0% found this document useful (0 votes)
20 views39 pages

Cns Unit-1

The document provides an overview of cryptography and network security, detailing key concepts such as confidentiality, integrity, authentication, and non-repudiation. It discusses different types of cryptographic techniques, including symmetric and asymmetric encryption, hash functions, and the importance of key management. Additionally, it outlines security principles, types of security attacks, and various security approaches necessary for protecting data and ensuring secure communication.

Uploaded by

mamathagorre39
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
0% found this document useful (0 votes)
20 views39 pages

Cns Unit-1

The document provides an overview of cryptography and network security, detailing key concepts such as confidentiality, integrity, authentication, and non-repudiation. It discusses different types of cryptographic techniques, including symmetric and asymmetric encryption, hash functions, and the importance of key management. Additionally, it outlines security principles, types of security attacks, and various security approaches necessary for protecting data and ensuring secure communication.

Uploaded by

mamathagorre39
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 39

UNIT-1

CRYPTOGRAPHY AND NETWORK SECURITY

SECURITY CONCEPTS
INTRODUCTION
Cryptography is technique of securing information and communications
through use of codes so that only those person for whom the information is intended
can understand it and process it. Thus preventing unauthorized access to information.
The prefix “crypt” means “hidden” and suffix graphy means “writing”.One is
confidentiality which basically means that we need to be sure that nobody will see
our information as it travels across a network. Authentication and access control is
also another capability provided by cryptography. Some other capabilities provided
by cryptography are non-repudiation and integrity.
In Cryptography the techniques which are use to protect information are
obtained from mathematical concepts and a set of rule based calculations known as
algorithms to convert messages in ways that make it hard to decode it. These
algorithms are used for cryptographic key generation, digital signing, verification to
protect data privacy, web browsing on internet and to protect confidential
transactions such as credit card and debit card transactions.

Basic Concepts

Cryptography The art or science encompassing the principles and methods of


transforming an intelligible message into one that is unintelligible, and then
retransforming that message back to its original form.

Plaintext can refer to anything which humans can understand and/or relate to. This
may be as simple as English sentences, a script, or Java code. If you can make sense
of what is written, then it is in plaintext.

Ciphertext, or encrypted text, is a series of randomized letters and numbers which


humans cannot make any sense of. An encryption algorithm takes in a plaintext
message, runs the algorithm on the plaintext, and produces a ciphertext.
The ciphertext can be reversed through the process of decryption, to produce the
original plaintext.

Key Some critical information used by the cipher, known only to the sender &
receiver.
The Basic Principles

•Confidentiality− Confidentiality refers to the ability to keep information private


and secure. Cryptographic techniques, such as encryption, can be used to protect
the confidentiality of information by making it unreadable to anyone who does not
have the proper decryption key.
•Integrity− Integrity refers to the ability to ensure that information has not been
altered or tampered with. Cryptographic techniques, such as hash functions, can be
used to ensure the integrity of information by providing a way to detect any
changes to the data.
•Authentication− Authentication refers to the process of verifying the identity of a
user or device. Cryptographic techniques, such as digital signatures, can be used to
authenticate the identity of a user or device in a secure manner.
•Non-repudiation− Non-repudiation refers to the ability to prevent someone from
denying that they performed a particular action. Cryptographic techniques, such as
digital signatures, can be used to provide non-repudiation by allowing the sender of
a message to prove that they sent the message and the receiver to prove that they
received the message.
•Key management− Key management refers to the process of generating,
distributing, and managing cryptographic keys. Proper key management is essential
for the security of a cryptographic system, as the security of the system depends on
the secrecy of the key.

Types of Cryptography

There are three types of cryptography techniques :


1. Secret key Cryptography (symmetric encryption)
2. Public key cryptography (asymmetric encryption)
3. Hash Functions

1. Secret Key Cryptography


This type of cryptography technique uses just a single key. The sender applies
a key to encrypt a message while the receiver applies the same key to decrypt the
message. Since only single key is used so we say that this is a symmetric encryption.

The biggest problem with this technique is the distribution of key as this algorithm
makes use of single key for encryption or decryption.
2. Public Key Cryptography
This type of cryptography technique involves two key crypto system in which
a secure communication can take place between receiver and sender over insecure
communication channel. Since a pair of keys is applied here so this technique is
also known as asymmetric encryption.

In this method, each party has a private key and a public key. The private is
secret and is not revealed while the public key is shared with all those whom you
want to communicate with. If Alice wants to send a message to bob, then Alice will
encrypt it with Bob’s public key and Bob can decrypt the message with its private
key. This is what we use when we setup public key authentication in openssh to
login from one server to another server in the backend without having to enter the
password.

3. Hash Functions
This technique does not involve any key. Rather it uses a fixed length hash
value that is computed on the basis of the plain text message. Hash functions are
used to check the integrity of the message to ensure that the message has not be
altered, compromised or affected by virus.

THE NEED FOR SECURITY


Most initial computer applications had no or at best, very little security.

The need for security:

1. Protecting the functionality of the organization:


The decision maker in organizations must set policy and operates their organization
in compliance with the complex, shifting legislation, efficient and capable
applications.

2. Enabling the safe operation of applications:


The organization is under immense pressure to acquire and operates integrated,
efficient and capable applications. The modern organization needs to create an
environment that safeguards application using the organizations IT systems,
particularly those application that serves as important elements of the infrastructure
of the organization.
3. Protecting the data that the organization collect and use:
Data in the organization can be in two forms are either in rest or in motion, the
motion of data signifies that data is currently used or processed by the system. The
values of the data motivated the attackers to steal or corrupts the data. This is
essential for the integrity and the values of the organization’s data. Information
security ensures the protection of both data in motion as well as data in rest.

4. Safeguarding technology assets in organizations:


The organization must add intrastate services based on the size and scope of the
organization. Organizational growth could lead to the need for public key
infrastructure, PKI an integrated system of the software, encryption methodologies.
The information security mechanism used by large organizations is complex in
comparison to a small organization. The small organization generally prefers
symmetric key encryption of data.

