Cyber Security and Cyber laws

B. Tech. III Year II semester

CSE~Cyber Security
(Mandatory Course)

Faculty: K. Gnaneshwar
Dept. of CSE~CS,
SNIST
 Course Objectives:

• To learn fundamentals of cryptography and its application to

network security.
• To understand network security threats, security services, and
countermeasures.
• To learn computer security, Internet, E-commerce and E-
governance with reference to Free
• Market Economy
• To learn International Efforts relating to Cyberspace laws and
Cyber crimes
• To learn Law relating to electronic records and intellectual
property rights in India
• To understand ethical laws of computer for different countries.
• To learn Penalties, Compensation and Offences under the
Cyberspace and Internet in India
• To learn Miscellaneous provisions of IT Act and Conclusions
 Course Outcomes:
At the end of this course the student will be able to

1. Familiarize the cryptographic procedures and Understand its

primitives
2. Outline Security policy in Legislation and Comprehend E-
Commerce frame work, modelsand its associated threats
3. Justify the role of electronic signatures in E-Commerce and
summarize the various laws relating to it.
4. Categorize international cyber laws and cyber crimes.
5. Explore Penalties, Compensation and Adjunction of violations
of provisions of IT Act 2000
6. Classify and Outline theoffences under the Cyberspace law and
the Internet in India
Contents
UNIT 1 : Introduction to cyber Security, cryptography, Types of Attacks, Secrete
Key Cryptography
UNIT 2 : Internet, E-commerce and E-governance with reference to Free Market
Economy
UNIT 3: Law relating to electronic records and intellectual property rights in
India
UNIT 4 : International Efforts relating to Cyberspace laws and Cyber crimes
UNIT 5 : Penalties, Compensation
UNIT 6 : Offences under the Cyberspace, Internet in India and Miscellaneous
provisions of IT Act and Conclusions
TEXT BOOK:
1. Network security and Cryptography by Bernard Menezes CENGAGE Learning
Publications, 2010.
2. Cyber Laws and IT Protection, Harish Chander, PHI, 2012
REFERENCE BOOKS:
1. Debby Russell and Sr. G.T Gangemi, "Computer Security Basics (Paperback)”,
2ndEdition, O’ Reilly Media, 2006.
2. Wenbo Mao, “Modern Cryptography – Theory and Practice”, Pearson Education,
New Delhi, 2006.
 Unit 1 syllabus
• UNIT-I
• Introduction to cyber Security, cryptography, Types of Attacks,
Secrete Key Cryptography
Introduction: Cyber attacks, Defense Strategies and Techniques
Mathematical background for Cryptography: Modulo arithmetic, The
greatest common divisor, Useful Algebraic Structures, Chinese
Remainder Theorem
Basics of Cryptography: Secret versus Public key Cryptography, Types
of attacks, Elementary substitution Ciphers, Elementary Transposition
Ciphers, Other Cipher Properties Secrete Key
Cryptography: Product Ciphers, DES Construction, Modes of
Operation, MAC and other Applications, Attacks, Linear Crypt
analysis.
 Cyber security introduction
Defination:
 Cyber security is the practice of protecting computer
systems, networks, and data from digital attacks.

 Cyber security is the protection of Internet-connected

systems, including hardware, software, and data from
cyber attacks.

 cyber security plays a critical role in safeguarding

against various threats, such as unauthorized access,
data breaches(crossing limits), malware infections.

 cyber security primarily focuses on data transfer and

storage,
It is made up of two words one is cyber and other is security.

• Cyber is related to the technology which contains systems, network and

programs or data.
• security related to the protection which includes systems security, network
security and application and information security.

• Why is cyber security important?

In today's digital world, cyber security is more important than ever.

 Our personal information,

 financial data,
 critical infrastructure are all at risk from cyber attacks.

These attacks can have a devastating(like destroy) impact, causing

financial losses, identity theft, and even physical harm.
What are the different types of cyber security threats?
There are many different types of cyber security threats, but some of the most common
include:
Malware: Malicious software, such as viruses, worms, and Trojan horses, can be used to
damage or steal data.
Phishing: Phishing attacks attempt to trick users into revealing personal information, such as
passwords or credit card numbers.
Social engineering: Social engineering attacks exploit human weaknesses, such as trust and
curiosity, to gain access to systems or data.
Denial-of-service (DoS) attacks: A Denial(rejecting) of Service (DoS) attack is a malicious
attempt to disrupt the normal functioning of a targeted server, service, or network by flooding
it with traffic, making it unavailable to legitimate users.

How can I protect myself from cyber security threats?

There are a number of things you can do to protect yourself from cyber security threats,
including:
Use strong passwords and keep them confidential.
Be careful about what information you share online.
Be suspicious of unsolicited emails and attachments.
Keep your software up to date.
Use a firewall and antivirus software.
Back up your data regularly.
Cybersecurity and Other Security
Domains

11
 Other Security domains and Cybersecurity

The term applies in a variety of contexts, from business to mobile

computing, and can be divided into a few common categories.

Network security is the practice of securing a computer network

from intruders, whether targeted attackers or opportunistic
malware.

Application security focuses on keeping software and devices

free of threats. A compromised application could provide access to
the data its designed to protect. Successful security begins in the
design stage, well before a program or device is deployed.

Information security protects the integrity and privacy of data,

both in storage and in transit.

12
 Cyber security Fundamentals –
Confidentiality, Integrity, Availability (CIA)
Confidentiality - preventing the disclosure of data to
unauthorized parties.
Also keep the identity of authorized parties involved in
sharing and holding data private and anonymous.

Often confidentiality is compromised by cracking poorly

encrypted data, Man-in-the-middle (MITM) attacks, disclosing
sensitive data.

Standard measures to establish confidentiality include:

1. Data encryption
2. Two-factor authentication
3. Biometric verification
4. Security tokens 13
Integrity Availability
Availability is making sure that
Integrity refers to protecting
authorized parties are able to
information from being access the information when
modified by unauthorized needed.
parties.
Standard measures to
guarantee availability include:
Standard measures to 1. Backing up data to
guarantee integrity include: external drives
2. Implementing firewalls
1. Cryptographic checksums 3. Having backup power
2. Using file permissions supplies
3. Data backups
4. Data redundancy 14
15
The 7 layers of cyber security should center on the mission critical assets you
are seeking to protect.
1: Mission Critical Assets – This is the data you need to protect
2: Data Security – Data security controls protect the storage and transfer of
data.
3: Application Security – Applications security controls protect access to an
application, an application’s access to your mission critical assets, and the
internal security of the application.
4: Endpoint Security – Endpoint security controls protect the connection
between devices and the network.
5: Network Security – Network security controls protect an organization’s
network and prevent unauthorized access of the network.
6: Perimeter Security – Perimeter security controls include both the physical
and digital security methodologies that protect the business overall.
7: The Human Layer – Humans are the weakest link in any cyber security
posture. Human security controls include phishing simulations and access
management controls that protect mission critical assets from a wide variety
of human threats, including cyber criminals, malicious insiders, and negligent 16
 Cyber attacks
 A cyber attack is an attempt to steal data or
cause harm to a computer, network or device.
Cyber attackers use different methods to break into
computer systems and there are various
motivations behind them including personal,
criminal and political.

