CRYPTOGRAPHY AND

NETWORK SECURITY
22CSE230
Module 1
Prepared by:
Dr Suriya Prakash J
Dept of CSE
JAIN (Deemed-to-be University)
Computer Security Concepts
Computer security refers to protecting and securing computers and their
related data, networks, software, hardware from unauthorized access,
misuse, theft, information loss, and other security issues.
Technology is growing day by day and the entire world is in its grasp.
We cannot imagine even a day without electronic devices around us.
With the use of this growing technology, invaders, hackers and thieves
are trying to harm our computer’s security for monetary gains,
recognition purposes, ransom demands, bullying others, invading into
other businesses, organizations, etc. In order to protect our system from
all these risks, computer security is important.
 Three key objectives of computer security:
1.Confidentiality: Preserving authorized restrictions on information access and disclosure, including means for protecting
personal privacy and proprietary information. A loss of confidentiality is the unauthorized disclosure of information. This term
covers two related concepts:
Data confidentiality: Assures that private or confidential information is not made available or disclosed to unauthorized
individuals.

Privacy: Assures that individuals control or influence what information related to them may be collected and stored and by
whom and to whom that information may be disclosed.

2.Integrity: Guarding against improper information modification or destruction, including ensuring information nonrepudiation
and authenticity. A loss of integrity is the unauthorized modification or destruction of information.This term covers two related
concepts:
Data integrity: Assures that information (both stored and in transmitted packets) and programs are changed only in a specified
and authorized manner.

System integrity: Assures that a system performs its intended function in an unimpaired manner, free from deliberate or
inadvertent unauthorized manipulation of the system.

3.Availability: Ensuring timely and reliable access to and use of information. A loss of availability is the disruption of access to
or use of information or an information system .Assures that systems work promptly and service is not denied to authorized
users.
Types of computer security
• 1. Cyber Security: Cyber security means securing our computers, electronic
devices, networks , programs, systems from cyber attacks. Cyber attacks are those
attacks that happen when our system is connected to the Internet.
• 2. Information Security: Information security means protecting our system’s
information from theft, illegal use and piracy from unauthorized use. Information
security has mainly three objectives: confidentiality, integrity, and availability of
information.
• 3. Application Security: Application security means securing our applications and
data so that they don’t get hacked and also the databases of the applications remain
safe and private to the owner itself so that user’s data remains confidential.
• 4. Network Security: Network security means securing a network and protecting
the user’s information about who is connected through that network. Over the
network hackers steal, the packets of data through sniffing and spoofing attacks,
man in the middle attack, war driving, etc, and misuse the data for their benefits.
 Types of cyber attack
• 1. Denial of service attack or DOS: A denial of service attack is a kind of cyber attack in which the attackers disrupt the services of the particular
network by sending infinite requests and temporary or permanently making the network or machine resources unavailable to the intended audience.
• 2. Backdoor: In a backdoor attack, malware, trojan horse or virus gets installed in our system and start affecting it’s security along with the main file.
Consider an example: suppose you are installing free software from a certain website on the Internet. Now, unknowingly, along with this software, a
malicious file also gets installed, and as soon as you execute the installed software that file’s malware gets affected and starts affecting your computer
security. This is known as a backdoor.
• 3.Eavesdropping: Eavesdropping refers to secretly listening to someone’s talk without their permission or knowledge. Attackers try to steal,
manipulate, modify, hack information or systems by passively listening to network communication, knowing passwords etc. A physical example would
be, suppose if you are talking to another person of your organization and if a third person listens to your private talks then he/ she is said to eavesdrop on
your conversation. Similarly, your conversation on the internet maybe eavesdropped by attackers listening to your private conversation by connecting to
your network if it is insecure.
• 4. Phishing: Phishing is pronounced as “fishing” and working functioning is also similar. While fishing, we catch fish by luring them with bait.
Similarly, in phishing, a user is tricked by the attacker who gains the trust of the user or acts as if he is a genuine person and then steals the information
by ditching. Not only attackers but some certain websites that seem to be genuine, but actually they are fraud sites. These sites trick the users and they
end up giving their personal information such as login details or bank details or card number etc. Phishing is of many types: Voice phishing, text
phishing etc.
• 5. Spoofing: Spoofing is the act of masquerading as a valid entity through falsification of data(such as an IP address or username), in order to gain
access to information or resources that one is otherwise unauthorized to obtain. Spoofing is of several types- email spoofing, IP address spoofing, MAC
spoofing , biometric spoofing etc.
• 6. Malware: Malware is made up of two terms: Malicious + Software = Malware. Malware intrudes into the system and is designed to damage our
computers. Different types of malware are adware, spyware, ransomware, Trojan horse, etc.
• 7. Social engineering: Social engineering attack involves manipulating users psychologically and extracting confidential or sensitive data from them
by gaining their trust. The attacker generally exploits the trust of people or users by relying on their cognitive basis.
• 8. Polymorphic Attacks: Poly means “many” and morph means “form”, polymorphic attacks are those in which attacker adopts multiple forms and
changes them so that they are not recognized easily. These kinds of attacks are difficult to detect due to their changing forms.
OSI security architecture
OSI (Open Systems Interconnection) security refers to a set of protocols,
standards, and techniques used to ensure the security of data and
communications in a network environment based on the OSI model. The
International Organisation for Standardisation (ISO) established this
model to provide a conceptual framework for understanding how different
networking protocols interact within a layered architecture.
Classification of OSI Security Architecture
The OSI (Open Systems Interconnection) Security Architecture defines
a systematic approach to providing security at each layer. It defines
security services and security mechanisms that can be used at each of
the seven layers of the OSI model to provide security for data
transmitted over a network. These security services and mechanisms
help to ensure the confidentiality, integrity, and availability of the
data. OSI architecture is internationally acceptable as it lays the flow of
providing safety in an organization. OSI Security Architecture focuses
on these concepts:
• Security Attack
• Security mechanism
• Security Service
 Security Attacks
• A security attack is an attempt by a person or entity to gain unauthorized access to disrupt or compromise the security of a system, network, or device. These are
defined as the actions that put at risk an organization’s safety. They are further classified into 2 sub-categories:

