SlideShare a Scribd company logo
1 of 169
Download to read offline
UNIT I
Prepared by
Dr. R. Arthy, AP/IT
Kamaraj College of Engineering and
Technology (Autonomous), Madurai.
CS8792 - CRYPTOGRAPHY AND
NETWORK SECURITY
Agenda
⚫ Security trends
⚫ Legal, Ethical and Professional Aspects of Security
⚫ Need for Security at Multiple levels, Security Policies
⚫ Security attacks, services and mechanism
⚫ OSI security architecture
⚫ Model of network security
Security Trends
Introduction
⚫ In 1994, the Internet Architecture Board (IAB) issued
a report entitled "Security in the Internet Architecture"
(RFC 1636).
⚫ Observations - Internet needs more and better security,
and it identified key areas for security mechanisms
⚫ Requirements
⚫ Need to secure the network infrastructure from
unauthorized monitoring and control of network traffic
⚫ Need to secure end-user-to-end-user traffic using
authentication and encryption mechanisms
⚫ Reported by the
Computer
Emergency
Response Team
(CERT)
Coordination Center
(CERT/CC).
⚫ Internet-related
vulnerabilities
Legal, Ethical, and Professional
Issues in Information Security
Law and Ethics in Information Security
⚫ Laws
⚫ Rules that mandate or prohibit certain behavior
⚫ Drawn from ethics
⚫ Ethics
⚫ Define socially acceptable behaviors
⚫ Key difference
⚫ Laws carry the authority of a governing body
⚫ Ethics do not carry the authority of a governing body
⚫ Based on cultural mores
⚫ Fixed moral attitudes or customs
⚫ Some ethics standards are universal
Organizational Liability and the Need for
Counsel
⚫ Liability
⚫ Legal obligation of organization
⚫ Extends beyond criminal or contract law
⚫ Include legal obligation to restitution
⚫ Employee acting with or without the authorization performs and illegal or
unethical act that causes some degree of harm
⚫ Employer can be held financially liable
⚫ Due care
⚫ Organization makes sure that every employee knows what is acceptable or
unacceptable
⚫ Knows the consequences of illegal or unethical actions
Organizational Liability and the Need
for Counsel
⚫ Due diligence
⚫ Requires
⚫ Make a valid effort to protect others
⚫ Maintains the effort
⚫ Jurisdiction
⚫ Court’s right to hear a case if a wrong is committed
⚫ Term – long arm
⚫ Extends across the country or around the world
Policy Versus law
⚫ Policies
⚫ Guidelines that describe acceptable and unacceptable
employee behaviors
⚫ Functions as organizational laws
⚫ Has penalties, judicial practices, and sanctions
⚫ Difference between policy and law
⚫ Ignorance of policy is acceptable
⚫ Ignorance of law is unacceptable
⚫ Keys for a policy to be enforceable
⚫ Dissemination
⚫ Review
⚫ Comprehension
⚫ Compliance
⚫ Uniform enforcement
Types of Law
⚫ Civil – govern a nation or state
⚫ Criminal – addresses activities and conduct harmful to
public
⚫ Private – encompasses family, commercial, labor, and
regulates the relationship between individuals and
organizations
⚫ Public – regulates the structure and administration of
government agencies and their relationships with citizens,
employees, and other governments
International Laws and Legal Bodies
⚫ Organizations do business on the Internet – they do
business globally
⚫ Professionals must be sensitive to the laws and ethical
values of many different cultures, societies, and countries
⚫ Few international laws relating to privacy and
informational security
⚫ International laws are limited in their enforceablity
Council of Europe Convention on
Cybercrime
⚫ International task force
⚫ Designed to oversee range of security functions
⚫ Designed to standardized technology laws across
international borders
⚫ Attempts to improve the effectiveness of international
investigations into breaches of technology law
⚫ Concern raised by those concerned with freedom of
speech and civil liberties
⚫ Overall goal
⚫ Simplify the acquisition of information for law enforcement
agencies in certain types of international crimes
Agreement on Trade-Related Aspects of
Intellectual Property Rights
⚫ Created by the World Trade Organization
⚫ Introduced intellectual property rules into the
multilateral trade system
⚫ First significant international effort to protect
intellectual property rights
Agreement on Trade-Related Aspects of
Intellectual Property Rights
⚫ Covers five issues
⚫ How basic principles of the trading system and other international
intellectual property agreements should be applied
⚫ How to give adequate protection to intellectual property rights
⚫ How countries should enforce those rights adequately in their own
territories
⚫ How to settle disputes on intellectual property between members
of the WTO
⚫ Special transitional arrangements during the period when the new
system is being introduced
Digital Millennium Copyright Act
⚫ American contribution to WTO
⚫ Plan to reduce the impact of copyright, trademark, and
privacy infringement
⚫ United Kingdom has implemented a version
⚫ Database Right
Major IT Professional Organizations
⚫ Association of Computing Machinery
⚫ “World’s first educational and scientific computing society”
⚫ Strongly promotes education
⚫ Provides discounts for student members
⚫ International Information Systems Security Certification Consortium, Inc.
(ISC)2
⚫ Nonprofit organization
⚫ Focuses on the development and implementation of information security
certifications and credentials
⚫ Manages a body of knowledge on information security
⚫ Administers and evaluated examinations for information security certifications
Major IT Professional Organizations
⚫ Information Systems Audit and Control Association
⚫ Focuses on auditing, control, and security
⚫ Membership includes technical and managerial professionals
⚫ Does not focus exclusively on information security
⚫ Has many information security components
⚫ Information Systems Security Associations (ISSA)
⚫ Nonprofit society of information security professionals
⚫ Mission – bring together qualified information security practioners
⚫ Information exchange
⚫ Education development
⚫ Focus – “promoting management practices that will ensure the confidentiality, integrity, and
availability of organizational information resources”
Major IT Professional Organizations
⚫ Systems Administration, Networking, and Security
Institute (SANS)
⚫ Professional research and education cooperative
⚫ Current membership > 156,000
⚫ Security professionals
⚫ Auditors
⚫ System administrators
⚫ Network administrators
⚫ Offers set of certifications
Federal Agencies
⚫ Department of Homeland Security
⚫ Five directorates or divisions
⚫ Mission – protecting the people as well as the physical and
informational assets of the United States
⚫ Directorate of Information and Infrastructure
⚫ Creates and enhances resources used to discover and responds to attacks on
national information systems and critical infrastructure
⚫ Directorate of Science and Technology
⚫ Research and development activities in support of homeland defense
⚫ Examination of vulnerabilities
⚫ Sponsors emerging best practices
Federal Agencies
⚫ National InfraGard Program
⚫ Each FBI office establishes a chapter
⚫ Collaborates with public and private organizations and academia
⚫ Serves members in 4 ways
⚫ Maintains an intrusion alert network using encrypted e-mail
⚫ Maintains a secure Web site for communication about suspicious activity or intrusions
⚫ Sponsors local chapter activities
⚫ Operates a help desk for questions
⚫ Contribution – free exchange of information to and from the private sector in
the areas of threats and attacks on information resources
Federal Agencies
⚫ National Security Agency (NSA)
“the nation’s cryptologic organization. It coordinates, directs, and
performs highly specialized activities to protect U.S. information systems
and produce foreign intelligence information… It is also one of the most
important centers of foreign language analysis and research within the
Government.”
⚫ U. S. Secret Service
⚫ Located in Department of the Treasury
⚫ Charged with the detection and arrest of any person committing a
United States federal offense relating to computer fraud and false
identification crimes.
OSI Security Architecture
Services, Mechanisms, Attacks
⚫ need systematic way to define requirements
⚫ consider three aspects of information security:
⚫ security attack
⚫ security mechanism
⚫ security service
⚫ consider in reverse order
Security Service
⚫ is something that enhances the security of the data processing
systems and the information transfers of an organization
⚫ intended to counter security attacks
⚫ make use of one or more security mechanisms to provide the
service
⚫ replicate functions normally associated with physical
documents
⚫ eg. have signatures, dates; need protection from disclosure, tampering,
or destruction; be notarized or witnessed; be recorded or licensed
Security Mechanism
⚫ a mechanism that is designed to detect, prevent, or recover
from a security attack
⚫ no single mechanism that will support all functions
required
⚫ however one particular element underlies many of the
security mechanisms in use: cryptographic techniques
⚫ hence our focus on this area
Security Attack
⚫ any action that compromises the security of information
owned by an organization
⚫ information security is about how to prevent attacks, or
failing that, to detect attacks on information-based systems
⚫ have a wide range of attacks
⚫ can focus of generic types of attacks
⚫ note: often threat & attack mean same
OSI Security Architecture
⚫ ITU-T X.800 Security Architecture for OSI
⚫ defines a systematic way of defining and providing
security requirements
⚫ for us it provides a useful, if abstract, overview of
concepts we will study
Security Services
⚫ X.800 defines it as: a service provided by a protocol
layer of communicating open systems, which ensures
adequate security of the systems or of data transfers
⚫ RFC 2828 defines it as: a processing or
communication service provided by a system to give a
specific kind of protection to system resources
⚫ X.800 defines it in 5 major categories
Security Services (X.800)
⚫ Authentication - assurance that the communicating entity is the one claimed
⚫ Peer entity and Data origin authentication
⚫ Access Control - prevention of the unauthorized use of a resource
⚫ Data Confidentiality –protection of data from unauthorized disclosure
⚫ Connection, Connectionless, Selective Field and Traffic flow
⚫ Data Integrity - assurance that data received is as sent by an authorized entity
⚫ Connection integrity with recovery, Connection integrity without recovery,
Connectionless integrity, Selective field connection integrity, Selective field
connectionless integrity
⚫ Non-Repudiation - protection against denial by one of the parties in a
communication
⚫ Origin and destination
Security Mechanisms (X.800)
⚫ specific security mechanisms:
⚫ encipherment, digital signatures, access controls, data
integrity, authentication exchange, traffic padding,
routing control, notarization
⚫ pervasive security mechanisms:
⚫ trusted functionality, security labels, event detection,
security audit trails, security recovery
Relation between Security Services
and Mechanisms
[contd…]
Classify Security Attacks as
⚫ passive attacks - eavesdropping on, or monitoring of,
transmissions to:
⚫ obtain message contents, or
⚫ monitor traffic flows
⚫ active attacks – modification of data stream to:
⚫ masquerade of one entity as some other
⚫ replay previous messages
⚫ modify messages in transit
⚫ denial of service
Model for Network Security
Model for Network Security
⚫ using this model requires us to:
⚫ design a suitable algorithm for the security transformation
⚫ generate the secret information (keys) used by the algorithm
⚫ develop methods to distribute and share the secret
information
⚫ specify a protocol enabling the principals to use the
transformation and secret information for a security service
Model for Network Access Security
Classical Encryption Algorithms
10.08.2020
CRYPTOGRAPHYAND
NETWORK SECURITY
Algorithms
 Substitution
 Caesar Cipher
 Shift Cipher
 Playfair Cipher
 Vigenere Cipher
 Auto Key Cipher
 One Time Pad
 Hill Cipher
 Affine Cipher
 Transposition
 Rail Fence
 Row Columnar Transposition
Algorithms
 Substitution
 Caesar Cipher
 Shift Cipher
 Playfair Cipher
 Vigenere Cipher
 Auto Key Cipher
 One Time Pad
 Hill Cipher
 Affine Cipher
 Transposition
 Rail Fence
 Row Columnar Transposition
Brute Force Attack in Shift Cipher
Step 1: Hacking
[contd…]
 Step 2: Try with possible
keys
 Example
UNQC FQFUHI BUQAUT QJ
QXQ.SEC
1 UNQC FQFUHI BUQAUT QJ QXQ.SEC
2 TMPB EPETGH ATPZTS PI PWP.RDB
3 SLOA DODSFG ZSOYSR OH OVO.QCA
4 RKNZ CNCREF YRNXRQ NG NUN.PBZ
5 QJMY BMBQDE XQMWQP MF MTM.OAY
6 PILX ALAPCD WPLVPO LE LSL.NZX
7 OHKW ZKZOBC VOKUON KD KRK.MYW
8 NGJV YJYNAB UNJTNM JC JQJ.LXV
9 MFIU XIXMZA TMISML IB IPI.KWU
10 LEHT WHWLYZ SLHRLK HA HOH.JVT
11 KDGS VGVKXY RKGQKJ GZ GNG.IUS
12 JCFR UFUJWX QJFPJI FY FMF.HTR
13 IBEQ TETIVW PIEOIH EX ELE.GSQ
14 HADP SDSHUV OHDNHG DW DKD.FRP
15 GZCO RCRGTU NGCMGF CV CJC.EQO
16 FYBN QBQFST MFBLFE BU BIB.DPN
17 EXAM PAPERS LEAKED AT AHA.COM
18 DWZL OZODQR KDZJDC ZS ZGZ.BNL
19 CVYK NYNCPQ JCYICB YR YFY.AMK
20 BUXJ MXMBOP IBXHBA XQ XEX.ZLJ
21 ATWI LWLANO HAWGAZ WP WDW.YKI
22 ZSVH KVKZMN GZVFZY VO VCV.XJH
23 YRUG JUJYLM FYUEYX UN UBU.WIG
24 XQTF ITIXKL EXTDXW TM TAT.VHF
25 WPSE HSHWJK DWSCWV SL SZS.UGE
Algorithms
 Substitution
 Caesar Cipher
 Shift Cipher
 Playfair Cipher
 Vigenere Cipher
 Auto Key Cipher
 One Time Pad
 Hill Cipher
 Affine Cipher
 Transposition
 Rail Fence
 Row Columnar Transposition
Advantage
 It is significantly harder to break since the frequency
analysis technique used to break simple substitution
ciphers is difficult but still can be used on (25*25) =
625 digraphs rather than 25 monographs which is
difficult.
 Frequency analysis thus requires more cipher text to
crack the encryption.
Disadvantage
 An interesting weakness is the fact that a digraph in the
ciphertext (AB) and it’s reverse (BA) will have
corresponding plaintexts like UR and RU. That can
easily be exploited with the aid of frequency analysis,
if the language of the plaintext is known.
 Another disadvantage is that playfair cipher is
a symmetric cipher thus same key is used for both
encryption and decryption.
Algorithms
 Substitution
 Caesar Cipher
 Shift Cipher
 Playfair Cipher
 Vigenere Cipher
 Auto Key Cipher
 One Time Pad
 Hill Cipher
 Affine Cipher
 Transposition
 Rail Fence
 Row Columnar Transposition
Introduction
 The encryption of the original text is done using
the Vigenère square or Vigenère table.
 The Vigenère table uses a 26×26 matrix with A to Z as
the row heading and column heading
 The Vigenère cipher is an example of a polyalphabetic
substitution cipher.
 A polyalphabetic substitution cipher is similar to a
monoalphabetic substitution except that the cipher
alphabet is changed periodically while enciphering the
message.
Vigenère Cipher
 Encryption
 The plaintext(P) and key(K) are added modulo 26.
 Ci = (Pi + Ki) mod 26
 Decryption
 Pi = (Ci - Ki + 26) mod 26
Vigenère table
Example - Encryption
 Plain Text – a simple example
 Key – crypto
a s i m p l e e x a m p l e
c r y p t o c r y p t o c r
C J G B I Z G V V P F D N V
Plain Text (P)
Key (K)
Cipher Text (C)
[contd…]
 Plain Text – a simple example
 Key – crypto
a s i m p l e e x a m p l e
c r y p t o c r y p t o c r
0 18 8 12 15 11 4 4 23 0 12 15 11 4
2 17 24 15 19 14 2 17 24 15 19 14 2 17
2 9 6 1 8 25 6 21 21 15 5 3 13 21
C J G B I Z G V V P F D N V
Plain Text (P)
Cipher Text (C)
Plain Text (Pi)
Key (Ki)
Cipher Text (Ci)
Key (K)
Decryption
 Reverse of encryption
Example
 Cipher Text – CJGBIZGVVPFDNV
 Key – crypto
C J G B I Z G V V P F D N V
c r y p t o c r y p t o c r
a s i m p l e e x a m p l e
Plain Text (P)
Key (K)
Cipher Text (C)
[contd…]
 Cipher Text – CJGBIZGVVPFDNV
 Key – crypto
C J G B I Z G V V P F D N V
c r y p t o c r y p t o c r
2 9 6 1 8 25 6 21 21 15 5 3 13 21
2 17 24 15 19 14 2 17 24 15 19 14 2 17
0 18 8 12 15 11 4 4 23 0 12 15 11 4
a s i m p l e e x a m p l e
Plain Text (P)
Cipher Text (C)
Plain Text (Pi)
Key (Ki)
Cipher Text (Ci)
Key (K)
Algorithms
 Substitution
 Caesar Cipher
 Shift Cipher
 Playfair Cipher
 Vigenere Cipher
 Auto Key Cipher
 One Time Pad
 Hill Cipher
 Affine Cipher
 Transposition
 Rail Fence
 Row Columnar Transposition
Introduction
 Autokey Cipher is a polyalphabetic substitution
cipher.
 It is closely related to the Vigenere cipher but uses a
different method of generating the key.
Auto Key Cipher
 Encryption
 The plaintext(P) and key(K) are added modulo 26.
 Ci = (Pi + Ki) mod 26
 Decryption
 Pi = (Ci - Ki + 26) mod 26
Example - Encryption
 Plain Text – a simple example
 Key – crypto
a s i m p l e e x a m p l e
c r y p t o a s i m p l e e
C J G B I Z E W F M B A P I
Plain Text (P)
Key (K)
Cipher Text (C)
[contd…]
 Plain Text – a simple example
 Key – crypto
a s i m p l e e x a m p l e
c r y p t o a s i m p l e e
0 18 8 12 15 11 4 4 23 0 12 15 11 4
2 17 24 15 19 14 0 18 8 12 15 11 4 4
2 9 6 1 8 25 4 22 5 12 1 0 15 8
C J G B I Z E W F M B A P I
Plain Text (P)
Cipher Text (C)
Plain Text (Pi)
Key (Ki)
Cipher Text (Ci)
Key (K)
Decryption
 Reverse of encryption
Example
 Cipher Text – CJGBIZEWFMBAPI
 Key – crypto
C J G B I Z E W F M B A P I
c r y p t o a s i m p l e e
a s i m p l e e x a m p l e