SECURITY APPROACHES
1. Cryptography Approaches
Cryptography is the backbone of information security, where algorithms are used to
encrypt and decrypt data, ensuring that only authorized entities can access it. The
key approaches in cryptography include:

a. Symmetric Key Cryptography


A single key is used for both encryption and decryption.
• Examples:
• AES (Advanced Encryption Standard): Widely used for secure data
encryption.
• DES (Data Encryption Standard): Older but still used in some systems.
• Use Cases: File encryption, database encryption, wireless communication (Wi-
Fi), etc.

b. Asymmetric Key Cryptography (Public Key Cryptography)


Two keys are used – a public key for encryption and a private key for
decryption.
• Examples:
• RSA (Rivest-Shamir-Adleman): One of the first public-key crypto systems.
• Elliptic Curve Cryptography (ECC): Provides security with smaller key
sizes.
• Use Cases: Digital signatures, SSL/TLS protocols, key exchange mechanisms.

c. Hash Functions
Hash functions map data of arbitrary size to a fixed size (a hash). They are
used primarily for data integrity verification.
• Examples:
• SHA-256 (Secure Hash Algorithm): Part of the SHA-2 family, used for
creating digital signatures.
• MD5: Widely known but now considered insecure.
• Use Cases: Password hashing, digital signatures, integrity checks, blockchain.

d. Digital Signatures
A digital signature is an encrypted hash of a message that can be verified with
a public key, ensuring authenticity and integrity.
• Examples:
• DSA (Digital Signature Algorithm).
• ECDSA (Elliptic Curve Digital Signature Algorithm).
• Use Cases: Document signing, email signing, code signing.

2. Network Security Approaches


Network security involves protecting the integrity of data transmitted over networks,
preventing unauthorized access, misuse, or modification of the networked resources.

a. Authentication and Access Control


Verifying the identity of users or devices before granting access.
Securing user access to networks, websites, applications.

b. Firewalls
A firewall is a network security system that monitors and controls incoming
and outgoing traffic based on predetermined security rules.
Protecting internal networks from external attacks.

c. Intrusion Detection and Prevention Systems (IDPS)


Monitors network traffic for suspicious activity and responds accordingly.
Real-time threat detection, preventing unauthorized access or attacks.

d. Virtual Private Networks (VPNs)


Provides secure encrypted connections over public networks.
Remote access, securing sensitive communications.

e. Transport Layer Security (TLS)


A cryptographic protocol designed to provide secure communication over a
computer network.
Securing web communications, email, VoIP.

f. Network Encryption
Encrypting data transmitted over networks to prevent interception by attackers.
• IPSec: Used in VPNs and to secure IP communications.

3. Key Management
Managing cryptographic keys is crucial for maintaining the security of cryptographic
systems:
• Public Key Infrastructure (PKI): A framework for managing digital keys and
certificates.
• Key Distribution: Securely distributing symmetric keys, often done using public
key cryptography.
• Key Revocation: Mechanisms to revoke keys that are compromised or no
longer needed.

4. Security Protocols
Security protocols are essential in securing communication between devices and
networks:
• SSL/TLS: Used to secure internet communications (e.g., HTTPS).
• IPSec: For secure IP communications.
• SSH (Secure Shell): For secure remote access.

PRINCIPLES OF SECURITY

There are six principles


1. Confidentiality.
2. Authentication.
3. Integrity.
4. Non-repudiation.
5. Access control
6. Availability

1. Confidentiality

The principle of confidentiality specifies that only the sender and the intended
recipient(s) should be able to access the contents of a message. Confidentiality gets
compromised if an unauthorized person is able to access a message.
Example of compromising the confidentiality of a message is shown in Fig. Here, the
user of computer A sends a message to user of computer B.

Another user C gets access to this message, which is not desired and therefore,
defeats the purpose of confidentiality. Example of this could be a confidential email
messagesent by A to B, which is accessed by C without the permission or knowledge
of A and B. This type ofattack is called as interception.
Interception causes loss of message confidentiality.

2. Authentication

Authentication mechanisms help establish proof of identities. The


authentication process ensures that the origin of a electronic message or document is
correctly identified.
suppose that user C sends an electronic document over the Internet to user B.
However, the trouble is that user C had posed as user A when she sent this
document to user B.
A real life example of this could be the case of a user C, posing as user A, sending
a funds transfer request (from A’s account to C’s account) to bank B. The bank
might happily transfer the funds from A’s account to C’s account – after all, it
would think that user A has requested for the funds transfer! This concept is shown
in Fig.

3. Integrity

When the contents of a message are changed after the sender sends it, but
before it reaches the intended recipient, we say that the integrity of the message is
lost. For example, suppose you write a check forRs. 100 to pay for the goods bought
from the US. However, when you see your next account statement, you are startled
to see that the check resulted in a payment of Rs. 1000. This is the case for loss of
message integrity. Conceptually, this is shown in Fig.
4. Non-repudiation

There are situations where a user sends a message and later on refuses that
she had sent that message. For instance, user A could send a funds transfer request
to bank B over the Internet. After the bank performs the funds transfer as per A’s
instructions, A could claim that she never sent the funds transfer instruction to the
bank! Thus, A repudiates or denies, her funds transfer instruction. The principle of
non-repudiation defeats such possibilities of denying something, having done it. This
is shown in Fig.

5. Access Control

The principle of access control determines who should be able to access what.
For instance, we should be able to specify that user A can view the records in a
database, but cannot update them. However, user B might be allowed to make
updates as well. An access control mechanism can be set up to ensure this.Access
control is broadly related to two areas: role management and rule management.
Rolemanagement concentrates on the user side (which user can do what), whereas
rule management focuseson the resources side (which resource is accessible and
under what circumstances).

6. Availability
The principle of availability states that resources (i.e. information) should be
available to authorized parties at all times. For example, due to the intentional
actions of an unauthorized user C, an authorized user A may not be able to contact
a server computer B, as shown in Fig.
TYPES OF SECURITY ATTACKS

The attacks are generally classified into four categories.

• Interception- It means that an unauthorized party has gained access to a resource.


The party can be a person, program or computer-based system. Examples of
interception are copying of data or programs and listening to network traffic.

• Fabrication- This involves creation of illegal objects on a computer system.


For example, the attacker may add fake records to a database.

• Modification- For example the attacker may modify the values in a database.

•Interruption- Here, the resource becomes unavailable, lost or unusable. Examples of


interruption are causing problems to a hardware device, erasing program, data or
operating system components.

These attacks are further grouped into two types:


• Passive attacks.
• Active attacks.

Passive attacks: Passive attacks are those, where in the attacker indulges in
eavesdropping or monitoring of data transmission. In other words, the attacker aims
to obtain information that is intransit. The term passive indicates that the attacker
does not attempt to perform any modifications to the data. Passive attacks do not
involve any modifications to the contents of an original message.
Passive Attacks:
➢ Passive attacks are those where the attacker indulges in eavesdropping or
monitoring of data transmission.
➢ Passive attacks do not involve any modifications to the contents of an original
message.
There are two types of passive attacks.
1) Release of message contents
2) Traffic analysis.
Release of message contents:
The release of message contents is a type of attack that analyzes and read the
message delivered between senders to receiver.
A telephone conversation, an electronic mail message, or a transferred file may
contain sensitive or confidential information.
We would like to prevent an opponent from getting the contents of these
transmissions.

