Unit 01 : Indroduction to Computer Security

Definition of Computer Security :

Computer security, often referred to as cybersecurity, is the practice of protecting computer systems,
networks, and data from unauthorized access, theft, damage, or disruption. It ensures the confidentiality,
integrity, and availability of information and systems.

Need for Computer Security:

1. Protect Sensitive Data: Prevent unauthorized access to confidential data such as personal, financial.

2. Prevent Cyber Threats: Defend against malware, phishing, ransomware, and other cyberattacks.

3. Ensure System Integrity: Safeguard against unauthorized modifications.

4. Maintain Business Continuity: Protect systems from outages caused by attacks or failures.

5. Comply with Regulations: Meet legal & industry standards, such as GDPR, HIPAA for data protection.

6. Build Trust: Secure systems help build user trust in online platforms and services.

Basics of Security :
1. Confidentiality : Ensures that sensitive information is only accessible to authorized individuals or
systems. , Techniques: Encryption, access control, and secure authentication.

2. Integrity: Ensures that data is accurate, complete, and unaltered during storage, processing, or
transmission , Techniques: Hashing, checksums, and digital signatures.

3. Availability : Ensures that systems, applications, and data are available to authorized users
whenever needed. , Techniques: Redundancy, load balancing, and disaster recovery plans.

4. Accountability : Ensures that actions within a system can be traced to specific users or systems ,
Techniques: Logging, auditing, and secure user authentication.

5. Non-Repudiation : Ensures that a party cannot deny the authenticity of their action or
communication , Techniques: Digital signatures and timestamps.

6. Reliability : Ensures that systems and processes function consistently and without failure ,
Techniques: System redundancy, fault-tolerant systems, and regular maintenance.

pg. 1 By Ghanshyam
Risk and Threat Analysis :
1. Assets : Definition: Anything valuable to an organization or individual that needs protection.
Examples: Hardware (computers, servers), software, data (customer information, intellectual
property), and reputation.

2. Vulnerability :Definition: A weakness or flaw in a system, network, or process that could be

exploited by threats. Examples: Unpatched software, weak passwords, misconfigured firewalls.

3. Threats : Definition: Potential events or actors that could exploit vulnerabilities to cause harm.

Types: 1. Human: Hackers, insiders, or social engineering attacks.

2. Natural: Earthquakes, floods, or fires.

3. Technological: System failures or software bugs.

4. Risks : Definition: The potential for loss or damage when a threat exploits a vulnerability.

o Calculation: Risk=Threat Probability×Impact\text{Risk} = \text{Threat Probability} \times

\text{Impact}Risk=Threat Probability×Impact

5. Countermeasures : Definition: Actions, tools, or techniques used to mitigate risks and protect
assets.

Examples : 1. Implementing firewalls.

2. Using encryption.
3. Conducting regular security training.
4. Performing vulnerability assessments.

Types of Threats & Their Characteristics

A threat in computer network security refers to any potential danger that can exploit vulnerabilities to
cause harm to systems, data, or networks.

1. Network-Based Threats

Definition : Threats that target network infrastructure to disrupt, intercept, or manipulate data
communication.

Characteristics:

 Exploits weaknesses in protocols or network devices.

 Can be passive (eavesdropping) or active (modifying communication).

 Includes attacks like DDoS, Man-in-the-Middle (MITM), and Eavesdropping.

 Often used for data theft, espionage, or service disruption.

pg. 2 By Ghanshyam
2. Malware Threats

Definition : Malicious software designed to infiltrate, damage, or steal data from a system.

Characteristics :

 Spreads via email, downloads, removable drives, or network vulnerabilities.

 Can be self-replicating (worms) or hidden inside legitimate programs (trojans).

 Some, like ransomware, encrypt data and demand payment.

 Includes viruses, worms, trojans, spyware, and ransomware.

3. Web-Based Threats

Definition : Attacks that exploit web applications, servers, or websites to compromise users or data.

Characteristics:

 Targets vulnerabilities in web applications, forms, and cookies.

 Can steal data, manipulate content, or spread malware.

 Includes SQL Injection (SQLi), Cross-Site Scripting (XSS), and Cross-Site Request Forgery (CSRF).

 Often used to gain unauthorized access to sensitive databases.

4. Authentication & Credential Threats

Definition : Threats that target user credentials to gain unauthorized access.

