Unit 1

Introduction to security: need for security, security approaches, principle

of security, type of attacks.
Encryption techniques: plain text, cipher text, substitution & transposition
techniques, encryption & decryption, type of attack key rang & size.

1. Need for Security:

Security is essential to protect data, systems, and resources from unauthorized

access, misuse, or harm. The increasing dependency on digital infrastructure
and sensitive data in both personal and professional domains makes security
critical. Key reasons include:

 Preventing data breaches and ensuring confidentiality.

 Protecting against financial losses due to fraud or cyberattacks.
 Maintaining trust and compliance with legal and regulatory
requirements.
 protection of Data Integrity: Prevent unauthorized access or tampering
of sensitive information.
 Confidentiality: Ensures that information is accessed only by authorized
users.
 System Availability: Guarantees resources are available when needed.
 Legal Compliance: Aligns with regulatory standards like GDPR or
HIPAA.
 Protection Against Threats: Avoids losses due to malware, phishing, or
insider attacks.

2. Security Approaches:

 Preventive Measures: Aim to stop threats before they occur, such as

firewalls, encryption, and authentication mechanisms.
 Detective Measures: Focus on identifying security breaches using tools
like intrusion detection systems and monitoring.
 Corrective Measures: Address issues after detection, such as restoring
from backups or patching vulnerabilities.

Different strategies are implemented to secure systems:

1. Preventive Approach:
o Authentication Mechanisms: Passwords, biometrics.
o Access Control: Permissions to limit user operations.
 o Encryption: Protects data in transit and storage.
2. Detective Approach:
o Intrusion Detection Systems (IDS): Monitors for unusual
activities.
o Audit Logs: Records access and activities for review.
3. Corrective Approach:
o Patch Management: Fixes vulnerabilities.
o Backup and Recovery: Restores data after an attack.

3.Principles of Security:

 Confidentiality: Ensures that sensitive information is accessible only to

authorized individuals.
 Integrity: Guarantees that data is accurate and unaltered unless
authorized.
 Availability: Ensures that systems and data are accessible to users when
needed.
 Authentication: Verifies the identity of users or systems.
 Non-repudiation: Prevents entities from denying actions or
commitments.

Additional principles:

 Authentication: Validates user identity.

 Non-repudiation: Ensures actions cannot be denied later.

. 4. Types of Attacks:

 Passive Attacks:
o Eavesdropping on communication.
o Traffic analysis to infer patterns.
 Active Attacks:
o Replay Attacks: Intercepting and retransmitting data.
o Masquerading: Pretending to be another entity.
o Modification of Messages: Altering legitimate data.
o Denial of Service (DoS): Disrupting service availability.
 Insider Threats:
o Malicious actions by authorized personnel.
 Malware-Based Attacks:
o Viruses, worms, ransomware, etc.

1. Passive Attacks
These attacks do not alter the system but aim to gather information stealthily.

 Eavesdropping:
Monitoring unencrypted data in transit, such as emails or file transfers.
Example: Sniffing tools like Wireshark capturing sensitive data on a
network.
 Traffic Analysis:
Observing patterns in communication to infer details about activities or
systems, even if the data is encrypted.
 Impact: Breaches confidentiality without altering systems.

2. Active Attacks

Active attacks involve tampering with the system or data to disrupt or misuse
operations.

 Masquerade:
An attacker pretends to be a legitimate user or entity.
Example: Fake login portals phishing for credentials.
 Replay Attack:
Capturing and retransmitting valid data to deceive the system.
Example: Reusing session cookies to access accounts.
 Message Modification:
Altering data during transmission to manipulate its meaning or outcome.
Example: Changing bank account details in a transaction request.
 Denial of Service (DoS):
Overloading a system with excessive requests, causing it to crash or
become unavailable.
Example: Flooding a server with traffic using botnets.
 Distributed Denial of Service (DDoS):
Similar to DoS but uses multiple sources to launch a coordinated attack.

3. Insider Attacks

These occur when trusted individuals within an organization misuse their

access.

 Malicious Intent:
Disgruntled employees stealing data or sabotaging systems.
  Negligence:
Accidental exposure of sensitive data due to poor handling.
 Impact: Often more damaging due to insiders' access to sensitive areas.

4. Malware-Based Attacks

Malware is malicious software designed to harm or exploit systems.

