CRYPTOGRAPHY AND NETWORK SECURITY

(III-CS, SEMESTER-1, R-18)

PREPARED BY-MAGANTI APPARAO
HEAD OF THE DEPARTMENT
ST. MARY’S ENGINEERING COLLEGE

UNIT – I
SECURITY CONCEPTS
 Introduction
 The need for security
 Security approaches
 Principles of security
 Types of Security attacks
 Security services
 Security Mechanisms
 A model for Network Security
CRYPTOGRAPHY CONCEPTS AND TECHNIQUES
 Introduction
 plain text and cipher text
 substitution techniques
 transposition techniques
 encryption and decryption
 symmetric and asymmetric key cryptography
 steganography
 key range and key size, possible types of attacks
INTRODUCTION
This is the age of universal electronic connectivity, where the
activities like hacking, viruses, electronic fraud are very
common. Unless security measures are taken, a network
conversation or a distributed application can be compromised
easily.
Some simple examples are:
Online purchases using a credit/debit card.
A customer unknowingly being directed to a false website.
A hacker sending a message to a person pretending to be
someone else.
Network Security has been affected by two major
developments over the last several decades.
First one is introduction of computers into organizations
and the second one being introduction of distributed systems
and the use of networks and communication facilities for
carrying data between users & computers.
These two developments lead to ‘computer security’ and
‘network security’, where the computer security deals with
collection of tools designed to protect data and to thwart
hackers.
 Network security measures are needed to protect data
during transmission. But keep in mind that, it is the information
and our ability to access that information that we are really
trying to protect and not the computers and networks.

THE NEED FOR SECURITY

Because there are threats
Threats
A threat is an object, person, or other entity that represents a
constant danger to an asset
The 2007 CSI survey
 494 computer security practitioners
 46% suffered security incidents
 29% reported to law enforcement
 Average annual loss $350,424
 1/5 suffered targeted attack
 The source of the greatest financial losses?
 Most prevalent security problem
 Insider abuse of network access
 Email
 Threat Categories
 Acts of human error or failure
 Compromises to intellectual property
 Deliberate acts of espionage or trespass
 Deliberate acts of information extortion
 Deliberate acts of sabotage or vandalism
 Deliberate acts of theft
 Deliberate software attack
 Forces of nature
 Deviations in quality of service
 Technical hardware failures or errors
 Technical software failures or errors
 Technological obsolesce
Definitions
Computer Security - generic name for the collection of tools
designed to protect data and to thwart hackers
Network Security - measures to protect data during their
transmission
Internet Security - measures to protect data during their
transmission over a collection of interconnected networks
SECURITY APPROACHES
Confidentiality, Data Integrity, Authentication, and Non-
Repudiation are the main principles of cryptography. Network
security is the actions taken or procedures followed to protect
the computer network.
Cryptography ensures data confidentiality and provides data
protection from unauthorized access.

PRINCIPLES OF SECURITY
The basic tenets of information security are confidentiality,
integrity and availability. Every element of the information
security program must be designed to implement one or more
of these principles. Together they are called the CIA Triad.

SECURITY ATTACKS
any action that compromises the security of information owned
by an organization
information security is about how to prevent attacks, or failing
that, to detect attacks on information-based systems
often threat & attack used to mean same thing
have a wide range of attacks
can focus of generic types of attacks
 Passive Attacks Active Attacks
PASSIVE ATTACKS
Passive attacks are in the nature of eaves dropping on, or
monitoring of, transmissions. The goal of the opponent is to
obtain information that is being transmitted. Passive
attacks are of two types:
Release of message contents: A telephone conversation, an e-
mail message and a transferred file may contain sensitive or
confidential information. We would like to prevent the
opponent from learning the contents of these transmissions.
Traffic analysis: If we had encryption protection in place, an
opponent might still be able to observe the pattern of the
message. The opponent could determine the location and
identity of communication hosts and could observe the
frequency and length of messages being exchanged.
Passive attacks are very difficult to detect because they do not
involve any alteration of data. However, it is feasible to prevent
the success of these attacks.
 Read contents of
message from Bob
to Alice

Release of message contents

Observe pattern of
messages from Bob
to Alice

Traffic analysis

ACTIVE ATTACKS
These attacks involve some modification of the data stream or
the creation of a false stream. These attacks can be classified in
to four categories:
Masquerade – One entity pretends to be a different entity.
Replay – involves passive capture of a data unit and its
subsequent transmission to produce an unauthorized effect.
Modification of messages – Some portion of message is
altered or the messages are delayed or recorded, to produce an
unauthorized effect.
Denial of service – Prevents or inhibits the normal use or
management of communication facilities. Another form of
service denial is the disruption of an entire network, either by
disabling the network or overloading it with messages so as to
degrade performance.
It is quite difficult to prevent active attacks absolutely, because
to do so would require physical protection of all
communication facilities and paths at all times. Instead, the
goal is to detect them and to recover from any disruption or
delays caused by them.