Plain Text (P)
Key (K)
Cipher Text (C)
[contd…]
 Cipher Text – CJGBIZEWFMBAPI
 Key – crypto
C J G B I Z E W F M B A P I
c r y p t o a s i m p l e e
2 9 6 1 8 25 4 22 5 12 1 0 15 8
2 17 24 15 19 14 0 18 8 12 15 11 4 4
0 18 8 12 15 11 4 4 23 0 12 15 11 4
a s i m p l e e x a m p l e
Plain Text (P)
Cipher Text (C)
Plain Text (Pi)
Key (Ki)
Cipher Text (Ci)
Key (K)
Algorithms
 Substitution
 Caesar Cipher
 Shift Cipher
 Playfair Cipher
 Vigenere Cipher
 Auto Key Cipher
 One Time Pad
 Hill Cipher
 Affine Cipher
 Transposition
 Rail Fence
 Row Columnar Transposition
Introduction
 One-time pad cipher is a type of Vignere cipher which
includes the following features −
 It is an unbreakable cipher.
 The key is exactly same as the length of message which
is encrypted.
 The key is made up of random symbols.
 As the name suggests, key is used one time only and
never used again for any other message to be encrypted.
Why is it Unbreakable?
 The key is unbreakable owing to the following features
 The key is as long as the given message.
 The key is truly random and specially auto-generated.
 Each key should be used once and destroyed by both
sender and receiver.
 There should be two copies of key: one with the sender
and other with the receiver.
Algorithms
 Substitution
 Caesar Cipher
 Shift Cipher
 Playfair Cipher
 Vigenere Cipher
 Auto Key Cipher
 One Time Pad
 Hill Cipher
 Affine Cipher
 Transposition
 Rail Fence
 Row Columnar Transposition
Introduction
 In a transposition cipher, the order of the alphabets is
re-arranged to obtain the cipher-text.
 A simple form of Rail Fence
 Plain Text – defend the east wall
 Key - 2
Encryption
 In the rail fence cipher, the plain-text is written
downwards and diagonally on successive rails of an
imaginary fence.
 When we reach the bottom rail, we traverse upwards
moving diagonally, after reaching the top rail, the
direction is changed again. Thus the alphabets of the
message are written in a zig-zag manner.
 After each alphabet has been written, the individual
rows are combined to obtain the cipher-text.
Example
 Plain Text – defend the east wall
 Key – 3
 Cipher Text - DNETLEEDHESWLXFTAAX
Decryption
 Size of the Matrix = key * length(cipher text)
 Once we’ve got the matrix we can figure-out the spots
where texts should be placed (using the same way of
moving diagonally up and down alternatively ).
 Then, we fill the cipher-text row wise. After filling it,
we traverse the matrix in zig-zag manner to obtain the
original text.
Example
 Cipher Text – DNETLEEDHESWLXFTAAX
 Key – 3
 Size of the matrix = key * length(cipher text)
= 3 * 19
* * * * *
* * * * * * * * *
* * * * *
D N E T L
* * * * * * * * *
* * * * *
[contd…]
D N E T L
E E D H E S W L X
* * * * *
D N E T L
E E D H E S W L X
F T A A X
Plain Text – defend the east wall
Algorithms
 Substitution
 Caesar Cipher
 Shift Cipher
 Playfair Cipher
 Vigenere Cipher
 Auto Key Cipher
 One Time Pad
 Hill Cipher
 Affine Cipher
 Transposition
 Rail Fence
 Row Columnar Transposition
Introduction
 The Columnar Transposition Cipher is a form of
transposition cipher just like Rail Fence Cipher.
 Columnar Transposition involves writing the plaintext
out in rows, and then reading the ciphertext off in
columns one by one.
Plain Text - "a simple transposition"
Cipher Text
"ALNISESTITPIMROOPASN"
Encryption
 The message is written out in rows of a fixed length, and
then read out again column by column, and the columns
are chosen in some scrambled order.
 Width of the rows and the permutation of the columns are
usually defined by a keyword.
 For example, the word HACK is of length 4 (so the rows
are of length 4), and the permutation is defined by the
alphabetical order of the letters in the keyword. In this case,
the order would be “3 1 2 4”.
 Any spare spaces are filled with nulls or left blank or
placed by a character (Example: _).
 Finally, the message is read off in columns, in the order
specified by the keyword.
Example
 Plain Text - "The tomato
is a plant in the nightshade
family“
 Keyword - tomato
 Cipher Text -
"TINESAXEOAHTFXHT
LTHEYMAIIAIXTA
PNGDLOSTNHMX".
Decryption
 To decipher it, the recipient has to work out the
column lengths by dividing the message length by the
key length.
 Then, write the message out in columns again, then re-
order the columns by reforming the key word.
Example
 Cipher Text -
"TINESAXEOAHTFXHTLTHEYMAIIAIXTA
PNGDLOSTNHMX".
 Keyword - tomato
 Number of rows = length(cipher text)/length(keyword)
= 42 / 6
= 7
[contd…]
T O M A T O
5 3 2 1 6 4
T O M A T O
5 3 2 1 6 4
T
I
N
E
S
A
X
[contd…]
T O M A T O
5 3 2 1 6 4
E T
O I
A N
H E
T S
F A
X X
T O M A T O
5 3 2 1 6 4
H E T
T O I
L A N
T H E
H T S
E F A
Y X X
[contd…]
T O M A T O
5 3 2 1 6 4
H E T M
T O I A
L A N I
T H E I
H T S A
E F A I
Y X X X
T O M A T O
5 3 2 1 6 4
T H E T M
A T O I A
P L A N I
N T H E I
G H T S A
D E F A I
L Y X X X
[contd…]
T O M A T O
5 3 2 1 6 4
T H E T O M
A T O I S A
P L A N T I
N T H E N I
G H T S H A
D E F A M I
L Y X X X X
 Plain Text - "The tomato
is a plant in the nightshade
family“
Classical Encryption Algorithms
17.08.2020
CRYPTOGRAPHYAND
NETWORK SECURITY
Algorithms
 Substitution
 Caesar Cipher
 Shift Cipher
 Playfair Cipher
 Vigenere Cipher
 Auto Key Cipher
 One Time Pad
 Hill Cipher
 Affine Cipher
 Transposition
 Rail Fence
 Row Columnar Transposition
Introduction
 In a transposition cipher, the order of the alphabets is
re-arranged to obtain the cipher-text.
 A simple form of Rail Fence
 Plain Text – defend the east wall
 Key - 2
Encryption
 In the rail fence cipher, the plain-text is written
downwards and diagonally on successive rails of an
imaginary fence.
 When we reach the bottom rail, we traverse upwards
moving diagonally, after reaching the top rail, the
direction is changed again. Thus the alphabets of the
message are written in a zig-zag manner.
 After each alphabet has been written, the individual
rows are combined to obtain the cipher-text.
Example
 Plain Text – defend the east wall
 Key – 3
 Cipher Text - DNETLEEDHESWLXFTAAX
Decryption
 Size of the Matrix = key * length(cipher text)
 Once we’ve got the matrix we can figure-out the spots
where texts should be placed (using the same way of
moving diagonally up and down alternatively ).
 Then, we fill the cipher-text row wise. After filling it,
we traverse the matrix in zig-zag manner to obtain the
original text.
Example
 Cipher Text – DNETLEEDHESWLXFTAAX
 Key – 3
 Size of the matrix = key * length(cipher text)
= 3 * 19
* * * * *
* * * * * * * * *
* * * * *
D N E T L
* * * * * * * * *
* * * * *
[contd…]
D N E T L
E E D H E S W L X
* * * * *
D N E T L
E E D H E S W L X
F T A A X
Plain Text – defend the east wall
Algorithms
 Substitution
 Caesar Cipher
 Shift Cipher
 Playfair Cipher
 Vigenere Cipher
 Auto Key Cipher
 One Time Pad
 Hill Cipher
 Affine Cipher
 Transposition
 Rail Fence
 Row Columnar Transposition
Introduction
 The Columnar Transposition Cipher is a form of
transposition cipher just like Rail Fence Cipher.
 Columnar Transposition involves writing the plaintext
out in rows, and then reading the ciphertext off in
columns one by one.
Plain Text - "a simple transposition"
Cipher Text
"ALNISESTITPIMROOPASN"
Encryption
 The message is written out in rows of a fixed length, and
then read out again column by column, and the columns
are chosen in some scrambled order.
 Width of the rows and the permutation of the columns are
usually defined by a keyword.
 For example, the word HACK is of length 4 (so the rows
are of length 4), and the permutation is defined by the
alphabetical order of the letters in the keyword. In this case,
the order would be “3 1 2 4”.
 Any spare spaces are filled with nulls or left blank or
placed by a character (Example: _).
 Finally, the message is read off in columns, in the order
specified by the keyword.
Example
 Plain Text - "The tomato
is a plant in the nightshade
family“
 Keyword - tomato
 Cipher Text -
"TINESAXEOAHTFXHT
LTHEYMAIIAIXTA
PNGDLOSTNHMX".
Decryption
 To decipher it, the recipient has to work out the
column lengths by dividing the message length by the
key length.
 Then, write the message out in columns again, then re-
order the columns by reforming the key word.
Example
 Cipher Text -
"TINESAXEOAHTFXHTLTHEYMAIIAIXTA
PNGDLOSTNHMX".
 Keyword - tomato
 Number of rows = length(cipher text)/length(keyword)
= 42 / 6
= 7
[contd…]
T O M A T O
5 3 2 1 6 4
T O M A T O
5 3 2 1 6 4
T
I
N
E
S
A
X
[contd…]
T O M A T O
5 3 2 1 6 4
E T
O I
A N
H E
T S
F A
X X
T O M A T O
5 3 2 1 6 4
H E T
T O I
L A N
T H E
H T S
E F A
Y X X
[contd…]
T O M A T O
5 3 2 1 6 4
H E T M
T O I A
L A N I
T H E I
H T S A
E F A I
Y X X X
T O M A T O
5 3 2 1 6 4
T H E T M
A T O I A
P L A N I
N T H E I
G H T S A
D E F A I
L Y X X X
[contd…]
T O M A T O
5 3 2 1 6 4
T H E T O M
A T O I S A
P L A N T I
N T H E N I
G H T S H A
D E F A M I
L Y X X X X
 Plain Text - "The tomato
is a plant in the nightshade
family“
Algorithms
 Substitution
 Caesar Cipher
 Shift Cipher
 Playfair Cipher
 Vigenere Cipher
 Auto Key Cipher
 One Time Pad
 Hill Cipher
 Affine Cipher
 Transposition
 Rail Fence
 Row Columnar Transposition
Affine Cipher
 The Affine Cipher is another example of a
Monoalphabetic Substitution cipher.
 Encryption
C = (aP + b) mod 26
where a and b are the key for the cipher.
 Decryption
P = a-1(C - b) mod 26
a x a-1 = 1 mod 26
Example - Encryption
Plain text c o o l
2 14 14 11
5P + 8 18 78 78 63
(5P + 8)mod 26 18 0 0 11
Cipher text S A A L
Plain Text – cool
a = 5
b = 8
Example - Decryption
Cipher text S A A L
18 0 0 11
C – 8 10 -8 -8 3
21(C – 8) 210 -168 -168 63
21(C – 8) mod 26 2 14 14 11
Plain text c o o l
Cipher Text – SAAL
a = 5
b = 8
To find a-1
a x a-1 = 1 mod 26
5 x a-1 = 1 mod 26
5 x 21 = 1 mod 26
Tryout
 Encipher “affine” if the encipherment function is E(x)
= (5x + 8) MOD 26.
 Decipher HPCCXAQ if the encipherment function is
E(x) = (5x + 8) MOD 26.
CRYPTOGRAPHY AND
NETWORK SECURITY
PLAYFAIR CIPHER
06.08.2020
INTRODUCTION
 Playfair cipher was the first practical digraph
substitution cipher.
 The scheme was invented in 1854 by Charles
Wheatstone but was named after Lord Playfair who
promoted the use of the cipher.
 It was used in World War I and II.
 Encryption Steps:
Step 1: Key Generation
Step 2: Encryption Process
STEP 1: KEY GENERATION
 Key Size: 5 X 5
 Key representation: matrix
 I and J occupies same place.
 Example: Key – “MONARCHY”
STEP 2: ENCRYPTION PROCESS
 Pair the given plain text. If the pair contains same letter
then insert least frequently occurring letter and repair it.
Rule 1: If both the letters are in the same column: Take
the letter below each one (going back to the top if at the
bottom).
Example
Diagraph: "me"
Encrypted Text: cl
Encryption: m  c
e  l
[CONTD…
Rule 2: If both the letters are in the same row: Take the
letter to the right of each one (going back to the leftmost
if at the rightmost position).
Example:
Diagraph: "st"
Encrypted Text: tl
Encryption: s  t
t  l
[CONTD…]
Step 3: If neither of the above rules is true: Form a
rectangle with the two letters and take the letters on the
horizontal opposite corner of the rectangle.
Example:
Diagraph: "nt"
Encrypted Text: rq
Encryption: n  r
t  q
DECRYPTION PROCESS
 Reverse of Encryption process
ADVANTAGE
 It is significantly harder to break since the frequency
analysis technique used to break simple substitution
ciphers is difficult but still can be used on (25*25) = 625
digraphs rather than 25 monographs which is difficult.
 Frequency analysis thus requires more cipher text to
crack the encryption.
DISADVANTAGE
 An interesting weakness is the fact that a digraph in the
ciphertext (AB) and it’s reverse (BA) will have
corresponding plaintexts like UR and RU. That can
easily be exploited with the aid of frequency analysis, if
the language of the plaintext is known.
 Another disadvantage is that playfair cipher is
a symmetric cipher thus same key is used for both
encryption and decryption.
TRY OUT
 Use Playfair cipher to encrypt the Plain Text –
“cryptography” using Key – “secret”.
 Find the plain text give cipher text as
“GQRMCGTKXEWVPNLX” with the key as “world”.
CRYPTOGRAPHY AND NETWORK
SECURITY
HILL CIPHER
INTRODUCTION
 The Hill Cipher was invented by Lester S. Hill in 1929.
 It is a polygraphic substitution cipher.
 The Hill Cipher uses an area of mathematics called Linear Algebra.
 in particular requires the user to have an elementary understanding
of matrices.
 It also make use of Modulo Arithmetic
 Inputs : String of English letters, A,B,…,Z.
 An nn matrix K, with entries drawn from 0,1,…,25.
(The matrix K serves as the secret key. )
 Divide the input string into blocks of size n.
FORMULA
Encryption
 C = PK mod 26
Decryption
 P = K-1C mod 26
ENCRYPTION – 2 X 2
Let us consider the plaintext as – xyzsdfgh
Let us consider the key as –
Encryption Steps:
1. Grouping – Size of the group is 2 since the key matrix size is
2
{xy, zs, df, gh}
2. Perform encryption using the encryption formula. Hence,
ENCRYPTION – 3 X 3
Let us consider the plaintext as – xyzsdfghs
Let us consider the key as –
Encryption Steps:
1. Grouping – Size of the group is 3 since the key matrix size is
3
{xyz, sdf, ghs}
2. Perform encryption using the encryption formula. Hence,
DECRYPTION – 2 X 2
Let us consider the key as –
Steps to find K-1:
1. Find the Multiplicative Inverse of the Determinant
2. Find the Adjugate Matrix
3. Multiply the Multiplicative Inverse of the Determinant by the Adjugate Matrix
DECRYPTION – 3 X 3
Let us consider the key as –
Steps to find K-1:
1. Find the Multiplicative Inverse of the Determinant
DECRYPTION – 3 X 3
2. Find the Adjugate Matrix
3. Multiply the Multiplicative Inverse of the Determinant by the Adjugate Matrix
CRYPTOGRAPHYAND NETWORK
SECURITY
Foundations of Modern Cryptography
11.09.2020
INTRODUCTION
 Modern cryptography is the cornerstone of computer and
communications security.
 Its foundation is based on various concepts of
mathematics such as number theory, computational-
complexity theory, and probability theory.
CHARACTERISTICS OF MODERN
CRYPTOGRAPHY
Classic Cryptography Modern Cryptography
It manipulates traditional
characters, i.e., letters and digits
directly.
It operates on binary bit sequences.
It is mainly based on ‗security
through obscurity‘. The techniques
employed for coding were kept
secret and only the parties involved
in communication knew about them.
It relies on publicly known mathematical
algorithms for coding the information.
Secrecy is obtained through a secrete key
which is used as the seed for the
algorithms. The computational difficulty
of algorithms, absence of secret key, etc.,
make it impossible for an attacker to
obtain the original information even if he
knows the algorithm used for coding.
It requires the entire cryptosystem
for communicating confidentially.
Modern cryptography requires parties
interested in secure communication to
possess the secret key only.
CRYPTOGRAPHYAND NETWORK
SECURITY
Perfect Security
PRIVACY
 Alice wants to send a message to Bob without an
adversary Eve figuring out the message.
INTEGRITY AND AUTHENTICITY
 Bob wants to make sure that the message that he
received from Alice is indeed sent by her and not
modified during transit.
PERFECT WORLD
 There is a super-strong pipe between Alice and Bob.
 Both privacy and authenticity goals are met.
REAL WORLD
 The channel between Alice and Bob is public.
 Assume that Alice and Bob share some secret K.
 Alice encodes her message M using a public encryption algorithm E
and K. We write C = EK(M).
 Bob decrypts Alice‘s message using a public decryption algorithm D
and K. We write M = DK(C).
SHANNON‘S ONE TIME PAD
 EK(M) = K (XOR) M and
DK(C) = K (XOR) C
 Example:
 101 (XOR) 111 = 010
 101 (XOR) 010 = 111
 Is this protocol secure?
 Yes. The adversary can only guess each bit with probability
½.
 Problem: The key is as long as the message.
PSEUDORANDOMNESS
 Suppose there was a generator that stretches random bits.
 Idea:
 Choose a short key K randomly.
 Obtain K’=G(K).
 Use K’ as key for the one time pad.
 Issue:
 Such a generator is not possible!
 Any such generator produces a longer string but the string is not random.
[CONTD…]
 What if there is a generator that produces strings that ―appear
to be random‖. The bits are pseudorandom.
 General idea: The bits are not really random but they are as
good as random so we‘ll just use them for our purpose.
 Approach for proving security:
 Carefully define pseudorandomness (―appears to be random‖).
 Argue that if there is an adversary that breaks the protocol (our one
time pad), then the bit string produced by G is not really
pseudorandom.
ATTACKS
 Ciphertext only
 Known plaintext
 Chosen plaintext
 Chosen ciphertext
PERFECT SECRECY - BASIC CONCEPTS
Let P, K and C be sets of plaintexts, keys and cryptotexts.
Let pK(k) be the probability that the key k is chosen from K and let a priory
probability that plaintext w is chosen is pp(w).
If for a key , then for the probability PC(y) that c is
the cryptotext that is transmitted it holds
For the conditional probability pc(c|w) that c is the cryptotext if w is the plaintext it
holds
Using Bayes' conditional probability formula p(y)p(x|y) = p(x)p(y|x) we get for
probability pP(w|c) that w is the plaintext if c is the cryptotext the expression
   
