Unit-1

Computer security refers to measures and controls that ensure the confidentiality,
integrity and availability of the information processed and stored by a computer. This
includes everything from protecting physical information assets, to data security and
computer safety practices. Computer security ensures that a business’s data and computer
systems are safe from breaches and unauthorized access.

OSI Security Architecture

OSI (Open Systems Interconnection)
The security of an organization is the greatest concern of the people working at the
organization. Safety and security are the pillars of cyber technology. It is hard to imagine
the cyber world without thinking about security. The architecture of security is thus a
very important aspect of the organization. The OSI (Open Systems Interconnection)
Security Architecture defines a systematic approach to providing security at each layer.
It defines security services and security mechanisms that can be used at each of the seven
layers of the OSI model to provide security for data transmitted over a network. These
security services and mechanisms help to ensure the confidentiality, integrity, and
availability of the data. OSI architecture is internationally acceptable as it lays the flow
of providing safety in an organization.
OSI Security Architecture focuses on these concepts:
 Security Attack:
 Security mechanism: A security mechanism is a means of protecting a system,
network, or device against unauthorized access, tampering, or other security threats.
 Security Service:
Classification of OSI Security Architecture
1. Security Attacks:
A security attack is an attempt by a person or entity to gain unauthorized access to disrupt
or compromise the security of a system, network, or device. These are defined as the
actions that put at risk an organization’s safety. They are further classified into 2 sub -
categories:
1. Passive Attack:
2. Active Attacks:

Passive Attack:
Two types of passive attacks are the release of message contents and traffic analysis.
 First one is release of message ,A telephone conversation, an electronic mail
message, and a transferred file may contain sensitive or confidential information.
We would like to prevent an opponent from learning the contents of these
transmissions
 A second type of passive attack, traffic analysis involves the attacker analyzing
network traffic patterns and metadata to gather information about the system,
network, or device. Here the intruder can’t read the message but only understand
the pattern and length of encryption. Traffic analysis can be performed using a
variety of techniques, such as network flow analysis, or protocol analysis.
Passive attacks are very difficult to detect, because they do not involve any alteration of
the data. Typically, the message traffic is sent and received in an apparently normal
fashion, and neither the sender nor receiver is aware that a third party has read the
messages or observed the traffic pattern.
Active Attacks:
Active attacks refer to types of attacks that involve the attacker actively disrupting or
altering system, network, or device activity. Active attacks are typically focused on
causing damage or disruption, rather than gathering information or intelligence. Here,
both the sender and receiver have no clue that their message/ data is modified by some
third-party intruder
It can be subdivided into four categories:
1 masquerade,
2 replay,
3. modification of messages,
4. denial of service.

1.masquerade,
A masquerade attack usually includes one of the other forms of active attack. For
example, authentication sequences can be captured and replayed after a valid
authentication sequence has taken place, thus enabling an authorized entity with few
privileges to obtain extra privileges by impersonating an entity that has those privileges
2.Replay:
Replay involves the passive capture of a data unit and its subsequent retransmission to
produce an unauthorized effect .

3.Modification of messages :
Modification of messages simply means that some portion of a legitimate message is
altered, or that messages are delayed or reordered, to produce an unauthorized effect
(Figure 1.3c). For example, a message meaning “Allow John Smith to read confidential
file accounts” is modified to mean “Allow Fred Brown to read confidential file
accounts.”
4.Denial of service :
The denial of service prevents or inhibits the normal use or management of
communications facilities (Figure d). This attack may have a specific target; for example,
an entity may suppress all messages directed to a particular destination
 Network Security Model

The ‘network access security model’ is study about how messages are shared between
the sender and receiver securely over the network and the ‘network access security
model’ which is designed to secure your system from unwanted access through the
network.

For a message to be sent or receive there must be a sender and a receiver. Both the sender
and receiver must also be mutually agreeing to the sharing of the message. Now, the
transmission of a message from sender to receiver needs a medium i.e. Information
channel which is an Internet service.

A logical route is defined through the network (Internet), from sender to the receiver and
using the communication protocols both the sender and the receiver established
communication.

Any security service would have the three components discussed below:

1. Transformation of the information which has to be sent to the receiver. So, that
any opponent present at the information channel is unable to read the message. This
indicates the encryption of the message.

2. Sharing of the secret information between sender and receiver of which the
opponent must not any clue. So, we are talking of the encryption key which is
used during the encryption of the message at the sender’s end and also during the
decryption of message at receiver’s end.

3. There must be a trusted third party which should take the responsibility
of distributing the secret information (key) to both the communicating parties
and also prevent it from any opponent.
The following four tasks while designing the security model.

1. To transform a readable message at the sender side into an unreadable format, an

appropriate algorithm should be designed such that it should be difficult for an opponent
to crack that security algorithm.

2. Next, the network security model designer is concerned about the generation of the
secret information which is known as a key.
This secret information is used in conjunction with the security algorithm in order to
transform the message.