Message from Darth

that appears to be
from Bob

Bob

Masquerade
 Capture message from
Bob to Alice; later replay
message to Alice

Replay

Darth modifies
message from Bobto
Alice

Modification of messages
 Darth disrupts service
provided by server

Bob Server

Denial of service
SECURITY SERVICES
A processing or communication service that enhances the
security of the data processing systems and the information
transfers of an organization.
The services are intended to counter security attacks, and they
make use of one or more security mechanisms to provide the
service.
X.800 defines a security service as a service that is provided by
a protocol layer of communicating open systems and that
ensures adequate security of the systems or of data transfers.
X.800 divides these services into five categories.
Confidentiality: Ensures that the information in a computer
system and transmitted information are accessible only for
reading by authorized parties.
Eg., printing, displaying and other forms of disclosure.
Authentication: Ensures that the origin of a message or
electronic document is correctly identified, with an assurance
that the identity is not false.
Integrity: Ensures that only authorized parties are able to
modify computer system assets and transmitted information.
Modification includes writing, changing status, deleting,
creating and delaying or replaying of transmitted messages.
Non repudiation: Requires that neither the sender nor the
receiver of a message be able to deny the transmission.
Access control: Requires that access to information resources
may be controlled by or the target system.
Availability: Requires that computer system assets be
available to authorized parties when needed.
AUTHENTICATION
The authentication service is concerned with assuring that a
communication is Authentic, the function of the authentication
service is to assure the recipient that the message is from the
source that it claims to be from. In the case of an ongoing
interaction, such as the connection of a terminal to a host, two
aspects are involved. Two specific authentication services are
defined in X.800:
Peer Entity Authentication
Used in association with a logical connection to provide
confidence in the identity of the entities connected.
Data Origin Authentication
In a connectionless transfer, provides assurance that the source
of received data is as claimed.
ACCESS CONTROL
The prevention of unauthorized use of a resource (i.e., this
service controls who can have access to a resource, under what
conditions access can occur, and what those accessing the
resource is allowed to do).
CONFIDENTIALITY
The protection of data from unauthorized disclosure.
Confidentiality is the protection of transmitted data from
passive attacks. With respect to the content of a data
transmission, several levels of protection can be identified.
Connection Confidentiality: The protection of all user data
on a connection.
Connectionless Confidentiality: The protection of all user
data in a single data block authentication.
The confidentiality of selected fields within the user data on a
connection or in a single data block.
Traffic Flow Confidentiality: The protection of the
information that might be derived from observation of traffic
flows.
DATA INTEGRITY
The assurance that data received are exactly as sent by an
authorized entity (i.e., contain no modification, insertion,
deletion, or replay).
Connection Integrity with Recovery
Provides for the integrity of all user data on a connection and
detects any modification, insertion, deletion, or replay of any
data within an entire data sequence, with recovery attempted.
Connection Integrity without Recovery: As above, but
provides only detection without recovery.
Selective-Field Connection Integrity: Provides for the
integrity of selected fields within the user data of a data block
transferred over a connection and takes the form of
determination of whether the selected fields have been
modified, inserted, deleted, or replayed.
Connectionless Integrity: Provides for the integrity of a single
connectionless data block and may take the form of detection of
data modification. Additionally, a limited form of replay
detection may be provided.
Selective-Field Connectionless Integrity: Provides for the
integrity of selected fields within a single connectionless data
block; takes the form of determination of whether the selected
fields have been modified.
NONREPUDIATION
Provides protection against denial by one of the entities
involved in a communication of having participated in all or part
of the communication.
Nonrepudiation Origin: Proof that the message was sent by
the specified party.
Nonrepudiation, Destination: Proof that the message was
received by the specified party.
AVAILABILITY
It is defined to be the property of a system or a system resource
being accessible and usable upon demand by an authorized
system entity. The availability can significantly be affected by a
variety of attacks, some amenable to automated counter
measures.
SECURITY MECHANISMS
According to X.800, the security mechanisms are divided into
those implemented in a specific protocol layer and those that are
not specific to any particular protocol layer or security service.
X.800 also differentiates reversible & irreversible
encipherment mechanisms.
A reversible encipherment mechanism is simply an encryption
algorithm that allows data to be encrypted and subsequently
decrypted, whereas irreversible encipherment include hash
algorithms and message authentication codes used in digital
signature and message authentication applications
Specific Security Mechanisms
Incorporated into the appropriate protocol layer in order to
provide some of the OSI security services,
Encipherment: It refers to the process of applying
mathematical algorithms for converting data into a form that is
not intelligible. This depends on algorithm used and encryption
keys.
Digital Signature: The appended data or a cryptographic
transformation applied to any data unit allowing to prove the
source and integrity of the data unit and protect against forgery.
Access Control: A variety of techniques used for enforcing
access permissions to the system resources.
Data Integrity: A variety of mechanisms used to assure the
integrity of a data unit or stream of data units.
Authentication Exchange: A mechanism intended to ensure
the identity of an entity by means of information exchange.
Traffic Padding: The insertion of bits into gaps in a data
stream to frustrate traffic analysis attempts.
Routing Control: Enables selection of particular physically
secure routes for certain data and allows routing changes once a
breach of security is suspected.
Notarization: The use of a trusted third party to assure certain
properties of a data exchange
Pervasive Security Mechanisms
These are not specific to any particular OSI security service or
protocol layer.
Trusted Functionality: That which is perceived to b correct
with respect to some criteria Security Level: The marking
bound to a resource (which may be a data unit) that names or
designates the security attributes of that resource.
Event Detection: It is the process of detecting all the events
related to network security. Security Audit Trail: Data
collected and potentially used to facilitate a security audit,
which is an independent review and examination of system
records and activities.
Security Recovery: It deals with requests from mechanisms,
such as event handling and management functions, and takes
recovery actions.

