Unit -3:Cryptography Total Marks-14

Topics and Sub-topics

3.1 Introduction: Plain text, Cipher text, Cryptography, Cryptanalysis,

Cryptology, Encryption, Decryption.

3.2 Substitution Techniques: Caesar’s Cipher, Modified Caesar’s Cipher

Transposition Techniques: Simple Columnar Transposition.
3.1 Introduction:
3.1.1 Plain text:
• Plain text can refer to anything which humans can understand and/or relate to.
• This may be as simple as English sentences, a script, or Java code. If you can make
sense of what is written, then it is in plaintext.

3.1.2 Cipher text:

• Cipher text or encrypted text, is a series of randomized letters and numbers which
humans cannot make any sense of.
• An encryption algorithm takes a plaintext message, runs the algorithm on the
plaintext, and produces a cipher text. The cipher text can be reversed through the
process of decryption, to produce the original plaintext.
• Example: We will encrypt a sentence using Caesar Cipher. The key is 7, which means
the letter a becomes h.
• Plaintext: This is a plaintext.
• Ciphertext: Aopz pz h wshpualea.
3.1.3 Cryptography and Cryptology:
• Cryptography is the study of conversion of plain text(readable format) to cipher
text(non-readable format) i.e. encryption. It is also called the study of encryption.
• Cryptology, on the other hand, is the study of the conversion of plain text to
cipher text and vice versa. It is also called the study of encryption and
decryption.  
• Cryptology is the parent of Cryptography.
3.1.4 Difference between Cryptography and Cryptology:
Sr
No. Cryptography Cryptology

Cryptography is the process of Cryptology Is the process of

1. conversion of plain text to cipher conversion of plain text to cipher
text. text and vice versa.

It is also called the study of It is also called the study of

2.
encryption encryption and decryption.

It takes place on the sender and

3. It takes place on the sender side
receiver side

In Cryptology, both sender and

In Cryptography, sender sends
4. receiver send messages to each
the message to receiver.
other.

Cryptography can be seen as the Cryptology can be seen as the

5.
child of Cryptology parent of Cryptography
3.1.5 Cryptoanalysis:

• Cryptanalysis is the study of methods for obtaining the meaning of encrypted

information, without access to the secret information that is typically required to do
so.
• Typically, this involves knowing how the system works and finding a secret key.
• Cryptanalysis is also referred to as code breaking or cracking the code. The cipher
text is generally the easiest part of a cryptosystem to obtain and, therefore, is an
important part of cryptanalysis.
• Depending on what information is available and what type of cipher is being
analyzed, cryptanalysts can follow one or more attack models to crack a cipher.
• Substitution cipher
• Transposition cipher
• Polyalphabetic Substitution cipher
• Permutation Cipher
3.1.6 Encryption and Decryption:
• Encryption is the process of converting normal message (plaintext) into
meaningless message (Cipher text).
• Decryption is the process of converting meaningless message (Cipher text) into
its original form (Plain text).
3.1.7 Difference between Encryption and Decryption:
Sr.N Encryption Decryption
O

Encryption is the process of converting Decryption is the process of converting

1. normal message into meaningless meaningless message into its original
message. form.

Encryption is the process which take Decryption is the process which take
2.
place at sender’s end. place at receiver’s end.

Its major task is to convert the plain Its main task is to convert the cipher text
3.
text into cipher text. into plain text.

The encrypted message can be

Any message can be encrypted with
4. decrypted with either secret key or 
either secret key or public key.
private key.

In decryption process, receiver receives

In encryption process, sender sends
5. the information(Cipher text) and convert
the data to receiver after encrypted it.
into plain text.
3.2 Substitution Techniques in Cryptography:
• Substitution technique is a classical encryption technique where the characters
present in the original message are replaced by the other characters or numbers or
by symbols.
• If the plain text (original message) is considered as the string of bits, then the
substitution technique would replace bit pattern of plain text with the bit pattern of
cipher text.

• Substitution Technique:

• Caesar Cipher
• Monoalphabetic Cipher
• Playfair Cipher
• Hill Cipher
• Polyalphabetic Cipher
• One-Time Pad
3.2.1 Caesar Cipher:

• This the simplest substitution cipher by Julius Caesar. In this substitution

technique, to encrypt the plain text, each alphabet of the plain text is replaced by
the alphabet three places further it. And to decrypt the cipher text each alphabet
of cipher text is replaced by the alphabet three places before it.
• Let us take a simple example:
• Plain Text: meet me tomorrow
• Cipher Text: phhw ph wrpruurz
• Look at the example above, we have replaced, ‘m’ with ‘p’ which occur three
places after, ‘m’. Similarly, ‘e’ is replaced with ‘h’ which occurs in three places
after ‘e’.
• If we have to replace the letter ‘z’ then the next three alphabets counted after ‘z’
will be ‘a’ ‘b’ ‘c’. So, while counting further three alphabets if ‘z’ occurs it circularly
follows ‘a’.
3.2.1 Caesar Cipher: Continue…..

