UNIT - I

Security Concepts: Introduction, The need for security, Security approaches, Principles of
security, Types of Security attacks, Security services, Security Mechanisms, A model for Network
Security Cryptography Concepts and Techniques: Introduction, plain text and cipher text,
substitution techniques, transposition techniques, encryption and decryption, symmetric and
asymmetric key cryptography, steganography, key range and key size, possible types of attacks.

Security Concepts
Introduction
Network security is any activity designed to protect the usability and integrity of your
network and data.
 It includes both hardware and software technologies
 It targets a variety of threats
 It stops them from entering or spreading on your network
 Effective network security manages access to the network

Network security is a broad term that covers a multitude of technologies, devices and
processes. In its simplest term, it is a set of rules and configurations designed to protect the
integrity, confidentiality and accessibility of computer networks and data using both software
and hardware technologies. Every organization, regardless of size, industry or infrastructure,
requires a degree of network security solutions in place to protect it from the ever-growing
landscape of cyber threats in the wild today.
Today's network architecture is complex and is faced with a threat environment that is always
changing and attackers that are always trying to find and exploit vulnerabilities. These
vulnerabilities can exist in a broad number of areas, including devices, data, applications,
users and locations. For this reason, there are many network security management tools and
applications in use today that address individual threats and exploits and also regulatory non-
compliance. When just a few minutes of downtime can cause widespread disruption and
massive damage to an organization's bottom line and reputation, it is essential that these
protection measures are in place.
How does network security work?
There are many layers to consider when addressing network security across an organization.
Attacks can happen at any layer in the network security layers model, so your network
security hardware, software and policies must be designed to address each area.
Network security typically consists of three different controls: physical, technical and
administrative. Here is a brief description of the different types of network security and how
each control works.
Physical Network Security
Physical security controls are designed to prevent unauthorized personnel from gaining
physical access to network components such as routers, cabling cupboards and so on.
Controlled access, such as locks, biometric authentication and other devices, is essential in
any organization.
Technical Network Security
Technical security controls protect data that is stored on the network or which is in transit
across, into or out of the network. Protection is twofold; it needs to protect data and systems
from unauthorized personnel, and it also needs to protect against malicious activities from
employees.
Administrative Network Security
Administrative security controls consist of security policies and processes that control user
behavior, including how users are authenticated, their level of access and also how IT staff
members implement changes to the infrastructure.

Network security in a nutshell

In simplest terms, network security is a combination of steps that prevent unauthorized. Once
a network is secured, the users and the devices connected can work without experiencing data
breaches. In a well secured network, however, some restrictions may be implemented.
To implement network security, network specialists will utilize highly complicated strategies
with the assistance of hardware and software. In general, every organization should have a
dedicated person, people, or company (depending on the scale) to handle their network
security.

The Need for Security

What makes network security so important?

Network security is one of the most important aspects to consider when working over the internet,
LAN or other method, no matter how small or big your business is. While there is no network that
is immune to attacks, a stable and efficient network security system is essential to protecting
client data. A good network security system helps business reduce the risk of falling victim of data
theft and sabotage.

Network security helps protect your workstations from harmful spyware. It also ensures that
shared data is kept secure. Network security infrastructure provides several levels of protection to
prevent MiM attacks by breaking down information into numerous parts, encrypting these parts
and transmitting them through independent paths thus preventing cases like eavesdropping.

Getting connected to the internet means that you will receive lots of traffic. Huge traffic can cause
stability problems and may lead to vulnerabilities in the system. Network security promotes
reliability of your network by preventing lagging and downtimes through continuous monitoring of
any suspicious transaction that can sabotage the system.

Here’s why both businesses and households should consider the security of their networks
seriously:
 To protect the computers in the network
Computers and other devices connected to unsecured networks are highly vulnerable to
external threats such as malware, ransomware and spyware attacks. A single attack can
bring down the entire computer system of an organization and compromise your personal
information. By assuring the security of the network – typically with the assistance of a
network security specialist – you can stay away from such expensive threats.
  To prevent identity theft
No matter whether you are an organization or an individual, your identity is valuable. If
you log into an unsecured network, your identity can become visible to third-parties. To
avoid such a situation, you should secure your network. Such an approach becomes
mandatory if you are a business that deals with client information.
 To protect shared data
When it comes to a business, special precautions should be taken to protect shared data.
And, network security is one of the best ways to do so. Network security can be applied
with different restrictions on different computers depending on the types of files they
handle.
 To stabilize the network connection
In an unrestricted, unprotected network, network activity can become too heavy. Intense
traffic can lead to an unstable computer network. Eventually, the entire network will
become vulnerable to various external attacks.

Security Approaches

One security approach is to prevent a threat from arising in the first place, especially by
addressing its underlying causes. When the threat cannot be prevented, security
as protection aims to defend against, if not eliminate, the threat. But if we cannot fully
protect ourselves from the threat, security as resilience considers our ability to “bounce
back”
Security as Prevention:
This approach seeks to prevent threats from arising in the first place by addressing the
underlying causes that generate them before they emerge.

as Control (Protection)
This approach seeks to control, defend against, or eliminate a manifest threat.

Security as Resilience
When threats cannot be controlled or eliminated, security as resilience focuses on the
ability of social systems to “bounce back” and recover from shocks. It concerns the
flexibility and adaptability of societies, their rigidities, and how they can reduce their
vulnerability to disruption and collapse.
 Bottom-Up Approach:
The company’s security model is applied by system administrators or people who are
working in network security or as cyber-engineers. The main idea behind this approach is
for individuals working in this field of information systems to use their knowledge and
experience in cybersecurity to guarantee the design of a highly secure information security
model.
 Key Advantages –
An individual’s technical expertise in their field ensures that every system
vulnerability is addressed and that the security model is able to counter any
potential threats possible.
 Disadvantage –
Due to the lack of cooperation between senior managers and relevant directives,
it is often not suitable for the requirements and strategies of the organisation.

Top-Down Approach:

This type of approach is initialized and initiated by the executives of the organization.
 They formulate policies and outline the procedures to be followed.
 Determine the project’s priorities and expected results
 Determine liability for every action needed
It is more likely to succeed. That strategy usually provides strong support from top
management by committing resources, a consistent preparation and execution mechanism
and opportunities to affect corporate culture.
 Principles of Network Security.

1. Confidentiality:

 Confidentiality is probably the most common aspect of information security. The

principle of confidentiality specifies that only the sender and intended recipient
should be able to access the contents of a message.
 Confidentiality gets compromised if an unauthorized person is able to access a
message. Protection of confidential information is needed. An organization needs to
guard against those malicious actions to endanger the confidentiality of its
information.
 Example: Banking customers accounts need to be kept secret. Confidentiality not only
applies to the storage of the information but also applies to the transmission of
information. When we send a piece of the information to be stored in a remote
computer or when we retrieve a piece of information from a remote computer we need
to conceal it during transmission. Interception causes loss of message confidentiality.

2. Integrity:

 Information needs to be changed constantly. Integrity means that changes need to be

done only by authorized entities and through authorized mechanisms. When the
contents of a message are changed after the sender sends it, before it reaches the
intended recipient it is said that integrity of the message is lost.
 Integrity violation is not necessarily the result of a malicious act; an interruption in the
system such as a power surge may also create unwanted changes in some information.
 Modification causes loss of message integrity.

3. Availability:

 The principle of availability states that resources should be available to authorized

parties at all times. The information created and stored by an organization needs to be
available to authorized entities. Information is useless if it is not available.
 Information needs to be constantly changed which means it must be accessible to
authorized entities. The unavailability of information is just as harmful for an
organization as the lack of confidentiality or integrity.
 Example: The situation can be difficult for a bank if the customer could not access
their accounts for transactions.
 Interruption puts the availability of resources in danger.
  The diagram above explains the balance concept. The right balance of the three goals
is needed to build a secure system. If the goals are not balanced then a small hole is
created for attackers to
nullify the other objectives of security. Having a highly confidential system but low
availability then the system is not secure.
 Example: A system can protect confidentiality and integrity but if the resource us not
available the other two goals also are of no use.