Digital Acce Dat Authenticati Traff Routin

Service Encipher Signat ss a on ic g Notarizat
ment ure Cont Integr Exchange Paddi Contro ion
rol ity ng l

Peer Entity Y Y Y
Authentication

Data Origin Y Y
Authentication

Access Control Y

Confidentiality Y Y

Traffic Flow Y Y Y
Confidentiality

Data Integrity Y Y Y

Nonrepudiation Y Y Y

Availability Y Y

Relationship Between Security Services and Mechanisms

MODEL FOR NETWORK SECURITY
Data is transmitted over network between two communicating
parties, who must cooperate for the exchange to take place.
A logical information channel is established by defining a route
through the internet from source to destination by use of
communication protocols by the two parties.
Whenever an opponent presents a threat to confidentiality,
authenticity of information, security aspects come into play.
Two components are present in almost all the security providing
techniques.
A security-related transformation on the information to be sent
making it unreadable by the opponent, and the addition of a
code based on the contents of the message, used to verify the
identity of sender.
Some secret information shared by the two principals and, it is
hoped, unknown to the opponent.
An example is an encryption key used in conjunction with the
transformation to scramble the message before transmission
and unscramble it on reception
A trusted third party may be needed to achieve secure
transmission. It is responsible for distributing the secret
information to the two parties, while keeping it away from any
opponent.
 It also may be needed to settle disputes between the two parties
regarding authenticity of a message transmission. The general
model shows that there are four basic tasks in designing a
particular security service:
1. Design an algorithm for performing the security-related
transformation. The algorithm should be such that an opponent
cannot defeat its purpose
2. Generate the secret information to be used with the algorithm
3. Develop methods for the distribution and sharing of the secret
information
4. Specify a protocol to be used by the two principals that makes
use of the security algorithm and the secret information to
achieve a particular security service
Various other threats to information system like unwanted
access still exist. The existence of hackers attempting to
penetrate systems accessible over a network remains a concern.
Another threat is placement of some logic in computer system
affecting various applications and utility programs. This
inserted code presents two kinds of threats.
Information access threats intercept or modify data on behalf
of users who should not have access to that data
Service threats exploit service flaws in computers to inhibit
 use by legitimate users Viruses and worms are two examples of
software attacks inserted into the system by means of a disk or
also across the network.
The security mechanisms needed to cope with unwanted access
fall into two broad categories.
CRYPTOGRAPHY CONCEPTS AND TECHNIQUES
Conventional Encryption Model

