Network And Information Security

Practical 09
Aim: Write a program to implement Simple Columnar Transposition Technique

Introduction:
Transposition Cipher is a cryptographic algorithm where the order of
alphabets in the plaintext is rearranged to form a cipher text. In this process, the actual
plain text alphabets are not included.
Example: -
A simple example for a transposition cipher is columnar transposition cipher where
each character in the plain text is written horizontally with specified alphabet width. The
cipher is written vertically, which creates an entirely different cipher text.
Consider the plain text hello world, now let’s apply the simple columnar transposition
technique as shown below

The plain text characters are placed horizontally and the cipher text is created with vertical
format as: holewdlo lr. Now, the receiver has to use the same table to decrypt the
cipher text to plain text.

Program:
import math
key = "HACK"

# Encryption
def encryptMessage(msg):
cipher = ""
k_indx = 0
msg_len = float(len(msg))
msg_lst = list(msg) key_lst
= sorted(list(key))

col = len(key)

row = int(math.ceil(msg_len / col))

fill_null = int((row * col) - msg_len)
msg_lst.extend('_' * fill_null)

matrix = [msg_lst[i: i + col]

for i in range(0, len(msg_lst), col)]

for _ in range(col):
 Network And Information Security

curr_idx = key.index(key_lst[k_indx]) cipher

+= ''.join([row[curr_idx]
for row in matrix])
k_indx += 1
return cipher
# Decryption
def decryptMessage(cipher):
msg = ""

k_indx = 0

msg_indx = 0
msg_len = float(len(cipher)) msg_lst =
list(cipher)

col = len(key)

row = int(math.ceil(msg_len / col))

key_lst = sorted(list(key)) dec_cipher
= []
for _ in range(row):
dec_cipher += [[None] * col]

for _ in range(col):
curr_idx = key.index(key_lst[k_indx])

for j in range(row):
dec_cipher[j][curr_idx] = msg_lst[msg_indx] msg_indx += 1
k_indx += 1
try:
msg = ''.join(sum(dec_cipher, []))
except TypeError:
raise TypeError("This program cannot",
"handle repeating words.")
null_count = msg.count('_') if
null_count > 0:
return msg[: -null_count]
return msg
msg = "Welcome to Cryptography "

cipher = encryptMessage(msg)
print("Encrypted Message: {}".
format(cipher))

print("Decryped Message: {}".

format(decryptMessage(cipher)))
 Network And Information Security

Output:

Conclusion:
Simple columnar transposition cipher is the simplest Transposition method. It is also the
weak cipher. Its only advantage lies in the fact that it is not complex and can be understood
easily.

Dated signature of
Marks Obtained
Teacher
Process Product
Total (25)
Related (10) Related (15)
 Network And Information Security

Practical 10
Aim: Create and Verify Digital Signature using Tool (Cryptool)

Introduction:

Digital signatures are the public-key primitives of message authentication. In the

physical world, it is common to use handwritten signatures on handwritten or typed
messages. They are used to bind signatory to the message.
Similarly, a digital signature is a technique that binds a person/entity to the digital
data. This binding can be independently verified by receiver as well as any third party.
Digital signature is a cryptographic value that is calculated from the data and a secret
key known only by the signer.
In real world, the receiver of message needs assurance that the message belongs to the
sender and he should not be able to repudiate the origination of that message. This
requirement is very crucial in business applications, since likelihood of a dispute over
exchanged data is very high.
What is Cryptool?

Cryptool is an open-source and freeware program that can be used in various aspects
of cryptographic and cryptanalytic concepts. There are no other programs like it
available over the internet where you can analyse the encryption and decryption of
various algorithms.

Steps to generate digital signature in cryptool: -

Step 1: - Open Cryptool.

 Network And Information Security

Step 2: - First, we need to generate a hash value of the document. To generate it, we
need to select a hashing algorithm. We’ll use the MD5 algorithm.

Step 3: - Next, generate a key pair. We’ll generate RSA keys. For RSA key generation,
two large prime numbers and a mathematical function are required.

