skillful

guidance constant supervision, timely Suggestion, keen interest and encouragement in

completing the individual seminar within the stipulated time.

I express my profound sense of gratitude to Dr. R. Nakkeeran, M.E, PhD., Head

of Department, CSE, who has served as a host of Valuable corrections and for providing me
time and amenities to complete this seminar.

I express my thanks to, Dr. V. Usha Shree Principal of our collage and the
management of Mahaveer Institute of Science &Technology for providing excellent
academic environment in the collage.

I wish to express my gratitude to the Members of Staff and all other who helped me
in more than one way.

L Nandhini [21E31A0549]

iii
 ABSTRACT

The arrival of web and ecommerce applications and social networks across the world
generate huge amount of data. Network Security is the most extreme issue to guarantee safe
transmission of data through the web. As large amount of user connects to internet it is
attracted by huge number of cyber-attacks. Cryptography is the method of using mathematical
algorithms to encrypt and decrypt the information. Store data or transfer it across unconfident
networks so that it cannot be view by anyone except the conscious recipient. While
cryptography is the technique of protecting data, cryptanalysis is the science of surveying and
breaking secure conversation. It is basically used to convert the plain text into cipher text. In
this paper we provide an overview on Network Security and Cryptography

iv
 TABLE OF CONTENTS

NAME OF TOPICS PAGE NO

1. Introduction 1
1.1 Architecture 3
1.2 Characteristics 3
2. Methodology 4
2.1 Basic Terminology of Cryptography 4
2.2 Symmetric Key Cryptography 5
2.3 Asymmetric Key Cryptography 5
2.4 Data Encryption Standard (DES) 6
2.5 Advanced Encryption Standard (AES) 6
2.6 Public Key Cryptography 6
3. Cryptography concepts and Techniques 8
4. Benefits of Cryptography 9
5. DrawBacks of Cryptography 10
6. Security Attacks 12
6.1 Security Services 14
6.2 Security Mechanism 15
7. Steganography 15
8. Types of Steganography Techniques 16
9. Advantages and Disadvantages of Steganography 18
10. Conclusion 19
References 20

v
 LIST OF FIGURES
LIST OF FIGURES PAGE NO

FIG 1: Architecture Diagram 3

FIG 2: Types of Cryptography 4
FIG 3: Symmetric Key Cryptography 5
FIG 4: Asymmetric Key Cryptography 6
FIG 5: Steganography 15
FIG 6: Types of Steganography 16

vi
 1. INTRODUCTION

Society across the world generates a massive quantity of information day by day. Network
security is the maximum difficult challenge in the internet and community. Pc and
community security is a new and rapid moving generation and security of records can be
accomplished with the aid of an artwork called cryptography. Nowadays records protection
machine includes confidentiality, authenticity, integrity, non-repudiation. It convert
information of a given layout is plaintext to some other layout is cipher text, the usage of an
encryption key. The operation of reversing cipher text to its authentic undeniable text is
called decryption set of rules. Reason of cryptography includes ATM cards, laptop
passwords, and military, medical area.

The cryptography continues to be in its developing degrees and a reasonable studies

attempt continues to be needed for secured communication. This paper talks about the state
of the art for a deep location of cryptographic technique which can be utilized in networking
packages

Cryptography

Cryptographic systems are generally classified along 3 independent dimensions:

Type of operations used for transforming plain text to cipher text

All the encryption algorithms are based on two general principles: substitution, in
which each element in the plaintext is mapped into another element, and
transposition, in which elements in the plaintext are rearranged.

The number of keys used

If the sender and receiver uses same key then it is said to be symmetric key (or) single
key (or) conventional encryption.
If the sender and receiver use different keys then it is said to be public key encryption.

The way in which the plain text is processed

A block cipher processes the input and block of elements at a time, producing output
block for each input block.

1
 A stream cipher processes the input elements continuously, producing output element
one at a time, as it goes along.

Cryptanalysis

The process of attempting to discover X or K or both is known as cryptanalysis. The

strategy used by the cryptanalysis depends on the nature of the encryption scheme and
the information available to the cryptanalyst.
There are various types of cryptanalytic attacks based on the amount of
information known to the cryptanalyst.

