CRYPTOGRAPHY

UNIT-1

 Cryptography :

• Cryptography is technique of securing information and communications through use of

codes so that only those person for whom the information is intended can understand it
and process it.

• The prefix “crypt” means “hidden” and suffix graphy means “writing”.

• Cryptography is the study of secure communications techniques that allow only the
sender and intended recipient of a message to view its contents.

Example :
 Hieroglyph :

• A hieroglyph was a character of the ancient Egyptian writing system.

• Hieroglyph is the First technique of Cryptography.

• Hieroglyph is a character that is commonly used in pictorial writing.

Example :

 Mono-alphabetic substitution cipher :

• A mono-alphabetic cipher is a substitution cipher where each letter of the plain text
is replaced with another letter of the alphabet.

• The relationship between a character in the plain text and the characters in the cipher
text is one-to-one.

• It is a simple substitution cipher.

• Example: if ‘A’ is encrypted as ‘D’ , for any number of occurrence in that plaintext,
‘A’ will always get encrypted to ‘D’.
 Caesar shift cipher :

• The Caesar Cipher technique is one of the earliest and simplest methods of encryption
technique.

• It is a mono-alphabetic cipher wherein each letter of the plaintext is substituted by

another letter to form the ciphertext. It is a simplest form of substitution cipher scheme.

• This cryptosystem is generally referred to as the Shift Cipher. The concept is to replace
each alphabet by another alphabet which is ‘shifted’ by some fixed number between 0
and 25.

• For this type of scheme, both sender and receiver agree on a ‘secret shift number’ for
shifting the alphabet. This number which is between 0 and 25 becomes the key of
encryption.

• The name ‘Caesar Cipher’ is occasionally used to describe the Shift Cipher when the
‘shift of three’ is used.

Process of Shift Cipher

 In order to encrypt a plaintext letter, the sender positions the sliding ruler underneath
the first set of plaintext letters and slides it to LEFT by the number of positions of the
secret shift.
 The plaintext letter is then encrypted to the ciphertext letter on the sliding ruler
underneath. The result of this process is depicted in the following illustration for an
 agreed shift of three positions. In this case, the plaintext ‘tutorial’ is encrypted to the
ciphertext ‘WXWRULDO’. Here is the ciphertext alphabet for a Shift of 3

 On receiving the ciphertext, the receiver who also knows the secret shift, positions his
sliding ruler underneath the ciphertext alphabet and slides it to RIGHT by the agreed
shift number, 3 in this case.
 He then replaces the ciphertext letter by the plaintext letter on the sliding ruler
underneath. Hence the ciphertext ‘WXWRULDO’ is decrypted to ‘tutorial’. To decrypt
a message encoded with a Shift of 3, generate the plaintext alphabet using a shift of ‘-
3’

 Steganography :

 Steganography is the practice of representing information within another message or

physical object.
 A steganography technique involves hiding sensitive information within an ordinary,
non-secret file or message, so that it will not be detected.
 The sensitive information will then be extracted from the ordinary file or message at its
destination, thus avoiding detection.

Eg :
Steganography Techniques :

There are Five types of Steganography techniques they are :

 Text Steganography
 Image Steganography
 Video Steganography
 Audio Steganography
 Network Steganography

 Text Steganography :

 Text Steganography is hiding information inside the text files.

 It involves things like changing the format of existing text, changing words within a text.
 Generating random character sequences or using context-free grammars to generate
readable texts.

 Image Steganography :

 Hiding the data by taking the cover object as the image is known as image steganography.
 In digital steganography, images are widely used cover source because there are a huge
number of bits present in the digital representation of an image.
 There are a lot of ways to hide information inside an image.

 Audio Steganography :

 In audio steganography, the secret message is embedded into an audio signal

 Which alters the binary sequence of the corresponding audio file.
 Hiding secret messages in digital sound is a much more difficult process when compared
to others, such as Image Steganography.
 This method hides the data in WAV, AU, and even MP3 sound files.
 Video Steganography :

 In Video Steganography you can hide kind of data into digital video format.
 The advantage of this type is a large amount of data can be hidden inside and the fact that
it is a moving stream of images and sounds.
 This is a combination of Image Steganography and Audio Steganography.