 
P
|
K, 

 w
w
e
k
C
k k
     
 
 
 
.
|



k
C
c
k
k
P
K
C c
d
p
k
p
c
p
   
 
 
.
|
|



c
d
w
k
K
C
k
k
p
w
c
p
   
 
 
   
 
 
 
.
|
|





K
C
c
k K
P
K
c
k
d
w
k K
P
c
d
p
k
p
k
p
w
P
P
p
PERFECT SECRECY - BASIC RESULTS
Definition A cryptosystem has perfect secrecy if
(That is, the a posteriori probability that the plaintext is w,given that the cryptotext is c
is obtained, is the same as a priori probability that the plaintext is w.)
Example CAESAR cryptosystem has perfect secrecy if any of the26 keys is used with
the same probability to encode any symbol of the plaintext.
    C.
and
P
all
for
| 

 c
w
w
p
c
w
p P
P
PERFECT SECRECY - BASIC RESULTS
An analysis of perfect secrecy: The condition pP(w|c) = pP(w) is for all wP and cC
equivalent to the condition pC(c|w) = pC(c).
Let us now assume that pC(c) > 0 for all cC.
Fix wP. For each cC we have pC(c|w) = pC(c) > 0. Hence, for each c€C there must
exists at least one key k such that ek(w) = c. Consequently, |K| >= |C| >= |P|.
In a special case |K| = |C| = |P|. the following nice characterization of the perfect secrecy
can be obtained:
Theorem A cryptosystem in which |P| = |K| = |C| provides perfect secrecy if and only if
every key is used with the same probability and for every wP and every c€C there is a
unique key k such that ek(w) = c.
CRYPTOGRAPHYAND NETWORK
SECURITY
Product Cryptosystem
11.09.2020
PRODUCT CRYPTOSYSTEMS
A cryptosystem S = (P, K, C, e, d) with the sets of plaintexts P, keys K and cryptotexts C
and encryption (decryption) algorithms e (d) is called endomorphic if P = C.
If S1 = (P, K1, P, e(1), d (1)) and S2 = (P, K2, P, e (2), d (2)) are endomorphic cryptosystems,
then the product cryptosystem is
S1  S2 = (P, K1  K2, P, e, d),
where encryption is performed by the procedure
e( k1, k2 )(w) = ek2(ek1(w))
and decryption by the procedure
d( k1, k2 )(c) = dk1(dk2(c)).
Example (Multiplicative cryptosystem):
Encryption: ea(w) = aw mod p; decryption: da(c) = a-1c mod 26.
If M denote the multiplicative cryptosystem, then clearly CAESAR × M is actually the
AFFINE cryptosystem.
Exercise Show that also M  CAESAR is actually the AFFINE cryptosystem.
Two cryptosystems S1 and S2 are called commutative if S1  S2 = S2  S1.
A cryptosystem S is called idempotent if S  S = S.
EXERCISES IV
 For the following pairs plaintext-cryptotext determine which cryptosystem was used:
- COMPUTER - HOWEWVER THE REST UNDERESTIMATES ZANINESS YOUR JUDICIOUS
WISDOM
- SAUNAAND LIFE – RMEMHCZZTCEZTZKKDA
 A spy group received info about the arrival of a new member. Thesecret police succeeded in
learning the message and knew that it wasencrypted using the HILL cryptosystem with a
matrix of degree 2. It also learned that the code ``10 3 11 21 19 5'' stands for the name ofthe
spy and ``24 19 16 19 5 21'', for the city, TANGER, the spy should come from. What is the
name of the spy?
 Decrypt the following cryptotexts. (Not all plaintexts are in English.)
- WFLEUKZFEKZFEJFWTFDGLKZEX
- DANVHEYD SEHHGKIIAJ VQN GNULPKCNWLDEA
- DHAJAHDGAJDI AIAJ AIAJDJEH DHAJAHDGAJDI AIDJ AIBIAJDJDHAJAHDGAJDI AIAJ
DIDGCIBIDH DHAJAHDGAJDI AIAJ DICIDJDH
- KLJPMYHUKV LZALALEAV LZ TBF MHJPS
 Find the largest possible word in Czech language such that its nontrivial encoding by CAESAR
is again a meaningful Czech word.
 Find the longest possible meaningful word in a European language such that some of its non-
trivial encoding by CAESAR is again ameaningful word in a European language (For example:
e3(COLD) = FROG).
EXERCISES IV
 Decrypt the following cryptotext obtained by encryption with an AFFINE
cryptosystem:
KQEREJEBCPPCJCRKIEACUZBKRVPKRBCIBQCARBJCVFCUPKRIOFKPACUZQEPBKR
XPEIIEABDKPBCPFCDCCAFIEABDKPBCPFEQPKAZBKRHAIBKAPCCIBURCCDKDCCJ
CIDFUIXPAFFERBICZDFKABICBBENEFCUPJCVKABPCYDCCDPKBCOCPERKIVKSCPI
CBRKIJPKAI
 Suppose we are told that the plaintext ―FRIDAY'' yields the cryptotext ―PQCFKU''
with a HALL cryptosystem. Determine the encryption matrix.
 Suppose we are told that the plaintext ―BREATHTAKING‖' yieldsthe cryptotext
―RUPOTENTOSUP'' with a HILL cryptosystem. Determine the encryption matrix.
 Decrypt the following cryptotext, obtained using the AUTOKLAVE cryptotext (using
exhaustive search ?)
MALVVMAFBHBUQPTSOXALTGVWWRG
 Design interesting cryptograms in (at least) one of the languages: Czech, French,
Spanish, Chines?
 Show that each permutation cryptosystem is a special case of the HILL cryptosystem.
 How many 2 × 2 matrices are there that are invertible over Zp, where p is a prime.
 Invent your own interesting and quite secure cryptosystem.
CRYPTOGRAPHYAND NETWORK
SECURITY
Cryptanalysis
11.09.2020
CIA
 Confidentiality, Integrity and Availability
 Confidentiality: prevent unauthorized reading of
information
 Integrity: prevent unauthorized writing of
information
 Availability: data is available in a timely manner
when needed
 Availability is a ―new‖ security concern
 Due to denial of service (DoS) threats
Intro
29
CRYPTO
 Cryptology  The art and science of making and breaking
―secret codes‖
 Cryptography  making ―secret codes‖
 Cryptanalysis  breaking ―secret codes‖
 Crypto  all of the above (and more)
Intro
30
HOW TO SPEAK CRYPTO
 A cipher or cryptosystem is used to encrypt the
plaintext
 The result of encryption is ciphertext
 We decrypt ciphertext to recover plaintext
 A key is used to configure a cryptosystem
 A symmetric key cryptosystem uses the same key
to encrypt as to decrypt
 A public key cryptosystem uses a public key to
encrypt and a private key to decrypt
 Private key can be used to sign and public key used to
verify signature (more on this later…)
Intro
31
CRYPTO
 Underlying assumption
 The system is completely known to Trudy
 Only the key is secret
 Also known as Kerckhoffs Principle
 Crypto algorithms are not secret
 Why do we make this assumption?
 Experience has shown that secret algorithms are often
weak when exposed
 Secret algorithms never remain secret
 Better to find weaknesses beforehand
Intro
32
CRYPTO AS A BLACK BOX
 Note Pi is ith ―unit‖ of plaintext
 And Ci is corresponding ciphertext
 ―Unit‖ may be bit, letter, block of bits, etc.
Intro
33
plaintext
key
key
ciphertext
encrypt decrypt
Pi Pi
Ci
plaintext
WHO KNOWS WHAT?
 Trudy knows the ciphertext
 Trudy knows the cipher and how it works
 Trudy might know a little more
 Trudy does not know the key
Intro
34
plaintext
key
key
ciphertext
encrypt decrypt
Pi Pi
Ci
plaintext
Alice Bob
Trudy
TAXONOMY OF CRYPTOGRAPHY
 Symmetric Key
 Same key for encryption as for decryption
 Stream ciphers and block ciphers
 Public Key
 Two keys, one for encryption (public), and one for
decryption (private)
 Digital signatures  nothing comparable in symmetric
key crypto
 Hash algorithms
Intro
35
CRYPTANALYSIS
 This course focused on cryptanalysis
 Trudy wants to recover key or plaintext
 Trudy is not bound by any rules
 For example, Trudy might attack the implementation, not the
algorithm itself
 She might use ―side channel‖ info, etc.
Intro
36
EXHAUSTIVE KEY SEARCH
 How can Trudy attack a cipher?
 She can simply try all possible keys and test
each to see if it is correct
 Exhaustive key search
 To prevent an exhaustive key search, a
cryptosystem must have a large keyspace
 Must be too many keys for Trudy to try them all in
any reasonable amount of time
Intro
37
BEYOND EXHAUSTIVE SEARCH
 A large keyspace is necessary for security
 But a large keyspace is not sufficient
 Shortcut attacks might exist
 We‘ll see many examples of shortcut attacks
 In cryptography we can (almost) never prove that
no shortcut attack exists
 This makes cryptography interesting…
Intro
38
TAXONOMY OF CRYPTANALYSIS
 Ciphertext only — always an option
 Known plaintext — possible in many cases
 Chosen plaintext
 ―Lunchtime attack‖
 Protocols might encrypt chosen text
 Adaptively chosen plaintext
 Related key
 Forward search (public key crypto only)
 ―Rubber hose‖, bribery, etc., etc., etc.
Intro
39
DEFINITION OF SECURE
 A cryptosystem is secure if the best know attack is to try
all possible keys
 Cryptosystem is insecure if any shortcut attack is known
 By this definition, an insecure system might be harder to
break than a secure system!
Intro
40
DEFINITION OF SECURE
 Why do we define secure this way?
 The size of the keyspace is the ―advertised‖
level of security
 If an attack requires less work, then false
advertising
 A cipher must be secure (by our definition) and
have a ―large‖ keyspace
 Too big for an exhaustive key search
Intro
41
THEORETICAL CRYPTANALYSIS
 Suppose that a cipher has a 100 bit key
 Then keyspace is of size 2100
 On average, for exhaustive search Trudy tests 2100/2 = 299
keys
 Suppose Trudy can test 230 keys/second
 Then she can find the key in about 37.4 trillion years
Intro
42
THEORETICAL CRYPTANALYSIS
 Suppose that a cipher has a 100 bit key
 Then keyspace is of size 2100
 Suppose there is a shortcut attack with ―work‖ equal to
testing about 280 keys
 If Trudy can test 230 per second
 Then she finds key in 36 million years
 Better than 37 trillion, but not practical
Intro
43
APPLIED CRYPTANALYSIS
 In this class, we focus on attacks that produce plaintext
 Not interested in attacks that just show a theoretical weakness
in a cipher
 We call this applied cryptanalysis
 Why applied cryptanalysis?
 Because it‘s a lot more fun…
 And it‘s a good place to start
Intro
44
APPLIED CRYPTANALYSIS: OVERVIEW
 Classic (pen and paper) ciphers
 Transposition, substitution, etc.
 Same principles appear in later sections
 World War II ciphers
 Enigma, Purple, Sigaba
 Stream ciphers
 Shift registers, correlation attack, ORYX, RC4, PKZIP
Intro
45
APPLIED CRYPTANALYSIS: OVERVIEW
 Block ciphers
 Hellman‘s TMTO, CMEA, Akelarre, FEAL
 Hash functions
 Nostradamus attack, MD4, MD5
 Public key crypto
 Knapsack, Diffie-Hellman, Arithmetica, RSA, Rabin, NTRU,
ElGamal
 Factoring, discrete log, timing, glitching
Intro
46
WHY STUDY CRYPTOGRAPHY?
 Information security is a big topic
 Crypto, Access control, Protocols, Software
 Real world info security problems abound
 Cryptography is the part of information security
that works best
 Using crypto correctly is important
 The more we make other parts of security
behave like crypto, the better
Intro
47
WHY STUDY CRYPTANALYSIS?
 Study of cryptanalysis gives insight into all
aspects of crypto
 Gain insight into attacker‘s mindset
 ―black hat‖ vs ―white hat‖ mentality
 Cryptanalysis is more fun than cryptography
 Cryptographers are boring
 Cryptanalysts are cool
 But cryptanalysis is hard
Intro
48
QUESTION 1
 Caesar wants to arrange a secret meeting with Antony,
either at the Tiber (the river) or at the Coliseum (the
arena). He sends the cipher text EVIRE. However,
Antony does not know the key, so he tries all
possibilities. Where will he meet Caesar?
QUESTION 2
M F H I/J K
U N O P Q
Z V W X Y
E L A R G
D S T B C
 Using this Playfair matrix
Encrypt the message:
―Must see you over Cadogan West, Coming
at once‖
QUESTION 3
 Decipher the message, YIFZMA using the Hill cipher
with the inverse key.