 Cyber attacks can have a dangerous and

destructive impact on businesses and individuals,
as they can result in theft of money, disruption to
business operations, business loss, and more.
Types of cyber-attacker actions and their motivations
when deliberate

18
 Deliberate Attack Motivation
1. Political motivations: examples include destroying,
disrupting, or taking control of targets; making political
statements, protests, or retaliatory actions.

2. Economic motivations: examples include theft of intellectual

property or other economically valuable assets (e.g., funds,
credit card information); fraud; industrial espionage and
sabotage; and blackmail.

3. Socio-cultural motivations: examples include attacks with

philosophical, theological, political, and even humanitarian
goals . Socio-cultural motivations also include fun, curiosity,
and a desire for publicity or ego gratification.
19
 Types of attacks
Active attacks, passive attacks, Software attacks, hardware
attacks
Active attacks:
An active attack is a network exploit in which a hacker attempts to
make changes to data on the target or data en route to the target.
Types of Active attacks:
1) Masquerade 2) Session replay 3)Message modification
4) Denial of service (DoS) attack 5)Distributed denial-of-service (DDoS)
exploit

20
 Active Attack What is it?
Name

Masquerade: stolen login IDs and passwords, through finding security gaps in programs
or through bypassing the authentication mechanism.(mail received from
attacker but shown from sender)

Session replay A hacker steals an authorized user’s login information by stealing the
session ID. The intruder gains access and the ability to do anything the
authorized user can do on the website

Message An intruder alters packet header addresses to direct a message to a

modification different destination or modify the data on a target machine.

Denial(refuse) of Users are deprived(loss) of access to a network or web resource. This is

service (DoS) generally accomplished by overwhelming the target with more traffic than it
attack can handle

Distributed In this, large numbers of compromised systems (sometimes called a botnet

Denial-of-Service or zombie army) attack a single target.
(DDoS)
21
 Active attacks, Passive attacks, Software attacks, hardware attacks

Passive attacks:
Passive attacks are relatively scarce from a classification perspective, but
can be carried out with relative ease, particularly if the traffic is not
encrypted.
Types of passive attacks:

1. Eavesdropping (tapping): the attacker simply listens to messages

exchanged by two entities. For the attack to be useful, the traffic must not
be encrypted. Any unencrypted information, such as a password sent in
response to an HTTP request, may be retrieved by the attacker.

2. Traffic analysis: the attacker looks at the metadata transmitted in traffic

in order to deduce information relating to the exchange and the
participating entities, e.g. the form of the exchanged traffic (rate, duration,
etc.). In the cases where encrypted data are used, traffic analysis can also
lead to attacks by cryptanalysis, whereby the attacker may obtain
information or succeed in un encrypting the traffic.

22
Diffe.b/w active and passive attacks
Active attacks, Passive attacks, Software attacks, hardware attacks

• Malicious code (sometimes called malware) is a type of

software designed to take over or damage a computer user's
operating system, without the user's knowledge or approval.

• It can be very difficult to remove and very damaging.

• Common malware examples are

1. Virus
2. Worm
3. Trojan horse
4. Logic Bomb

24
Virus
A virus is a program that attempts to damage a computer system and
replicate itself to other computer systems.

• virus Requires a host to replicate and usually attaches itself to a host file or a
hard drive sector.
• Replicates each time the host is used.
• Often focuses on destruction or corruption of data.
• Usually attaches to files with execution capabilities such as .doc, .exe, and .bat
extensions.
• Often distributes via e-mail. Many viruses can e-mail themselves to everyone
in your address book.
• Examples: Stoned, Michelangelo, Melissa, I Love You.
Worm
A worm is a self-replicating program that can be designed to do any number of
things, such as delete files or send documents via e-mail. A worm can
negatively impact network traffic just in the process of replicating itself.

• worm Can install a backdoor in the infected computer.

• Is usually introduced into the system through a vulnerability.
• Infects one system and spreads to other systems on the network.
• Example: Code Red.(In 2001 attacked)
25
Trojan horse :A Trojan horse is a malicious program that is disguised
(diff.looking)as legitimate(law based) software. Discretionary
environments are often more vulnerable and susceptible to Trojan horse
attacks because security is user focused and user directed. Thus the
compromise of a user account could lead to the compromise of the entire
environment.

• Trojan horse Cannot replicate itself.

• Often contains spying functions (such as a packet sniffer) or backdoor
functions that allow a computer to be remotely controlled from the network.
• Often is hidden in useful software such as screen savers or games.
• Example: Tiny Banker, Net Bus, Magic Lantern
Logic Bomb A Logic Bomb is malware that lies(fake) dormant (sllep
mode)until triggered. A logic bomb is a specific example of an
asynchronous attack.
• A trigger activity may be a specific date and time, the launching
of a specific program, or the processing of a specific type of
activity.
• Logic bombs do not self-replicate.
• Other names: slag code, code bombs and cyber bombs.
• Examples: Siemens spreadsheet
26
Hardware attacks

Common hardware attacks include:

• Malicious(harmful) Tools in your Mouse & Keyboard. ...
• Using an iPhone Charger as an Attack Tool. ...
• Utilizing a Malicious USB Thumb Drive. ...
• Hardware Attack Tools are Invisible and Invincible(hidden
attack). ...