Traffic analysis.
The attacker simply listens to the network communication to perform traffic
analysis to determine the location of key nodes, the routing structure, and even
application behavior patterns.
In this type of attack, an intruder observes the frequency and length of msg.
Being exchanged between communicating nodes.
Attacker can then use this information for guessing the nature of communication
that was taking place.

Active attacks Unlike passive attacks, the active attacks are based on modification of
the original message in some manner or the creation of a false message. These
attacks cannot be prevented easily. However, they can be detected with some effort
and attempts can be made to recover from them. These attacks can be in the form
of interruption, modification and fabrication. In active attacks, the contents of the
original message are modified in some way.

Masquerade is caused when an unauthorized entity pretends to be another entity.


Replay attack, a user captures a sequence of events or some data units and re- sends
them.

Replay: This attack involves capturing a copy of the message sent by the original
sender and retransmitting it later to bring an unauthorized result.
Modification of messages:
Some portion of message is altered or the messages are delayed or recorded, to
produce an unauthorized effect.
For example, a message meaning "Allow John Smith to read confidential file
accounts" is modified to mean "Allow Fred Brown to read confidential file accounts."

Denial Of Service (DOS): attacks make an attempt to prevent legitimate users from
accessing some services, which they are eligible for. For instance, an unauthorized
user might send too many login requests to a server using random user ids one after
the other in quick succession, so as to flood the network and deny other legitimate
users from using the network facilities.

PROGRAMS THAT ATTACK


Let us now discuss a few programs that attack computer systems to cause some
damage or to create confusion.

Virus One can launch an application-level attack or a network level attack using a
virus. In simple terms, a virus is a piece of program code that attaches itself to
legitimate program code and runs when the legitimate program runs. It can then
infect other programs in that computer or programs that are in other computers but
on the same network. A virus is a computer program that attaches itself to another
legitimate program and causes damage to the computer system or to the network.

Worm Similar in concept to a virus, a worm is actually different in implementation.


A virus modifiesa program (i.e. it attaches itself to the program under attack). A
worm, however, does not modify a program. Instead, it replicates itself again and
again

Trojan Horse A Trojan horse is a hidden piece of code, like a virus. However, the
purpose of aTrojan horse is different. Whereas the main purpose of a virus is to
make some sort of modifications to the target computer or network, a Trojan horse
attempts to reveal confidential information to an attacker.
A Trojan horse allows an attacker to obtain some confidential information about a
computer or a network.

Specific Attacks

There are two specific attacks.


1. Sniffing
2. Spoofing

On the Internet, computers exchange messages with each other in the form of small
blocks of data, called as packets. A packet, like a postal envelope contains the actual
data to be sent and the addressing information. Attackers target these packets, as
they travel from the source computer to the destination computer over the Internet.

These attacks take two main forms:


(a) Packet sniffing
(b) Packet spoofing

(a) Packet sniffing: Packet sniffing is a passive attack on an on-going conversation.


An attacker need not hijack a conversation, but instead, can simply observe(i.e.sniff)
packets as they pass by. Clearly, to prevent an attacker from sniffing packets, the
information that is passing needs to be protected in some ways.

This can be done at two levels:


(i) The data that is traveling can be encoded in some ways
(ii) The transmission link itself can be encoded.
To read a packet, the attacker somehow needs to access it in the first place.

(b) Packet spoofing: In this technique, an attacker sends packets with a false source
address. When this happens, the receiver (i.e. the party who receives these packets
containing false address) would in advertently send replies back to this forged
address (called as spoofed address) and not to the attacker.

Phishing has become a big problem in recent times.

The attacker’s module works as follows


The attacker decides to create her own Web site, which looks very identical to
a real Web site. For example, the attacker can clone Citibank’s Web site. The
cloning is so clever that human eye will not be able to distinguish between the
real (Citibank’s) and fake (attacker’s) sites now

The attacker can use many techniques to attack the bank’s customers.
When the customer (i.e. the victim) innocently clicks on the URL specified in
the email, she is taken to the attacker’s site and not the bank’s original site.

➢ There, the customer is prompted to enterconfidential information, such as her


password or PIN. Since the attacker’s fake site looks exacty like the original
bank site, the customer provides this information.

SECURITY SERVICES

• Authentication: assures recipient that the message is from the source that it
claims to be from.

• Access Control: controls who can have access to resource under what condition

• Availability: available to authorized entities for 24/7.


• Confidentiality: information is not made available to unauthorized individual

• Integrity: assurance that the message is unaltered

• Non-Repudiation: protection against denial of sending or receiving in the


communication

SECURITY MECHANISMS

Network Security is field in computer technology that deals with ensuring security of
computer network infrastructure. As the network is very necessary for sharing of
information whether it is at hardware level such as printer, scanner, or at software
level.

1. Encipherment :
This security mechanism deals with hiding and covering of data which helps data to
become confidential. It is achieved by applying mathematical calculations or
algorithms which reconstruct information into not readable form. It is achieved by
two famous techniques named Cryptography and Encipherment. Level of data
encryption is dependent on the algorithm used for encipherment.

2. Data Integrity :
This security mechanism is used by appending value to data to which is created by
data itself. It is similar to sending packet of information known to both sending and
receiving parties and checked before and after data is received. When this packet or
data which is appended is checked and is the same while sending and receiving data
integrity is maintained.
3. Digital Signature :
This security mechanism is achieved by adding digital data that is not visible to
eyes. It is form of electronic signature which is added by sender which is checked
by receiver electronically. This mechanism is used to preserve data which is not
more confidential but sender’s identity is to be notified.

4. Authentication exchange :
This security mechanism deals with identity to be known in communication. This is
achieved at the TCP/IP layer where two-way handshaking mechanism is used to
ensure data is sent or not

5. Traffic Padding: The insertion of bits into gaps in an information flow is known
as traffic padding. This provide to counter traffic analysis attempts.
6. Routing Control: Routing control allows selection of specific physically secure
routes for specific data transmission and enables routing changes, particularly when a
gap of security is suspected
7. Notarization :
This security mechanism involves use of trusted third party in communication. It acts
as mediator between sender and receiver so that if any chance of conflict is reduced.
This mediator keeps record of requests made by sender to receiver for later denied.

8. Access Control :
This mechanism is used to stop unattended access to data which you are sending. It
can be achieved by various techniques such as applying passwords, using firewall, or
just by adding PIN to data.

9. Bit stuffing :
This security mechanism is used to add some extra bits into data which is being
transmitted. It helps data to be checked at the receiving end and is achieved by
Even parity or Odd Parity.