3. Now, the secret information is required at both the ends, sender’s end and receiver’s
end. At sender’s end, it is used to encrypt or transform the message into unreadable form
and at the receiver’s end, it is used to decrypt or retransform the message into readable
form.
So, there must be a trusted third party which will distribute the secret information to
both sender and receiver. While designing the network security model designer must also
concentrate on developing the methods to distribute the key to the sender and receiver.

4. Specify a protocol to be used by the two principals that makes use of the security
algorithm and the secret information to achieve a particular security service.

Network Access Security Model

There are two ways to secure your system from attacker of which the first is to introduce
the gatekeeper function. Introducing gatekeeper function means introducing login-
id and passwords which would keep away the unwanted access.

In case the unwanted user gets access to the system the second way to secure your system
is introducing internal control which would detect the unwanted user trying to access
the system by analyzing system activities. This second method we call
as antivirus which we install on our system to prevent the unwanted user from accessing
your computer system through the internet.

Classical encryption techniques:

Symmetric Cipher Model

 Cryptography Symmetric encryption is a form of cryptosystem in which encryption

and decryption are performed using the same key. It is also known as conventional
encryption.

 Symmetric encryption transforms plaintext into ciphertext using a secret key and an
encryption algorithm. Using the same key and a decryption algorithm, the plaintext
is recovered from the ciphertext.

 The two types of attack on an encryption algorithm are

1.Cryptanalysis  based on properties of the encryption algorithm
2. Brute-force  which involves trying all possible keys.

 Traditional symmetric ciphers use substitution and/or transposition techniques.

Substitution techniques map plaintext elements (characters, bits) into ciphertext
elements. Transposition techniques systematically transpose the positions of
plaintext elements.

A symmetric encryption scheme has five ingredients :

• Plaintext: This is the original intelligible message or data that is fed into the
algorithm as input.

• Encryption algorithm: The encryption algorithm performs various substitutions -

and transformations on the plaintext.

• Secret key: The secret key is also input to the encryption algorithm. The key is a
value independent of the plaintext and of the algorithm. The algorithm will produce
a different output depending on the specific key being used at the time. The exact
substitutions and transformations performed by the algorithm depend on the key.

• Ciphertext: This is the scrambled message produced as output. It depends on the

plaintext and the secret key. For a given message, two different keys will produce
two different ciphertexts. The ciphertext is an apparently random stream of data
and, as it stands, is unintelligible.

• Decryption algorithm: This is essentially the encryption algorithm run in reverse.

It takes the ciphertext and the secret key and produces the original plaintext. There
are two requirements for secure use of conventional encryption:

1. We need a strong encryption algorithm. At a minimum, we would like the algorithm to be such that an opponent
who knows the algorithm and has access to one or more ciphertexts would be unable to decipher the ciphertext or
figure out the key.

2. Sender and receiver must have obtained copies of the secret key in a secure fashion and must keep the key secure.
If someone can discover the key and knows the algorithm, all communication using this key is readable.
 Let us take a closer look at the essential elements of a symmetric encryption
scheme, A source produces a message in plaintext, X = [X1, X2, Á , XM] . The
elements of are letters in some finite alphabet. Traditionally, the alphabet usually
consisted of the 26 capital letters. Nowadays, the binary alphabet {0, 1} is typically
used. For encryption, a key of the form is generated. If the key K = [K1, K2, …..
KJ] is generated at the message source, then it must also be provided to the
destination by means of some secure channel. Alternatively, a third party could
generate the key and securely deliver it to both source and destination.
With the message and the encryption key as input, the encryption algorithm forms
the ciphertext . We can write this as
Y = E(K, X)

The intended receiver, in possession of the key, is able to invert the transformation:
X = D(K, Y)
Cryptography

Cryptographic systems are characterized along three independent dimensions:

1. The type of operations used for transforming plaintext to ciphertext.
2. The number of keys used.
3. . The way in which the plaintext is processed.

Cryptanalysis and Brute-Force Attack

Cryptanalysis is the study and process of analyzing and decrypting ciphers, codes, and
encrypted text without using the real key. Alternately, we can say it’s the technique of
accessing a communication’s plain text content when you don’t have access to the
decryption key.
Cryptology has two parts namely, Cryptography which focuses on creating secret
codes and Cryptanalysis which is the study of the cryptographic algorithm and the
breaking of those secret codes. The person practicing Cryptanalysis is called
a Cryptanalyst. It helps us to better understand the cryptosystems and also helps us
improve the system by finding any weak point and thus work on the algorithm to create
a more secure secret code. For example, a Cryptanalyst might try to decipher a
ciphertext to derive the plaintext. It can help us to deduce the plaintext or the encryption
key.

n To
To determine the weak points of a cryptographic system, it is important to attack the
system. This attacks are called Cryptanalytic attacks. The attacks rely on nature of the
algorithm and also knowledge of the general characteristics of the plaintext, i.e.,
plaintext can be a regular document written in English or it can be a code written in
Java. Therefore, nature of the plaintext should be known before trying to use the
attacks.
Types of Cryptanalytic attacks :