• Inducing faults, causing the interruption of normal behavior

• Hardware modification tampering with invasive operations
• Backdoor creation; the presence of hidden methods for bypassing
normal computer authentication systems
•
27
 Cyber attacks Defense Strategies and
Techniques
• Creating a Secure Cyber Ecosystem
• Creating an Assurance Framework
• Encouraging Open Standards
• Strengthening the Regulatory Framework
• Creating Mechanisms for IT Security
• Securing E-governance Services
• Protecting Critical Information Infrastructure
• Firewalls: Firewalls monitor and control incoming and outgoing network traffic based on
predetermined security rules. They act as a barrier between a trusted internal network and
untrusted external networks, such as the internet.
• Intrusion Detection Systems (IDS) and Intrusion Prevention Systems (IPS): IDS monitors
network traffic for suspicious activity and alerts administrators when potential threats are
detected. IPS goes a step further by actively blocking or preventing detected threats from
entering the network.
• Antivirus Software: Antivirus software scans for and removes malicious software from
computers and networks. It helps detect and eliminate viruses, worms, Trojans, and other
types of malware.
• Encryption: Encrypting sensitive data helps protect it from unauthorized access even if it is
intercepted. Techniques such as SSL/TLS for web traffic and encryption protocols for data at
rest provide an additional layer of security.
• Two-Factor Authentication (2FA) and Multi-Factor Authentication (MFA): Adding an
extra layer of authentication beyond just passwords makes it more difficult for attackers to
gain unauthorized access to accounts and systems.
• Security Awareness Training: Educating employees about common cyber threats, phishing
techniques, and best practices for maintaining security helps prevent successful attacks that
rely on human error..
• Network Segmentation: Segmenting networks into smaller, isolated zones helps contain the
impact of a cyber attack and prevents attackers from moving laterally within the network.
 Mathematical background for Cryptography
Modulo arithmetic:
• In cryptography, modulo arithmetic plays a crucial role in various encryption
and decryption algorithms, particularly those based on modular arithmetic
operations such as RSA (Rivest, Shamir, Adleman)and Diffie-Hellman key
exchange. Modular arithmetic involves arithmetic operations performed on
integers modulo a given modulus.
• Here's a simple example to illustrate modulo arithmetic:
• Let's consider the operation 17mod 5
• To compute this, you divide 17 by 5:
• 17÷5=3 17%5=2
• In cryptography, this concept is often applied to the computation of remainders
when dividing large numbers, which is useful for generating keys, encrypting
and decrypting messages, and verifying digital signatures.

Modular arithmetic is the branch of arithmetic mathematics related with the

“mod” functionality. Basically, modular arithmetic is related with computation
of “mod” of expressions. Expressions may have digits and computational
symbols of addition, subtraction, multiplication, division or any other. Here we
will discuss briefly about all modular arithmetic operations.
What is Modular Arithmetic:
In modular arithmetic, we select an integer, n, to be our “modulus”. Then our system of
numbers only includes the numbers 0, 1, 2, 3, ..., n-1. In order to have arithmetic
make sense, we have the numbers “wrap around” once they reach n.
Example: If we pick the modulus 5, then our solutions are required to be in the set {0, 1, 2,
3, 4}. We have 2+1=3 and 2+2=4 as usual. Then 2+3=5, which is not in our set, so it
wraps around giving 2+3=0. Then 2+4=6, which wraps around to be 1.

How do we write modular arithmetic?

Continuing the example above with modulus 5, we write:
2+1 …… 3 (mod 5) = 3
2+2 ……. 4 (mod 5) = 4
2+3 …… 5 (mod 5) = 0
2+4 ……. 6 (mod 5) = 1

Challenge question! What is 134 (mod 5)?

It might help us to think about modular arithmetic as the remainder when we divide by
the modulus.
For example 214 (mod 5) = 4 since 214 /5 = 42 with remainder 4 (because 214 /5 = 42*5
+4).
• Modular Addition: • Modular Division:
Rule for modular addition is: • The modular division is totally different
(a + b) mod m = ((a mod m) + (b mod from modular addition, subtraction
and multiplication. It also does not
m)) mod m
exist always.
Example: • (a / b) mod m is not equal to ((a mod
(15 + 17) % 7 = ((15 % 7) + (17 % 7)) % m) / (b mod m)) mod m.This is
7 = (1 + 3) % 7 = 4 % 7 = 4The same calculated using the following formula:
rule is to modular subtraction. We • (a / b) mod m = (a x (inverse of b if
don’t require much modular exists)) mod m
subtraction but it can also be done
in the same way. • Modular Inverse:
• Modular Multiplication: • The modular inverse of a mod m exists
The Rule for modular multiplication is: only if a and m are relatively prime i.e.
gcd(a, m) = 1. Hence, for finding the
(a x b) mod m = ((a mod m) x (b mod inverse of an under modulo m, if (a x b)
m)) mod m mod m = 1 then b is the modular
Example: inverse of a.
(12 x 13) % 5 = ((12 % 5) x (13 % 5)) % • Example: a = 5, m = 7 (5 x 3) % 7 = 1
5 = (2 x 3) % 5 = 6 % 5 = 1 hence, 3 is modulo inverse of 5 under
7.
• Modular Exponentiation:
• Finding a^b mod m is the modular exponentiation. There are two
approaches for this – recursive and iterative. Example:
• a = 5, b = 2, m = 7
• (5 ^ 2) % 7 = 25 % 7 = 4
• There is often a need to efficiently calculate the value of x n mod m. This
can be done in O(logn) time using the following recursion:

• It is important that in the case of an even n, the value of x n/2 is calculated

only once.
• This guarantees that the time complexity of the algorithm is O(logn)
because n is always have when it is even.
The modulo operator has the following properties −
a ≡ b mod n if n|(a − b).
(a mod n) = (b mod n) implies a ≡ b mod n.
a ≡ b mod n implies b ≡ a mod n.
a ≡ b mod n and b ≡ c mod n imply a ≡ c mod n.

Properties of modular arithmetic operations

[(a mod n) + (b mod n)] mod n = (a + b) mod n
[(a mod n) - (b mod n)] mod n = (a - b) mod n
[(a mod n) x (b mod n)] mod n = (a x b) mod n
Let Zn = {0, 1, 2,… (n-1)}, be the set of residues modulus n.
Property Expression
Commutative laws (w + x) mod n = (x + w) mod n
Associative laws (w x x) mod n = (x x w) mod n
[(w + x)+y] mod n = [w+(x+y)] mod n
Distributive laws [(w x x) x y] mod n = [w x (x x y)] mod n

Identities [(w x (x + y)] mod n =[(w x x) + (w x y)]

mod n
(0 + w) mod n = w mod n
Additive inverse (-w) (1 x w) mod n = w mod n
For each w ∈ Zn, there exists a z such
that w + z ≡ 0 mod n
The Role of Modulo in Cryptography
1. Key Generation:
Cryptographic keys are often generated as large prime numbers. To ensure that a number is
prime, modulo operations are used to verify its primality.

2. Modular Exponentiation:
It involves calculating ‘a^b mod n,’ where ‘a’ is the base, ‘b’ is the exponent, and ’n’ is the
modulus. This operation allows for efficient and secure encryption and decryption of
messages.

