UNIT I CRYPTOGRAPHY & NETWORK SECURITY

INTRODUCTION TO CRYPTOGRAPHY: An original message is known as

the plaintext, while the coded message is called the ciphertext. The process of
converting from plaintext to ciphertext is known as enciphering or encryption;
restoring the plaintext from the ciphertext is deciphering or decryption. The many
schemes used for encryption constitute the area of study known as cryptography.
Such a scheme is known as a cryptographic system or a cipher. Techniques used
for deciphering a message without any knowledge of the enciphering details fall
into the area of cryptanalysis. Cryptanalysis is what the layperson calls “breaking
the code.”The areas of cryptography and cryptanalysis together are called
cryptology.
A symmetric encryption scheme has five ingredients:
Plaintext: This is the original intelligible message or data that is fed into the
algorithm as input.
Encryption algorithm: The encryption algorithm performs various substitutions
and transformations on the plaintext.
Secret key: The secret key is also input to the encryption algorithm.The key is a
value independent of the plaintext and of the algorithm. The algorithm will
produce a different output depending on the specific key being used at the time.The
exact substitutions and transformations performed by the algorithm depend on the
key.
Ciphertext: This is the scrambled message produced as output. It depends on the
plaintext and the secret key.
Decryption algorithm: This is essentially the encryption algorithm run in reverse.
It takes the ciphertext and the secret key and produces the original plaintext.

1
Prof. Andleeb Sahar
UNIT I CRYPTOGRAPHY & NETWORK SECURITY

SECURITY GOALS
Three security goals: confidentiality, integrity, and availability.

Confidentiality
Confidentiality is probably the most common aspect of information security. We
need to protect our confidential information. An organization needs to guard
against those malicious actions that endanger the confidentiality of its information.
In the military, concealment of sensitive information is the major concern. In
industry, hiding some information from competitors is crucial to the operation of
the organization. In bank-ing, customers’ accounts need to be kept secret.
Confidentiality not only applies to the storage of the information, it also applies to
the transmission of information. When we send a piece of information to be stored
in a remote computer or when we retrieve a piece of information from a remote
computer, we need to conceal it during transmission.

Integrity
Information needs to be changed constantly. In a bank, when a customer deposits
or with-draws money, the balance of her account needs to be changed. Integrity
means that changes need to be done only by authorized entities and through
authorized mechanisms. Integrity violation is not necessarily the result of a
malicious act; an interruption in the system, such as a power surge, may also create
unwanted changes in some information.
Availability
The third component of information security is availability. The information
created and stored by an organization needs to be available to authorized entities.
Information is use-less if it is not available. Information needs to be constantly
changed, which means it must be accessible to authorized entities. The
unavailability of information is just as harmful for an organization as the lack of
2
Prof. Andleeb Sahar
UNIT I CRYPTOGRAPHY & NETWORK SECURITY

confidentiality or integrity. Imagine what would happen to a bank if the customers

could not access their accounts for transactions.

ATTACKS
Our three goals of security- confidentiality, integrity, and availabilitycan be
threatened by security attacks. Although the literature uses different approaches to
categorizing the attacks, we will first divide them into three groups related to the
security goals. Later, we will divide them into two broad categories based on their
effects on the system.

Attacks Threatening Confidentiality

In general, two types of attacks threaten the confidentiality of information:
snooping and traffic analysis.
Snooping
Snooping refers to unauthorized access to or interception of data. For example, a
file transferred through the Internet may contain confidential information. An
unauthorized entity may intercept the transmission and use the contents for her
own benefit. To prevent snooping, the data can be made nonintelligible to the
intercepter by using encipherment techniques.

3
Prof. Andleeb Sahar
UNIT I CRYPTOGRAPHY & NETWORK SECURITY

Traffic Analysis
Although encipherment of data may make it nonintelligible for the intercepter, she
can obtain some other type information by monitoring online traffic. For example,
she can find the electronic address (such as the e-mail address) of the sender or the
receiver. She can collect pairs of requests and responses to help her guess the
nature of transaction.