 Known-Plaintext Analysis (KPA) : In this type of attack, some plaintext-ciphertext pairs are
already known. Attacker maps them in order to find the encryption key. This attack is easier to
use as a lot of information is already available.
 Chosen-Plaintext Analysis (CPA) : In this type of attack, the attacker chooses random plaintexts
and obtains the corresponding ciphertexts and tries to find the encryption key. Its very simple to
implement like KPA but the success rate is quite low.
 Ciphertext-Only Analysis (COA) : In this type of attack, only some cipher-text is known and
the attacker tries to find the corresponding encryption key and plaintext. Its the hardest to
implement but is the most probable attack as only ciphertext is required.
 Man-In-The-Middle (MITM) attack : In this type of attack, attacker intercepts the message/key
between two communicating parties through a secured channel.
  Adaptive Chosen-Plaintext Analysis (ACPA) : This attack is similar CPA. Here, the attacker
requests the cipher texts of additional plaintexts after they have ciphertexts for some texts.
 Birthday attack: This attack exploits the probability of two or more individuals sharing the same
birthday in a group of people. In cryptography, this attack is used to find collisions in a hash
function.
 Side-channel attack: This type of attack is based on information obtained from the physical
implementation of the cryptographic system, rather than on weaknesses in the algorithm itself.
Side-channel attacks include timing attacks, power analysis attacks, electromagnetic attacks, and
others.
 Brute-force attack: This attack involves trying every possible key until the correct one is found.
While this attack is simple to implement, it can be time-consuming and computationally
expensive, especially for longer keys.
 Differential cryptanalysis: This type of attack involves comparing pairs of plaintexts and their
corresponding ciphertexts to find patterns in the encryption algorithm. It can be effective against
block ciphers with certain properties.
Brute Force Attack
A brute force attack is a type of cyberattack where the attacker attempts to gain access to a
computer system or network by guessing passwords or personal identification numbers (PINs).
Sometimes, attackers use automated software to make guessing easier and faster.
A brute force attack is also called a cryptanalytic attack since it relies on cryptologic functions
to ‘crack’ the cipher and infiltrate the machine.
Brute force attacks can be very successful if the attacker has enough time and computing
resources. However, they are also very difficult to pull off and usually take a long time to
complete. As such, they are not commonly used by attackers except in very specific
circumstances.

How Does a Brute Force Attack Work

Brute force attacks usually follow a common modus operandi: the attacker tries to log in to a
user account by using different combinations of username and password until he or she finds
the right combination. If the attacker is successful, he or she can then access the victim’s
accounts and data. Brute force attacks can be online and offline. Online brute force attacks
occur when the attacker has direct access to the victim’s system, while offline brute force
attacks take place when the attacker tries to guess passwords from a database that has been
compromised.

substitution and transposition

Caesar Cipher

The Caesar cipher is a simple encryption technique that was used by Julius Caesar The Caesar
Cipher technique is one of the earliest and simplest methods of encryption technique. It’s simply a
type of substitution cipher, i.e., each letter of a given text is replaced by a letter with a fixed number
of positions down the alphabet. For example with a shift of 1, A would be replaced by B, B would
become C, and so on.
 Thus to cipher a given text we need an integer value, known as a shift which indicates the
number of positions each letter of the text has been moved down.
The encryption can be represented using modular arithmetic by first transforming the letters into
numbers, according to the scheme, A = 0, B = 1,…, Z = 25. Encryption of a letter by a shift n can
be described mathematically as.
For example, if the shift is 3, then the letter A would be replaced by the letter D
example of how to use the Caesar cipher to encrypt the message “HELLO” with a shift of 3:
1. Write down the plaintext message: HELLO
2. Choose a shift value. In this case, we will use a shift of 3.
3. Replace each letter in the plaintext message with the letter that is three positions to the right in
the alphabet.
H becomes K (shift 3 from H)
E becomes H (shift 3 from E)
L becomes O (shift 3 from L)
L becomes O (shift 3 from L)
O becomes R (shift 3 from O)
4.The encrypted message is now “KHOOR”.
 To decrypt the message, you simply need to shift each letter back by the same number of
positions. In this case, you would shift each letter in “KHOOR” back by 3 positions to get the
original message, “HELLO”.
Advantages:
 Easy to implement and use thus, making suitable for beginners to learn about encryption.
Disadvantages:
 It is not secure against modern decryption methods.
 The small number of possible keys means that an attacker can easily try all possible keys until
the correct one is found, making it vulnerable to a brute force attack.
 It is not suitable for long text encryption as it would be easy to crack.
 It is not suitable for secure communication as it is easily broken.
 Does not provide confidentiality, integrity, and authenticity in a message.
 requires only a small set of pre-shared information.
 Can be modified easily to create a more secure variant, such as by using a multiple shift
values or keywords.

Example refer classwork

Monoalphabetic Ciphers
Playfair Cipher

Hill Cipher

Polyalphabetic Ciphers

One-Time Pad

Transposition Techniques

Steganography

A steganography technique involves hiding sensitive information within an ordinary,

non-secret file or message, so that it will not be detected. The sensitive information will
then be extracted from the ordinary file or message at its destination, thus avoiding
detection. Steganography is an additional step that can be used in conjunction with
encryption in order to conceal or protect data.

