APPLIED CRYPTOGRAPHY

UNIT-1
FOUNDATIONS
TERMINOLOGY:

• Cryptography: The science of encoding and decoding messages to keep them secure.

• Plaintext: The original, readable message or data.

• Ciphertext: The encrypted, unreadable form of data.

• Encryption: The process of converting plaintext into ciphertext.

• Decryption: The process of converting ciphertext back into plaintext.

• Key: A secret value used in encryption and decryption.

• Algorithm: A mathematical process used for encryption and decryption.

STEGANOGRAPHY:
Steganography is the technique of hiding secret information inside a medium like text,
images, audio, or video so that its presence is undetectable. It combines the Greek words
stegos (cover) and grayfia (writing), meaning "hidden writing."
Types of Steganography

• Text: Hides messages in text by subtle changes like spacing or patterns.

• Image: Embeds information by altering image pixels, often for watermarking.

• Audio: Conceals data in audio files without affecting sound quality.

• Video: Hides messages within video frames.

• Network: Embeds data in network traffic or protocols.

Advantages

• Secure data sharing.

• Hard to detect without tools.

• Works with various formats (text, images, audio, video).

• Provides extra protection by hiding and encrypting data.

Tools

• OpenStego

• Steghide
 • OutGuess
SUBSTITUTION CIPHER:
A substitution cipher is a method of encryption where each letter or symbol in the plaintext is
replaced with a corresponding letter or symbol in the ciphertext based on a specific rule. It is
one of the oldest and simplest forms of encryption.
Types of Substitution Ciphers
1. Caesar Cipher:
o Each letter in the plaintext is shifted by a fixed number of places in the
alphabet.
o Example:
▪ Plaintext: "HELLO"
▪ Shift: 3
▪ Ciphertext: "KHOOR"
2. Monoalphabetic Cipher:
o Each letter is substituted with another fixed letter based on a substitution
table.
o Example:
▪ Plaintext: "HELLO"
▪ Substitution: A → Q, B → W, H → Z...
▪ Ciphertext: "ZEBBW"
3. Polyalphabetic Cipher (e.g., Vigenère Cipher):
o Uses multiple substitution alphabets based on a keyword.
o Example:
▪ Plaintext: "HELLO"
▪ Keyword: "KEY"
▪ Ciphertext: "RIJVS"
4. Playfair Cipher:
o Uses a 5x5 grid of letters (key grid) to substitute pairs of letters.
o Example: Pairing "HE" might map to "XY".
5. Homophonic Cipher:
o Each plaintext letter is replaced by one of several possible ciphertext symbols.
 o Example: "A" → {Q, W, E}, "B" → {R, T, Y}.
Advantages
• Simple to implement and understand.
• Provides basic security for small messages.
TRANSPOSITION CIPHERS:
A transposition cipher is a method of encryption where the letters of the plaintext are
rearranged according to a specific rule, without altering the actual letters themselves. Unlike
substitution ciphers, transposition ciphers do not replace the letters but change their
positions.
Types of Transposition Ciphers
1. Rail Fence Cipher:
o Text is written in a zigzag pattern over multiple "rails" (rows) and then read row
by row.
o Example:
▪ Plaintext: "HELLO WORLD"
▪ Zigzag (2 rows):
H L O O L
E L W R D
▪ Ciphertext: "HLOOL ELWRD"
2. Columnar Transposition:
o Text is written into rows, and the columns are rearranged based on a key.
o Example:
▪ Plaintext: "HELLO WORLD"
▪ Arrange in rows based on column key (e.g., 3-1-4-2):
HELL
OWOR
LD__
▪ Rearrange columns as per the key and read column-wise:
"EORHLWLOLD".
3. Double Transposition Cipher:
 o A combination of two transpositions, typically using columnar transposition
twice with different keys.
4. Route Cipher:
o The plaintext is written in a grid and then read in a specific route (e.g., spiral,
zigzag).
Advantages
• Provides better security compared to substitution ciphers.
• Preserves the original frequency distribution, making frequency analysis more difficult.
SIMPLE XOR:
The XOR (Exclusive OR) operation is a basic cryptographic technique often used in encryption
and decryption. It operates on binary data and follows these rules:
• 0⊕0=0
• 1⊕0=1
• 0⊕1=1
• 1⊕1=0
The key property of XOR is reversibility:
• A⊕B=C
• C⊕B=A
This makes XOR useful for symmetric encryption.
How Simple XOR Works
1. Encryption:
o Each bit of the plaintext is XORed with a bit of the key to produce the
ciphertext: C=P⊕K Where:
▪ P: Plaintext
▪ K: Key
▪ C: Ciphertext
2. Decryption:
o The ciphertext is XORed with the same key to retrieve the plaintext: P=C⊕K
Example
Encryption:
• Plaintext (P): 1101
 • Key (K): 1010
• Ciphertext (C):
C=1101⊕1010=0111
Decryption:
• Ciphertext (C): 0111
• Key (K): 1010
• Plaintext (P): P=0111⊕1010=1101
P=0111⊕1010=1101
Advantages:
• Simple and fast.
• Reversible with the same operation.
ONE-TIME PAD:
A One-Time Pad is an encryption method that provides perfect secrecy when implemented
correctly. It uses a random, secret key that is as long as the plaintext message, and each bit or
character of the plaintext is encrypted using XOR with the corresponding bit or character of
the key.
How It Works
1. Encryption:
o Each character of the plaintext is XORed with a character from the key: C=P⊕K
Where:
▪ P: Plaintext
▪ K: Key (random and the same length as P)
▪ C: Ciphertext
2. Decryption:
o The same key is XORed with the ciphertext to retrieve the plaintext: P=C⊕K
Example
Encryption:
• Plaintext (P): HELLO (ASCII: 72, 69, 76, 76, 79)
• Key (K): Random (e.g., 15, 23, 34, 56, 89)
• Ciphertext (C):
C=P⊕K=(72⊕15,69⊕23,76⊕34,76⊕56,79⊕89)
Decryption:
• Ciphertext (C): Result from above.
• Key (K): Same as above.
• Plaintext (P):
P=C⊕K
Properties:

