INFORMATION AND

NETWORK SECURITY

1
INTRODUCTION
• This is the age of universal electronic connectivity , where
the activities like hacking , viruses , electronic frauds are
very common . Unless security measures are taken , a
network conversation can be compromised easily. Examples
are:
• Online purchase using a credit/debit card.
• A customer unknowingly being directed to a false website.
• A hacker sending a message to a person pretending to be 2

someone else.
NEED FOR SECURITY
• 1. Confidentiality : Preserving authorized restrictions on
information access and disclosure , including means for
protecting personal privacy and proprietary information . A
loss of confidentiality is the unauthorized disclosure of
information. This term covers two related concepts:
• Data Confidentiality : Assures that private or confidential
information is not made available or disclosed to
unauthorized individuals.
• Privacy : Assures that individuals control or influence what
information related to them may be collected and stored and 3
by whom and to whom that information may be disclosed.
2. Integrity : Guarding against improper information
modification or destruction, including ensuring information
nonrepudiation and authenticity. A loss of integrity is the
unauthorized modification or destruction of information . This
term covers two related concepts:
Data Integrity: Assures that information and programs are
changed only in a specified and authorized manner.
System Integrity: Assures that a system performs its
intended function in an unimpaired manner , free from
deliberate or inadvertent unauthorized manipulation of the
system.

3. Availability: Ensuring timely and reliable access to and use

of information .
4
A loss of availability is the disruption of access to or use of
information or an information system.
Confidenti Integrity
ality Data and
Service

Availabilit
y
5
Authenticity : The property of being genuine and being able
to be verified and trusted; confidence in the validity of a
transmission, a message , or message originator. This means
verifying that users are who they say they are and that each
input arriving at the system came from a trusted source.

Accountability : The security goal that generates the

requirement for actions of an entity to be traced uniquely to
that entity. This supports nonrepudiation , deterrence , fault
isolation , intrusion detection and prevention , and after-
action recovery and legal action. Because truly secure
systems are not yet an achievable goal , we must be able to
trace a security breach to a responsible party . Systems must
keep records of their activities to permit later forensic
analysis to trace security breaches or to aid in transaction6

disputes.
OSI SECURITY ARCHITECTURE
• The security of an organisation is the greatest concern of
the people working at the organisation . Safety and
security are the pillars of cyber technology.
• It is hard to imagine the cyber world without thinking
about security .
• The architecture of security is thus a very important
aspect of the organisation.
• The OSI(Open System Interconnection) Security
architecture defines a systematic approach to providing
security at each layer .
• It defines security services and security mechanisms that
can be used at each of the seven layers of the OSI model
to provide security for data transmitted over a network.
• These security services and mechanisms help to ensure
the confidentiality , integrity , and availability of the data. 7
• OSI architecture is internationally acceptable as it lays the
OSI Security Architecture is categorized
into three broad categories namely:

1. SECURITY ATTACK
2. SECURITY SERVICE
3. SECURITY MECHANISM

8
SECURITY ATTACK : An attempt by a person or entity to
gain unauthorized access to information resources or services
or to cause harm or damage to information systems . It is of
two types:
1. Passive Attack :
A passive attack attempts to learn or make use of
information from the system but does not affect system
resources . An active attack attempts to alter system
resources or affect their operation. Passive attacks are in the
nature of monitoring of transmission . The goal of the
opponent is to obtain information that is being transmitted .
Two types of passive attacks are :
The release of message contents
Traffic analysis 9
The release of message contents

10
Traffic analysis

11
Passive attacks are very difficult to detect , because
they do not involve any alteration of the data . Typically ,
the message traffic is sent and received in an apparently
normal fashion , and neither the sender nor receiver is
aware that a third party has read the messages or
observed the traffic pattern . However , it is feasible to
prevent the success of these attacks , usually by means
of encryption . Thus , the emphasis in dealing with
passive attacks is on prevention rather than detection .

12
Active attacks :
Active attacks involve some modification of the data stream or
the creation of a false stream . Active attacks are a type of
cybersecurity attacks in which an attacker attempts to alter ,
destroy , or disrupt the normal operation of a system or
network . Active attacks involve the attacker taking direct
action against the target system or network , and can be more
dangerous than passive attacks , which involve simply
monitoring or eavesdropping on a system or network. Active
attacks can be subdivided into four categories :
Masquerade , replay , modification of messages , and
denial of service.

Masquerade takes place when one entity pretends to be a

different entity . 13

A masquerade attack usually includes one of the other forms

Masquerade is a type of cybersecurity attack in which an
attacker pretends to be someone else in order to gain access
to systems or data .

There are several types of masquerade attacks , including:

Username and password masquerade: In a username
and password masquerade attack , an attacker uses stolen
or forged credentials to log into a system or application as a
legitimate user .
IP address masquerade : In an IP address masquerade
attack , an attacker spoofs or forges their IP address to make
it appear as though they are accessing a system or
application from a trusted source .
Website masquerade: In a website masquerade attack ,
an attacker creates a fake website that appears to be
14
legitimate in order to trick users into providing sensitive
information or downloading malware .
Masquerade
Attack 15
Replay :
It involves the passive capture of a message and its
subsequent transmission to produce an authorized effect. In
this attack, the basic aim of the attacker is to save a copy of
the data originally present on that particular network and
later on use this data for personal uses. Once the data is
corrupted or leaked it is insecure and unsafe for the users.

16
Modification of messages :
It means that some portion of a message is altered or that message is
delayed or reordered to produce an unauthorized effect. Modification is an
attack on the integrity of the original data. It basically means that
unauthorized parties not only gain access to data but also spoof the data
by triggering denial-of-service attacks, such as altering transmitted data
packets or flooding the network with fake data. Manufacturing is an attack
on authentication. For example, a message meaning “Allow JOHN to read
confidential file X” is modified as “Allow Smith to read confidential file X”.