The Principles of Security can be classified as follows: 

 
1. Confidentiality: 
The degree of confidentiality determines the secrecy of the information. The
principle specifies that only the sender and receiver will be able to access the
information shared between them. Confidentiality compromises if an
unauthorized person is able to access a message. 
For example, let us consider sender A wants to share some confidential
information with receiver B and the information gets intercepted by the attacker
C. Now the confidential information is in the hands of an intruder C. 
1. Authentication: 
Authentication is the mechanism to identify the user or system or the entity. It
ensures the identity of the person trying to access the information. The
authentication is mostly secured by using username and password. The
authorized person whose identity is preregistered can prove his/her identity and
can access the sensitive information. 
 
2. Integrity: 
Integrity gives the assurance that the information received is exact and accurate.
If the content of the message is changed after the sender sends it but before
reaching the intended receiver, then it is said that the integrity of the message is
lost. 
 
3. Non-Repudiation: 
non-repudiation is a mechanism that prevents the denial of the message content
sent through a network. In some cases the sender sends the message and later
 denies it. But the non-repudiation does not allow the sender to refuse the
receiver. 
 
4. Access control: 
The principle of access control is determined by role management and rule
management. Role management determines who should access the data while
rule management determines up to what extent one can access the data. The
information displayed is dependent on the person who is accessing it. 
 
5. Availability: 
The principle of availability states that the resources will be available to
authorize party at all times. Information will not be useful if it is not available to
be accessed. Systems should have sufficient availability of information to satisfy
the user request. 
 
 

Security Attacks:

Security attacks are classifieds into two:

 Passive attacks and
 Active attacks.

A passive attack attempts to learn or make use of information from the system but does not affect
system resources.

An active attack attempts to alter system resources or affect their operation.

Passive Attacks:
Passive attacks are in the nature of eavesdropping on, or monitoring of, transmissions. The goal
of the opponent is to obtain information that is being transmitted.

Two types of passive attacks are the release of message contents and traffic analysis.

Release of message contents: The release of message contents is easily understood. A

telephone conversation, an electronic mail message, and a transferred file may contain sensitive
or confidential information. We would like to prevent an opponent from learning the contents of
these transmissions.

TRAFFIC ANALYSIS:
Suppose that we had a way of masking the contents of messages or other information traffic so
that opponents, even if they captured the message, could not extract the information from the
message.
The common technique for masking contents is encryption.
 If we had encryption protection in place, an opponent might still be able to observe the pattern
of these messages. The opponent could determine the location and identity of communicating
hosts and could observe the frequency and length of messages being exchanged.
 This information might be useful in guessing the nature of the communication that was taking
place.
 Passive attacks are very difficult to detect, because they do not involve any alteration of the
data.
 Typically, the message traffic is sent and received in an apparently normal fashion, and neither
the sender nor receiver is aware that a third party has read the messages or observed the traffic
pattern.
 However, it is feasible to prevent the success of these attacks, usually by means of encryption.
 Thus, the emphasis in dealing with passive attacks is on prevention rather than detection.

Active Attacks:
Active attacks involve some modification of the data stream or the creation of a false stream and
can be subdivided into four categories:
Masquerade,
Replay,
Modification of messages, and
denial of service.

A masquerade attack is an attack that uses a fake identity, to gain unauthorized access to
personal computer information through legitimate access identification. For example,
authentication sequences can be captured and replayed after a valid authentication sequence
has taken place, thus enabling an authorized entity with few privileges to obtain extra privileges
by impersonating an entity that has those privileges.
Replay involves the passive capture of a data unit and its subsequent retransmission to
produce an unauthorized effect.

Modification of messages simply means that some portion of a valid message is altered, or
that messages are delayed or reordered, to produce an unauthorized effect.
For example, a message meaning ―Allow John Smith to read confidential file accounts” is
modified to mean “Allow Fred Brown to read confidential file accounts.”

The denial of service prevents the normal use or management of communications facilities.
This attack may have a specific target; for example, an entity may suppress all messages
directed to a particular destination. Another form of service denial is the disruption of an
entire network, either by disabling the network or by overloading it with messages so as to
degrade performance.
Security Services
Security service means a processing or communication service that is provided by a system to
give a specific kind of protection to system resources.

 AUTHENTICATION

 ACCESS CONTROL

DATA CONFIDENTIALITY
 DATA INTEGRITY
 NONREPUDIATION
 AVAILABILITY
AUTHENTICATION:
The authentication service is concerned with assuring that a communication is authentic. In the
case of a single message, its function of the authentication service is to assure the recipient that
the message is from the source that it claims to be from. In the case of an ongoing interaction,
such as the connection of a terminal to a host, two aspects are involved. First, at the time of
connection initiation, the service assures that the two entities are authentic, that is, that each is the
entity that it claims to be. Second, the service must assure that the connection is not interfered
with in such a way that a third party can masquerade as one of the two legitimate parties for the
purposes of unauthorized transmission or reception.
Two specific authentication services are defined
 Peer entity authentication
 Data origin authentication

Peer entity authentication: Provides for the corroboration of the identity of a peer entities
involved in communication. It is used for providing authentication at the time of connection
establishment and during the process of data transmission.
Data origin authentication: Provides for the corroboration of the source of a data unit. It does
not provide protection against the duplication or modification of data units. This type of service
supports applications like electronic mail, where there are no prior interactions between the
communicating entities.
ACCESS CONTROL:
The prevention of unauthorized use of resources. Access control is the ability to limit and control
the access to host systems and applications via communications links. To achieve this, each entity
trying to gain access must first be identified, or authenticated, so that access rights can be tailored
to the individual.
DATA CONFIDENTIALITY:
Confidentiality is the protection of transmitted data from passive attacks. The protection of data
from unauthorized disclosure.
Types of confidentiality:
 Connection Confidentiality: The protection of all user data on a connection.
 Connectionless Confidentiality: The protection of all user data in a single data block
 Selective-Field Confidentiality: The confidentiality of selected fields within the user data
on a connection or in a single data block.
 Traffic-Flow Confidentiality: The protection of the information that might be derived from
observation of traffic flows.

DATA INTEGRITY: The assurance that data received are exactly as sent by an authorized entity
(i.e., contain no modification, insertion, deletion, or replay).
Types of integrity
 Connection Integrity with Recovery: Provides for the integrity of all user data on a connection
and detects any modification, insertion, deletion, or replay of any data within an entire data
sequence, with recovery attempted.
 Connection Integrity without Recovery as above, but provides only detection without
recovery.
 Selective-Field Connection Integrity Provides for the integrity of selected fields within the
user data of a data block transferred over a connection and takes the form of determination of
whether the selected fields have been modified, inserted, deleted, or replayed.
 Connectionless Integrity Provides for the integrity of a single connectionless data block and
may take the form of detection of data modification. Additionally, a limited form of replay
detection may be provided.
 Selective-Field Connectionless Integrity Provides for the integrity of selected fields within a
single connectionless data block; takes the form of determination of whether the selected fields
have been modified.

NONREPUDIATION:
It is assurance that someone cannot deny something. It is a method of guaranteeing message
transmission between parties. Provides protection against denial by one of the entities involved in
a communication of having participated in all or part of the communication.
 Nonrepudiation, Origin: Proof that the message was sent by the specified party.
 Nonrepudiation, Destination: Proof that the message was received by the specified party.

AVAILABILITY:
Availability is the method with assure the information and communications will be ready for use
when excepted. Information is kept available to authorized persons when they need it. The
availability can be significantly affected by a variety of attacks which are susceptible to
authentication, encryption etc., whereas some attacks require physical action for preventing and
recovering from the loss of availability.

SECURITY MECHANISMS:

Security mechanism is categorized into two types. They are,

 SPECIFIC SECURITY MECHANISMS
 PERVASIVE SECURITY MECHANISMS

SPECIFIC SECURITY MECHANISMS:

These mechanisms are incorporated into the appropriate protocol layer in order to provide some
of the OSI security services.
Encipherment: It refers to the process of applying mathematical algorithms to transform data
into a form that is not readily intelligible. The transformation and subsequent recovery of the data
depend on an algorithm and encryption keys.
Digital Signature: Data appended to, or a cryptographic transformation of, a data unit must
preserve the integrity of the data and prevents it from any unauthorized access.