3. Hash Functions:
These functions often employ modulo arithmetic to map an input to a fixed-size output. By
applying the modulo operator to the result, the output remains within a specified range,
making it suitable for cryptographic applications.

4. Cryptographic Protocols:
Many cryptographic protocols, such as the Diffie-Hellman key exchange and the Digital
Signature Algorithm (DSA), rely on modulo arithmetic to establish secure communication
channels and verify the authenticity of messages.

5. Cryptographic Primitives:
In symmetric encryption algorithms like AES (Advanced Encryption Standard), modulo
operations are used within the algorithm to ensure that encryption and decryption
processes are reversible and secure.
• Let us learn the mechanism behind
the RSA algorithm : • Now we are ready with our
Generating Public Key: – Public Key ( n = 3127 and e
Select two prime no's.
= 3) and Private Key(d =
Suppose P = 53 and Q = 59.
Now First part of the Public key : 2011) Now we will
n = P*Q = 3127. encrypt “HI”:
We also need a small exponent e : • Convert letters to numbers :
But e Must be An integer.
Not be a factor of Φ(n). H = 8 and I = 9
1<e< Thus Encrypted Data c =
Φ(n) [Φ(n) is discusse (pow(89,e)mod n
d below],
Thus our Encrypted Data
Let us now consider it to be equal to 3 comes out to be 1394
.
Now we will decrypt 1394 :
Our Public Key is made of n and e Decrypted Data =
(cd)mod n
>> Generating Private Key:
Thus our Encrypted Data
We need to calculate Φ(n) :
Such that Φ(n) = (P-1)(Q-1) comes out to be 89
so, Φ(n) = 3016 8 = H and I = 9 i.e. "HI".
Now calculate Private Key, d :
d = (k*Φ(n) + 1) / e for some integer k
 Mathematical background for Cryptography (The greatest common divisor)

• In cryptography, GCD (Greatest Common Divisor) plays a role in various algorithms and
cryptographic protocols, particularly those based on number theory. Here are a few areas
where GCD is relevant:
• RSA Encryption: In RSA encryption, the security of the algorithm relies on the difficulty of
factoring large composite numbers. The RSA public key consists of two large prime
numbers, and the security of the encryption depends on these primes being kept secret.
GCD calculations are often used in RSA key generation to ensure that the public and private
keys are properly constructed.
• Diffie-Hellman Key Exchange: In the Diffie-Hellman key exchange protocol, two parties can
agree on a shared secret over an insecure communication channel. The security of this
protocol relies on the difficulty of the discrete logarithm problem. GCD calculations are
involved in certain steps of the protocol to ensure the security of the shared secret.
• Primality Testing: GCD calculations can be used in primality testing algorithms, which are
essential for generating large prime numbers used in various cryptographic applications.
For example, the Miller-Rabin primality test involves GCD computations as part of its
probabilistic primality testing process.
• Overall, GCD calculations are a fundamental aspect of many cryptographic algorithms and
protocols, helping to ensure the security and integrity of encrypted communications and
digital transactions.
• What is Euclidean Algorithm?(To find GCD of 2 no.s )
Euclidean Algorithm is one of the oldest algorithms that
was published around 300 BC which is based on the
principle that the GCD of two numbers does not change
if the larger number is replaced by its difference with the
smaller number, i.e.,
• Examples of Euclidean Algorithm
• Find the GCD of 48 and 18.
• 48 = 18 * 2 + 12
• 18 = 12 * 1 + 6
• 12 = 6 * 2 + 0
• Hence, the GCD(48, 18) = 6.
 Using GCD and Modulo arithmetic in cryptography (Example java program
/*package whatever //do not write package name here */ // Finding the other part of public key.
import java.io.*; // double e stands for encrypt
import java.math.*; double e = 2;
import java.util.*; double phi = (p - 1) * (q - 1);
/* Java program for RSA asymmetric cryptographic algorithm.
For demonstration, values are relatively small compared to while (e < phi) {
practical application */
/* e must be co-prime to phi and smaller than phi. */
public class GFGF {
if (gcd(e, phi) == 1)
public static double gcd(double a, double h)
break;
{
else
/* This function returns the gcd or greatest common
e++;
divisor */
}
double temp;
int k = 2; // A constant value
while (true) {
double d = (1 + (k * phi)) / e;
temp = a % h;
// Message to be encrypted
if (temp == 0)
double msg = 12;
return h;
System.out.println("Message data = " +
a = h; msg);
h = temp; // Encryption c = (msg ^ e) % n
} double c = Math.pow(msg, e);
} c = c % n;
public static void main(String[] args) System.out.println("Encrypted data = " +
{ c);
double p = 3;
double q = 7; // Decryption m = (c ^ d) % n
double m = Math.pow(c, d);
// Stores the first part of public key: m = m % n;
double n = p * q; System.out.println("Original Message Sent = " + m);
}
}
 Chinese remainder theorem

The Chinese Remainder Theorem (CRT) is a fundamental result in number theory, particularly in the field of
modular arithmetic. It provides a solution to a system of simultaneous congruences(when two things are
similar)which are equations expressing that two numbers have the same remainder when divided by another
number.
overview of the Chinese Remainder Theorem:
x≡a1​(mod m1​)
x≡a2​(mod m2​)
…..
……
x≡an​(mod mn​)
where m1​,m2​,...,mn​are pair wise co prime (i.e., their greatest common divisors are all 1) and a1​,a2​,...,an​are
any integers.
The Chinese Remainder Theorem states that there exists a unique solution for x modulo the product of the modulo
m1​⋅m2​...
⋅ ⋅mn​, denoted as M.
Moreover, the solution x can be found using the formula:
X ≡ (∑ i=1 to n​ai​⋅ Mi​⋅ Ni​) (mod M)
where:
M = m1​⋅m2​...
⋅ ⋅mn​
Mi ​= M/mi​
Ni​is the modular inverse of Mi​modulo mi​