Referred conventional / private-key / single-key

Sender and recipient share a common key
All classical encryption algorithms are private-key was only
type prior to invention of public- key in 1970
plaintext - the original message
• cipher text - the coded message
• Cipher - algorithm for transforming plaintext to cipher text
• Key - info used in cipher known only to sender/receiver
• encipher (encrypt) - converting plaintext to cipher text
• decipher (decrypt) - recovering cipher text from plaintext
• Cryptography - study of encryption principles/methods
• Cryptanalysis (code breaking) - the study of principles/
methods of deciphering cipher text without knowing key
• Cryptology - the field of both cryptography and cryptanalysis
CRYPTOGRAPHY
A cryptographic attack is a method used by hackers to target
cryptographic solutions like ciphertext, encryption keys, etc.
These attacks aim to retrieve the plaintext from the ciphertext
or decode the encrypted data.
Hackers may attempt to bypass the security of a cryptographic
system by discovering weaknesses and flaws in cryptography
techniques, cryptographic protocol, encryption algorithms, or
key management strategy.
Cryptographic systems are generally classified along 3
independent dimensions:
Type of operations used for transforming plain text to cipher
text
All the encryption algorithms are based on two general
principles: substitution, in which each element in the plaintext
is mapped into another element, and transposition, in which
elements in the plaintext are rearranged.
The number of keys used
If the sender and receiver uses same key, then it is said to be
symmetric key (or) single key (or) conventional encryption.
If the sender and receiver use different keys, then it is said to
be public key encryption.
The way in which the plain text is processed
A block cipher processes the input and block of elements at a
time, producing output block for each input block. A stream
cipher processes the input elements continuously, producing
output element one at a time, as it goes along.
CRYPTANALYSIS
The process of attempting to discover X or K or both is known
as cryptanalysis. The strategy used by the cryptanalysis
depends on the nature of the encryption scheme and the
information available to the cryptanalyst. There are various
types of cryptanalytic attacks based on the amount of
information known to the cryptanalyst.
• Cipher text only – A copy of cipher text alone is known to
the cryptanalyst.
 • Known plaintext – The cryptanalyst has a copy of the
cipher text and the corresponding plaintext.
• Chosen plaintext – The cryptanalysts gain temporary
access to the encryption machine. They cannot open it to
find the key, however; they can encrypt a large number of
suitably chosen plaintexts and try to use the resulting cipher
texts to deduce the key.
• Chosen cipher text – The cryptanalyst obtains temporary
access to the decryption machine, uses it to decrypt several
string of symbols, and tries to use the results to deduce the
key.

ENCRYPTION AND DECRYPTION

Encryption is the process by which a readable message is
converted to an unreadable form to prevent unauthorized
parties from reading it. Decryption is the process of converting
an encrypted message back to its original (readable) format.
Let’s see that the difference between encryption and
decryption:
S.NO Encryption Decryption

While decryption is the

Encryption is the process of
process of converting
converting normal message
meaningless message into its
into meaningless message.
1. original form.

Encryption is the process While decryption is the

which take place at sender’s process which take place at
2. end. receiver’s end.

Its major task is to convert While its main task is to

the plain text into cipher convert the cipher text into
3. text. plain text.

Whereas the encrypted

Any message can be
message can be decrypted with
encrypted with either secret
either secret key or private
key or public key.
4. key.

Whereas in decryption process,

In encryption process,
receiver receives the
sender sends the data to
information(Cipher text) and
receiver after encrypted it.
5. convert into plain text.

The only single algorithm is

The same algorithm with
used for encryption-decryption
the same key is used for the
with a pair of keys where each
encryption-decryption
use for encryption and
process.
6. decryption.

Encryption is used to Decryption is used to reverse

protect the confidentiality the encryption process and
S.NO Encryption Decryption

of data by converting it into convert the ciphertext back

an unreadable form that can into plaintext.
only be read by authorized
parties.

The output of encryption is

a ciphertext that is
The output of decryption is the
unintelligible to anyone
original plaintext message.
who does not have the
decryption key.

TYPES OF KEYS
Symmetric Key:
Symmetric-key encryption are algorithms which use the same
cryptographic keys for both encryptions of plaintext and
decryption of ciphertext.
Asymmetric Key:
Asymmetric encryption uses 2 pairs of key for encryption.
Public key is available to anyone while the secret key is only
made available to the receiver of the message. This boots
security.
Public Key:Public key cryptography is an encryption system
which is based on two pairs of keys. Public keys are used to
encrypt messages for a receiver.
Private Key:
Private key may be part of a public/ private asymmetric key
pair. It can be used in asymmetric encryption as you can use the
same key to encrypt and decrypt data.
Pre-Shared Key:
In cryptography, a pre-shared key (PSK) is a shared secret
which was earlier shared between the two parties using a secure
channel before it is used.