Access Control: A variety of mechanisms that enforce access rights to resources.

Data Integrity: A variety of mechanisms used to assure the integrity of a data unit or stream of
data units.
Authentication Exchange: A mechanism intended to ensure the identity of an entity by means of
information exchange.
Traffic Padding: The insertion of bits into gaps in a data stream to frustrate traffic analysis
attempts.
routing Control: Enables selection of particular physically secure routes for certain data and
allows routing changes, especially when a breach of security is suspected.
Notarization: The use of a trusted third party to assure certain properties of a data exchange.

PERVASIVE SECURITY MECHANISMS:

Mechanisms that are not specific to any particular OSI security service or protocol layer.
Trusted Functionality: That which is perceived to be correct with respect to some criteria.
Security Label: the bounding value of a resource which specifies the security attributes
associated with that resource.
Event Detection: Detection of security-relevant events.
Security Audit Trail: Data collected and potentially used to facilitate a security audit, which is
an independent review and examination of system records and activities.
Security Recovery: Deals with requests from mechanisms, such as event handling and
management functions, and takes recovery actions.

A model for Network security

A security-related transformation on the information to be sent. Examples include the

encryption of the message, which scrambles the message so that it is unreadable by the
opponent, and the addition of a code based on the contents of the message, which can be used
to verify the identity of the sender.

   Some secret information shared by the two principals and, it is hoped, unknown to the
opponent. An example is an encryption key used in conjunc-tion with the transformation to
scramble the message before transmission and unscramble it on reception.6
 
A trusted third party may be needed to achieve secure transmission. For example, a third
party may be responsible for distributing the secret information to the two principals while
keeping it from any opponent. Or a third party may be needed to arbitrate disputes between
the two principals concerning the authenticity of a message transmission.
 
This general model shows that there are four basic tasks in designing a particular security
service:
 
1. Design an algorithm for performing the security-related transformation. The algorithm
should be such that an opponent cannot defeat its purpose.
 
2.                                 Generate the secret information to be used with the algorithm.
 
3.                                 Develop methods for the distribution and sharing of the secret
information.
 
4.                                 Specify a protocol to be used by the two principals that makes use of
the security algorithm and the secret information to achieve a particular security service.
 
Parts One through Five of this book concentrate on the types of security mecha-nisms and
services that fit into the model shown in Figure 1.4. However, there are other security-related
situations of interest that do not neatly fit this model but are consid-ered in this book. A
general model of these other situations is illustrated by Figure 1.5, which reflects a concern
for protecting an information system from unwanted access. Most readers are familiar with
the concerns caused by the existence of hackers, who attempt to penetrate systems that can be
accessed over a network. The hacker can be someone who, with no malign intent, simply gets
satisfaction from breaking and entering a computer system. The intruder can be a disgruntled
employee who wishes to do damage or a criminal who seeks to exploit computer assets for
financial gain
 

(e.g., obtaining credit card numbers or performing illegal money transfers).

 
Another type of unwanted access is the placement in a computer system of logic that exploits
vulnerabilities in the system and that can affect application pro-grams as well as utility
programs, such as editors and compilers. Programs can pre-sent two kinds of threats:
 
•             Information access threats: Intercept or modify data on behalf of users who should
not have access to that data.
 
•             Service threats: Exploit service flaws in computers to inhibit use by
legitimate users.
 
Viruses and worms are two examples of software attacks. Such attacks can be introduced into
a system by means of a disk that contains the unwanted logic con-cealed in otherwise useful
software. They can also be inserted into a system across a network; this latter mechanism is
of more concern in network security.
 
The security mechanisms needed to cope with unwanted access fall into two broad categories
(see Figure 1.5). The first category might be termed a gatekeeper function. It includes
password-based login procedures that are designed to deny access to all but authorized users
and screening logic that is designed to detect and reject worms, viruses, and other similar
attacks. Once either an unwanted user or unwanted software gains access, the second line of
defense consists of a variety of internal controls that monitor activity and analyze stored
information in an attempt to detect the presence of unwanted intruders.

Cryptography Concepts and Techniques:

Introduction

Cryptography is the study of secure communications techniques that allow only the sender
and intended recipient of a message to view its contents. The term is derived from the Greek
word kryptos, which means hidden. It is closely associated to encryption, which is the act of
scrambling ordinary text into what's known as ciphertext and then back again upon arrival. In
addition, cryptography also covers the obfuscation of information in images using techniques
such as microdots or merging. Ancient Egyptians were known to use these methods in
complex hieroglyphics, and Roman Emperor Julius Caesar is credited with using one of the
first modern ciphers.

When transmitting electronic data, the most common use of cryptography is to encrypt and
decrypt email and other plain-text messages. The simplest method uses the symmetric or
"secret key" system. Here, data is encrypted using a secret key, and then both the encoded
message and secret key are sent to the recipient for decryption. The problem? If the message
is intercepted, a third party has everything they need to decrypt and read the message. To
address this issue, cryptologists devised the asymmetric or "public key" system. In this case,
every user has two keys: one public and one private. Senders request the public key of their
intended recipient, encrypt the message and send it along. When the message arrives, only the
recipient's private key will decode it — meaning theft is of no use without the corresponding
private key.

SOME BASIC TERMINOLOGY:

 An original message is known as the plaintext.
 The coded message is called the ciphertext.
 The process of converting from plaintext to ciphertext is known as enciphering or
encryption.
 Restoring the plaintext from the ciphertext is deciphering or decryption.
 The many schemes used for encryption constitute the area of study known as cryptography.
Such a scheme is known as a cryptographic system or a cipher.
 Techniques used for deciphering a message without any knowledge of the enciphering
details fall into the area of cryptanalysis. Cryptanalysis is what the layperson calls ―breaking
the code.‖
 The areas of cryptography and cryptanalysis together are called cryptology.

Substitution Techniques,
Substitution technique is a classical encryption technique where the
characters present in the original message are replaced by the other
characters or numbers or by symbols. If the plain text (original message) is
considered as the string of bits, then the substitution technique would
replace bit pattern of plain text with the bit pattern of cipher text.

Substitution Technique:
1. Caesar Cipher
2. Monoalphabetic Cipher
3. Playfair Cipher
4. Hill Cipher
5. Polyalphabetic Cipher
 6. One-Time Pad

Caesar Cipher
This the simplest substitution cipher by Julius Caesar. In this substitution
technique, to encrypt the plain text, each alphabet of the plain text is
replaced by the alphabet three places further it. And to decrypt the cipher
text each alphabet of cipher text is replaced by the alphabet three places
before it.

Let us take a simple example:

Plain Text: meet me tomorrow

Cipher Text: phhw ph wrpruurz

Look at the example above, we have replaced, ‘m’ with ‘p’ which occur three
places after, ‘m’. Similarly, ‘e’ is replaced with ‘h’ which occurs in three
places after ‘e’.

Note: If we have to replace the letter ‘z’ then the next three alphabets
counted after ‘z’ will be ‘a’ ‘b’ ‘c’. So, while counting further three alphabets
if ‘z’ occurs it circularly follows ‘a’.

There are also some drawbacks of this simple substitution technique. If the
hacker knows that the Caesar cipher is used then to perform brute force
cryptanalysis, he has only to try 25 possible keys to decrypt the plain text.
The hacker is also aware of the encryption and decryption algorithm.

Monoalphabetic Cipher
Monoalphabetic cipher is a substitution cipher, where the cipher alphabet
for each plain text alphabet is fixed, for the entire encryption.

In simple words, if the alphabet ‘p’ in the plain text is replaced by the cipher
alphabet ‘d’. Then in the entire plain text wherever alphabet ‘p’ is used, it
will be replaced by the alphabet ‘d’ to form the ciphertext.

