UNIT – I

NETWORK SECURITY AND CRYPTOGRAPHY

INTRODUCTION:
The study of cryptography mainly focuses on two broad areas: cryptographic algorithms and protocols (which
have a broad range of applications) and network and Internet security (which depends on cryptographic
techniques).
Cryptographic algorithms and protocols are grouped into four main areas:
1. Symmetric encryption: Used to hide the contents of blocks or streams of data of any size.
Ex: messages, files, encryption keys, and passwords.
2. Asymmetric encryption: Used to hide small blocks of data.
Ex: Encryption keys and hash function values (used in digital signatures).
3. Data integrity algorithms: Used to protect blocks of data from alteration.
4. Authentication protocols: Schemes designed, based on the use of cryptographic algorithms to
authenticate the identity of entities.
The field of network and Internet security consists of measures to discourage, prevent, detect, and correct
security violations in transmission of information.

A Definition of Computer Security:

• The security provided to an automated information system in order to preserve the confidentiality,
integrity and availability of information system resources.
• Information resources includes hardware, software, firmware, information/data, and telecommunications.
This definition introduces three key objectives:
o Confidentiality: Assures that private or confidential information is not made available or disclosed to
unauthorized individuals.
o Integrity: Assures that information and programs are changed only in a specified and authorized manner.
o Availability: Assures that system and services are not denied to the authorized users.

These three are referred as the CIA triad. Although the use of the CIA triad to define security objectives is well
established, some in the security field feel that additional concepts are needed to present a complete picture. Two
most commonly mentioned are as follows:
o Authenticity: The property of being genuine and being able to be verified and trusted; confidence in the
validity of a transmission, a message, or message originator. This means verifying that users are who they
say they are and that each input arriving at the system came from a trusted source.
o Accountability: Because truly secure systems are not yet an achievable goal, we must be able to trace a
security breach to a responsible party. Systems must keep records of their activities to permit later
forensic analysis to trace security breaches or to aid in transaction.
EXAMPLES:
Confidentiality – student grades or question papers are more confidential than other details. Grades and
question papers must be given high confidentiality and other student details or faculty details can be kept with
lower, or they can be open to the normal public without providing any confidentiality.
Integrity – Integrity can be illustrated by the example of a hospital patient’s allergy information stored in a
database.
Availability: The more critical a component or a service is, the higher level of availability required.
· Applications involving financial transactions require high availability.
· Applications like public websites requires moderate availability.
· Applications like online telephone directory require low availability.

SECURITY ATTACKS:
There are four general categories of attack which are listed below.

1. Interruption
An asset of the system is destroyed or becomes unavailable or unusable. This is an attack on availability
e.g., destruction of piece of hardware, cutting of a communication line or Disabling of file management
system.

2. Interception
An unauthorized party gains access to an asset. This is an attack on confidentiality. Unauthorized party
could be a person, a program or a computer.e.g., wire tapping to capture data in the network, illicit
copying of files.

3. Modification
An unauthorized party not only gains access to but tampers with an asset. This is an attack on integrity.
e.g., changing values in data file, altering a program, modifying the contents of messages being
transmitted in a network.

4. Fabrication
An unauthorized party inserts counterfeit objects into the system. This is an attack on authenticity.
e.g., insertion of spurious message in a network or addition of records to a file.
Cryptographic Attacks
Cryptographic Attacks are divided into two categories: Passive attacks and Active attacks.
 Passive attacks: In this type of attacks (As shown in the following figure) the opponent either
eavesdropping on, or monitor the transmissions. The goal is to obtain information that is being
transmitted.
 Two types of passive attacks are the release of message contents and traffic analysis.
o A telephone conversation, an electronic mail message, and a transferred file may contain sensitive
or confidential information are the examples for release of message contents. We would like to
prevent an opponent from learning the contents of these transmissions.
o A second type of passive attack is traffic analysis. In this even if we had a way of masking the
contents of messages or other information traffic, even if they captured the message, could not
extract the information from the message. The opponent could determine the location and identity
of communicating hosts and could observe the frequency and length of messages being
exchanged. This information might be useful in guessing the nature of the communication that
was taking place.
 Passive attacks are very difficult to detect, because there is no alteration of the data. The message traffic
is sent and received in a normal fashion, and neither the sender nor receiver is aware that a third party has
read the messages or observed the traffic pattern.