KEY RANGE AND KEY SIZE

The most commonly used key sizes are 128-bit, 192-bit, and
256-bit. "Key range" refers to the set of all possible keys that
can be used in cryptography. The range is determined by the
key size and the underlying algorithm, and it affects the security
of the encryption.
The concept of key range leads to the principle of key size. The
strength of a cryptographic key is measured with the key size.
Key size is measured in bits and is represented using binary
number system.
Thus if the key range from 0 to 8, then the key size is 3 bits or
in other words we can say if the size is bits then the key range
is 0 to 256.
Key size may be varying, depending upon the applications and
the cryptographic algorithm being used, it can be 40 bits, 56
bits, 128 bits & so on.
In order to protect the cipher-text against the brute-force
attack, the key-size should be such that the attacker cannot
crack it within a specified amount of time.
From a practical viewpoint, a 40-bit key takes about 3 hours to
crack, however a 41-bit key would take 6 hours and 42-bit key
would take 12 hours & so on. This means every additional bit
doubles the amount of time required to crack the key.
POSSIBLE TYPES OF ATTACKS IN CRYPTOGRAPHY
A cryptography attack can be either passive or active.
PASSIVE ATTACKS:
Passive cryptography attacks intend to obtain unauthorized
access to sensitive data or information by intercepting or
eavesdropping on general communication. In this situation, the
data and the communication remain intact and are not tampered
with. The attacker only gains access to the data.
ACTIVE ATTACKS: On the other hand, active cryptography
attacks involve some kind of modification of the data or
communication. In this case, the attacker not only gains access
to the data but also tampers with it.
TYPES OF CRYPTOGRAPHY ATTACKS
Depending on the type of cryptographic system in place and the
information available to the attacker, these attacks can be
broadly classified into six types:
Brute force attack
Public and private keys play a significant role in encrypting and
decrypting the data in a cryptographic system. In a brute force
attack, the cybercriminal tries various private keys to decipher
an encrypted message or data. If the key size is 8-bit, the
possible keys will be 256 (i.e., 28). The cybercriminal must
know the algorithm (usually found as open-source programs)
to try all the 256 possible keys in this attack technique.
Ciphertext-only attack
In this attack vector, the attacker gains access to a collection of
ciphertext. Although the attacker cannot access the plaintext,
they can successfully determine the ciphertext from the
collection. Through this attack technique, the attacker can
occasionally determine the key.
Chosen plaintext attack
In this attack model, the cybercriminal can choose arbitrary
plaintext data to obtain the ciphertext. It simplifies the
attacker's task of resolving the encryption key. One well-known
example of this type of attack is the differential cryptanalysis
performed on block ciphers.
Chosen ciphertext attack
In this attack model, the cybercriminal analyzes a chosen
ciphertext corresponding to its plaintext. The attacker tries to
obtain a secret key or the details about the system. By analyzing
the chosen ciphertext and relating it to the plaintext, the attacker
attempts to guess the key. Older versions of RSA encryption
were prone to this attack.
Known plaintext attack
In this attack technique, the cybercriminal finds or knows the
plaintext of some portions of the ciphertext using information
gathering techniques. Linear cryptanalysis in block cipher is
one such example.
Key and algorithm attack
Here, the attacker tries to recover the key used to encrypt or
decrypt the data by analyzing the cryptographic algorithm.
Preventing cryptography attacks
To prevent cryptography attacks, it is essential to have a strong
cryptographic system in place
Regularly update the cryptographic algorithms and protocols to
ensure they are not obsolete.
Ensure that the data is appropriately encrypted so that even if it
falls into the wrong hands, it will be unreadable.
Use strong and unique keys for encryption.
Store the keys in a secure location.
Ensure that the cryptographic system is implemented correctly.
Regularly test the system for vulnerabilities.
Educate employees about cryptography attacks and how to
prevent them.