Attacks Threatening Integrity

The integrity of data can be threatened by several kinds of attacks: modification,
mas-querading, replaying, and repudiation.
Modification
After intercepting or accessing information, the attacker modifies the information
to make it beneficial to herself. For example, a customer sends a message to a bank
to do some transaction. The attacker intercepts the message and changes the type of
transaction to benefit herself. Note that sometimes the attacker simply deletes or
delays the message to harm the system or to benefit from it.
Masquerading
Masquerading, or spoofing, happens when the attacker impersonates somebody
else. For example, an attacker might steal the bank card and PIN of a bank
customer and pre-tend that she is that customer. Sometimes the attacker pretends
instead to be the receiver entity. For example, a user tries to contact a bank, but
another site pretends that it is the bank and obtains some information from the user.
Replaying
Replaying is another attack. The attacker obtains a copy of a message sent by a
user and later tries to replay it. For example, a person sends a request to her bank to
ask for pay-ment to the attacker, who has done a job for her. The attacker intercepts
the message and sends it again to receive another payment from the bank.
Repudiation
This type of attack is different from others because it is performed by one of the
two parties in the communication: the sender or the receiver. The sender of the

4
Prof. Andleeb Sahar
UNIT I CRYPTOGRAPHY & NETWORK SECURITY

message might later deny that she has sent the message; the receiver of the
message might later deny that he has received the message.
An example of denial by the sender would be a bank customer asking her bank to
send some money to a third party but later denying that she has made such a
request. An example of denial by the receiver could occur when a person buys a
product from a manufacturer and pays for it electronically, but the manufacturer
later denies having received the payment and asks to be paid.

Attacks Threatening Availability

Only one attack threatening availability: denial of service.
Denial of Service
Denial of service (DoS) is a very common attack. It may slow down or totally
interrupt the service of a system. The attacker can use several strategies to achieve
this. She might send so many bogus requests to a server that the server crashes
because of the heavy load. The attacker might intercept and delete a server’s
response to a client, making the client to believe that the server is not responding.
The attacker may also intercept requests from the clients, causing the clients to
send requests many times and overload the system.

Passive Versus Active Attacks

Passive Attacks
In a passive attack, the attacker’s goal is just to obtain information. This means that
the attack does not modify data or harm the system. The system continues with its
5
Prof. Andleeb Sahar
UNIT I CRYPTOGRAPHY & NETWORK SECURITY

normal operation. However, the attack may harm the sender or the receiver of the
message. Attacks that threaten confidentiality- snooping and traffic analysis-are
passive attacks. The revealing of the information may harm the sender or receiver
of the message, but the system is not affected. For this reason, it is difficult to
detect this type of attack until the sender or receiver finds out about the leaking of
confidential information. Passive attacks, however, can be prevented by
encipherment of the data.

Active Attacks
An active attack may change the data or harm the system. Attacks that threaten the
integrity and availability are active attacks. Active attacks are normally easier to
detect than to prevent, because an attacker can launch them in a variety of ways.

SERVICES AND MECHANISMS

Security Services

It is easy to relate one or more of these services to one or more of the security
goals. It is also easy to see that these services have been designed to prevent the
security attacks.
Data Confidentiality
Data confidentiality is designed to protect data from disclosure attack. The service
is very broad and encompasses confidentiality of the whole message or part of a
message and also protection against traffic analysis. That is, it is designed to
prevent snooping and traffic analysis attack.

6
Prof. Andleeb Sahar
UNIT I CRYPTOGRAPHY & NETWORK SECURITY

Data Integrity
Data integrity is designed to protect data from modification, insertion, deletion, and
replaying by an adversary. It may protect the whole message or part of the
message.
Authentication
This service provides the authentication of the party at the other end of the line. In
connection-oriented communication, it provides authentication of the sender or
receiver during the connection establishment (peer entity authentication). In
connectionless communication, it authenticates the source of the data (data origin
authentication).
Nonrepudiation
Nonrepudiation service protects against repudiation by either the sender or the
receiver of the data. In nonrepudiation with proof of the origin, the receiver of the
data can later prove the identity of the sender if denied. In nonrepudiation with
proof of delivery, the sender of data can later prove that data were delivered to the
intended recipient.
Access Control
Access control provides protection against unauthorized access to data. The term
access in this definition is very broad and can involve reading, writing, modifying,
executing programs, and so on.