 Active Attacks: In active attacks (as shown in the above figure) either the data stream will be modified
or a new false stream will be generated.
 Active attacks can be subdivided into four categories: masquerade, replay, modification of messages, and
denial of service.
o A masquerade takes place when one entity pretends to be a different entity. For example an entity
with fewer privileges will behave like another entity to gain his extra privileges (path 2 in the
above figure b).
o In replay the data will be passively captured and its subsequent retransmission will be done to
produce an unauthorized effect (paths 1, 2, and 3 active).
o Modification of messages simply means that some portion of an actual message is altered, or that
messages are delayed or reordered, to produce an unauthorized effect (paths 1 and 2 active). For
 example, a message meaning “Allow John to read confidential file accounts” is modified to mean
“Allow Fred to read confidential file accounts.”
o The denial of service prevents the normal use of communication facilities (path 3 active). This
attack may have a specific target; for example, an entity may suppress all messages directed to a
particular destination (e.g., the security audit service). Another form of service denial is the
disruption of an entire network, either by disabling the network or by overloading it with
messages to degrade its performance.
 Active attacks present the opposite characteristics of passive attacks.
 Passive attacks are difficult to detect but they can be prevented by taking certain measures. On the other
hand, it is quite difficult to prevent active attacks absolutely because of the wide variety of potential
physical, software, and network vulnerabilities.

SECURITY SERVICES
The definition of the term security services is given in two different standard documents.
 X.800 defines a security service as a service that is provided by a protocol layer of communicating open
systems and that ensures adequate security of the systems or of data transfers.
 RFC 4949 defines a security service as a processing or communication service that is provided by a
system to give a specific kind of protection to system resources.
X.800 divides these services into five categories and fourteen specific services (See the following table).
Authentication: The authentication service assures that a communication is authentic.
 In the case of a single message, such as a warning or alarm signal, the function of the authentication
service is to assure the recipient that the message is from the source that it claims to be from.
 In the case of an ongoing interaction, such as the connection of a terminal to a host, there are two aspects.
o First, at the time of connection initiation, the service assures that the two entities are authentic.
o Second, the service must assure that the connection is not interfered by a third party for the
purposes of unauthorized transmission or reception.
 Two specific authentication services are defined in X.800:
o Peer entity authentication:
 Provides peer entity verification in a communication.
 Two entities are considered peers if they implement same protocol in different systems;
for example two TCP modules in two communicating systems.
 It provide confidence that an entity is not performing either a masquerade or an
unauthorized replay of a previous connection.
o Data origin authentication:
 Provides the verification of the source of a data unit.
 It does not provide protection against the duplication or modification of data units.
 This type of service supports applications like electronic mail, where there are no prior
interactions between the communicating entities.
Access Control
 Access control is the ability to limit and control the access to host systems and applications via
communications links.
  Each entity trying to gain access must first be identified, or authenticated, so that access rights can be
customized to the individual.

Data Confidentiality:
Confidentiality is the protection of transmitted data from passive attacks.
Different levels of protections are possible:
 Broad Level protects the data transmitted between the users over a period of time. Example TCP
connection is established between the peers, the protection protects the data transmission until the
connection is released.
 Narrow Level protects a single message or specific fields within a message. It is less useful compared to
broad level and are more complex and expensive to implement.
 It also provide protection to traffic flow from analysis by the attacker. (i.e., frequency, length, or other
characteristics of the traffic on a communication channel.)

Data Integrity:
 As with confidentiality, integrity can also be applied to a stream of messages, a single message, or
selected fields within a message. And, the useful approach is total stream protection.
 A connection-oriented integrity service deals with a stream of messages and assures that messages are
received as sent with no duplication, insertion, modification, reordering, or replays.
 A connectionless integrity service deals with individual messages and provides protection against
message modification only.
Nonrepudiation:
 Nonrepudiation prevents either sender or receiver from denying a transmitted message.
 When a message is sent, the receiver can prove that the alleged sender has sent the message. Similarly,
when a message is received, the sender can prove that the alleged receiver has received the message.
Availability Service:
 The property of a system resource being accessible and usable whenever demanded by an authorized
system entity is known as availability.
 Different types of attacks can result in either the loss of or reduction of availability.
 Authentication and encryption are mostly affected by attacks in terms of availability, whereas others type
of services require some physical action to undone these type of attacks.
 The availability service is the one which protects the system to ensure its availability.
SECURITY MECHANISMS
The security mechanisms are divided into two categories:
1. They are implemented in a specific protocol layer, such as TCP or an application-layer protocol.
2. They are not specific to any particular protocol layer or security service.
The following table lists the security mechanisms as defined in X.800.
X.800 distinguishes between reversible encipherment mechanisms and irreversible encipherment mechanisms.
A reversible encipherment mechanism is an encryption algorithm that allows data to be encrypted and
subsequently decrypted.
Irreversible encipherment mechanisms include hash algorithms and message authentication codes, which are
used in digital signature and message authentication applications.