 Virus:
Infects files and spreads when executed.
Example: A macro virus spreading through infected Word documents.
 Worms:
Self-replicating malware that spreads without user interaction.
Example: The "ILOVEYOU" worm.
 Trojan Horse:
Disguised as legitimate software but performs malicious actions once
installed.
 Ransomware:
Encrypts files and demands payment to restore access.
Example: WannaCry ransomware.
 Spyware:
Secretly gathers user information, such as passwords or browsing habits.
 Adware:
Displays unwanted advertisements and may redirect browsing.

Encryption Techniques:

1. Plain Text

Plain text refers to the original, readable data before encryption. It is in a

human-readable format and vulnerable to interception during transmission if not
encrypted.

 Example: Messages like "Hello, how are you?" or sensitive data like
passwords.

2. Cipher Text
Cipher text is the result of encryption—an unreadable format of the plain text,
which requires a decryption key to convert it back.

 Example: Encrypting "Hello" might produce cipher text like 6e10f3.

 Key Characteristic: Protects data even if intercepted.

3. Substitution Techniques

These methods replace plain text elements (characters, bits, etc.) with
substitutes based on a defined system.

1. Caesar Cipher:

Shifts characters by a fixed number of positions in the alphabet.

Example: With a shift of 3, "HELLO" becomes "KHOOR".

The Caesar Cipher is one of the simplest and oldest encryption techniques. It is
a substitution cipher where each letter in the plaintext is replaced by a letter a
fixed number of positions down the alphabet.

Encryption Process:

1. Choose a shift value (key), which determines how many positions each
letter is shifted.
2. Replace each letter in the plaintext with the letter that is the chosen
number of positions ahead in the alphabet.
3. If the end of the alphabet is reached, wrap around to the beginning (cyclic
nature).

Decryption Process:

 Reverse the encryption process by shifting letters back by the same key.

Example:

 Plaintext: HELLO
 Key: 3
  Alphabet Mapping:
 Plain: A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
 Cipher: D E F G H I J K L M N O P Q R S T U V W X Y Z A B C

 Encryption:
o H→K
o E→H
o L→O
o L→O
o O→R
o Ciphertext: KHOOR

 Decryption:
o Reverse the process: Shift KHOOR by -3.
o K → H, H → E, O → L, O → L, R → O.
o Plaintext: HELLO

Strengths:

 Easy to implement.
 Suitable for educational purposes or very low-security applications.

Weaknesses:

 Vulnerable to frequency analysis due to the predictable shift.

 Can be broken easily by brute force, as there are only 25 possible shifts
(excluding the identity shift with key 0).

Applications:

 Used historically by Julius Caesar to send secret military messages.

 Primarily a teaching tool in modern cryptography.

2. Monoalphabetic Substitution:

Each character is replaced by another, but the substitution is not uniform like
Caesar Cipher.
Example: A random mapping where A → Z, B → Y, etc.
The Monoalphabetic Substitution Cipher is a type of substitution cipher
where each letter in the plaintext is replaced by a fixed corresponding letter
from a substitution alphabet. Unlike the Caesar Cipher, the substitution
mapping is not limited to a uniform shift; it can be arbitrary.

Key Characteristics:

1. Each letter of the alphabet maps to one unique letter.

2. The mapping remains consistent throughout the encryption process.
3. There are 26!26! (factorial of 26) possible mappings, making it harder to
brute-force than simpler ciphers like the Caesar Cipher.

Encryption Process:

1. Choose a substitution alphabet (key), which is a permutation of the

regular alphabet.
o Example of a substitution alphabet:
o Plain: A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
o Cipher: Q W E R T Y U I O P A S D F G H J K L Z X C V B N M

2. Replace each plaintext letter with its corresponding cipher text letter.

Decryption Process:

 Reverse the process using the same substitution alphabet to retrieve the
original plaintext.

Example:

 Substitution Key (Cipher Alphabet):

 Plain: A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
 Cipher: Q W E R T Y U I O P A S D F G H J K L Z X C V B N M

 Plaintext: HELLO
 Encryption:
o H→I
o E→T
 o L→G
o L→G
o O→P
o Ciphertext: ITGGP

 Decryption:
o Reverse the mapping:
 I → H, T → E, G → L, G → L, P → O.
o Plaintext: HELLO

Strengths:

 Offers more security than the Caesar Cipher due to a large number of
possible keys.
 Randomized mapping increases resistance to brute-force attacks.