A MODEL FOR NETWORK SECURITY

A model for much of what we will be discussing is captured, in very general terms,
in Figure. A message is to be transferred from one party to another across some sort
of Internet service.
A security-related transformation on the information to be sent, Examples include the
encryption of the message, which scrambles the message so that it is unreadable by
the opponent, and the addition of a code based on the contents of the message,
which can be used to verify the identity of the sender
Some secret information shared by the two principals and, it is hoped, unknown to
the opponent. An example is an encryption key used in conjunction with the
transformation to scramble the message before transmission and unscramble it on
reception.
Model for Network Security

All the techniques for providing security have two components:


This general model shows that there are four basic tasks in designing a particular
security service:
1) Design an algorithm for performing the security-related transformation. The
algorithm should be such that an opponent cannot defeat its purpose.
2) Generate the secret information to be used with the algorithm.
3) Develop methods for the distribution and sharing of the secret information.
4) Specify a protocol to be used by the two principals that makes use of the
security algorithm and the secret information to achieve a particular security
service
whatsappp....A general model of these other situations is illustrated by Figure, which
reflects a concern for protecting an information system from unwanted access. Most
readers are familiar with the concerns caused by the existence of hackers, who
attempt to penetrate systems that can be accessed over a network. The hacker can
be someone who, with no malign intent, simply gets satisfaction from breaking and
entering a computer system. The intruder can be a disgruntled employee who wishes
to do damage or a criminal who seeks to exploit computer assets for financial gain
(e.g., obtaining credit card numbers or performing illegal money transfers).

Network Access Security Model


Another type of unwanted access is the placement in a computer system of logic that
exploits vulnerabilities in the system and that can affect application programs as well
as utility programs, such as editors and compilers.
Programs can present two kinds of threats:
• Information access threats: Intercept or modify data on behalf of users who should
not have access to that data.
• Service threats: Exploit service flaws in computers to inhibit use by legitimate
users. Viruses and worms are two examples of software attacks. Such attacks can be
introduced into a system by means of a disk that contains the unwanted logic
concealed in otherwise useful software.
The security mechanisms needed to cope with unwanted access fall into two
broad categories (see above Figure) The first category might be termed a gatekeeper
function. It includes password-based login procedures that are designed to deny
access to all but authorized users and screening logic that is designed to detect and
reject worms, viruses, and other similar attacks. Once either an unwanted user or
unwanted software gains access, The second line of defense consists of a variety of
internal controls that monitor activity and analyze stored information in an attempt
to detect the presence of unwanted intruders.

CRYPTOGRAPHY CONCEPTS AND TECHNIQUES

INTRODUCTION:

Cryptography is the art and science of achieving security by encoding messages to


makethem non-readable.

Cryptanalysis is the technique of decoding messages from a non-readable format back


toreadable format without knowing how they were initially converted from readable
format tonon-readable format.
Cryptology is a combination of cryptography and cryptanalysis.

Some Basic Terminologies used

➢ CIPHER TEXT - the coded message


➢ CIPHER - algorithm for transforming plaintext to cipher text
➢ KEY - info used in cipher known only to sender/receiver
➢ ENCIPHER ( ENCRYPT ) - converting plaintext to cipher text
➢ ECIPHER ( DECRYPT ) - recovering cipher text from plaintext
➢ CRYPTOGRAPHY - study of encryption principles/methods
➢ CRYPTANALYSIS ( CODEBREAKING ) - the study of principles/ deciphering
cipher text without knowing key
➢ CRYPTOLOGY - the field of both cryptography and cryptanalysis.

Plaintext
The plaintext is the one where the unencrypted data is used as an input for the
encryption process or as the output for the decryption process. It is referred to
anything which is easy to understand by a human with a bare eye. It is quite
common and easy which is why it is known as plaintext.
Ciphertext
Ciphertext is encrypted text transformed from plaintext using an encryption
algorithm. Ciphertext can't be read until it has been converted into plaintext
(decrypted) with a key. The decryption cipher is an algorithm that transforms the
ciphertext back into plaintext.
Substitution-cipher technique:
In the substitution-cipher technique, the each characters of a plain-text message are
replaced by other characters, numbers or symbols.
There are several techniques. They are:
1) Caesar Cipher
2) Modified version of Caesar Cipher
3) Monoalphabetic Cipher
4) Homophonic Substitution Cipher
5) Polygram Substitution Cipher
6) Polyalphabetic Cipher
I. Playfair Cipher
II. Hill Cipher

1) Caesar Cipher
Proposed by Julius Caesar.
Mechanism to make a plaintext message into ciphertext message.
It replacing each letter of the alphabet with the letter standing 3 places further down
the alphabet.
Example: Replace each A with D, B with E, etc.
Note that the alphabet is wrapped around, so that the letter following Z is A. We
can define the transformation by listing all possibilities, as follows:
plain: A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
cipher: D E F G H I J K L M N O P Q R S T U V W X Y Z A B C
Let us assign a numerical equivalent to each letter:

Then the algorithm can be expressed as follows. For each plaintext letter p, substi-
tute the ciphertext letter C:2
C = E(3, p) = (p + 3) mod 26
A shift may be of any amount, so that the general Caesar algorithm is
C = E(k, p) = (p + k) mod 26
where k takes on a value in the range 1 to 25. The decryption algorithm is simply
p = D(k, C) = (C - k) mod 26
If it is known that a given ciphertext is a Caesar cipher, then a brute-force
cryptanalysis is easily performed: simply try all the 25 possible keys.
Three important characteristics of this problem enabled us to use a brute-force
cryptanalysis:
1. The encryption and decryption algorithms are known.
2. There are only 25 keys to try.
3. The language of the plaintext is known and easily recognizable.
In most networking situations, we can assume that the algorithms are known. What
generally makes brute-force cryptanalysis impractical is the use of an algorithm that
employs a large number of keys.
For example, the triple DES algorithm, makes use of a 168-bit key, giving a key
space of 2168 or greater than 3.7 * 1050 possible keys.

2) Modified version of Caesar Cipher


The Caesar cipher is very simple and very easy to break. To make it complicated the
modified version of Caesar cipher comes into play.
Let us assume that the cipher-text alphabets corresponding to the original plain-text
alphabets may not necessarily be three places down the order, but instead, can be
any places down the order.
As we know, the English language contains 26 alphabets. Thus, an alphabet A can
be replaced by any other alphabet in the English alphabet set, (i.e. B through Z). Of
course, it does not make sense to replace an alphabet by itself (i.e. replacing A with
A).
Thus, for each alphabet, we have 25 possibilities of replacement. Hence, to break a
message in the modified version of Caesar cipher, our earlier algorithm would not
work.
3) Mono-alphabetic Cipher
A monoalphabetic cipher is a substitution cipher where a symbol in the plaintext has
a one- to-one relationship with a symbol in the ciphertext.
It means that a symbol in the plaintext is always replaced with the same symbol in
the ciphertext, irrespective of its position in the plaintext. It uses random
substitution.