The Chinese Remainder Theorem has numerous applications in various areas of mathematics and computer science,
including cryptography, error-correcting codes, and even in solving systems of linear congruences in number
theory. It's an essential tool in solving problems involving modular arithmetic and finding solutions in certain
algebraic structures.
•
 Consider the following example for chinese remainder theorem.
Ninj has a friend, Alice, who has a secret number she wants to share with him. But instead of giving the number
directly, she decided to give him the remainder of the number when divided by two different factors, say 5 and
7. Let's say her number has a remainder of 1 when divided by 5 and a remainder of 2 when divided by 7
To find the number, Ninja can use the Chinese Remainder Theorem to combine the remainders in a certain way
to get a unique solution that satisfies both equations.
The equation that he can form from this will be:
X ≅ 1 (mod 5)
X ≅ 2 (mod 7)
X is Alice’s secret number.
Before moving to the solution, try to find X yourself so the concept of the Chinese Remainder Theorem will be
clear to you.
• Finding Zi for Mi:
Here,
– M1Z1 ≅ 1(mod m1)
y1 = 1, y2 = 2
M1Z1 ≅1(mod m1)
m1 = 5, m2 = 7 7*Z1 ≅1(mod 5) 1
Calculating M: Z1 = 3
M = m1*m2
=5*7 – M2Z2 ≅ 1(mod m2)
= 35
5*Z2 ≅1(mod 7) 1
Finding Mi: Z2 = 3
M₁ = M / m1
= m2 (here, M = m1*m2 / m1) • Calculating X:
=7 X = (y1 * Z1 * M1 + y2 * Z2 * M2) mod M
M₂ = M / m2 = (1 * 3 * 7 + 2 * 3 * 5) mod 35
= (21 + 30) mod 35
= m1 (here, M = m1*m2 / m2) = (51) mod 35
=5 = 16
So, Alice’s number was 16.

Let us now code the Chinese Remainder Theorem.

7*x(mod 5) = 1 in this what is x value

To solve the equation 7x≡1mod 5

7x ≡1mod5, we need to find an integer x such that when 7x is divided by 5, the

remainder is 1.

To solve this modular equation, we can try each integer from 0 to 4 and find which one
satisfies the equation:
7×0≡0mod 5
7×1≡7≡2mod 5
7×2≡14≡4mod 5
7×3≡21≡1mod 5
7×4≡28≡3mod 5
So, the solution is x=3.
• Useful Algebraic Structures in cryptography

• Algebraic structures play a crucial role in cryptography, providing a framework for designing and
analyzing cryptographic algorithms. Here are some useful algebraic structures in cryptography:

1. Groups: Groups are fundamental algebraic structures used in various cryptographic protocols. They
consist of a set of elements and an operation (often denoted as multiplication or addition) that
satisfies closure, associativity, identity, and invertibility properties. In cryptography, groups are
often used in protocols like Diffie-Hellman key exchange and elliptic curve cryptography.
2. Rings and Fields: Rings and fields are algebraic structures that extend the concept of groups. A ring
is a set equipped with two operations (usually addition and multiplication) that satisfy certain
properties, while a field is a ring with the additional property that every nonzero element has a
multiplicative inverse. Modular arithmetic, which is widely used in cryptography, is based on rings
and fields.
3. Finite Fields: Finite fields, also known as Galois fields, are fields with a finite number of elements.
They are extensively used in cryptographic algorithms such as AES (Advanced Encryption
Standard), where finite field arithmetic is employed to achieve cryptographic operations efficiently.
4. Vector Spaces: Vector spaces are algebraic structures consisting of a set of elements called vectors,
along with operations of addition and scalar multiplication. In cryptography, vector spaces are
utilized in various algorithms, such as error-correcting codes and lattice-based cryptography.
5. Algebraic Structures on Elliptic Curves: Elliptic curve cryptography (ECC) is based on the algebraic
structure of elliptic curves defined over finite fields. Elliptic curves provide a group structure that
forms the basis for cryptographic primitives like elliptic curve Diffie-Hellman (ECDH) key exchange
and elliptic curve digital signature algorithm (ECDSA).
6 . Algebraic Structures on Lattices: Lattice-based cryptography relies on the
algebraic structure of lattices, which are discrete additive subgroups of
vector spaces. Lattices are used in cryptographic schemes such as lattice-
based encryption, digital signatures, and homomorphic encryption.

7 . Algebraic Structures in Boolean Functions: Boolean functions, which map

binary inputs to binary outputs, are central to symmetric key
cryptography, particularly in the design of cryptographic primitives like
block ciphers and stream ciphers. Algebraic structures such as finite fields
and rings are often used to analyze and manipulate Boolean functions
efficiently.

• Understanding and leveraging these algebraic structures are essential for

the design, analysis, and implementation of secure cryptographic
algorithms and protocols.
 Basics of cryptography
What is Cryptography?
 Cryptography is a method to secure communication from unauthorized
party.

 Cryptography allows the following 3 goals to be achieved:

1) Confidentiality 2) Integrity 3)Authenticity
 Basics of cryptography

Confidentiality
• Cryptography protects the secrecy of information. Even if the transmission or storage medium has been
compromised, the encrypted information will be render useless to unauthorized person.
Integrity
• Cryptography ensures the information has not been tampered with using hashing method.
Authenticity
• Cryptography ensures the information sent is from intended and not fake sender. This done using digital
certificate, digital signature and Public Key Infrastructure (PKI).
• Cryptography can be further divided into:
• Symmetric (or Secret Key) Cryptography
• Asymmetric (or Public Key) Cryptography
What is Symmetric Cryptography?
In symmetric cryptography, both sender and receiver uses the same secret key to encrypt and decrypt a message.
The most widely used symmetric algorithm is AES (Advanced Encryption Standard )-128, AES-192, and AES-256.
All AES algorithms uses the block size of 128-bit but different size of key lengths (128, 192, 256).
What is Asymmetric Cryptography?
Asymmetric cryptography uses a key pairs — public and private key. It works in a way, message encrypted with
either public or private key can only be decrypted using the other key of the pair. That is public key to
encrypt, private key to decrypt and private key to encrypt, public key to decrypt. Public keys are
disseminated in public network whereas private keys are only known to the owners. This key pair
cryptography differs from symmetric cryptography which uses one secret key.

Some of the algorithms includes RSA(Rivest, Shamir, Adleman), Diffie-Helman key exchange, etc.
Asymmetric Cryptography has 2 usages, data encryption and digital signature.
 Basics of cryptography
secreate cryptography

Public key cryptography

Secret Key Cryptography Public Key Cryptography
secret key cryptography, also known as public key cryptography, also known as Asymmetric
symmetric cryptography cryptography
in secret key cryptography the same key Public key cryptography uses a pair of keys: a
is used for both encryption and public key and a private key. The public key is
decryption. used for encryption, while the private key is used
for decryption.
The key must be kept secret between the Each user has a public-private key pair.
communicating parties.
It's typically faster and more efficient The public key can be freely distributed, while the
than public key cryptography. private key is kept secret.
Common algorithms include AES Common algorithms include RSA (Rivest-Shamir-
(Advanced Encryption Standard) and Adleman) and ECC (Elliptic Curve Cryptography).
DES (Data Encryption Standard).
However, distributing the secret key It provides a solution to the key distribution
securely to all parties can be a challenge, problem in secret key cryptography.
especially in large networks.
Public key cryptography is computationally Public key cryptography is computationally more
less expensive than Asymmetric cryptography expensive than symmetric cryptography, especially
for key generation and encryption.
. encryption and decryption take more time in . encryption and decryption take more time in public-key
public-key encryption because In secret key encryption because in public-key encryption, different
encryption, a single shared key is used to two keys are used
encrypt and decrypt the message
• Public key cryptography is often used in combination
with secret key cryptography for secure
communication.