Table: Security Mechanisms (X.800)

SPECIFIC SECURITY MECHANISMS PERVASIVE SECURITY MECHANISMS

May be incorporated into the appropriate protocol
layer in order to provide some of the OSI security
services.
Encipherment
The use of mathematical algorithms to transform data
into a form that is not readily intelligible. The
transformation and subsequent recovery of the data
depend on an algorithm and zero or more encryption
keys.
Digital Signature
Data appended to, or a cryptographic transformation
of, a data unit that allows a recipient of the data unit
to prove the source and integrity of the data unit and
protect against forgery (e.g., by the recipient).
Access Control
A variety of mechanisms that enforce access rights to
resources.
Mechanisms that are not specific to any particular
OSI security service or protocol layer.
Trusted Functionality
That which is perceived to be correct with respect to
some criteria (e.g., as established by a security
policy).
Security Label
The marking bound to a resource (which may be a
data unit) that names or designates the security
attributes of that resource.
Event Detection
Detection of security-relevant events.
Security Audit Trail
Data collected and potentially used to facilitate a
security audit, which is an independent review and
examination of system records and activities.

Data Integrity Security Recovery

A variety of mechanisms used to assure the integrity Deals with requests from mechanisms, such as event
of a data unit or stream of data units. handling and management functions, and takes
recovery actions.
Authentication Exchange
A mechanism intended to ensure the identity of an
entity by means of information exchange.

Traffic Padding
The insertion of bits into gaps in a data stream to
frustrate traffic analysis attempts.
 Routing Control
Enables selection of particular physically secure
routes for certain data and allows routing changes,
especially when a breach of security is suspected.

Notarization
The use of a trusted third party to assure certain
properties of a data exchange.

The following table indicates the relationship between security services and security mechanisms.
A MODEL FOR NETWORK SECURITY
• A model for Network Security is shown in the following figure.
• Assume that a message has to be transferred from one party to another across the open public network
(Internet). The two parties, must cooperate for the exchange of information to take place.
• A logical information channel is established by defining a route through the Internet from source to
destination by use of communication protocols (e.g., TCP/IP).
• Security aspects come into play when it is necessary to protect the information transmission from an
opponent who may present as a threat to confidentiality, authenticity, and so on.

The techniques for providing security have two components:

 A security-related transformation on the information to be sent.
Examples: The encryption of the message, which scrambles the message so that it is unreadable by the
opponent, and the addition of a code based on the contents of the message, which can be used to verify
the identity of the sender.
 Some secret information shared by the two principals and, it is hoped, unknown to the opponent.
Example is an encryption key used in conjunction with the transformation to scramble the message
before transmission and unscramble it on reception.
A trusted third party is needed to achieve secure transmission.
Example, a third party may be responsible for distributing the secret information to the two parties while hiding
it from any opponent. Or a third party is needed to check the authenticity of a message transmission.
The above model shows that there are four basic tasks in designing a security service:
1. Design an algorithm for performing the security-related transformation. The algorithm should be such
that an opponent cannot defeat its purpose.
2. Generate the secret information to be used with the algorithm.
3. Develop methods for the distribution and sharing of the secret information.
 4. Specify a protocol to be used by the two principals that makes use of the security algorithm and the secret
information to achieve a particular security service.
There are other security-related situations where the above model do not fit. A general model of these other
situations is illustrated in the following figure.

• Above model reflects the concern of protecting an information system from unwanted access.
• Everyone is familiar with the problems caused by the existence of hackers, who attempt to penetrate
systems over a network.
• The hacker is someone who simply gets satisfaction from breaking and entering into a computer system.
• The intruder can be a frustrated employee who wishes to do damage to his company or a criminal who
seeks financial gain by exploiting computer assets. (e.g., obtaining credit card numbers or performing
illegal money transfers).
• Another type of unwanted access is placing an unwanted computer program or logic that exploits or
effects the system and application programs.
• Viruses and worms are two examples of software attacks. Such attacks can be introduced into a system
by means of a disk that contains the unwanted logic or they can also be inserted into a system across a
Network.
The security mechanisms needed for avoiding the above unwanted access fall into two broad categories:
• The first category is a gatekeeper function which includes password-based login procedures that are
designed to deny access to unauthorized users and give access to authorized users, detect and reject
worms, viruses, and other similar attacks.
• The second category consists of a variety of internal controls that monitor activity and analyze stored
information in an attempt to detect the presence of unwanted intruders.
WHAT IS CRYPTOGRAPHY?
 Cryptography is the science of using mathematics to encrypt and decrypt data.
 Cryptography enables you to store sensitive information or transmit it across insecure networks (like the
Internet) so that it cannot be read by anyone except the intended recipient.
Cryptanalysis:
 Cryptanalysis is the science of analyzing and breaking secure communication.
 Classical cryptanalysis involves an interesting combination of analytical reasoning, application of
mathematical tools, pattern finding, patience, determination, and luck.
 Cryptanalysts are also called as attackers.
Cryptology:
 Cryptology is combination of both cryptography and cryptanalysis.

