Practical 09 To 16
Practical 09 To 16
Practical 09
Aim: Write a program to implement Simple Columnar Transposition Technique
Introduction:
Transposition Cipher is a cryptographic algorithm where the order of
alphabets in the plaintext is rearranged to form a cipher text. In this process, the actual
plain text alphabets are not included.
Example: -
A simple example for a transposition cipher is columnar transposition cipher where
each character in the plain text is written horizontally with specified alphabet width. The
cipher is written vertically, which creates an entirely different cipher text.
Consider the plain text hello world, now let’s apply the simple columnar transposition
technique as shown below
The plain text characters are placed horizontally and the cipher text is created with vertical
format as: holewdlo lr. Now, the receiver has to use the same table to decrypt the
cipher text to plain text.
Program:
import math
key = "HACK"
# Encryption
def encryptMessage(msg):
cipher = ""
k_indx = 0
msg_len = float(len(msg))
msg_lst = list(msg) key_lst
= sorted(list(key))
col = len(key)
for _ in range(col):
Network And Information Security
k_indx = 0
msg_indx = 0
msg_len = float(len(cipher)) msg_lst =
list(cipher)
col = len(key)
for _ in range(col):
curr_idx = key.index(key_lst[k_indx])
for j in range(row):
dec_cipher[j][curr_idx] = msg_lst[msg_indx] msg_indx += 1
k_indx += 1
try:
msg = ''.join(sum(dec_cipher, []))
except TypeError:
raise TypeError("This program cannot",
"handle repeating words.")
null_count = msg.count('_') if
null_count > 0:
return msg[: -null_count]
return msg
msg = "Welcome to Cryptography "
cipher = encryptMessage(msg)
print("Encrypted Message: {}".
format(cipher))
Output:
Conclusion:
Simple columnar transposition cipher is the simplest Transposition method. It is also the
weak cipher. Its only advantage lies in the fact that it is not complex and can be understood
easily.
Dated signature of
Marks Obtained
Teacher
Process Product
Total (25)
Related (10) Related (15)
Network And Information Security
Practical 10
Aim: Create and Verify Digital Signature using Tool (Cryptool)
Introduction:
Cryptool is an open-source and freeware program that can be used in various aspects
of cryptographic and cryptanalytic concepts. There are no other programs like it
available over the internet where you can analyse the encryption and decryption of
various algorithms.
Step 2: - First, we need to generate a hash value of the document. To generate it, we
need to select a hashing algorithm. We’ll use the MD5 algorithm.
Step 3: - Next, generate a key pair. We’ll generate RSA keys. For RSA key generation,
two large prime numbers and a mathematical function are required.
Step 4: - After successfully generating keys, encrypt the hash value generated earlier.
Network And Information Security
Step 5: - We need to create a certificate associated with the RSA key. Provide the
following details and click on “create certificate.” It’ll be used for communication
between the sender and recipient.
Conclusion:
Digital signatures reduce the risk of duplication or alteration of the document itself. Digital
signatures ensure that signatures are verified, authentic and legitimate. Signers are provided
with PINs, passwords and codes that can authenticate and verify their identity and approve
their signatures.
Dated signature of
Marks Obtained
Teacher
Process Product
Total (25)
Related (10) Related (15)
Network And Information Security
Practical 11
Aim: Use Steganography to encode and decode the message using any tools.
Introduction:
Steganography is the art of hiding a secret message within a normal
message. This is used to transfer some secret message to another person; with this
technique, no one else in between will know the secret message you wanted to convey.
On a computer, this is achieved by replacing the unused or useless data of a regular
computer file with your secret message. This secret hidden information can be a
plaintext message, ciphertext or image. One can hide information in any kind of file:
common choices include images, video and audio files, which can be used to hide
plaintext or image messages.
For example: Suppose the message to be hidden is ‘Hii ‘. Since the message is of 3-bytes,
therefore, pixels required to encode the data is 3 x 3 = 9. Consider a 4 x 3 image with
a total 12-pixels, which are sufficient to encode the given data.