We can use steganography to hide text, video, images, or even audio data. It’s a helpful
bit of knowledge, limited only by the type of medium and the author’s imagination

Different Types of Steganography.

1. Text Steganography − There is steganography in text files, which entails secretly
storing information. In this method, the hidden data is encoded into the letter of each
word.

2. Image Steganography − the second type of steganography is image steganography,

which entails concealing data by using an image of a different object as a cover. Pixel
intensities are the key to data concealment in image steganography.
Popular Steganography Applications

 Image Steganography: This application is a JavaScript tool used to hide images in

other image files
 OpenStego: This program is an open-source steganography tool
 Xiao Steganography: Xiao hides secret files in WAV or BMP files
 Crypture: This application is a command-line tool used to conduct steganography
 NoClue: This application is an open-source tool that hides text information in both
video and image carrier files

Techniques

 Steganography Master: This app is an Android-based open-source tool that can hide
text in an image and gives you a decoding tool to pull hidden text messages from
image files. It supports multiple image formats (BMP, JPG, ICO, PNG)
 Steghide: Steghide is an application that hides data in different audio and image files,
including JPEG, BMP, AU, and WAV
ROTOR MACHINE
• In cryptography, a rotor machine is an electro-mechanical stream cipher device
used for encrypting and decrypting messages. Rotor machines were the
cryptographic state-of-the-art for much of the 20th century; they were in
widespread use in the 1920s–1970s.
• A machine consists of multiple cylinders " each cylinder has 26 states, and each
state it is a substitution cipher: the wiring between the contacts implements a fixed
substitution of letters " each cylinder rotates to change states according to a
different schedule changing the substitution
 NETWORK SECURITY
Unit-II

UNIT II
Number theory and finite fields: The Euclidean algorithm – Modular arithmetic - Groups, Rings and Fields –
Finite fields of the Form GF (p) – Polynomial arithmetic – prime numbers – Fermat’s and eulers theorems

The Euclidean Algorithm

The Euclidean Algorithm finds the greatest common divisor of two integers a and b.

For example,
If we want to find gcd(287, 91), we divide 287 by 91:

287 = 91*3 + 14

We know that for integers a, b and c, if a | b and a | c, then a | (b + c).

Therefore, any divisor of 287 and 91 must also be a divisor of 287 - 91*3 = 14.

Consequently, gcd(287, 91) = gcd(14, 91).

In the next step, we divide 91 by 14:

91 = 14*6 + 7

This means that gcd(14, 91) = gcd(14, 7).

So we divide 14 by 7:

14 = 7*2 + 0
We find that 7 | 14, and thus gcd(14, 7) = 7.

Therefore, gcd(287, 91) = 7.

So, what is gcd( 70, 38 )?

The Euclidean algorithm can be based on the following theorem: For any nonnegative integer a and any
positive integer b,
gcd(a, b) = gcd(b, a mod b)
gcd(55, 22) = gcd(22, 55 mod 22) = gcd(22, 11) = 11
MODULAR ARITHMETIC

Given any positive integer n and any integer a, if we divide a by n, we get an integer quotient q and an
integer remainder r that obey the following relationship:

a=qn+r 0  r  n; q = a / n

where x is the largest integer less than or equal to x.

The remainder r is often referred to as a residue.

MODULAR ARITHMETIC

a=11, n=7, 11=1x7+4, r=4

a=-11, n=7, -11=(-2)x7+3, r=3

If a is an integer and n is a positive integer, we define a mod n to be the remainder when a is divided by n,
Thus, for any integer a, we can always write

a = a / n n + (a mod n)

11mod7=4, -11mod7=3

Two integers a and b are said to be congruent modulo n, if a mod n = b mod n. This is written as
a  bmod n .

73  4 mod 23;21  −9 mod 10

Properties of the Modulo operator

1. a b mod n if n|(a-b)
2. a b mod n implies b a mod n
3. a b mod n and b c mod n imply a c mod n
Properties of the Modulo operator

To demonstrate the 1st point, if n|(a-b), then a-b=kn for some k. So we can write a=b+kn. Therefore, (a
mod n) (remainder when b+kn is divided by n) = (remainder when b is divided by n) = (b mod n)

23  8 mod 5 because 23-8=15=5x3

-11  5 mod 8 because -11-5=-16=8x(-2)

81  0 mod 27 because 81-0=81=27x3

Modular arithmetic operations

Properties of modular arithmetic, working over {0,1,.., n-1}:

1. [(a mod n) + (b mod n)] mod n = (a+b) mod n

2. [(a mod n) - (b mod n)] mod n = (a-b) mod n
3. [(a mod n) x (b mod n)] mod n = (ab) mod n
We demonstrate the 1st property. Define (a mod n) = ra and (b mod n) = rb. Then we can write a=ra+jn
for some integer j and b= rb+kn for some integer k. Then

(a+b) mod n = (ra+jn+ rb+kn) mod n = (ra+ rb+(k+j)n) mod n = (ra+ rb) mod n = [(a mod n) + (b mod n)]
mod n

