3.

1 Cryptography
Cryptography is technique of securing information and communications through use of codes
so that only those people for whom the information is intended can understand it and process
it. Thus, preventing unauthorized access to information. The prefix “crypt” means “hidden”
and suffix graphy means “writing”. In Cryptography the techniques which are used to protect
information are obtained from mathematical concepts and a set of rule-based calculations
known as algorithms to convert messages in ways that make it hard to decode it. These
algorithms are used for cryptographic key generation, digital signing, verification to protect
data privacy, web browsing on internet and to protect confidential transactions such as credit
card and debit card transactions.
Techniques used For Cryptography: In today’s age of computers cryptography is often
associated with the process where an ordinary plain text is converted to cipher text which is the
text made such that intended receiver of the text can only decode it and hence this process is
known as encryption. The process of conversion of cipher text to plain text this is known as
decryption.
• Features Of Cryptography are as follows:
1. Confidentiality: Information can only be accessed by the person for whom it is intended
and no other person except him can access it.
2. Integrity: Information cannot be modified in storage or transition between sender and
intended receiver without any addition to information being detected.
3. Non-repudiation: The creator/sender of information cannot deny his intention to send
information at later stage.
4. Authentication: The identities of sender and receiver are confirmed. As well as
destination/origin of information is confirmed.
The most obvious use of cryptography, and the one that all of us use frequently, is encrypting
communications between us and another system. This is most commonly used for
communicating between a client program and a server. Examples are a web browser and web
server, or email client and email server.
Cryptology is the study of codes, both creating and solving them. Cryptography is the art
of creating codes. Cryptanalysis is the art of surreptitiously revealing the contents of coded
messages, breaking codes, that were not intended for you as a recipient. Secondly, there are
nomenclators and enciphers.
Encryption and Decryption
Encryption is the process of converting normal message (plaintext) into meaningless message
(Ciphertext). Whereas Decryption is the process of converting meaningless message
(Ciphertext) into its original form (Plaintext). The major distinction between secret writing
associated secret writing is that the conversion of a message into an unintelligible kind that’s
undecipherable unless decrypted. whereas secret writing is that the recovery of the first
message from the encrypted information.
S.NO Encryption Decryption

Encryption is the process of While decryption is the process of converting

converting normal message into meaningless message into its original form.
meaningless message.
1.

Encryption is the process which take While decryption is the process which take place at
place at sender’s end. receiver’s end.

2.

Its major task is to convert the plain While its main task is to convert the cipher text into
text into cipher text. plain text.
3.

Any message can be encrypted with Whereas the encrypted message can be decrypted with
either secret key or public key either secret key or private key

4.

In encryption process, sender sends Whereas in decryption process, receiver receives the
the data to receiver after encrypted it. information(Cipher text) and convert into plain text.

5.

The same algorithm with the same The only single algorithm is used for encryption
key is used for the encryption- decryption with a pair of keys where each use for
decryption process. encryption and decryption.

6.
3.2 Substitution Cipher Technique
In the Substitution Cipher technique, each character is substituted with other character/number
or other symbol. This technique changes the identity of a character but not its position in the
string.
A substitution cipher encrypts a text sequence by replacing letters or units of text with other
letters or units of text. Substitution ciphers are an early form of cryptography that predates the
development of computers and are now largely outdated.
Like B or C, a letter is converted into another letter in a substitution cipher, encrypting the
sequence for a human reader. The problem is that basic substitution ciphers do not encrypt
adequately in terms of computer assessment.
Substitution ciphers became relatively easy for computers to crack with the emergence of the
personal computer. However, some of the substitution cipher's concepts have persisted, for
example, some versions of current encryption may encrypt data using an extensive text set and
a very clever substitution.
Caesar Cipher Technique
The Caesar Cipher technique is one of the earliest and simplest methods of encryption
technique. It’s simply a type of substitution cipher, i.e., each letter of a given text is replaced
by a letter with a fixed number of positions down the alphabet. For example, with a shift of 1,
A would be replaced by B, B would become C, and so on. The method is apparently named
after Julius Caesar, who apparently used it to communicate with his officials.
Thus, to cipher a given text we need an integer value, known as a shift which indicates the
number of positions each letter of the text has been moved down.
The encryption can be represented using modular arithmetic by first transforming the letters
into numbers, according to the scheme, A = 0, B = 1, Z = 25. Encryption of a letter by a shift n
can be described mathematically as.

