Unit-1
Introduction to Cryptography
Cryptography is the practice and study of techniques for securing communication and data from
adversaries. The term "cryptography" comes from the Greek words "kryptos" (hidden) and "grapho"
(writing), meaning "hidden writing." The fundamental goal of cryptography is to ensure the confidentiality,
integrity, authenticity, and non-repudiation of information.
Key Concepts in Cryptography
1. Confidentiality: Ensuring that information is only accessible to those authorized to view it. This is
often achieved through encryption, where data is transformed into an unreadable format and can
only be read by someone who has the proper decryption key.
2. Integrity: Ensuring that information remains unaltered during transmission or storage. Hash
functions and digital signatures are commonly used to verify the integrity of data.
3. Authentication: Verifying the identity of a user, system, or entity. Authentication ensures that the
parties involved in a communication are who they claim to be.
4. Non-repudiation: Preventing the denial of an action or event. Digital signatures provide a way to
prove that a specific party performed a particular action, such as sending a message or completing
a transaction.
Types of Cryptography
1. Symmetric Key Cryptography:
o Both the sender and receiver share the same secret key for both encryption and
decryption.
o Example: Advanced Encryption Standard (AES), Data Encryption Standard (DES).
o Key challenge: Securely distributing the secret key.ss
2. Asymmetric Key Cryptography:
o Involves a pair of keys: a public key and a private key. The public key encrypts data, and
only the corresponding private key can decrypt it.
o Example: RSA (Rivest-Shamir-Adleman), Elliptic Curve Cryptography (ECC).
o Key advantage: No need to securely share the private key; only the public key needs to be
distributed.
3. Hash Functions:
o These are algorithms that take input (or 'message') and return a fixed-size string of bytes,
typically a hash code or digest. Hash functions are one-way functions, meaning that you
cannot revert the hash to the original input.
1
� o Common examples include SHA-256 (Secure Hash Algorithm) and MD5 (though MD5 is no
longer considered secure).
4. Digital Signatures:
o A digital signature is a cryptographic technique used to verify the authenticity and
integrity of a message. It is generated using the sender's private key and can be verified
by anyone using the sender's public key.
5. Public Key Infrastructure (PKI):
o A framework for managing digital keys and certificates that enables secure
communication using asymmetric cryptography. PKI uses a system of trusted certificate
authorities (CAs) to verify the identity of parties involved in communication.
Applications of Cryptography
• Secure Communication: Cryptography is used to secure online communication through protocols
like HTTPS, which encrypts data between the browser and the server.
• Digital Payments: Cryptography is fundamental to securing online banking and payment systems.
• Data Protection: File encryption ensures that sensitive data, whether on a device or in the cloud,
is protected from unauthorized access.
• Blockchain and Cryptocurrencies: Blockchain technology, the backbone of cryptocurrencies like
Bitcoin, relies heavily on cryptographic techniques for transaction verification and security.
Introduction to Security Attacks
In the context of computer security and cryptography, a security attack refers to any attempt by a
malicious actor to exploit vulnerabilities in a system, network, or application to gain unauthorized access
to data, disrupt services, or cause harm to the system. The goal of these attacks can range from stealing
sensitive information to causing financial losses or disrupting the normal functioning of an organization.
Understanding these attacks is vital for designing effective defense mechanisms and protecting systems
against unauthorized access and damage.
Types of Security Attacks
Security attacks can be categorized based on the nature of the threat, the attack method, and the targeted
aspect of the system. Some common categories include:
1. Passive Attacks
• Definition: These attacks involve eavesdropping or monitoring transmissions to gain information
without affecting the system’s operations or integrity.
• Example: Intercepting communication over an insecure channel, like listening to an unencrypted
email or network transmission.
2
� • Goal: To gain sensitive information, such as passwords or private communications, without
altering data or raising alarms.
Types of Passive Attacks:
• Eavesdropping (Sniffing): The attacker silently listens to the data flow between two parties.