[(27, 64, 164), (248, 244, 194), (174, 246, 250), (149, 95, 232),
(188, 156, 169), (71, 167, 127), (132, 173, 97), (113, 69, 206),
(255, 29, 213), (53, 153, 220), (246, 225, 229), (142, 82, 175)]
ASCII value of ‘H ‘is 72 whose binary equivalent is 01001000. Taking first 3- pixels (27,
64, 164), (248, 244, 194), (174, 246, 250) to encode. Now change the pixel to odd for 1
and even for 0. So, the modifies pixels are (26, 63, 164), (248, 243, 194), (174, 246,
250). Since we have to encode more data, therefore, the last value should be even.
Similarly, ‘i ‘can be encoded in this image.
[(26, 63, 164), (248, 243, 194), (174, 246, 250), (148, 95, 231), (188, 155, 168),
(70, 167, 126), (132, 173, 97), (112, 69, 206), (254, 29, 213), (53, 153, 220),
(246, 225, 229), (142, 82, 175)]
To decode, three pixels are read at a time, till the last value is odd, which means the
message is over. Every 3-pixels contain a binary data, which can be extracted by the
same encoding logic. If the value if odd the binary bit is 1 else 0.
Network And Information Security
Program:
genData(data):
newd = []
datalist = genData(data)
lendata = len(datalist)
imdata = iter(pix)
for i in range(lendata):
if (i == lendata - 1):
if (pix[-1] % 2 == 0):
if(pix[-1] != 0):
pix[-1] -= 1 else:
pix[-1] += 1
else:
if (pix[-1] % 2 != 0):
pix[-1] -= 1
pix = tuple(pix)
yield pix[0:3]
yield pix[3:6]
yield pix[6:9]
Network And Information Security
new_img_name = input ("Enter the name of new image (with extension): ")
newimg.save(new_img_name, str(new_img_name.split(".")[1].upper()))
# Decode the data in the image def
decode():
img = input("Enter image name(with extension) : ")
image = Image.open(img, 'r')
data = ''
imgdata = iter(image.getdata())
while (True):
pixels = [value for value in imgdata. next ()[:3] +
imgdata. next ()[:3] +
imgdata. next ()[:3]]
for i in pixels[:8]: if
(i % 2 == 0):
binstr += '0'
else:
binstr += '1'
Network And Information Security
elif (a == 2):
print("Decoded Word : " + decode()) else:
raise Exception("Enter correct input")
# Driver Code
if name == ' main ':
main()
Output:
Network And Information Security
Conclusion:
Steganography is an effective way of secure communication. You can first encrypt a
confidential file and then hide it inside an image of another kind of file before
sending it to some other. It will decrease the chances of being intercepted. If you just
send the file by encrypting it, the attacker will try to decrypt it by various ways.
However, if he only finds a normal image file, he’ll have no clue. This technique is
very easy to use but very difficult to detect. It can be used by government
organizations to use as the way to send and receive files securely.
Dated signature of
Marks Obtained
Teacher
Process Product
Total (25)
Related (10) Related (15)
Network And Information Security
Practical 12
Part-I
Aim: a] Install Firewall on any operating system
Introduction:
A firewall is a network security device that monitors incoming and outgoing network
traffic and permits or blocks data packets based on a set of security rules. Its purpose is
to establish a barrier between your internal network and incoming traffic from
external sources (such as the internet) in order to block malicious traffic like viruses
and hackers.
After installation of the operating system, you get the firewall by default.
1. Select the Start button > Settings > Update & Security > Windows Security
and then Firewall & network protection. Open Windows Security settings
4. To turn it off, switch the setting to Off. Turning off Microsoft Defender Firewall
could make your device (and network, if you have one) more vulnerable to
unauthorized access. If there's an app you need to use that's being blocked, you
can allow it through the firewall, instead of turning the firewall off.
Network And Information Security
Part II
Aim: b] Configure Firewall settings on any operating system
After the operating system is installed, the firewall is enabled by default. Here are the
steps to configure the firewall:
1. Restart the Windows firewall on the control panel and perform the following
operations to configure the firewall:
i. Select TCP.
ii. Select Specific local ports and enter 8080 in the text box.
Network And Information Security
b. Click Next.
c. In the window that is displayed, select Allow the connection and click
Next.
d. In the window that is displayed, ensure that the following check boxes
are selected:
a. Domain
b. Private
c. Public
Network And Information Security
e. Click Next.
f. In the window that is displayed, enter a rule name in the Name text box,
for example, TCPPortin.