7
Prof. Andleeb Sahar
UNIT I CRYPTOGRAPHY & NETWORK SECURITY

Security Mechanisms

Encipherment
Encipherment, hiding or covering data, can provide confidentiality. It can also be
used to complement other mechanisms to provide other services. Today two
techniques- cryptography and steganography are used for enciphering.
Data Integrity
The data integrity mechanism appends to the data a short checkvalue that has been
created by a specific process from the data itself. The receiver receives the data and
the checkvalue. He creates a new checkvalue from the received data and compares
the newly created checkvalue with the one received. If the two checkvalues are the
same, the integrity of data has been preserved.
Digital Signature
A digital signature is a means by which the sender can electronically sign the data
and the receiver can electronically verify the signature. The sender uses a process
that involves showing that she owns a private key related to the public key that she
has announced publicly. The receiver uses the sender’s public key to prove that the
message is indeed signed by the sender who claims to have sent the message.
Authentication Exchange
In authentication exchange, two entities exchange some messages to prove their
identity to each other. For example, one entity can prove that she knows a secret
that only she is supposed to know.

8
Prof. Andleeb Sahar
UNIT I CRYPTOGRAPHY & NETWORK SECURITY

Traffic Padding
Traffic padding means inserting some bogus data into the data traffic to thwart the
adversary’s attempt to use the traffic analysis.
Routing Control
Routing control means selecting and continuously changing different available
routes between the sender and the receiver to prevent the opponent from
eavesdropping on a particular route.
Notarization
Notarization means selecting a third trusted party to control the communication
between two entities. This can be done, for example, to prevent repudiation. The
receiver can involve a trusted party to store the sender request in order to prevent
the sender from later denying that she has made such a request.
Access Control
Access control uses methods to prove that a user has access right to the data or
resources owned by a system. Examples of proofs are passwords and PINs.

Relation between Services and Mechanisms

Table shows the relationship between the security services and the security
mechanisms. The table shows that three mechanisms (encipherment, digital
signature, and authentication exchange) can be used to provide authentication. The
table also shows that encipherment mechanism may be involved in three services
(data confidentiality, data integrity, and authentication).

9
Prof. Andleeb Sahar
UNIT I CRYPTOGRAPHY & NETWORK SECURITY

Mathematics of Cryptography:
The division relationship (a = q × n + r) has two inputs (a and n) and two outputs
(q and r). In modular arithmetic, we are interested in only one of the outputs, the
remainder r. We don’t care about the quotient q.

Modulo Operator
The above-mentioned binary operator is called the modulo operator and is shown
as mod. The second input (n) is called the modulus. The output r is called the
residue.

the modulo operator (mod) takes an integer (a) from the set Z and a positive
modulus (n). The operator creates a nonnegative residue (r).
Example: Dividing 27 by 5 results in r = 2. This means that 27 mod 5 = 2.

Congruence
The result of 2 mod 10 = 2, 12 mod 10 = 2, 22 mod 2 = 2, and so on. In modular
arithmetic, integers like 2, 12, and 22 are called congruent mod 10. To show that
two integers are congruent, we use the congruence operator (≡). We add the phrase
(mod n) to the right side of the congruence to define the value of modulus that
makes the relationship valid.

Inverses
When we are working in modular arithmetic, we often need to find the inverse of a
number relative to an operation.
Additive Inverse

10
Prof. Andleeb Sahar
UNIT I CRYPTOGRAPHY & NETWORK SECURITY

In modular arithmetic, each integer has an additive inverse. The sum of an integer
and its additive inverse is congruent to 0 modulo n. In Zn, two numbers a and b are
additive inverses of each other if
a + b ≡ 0 (mod n)
Example:
Multiplicative Inverse
In modular arithmetic, an integer may or may not have a multiplicative inverse.
When it does, the product of the integer and its multiplicative inverse is congruent
to 1 modulo n.

In Zn, two numbers a and b are the multiplicative inverse of each other if
a × b ≡ 1 (mod n)
Example: (1 × 1) mod 10 = 1
(3 × 7) mod 10 = 1

MATRICES
A matrix is a rectangular array of l × m elements, in which l is the number of rows
and m is the number of columns.
If a matrix has only one row (l = 1), it is called a row matrix; if it has only one
column (m = 1), it is called a column matrix. In a square matrix, in which there
is the same number of rows and columns (l = m).

11
Prof. Andleeb Sahar
UNIT I CRYPTOGRAPHY & NETWORK SECURITY

Multiplication
We can multiply two matrices of different sizes if the number of columns of the
first matrix is the same as the number of rows of the second matrix.
If A is an l × m matrix and B is an m × p matrix, the product of the two is a matrix
C of size l × p.