11 mod 8 =3, 15 mod 8 =7

[(11 mod 8) + (15 mod 8)] mod 8 = 10 mod 8 =2

(11+15) mod 8 = 26 mod 8 = 2

[(11 mod 8) - (15 mod 8)] mod 8 = -4 mod 8 =4

(11-15) mod 8 = -4 mod 8 = -4

[(11 mod 8) x (15 mod 8)] mod 8 = 21 mod 8 =5

(11x15) mod 8 = 165 mod 8 = 5

Exponentiation is performed, as in ordinary arithmetic

To find 117 mod 13, we can proceed as follows:

112 = 121  4 mod 13

114  42  3 mod 13
117  11 4  3  132  2 mod 13

Thus, the rules for ordinary arithmetic involving addition, subtraction, and multiplication carry over into
modular arithmetic.
Modular arithmetic operations

Table 4.1 introduces arithmetic modulo 8. We see that not for all elements exist multiplicative inverses
(for 2, 4, 6).

Properties of modular arithmetic

Let Zn ={0,1,..,n-1}. This is referred to as the set of residues, or residue class modulo n. To be more
precise, each integer in Zn represents a residue class. We can labe the residue classes modulo n as [0],
[1],.., [n-1], where

[r]={a: a is integer, a r mod n}

Of all the integers in the residue class, the smallest nonnegative integer is the one usually used to
represent the residue class. Finding the smallest nonnegative integer to which k is congruent modulo n
is called reducing k modulo n.
 Properties of modular arithmetic

If we perform modulo arithmetic within Zn, the properties shown in Table 4.2 hold for integers in Zn.
Thus, Zn is a commutative ring with a multiplicative identity element.

There is one peculiarity of modular arithmetic that sets it apart from ordinary arithmetic. First, observe
that, as in ordinary arithmetic, we can write

If (a+b)  (a+c) mod n then b c mod n (4.1)

(5+23)  (5+7) mod 8, then 23  7 mod 8

Equation (4.1) is consistent with the existence of an additive inverse. Adding the additive inverse of a to
both sided of (4.1), we have

((-a)+a+b)  ((-a)+a+c) mod n

b c mod n

However, the following statement is true only with the attached condition:

If (a  b)  (a  c) mod n then b c mod n if a is relatively prime to b (4.2)

Where the term relatively prime is defined as follows: Two integers are relatively prime if their only
common positive integer factor is 1. Similar to the case of equation (4.1), we can say that (4.2) is
consistent with the existence of a multiplicative inverse of a. Applying the multiplicative inverse of a to
both sides of (4.2)
 Properties of modular arithmetic

((a −1 )ab)  ((a −1 )ac) mod n

b  c mod n

To see this, consider an example, in which condition does not hold:

6x3=18  2 mod 8

6x7=42  2 mod 8

Yet 3  7 mod 8 because 6 and 8 are not relatively prime

With a=6 and n=8,

Z8 012 3 4 5 6 7

Multiply by 6: 0 6 12 18 24 30 36 42

Residues: 0 6 4 2 0 6 4 2

However, if we take a=5 and n=8, whose only common factor is 1,

Z8 012 3 4 56 7

Multiply by 5: 0 5 10 15 20 25 30 35

Residues: 0 5 2 7 4 1 6 3

The line of residues contains all integers in Z8, in a different order.

In general, an integer has a multiplicative inverse in Zn, if that integer is relatively prime to n. Table 4.1c
shows that the integers 1, 3, 5, and 7 have a multiplicative inverse, but 2, 4, and 6 do not.

Groups, rings, and fields:

These are basic notions of abstract algebra, which is widely used in cryptography.

Groups, rings, and fields are the important elements of a branch of mathematics called as abstract
algebra, or modern algebra. In abstract algebra, it is concerned with sets on whose elements and it can
operate algebraically; that is, it can combine two elements of the set, perhaps in multiple ways, and it can
obtain a third element of the set.

Group
A group (G) is indicated by {G,∙}. It is a group of elements with a binary operation ′ ∙ ′ that satisfies four
properties. The properties of Group are as follows −
• Closure − If a and b are elements of G, therefore c = a ∙ b is also an element of set G. This can define
that the result of using the operations on any two elements in the set is another element in the set.
• Associativity − If a, b, and c are element of G, therefore (a ∙ b) ∙ c = a ∙ (b ∙ c), means it does not
substance in which order it can use the operations on higher than two elements.
• Identity − For all a in G, there occur an element e in G including e ∙ a = a ∙ e = a.
• Inverse − For each a in G, there occur an element a’ known as the inverse of a
such that a ∙ a′ = a′ ∙ a = e.
A group is an abelian group if it satisfies the following four properties more one additional property of
commutativity.
Commutativity − For all a and b in G, we have a ∙ b = b ∙ a.