Conclusion:
Firewalls carefully analyse incoming traffic based on pre-established rules and
filter traffic coming from unsecured or suspicious sources to prevent attacks.
Firewalls guard traffic at a computer’s entry point, called ports, which is where
information is exchanged with external devices.
Dated signature of
Marks Obtained
Teacher
Process Product
Total (25)
Related (10) Related (15)
Network And Information Security
Practical 13
Aim: Create and verify Digital Certificate using tool.
Introduction:
· What is a digital signature?
A digital signature or ID is more commonly known as a digital certificate. To digitally sign an
Office document, you must have a current (not expired) digital certificate. Digital certificates
are typically issued by a certificate authority (CA), which is a trusted third-party entity that
issues digital certificates for use by other parties. There are many commercial third-party
certificate authorities from which you can either purchase a digital certificate or obtain a
free digital certificate. Many institutions, governments, and corporations can also issue their
own certificates.
A digital certificate is necessary for a digital signature because it provides the public key that
can be used to validate the private key that is associated with a digital signature. Digital
certificates make it possible for digital signatures to be used as a way to authenticate digital
information.
If you do not want to purchase a digital certificate from a third- party certificate authority
(CA), or if you want to digitally sign your document immediately, you can create your own
digital certificate.
3. In the Your certificate's name box, type a descriptive name for the certificate.
4. Click OK.
5. When the SelfCert Success message appears, click OK.
Conclusion:
Digital Signatures have potential uses in Electronic Commerce but attempts to apply
them in ways that mirror written signatures are unlikely to be effective because this
analogy is misleading. ‘Trusted Third Parties (TTP)’ as Certificate Authorities for digital
signatures are often justified using an analogy with the role of the financial institutions
in conventional commerce. In practice, however, this seems to be based on a
misinterpretation of what these organisations provide since the trust relationships
involved are only superficially three-party ones.
Dated signature of
Marks Obtained
Teacher
Process Product
Total (25)
Related (10) Related (15)
Network And Information Security
Practical 14
Aim: Trace the origin of email using any tool.
Introduction:
2. The filter dialog box, as shown below, is split into three sections, each of which
is explained below the image
Network And Information Security
The image above has been split into three sections for your understanding.
1. To trace a header, you have to first select the first option, as shown in the image
above.
2. The text box shown above is where you have to paste the email header you want
to trace (click here for a list of tutorials that help you extract the email header)
3. Once the header has been pasted into the Email headers section click the trace
button, as shown in the image above.
3. When the trace has finished it will look similar to the image above. The email trace
table shows you each hop between yourself and the email origin, giving you IP
addresses, node names and locations. The trace route is also shown on the map with the
final location pin pointed. To the right-hand side, you have the email summary, who is
information and email header. Simply click the heading to view each one separately.
Conclusion:
In this practical we trace the origin of email using email tracker pro. By using eMail
tracker Pro and analyzing email message headers, you are fully capable of tracing that
mysterious email. Email tracking saves time and also provides context
Dated signature of
Marks Obtained
Teacher
Process Product
Total (25)
Related (10) Related (15)
Network And Information Security
Practical 15
Aim: Trace the path of website using Tracert utility PGP email security.
Introduction:
• What is Tracert?
Tracert is a Windows based command-line tool that you can use to trace the path
that an Internet Protocol (IP) packet takes to its destination from a source. Tracert will
determine the path taken to a destination. It does this by sending Internet Control
Message Protocol (ICMP) Echo Request messages to the destination. When sending
traffic to the destination, it will incrementally increase the Time to Live (TTL) field
values to aid in finding the path taken to that destination address. The path is outlined
from this process.
As you saw in the last illustration, we will be sending traffic from a test
workstation from Site B to a server at another site (Site A). The packets will traverse the
wide area network (WAN) that separates the two sites over a T1 with a backup link via
Integrated Services Digital Network (ISDN). To use the tracert utility, you simply need to
know what your destination IP address is and how to use the tracert utility correctly as
well as what to look for within the results.