TERMINOLOGY OF CRYPTOGRAPHY:
 Plain Text: A message is plaintext (sometimes called clear-text).
 Encryption: The process of converting a message into an unreadable form (so as to hide its substance) is
encryption.
 Cipher-Text: An encrypted message is cipher-text.
 Decryption: The process of turning cipher-text back into plaintext is decryption.
 Cipher (or) Cypher:
o A cipher (or cypher) is an algorithm for performing encryption or decryption.
o It is a series of well-defined steps that can be followed as a procedure.
 Brute-force attack:
o A brute-force attack involves trying every possible key until an intelligible translation of the
cipher-text into plaintext is obtained.
o On average, half of all possible keys must be tried to achieve success. That is, if there are X
different keys, on average an attacker would discover the actual key after X/2 tries.
Cryptographic systems are characterized using three independent dimensions:
1. The type of operations used for transforming plaintext to cipher-text:
All encryption algorithms are based on two general principles:
1. Substitution: In this each element in the plaintext (bit, letter, group of bits or letters) is mapped
into another element.
2. Transposition: In this elements in the plaintext are rearranged.
The basic requirement is that no information should be lost (i.e., that all operations are reversible).
In modern world cryptography there are systems that involve multiple stages of substitutions and
transpositions.
2. The number of keys used:
 If both sender and receiver are using the same key, the system will be referred as symmetric, single-
key, secret-key, or conventional encryption.
 If the sender and receiver use different keys, the system is referred to as asymmetric, two-key, or
public-key encryption.
 3. The way in which the plaintext is processed:
 A block cipher processes the plaintext one block of elements at a time, producing an output block for
each input block.
 A stream cipher processes the plaintext elements continuously, producing output one element at a
time, as it goes along.

TYPES OF CRYPTOGRAPHY (OR) ENCRYPTION ALGORITHMS:

 Symmetric Key Cryptography
 Asymmetric Key Cryptography
 Hash Functions
1. Symmetric Key Cryptography:
 Also known as Secret Key Cryptography or Conventional Cryptography.
 Symmetric Key Cryptography is an encryption system in which the sender and receiver of a message
share a single, common key that is used to encrypt and decrypt the message.
 A key is a piece of information that is used in encryption and decryption.
 In this type of encryption algorithm, the key for encrypting and decrypting the file had to be known to all
the recipients. Else, the message could not be decrypted by conventional means.
Symmetric Cipher Model:
A symmetric encryption scheme has five ingredients:
Plaintext: This is the original intelligible message or data that is fed into the algorithm as input.
Encryption algorithm: The encryption algorithm performs various substitutions and transformations on the
plaintext.
Secret key: The secret key is also input to the encryption algorithm. The key is a value independent of the
plaintext and of the algorithm. The exact substitutions and transformations performed by the algorithm depend
on the key.
Cipher-text: This is the scrambled message produced as output. It depends on the plaintext and the secret key.
For a given message, two different keys will produce two different cipher-texts. The cipher-text is a random
stream of data and, it is unintelligible.
Decryption algorithm: This is essentially the encryption algorithm run in reverse. It takes the cipher-text and
the secret key and produces the original plaintext.
Explanation:
 In above figure, a source produces a message in plaintext, X = [X1, X2, …., XM]. The M elements of X
are letters in some finite alphabet. Traditionally, the alphabet consists of the 26 capital letters. Nowadays,
the binary alphabet {0, 1} are also used.
 For encryption, a key of the form K = [K1, K2, …., KJ] is generated. If the key is generated at the
message source, then it must also be provided to the destination by means of some secure channel.
Alternatively, a third party could generate the key and securely deliver it to both source and destination.
 With the message X and the encryption key K as input, the encryption algorithm forms the cipher-text
Y = [Y1, Y2, c, YN]. It can also be written as Y = E(K, X)
 This notation indicates that Y is produced by using encryption algorithm E as a function of the plaintext
X, with the specific function determined by the value of the key K.
 The intended receiver, in possession of the key, is able to invert the transformation: X = D(K, Y)
 An opponent, observing Y but not having access to K or X, may attempt to recover X or K or both X and
K. It is assumed that the opponent knows the encryption (E) and decryption (D) algorithms.
 If the opponent is interested in only this particular message, then the focus of the effort is to recover X by
generating a plaintext estimate X.
 If the opponent is interested in being able to read future messages as well, in which case an attempt is
made to recover K by generating an estimate K.
Symmetric Key Cryptography – Examples
Data Encryption Standard (DES)
 The Data Encryption Standard was published in 1977 by the US National Bureau of Standards.
 DES uses a 56 bit key and maps a 64 bit input block of plaintext onto a 64 bit output block of cipher-text.
 56 bits is a rather small key for today's computing power.
Triple DES
 Triple DES was the answer to many of the shortcomings of DES.
 Since it is based on the DES algorithm, it is very easy to modify existing software to use Triple DES.
 It also has the advantage of proven reliability and a longer key length that eliminates many of the shortcut
attacks that can be used to reduce the amount of time it takes to break DES.
Advanced Encryption Standard (AES) (RFC3602)
 Advanced Encryption Standard (AES) is an encryption standard adopted by the U.S. government.
  The standard comprises three block ciphers, AES-128, AES-192 and AES-256, adopted from a larger
collection originally published as Rijndael.
 Each AES cipher has a 128-bit block size, with key sizes of 128, 192 and 256 bits, respectively.
 The AES ciphers have been analyzed extensively and are now used worldwide, as was the case with its
predecessor, the Data Encryption Standard (DES).