Ring
A ring R is indicated by {R, +, x}. It is a set of elements with two binary operations, known as addition and
multiplication including for all a, b, c in R the following axioms are kept −
• R is an abelian group regarding addition that is R satisfies properties A1 through A5. In the method
of additive group, it indicates the identity element as 0 and the inverse of a as − a.
• (M1): Closure under multiplication − If and b belong to R, then ab is also in R.
• (M2): Associativity of Multiplication − a(bc)=(ab)c for all a, b, c in R.
• (M3): Distributive Laws −
a(b+c)=ab + ac for all a, b, c in R
(a+b)c=ac+bc for all a, b, c in R
• (M4): Commutative of Multiplication − ab=ba for all a, b in R.
• (M5): Multiplicative identity − There is an element 1 in R including a1=1a for all a in R.
• (M6): No zero divisors − If a, b in R and ab = 0, therefore a = 0 or b = 0.
Field :
A field F is indicated by {F, +, x}. It is a set of elements with two binary operations known as addition and
multiplication, including for all a, b, c in F the following axioms are kept −
• F1 is an integer domain that is F satisfies axioms A1 through A5 and M1 through M6.
• (M7): Multiplication inverse − For each a in F, except 0, there is an element a−1 in F such that aa−1 =
(a−1)a=1.

FINITE FIELDS OF THE FORM GF(p)

Finite fields play crucial role in many crypto algorithms. It can be shown that the order of a finite field must
be a power of a prime pn, where n is a positive integer. Prime is an integer whose only positive integer
factors are itself and 1. The finite field of order p n is usually denoted by GF(pn); GF stands for Galois field in
honor of the French mathematician Evarist Galois

Finite Fields of Order p

For a given prime p, GF(p) is defined as the set Zp={0,1,..,p-1} of integers together with arithmetic
operations modulo p. For such prime numbers, holds (M7) - Multiplicative inverse axiom.

Because elements w of Zp are relatively prime to p, if we multiply all the elements of Zp by w, the resulting
residues are all of elements Zp, permuted. Thus, exactly one of the residues has the value 1, respective
multiplier is just the inverse element for w, designated w-1. Now, equation (4.2) can be written without
condition:

If ab  ac mod p then b  c mod p

Consequence is obtained by multiplication of both parts of (4.4) by a-1.

The simplest finite field is GF(2):

+ 0 1 X 0 1 w -w w-1
0 0 1 0 0 0 0 0 -
1 1 0 1 0 1 1 1 1
Addition Multiplication Inverses

Finite Fields of Order p

Next is for GF(7):

Finding the Multiplicative Inverse in GF(p)

Table 4.3b may be used to find multiplicative inverse, but for large values of p it is not practical.

If gcd(m,b)=1, then b has a multiplicative inverse modulo m. That is, for positive integer b<m, there exists a
b-1<m such that b b-1=1 mod m. Euclid’s algorithm can be extended so that, in addition to finding gcd(m,b),
if the gcd is 1, the algorithm returns the multiplicative inverse of b.
Finding the Multiplicative Inverse in GF(p)

EXTENDED EUCLID(m,b)

1. (A1,A2,A3):=(1,0,m); (B1,B2,B3):=(0,1,b);
2. if B3=0 return A3=gcd(m,b); no inverse
3. if B3=1 return B3 = gcd(m,b); B2= b-1 mod m
 A3
4. Q=
 
 B3
5. (T1,T2,T3):=(A1-QB1, A2-QB2, A3-QB3)
6. (A1,A2,A3):= (B1,B2,B3)
7. (B1,B2,B3):= (T1,T2,T3)
8. goto 2
Throughout the computation, the following relationships hold:

mT1+bT2=T3 mA1+bA2=A3 mB1+bB2=B3

To see that algorithm correctly returns gcd(m,b), note that if we equate A and B in Euclid’s algorithm
with A3 and B3 in the extended Euclid’s algorithm, then the treatment of the two variables is identical.
Note also that if gcd(m,b)=1, then on the final step we would have B3=0 and A3 =1. Therefore, on the
preceding step, B3=1. But if B3=1, then we can say the following:

mB1+bB2=B3

mB1+bB2=1

bB2=1-mB1

bB2  1 mod m

Hence, B2 is the multiplicative inverse of b.

Table 4.4 is an example of the execution of the algorithm. It shows that gcd(550,1759)=1 and that the
multiplicative inverse of 550 is 355; that is, 550x355  1 mod 1759.
Finding the Multiplicative Inverse in GF(p)

POLYNOMIAL ARITHMETIC

We are concerned with polynomials in a single variable x, and we can distinguish three classes of
polynomial arithmetic:

- Ordinary polynomial arithmetic, using the basic rules of algebra

- Polynomial arithmetic in which the arithmetic on the coefficients is performed modulo p; that is,
coefficients are in Zp
- Polynomial arithmetic in which the coefficients are in Zp, and the polynomials are defined modulo a
polynomial m(x) whose highest power is some integer n
We consider these variants below.

Ordinary Polynomial Arithmetic

A polynomial of degree n (integer n  0) is an expression of the form

n
f (x) =  a i x i
i=0

where ai are elements of some designated set of numbers S, called the coefficient set, and an  0 . We
say that polynomials are defined over S.

POLYNOMIAL ARITHMETIC

A zeroth-degree is called a constant polynomial and is simply an element of S. An n-th degree

polynomial is said to be a monic polynomial if an = 1.
In the context of abstract algebra, we are usually not interested in evaluating a polynomial for a
particular value of x [e.g., f(7)]. To emphasize this point, the variable x is sometimes referred to as the
indeterminate.