3
2
13
9
QUESTION 4
 Encrypt the message ―PAY‖ using hill cipher with the
following key matrix and show the decryption to get
original plain text.
17 17 5
21 18 21
2 2 19

More Related Content

What's hot

Topic1 substitution transposition-techniques
Topic1 substitution transposition-techniquesTopic1 substitution transposition-techniques
Topic1 substitution transposition-techniquesMdFazleRabbi18
 
Chapter 1 Introduction of Cryptography and Network security
Chapter 1 Introduction of Cryptography and Network security Chapter 1 Introduction of Cryptography and Network security
Chapter 1 Introduction of Cryptography and Network security Dr. Kapil Gupta
 
Data Encryption Standard (DES)
Data Encryption Standard (DES)Data Encryption Standard (DES)
Data Encryption Standard (DES)Haris Ahmed
 
Symmetric and asymmetric key cryptography
Symmetric and asymmetric key cryptographySymmetric and asymmetric key cryptography
Symmetric and asymmetric key cryptographyMONIRUL ISLAM
 
Transposition cipher techniques
Transposition cipher techniquesTransposition cipher techniques
Transposition cipher techniquesSHUBHA CHATURVEDI
 
Idea(international data encryption algorithm)
Idea(international data encryption algorithm)Idea(international data encryption algorithm)
Idea(international data encryption algorithm)SAurabh PRajapati
 
2. public key cryptography and RSA
2. public key cryptography and RSA2. public key cryptography and RSA
2. public key cryptography and RSADr.Florence Dayana
 
Network security & cryptography full notes
Network security & cryptography full notesNetwork security & cryptography full notes
Network security & cryptography full notesgangadhar9989166446
 
Cs8792 cns - unit iv
Cs8792   cns - unit ivCs8792   cns - unit iv
Cs8792 cns - unit ivArthyR3
 
Classical encryption techniques
Classical encryption techniquesClassical encryption techniques
Classical encryption techniquesramya marichamy
 
Cryptographic Algorithms: DES and RSA
Cryptographic Algorithms: DES and RSACryptographic Algorithms: DES and RSA
Cryptographic Algorithms: DES and RSAaritraranjan
 
Kerberos : An Authentication Application
Kerberos : An Authentication ApplicationKerberos : An Authentication Application
Kerberos : An Authentication ApplicationVidulatiwari
 
Message authentication
Message authenticationMessage authentication
Message authenticationCAS
 

What's hot (20)

Topic1 substitution transposition-techniques
Topic1 substitution transposition-techniquesTopic1 substitution transposition-techniques
Topic1 substitution transposition-techniques
 
Diffiehellman
DiffiehellmanDiffiehellman
Diffiehellman
 
Elliptic curve cryptography
Elliptic curve cryptographyElliptic curve cryptography
Elliptic curve cryptography
 
Chapter 1 Introduction of Cryptography and Network security
Chapter 1 Introduction of Cryptography and Network security Chapter 1 Introduction of Cryptography and Network security
Chapter 1 Introduction of Cryptography and Network security
 
Primality
PrimalityPrimality
Primality
 
Data Encryption Standard (DES)
Data Encryption Standard (DES)Data Encryption Standard (DES)
Data Encryption Standard (DES)
 
Symmetric and asymmetric key cryptography
Symmetric and asymmetric key cryptographySymmetric and asymmetric key cryptography
Symmetric and asymmetric key cryptography
 
Transposition cipher techniques
Transposition cipher techniquesTransposition cipher techniques
Transposition cipher techniques
 
Idea(international data encryption algorithm)
Idea(international data encryption algorithm)Idea(international data encryption algorithm)
Idea(international data encryption algorithm)
 
Kerberos
KerberosKerberos
Kerberos
 
Rsa cryptosystem
Rsa cryptosystemRsa cryptosystem
Rsa cryptosystem
 
2. public key cryptography and RSA
2. public key cryptography and RSA2. public key cryptography and RSA
2. public key cryptography and RSA
 
Network security & cryptography full notes
Network security & cryptography full notesNetwork security & cryptography full notes
Network security & cryptography full notes
 
Cs8792 cns - unit iv
Cs8792   cns - unit ivCs8792   cns - unit iv
Cs8792 cns - unit iv
 
RSA algorithm
RSA algorithmRSA algorithm
RSA algorithm
 
Classical encryption techniques
Classical encryption techniquesClassical encryption techniques
Classical encryption techniques
 
Cryptographic Algorithms: DES and RSA
Cryptographic Algorithms: DES and RSACryptographic Algorithms: DES and RSA
Cryptographic Algorithms: DES and RSA
 
DES
DESDES
DES
 
Kerberos : An Authentication Application
Kerberos : An Authentication ApplicationKerberos : An Authentication Application
Kerberos : An Authentication Application
 
Message authentication
Message authenticationMessage authentication
Message authentication
 

Similar to Cs8792 cns - unit i

9-Steps-Info-Sec-Whitepaper-final.pdf
9-Steps-Info-Sec-Whitepaper-final.pdf9-Steps-Info-Sec-Whitepaper-final.pdf
9-Steps-Info-Sec-Whitepaper-final.pdfSoniaCristina49
 
GDPR challenges for the healthcare sector and the practical steps to compliance
GDPR challenges for the healthcare sector and the practical steps to complianceGDPR challenges for the healthcare sector and the practical steps to compliance
GDPR challenges for the healthcare sector and the practical steps to complianceIT Governance Ltd
 
How Your Nonprofit Can Avoid Data Breaches and Ensure Privacy Part 2
How Your Nonprofit Can Avoid Data Breaches and Ensure Privacy Part 2How Your Nonprofit Can Avoid Data Breaches and Ensure Privacy Part 2
How Your Nonprofit Can Avoid Data Breaches and Ensure Privacy Part 2TechSoup Canada
 
Cybersecurity solution-guide
Cybersecurity solution-guideCybersecurity solution-guide
Cybersecurity solution-guideAdilsonSuende
 
Stockholm Internet Forum 2017: Development of CERTs in the Asia Pacific
Stockholm Internet Forum 2017: Development of CERTs in the Asia PacificStockholm Internet Forum 2017: Development of CERTs in the Asia Pacific
Stockholm Internet Forum 2017: Development of CERTs in the Asia PacificAPNIC
 
Complying with Cybersecurity Regulations for IBM i Servers and Data
Complying with Cybersecurity Regulations for IBM i Servers and DataComplying with Cybersecurity Regulations for IBM i Servers and Data
Complying with Cybersecurity Regulations for IBM i Servers and DataPrecisely
 
GT11_ATT_GuideBk_CyberSecurity_FINAL_V.PDF
GT11_ATT_GuideBk_CyberSecurity_FINAL_V.PDFGT11_ATT_GuideBk_CyberSecurity_FINAL_V.PDF
GT11_ATT_GuideBk_CyberSecurity_FINAL_V.PDFLaurie Mosca-Cocca
 
Fundamentals of-information-security
Fundamentals of-information-security Fundamentals of-information-security
Fundamentals of-information-security madunix
 
Legal and Ethical Implications of Cybersecurity.pptx
Legal and Ethical Implications of Cybersecurity.pptxLegal and Ethical Implications of Cybersecurity.pptx
Legal and Ethical Implications of Cybersecurity.pptxsoulscout02
 
A Brave New World of Cyber Security and Data Breach
A Brave New World of Cyber Security and Data BreachA Brave New World of Cyber Security and Data Breach
A Brave New World of Cyber Security and Data BreachJim Brashear
 
STUCOR_CS8792-LL.pdf
STUCOR_CS8792-LL.pdfSTUCOR_CS8792-LL.pdf
STUCOR_CS8792-LL.pdf503SaranyaS
 
ISACA - China Cybersecurity Law Presentation - Kyle Lai - v3.2
ISACA - China Cybersecurity Law Presentation - Kyle Lai - v3.2ISACA - China Cybersecurity Law Presentation - Kyle Lai - v3.2
ISACA - China Cybersecurity Law Presentation - Kyle Lai - v3.2Kyle Lai
 
How to Build and Implement your Company's Information Security Program
How to Build and Implement your Company's Information Security ProgramHow to Build and Implement your Company's Information Security Program
How to Build and Implement your Company's Information Security ProgramFinancial Poise
 
Data privacy and security in uae
Data privacy and security in uaeData privacy and security in uae
Data privacy and security in uaeRishalHalid1
 
Enabling Science with Trust and Security – Guest Keynote
Enabling Science with Trust and Security – Guest KeynoteEnabling Science with Trust and Security – Guest Keynote
Enabling Science with Trust and Security – Guest KeynoteGlobus
 
The Nigerian Cybersecurity Space-How Regulated Are We?
The Nigerian Cybersecurity Space-How Regulated Are We?The Nigerian Cybersecurity Space-How Regulated Are We?
The Nigerian Cybersecurity Space-How Regulated Are We?Chinatu Uzuegbu
 
Risk Management
Risk ManagementRisk Management
Risk Managementijtsrd
 
Privacy-ready Data Protection Program Implementation
Privacy-ready Data Protection Program ImplementationPrivacy-ready Data Protection Program Implementation
Privacy-ready Data Protection Program ImplementationEryk Budi Pratama
 

Similar to Cs8792 cns - unit i (20)

9-Steps-Info-Sec-Whitepaper-final.pdf
9-Steps-Info-Sec-Whitepaper-final.pdf9-Steps-Info-Sec-Whitepaper-final.pdf
9-Steps-Info-Sec-Whitepaper-final.pdf
 
GDPR challenges for the healthcare sector and the practical steps to compliance
GDPR challenges for the healthcare sector and the practical steps to complianceGDPR challenges for the healthcare sector and the practical steps to compliance
GDPR challenges for the healthcare sector and the practical steps to compliance
 
How Your Nonprofit Can Avoid Data Breaches and Ensure Privacy Part 2
How Your Nonprofit Can Avoid Data Breaches and Ensure Privacy Part 2How Your Nonprofit Can Avoid Data Breaches and Ensure Privacy Part 2
How Your Nonprofit Can Avoid Data Breaches and Ensure Privacy Part 2
 
Cybersecurity solution-guide
Cybersecurity solution-guideCybersecurity solution-guide
Cybersecurity solution-guide
 
Stockholm Internet Forum 2017: Development of CERTs in the Asia Pacific
Stockholm Internet Forum 2017: Development of CERTs in the Asia PacificStockholm Internet Forum 2017: Development of CERTs in the Asia Pacific
Stockholm Internet Forum 2017: Development of CERTs in the Asia Pacific
 
Complying with Cybersecurity Regulations for IBM i Servers and Data
Complying with Cybersecurity Regulations for IBM i Servers and DataComplying with Cybersecurity Regulations for IBM i Servers and Data
Complying with Cybersecurity Regulations for IBM i Servers and Data
 
The general data protection act overview
The general data protection act overviewThe general data protection act overview
The general data protection act overview
 
GT11_ATT_GuideBk_CyberSecurity_FINAL_V.PDF
GT11_ATT_GuideBk_CyberSecurity_FINAL_V.PDFGT11_ATT_GuideBk_CyberSecurity_FINAL_V.PDF
GT11_ATT_GuideBk_CyberSecurity_FINAL_V.PDF
 
Fundamentals of-information-security
Fundamentals of-information-security Fundamentals of-information-security
Fundamentals of-information-security
 
Lecture 8.pdf
Lecture 8.pdfLecture 8.pdf
Lecture 8.pdf
 
Legal and Ethical Implications of Cybersecurity.pptx
Legal and Ethical Implications of Cybersecurity.pptxLegal and Ethical Implications of Cybersecurity.pptx
Legal and Ethical Implications of Cybersecurity.pptx
 
A Brave New World of Cyber Security and Data Breach
A Brave New World of Cyber Security and Data BreachA Brave New World of Cyber Security and Data Breach
A Brave New World of Cyber Security and Data Breach
 
STUCOR_CS8792-LL.pdf
STUCOR_CS8792-LL.pdfSTUCOR_CS8792-LL.pdf
STUCOR_CS8792-LL.pdf
 
ISACA - China Cybersecurity Law Presentation - Kyle Lai - v3.2
ISACA - China Cybersecurity Law Presentation - Kyle Lai - v3.2ISACA - China Cybersecurity Law Presentation - Kyle Lai - v3.2
ISACA - China Cybersecurity Law Presentation - Kyle Lai - v3.2
 
How to Build and Implement your Company's Information Security Program
How to Build and Implement your Company's Information Security ProgramHow to Build and Implement your Company's Information Security Program
How to Build and Implement your Company's Information Security Program
 
Data privacy and security in uae
Data privacy and security in uaeData privacy and security in uae
Data privacy and security in uae
 
Enabling Science with Trust and Security – Guest Keynote
Enabling Science with Trust and Security – Guest KeynoteEnabling Science with Trust and Security – Guest Keynote
Enabling Science with Trust and Security – Guest Keynote
 
The Nigerian Cybersecurity Space-How Regulated Are We?
The Nigerian Cybersecurity Space-How Regulated Are We?The Nigerian Cybersecurity Space-How Regulated Are We?
The Nigerian Cybersecurity Space-How Regulated Are We?
 