Characteristics:

 Exploits weak passwords, phishing, or leaked credentials.

 Uses methods like Brute Force Attacks, Phishing, and Credential Stuffing.

 Can result in identity theft, financial fraud, or unauthorized system access.

 Often combined with social engineering tactics.

5. Insider Threats

Definition : Threats that originate from within an organization, either intentionally or accidentally.

Characteristics:

 Comes from employees, contractors, or partners with access to sensitive data.

 Can be malicious (intentional data leaks or sabotage) or negligent (accidental data exposure).

 Hard to detect because insiders have legitimate access.

 Can cause data breaches, system damage, or compliance violations.

pg. 3 By Ghanshyam
6. Wireless Network Threats

Definition : Threats that exploit vulnerabilities in wireless networks, such as Wi-Fi.

Characteristics:

 Targets unencrypted or weakly secured wireless networks.

 Includes Evil Twin Attacks, Rogue Access Points, and Replay Attacks.

 Attackers can eavesdrop, inject malicious traffic, or gain unauthorized access.

 Often happens in public Wi-Fi environments.

Threats to Security
1.Viruses

Definition : A virus is a type of malicious software (malware) that attaches itself to a host program or file and
spreads when executed. It often damages data, disrupts systems, or performs unwanted actions.

Phases of a Virus

1. Dormant Phase : The virus is inactive and does not perform any action.
It waits for a specific condition, such as a date or user action, to activate.

2. Propagation Phase : The virus replicates itself by attaching to other programs, files, or systems.
Spreads through emails, USB drives, or network connections.

3. Triggering Phase : The virus activates and begins its intended action when the predefined condition
is met. Examples: Opening a file, reaching a certain date, or restarting a system.

4. Execution Phase : The virus executes its payload, causing harm such as data corruption, deletion, or
system disruption.

Types of Viruses

1. File Infector Viruses : Infects executable files (.exe, .com) , Activates when the infected program is
run , Example: Cascade Virus.

2. Macro Viruses : Targets documents and spreadsheets containing macros (e.g., Microsoft Word,
Excel) , Example: Melissa Virus.

3. Boot Sector Viruses : Infects the boot sector of storage devices, executed during system startup.
Example: Michelangelo Virus.

4. Polymorphic Viruses : Changes its code to avoid detection by antivirus software.

Example: Storm Worm.

5. Stealth Viruses : Conceals itself by modifying file size or hiding in the system.
Example: Frodo Virus.

pg. 4 By Ghanshyam
 6. Resident Viruses: Resides in system memory and infects files when they are accessed.
Example: Randex Virus.

2. Worms : A worm is a self-replicating malware that spreads across networks without needing a host file.

 Characteristics:

o Exploits network vulnerabilities.

o Consumes bandwidth and system resources.

o Does not require user intervention to spread.

 Example: Conficker, WannaCry.

3. Trojan Horse : A Trojan is malicious software disguised as legitimate software. It does not replicate like a
virus but can cause significant damage once installed.

 Characteristics:

o Often used for stealing data, spying, or creating backdoors.

o Delivered via email attachments, downloads, or fake software updates.

 Example: Zeus, Emotet.

4. Intruders : Unauthorized individuals who gain access to systems to steal, manipulate, or destroy data.

 Types:

1. Masquerader : An outsider who pretends to be an authorized user.

2. Misfeasor : An insider who abuses legitimate access privileges.

3. Clandestine User : A user who bypasses security mechanisms to access systems undetected.

5. Insiders : Trusted individuals within an organization who misuse their access to compromise security.

 Characteristics:

o May be malicious (e.g., disgruntled employees) or negligent (e.g., unintentional errors).

o Often pose a greater threat as they have legitimate access to sensitive data and systems.

 Examples:

o Data theft for personal gain.

o Accidental exposure of confidential information.

pg. 5 By Ghanshyam
Types of Attacks :
1. Active and Passive Attacks

1. Active Attacks : An attack where the attacker actively alters or manipulates the data or the system
to disrupt its operation.

o Examples:

 Man-in-the-Middle (MITM): Intercepting and altering communication between two

parties.

 Denial of Service (DoS): Flooding the network to make resources unavailable.

 Replay Attacks: Replaying valid data transmissions to deceive the receiver.

o Characteristics:

 Detectable due to their disruptive nature.

 Directly impacts the system's integrity or availability.