• For example, a common approach is to use public key

cryptography to securely exchange a secret key, which
is then used for encrypting the actual message using
symmetric encryption.

• This combination provides the security benefits of

public key cryptography while increasing efficiency of
symmetric encryption for bulk data.
 Elementary substitution Ciphers

 Elementary substitution ciphers are simple methods of encryption where each letter in
the plaintext is replaced with another letter according to a fixed system.
 The most well-known substitution cipher is the Caesar cipher, where each letter in the
plaintext is shifted a certain number of places down or up the alphabet.

Example : with a Caesar cipher with a shift of 3:

• Plain: ABCDEFGHIJKLMNOPQRSTUVWXYZ
• Cipher: XYZABCDEFGHIJKLMNOPQRSTUVW
• So, "HELLO" would be encrypted as "EBIIL" using this cipher.

Another example is the Atbash cipher, where each letter is replaced with its reverse in
the alphabet:
• Plain: ABCDEFGHIJKLMNOPQRSTUVWXYZ
• Cipher: ZYXWVUTSRQPONMLKJIHGFEDCBA
• So, "HELLO" would be encrypted as "SVOOL" using the Atbash cipher.

These are just two examples of elementary substitution ciphers, but there are many other
types, each with its own method of encryption.
 Elementary transposition ciphers
 Elementary transposition ciphers involve rearranging the letters of a message according to a
certain system or key.

 One common method is the rail fence cipher,

where the message is written diagonally over a number of "rails" or lines, and then read off in a
different order.

 Another simple transposition cipher is the

columnar transposition cipher,
where the message is written out in rows of a fixed length, then arranged in columns according to
a keyword, and finally read off row by row.

 Both of these ciphers are relatively easy to implement and can be fun to use for simple encryption
tasks, though they are not particularly secure against modern cryptographic techniques.

Transposition Techniques

1. Rail Fence Transposition

2. Columnar Transposition
3. Book Cipher/Running Key Cipher
Rail Fence Transposition
• Step 1: The plain text is written as a sequence of diagonals.
• Step 2: Then, to obtain the cipher text the text is read as a sequence of
rows.
• Plain Text: meet me Tomorrow
• Now, we will write this plain text sequence wise in a diagonal form as you
can see below:

• Looking at the image, you would get it why it got named rail fence because
it appears like the rail fence.
• first half of cipher text will be:
memtmro
• second row of the rail fence, we will get the second half of the cipher text:
eteoorw
• Now, to obtain the complete cipher text combine both the halves of cipher
text and the complete cipher text will be:
• Cipher Text: M E M T M R O E T E O O R W
Columnar Transposition
• The columnar transposition cipher is more complex as compared to the rail fence. The steps to obtain
cipher text using this technique are as follow:
• Step 1: The plain text is written in the rectangular matrix of the initially defined size in a row by row
pattern.
• Step 2: To obtain the cipher text read the text written in a rectangular matrix column by column. But
you have to permute the order of column before reading it column by column. The obtained message is
the cipher text message.
• To understand the columnar transposition let us take an example:
• Plain text: cyber security
• Now, put the plain text in the rectangle of a predefined size. For our example, the predefined size of the
rectangle would be 5x3. As you can see in the image below the plain text is placed in the rectangle of
5x3. And we have also permuted the order of the column.
c y b e r b c y r e
• 1 2 3 4 5 3 1 2 4 5
s e c u r c s e r u
i t y - - y i t - -

• Now, to obtain the cipher text we have to read the plain text column by column as the sequence of
permuted column order. So, the cipher text obtained by the columnar transposition technique in this
example is:
 Book Cipher or Running Key Cipher

• Book Cipher or Running Key Cipher

• The book cipher or the running key cipher works on the basic principle of one-time pad
cipher. In onetime pad cipher the key is taken as long as the plain text and is discarded after
the use. Every time a new key is taken for a new message.
• Step 1: Convert the plain text in numeric form consider A=0, B=1, C=3 …, Z=25.
• Step 2: Take an onetime pad or key from any of the books and convert it in the numeric form
also. But the key must be as long as the length of plain text.
• Step 3: Now add the numeric form of both plain text and key, each plain text letter with
corresponding key text letter. If the addition of any plain text letter with corresponding key
text letter is >26, then subtract it with 26.
Example: Plain text: Meet Tomorrow Key taken from the book: ANENCRYPTION.
 Other Cipher Properties :

• Cipher properties refer to the various characteristics and features of a

cryptographic algorithm or system. These properties are essential for ensuring
the security and effectiveness of the cipher in protecting sensitive information.
Some common cipher properties include:
1. Confusion: Confusion refers to the complexity of the relationship between
the plaintext and the cipher text in a cipher. A cipher with strong confusion
ensures that even small changes in the plaintext result in significant changes
in the cipher text, making it difficult for attackers to analyze and break the
cipher.
2. Diffusion: Diffusion refers to the dispersal of the plaintext information
throughout the cipher text. A cipher with strong diffusion ensures that a
change in one part of the plaintext affects a large portion of the cipher text,
preventing attackers from identifying patterns or regularities in the
encrypted data.
3. Key space: The key space refers to the total number of possible keys that can
be used with a cipher. A larger key space makes it more difficult for attackers
to perform exhaustive search attacks, where they try every possible key to
decrypt the cipher text.
4. Key sensitivity: Key sensitivity refers to how sensitive the cipher is to
changes in the encryption key. A cipher with high key sensitivity ensures
that even small changes in the key result in significant changes in the cipher
text, enhancing security.
5. Avalanche effect: The avalanche effect refers to the property of a cipher where a
small change in the plaintext or the key results in a significant change in the
cipher text. A cipher with a strong avalanche effect helps in obscuring the
relationship between the plaintext and the cipher text, making it more resistant
to cryptanalysis.
6. Resistance to known attacks: A secure cipher should be resistant to various
known cryptographic attacks, such as brute force attacks, differential
cryptanalysis, linear cryptanalysis, and others. Resistance to known attacks
ensures that the cipher remains secure even when attackers have access to some
cipher text or plaintext information.
7. Efficiency: Efficiency refers to the computational complexity of the cipher
algorithm. A cipher should be efficient in terms of both encryption and
decryption speed, as well as in terms of the computational resources
required to implement the algorithm.