SUBSTITUTION TECHNIQUES
A substitution technique is one in which the letters of plaintext
are replaced by other letters or by numbers or symbols. If the
plaintext is viewed as a sequence of bits, then substitution
involves replacing plaintext bit patterns with cipher text bit
patterns.
1) CAESAR CIPHER
2) MONOALPHABETIC CIPHERS
3) PLAYFAIR CIPHER
4) HILL CIPHER
5) POLYALPHABETIC CIPHERS
6) VERNAM CIPHER
7) ONE TIME PAD CIPHER
 1) CAESAR CIPHER
The earliest known use of a substitution cipher and the simplest
was by Julius Caesar. The Caesar cipher involves replacing
each letter of the alphabet with the letter standing 3 places
further down the alphabet. e.g., plain text: pay more money
Cipher text: SDB PRUH PRQHB
Note that the alphabet is wrapped around, so that letter
following „z‟ is „a‟.
Note that the alphabet is wrapped around, so that the letter
following Z is A.
We can define the transformation by listing all possibilities, as follows:
plain: A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
cipher: D E F G H I J K L M N O P Q R S T U V W X Y Z A B C

Let us assign a numerical equivalent to each letter:

The Caesar Cipher is a type of shift cipher. Shift Ciphers work
by using the modulo operator to encrypt and decrypt
messages. The Shift Cipher has a key K, which is an integer
from 0 to 25. We will only share this key with people that we
want to see our message
For Encrypt each plaintext letter p, substitute the cipher text
letter c such that C = E(p) = (p+3) mod 26,
a shift may be any amount, so that general Caesar algorithm is
C = E (p) = (p+k) mod 26
where k takes on a value in the range 1 to 25.
The decryption algorithm is simply P = D(C) = (C-k) mod 26
(or) to Encrypt a message M. Convert the letter into the number
that matches its order in the alphabet starting from 0, and call
this number X, (A=0, B=1, C=2, ..., Y=24, Z=25).
Calculate: Y = (X + K) mod 26
Convert the number Y into a letter that matches its order in the
alphabet starting from 0. Example:
By using the Shift Cipher with key K=19 for our
message. We encrypt the message "KHAN", as
follows
 So, after applying the Shift Cipher with key K=19 our
message text "KHAN" gave us cipher text "DATG".
 For every letter in the cipher text C, convert the letter into the
number that matches its order in the alphabet starting from 0,
and call this number Y.
 If it is known that a given cipher text is a Caesar cipher, then a
brute-force cryptanalysis is easily performed: Simply try all the
25 possible keys.
2) MONOALPHABETIC CIPHERS
Here, Plaintext characters are substituted by a different
alphabet stream of characters shifted to the right or left by n
positions. When compared to the Caesar ciphers, these mono
alphabetic ciphers are more secure as each letter of the cipher
text can be any permutation of the 26 alphabetic characters
leading to 26! or greater than 4 x 1026 possible keys.
But it is still vulnerable to cryptanalysis, when a cryptanalyst is
aware of the nature of the plaintext, he can find the regularities
of the language.
To overcome these attacks, multiple substitutions for a single
letter are used. For example, a letter can be substituted by
different numerical cipher symbols such as 17, 54, 69…... etc.
Even this method is not completely secure as each letter in the
plain text effects on letter in the cipher text.
A permutation of a finite set of elements S is an ordered
sequence of all the elements of S, with each element appearing
exactly once.
For example, if S = {a, b, c}, there are six permutations of S:
abc, acb, bac, bca, cab, cba
But any attacker would simply break the cipher by using
frequency analysis by observing the number of times each letter
occurs in the cipher text and then looking upon the English
letter frequency table. So, substitution cipher is completely
ruined by these attacks. Mono alphabetic ciphers are easy to
break as they reflect the frequency of the original alphabet. A
countermeasure is to provide substitutes, known as
homophones for a single letter.
3) PLAYFAIR CIPHER
The best-known multiple-letter encryption cipher is the Play
fair, which treats diagrams in the plaintext as single units and
translates these units into cipher text diagrams. The Play fair
algorithm is based on the use of a 5 * 5 matrix of letters
constructed using a keyword. Here is an example, solved by
Lord Peter Wimsey in Dorothy Sayers’s Have His Car case