Playfair Cipher
Playfair cipher is a substitution cipher which involves a 5X5 matrix. Let us
discuss the technique of this Playfair cipher with the help of an example:
Plain Text: meet me tomorrow

Key: KEYWORD

Now, we have to convert this plain text to ciphertext using the given key.
We will discuss the further process in steps.

Step 1: Create a 5X5 matrix and place the key in that matrix row-wise from
left to right. Then put the remaining alphabets in the blank space.

Note: If a key has duplicate alphabets, then fill those alphabets only once in
the matrix, and I & J should be kept together in the matrix even though they
occur in the given key.

Step 2: Now, you have to break the plain text into a pair of alphabets.

Plain Text: meet me tomorrow

Pair: me et me to mo rx ro wz

Note

 Pair of alphabets must not contain the same letter. In case, pair has
the same letter then break it and add ‘x’ to the previous letter. Like in
our example letter ‘rr’ occurs in pair so, we have broken that pair and
added ‘x’ to the first ‘r’.
  In case while making pair, the last pair has only one alphabet left then
we add ‘z’ to that alphabet to form a pair as in our above example, we
have added ‘z’ to ‘w’ because ‘w’ was left alone at last.
 If a pair has ‘xx’ then we break it and add ‘z’ to the first ‘x’, i.e. ‘xz’ and
‘x_’.

Step 3: In this step, we will convert plain text into ciphertext. For that, take
the first pair of plain text and check for cipher alphabets for the
corresponding in the matrix. To find cipher alphabets follow the rules below.

Note

 If both the alphabets of the pair occur in the same row replace them

with the alphabet to their immediate right. If an alphabet of the pair
occurs at extreme right then replace it with the first element of that
row, i.e. the last element of the row in the matrix circularly follows the
first element of the same row.
 If the alphabets in the pair occur in the same column, then replace
them with the alphabet immediate below them. Here also, the last
element of the column circularly follows the first element of the same
column.
 If the alphabets in the pair are neither in the same column and nor in
the same row, then the alphabet is replaced by the element in its own
row and the corresponding column of the other alphabet of the pair.

Pair: me et me to mo rx ro wz

Cipher Text: kn ku kn kz ks ta kc yo

So, this is how we can convert a plain text to ciphertext using Playfair
cipher. When compared with monoalphabetic cipher Playfair cipher is much
more advanced. But still, it is easy to break.

Hill Cipher
Hill cipher is a polyalphabetic cipher introduced by Lester Hill in 1929. Let
us discuss the technique of hill cipher.

Plain text: Binary

Key: HILL
Choose the key in such a way that it always forms a square matrix. With
HILL as the key, we can form a 2×2 matrix.

Now, of plain text, you have to form a column vector of length similar to the
key matrix. In our case, the key matrix is 2×2 then the column vectors of
plain text would be 2×1.

The general equation to find cipher text using hill cipher is as follow:

C = KP mod 26

For our example, our key matrix would be:

And our plain text matrices of 2×1 will be as follow:

Now, we have to convert the key matrix and plain text matrices into
numeric matrices. For that number the alphabets such as A=0, B=1, C=2,
…………, Z=25. So, considering the alphabet numbering:

Key matrix will be:

Plain text matrices would be:

In the first calculation, we would get two cipher alphabets for plain text
alphabet ‘B’ & ‘I’.
So, the cipher alphabet for plain text alphabet ‘B’ & ‘I’ is ‘T’ & ‘V’. Similarly,
we have to calculate ciphertext for remaining plain text. And then
accumulate them to form the ciphertext.

The calculated ciphertext for ‘Binary’ using hill cipher is ‘TVNNZJ’.

Polyalphabetic Cipher
Polyalphabetic cipher is far more secure than a monoalphabetic cipher. As
monoalphabetic cipher maps a plain text symbol or alphabet to a ciphertext
symbol and uses the same ciphertext symbol wherever that plain text
occurs in the message.
But polyalphabetic cipher, each time replaces the plain text with the
different ciphertext.

One-Time Pad
The one-time pad cipher suggests that the key length should be as long as
the plain text to prevent the repetition of key. Along with that,
the key should be used only once to encrypt and decrypt the single
message after that the key should be discarded.

Onetime pad suggests a new key for each new message and of the same
length as a new message. Now, let us see the one-time pad technique to
convert plain text into ciphertext. Assume our plain text and key be:
Plain text: Binary

Key: Cipher

Now again convert the plain text and key into the numeric form. For that
number the alphabets such as A=0, B=1, C=2, …………, Z=25. So, our plain
text and key in numeric form would be:

Plain text: 1 8 13 0 17 24

Key: 2 8 15 7 4 17

Now, you have to add the number of the plain text alphabet, to the number
of its corresponding key alphabet. That means, for this example, we will add:

B+C = 1+2 = 2

I+I = 8+8 = 16

N+P = 13+15 = 28

A+H = 0+7 = 7

R+E = 17+4 = 21

Y+R = 24+17 = 41

The resultant ciphertext numbers we get are (2, 16, 28, 7, 21, 41)

If the addition of any plain text number and the key number is >26, then
subtract only that particular number from 26. We have the addition of two
pair of plain text number and a key number, greater than 26, i.e. N+P=28 &
Y+R=41.

Subtract them by 26.

N+P = 28 – 26 = 2

Y+R = 41 – 26 = 15

So, the final ciphertext numbers are (2, 16, 2, 7, 21, 1). Now convert this
number to alphabets assuming A to be numbered 0 and B to be 1…..Z to 25.

Ciphertext: Cqchvb.
In this way, we can convert plain text to cipher text using a one-time pad.

So, this is all about the substitution cipher techniques. It has a

monoalphabetic cipher and polyalphabetic cipher technique. Substitution
technique is also called classical substitution technique.

Transposition techniques 
Transposition technique is an encryption method which is achieved by
performing permutation over the plain text. Mapping plain text into cipher
text using transposition technique is called transposition cipher.
Transposition Techniques
1. Rail Fence Transposition
2. Columnar Transposition
3. Improved Columnar Transposition
4. Book Cipher/Running Key Cipher

Rail Fence Cipher

The rail fence cipher is the simplest transposition cipher. The steps to obtain
cipher text using this technique are as follow:

Step 1: The plain text is written as a sequence of diagonals.

Step 2: Then, to obtain the cipher text the text is read as a sequence of
rows.

Plain Text: meet me Tomorrow

Now, we will write this plain text sequence wise in a diagonal form as you
can see below:

Looking at the image, you would get it why it got named rail fence because
it appears like the rail fence.
Once you have written the message as a sequence of diagonals, to obtain
the cipher text out of it you have to read it as a sequence of rows. So,
reading the first row the first half of cipher text will be:

memtmro

reading the second row of the rail fence, we will get the second half of the
cipher text:

eteoorw

Now, to obtain the complete cipher text combine both the halves of cipher
text and the complete cipher text will be:

Cipher Text: M E M T M R O E T E O O R W

Rail fence cipher is easy to implement and even easy for a cryptanalyst to
break this technique. So, there was a need for a more complex technique.

Columnar Transposition Technique

The columnar transposition cipher is more complex as compared to the rail
fence. The steps to obtain cipher text using this technique are as follow:

Step 1: The plain text is written in the rectangular matrix of the initially
defined size in a row-by-row pattern.

tep 2: To obtain the cipher text read the text written in a rectangular matrix
column by column. But you have to permute the order of column before
reading it column by column. The obtained message is the cipher text
message.

To understand the columnar transposition let us take an example:

Plain text: meet Tomorrow

Now, put the plain text in the rectangle of a predefined size. For our
example, the predefined size of the rectangle would be 3×4. As you can see
in the image below the plain text is placed in the rectangle of 3×4. And we
have also permuted the order of the column.
Now, to obtain the cipher text we have to read the plain text column by
column as the sequence of permuted column order. So, the cipher text
obtained by the columnar transposition technique in this example is:

Cipher Text: MTREOREMOTOW.

Similar to the rail fence cipher, the columnar cipher can be easily broken.
The cryptanalyst only has to try few permutations and combination over the
order of column to obtain the permuted order of column and the get the
original message. So, a more sophisticated technique was required to
strengthen the encryption.