Cipher text only – A copy of cipher text alone is known to the cryptanalyst.

Known plaintext – The cryptanalyst has a copy of the cipher text and the

corresponding plaintext.

Chosen plaintext – The cryptanalysts gain temporary access to the encryption machine.
They cannot open it to find the key, however; they can encrypt a large number of suitably
chosen plaintexts and try to use the resulting cipher texts to deduce the key.

Chosen cipher text – The cryptanalyst obtains temporary access to the decryption
machine, uses it to decrypt several string of symbols, and tries to use the results to deduce
the key.

2
 1.1 ARCHITECTURE

FIG 1: Architecture Diagram for Network Security

1.2 CHARACTERISTICS

 Reliability

 Information security

 Data Productivity

 Information Confidentiality

 Statistics Integrity

 Record breaches

 Authentication and Authorization

 Non-repudiation

3
 2. METHODOLOGY

2.1 BASIC TERMINOLOGY OF CRYPTOGRAPHY

Cryptography is the conversion of smooth and readable statistics into a shape that cannot
be so as to cozy information. The word cryptography comes from the Greek word "crypto",
which means unknown and invisible, and "graphics" which shows writing. Cryptography is
related to the approach of changing normal plain textual content into unintelligible textual
content and vice-versa. It is a manner of storing and transmitting information for the duration
of a selected shapes in order that most effective the ones for whom it’s intended can examine
and procedure it. Cryptography now not only protects records from theft or alteration, but
additionally may be used for consumer authentication. The statistics that require to cover, is
known as authentic textual content, it might be for the duration of a form of characters,
numerical information, executable applications, pix, or the other quite information, The
records with the intention to be translated is referred to as cipher text, it's a time period refers
to the string of "worthless" records, or meaningless. It's far the information with a purpose to
be transmitted specially through network; many algorithms are needed to transform plaintext
into cipher textual content.

FIG 2: Types of Cryptography

4
2.2 SYMMETRIC KEY CRYPTOGRAPHY

It is a form of encryption wherein only one key (a secret key) is used to both encrypt
and decrypt digital data. The entities speaking via symmetric encryption should trade the key
in order that it may be used within the decryption method.by using the use of symmetric
encryption algorithms; information is transformed to a form that cannot be understood by
means of every person who does not possess the name of the game key to decrypt it. If there
need to be a prevalence of Symmetric Encryption, same cryptography keys are carried out for
encryption of plaintext and reduce of discern content. Symmetric key encryption is rapid and
much less hard but their principal problem is that each the customers want to transport their
keys safety [3, 4]

FIG 3: Symmetric Key Cryptography

2.3 ASYMMETRIC KEY CRYPTOGRAPHY

Asymmetric Encryption, also referred to as public-key encryption, is a form of facts

encryption where the encryption key (also known as public-key) and the corresponding
decryption key (also referred to as private key) are distinctive. A message encrypted with the
general public key may be decrypted best with the corresponding private key. The general
public key and personal key are associated mathematically, but it's far computationally
infeasible to derive the non-public key from the general public key. Consequently, a recipient
should distribute the general public key extensively. Every person can use the public key to
encrypt messages for the recipient and best the recipient can decrypt them. Asymmetric

5
encryption is taken into consideration to be more at ease than symmetric encryption as it
makes use of two keys for the method. Commonplace asymmetric encryption techniques
consist of RSA, DSA, and PKCS

FIG 4 Asymmetric Key Cryptography

2.4 DATA ENCRYPTION STANDARD (DES)

Information Encryption well-known (DES) is a block-cipher algorithm that takes plain textual
content in blocks of 64 bits and converts them to cipher text using keys of forty-eight bits. It’s
far a symmetric key algorithm, which means that the equal keys used for encrypting and
decrypting facts.

2.5 ADVANCED ENCRYPTION STANDARD (AES)

AES is a block cipher supposed to replace DES for worthwhile function. It uses a 128-bit
block length and key size of 128, 192, or 256 bits. The huge style of constitutional rounds of
the cipher is a function of the key length. The huge style of rounds for 128- bit secret's 10[3].