IDEA (The International Data Encryption Algorithm)

 It was developed in 1991.
 It uses a 128 bit key to encrypt a 64 bit block of plaintext into a 64 bit block of cipher-text.
 IDEA's general structure is very similar to DES, it performs 17 rounds, each round taking 64 bits of input
to produce a 64 bit output, using per-round keys generated from the 128 bit key.

Other examples of Symmetric Key Encryption Algorithm: Lucifer, Madryga, FEAL, REDOC, LOKI, GOST,
CAST, Blowfish, Safer, Crab, RC5…etc.

Problems with Conventional Cryptography / Symmetric Cryptography

Key Management

 Symmetric-key systems are simpler and faster; their main drawback is that the two parties must somehow
exchange the key in a secure way and keep it secure after that.
 Key Management caused nightmare for the parties using the symmetric key cryptography.
 They were worried about how to get the keys safely and securely across to all users so that the decryption
of the message would be possible.
 This gave the chance for third parties to intercept the keys in transit to decode the top-secret messages.
 Thus, if the key was compromised, the entire coding system was compromised and a “Secret” would no
longer remain a “Secret”.
 This is why the “Public Key Cryptography” came into existence.

2. Asymmetric Key Cryptography:

 Asymmetric cryptography, also known as Public-key cryptography, refers to a cryptographic algorithm
which requires two separate keys, one of which is private and one of which is public.
 The public key is used to encrypt the message and the private one is used to decrypt the message.
 Public Key Cryptography is a very advanced form of cryptography.
 Officially, it was invented by Whitfield Diffie and Martin Hellman in 1975.
 The basic technique of public key cryptography was first discovered in 1973 by the British Clifford
Cocks of Communications-Electronics Security Group (CESG) of (Government Communications
Headquarters - GCHQ) but this was a secret until 1997.
Asymmetric Key Cryptography - Examples
Digital Signature Standard (DSS)
 It is the digital signature algorithm (DSA) developed by the U.S. National Security Agency (NSA) to
generate a digital signature for the authentication of electronic documents.
 DSS was put forth by the National Institute of Standards and Technology (NIST) in 1994, and has
become the United States government standard for authentication of electronic documents.
 DSS is specified in Federal Information Processing Standard (FIPS) 186.
RSA – Algorithm
 RSA (Rivest, Shamir and Adleman who first publicly described it in 1977) is an algorithm for public-key
cryptography.
 It is the first algorithm known to be suitable for signing as well as encryption, and one of the first great
advances in public key cryptography.
 RSA is widely used in electronic commerce protocols, and is believed to be secure given sufficiently long
keys and the use of up-to-date implementations.
RSA Cryptanalysis
 Rivest, Shamir, and Adelman placed a challenge in Martin Gardner’s column in Scientific American
(journal) in which the readers were invited to crack.
 C=114,381,625,757,888,867,669,235,779,976,146,612,010,218,296,721,242,362,562,561,842,935,706,935
,245,733,897,830,597,123,563,958,705,058,989,075,147,599,290,026,879,543,541