Columnar Transposition Technique with Multiple

Rounds
It is similar to the basic columnar technique but is introduced with an
improvement. The basic columnar technique is performed over the plain
text but more than once. The steps for columnar technique with multiple
rounds are as follow:

Step 1: The plain text is written in the rectangle of predetermined size row
by row

Step 2: To obtain the cipher text, read the plain text in the
rectangle, column by column. Before reading the text in rectangle column
by column, permute the order of columns the same as in basic columnar
technique.

Step 3: To obtain the final cipher text repeat the steps above multiple time.
Let us discuss one example of a columnar transposition technique for better
understanding. We will consider the same example of a basic columnar
technique which will help in understanding the complexity of the method:

Plain Text: meet Tomorrow

Let us put this plain text in the rectangle of predefined size of 3×4.
Proceeding with the next step, the order of the columns of the matrix is
permuted as you can see in the image below:

Now after the first round the cipher text obtained is as follow:

Cipher Text round 1:  MTREOREMOTOW

Now, again we have to put the cipher text of round 1 in the rectangle of
size 3×4 row by row and permute the order of columns before reading the
cipher text for round 2. In the second round, the permuted order of the
column is 2, 3, 1, 4.

So, the obtained cipher text for round 2 is MOOTRTREOEMW. In this way,
we can perform as many iterations as requires. Increasing the number of
iterations increases the complexity of the techniques.

Book Cipher or Running Key Cipher

The book cipher or the running key cipher works on the basic principle of
one-time pad cipher. In onetime pad cipher the key is taken as long as the
plain text and is discarded after the use. Every time a new key is taken for a
new message.
The improvement to the onetime pad in Book cipher is that the key or the
onetime pad is taken from the book. Let us discuss the steps:

Step 1: Convert the plain text in numeric form consider A=0, B=1, C=3 …, Z=25.

Step 2: Take an onetime pad or key from any of the books and convert it in the numeric form
also. But the key must be as long as the length of plain text.

Step 3: Now add the numeric form of both plain text and key, each plain text letter with
corresponding key text letter. If the addition of any plain text letter with corresponding key
text letter is >26, then subtract it with 26.

Let us understand with the example:

Plain text: Meet Tomorrow

Key taken from the book: ANENCRYPTION.

Now we have to convert this plain text and key text in numeric form and add them to get
cipher text as shown in the image below:

The cipher text obtained is MRIGVFKDKZDJ.

So, this is all about the Transposition technique, which involves the permutation over the
plain text for converting plain text into the cipher text.
Encryption Decryption

Encryption is the process of translating plain text data (plaintext) into something that
appears to be random and meaningless (ciphertext). Decryption is the process of
converting ciphertext back to plaintext.

To encrypt more than a small amount of data, symmetric encryption is used.

A symmetric key is used during both the encryption and decryption processes. To
decrypt a particular piece of ciphertext, the key that was used to encrypt the data
must be used.

The goal of every encryption algorithm is to make it as difficult as possible to decrypt

the generated ciphertext without using the key. If a really good encryption algorithm
is used, there is no technique significantly better than methodically trying every
possible key. For such an algorithm, the longer the key, the more difficult it is to
decrypt a piece of ciphertext without possessing the key.

It is difficult to determine the quality of an encryption algorithm. Algorithms that

look promising sometimes turn out to be very easy to break, given the proper attack.
When selecting an encryption algorithm, it is a good idea to choose one that has
been in use for several years and has successfully resisted all attacks.

symmetric and Asymmetric key cryptography

1. WHAT IS SYMMETRIC AND ASYMMETRIC KEY CRYPTOGRAPHY?
Unauthorized access to all types of data is an ever-present risk in today’s cyber world.
Financial and payment system data are the most vulnerable data, which may reveal
consumers’ and clients’ personal identifying information (PII) or payment card records. 

Encryption is critical for securing personally identifiable information and mitigating the
threats for companies that perform payment transactions every minute of the day. This makes
cryptography crucial. There are mainly two types of cryptography: symmetric and
asymmetric cryptography.

2. SYMMETRIC KEY CRYPTOGRAPHY

Symmetric Key Cryptography, or Symmetric Encryption, uses a secret key for both
encryption and decryption. This approach is the inverse of Asymmetric Encryption, which
uses one key to encrypt and another to decrypt. Data is translated to a format that cannot be
interpreted or inspected by someone who does not have the secret key used to encrypt it
during this phase.
The strength of the random number generator used to generate the secret key determines the
effectiveness of this method. Symmetric Key Cryptography, commonly used on the Internet
today, comprises two kinds of algorithms: Block and Stream. The Advanced Encryption
Standard (AES) and the Data Encryption Standard (DES) are two common encryption
algorithms. This type of encryption is typically much faster than Asymmetric Encryption, but
it allows the secret key to be held by both the sender and the data receiver.

Symmetric cryptography is based on a single shared key that all parties are aware of and can
use to encrypt and decrypt data.

Secret-key, single-key, shared-key, one-key, and private-key encryption are other words for
symmetric-key cryptography. The usage of the last and first words will lead to
misunderstanding compared to the related language used in public-key cryptography.

Symmetric key encryption employs one of the following encryption techniques:

Stream ciphers: Encrypt a message’s digits or letters one at a time.

Block ciphers: Encrypt a group of bits as a single entity, inserting the plaintext to make it a
block size multiple. 64-bit blocks are widely used. The NIST-approved Advanced Encryption
Standard (AES) algorithm and the GCM block cipher mode of operation all use 128-bit
blocks.
3. WHAT IS THE PURPOSE OF SYMMETRIC ENCRYPTION?
Although symmetric encryption is an older type of encryption, it is simpler and more
effective than asymmetric encryption, which strains networks due to data size performance
problems and heavy CPU usage. 

Since symmetric encryption performs smoother and quicker than asymmetric encryption, it is
commonly used for bulk encryption / encrypting massive volumes of data, such as database
encryption. In a database, the secret key can be used only by the database to encrypt or
decrypt data.

Here are a few instances of where symmetric cryptography is used:

 Payment applications, such as bank purchases, where personally identifiable

information (PII) must be secured to avoid identity theft or fraudulent charges
  Validations are performed to ensure that the sender of a message is who he appears to
be.
 Hashing or random number creation
4. ASYMMETRIC KEY CRYPTOGRAPHY
Asymmetric cryptography, better known as public-key cryptography, encrypts and decrypts a
message using a pair of similar keys. In asymmetric key cryptography, the private key is kept
by one public key and one private key — to prevent unauthorized entry or usage. Anybody
can use a public key to encrypt a document so that only the expected receiver can decrypt it
with their private key. A private key or secret key is only known to the key’s generator.

When anyone tries to submit an encrypted message, they will use a shared directory to
retrieve the recipient’s public key and use it to encrypt the message until submitting it. The
message will then be decrypted by the receiver using their associated private key. 

However, when the sender encrypts the message using their private key, the message may
only be decrypted using the sender’s public key, thus authenticating the sender. These
encryption and decryption procedures are automatic; users don’t need to lock and unlock the
message manually.

Numerous protocols, including the transport layer security (TLS) and safe sockets layer
(SSL) protocols that allow HTTPS, depend on asymmetric cryptography. Encryption is often
used in browsers that need to create a stable link over an unstable network, such as the
Internet, or to verify a digital signature.

The key advantage of asymmetric cryptography is increased data security. Since users are
never expected to disclose or exchange their private keys, the risks of cyber activity on a
user’s private key during transmission are reduced.

5. WHAT IS THE PURPOSE OF ASYMMETRIC ENCRYPTION?

Asymmetric encryption uses: Asymmetric cryptography is often used to check the
authenticity of data using digital signatures. A digital signature is a cryptographic technique
for verifying the validity and credibility of a message, software, or digital record. It’s the
equivalent of an in-person signature or a sealed seal in digital form.
 Digital signatures, which are based on asymmetric cryptography, may include proof of the
origin, identification, and status of an electronic record, transaction, or post, as well as
acknowledge the signer’s informed consent.