 Network Steganography (Protocol Steganography) :

 It is the technique of embedding information within network control protocols used in data
transmission such TCP, UDP, ICMP etc.
 We can use steganography in some covert channels that you can find in the OSI model.
 For Example, you can hide information in the header of a TCP/IP packet in some fields that
are either optional.

 Evolution :

 Communication is a process that people have used, developed, and improved since ancient
times.
 In the majority of cases, it is necessary to make sure that information remains protected.
 The examples of ancient leaders, kings and queens in the Middle Ages, and modern
generals show that privacy and confidentiality cannot be ignored to enhance efficient
relationships (Singh, 2000).
 When the use of the Internet as the main source of information is out of competition, society
aims to develop critical services and protect individual thoughts, words, and lives.
 Online security is a concept that is usually associated with such words as “coding” or
“cryptography” and the necessity to create a special system where safe data access is
possible.
 The evolution of cryptography, one should identify three critical areas: ancient, technical,
and paradoxical.
 The ancient period is the longest one, starting from the events of 3500 B.C. and ending in
the 20th century when military cryptography was developed (Udugahapattuwa etal., 2019).
 Each time, a new code is introduced with a thought that someone could break it once. The
paradoxical period is known now as the era of public-key (asymmetric) cryptography to
encrypt and decrypt messages.
 Today, cryptography is a result of the most sophisticated mathematical algorithms checked
by human experience and time.
 People have already discovered many methods to encrypt and decrypt information and
continue improving their skills globally.
 Talking about modern applications and practices, one should mention the Cloud as one of
the most captivating and dangerous things in technology.
 It is not a product or a service that belonged to one person or organization.
 It is a collective idea that remains uncontrolled today, and cryptography is the science that
is used to understand and control such concepts as the Cloud.
 Compared to the war-driven era of the 1930s and a digitally challenged period of the 1970s,
today’s cryptography is a combination of all the best and worst technological discoveries
to gain power, enhance privacy, and promote security in the Information Age.

1.2 Modern Cryptography

 Characteristics of Modern Cryptography :

There are three major characteristics that separate modern cryptography from the classical
approach.

Classic Cryptography Modren Cryptography

It manipulates traditional characters, i.e., It operates on binary bit sequences.
letters and digits directly.
It is mainly based on ‘security through It relies on publicly known mathematical
obscurity’. The techniques employed for algorithms for coding the information.
coding were kept secret and only the parties Secrecy is obtained through a secrete key
involved in communication knew about which is used as the seed for the algorithms.
them. The computational difficulty of algorithms,
absence of secret key, etc., make it
impossible for an attacker to obtain the
 original information even if he knows the
algorithm used for coding.
It requires the entire cryptosystem for Modern cryptography requires parties
communicating confidentially. interested in secure communication to
possess the secret key only.

 Characteristics Of Modern Cryptography :

 It operates on binary bit sequences.

 It relies on publicly known mathematical algorithms for coding the information.
 Security is obtained through a secrete key which is used as the seed for the algorithms.
 The computational difficulty of algorithms, absence of secret key, etc.,
 Make it impossible for an attacker to obtain the original information even if he knows the
algorithm used for coding.
 Modern cryptography requires parties interested in secure communication to possess the
secret key only.

 Context of cryptography :

Context of cryptography can be subdivided into two branches they are:

 Cryptography
 Cryptanalysis
 Cryptography :

 Cryptography is the art and science of making a cryptosystem that is capable of providing
information security.
 Cryptography deals with the actual securing of digital data.
 It refers to the design of mechanisms based on mathematical algorithms that provide
fundamental information security services.
 we can think of cryptography as the establishment of a large toolkit containing different
techniques in security applications.