2. Passive Attacks : An attack where the attacker monitors or eavesdrops on communications without
altering them.

o Examples:

 Eavesdropping: Monitoring unencrypted communications to extract sensitive data.

 Traffic Analysis: Observing communication patterns to infer information.

o Characteristics:

 Difficult to detect.

 Focuses on breaching confidentiality.

2. Denial of Service (DoS) Attack : An attack designed to overwhelm a system, network, or service, making
it unavailable to legitimate users.

 Methods:

o Flooding the target with excessive traffic (e.g., ICMP, SYN flood attacks).

o Exploiting vulnerabilities to crash systems.

 Distributed Denial of Service (DDoS): Involves multiple systems attacking the target simultaneously.

 Impact : Downtime for services , Resource exhaustion.

 Prevention : Use load balancers, rate limiting, and DDoS protection services.

pg. 6 By Ghanshyam
3. Backdoors and Trapdoors

 Backdoor:

o A hidden entry point in software or systems that allows unauthorized access.

o Often left intentionally during development or inserted maliciously by attackers.

o Example: A developer leaving access credentials for troubleshooting but not removing them.

 Trapdoor:

o A type of backdoor triggered by specific conditions, such as a date or user action.

o Example: A software bug that activates unauthorized functionality.

4. Sniffing : Capturing and monitoring data packets in a network.

 Purpose:

o Legitimate: Troubleshooting and network analysis.

o Malicious: Capturing sensitive data like passwords and session cookies.

 Tools : Legitimate: Wireshark , Malicious: Cain & Abel.

 Prevention:

o Use encrypted communication protocols (e.g., HTTPS, VPNs).

o Implement network monitoring and intrusion detection systems (IDS).

5. Spoofing : Impersonating a legitimate user or system to gain unauthorized access or deceive others.

 Types:

o IP Spoofing: Sending packets with a fake source IP to masquerade as a trusted source.

o Email Spoofing: Sending emails with forged sender addresses.

o DNS Spoofing: Altering DNS records to redirect traffic to malicious sites.

 Prevention:

o Validate data integrity (e.g., DNSSEC).

o Implement authentication mechanisms (e.g., SPF for emails).

6. Man-in-the-Middle (MITM) : An attacker intercepts and manipulates communication between two

parties without their knowledge.

 Example : Capturing login credentials during an HTTPS session using fake certificates.

pg. 7 By Ghanshyam
  Prevention:

o Use secure protocols like HTTPS.

o Implement end-to-end encryption.

o Avoid unsecured public Wi-Fi networks.

7. Replay Attacks : Capturing and re-sending valid data transmissions to trick the recipient into performing
unauthorized actions.

 Example : Reusing a captured authentication token to gain unauthorized access.

 Prevention:

o Use timestamps or unique session tokens to validate requests.

o Implement encryption to prevent eavesdropping.

8. TCP/IP Hijacking : Taking over an active TCP/IP session between two systems by impersonating one of
the parties.

 Types:

o Session Hijacking: Stealing session cookies to gain unauthorized access.

o TCP Sequence Number Attack: Guessing sequence numbers in TCP packets to inject
malicious data.

 Prevention : 1. Use strong authentication methods (e.g., two-factor authentication).

2. Employ encryption protocols like SSL/TLS.

9. Encryption Attacks : Attacks aimed at breaking or bypassing encryption mechanisms.

 Types:

o Brute Force Attack: Trying all possible keys to decrypt data.

o Cryptanalysis: Analyzing encryption algorithms to find weaknesses.

o Side-Channel Attack: Exploiting physical data (e.g., power consumption) to extract keys.

o Man-in-the-Middle: Intercepting and modifying encrypted communications.

 Prevention:

o Use strong encryption algorithms (e.g., AES-256).

o Regularly update encryption libraries.

o Employ proper key management practices.

pg. 8 By Ghanshyam
 Unit 02 : User Authentication & Access control

1. Identification and Authentication

 Identification: The process where a user provides their identity to a system, typically through a
username.

 Authentication: Verifying that the claimed identity is valid, often done through a password, PIN,
biometrics, or other methods.

2. Username and Password

 Username: Identifies the user uniquely in the system.

 Password: A secret string used to authenticate the user.

o Passwords should be strong, unique, and changed periodically to enhance security.