(Encryption Phase with shift n)

(Decryption Phase with shift n)

Examples:
Text: ABCDEFGHIJKLMNOPQRSTUVWXYZ
Shift: 23
Cipher: XYZABCDEFGHIJKLMNOPQRSTUVW
Text: ATTACKATONCE
Shift: 4
Cipher: EXXEGOEXSRGI
Advantages:
• Easy to implement and use thus, making suitable for beginners to learn about
encryption.
• Can be physically implemented, such as with a set of rotating disks or a set of cards,
known as a scytale, which can be useful in certain situations.
• Requires only a small set of pre-shared information.
• Can be modified easily to create a more secure variant, such as by using a multiple shift
values or keywords.
Disadvantages:
• It is not secure against modern decryption methods.
• Vulnerable to known-plaintext attacks, where an attacker has access to both the
encrypted and unencrypted versions of the same messages.
• The small number of possible keys means that an attacker can easily try all possible
keys until the correct one is found, making it vulnerable to a brute force attack.
• It is not suitable for long text encryption as it would be easy to crack.
• It is not suitable for secure communication as it is easily broken.
• Does not provide confidentiality, integrity, and authenticity in a message. Algorithm for
Caesar Cipher:
Input:
• A String of lower-case letters, called Text.
• An Integer between 0-25 denoting the required shift. Procedure:
• Traverse the given text one character at a time.
• For each character, transform the given character as per the rule, depending on whether
we’re encrypting or decrypting the text.
• Return the new string generated.
How to decrypt?
We can either write another function decrypt similar to encrypt, that’ll apply the given shift in
the opposite direction to decrypt the original text. However, we can use the cyclic property of
the cipher under modulo, hence we can simply observe Cipher(n) = De-cipher(26-n)
Hence, we can use the same function to decrypt, instead, we’ll modify the shift value such that
shift = 26-shift
Modified Ceaser cipher
The Modified Caesar Cipher is a variation of the classic Caesar cipher, which is a simple shift
cipher where each letter in the plaintext is shifted by a certain number of positions in the
alphabet. In the modified version, the shift may vary across different parts of the message, or
additional modifications are applied to make it more secure than the traditional Caesar cipher.
1. Variable Shift:
• Instead of using a single fixed shift value for the entire message, the shift can change
at each letter or segment of the message. For example:
o First letter shifted by 1, second letter by 2, third by 3, and so on.
o This introduces a form of complexity and makes frequency analysis harder.
2. Key-Based Shift:
• A keyword or phrase can be used to determine the shift for each letter. Each letter of
the keyword determines how much the corresponding letter in the message is shifted.
o For example, with the keyword "KEY", you might shift the first letter of the
message by 'K' (which is 10), the second by 'E' (which is 4), and so on.
3. Reverse Alphabet:
• Another modification could involve using a reverse alphabet (Z-A) for encoding, where
the letter 'A' is mapped to 'Z', 'B' to 'Y', etc. The shift could then be applied within this
reversed alphabet.
4. Combination of Shifting and Substitution:
• A combination of the Caesar shift and a substitution cipher might be used, where certain
letters are substituted with others based on a predetermined pattern or key, in addition
to applying the Caesar shift.

Transposition Cipher Technique

In the Transposition Cipher Technique, each character's position is shifted to a different
position. A transposition cipher is an encryption method in which plaintext units (usually letters
or groups of characters) are shifted in a predictable way resulting in the ciphertext being a
permutation of the plaintext. That is, the units' order is altered (the plaintext is reordered).
To encrypt, a bijective function is applied to the locations of the characters, and to decrypt, an
inverse function is used.
The Rail Fence encryption is a type of transposition cipher named after how it is encoded. The
plaintext is written on successive "rails" of an imaginary fence in the rail fence, downwards
and diagonally, then moved up when we reach the bottom. The message is then read aloud in a
series of rows.
The Rail Fence Cipher follows a scytale-like pattern, an old Greek mechanical device for
constructing a transposition cipher. A cylinder and a ribbon wrapped around the cylinder
comprised the system. The coiled ribbon was used to write the encrypted message. When the
ribbon was uncoiled from the cylinder, the letters of the original message were rearranged. The
message was decoded when the ribbon recoiled on a cylinder with the same diameter as the
encrypting cylinder.
Columnar Transposition technique
The Columnar Transposition Cipher is a form of transposition cipher just like Rail Fence
Cipher. Columnar Transposition involves writing the plaintext out in rows, and then reading
the ciphertext off in columns one by one.
Encryption
1. In a transposition cipher, the order of the alphabets is re-arranged to obtain the
ciphertext.
2. The message is written out in rows of a fixed length, and then read out again column
by column, and the columns are chosen in some scrambled order.
3. Width of the rows and the permutation of the columns are usually defined by a keyword.
4. For example, the word HACK is of length 4 (so the rows are of length 4), and the
permutation is defined by the alphabetical order of the letters in the keyword. In this
case, the order would be “3 1 2 4”.
5. Any spare spaces are filled with nulls or left blank or placed by a character (Example:
_).
6. Finally, the message is read off in columns, in the order specified by the keyword.
Decryption
1. To decipher it, the recipient has to work out the column lengths by dividing the message
length by the key length.
2. Then, write the message out in columns again, then re-order the columns by reforming
the key word.