Greatest Common Divisor

One integer often needed in cryptography is the greatest common divisor of two
positive integers. Two positive integers may have many common divisors, but only
one greatest common divisor.
For example, the common divisors of 12 and 140 are 1, 2, and 4.
However, the greatest common divisor is 4.

Euclidean Algorithm
Finding the greatest common divisor (gcd) of two positive integers by listing all
common divisors is not practical when the two integers are large.
The Euclidean algorithm is based on the following two facts:
Fact 1: gcd (a, 0) = a
Fact 2: gcd (a, b) = gcd (b, r), where r is the remainder of dividing a by b

12
Prof. Andleeb Sahar
UNIT I CRYPTOGRAPHY & NETWORK SECURITY

The first fact tells us that if the second integer is 0, the greatest common divisor is
the first one. The second fact allows us to change the value of a, b until b becomes
0.
Example: Find the greatest common divisor of 25 and 60.

We have gcd (25, 65) = 5.

The Extended Euclidean Algorithm
Given two integers a and b, we often need to find other two integers, s and t, such
that s × a + t × b = gcd (a, b)
The extended Euclidean algorithm can calculate the gcd (a, b) and at the same time
calculate the value of s and t.
The extended Euclidean algorithm uses the same number of steps as the Euclidean
algorithm. However, in each step, we use three sets of calculations and exchanges
instead of one.
Example:
Given a = 161 and b = 28, find gcd (a, b) and the values of s and t.

We get gcd (161, 28) = 7, s = −1 and t = 6.

13
Prof. Andleeb Sahar
UNIT I CRYPTOGRAPHY & NETWORK SECURITY

Traditional Ciphers
Traditional symmetric-key ciphers can be devided into two broad categories:
substitution ciphers and transposition ciphers. In a substitution cipher, we
replace one symbol in the ciphertext with another symbol; in a transposition cipher,
we reorder the position of symbols in the plaintext.

SUBSTITUTION CIPHERS
A substitution cipher replaces one symbol with another. If the symbols in the
plaintext are alphabetic characters, we replace one character with another. For
example, we can replace letter A with letter D, and letter T with letter Z.
Substitution ciphers can be categorized as either monoalphabetic ciphers or
polyalphabetic ciphers.

1)Monoalphabetic Ciphers
In monoalphabetic substitution, a character (or a symbol) in the plaintext is always
changed to the same character (or symbol) in the cipher text regardless of its
position in the text. For example, if the algorithm says that letter A in the plaintext
is changed to letter D, every letter A is changed to letter D. In other words, the
relationship between letters in the plaintext and the cipher text is one-to-one.
i)Additive Cipher
The simplest monoalphabetic cipher is the additive cipher. This cipher is
sometimes called a shift cipher and sometimes a Caesar cipher, but the term
additive cipher better reveals its mathematical nature. Assume that the plaintext
consists of lowercase letters (a to z), and that the ciphertext consists of uppercase
letters (A to Z). To be able to apply mathematical operations on the plaintext and
ciphertext, we assign numerical values to each letter (lower- or uppercase).

14
Prof. Andleeb Sahar
UNIT I CRYPTOGRAPHY & NETWORK SECURITY

Each character (lowercase or uppercase) is assigned an integer in Z26. The secret

key between Alice and Bob is also an integer in Z26. The encryption algorithm
adds the key to the plaintext character; the decryption algorithm subtracts the key
from the ciphertext character. All operations are done in Z26.

Example: Use the additive cipher with key = 15 to encrypt the message “hello”.
Plaintext: h → 07 Encryption: (07 + 15) mod 26 Ciphertext: 22 → W
Plaintext: e → 04 Encryption: (04 + 15) mod 26 Ciphertext: 19 → T
Plaintext: l → 11 Encryption: (11 + 15) mod 26 Ciphertext: 00 → A
Plaintext: l → 11 Encryption: (11 + 15) mod 26 Ciphertext: 00 → A
Plaintext: o → 14 Encryption: (14 + 15) mod 26 Ciphertext: 03 → D
The result is Cipher Text= WTAAD

Shift Cipher
Historically, additive ciphers are called shift ciphers. The reason is that the
encryption algorithm can be interpreted as “shift key characters down” and the
encryption algorithm can be interpreted as “shift key character up”. For example, if
the key = 15, the encryption algorithm shifts 15 characters down (toward the end of
the alphabet). The decryption algorithm shifts 15 characters up (toward the
beginning of the alphabet). Of course, when we reach the end or the beginning of
the alphabet, we wrap around (manifestation of modulo 26).
Caesar Cipher
Julius Caesar used an additive cipher to communicate with his officers. For this
reason, additive ciphers are sometimes referred to as the Caesar cipher. Caesar used
a key of 3 for his communications.