Weaknesses:

1. Frequency Analysis:
o The most common letters in the cipher text can be matched to
common letters in the language (e.g., 'E' in English).
o Example: If 'Q' appears frequently, it might correspond to 'E'.
2. Key Management:
o The key (substitution alphabet) must be securely shared between
sender and receiver.

Applications:

 Used in historical encryption systems before modern cryptography.

 Seen as a foundation for understanding more complex substitution
techniques.

3. Polyalphabetic Cipher:

A Polyalphabetic Cipher is a more advanced form of substitution cipher that

uses multiple substitution alphabets to encrypt a message. Unlike
monoalphabetic ciphers, where each letter maps to one fixed substitute,
polyalphabetic ciphers change the substitution based on the position of the letter
in the plaintext. This approach increases security by reducing patterns that can
be exploited through frequency analysis.

Key Characteristics:

1. Multiple Alphabets: Uses multiple substitution mappings (e.g., based on

a key).
2. Periodic Change: The substitution changes periodically as you move
through the text.
3. Key-Driven: A keyword or phrase determines the shifting pattern of the
alphabets.

Popular Example: Vigenère Cipher

The Vigenère Cipher is a widely known polyalphabetic cipher. It uses a

keyword to control the encryption process.

Encryption Process:

1. Write the plaintext.

2. Repeat the keyword (key) to match the length of the plaintext.
3. Use the key to shift each plaintext letter.
o Each letter of the key corresponds to a Caesar Cipher with a shift
equal to the letter's position in the alphabet.

Example:

 Plaintext: HELLO
 Key: KEY
o Repeat the key to match the length of the plaintext: KEYKE.

 Encryption Table: The Vigenère table or alphabet grid is used, where

each row is a Caesar cipher shifted alphabet.
 ABCDEFGHIJKLMNOPQRSTUVWXYZ
 AABCDEFGHIJKLMNOPQRSTUVWXYZ
 BBCDEFGHIJKLMNOPQRSTUVWXYZA
 CCDEFGHIJKLMNOPQRSTUVWXYZAB
 ...
 KKLMNOPQRSTUVWXYZABCDEFGHIJ
  ...

 Encryption Steps:

1. Match each plaintext letter with the corresponding key letter.

2. Use the table to find the intersection of the plaintext row and key
column.

Example:

o H (row H) and K (column K) → Cipher letter: R.

o E (row E) and E (column E) → Cipher letter: I.
o L (row L) and Y (column Y) → Cipher letter: J.
o L (row L) and K (column K) → Cipher letter: V.
o O (row O) and E (column E) → Cipher letter: S.

 Ciphertext: RIJVS

Decryption Process:

1. Repeat the key to match the ciphertext length.

2. Reverse the process by finding the plaintext letter corresponding to each
ciphertext-key pair.

Strengths:

 Significantly more secure than monoalphabetic ciphers.

 Resists basic frequency analysis due to the changing substitution.

Weaknesses:

1. Key Repetition: Repeating the key creates patterns, which attackers can
exploit (e.g., Kasiski examination).
2. Key Distribution: Both sender and receiver need access to the same key
securely.

Applications:
  Historically used for military communication (e.g., by diplomats and
during wars).
 Basis for understanding modern encryption techniques.

4,. Hill Cipher

The Hill Cipher is a polygraphic substitution cipher invented by Lester S. Hill

in 1929. It uses linear algebra and matrices for encryption and decryption. It is
one of the first encryption methods that incorporated mathematics
systematically into cryptography.

Key Features:

1. Operates on blocks of text rather than individual letters.

2. Relies on matrix multiplication modulo 26 for encryption.
3. Requires an invertible key matrix for decryption.

Advantages:

 Works with blocks, making it harder to crack using simple frequency

analysis.
 Incorporates mathematical rigor into cryptography.

Disadvantages:

 Vulnerable if the key matrix or part of the plaintext is known.

 Requires modular arithmetic and matrix inversion, which can be
computationally intensive.

4. Transposition Techniques

In transposition, characters are rearranged according to a defined rule but not

replaced.

 Simple Transposition:
Rearranges the letters of a message according to a fixed pattern.
Example: "HELLO" → "OLLEH".
  Columnar Transposition:
Writes the plain text in rows of a grid and rearranges the columns based
on a specific order.
Example:
Plain text: "WEAREDISCOVERED"
Rearranged: "WECRLTEERDSOEEAIVD".