Difference between Substitution and Transposition Cipher Technique

Key Substitution Cipher Technique

Transposition Cipher Technique

Algorithm Each character is replaced with a different

character, integer, or symbol. Each character has been
repositioned from its original place.

Forms It comes in two forms: Mono-Alphabetic It has two forms: Key-less

Substitution Cipher and PolyAlphabetic transposition cipher and keyed
Substitution Cipher. transposition cipher.
 Change Character identity is changed but position Character position is changed but
remains same. identity remains same.

Detection A letter less frequently used can be easily A letter near to original position can
traced. be easily traced.

Example Caesar Cipher is an example of Substitution Reil Fence Cipher is an example of

Cipher. Transposition Cipher.

Difference between Substitution and Transposition Cipher

S.NO Substitution Cipher Technique Transposition Cipher Technique

1. In substitution Cipher Technique, plain In transposition Cipher Technique, plain text

text characters are replaced with other characters are rearranged with respect to the
characters, numbers and symbols. position.

2. Substitution Cipher’s forms are: Mono Transposition Cipher’s forms are: Keyless
alphabetic substitution cipher and poly transposition cipher and keyed transposition
alphabetic substitution cipher. cipher.

3. In substitution Cipher Technique, While in transposition Cipher

character’s identity is changed while its Technique, the position of the character
position remains unchanged.

S.NO Substitution Cipher Technique Transposition Cipher Technique

is changed but character’s identity is not

changed.

4. In substitution Cipher Technique, The While in transposition Cipher

letter with low frequency can detect plain Technique, The Keys which are nearer to
text. correct key can disclose plain text.
5. The example of substitution Cipher is The example of transposition Cipher is Rail
Caesar Cipher. Fence Cipher.