 This was solved in April 26, 1994, cracked by an international effort via the internet with the use of 1600
workstations, mainframes, and supercomputers attacked the number for eight months before finding its
Public key and its private key.
 Encryption key = 9007
 The message "first solver wins one hundred dollars".
 RSA algorithm is safe, as it would be incredibly difficult to gather up such international participation to
commit malicious acts.
ElGamal

 ElGamal is a public key method that is used in both encryption and digital signing.
 The encryption algorithm is similar in nature to the Diffie-Hellman key agreement protocol
 It is used in many applications and uses discrete logarithms.
 ElGamal encryption is used in the free GNU Privacy Guard software.

3. Hash Functions:
 A cryptographic hash function is a hash function that takes an arbitrary block of data and returns a fixed-
size bit string (the cryptographic hash value) such that any (accidental or intentional) change to the data
will (with very high probability) change the hash value.
 The data to be encoded are often called the message, and the hash value is sometimes called the message
digest or simply digest.

What is a Hash Function?

The ideal cryptographic hash function has four main properties:
 It is easy to compute the hash value for any given message
 It is infeasible to generate a message that has a given hash
 It is infeasible to modify a message without changing the hash
 It is infeasible to find two different messages with the same hash.
SUBSTITUTION AND TRANSPOSITION TECHNIQUES:
The two basic building blocks of all encryption techniques are substitution and transposition.
SUBSTITUTION:
A substitution technique is one in which the letters of plaintext are replaced by other letters or by numbers or
symbols. If the plaintext is viewed as a sequence of bits, then substitution involves replacing plaintext bit
patterns with cipher-text bit patterns.
Caesar Cipher
 The earliest and the simplest substitution cipher was introduced by Julius Caesar.
 The Caesar cipher involves replacing each letter of the alphabet with the letter standing three places
further down the alphabet.
 Example:
Plain: meet me after the toga party
Cipher: PHHW PH DIWHU WKH WRJD SDUWB
 Note that the alphabet is wrapped around, so that the letter following Z is A.
 The transformation possibilities can be defined, as follows:
plain: a b c d e f g h i j k l m n o p q r s t u v w x y z
cipher: d e f g h i j k l m n o p q r s t u v w x y z a b c
 After assigning numerical equivalent to each letter:
plain: a b c d e f g h i j k l m n o p q r s t u v w x y z
cipher: 0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25

 Then the algorithm can be expressed as follows.

 For each plaintext letter p, substitute the cipher-text letter C= E(3, p) = (p + 3) mod 26
 If the shift is standardized, the general Caesar algorithm is C = E(k, p) = (p + k) mod 26
(Where k takes on a value in the range 1 to 25)
 The decryption algorithm is simply p = D(k, C) = (C - k) mod 26
Cryptanalysis on Caesar Cipher:
 If it is known that a given cipher-text is a Caesar cipher, then a brute-force cryptanalysis is easily
performed: simply try all the 25 possible keys.
Mono-alphabetic Ciphers:
 Permutation: A permutation of a finite set of elements S is an ordered sequence of all the elements of S,
with each element appearing exactly once. For example, if S = {a, b, c}, there are six permutations of S:
abc, acb, bac, bca, cab, cba
 In general, there are n! permutations of a set of n elements, because the first element can be chosen in one
of n ways, the second in n - 1 ways, the third in n – 2 ways, and so on.
 Mono-alphabetic cipher is a substitution cipher in which for a given key, the cipher alphabet for each plain
alphabet is fixed throughout the encryption process. For example, if ‘A’ is encrypted as ‘D’, for any
number of occurrence in that plaintext, ‘A’ will always get encrypted to ‘D’.
  All of the substitution ciphers we have discussed earlier in this chapter are monoalphabetic; these ciphers
are highly susceptible to cryptanalysis.
Polyalphabetic Ciphers:
 Polyalphabetic Cipher is a substitution cipher in which the cipher alphabet for the plain alphabet may be
different at different places during the encryption process.
 The next two examples, playfair and Vigenere Cipher are polyalphabetic ciphers.