• On receiving the cipher text, the receiver who also knows the secret shift,
positions his sliding ruler underneath the cipher text alphabet and slides it to
RIGHT by the agreed shift number, 3 in this case.

• He then replaces the cipher text letter by the plaintext letter on the sliding ruler
underneath. Hence the cipher text “phhw ph wrpruurz” is decrypted to “meet me
tomorrow”.
• To decrypt
Ciphe A B C Da message
E F G Hencoded
I J Kwith
L aMShift
N ofO 3,P generate
Q R S the
T plain
U Vtext
W alphabet
X Y Z
r text
Plain
by using a shift of ‘-3’ as shown below:
X Y Z A B C D E F G H I J K L M N O P Q R S T U V W
text
3.2.1 Caesar Cipher: Continue…..

• The encryption can also be represented using modular arithmetic by first

transforming the letters into numbers, according to scheme, A=0, B=1, C=2,..,Z=25.
• Encryption of a letter x by a shift n can be described mathematically as,

En(x) = (x + n) mod 26

• Decryption is performed similarly,

Dn(x) = (x - n) mod 26

• Drawback of Caesar Cipher:

• If the hacker knows that the Caesar cipher is used then to perform brute force
cryptanalysis, he has only to try 26 possible keys to decrypt the plain text.
The hacker is also aware of the encryption and decryption algorithm.
3.2.2 Modified Caesar Cipher:

• In Modified Caesar Cipher the original plain text alphabets may not necessarily be
three places down the line, but instead can be any places down the line.

Example : Alphabet A in the plain text would not necessarily be replaced by D.

• It can be replaced by any valid alphabet i.e by E or F or by G and so on. Once the
replacement scheme is decided, it would be constant and will be used for all the
other alphabets in that message.
• So for each alphabet in string we have 25 possibilities of replacement.
• An attack on cipher text message, wherein the attacker attempts to use all
possible permutations and combinations is known as a Brute-force attack.
3.2.3 Transposition Techniques:

• The transposition technique is a cryptographic technique that converts the plain

text to cipher text by performing permutations on the plain text, i.e., changing
each character of plain text for each round.
• Mapping plain text into cipher text using transposition technique is
called transposition cipher.
• On the one hand, the substitution technique substitutes a plain text symbol with
a cipher text symbol. On the other hand, the transposition technique executes
permutation on the plain text to obtain the cipher text.
• Various Transposition techniques are:
1. The Rail Fence technique.
2. Simple columnar transposition technique.
3. Simple columnar transposition technique with multiple rounds.
4. Vernam cipher.
5. Book Cipher.
3.2.3.1 The Rail Fence technique:
• Rail-Fence is the simple Transposition technique that involves writing plain text as
a sequence of diagonals and then reading it row by row to produce the cipher
text.
• Algorithm:

Step 1: Write down all the characters of plain text message in a sequence of
diagnosis.
Step 2: Read the plain text written in step 1 as a sequence of rows.

Example: Suppose plain text corporate bridge, and we want to create the cipher text
of the given.
First, we arrange the plain text in a sequence of diagnosis, as shown below.
• Now read the plain text by row-wise, i.e. croaerdeoprtbig.
• So, here the plain text is a “corporate bridge” and cipher text is “croaerdeoprtbig”.
• The Rail-Fence technique is quite easy to break.

3.2.3.2 Simple columnar transposition techniques:

• The simple columnar transposition technique can be categorized into two parts –
Basic technique and multiple rounds.

1. Simples columnar transposition technique – basic technique:

• The simple columnar transposition technique simply arranges the plain text in a
sequence of rows of a rectangle and reads it in a columnar manner.
• Algorithm:
Step 1: Write all the characters of plain text message row by row in a rectangle of
predefined size.
Step 2: Read the message in a columnar manner, i.e. column by column.
Note: For reading the message, it needs not to be in the order of columns. It can
happen in any random sequence.
Step 3: The resultant message is cipher text.
1. Simples columnar transposition technique – basic technique:

Example: Let’s assume that Plain text is a corporate bridge, and we need to calculate
the cipher text using a simple columnar transposition technique.
• Let’s take 6 columns and arrange the plain text in a row-wise manner.