2.6 PUBLIC-KEY CRYPTOGRAPHY

Public-key cryptography is a shape of cryptosystem wherein encryption and decryption are

implement the unique keys—one a public key and one a private key. these keys are
mathematically related despite the fact that potential of one key does no longer permit
someone to clearly decide the other key. As shown in discern, the sender A makes use of the

6
public key of receiver B (or a few sets of guidelines) to encrypt the plaintext message M and
sends the cipher textual content C to the receiver.

7
 3.CRYPTOGRAPHY CONCEPTS & TECHNIQUES

There are two types of Cryptography concepts and Techniques

1. Substitution Techniques
2. Transposition Techniques

1.SUBSTITUTION TECHNIQUES

There are 6 types of substitution techniques

1. CAESAR CIPHER
2. MONO ALPHABETIC CIPHER
3. PLAY FAIR CIPHER
4. HILL CIPHER
5. POLY ALPHABETIC CIPHER
6. ONE - TIME PAD

2.TRANSPOSITION TECHNIQUES

There are 2 types of Transposition techniques

1. RAIL – FENCE TRANSPOSITION

2. ROW – COLUMNAR TRANSPOSITION

8
 4. BENEFITS OF CRYPTOGRAPHY
Cryptography is a crucial data security mechanism. It provides the four most basic
duty of information security – [5, 6]

● Confidentiality – Encryption method can protect the statistics and

conversation from unauthorized revelation and get right of entry to of data

● Authentication – The cryptographic techniques consisting of MAC and

virtual signatures can shield statistics towards spoofing and forgeries.

● In uneven or public key, cryptography there may be no want for changing keys,
thus getting rid of the key distribution trouble.

● Data Integrity –records integrity is the assurance that the virtual records is
uncorrupted and might most effective be accessed or modified by the ones
authorized to achieve this integrity includes retaining the consistency, accuracy and
trustworthiness of information over its complete lifecycle.

● A symmetric cryptosystem is faster.

● Non-repudiation – non-repudiation refers to the capability to ensure that a

celebration to a settlement or a conversation can’t deny the authenticity in their
signature on a record or the sending of a message that they originated.

9
 5. DRAWBACKS OF CRYPTOGRAPHY
● A strongly encrypted, authentic, true, and digitally signed statistics may be
tough to get right of entry to even for a legitimate user at an important time of
selection-making. The employer or the laptop can be attacked and affected non-
useful thru an intruder [7].

● High availability, one of the important factors of records security, can’t be

ensured via the usage of cryptography. Different methods are needed to guard
against the risk along with denial of service or complete breakdown of facts device.

● It is predicated upon the name of the game key if you overlook the keys you
can’t get better statistics.

● Cryptography does now not shield against the vulnerabilities and threats that
emerge from the negative layout of machine.

● Another fundamental need of data security of selective access control also

cannot be realized through the use of cryptography. Administrative controls and
techniques are required to be exercised for the same.

● It is always vulnerable to brute force attack.

● Symmetric cryptosystems have a hassle of key transportation. The name of the

game key is to be transmitted to the receiving system before the real message is to
be transmitted. Each technique of electronic communication is insecure as it is not
possible to guarantee that nobody can be able to tap communiqué channels.

● Cryptography comes at price. The value is in phrases of money and time −

o Addition of cryptographic techniques in the statistic processing ends in

delay.

o The use of public key cryptography calls for setting up and up key of
public key infrastructure requiring the good-looking financial budget.

10
● The safety of cryptographic method is primarily based on the computational
difficulty of mathematical issues. Any step forward in solving such mathematical
problems or developing the computing power can render a cryptographic technique
inclined.

11
 6. SECURITY ATTACKS

There are four general categories of attack which are listed below.

Interruption

An asset of the system is destroyed or becomes unavailable or unusable. This is an attack on

availability e.g., destruction of piece of hardware, cutting of a communication line or disabling
of file management system.

Interception

An unauthorized party gains access to an asset. This is an attack on confidentiality.