Step 4: - After successfully generating keys, encrypt the hash value generated earlier.
 Network And Information Security

Step 5: - We need to create a certificate associated with the RSA key. Provide the
following details and click on “create certificate.” It’ll be used for communication
between the sender and recipient.

Step 6: - Click on generate signature to create a digital signature.

 Network And Information Security

Step 7: - Click on “store signature.”

Step 8: - You will get the Certificate of Congratulations.

 Network And Information Security

Step 9: - Following output will be generated.

Conclusion:

Digital signatures reduce the risk of duplication or alteration of the document itself. Digital
signatures ensure that signatures are verified, authentic and legitimate. Signers are provided
with PINs, passwords and codes that can authenticate and verify their identity and approve
their signatures.

Dated signature of
Marks Obtained
Teacher
Process Product
Total (25)
Related (10) Related (15)
 Network And Information Security

Practical 11
Aim: Use Steganography to encode and decode the message using any tools.

Introduction:
Steganography is the art of hiding a secret message within a normal
message. This is used to transfer some secret message to another person; with this
technique, no one else in between will know the secret message you wanted to convey.
On a computer, this is achieved by replacing the unused or useless data of a regular
computer file with your secret message. This secret hidden information can be a
plaintext message, ciphertext or image. One can hide information in any kind of file:
common choices include images, video and audio files, which can be used to hide
plaintext or image messages.

• Encode the data:

Every bite of data is converted to its 8-bit binary code using ASCII values. Now pixels are
read from left to right in a group of 3 containing a total of 9 values. The first 8-values are
used to store binary data. The value is made odd if 1 occurs and even if 0 occurs.

For example: Suppose the message to be hidden is ‘Hii ‘. Since the message is of 3-bytes,
therefore, pixels required to encode the data is 3 x 3 = 9. Consider a 4 x 3 image with
a total 12-pixels, which are sufficient to encode the given data.

[(27, 64, 164), (248, 244, 194), (174, 246, 250), (149, 95, 232),

(188, 156, 169), (71, 167, 127), (132, 173, 97), (113, 69, 206),

(255, 29, 213), (53, 153, 220), (246, 225, 229), (142, 82, 175)]

ASCII value of ‘H ‘is 72 whose binary equivalent is 01001000. Taking first 3- pixels (27,
64, 164), (248, 244, 194), (174, 246, 250) to encode. Now change the pixel to odd for 1
and even for 0. So, the modifies pixels are (26, 63, 164), (248, 243, 194), (174, 246,
250). Since we have to encode more data, therefore, the last value should be even.
Similarly, ‘i ‘can be encoded in this image.

The new image will look like:

[(26, 63, 164), (248, 243, 194), (174, 246, 250), (148, 95, 231), (188, 155, 168),
(70, 167, 126), (132, 173, 97), (112, 69, 206), (254, 29, 213), (53, 153, 220),
(246, 225, 229), (142, 82, 175)]

• Decode the data:

To decode, three pixels are read at a time, till the last value is odd, which means the
message is over. Every 3-pixels contain a binary data, which can be extracted by the
same encoding logic. If the value if odd the binary bit is 1 else 0.
 Network And Information Security

Program:

from PIL import Image def

genData(data):

newd = []

for i in data: newd.append(format(ord(i),

'08b'))
return newd

def modPix(pix, data):

datalist = genData(data)
lendata = len(datalist)
imdata = iter(pix)

for i in range(lendata):

pix = [value for value in imdata. next ()[:3] +

imdata. next ()[:3] +
imdata. next ()[:3]]

for j in range(0, 8):

if (datalist[i][j] == '0' and pix[j]% 2 != 0):
pix[j] -= 1

elif (datalist[i][j] == '1' and pix[j] % 2 == 0):

if(pix[j] != 0):
pix[j] -= 1
else:
pix[j] += 1
# pix[j] -= 1

if (i == lendata - 1):

if (pix[-1] % 2 == 0):
if(pix[-1] != 0):
pix[-1] -= 1 else:
pix[-1] += 1

else:
if (pix[-1] % 2 != 0):
pix[-1] -= 1

pix = tuple(pix)
yield pix[0:3]
yield pix[3:6]
yield pix[6:9]
 Network And Information Security

def encode_enc(newimg, data): w

= newimg.size[0]
(x, y) = (0, 0)

for pixel in modPix(newimg.getdata(), data):