Column 1 Column 2 Column 3 Column 4 Column 5 Column 6

c o r p o r

a t e b r i

d g e

• Decide the column order for reading the message – let’s assume 1,3,5,2,4,6 is an
order.
• Now read the message in a columnar manner using the decided order. –
cadreeorotgpbri, this is a cipher text.
3.3 Steganography:

• Steganography is the art and science of writing hidden message in such a way

that no one, apart from the sender and intended recipient, suspects the existence

of the message.

• Steganography works by replacing bits of useless or unused data in regular

computer files (such as graphics, sound, text, html or even floppy disks) with bits

of different, invisible information.

• This hidden information can be plain text, cipher text or even images.

• In modern steganography, data is first encrypted by the usual means and then

inserted, using a special algorithm, into redundant data that is part of a particular

file format such as a JPEG image.

3.3.1 Steganography Process:

• Cover-media + Hidden data + Stego-key = Stego-medium

• Cover media is the file in which we will hide the hidden data, which may also be
encrypted using stego-key. Cover-media can be image or audio file.

• The resultant file is stego-medium.

• Stenography takes cryptography a step further by hiding an encrypted message

so that no one suspects it exists. Ideally, anyone scanning your data will fail to
know it contains encrypted data.

• Steganography has a number of drawbacks when compared to encryption. It

requires a lot of overhead to hide a relatively few bits of information. I.e. One
can hide text, data, image, sound, and video, behind image.
3.3.2 Different Types of Steganography

1. Text Steganography − There is steganography in text files, which entails secretly

storing information. In this method, the hidden data is encoded into the letter of
each word. 

2. Image Steganography − The second type of steganography is image

steganography, which entails concealing data by using an image of a different object
as a cover.
• Pixel intensities are the key to data concealment in image steganography.
• Since the computer description of an image contains multiple bits, images are
frequently used as a cover source in digital steganography.
• The various terms used to describe image steganography include:

a. Cover-Image - Unique picture that can conceal data.

b. Message - Real data that you can mask within pictures. The message may be in
the form of standard text or an image.
3.3.2 Different Types of Steganography Continue……..

c. Stego-Image − A stego image is an image with a hidden message.

d. Stego-Key - Messages can be embedded in cover images and stego-images with

the help of a key, or the messages can be derived from the photos themselves.

3. Audio Steganography − It is the science of hiding data in sound. Used digitally, it

protects against unauthorized reproduction. Watermarking is a technique that
encrypts one piece of data (the message) within another (the "carrier"). Its typical
uses involve media playback, primarily audio clips.

4. Video Steganography − Video steganography is a method of secretly embedding

data or other files within a video file on a computer. Video (a collection of still
images) can function as the "carrier" in this scheme. Discrete cosine transform (DCT)
is commonly used to insert values that can be used to hide the data in each image in
the video, which is undetectable to the naked eye. Video steganography typically
employs the following file formats: H.264, MP4, MPEG, and AVI.
3.3.2 Different Types of Steganography Continue……..

5. Network or Protocol Steganography − It involves concealing data by using a

network protocol like TCP, UDP, ICMP, IP, etc., as a cover object.
• Steganography can be used in the case of secret channels, which occur in the OSI
layer network model.
3.3.3 Comparison between Steganography and Cryptography:
Factors Steganography Cryptography

It's a method to conceal the fact It's a method for

that communication is taking making information
Explanation place unintelligible

Maintain communication Enable data

Aim security protection

Optional, but increases security Necessary

Key when utilized prerequisite

Data Visibility No Yes

You can recover the

original message
Once hidden information is from the ciphertext if
decoded, the data can be used you can access the
Failure by anyone decryption key

Does not modify the data's Modifies the overall

Data Structure general structure data structure
3.4 Symmetric and Asymmetric Cryptography:
• Cryptography is the study of conversion of plain text(readable format) to cipher
text(non-readable format) i.e. encryption. It is also called the study of encryption.
• It ensures that only the person for whom the message is intended can read the
message.
•  The message exchange using cryptography involves the following steps-

• Step-01:

•  At sender side,

• Using an encryption algorithm, the message is converted into an unreadable form.

• The message in unreadable form is called as cipher text.