3.3 Steganography
Steganography is the technique of hiding secret data within an ordinary, non-secret, file or
message in order to avoid detection; the secret data is then extracted at its destination. The use
of steganography can be combined with encryption as an extra step for hiding or protecting
data. The word steganography is derived from the Greek words steganos (meaning hidden or
covered) and the Greek root graph (meaning to write).
Steganography can be used to conceal almost any type of digital content, including text, image,
video or audio content; the data to be hidden can be hidden inside almost any other type of
digital content. The content to be concealed through steganography -- called hidden text -- is
often encrypted before being incorporated into the innocuous-seeming cover text file or data
stream. If not encrypted, the hidden text is commonly processed in some way in order to
increase the difficulty of detecting the secret content.
What are examples for steganography?
Steganography is practiced by those wishing to convey a secret message or code. While there
are many legitimate uses for steganography, malware developers have also been found to use
steganography to obscure the transmission of malicious code.
Forms of steganography have been used for centuries and include almost any technique for
hiding a secret message in an otherwise harmless container. For example, using invisible ink
to hide secret messages in otherwise inoffensive messages; hiding documents recorded on
microdot -- which can be as small as 1 millimetre in diameter -- on or inside legitimateseeming
correspondence; and even by using multiplayer gaming environments to share information.
How is steganography used today?
In modern digital steganography, data is first encrypted or obfuscated in some other way and
then inserted, using a special algorithm, into data that is part of a particular file format such as
a JPEG image, audio or video file. The secret message can be embedded into ordinary data
files in many different ways. One technique is to hide data in bits that represent the same colour
pixels repeated in a row in an image file. By applying the encrypted data to this redundant data
in some inconspicuous way, the result will be an image file that appears identical to the original
image but that has "noise" patterns of regular, unencrypted data.
The practice of adding a watermark -- a trademark or other identifying data hidden in
multimedia or other content files -- is one common use of steganography. Watermarking is a
technique often used by online publishers to identify the source of media files that have been
found being shared without permission.
While there are many different uses of steganography, including embedding sensitive
information into file types, one of the most common techniques is to embed a text file into an
image file. When this is done, anyone viewing the image file should not be able to see a
difference between the original image file and the encrypted file; this is accomplished by
storing the message with less significant bites in the data file. This process can be completed
manually or with the use of a steganography tool.
What are the advantages of steganography over cryptography?
Steganography is distinct from cryptography, but using both together can help improve the
security of the protected information and prevent detection of the secret communication. If
steganographically-hidden data is also encrypted, the data may still be safe from detection -
though the channel will no longer be safe from detection. There are advantages to using
steganography combined with encryption over encryption-only communication.
The primary advantage of using steganography to hide data over encryption is that it helps
obscure the fact that there is sensitive data hidden in the file or other content carrying the hidden
text. Whereas an encrypted file, message or network packet payload is clearly marked and
identifiable as such, using steganographic techniques helps to obscure the presence of the
secure channel.
The various terms used to describe image steganography include:
• Cover-Image - Unique picture that can conceal data.
• Message - Real data that you can mask within pictures. The message may be in the form
of standard text or an image.
• Stego-Image − A stego image is an image with a hidden message.
• Stego-Key - Messages can be embedded in cover images and stego-images with the
help of a key, or the messages can be derived from the photos themselves.
Steganography Examples Include
• Writing with invisible ink
• Embedding text in a picture (like an artist hiding their initials in a painting they’ve
done)
• Backward masking a message in an audio file (remember those stories of evil messages
recorded backward on rock and roll records?)
• Concealing information in either metadata or within a file header
• Hiding an image in a video, viewable only if the video is played at a particular frame
rate
• Embedding a secret message in either the green, blue, or red channels of an RRB image
Steganography can be used both for constructive and destructive purposes. For example,
education and business institutions, intelligence agencies, the military, and certified ethical
hackers use steganography to embed confidential messages and information in plain sight.
On the other hand, criminal hackers use steganography to corrupt data files or hide malware in
otherwise innocent documents. For example, attackers can use BASH and PowerShell scripts
to launch automated attacks, embedding scripts in Word and Excel documents. When a poor,
unsuspecting user clock one of those documents open, they activate the secret, hidden script,
and chaos ensues. This process is a favoured ransomware delivery method.

3.4 Symmetric and Asymmetric Cryptography

At its simplest, encryption simply means to use a key to encrypt data. This key is then required
to decrypt the information as well. If the recipient doesn't have the key, they can't decrypt the
data once it arrives at its destination. If you're new to the world of data encryption, you should
also check out these basic encryption terms to gain a better understanding.
For instance, if you encrypt an email and send it to a person, they should also receive the
encryption key, otherwise they simply can't view the contents of the email. Symmetric
encryption is the simplest form of encryption, since it requires a single key to encrypt or decrypt
information.
As you can probably guess, symmetric equation is a relatively old form of encryption, utilizing
a secret key that can be an alphanumeric string, a number, or a word. It's also quite effective,
and can even be used for full-disk encryption.
Why Use Symmetric Encryption?
The reason why symmetric encryption is popular is that it's relatively simple. This makes it
easy and quicker to execute. Generally, symmetric encryption is used for encrypting larger
amounts of data.
In most cases, the typical length of a symmetric encryption key is either 128 or 256 bits. Since
only a single key is used, it doesn't require lots of resources to encrypt the information either.
The Problem with Symmetric Encryption
All parties must share the encryption key to allow for data transfer, exposing symmetric
encryption to key exhaustion problems. If effective rotation isn't maintained, there's a risk that
the key might be leaked.
There is also a risk that a hacker may receive bits of information that they can use to construct
the encryption key themselves. This causes issues with scaling since you can't share the key
with others.
Data Encryption Standard (DES) Algorithm
DES is a block cipher and encrypts data in blocks of size of 64 bits each, which means 64 bits
of plain text go as the input to DES, which produces 64 bits of ciphertext. The same algorithm
and key are used for encryption and decryption, with minor differences. The key length is 56
bits.
DES is based on the two fundamental attributes of cryptography: substitution (also called
confusion) and transposition (also called diffusion). DES consists of 16 steps, each of which
is called a round. Each round performs the steps of substitution and transposition. Let us now
discuss the broad-level steps in DES.