17
Denial of Service –

Denial of Service (DoS) is a type of cybersecurity attack that is designed to make a

system or network unavailable to its intended users by overwhelming it with traffic or
requests. In a DoS attack, an attacker floods a target system or network with traffic or
requests in order to consume its resources, such as bandwidth, CPU cycles, or memory,
and prevent legitimate users from accessing it.
There are several types of DoS attacks, including:

•Flood attacks: In a flood attack, an attacker sends a large number of packets or

requests to a target system or network in order to overwhelm its resources.
•Amplification attacks: In an amplification attack, an attacker uses a third-party
system or network to amplify their attack traffic and direct it towards the target system
or network, making the attack more effective.
To prevent DoS attacks, organizations can implement several measures,
such as:
1.Using firewalls and intrusion detection systems to monitor network traffic and block
suspicious activity.
2.Limiting the number of requests or connections that can be made to a system or
network.
3.Using load balancers and distributed systems to distribute traffic across multiple18

servers or networks.
4.Implementing network segmentation and access controls to limit the impact of a
19
INTERRUPTION:
An asset of the system is destroyed or becomes unavailable
or unusable . It is an attack on availability.
INTERCEPTION :
An unauthorized party gains access to an asset . Attack on
confidentiality .
MODIFICATION :
When an unauthorized party gains access and tampers an
asset . Attack is on Integrity . Example :
Changing data file
Altering a program and the contents of a message.
FABRICATION:
An unauthorized party inserts a counterfeit object into the
system . Attack on Authenticity. Also called impersonation.
Example : 20

Hackers gaining access to a personal email and sending

message.
SECURITY SERVICES:
It is a processing or communication service that is provided
by a system to give a specific kind of production to system
resources. Security services implement security policies and
are implemented by security mechanisms .

1.DATA CONFIDENTIALITY:
The protection of data from unauthorized
disclosure .Confidentiality is the protection of transmitted
data from passive attacks. It is used to prevent the disclosure
of information to unauthorized individuals or systems. It has
been defined as “ensuring the information is accessible only
to those authorized to have access”. The other aspect of
confidentiality is the protection of traffic flow from analysis .
Example : A credit card number has to be secured during 21

online transaction.
CONNECTION CONFIDENTIALITY:
The protection of all user data on a connection.
CONNECTIONLESS CONFIDENTIALITY:
The protection of all user data in a single data block.

SELECTIVE- FIELD CONFIDENTIALITY:

The confidentiality of selected fields within the user data on a
connection or in a single data block.
TRAFFIC-FLOW CONFIDENTIALITY:
The protection of the information that might be derived from
observation of traffic flows.

22
2. AUTHENTICATION :
This service assures that a communication is authentic . For a
single message transmission , its function is to assure the
recipient that the message is from intended source . For an
ongoing interaction two aspects are involved . First , during
connection initiation the service assures the authenticity of
both parties . Second , the connection between the two hosts
is not interfered allowing a third party to masquerade as one
of the two parties . Two specific authentication services are :

Peer entity authentication : Verifies the identities of the

peer entities involved in communication . Provides use at
time of connection establishment and during data
transmission . Provides confidence against a masquerade or
a replay attack .
23
Data origin authentication : Assumes the authenticity of
source of data unit , but does not provide protection against
3.DATA INTEGRITY:
The assurance that data received are exactly as sent by
an authorized entity(i.e., contain no modification ,
insertion , deletion , or replay).

1.Connection integrity with Recovery:

Provides for the integrity of all user data on a connection
and detects any modification , insertion , deletion , or
replay of any data within an entire data sequence , with
recovery attempted .

2.Connection integrity without recovery:

As above , but provides only detection without recovery .

3.Selective-field connection integrity:

Provides for the integrity of selected fields within the 24

user data of a data block transferred over a connection

and takes the form of a determination of whether the
4.Connectionless Integrity:
Provides for the integrity of a single connectionless data block
and may take the form of detection of data modification .
Additionally , a limited form of replay detection may be
provided.

5.Selective-Field Connectionless Integrity :

Provides for the integrity of selected fields within a single
connectionless data block ; takes the form of determination of
whether the selected fields have been modified .

25
4.Non-repudiation:
Non-repudiation prevents either sender or receiver from
denying a transmitted message. This capability is crucial to e-
commerce. Without it an individual or entity can deny that he ,
she or it is responsible for a transaction , therefore not
financially liable.
Nonrepudiation , Origin
Proof that the message was sent by the specified party.

Nonrepudiation , Destination
Proof that the message was received by the specified party.

26
5.Access Control:
The prevention of unauthorized use of a resource (i.e., this service
controls who can have access to a resource , under what
conditions access can occur , and what those accessing the
resource are allowed to do). This refers to the ability to control the
level of access that individuals or entities have to a network or
system and how much information they can receive . It is the
ability to limit and control the access to host systems and
applications via communication links . For this, each entity trying
to gain access must first be identified or authenticated , so that
access rights can be tailored to the individuals.
6.Availability:
It is defined to be the property of a system or a system resource
being accessible and usable upon demand by an authorized
system entity. The availability can significantly be affected by 27
a
variety of attacks , some amenable to automated counter
SPECIFIC SECURITY MECHANISMS:
May be incorporated into the appropriate protocol layer in order to
provide some of the OSI security services.
-Encipherment:
The use of mathematical algorithms to transform data into a form
that is not readily intelligible . The transformation and subsequent
recovery of the data depend on an algorithm and zero or more
encryption keys.
-Digital signature:
Data appended to , or a cryptographic transformation of , a data
unit that allows a recipient of the data unit to prove the source and
integrity of the data unit and protect against forgery(e.g., by the
recipient).
-Access control:
A variety of mechanisms that enforce access rights to resources. 28

-Data integrity :
A variety of mechanisms used to assure the integrity of a data unit
-Authentication Exchange:
A mechanism intended to ensure the identity of an entity by
means of information exchange.
-Traffic Padding :
The insertion of bits into gaps in a data stream to frustrate traffic
analysis attempts.
-Routing control:
Enables selection of particular physically secure routes for
certain and allows routing changes , especially when a breach of
security is suspected.
-Notarization:
The use of a trusted third party to assure certain properties of
data exchange.
29
PERVASIVE SECURITY MECHANISMS:
Mechanisms that are not specific to any particular OSI security
service or protocol layer.
-Trusted Functionality:
That which is perceived to be correct with respect to some
criteria.
-Security Label:
The marking bound to a resource that names or designates the
security attributes of that resource.
-Event Detection:
Detection of security-relevant events.
-Security Audit Trail:
Data collected and potentially used to facilitate a security audit,
which is an independent review and examination of system
records and activities.
-Security Recovery: 30

Deals with requests from mechanisms , such as event handling

and management functions , and takes recovery actions.
Network Security Model

A Network Security Model exhibits how the security service has

been designed over the network to prevent the opponent from
causing a threat to the confidentiality or authenticity of the
information that is being transmitted through the network.
The general ‘network security model’ where messages are
shared between the sender and receiver securely over the network
. The ‘network access security model’ which is designed to
secure your system from unwanted access through the network
For a message to be sent or receive there must be a sender and a
receiver. Both the sender and receiver must also be mutually
agreeing to the sharing of the message. Now, the transmission of a
message from sender to receiver needs a medium
31

i.e. Information channel which is an Internet service.