Risk Management
Risk ManagementRisk Management
Risk Management
 
Privacy-ready Data Protection Program Implementation
Privacy-ready Data Protection Program ImplementationPrivacy-ready Data Protection Program Implementation
Privacy-ready Data Protection Program Implementation
 

More from ArthyR3

Unit IV Knowledge and Hybrid Recommendation System.pdf
Unit IV Knowledge and Hybrid Recommendation System.pdfUnit IV Knowledge and Hybrid Recommendation System.pdf
Unit IV Knowledge and Hybrid Recommendation System.pdfArthyR3
 
VIT336 – Recommender System - Unit 3.pdf
VIT336 – Recommender System - Unit 3.pdfVIT336 – Recommender System - Unit 3.pdf
VIT336 – Recommender System - Unit 3.pdfArthyR3
 
OOPs - JAVA Quick Reference.pdf
OOPs - JAVA Quick Reference.pdfOOPs - JAVA Quick Reference.pdf
OOPs - JAVA Quick Reference.pdfArthyR3
 
NodeJS and ExpressJS.pdf
NodeJS and ExpressJS.pdfNodeJS and ExpressJS.pdf
NodeJS and ExpressJS.pdfArthyR3
 
MongoDB.pdf
MongoDB.pdfMongoDB.pdf
MongoDB.pdfArthyR3
 
REACTJS.pdf
REACTJS.pdfREACTJS.pdf
REACTJS.pdfArthyR3
 
ANGULARJS.pdf
ANGULARJS.pdfANGULARJS.pdf
ANGULARJS.pdfArthyR3
 
JQUERY.pdf
JQUERY.pdfJQUERY.pdf
JQUERY.pdfArthyR3
 
Qb it1301
Qb   it1301Qb   it1301
Qb it1301ArthyR3
 
CNS - Unit v
CNS - Unit vCNS - Unit v
CNS - Unit vArthyR3
 
Cs8792 cns - unit iv
Cs8792   cns - unit ivCs8792   cns - unit iv
Cs8792 cns - unit ivArthyR3
 
Java quick reference
Java quick referenceJava quick reference
Java quick referenceArthyR3
 
Cryptography Workbook
Cryptography WorkbookCryptography Workbook
Cryptography WorkbookArthyR3
 
Cs6701 cryptography and network security
Cs6701 cryptography and network securityCs6701 cryptography and network security
Cs6701 cryptography and network securityArthyR3
 
Compiler question bank
Compiler question bankCompiler question bank
Compiler question bankArthyR3
 
Compiler gate question key
Compiler gate question keyCompiler gate question key
Compiler gate question keyArthyR3
 
Java conceptual learning material
Java conceptual learning materialJava conceptual learning material
Java conceptual learning materialArthyR3
 
Cyber forensics question bank
Cyber forensics   question bankCyber forensics   question bank
Cyber forensics question bankArthyR3
 
Compiler worksheet
Compiler worksheetCompiler worksheet
Compiler worksheetArthyR3
 

More from ArthyR3 (20)

Unit IV Knowledge and Hybrid Recommendation System.pdf
Unit IV Knowledge and Hybrid Recommendation System.pdfUnit IV Knowledge and Hybrid Recommendation System.pdf
Unit IV Knowledge and Hybrid Recommendation System.pdf
 
VIT336 – Recommender System - Unit 3.pdf
VIT336 – Recommender System - Unit 3.pdfVIT336 – Recommender System - Unit 3.pdf
VIT336 – Recommender System - Unit 3.pdf
 
OOPs - JAVA Quick Reference.pdf
OOPs - JAVA Quick Reference.pdfOOPs - JAVA Quick Reference.pdf
OOPs - JAVA Quick Reference.pdf
 
NodeJS and ExpressJS.pdf
NodeJS and ExpressJS.pdfNodeJS and ExpressJS.pdf
NodeJS and ExpressJS.pdf
 
MongoDB.pdf
MongoDB.pdfMongoDB.pdf
MongoDB.pdf
 
REACTJS.pdf
REACTJS.pdfREACTJS.pdf
REACTJS.pdf
 
ANGULARJS.pdf
ANGULARJS.pdfANGULARJS.pdf
ANGULARJS.pdf
 
JQUERY.pdf
JQUERY.pdfJQUERY.pdf
JQUERY.pdf
 
Qb it1301
Qb   it1301Qb   it1301
Qb it1301
 
CNS - Unit v
CNS - Unit vCNS - Unit v
CNS - Unit v
 
Cs8792 cns - unit iv
Cs8792   cns - unit ivCs8792   cns - unit iv
Cs8792 cns - unit iv
 
Java quick reference
Java quick referenceJava quick reference
Java quick reference
 
Cryptography Workbook
Cryptography WorkbookCryptography Workbook
Cryptography Workbook
 
Cns
CnsCns
Cns
 
Cs6701 cryptography and network security
Cs6701 cryptography and network securityCs6701 cryptography and network security
Cs6701 cryptography and network security
 
Compiler question bank
Compiler question bankCompiler question bank
Compiler question bank
 
Compiler gate question key
Compiler gate question keyCompiler gate question key
Compiler gate question key
 
Java conceptual learning material
Java conceptual learning materialJava conceptual learning material
Java conceptual learning material
 
Cyber forensics question bank
Cyber forensics   question bankCyber forensics   question bank
Cyber forensics question bank
 
Compiler worksheet
Compiler worksheetCompiler worksheet
Compiler worksheet
 

Recently uploaded

Artificial Intelligence in due diligence
Artificial Intelligence in due diligenceArtificial Intelligence in due diligence
Artificial Intelligence in due diligencemahaffeycheryld
 
5G and 6G refer to generations of mobile network technology, each representin...
5G and 6G refer to generations of mobile network technology, each representin...5G and 6G refer to generations of mobile network technology, each representin...
5G and 6G refer to generations of mobile network technology, each representin...archanaece3
 
Passive Air Cooling System and Solar Water Heater.ppt
Passive Air Cooling System and Solar Water Heater.pptPassive Air Cooling System and Solar Water Heater.ppt
Passive Air Cooling System and Solar Water Heater.pptamrabdallah9
 
The Entity-Relationship Model(ER Diagram).pptx
The Entity-Relationship Model(ER Diagram).pptxThe Entity-Relationship Model(ER Diagram).pptx
The Entity-Relationship Model(ER Diagram).pptxMANASINANDKISHORDEOR
 
Augmented Reality (AR) with Augin Software.pptx
Augmented Reality (AR) with Augin Software.pptxAugmented Reality (AR) with Augin Software.pptx
Augmented Reality (AR) with Augin Software.pptxMustafa Ahmed
 
Maher Othman Interior Design Portfolio..
Maher Othman Interior Design Portfolio..Maher Othman Interior Design Portfolio..
Maher Othman Interior Design Portfolio..MaherOthman7
 
Instruct Nirmaana 24-Smart and Lean Construction Through Technology.pdf
Instruct Nirmaana 24-Smart and Lean Construction Through Technology.pdfInstruct Nirmaana 24-Smart and Lean Construction Through Technology.pdf
Instruct Nirmaana 24-Smart and Lean Construction Through Technology.pdfEr.Sonali Nasikkar
 
Software Engineering Practical File Front Pages.pdf
Software Engineering Practical File Front Pages.pdfSoftware Engineering Practical File Front Pages.pdf
Software Engineering Practical File Front Pages.pdfssuser5c9d4b1
 
Intro to Design (for Engineers) at Sydney Uni
Intro to Design (for Engineers) at Sydney UniIntro to Design (for Engineers) at Sydney Uni
Intro to Design (for Engineers) at Sydney UniR. Sosa
 
Circuit Breakers for Engineering Students
Circuit Breakers for Engineering StudentsCircuit Breakers for Engineering Students
Circuit Breakers for Engineering Studentskannan348865
 
Insurance management system project report.pdf
Insurance management system project report.pdfInsurance management system project report.pdf
Insurance management system project report.pdfKamal Acharya
 
Final DBMS Manual (2).pdf final lab manual
Final DBMS Manual (2).pdf final lab manualFinal DBMS Manual (2).pdf final lab manual
Final DBMS Manual (2).pdf final lab manualBalamuruganV28
 
21P35A0312 Internship eccccccReport.docx
21P35A0312 Internship eccccccReport.docx21P35A0312 Internship eccccccReport.docx
21P35A0312 Internship eccccccReport.docxrahulmanepalli02
 
21scheme vtu syllabus of visveraya technological university
21scheme vtu syllabus of visveraya technological university21scheme vtu syllabus of visveraya technological university
21scheme vtu syllabus of visveraya technological universityMohd Saifudeen
 
Independent Solar-Powered Electric Vehicle Charging Station
Independent Solar-Powered Electric Vehicle Charging StationIndependent Solar-Powered Electric Vehicle Charging Station
Independent Solar-Powered Electric Vehicle Charging Stationsiddharthteach18
 
Filters for Electromagnetic Compatibility Applications
Filters for Electromagnetic Compatibility ApplicationsFilters for Electromagnetic Compatibility Applications
Filters for Electromagnetic Compatibility ApplicationsMathias Magdowski
 
electrical installation and maintenance.
electrical installation and maintenance.electrical installation and maintenance.
electrical installation and maintenance.benjamincojr
 
8th International Conference on Soft Computing, Mathematics and Control (SMC ...
8th International Conference on Soft Computing, Mathematics and Control (SMC ...8th International Conference on Soft Computing, Mathematics and Control (SMC ...
8th International Conference on Soft Computing, Mathematics and Control (SMC ...josephjonse
 
Theory of Time 2024 (Universal Theory for Everything)
Theory of Time 2024 (Universal Theory for Everything)Theory of Time 2024 (Universal Theory for Everything)
Theory of Time 2024 (Universal Theory for Everything)Ramkumar k
 
Raashid final report on Embedded Systems
Raashid final report on Embedded SystemsRaashid final report on Embedded Systems
Raashid final report on Embedded SystemsRaashidFaiyazSheikh
 

Recently uploaded (20)

Artificial Intelligence in due diligence
Artificial Intelligence in due diligenceArtificial Intelligence in due diligence
Artificial Intelligence in due diligence
 
5G and 6G refer to generations of mobile network technology, each representin...
5G and 6G refer to generations of mobile network technology, each representin...5G and 6G refer to generations of mobile network technology, each representin...
5G and 6G refer to generations of mobile network technology, each representin...
 
Passive Air Cooling System and Solar Water Heater.ppt
Passive Air Cooling System and Solar Water Heater.pptPassive Air Cooling System and Solar Water Heater.ppt
Passive Air Cooling System and Solar Water Heater.ppt
 
The Entity-Relationship Model(ER Diagram).pptx
The Entity-Relationship Model(ER Diagram).pptxThe Entity-Relationship Model(ER Diagram).pptx
The Entity-Relationship Model(ER Diagram).pptx
 
Augmented Reality (AR) with Augin Software.pptx
Augmented Reality (AR) with Augin Software.pptxAugmented Reality (AR) with Augin Software.pptx
Augmented Reality (AR) with Augin Software.pptx
 
Maher Othman Interior Design Portfolio..
Maher Othman Interior Design Portfolio..Maher Othman Interior Design Portfolio..
Maher Othman Interior Design Portfolio..
 
Instruct Nirmaana 24-Smart and Lean Construction Through Technology.pdf
Instruct Nirmaana 24-Smart and Lean Construction Through Technology.pdfInstruct Nirmaana 24-Smart and Lean Construction Through Technology.pdf
Instruct Nirmaana 24-Smart and Lean Construction Through Technology.pdf
 
Software Engineering Practical File Front Pages.pdf
Software Engineering Practical File Front Pages.pdfSoftware Engineering Practical File Front Pages.pdf
Software Engineering Practical File Front Pages.pdf
 
Intro to Design (for Engineers) at Sydney Uni
Intro to Design (for Engineers) at Sydney UniIntro to Design (for Engineers) at Sydney Uni
Intro to Design (for Engineers) at Sydney Uni
 
Circuit Breakers for Engineering Students
Circuit Breakers for Engineering StudentsCircuit Breakers for Engineering Students
Circuit Breakers for Engineering Students
 
Insurance management system project report.pdf
Insurance management system project report.pdfInsurance management system project report.pdf
Insurance management system project report.pdf
 
Final DBMS Manual (2).pdf final lab manual
Final DBMS Manual (2).pdf final lab manualFinal DBMS Manual (2).pdf final lab manual
Final DBMS Manual (2).pdf final lab manual
 
21P35A0312 Internship eccccccReport.docx
21P35A0312 Internship eccccccReport.docx21P35A0312 Internship eccccccReport.docx
21P35A0312 Internship eccccccReport.docx
 
21scheme vtu syllabus of visveraya technological university
21scheme vtu syllabus of visveraya technological university21scheme vtu syllabus of visveraya technological university
21scheme vtu syllabus of visveraya technological university
 
Independent Solar-Powered Electric Vehicle Charging Station
Independent Solar-Powered Electric Vehicle Charging StationIndependent Solar-Powered Electric Vehicle Charging Station
Independent Solar-Powered Electric Vehicle Charging Station
 
Filters for Electromagnetic Compatibility Applications
Filters for Electromagnetic Compatibility ApplicationsFilters for Electromagnetic Compatibility Applications
Filters for Electromagnetic Compatibility Applications
 
electrical installation and maintenance.
electrical installation and maintenance.electrical installation and maintenance.
electrical installation and maintenance.
 
8th International Conference on Soft Computing, Mathematics and Control (SMC ...
8th International Conference on Soft Computing, Mathematics and Control (SMC ...8th International Conference on Soft Computing, Mathematics and Control (SMC ...
8th International Conference on Soft Computing, Mathematics and Control (SMC ...
 