• Passive Attack: Attacks in which a third-party intruder tries to access the message/ content/ data being shared by the sender and receiver by keeping a close watch on
the transmission or eave-dropping the transmission is called Passive Attacks. These types of attacks involve the attacker observing or monitoring system, network, or
device activity without actively disrupting or altering it. Passive attacks are typically focused on gathering information or intelligence, rather than causing damage or
disruption. Here, both the sender and receiver have no clue that their message/ data is accessible to some third-party intruder. The message/ data transmitted remains in
its usual form without any deviation from its usual behavior. This makes passive attacks very risky as there is no information provided about the attack happening in
the communication process. Passive attacks are further divided into two parts based on their behavior:

• Eavesdropping: Eavesdropping involves the attacker intercepting and listening to communications between two or more parties without their knowledge or
consent. Eavesdropping can be performed using a variety of techniques, such as packet sniffing, or man-in-the-middle attacks.
• Traffic analysis: This involves the attacker analyzing network traffic patterns and metadata to gather information about the system, network, or device. Here
the intruder can’t read the message but only understand the pattern and length of encryption. Traffic analysis can be performed using a variety of techniques,
such as network flow analysis, or protocol analysis.
• Active Attacks: Active attacks refer to types of attacks that involve the attacker actively disrupting or altering system, network, or device activity. Active attacks are
typically focused on causing damage or disruption, rather than gathering information or intelligence. Here, both the sender and receiver have no clue that their message/
data is modified by some third-party intruder. The message/ data transmitted doesn’t remain in its usual form and shows deviation from its usual behavior. This makes
active attacks dangerous as there is no information provided of the attack happening in the communication process and the receiver is not aware that the data/ message
received is not from the sender. Active attacks are further divided into four parts based on their behavior:

• Masquerade: Masquerade is a type of attack in which the attacker pretends to be an authentic sender in order to gain unauthorized access to a system. This
type of attack can involve the attacker using stolen or forged credentials, or manipulating authentication or authorization controls in some other way.
• Replay: Replay is a type of active attack in which the attacker intercepts a transmitted message through a passive channel and then maliciously or fraudulently
replays or delays it at a later time.
• Modification of Message: Modification of Message involves the attacker modifying the transmitted message and making the final message received by the
receiver look like it’s not safe or non-meaningful. This type of attack can be used to manipulate the content of the message or to disrupt the communication
process.
• Denial of service (DoS): Denial of Service attacks involve the attacker sending a large volume of traffic to a system, network, or device in an attempt to
overwhelm it and make it unavailable to users.
 Security Mechanism
• The mechanism that is built to identify any breach of security or attack on the organization, is called a security
mechanism. Security Mechanisms are also responsible for protecting a system, network, or device against
unauthorized access, tampering, or other security threats.
• Encipherment (Encryption): Encryption involves the use of algorithms to transform data into a form that
can only be read by someone with the appropriate decryption key. Encryption can be used to protect data it is
transmitted over a network, or to protect data when it is stored on a device.