Polynomial arithmetic includes the operations of addition, subtraction, and multiplication:

f (x) =  a xi ,g(x) =  b xi ,n  m,
n m

i i
i=0 i=0
n n

f (x) + g(x) =  (ai + bi )x +

i=0
i
 a xi
i=m+1
i

n+m

f (x)  g(x) =  c xi ,
i=0
i

k
ck =  aibk −i
i=0

Division is similarly defined, but requires that S be a field. Examples of fields include the real numbers,
rational numbers, and Zp for p prime. Note that the set of all integers is not a field and does not
support polynomial division.

Polynomial Arithmetic with Coefficients in Zp

Within a field, given two elements a and b, the quotient a/b is also an element of the field. However, in
general division will result in quotient and remainder; that is, not exact division.

If the coefficient set S is integers, then (5x2 /(3x) does not have a solution, because it would require a
coefficient with the value of 5/3, which is not

Polynomial Arithmetic with Coefficients in Zp

in the coefficient set. Suppose, we perform the same polynomial division over Z7. Then we have
(5x2 /(3x) =4x, which is a valid polynomial over Z7.

However, in general, even if the coefficient set is a field, division will produce quotient and remainder:

f (x) r(x)
= q(x) +
g(x) g(x)
f (x) = q(x)g(x) + r(x) (4.5)

If the degree of f(x) is n and degree of g(x) is m, ( m  n ), then the degree of the quotient q(x) is n-m
and the degree of the remainder r(x) is at most m-1. With the understanding that remainders are
allowed, we can say that the polynomial division is possible if the coefficient set is a field.
In an analogy to integer arithmetic, we can write f(x) mod g(x) for the remainder r(x) in (4.5), that is,
r(x) = f(x) mod g(x). If remainder r(x)=0, then we say that g(x) divides f(x), written as g(x)|f(x);
equivalently, we can say that g(x) is a factor of f(x) or g(x) is a divisor of f(x).

If f (x) = x3 + x2 + 2, g(x) = x2 − x +1, f (x) / g(x) produces quotient q(x)=x+2, and remainder r(x)=x, as
shown in Fig. 4.3d. This clearly verified by

q(x)g(x) + r(x) = (x + 2)(x2 − x +1) + x = (x 3 + x2 − x + 2) + x = x3 + x2 + 2 = f (x)

Polynomial Arithmetic with Coefficients in Zp

For our purposes, polynomials over GF(2) are of the most interest. Fig.4.4 shows an example of
polynomial arithmetic over GF(2):
 Polynomial Arithmetic with Coefficients in Zp

A polynomial f(x) over a field F is called irreducible if and only if f(x) cannot be expressed as a product
of two polynomials, both over F, and both of degree lower than that of f(x). By analogy to integers, an
irreducible polynomial is also called a prime polynomial.

The polynomial f(x)= x 4 + 1 over GF(2) is reducible, because x4 +1 = (x +1)(x3 + x 2 + x +1) .

Consider polynomial f(x)= x3 + x + 1. It is clear by inspection that x is not a factor of f(x). Also, x+1 is not
a factor of f(x). Thus, f(x) has not factors of degree 1. But it is clear, that if f(x) is reducible then it must
have one factor of degree 2 and one factor of degree 1. Therefore, f(x) is irreducible.

FERMAT’S AND EULER’S THEOREMS

Two theorems that play important roles in public-key cryptography are Fermat’s theorem and Euler’s
theorem.
Fermat’s Theorem
Fermat’s theorem states the following: If p is prime and a is a positive integer not divisible by p, then

Proof: Consider the set of positive integers less than p: {1, 2, ......., p - 1} and multiply each element by
a, modulo p, to get the set X = {a mod p, 2a mod p, ...... , (p - 1)a mod p}. None of the elements of X is
equal to zero
because p does not divide a. Furthermore, no two of the integers in X are equal. To see this, assume
that ja == ka (mod p)), where 1 <= j < k <= p - 1. Because a is relatively
prime5 to p, we can eliminate a from both sides of the equation [see Equation (4.3)]
resulting in j === k(modp). This last equality is impossible, because j and k are both
positive integers less than p. Therefore, we know that the (p - 1) elements of X are
all positive integers with no two elements equal. We can conclude the X consists of
the set of integers {1, 2, ....... , p - 1} in some order. Multiplying the numbers in both
sets (p and X) and taking the result mod p yields

We can cancel the ((p - 1)! term because it is relatively prime to p [see Equation (4.5)]. This yields Equation
(8.2), which completes the proof.

An alternative form of Fermat’s theorem is also useful: If p is prime and a is a positive integer, then

Note that the first form of the theorem [Equation (8.2)] requires that a be relatively
prime to p, but this form does not.

Euler’s Totient Function

Before presenting Euler’s theorem, we need to introduce an important quantity in
number theory, referred to as Euler’s totient function, written ϕ(n), and defined as the number of positive
integers less than n and relatively prime to n. By convention, ϕ(1) = 1.
DETERMINE ϕ(37) AND ϕ(35).