By considering these properties, cryptographers can evaluate the strength

and suitability of a cipher for specific security requirements and use
cases.
 secret key cryptography
Product ciphers

 Product ciphers are a type of secret key cryptography where the encryption and
decryption process involves multiple rounds of substitution and permutation
operations.

 The basic idea is to repeatedly apply these operations to transform the plaintext
into cipher text and vice versa.

 In a product cipher, each round typically consists of a substitution step, where

elements of the plaintext are replaced with different elements, and a permutation
step, where the positions of the elements are rearranged. These operations are
typically performed using cryptographic algorithms such as the Data Encryption
Standard (DES) or the Advanced Encryption Standard (AES).

 One of the advantages of product ciphers is that they can provide a high level of
security by using multiple rounds of encryption, which makes it difficult for
attackers to decrypt the cipher text without knowing the secret key. Additionally,
the use of both substitution and permutation operations adds complexity to the
encryption process, making it harder for attackers to analyze and break the cipher.
• However, product ciphers can also be computationally
intensive, especially if they involve a large number of
rounds or complex encryption algorithms. Additionally,
their security depends heavily on the strength of the
underlying encryption algorithms and the secrecy of the
key used for encryption.

• Overall, product ciphers are widely used in modern

cryptography for securing sensitive information, and
they play a crucial role in ensuring the confidentiality of
data in various applications, including communication
systems, financial transactions, and data storage.
 Product cypher example

Plain Text : Helloworld (first transposition)

1 2 3 4 5 3 1 2 5 4
H E L L O L H E O L
W O R L D R W O D L

Substitution Key: A->Z, B->Y, C->X, ..., Z->A

NextAsubstitution
B C D E F G H I J K L M N O P Q R S T U V WX Y Z
Z Y X WV U T S R Q P O N M L K J I H G F E D C B A

LHEOLRWODL
OSVLOIDLWO

The final encrypted message is “O S V L O I D L W O” (Cypher text)

 The Data Encryption Standard (DES)
Data Encryption Standard (DES) is a symmetric-key algorithm for
encryption and decryption of data. It was one of the earliest encryption
algorithms widely used in commercial applications.

The DES algorithm operates on blocks of data and uses a fixed-length key
of 56 bits .
DES published by the National Institute of Standards and Technology
(NIST).

DES is a block cipher, and encrypts data in blocks of size of 64 bit each,
means 64 bits of plain text goes as the input to DES, which produces 64 bits
of cipher text. The same algorithm and key are used for encryption and
decryption, with minor differences. The key length is 56 bits.

since 8 bytes of the 64 bits of the key are not used by the encryption
algorithm (function as check bits only). General Structure of DES is
depicted in the following illustration −
General Structure of DES is depicted in the following illustration −
Round Function
 The Data Encryption Standard (DES)

The construction of DES involves several components:

 Initial Permutation (IP): The plaintext block is permuted according to a fixed table.
 Key Schedule: The 56-bit key is expanded into sixteen 48-bit round keys, one for each round of
encryption.
 Round Function: Each round of DES consists of several operations, including expansion,
substitution, permutation, and XOR with the round key.
 Final Permutation (FP): The output of the last round is permuted according to a fixed table to
produce the cipher text.

The round function is the heart of the DES algorithm and includes the following steps:

• Expansion: The 32-bit half-block is expanded to 48 bits using a fixed permutation table.
• Key Mixing: The expanded half-block is XORed with the round key.
• Substitution: The 48-bit result is divided into eight 6-bit blocks, each of which is substituted with
a 4-bit value using a set of S-boxes (substitution boxes). The S-boxes provide non-linear mixing,
increasing the complexity of the encryption process.
• Permutation: The output of the S-boxes is permuted using another fixed table.
• XOR with the other half: The permuted half-block is XORed with the other 32-bit half-block.
• This process is repeated for a total of 16 rounds, with each round using a different round key
derived from the original key.
The final permutation is the inverse of the initial permutation, ensuring that the decryption
process is the reverse of the encryption process.
 Secrete key cryptography
mode of operations:
In secret key cryptography, mode of operation are techniques used to encrypt
plaintext data using a block cipher. A block cipher operates on fixed-size blocks of
data, and produces cipher text of the same size. However, most data to be
encrypted is not a multiple of the block size, so mode of operation provide a way
to handle arbitrary-length plaintext.

• Some common modes of operation include:

 Electronic Codebook (ECB): This is the simplest mode where each block of
plaintext is encrypted independently with the same key. However, this mode is
not recommended for most uses because it can reveal patterns in the plaintext
and is not secure against certain types of attacks.
 Cipher Block Chaining (CBC): In CBC mode, each block of plaintext is
XORed with the cipher text of the previous block before encryption. The first
block is XORed with an initialization vector (IV), which is typically a random
value. This mode provides confidentiality and integrity but requires padding
for plaintext that is not a multiple of the block size.
 Cipher Feedback (CFB): CFB mode operates on smaller units than the block
size, typically individual bytes or bits. It encrypts the the previous cipher text
block and XORs the result with the plaintext to produce the cipher text. This
mode can operate on streaming data and does not require padding.
 Output Feedback (OFB): OFB mode is similar to CFB but operates on
the output of the block cipher instead of the ciphertext. It generates
a keystream that is XORed with the plaintext to produce the
ciphertext. Like CFB, it can operate on streaming data without
padding.

 Counter (CTR): CTR mode turns a block cipher into a stream cipher
by using a counter . The counter is incremented for each block of
plaintext, and the resulting counter value is encrypted and XORed
with the plaintext to produce the cipher text. This mode allows for
parallel encryption and decryption and does not require padding.