Tracert works by manipulating the Time to Live (TTL). By increasing the TTL and then
each router decrementing as it sends it along to the next router, you will have a hop
count from your source to your destination. A router hop would be a packet sent from
one router to another router – that’s a hop. When the TTL on the packet reaches zero (0),
the router sends an ICMP "Time Exceeded" message back to the source computer. You
can see an example of our sample network here in the next illustration; with a source and
destination IP address… we will be using the workstation on Site B and a server at Site A
for our test.
Now, to use tracert, you simply need to open a command prompt. To do this, go to
In the following example of the tracert command and its output, the packet travels
through two routers (as seen in the last illustration) to get to host
10.1.1.6. In this example, the default gateway from Site B is 10.1.2.1 and the IP address
of the router on the WAN via the T1 and ISDN links (respectively) are 192.168.11.1 and
192.168.10.1.
Let’s first see what it should look like using the T1.
C:\>tracert 10.1.1.6
Tracing route to 10.1.1.6 over a maximum of 30 hops
-
1 2 ms 3 ms 2 ms 10.1.2.1
2 25 ms 83 ms 88 ms 192.168.11.1
3 25 ms 79 ms 93 ms 10.1.1.6
Trace complete.
Now, if the T1 was down and you were using the ISDN link, you can see that there is a
different ‘path’ and you can also see that it takes ‘longer’ to get there.
C:\>tracert 10.1.1.6
Tracing route to 10.1.1.6 over a maximum of 30 hops
-
1 2 ms 3 ms 2 ms 10.1.2.1
2 75 ms 83 ms 88 ms 192.168.10.1
3 75 ms 79 ms 93 ms 10.1.1.6
Network And Information Security
Trace complete.
As you can see now, using tracert will help you to determine the network path as it is
laid out through the network – AND – most importantly, how data traverses that path.
To use tracert, be aware of a few options you can use with it. The most helpful is
the first one. Using the –d option is always helpful when you want to remove DNS
resolution. Name servers are helpful, but if not available or if incorrectly set or if you
simply just want the IP address of the host, use the –d option.
Conclusion:
Dated signature of
Marks Obtained
Teacher
Process Product
Total (25)
Related (10) Related (15)
Network And Information Security
Practical 16
Part I
Introduction:
Following are the steps to generate Public and Private Key Pair:
myLocalHost% ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key(/home/johndoe/.ssh/id_rsa):
2. Enter the path to the file that will hold the key.
By default, the file name id_rsa, which represents an RSA v2 key, appears in
parentheses. You can select this file by pressing Return. Or, you can type an
alternative filename.
The public key name is created automatically and the string .pub is appended to
the private key name.
This passphrase is used for encrypting your private key. A good passphrase is 10–
30 characters long, mixes alphabetic and numeric characters, and avoids simple
English prose and English names. A null entry means no passphrase is used, but
this entry is strongly discouraged for user accounts. Note that the passphrase is
not displayed when you type it in.
Part II
Encrypt messages
To learn how to use a PGP public key to encrypt messages or other data you have sent
and decrypt messages or data that you have received, follow the steps listed below:
1. Compose an email using the client of your choosing.
2. When you have finished composing the e-mail, place the editing cursor in the
body of your message.
3. Open the PGP Tray.
4. In the PGP Tray pop-up menu, select Current Window.
5. Choose Encrypt & Sign. This will bring up the PGP Tray Key Selection dialog
box where you should see the list of Public Keys including that of the person
or persons to whom you wish to send your message.
6. Double click on the Public Key of the person to whom you wish to send your
message. Click OK.
7. Enter a passphrase when prompted. Click OK.
8. The message will be converted to cipher text.
Decrypt messages
1. Open the e-mail containing the encrypted message in cipher text.
2. Highlight the block of cipher text.
3. Open the PGP Tray.
4. Select Current Window. Choose Decrypt & Verify.
5. Enter a passphrase into the PGP Enter Passphrase dialog box. Click OK.
6. The decrypted message will come up in a new window for you to read.
Network And Information Security
Conclusion:
In this practical we generate a public and private key pair and also encrypt and decrypt
message using the key pair. Pretty Good Privacy (PGP) is an encryption system used for
both sending encrypted emails and encrypting sensitive files.
Since its invention back in 1991, PGP has become the de factor standard for email
security.
Dated signature of
Marks Obtained
Teacher
Process Product
Total (25)
Related (10) Related (15)