This means that in a given plain-text message, each A can be replaced by any other
alphabet (B through Z), each B can also be replaced by any other random alphabet
(A or C through Z), and so on. The crucial difference being, there is no relation
between the replacement of B and replacement of A. That is, if we have decided to
replace each A with B, we need not necessarily replace each B with C—we can
replace each B with any other character!
Advantages of Monoalphabetic Cipher
•Better Security than Caesar Cipher.
•Provides Encryption and Decryption to data.
•Monoalphabetic Cipher maintains a frequency of letters.

Disadvantages of Monoalphabetic Cipher


Monoalphabetic ciphers are easy to break because they reflect the frequency data of
the original alphabet.
•Prone to guessing attack using the English letters frequency of occurrence of
letters.
•The English Language is used so the nature of plain text is known.
•Less secure than a polyalphabetic cipher.

5) Homophonic Substitution Cipher


This substitution cipher is very similar to mono-alphabetic cipher.
However, the difference between the two techniques is in homophonic
substitution cipher, one plain-text alphabet can map to more than one cipher-text
alphabet.
For Ex: E can be replaced by <Z, H, C, A>; A can be replaced by <D, J> etc

Polygram Substitution Cipher


Polygram substitution cipher technique replaces one block of plain text with
another block of cipher text—it does not work on a character-by-character basis.
For instance, HELLO could be replaced by YUQQW, but HELL could be replaced
by a totally different cipher text block TEUI,as shown in Fig.
This is true in spite of the first four characters of the two blocks of text (HELL)
being the same. This shows that in the polygram substitution cipher, the replacement
of plain text happens block by block, rather than character by character.
4) Polyalphabetic Substitution Cipher (vigenere Cipher)
This cipher uses multiple one-character keys. Each of the keys encrypts one plain-
text character. The first key encrypts the first plain-text character; the second key
encrypts the second plain-text character, and so on.
Vigenere Cipher is a method of encrypting alphabetic text. It uses a simple form of
polyalphabetic substitution. A polyalphabetic cipher is any cipher based on
substitution, using multiple substitution alphabets.
Encryption
The plaintext(P) and key(K) are added modulo 26.
Ei = (Pi + Ki) mod 26
Decryption
Di = (Ei - Ki) mod 26
To generate a new key, the given key is repeated in a circular manner, as long as
the length of the plain text does not equal to the new key.

Encryption
The first letter of the plaintext is combined with the first letter of the key. The
column of plain text "J" and row of key "B" intersects the alphabet of "K" in the
vigenere table, so the first letter of ciphertext is "K".
Formula of encryption is,
Ei = (Pi + Ki) mod 26
Formula of decryption is,
Di = (Ei - Ki) mod 26

If any case (Di) value becomes negative (-ve), in this case, we will add 26 in the
negative value.
Example: The plaintext is "cryptoisshortforcryptography", and the key is "ABCD".
Encryption: Ei= (Pi+ Ki) mod 26
Key: A B C D A B C D A B C D A B C D A B C D A B C D
P: c r y p t o i s s h o r t f o r c r y p t o g r
C : C S A S T P K V S I Q U T G Q U C S A S T P I U
Decryption: Di= (Ei - Ki) mod 26
If any case (Di) value becomes negative (-ve), in this case, we will add 26 in the
negative value. Like, the third letter of the ciphertext;
Key: A B C D A B C D A B C D A B C D A B C D A B C D
C : C S A S T P K V S I Q U T G Q U C S A S T P I U
P: c r y p t o i s s h o r t f o r c r y p t o g r
i) Hill Cipher
The Hill cipher works on multiple letters at the same time.
Lester Hill invented this in 1929. The Hill cipher uses the matrix theory of
mathematics.
Encrypting with the Hill cipher is built on the following operation:

E(K, P) = (K*P) mod 26

Where K is our key matrix and P is the plaintext in vector form. Matrix multiplying
these two terms produces the encrypted ciphertext. Let's do so step by step:
1. Pick a keyword to encrypt your plaintext message. Let’s work with the
random keyword “DCDF”. Convert this keyword to matrix form using your
substitution scheme to convert it to a numerical 2x2 key matrix.

2. Next, we will convert our plaintext message to vector form. Since our key
matrix is 2x2, the vector needs to be 2x1 for matrix multiplication to be
possible. In our case, our message is four letters long so we can split it into
blocks of two and then substitute to get our plaintext vectors.

3. Now, we can matrix multiply the key matrix with each 2x1 plaintext
vector, take the moduli of the resulting 2x1 vectors by 26, and concatenate
the results to get “WWVA”, the final ciphertext.
Decryption
Decrypting with the Hill cipher is built on the following operation:
D(K, C) = (K-1 *C) mod 26
Where K is our key matrix and C is the ciphertext in vector form. Matrix multiplying
the inverse of the key matrix with the ciphertext produces the decrypted plaintext.
Let's do this step by step with our ciphertext, "WWVA":
1. First, we calculate the inverse of the key matrix. In doing so, we must keep, the
result between 0-25 using modulo 26. For this reason, the Extended Euclidean
algorithm is used to find the modular multiplicative inverse of the key matrix
determinant.

2. Next, we will multiply 2x1 blocks of the ciphertext with the inverse of the key
matrix to get our original plaintext message, “CODE,” back.

ii) Playfair Cipher


The Playfair cipher was the first practical digraph substitution cipher. The scheme
was invented in 1854 by Charles Wheatstone but was named after Lord Playfair who
promoted the use of the cipher. In playfair cipher, unlike traditional cipher we
encrypt a pair of alphabets(digraphs) instead of a single alphabet.
The Playfair Cipher operates on pairs of letters rather than individual letters, making
it more resistant to frequency analysis attacks. It employs a square grid, known as a
key square, to determine the substitution of letters in plaintext.
The Playfair Cipher uses a 5X5 matrix of letters (the key table), which contains no
duplicates. The letters i and j are treated as the same letter. We form the key table
by placing the unique letters of a keyword in order, followed by the remaining
letters of the alphabet.
For the encryption process let us consider the following example:
key: monarchy
plaintext : instruments

The Playfair Cipher Encryption Algorithm:


The Algorithm consists of 2 steps:
1. Generate the key Square(5×5):
The key square is a 5×5 grid of alphabets that acts as the key for encrypting the
plaintext. Each of the 25 alphabets must be unique and one letter of the alphabet
(usually J) is omitted from the table (as the table can hold only 25 alphabets). If the
plaintext contains J, then it is replaced by I.
The initial alphabets in the key square are the unique alphabets of the key in the
order in which they appear followed by the remaining letters of the alphabet in
order.
Rules for Encryption:
1. Diagrams.
2. Repeating Letters -Filler letter.
3. Same column |⬇| wrap around.