# Putting modified pixels in the new image

newimg.putpixel((x, y), pixel)
if (x == w - 1): x
=0
y += 1
else:
x += 1

# Encode data into image def

encode():
img = input("Enter image name(with extension) : ")
image = Image.open(img, 'r')

data = input("Enter data to be encoded : ") if

(len(data) == 0):
raise ValueError('Data is empty')

newimg = image.copy() encode_enc(newimg,

data)

new_img_name = input ("Enter the name of new image (with extension): ")
newimg.save(new_img_name, str(new_img_name.split(".")[1].upper()))
# Decode the data in the image def
decode():
img = input("Enter image name(with extension) : ")
image = Image.open(img, 'r')

data = ''
imgdata = iter(image.getdata())

while (True):
pixels = [value for value in imgdata. next ()[:3] +
imgdata. next ()[:3] +
imgdata. next ()[:3]]

# string of binary data

binstr = ''

for i in pixels[:8]: if
(i % 2 == 0):
binstr += '0'
else:
binstr += '1'
 Network And Information Security

data += chr(int(binstr, 2)) if

(pixels[-1] % 2 != 0):
return data

# Main Function def

main():
a = int(input(":: Welcome to Steganography ::\n" "1.
Encode\n2. Decode\n"))
if (a == 1):
encode()

elif (a == 2):
print("Decoded Word : " + decode()) else:
raise Exception("Enter correct input")

# Driver Code
if name == ' main ':
main()

Output:
 Network And Information Security

Conclusion:
Steganography is an effective way of secure communication. You can first encrypt a
confidential file and then hide it inside an image of another kind of file before
sending it to some other. It will decrease the chances of being intercepted. If you just
send the file by encrypting it, the attacker will try to decrypt it by various ways.

However, if he only finds a normal image file, he’ll have no clue. This technique is
very easy to use but very difficult to detect. It can be used by government
organizations to use as the way to send and receive files securely.

Dated signature of
Marks Obtained
Teacher
Process Product
Total (25)
Related (10) Related (15)
 Network And Information Security

Practical 12
Part-I
Aim: a] Install Firewall on any operating system

Introduction:
A firewall is a network security device that monitors incoming and outgoing network
traffic and permits or blocks data packets based on a set of security rules. Its purpose is
to establish a barrier between your internal network and incoming traffic from
external sources (such as the internet) in order to block malicious traffic like viruses
and hackers.

• How does a firewall work?

Think of IP addresses as houses, and port numbers as rooms within the house. Only
trusted people (source addresses) are allowed to enter the house (destination
address) at all—then it’s further filtered so that people within the house are only
allowed to access certain rooms (destination ports), depending on if they're the
owner, a child, or a guest. The owner is allowed to any room (any port), while children
and guests are allowed into a certain set of rooms (specific ports).

After installation of the operating system, you get the firewall by default.

Steps to turn Microsoft Defender Firewall on or off:

1. Select the Start button > Settings > Update & Security > Windows Security
and then Firewall & network protection. Open Windows Security settings

2. Select a network profile.

3. Under Microsoft Defender Firewall, switch the setting to On. If your device is
connected to a network, network policy settings might prevent you from
completing these steps. For more info, contact your administrator.