3.4 Symmetric and Asymmetric Cryptography:
Step-02:
• The cipher text is sent to the receiver over the communication channel.
• Since the message is encrypted, the attackers can not read the message.
 Step-03: 
• At receiver side,
• Using a decryption algorithm, the message is again converted into the readable
form.
• Then, receiver can read the message.

• Cryptography Techniques- 
• Cryptography techniques may be classified as-
3.4.1 Symmetric Cryptography:
• In this technique, Both sender and receiver uses a common key to encrypt and
decrypt the message.
• This secret key is known only to the sender and to the receiver.
• It is also called as secret key cryptography.
3.4.1 Symmetric Cryptography: Continue………
• Working-
•  The message exchange using symmetric key cryptography involves the following
steps-
• Before starting the communication, sender and receiver shares the secret key.
• This secret key is shared through some external means.
• At sender side, sender encrypts the message using his copy of the key.
• The cipher text is then sent to the receiver over the communication channel.
• At receiver side, receiver decrypts the cipher text using his copy of the key.
• After decryption, the message converts back into readable format.

• Some of the encryption algorithms that use symmetric key are-

1. Advanced Encryption Standard (AES)

2. Data Encryption Standard (DES)

3.4.1 Symmetric Cryptography: Continue………
• Advantages-
1. They are efficient.

2. They take less time to encrypt and decrypt the message.

• Disadvantages-
1. The number of keys required is very large.

2. Sharing the secret key between the sender and receiver is an important issue.
• While sharing the key, attackers might intrude.

• Types of Encryption Algorithms:

• Block Cipher and Stream Cipher belongs to the symmetric key cipher. These two
block ciphers and stream cipher are the methods used for converting the plain
text into cipher text. 
3.4.1 Symmetric Cryptography: Continue………
• Block cipher - A block cipher converts the plain text into cipher text by taking
plain text’s block at a time.
• Stream cipher -Stream cipher Converts the plain text into cipher text by taking 1
byte of plain text at a time. 
S.NO Block Cipher Stream Cipher
Block Cipher Converts the plain text into Stream Cipher Converts the plain text into
1. cipher text by taking plain text’s block at a cipher text by taking 1 byte of plain text at a
time. time.
Block cipher uses either 64 bits or more
2. While stream cipher uses 8 bits.
than 64 bits.
3. The complexity of block cipher is simple. While stream cipher is more complex.

4. Block cipher Uses confusion as well as While stream cipher uses only confusion.
diffusion.
In block cipher, reverse encrypted text is While in-stream cipher, reverse encrypted
5. hard. text is easy.

The algorithm modes which are used in The algorithm modes which are used in
6. block cipher are ECB (Electronic Code Book) stream cipher are CFB (Cipher Feedback) and
and CBC (Cipher Block Chaining). OFB (Output Feedback).

Block cipher works on transposition While stream cipher works on substitution

7. techniques like rail-fence technique, techniques like  Caesar cipher, polygram
columnar transposition technique, etc. substitution cipher, etc.

Block cipher is slow as compared to a While stream cipher is fast in comparison to

8.
stream cipher. block cipher.
3.4.2 DES Algorithm (Data Encryption Standard)
• DES is a block cipher and encrypts data in blocks of size of 64 bits each, which
means 64 bits of plain text go as the input to DES, which produces 64 bits of
cipher text. The same algorithm and key are used for encryption and decryption,
with minor differences. The key length is 56 bits. 
• The basic idea is shown in the figure:Draw

• We have mentioned that DES uses a 56-bit key. Actually, The initial key consists of
64 bits.
• However, before the DES process even starts, every 8th bit of the key is discarded
to produce a 56-bit key. That is bit positions 8, 16, 24, 32, 40, 48, 56, and 64 are
discarded. 
3.4.2 DES Algorithm (Data Encryption Standard)
• DES is a block cipher and encrypts data in blocks of size of 64 bits each, which
means 64 bits of plain text go as the input to DES, which produces 64 bits of
cipher text. The same algorithm and key are used for encryption and decryption,
with minor differences. The key length is 56 bits. 
• The basic idea is shown in the figure:Draw