The Columnar Transposition Cipher is a transposition cipher where the plaintext is written
in rows of a grid (or matrix), and then columns are reordered based on a key to form the
ciphertext. It rearranges the letters rather than replacing them, making it more secure against
simple attacks like frequency analysis.

Steps to Encrypt:

1. Choose a Key:
o The key determines the number of columns and the order in which
the columns are rearranged.
o Example key: ZEBRA
o Assign numerical values based on the alphabetical order of the
letters in the key:
o ZEBRA
o 52143

2. Write the Plaintext into Rows:

o Write the plaintext into rows under the columns labeled by the key,
filling row by row.
o Example Plaintext: WE ARE DISCOVERED (without spaces:
WEAREDISCOVERED).
o For the key ZEBRA (5 columns):
o ZEBRA
o 52143
o WEARE
o DISCO
o VERED

3. Reorder the Columns:

o Rearrange the columns based on the numerical order of the key:
o 1 2 3 4 5
o A E R W E
o S I O D C
o R E D V E

4. Read Column-wise:
 o Read the grid column by column in the order defined by the key.
o Ciphertext: ARESIVOWDERCED.

Steps to Decrypt:

1. Recreate the Grid:

o Using the key, recreate the grid with the number of rows and
columns required.
o Fill the ciphertext column-wise according to the key order.

2. Read Row-wise:
o Read the plaintext row by row.

Example Encryption:

Given:

 Plaintext: WE ARE DISCOVERED SAVE YOURSELF

 Key: ZEBRA
 Ciphertext: EVLNRACDSEOWEDEERYSOEIV.

Advantages:

 Simple to implement.
 Effective against frequency analysis.

Disadvantages:

 Vulnerable to known-plaintext attacks.

 Can be broken if the key length is guessed correctly.

5. Encryption and Decryption

 Encryption: The process of converting plain text into cipher text using
an algorithm and a key.
 Decryption: Reverses the encryption process, converting cipher text back
to plain text using the key.
 o Example:
 Plain text: "HELLO".
 Encryption with Caesar Cipher (key=3): "KHOOR".
 Decryption with the same key restores "HELLO".

5. Types of Attacks on Encryption

1. Brute Force Attack:

Trying all possible keys until the correct one is found.

Mitigation: Use longer keys to increase difficulty.

A Brute Force Attack is a cryptographic attack method that involves

systematically trying all possible combinations of keys, passwords, or inputs
until the correct one is found. This attack exploits the fact that given enough
time, computational power, and no restrictions, any cryptographic key can
eventually be broken.

How Brute Force Works:

1. Attempt All Combinations:

o The attacker generates and tests every possible key or password.
o Example: For a 4-character password using only lowercase letters,
there are 264=456,97626^4 = 456,976 combinations.

2. No Assumptions:
o Unlike other attacks (e.g., dictionary attacks), brute force does not
rely on patterns or heuristics; it simply tries every option.

3. Time and Resource Intensive:

o The feasibility depends on the length of the password and the
computational power available.

Applications of Brute Force:

1. Password Cracking:
o Breaking weak passwords in systems.
2. Key Recovery:
o Breaking encryption by finding the secret key.
 3. Testing Systems:
o Used by security professionals to test system resilience against
brute force.

Advantages of Brute Force for Attackers:

 Guaranteed Success: If feasible, it will eventually succeed.

 No Dependencies: Does not rely on patterns or assumptions about the
system.

Disadvantages for Attackers:

 Time-Consuming: Larger keyspaces take exponentially more time.

 Detectable: Many attempts can trigger alerts or security measures.

2. Cryptanalysis Attack:

Exploits weaknesses in the encryption algorithm.

Example: Analyzing frequency distribution in substitution ciphers.

3. Man-in-the-Middle Attack:

Intercepts and alters communication between two parties.

4. Side-Channel Attack:

Gains information from the physical implementation of the encryption (e.g.,

power consumption or timing).

6. Key Range and Size

The key is the fundamental element that determines the strength of encryption.

 Key Range: Refers to the number of possible keys.

Example: For a 4-bit key, there are 24=162^4 = 16 possible keys.
 Key Size: Determines how secure an encryption algorithm is. Larger keys
are harder to break but require more computational power.
o Common Key Sizes:
 DES: 56 bits (obsolete due to small key size).
 AES: 128, 192, or 256 bits (widely used).
 RSA: 2048 bits or higher (for public-key encryption).