• Secrecy

• Unbreakable
Advantages
• Theoretical unbreakability.
• Immune to frequency analysis or brute force attacks.
COMPUTER ALGORITHMS
In cryptography, computer algorithms are the mathematical procedures or logical steps used
to encrypt, decrypt, or secure data. They are fundamental to modern cryptography and are
classified based on the type of cryptographic task they perform.
Types of Cryptographic Algorithms
1. Symmetric Key Algorithms:
o Use the same key for both encryption and decryption.
o Faster and suitable for large data but require secure key exchange.
o Examples:
▪ DES (Data Encryption Standard): A block cipher using 56-bit keys.
▪ AES (Advanced Encryption Standard): A secure and widely used block
cipher with key sizes of 128, 192, or 256 bits.
▪ RC4: A stream cipher for fast encryption.
2. Asymmetric Key Algorithms:
o Use a pair of keys: a public key (for encryption) and a private key (for
decryption).
o More secure for key exchange but slower.
o Examples:
▪ RSA: Relies on the difficulty of factoring large numbers.
 ▪ Elliptic Curve Cryptography (ECC): Uses elliptic curves for efficiency and
smaller key sizes.
3. Hash Functions:
o Convert input data into a fixed-size hash value, ensuring data integrity.
o Irreversible and deterministic.
o Examples:
▪ SHA-256 (Secure Hash Algorithm): Commonly used in blockchain.
▪ MD5 (Message Digest 5): An older algorithm, less secure.
4. Hybrid Cryptography:
o Combines symmetric and asymmetric algorithms.
o Example: Secure Sockets Layer (SSL) uses asymmetric encryption for key
exchange and symmetric encryption for bulk data.
Core Techniques in Cryptographic Algorithms

• Modular Arithmetic

• Key Generation

• Block Ciphers

• Stream Ciphers
Advantages
• Ensure data confidentiality (encryption), integrity (hashing), and authentication
(digital signatures).
• Scalable for secure communication across networks.
LARGE NUMBERS:
In cryptography, large numbers are essential for securing data. The strength of many
encryption methods relies on the difficulty of working with very large numbers. Here's how
they are used:
Key points:

• Key Generation: Large numbers create secure keys. The bigger the numbers, the
harder it is for attackers to guess the key.

• Public-Key Cryptography: In methods like RSA, security comes from the difficulty of
breaking down large numbers into primes.

• Prime Numbers: Cryptography often uses large primes (like in RSA) to make encryption
stronger and harder to crack.
 • Modular Arithmetic: Encryption and decryption use large numbers and math (like
division remainders) to secure data.

• Hard Problems: Some algorithms, like Diffie-Hellman, depend on tough problems (like
discrete logarithms) that are hard to solve with large numbers.
Why Large Numbers:

• Security

• Efficiency
Examples:

• RFA

• ECC

• Diffie-Hellman
CRYPTOGRAPHIC PROTOCOLS: PROTOCOL BUILDING BLOCKS
INTRODUCTION TO PROTOCOLS:
Cryptographic protocols define rules for applying cryptographic techniques to secure
communication, ensuring privacy, integrity, and authentication during data exchange.
Key Functions
• Confidentiality: Keeps data private.
• Integrity: Ensures data hasn’t been altered.
• Authentication: Verifies identities of communicating parties.
• Non-repudiation: Prevents denial of sent messages.
Examples

• SSL/TLS: Secures internet communication (e.g., HTTPS).

• IPsec: Secures IP communication, often in VPNs.

• PGP: Encrypts email messages for confidentiality.

• Diffie-Hellman: Enables secure key exchange over insecure channels.

• OAuth: Securely handles third-party authorization.

Importance
• Secure Communication: Protects data during transfer.
• Trust: Verifies identities and prevents unauthorized access.
• Prevention of Attacks: Guards against eavesdropping and tampering.
COMMUNICATIONS USING SYMMETRIC CRPTOGRAPHY:
Symmetric cryptography uses the same key for both encryption and decryption of messages,
allowing secure communication between sender and receiver.
How It Works

• Key Generation: Both parties share a secret key.