 Cryptanalysis :

 The art and science of breaking the cipher text is known as cryptanalysis.
 Cryptanalysis is the sister branch of cryptography and they both co-exist.
 The cryptographic process results in the cipher text for transmission or storage.
 It involves the study of cryptographic mechanism with the intention to break them.
 Cryptanalysis is also used during the design of the new cryptographic techniques to test
their security strengths.
 CRYPTOGRAPHY

UNIT-2

 Security Services of Cryptography:

There are four types of security services in cryptography they are :

 Confidentiality
 Data Integrity
 Authentication
 Non-repudiation

Confidentiality :

 Confidentiality is the fundamental security service provided by cryptography.

 It is a security service that keeps the information from an unauthorized person.
 It is sometimes referred to as privacy or secrecy.
 Confidentiality can be achieved through numerous means starting from physical securing
to the use of mathematical algorithms for data encryption.

Data Integrity :

 It is security service that deals with identifying any alteration to the data.
 The data may get modified by an unauthorized entity intentionally or accidently.
 Integrity service confirms that whether data is intact or not since it was last created,
transmitted, or stored by an authorized user.
 Data integrity cannot prevent the alteration of data, but provides a means for detecting
whether data has been manipulated in an unauthorized manner.

Authentication :

 Authentication provides the identification of the originator.

 It confirms to the receiver that the data received has been sent only by an identified and
verified sender.
 Authentication service has two variants –
 Message authentication identifies the originator of the message without any regard router
or system that has sent the message.
 Entity authentication is assurance that data has been received from a specific entity, say
a particular website.

Non-repudiation :

 It is a security service that ensures that an entity cannot refuse the ownership of a previous
commitment or an action.
 It is an assurance that the original creator of the data cannot deny the creation or
transmission of the said data to a recipient or third party.
 Non-repudiation is a property that is most desirable in situations where there are chances
of a dispute over the exchange of data.
 For example, once an order is placed electronically, a purchaser cannot deny the purchase
order, if non-repudiation service was enabled in this transaction.

 Cryptography Primitives :

Cryptography primitives are nothing but the tools and techniques in Cryptography that can be
selectively used to provide a set of desired security services

 Encryption
 Hash functions
 Message Authentication codes (MAC)
 Digital Signatures
 Encryption :

Encryption is a security method in which information is encoded in such a way that only
authorized user can read it. It uses encryption algorithm to generate ciphertext that can only be
read if decrypted.

 Here the plain text is transferred to encryption algorithm.

 Encryption algorithm converts plain text to cipher text.
 The process of transforming information from readable to unreadable format is called
encryption.

 Hash functions:

 Hash functions are extremely useful and appear in almost all information security
applications.
 A hash function is a mathematical function that converts a numerical input value into
another compressed numerical value.
 The input to the hash function is of arbitrary length but output is always of fixed length.
 Values returned by a hash function are called message digest or simply hash values.
Features of Hash Functions :

o Fixed Length Output (Hash Value) :

 Hash function coverts data of arbitrary length to a fixed length. This process is often
referred to as hashing the data.
 In general, the hash is much smaller than the input data, hence hash functions are sometimes
called compression functions.
 Since a hash is a smaller representation of a larger data, it is also referred to as a digest.
 Hash function with n bit output is referred to as an n-bit hash function. Popular hash
functions generate values between 160 and 512 bits.
o Efficiency of Operation
 Generally for any hash function h with input x, computation of h(x) is a fast operation.
 Computationally hash functions are much faster than a symmetric encryption.
Working of Hash function :

Applications of Hash Functions :

o Password Storage :
 Hash functions provide protection to password storage.
 Instead of storing password in clear, mostly all logon processes store the hash values of
passwords in the file.

o Data Integrity Check :

 Data integrity check is a most common application of the hash functions. It is used to
generate the checksums on data files.
 This application provides assurance to the user about correctness of the data.