Unauthorized party could be a person, a program or a

computer. e.g., wire tapping to capture data in the network, illicit copying of files

Sender Receiver

Eavesdropper or forger

Modification

An unauthorized party not only gains access to but tampers with an asset. This is an attack on
integrity. e.g., changing values in data file, altering a program, modifying the contents of
messages being transmitted in a network.

Sender Receiver

Eavesdropper or forger

Fabrication

An unauthorized party inserts counterfeit objects into the system. This is an attack on
authenticity. e.g., insertion of spurious message in a network or addition of records to a file.

12
 Sender Receiver

Eavesdropper or forger

Cryptographic Attacks

Passive Attacks

Passive attacks are in the nature of eavesdropping on, or monitoring of, transmissions. The
goal of the opponent is to obtain information that is being transmitted. Passive attacks are of
two types:

Release of message contents: A telephone conversation, an e-mail message and a transferred

file may contain sensitive or confidential information. We would like to prevent the opponent
from learning the contents of these transmissions.

Traffic analysis: If we had encryption protection in place, an opponent might still be able to
observe the pattern of the message. The opponent could determine the location and identity
of communication hosts and could observe the frequency and length of messages being
exchanged. This information might be useful in guessing the nature of communication that
was taking place.

Passive attacks are very difficult to detect because they do not involve any alteration of data.

However, it is feasible to prevent the success of these attacks.

Active Attacks

These attacks involve some modification of the data stream or the creation of a false stream.
These attacks can be classified in to four categories:

Masquerade – One entity pretends to be a different entity.

13
Replay – involves passive capture of a data unit and its subsequent transmission to produce
an unauthorized effect.

Modification of messages – Some portion of message is altered or the messages are delayed
or recorded, to produce an unauthorized effect.

Denial of service – Prevents or inhibits the normal use or management of communication

facilities. Another form of service denial is the disruption of an entire network, either by
disabling the network or overloading it with messages so as to degrade performance.

It is quite difficult to prevent active attacks absolutely, because to do so would require physical
protection of all communication facilities and paths at all times. Instead, the goal is to detect
them and to recover from any disruption or delays caused by them.

6.1 SECURITY SERVICES

The classification of security services are as follows:

Confidentiality: Ensures that the information in a computer system a n d transmitted

information is accessible only for reading by authorized parties. E.g. Printing, displaying and
other forms of disclosure.

Authentication: Ensures that the origin of a message or electronic document is correctly

identified, with an assurance that the identity is not false.

Integrity: Ensures that only authorized parties are able to modify computer system assets
and transmitted information. Modification includes writing, changing status, deleting,
creating and delaying or replaying of transmitted messages.

Non repudiation: Requires that neither the sender nor the receiver of a message be able to
deny the transmission.

Access control: Requires that access to information resources may be controlled by or the
target system.

Availability: Requires that computer system assets be available to authorized parties when
needed.

14
6.2 SECURITY MECHANISMS

One of the most specific security mechanisms in use is cryptographic techniques. Encryption
or encryption-like transformations of information are the most common means of providing
security. Some of the mechanisms are

1 Encipherment

2 Digital Signature

3 Access Control

15
 7. STEGANOGRAPHY
The safety of cryptographic approach is based at the computational trouble of
mathematical troubles. Any breakthrough in fixing such steganography is the method of
hiding secret statistics within an everyday, non-mystery file or message so that you can keep
away from detection; the secret information is then extracted at its destination. The usage of
steganography can be combined with encryption as a further step for hiding or protective
statistics. The phrase steganography is derived from the Greek word’s stenos (which means
hidden or protected) and the Greek root graph (which means to jot down). Steganography can
be used to hide almost any kind of virtual content material, such as textual content, photo,
video or audio content; the facts to be hidden may be hidden inner nearly some other type of
virtual content material. The content material to be concealed thru steganography -- known as
hidden textual content -- is frequently encrypted earlier than being incorporated into the
harmless-seeming cover text record or information flow. If not encrypted, the hidden textual
content is commonly processed in a few manner so that you can boom the problem of
detecting the secret content

FIG 5 Steganography

16
 8. TYPES OF STEGANOGRAPHY TECHNIQUES
Relying on the character of the quilt item (real object wherein secret records is
embedded), steganography may be divided into five types