A logical route is defined through the network (Internet), from sender
to the receiver and using the communication protocols both the
sender and the receiver established communication.

The security of the message over the network when the message
has some confidential or authentic information which has a threat
from an opponent present at the information channel. Any security
service would have the three components discussed below:

1. Transformation of the information which has to be sent to the

receiver. So, that any opponent present at the information channel is
unable to read the message. This indicates the encryption of the
message.
It also includes the addition of code during the transformation of the
information which will be used in verifying the identity of 32the
authentic receiver.
2. Sharing of the secret information between sender and
receiver of which the opponent must not any clue. Encryption
key is used during the encryption of the message at the sender’s
end and also during the decryption of message at receiver’s end.

3. There must be a trusted third party which should take the

responsibility of distributing the secret information (key) to
both the communicating parties and also prevent it from any
opponent.

33
34
The network security model presents the two communicating
parties sender and receiver who mutually agrees to exchange the information.
The sender has information to share with the receiver.
But sender cannot send the message on the information cannel in the readable
form as it will have a threat of being attacked by the opponent. So, before sending
the message through the information channel, it should be transformed into an
unreadable format.
Secret information is used while transforming the message which will also be
required when the message will be retransformed at the recipient side. That’s why
a trusted third party is required which would take the responsibility of distributing
this secret information to both the parties involved in communication.

35
The attackers fall into two categories:

1. Hacker: The one who is only interested in penetrating into your system.
They do not cause any harm to your system they only get satisfied by getting
access to your system.
2. Intruders: These attackers intend to do damage to your system or try to
obtain the information from the system which can be used to attain financial
gain.
The attacker can place a logical program on your system through the network
which can affect the software on your system. This leads to two kinds of risks:
a. Information threat: This kind of threats modifies data on the user’s
behalf to which actually user should not access. Like enabling some crucial
permission in the system.
b. Service threat: This kind of threat disables the user from accessing data
on the system.

There are two ways to secure your system from attacker of which the
first is to introduce the gatekeeper function. Introducing gatekeeper
function means introducing login-id and passwords which would keep away
36
the unwanted access.
In case the unwanted user gets access to the system the second way to
Some basic terminologies used:
-Cipher Text : the coded message
-Cipher : algorithm for transforming plaintext to ciphertext
-Key : info used in cipher known only to sender/receiver
-Encipher(Encrypt) : converting plaintext to ciphertext
-Decipher(Decrypt) : recovering ciphertext from plaintext
-Cryptography : study of encryption principles/methods
-Cryptanalysis(Codebreaking): the study of
principles/methods of deciphering ciphertext without knowing
key
-Cryptology : the field of both cryptography and cryptanalysis

37
 KEY POINTS:
1.Symmetric encryption is a form of cryptosystem in which
encryption and decryption are performed using the same key. It is
also known as conventional encryption.
2.Symmetric encryption transforms plaintext into ciphertext
using a secret key and an encryption algorithm . Using the same
key and a decryption algorithm , the plaintext is recovered from the
ciphertext .
3.The two types of attack on an encryption algorithm are
cryptanalysis, based on properties of the encryption algorithm ,
and brute – force , which involves trying all possible keys.
4.Traditional symmetric ciphers use substitution and/or
transposition techniques . Substitution techniques map plaintext
elements (characters ,bits)into ciphertext elements. Transposition
techniques systematically transpose the positions of plaintext 38

elements.
-Symmetric encryption also referred to as conventional
encryption or single-key encryption.
-An original message is known as the plaintext.
-The coded message is called the ciphertext.
-The process of converting from plaintext to ciphertext is
known as enciphering or encryption.
-Restoring the plaintext from the ciphertext is deciphering
or decryption.
-The many schemes used for encryption constitute the area
of study known as cryptography. Such a scheme is known
as a cryptographic system or a cipher .
-Techniques used for deciphering a message without any
knowledge of the enciphering details fall into the area of
cryptanalysis .
-Cryptanalysis is what the layperson calls “breaking the39
code ”. The areas of cryptography and cryptanalysis
together are called cryptology.
ENCRYPTION
Encryption is very important in today’s world, it is the process of
transforming plaintext into ciphertext to maintain data security,
and it is a crucial tool used in modern cyber security. It secures
sensitive data by rendering it unreadable to unauthorized
events, making sure of confidentiality, integrity, and
authenticity.
Encryption in cryptography is a process by which plain text or a
piece of information is converted into cipher text or text that can
only be decoded by the receiver for whom the information was
intended. The algorithm used for the encryption process is
known as cipher. It helps to protect consumer information,
emails, and other sensitive data from unauthorized access as
well as secures communication networks. Presently there are
many options to choose from and find the most secure algorithm
that meets our requirements.
40
Types of Encryption
There are two methods or types through which encryption take
place, these below are two types of encryption:
•Symmetric Key Encryption
•Asymmetric Key Encryption
Features of Encryption
•Confidentiality: Information can only be accessed by the
person for whom it is intended and no other person except
him can access it.
•Integrity: Information cannot be modified in storage or
transition between sender and intended receiver without any
addition to information being detected.
•Non-repudiation: The creator/sender of information cannot
deny his intention to send information at later stage.
•Authentication: The identities of sender and receiver are41
confirmed. As well as you can detect the origination of
information is confirmed.
SYMMETRIC CIPHER:
A symmetric cipher is one that uses the same key for
encryption and decryption.
Ciphers or algorithms can be either symmetric or
asymmetric .
Symmetric ones use the same key (called a secret key or
private key )for transforming the original message ,called
plaintext , into ciphertext and vice versa . Symmetric ciphers
are generally faster than their asymmetric counterparts ,
which use a closely – held private key as well as public key
shared between the two parties (hence public –key
cryptography , or PKC) . Examples of symmetric ciphers are
Advanced encryption standard (AES) , Data encryption
standard (DES) , Blowfish , and International Data Encryption
42
Algorithm(IDEA).
The use of symmetric cipher presents the familiar challenge
Symmetric Cipher Model:
A symmetric encryption scheme has five ingredients .