4. Same row |➡| wrap around.

5. Rectangle |⇆| swap.


Algorithm to encrypt the plain text: The plaintext is split into pairs of two letters
(digraphs). If there is an odd number of letters, a Z is added to the last letter.
For example:
PlainText: "instruments"
After Split: 'in' 'st' 'ru' 'me' 'nt' 'sz'
1. Pair cannot be made with the same letter. Break the letter in single and add a
bogus letter to the previous letter.
Plain Text: “hello”
After Split: ‘he’ ‘lx’ ‘lo’
Here ‘x’ is the bogus letter.
2. If the letter is standing alone in the process of pairing, then add an extra bogus
letter with the alone letter
Plain Text: “helloe”
AfterSplit: ‘he’ ‘lx’ ‘lo’ ‘ez’
Here ‘z’ is the bogus letter.
If both the letters are in the same column: Take the letter below each one (going
back to the top if at the bottom).

For example:
Diagraph: "me"
Encrypted Text: cl
Encryption:
m -> c
e -> l
If both the letters are in the same row: Take the letter to the right of each one
(going back to the leftmost if at the rightmost position).
For example:

Diagraph: "st"
Encrypted Text: tl
Encryption:
s -> t
t -> l

If neither of the above rules is true: Form a rectangle with the two letters and take
the letters on the horizontal opposite corner of the rectangle.
For example:
Diagraph: "nt"
Encrypted Text: rq
Encryption:
n -> r
t -> q
For example:
Plain Text: "instrumentsz"
Encrypted Text: gatlmzclrqtx
Encryption:
i -> g
n -> a
s -> t
t -> l
r -> m
u -> z
m -> c
e -> l, n -> r, t -> q, s -> t, z -> x
Vernam Cipher
Vernam Cipher is a method of encrypting alphabetic text. It is one of the
Substitution techniques for converting plain text into cipher text. In this mechanism,
we assign a number to each character of the Plain-Text, like (a = 0, b = 1, c = 2,
… z = 25).

Method to take key: In the Vernam cipher algorithm, we take a key to encrypt the
plain text whose length should be equal to the length of the plain text.

Encryption Algorithm
•Assign a number to each character of the plain text and the key according to
alphabetical order.

•Bitwise XOR both the number (Corresponding plain-text character number and Key
character number).

c i = p i ⊕ k k i

where

p i = ith binary digit of plaintext

k i = ith binary digit of key

c i = ith binary digit of ciphertext

⊕ = exclusive-or (XOR) operation = exclusive-or (XOR) operation

•Subtract the number from 26 if the resulting number is greater than or equal to 26,
if it isn’t then leave it.

Example 1:

Plain-Text: O A K

Key: S O N

O ==> 14 = 0 1 1 1 0

S ==> 18 = 1 0 0 1 0

Bitwise XOR Result: 1 1 1 0 0 = 28


Since the resulting number is greater than 26, subtract 26 from it. Then convert the
Cipher-Text character number to the Cipher-Text character.

28 - 26 = 2 ==> C

CIPHER-TEXT: C

One Time Pad algorithm

One Time Pad algorithm is the improvement of the Vernam Cipher, proposed by An
Army Signal Corp officer, Joseph Mauborgne. It is the only available algorithm that
is unbreakable(completely secure). It is a method of encrypting alphabetic plain text.
It is one of the Substitution techniques which converts plain text into ciphertext. In
this mechanism, we assign a number to each character of the Plain-Text.

The two requirements for the One-Time pad are


•The key should be randomly generated as long as the size of the message.

•The key is to be used to encrypt and decrypt a single message, and then it is

discarded.
So encrypting every new message requires a new key of the same length as the new
message in one-time pad.
The ciphertext generated by the One-Time pad is random, so it does not have any
statistical relation with the plain text.
input: Message = HELLO, Key = MONEY Output: Cipher – TSYPM,

Message – HELLO

Explanation:

Part 1: Plain text to Ciphertext

Plain text — H E L L O ==> 7 4 11 11 14

Key — M O N E Y ==> 12 14 13 4 24

Plain text + key ==> 19 18 24 15 38 ==> 19 18 24 15 12 (= 38 – 26)

Cipher Text ==> T S Y P M

Part 2: Ciphertext to Message

Cipher Text — T S Y P M ==> 19 18 24 15 12

Key — M O N E Y==> 12 14 13 4 24

Cipher text – key ==> 7 4 11 11 -12 ==> 7 4 11 11 14

Message ==> H E L L O

Input: Message = SAVE, Key = LIFE


Output: Cipher – DIAI Message – SAVE

Advantages

•One-Time Pad is the only algorithm that is truly unbreakable and can be used

for low-bandwidth channels requiring very high security(ex. for military uses).
Disadvantages
•There is the practical problem of making large quantities of random keys. Any

heavily used system might require millions of random characters on a regular basis.
•For every message to be sent, a key of equal length is needed by both sender and

receiver. Thus, a mammoth key distribution problem exists.

2) Transposition techniques
Transposition technique is an encryption method which is achieved by
performing permutation over the plain text.
1) Rail-Fence Technique
This technique is a type of Transposition technique which involves writing the plain
text as a sequence of diagonals and then reading row-by-row to produce cipher text.
It uses a simple algorithm,
1. Write down the plain text message as a sequence of diagonals.
2. Read the plain text written in Step 1 as a sequence of rows.
3. Here depth=2.
Example:
Plain Text: meet me Tomorrow
Now, we will write this plain text sequence wise in a diagonal form as you can see
below:

Cipher Text: m e m t m r o e t e o o r w

2) Simple Columnar Transposition Technique:


A. Basic Technique (Row-Column Transposition)
It is a slight variation to the Rail-fence technique, let’s see its algorithm:
1. In a rectangle of pre-defined size, write the plain-text message row by row.
2. Read the plain message in random order in a column-wise fashion. It can be any
order such as 2, 1, 3 etc.
3. Thus Cipher-text is obtained.
Rules:
• Rectangle
• write: row by row.
• Read : column by column
• Key : order of the column
Original message: "INCLUDEHELP IS AWESOME".