• Digital signature: Digital Signature is a security mechanism that involves the use of cryptographic
techniques to create a unique, verifiable identifier for a digital document or message, which can be used to
ensure the authenticity and integrity of the document or message.

• Traffic padding: Traffic Padding is a technique used to add extra data to a network traffic stream in an
attempt to obscure the true content of the traffic and make it more difficult to analyze.

• Routing control: Routing Control allows the selection of specific physically secure routes for specific data
transmission and enables routing changes, particularly when a gap in security is suspected.
3. Security Services
• Security services refer to the different services available for maintaining the security and safety of an
organization. They help in preventing any potential risks to security. Security services are divided into 5
types:
• Authentication: Authentication is the process of verifying the identity of a user or device in order to
grant or deny access to a system or device.

• Access control: Access Control involves the use of policies and procedures to determine who is
allowed to access specific resources within a system.

• Data Confidentiality: Data Confidentiality is responsible for the protection of information from being
accessed or disclosed to unauthorized parties.

• Data integrity: Data Integrity is a security mechanism that involves the use of techniques to ensure that
data has not been tampered with or altered in any way during transmission or storage.

• Non- repudiation: Non-repudiation involves the use of techniques to create a verifiable record of the
origin and transmission of a message, which can be used to prevent the sender from denying that they
sent the message.
Security attacks service mechanism
To assess the security needs of an organization effectively, the manager
responsible for security needs some systematic way of defining the
requirements for security and characterization of approaches to satisfy those
requirements. One approach is to consider three aspects of information
security:
Security attack – Any action that compromises the security of information
owned by an organization.
Security mechanism – A mechanism that is designed to detect, prevent or
recover from a security attack.
Security service – A service that enhances the security of the data processing
systems and the information transfers of an organization. The services are
intended to counter security attacks and they make use of one or more
security mechanisms to provide the service.
SECURITY MECHANISMS
One of the most specific security mechanisms in use is cryptographic techniques. Encryption or encryption-like
transformations of information are the most common means of providing security.
Some of the mechanisms are
1 Encipherment
2 Digital Signature
3 Access Control
SECURITY ATTACKS
There are four general categories of attack which are listed below.
Interruption
An asset of the system is destroyed or becomes unavailable or unusable. This is an attack on availability e.g.,
destruction of piece of hardware, cutting of a communication line or Disabling of file management system.
Interception
An unauthorized party gains access to an asset. This is an attack on confidentiality. Unauthorized party could be a
person, a program or a computer.e.g., wire tapping to capture data in the network, illicit copying of files Sender
Receiver Eavesdropper or forger
Modification
An unauthorized party not only gains access to but tampers with an
asset. This is an attack on integrity. e.g., changing values in data file,
altering a program, modifying the contents of messages being
transmitted in a network. Sender Receiver Eavesdropper or forger

Fabrication
An unauthorized party inserts counterfeit objects into the system. This
is an attack on authenticity. e.g., insertion of spurious message in a
network or addition of records to a file. Sender Receiver Eavesdropper
or forger
Fabrication Diagram
 A Model for Network Security Cont…

A security-related transformation on the information to be sent.

Examples include the encryption of the message, which scrambles the
message so that it is unreadable by the opponent, and the addition of a
code based on the contents of the message, which can be used to verify
the identity of the sender.
Some secret information shared by the two principals and, it is hoped,
unknown to the opponent. An example is an encryption key used in
conjunc-tion with the transformation to scramble the message before
transmission and unscramble it on reception.
A trusted third party may be needed to achieve secure transmission. For example, a third party may be
responsible for distributing the secret information to the two principals while keeping it from any opponent. Or a
third party may be needed to arbitrate disputes between the two principals concerning the authenticity of a
message transmission.