• Traffic Analysis: Analyzing patterns of communication to infer sensitive information, even without
decrypting the messages.
2. Active Attacks
• Definition: These attacks actively interfere with or alter the system's operation or the data flow.
• Example: Modifying transmitted data, sending malicious requests, or initiating Denial-of-Service
(DoS) attacks.
• Goal: To disrupt, damage, or manipulate systems or data to achieve a malicious outcome.
Types of Active Attacks:
• Modification of Data: The attacker alters the data being transmitted or stored, leading to incorrect
or corrupted information.
• Denial of Service (DoS): Overloading a system or network with excessive requests, preventing
legitimate users from accessing services.
• Man-in-the-Middle (MitM): The attacker intercepts and potentially alters communication
between two parties, making them think they are directly communicating with each other.
3. Cryptographic Attacks
• Definition: These attacks specifically target the cryptographic systems in place, such as encryption
algorithms, keys, or digital signatures, to break the security of encrypted data.
• Example: Trying to decrypt ciphertext without the key or forge digital signatures.
• Goal: To bypass encryption and obtain access to confidential data.
Common Cryptographic Attacks:
• Brute Force Attack: Trying all possible combinations to break encryption or crack passwords.
• Cryptanalysis: Using mathematical techniques to break or weaken encryption algorithms.
• Replay Attack: Intercepting and resending valid messages to trick the system into accepting
malicious or duplicated actions.
4. Network-Based Attacks
• Definition: These attacks exploit vulnerabilities in the network infrastructure to gain unauthorized
access or disrupt operations.
3
� • Example: Attacking a website's network with a DDoS (Distributed Denial of Service) attack to
overwhelm its servers.
Common Network-Based Attacks:
• DDoS (Distributed Denial of Service): Attackers use a network of compromised devices (often
referred to as a botnet) to flood a target with traffic, making it unavailable to legitimate users.
• Session Hijacking: Taking over a session between two parties to impersonate one of them.
• DNS Spoofing: Redirecting domain name system (DNS) requests to malicious servers, often used
for phishing or malware distribution.
5. Social Engineering Attacks
• Definition: These attacks target the human element of security, manipulating individuals into
divulging sensitive information or performing unsafe actions.
• Example: Phishing emails or phone calls asking for login credentials or personal details.
• Goal: To deceive the user into providing sensitive information or access that allows the attacker to
exploit vulnerabilities.
Common Social Engineering Techniques:
• Phishing: Sending fraudulent emails that appear to come from legitimate sources to steal sensitive
information such as passwords, credit card numbers, or Social Security numbers.
• Pretexting: Creating a false pretext or story to convince someone to give up information (e.g.,
pretending to be a bank representative).
• Baiting: Offering something enticing (like free software) to persuade individuals into downloading
malware or giving away information.
6. Insider Attacks
• Definition: These attacks are carried out by individuals within the organization, such as employees,
contractors, or business partners, who abuse their authorized access to systems and data.
• Example: A disgruntled employee leaking confidential company data or sabotaging internal
systems.
• Goal: To cause harm to the organization, steal data, or damage its reputation.
Types of Insider Attacks:
• Data Theft: Stealing sensitive or proprietary data, often for financial gain or corporate espionage.
• Sabotage: Intentionally damaging systems, data, or operations, leading to service disruptions or
data loss.
7. Physical Attacks
4
� • Definition: These attacks involve direct physical access to devices or networks, where attackers
may steal, damage, or tamper with hardware or infrastructure.
• Example: Installing keyloggers on a computer, stealing a laptop, or tampering with physical
network cables.
• Goal: To access sensitive data or disrupt system operation by exploiting physical vulnerabilities.
Preventing and Mitigating Security Attacks
Preventing security attacks requires a multi-layered approach that combines technical controls,
awareness, and best practices. Some essential defense measures include:
• Encryption: To protect data confidentiality and integrity during transmission and storage.
• Firewalls and Intrusion Detection Systems (IDS): To monitor and block suspicious traffic.