• Encryption: Sender encrypts the message using the key.

• Transmission: The encrypted message is sent.

• Decryption: Receiver decrypts the message using the same key.

Key Points
• Efficiency: Fast and effective for large data.
• Key Management: Sharing and protecting the secret key is crucial.
• Common Algorithms: AES, DES, 3DES.
Applications
• File Encryption: Secures data on devices.
• Secure Communication: Used in VPNs and messaging apps.
• Data Transfer: Protects internet data.
ONE-WAY FUNCTIONS:
A one-way function is easy to compute in one direction but hard to reverse without specific
information, such as a secret key. These functions are vital for cryptographic security.
Key Properties
• Pre-image Resistance: Hard to reverse the function.
• Second Pre-image Resistance: Hard to find a different input for the same output.
• Collision Resistance: Hard to find two inputs with the same output.
Applications
• Hash Functions: Used for digital signatures, password storage, and data integrity (e.g.,
SHA-256).
• Public-Key Cryptography: Used in protocols like RSA.
ONE-WAY HASH FUNCTIONS:
A one-way hash function transforms input data into a fixed-length string (hash). It's easy to
compute but hard to reverse to the original data.
Key Properties
• Deterministic: Same input = same output.
• Pre-image Resistance: Hard to reverse the hash.
• Collision Resistance: Hard to find two inputs with the same hash.
• Fixed-Length Output: Output is always the same size.
Applications
• Data Integrity: Verifies data hasn't changed.
• Password Hashing: Stores secure password hashes.
• Digital Signatures: Verifies authenticity.
• Blockchain: Secures data in blocks (e.g., SHA-256).
Examples
• SHA-256: Used in blockchain and security.
• MD5: Older, insecure due to vulnerabilities.
COMMUNICATIONS USING PUBLIC KEY CRYPTOGRAPHY:
Public-key cryptography uses a pair of keys: a public key (shared openly) and a private key
(kept secret). It enables secure communication without needing to share a secret key
beforehand.
How It Works
1. Key Pair: Each user has a public key (for encryption) and a private key (for decryption).
2. Encryption: The sender encrypts the message using the receiver’s public key.
3. Transmission: The encrypted message is sent over the network.
4. Decryption: The receiver decrypts the message using their private key.
Key Benefits
• Security: The private key never needs to be shared, reducing the risk of interception.
• Authentication: The sender’s identity can be verified using their public key.
Common Algorithms
• RSA: Uses large prime numbers for encryption and key exchange.
• ECC (Elliptic Curve Cryptography): Offers similar security to RSA with smaller key sizes,
making it more efficient.
Applications
 • Secure Email: Public-key encryption is used to encrypt emails.
• Digital Signatures: Verifies the authenticity and integrity of messages.
• SSL/TLS: Secures communications over the internet (e.g., HTTPS).
DIGITAL SIGNATURES:
A digital signature verifies the authenticity and integrity of digital messages, proving they
haven’t been altered and confirming the sender's identity.
How It Works
1. Signing: The sender encrypts a hash of the message with their private key.
2. Verification: The recipient decrypts the signature using the sender's public key and
compares the hash to the message.
Key Benefits
• Authentication: Confirms sender’s identity.
• Integrity: Ensures the message is unchanged.
• Non-repudiation: Prevents the sender from denying sending the message.
Common Algorithms
• RSA: Widely used for digital signatures.
• ECDSA: Efficient elliptic curve-based signature algorithm.
Applications
• Email: Verifies email authenticity.
• Software: Ensures software integrity.
• Blockchain: Verifies transactions.
DIGITAL SIGNATURES WITH ENCRYPTION:
Digital signatures with encryption provide authenticity and privacy, ensuring that messages
are both verified and protected from unauthorized access.
How It Works
1. Signing: Sender signs the message hash with their private key and encrypts the
message.
2. Transmission: The encrypted message is sent.
3. Decryption: Recipient decrypts the message with their private key.
4. Verification: The recipient verifies the signature using the sender's public key.
Key Benefits
 • Authentication: Verifies the sender's identity.
• Privacy: Keeps the message content confidential.
• Integrity: Ensures the message is unaltered.
• Non-repudiation: The sender can't deny sending the message.
Applications
• Secure Email
• Financial Transactions
• Document Signing
RANDOM AND PSEUDO RANDOM SEQUENCE GENERATION
Random and pseudo-random sequences are used for generating cryptographic keys,
initialization vectors, and other values.
Random Sequences
• Truly Random: Generated from unpredictable physical processes.
• Use: High security, but slow and hardware-dependent.
Pseudo-Random Sequences
• Pseudo-random: Generated by algorithms from a seed value, appears random but is
deterministic.
• Use: Fast, but can be predicted if the seed is known.
Applications
• Key Generation
• Initialization Vectors
• Nonce Generation