 Message Authentication Code (MAC) :

 MAC algorithm is a symmetric key cryptographic technique to provide message

authentication.
 For establishing MAC process, the sender and receiver share a symmetric key K.
 The sender uses some publicly known MAC algorithm, inputs the message and the secret
key K and produces a MAC value.
 Similar to hash, MAC function also compresses an arbitrary long input into a fixed length
output. The major difference between hash and MAC is that MAC uses secret key during
the compression.
 The sender forwards the message along with the MAC. Here, we assume that the message
is sent in the clear, as we are concerned of providing message origin authentication, not
confidentiality. If confidentiality is required then the message needs encryption.
 On receipt of the message and the MAC, the receiver feeds the received message and the
shared secret key K into the MAC algorithm and re-computes the MAC value.
 The receiver now checks equality of freshly computed MAC with the MAC received from
the sender. If they match, then the receiver accepts the message and assures himself that
the message has been sent by the intended sender.
 If the computed MAC does not match the MAC sent by the sender, the receiver cannot
determine whether it is the message that has been altered or it is the origin that has been
falsified. As a bottom-line, a receiver safely assumes that the message is not the genuine.
Limitations of MAC :

o Establishment of Shared Secret.

 It can provide message authentication among pre-decided legitimate users who have shared
key.
 This requires establishment of shared secret prior to use of MAC.
o Inability to Provide Non-Repudiation
 Non-repudiation is the assurance that a message originator cannot deny any previously sent
messages and commitments or actions.
 MAC technique does not provide a non-repudiation service. If the sender and receiver get
involved in a dispute over message origination, MACs cannot provide a proof that a
message was indeed sent by the sender.
 Though no third party can compute the MAC, still sender could deny having sent the
message and claim that the receiver forged it, as it is impossible to determine which of the
two parties computed the MAC.

 Digital signatures:

 Digital signatures are the public-key primitives of message authentication.

 In the physical world, it is common to use handwritten signatures on handwritten or typed
messages.
 They are used to bind signatory to the message.
 A digital signature is a technique that binds a person/entity to the digital data.
 This binding can be independently verified by receiver as well as any third party.
 Digital signature is a cryptographic value that is calculated from the data and a secret key
known only by the signer.
  Each person adopting this scheme has a public-private key pair.
 Generally, the key pairs used for encryption/decryption and signing/verifying are different.
The private key used for signing is referred to as the signature key and the public key as
the verification key.
 Signer feeds data to the hash function and generates hash of data.
 Hash value and signature key are then fed to the signature algorithm which produces the
digital signature on given hash. Signature is appended to the data and then both are sent to
the verifier.
 Verifier feeds the digital signature and the verification key into the verification algorithm.
The verification algorithm gives some value as output.
 Verifier also runs same hash function on received data to generate hash value.
 For verification, this hash value and output of verification algorithm are compared. Based
on the comparison result, verifier decides whether the digital signature is valid.
 Since digital signature is created by ‘private’ key of signer and no one else can have this
key; the signer cannot repudiate signing the data in future.

h person
Importance of Digital Signature :

 Message authentication − When the verifier validates the digital signature using public
key of a sender, he is assured that signature has been created only by sender who possess
the corresponding secret private key and no one else.
 Data Integrity − In case an attacker has access to the data and modifies it, the digital
signature verification at receiver end fails. The hash of modified data and the output
provided by the verification algorithm will not match. Hence, receiver can safely deny the
message assuming that data integrity has been breached.
 Non-repudiation − Since it is assumed that only the signer has the knowledge of the
signature key, he can only create unique signature on a given data. Thus the receiver can
present data and the digital signature to a third party as evidence if any dispute arises in the
future.
 CRYPTOGRAPHY

UNIT-3

 Cryptosystems :

 A cryptosystem is an implementation of cryptographic techniques and their accompanying

infrastructure to provide information security services.
 A cryptosystem is also referred to as a cipher system.

 Components of Cryptosystem :

 Plaintext: It is the data to be protected during transmission.