In this case, the keyword is monarchy. The matrix is

constructed by filling in the letters of the keyword (minus
duplicates) from left to right and from top to bottom, and then
filling in the remainder of the matrix with the remaining letters
in alphabetic order. The letters I and J count as one letter.
Plaintext is encrypted two letters at a time, according to the
following rules:
Repeating plaintext letters that are in the same pair are
separated with a filler letter, such as x, so that balloon would be
treated as ba lx lo on.
Two plaintext letters that fall in the same row of the matrix are
each replaced by the letter to the right, with the first element of
the row circularly following the last. For example, ar is
encrypted as RM.
Two plaintext letters that fall in the same column are each
replaced by the letter beneath, with the top element of the
column circularly following the last. For example, mu is
encrypted as CM.
Otherwise, each plaintext letter in a pair is replaced by the letter
that lies in its own row and the column occupied by the other
plaintext letter. Thus, hs becomes BP and ea becomes IM
The Play fair cipher is a great advance over simple mono
alphabetic ciphers. For one thing, whereas there are only 26
letters, there are 26 * 26 = 676 diagrams, so that identification
of individual diagrams is more difficult. Furthermore, the
relative frequencies of individual letters exhibit a much greater
range than that of diagrams, making frequency analysis much
more difficult.
For these reasons, the Play fair cipher was for a long time
considered unbreakable. It was used as the standard field system
by the British Army in World War I and still enjoyed
considerable use by the U.S. Army and other Allied forces
during World War II.
4) HILL CIPHER
Another interesting multi letter cipher is the Hill cipher,
developed by the mathematician Lester Hill in 1929.It is also a
multi letter encryption cipher. It involves substitution of ‘m’
cipher text letters for ‘m’ successive plaintext letters. For
substitution purposes using ‘m’ linear equations, each of the
characters are assigned a numerical value i.e. a=0, b=1, c=2,
d=3……. z=25. For example, if m=3, the system can be defined
as: c1 = (k11p1 + k12p2 + k13p3) mod 26 c2 = (k21p1 +
k22p2 + k23p3) mod 26 c3 = (k31p1 + k32p2 + k33p3) mod
26 If we represent in matrix form, the above statements as
matrices and column vectors.

Thus, C = KP mod26, where C= Column vectors of length 3 P

= Column vectors of length 3 K = 3x3 encryption key matrix.
For decryption process, inverse of matrix K I.e. K-1 is required
which is defined by the equation KK-1 = K-1K = I, where I is
the identity matrix that contains only 0’s and 1’s as its elements.
Plaintext is recovered by applying K-1 to the cipher text. It is
expressed as C = EK(P) = KP mod26 P = DK(C) = K-1C
mod26. = K-1KP = IP = P

5) POLYALPHABETIC CIPHERS
In order to make substitution ciphers more secure, more than
one alphabet can be used. Such ciphers are called
polyalphabetic, which means that the same letter of a message
can be represented by different letters when encoded. Such a
one-to-many correspondence makes the use of frequency
analysis much more difficult in order to crack the code. We
describe one such cipher named for Blaise de Vigenere a 16-th
century Frenchman. The Vigenere cipher is a polyalphabetic
cipher based on using successively shifted alphabets, a different
shifted alphabet for each of the 26 English letters. The
procedure is based on the tableau shown below and the use of
a keyword. The letters of the keyword determine the shifted
alphabets used in the encoding process.
For the message COMPUTING GIVES INSIGHT and
keyword LUCKY we proceed by repeating the keyword as
many times as needed above the message, as follows.

Encryption is simple: Given a key letter x and a plaintext letter

y, the cipher text letter is at the intersection of the row labeled
x and the column labeled y; so for L, the cipher text letter would
be N. So, the cipher text for the given plaintext would be given
as:
 6) VERNAM CIPHER

The ultimate defense against such a cryptanalysis is to choose

a keyword that is as long as the plaintext and has no statistical
relationship to it. Such a system was introduced by an AT&T
engineer named Gilbert Vernam in 1918.

The system can be expressed as:

Thus, the cipher text is generated by performing the bitwise

XOR of the plaintext and the key. Because of the properties of
the XOR, decryption simply involves the same bitwise
operation.

7) ONE TIME PAD CIPHER

It is an unbreakable cryptosystem. It represents the message as
a sequence of 0s and 1s. this can be accomplished by writing
all numbers in binary, for example, or by using ASCII. The key
is a random sequence of 0‟s and 1‟s of same length as the
message. Once a key is used, it is discarded and never used
again. The system can be expressed as follows:
Ci = Pi Ki
Ci - ith binary digit of cipher text Pi - ith binary digit of
plaintext Ki - ith binary digit of key – exclusive OR operation
Thus, the cipher text is generated by performing the bitwise
XOR of the plaintext and the key. Decryption uses the same
key. Because of the properties of XOR, decryption simply
involves the same bitwise operation:
Pi = Ci Ki
e.g., plaintext = 0 0 1 0 1 0 0 1
Key = 1 0 1 0 1 1 0 0
Cipher text = 1 0 0 0 0 1 0 1