3. Password Attacks : Password attacks involve attempts to gain unauthorized access by compromising a
password. Key types include:

1. Guessing Passwords

 Attackers manually or programmatically try commonly used passwords or combinations (e.g.,

"123456," "password," etc.).

 Often based on personal information (birthdays, names).

2. Brute Force Attack

 Automated trial of all possible combinations until the correct password is found.

 Mitigation: Lock accounts after a specific number of failed attempts or enforce strong password
policies.

3. Dictionary Attack

 Using a precompiled list of common words or passwords to guess the password.

 Mitigation: Use passwords that are complex and include random characters, not just dictionary
words.

4. Phishing

 Tricking a user into providing their password via fake websites, emails, or messages.

pg. 9 By Ghanshyam
4. Piggybacking : Piggybacking occurs when an unauthorized person gains access by following an
authorized user into a secure area.

 Example: Tailgating someone into a building without using their own access credentials.

 Mitigation:

o Enforce policies like badge scanning.

o Train employees to prevent unauthorized entry.

5. Shoulder Surfing : Observing someone while they enter their password, PIN, or sensitive information.

 Techniques used by attackers:

o Direct observation over the shoulder.

o Using cameras to record.

 Mitigation:

o Use privacy screens.

o Shield your input (e.g., covering PIN entry with your hand).

6. Dumpster Diving : Searching through discarded items like paper, receipts, or old devices to find sensitive
information such as passwords or account details.

 Mitigation:

o Shred documents before disposal.

o Use secure bins for sensitive waste.

o Safely wipe and destroy old devices.

Biometrics : refers to the use of unique physical or behavioral characteristics of individuals for
identification and authentication. It is a key area in security systems as it provides a reliable way to ensure
identity verification based on something intrinsic to the user.

Types of Biometrics : Biometrics can be broadly divided into physical and behavioral characteristics:

pg. 10 By Ghanshyam
Physical Biometrics : These are based on measurable and unique physical attributes of an individual.

1. Fingerprint Recognition

 What it is: Scanning and analyzing the unique patterns of ridges and valleys on a person's fingertips.

 Advantages : 1. Highly reliable and widely used.

2. Quick and inexpensive to implement.

 Applications : Smartphones, attendance systems, door locks, and forensics.

 Limitations : Can be affected by cuts, dirt, or worn fingerprints.

2. Handprint Recognition

 What it is: Analyzing the unique shape, size, and geometry of the hand.

 Advantages : 1. Non-invasive and easy to use.

2. Effective in controlled environments.

 Applications : Access control systems.

 Limitations : 1. Less precise compared to fingerprints.

2. Cannot detect minute details like scars.

3. Retina Pattern Recognition

 What it is: Scanning the unique pattern of blood vessels at the back of the eye (retina).

 Advantages : 1. Extremely accurate due to the uniqueness of retinal patterns.

2. Hard to fake or replicate.

 Applications : High-security areas like government and military facilities.

 Limitations: 1. Requires specialized equipment.

2. Users may find it invasive or uncomfortable.

4. Voice Pattern Recognition

 What it is: Identifying individuals based on the unique characteristics of their voice, such as tone,
pitch, and frequency.

 Advantages : 1. Hands-free and can be used remotely.

2. Natural and user-friendly.

 Applications : Call centers, virtual assistants, and phone banking.

 Limitations : 1. Background noise can interfere.

2. Affected by illness or voice changes.

pg. 11 By Ghanshyam
Behavioral Biometrics : These are based on patterns of behavior and habits unique to an individual.

1. Signature and Writing Pattern

 What it is: Recognizing the way a person writes their signature or other text, including pressure,
speed, and stroke patterns.

 Advantages : 1. Useful for verifying written documents.

2. Difficult to forge handwriting dynamics.

 Applications : Banking, legal documents, and contracts.

 Limitations : Can be inconsistent if a person is tired or rushed.

2. Keystroke Dynamics

 What it is: Analyzing the way a person types on a keyboard, such as typing speed, rhythm, and
dwell time (time spent on a key).

 Advantages : 1. Non-intrusive and can be continuously monitored.

2. Adds an extra layer of security to password systems.

 Applications : Continuous authentication for computer systems.

 Limitations : Affected by stress or changes in typing style.