15
Prof. Andleeb Sahar
UNIT I CRYPTOGRAPHY & NETWORK SECURITY

Additive ciphers are sometimes referred to as shift ciphers or Caesar cipher.

Cryptanalysis
Additive ciphers are vulnerable to ciphertext-only attacks using exhaustive key
searches (brute-force attacks). The key domain of the additive cipher is very small;
there are only 26 keys. However, one of the keys, zero, is useless (the ciphertext is
the same as the plaintext). This leaves only 25 possible keys. Eve can easily launch
a brute force attack on the ciphertext.

ii)Multiplicative Ciphers
In a multiplicative cipher, the encryption algorithm specifies multiplication of the
plaintext by the key and the decryption algorithm specifies division of the
ciphertext by the key.

Example: We use a multiplicative cipher to encrypt the message “hello” with a key
of 7.
Plaintext: h → 07 Encryption: (07 × 07) mod 26 ciphertext: 23 → X
Plaintext: e → 04 Encryption: (04 × 07) mod 26 ciphertext: 02 → C
Plaintext: l → 11 Encryption: (11 × 07) mod 26 ciphertext: 25 → Z
Plaintext: l → 11 Encryption: (11 × 07) mod 26 ciphertext: 25 → Z
Plaintext: o → 14 Encryption: (14 × 07) mod 26 ciphertext: 20 → U
The ciphertext is “XCZZU”.

iii) Monoalphabetic Substitution Cipher

Because additive, multiplicative cipher have small key domains, they are very
vulnerable to brute-force attack. After Alice and Bob agreed to a single key, that
key is used to encrypt each letter in the plaintext or decrypt each letter in the
ciphertext.
16
Prof. Andleeb Sahar
UNIT I CRYPTOGRAPHY & NETWORK SECURITY

In other words, the key is independent from the letters being transferred.
A better solution is to create a mapping between each plaintext character and the
corresponding ciphertext character. Alice and Bob can agree on a table showing the
mapping for each character.
Figure shows an example of such a mapping.

Plain text- this message is easy to encrypt but hard to find the key
Cipher text- ICFVQRVVNEFVRNVSIYRGAHSLIOJICNHTIYBFGTICRXRS
Cryptanalysis
The size of the key space for the monoalphabetic substitution cipher is 26! (almost
4 × 1026). This makes a brute-force attack extremely difficult for Eve even if she is
using a powerful computer. However, she can use statistical attack based on the
frequency of characters. The cipher does not change the frequency of characters.

2)Polyalphabetic Ciphers
In polyalphabetic substitution, each occurrence of a character may have a different
substitute. The relationship between a character in the plaintext to a character in the
ciphertext is one-to-many. For example, “a” could be enciphered as “D” in the
beginning of the text, but as “N” at the middle. Polyalphabetic ciphers have the
advantage of hiding the letter frequency of the underlying language.

i)Playfair Cipher
The Playfair cipher used by the British army during World War I. The secret key in
this cipher is made of 25 alphabet letters arranged in a 5 × 5 matrix (letters I and J
are considered the same when encrypting).

17
Prof. Andleeb Sahar
UNIT I CRYPTOGRAPHY & NETWORK SECURITY

Different arrangements of the letters in the matrix can create many different secret
keys.
Dropped the letters in the matrix starting from the top right-hand corner.
The key is keyword

The matrix is constructed by filling in the letters of the keyword (minus duplicates)
from left to right and from top to bottom, and then filling in the remainder of the
matrix with the remaining letters in alphabetic order. The letters I and J count as
one letter.