You can also use asymmetric encryption in applications where many users can encrypt and
decode messages, such as:

Encrypted email entails using a public key to encrypt a file and a private key to

decode it.
 Asymmetric encryption is often used in the SSL/TSL cryptographic protocols, which
provide encrypted connections between websites and browsers.
 Asymmetric encryption is used for Bitcoin and other cryptocurrencies when
consumers provide public keys that everybody will use and private keys held hidden.
Bitcoin employs a cryptographic algorithm to guarantee that only the funds belonging
to rightful owners can be spent.
Symmetric Key Cryptography Asymmetric Key Cryptography
There is just one key (symmetric key) used, and it is
the same key used to encrypt and decrypt theFor encryption and decryption, two different cryptographic keys
message. (asymmetric keys), known as the public and private keys, are used.
Since it is a straightforward procedure, the encryption It is a much more complex and time-consuming mechanism than
method can be completed easily. symmetric key encryption.
Key lengths are usually 128 or 256 bits, depending onThe key length is even greater; for asymmetric encryption
the security criteria. example, the recommended RSA key size is 2048 bits or higher.
It is also called secret-key cryptography or private keyAsymmetric key is also called a conventional cryptography system
cryptography. or public-key cryptography.
Represented mathematically as:P=D(K,E(P))  Represented mathematically as:P=D(Kd,E(Ke,P)) 
It uses fewer resources than an asymmetric key cipher
uses. It consumes more resources than symmetric key cryptography.
It is used where massive amounts of data may beIt is mainly used in smaller transactions to authenticate and create
transmitted. a stable contact channel before data transfer.
The secret key is shared. As a result, the likelihood ofSince the private key is not shared, the overall process is more
compromise is increased. reliable than symmetric encryption.
Symmetric encryption is an old technique. Asymmetric encryption is relatively new.
RC4, AES, DES, 3DES, and other algorithms areRSA, Diffie-Hellman, ECC, and other asymmetric encryption
examples. algorithms are examples.

 Each unspent transaction output (UTXO) in the Bitcoin ledger is usually associated
with a public key. So, suppose user A needs to give user B some money and has a
 UTXO associated with his public key. In that case, he uses his private key to sign a
contract that spends the UTXO and makes a new UTXO associated with user B’s
public key.
6. WHAT IS THE DIFFERENCE BETWEEN SYMMETRIC KEY CRYPTOGRAPHY
AND ASYMMETRIC KEY CRYPTOGRAPHY?
So, when it comes to the difference between symmetric and asymmetric encryption, which
one is more secure? Asymmetric encryption is more stable than symmetric encryption, but it
is slower. They’re both powerful in their own ways, and depending on the job at hand, one or
both may be used individually or together.

The table below compares symmetric and asymmetric encryption in greater detail. Some of
these variations are due to the different types of keys used, and others are due to the length of
time it takes to compute the encryption methods.

7. WHAT ARE THE ADVANTAGES AND DISADVANTAGES OF SYMMETRIC AND

ASYMMETRIC KEY CRYPTOGRAPHY?
Symmetric Key Cryptography
The versatility of the symmetric encryption method is its most significant advantage.
However, the versatility of symmetric encryption algorithms is not without flaws — it suffers
from a problem known as “key distribution.” 

Advantages
 A symmetric cryptosystem is more effective.
 Encrypted data can be transmitted over a network in Symmetric Cryptosystems even
though it is certain that the data would be intercepted. Since no key is sent with the
files, the chances of data decryption are zero.
 To confirm the receiver’s existence, a symmetric cryptosystem employs password
authentication.
 A message can only be decrypted by a device that has a hidden key.
 Prevents widespread message protection breaches. For communicating with each
party, a separate secret key is used. Only communications from a specific pair of
sender and recipient are impacted when a key is corrupted. Communication with
others is always safe.
 This type of encryption is simple to implement. All users need to do is specify and
exchange the secret key until they can begin encrypting and decrypting messages.
 Encrypt and decrypt your files. There is no need to build separate keys if you use
encryption for messages or data that you wish to access just once. For this, single-key
encryption is ideal.
  Symmetric key encryption is much faster than asymmetric key encryption.
 Uses fewer computer resources. As opposed to public-key encryption, single-key
encryption needs fewer computing resources.
Disadvantages
 Key transportation is a concern in symmetric cryptosystems. The secret key must be
sent to the receiving device before the final message is sent. Electronic
communication is unreliable, and no one can guarantee the communication networks
will not be tapped. As a result, the only safe method of sharing keys will be to do it in
person.
 It is not possible to have digital signatures that cannot be revoked.
 The message’s origin and validity cannot be assured. Messages cannot be proven to
have originated from a specific person since both sender and recipient use the same
key. If there is a disagreement, this may be a challenge.
 For communication between each different party, a new shared key must be created.
This poses a challenge with handling and securing both of these keys.
8. ASYMMETRIC KEY CRYPTOGRAPHY
Asymmetric encryption is an alternative mode of cryptography that helps overcome the major
distribution issues that arise due to the symmetric encryption process. As with all the other
aspects of the world, everything has a cost — and asymmetric encryption is no exception. In
this scenario, the cost is reduced by speed and computing resources due to the use of longer
keys in this encryption algorithm. As a result, asymmetric encryption is deemed slower but
more reliable than symmetric encryption.

Advantages
 There is no need to exchange keys in asymmetric or public key cryptography,
eliminating the key distribution issue.
 The main benefit of public-key cryptography is improved security: private keys are
never exchanged or exposed to others.
 May provide digital signatures that can be revoked.
 Message verification is provided by public-key cryptography, which requires the use
of digital signatures, which allows the receiver of a message to check that the message
is actually from a specific sender.
 The usage of digital signatures in public-key cryptography helps the recipient to
determine whether or not the message was altered during transit. A digitally signed
message cannot be altered without rendering the signature null.
 Signing a message digitally is analogous to physically signing a document. Since it is
an acknowledgement of the message, the sender cannot reject it.
Disadvantages
  One drawback of using public-key cryptography for encryption is the lack of speed.
Popular secret-key encryption systems are substantially quicker than any commonly
accessible public-key encryption technique.
 Authentication of public keys is recommended/required. No one can be certain that a
public key corresponds to the individual it identifies, so everybody must verify that
their public keys are theirs.
 It consumes more computer resources. It necessitates much more computing resources
than single-key encryption.
 A widespread security breach is likely if an intruder obtains a person’s private key
and reads his or her entire message.
 The loss of a private key can be irreversible. When a private key is lost, all incoming
messages cannot be decrypted.
While asymmetric cryptography is more advanced than symmetric cryptography, both are
still in use today — and are often used in tandem. This is because each solution has its
advantages and disadvantages. There are two significant trade-offs between symmetric and
asymmetric cryptography: speed and security. 

Since it does not include the exchange of keys, asymmetric encryption is thought to be more
reliable. A user’s private key is never revealed or shared. Symmetric encryption takes longer
than symmetric encryption and is generally a slower process. However, this is not a
significant disadvantage, and it is commonly used to encrypt data where confidentiality is the
primary concern.

CONCLUSION
Keeping large-scale symmetric encryption systems operational is a challenge. This is
particularly true where the corporate or IT infrastructure is decentralized/geographically
dispersed, and we want to achieve banking-grade protection and audibility. It is advised that
specific software be used to ensure the appropriate life-cycle for and key generated to do this
correctly. 

Apart from SSL, a variation of each of these strategies is seen in various other situations.
End-to-end encryption is utilized for messaging apps like Signal and WhatsApp, where
asymmetric encryption is used to initialize the secure communication channel, and symmetric
encryption is used for the rest of the conversation. When it comes to encryption, the more
recent schemes are not always the perfect fit. 
Indeed, as cryptography evolves, modern algorithms are being built to keep up with
eavesdroppers and secure knowledge to improve secrecy. In the coming years, hackers would
undoubtedly make it difficult for experts but you can expect more from the cryptographic
world!

steganography

Steganography is the technique of hiding secret data within an ordinary, non-secret, file or
message in order to avoid detection; the secret data is then extracted at its destination. The
use of steganography can be combined with encryption as an extra step for hiding or
protecting data. The word steganography is derived from the Greek
words steganos (meaning hidden or covered) and the Greek root graph (meaning to write).

