A scheme for codifying messages by replacing each alphabet with an alphabet

threeplaces down the line

ANNAMACHARYA can be coded as DQQDPDFKDUBD

A N N A M A C H A R Y A
D Q Q D P D F K D U B D
Each alphabet in the original message can be replaced by another to hidethe
original contents of the message. The codified message is called as cipher text.
Cipher means a codeor a secret message.

When a plain text message is codified using any suitable scheme, the resulting
message iscalled as cipher text.
SUBSTITUTION TECHNIQUES
1. CAESAR CIPHER
This was first proposed by Julius Caesar and is termed as Caesar Cipher.
Caesar Cipher is a special case of substitution techniques wherein eachalphabet
in a message is replaced by an alphabet three places down the line. For instance,
using theCaesar Cipher, the plain text ATUL will become cipher text DWXO.

Elements of cryptographic operations

In the substitution cipher technique, the characters of a plain text message
are replaced byother characters, numbers or symbols.

Cryptography and Network Security, Dept. of CSE, AITS 21

An attack on a cipher text message,wherein the attacker attempts to use all
possible permutations and combinations, is called as a Bruteforceattack. The
process of trying to break any cipher text message to obtain the original plain
textmessage itself is called as Cryptanalysis and the person attempting a
cryptanalysis is called as acryptanalyst.

MONO-ALPHABETIC CIPHER

Mono-alphabetic ciphers pose a difficult problem for a cryptanalyst because it

can be verydifficult to crack thanks to the high number of possible permutations
and combinations.
Use random substitution. This means that in a given plain text message, each A
can be replaced by any other alphabet (B through Z), each B can also be
replaced by any other random alphabet (A or C through Z) and so on. The
crucial difference being, there is no relation between thereplacement of B and
replacement of A. That is, if we have decided to replace each A with D, we
neednot necessarily replace each B with E – we can replace each B with any other
character!

0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25

A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

samba
the Cipher text is : HOSKO
Homophonic Substitution Cipher

Homophonic Substitution Cipher also involves substitution of one plain text

character with acipher text character at a time, however the cipher text
character can be any one of thechosen set.
The Homophonic Substitution Cipher is very similar to Mono-alphabetic Cipher.
Like a plainsubstitution cipher technique, we replace one alphabet with another in
this scheme. However, thedifference between the two techniques is that whereas
the replacement alphabet set in case of the simplesubstitution techniques is
fixed (e.g. replace A with D, B with E, etc.), in the case of HomophonicSubstitution
Cipher, one plain text alphabet can map to more than one cipher text
alphabet. For instance,A can be replaced by D, H, P, R; B can be replaced by E, I,
Q, S, etc.

Cryptography and Network Security, Dept. of CSE, AITS 22

Polygram Substitution Cipher
In Polygram Substitution Cipher technique, rather than replacing one plain text
alphabet with one cipher text alphabet at a time, a block of alphabets is
replaced with another block. For instance, HELLOcould be replaced by YUQQW,
but HELL could be replaced by a totally different cipher text block
TEUI, as shown in Fig.

Polyalphabetic Substitution Cipher

A poly-alphabetic cipher is any cipher based on substitution, using several

substitution alphabets. In polyalphabetic substitution ciphers, the plaintext
letters are enciphered differently based upon their installation in the text.
Rather than being a one-to-one correspondence, there is a one-to-many
relationship between each letter and its substitutes.

For example, ‘a’ can be enciphered as ‘d’ in the starting of the text, but as ‘n’ at
the middle. The polyalphabetic ciphers have the benefit of hiding the letter
frequency of the basic language. Therefore attacker cannot use individual letter
frequency static to divide the ciphertext.

As the name polyalphabetic recommend this is achieved by using multiple keys

rather than only one key. This implies that the key should be a stream of
subkeys, in which each subkey depends somehow on the position of the plaintext
character that needs subkey for encipherment.

Vigenere cipher is one of the simplest and popular algorithms in polyalphabetic

cipher. In this approach, the alphabetic text is encrypted using a sequence of
multiple Caesar ciphers based on the letters of a keyword.
The Vigenère cipher includes several simple substitution ciphers in sequence with
several shift values. In this cipher, the keyword is repeated just before it
connects with the duration of the plaintext.

Cryptography and Network Security, Dept. of CSE, AITS 23

Encryption Process:
Ci=(Pi+Ki) mod 26
In this process sum of ith position of plain text and ith position of key will be added
and applied modulus 26 on the result , the generated positional value will be
considered as Cipher text.
Decryption Process
Pi=(Ci-Ki) mod 26
In this process sum of ith position of Cipher text and ith position of key will be
subtracted and applied modulus 26 on the result , the generated positional value
will be considered as Plain text.
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25

A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

Key: samba
Plain text: hello students how are you
Cipher text:
Key s a m B a s a m b a s a m b a s a m b a s A
PT h e l L o s t u d e n t s h o w a r e y o U
CT z e x M o k t g E e f t e i o o a c f y g U

Apply Encryption process to generate cipher text

That is ‘s’ position is 18 and ‘h’ position is 7 so now

C1=(p1+k1)mod26
= (18+7)mpd26
=(25)mod26
=25 (which is equalent to ‘z’)
Like wise generate the table accordingly.