• Plaintext(x): This is the original message or data which is

fed into the algorithm as input.
• Secret Key(k) : The secret key is also input to the
encryption algorithm . The key is a value independent of
the plaintext and of the algorithm. The algorithm will
produce a different output depending on the specific key
being used at the time . The exact substitutions and
transformations performed by the algorithm depend on the
key .
• Encryption algorithm(E): It takes the plaintext and
secret key as inputs and produces Cipher Text as output .
The encryption algorithm performs various substitutions
and transformations on the plaintext using the secret key . 43
• E(x , k) =y (symmetric encryption of plain text x using
secret key k)
• Ciphertext(y): This is the scrambled message produced as
output . It depends on the plaintext and the secret key . For a
given message , two different keys will produce two different
ciphertexts . The ciphertext is an apparently random stream
of data and , as it stands , is unintelligible . It is the formatted
form of the plaintext (x) which is unreadable for humans ,
hence providing encryption during the transmission . Each
unique secret key produces a unique cipher text.
• Decryption algorithm(d): This is essentially the encryption
algorithm run in reverse . It takes the cipher text and the
secret key and produces the original plaintext . It performs
reversal of the encryption algorithm at the recipient’s side .It
takes the secret key as input and decodes the ciphertext
received from the sender based on the secret key . It
produces plaintext as output . 44
D(y , k) = x(symmetric encryption of ciphertext y
using secret key k)
There are two requirements for secure use of
conventional encryption :
1. We need a strong encryption algorithm . At a minimum , we
would like the algorithm to be such that an opponent who
knows the algorithm and has access to one or more
ciphertexts would be unable to decipher the ciphertext or
figure out the key . This requirement is usually stated in a
stronger form : The opponent should be unable to decrypt
ciphertext or discover the key even if he or she is in
possession of a number of ciphertexts together with the
plaintext that produced each ciphertext .

2. Sender and receiver must have obtained copies of the

secret key in a secure fashion and must keep the key
secure . If someone can discover the key and knows the 45

algorithm , all communication using this key is readable.

46
A source produces a message in plaintext , X = [X1,X2,
……..,Xm]. The M elements of X are letters in some finite
alphabet . The alphabet usually consisted of the 26 capital
letters . The binary alphabet {0,1} is typically used . For
encryption , a key of the form K=[K1,K2,……..,Kj] is
generated . If the key is generated at the message source ,
then it must also be provided to the destination by means of
some secure channel . A third party could generate the key
and securely deliver it to both source and destination.
With the message X and the encryption key K as input , the
encryption algorithm forms the ciphertext Y = [Y1,Y2,
………,Yn]. We can write this as
Y = E(K , X)
This notation indicates that Y is produced by using
encryption algorithm E as a function of the plaintext X , with
47

the specific function determined by the value of the key K.

The intended receiver , in possession of the key , is able to
invert the transformation:
X = D( K , Y)
An opponent , observing Y but not having access to K or X ,
may attempt to recover X or K or both X and K . It is
assumed that the opponent knows the encryption (E) and
decryption (D) algorithms. If the opponent is interested in
only this particular message , then the focus of the effort is
to recover X by generating a plaintext estimate X bar . The
opponent is interested in being able to read future
messages as well , in which case an attempt is made to
recover K by generating an estimate K bar.

48
 Cryptography
Cryptography is a technique of securing information and communications
through the use of codes so that only those persons for whom the
information is intended can understand and process it. Thus preventing
unauthorized access to information. The prefix “crypt” means “hidden”
and the suffix “graphy” means “writing”. In Cryptography, the techniques
that are used to protect information are obtained from mathematical
concepts and a set of rule-based calculations known as algorithms to
convert messages in ways that make it hard to decode them. These
algorithms are used for cryptographic key generation, digital signing, and
verification to protect data privacy, web browsing on the internet and to
protect confidential transactions such as credit card and debit card
transactions.

49
Features Of Cryptography
•Confidentiality: Information can only be accessed by the person
for whom it is intended and no other person except him can access
it.
•Integrity: Information cannot be modified in storage or transition
between sender and intended receiver without any addition to
information being detected.
•Non-repudiation: The creator/sender of information cannot deny
his intention to send information at a later stage.
•Authentication: The identities of the sender and receiver are
confirmed. As well destination/origin of the information is
confirmed.
•Interoperability: Cryptography allows for secure communication
between different systems and platforms. 50
•Adaptability: Cryptography continuously evolves to stay ahead
of security threats and technological advancements.
 TYPES OF CRYPTOGRAPHY:
1. Symmetric Key Cryptography
It is an encryption system where the sender and receiver of a message use a
single common key to encrypt and decrypt messages.
Symmetric Key cryptography is faster and simpler but the problem is that the
sender and receiver have to somehow exchange keys securely. The most
popular symmetric key cryptography systems are
Data Encryption Systems (DES) and Advanced Encryption Systems (AES).

51
Challenges of Symmetric Encryption

Although symmetric encryption is considered very much because

of its speed and efficiency, it also has some challenges:

•The main challenge is securely sharing the secret key because if

this key is compromised the entire communication is
compromised.

•Storing the key securely is also a major challenge for this

technique.

•As the number of users is increasing day-by-day, the complexity

of managing and securely sharing these secret keys will increase
exponentially. 52
3. Asymmetric Key Cryptography
In Asymmetric Key Cryptography, a pair of keys is used to
encrypt and decrypt information. A receiver’s public key is used
for encryption and a receiver’s private key is used for decryption.
Public keys and Private keys are different. Even if the public key
is known by everyone the intended receiver can only decode it
because he alone knows his private key. The most popular
asymmetric key cryptography algorithm is the RSA algorithm.