4. To turn it off, switch the setting to Off. Turning off Microsoft Defender Firewall
could make your device (and network, if you have one) more vulnerable to
unauthorized access. If there's an app you need to use that's being blocked, you
can allow it through the firewall, instead of turning the firewall off.
 Network And Information Security

Part II
Aim: b] Configure Firewall settings on any operating system
After the operating system is installed, the firewall is enabled by default. Here are the
steps to configure the firewall:

1. Restart the Windows firewall on the control panel and perform the following
operations to configure the firewall:

a. Go to Control Panel, and choose System Security > Windows

Firewall.

b. In the Windows Firewall window, click Turn Windows Firewall on or off

on the left.

c. In the Customize Settings window, select Turn Windows Firewall on

in Private network settings and Public network settings.

d. Click OK for the settings to take effect.

 Network And Information Security

2. Add firewall exception sites in Windows 2012.

a. On the Windows Firewall page, click Advanced settings.
b. Choose Inbound Rules from the navigation tree on the left of the
window that is displayed.
 Network And Information Security

c. Click New Rule at the upper right corner.

d. On the right of the window that is displayed, select Port and click
Next.

a. In the window that is displayed, perform the following operations to set

related parameters:

i. Select TCP.
ii. Select Specific local ports and enter 8080 in the text box.
 Network And Information Security

b. Click Next.
c. In the window that is displayed, select Allow the connection and click
Next.

d. In the window that is displayed, ensure that the following check boxes
are selected:

a. Domain
b. Private
c. Public
 Network And Information Security

e. Click Next.
f. In the window that is displayed, enter a rule name in the Name text box,
for example, TCPPortin.

g. Click Finish to create an inbound rule.

h. Close the windows one by one.

Conclusion:
Firewalls carefully analyse incoming traffic based on pre-established rules and
filter traffic coming from unsecured or suspicious sources to prevent attacks.
Firewalls guard traffic at a computer’s entry point, called ports, which is where
information is exchanged with external devices.

Dated signature of
Marks Obtained
Teacher
Process Product
Total (25)
Related (10) Related (15)
 Network And Information Security

Practical 13
Aim: Create and verify Digital Certificate using tool.
Introduction:
· What is a digital signature?
A digital signature or ID is more commonly known as a digital certificate. To digitally sign an
Office document, you must have a current (not expired) digital certificate. Digital certificates
are typically issued by a certificate authority (CA), which is a trusted third-party entity that
issues digital certificates for use by other parties. There are many commercial third-party
certificate authorities from which you can either purchase a digital certificate or obtain a
free digital certificate. Many institutions, governments, and corporations can also issue their
own certificates.
A digital certificate is necessary for a digital signature because it provides the public key that
can be used to validate the private key that is associated with a digital signature. Digital
certificates make it possible for digital signatures to be used as a way to authenticate digital
information.
If you do not want to purchase a digital certificate from a third- party certificate authority
(CA), or if you want to digitally sign your document immediately, you can create your own
digital certificate.

Following are the steps to generate and verify digital certificate:

1. Go to C:\Program Files (x86) \Microsoft Office\root\ (or C:\Program Files\Microsoft

Office\root\Office16 if you're running the 64-bit version of Office)
2. Click SelfCert.exe. The Create Digital Certificate box appears.
 Network And Information Security

3. In the Your certificate's name box, type a descriptive name for the certificate.
4. Click OK.
5. When the SelfCert Success message appears, click OK.

To view the certificate in the Personal Certificates store, do the following:

1. Open Internet Explorer.
2. On the Tools menu, click Internet Options, and then click the Content tab.
3. Click Certificates, and then click the Personal tab.

4. You will get the following Digital Certificate you generated

 Network And Information Security

Conclusion:
Digital Signatures have potential uses in Electronic Commerce but attempts to apply
them in ways that mirror written signatures are unlikely to be effective because this
analogy is misleading. ‘Trusted Third Parties (TTP)’ as Certificate Authorities for digital
signatures are often justified using an analogy with the role of the financial institutions
in conventional commerce. In practice, however, this seems to be based on a
misinterpretation of what these organisations provide since the trust relationships
involved are only superficially three-party ones.

Dated signature of
Marks Obtained
Teacher
Process Product
Total (25)
Related (10) Related (15)
 Network And Information Security

Practical 14
Aim: Trace the origin of email using any tool.