Each mode of operation has its own strengths and

weaknesses, and the choice of mode depends on the
specific requirements of the application, such as
performance, security, and compatibility
 MAC and other Applications

A Message Authentication Code (MAC) is a cryptographic technique used to ensure the

integrity and authenticity of a message. It involves a specific key and a cryptographic hash
function to generate a fixed-size code that is appended to the message. The recipient can then
use the same key and hash function to verify the integrity and authenticity of the received
message.
Here are some applications and use cases of Message Authentication Codes:
• Data Integrity:
– File Integrity Checking: MACs are commonly used to verify the integrity of files.
By calculating the MAC of a file and sending it along with the file, the recipient can
verify if the file has been tampered with during transmission.
– Database Integrity: MACs can be used to ensure the integrity of data stored in
databases. By generating MACs for database records and storing them alongside the
records, any unauthorized changes can be detected.
• Authentication:
– Network Communication: MACs are used in network protocols to authenticate
messages. For example, in secure communication protocols like TLS( Transport Layer
Security), MACs are employed to ensure that the data received has not been altered
during transmission.
– User Authentication: MACs can be used in password-based authentication systems.
By generating MACs for user passwords stored on servers, it adds an extra layer of
security, making it harder for attackers to gain unauthorized access.
• Digital Signatures:
– MACs are a crucial component of digital signatures. In digital signatures, a private key
is used to generate a MAC, which serves as a signature for a message. The recipient
can use the corresponding public key to verify the signature, ensuring the message's
authenticity and integrity.
• Secure Communication Protocols:
– MACs are employed in various secure communication protocols, such as HMAC
(Hash-based Message Authentication Code), which combines a cryptographic hash
function with a secret key. This ensures both integrity and authenticity in data
exchanged between parties.
• Access Control:
– In some systems, MACs are used to control access to resources. By associating MACs
with specific permissions or roles, access to certain resources can be restricted to users
or entities with the appropriate MAC.
• Blockchain Technology:
– MACs are fundamental to the security of blockchain technology. Cryptographic hash
functions and MACs are used to secure transactions and ensure the integrity of the
distributed ledger.
• In summary, Message Authentication Codes play a crucial role in ensuring the security and
reliability of various applications, ranging from secure communication to data integrity and
access control. Their use helps prevent unauthorized access, tampering, and forgery in
different types of systems and protocols.
 Attacks
• Secret Key Cryptography, also known as symmetric-key cryptography, involves the use of a single, shared key for both the
encryption and decryption of data. While this approach is widely used and considered secure if implemented correctly, there are
still potential attacks that can compromise the security of secret key cryptography. Here are some common attacks:

1. Brute Force Attacks:

Description: In a brute force attack, an attacker systematically tries all possible keys until the correct one is found.
Prevention: Increasing the key length makes brute force attacks more computationally expensive and time-consuming.

2. Known Plaintext Attacks:

Description: The attacker has access to pairs of plaintext and corresponding ciphertext. They use this information to reduce
the key.
Prevention: Strong algorithms with proper key management can help mitigate the risk. Regularly updating keys and using
key exchange protocols can also enhance security.

3. Chosen Plaintext Attacks:

Description: The attacker can choose specific plaintexts and observe the corresponding ciphertexts, helping them
analyze the encryption algorithm and deduce the key.
Prevention: Using algorithms that are resistant to chosen plaintext attacks and implementing proper key
management practices.

4. Cipher-Text Only Attacks:

Description: The attacker has access only to the encrypted messages but not to the corresponding plaintext.
The goal is to deduce the key or gain information about the plaintext.
Prevention: Again, the use of strong encryption algorithms and key management practices is crucial to prevent
successful attacks.

5. Man-in-the-Middle Attacks:
Description: An attacker intercepts and possibly alters the communication between two parties without their knowledge.
Prevention: Implementing secure key exchange protocols and using additional measures like digital signatures can
protect against man-in-the-middle attacks.
6 Side-Channel Attacks:
– Description: These attacks exploit information leaked during the encryption
process, such as power consumption, timing, or electromagnetic emissions.
– Prevention: Implementing countermeasures like constant-time algorithms,
using secure hardware, and regular security evaluations can help mitigate
side-channel attacks.

7 Replay Attacks:
– Description: An attacker captures and retransmits a valid data transmission to
gain unauthorized access.
– Prevention: Implementing mechanisms like timestamps or nonce values can
help detect and prevent replay attacks.

• It's important to note that the effectiveness of these attacks often

depends on the specific implementation of the cryptography system
and the strength of the chosen encryption algorithms. Regularly
updating cryptographic protocols and adhering to best practices in key
management are essential for maintaining the security of secret key
cryptography.
 Linear Cryptanalysis
• Linear Cryptanalysis is a cryptanalysis technique used to break cryptographic schemes, particularly block
ciphers, by exploiting the statistical relationship between plaintext, cipher text, and the key. It was introduced
by Matsui in 1993 and is considered one of the most powerful attacks against block ciphers. Linear
Cryptanalysis focuses on finding linear approximations of the cryptographic transformations used in a cipher.

• Here's a high-level overview of Linear Cryptanalysis in the context of secret-key cryptography:

1. Linear Approximation:
Linear Cryptanalysis aims to find linear approximations of the behavior of a cryptographic algorithm.
A linear approximation is a relationship between plaintext, ciphertext, and key bits that holds with a certain
probability.

2. S-Boxes:
In many block ciphers, Substitution-Permutation Networks (SPNs) are used, where S-Boxes (Substitution Boxes) play
a crucial role. Linear Cryptanalysis often focuses on approximating the behavior of these S-Boxes.

3. Linear Approximation Table:

A Linear Approximation Table is constructed to represent the linear relationship between the input and output of
the S-Box. It shows the correlation between certain input and output bits.

4. Key Bits Prediction:

By analyzing the Linear Approximation Table and applying statistical methods, cryptanalysts try to predict some key
bits with higher probability than random chance.

5. Attack Process:
Linear Cryptanalysis involves collecting a set of plaintext-ciphertext pairs and deriving linear equations based on the
observed behavior. The attacker then tries to deduce key bits using these linear equations.
6. Statistical Testing:
– The success of a linear attack is measured by statistical testing. The attacker evaluates the
linear approximation against a set of plaintext-ciphertext pairs to determine how well it
correlates with the actual behavior of the cipher.

7. Data Complexity:
– Linear Cryptanalysis requires a sufficient number of plaintext-ciphertext pairs to generate
accurate linear approximations. The data complexity is the number of pairs needed for a
successful attack.

8. Key Recovery:
– Once a successful linear approximation is found and tested, the attacker may be able to
recover portions of the secret key. Further refinement and analysis might be required for a
complete key recovery.

• It's worth noting that the effectiveness of Linear Cryptanalysis depends on various
factors, including the structure of the cipher, the size of the linear approximation,
and the availability of a suitable number of plaintext-ciphertext pairs for analysis.
Modern block ciphers are designed to resist linear and other cryptanalytic attacks,
and thorough evaluation and testing are crucial for their security.