Now we apply the above algorithm and create the rectangle of 4 columns (we decide
to make a rectangle with four column it can be any number.)
Now let’s decide on an order for the column as 4, 1, 3 and 2 and now we will read
the text in column-wise.
Cipher-text: LHIEEIUESSCEPWMNDLAO

B. Columnar Technique with multiple rounds


In this method, we again change the chipper text we received from a Basic
technique that is in round 1 and again follows the same procedure for the cipher-
text from round 1.
Algorithm:
1. In a rectangle of pre-defined size, write the plain-text message row by row.
2. Read the plain message in random order in a column-wise fashion. It can be any
order such as 2, 1, 3 etc.
3. Thus, Cipher-text of round 1 is obtained.
4. Repeat from step 1 to 3.
Example:
Original message: "INCLUDEHELP IS AWESOME".
Now we apply the above algorithm and create the rectangle of 4 column (we decide
to make a rectangle with four column it can be any number.)
Now let’s decide on an order for the column as 4, 1, 3 and 2 and now we will read
the text in column-wise.
Cipher-text of round 1: LHIEEIUESSCEPWMNDLAO

Round 2:
Now, we decide to go with a previous order that is 4,1,3,2.
Cipher-text: EEENLESPICUMHISW
These multi-round columnar techniques are harder to crack as compared to methods
seen earlier.

Encryption and Decryption


Encryption is the process of converting plain, understandable data, known as
plaintext, into an encoded form called ciphertext. It involves the use of an
encryption algorithm, which is a mathematical function that operates on the
plaintext and the encryption key. The encryption key is a unique and secret value
used to control the transformation of the plaintext into ciphertext.
Encryption: C = EK(P)
There are various encryption algorithms available, each with its own strengths and
weaknesses. Some commonly used algorithms include Advanced Encryption Standard
(AES), Data Encryption Standard (DES), and Rivest Cipher (RC).

Decryption is the reverse process of encryption. It involves converting the ciphertext


back into its original plaintext form, using a decryption algorithm and the correct
decryption key. Only individuals or systems possessing the correct decryption key can
successfully decipher the ciphertext and retrieve the original information.
Decryption:P=DK(C)
The decryption algorithm is designed to reverse the mathematical operations
performed during encryption, effectively undoing the transformations applied to the
ciphertext. By applying the decryption algorithm with the correct key, the ciphertext
is transformed back into its original plaintext form, allowing authorized users to
access and understand the information.
Symmetric and Asymmetric key Cryptography
Types of Modern Cryptography
Different algorithms have come up with powerful encryption mechanisms
incorporated in them. It gave rise to two new ways of encryption mechanism for
data security. These are:
• Symmetric key encryption
• Asymmetric key encryption
Key: It can be a number, word, phrase, or any code that will be used for encrypting
as well as decrypting any ciphertext information to plain text and vice versa.

Symmetric and asymmetric key cryptography is based on the number of keys and the
way these keys work. Let us know about both of them in details:

Symmetric key encryption


Symmetric key encryption technique uses a straight forward method of encryption.
Hence, this is the simpler among these two practices. In the case of symmetric key
encryption, the encryption is done through only one secret key, which is known as
"Symmetric Key", and this key remains to both the parties. The same key is
implemented for both encodings as well as decoding the information.
The Mathematical Representation is as follows-
P = D(K, E(K,P))
where
K–> encryption and decryption key
P–>plaintext
D–>Decryption
E(K, P)–>Encryption of plain text using K

So, the key is used first by the sender prior to sending the message, and on the
receiver side, that key is used to decipher the encoded message.
One of the good old examples of this encryption technique is Caesar's Cipher.
Modern examples and algorithms that use the concept of symmetric key encryption
are RC4, QUAD, AES, DES, Blowfish, 3DES, etc.
Asymmetric Key Encryption
Asymmetric Encryption is another encryption method that uses two keys, which is a
new and sophisticated encryption technique. This is because it integrates two
cryptographic keys for implementing data security. These keys are termed as Public
Key and Private Key. The "public key", as the name implies, is accessible to all who
want to send an encrypted message. The other is the "private key" that is kept
secure by the owner of that public key or the one who is encrypting.Encryption of
information is done through public key first, with the help of a particular algorithm.
Then the private key, which the receiver possesses, will use to decrypt that
encrypted information. The same algorithm will be used in both encodings as well as
decoding.
The Mathematical Representation is as follows-
P=D(Kd,E(Ke,P))
where Ke –> encryption key
Kd –>decryptionkey
D –>Decryption
E(Ke, P) –>Encryption of plain text using encryption key Ke. P –>plain text

Examples of asymmetric key encryption algorithms are Diffie-Hellman and RSA


algorithm

Difference Between Symmetric and Asymmetric Key Encryption


Symmetric Key Encryption Asymmetric Key Encryption
It requires two keys, a public key and a
It only requires a single key for both
private key, one to encrypt and the other to
encryption and decryption.
decrypt.
The size of ciphertext is the same or The size of ciphertext is the same or larger
smaller than the original plaintext. than the original plaintext.
The encryption process is very fast. The encryption process is slow.
It is used when a large amount of data
It is used to transfer small amount of data.
needs to be transferred.
It provides confidentiality, authenticity, and
It only provides confidentiality.
non-repudiation.
The length of key used is 128 or 256
The length of key used is 2048 or higher
bits
In symmetric key encryption, resource
In asymmetric key encryption, resource
utilization is low compared to
utilization is high.
asymmetric key encryption.
It is efficient as it is used for handling It is comparatively less efficient as it can
large amount of data. handle a small amount of data.
Security is lower as only one key is used
Security is higher as two keys are used, one
for both encryption and decryption
for encryption and the other for decryption.
purposes.
The Mathematical Representation is as The Mathematical Representation is as
follows- follows-
P = D(K,E(K,P)) P=D(Kd,E(Ke,P))
where K–> encryption and decryption where Ke –> encryption key
key Kd–>decryptionkey
P–>plaintext D–>Decryption
D–>Decryption E(Ke, P)–>Encryption of plain text using
Symmetric Key Encryption Asymmetric Key Encryption
E(K, P)–>Encryption of plain text using
encryption key Ke. P –>plain text
K
Examples: Diffie-Hellman, ECC, El Gamal,
Examples: 3DES, AES, DES and RC4
DSA and RSA

STEGANOGRAPHY
The word Steganography is derived from two Greek words- ‘stegos’ meaning ‘to
cover’ and ‘grayfia’, meaning ‘writing’, thus translating to ‘covered writing’, or
‘hidden writing’. Steganography is a method of hiding secret data, by embedding it
into an audio, video, image, or text file. It is one of the methods employed to
protect secret or sensitive data from malicious attacks.

How is it different from cryptography?