Advantages of Biometrics

1. Difficult to fake or duplicate compared to traditional passwords or tokens.

2. Convenient for users (no need to remember passwords or carry extra devices).

3. Can provide continuous or real-time authentication.

Limitations of Biometrics

1. Can be expensive to implement.

2. Privacy concerns if biometric data is mishandled or breached.

3. Physical or environmental factors may affect accuracy (e.g., injury, noise).

pg. 12 By Ghanshyam
Access Control is a fundamental concept in cybersecurity that defines and enforces rules to determine who
can access a system or resource, what they can do, and how their activities are monitored. Here’s an
overview of the key components and mechanisms of access control:

1. Access Control Definition

Access control refers to the process of:

 Restricting unauthorized access to systems, data, and resources.

 Enforcing policies that define what actions authorized users can perform.

 Ensuring accountability through monitoring and auditing.

2. Authentication Mechanisms

Authentication is the process of verifying an entity's identity before granting access. Common mechanisms
include:

Password-Based Authentication

 Users provide a username and password.

 Limitations: Vulnerable to brute force, phishing, and dictionary attacks.

Multi-Factor Authentication (MFA)

 Combines two or more factors:

1. Something you know (password, PIN).

2. Something you have (security token, OTP).

3. Something you are (biometrics).

Benefit: Significantly improves security.

Biometric Authentication

 Uses unique physical traits like fingerprints, retina patterns, or voice recognition.

Token-Based Authentication

 Utilizes hardware or software tokens (e.g., OTP, smart cards).

Certificate-Based Authentication

 Involves digital certificates issued by a trusted authority.

Principal Authentication

 A principal is an entity (user, device, or process) trying to access a resource.

 Ensures the principal is who it claims to be before granting access.

pg. 13 By Ghanshyam
3. Authorization : Once authenticated, authorization determines what actions the authenticated entity is
allowed to perform. Examples:

 File access permissions (read, write, execute).

 Role-based restrictions in applications.

4. Audit : Auditing ensures accountability by recording:

 Who accessed the system.

 What actions were performed.

 When the actions occurred.

 Any unauthorized access attempts.

5. Access Control Policies

Policies define the rules governing access to resources. Common models include:

Discretionary Access Control (DAC)

 Definition: The resource owner defines access permissions.

 Example: File permissions in operating systems, where the file owner decides who can read,
write, or execute.

 Pros: Flexible and easy to manage.

 Cons: Vulnerable to human error and insider threats.

Mandatory Access Control (MAC)

 Definition: Access is enforced based on fixed security policies and labels (e.g., classification
levels like Confidential, Secret, Top Secret).

 Example: Military and government systems.

 Pros: High security, reduces risk of data leakage.

 Cons: Rigid and difficult to implement in dynamic environments.

Role-Based Access Control (RBAC)

 Definition: Access is based on roles assigned to users (e.g., Administrator, Editor, Viewer).

 Example: A manager might have access to employee data, while a staff member does not.

 Pros: Scalable and easier to manage in large organizations.

 Cons: Requires careful planning of roles.

pg. 14 By Ghanshyam
Authentication, Authorization, and Audit Policies

 Authentication Policies: Define how identities are verified (e.g., password complexity, MFA).

 Authorization Policies:

o Govern access permissions and role assignments.

o Example: "Only managers can approve leave requests."

 Audit Policies:

o Ensure logs are maintained for all critical actions.

o Example: Record every failed login attempt.

pg. 15 By Ghanshyam
 Unit 03 : Crytography

Introduction to Key Concepts in Cryptography :

1. Plaintext:

o Plaintext refers to the original, readable message or data that needs to be protected from
unauthorized access.

o Example: A text message like "Hello, how are you?" is plaintext before encryption.

2. Ciphertext:

o Ciphertext is the result of encrypting plaintext using a cryptographic algorithm. It appears

scrambled and unreadable without the proper decryption key.

o Example: The plaintext "Hello" might become "Hfiu5@1" in ciphertext form.

3. Cryptography:

o Cryptography is the science and art of converting plaintext into ciphertext (encryption) and
back into plaintext (decryption) to ensure secure communication.

o It includes methods to maintain confidentiality, integrity, authentication, and non-

repudiation of data.

o Example Techniques: Symmetric encryption (AES, DES) and Asymmetric encryption (RSA,
ECC).

4. Cryptoanalysis:

o Cryptanalysis is the study of analyzing and breaking cryptographic systems, aiming to

retrieve plaintext without knowing the encryption key.

o It involves finding vulnerabilities or flaws in cryptographic algorithms.

o Example: Attempting to decipher encrypted messages using brute force or known-plaintext

attacks.