Theory of Time 2024 (Universal Theory for Everything)
Theory of Time 2024 (Universal Theory for Everything)Theory of Time 2024 (Universal Theory for Everything)
Theory of Time 2024 (Universal Theory for Everything)
 
Raashid final report on Embedded Systems
Raashid final report on Embedded SystemsRaashid final report on Embedded Systems
Raashid final report on Embedded Systems
 

Cs8792 cns - unit i

  • 1. UNIT I Prepared by Dr. R. Arthy, AP/IT Kamaraj College of Engineering and Technology (Autonomous), Madurai. CS8792 - CRYPTOGRAPHY AND NETWORK SECURITY
  • 2. Agenda ⚫ Security trends ⚫ Legal, Ethical and Professional Aspects of Security ⚫ Need for Security at Multiple levels, Security Policies ⚫ Security attacks, services and mechanism ⚫ OSI security architecture ⚫ Model of network security
  • 4. Introduction ⚫ In 1994, the Internet Architecture Board (IAB) issued a report entitled "Security in the Internet Architecture" (RFC 1636). ⚫ Observations - Internet needs more and better security, and it identified key areas for security mechanisms ⚫ Requirements ⚫ Need to secure the network infrastructure from unauthorized monitoring and control of network traffic ⚫ Need to secure end-user-to-end-user traffic using authentication and encryption mechanisms
  • 5. ⚫ Reported by the Computer Emergency Response Team (CERT) Coordination Center (CERT/CC). ⚫ Internet-related vulnerabilities
  • 6.
  • 7. Legal, Ethical, and Professional Issues in Information Security
  • 8. Law and Ethics in Information Security ⚫ Laws ⚫ Rules that mandate or prohibit certain behavior ⚫ Drawn from ethics ⚫ Ethics ⚫ Define socially acceptable behaviors ⚫ Key difference ⚫ Laws carry the authority of a governing body ⚫ Ethics do not carry the authority of a governing body ⚫ Based on cultural mores ⚫ Fixed moral attitudes or customs ⚫ Some ethics standards are universal
  • 9. Organizational Liability and the Need for Counsel ⚫ Liability ⚫ Legal obligation of organization ⚫ Extends beyond criminal or contract law ⚫ Include legal obligation to restitution ⚫ Employee acting with or without the authorization performs and illegal or unethical act that causes some degree of harm ⚫ Employer can be held financially liable ⚫ Due care ⚫ Organization makes sure that every employee knows what is acceptable or unacceptable ⚫ Knows the consequences of illegal or unethical actions
  • 10. Organizational Liability and the Need for Counsel ⚫ Due diligence ⚫ Requires ⚫ Make a valid effort to protect others ⚫ Maintains the effort ⚫ Jurisdiction ⚫ Court’s right to hear a case if a wrong is committed ⚫ Term – long arm ⚫ Extends across the country or around the world
  • 11. Policy Versus law ⚫ Policies ⚫ Guidelines that describe acceptable and unacceptable employee behaviors ⚫ Functions as organizational laws ⚫ Has penalties, judicial practices, and sanctions ⚫ Difference between policy and law ⚫ Ignorance of policy is acceptable ⚫ Ignorance of law is unacceptable ⚫ Keys for a policy to be enforceable ⚫ Dissemination ⚫ Review ⚫ Comprehension ⚫ Compliance ⚫ Uniform enforcement
  • 12. Types of Law ⚫ Civil – govern a nation or state ⚫ Criminal – addresses activities and conduct harmful to public ⚫ Private – encompasses family, commercial, labor, and regulates the relationship between individuals and organizations ⚫ Public – regulates the structure and administration of government agencies and their relationships with citizens, employees, and other governments
  • 13. International Laws and Legal Bodies ⚫ Organizations do business on the Internet – they do business globally ⚫ Professionals must be sensitive to the laws and ethical values of many different cultures, societies, and countries ⚫ Few international laws relating to privacy and informational security ⚫ International laws are limited in their enforceablity
  • 14. Council of Europe Convention on Cybercrime ⚫ International task force ⚫ Designed to oversee range of security functions ⚫ Designed to standardized technology laws across international borders ⚫ Attempts to improve the effectiveness of international investigations into breaches of technology law ⚫ Concern raised by those concerned with freedom of speech and civil liberties ⚫ Overall goal ⚫ Simplify the acquisition of information for law enforcement agencies in certain types of international crimes
  • 15. Agreement on Trade-Related Aspects of Intellectual Property Rights ⚫ Created by the World Trade Organization ⚫ Introduced intellectual property rules into the multilateral trade system ⚫ First significant international effort to protect intellectual property rights
  • 16. Agreement on Trade-Related Aspects of Intellectual Property Rights ⚫ Covers five issues ⚫ How basic principles of the trading system and other international intellectual property agreements should be applied ⚫ How to give adequate protection to intellectual property rights ⚫ How countries should enforce those rights adequately in their own territories ⚫ How to settle disputes on intellectual property between members of the WTO ⚫ Special transitional arrangements during the period when the new system is being introduced
  • 17. Digital Millennium Copyright Act ⚫ American contribution to WTO ⚫ Plan to reduce the impact of copyright, trademark, and privacy infringement ⚫ United Kingdom has implemented a version ⚫ Database Right
  • 18. Major IT Professional Organizations ⚫ Association of Computing Machinery ⚫ “World’s first educational and scientific computing society” ⚫ Strongly promotes education ⚫ Provides discounts for student members ⚫ International Information Systems Security Certification Consortium, Inc. (ISC)2 ⚫ Nonprofit organization ⚫ Focuses on the development and implementation of information security certifications and credentials ⚫ Manages a body of knowledge on information security ⚫ Administers and evaluated examinations for information security certifications
  • 19. Major IT Professional Organizations ⚫ Information Systems Audit and Control Association ⚫ Focuses on auditing, control, and security ⚫ Membership includes technical and managerial professionals ⚫ Does not focus exclusively on information security ⚫ Has many information security components ⚫ Information Systems Security Associations (ISSA) ⚫ Nonprofit society of information security professionals ⚫ Mission – bring together qualified information security practioners ⚫ Information exchange ⚫ Education development ⚫ Focus – “promoting management practices that will ensure the confidentiality, integrity, and availability of organizational information resources”
  • 20. Major IT Professional Organizations ⚫ Systems Administration, Networking, and Security Institute (SANS) ⚫ Professional research and education cooperative ⚫ Current membership > 156,000 ⚫ Security professionals ⚫ Auditors ⚫ System administrators ⚫ Network administrators ⚫ Offers set of certifications
  • 21. Federal Agencies ⚫ Department of Homeland Security ⚫ Five directorates or divisions ⚫ Mission – protecting the people as well as the physical and informational assets of the United States ⚫ Directorate of Information and Infrastructure ⚫ Creates and enhances resources used to discover and responds to attacks on national information systems and critical infrastructure ⚫ Directorate of Science and Technology ⚫ Research and development activities in support of homeland defense ⚫ Examination of vulnerabilities ⚫ Sponsors emerging best practices
  • 22. Federal Agencies ⚫ National InfraGard Program ⚫ Each FBI office establishes a chapter ⚫ Collaborates with public and private organizations and academia ⚫ Serves members in 4 ways ⚫ Maintains an intrusion alert network using encrypted e-mail ⚫ Maintains a secure Web site for communication about suspicious activity or intrusions ⚫ Sponsors local chapter activities ⚫ Operates a help desk for questions ⚫ Contribution – free exchange of information to and from the private sector in the areas of threats and attacks on information resources
  • 23. Federal Agencies ⚫ National Security Agency (NSA) “the nation’s cryptologic organization. It coordinates, directs, and performs highly specialized activities to protect U.S. information systems and produce foreign intelligence information… It is also one of the most important centers of foreign language analysis and research within the Government.” ⚫ U. S. Secret Service ⚫ Located in Department of the Treasury ⚫ Charged with the detection and arrest of any person committing a United States federal offense relating to computer fraud and false identification crimes.
  • 25. Services, Mechanisms, Attacks ⚫ need systematic way to define requirements ⚫ consider three aspects of information security: ⚫ security attack ⚫ security mechanism ⚫ security service ⚫ consider in reverse order
  • 26. Security Service ⚫ is something that enhances the security of the data processing systems and the information transfers of an organization ⚫ intended to counter security attacks ⚫ make use of one or more security mechanisms to provide the service ⚫ replicate functions normally associated with physical documents ⚫ eg. have signatures, dates; need protection from disclosure, tampering, or destruction; be notarized or witnessed; be recorded or licensed
  • 27. Security Mechanism ⚫ a mechanism that is designed to detect, prevent, or recover from a security attack ⚫ no single mechanism that will support all functions required ⚫ however one particular element underlies many of the security mechanisms in use: cryptographic techniques ⚫ hence our focus on this area
  • 28. Security Attack ⚫ any action that compromises the security of information owned by an organization ⚫ information security is about how to prevent attacks, or failing that, to detect attacks on information-based systems ⚫ have a wide range of attacks ⚫ can focus of generic types of attacks ⚫ note: often threat & attack mean same
  • 29. OSI Security Architecture ⚫ ITU-T X.800 Security Architecture for OSI ⚫ defines a systematic way of defining and providing security requirements ⚫ for us it provides a useful, if abstract, overview of concepts we will study
  • 30. Security Services ⚫ X.800 defines it as: a service provided by a protocol layer of communicating open systems, which ensures adequate security of the systems or of data transfers ⚫ RFC 2828 defines it as: a processing or communication service provided by a system to give a specific kind of protection to system resources ⚫ X.800 defines it in 5 major categories
  • 31. Security Services (X.800) ⚫ Authentication - assurance that the communicating entity is the one claimed ⚫ Peer entity and Data origin authentication ⚫ Access Control - prevention of the unauthorized use of a resource ⚫ Data Confidentiality –protection of data from unauthorized disclosure ⚫ Connection, Connectionless, Selective Field and Traffic flow ⚫ Data Integrity - assurance that data received is as sent by an authorized entity ⚫ Connection integrity with recovery, Connection integrity without recovery, Connectionless integrity, Selective field connection integrity, Selective field connectionless integrity ⚫ Non-Repudiation - protection against denial by one of the parties in a communication ⚫ Origin and destination
  • 32. Security Mechanisms (X.800) ⚫ specific security mechanisms: ⚫ encipherment, digital signatures, access controls, data integrity, authentication exchange, traffic padding, routing control, notarization ⚫ pervasive security mechanisms: ⚫ trusted functionality, security labels, event detection, security audit trails, security recovery
  • 33. Relation between Security Services and Mechanisms
  • 35.
  • 36. Classify Security Attacks as ⚫ passive attacks - eavesdropping on, or monitoring of, transmissions to: ⚫ obtain message contents, or ⚫ monitor traffic flows ⚫ active attacks – modification of data stream to: ⚫ masquerade of one entity as some other ⚫ replay previous messages ⚫ modify messages in transit ⚫ denial of service
  • 37. Model for Network Security
  • 38. Model for Network Security ⚫ using this model requires us to: ⚫ design a suitable algorithm for the security transformation ⚫ generate the secret information (keys) used by the algorithm ⚫ develop methods to distribute and share the secret information ⚫ specify a protocol enabling the principals to use the transformation and secret information for a security service
  • 39. Model for Network Access Security
  • 41. Algorithms  Substitution  Caesar Cipher  Shift Cipher  Playfair Cipher  Vigenere Cipher  Auto Key Cipher  One Time Pad  Hill Cipher  Affine Cipher  Transposition  Rail Fence  Row Columnar Transposition
  • 42. Algorithms  Substitution  Caesar Cipher  Shift Cipher  Playfair Cipher  Vigenere Cipher  Auto Key Cipher  One Time Pad  Hill Cipher  Affine Cipher  Transposition  Rail Fence  Row Columnar Transposition
  • 43. Brute Force Attack in Shift Cipher Step 1: Hacking
  • 44. [contd…]  Step 2: Try with possible keys  Example UNQC FQFUHI BUQAUT QJ QXQ.SEC 1 UNQC FQFUHI BUQAUT QJ QXQ.SEC 2 TMPB EPETGH ATPZTS PI PWP.RDB 3 SLOA DODSFG ZSOYSR OH OVO.QCA 4 RKNZ CNCREF YRNXRQ NG NUN.PBZ 5 QJMY BMBQDE XQMWQP MF MTM.OAY 6 PILX ALAPCD WPLVPO LE LSL.NZX 7 OHKW ZKZOBC VOKUON KD KRK.MYW 8 NGJV YJYNAB UNJTNM JC JQJ.LXV 9 MFIU XIXMZA TMISML IB IPI.KWU 10 LEHT WHWLYZ SLHRLK HA HOH.JVT 11 KDGS VGVKXY RKGQKJ GZ GNG.IUS 12 JCFR UFUJWX QJFPJI FY FMF.HTR 13 IBEQ TETIVW PIEOIH EX ELE.GSQ 14 HADP SDSHUV OHDNHG DW DKD.FRP 15 GZCO RCRGTU NGCMGF CV CJC.EQO 16 FYBN QBQFST MFBLFE BU BIB.DPN 17 EXAM PAPERS LEAKED AT AHA.COM 18 DWZL OZODQR KDZJDC ZS ZGZ.BNL 19 CVYK NYNCPQ JCYICB YR YFY.AMK 20 BUXJ MXMBOP IBXHBA XQ XEX.ZLJ 21 ATWI LWLANO HAWGAZ WP WDW.YKI 22 ZSVH KVKZMN GZVFZY VO VCV.XJH 23 YRUG JUJYLM FYUEYX UN UBU.WIG 24 XQTF ITIXKL EXTDXW TM TAT.VHF 25 WPSE HSHWJK DWSCWV SL SZS.UGE
  • 45. Algorithms  Substitution  Caesar Cipher  Shift Cipher  Playfair Cipher  Vigenere Cipher  Auto Key Cipher  One Time Pad  Hill Cipher  Affine Cipher  Transposition  Rail Fence  Row Columnar Transposition
  • 46. Advantage  It is significantly harder to break since the frequency analysis technique used to break simple substitution ciphers is difficult but still can be used on (25*25) = 625 digraphs rather than 25 monographs which is difficult.  Frequency analysis thus requires more cipher text to crack the encryption.
  • 47. Disadvantage  An interesting weakness is the fact that a digraph in the ciphertext (AB) and it’s reverse (BA) will have corresponding plaintexts like UR and RU. That can easily be exploited with the aid of frequency analysis, if the language of the plaintext is known.  Another disadvantage is that playfair cipher is a symmetric cipher thus same key is used for both encryption and decryption.
  • 48. Algorithms  Substitution  Caesar Cipher  Shift Cipher  Playfair Cipher  Vigenere Cipher  Auto Key Cipher  One Time Pad  Hill Cipher  Affine Cipher  Transposition  Rail Fence  Row Columnar Transposition
  • 49. Introduction  The encryption of the original text is done using the Vigenère square or Vigenère table.  The Vigenère table uses a 26×26 matrix with A to Z as the row heading and column heading  The Vigenère cipher is an example of a polyalphabetic substitution cipher.  A polyalphabetic substitution cipher is similar to a monoalphabetic substitution except that the cipher alphabet is changed periodically while enciphering the message.
  • 50. Vigenère Cipher  Encryption  The plaintext(P) and key(K) are added modulo 26.  Ci = (Pi + Ki) mod 26  Decryption  Pi = (Ci - Ki + 26) mod 26