In the first step, the 64-bit plain text block is handed over to an initial Permutation (IP) function.
The initial permutation is performed on plain text.
Next, the initial permutation (IP) produces two halves of the permuted block; saying Left Plain
Text (LPT) and Right Plain Text (RPT).
Now each LPT and RPT go through 16 rounds of the encryption process.
In the end, LPT and RPT are re-joined and a Final Permutation (FP) is performed on the
combined block
The result of this process produces 64-bit ciphertext.
The initial permutation (IP) happens only once and it happens before the first round. It suggests
how the transposition in IP should proceed, as shown in the figure. For example, it says that
the IP replaces the first bit of the original plain text block with the 58th bit of the original plain
text, the second bit with the 50th bit of the original plain text block, and so on.
This is nothing but jugglery of bit positions of the original plain text block. the same rule applies
to all the other bit positions shown in the figure.

As we have noted after IP is done, the resulting 64-bit permuted text block is divided into two
half blocks. Each half-block consists of 32 bits, and each of the 16 rounds, in turn, consists of
the broad-level steps outlined in the figure.
 OR
(short notes for better understanding)
Today, we will learn about the DES algorithm, a very important and popular topic. It has a
short name but performs a big job.
What is DES?
DES is a block cipher. This means it takes plaintext in 64-bit blocks and encrypts it.
Process Overview
1. Input: 64-bit plaintext block
2. Encryption: Plaintext is transformed into ciphertext.
3. Key Size: A 64-bit key is used for the algorithm.
Initial Steps
1. Initial Permutation:
• The 64-bit plaintext undergoes an initial permutation.
• This process rearranges the bits in a specific order.
 • Both input and output are 64 bits.
2. Rounds:
• After the initial permutation, a series of rounds begins.
• There are a total of 16 rounds.
• Each round uses a 64-bit input and a 48-bit key.
Round Function
1. Input:
• 64-bit text
• 48-bit key
2. Key Transformation:
• Initially, a 64-bit key is used.
• This 64-bit key contains 8 parity bits.
To remove the parity bits, Permuted Choice 1 (PC1) is used. PC1 takes a 64-bit input and
produces a 56-bit output.
• Every 8th bit (8, 16, 24, 32, etc.) is discarded.
3. Permuted Choice 1 (PC1):
• Bits are rearranged to obtain a 56-bit output.
Splitting the 56-bit Key
1. The 56-bit key is divided into two equal halves:
• C0: 28 bits
• D0: 28 bits
2. Left Circular Shift (LCS):
• A left circular shift is applied to each block (C0 and D0).
• The number of shifts depends on the round number.
OR
Steps:
1. Initial Permutation (IP): The 64-bit plaintext is permuted according to a fixed pattern.
2. Rounds (16 rounds): The data is split into two halves (32 bits each). The right half is
processed with a function (Feistel function) using a subkey and combined with the left
half. The halves are swapped after each round.
3. Final Permutation (FP): After 16 rounds, a final permutation is applied to the data to
produce the ciphertext.
Features:
• Symmetric Encryption: Same key for both encryption and decryption.
• Block Cipher: Operates on 64-bit blocks.
• Security: Considered insecure today due to its small key size (56 bits), making it
vulnerable to brute-force attacks.
Asymmetric Encryption
Instead of relying on a single shared key, asymmetric encryption uses a couple of related keys.
This includes a public and a private key, which automatically makes it more secure than
symmetric encryption.
The public key is available to all parties, and is used for decrypting the plain text message
before it is sent. But, in order to decrypt the actual message and read it, the parties must have
access to the private key.
While there's a mathematical relationship between the public and the private key, hackers can't
derive the private key using the information from the public key.
For instance, you can make available a public key to anyone who wishes to send you a message.
But, the second key is kept secret, so only you know that one. Thus, when a message is
encrypted and sent using the public key, a private key must also be required to decrypt it fully.
It's important to understand that the private key is only known to the person who owns it. Even
the sender doesn't know the private key and can't decrypt the file once it is sent. Every
authorized party in this exchange has their own private key that they can use to decrypt
information.
Why Is Asymmetric Encryption Considered More Secure?
Asymmetric encryption can be carried out automatically or manually, depending on the key's
length. It's important to understand that the security of either lies primarily on the size of the
key.
However, a significant reason why asymmetric encryption is considered more secure and
reliable is because it doesn't involve the exchange of public keys between multiple parties.
Even if a hacker gains access to a public key, there's no risk of them using it for decrypting the
data (since the public key is used for encryption only), as they don't know the private keys.
More importantly, asymmetric encryption also supports digital signature algorithms and
authentication, unlike symmetric encryption. This allows users to digitally sign documents or
messages using their private keys, and others can use the corresponding public keys to confirm
that the signatures are authentic and came from the verified sender.
The Problem with Asymmetric Encryption
Since it's obviously the more secure choice, why isn't asymmetric encryption the only standard
in the world of encryption today? That's because when compared with symmetric encryption,
it's considerably slower.
This has to do with the longer key lengths, and more importantly, the mathematical calculations
involved in asymmetric encryption are considerably more complex, which means they require
more CPU resources for decryption.
Even though there's a link between the public and private keys, asymmetric encryption relies
primarily on longer key lengths to beef up security. It's essentially a compromise between speed
and security.
For instance, as mentioned above, symmetric encryption relies on 128 or 256-bit keys. In
comparison, the RSA encryption key size is generally 2048 bits or higher. And, with quantum
computers seemingly becoming a reality very soon, even that might not be enough to protect
information.
Block Cipher and Stream Cipher belongs to the symmetric key cipher. These two block ciphers
and stream cipher are the methods used for converting the plain text into ciphertext.
The main difference between a Block cipher and a Stream cipher is that a block cipher converts
the plain text into cipher text by taking plain text’s block at a time. While stream c Difference
between Block cipher and Stream cipher