Steganography can be used to conceal almost any type of digital content, including text,
image, video or audio content; the data to be hidden can be hidden inside almost any other
type of digital content. The content to be concealed through steganography -- called hidden
text -- is often encrypted before being incorporated into the innocuous-seeming cover text file
or data stream. If not encrypted, the hidden text is commonly processed in some way in order
to increase the difficulty of detecting the secret content.
What are examples for steganography?
Steganography is practiced by those wishing to convey a secret message or code. While there
are many legitimate uses for steganography, malware developers have also been found to use
steganography to obscure the transmission of malicious code.

Forms of steganography have been used for centuries and include almost any technique for
hiding a secret message in an otherwise harmless container. For example, using invisible ink
to hide secret messages in otherwise inoffensive messages; hiding documents recorded on
microdot -- which can be as small as 1 millimeter in diameter -- on or inside legitimate-
seeming correspondence; and even by using multiplayer gaming environments to share
information.
How is steganography used today?
In modern digital steganography, data is first encrypted or obfuscated in some other way and
then inserted, using a special algorithm, into data that is part of a particular file format such
as a JPEG image, audio or video file. The secret message can be embedded into ordinary data
files in many different ways. One technique is to hide data in bits that represent the same
color pixels repeated in a row in an image file. By applying the encrypted data to this
redundant data in some inconspicuous way, the result will be an image file that appears
identical to the original image but that has "noise" patterns of regular, unencrypted data.

The practice of adding a watermark -- a trademark or other identifying data hidden in

multimedia or other content files -- is one common use of steganography. Watermarking is a
technique often used by online publishers to identify the source of media files that have been
found being shared without permission.

While there are many different uses of steganography, including embedding sensitive
information into file types, one of the most common techniques is to embed a text file into an
image file. When this is done, anyone viewing the image file should not be able to see a
difference between the original image file and the encrypted file; this is accomplished by
storing the message with less significant bites in the data file. This process can be completed
manually or with the use of a steganography tool.
What are the advantages of steganography over cryptography?
Steganography is distinct from cryptography, but using both together can help improve the
security of the protected information and prevent detection of the secret communication. If
steganographically-hidden data is also encrypted, the data may still be safe from detection --
though the channel will no longer be safe from detection. There are advantages to using
steganography combined with encryption over encryption-only communication.

The primary advantage of using steganography to hide data over encryption is that it helps
obscure the fact that there is sensitive data hidden in the file or other content carrying the
hidden text. Whereas an encrypted file, message or network packet payload is clearly marked
and identifiable as such, using steganographic techniques helps to obscure the presence of the
secure channel.
Steganography software
Steganography software is used to perform a variety of functions in order to hide data,
including encoding the data in order to prepare it to be hidden inside another file, keeping
track of which bits of the cover text file contain hidden data, encrypting the data to be hidden
and extracting hidden data by its intended recipient.

There are proprietary as well as open source and other free-to-use programs available for
doing steganography. OpenStego is an open source steganography program; other programs
can be characterized by the types of data that can be hidden as well as what types of files that
data can be hidden inside. Some online steganography software tools include Xiao
Steganography, used to hide secret files in BMP images or WAV files; Image Steganography,
a Javascript tool that hides images inside other image files; and Crypture, a command line
tool that is used to perform steganography.

What is Steganography?
Steganography is the art and science of embedding secret messages in a cover message
in such a way that no one, apart from the sender and intended recipient, suspects the
existence of the message 

The diagram below depicts a basic steganographic model.

As the image depicts, both cover file(X) and secret message(M) are fed into
steganographic encoder as input. Steganographic Encoder function, f(X,M,K)
embeds the secret message into a cover file. Resulting Stego Object looks very
similar to your cover file, with no visible changes. This completes encoding. To
retrieve the secret message, Stego Object is fed into Steganographic Decoder.

Steganography Tutorial: Historical Background

Steganography is the practice of concealing a secret message behind a normal
message. It stems from two Greek words, which are steganos, means covered
and graphia, means writing. Steganography is an ancient practice, being
practiced in various forms for thousands of years to keep communications
private. For Example:

 The first use of steganography can be traced back to 440 BC when ancient
Greece, people wrote messages on wood and covered it with wax, that acted as a
covering medium
  Romans used various forms of Invisible Inks, to decipher those hidden messages
light or heat were used
 During World War II the Germans introduced microdots, which were complete
documents, pictures, and plans reduced in size to the size of a dot and were
attached to normal paperwork
 Null Ciphers were also used to hide unencrypted secret messages in an innocent
looking normal message

Now, we have a lot of modern steganographic techniques and tools to make

sure that knows our data remains secret. Now you might be wondering if
steganography is same as cryptography. No, they are two different concepts and
this steganography tutorial presents you the main differences between them.

How is Steganography different from Cryptography?

At their core, both of them have almost the same goal, which is protecting a
message or information from the third parties. However, they use a totally
different mechanism to protect the information. 

Cryptography changes the information to ciphertext which cannot be

understood without a decryption key. So, if someone were to intercept this
encrypted message, they could easily see that some form of encryption had
been applied. On the other hand, steganography does not change the format of
the information but it conceals the existence of the message. 

STEGANOGRAPHY CRYPTOGRAPHY

It is a technique to hide the existence of It’s a technique to convert data into

Definition
communication incomprehensible form

Purpose Keep communication secure Provide data protection

Data
Never Always
Visibility

Data
Doesn’t alter the overall structure of data Alters the overall structure of data
Structure

Key Optional, but offers more security if used Necessary requirement

 If you possess the decryption key, the
Once the presence of a secret message is
Failure can figure out original message from
discovered, anyone can use the secret data
ciphertext

So, in other words, steganography is more discreet than cryptography when we

want to send confidential information. The downside being, the hidden message
is easier to extract if the presence of secret is discovered. For the remainder of
this steganography tutorial, we will learn about different steganography
techniques and tools.

Steganography Techniques
Depending on the nature of the cover object(actual object in which secret data is
embedded), steganography can be divided into five types:

1. Text Steganography
2. Image Steganography
3. Video Steganography
4. Audio Steganography
5. Network Steganography

Let’s explore each of them in detail.

Text Steganography

Text Steganography is hiding information inside the text files. It involves things

like changing the format of existing text, changing words within a text,
generating random character sequences or using context-free grammars to
generate readable texts. Various techniques used to hide the data in the text
are:

 Format Based Method

 Random and Statistical Generation
 Linguistic Method

Image Steganography

Hiding the data by taking the cover object as the image is known as image
steganography.  In digital steganography, images are widely used cover source
because there are a huge number of bits present in the digital representation of
an image. There are a lot of ways to hide information inside an image. Common
approaches include:

 Least Significant Bit Insertion

 Masking and Filtering
  Redundant Pattern Encoding
 Encrypt and Scatter
 Coding and Cosine Transformation

Audio Steganography

In audio steganography, the secret message is embedded into an audio signal

which alters the binary sequence of the corresponding audio file. Hiding secret
messages in digital sound is a much more difficult process when compared to
others, such as Image Steganography. Different methods of audio
steganography include:

 Least Significant Bit Encoding

 Parity Encoding
 Phase Coding
 Spread Spectrum

This method hides the data in WAV, AU, and even MP3 sound files.

Video Steganography

In Video Steganography you can hide kind of data into digital video format. The
advantage of this type is a large amount of data can be hidden inside and the
fact that it is a moving stream of images and sounds. You can think of this as the
combination of Image Steganography and Audio Steganography. Two main
classes of Video Steganography include:

 Embedding data in uncompressed raw video and compressing it later

 Embedding data directly into the compressed data stream

Network Steganography (Protocol Steganography)

It is the technique of embedding information within network control protocols used in

data transmission such TCP, UDP, ICMP etc. You can use steganography in some covert
channels that you can find in the OSI model. For Example, you can hide information in
the header of a TCP/IP packet in some fields that are either optional.