Playfair Cipher:
The Playfair Cipher, also called as Playfair Square, is a cryptographic technique
that is used formanual encryption of data.

The Playfair encryption scheme uses two main processes, as shown in Fig

Cryptography and Network Security, Dept. of CSE, AITS 24

 Playfair cipher steps
Step 1: Creation Population of Matrix and The Playfair Cipher makes use of a 5
x 5 matrix(table), which is used to store a keyword or phrase that becomes the
key for encryption and decryption.
The way this is entered into the 5 x 5 matrix is based on some simple rules, as
shown below

1. Enter the keyword in the matrix row-wise: left-to-right, and then top-to-
bottom.
2. Drop duplicate letters.
3. Fill the remaining spaces in the matrix with the rest of the English alphabets
(A-Z)that were not a part of our keyword. While doing so, combine I and J in the
same cell of the table. In otherwords, if I or J is a part of the keyword, disregard
both I and J while filling the remaining slots.

Algorithm to encrypt the plain text: The plaintext is split into pairs of two
letters (digraphs). If there is an odd number of letters, a Z is added to the
last letter.
For example:

PlainText: "instruments"
After Split: 'in' 'st' 'ru' 'me' 'nt' 'sz'

1. Pair cannot be made with same letter. Break the letter in single and add a
bogus letter to the previous letter.
Plain Text: “hello”
After Split: ‘he’ ‘lx’ ‘lo’
Here ‘x’ is the bogus letter.

2. If the letter is standing alone in the process of pairing, then add an extra
bogus letter with the alone letter
Plain Text: “helloe”
AfterSplit: ‘he’ ‘lx’ ‘lo’ ‘ez’

Cryptography and Network Security, Dept. of CSE, AITS 25

 Here ‘z’ is the bogus letter.
Rules for Encryption:

• If both the letters are in the same column: Take the letter below each
one (going back to the top if at the bottom).
For example:

Diagraph: "me"
Encrypted Text: cl
Encryption:
m -> c
e -> l

If both the letters are in the same row: Take the letter to the right of each
one (going back to the leftmost if at the rightmost position).
Diagraph: "ST"
Encrypted Text: TL
Encryption:
S -> T
T -> L

If neither of the above rules is true: Form a rectangle with the two letters
and take the letters on the horizontal opposite corner of the rectangle.
For example:

Diagraph: "nt"
Encrypted Text:rq
Encryption:
n -> r
t -> q

Cryptography and Network Security, Dept. of CSE, AITS 26

Plain Text: "instrumentsz"
Encrypted Text: gatlmzclrqtx
Encryption:
i -> g
n -> a
s -> t
t -> l
r -> m
u -> z
m -> c
e -> l
n -> r
t -> q
s -> t
z -> x

Hill Cipher
Hill cipher is a polygraphic substitution cipher based on linear algebra.Each letter
is represented by a number modulo 26. Often the simple scheme A = 0, B= 1, …, Z
= 25 is used, but this is not an essential feature of the cipher. To encrypt a
message, each block of n letters (considered as an n-component vector) is
multiplied by an invertible n × n matrix, against modulus 26. To decrypt the

Cryptography and Network Security, Dept. of CSE, AITS 27

message, each block is multiplied by the inverse of the matrix used for
encryption.
The matrix used for encryption is the cipher key, and it should be chosen
randomly from the set of invertible n × n matrices (modulo 26).

Cryptography and Network Security, Dept. of CSE, AITS 28

Cryptography and Network Security, Dept. of CSE, AITS 29
Cryptography and Network Security, Dept. of CSE, AITS 30
TRANSPOSITION TECHNIQUES

Transposition techniques differ from substitution techniques in the way that

they do not simplyreplace one alphabet with another: they also perform some
permutation over the plain text alphabets.

Rail Fence Technique

Rail fence technique involves writing plain text as sequence of diagonals and then
reading itrow-by-row to produce cipher text.
Suppose that we have a plain textmessage Come home tomorrow. How would we
transform that into a cipher text message using the RailFence Technique? This
is shown in Fig.