Introduction:

• Tracing an email header

1. To being tracing a header go to the File menu and click the Trace an email... option
as shown in the image above.

2. The filter dialog box, as shown below, is split into three sections, each of which
is explained below the image
 Network And Information Security

The image above has been split into three sections for your understanding.

1. To trace a header, you have to first select the first option, as shown in the image
above.
2. The text box shown above is where you have to paste the email header you want
to trace (click here for a list of tutorials that help you extract the email header)
3. Once the header has been pasted into the Email headers section click the trace
button, as shown in the image above.

3. When the trace has finished it will look similar to the image above. The email trace
table shows you each hop between yourself and the email origin, giving you IP
addresses, node names and locations. The trace route is also shown on the map with the
final location pin pointed. To the right-hand side, you have the email summary, who is
information and email header. Simply click the heading to view each one separately.

Conclusion:
In this practical we trace the origin of email using email tracker pro. By using eMail
tracker Pro and analyzing email message headers, you are fully capable of tracing that
mysterious email. Email tracking saves time and also provides context

Dated signature of
Marks Obtained
Teacher
Process Product
Total (25)
Related (10) Related (15)
 Network And Information Security

Practical 15
Aim: Trace the path of website using Tracert utility PGP email security.
Introduction:

• What is Tracert?
Tracert is a Windows based command-line tool that you can use to trace the path
that an Internet Protocol (IP) packet takes to its destination from a source. Tracert will
determine the path taken to a destination. It does this by sending Internet Control
Message Protocol (ICMP) Echo Request messages to the destination. When sending
traffic to the destination, it will incrementally increase the Time to Live (TTL) field
values to aid in finding the path taken to that destination address. The path is outlined
from this process.

• How to Use Tracert?

As you saw in the last illustration, we will be sending traffic from a test
workstation from Site B to a server at another site (Site A). The packets will traverse the
wide area network (WAN) that separates the two sites over a T1 with a backup link via
Integrated Services Digital Network (ISDN). To use the tracert utility, you simply need to
know what your destination IP address is and how to use the tracert utility correctly as
well as what to look for within the results.
Tracert works by manipulating the Time to Live (TTL). By increasing the TTL and then
each router decrementing as it sends it along to the next router, you will have a hop
count from your source to your destination. A router hop would be a packet sent from
one router to another router – that’s a hop. When the TTL on the packet reaches zero (0),
the router sends an ICMP "Time Exceeded" message back to the source computer. You
can see an example of our sample network here in the next illustration; with a source and
destination IP address… we will be using the workstation on Site B and a server at Site A
for our test.

• The Tracert Test

Now, to use tracert, you simply need to open a command prompt. To do this, go to

Start => Run => CMD => tracert

 Network And Information Security

In the following example of the tracert command and its output, the packet travels
through two routers (as seen in the last illustration) to get to host
10.1.1.6. In this example, the default gateway from Site B is 10.1.2.1 and the IP address
of the router on the WAN via the T1 and ISDN links (respectively) are 192.168.11.1 and
192.168.10.1.
Let’s first see what it should look like using the T1.

C:\>tracert 10.1.1.6
Tracing route to 10.1.1.6 over a maximum of 30 hops
-
1 2 ms 3 ms 2 ms 10.1.2.1
2 25 ms 83 ms 88 ms 192.168.11.1
3 25 ms 79 ms 93 ms 10.1.1.6

Trace complete.
Now, if the T1 was down and you were using the ISDN link, you can see that there is a
different ‘path’ and you can also see that it takes ‘longer’ to get there.

C:\>tracert 10.1.1.6
Tracing route to 10.1.1.6 over a maximum of 30 hops
-
1 2 ms 3 ms 2 ms 10.1.2.1
2 75 ms 83 ms 88 ms 192.168.10.1
3 75 ms 79 ms 93 ms 10.1.1.6
 Network And Information Security

Trace complete.
As you can see now, using tracert will help you to determine the network path as it is
laid out through the network – AND – most importantly, how data traverses that path.