  • 52. Example - Encryption  Plain Text – a simple example  Key – crypto a s i m p l e e x a m p l e c r y p t o c r y p t o c r C J G B I Z G V V P F D N V Plain Text (P) Key (K) Cipher Text (C)
  • 53. [contd…]  Plain Text – a simple example  Key – crypto a s i m p l e e x a m p l e c r y p t o c r y p t o c r 0 18 8 12 15 11 4 4 23 0 12 15 11 4 2 17 24 15 19 14 2 17 24 15 19 14 2 17 2 9 6 1 8 25 6 21 21 15 5 3 13 21 C J G B I Z G V V P F D N V Plain Text (P) Cipher Text (C) Plain Text (Pi) Key (Ki) Cipher Text (Ci) Key (K)
  • 55. Example  Cipher Text – CJGBIZGVVPFDNV  Key – crypto C J G B I Z G V V P F D N V c r y p t o c r y p t o c r a s i m p l e e x a m p l e Plain Text (P) Key (K) Cipher Text (C)
  • 56. [contd…]  Cipher Text – CJGBIZGVVPFDNV  Key – crypto C J G B I Z G V V P F D N V c r y p t o c r y p t o c r 2 9 6 1 8 25 6 21 21 15 5 3 13 21 2 17 24 15 19 14 2 17 24 15 19 14 2 17 0 18 8 12 15 11 4 4 23 0 12 15 11 4 a s i m p l e e x a m p l e Plain Text (P) Cipher Text (C) Plain Text (Pi) Key (Ki) Cipher Text (Ci) Key (K)
  • 57. Algorithms  Substitution  Caesar Cipher  Shift Cipher  Playfair Cipher  Vigenere Cipher  Auto Key Cipher  One Time Pad  Hill Cipher  Affine Cipher  Transposition  Rail Fence  Row Columnar Transposition
  • 58. Introduction  Autokey Cipher is a polyalphabetic substitution cipher.  It is closely related to the Vigenere cipher but uses a different method of generating the key.
  • 59. Auto Key Cipher  Encryption  The plaintext(P) and key(K) are added modulo 26.  Ci = (Pi + Ki) mod 26  Decryption  Pi = (Ci - Ki + 26) mod 26
  • 60. Example - Encryption  Plain Text – a simple example  Key – crypto a s i m p l e e x a m p l e c r y p t o a s i m p l e e C J G B I Z E W F M B A P I Plain Text (P) Key (K) Cipher Text (C)
  • 61. [contd…]  Plain Text – a simple example  Key – crypto a s i m p l e e x a m p l e c r y p t o a s i m p l e e 0 18 8 12 15 11 4 4 23 0 12 15 11 4 2 17 24 15 19 14 0 18 8 12 15 11 4 4 2 9 6 1 8 25 4 22 5 12 1 0 15 8 C J G B I Z E W F M B A P I Plain Text (P) Cipher Text (C) Plain Text (Pi) Key (Ki) Cipher Text (Ci) Key (K)
  • 63. Example  Cipher Text – CJGBIZEWFMBAPI  Key – crypto C J G B I Z E W F M B A P I c r y p t o a s i m p l e e a s i m p l e e x a m p l e Plain Text (P) Key (K) Cipher Text (C)
  • 64. [contd…]  Cipher Text – CJGBIZEWFMBAPI  Key – crypto C J G B I Z E W F M B A P I c r y p t o a s i m p l e e 2 9 6 1 8 25 4 22 5 12 1 0 15 8 2 17 24 15 19 14 0 18 8 12 15 11 4 4 0 18 8 12 15 11 4 4 23 0 12 15 11 4 a s i m p l e e x a m p l e Plain Text (P) Cipher Text (C) Plain Text (Pi) Key (Ki) Cipher Text (Ci) Key (K)
  • 65. Algorithms  Substitution  Caesar Cipher  Shift Cipher  Playfair Cipher  Vigenere Cipher  Auto Key Cipher  One Time Pad  Hill Cipher  Affine Cipher  Transposition  Rail Fence  Row Columnar Transposition
  • 66. Introduction  One-time pad cipher is a type of Vignere cipher which includes the following features −  It is an unbreakable cipher.  The key is exactly same as the length of message which is encrypted.  The key is made up of random symbols.  As the name suggests, key is used one time only and never used again for any other message to be encrypted.
  • 67. Why is it Unbreakable?  The key is unbreakable owing to the following features  The key is as long as the given message.  The key is truly random and specially auto-generated.  Each key should be used once and destroyed by both sender and receiver.  There should be two copies of key: one with the sender and other with the receiver.
  • 68. Algorithms  Substitution  Caesar Cipher  Shift Cipher  Playfair Cipher  Vigenere Cipher  Auto Key Cipher  One Time Pad  Hill Cipher  Affine Cipher  Transposition  Rail Fence  Row Columnar Transposition
  • 69. Introduction  In a transposition cipher, the order of the alphabets is re-arranged to obtain the cipher-text.  A simple form of Rail Fence  Plain Text – defend the east wall  Key - 2
  • 70. Encryption  In the rail fence cipher, the plain-text is written downwards and diagonally on successive rails of an imaginary fence.  When we reach the bottom rail, we traverse upwards moving diagonally, after reaching the top rail, the direction is changed again. Thus the alphabets of the message are written in a zig-zag manner.  After each alphabet has been written, the individual rows are combined to obtain the cipher-text.
  • 71. Example  Plain Text – defend the east wall  Key – 3  Cipher Text - DNETLEEDHESWLXFTAAX
  • 72. Decryption  Size of the Matrix = key * length(cipher text)  Once we’ve got the matrix we can figure-out the spots where texts should be placed (using the same way of moving diagonally up and down alternatively ).  Then, we fill the cipher-text row wise. After filling it, we traverse the matrix in zig-zag manner to obtain the original text.
  • 73. Example  Cipher Text – DNETLEEDHESWLXFTAAX  Key – 3  Size of the matrix = key * length(cipher text) = 3 * 19 * * * * * * * * * * * * * * * * * * * D N E T L * * * * * * * * * * * * * *
  • 74. [contd…] D N E T L E E D H E S W L X * * * * * D N E T L E E D H E S W L X F T A A X Plain Text – defend the east wall
  • 75. Algorithms  Substitution  Caesar Cipher  Shift Cipher  Playfair Cipher  Vigenere Cipher  Auto Key Cipher  One Time Pad  Hill Cipher  Affine Cipher  Transposition  Rail Fence  Row Columnar Transposition
  • 76. Introduction  The Columnar Transposition Cipher is a form of transposition cipher just like Rail Fence Cipher.  Columnar Transposition involves writing the plaintext out in rows, and then reading the ciphertext off in columns one by one. Plain Text - "a simple transposition" Cipher Text "ALNISESTITPIMROOPASN"
  • 77. Encryption  The message is written out in rows of a fixed length, and then read out again column by column, and the columns are chosen in some scrambled order.  Width of the rows and the permutation of the columns are usually defined by a keyword.  For example, the word HACK is of length 4 (so the rows are of length 4), and the permutation is defined by the alphabetical order of the letters in the keyword. In this case, the order would be “3 1 2 4”.  Any spare spaces are filled with nulls or left blank or placed by a character (Example: _).  Finally, the message is read off in columns, in the order specified by the keyword.
  • 78. Example  Plain Text - "The tomato is a plant in the nightshade family“  Keyword - tomato  Cipher Text - "TINESAXEOAHTFXHT LTHEYMAIIAIXTA PNGDLOSTNHMX".
  • 79. Decryption  To decipher it, the recipient has to work out the column lengths by dividing the message length by the key length.  Then, write the message out in columns again, then re- order the columns by reforming the key word.
  • 80. Example  Cipher Text - "TINESAXEOAHTFXHTLTHEYMAIIAIXTA PNGDLOSTNHMX".  Keyword - tomato  Number of rows = length(cipher text)/length(keyword) = 42 / 6 = 7
  • 81. [contd…] T O M A T O 5 3 2 1 6 4 T O M A T O 5 3 2 1 6 4 T I N E S A X
  • 82. [contd…] T O M A T O 5 3 2 1 6 4 E T O I A N H E T S F A X X T O M A T O 5 3 2 1 6 4 H E T T O I L A N T H E H T S E F A Y X X
  • 83. [contd…] T O M A T O 5 3 2 1 6 4 H E T M T O I A L A N I T H E I H T S A E F A I Y X X X T O M A T O 5 3 2 1 6 4 T H E T M A T O I A P L A N I N T H E I G H T S A D E F A I L Y X X X
  • 84. [contd…] T O M A T O 5 3 2 1 6 4 T H E T O M A T O I S A P L A N T I N T H E N I G H T S H A D E F A M I L Y X X X X  Plain Text - "The tomato is a plant in the nightshade family“
  • 86. Algorithms  Substitution  Caesar Cipher  Shift Cipher  Playfair Cipher  Vigenere Cipher  Auto Key Cipher  One Time Pad  Hill Cipher  Affine Cipher  Transposition  Rail Fence  Row Columnar Transposition
  • 87. Introduction  In a transposition cipher, the order of the alphabets is re-arranged to obtain the cipher-text.  A simple form of Rail Fence  Plain Text – defend the east wall  Key - 2
  • 88. Encryption  In the rail fence cipher, the plain-text is written downwards and diagonally on successive rails of an imaginary fence.  When we reach the bottom rail, we traverse upwards moving diagonally, after reaching the top rail, the direction is changed again. Thus the alphabets of the message are written in a zig-zag manner.  After each alphabet has been written, the individual rows are combined to obtain the cipher-text.
  • 89. Example  Plain Text – defend the east wall  Key – 3  Cipher Text - DNETLEEDHESWLXFTAAX
  • 90. Decryption  Size of the Matrix = key * length(cipher text)  Once we’ve got the matrix we can figure-out the spots where texts should be placed (using the same way of moving diagonally up and down alternatively ).  Then, we fill the cipher-text row wise. After filling it, we traverse the matrix in zig-zag manner to obtain the original text.
  • 91. Example  Cipher Text – DNETLEEDHESWLXFTAAX  Key – 3  Size of the matrix = key * length(cipher text) = 3 * 19 * * * * * * * * * * * * * * * * * * * D N E T L * * * * * * * * * * * * * *
  • 92. [contd…] D N E T L E E D H E S W L X * * * * * D N E T L E E D H E S W L X F T A A X Plain Text – defend the east wall
  • 93. Algorithms  Substitution  Caesar Cipher  Shift Cipher  Playfair Cipher  Vigenere Cipher  Auto Key Cipher  One Time Pad  Hill Cipher  Affine Cipher  Transposition  Rail Fence  Row Columnar Transposition
  • 94. Introduction  The Columnar Transposition Cipher is a form of transposition cipher just like Rail Fence Cipher.  Columnar Transposition involves writing the plaintext out in rows, and then reading the ciphertext off in columns one by one. Plain Text - "a simple transposition" Cipher Text "ALNISESTITPIMROOPASN"
  • 95. Encryption  The message is written out in rows of a fixed length, and then read out again column by column, and the columns are chosen in some scrambled order.  Width of the rows and the permutation of the columns are usually defined by a keyword.  For example, the word HACK is of length 4 (so the rows are of length 4), and the permutation is defined by the alphabetical order of the letters in the keyword. In this case, the order would be “3 1 2 4”.  Any spare spaces are filled with nulls or left blank or placed by a character (Example: _).  Finally, the message is read off in columns, in the order specified by the keyword.
  • 96. Example  Plain Text - "The tomato is a plant in the nightshade family“  Keyword - tomato  Cipher Text - "TINESAXEOAHTFXHT LTHEYMAIIAIXTA PNGDLOSTNHMX".
  • 97. Decryption  To decipher it, the recipient has to work out the column lengths by dividing the message length by the key length.  Then, write the message out in columns again, then re- order the columns by reforming the key word.
  • 98. Example  Cipher Text - "TINESAXEOAHTFXHTLTHEYMAIIAIXTA PNGDLOSTNHMX".  Keyword - tomato  Number of rows = length(cipher text)/length(keyword) = 42 / 6 = 7
  • 99. [contd…] T O M A T O 5 3 2 1 6 4 T O M A T O 5 3 2 1 6 4 T I N E S A X
  • 100. [contd…] T O M A T O 5 3 2 1 6 4 E T O I A N H E T S F A X X T O M A T O 5 3 2 1 6 4 H E T T O I L A N T H E H T S E F A Y X X
  • 101. [contd…] T O M A T O 5 3 2 1 6 4 H E T M T O I A L A N I T H E I H T S A E F A I Y X X X T O M A T O 5 3 2 1 6 4 T H E T M A T O I A P L A N I N T H E I G H T S A D E F A I L Y X X X
  • 102. [contd…] T O M A T O 5 3 2 1 6 4 T H E T O M A T O I S A P L A N T I N T H E N I G H T S H A D E F A M I L Y X X X X  Plain Text - "The tomato is a plant in the nightshade family“
  • 103. Algorithms  Substitution  Caesar Cipher  Shift Cipher  Playfair Cipher  Vigenere Cipher  Auto Key Cipher  One Time Pad  Hill Cipher  Affine Cipher  Transposition  Rail Fence  Row Columnar Transposition
  • 104. Affine Cipher  The Affine Cipher is another example of a Monoalphabetic Substitution cipher.  Encryption C = (aP + b) mod 26 where a and b are the key for the cipher.  Decryption P = a-1(C - b) mod 26 a x a-1 = 1 mod 26
  • 105. Example - Encryption Plain text c o o l 2 14 14 11 5P + 8 18 78 78 63 (5P + 8)mod 26 18 0 0 11 Cipher text S A A L Plain Text – cool a = 5 b = 8
  • 106. Example - Decryption Cipher text S A A L 18 0 0 11 C – 8 10 -8 -8 3 21(C – 8) 210 -168 -168 63 21(C – 8) mod 26 2 14 14 11 Plain text c o o l Cipher Text – SAAL a = 5 b = 8 To find a-1 a x a-1 = 1 mod 26 5 x a-1 = 1 mod 26 5 x 21 = 1 mod 26
  • 107. Tryout  Encipher “affine” if the encipherment function is E(x) = (5x + 8) MOD 26.  Decipher HPCCXAQ if the encipherment function is E(x) = (5x + 8) MOD 26.
  • 109. INTRODUCTION  Playfair cipher was the first practical digraph substitution cipher.  The scheme was invented in 1854 by Charles Wheatstone but was named after Lord Playfair who promoted the use of the cipher.  It was used in World War I and II.  Encryption Steps: Step 1: Key Generation Step 2: Encryption Process
  • 110. STEP 1: KEY GENERATION  Key Size: 5 X 5  Key representation: matrix  I and J occupies same place.  Example: Key – “MONARCHY”
  • 111. STEP 2: ENCRYPTION PROCESS  Pair the given plain text. If the pair contains same letter then insert least frequently occurring letter and repair it. Rule 1: If both the letters are in the same column: Take the letter below each one (going back to the top if at the bottom). Example Diagraph: "me" Encrypted Text: cl Encryption: m  c e  l
  • 112. [CONTD… Rule 2: If both the letters are in the same row: Take the letter to the right of each one (going back to the leftmost if at the rightmost position). Example: Diagraph: "st" Encrypted Text: tl Encryption: s  t t  l
  • 113. [CONTD…] Step 3: If neither of the above rules is true: Form a rectangle with the two letters and take the letters on the horizontal opposite corner of the rectangle. Example: Diagraph: "nt" Encrypted Text: rq Encryption: n  r t  q
  • 114. DECRYPTION PROCESS  Reverse of Encryption process
  • 115. ADVANTAGE  It is significantly harder to break since the frequency analysis technique used to break simple substitution ciphers is difficult but still can be used on (25*25) = 625 digraphs rather than 25 monographs which is difficult.  Frequency analysis thus requires more cipher text to crack the encryption.
  • 116. DISADVANTAGE  An interesting weakness is the fact that a digraph in the ciphertext (AB) and it’s reverse (BA) will have corresponding plaintexts like UR and RU. That can easily be exploited with the aid of frequency analysis, if the language of the plaintext is known.  Another disadvantage is that playfair cipher is a symmetric cipher thus same key is used for both encryption and decryption.
  • 117. TRY OUT  Use Playfair cipher to encrypt the Plain Text – “cryptography” using Key – “secret”.  Find the plain text give cipher text as “GQRMCGTKXEWVPNLX” with the key as “world”.
  • 119. INTRODUCTION  The Hill Cipher was invented by Lester S. Hill in 1929.  It is a polygraphic substitution cipher.  The Hill Cipher uses an area of mathematics called Linear Algebra.  in particular requires the user to have an elementary understanding of matrices.  It also make use of Modulo Arithmetic  Inputs : String of English letters, A,B,…,Z.  An nn matrix K, with entries drawn from 0,1,…,25. (The matrix K serves as the secret key. )  Divide the input string into blocks of size n.
  • 120. FORMULA Encryption  C = PK mod 26 Decryption  P = K-1C mod 26
  • 121. ENCRYPTION – 2 X 2 Let us consider the plaintext as – xyzsdfgh Let us consider the key as – Encryption Steps: 1. Grouping – Size of the group is 2 since the key matrix size is 2 {xy, zs, df, gh} 2. Perform encryption using the encryption formula. Hence,