1. Write down the plain text message as a sequence of diagonals.

2. Read the plain text written in Step 1 as a sequence of rows.
3. here depth=2

Example of rail technique

Cryptography and Network Security, Dept. of CSE, AITS 31

Simple Columnar Transposition Technique

Basic Technique Variations of the basic transposition technique such as Rail

Fence Technique exist.Such a scheme call as Simple Columnar Transposition
Technique.
➢ Write the plain text message row-by-row in a rectangle of a pre-defined
size.
➢ Read the message column-by-column. However, it need not be in the order
of columns 1,2, 3 etc. It can be any random order such as 2, 3, 1, etc.
➢ The message thus obtained is the cipher text message.

The Simple Columnar Transposition Technique simply arranges the plain text as
a sequenceof rows of a rectangle that are read in columns randomly.

Example of simple columnar technique

A MODEL FOR NETWORK SECURITY

A message is to be transferred from one party to another across some sort of
internet. Thetwo parties, who are the principals in this transaction, must
cooperate for the exchange to takeplace. A logical information channel is
established by defining a route through the internetfrom source to destination
and by the cooperative use of communication protocols (e.g.,TCP/IP) by the two
principals. Security aspects come into play when it is necessary ordesirable to
protect the information transmission from an opponent who may present a
threatto confidentiality, authenticity, and so on.
All the techniques for providing security have twocomponents:
A security-related transformation on the information to be sent. Examples
include the encryption of the message, which scrambles the message so that it is
unreadable bythe opponent, and the addition of a code based on the contents of
the message, whichcan be used to verify the identity of the sender Some secret

Cryptography and Network Security, Dept. of CSE, AITS 32

information shared by thetwo principals and, it is hoped, unknown to the opponent.
An example is an encryptionkey used in conjunction with the transformation to
scramble the message beforetransmission and unscramble it on reception.

The general model shows that there are four basic tasks in designing a particular
securityservice:
1. Design an algorithm for performing the security-related transformation.
Thealgorithm should be such that an opponent cannot defeat its purpose.
2. Generate the secret information to be used with the algorithm .
3. Develop methods for the distribution and sharing of the secret
information.
4. Specify a protocol to be used by the two principals that makes use of the
securityalgorithm and the secret information to achieve a particular
security service

A general model is illustrated by the above Figure 1.6, which reflects a concern
forprotecting an information system from unwanted access. Most readers are

Cryptography and Network Security, Dept. of CSE, AITS 33

familiar with theconcerns caused by the existence of hackers, who attempt to
penetrate systems that can beaccessed over a network. The hacker can be
someone who, with no malign intent, simply getssatisfaction from breaking and
entering a computer system. Or, the intruder can be adisgruntled employee who
wishes to do damage, or a criminal who seeks to exploit computerassets for
financial gain.
ENCRYPTION AND DECRYPTION

The process of encoding plain text messagesinto cipher text messages is called
as encryption.
The process of transforming cipher textmessages back to plain text messages is
called asdecryption.

Every encryption and decryption process has two aspects: the algorithm and the
key used forencryption and decryption.
let us take the example ofa combination lock, which we use in real life. We need
to remember the combination (which is a number, suchas 871) needed to open up
the lock. The facts that it is acombination lock and how to open it (algorithm)
arepieces of public knowledge. However, the actual valueof the key required for
opening a specific lock (key),which is 871 in this case, is kept secret. The idea
isillustrated in Fig

Cryptography and Network Security, Dept. of CSE, AITS 34

Broadly, there are two cryptographic mechanisms, depending on what keys are
used. If the same keyis used for encryption and decryption, we call the
mechanism as Symmetric Key Cryptography.However, if two different keys are
used in a cryptographic mechanism, wherein one key is used forencryption and
another, different key is used for decryption; we call the mechanism as
Asymmetric KeyCryptography.

Symmetric and Asymmetric Key Cryptography

The sender andthe receiver will use the same key to lock and unlock, this is called
as symmetric key operation (whenused in the context of cryptography, this
operation is called as symmetric key cryptography).
Person A wants to send a highly confidential letter to another person B. A and B
both residein the same city, but are separated by a few miles and for some
reason, cannot meet eachother.
With the symmetric key cryptography A can send securely to the B.

Let us now imagine that not only A and B but also thousands of people want to
send such confidentialletters securely to each other. What would happen if they
decide to go for symmetric key operation? Ifwe examine this approach more
closely, we can see that it has one big drawback if the number of peoplethat want
to avail of its services is very large.

Use of separate locks and keys per communication pair

we have the following situation:

Cryptography and Network Security, Dept. of CSE, AITS 35

 ➢ When A wanted to communicate only with B, we needed one lock-and-key
pair (A-B).
➢ When A wants to communicate with B and C, we need two lock-and-key pairs
(A-B and A-C).
Thus, we need one lock-and-key pair per person with whom A wants to
communicate. If B alsowants to communicate with C, we have B-C as the third
communicating pair, requiring its ownlock-and-key pair. Thus, we would need three
lock-and-key pairs to serve the needs of threecommunicating pairs.