FIG 6: Types of Steganography

a) Text approach: text Steganography is hiding facts within the text documents.
It involves things like converting the layout of current textual content, converting
words within a textual content, generating random character sequences or using
context-loose grammars to generate readable texts. Numerous strategies used to hide
the statistics within the textual content are:

● Format/ Layout Based Techniques

● Random and Statistical Generation

● Linguistic Method

b) Image/ picture Technique: Hiding the records by way of taking the duvet object
because the picture is known as image steganography. In virtual steganography,
images are broadly used cowl supply due to the fact there are a large range of bits gift
in the virtual representation of an photograph. There are a number of methods to hide
facts internal an photo. Commonplace methods consist of: [8]

17
 ● Masking and Filtering

● Redundant Pattern Encoding

● Encrypt and Scatter

c) Audio Technique: In audio steganography, the secret message is embedded

into an audio sign which alters the binary sequence of the corresponding document.
Hiding secret messages in digital/virtual sound is a far extra tough procedure when
as compared to others, along with Picture Steganography. Unique techniques of audio
steganography include:

● Least Significant Bit Encoding

● Parity Encoding

● Phase Coding

● Spread/unfold Spectrum

d) Video method: In Video Steganography you can hide kind of data into virtual
video format. The benefit of this type is a massive amount of data may be hidden
inside and the fact that it is a moving circulation of photographs and sounds. You
could consider this because the mixture of Image Steganography and Audio
Steganography.

e) Network Technique: It is the technique of embedding information inside

network manipulates protocols utilized in statistics transmission such TCP, UDP,
ICMP etc. You can use steganography in some covert channels that you may locate
inside the OSI model. For Example, you can hide information in the header of a
TCP/IP packet in some fields that are either optional.

18
 9. ADVANTAGES AND DISADVANTAGES OF
STEGANOGRAPHY

a) Advantages

● Difficult to detect and only receiver can detect.

● It can be done faster with large no. of software.

● Provides better security for sharing data in LAN,

MAN, WAN.

b) Disadvantages

● If we misuse it causes great loss to nation’ s integrity.

● Someone else with a steganography detection and cracking tool could expose
the message.

19
 10. CONCLUSION
A classification of network security techniques and various cryptographic
techniques are discussed to increase the security of network. We have also discussed
about steganography and its types. Network Security is the most vital component in
information security because it is responsible for securing all information passed through
networked computers.

Cryptography is used for Network security purpose. Both cryptography and

steganography are well known and widely used techniques. If both the techniques:
Cryptography and Steganography is combined used then the communication becomes
double secured. Network security covers the use of cryptographic algorithm in network
protocols and network applications. The security for the data has become highly
important.

20
 REFERENCES
[1] Sarita Kumari, ― Decryption‖ International Journal of Engineering And Computer
Science, 2017

[2] https://en.wikipedia.org/wiki/Cryptography

[3] Jangala. Sasi Kiran M. Anusha, A. Vijaykumar, M. Kavya ―Cryptography: The

Science of Secure Communication‖ International Journal of Computer Science and
Network Security (IJCSNS) 2016.

[4] Dr. Sandeep Tayal, Dr. Nipin Gupta, Dr. Pankaj Gupta, Deepak Goyal, Monika Goyal,
―A Review paper on Network Security and Cryptography‖ Advances in Computational
Sciences and Technology ISSN, 2017.
[5] IEEE Standard P1363.1, ―IEEE standard specification for public key cryptographic
techniques based on hard problems over lattices‖, 2009.
[6] Shyam Nandan Kumar, ―Review on Network Security and Cryptography‖ in
International Transaction of Electrical and Computer
Engineers System, 2015, Vol. 3, No. 1, 1-11
[7] Rakhi1, Suresh Gawande2 ―A REVIEW ON STEGANOGRAPHY METHODS,
International Journal of Advanced Research in
Electrical, Electronics and Instrumentation Engineering Vol. 2, Issue
10, October 2013
[8] Harshitha K M and Dr. P.A. Vijaya, ―secure data hiding algorithm using encrypted
secret message in International Journal of Scientific and Research Publications, Vol. 2,
Issue 6, June 2012

21