  • 122. ENCRYPTION – 3 X 3 Let us consider the plaintext as – xyzsdfghs Let us consider the key as – Encryption Steps: 1. Grouping – Size of the group is 3 since the key matrix size is 3 {xyz, sdf, ghs} 2. Perform encryption using the encryption formula. Hence,
  • 123. DECRYPTION – 2 X 2 Let us consider the key as – Steps to find K-1: 1. Find the Multiplicative Inverse of the Determinant 2. Find the Adjugate Matrix 3. Multiply the Multiplicative Inverse of the Determinant by the Adjugate Matrix
  • 124. DECRYPTION – 3 X 3 Let us consider the key as – Steps to find K-1: 1. Find the Multiplicative Inverse of the Determinant
  • 125. DECRYPTION – 3 X 3 2. Find the Adjugate Matrix 3. Multiply the Multiplicative Inverse of the Determinant by the Adjugate Matrix
  • 126. CRYPTOGRAPHYAND NETWORK SECURITY Foundations of Modern Cryptography 11.09.2020
  • 127. INTRODUCTION  Modern cryptography is the cornerstone of computer and communications security.  Its foundation is based on various concepts of mathematics such as number theory, computational- complexity theory, and probability theory.
  • 128. CHARACTERISTICS OF MODERN CRYPTOGRAPHY Classic Cryptography Modern Cryptography It manipulates traditional characters, i.e., letters and digits directly. It operates on binary bit sequences. It is mainly based on ‗security through obscurity‘. The techniques employed for coding were kept secret and only the parties involved in communication knew about them. It relies on publicly known mathematical algorithms for coding the information. Secrecy is obtained through a secrete key which is used as the seed for the algorithms. The computational difficulty of algorithms, absence of secret key, etc., make it impossible for an attacker to obtain the original information even if he knows the algorithm used for coding. It requires the entire cryptosystem for communicating confidentially. Modern cryptography requires parties interested in secure communication to possess the secret key only.
  • 130. PRIVACY  Alice wants to send a message to Bob without an adversary Eve figuring out the message.
  • 131. INTEGRITY AND AUTHENTICITY  Bob wants to make sure that the message that he received from Alice is indeed sent by her and not modified during transit.
  • 132. PERFECT WORLD  There is a super-strong pipe between Alice and Bob.  Both privacy and authenticity goals are met.
  • 133. REAL WORLD  The channel between Alice and Bob is public.  Assume that Alice and Bob share some secret K.  Alice encodes her message M using a public encryption algorithm E and K. We write C = EK(M).  Bob decrypts Alice‘s message using a public decryption algorithm D and K. We write M = DK(C).
  • 134. SHANNON‘S ONE TIME PAD  EK(M) = K (XOR) M and DK(C) = K (XOR) C  Example:  101 (XOR) 111 = 010  101 (XOR) 010 = 111  Is this protocol secure?  Yes. The adversary can only guess each bit with probability ½.  Problem: The key is as long as the message.
  • 135. PSEUDORANDOMNESS  Suppose there was a generator that stretches random bits.  Idea:  Choose a short key K randomly.  Obtain K’=G(K).  Use K’ as key for the one time pad.  Issue:  Such a generator is not possible!  Any such generator produces a longer string but the string is not random.
  • 136. [CONTD…]  What if there is a generator that produces strings that ―appear to be random‖. The bits are pseudorandom.  General idea: The bits are not really random but they are as good as random so we‘ll just use them for our purpose.  Approach for proving security:  Carefully define pseudorandomness (―appears to be random‖).  Argue that if there is an adversary that breaks the protocol (our one time pad), then the bit string produced by G is not really pseudorandom.
  • 137. ATTACKS  Ciphertext only  Known plaintext  Chosen plaintext  Chosen ciphertext
  • 138. PERFECT SECRECY - BASIC CONCEPTS Let P, K and C be sets of plaintexts, keys and cryptotexts. Let pK(k) be the probability that the key k is chosen from K and let a priory probability that plaintext w is chosen is pp(w). If for a key , then for the probability PC(y) that c is the cryptotext that is transmitted it holds For the conditional probability pc(c|w) that c is the cryptotext if w is the plaintext it holds Using Bayes' conditional probability formula p(y)p(x|y) = p(x)p(y|x) we get for probability pP(w|c) that w is the plaintext if c is the cryptotext the expression       P | K,    w w e k C k k             . |    k C c k k P K C c d p k p c p         . | |    c d w k K C k k p w c p                   . | |      K C c k K P K c k d w k K P c d p k p k p w P P p
  • 139. PERFECT SECRECY - BASIC RESULTS Definition A cryptosystem has perfect secrecy if (That is, the a posteriori probability that the plaintext is w,given that the cryptotext is c is obtained, is the same as a priori probability that the plaintext is w.) Example CAESAR cryptosystem has perfect secrecy if any of the26 keys is used with the same probability to encode any symbol of the plaintext.     C. and P all for |    c w w p c w p P P
  • 140. PERFECT SECRECY - BASIC RESULTS An analysis of perfect secrecy: The condition pP(w|c) = pP(w) is for all wP and cC equivalent to the condition pC(c|w) = pC(c). Let us now assume that pC(c) > 0 for all cC. Fix wP. For each cC we have pC(c|w) = pC(c) > 0. Hence, for each c€C there must exists at least one key k such that ek(w) = c. Consequently, |K| >= |C| >= |P|. In a special case |K| = |C| = |P|. the following nice characterization of the perfect secrecy can be obtained: Theorem A cryptosystem in which |P| = |K| = |C| provides perfect secrecy if and only if every key is used with the same probability and for every wP and every c€C there is a unique key k such that ek(w) = c.
  • 142. PRODUCT CRYPTOSYSTEMS A cryptosystem S = (P, K, C, e, d) with the sets of plaintexts P, keys K and cryptotexts C and encryption (decryption) algorithms e (d) is called endomorphic if P = C. If S1 = (P, K1, P, e(1), d (1)) and S2 = (P, K2, P, e (2), d (2)) are endomorphic cryptosystems, then the product cryptosystem is S1  S2 = (P, K1  K2, P, e, d), where encryption is performed by the procedure e( k1, k2 )(w) = ek2(ek1(w)) and decryption by the procedure d( k1, k2 )(c) = dk1(dk2(c)). Example (Multiplicative cryptosystem): Encryption: ea(w) = aw mod p; decryption: da(c) = a-1c mod 26. If M denote the multiplicative cryptosystem, then clearly CAESAR × M is actually the AFFINE cryptosystem. Exercise Show that also M  CAESAR is actually the AFFINE cryptosystem. Two cryptosystems S1 and S2 are called commutative if S1  S2 = S2  S1. A cryptosystem S is called idempotent if S  S = S.
  • 143. EXERCISES IV  For the following pairs plaintext-cryptotext determine which cryptosystem was used: - COMPUTER - HOWEWVER THE REST UNDERESTIMATES ZANINESS YOUR JUDICIOUS WISDOM - SAUNAAND LIFE – RMEMHCZZTCEZTZKKDA  A spy group received info about the arrival of a new member. Thesecret police succeeded in learning the message and knew that it wasencrypted using the HILL cryptosystem with a matrix of degree 2. It also learned that the code ``10 3 11 21 19 5'' stands for the name ofthe spy and ``24 19 16 19 5 21'', for the city, TANGER, the spy should come from. What is the name of the spy?  Decrypt the following cryptotexts. (Not all plaintexts are in English.) - WFLEUKZFEKZFEJFWTFDGLKZEX - DANVHEYD SEHHGKIIAJ VQN GNULPKCNWLDEA - DHAJAHDGAJDI AIAJ AIAJDJEH DHAJAHDGAJDI AIDJ AIBIAJDJDHAJAHDGAJDI AIAJ DIDGCIBIDH DHAJAHDGAJDI AIAJ DICIDJDH - KLJPMYHUKV LZALALEAV LZ TBF MHJPS  Find the largest possible word in Czech language such that its nontrivial encoding by CAESAR is again a meaningful Czech word.  Find the longest possible meaningful word in a European language such that some of its non- trivial encoding by CAESAR is again ameaningful word in a European language (For example: e3(COLD) = FROG).
  • 144. EXERCISES IV  Decrypt the following cryptotext obtained by encryption with an AFFINE cryptosystem: KQEREJEBCPPCJCRKIEACUZBKRVPKRBCIBQCARBJCVFCUPKRIOFKPACUZQEPBKR XPEIIEABDKPBCPFCDCCAFIEABDKPBCPFEQPKAZBKRHAIBKAPCCIBURCCDKDCCJ CIDFUIXPAFFERBICZDFKABICBBENEFCUPJCVKABPCYDCCDPKBCOCPERKIVKSCPI CBRKIJPKAI  Suppose we are told that the plaintext ―FRIDAY'' yields the cryptotext ―PQCFKU'' with a HALL cryptosystem. Determine the encryption matrix.  Suppose we are told that the plaintext ―BREATHTAKING‖' yieldsthe cryptotext ―RUPOTENTOSUP'' with a HILL cryptosystem. Determine the encryption matrix.  Decrypt the following cryptotext, obtained using the AUTOKLAVE cryptotext (using exhaustive search ?) MALVVMAFBHBUQPTSOXALTGVWWRG  Design interesting cryptograms in (at least) one of the languages: Czech, French, Spanish, Chines?  Show that each permutation cryptosystem is a special case of the HILL cryptosystem.  How many 2 × 2 matrices are there that are invertible over Zp, where p is a prime.  Invent your own interesting and quite secure cryptosystem.
  • 146. CIA  Confidentiality, Integrity and Availability  Confidentiality: prevent unauthorized reading of information  Integrity: prevent unauthorized writing of information  Availability: data is available in a timely manner when needed  Availability is a ―new‖ security concern  Due to denial of service (DoS) threats Intro 29
  • 147. CRYPTO  Cryptology  The art and science of making and breaking ―secret codes‖  Cryptography  making ―secret codes‖  Cryptanalysis  breaking ―secret codes‖  Crypto  all of the above (and more) Intro 30
  • 148. HOW TO SPEAK CRYPTO  A cipher or cryptosystem is used to encrypt the plaintext  The result of encryption is ciphertext  We decrypt ciphertext to recover plaintext  A key is used to configure a cryptosystem  A symmetric key cryptosystem uses the same key to encrypt as to decrypt  A public key cryptosystem uses a public key to encrypt and a private key to decrypt  Private key can be used to sign and public key used to verify signature (more on this later…) Intro 31
  • 149. CRYPTO  Underlying assumption  The system is completely known to Trudy  Only the key is secret  Also known as Kerckhoffs Principle  Crypto algorithms are not secret  Why do we make this assumption?  Experience has shown that secret algorithms are often weak when exposed  Secret algorithms never remain secret  Better to find weaknesses beforehand Intro 32
  • 150. CRYPTO AS A BLACK BOX  Note Pi is ith ―unit‖ of plaintext  And Ci is corresponding ciphertext  ―Unit‖ may be bit, letter, block of bits, etc. Intro 33 plaintext key key ciphertext encrypt decrypt Pi Pi Ci plaintext
  • 151. WHO KNOWS WHAT?  Trudy knows the ciphertext  Trudy knows the cipher and how it works  Trudy might know a little more  Trudy does not know the key Intro 34 plaintext key key ciphertext encrypt decrypt Pi Pi Ci plaintext Alice Bob Trudy
  • 152. TAXONOMY OF CRYPTOGRAPHY  Symmetric Key  Same key for encryption as for decryption  Stream ciphers and block ciphers  Public Key  Two keys, one for encryption (public), and one for decryption (private)  Digital signatures  nothing comparable in symmetric key crypto  Hash algorithms Intro 35
  • 153. CRYPTANALYSIS  This course focused on cryptanalysis  Trudy wants to recover key or plaintext  Trudy is not bound by any rules  For example, Trudy might attack the implementation, not the algorithm itself  She might use ―side channel‖ info, etc. Intro 36
  • 154. EXHAUSTIVE KEY SEARCH  How can Trudy attack a cipher?  She can simply try all possible keys and test each to see if it is correct  Exhaustive key search  To prevent an exhaustive key search, a cryptosystem must have a large keyspace  Must be too many keys for Trudy to try them all in any reasonable amount of time Intro 37
  • 155. BEYOND EXHAUSTIVE SEARCH  A large keyspace is necessary for security  But a large keyspace is not sufficient  Shortcut attacks might exist  We‘ll see many examples of shortcut attacks  In cryptography we can (almost) never prove that no shortcut attack exists  This makes cryptography interesting… Intro 38
  • 156. TAXONOMY OF CRYPTANALYSIS  Ciphertext only — always an option  Known plaintext — possible in many cases  Chosen plaintext  ―Lunchtime attack‖  Protocols might encrypt chosen text  Adaptively chosen plaintext  Related key  Forward search (public key crypto only)  ―Rubber hose‖, bribery, etc., etc., etc. Intro 39
  • 157. DEFINITION OF SECURE  A cryptosystem is secure if the best know attack is to try all possible keys  Cryptosystem is insecure if any shortcut attack is known  By this definition, an insecure system might be harder to break than a secure system! Intro 40
  • 158. DEFINITION OF SECURE  Why do we define secure this way?  The size of the keyspace is the ―advertised‖ level of security  If an attack requires less work, then false advertising  A cipher must be secure (by our definition) and have a ―large‖ keyspace  Too big for an exhaustive key search Intro 41
  • 159. THEORETICAL CRYPTANALYSIS  Suppose that a cipher has a 100 bit key  Then keyspace is of size 2100  On average, for exhaustive search Trudy tests 2100/2 = 299 keys  Suppose Trudy can test 230 keys/second  Then she can find the key in about 37.4 trillion years Intro 42
  • 160. THEORETICAL CRYPTANALYSIS  Suppose that a cipher has a 100 bit key  Then keyspace is of size 2100  Suppose there is a shortcut attack with ―work‖ equal to testing about 280 keys  If Trudy can test 230 per second  Then she finds key in 36 million years  Better than 37 trillion, but not practical Intro 43
  • 161. APPLIED CRYPTANALYSIS  In this class, we focus on attacks that produce plaintext  Not interested in attacks that just show a theoretical weakness in a cipher  We call this applied cryptanalysis  Why applied cryptanalysis?  Because it‘s a lot more fun…  And it‘s a good place to start Intro 44
  • 162. APPLIED CRYPTANALYSIS: OVERVIEW  Classic (pen and paper) ciphers  Transposition, substitution, etc.  Same principles appear in later sections  World War II ciphers  Enigma, Purple, Sigaba  Stream ciphers  Shift registers, correlation attack, ORYX, RC4, PKZIP Intro 45
  • 163. APPLIED CRYPTANALYSIS: OVERVIEW  Block ciphers  Hellman‘s TMTO, CMEA, Akelarre, FEAL  Hash functions  Nostradamus attack, MD4, MD5  Public key crypto  Knapsack, Diffie-Hellman, Arithmetica, RSA, Rabin, NTRU, ElGamal  Factoring, discrete log, timing, glitching Intro 46
  • 164. WHY STUDY CRYPTOGRAPHY?  Information security is a big topic  Crypto, Access control, Protocols, Software  Real world info security problems abound  Cryptography is the part of information security that works best  Using crypto correctly is important  The more we make other parts of security behave like crypto, the better Intro 47
  • 165. WHY STUDY CRYPTANALYSIS?  Study of cryptanalysis gives insight into all aspects of crypto  Gain insight into attacker‘s mindset  ―black hat‖ vs ―white hat‖ mentality  Cryptanalysis is more fun than cryptography  Cryptographers are boring  Cryptanalysts are cool  But cryptanalysis is hard Intro 48
  • 166. QUESTION 1  Caesar wants to arrange a secret meeting with Antony, either at the Tiber (the river) or at the Coliseum (the arena). He sends the cipher text EVIRE. However, Antony does not know the key, so he tries all possibilities. Where will he meet Caesar?
  • 167. QUESTION 2 M F H I/J K U N O P Q Z V W X Y E L A R G D S T B C  Using this Playfair matrix Encrypt the message: ―Must see you over Cadogan West, Coming at once‖
  • 168. QUESTION 3  Decipher the message, YIFZMA using the Hill cipher with the inverse key.         3 2 13 9
  • 169. QUESTION 4  Encrypt the message ―PAY‖ using hill cipher with the following key matrix and show the decryption to get original plain text. 17 17 5 21 18 21 2 2 19