Therefore, can we see that, in general, for n persons, the number of lock-and-key
𝑛∗(𝑛−1)
pairs is
2

Diffie–Hellman Key Exchange/Agreement Algorithm

In this scheme the two parties, who want to communicatesecurely, can agree on
a symmetric key using this technique. This key can then be used for encryption/
decryption. However, we must note that Diffie–Hellman key exchange algorithm
can be used only forkey agreement, but not for encryption or decryption of
messages. Once both the parties agree on the keyto be used, they need to use
other symmetric key encryption algorithms for actual encryption or decryption
of messages.

Description of the Algorithm

Cryptography and Network Security, Dept. of CSE, AITS 36

 Diffie–Hellman key exchange algorithm

Example of the Algorithm

Cryptography and Network Security, Dept. of CSE, AITS 37

Asymmetric Key Operation

In this scheme, (Alice) A and (Bob) B do not have to jointly approach (Tom) T for
a lock-and-key pair. Instead, B aloneapproaches T, obtains a lock and a key (K1)
that can seal the lock and sends the lock and key K1 to A. Btells A that A can use
that lock and key to seal the box before sending the sealed box to B.

An interesting property of this scheme is that B possesses a different but

related key (K2), which isobtained by B from T along with the lock and key K1,
only which can open the lock. It is guaranteed thatno other key and of course,
including the one used by A (i.e. K1) for locking, can open the lock. Sinceone key
(K1) is used for locking and another, different key (K2) is used for unlocking; we
will call thisscheme as asymmetric key operation. Also, T is clearly defined here
as a trusted third party. T iscertified as a highly trustworthy and efficient
agency by the government.

Cryptography and Network Security, Dept. of CSE, AITS 38

STEGANOGRAPHY

Steganography is a technique that facilitates hiding of a message that is to be

kept secret inside othermessages.

The sender usedmethods such as invisible ink, tiny pin punctures on specific
characters, minute variations betweenhandwritten characters, pencil marks on
handwritten characters, etc.

KEY RANGE AND KEY SIZE

The cryptanalystis armed with the following information:

• The encryption/decryption algorithm

• The encrypted message
• Knowledge about the key size (e.g. the value of the key is a number between
0 and 100 billion).

Cryptography and Network Security, Dept. of CSE, AITS 39

For example consider the brute force attack here, which works onthe principle
of trying every possible key in the key range, until you get the right key.

Brute forceattack

Understanding key range

With every incremental bit, the attacker has to perform double the number of
operations ascompared to the previous key size. It is found that for a 56-bit key,

Cryptography and Network Security, Dept. of CSE, AITS 40

it takes 1 second to search 1 percentof the key range. Taking this argument
further, it takes about 1 minute to search about half of the keyrange (which is
what is required, on an average, to crack a key). Using this as the basis, let us
have a lookat the similar values (time required for a search of 1 percent and 50
percent of the key space) for variouskey sizes. This is shown in Table

We can represent the possible values in the key range using hexadecimal notation
and see visuallyhow an increase in the key size increases the key range and
therefore, the complexity for an attacker.

Key sizes and ranges

POSSIBLE TYPES OF ATTACKS

When the sender of a message encrypts a plain text message into

itscorresponding cipher text, there are five possibilities for an attack on this
message.

Cryptography and Network Security, Dept. of CSE, AITS 41

Cipher text only attack: In this type of attack, the attacker does not have any
clue about the plaintext and has some or all of the cipher text.The attacker
analyzes the cipher text at leisure to try andfigure out the original plain text.

Known plain text attack: In this case, the attacker knows about some pairs of
plain text andcorresponding cipher text for those pairs. Using this information,
the attacker tries to find otherpairs and therefore, know more and more of the
plain text. Examples of such known plain texts arecompany banners, file headers,
etc. which are found commonly in all the documents of a particularcompany.

Known plain text attack

Chosen plain text attack: Here, the attacker selects a plain text block and tries
to look for theencryption of the same in the cipher text. Here, the attacker is
able to choose the messages toencrypt. Based on this, the attacker intentionally

Cryptography and Network Security, Dept. of CSE, AITS 42

picks patterns of cipher text that result inobtaining more information about the
key.

Chosen plain text attack

Chosen cipher text attack: In the chosen cipher text attack, the attacker knows
the cipher text tobe decrypted, the encryption algorithm that was used to
produce this cipher text and thecorresponding plain text block. The attacker’s
job is to discover the key used for encryption.

Chosen text attack: The chosen text attack is essentially a combination of

chosen plain textattack and chosen cipher text attack.

Cryptography and Network Security, Dept. of CSE, AITS 43