INSTITUTE : UIE

DEPARTMENT : CSE
Bachelor of Engineering (Computer Science & Engineering)
WEB AND MOBILE SECURITY (Professional Elective-I)
(20CST/IT-333)

TOPIC OF PRESENTATION:
Basic security and cryptographic techniques. 

DISCOVER . LEARN . EMPOWER

 Lecture Objectives

In this lecture, we will discuss:

•Basic security and cryptographic
techniques.  

2
Substitution Ciphers
Caesar Cipher
• Caesar Cipher is a method in which each letter in the alphabet is rotated by three
letters as shown

ABCDEFGHIJKLMNOPQRSTUVWXYZ

DEFGHIJKLMNOPQRSTUVWXYZABC

• Let us try to encrypt the message

– Attack at Dawn
Assignment: Each student will exchange a secret message with his/her closest
neighbor about some other person in the class and the neighbor will decipher it.
Substitution Ciphers
Caesar Cipher
Encryption
Plain Text Cipher Text
Cipher:
Message: Caesar Cipher Message:
Attack at Dawn Algorithm Dwwdfn Dw Gdyq

Key (3)
Decryption
Cipher Text Plain Text
Cipher:
Message: Caesar Cipher Message:
Dwwdfn Dw Gdyq Algorithm Attack at Dawn

Key (3)

How many different keys are possible?

Substitution Cipher
Monoalphabetic Cipher
• Any letter can be substituted for any other letter
• Each letter has to have a unique substitute

ABCDEFGH I JKLMN OPQ RSTUVWXYZ

MN BVCXZASDF GHJ KLPO IUYTREWQ

• There are 26! pairing of letters (~1026)

• Brute Force approach would be too time consuming
• Statistical Analysis would make it feasible to crack the key
Message: Encrypted
Cipher: Message:
Bob, I love you. Monoalphabetic Nkn, s gktc wky.
Alice Cipher mgsbc

Key
 Substitution Cipher
Polyalphabetic Caesar Cipher
• Developed by Blaise de Vigenere
• Also called Vigenere cipher
• Uses a sequence of monoalpabetic ciphers in tandem
• e.g. C1, C2, C2, C1, C2

Plain Text ABCDEFGH I JKLMNOPQRSTUVWXYZ

C1(k=6) FGH I JKLMNOPQRSTUVWXYZABCDE

C2(k=20) TUVWXYZABCDEFGH I JKLMNOPQRS

• Example
Message: Encrypted
Cipher: Message:
Bob, I love you. Monoalphabetic Gnu, n etox dhz.
Alice Cipher tenvj

Key
 Substitution Cipher
Using a key to shift alphabet
• Obtain a key to for the algorithm and then shift the alphabets
• For instance if the key is word we will shift all the letters by four and remove the letters w, o, r, & d from the encryption
• We have to ensure that the mapping is one-to-one
• no single letter in plain text can map to two different letters in cipher text
• no single letter in cipher text can map to two different letters in plain text

Plain Text ABCDEFGH I JKLMNOPQRSTUVWXYZ

C1(k=6) WORDABCEFGH I JKLMNPQSTUVXYZ

Message:
Encrypted
Cipher: Message:
Bob, I love you.
??
Alice

WORD
Transposition Cipher
Columnar Transposition
• This involves rearrangement of characters on the plain text into columns
• The following example shows how letters are transformed
• If the letters are not exact multiples of the transposition size there may be a few short letters in the last
column which can be padded with an infrequent letter such as x or z

Plain Text Cipher Text

T H I S I T S S O H
S A M E S O A N I W
S A G E T H A A S O
O S H O W L R S T O
H O W A C I M G H W
O L U M N U T P I R
A R T R A S E E O A
N S P O S M R O O K
I T I O N I S T W C
W O R K S N A S N S
Ciphers
Shannon’s Characteristics of “Good” Ciphers
• The amount of secrecy needed should determine the amount of labor
appropriate for the encryption and decryption.
• The set of keys and the enciphering algorithm should be free from
complexity.
• The implementation of the process should be as simple as possible.
• Errors in ciphering should not propagate and cause corruption of
further information in the message.
• The size of the enciphered text should be no larger than the text of the
original message.
Encryption Systems
Properties of Trustworthy Systems
• It is based on sound mathematics.
• Good cryptographic algorithms are are derived from solid principles.
• It has been analyzed by competent experts and found to be sound.
• Since it is hard for the writer to envisage all possible attacks on the algorithm
• It has stood the “test of time.”
• Over time people continue to review both mathematical foundations of an
algorithm and the way it builds upon those foundations.
• The flaws in most algorithms are discovered soon after their release.
Cryptanalysis
Techniques
• Cryptanalysis is the process of breaking an encryption code
• Tedious and difficult process
• Several techniques can be used to deduce the algorithm
• Attempt to recognize patterns in encrypted messages, to be able to break subsequent ones by
applying a straightforward decryption algorithm
• Attempt to infer some meaning without even breaking the encryption, such as noticing an
unusual frequency of communication or determining something by whether the
communication was short or long
• Attempt to deduce the key, in order to break subsequent messages easily
• Attempt to find weaknesses in the implementation or environment of use of encryption
• Attempt to find general weaknesses in an encryption algorithm, without necessarily having
intercepted any messages
 References:
Books:
1. Hacking Exposed Mobile: Security Secrets & Solutions 1st Edition, Kindle
Edition, by Neil Bergman, Mike Stanfield, Jason Rouse, and Joel Scambray
2. Hacking Exposed Web Applications, 3rd edition, Joel Scambray, Vincent
Liu, Caleb Sima, Released October 2010, Publisher(s): McGraw-Hill

Video Lectures :
3. https://www.simplilearn.com/data-encryption-methods-article
4. https://www.techtarget.com/searchsecurity/definition/cryptography

Reference Links:
5. chrome-extension://efaidnbmnnnibpcajpcglclefindmkaj/https://
www.vssut.ac.in/lecture_notes/lecture1428550736.pdf
6. https://www.quickstart.com/blog/4-cryptographic-techniques-used-in-
cyber-security/
THANK YOU