(a) Playfair Cipher:

o In this scheme, pairs of letters are encrypted, instead of single letters.
o In playfair cipher, initially a key table is created. The key table is a 5×5 grid of alphabets that acts as
the key for encrypting the plaintext.
o Each of the 25 alphabets must be unique and one letter of the alphabet (usually J) is omitted from the
table as we need only 25 alphabets instead of 26.
o If the plaintext contains J, then it is replaced by I.
o The sender and the receiver deicide on a particular key, say ‘tutorials’.
o In a key table, the first characters (going left to right) in the table is the phrase, excluding the duplicate
letters.
o The rest of the table will be filled with the remaining letters of the alphabet, in natural order. The key
table works out to be –

Process of Playfair Cipher

 First, a plaintext message is split into pairs of two letters (digraphs). If there is an odd number of
letters, a Z is added to the last letter. Let us say we want to encrypt the message “hide money”.
It will be written as −
HI DE MO NE YZ
 The rules of encryption are −
o If both the letters are in the same column, take the letter below each one (going back to
the top if at the bottom)

o If both letters are in the same row, take the letter to the right of each one (going back to
the left if at the farthest right)
 o If neither of the preceding two rules are true, form a rectangle with the two letters and
take the letters on the horizontal opposite corner of the rectangle.

o Using these rules, the result of the encryption of ‘hide money’ with the key of ‘tutorials’
would be −

QC EF NU MF ZV
Decryption:
o Decrypting the Playfair cipher is as simple as doing the same process in reverse.
o Receiver has the same key and can create the same key table, and then decrypt any
messages made using that key.

(b) Vigenere Cipher:

o This scheme of cipher uses a text string (say, a word) as a key, which is then used for doing a
number of shifts on the plaintext.

o For example, let’s assume the key is ‘point’. Each alphabet of the key is converted to its respective
numeric value: In this case,

p → 16, o → 15, i → 9, n → 14, and t → 20.

Thus, the key is: 16 15 9 14 20.

Process of Vigenere Cipher

o The sender and the receiver decide on a key. Say ‘point’ is the key. Numeric representation of this
key is ‘16 15 9 14 20’.

o The sender wants to encrypt the message, say ‘attack from south east’. He will arrange plaintext
and numeric key as follows –

o He now shifts each plaintext alphabet by the number written below it to create ciphertext as
shown below –

o Here, each plaintext character has been shifted by a different amount – and that amount is
determined by the key. The key must be less than or equal to the size of the message.

o For decryption, the receiver uses the same key and shifts received ciphertext in reverse order
to obtain the plaintext.

(c) One Time Pad Cipher:

o It is an unbreakable cryptosystem.
 o It represents the message as a sequence of 0s and 1s, this can be accomplished by writing all
numbers in binary form or by using ASCII.
o The key is a random sequence of 0‟s and 1‟s of same length as the message.
o Once a key is used, it is discarded and never used again.
o The system can be expressed as Follows:

o Thus the cipher text is generated by performing the bitwise XOR of the plaintext and the
key.
o Decryption uses the same key. Because of the properties of XOR, decryption simply
involves the same bitwise operation:

Example: plaintext = 0 0 1 0 1 0 0 1
Key = 10101100

-------------------

Cipher-text = 1 0 0 0 0 1 0 1

Advantage:
o Encryption method is completely unbreakable for a cipher-text only attack.
Disadvantages:
o It requires a very long key which is expensive to produce and expensive to transmit.
o Once a key is used, it is dangerous to reuse it for a second message; any knowledge on the
first message would give knowledge of the second.
TRANSPOSITION TECHNIQUES:
o A very different kind of mapping is achieved by performing some sort of permutation on the plaintext
letters.
o This technique is referred to as a transposition cipher.
Rail fence
o Rail fence is simplest of such cipher, in which the plaintext is written down as a sequence of diagonals
and then read off as a sequence of rows.
o For example, the plaintext is “golden statue is in eleventh cave” and the secret random key chosen is
“five”. We arrange this text horizontally in table with number of column equal to key value. The
resulting text is shown below.
 o The ciphertext is obtained by reading column vertically downward from first to last column. The
ciphertext is ‘gnuneaoseenvltiltedasehetivc’.

Decryption:
o To decrypt, the receiver prepares similar table. The number of columns is equal to key number. The
number of rows is obtained by dividing number of total cipher text alphabets by key value and rounding
of the quotient to next integer value.
o The receiver then writes the received cipher text vertically down and from left to right column. To obtain
the text, he reads horizontally left to right and from top to bottom row.