53
In asymmetric Key cryptography, there are two keys, also
known as key pairs: a public key and a private key. The public
key is publicly distributed. Anyone can use this public key to
encrypt messages, but only the recipient, who holds the
corresponding private key, can decrypt those messages. “Public-
key cryptography” is another representation used to refer to
Asymmetric Key cryptography.
This cryptographic system addresses two major challenges faced
in traditional (symmetric) cryptography: key distribution and
digital signatures. Asymmetric algorithms use one key for
encrypting data and another, related key for decrypting it. These
algorithms possess an important feature:
•It’s impossible to figure out the decryption key just by knowing
the encryption key and the cryptographic algorithm.
•Either of the two keys can be used for encryption, while the other
is used for decryption. 54
55
Characteristics of Asymmetric Key
Cryptography
Security Responsibility
•In asymmetric cryptography, the burden of security primarily
falls on the receiver, like Bob.
•Bob must generate both a private and a public key, with the
public key distributed to the community.
•Distribution occurs through a public-key channel, which
doesn’t need secrecy but requires authentication and integrity
to prevent impersonation.

56
Unique Key Pairs
•Bob and Alice can’t share the same key pair for two-way
communication.
•Each entity in the community, including Bob and Alice, must
create its own private and public keys.
•Alice uses Bob’s public key to encrypt messages to him,
while she needs her own key pair for responses.

Key Management
•Bob needs only one private key to receive messages from
anyone in the community.
•Alice, on the other hand, needs multiple public keys—one for
each entity she communicates with.
•This means Alice requires a collection of public keys for
effective communication. 57
DIFFERENCE BETWEEN SYMMETRIC AND ASYMMETRIC
KEY ENCRYPTION
Symmetric Key Encryption: Encryption is a process to
change the form of any message in order to protect it from
reading by anyone. In Symmetric-key encryption the message
is encrypted by using a key and the same key is used to
decrypt the message which makes it easy to use but less
secure. It also requires a safe method to transfer the key from
one party to another.

Asymmetric Key Encryption: Asymmetric Key Encryption is

based on public and private key encryption techniques. It uses
two different key to encrypt and decrypt the message. It is
more secure than the symmetric key encryption technique but
is much slower.
58
SYMMETRIC KEY ENCRYPTION

• It only requires a single key for both encryption and

decryption.
• The size of ciphertext is the same or smaller than the
original plaintext.
• The encryption process is very fast.
• It is used when a large amount of data needs to be
transferred.
• It only provides confidentiality.
• The length of key used is 128 or 256 bits
• In symmetric key encryption, resource utilization is low
compared to asymmetric key encryption. 59

• It is efficient as it is used for handling large amount of

• Security is lower as only one key is used for both encryption
and decryption purposes.

• The Mathematical Representation is as follows-

P = D (K, E(K, P))
where K –> encryption and decryption key
P –> plain text
D –> Decryption
E(K, P) –> Encryption of plain text using K

• Examples : 3DES, AES, DES and RC4

60
ASYMMETRIC KEY ENCRYPTION
• It requires two keys, a public key and a private key, one to encrypt and the
other to decrypt.
• The size of ciphertext is the same or larger than the original plaintext.
• The encryption process is slow.
• It is used to transfer small amount of data.
• It provides confidentiality, authenticity, and non-repudiation.
• The length of key used is 2048 or higher
• In asymmetric key encryption, resource utilization is high.
• It is comparatively less efficient as it can handle a small amount of data.
• Security is higher as two keys are used, one for encryption and the other
for decryption.
• The Mathematical Representation is as follows-
P = D(Kd, E (Ke,P))
where Ke –> encryption key
Kd –> decryption key
D –> Decryption
E(Ke, P) –> Encryption of plain text using encryption key Ke. P –> plain
text 61
Examples: Diffie-Hellman, ECC, El Gamal, DSA and RSA
CRYPTOGRAPHY:
Cryptographic systems are characterized along three
independent dimensions:
1.The type of operations used for transforming plaintext to
ciphertext.
All encryptions algorithms are based on two general principals :
substitution , in which each element in the plaintext (bit , letter ,
group of bits or letters)is mapped into another element , and
transposition , in which elements in the plaintext are rearranged
. The fundamental requirement is that no information be lost
(that is , that all operations are reversible ).
2.The number of keys used .
If both sender and receiver use the same key ,the system is
referred to as symmetric , single key , or conventional
encryption . If the sender and receiver use different keys , the
system is referred to as asymmetric , two – key , or public key 62

encryption .
3.The way in which the plaintext is processed .
Applications of Cryptography
•Computer passwords: Cryptography is widely utilized in computer
security, particularly when creating and maintaining passwords. When a user
logs in, their password is hashed and compared to the hash that was
previously stored. Passwords are hashed and encrypted before being stored.
In this technique, the passwords are encrypted so that even if a hacker gains
access to the password database, they cannot read the passwords.
•Digital Currencies: To protect transactions and prevent fraud, digital
currencies like Bitcoin also use cryptography. Complex algorithms and
cryptographic keys are used to safeguard transactions, making it nearly hard
to tamper with or forge the transactions.
•Electronic signatures: Electronic signatures serve as the digital equivalent
of a handwritten signature and are used to sign documents. Digital signatures
are created using cryptography and can be validated using public key
cryptography. In many nations, electronic signatures are enforceable by law,
and their use is expanding quickly.
63
•Authentication: Cryptography is used for authentication in many
different situations, such as when accessing a bank account, logging into a
computer, or using a secure network. Cryptographic methods are
employed by authentication protocols to confirm the user’s identity and
confirm that they have the required access rights to the resource.
•Cryptocurrencies: Cryptography is heavily used by cryptocurrencies like
Bitcoin and Ethereum to protect transactions, thwart fraud, and maintain
the network’s integrity. Complex algorithms and cryptographic keys are
used to safeguard transactions, making it nearly hard to tamper with or
forge the transactions.
•End-to-end Internet Encryption: End-to-end encryption is used to
protect two-way communications like video conversations, instant
messages, and email. Even if the message is encrypted, it assures that
only the intended receivers can read the message. End-to-end encryption
is widely used in communication apps like WhatsApp and Signal, and it
provides a high level of security and privacy for users.