5. Cryptology:

o Cryptology is the broader field encompassing both cryptography and cryptanalysis.

o It involves designing secure communication systems (cryptography) and assessing their

vulnerabilities (cryptanalysis).

6. Encryption:

o Encryption is the process of converting plaintext into ciphertext using an algorithm and an
encryption key.

o Purpose: Protect data from unauthorized access during storage or transmission.

pg. 16 By Ghanshyam
 o Example: Using AES to encrypt a file for secure storage.

7. Decryption:

o Decryption is the reverse process of encryption, where ciphertext is converted back into
readable plaintext using a decryption key.

o Example: Receiving an encrypted email and decrypting it using the appropriate private key to
read its content.

Substitution and Transportation Techniques in Cryptography:

1. Substitution Techniques

Substitution techniques involve replacing elements of plaintext with corresponding elements to generate
ciphertext. Each character or group of characters is substituted with another, based on a predefined rule.

Caesar Cipher

 Description:
The Caesar cipher is a simple substitution cipher where each letter in the plaintext is shifted by a
fixed number of positions in the alphabet.

 Encryption Formula:
C=(P+k)mod 26C = (P + k) \mod 26C=(P+k)mod26
PPP is the position of the plaintext letter, kkk is the shift (key), CCC is the position of the ciphertext
letter.

 Decryption Formula:
P=(C−k)mod 26P = (C - k) \mod 26P=(C−k)mod26

Example:

 Plaintext: "HELLO"

 Key: 3

 Encryption:
H → K, E → H, L → O, L → O, O → R
Ciphertext: "KHOOR"

 Decryption:
Reverse the shift: "KHOOR" → "HELLO"

Modified Caesar Cipher

 Description:
A variation of the Caesar cipher that uses a different shift for each character, often derived from a
keyphrase or a more complex algorithm.

pg. 17 By Ghanshyam
  Example:
Use the numeric position of letters in the key to determine the shift dynamically.

 Key: "KEY" → Numerical shifts [10, 4, 24]

 Plaintext: "HELLO"

o H → Shift by 10 → "R"

o E → Shift by 4 → "I"

o L → Shift by 24 → "J"

o L → Shift by 10 → "V"

o O → Shift by 4 → "S"

 Ciphertext: "RIJVS"

Substitution Cipher (General)

 Description:
Each letter in the plaintext is replaced with another letter according to a substitution table.

 Types:

1. Monoalphabetic Cipher: Fixed substitution for all characters.

Example: A → M, B → N, C → O, etc.

2. Polyalphabetic Cipher: Uses multiple substitution alphabets (e.g., Vigenère Cipher).

2. Transportation Techniques

Transportation techniques involve rearranging the order of characters in the plaintext to produce ciphertext
without altering the actual letters.

Simple Columnar Transposition

 Description:
The plaintext is written in rows of fixed length (columns), and the ciphertext is generated by reading
the columns in a specific order.

 Encryption Steps:

1. Write the plaintext in rows with a fixed column length.

2. Read columns in the specified order to create ciphertext.

Example:

 Plaintext: "HELLO WORLD"

 Columns (Width = 4):

pg. 18 By Ghanshyam
mathematica

CopyEdit

HELL

OWOR

LDXX

(Fill missing spaces with filler characters like "X").

 Read columns:
Column Order: 1, 3, 2, 4
Ciphertext: "HOLWLEDXORLX"

Steganography: Procedure
Steganography is the practice of hiding a secret message within another medium (such as an image, audio,
video, or text) in such a way that it remains undetectable to unauthorized viewers. Unlike encryption,
which makes the message unintelligible, steganography hides the existence of the message.

General Procedure for Steganography

1. Choose a Carrier File

o Select a digital medium (e.g., image, audio, video, or text) to act as the cover object in which
the secret message will be hidden.

o Example: A PNG image.

2. Prepare the Secret Message

o Ensure the secret message (e.g., text, image, or file) is formatted correctly.

o If the message is too large, it might need compression or encryption before embedding.

3. Embed the Secret Message

o Use a steganographic algorithm or software to embed the secret message into the carrier
file. -Common techniques include:

 Least Significant Bit (LSB) Modification:

Replace the least significant bits of pixels in an image or audio with bits of the secret
message.
Example: Changing RGB pixel values like (10110100) → (10110101).