S.NO Block Cipher Stream Cipher

1. Block Cipher Converts the plain text into Stream Cipher Converts the plain text into
cipher text by taking plain text’s block at a cipher text by taking 1 byte of plain text at a
time. time.

2. Block cipher uses either 64 bits or more than While stream cipher uses 8 bits.
64 bits.

3. The complexity of block cipher is simple. While stream cipher is more complex.

4. Block cipher Uses confusion as well as

diffusion. While stream cipher uses only confusion.

5. In block cipher, reverse encrypted text is hard. While in-stream cipher, reverse encrypted
text is easy.
6. The algorithm modes which are used in block The algorithm modes which are used in
cipher are ECB (Electronic Code Book) and stream cipher are CFB (Cipher Feedback)
CBC (Cipher Block Chaining). and OFB (Output Feedback).

7. Block cipher works on transposition While stream cipher works on substitution

techniques like rail-fence technique, columnar techniques like Caesar cipher, substitution
transposition technique, etc. cipher, etc.

8. Block cipher is slow as compared to a stream While stream cipher is fast in comparison to
cipher. block cipher.

Advantages of Asymmetric Encryption

Asymmetric encryption also known as public key cryptography is a method of cryptography
that uses two different keys to encrypt and decrypt data, here are some advantages of
asymmetric encryption: –
• Enhanced Security: Asymmetric encryption provides a higher level of security
compared to symmetric encryption where only one key is used for both encryption and
decryption with asymmetric encryption a different key is used for each process and the
private key used for decryption is kept secret by the receiver making, it harder for an
attacker to intercept and decrypt the data.
• Authentication: Asymmetric encryption can be used for authentication purposes which
means that the receiver can verify the sender s identity. This is achieved by the sender
 encrypting a message with their private key which can only be decrypted with their
public key if the receiver can successfully decrypt the message, it proves that it was
sent by the sender who has the corresponding private key.
• Non-repudiation: Asymmetric encryption also provides non-repudiation which means
that the sender cannot deny sending a message or altering its contents this is because
the message is encrypted with the sender s private key and only their public key can
decrypt it . Therefore, the receiver can be sure that the message was sent by the sender
and has not been tampered with.
• Key distribution: Asymmetric encryption eliminates the need for a secure key
distribution system that is required in symmetric encryption with symmetric encryption,
the same key is used for both encryption and decryption and the key needs to be securely
shared between the sender and the receiver asymmetric encryption, on the other hand,
allows the public key to be shared openly and the private key is kept secret by the
receiver.
• Versatility: Asymmetric encryption can be used for a wide range of applications
including secure email communication online banking transactions and ecommerce it
is also used to secure SSL/TSL connections which are commonly used to secure internet
traffic.
Digital Signature
Digital signatures are the newer, faster, better way of signing documents online. They cut your
costs, require less time, are more environmentally friendly, and make the whole process easier
and faster for everyone involved.
Digital signatures are the digital equivalent of regular ink signatures. Just like ink signatures
signal your approval or involvement in a paper document and its contents, a digital signature