64
CRYPTANALYSIS
Cryptology has two parts namely, Cryptography which
focuses on creating secret codes and Cryptanalysis which is
the study of the cryptographic algorithm and the breaking of
those secret codes. The person practicing Cryptanalysis is
called a Cryptanalyst. It helps us to better understand the
cryptosystems and also helps us improve the system by
finding any weak point and thus work on the algorithm to
create a more secure secret code. For example, a Cryptanalyst
might try to decipher a ciphertext to derive the plaintext. It can
help us to deduce the plaintext or the encryption key.

65
TYPES OF CRYPTANALYTIC ATTACKS:

66
•Known-Plaintext Analysis (KPA) : In this type of attack, some plaintext-
ciphertext pairs are already known. Attacker maps them in order to find the
encryption key. This attack is easier to use as a lot of information is already
available.
•Chosen-Plaintext Analysis (CPA) : In this type of attack, the attacker
chooses random plaintexts and obtains the corresponding ciphertexts and tries
to find the encryption key. Its very simple to implement like KPA but the
success rate is quite low.
•Ciphertext-Only Analysis (COA) : In this type of attack, only some cipher-
text is known and the attacker tries to find the corresponding encryption key
and plaintext. Its the hardest to implement but is the most probable attack as
only ciphertext is required.
•Man-In-The-Middle (MITM) attack : In this type of attack, attacker
intercepts the message/key between two communicating parties through a
secured channel.
Adaptive Chosen-Plaintext Analysis (ACPA) : This attack is similar CPA.
Here, the attacker requests the cipher texts of additional plaintexts after they
67
have ciphertexts for some texts.
Birthday attack: This attack exploits the probability of two or more
•Side-channel attack: This type of attack is based on information obtained
from the physical implementation of the cryptographic system, rather than
on weaknesses in the algorithm itself. Side-channel attacks include timing
attacks, power analysis attacks, electromagnetic attacks, and others.
•Brute-force attack: This attack involves trying every possible key until the
correct one is found. While this attack is simple to implement, it can be time-
consuming and computationally expensive, especially for longer keys.
•Differential cryptanalysis: This type of attack involves comparing pairs
of plaintexts and their corresponding ciphertexts to find patterns in the
encryption algorithm. It can be effective against block ciphers with certain
properties.

68
BLOCK CIPHERS AND STREAM CIPHERS
Stream ciphers and block ciphers are both encryption
techniques that work by transforming plaintext into
ciphertext.
Block Cipher and Stream Cipher belong to the symmetric
key cipher. These two block ciphers and stream cipher are the
methods used for converting the plain text into
ciphertext. The main difference between a Block cipher and
a Stream cipher is that a block cipher converts the plain text
into cipher text by taking the plain text’s block at a time.
While stream cipher Converts the plain text into cipher text by
taking 1 byte of plain text at a time.

69
70
What is Stream Cipher?
A stream cipher encrypts data one bit or byte at a time rather
than in fixed-size blocks. It generates a keystream that is
combined with the plaintext to the produce ciphertext. The
Stream ciphers are designed for the scenarios where data needs
to be encrypted in the continuous stream making them suitable
for the real-time applications.

Key Features of Stream Ciphers:

•Continuous Encryption: The Data is encrypted in a continuous
stream, one bit or byte at a time.
•Keystream Generation: The Stream ciphers use a pseudorandom
keystream generator to the create encryption keys.
•Efficiency: The Stream ciphers are typically more efficient for the
encrypting data of variable length and in the streaming 71

applications.
Encryption
For Encryption,
•Plain Text and Keystream produces Cipher Text (Same
keystream will be used for decryption.).
•The Plaintext will undergo XOR operation with keystream bit-by-
bit and produces the Cipher Text.

Example:
Plain Text : 10011001
Keystream : 11000011
““““““““““`
Cipher Text : 01011010

72
Decryption
For Decryption,
•Cipher Text and Keystream gives the original Plain Text (Same
keystream will be used for encryption.).
•The Ciphertext will undergo XOR operation with keystream bit-
by-bit and produces the actual Plain Text.
Example:

Cipher Text : 01011010

Keystream : 11000011
“““““““““““
Plain Text : 10011001

Decryption is just the reverse process of Encryption i.e.

performing XOR with Cipher Text.
73
74
Advantages of Stream Ciphers
Stream ciphers have many advantages, such as:
•Speed: Generally, this type of encryption is quicker than others, such as
block ciphers.
•Low complexity: Stream ciphers are simple to implement into
contemporary software, and developers don’t require sophisticated hardware
to do so.
•Sequential in nature: Certain companies handle communications written
in a continuous manner. Stream ciphers enable them to transmit data when
it’s ready instead of waiting for everything to be finished because of their bit-
by-bit processing.
•Accessibility: Using symmetrical encryption methods like stream ciphers
saves businesses from having to deal with public and private keys.
Additionally, computers are able to select the appropriate decryption key to
utilize thanks to mathematical concepts behind current stream ciphers.

75
Disadvantages of Stream Ciphers
•If an error occurs during transmission, it can affect subsequent
bits, potentially corrupting the entire message because stream
ciphers rely on previously stored cipher bits for decryption
•Maintaining and properly distributing keys to stream ciphers can
be difficult, especially in large systems or networks.
•Some stream ciphers may be predictable or vulnerable to attack
if their key stream is not properly designed, potentially
compromising the security of the encrypted data.

76
What is Block Cipher?
A block cipher encrypts data in fixed-size blocks typically 64 or 128 bits at a
time. The encryption algorithm processes each block of data separately using
the cryptographic key to transform the plaintext into the ciphertext. The Block
ciphers use complex mathematical operations and permutations to the ensure
the security of the encrypted data.
Key Features of Block Ciphers:
•Fixed Block Size: The Data is encrypted in blocks of a predetermined size.
•Complex Operations: The Block ciphers use a series of the substitution and
permutation operations to the achieve encryption.
•Modes of Operation: The Block ciphers can operate in the various modes such
as the ECB (Electronic Codebook) and CBC (Cipher Block Chaining) to the
enhance security.