KEY RANGE AND KEY SIZE

The concept of key range and key-size are related to each other.
Key Range:
o Key range is total number of keys from smallest to largest available key.
o An attacker usually is armed with the knowledge of the cryptographic algorithm and the encrypted
message, so only the actual key value remains the challenge for the attacker.
o If the key is found, the attacker can get original plaintext message.
o In the brute force attack, every possible key in the key-range is tried, until we get the right key.
o In the best case, the right key is found in the first attempt, in the worst case, the key is found in the last
attempt. On an average, the right key is found after trying half of the possible keys in the key-range.
o Therefore by expanding the key range to a large extent, longer it will take for an attacker to find the key
using brute-force attack.
Key Size:
o The concept of key range leads to the principle of key size.
o The strength of a cryptographic key is measured with the key size.
o Key size is measured in bits and is represented using binary number system.
o Thus if the key range from 0 to 8, then the key size is 3 bits or in other words we can say if the size is 8-
bits then the key range is 0 to 256.
o Key size may be varying, depending upon the applications and the cryptographic algorithm being used, it
can be 40 bits, 56 bits, 128 bits & so on.
o In order to protect the cipher-text against the brute-force attack, the key-size should be such that the
attacker cannot crack it within a specified amount of time.
o From a practical viewpoint, a 40-bit key takes about 3 hours to crack, however a 41-bit key would take 6
hours and 42-bit key would take 12 hours & so on.
o This means every additional bit doubles the amount of time required to crack the key.
 o We can assume that 128 bit key is quite safe, considering the capabilities of today’s computers. However
as the computing power and techniques improve, these numbers will change in future.

POSSIBLE TYPES OF ATTACKS ON CRYPTOGRAPHIC SYSTEMS:

1. Brute-force attacks
o Brute-force attacks involve trying every possible character combination to find the ‘key’ to decrypt
an encrypted message.
o While brute-force attacks may take a smaller amount of time for smaller key-spaces, it will take an
immeasurable amount of time for larger key-spaces.
o Hence it is impractical to try brute-force attacks on modern encryption systems.

2. Cipher-only attack
o In the ‘cipher-only’ attack, the attacker knows the ciphertext of various messages which have been
encrypted using the same encryption algorithm.
o The attacker’s challenge is to figure the ‘key’ which can then be used to decrypt all messages.
o The ‘cipher-only’ attack is probably one of the easiest attacks to commit since it is easy to capture
the cipher-text (by sniffing) but difficult to implement since the knowledge about the encryption
process is limited.

3. Known-plaintext attack
o In the ‘known-plaintext’ attack, the attacker knows some of the plaintext and the ciphertext.
o He then has to figure the ‘key’ by reverse engineering and he can decipher other messages which use
the same ‘key’ and algorithm.
o The ‘known-plaintext’ attack was effective against simple ciphers such as the ‘substitution cipher’.
o It was popular for breaking ciphers used during the Second World War.

4. Chosen plaintext attack

o The ‘chosen-plaintext’ attack is similar to the ‘known-plaintext’ attack, but here the attacker
experiments by choosing his own plaintext (say choosing a word such as ‘cryptography’) for a
‘Vignere cipher’ and with the generated ciphertext he can figure the ‘key’.
o Once he figures the ‘key’ he can learn more about the whole encryption process and understand how
the ‘key’ is being used.
o With this information, he can decrypt other messages.

5. Chosen cipher-text attack

o In the ‘chosen cipher-text’ attack, the attacker chooses a portion of the decrypted cipher-text.
o He then compares the decrypted cipher-text with the plaintext and figures out the key.
o This is relatively a harder type of attack and earlier versions of RSA were subject to these types of
attacks.

6. Differential cryptanalysis
o This was a popular type of attack against block algorithms such as DES in 1990.
o The primary aim of this attack, as with other attacks, is finding the ‘key’.
o The attacker follows several messages of plaintext into their transformed cipher-text.
o He observes the changes form plaintext to the cipher-text and deduces the key.
 o This is a type of ‘chosen-plaintext’ attack since the attacker chooses the plaintext to observe the
transformation.

7. Linear cryptanalysis
o The attacker carries out a “known-plaintext” attack against several messages which have been
encrypted with the same key.
o This gives the attacker insight into the probability of a particular key.
o If more messages are attacked, there is a higher possibility of finding the particular “key”.

8. Side channel attacks

o Apart from just relying on mathematical ways to break into systems, attackers may use other
techniques such as observing power consumption, radiation emissions and time for data processing.
o With this data, the attacker works in a reverse manner to figure the ‘keys’ to an algorithm just by
observing the amount of heat released in an attack.
o RSA keys in 1995 were uncovered using this type of attack.

9. Replay attacks
o In a ‘replay attack’, the attacker captures some information (as an example, authentication
information) and re-submits it back to the receiver.
o This dupes the receiver and they give the attacker unauthorized access.
o Timestamps are one of the important countermeasures to handle ‘replay attacks’.