does the same on digital documents.
And they do it far better than ink signatures can.
Digital signatures use a Public Key Infrastructure (PKI), a standard format that provides high
security and acceptance to your document. This combination of a public key and a private key
is what makes a digital signature so safe.
Through the PKI and the processes involved in creating electronic signatures and storing
digitally signed documents, you can be sure that your signature cannot be forged, and once
signed. The document cannot be altered.
This makes a digital document with an e-signature secure enough to be valid worldwide,
including anywhere within the United States and the European Union.
Practical related notes
Vernam Cipher
Vernam Cipher is a method of encrypting alphabetic text. It is one of the Substitution
techniques for converting plain text into cipher text. In this mechanism we assign a number to
each character of the Plain-Text, like (a = 0, b = 1, c = 2, … z = 25).
Method to take key: In the Vernam cipher algorithm, we take a key to encrypt the plain text
whose length should be equal to the length of the plain text.
Encryption Algorithm:
Assign a number to each character of the plain-text and the key according to alphabetical order.
Bitwise XOR both the number (Corresponding plain-text character number and Key character
number).
Subtract the number from 26 if the resulting number is greater than or equal to 26, if it isn’t
then leave it.

Plain-Text: O A K
Key: S O N
O ==> 14 = 0 1 1 1 0
S ==> 18 = 1 0 0 1 0
Bitwise XOR Result: 1 1 1 0 0 = 28
Since the resulting number is greater than 26, subtract 26 from it. Then convert the Cipher-
Text character number to the Cipher-Text character.
28 - 26 = 2 ==> C
CIPHER-TEXT: C
Similarly, do the same for the other corresponding characters,
PT: O A K
NO: 14 00 10

KEY: S O N
NO: 18 14 13
New Cipher-Text is after getting the corresponding character from the resulting number.
CT-NO: 02 14 07
CT: COH
Example 2:
Plain-Text: RAMSWARUPK
Key: RANCHOBABA
Now according to our encryption algorithm, we assign a number to each character of our plain
text and key.
PT: R A M S W A R U P K
NO: 17 0 12 18 22 0 17 20 15 10

KEY: R A N C H O B A B A
NO: 17 0 13 2 7 14 1 0 1 0
Now Bitwise XOR the number of Plain-Text and Key and after doing the XOR operation and
subtraction operation (if required), we will get the corresponding Cipher-Text character
number.
CT-NO: 0 0 1 16 17 14 16 20 14 10
Since there are no numbers that are greater than or equal to 26 we do not have to subtract 26
from any of them.
New Cipher-Text is after getting the corresponding character from the number.
CIPHER-TEXT: A A B Q R O Q U O K
One Time Pad algorithm is the improvement of the Vernam Cipher, proposed by An Army
Signal Corp officer, Joseph Mauborgne. It is the only available algorithm that is unbreakable
(completely secure). It is a method of encrypting alphabetic plain text. It is one of the
Substitution techniques which converts plain text into ciphertext. In this mechanism, we assign
a number to each character of the Plain-Text. The two requirements for the One-Time pad are
The key should be randomly generated as long as the size of the message.
The key is to be used to encrypt and decrypt a single message, and then it is discarded.
So encrypting every new message requires a new key of the same length as the new message
in one-time pad.
The ciphertext generated by the One-Time pad is random, so it does not have any statistical
relation with the plain text.

The assignment is as follows:

The relation between the key and plain text: In this algorithm, the length of the key should be
equal to that of plain text.