77
Applications of Block Ciphers
1.Data Encryption: Block Ciphers are widely used for the encryption of private and
sensitive data such as passwords, credit card details and other information that is
transmitted or stored for a communication. This encryption process converts a plain
data into non-readable and complex form. Encrypted data can be decrypted only by
the authorised person with the private keys.
2.File and Disk Encryption: Block Ciphers are used for encryption of entire files and
disks in order to protect their contents and restrict from unauthorised users. The disk
encryption softwares such as BitLocker, TrueCrypt aslo uses block cipher to encrypt
data and make it secure.
3.Virtual Private Networks (VPN): Virtual Private Networks (VPN) use block cipher
for the encryption of data that is being transmitted between the two communicating
devices over the internet. This process makes sure that data is not accessed by
unauthorised person when it is being transmitted to another user.
4.Secure Sockets Layer (SSL) and Transport Layer Security (TLS): SSL and TLS
protocols use block ciphers for encryption of data that is transmitted between web
browsers and servers over the internet. This encryption process provides security to
confidential data such as login credentials, card information etc.
5.Digital Signatures: Block ciphers are used in the digital signature algorithms, to
provide authenticity and integrity to the digital documents. This encryption process
generates the unique signature for each document that is used for verifying the
authenticity and detecting if any malicious activity is detected. 78
CLASSICAL ENCRYPTION TECHNIQUES

1.SUBSTITUTION TECHNIQUES
A substitution technique is one in which the letters of plaintext are replaced
by other letters or by numbers or symbols. If the plaintext is viewed as a
sequence of bits, then substitution involves replacing plaintext bit patterns
with cipher text bit patterns.
i)Caesar cipher (or) shift cipher
The earliest known use of a substitution cipher and the simplest was by
Julius Caesar. The Caesar cipher involves replacing each letter of the
alphabet with the letter standing 3 places further down the alphabet.
For example ,
Plain : meet me after the toga party
Cipher: PHHW PH DIWHU WKH WRJD SDUWB

79
The alphabet is wrapped around , so that the letter following
Z is A. We can define the transformation by listing all
possibilities ,as follows:
Plain: abcde f gh i j k l m n o pqr s t u v w
x y z
Cipher: D E F G H I J K L M N O P Q R S T U V W X Y Z A
B C Generally Plain text is in lower case and Cipher text is
Upper Case.
a b c d e f g h i j k l m
0 1 2 3 4 5 6 7 8 9 10 11 12
n o p q r s t u v w x y z
13 14 15 16 17 18 19 20 21 22 23
24 25
Here, the key is 3. If different key is used, different
substitution will be obtained.
Mathematically , starting from a=0, b=1 and so on, Caesar 80

cipher can be written as:

Encryption k=3 Result Cipher Text

E(𝑝) = (𝑝 + 𝑘) mod (26) D(C) = (C – 𝑘) mod (26)

Result

M=E(M)=(12+3)mod26 15=P D(P)=(15-3)mod26

12=m E=E(E)=((4+3)mod26 7=H D(H)=(7-3)mod26
4=e
E= E(E)=((4+3)mod26 7=H D(H)=(7-3)mod26
4=e T=E(T)=((19+3)mod26 21=V D(V)=(21-3)mod26
19=t

81
(ii)PLAYFAIR CIPHER:
The best known multiple letter encryption cipher is the playfair, which treats
diagrams in the plaintext as single units and translates these units into cipher text
diagrams. The playfair algorithm is based on the use of 5x5 matrix of letters
constructed using a keyword. Let the keyword be „monarchy‟. The matrix is
constructed by filling in the letters of the keyword (minus duplicates) from left to
right and from top to bottom, and then filling in the remainder of the matrix with the
remaining letters in alphabetical order.
The letter „i‟ and „j‟ count as one letter. Plaintext is encrypted two letters at a time
according to the following rules:
-Repeating plaintext letters that would fall in the same pair are separated with a
filler letter such as „x‟.so that balloon would be treated as ba lx lo on .
-Plaintext letters that fall in the same row of the matrix are each replaced by the
letter to the right, with the first element of the row following the last.for example ar
is encrypted as RM
82
-Plaintext letters that fall in the same column are replaced by the letter beneath,
with the top element of the column following the last . for example mu is
encrypted as CM.
-Otherwise, each plaintext letter is replaced by the letter that lies in its own row
and the column occupied by the other plaintext letter. For example , hs becomes
BP and ea becomes IM(or JM , as the encipherer wishes).

Plaintext = meet me at the school house

Splitting two letters as a unit => me et me at th es ch ox ol ho us ex
Corresponding cipher text => CL KL CL RS PD IL HY AV MP HF XL IU

83
(iii)ONE – TIME PAD/VERNAM CIPHER

One Time Pad algorithm is the improvement of the Vernam

Cipher, proposed by An Army Signal Corp officer, Joseph
Mauborgne. It is the only available algorithm that is
unbreakable(completely secure). It is a method of encrypting
alphabetic plain text. It is one of the Substitution techniques
which converts plain text into ciphertext. In this mechanism, we
assign a number to each character of the Plain-Text.
The two requirements for the One-Time pad are
•The key should be randomly generated as long as the size
of the message.
•The key is to be used to encrypt and decrypt a single
message, and then it is discarded.
•So encrypting every new message requires a new key of the
84
same length as the new message in one-time pad.
Hill Cipher
Hill cipher is a polygraphic substitution cipher based on linear algebra . Each
letter is represented by a number modulo 26. Often the simple scheme A =
0, B = 1, …, Z = 25 is used, but this is not an essential feature of the cipher.
To encrypt a message, each block of n letters (considered as an n-
component vector) is multiplied by an invertible n × n matrix, against
modulus 26. To decrypt the message, each block is multiplied by the inverse
of the matrix used for encryption.
The matrix used for encryption is the cipher key, and it should be chosen
randomly from the set of invertible n × n matrices (modulo 26).
Introduction:
•Hill Cipher is a popular symmetric key encryption algorithm that was
developed by Lester S.
•Hill in 1929. It is a polygraphic substitution cipher that encrypts plaintext by
dividing it into blocks of n letters and transforming those blocks using a
matrix-based algorithm.
•Hill Cipher is widely used in various applications, including military
communications, banking, and computer security. 85
•This article aims to provide a comprehensive guide to Hill Cipher, including
its key features, strengths, and weaknesses.
MONOALPHABETIC SUBSTITUTION CIPHERS
Monoalphabetic cipher is a type of encryption technique
in cryptography where each character of the plain text is
mapped to another fixed character of the cipher text.
Monoalphabetic cipher is a type of simple substitution
cipher.
The relationship between the plain text character and
the cipher text character is one-to-one.
For example:
If a plain text character 'a' is mapped to a character 'z', a
plain text word which contains 'a' anywhere will be
substituted with 'z' when creating the cipher text.