Note: If a key has duplicate alphabets, then fill those alphabets only once in
the matrix
Before encryption, if the two letters in a pair are the same, a bogus letter is inserted
to separate them.
After inserting bogus letters, if the number of characters in the plaintext is odd, one
extra bogus character is added at the end to make the number of characters even.
Now, break the plain text into a pair of alphabets.
Plain Text: meet me tomorrow
Pair: me et me to mo rx ro wz

The cipher uses three rules for encryption:

18
Prof. Andleeb Sahar
UNIT I CRYPTOGRAPHY & NETWORK SECURITY

a. If the two letters in a pair are located in the same row of the secret key, the
corresponding encrypted character for each letter is the next letter to the right in the
same row (with wrapping to the beginning of the row if the plaintext letter is the
last character in the row).
b. If the two letters in a pair are located in the same column of the secret key, the
corresponding encrypted character for each letter is the letter beneath it in the same
column (with wrapping to the beginning of the column if the plaintext letter is the
last character in the column).
c. If the two letters in a pair are not in the same row or column of the secret, the
corresponding encrypted character for each letter is a letter that is in its own row
but in the same column as the other letter.
Therefore, the cipher text will be nk ku nk zk sk bt ck ox

Hill Cipher
In a Hill cipher, the key is a square matrix of size m × m in which m is the size of
the block.
Example:
We have to encrypt the message ‘ACT’ (n=3).
The key is ‘GYBNQKURP’ which can be written as the n * n matrix:

The message ‘ACT’ is written as vector:

19
Prof. Andleeb Sahar
UNIT I CRYPTOGRAPHY & NETWORK SECURITY

The enciphered vector is given as:

Therefore, the cipher text will be POH

Therefore, the cipher text will be POH

Transposition Cipher
A transposition cipher does not substitute one symbol for another, instead it
changes the location of the symbols. A symbol in the first position of the plaintext
may appear in the tenth position of the ciphertext. A symbol in the eighth position
in the plaintext may appear in the first position of the ciphertext.

Keyless Transposition Ciphers

There are two methods for permutation of characters. In the first method, the text is
written into a table column by column and then transmitted row by row. In the
second method, the text is written into the table row by row and then transmitted
column by column.

20
Prof. Andleeb Sahar
UNIT I CRYPTOGRAPHY & NETWORK SECURITY

i)Rail Fence Cipher

A good example of a keyless cipher using the first method is the rail fence cipher.
In this cipher, the plaintext is arranged in two lines as a zigzag pattern (which
means column by column); the ciphertext is created reading the pattern row by
row.
For example, to send the message “Meet me at the park” to Bob, Alice writes

She then creates the ciphertext “MEMATEAKETETHPR” by sending the first row
followed by the second row.
Bob receives the ciphertext and divides it in half. The first half forms the first row;
the second half, the second row. Bob reads the result in zigzag. Because there is no
key and the number of rows is fixed (2), the cryptanalysis of the ciphertext would
be very easy for Eve.

ii) Transposition Cipher

A more complex scheme is to write the message in a rectangle, row by row, and
read the message off, column by column, but permute the order of the columns.
The order of the columns then becomes the key to the algorithm.
For example,

21
Prof. Andleeb Sahar
UNIT I CRYPTOGRAPHY & NETWORK SECURITY

Thus, in this example, the key is 4312567. To encrypt, start with the column that is
labeled 1, in this case column 3. Write down all the letters in that column. Proceed
to column 4, which is labeled 2, then column 2, then column 1, then columns 5, 6,
and 7.
The transposition cipher can be made significantly more secure by performing
more than one stage of transposition. The result is a more complex permutation
that is not easily reconstructed. Thus, if the foregoing message is reencrypted using
the same algorithm.

2 Columnar/ Double Transposition :

Key: 4 3 1 2 5 6 7
Input:
N S C Y A U O
P T T W L T M
D N A O I E P
A X T T O K Z

Output: CTATYWOTSTNXNPDAALIOUTEKOMPZ

22
Prof. Andleeb Sahar
UNIT I CRYPTOGRAPHY & NETWORK SECURITY

QUESTION BANK
1. Define cryptography in network security. What do you understand by
service, mechanism and attacks related to the cryptography with an example.

2. Write a short note on polyalphabetic ciphers with an example.

3. Encrypt the message "Money helps to build infrastructure" using Hill cipher

with the key Show your calculations and result.

4. Explain columnar cipher techniques with example.

5. Distinguish between monoalphabetic and polyalphabetic cipher with

example of each

6. Explain different security services with example

7. Encrypt following statement using

i) railfence technique and ii) 2-Columnar technique
"Hardwork makes a man perfect”

8. Describe conventional encryption model. What are the requirements for

secure use of conventional encryption?

23
Prof. Andleeb Sahar