 Frequency Domain Techniques:

Embed the message in transformed components (e.g., DCT coefficients in JPEG
images).

 Text-Based Methods:
Alter formatting, spacing, or characters in text files.

pg. 19 By Ghanshyam
 4. Generate the Stego File

o The carrier file with the embedded message is called the stego file.

o The stego file should appear identical to the original carrier file to avoid detection.

5. Transmit the Stego File

o Share the stego file via secure or insecure channels, depending on the level of secrecy
required.

o Ensure the recipient knows how to extract the hidden message.

6. Extraction of the Secret Message

o The recipient uses a de-steganography tool or algorithm to retrieve the secret message from
the stego file.

o This process typically requires a key or password if the embedding was secured.

Illustrative Example: Hiding Text in an Image Using LSB

 Carrier File: A 24-bit color image.

 Secret Message: "HELLO".

 Procedure:

1. Convert "HELLO" to binary: 01001000 01000101 01001100 01001100 01001111.

2. Replace the least significant bit of selected pixels in the image with these bits.

3. Example Pixel Before Modification:

 R: 10110010 → 10110010

 G: 11001101 → 11001100 (bit changed)

 B: 10010111 → 10010110 (bit changed)

4. The modified image contains the hidden message.

Applications of Steganography

 Secure communication.  Concealing sensitive data or files.

 Digital watermarking (copyright

protection).

pg. 20 By Ghanshyam
Introduction to Symmetric and Asymmetric Cryptography
Symmetric Cryptography (Symmetric Encryption)

 Definition:
In symmetric cryptography, the same key is used for both encryption and decryption.

o The sender uses the key to encrypt the plaintext.

o The receiver uses the same key to decrypt the ciphertext.

 Key Features:

o Speed: Faster than asymmetric encryption.

o Key Management: Requires secure sharing of the key between sender and receiver.

o Algorithms: DES, AES, RC4, Blowfish.

 Example:

o Plaintext: "HELLO"

o Key: "1234"

o Encrypted Message: "KHOOR"

o The same key "1234" is used to decrypt "KHOOR" back to "HELLO".

DES (Data Encryption Standard)

 Description:
DES is a widely used symmetric key encryption algorithm designed for secure data transmission. It
encrypts data in fixed-size blocks of 64 bits using a 56-bit key.

 Steps of the DES Algorithm:

1. Key Preparation: A 56-bit key is generated and expanded to 64 bits by adding parity bits.

2. Initial Permutation: Rearranges the bits of the plaintext according to a fixed table.

3. Divide into Blocks: The plaintext is divided into 64-bit blocks.

4. 16 Rounds of Feistel Cipher:

 Each round involves substitution, permutation, and XOR operations using a sub-key
derived from the main key.

5. Final Permutation: The encrypted output (ciphertext) is produced by another bit

permutation.

 Limitations:

o Vulnerable to brute-force attacks due to its short key length.

o Replaced by AES for most applications.

pg. 21 By Ghanshyam
Asymmetric Cryptography (Asymmetric Key Encryption)

 Definition:
In asymmetric cryptography, a pair of keys (public and private) is used:

o Public Key: Used for encryption.

o Private Key: Used for decryption.

 Key Features:

o Security: No need to share the private key.

o Speed: Slower compared to symmetric encryption.

o Algorithms: RSA, ECC, Diffie-Hellman.

 Example:

o Public Key: Encrypts the message. Private Key: Decrypts the ciphertext.

Digital Signature in Asymmetric Cryptography

A Digital Signature is a cryptographic technique used to ensure the authenticity and integrity of digital
data. It relies on asymmetric encryption.

How it Works:

1. Hash the Message:

o The original message is passed through a hashing algorithm (e.g., SHA-256) to generate a
fixed-size hash value.

2. Sign the Hash:

o The sender encrypts the hash using their private key. This encrypted hash is the digital
signature.

3. Send Message + Signature:

o The sender transmits both the original message and the digital signature.

4. Verification by Receiver:

o The receiver decrypts the digital signature using the sender’s public key to get the hash.

o The receiver hashes the received message independently.

o If both hashes match, the message is verified as authentic.

Applications:

 Verifying the identity of the sender.  Used in SSL certificates, blockchain, and
software distribution.
 Ensuring data integrity.

pg. 22 By Ghanshyam