86
POLYALPHABETIC SUBSTITUTION CIPHER
A polyalphabetic cipher is a type of encryption that uses
multiple alphabets to substitute letters in a message. It's more
secure than a monoalphabetic cipher, which uses a single
alphabet.
A poly-alphabetic cipher is any cipher based on substitution,
using several substitution alphabets. In polyalphabetic
substitution ciphers, the plaintext letters are enciphered
differently based upon their installation in the text. Rather than
being a one-to-one correspondence, there is a one-to-many
relationship between each letter and its substitutes.

87
VIGENERE CIPHER:
Vigenere Cipher is a method of encrypting alphabetic text. It uses a simple form of
polyalphabetic substitution. A polyalphabetic cipher is any cipher based on
substitution, using multiple substitution alphabets. The encryption of the original
text is done using the Vigenère square or Vigenère table.
•The table consists of the alphabets written out 26 times in different rows, each
alphabet shifted cyclically to the left compared to the previous alphabet,
corresponding to the 26 possible Caesar Ciphers.
•At different points in the encryption process, the cipher uses a different alphabet
from one of the rows.
•The alphabet used at each point depends on a repeating keyword.
•EXAMPLE:
Input : Plaintext : GEEKSFORGEEKS
Keyword : AYUSH
Output : Ciphertext : GCYCZFMLYLEIM
Encryption:
The first letter of the plaintext, G is paired with A, the first letter of the key. So use row G and
column A of the Vigenère square, namely G. Similarly, for the second letter of the plaintext, 88
the second letter of the key is used, the letter at row E, and column Y is C. The rest of the
plaintext is enciphered in a similar fashion.
89
Vernam Cipher is a method of encrypting alphabetic text. It is
one of the Substitution techniques for converting plain text into
cipher text. In this mechanism, we assign a number to each
character of the Plain-Text, like (a = 0, b = 1, c = 2, … z = 25).
Method to take key: In the Vernam cipher algorithm, we take a
key to encrypt the plain text whose length should be equal to the
length of the plain text.

90
Transposition Cipher Technique

The Transposition Cipher Technique is an encryption method used to encrypt a

message or information. This encryption method is done by playing with the
position of letters of the plain text. The positions of the characters present in the
plaintext are rearranged or shifted to form the ciphertext. It makes use of some
kind of permutation function to achieve the encryption purpose. It is very easy
to use and so simple to implement.
Types of Transposition Cipher Techniques
There are three types of transposition cipher techniques
•Rail Fence Transposition Cipher
•Block (Single Columnar) Transposition Cipher
•Double Columnar Transposition Cipher

91
Rail Fence Transposition
Rail-Fence is a basic Transposition method in which plaintext is written as a series of
diagonals, which is then read row by row to generate the ciphertext.
Algorithm
•Step 1: A series of diagonals is used to write the plaintext.
•Step 2: The text is then read as a sequence of rows in order to extract the ciphertext.
Plaintext: Let us meet Today
Ciphertext: LTSETOAEUMETDY

92
Columnar Transposition
In comparison to the rail fence, the columnar transposition cipher is more complex.
To get ciphertext using this method, use these steps −
Algorithm
•Step 1: The plain text is written in a row-by-row pattern in a rectangular matrix of
the given size.
•Step 2: To get the ciphertext, read the text from a rectangular matrix column by
column. However, before reading the data column by column, you must first permute
the column order. The received message is the ciphertext message.
•Given a plain-text message and a numeric key, cipher/de-cipher the given text using
Columnar Transposition Cipher The Columnar Transposition Cipher is a form of
transposition cipher just like Rail Fence Cipher. Columnar Transposition involves
writing the plaintext out in rows, and then reading the ciphertext off in columns one
by one.

93
Intruders in Network Security
In network security, “intruders” are unauthorized individuals or
entities who want to obtain access to a network or system to
breach its security. Intruders can range from inexperienced
hackers to professional and organized cyber criminals. In this
article, we will discuss everything about intruders.
Intruders are often referred to as hackers and are the most
harmful factors contributing to security vulnerability. They have
immense knowledge and an in-depth understanding of
technology and security. Intruders breach the privacy of users
and aim to steal the confidential information of the users. The
stolen information is then sold to third parties, aiming to misuse
it for personal or professional gains.

94
Types of Intruders
•Masquerader: The category of individuals that are not authorized to use the
system but still exploit users’ privacy and confidential information by
possessing techniques that give them control over the system, such category of
intruders is referred to as Masquerader. Masqueraders are outsiders and hence
they don’t have direct access to the system, they aim to attack unethically to
steal data.
•Misfeasor: The category of individuals that are authorized to use the system,
but misuse the granted access and privilege. These are individuals that take
undue advantage of the permissions and access given to them, such category
of intruders is referred to as Misfeasor. Misfeasors are insiders and they have
direct access to the system, which they aim to attack unethically for stealing
data/ information.
•Clandestine User: The category of individuals who have
supervision/administrative control over the system and misuse the authoritative
power given to them. The misconduct of power is often done by superlative
authorities for financial gains, such a category of intruders is referred to as
Clandestine Users. A Clandestine User can be any of the two, insiders or
outsiders, and accordingly, they can have direct/ indirect access to the system,
95

which they aim to attack unethically by stealing data/ information.

Different Ways Adopted by Intruders
•Regressively try all short passwords that may open the system for them.
•Try unlocking the system with default passwords, which will open the system if the user has
not made any change to the default password.
•Try unlocking the system by personal information of the user such as their name, family
member names, address, and phone number in different combinations.
•Making use of a Trojan horse for getting access to the system of the user.
•Attacking the connection of the host and remote user and getting entry through their
connection gateway.
•Trying all the applicable information, relevant to the user such as plate numbers, room
numbers, and locality info.
How to Protect From Intruders?
•By being aware of all the security measures that help us to protect ourselves from Intruders.
•By increasing the security and strengthening the security of the system.
•In case of any attack, first, reach out to cyber security experts for a solution to this type of
attack.
•Try to avoid becoming a survivor of cybercrime.

96