This general model shows that there are four basic tasks in designing a particular security service:

1. Design an algorithm for performing the security-related transformation. The algorithm should be such that an
opponent cannot defeat its purpose.
2. Generate the secret information to be used with the algorithm.
3.Develop methods for the distribution and sharing of the secret information.
4.Specify a protocol to be used by the two principals that makes use of the security algorithm and the secret
information to achieve a particular security service.
Viruses and worms are two examples of software attacks. Such attacks can be
introduced into a system by means of a disk that contains the unwanted logic
con-cealed in otherwise useful software. They can also be inserted into a system
across a network; this latter mechanism is of more concern in network security.

The security mechanisms needed to cope with unwanted access fall into two
broad categories (see Figure 1.5). The first category might be termed a
gatekeeper function. It includes password-based login procedures that are
designed to deny access to all but authorized users and screening logic that is
designed to detect and reject worms, viruses, and other similar attacks. Once
either an unwanted user or unwanted software gains access, the second line of
defense consists of a variety of internal controls that monitor activity and
analyze stored information In an attempt to detect the presence of unwanted
intruders. These issues are explored in Part Six.
Classical Encryption Techniques
There are Three Main Classical Encryption Techniques that are follows

•Caesar Cipher
•Play Fair Cipher
•Hill Cipher
Caesar Cipher

• The Caesar cipher is a simple encryption technique that was used by Julius
Caesar to send secret messages to his allies. It works by shifting the letters
in the plaintext message by a certain number of positions, known as the
“shift” or “key”. The Caesar Cipher technique is one of the earliest and
simplest methods of encryption techniques.
• It’s simply a type of substitution cipher, i.e., each letter of a given text is
replaced by a letter with a fixed number of positions down the alphabet. For
example with a shift of 1, A would be replaced by B, B would become C,
and so on. The method is apparently named after Julius Caesar, who
apparently used it to communicate with his officials.
Cryptography Algorithm For the Caesar
Cipher
• Thus to cipher a given text we need an integer value, known as a shift which
indicates the number of positions each letter of the text has been moved
down.
The encryption can be represented using modular arithmetic by first
transforming the letters into numbers, according to the scheme, A = 0, B =
1,…, Z = 25. Encryption of a letter by a shift n can be described
mathematically as.

• For example, if the shift is 3, then the letter A would be replaced by the
letter D, B would become E, C would become F, and so on. The alphabet is
wrapped around so that after Z, it starts back at A.

• Here is an example of how to use the Caesar cipher to encrypt the message
“HELLO” with a shift of 3:
Caesar Cipher Example:
•
H becomes K (shift 3 from H)
E becomes H (shift 3 from E)
L becomes O (shift 3 from L)
L becomes O (shift 3 from L)
O becomes R (shift 3 from O)

4.The encrypted message is now “KHOOR”.

To decrypt the message, you simply need to shift each letter back
by the same number of positions. In this case, you would shift
each letter in “KHOOR” back by 3 positions to get the original
message, “HELLO”.
Advantages

• Easy to implement and use thus, making suitable for beginners to learn
about encryption.

• Can be physically implemented, such as with a set of rotating disks or

a set of cards, known as a scytale, which can be useful in certain
situations.

• Requires only a small set of pre-shared information.

• Can be modified easily to create a more secure variant, such as by

using a multiple shift values or keywords.
Disadvantages

• It is not secure against modern decryption methods.

• Vulnerable to known-plaintext attacks, where an attacker has access to both the

encrypted and unencrypted versions of the same messages.

• The small number of possible keys means that an attacker can easily try all
possible keys until the correct one is found, making it vulnerable to a brute force
attack.

• It is not suitable for long text encryption as it would be easy to crack.

• It is not suitable for secure communication as it is easily broken.

• Does not provide confidentiality, integrity, and authenticity in a message.

Features of Caesar Cipher

1. Substitution cipher: The Caesar cipher is a type of substitution cipher, where each letter in the
plaintext is replaced by a letter some fixed number of positions down the alphabet.

2. Fixed key: The Caesar cipher uses a fixed key, which is the number of positions by which the letters
are shifted. This key is known to both the sender and the receiver.

3. Symmetric encryption: The Caesar cipher is a symmetric encryption technique, meaning that the
same key is used for both encryption and decryption.

4. Limited keyspace: The Caesar cipher has a very limited keyspace of only 26 possible keys, as there
are only 26 letters in the English alphabet.

5. Vulnerable to brute force attacks: The Caesar cipher is vulnerable to brute force attacks, as there
are only 26 possible keys to try.