• Authentication and Access Control: Using strong passwords, multi-factor authentication, and
least privilege access controls to prevent unauthorized access.
• Security Awareness: Educating users about social engineering and phishing attacks to reduce the
likelihood of falling victim to them.
• Regular Software Updates and Patching: Keeping systems up-to-date to fix vulnerabilities that
could be exploited by attackers.
• Backup and Disaster Recovery Plans: Ensuring data is regularly backed up and that there is a plan
in place to restore it in the event of an attack, such as ransomware.
Services and Mechanisms in Security
In the context of computer security, services and mechanisms are two critical concepts that help ensure
the protection of data, systems, and networks. They work together to provide secure communication,
safeguard integrity, and prevent unauthorized access.
• Security Services refer to the high-level goals or features that are intended to achieve a certain
aspect of security.
• Security Mechanisms are the tools or methods used to implement these services.
Let's explore both in more detail:
1. Security Services
Security services define the objectives or security goals that need to be achieved in a system. These
services are essentially what security systems aim to provide to protect the integrity, confidentiality, and
availability of data and systems.
5
�Key Security Services
1. Confidentiality:
o Goal: Ensures that information is only accessible to authorized users and entities.
o Mechanisms: Encryption, access control lists (ACLs), and secure communication protocols
(e.g., HTTPS).
2. Integrity:
o Goal: Ensures that information remains unaltered during transmission or storage. Data
cannot be modified in an unauthorized manner.
o Mechanisms: Hash functions, checksums, digital signatures, and message authentication
codes (MACs).
3. Authentication:
o Goal: Verifies the identity of the parties involved in communication or data access.
o Mechanisms: Username/password pairs, biometric systems, certificates, and two-factor
authentication (2FA).
4. Non-Repudiation:
o Goal: Ensures that a party cannot deny the authenticity of their actions (e.g., sending a
message, initiating a transaction).
o Mechanisms: Digital signatures, audit trails, and secure logging.
5. Access Control:
o Goal: Ensures that only authorized users and systems can access specific resources.
o Mechanisms: Role-based access control (RBAC), mandatory access control (MAC), and
discretionary access control (DAC).
6. Availability:
o Goal: Ensures that services, resources, and data are available and usable when needed,
even in the face of attacks or failures.
o Mechanisms: Redundancy, load balancing, backups, and denial-of-service attack
prevention (e.g., DDoS protection).
7. Accountability:
o Goal: Ensures that actions taken by users can be traced back to them, and that the system
can hold users responsible for their actions.
o Mechanisms: Logging, auditing, and access tracking.
6
�2. Security Mechanisms
Security mechanisms are the concrete tools or techniques used to implement the security services. These
mechanisms can be hardware, software, or both, and are designed to enforce security policies and
services.
Common Security Mechanisms
1. Cryptographic Mechanisms:
o Encryption: Transforming data into a format that cannot be read by unauthorized users.
For example, AES for encrypting data and RSA for encrypting communication.
o Hashing: Generating a fixed-length value (hash) from input data, which helps to verify data
integrity (e.g., SHA-256).
o Digital Signatures: Using public-key cryptography to provide authenticity and non-
repudiation of messages or transactions.
2. Authentication Mechanisms:
o Passwords: A simple mechanism for user authentication where a secret combination of
characters is used.
o Multi-Factor Authentication (MFA): A mechanism that requires multiple forms of identity
verification, such as something the user knows (password), something the user has (token
or phone), or something the user is (biometric data).
o Biometric Authentication: Using biological characteristics such as fingerprints, retina
scans, or facial recognition for user authentication.
3. Access Control Mechanisms:
o Access Control Lists (ACLs): A list defining who can access certain resources and what
actions they can perform (e.g., read, write, execute).
o Role-Based Access Control (RBAC): Assigning permissions based on the roles users have
within an organization.
o Mandatory Access Control (MAC): A policy where access to resources is determined by
system-enforced rules, often used in high-security environments.