 Encryption Algorithm: It is a mathematical process that produces a ciphertext for any
given plaintext and encryption key.
 It is a cryptographic algorithm that takes plaintext and an encryption key as input and
produces a ciphertext.
 Ciphertext: It is the scrambled version of the plaintext produced by the encryption
algorithm using a specific the encryption key.
 The ciphertext is not guarded. It flows on public channel. It can be intercepted or
compromised by anyone who has access to the communication channel.
 Decryption Algorithm: It is a mathematical process, that produces a unique plaintext for
any given ciphertext and decryption key.
 It is a cryptographic algorithm that takes a ciphertext and a decryption key as input, and
outputs a plaintext. The decryption algorithm essentially reverses the encryption algorithm
and is thus closely related to it.
 Encryption Key: It is a value that is known to the sender. The sender inputs the encryption
key into the encryption algorithm along with the plaintext in order to compute the
ciphertext.
 Decryption Key: It is a value that is known to the receiver. The decryption key is related
to the encryption key, but is not always identical to it. The receiver inputs the decryption
key into the decryption algorithm along with the ciphertext in order to compute the
plaintext.

 Types of Cryptosystems :

There are two types of cryptosystems based on the manner in which encryption-decryption is
carried out in the system −

o Symmetric Key Encryption

o Asymmetric Key Encryption
 The main difference between these cryptosystems is the relationship between the
encryption and the decryption key.
 Logically, in any cryptosystem, both the keys are closely associated.
 It is practically impossible to decrypt the ciphertext with the key that is unrelated to the
encryption key.

 Symmetric Key Encryption :

 The encryption process where same keys are used for encrypting and decrypting the
information is known as Symmetric Key Encryption.
 The study of symmetric cryptosystems is referred to as symmetric cryptography.
 Symmetric cryptosystems are also sometimes referred to as secret key cryptosystems.
The salient features of cryptosystem based on symmetric key encryption are :-

 Persons using symmetric key encryption must share a common key prior to exchange of
information.
 Keys are recommended to be changed regularly to prevent any attack on the system.
 A robust mechanism needs to exist to exchange the key between the communicating parties.
As keys are required to be changed regularly, this mechanism becomes expensive and
cumbersome.
 In a group of n people, to enable two-party communication between any two persons, the
number of keys required for group is n × (n – 1)/2.
 Length of Key (number of bits) in this encryption is smaller and hence, process of
encryption-decryption is faster than asymmetric key encryption.
 Processing power of computer system required to run symmetric algorithm is less.

 Challenge of Symmetric Key Cryptosystem :

 There are two restrictive challenges of employing symmetric key cryptography.

 Key establishment − Before any communication, both the sender and the receiver need to
agree on a secret symmetric key. It requires a secure key establishment mechanism in place.
 Trust Issue − Since the sender and the receiver use the same symmetric key, there is an
implicit requirement that the sender and the receiver ‘trust’ each other. For example, it may
happen that the receiver has lost the key to an attacker and the sender is not informed.
 Asymmetric Key Encryption :

 The encryption process where different keys are used for encrypting and decrypting the
information is known as Asymmetric Key Encryption.
 Though the keys are different, they are mathematically related and hence, retrieving the
plaintext by decrypting ciphertext is feasible.

The salient features of this encryption scheme are as follows :-

 Every user in this system needs to have a pair of dissimilar keys, private key and public
key.
 These keys are mathematically related − when one key is used for encryption, the other can
decrypt the ciphertext back to the original plaintext.
 It requires to put the public key in public repository and the private key as a well-guarded
secret. Hence, this scheme of encryption is also called Public Key Encryption.
 Though public and private keys of the user are related, it is computationally not feasible to
find one from another. This is a strength of this scheme.
 When Host1 needs to send data to Host2, he obtains the public key of Host2 from
repository, encrypts the data, and transmits.
 Host2 uses his private key to extract the plaintext.
 Length of Keys (number of bits) in this encryption is large and hence, the process of
encryption-decryption is slower than symmetric key encryption.
 Processing power of computer system required to run asymmetric algorithm is higher.

 Challenge of Public Key Cryptosystem:

 Public-key cryptosystems have one significant challenge − the user needs to trust that the
public key that he is using in communications with a person really is the public key of that
person and has not been spoofed by a malicious third party.