6. Easy to implement: The Caesar cipher is very easy to implement and requires only simple
arithmetic operations, making it a popular choice for simple encryption tasks.
Rules for the Caesar Cipher
1. Choose a number between 1 and 25. This will be your “shift” value.
2. Write down the letters of the alphabet in order, from A to Z.
3. Shift each letter of the alphabet by the “shift” value. For example, if the shift
value is 3, A would become D, B would become E, C would become F, and
so on.
4. Encrypt your message by replacing each letter with the corresponding
shifted letter. For example, if the shift value is 3, the word “hello” would
become “khoor”.
5. To decrypt the message, simply reverse the process by shifting each letter
back by the same amount. For example, if the shift value is 3, the encrypted
message “khoor” would become “hello”.
Playfair Cipher
• The Playfair cipher was the first practical digraph substitution cipher.
The scheme was invented in 1854 by Charles Wheatstone but was
named after Lord Playfair who promoted the use of the cipher. In
playfair cipher unlike traditional cipher we encrypt a pair of
alphabets(digraphs) instead of a single alphabet.
• It was used for tactical purposes by British forces in the Second Boer
War and in World War I and for the same purpose by the Australians
during World War II. This was because Playfair is reasonably fast to
use and requires no special equipment.
Encryption Technique
• For the encryption process let us consider the following example:
PlainText: instruments
Key: monarchy
 The Playfair Cipher Encryption Algorithm:
• The Algorithm consists of 2 steps:

1. Generate the key Square(5×5):

1. The key square is a 5×5 grid of alphabets that acts as the key for encrypting the plaintext. Each of the 25 alphabets must be unique and one letter of the
alphabet (usually J) is omitted from the table (as the table can hold only 25 alphabets). If the plaintext contains J, then it is replaced by I.

2. The initial alphabets in the key square are the unique alphabets of the key in the order in which they appear followed by the remaining letters of the alphabet in
order.

2. Algorithm to encrypt the plain text: The plaintext is split into pairs of two letters (digraphs). If there is an odd number of letters, a Z is added
to the last letter. For Eg

PlainText: "instruments“

After Split: 'in' 'st' 'ru' 'me' 'nt' 'sz'

1. Pair cannot be made with same letter. Break the letter in single and
add a bogus letter to the previous letter.
• Plain Text: “hello”
• After Split: ‘he’ ‘lx’ ‘lo’
• Here ‘x’ is the bogus letter.
2. If the letter is standing alone in the process of pairing, then add an
extra bogus letter with the alone letter
• Plain Text: “helloe”
• After Split: ‘he’ ‘lx’ ‘lo’ ‘ez’
• Here ‘z’ is the bogus letter.
Rules for Encryption:
• If both the letters are in the same column: Take the letter below
each one (going back to the top if at the bottom).
• If both the letters are in the same row: Take the letter to the right of
each one (going back to the leftmost if at the rightmost position).
• If neither of the above rules is true: Form a rectangle with the two
letters and take the letters on the horizontal opposite corner of the
rectangle.
Play fair Encryption for PT: “instruments”
Play Fair Cipher Encrypted Result:
Plain Text: "instrumentsz"
Encrypted Text: gatlmzclrqtx
Encryption:
i -> g
n -> a
s -> t
t -> l
r -> m
u -> z
m -> c
e -> l
n -> r
t -> q
s -> t
z -> x
Hill Cipher
• Hill cipher is a polygraphic substitution cipher based on linear
algebra.Each letter is represented by a number modulo 26. Often the
simple scheme A = 0, B = 1, …, Z = 25 is used, but this is not an
essential feature of the cipher. To encrypt a message, each block of n
letters (considered as an n-component vector) is multiplied by an
invertible n × n matrix, against modulus 26. To decrypt the message,
each block is multiplied by the inverse of the matrix used for
encryption.
The matrix used for encryption is the cipher key, and it should be
chosen randomly from the set of invertible n × n matrices (modulo
26).
Encryption
• We have to encrypt the message ‘ACT’ (n=3).The key is
‘GYBNQKURP’ which can be written as the nxn matrix:

The message ‘ACT’ is written as vector:

The enciphered vector is given as:

which corresponds to ciphertext of ‘POH’

Decryption
• To decrypt the message, we turn the ciphertext back into a vector, then
simply multiply by the inverse matrix of the key matrix.The inverse of
the matrix used in the previous example is:
For the previous Ciphertext ‘POH’:

which gives us back Plaintext ‘ACT’.