4. Intrusion Detection and Prevention Mechanisms:
o Intrusion Detection Systems (IDS): Tools designed to detect unauthorized access or
anomalies in the system or network.
o Intrusion Prevention Systems (IPS): Mechanisms that not only detect but also prevent or
block unauthorized access or malicious activities in real-time.
o Firewalls: Network security systems that monitor and control incoming and outgoing
network traffic based on predetermined security rules.
7
� 5. Non-Repudiation Mechanisms:
o Digital Signatures: Cryptographic signatures that are unique to the sender, ensuring that
a sender cannot deny sending a message.
o Audit Trails: A mechanism that logs all actions and accesses in a system to provide
evidence for accountability and non-repudiation.
6. Backup and Recovery Mechanisms:
o Data Backups: Regularly copying data to a secure storage location to ensure recovery in
case of data loss due to attacks or disasters.
o Disaster Recovery Planning: Mechanisms designed to restore systems and data after a
major disruption (e.g., ransomware attacks, hardware failures).
7. Anomaly Detection Mechanisms:
o Behavioral Analysis: Monitoring user behavior to detect anomalies or suspicious actions
that may indicate a security breach.
o Heuristic Analysis: Using predefined patterns to detect potentially malicious activities
based on historical data.
8. Network Security Mechanisms:
o VPNs (Virtual Private Networks): Creating secure, encrypted connections over public
networks to ensure private communication.
o Proxy Servers: Intermediaries that allow access to resources while hiding the client's
identity and adding a layer of security.
Relationship Between Services and Mechanisms
• Security Services describe the high-level goals or objectives that need to be met, such as
confidentiality, integrity, and authentication.
• Security Mechanisms are the practical, technological implementations or techniques that enforce
these security goals.
For example, the service of confidentiality (ensuring only authorized users can access information) can be
achieved through encryption (mechanism), while the service of authentication (verifying the identity of a
user) may use passwords or biometrics as the mechanism.
Conventional Encryption: Classical Techniques and Cryptanalytic Attacks
Conventional encryption, also known as symmetric encryption, refers to encryption systems where the
same key is used for both encrypting and decrypting the message. In this form of encryption, the sender
and receiver must share a secret key in advance, and this key must be kept confidential. Conventional
8
�encryption was the foundation of cryptography for centuries, and classical techniques laid the groundwork
for modern encryption systems.
Classical Encryption Techniques
Classical encryption techniques are some of the earliest forms of encryption, developed long before
modern cryptographic systems. They mainly relied on the manual encoding and decoding of messages.
Let’s explore a few key classical encryption techniques:
1. Caesar Cipher
• Description: One of the simplest and oldest encryption techniques. In the Caesar cipher, each
letter in the plaintext is shifted by a certain number of places down or up the alphabet. For
example, with a shift of 3, 'A' would be replaced by 'D', 'B' by 'E', and so on.
• Example: Using a shift of 3:
o Plaintext: HELLO
o Ciphertext: KHOOR
2. Substitution Cipher
• Description: In a substitution cipher, each letter or group of letters in the plaintext is replaced by
another letter, number, or symbol. The key for a substitution cipher is the set of mappings between
plaintext letters and ciphertext letters.
• Types:
o Monoalphabetic Substitution: Each letter in the plaintext is replaced by one letter from
the ciphertext alphabet.
o Polyalphabetic Substitution: Multiple cipher alphabets are used to encrypt the plaintext,
making it harder to break.
• Example: If the alphabet is shifted by a specific pattern, 'A' could map to 'Q', 'B' to 'W', etc.
3. Transposition Cipher
• Description: In a transposition cipher, the order of the characters in the plaintext is rearranged
according to a specific system or rule. This does not change the letters themselves but alters their
positions.
• Example: For the plaintext "HELLO WORLD" and a key that splits the message into two parts, we
could rearrange it as "HLO WL RD O".