• Using Tracert Options

To use tracert, be aware of a few options you can use with it. The most helpful is
the first one. Using the –d option is always helpful when you want to remove DNS
resolution. Name servers are helpful, but if not available or if incorrectly set or if you
simply just want the IP address of the host, use the –d option.

Conclusion:

In this practical we trace the path of website by using Tracert Utility. It is a

network diagnostic tool used to track in real time the pathway taken by a packet on an IP
network from source to destination, reporting the IP addresses of all the routers it
pinged in between. Trace route also records the time taken for each hop the packet
makes during its route to the destination.

Dated signature of
Marks Obtained
Teacher
Process Product
Total (25)
Related (10) Related (15)
 Network And Information Security

Practical 16
Part I

Aim: a] Generate Public and Private key pair.

Introduction:
Following are the steps to generate Public and Private Key Pair:

1. Start the key generation program.

myLocalHost% ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key(/home/johndoe/.ssh/id_rsa):

2. Enter the path to the file that will hold the key.

By default, the file name id_rsa, which represents an RSA v2 key, appears in
parentheses. You can select this file by pressing Return. Or, you can type an
alternative filename.

Enter file in which to save the key(/home/johndoe/.ssh/id_rsa): <Return>

The public key name is created automatically and the string .pub is appended to
the private key name.

3. Enter a passphrase for using your key.

This passphrase is used for encrypting your private key. A good passphrase is 10–
30 characters long, mixes alphabetic and numeric characters, and avoids simple
English prose and English names. A null entry means no passphrase is used, but
this entry is strongly discouraged for user accounts. Note that the passphrase is
not displayed when you type it in.

Enter passphrase(empty for no passphrase): <Type the passphrase>

4. Re-enter the passphrase to confirm it.

Enter same passphrase again: <Type the passphrase>

Your identification has been saved in /home/johndoe/.ssh/id_rsa. Your
public key has been saved in /home/johndoe/.ssh/id_rsa.pub. The key
fingerprint is:
0e:fb:3d:57:71:73:bf:58:b8:eb:f3:a3:aa:df:e0:d1 johndoe@myLocalHost
 Network And Information Security

5. Check the results.

The key fingerprint (a colon-separated series of 2-digit hexadecimal values) is

displayed. Check that the path to the key is correct. In the example, the path is
/home/johndoe/.ssh/id_rsa.pub. At this point, you have created a public/private
key pair.

6. Copy the public key and append the key to the

$HOME/.ssh/authorized_keys file in your home directory on the remote host.

Part II

Aim: b] Encrypt and Decrypt message using key pair.

Encrypt messages
To learn how to use a PGP public key to encrypt messages or other data you have sent
and decrypt messages or data that you have received, follow the steps listed below:
1. Compose an email using the client of your choosing.
2. When you have finished composing the e-mail, place the editing cursor in the
body of your message.
3. Open the PGP Tray.
4. In the PGP Tray pop-up menu, select Current Window.
5. Choose Encrypt & Sign. This will bring up the PGP Tray Key Selection dialog
box where you should see the list of Public Keys including that of the person
or persons to whom you wish to send your message.
6. Double click on the Public Key of the person to whom you wish to send your
message. Click OK.
7. Enter a passphrase when prompted. Click OK.
8. The message will be converted to cipher text.

Decrypt messages
1. Open the e-mail containing the encrypted message in cipher text.
2. Highlight the block of cipher text.
3. Open the PGP Tray.
4. Select Current Window. Choose Decrypt & Verify.
5. Enter a passphrase into the PGP Enter Passphrase dialog box. Click OK.
6. The decrypted message will come up in a new window for you to read.
 Network And Information Security

Conclusion:
In this practical we generate a public and private key pair and also encrypt and decrypt
message using the key pair. Pretty Good Privacy (PGP) is an encryption system used for
both sending encrypted emails and encrypting sensitive files.
Since its invention back in 1991, PGP has become the de factor standard for email
security.

Dated signature of
Marks Obtained
Teacher
Process Product
Total (25)
Related (10) Related (15)