• We have mentioned that DES uses a 56-bit key. Actually, The initial key consists of
64 bits.
• However, before the DES process even starts, every 8th bit of the key is discarded
to produce a 56-bit key. That is bit positions 8, 16, 24, 32, 40, 48, 56, and 64 are
discarded. 
3.4.2 DES Algorithm (Data Encryption Standard)
• Thus, the discarding of every 8th bit of the key produces a 56-bit key from the original 64-bit
key.
DES is based on the two fundamental attributes of cryptography: substitution (also called
confusion) and transposition (also called diffusion).
• DES consists of 16 steps, each of which is called a round. Each round performs the steps of
substitution and transposition. Let us now discuss the broad-level steps in DES. 
• In the first step, the 64-bit plain text block is handed over to an initial Permutation (IP) function.
• The initial permutation is performed on plain text.
• Next, the initial permutation (IP) produces two halves of the permuted block; saying Left Plain
Text (LPT) and Right Plain Text (RPT).
• Now each LPT and RPT go through 16 rounds of the encryption process.
• In the end, LPT and RPT are rejoined and a Final Permutation (FP) is performed on the combined
block
• The result of this process produces 64-bit ciphertext.
3.4.2 DES Algorithm (Data Encryption Standard)
3.4.2 DES Algorithm (Data Encryption Standard)
• Initial Permutation (IP): 
• It happens only once. It replaces the first bit of the original plain text block with
the 58th bit of the original plain text block, the
• second bit with the 50th bit of original plain text block and so on. The
• resulting 64-bits permuted text block is divided into two half blocks. Each half
• block consists of 32 bits. The left block called as LPT and right block called as
RPT.16 rounds are performed on these two blocks. Details of one round in DES
3.4.2 DES Algorithm (Data Encryption Standard)
3.4.3 Asymmetric Cryptography:
• Asymmetric Cryptography is also known as public-key cryptography.
• It uses public and private keys to encrypt and decrypt data. One key in the pair which can be
shared with everyone is called the public key. The other key in the pair which is kept secret
and is only known by the owner is called the private key.
• Either of the keys can be used to encrypt a message; the opposite key from the one used to
encrypt the message is used for decryptio n.

3.4.3.1 Digital Signature:

Q.Describe Digital Signature mechanism with neat diagram.
• A digital signature or digital signature scheme is a mathematical scheme for
demonstrating the authenticity of a digital message or document.
• A valid digital signature gives a recipient reason to believe that the message was
created by a known sender, and that it was not altered in transit.
• Digital signatures are commonly used for software distribution, financial
transactions, and in other cases where it is important to detect forgery or
tampering.
3.4.3.1 Digital Signature Continue.......
3.4.3.1 Digital Signature Continue.......
• A digital signature scheme typically consists of three algorithms

1. A key generation algorithm that selects a private key uniformly at random from a
set of possible private keys. The algorithm outputs the private key and a corresponding
public key.

2. A signing algorithm that, given a message and a private key, produces a signature.
3. A signature verifying algorithm that, given a message, public key and a
signature, either accepts or rejects the message's claim to authenticity.
• A digital signature performs the same function as its physical counterpart, the sender
“marks” the message so that the recipients can verify that the message really came
from the sender.
• The steps followed in creating digital signature are :
1. The process of digitally signing a message starts with the creation of a unique
identify for the message. The unique identifier can be created using a mathematical
technique called Hashing.
3.4.3.1 Digital Signature Continue.......
2. A hash function uses a mathematical algorithm to convert the message into a
short fixed-length of bits, often referred to as a “hash value” or “message digest”
that uniquely represents the message used to create it.
3. The hash value is specific to the contents of the message. Thus any change to the
message contents will change the hash value that would be generated by the hash
function.
4. Next, the hash value is encrypted using the sender’s private key. Finally, the
message is sent along with the encrypted hash value.
5. On receiving the message and the encrypted hash value, the recipient can only
decrypt the hash value using the sender’s public key.
6. This confirms that the message came from the sender and no one else, as long as
the sender’s private key remains secure. The message can be rehashed and
compared with the decrypted hash value-if the values do not match, then the
message has been altered since it was not same.
3.4.3.2 Digital Certificate:
• Digital certificate is issued by a trusted third party which proves sender’s identity to the
receiver and receiver’s identity to the sender.
• A digital certificate is a certificate issued by a Certificate Authority (CA) to verify the
identity of the certificate holder.
• The CA issues an encrypted digital certificate containing the applicant’s public key and a
variety of other identification information.
• Digital certificate is used to attach public key with a particular individual or an entity.
• Digital certificate contains:- The authenticity
- Name of certificate holder.
- Serial number which is used to uniquely identify a certificate, the individual or the entity
identified by the certificate.
- Expiration dates.
- Copy of certificate holder’s public key.(used for decrypting messages and digital signatures)
- Digital Signature of the certificate issuing authority.
• Digital certificate is also sent with the digital signature and the message.