Examples:
Input: Message = HELLO, Key = MONEY Output: Cipher – TSYPM, Message – HELLO
Explanation: Part 1: Plain text to Ciphertext
Plain text — H E L L O → 7 4 11 11 14
Key — M O N E Y → 12 14 13 4 24
Plain text + key → 19 18 24 15 38 → 19 18 24 15 12 (= 38 – 26)
Cipher Text → T S Y P M
Part 2: Ciphertext to Message
Cipher Text — T S Y P M → 19 18 24 15 12
Key — M O N E Y→ 12 14 13 4 24
Cipher text – key → 7 4 11 11 -12 → 7 4 11 11 14
Message → H E L L O
Input: Message = SAVE, Key = LIFE
Output: Cipher – DIAI Message – SAVE

Advantages
• One-Time Pad is the only algorithm that is truly unbreakable and can be used for low-
bandwidth channels requiring very high security(ex. for military uses). Disadvantages
• There is the practical problem of making large quantities of random keys. Any heavily
used system might require millions of random characters on a regular basis.
• For every message to be sent, a key of equal length is needed by both sender and
receiver. Thus, a mammoth key distribution problem exists.
Cryptographic Hash is a Hash function that takes random size input and yields a fixed-size
output. It is easy to calculate but challenging to retrieve the original data. It is strong and
difficult to duplicate the same hash with unique inputs and is a one-way function so revert is
not possible. Hashing is also known by different names such as Digest, Message Digest,
Checksum, etc.
Properties Of Cryptography Hash Function
The ideal cryptographic hash function has the following main properties:
1. Deterministic: This means that the same message always results in the same hash.
2. Quick: It is quick to compute the hash value for any given message.
3. Avalanche Effect: This means that every minor change in the message results in a major
change in the hash value.
4. One-Way Function: You cannot reverse the cryptographic hash function to get to the
data.
5. Collision Resistance: It is infeasible to find two different messages that produce the
same hash value.
6. Pre-Image Resistance: The hash value shouldn’t be predictable from the given string
and vice versa.
7. Second Pre-Image Resistance: Given an input, it should be difficult to find another input
that has the same hash value.
Rail Fence Technique
The rail fence technique is a simple form of transposition cipher. It’s a type of cryptographic
algorithm that rearranges the positions of the letters in a message to create a new, seemingly
unrelated message. The technique gets its name from the way we write the message. Applying
the rail fence technique in a given text results in a zigzag pattern, with each letter in a row
written out before moving to the next row.
To encrypt a message using the rail fence technique, first, we need to write the message in the
first row of a table. Furthermore, we have to write the second letter of the message in the second
row. We need to continue this process until we’ve written all the letters in the message. Finally,
in order to generate the encrypted message, we read the table row-wise.
Now let’s talk about how we can decrypt a message. To decrypt an encrypted message, the first
step is to determine the number of rows in the table based on the length of the encrypted
message. Furthermore, we need to write the first letter of the encrypted message in the first
row, the second letter in the second row, and so on. We need to continue this process until we’ve
written all the letters in the message.
Overall, the rail fence technique is a relatively simple form of encryption. However, it doesn’t
provide strong security. Someone can easily break it with even a basic understanding of
cryptography. Although, it can still be helpful for simple communication where a high level of
security is not required.
Example
First, let’s look at an example of the encryption of a message using the rail fence technique.
Here, we want to encrypt a message with two rows: HELLO SAM. First, we would write the
message in rows:

Now, in order to generate encrypted text, we need to write the first row, followed by the second
row. Hence, our encrypted message is HLOAELSM.
Now let’s start the decryption process. First, we must determine the number of rows needed to
decrypt the message. We already know the number of rows is two here. The total length of the
encrypted message is 8. Hence, each row will contain four letters:
The first letter of the plaintext would be the first letter of the first row of the table. Similarly,
the second letter of the plaintext would be the first letter of the second row of the table. We
need to continue this process until we cover all the letters in the encrypted message:

Therefore, we get our plaintext after applying the decryption process: HELLO SAM.
Advantages and Disadvantages
Now we know the basic idea behind the rail fence technique. Let’s talk about the advantages
and disadvantages.
Some advantages of the rail fence technique include simplicity, ease of use, and flexibility.
The rail fence technique is relatively simple to understand and implement, making it a good
choice for basic communication where a higher level of security is not required. We can
manually perform the rail fence technique without requiring specialized equipment or software.
Finally, we can use the rail fence technique with any number of rows. It allows the user to
choose a level of complexity appropriate to their needs.
The main disadvantages of this technique are lack of security, limited effectiveness, and
vulnerability to attacks.
The rail fence technique is not a secure form of encryption, as someone can easily break it with
even a basic understanding of cryptography. Additionally, this technique is not highly effective
for longer messages.
Furthermore, the rail fence technique is vulnerable to certain types of attacks, such as known-
plaintext attacks. Therefore, an attacker can easily break the encryption by launching attacks.