TRANSPOSITION TECHNIQUES
All the techniques examined so far involve the substitution of
a cipher text symbol for a plaintext symbol. A very different
kind of mapping is achieved by performing some sort of
permutation on the plaintext letters. This technique is referred
to as a transposition cipher.
Rail fence is simplest of such cipher, in which the plaintext is
written down as a sequence of diagonals and then read off as a
sequence of rows.
Plaintext = meet at the school house
To encipher this message with a rail fence of depth 2,
We write the message as follows: m e a t e c o l o s e t t h s h o
hue
The encrypted message is MEATECOLOSETTHSHOHUE
Row Transposition Ciphers-A more complex scheme is to
write the message in a rectangle, row by row, and read the
message off, column by column, but permute the order of the
columns. The order of columns then becomes the key of the
algorithm.
e.g., plaintext = meet at the school house
Key = 4 3 1 2 5 6 7
PT = m e e t a t t h e s c h o o l h o u s e
CT = ESOTCUEEHMHLAHSTOETO
A pure transposition cipher is easily recognized because it has
the same letter frequencies as the original plaintext.
The transposition cipher can be made significantly more secure
by performing more than one stage of transposition.
The result is more complex permutation that is not easily
reconstructed.
STEGANOGRAPHY
A plaintext message may be hidden in any one of the two ways.
The methods of steganography conceal the existence of the
message, whereas the methods of cryptography render the
message unintelligible to outsiders by various transformations
of the text.
A simple form of steganography, but one that is time
consuming to construct is one in which an arrangement of
words or letters within an apparently innocuous text spells out
the real message.
e.g., (i) the sequence of first letters of each word of the overall
message spells out the real (hidden) message.
(ii) Subset of the words of the overall message is used to convey
the hidden message. Various other techniques have been used
historically, some of them are
 Character marking – selected letters of printed or
typewritten text are overwritten in pencil. The marks are
ordinarily not visible unless the paper is held to an angle to
bright light.
 Invisible ink – a number of substances can be used for
writing but leave no visible trace until heat or some chemical
is applied to the paper.
  Pin punctures – small pin punctures on selected letters are
ordinarily not visible unless the paper is held in front of the
light.
 Typewritten correction ribbon – used between the lines
typed with a black ribbon, the results of typing with the
correction tape are visible only under a strong light.
1. Playing an audio track backwards to reveal a secret message
2. Playing a video at a faster frame rate (FPS) to reveal a hidden
image
3. Embedding a message in the red, green, or blue channel of
an RGB image
4. Hiding information within a file header or metadata
5. Embedding an image or message within a photo through the
addition of digital noise.

• As the image depicts, both cover file(X) and secret

message(M) are fed into steganography encoder as input.
• Steganography Encoder function, f (X, M, K) embeds the
secret message into a cover file.
• Resulting Stego Object looks very similar to your cover file,
with no visible changes.
This completes encoding. To retrieve the secret message,
Stego Object is fed into Steganography Decoder.
Steganography Techniques
Depending on the nature of the cover object (actual object in
which secret data is embedded), steganography can be divided
into five types:
1. Text Steganography
2. Image Steganography
3. Video Steganography
4. Audio Steganography
5. Network Steganography
Text Steganography: Text Steganography is hiding
information inside the text files. Various techniques used to
hide the data in the text are:
• Format Based Method
• Random and Statistical Generation, Linguistic Method
Image Steganography: Hiding the data by taking the cover
object as the image is known as image steganography. There are
 a lot of ways to hide information inside an image. Common
approaches include:
• Least Significant Bit Insertion
• Masking and Filtering
• Redundant Pattern Encoding
• Encrypt and Scatter, Coding and Cosine Transformation
Audio Steganography: In audio steganography, the secret
message is embedded into an audio signal which alters the
binary sequence of the corresponding audio file. Different
methods of audio steganography include:
• Least Significant Bit Encoding, Parity Encoding
• Phase Coding, Spread Spectrum
Video Steganography: In Video Steganography you can hide
kind of data into digital video format. Two main classes of
Video Steganography include:
embedding data in uncompressed raw video and compressing it
later Embedding data directly into the compressed data stream
Network Steganography (Protocol Steganography): It is the
technique of embedding information within network control
protocols used in data transmission such TCP, UDP, ICMP etc.
For Example, you can hide information in the header of a
TCP/IP packet in some fields that are either optional.