In today’s digitalized world, various software tools are available for

Steganography. In the remainder of this Steganography Tutorial, we will explore
some of the popular steganographic tools and their capabilities. 

Best Tools to Perform Steganography

There are many software available that offer steganography. Some offer normal
steganography, but a few offer encryption before hiding the data. These are the
steganography tools which are available for free:
  Stegosuite is a free steganography tool which is written in Java. With Stegosuite
you can easily hide confidential information in image files.
 Steghide  is an open source Steganography software that lets you hide a secret
file in image or audio file.
 Xiao Steganography  is a free software that can be used to hide data in BMP
images or in WAV files.
 SSuite Picsel  is another free portable application to hide text inside an image file
but it takes a different approach when compared to other tools.
 OpenPuff is a professional steganographic tool where you can store files in
image, audio, video or flash files

Well, these are few tools to perform steganography. There are many other
different tools with different capabilities. However, you will get the desired
results from these tools.

So, we have reached the end of Steganographic Tutorial. Steganography was

developed for secure communication. However, criminals and terrorist
organizations are using this for their own purpose. So, understanding how to
hide data steganography, and prevent that data from being misused, can be
very helpful for both attack and defence.

KEY RANGE AND KEY SIZE:

• The concept of key range and key-size are related to each other. Key Range is total number of
keys from smallest to largest available key. An attacker usually is armed with the knowledge of
the cryptographic algorithm and the encrypted message, so only the actual key value remains the
challenge for the attacker.
• If the key is found, the attacker can get original plaintext message. In the brute force attack,
every possible key in the key-range is tried, until we get the right key.
• In the best case, the right key is found in the first attempt, in the worst case, the key is found in
the last attempt. On an average, the right key is found after trying half of the possible keys in the
key-range. Therefore, by expanding the key range to a large extent, longer it will take for an
attacker to find the key using brute-force attack.
• The concept of key range leads to the principle of key size. The strength of a cryptographic key
is measured with the key size
• Key size is measured in bits and is represented using binary number system. Thus, if the key
range from 0 to 8, then the key size is 3 bits or in other words we can say if the size is bits then
the key range is 0 to 256. Key size may be varying, depending upon the applications and the
cryptographic algorithm being used, it can be 40 bits, 56 bits, 128 bits & so on. In order to protect
the cipher-text against the brute-force attack, the key-size should be such that the attacker cannot
crack it within a specified amount of time.
• From a practical viewpoint, a 40-bit key takes about 3 hours to crack, however a 41-bit key
would take 6 hours and 42-bit key would take 12 hours & so on. This means every additional bit
doubles the amount of time required to crack the key. We can assume that 128-bit key is quite
safe, considering the capabilities of today’s computers. However, as the computing power and
techniques improve, these numbers will change in future.

Possible types of Attacks

Attacks: Types of Attacks with Examples, and
How to Defend Against Them
In cryptography, the goal of the attacker is to break the secrecy of the
encryption and learn the secret message and, even better, the secret key.
There are dozens of different types of attacks that have been developed
against different types of cryptosystems with varying levels of
effectiveness. Some are easily understandable while others may require an
advanced degree in mathematics to comprehend. In this post, we'll be
discussing some of the more common attacks and why they may or may
not work against different types of ciphers.

Brute-Force Attack
The simplest attack on a cipher is the brute force attack. In this attack, an
attacker simply tries to decrypt the message with each possible secret key
and checks the result of the decryption to see if it makes sense. Given
enough time and computational resources, this attack is guaranteed to
work since the true secret key has to be within the set of possible secret
keys and the attacker will eventually try it and (hopefully) realize that the
resulting plaintext is the correct one.

Modern ciphers protect themselves against brute force attacks by using a

secret key that is long enough to make guessing all of the possibilities
impossible. For example, the longest available key length of the AES cipher
(described in another post) is 256 bits, which means there are 2256 possible
AES keys. By contrast, there are an estimated 2266 atoms in the observable
universe. Needless to say, no existing computer can search that size of a
keyspace in a reasonable amount of time.

Man-in-the-Middle Attack
The Man-in-the-Middle (MitM) attack assumes that an attacker, Eve, can
insert herself in the communication channel between Alice and Bob, who
are trying to talk to one another. When Alice sends a message to Bob, Eve
intercepts it before it reaches him. In a successful MitM attack, Eve can
decrypt the intercepted message, read and possibly modify it, and then
pass it on to Bob.

To pull off a Man-in-the-Middle attack, Eve typically needs to be able to

convince Alice that Eve is Bob and Bob that Eve is Alice. Eve will then
independently establish a separate secret key with each party and, when a
message is moving from Alice to Bob, decrypts using her key for Alice and
reencrypt using her key for Bob. As long as Eve controls the only
communication channel between Alice and Bob, the MitM attack is
undetectable.

Replay Attack
A replay attack is when an attacker replays a valid session between a
legitimate user and some form of server. In this attack, Eve captures every
piece of traffic between the user, Alice, and the server, Bob, during normal
operation. Later, the attacker resends the first piece of traffic and waits for
Bob's response before sending the next piece, and so on. If Bob does not
implement some protection against replay attacks, Eve may be able to
achieve a valid session with Bob while masquerading as Alice.

For example, assume that Alice is buying something from Bob's online
store. The entire transaction process is encrypted, but Eve is able to make
a copy of each stage of the communication between Alice and Bob. At the
end of Alice's transaction, she has successfully purchased one bicycle.
Now, Eve can begin to replay Alice's session with Bob. From Bob's
perspective, Eve is actually Alice purchasing another bicycle from his store.
Eve does not need to decrypt any of the traffic to perform a replay attack or
even know what is going on, but she does have the ability to cause issues
for Alice by draining her bank account or credit card and causing a large
number of bicycles to arrive at her residence.

To protect against replay attacks, many people who use ciphers in daily life
(like Bob's store) will generate a random number to be included in each
session. This way, if Bob sends the number to Alice and Alice sends it
back, Bob can check that it is the expected number for the given session.
When Eve attempts to replay Alice's session, she will provide the random
number from Alice's session rather than the number for her replayed
session and Bob will reject the transaction.

Side-Channel Attacks
Side-channel attacks are attacks that use unintended side effects of
cryptographic operations to glean information about the plaintext and/or
secret key being processed. In the two types of attacks described here, the
electrical power used by a computer while performing encryption/decryption
and the time it takes to perform these operations are used to help
determine the secret key.
Power Analysis Attack
Computers need power to run. The amount of power used and how long
the power is used for can vary based upon the operations performed.
When a cryptographic algorithm is being run on a computer, this may
reveal information about the data being processed by the algorithm.

An example of a power analysis attack on a cryptographic algorithm is

Simple Power Analysis (SPA) of the RSA algorithm. In the RSA algorithm,
the secret key is used as the power in an exponentiation operation. A
simple way of performing this step is using the square-and-multiply
algorithm. In square-and-multiply, the exponent (secret key) is represented
in binary and walked through from most significant bit to least significant bit.
If a bit is a zero, the current value is squared. If a bit is a one, the current
value is squared and then multiplied by the base.

The difference between the operations performed for a zero bit and a one
bit in the secret key makes a side-channel attack on this version of RSA
possible. The Figure above shows a power trace of a computer running an
RSA operation. The rise on the left indicates a squaring operation (a bit
value of zero) while the rise on the right indicates a square and multiple
operation (a bit value of one) since it is longer than the left one. Given the
power trace of an RSA implementation using square-and-multiply and no
protections, it is possible to read the value of the secret key off of the
image.

Timing Attack
A timing attack on a cryptographic algorithm exploits the fact that the
algorithm may take different amounts of time to run with different plaintexts
or secret keys.

An example of a timing attack is the checking of a password during login to

a secure system. Unprotected systems will incrementally check each
character of the password for a match against the stored password and
return failure immediately upon discovering mismatched characters. An
attacker can try passwords starting with each of the possibilities for the first
character of the password and select the option with the longest execution
time (since it is the only case where the second character was also
checked). By repeating this process one character at a time, the complete
password can be built by the attacker.