4. Vigenère Cipher
• Description: The Vigenère cipher is a method of encrypting alphabetic text by using a series of
Caesar ciphers based on the letters of a keyword. It is a more advanced form of the substitution
cipher and uses a key word that determines the shift for each letter of the plaintext.
• Key: A word or phrase used to encrypt the plaintext.
9
� • Example:
o Plaintext: HELLO
o Key: KEY
o Ciphertext: RIJVS
5. Playfair Cipher
• Description: The Playfair cipher encrypts digraphs (pairs of letters) instead of single letters. It uses
a 5x5 matrix filled with letters of the alphabet (excluding one letter, typically 'J', which is combined
with 'I') and encrypts digraphs by replacing them with other digraphs based on the positions in
the matrix.
• Example:
o Plaintext: HELLO
o Digraphs: HE LL O
o After applying the Playfair cipher rules to the matrix, the ciphertext is generated.
Cryptanalytic Attacks on Classical Encryption
Cryptanalysis refers to the study of methods used to break encryption systems or find weaknesses in their
design. While classical encryption techniques were effective for their time, many of them are vulnerable
to various cryptanalytic attacks. Here are some common types of attacks used against classical encryption
systems:
1. Brute Force Attack
• Description: A brute force attack involves trying every possible key until the correct one is found.
For classical ciphers like the Caesar cipher, this is relatively easy since there are only a limited
number of possible keys (e.g., 26 for a Caesar cipher).
• Example: In the Caesar cipher, if the key is a shift of 3, a brute force attacker would try all 25
possible shifts until the plaintext message is revealed.
2. Frequency Analysis
• Description: Frequency analysis is a technique used against substitution ciphers (especially
monoalphabetic ciphers) by studying the frequency of letters or groups of letters in the ciphertext.
Certain letters appear more frequently in natural languages (e.g., 'E' in English), so identifying
these patterns can help break the cipher.
• Example: In a simple substitution cipher, if a certain letter in the ciphertext occurs more often than
others, it might correspond to 'E' in the plaintext.
10
�3. Known-Plaintext Attack
• Description: In this type of attack, the attacker has access to both the plaintext and the
corresponding ciphertext and tries to derive the key or cipher system. This can help reveal the
mechanism of the cipher and crack the encryption.
• Example: If the attacker knows that a specific word (e.g., "HELLO") is part of the message, they
can use this known plaintext to help decrypt the rest of the ciphertext.
4. Chosen-Plaintext Attack
• Description: In this attack, the attacker can choose a plaintext and obtain its corresponding
ciphertext. This allows the attacker to study how the encryption system works and possibly deduce
the encryption key.
• Example: The attacker can encrypt several chosen plaintexts and compare the ciphertexts to learn
patterns in the cipher.
5. Ciphertext-Only Attack
• Description: In this attack, the attacker only has access to the ciphertext and must attempt to
deduce the plaintext and the encryption key. Frequency analysis and pattern recognition are often
employed in ciphertext-only attacks.
• Example: In classical ciphers like the Caesar cipher, a ciphertext-only attack might rely on the
statistical properties of language, such as the frequency of letter pairings.
6. Meet-in-the-Middle Attack
• Description: This attack is often applied to double encryption (e.g., two layers of Caesar ciphers).
The attacker encrypts plaintext with all possible keys and simultaneously decrypts ciphertext with
all possible keys to find a match in the middle.
• Example: In the case of two encryption layers, this reduces the time complexity of brute-force
searching.
7. Polygraphic Attacks
• Description: These attacks target ciphers that encrypt multiple characters at once, such as the
Vigenère cipher or Playfair cipher. In polygraphic ciphers, the attacker might exploit the patterns
in digraphs or trigraphs to recover the key or plaintext.
8. Algebraic Attacks
• Description: These are more sophisticated attacks that attempt to solve for the key using algebraic
methods, often targeting ciphers that can be expressed mathematically, such as affine ciphers or
other more complex substitution ciphers.
11