Cryptography and steganography are both methods used to hide or protect secret
data. However, they differ in the respect that cryptography makes the data
unreadable, or hides the meaning of the data, while steganography hides the
existence of the data.
The sender used methods such as invisible ink, tiny pin punctures on specific
characters, minute variations betweenhandwritten characters, pencil marks on
handwritten characters, etc.

Different Types of Steganography


Text Steganography
Text Steganography is defined as a type of steganography which involves caching
dispatches or secret information within a textbook document or other textual data. In
this system, we try to hide secret data with the help of each letter of the word. It is
challenging to describe especially when the variations or changes made are subtle.
Image Steganography
Image Steganography is defined as a type of steganography which involves caching
dispatches or secret information within digital images. It is achieved by making
changes in the pixels of the image to render the information. It is generally used for
watermarking, covert communication, brand protection, etc.
Audio Steganography
Audio Steganography is defined as a type of steganography which involves caching
dispatches or secret information within audio lines. The ideal behind using this
fashion is to hide information in such a way that people cannot notice it when they
hear the audio. It’s generally used for digital rights operation in audio lines.
Video Steganography
Video Steganography is defined as a type of steganography which involves caching
dispatches or secret information within digital videotape lines. The ideal way to use
Video Steganography is to detect secret information in a videotape in such a way
that normal people won’t notice it.
Network or Protocol Steganography
Network or Protocol Steganography is defined as a type of steganography which
involves caching dispatches or secret information within network protocols.It tries to
hide secret information in the usual inflow of internet or network exertion so that
nothing can describe it.

LSB based Image steganography


Steganography is the method of hiding secret data inside any form of digital media.
The main idea behind steganography is to hide the existence of data in any medium
like audio, video, image, etc. When we talk about image steganography, the idea is
quite simple. Images are made up of pixels which usually refer to the color of that
particular pixel. In a grayscale (black and white) image, these pixel values range
from 0-255, 0 being black and 255 being white.

Concept of LSB based data embedding:


LSB stands for Least Significant Bit. The idea behind LSB embedding is that if we
change the last bit value of a pixel, there won’t be much visible change in the
color. For example, 0 is black. Changing the value to 1 won’t make much of a
difference since it is still black, just a lighter shade.
The encoding is done using the following steps:.
1.Convert the image to grayscaleResize the image if needed
2.Convert the message to its binary format
3.Initialize output image same as input image
4.Traverse through each pixel of the image and do the following:
•Convert the pixel value to binary
•Get the next bit of the message to be embedded
•Create a variable temp
•If the message bit and the LSB of the pixel are same, set temp = 0
•If the message bit and the LSB of the pixel are different, set temp = 1
•This setting of temp can be done by taking XOR of message bit and the LSB
of the pixel
•Update the pixel of output image to input image pixel value + temp
5.Keep updating the output image till all the bits in the message are embedded
6.Finally, write the input as well as the output image to local system.
Drawbacks of Steganography
• Requires a lot of overhead to hide a relatively few bits of information.
• Once the system is discovered, it becomes virtually worthless.

Key Range and Key Size:

Key Range: The key range in cryptography refers to the set of possible values that a
cryptographic key can take. It is essentially the numerical or alphanumeric space
within which keys are generated. For example, in symmetric key cryptography, the
key range may be all possible combinations of a fixed number of bits. A key range
is determined by the key length, and the larger the key range, the more secure the
cryptographic system is against brute-force attacks.

Key Size: The key size, often referred to as key length, is the number of bits used in
a cryptographic key. It directly influences the key range. The key size is a crucial
factor in determining the strength of encryption algorithms. Generally, a larger key
size means a larger key range and increased security, but it may also result in a
higher computational cost.

Advantages of Key Range and Key Size:


1.Security: Larger key sizes and ranges enhance the security of cryptographic systems
by making it computationally infeasible for attackers to exhaustively search for the
correct key.
2.Resistance to Attacks: Increasing the key size and range makes cryptographic
systems more resistant to various types of attacks, including brute-force attacks.
3.Long-Term Security: As computational power increases over time, larger key sizes
provide long-term security against advancements in technology that might make
older key sizes vulnerable.

Benefits of Key Range and Key Size:

1.Versatility: Cryptographic systems can be tailored to different security requirements


by adjusting the key range and size, allowing for flexibility in choosing an
appropriate level of security.
2.Adaptability: As computing power increases, larger key sizes can be adopted to
maintain the same level of security, adapting to the changing landscape of
technological capabilities.

Possible types of attacks

Cryptology has two parts namely, Cryptography which focuses on creating secret
codes and Cryptanalysis which is the study of the cryptographic algorithm and the
breaking of those secret codes. The person practicing Cryptanalysis is called a
Cryptanalyst. It helps us to better understand the cryptosystems and also helps us
improve the system by finding any weak point and thus work on the algorithm to
create a more secure secret code. For example, a Cryptanalyst might try to decipher
a ciphertext to derive the plaintext. It can help us to deduce the plaintext or the
encryption key.

Types of Cryptanalytic attacks :

•Known-Plaintext Analysis (KPA) : In this type of attack, some plaintext-ciphertext


pairs are already known. Attacker maps them in order to find the encryption key.
This attack is easier to use as a lot of information is already available.

•Chosen-Plaintext Analysis (CPA) : In this type of attack, the attacker chooses


random plaintexts and obtains the corresponding ciphertexts and tries to find the
encryption key. Its very simple to implement like KPA but the success rate is
quite low.

•Ciphertext-Only Analysis (COA) : In this type of attack, only some cipher-text is


known and the attacker tries to find the corresponding encryption key and
plaintext. Its the hardest to implement but is the most probable attack as only
ciphertext is required.

•Man-In-The-Middle (MITM) attack : In this type of attack, attacker intercepts the


message/key between two communicating parties through a secured channel

•Adaptive Chosen-Plaintext Analysis (ACPA) : This attack is similar CPA. Here, the
attacker requests the cipher texts of additional plaintexts after they have
ciphertexts for some texts.

•Birthday attack: This attack exploits the probability of two or more individuals
sharing the same birthday in a group of people. In cryptography, this attack is
used to find collisions in a hash function.

•Side-channel attack: This type of attack is based on information obtained from


the physical implementation of the cryptographic system, rather than on
weaknesses in the algorithm itself. Side-channel attacks include timing attacks,
power analysis attacks, electromagnetic attacks, and others.

•Brute-force attack: This attack involves trying every possible key until the correct
one is found. While this attack is simple to implement, it can be time-consuming
and computationally expensive, especially for longer keys.
•Differential cryptanalysis: This type of attack involves comparing pairs of
plaintexts and their corresponding ciphertexts to find patterns in the encryption
algorithm. It can be effective against block ciphers with certain properties.

You might also like