Because 37 is prime, all of the positive integers from 1 through 36 are rela-
tively prime to 37. Thus ϕ(37) = 36.
To determine ϕ(35), we list all of the positive integers less than 35 that are rela- tively prime to it:

1, 2, 3, 4, 6, 8, 9, 11, 12, 13, 16, 17, 18

19, 22, 23, 24, 26, 27, 29, 31, 32, 33, 34
There are 24 numbers on the list, so ϕ(35) = 24.
Table 8.2 lists the first 30 values of ϕ(n). The value ϕ(1) is without meaning but is defined to have the value 1.
It should be clear that, for a prime number p,

ϕ(p) = p - 1

Now suppose that we have two prime numbers p and q with p != q. Then we can show that, for n = pq,
Euler’s Theorem
Euler’s theorem states that for every a and n that are relatively prime:

Proof: Equation (8.4) is true if n is prime, because in that case, ϕ(n) = (n - 1) and Fermat’s theorem
holds. However, it also holds for any integer n. Recall
that f(n) is the number of positive integers less than n that are relatively prime to n. Consider the set of
such integers, labeled as
R = {x1, x2, , xϕ(n)}
That is, each element xi is a unique positive integer less than n with gcd(xi, n) = 1. Now multiply
each element by a, modulo n:
S = {(ax1 mod n), (ax2 mod n), , (axϕ(n) mod n)}
The set S is a permutation6 of R, by the following line of reasoning:

1. Because a is relatively prime to n and xi is relatively prime

to n, axi must also be relatively prime to n. Thus, all the members of S are integers that are less than n and
that are relatively prime to n.

1. There are no duplicates in S. Refer to Equation (4.5). If axi mod n = axj mod n, then xi = xj.

Therefore,

which completes the proof. This is the same line of reasoning applied to the proof of Fermat’s theorem.

As is the case for Fermat’s theorem, an alternative form of the theorem is also useful:

Again, similar to the case with Fermat’s theorem, the first form of Euler’s theorem [Equation (8.4)] requires
that a be relatively prime to n, but this form does not.
 Unit-3
Block Ciphers and Data Encryption Standard: Traditional block cipher structure – Data Encryption – Strengths of DES –
Block Cipher Design Principles – Advanced Encryption Standard – AES structure – AES transformation functions – AES
Key expansion – implementation
Traditional block cipher structure
A block cipher is an encryption/decryption scheme in which a block of plaintext is treated as a whole and used to
produce a cipher text block of equal length. Many block ciphers have a feistel structure such a structure consists of a
number of identical rounds of processing.

Stream Ciphers and Block Ciphers

Block cipher and stream cipher belongs to the symmetric key cipher. these two block ciphers and stream
cipher are the methods used for converting the plain text into ciphertext.

The main difference between a block cipher and a stream cipher is that a block cipher converts the
plain text into cipher text by taking plain text’s block at a time. while stream cipher converts the plain
text into cipher text by taking 1 byte of plain text at a time.
The Feistel Cipher
• Feistel proposed the use of a cipher that alternates substitutions and permutations, where these terms are defined as
follows:
 substitution: each plaintext element or group of elements is uniquely replaced by a corresponding ciphertext
element or group of elements.
 permutation: a sequence of plaintext elements is replaced by a permutation of that sequence. that is, no elements
are added or deleted or replaced in the sequence, rather the order in which the elements appear in the sequence is
changed.significant symmetric block ciphers currently in use.
1. DIFFUSION
2. CONFUSION
Confusion and diffusion are both properties for creating a secure cipher. Confusion and diffusion are both used to prevent
the encryption key from its deduction or to prevent the original message from being transmitted

 The confusion technique keeps the relationship between the encrypted text's statistics and the encryption key's
value as complex as possible.
 In diffusion, the output bits must be challengingly dependent on the input bits so that if the plaintext is modified by
only one bit, the cipher text must change in an unanticipated or unreliable way.

Feistel cipher design elements

 Data Encryption

Data Encryption is a method of preserving data confidentiality by transforming it into ciphertext, which can only be
decoded using a unique decryption key produced at the time of the encryption or prior to it.

Types of Data Encryption:

1. Symmetric Encryption
2. Asymmetric Encryption
Encryption is frequently used in one of two ways i.e. with a symmetric key or with an asymmetric key.
Symmetric Key Encryption:

For encryption and decryption processes, some algorithms employ a unique key. In such operations, the unique key must
be secured since the system or person who knows the key has complete authentication to decode the message for reading.
This approach is known as “symmetric encryption” in the field of network encryption.

Asymmetric Key Encryption:

Some cryptography methods employ one key for data encryption and another key for data decryption. As a result,
anyone who has access to such a public communication will be unable to decode or read it. This type of cryptography,
known as “public-key” encryption, is used in the majority of internet security protocols. The term “asymmetric
encryption” is used to describe this type of encryption.
Difference between symmetric encryption and asymmetric encryption

On the Symmetric Encryption Asymmetric Encryption

basis of

Keys used It uses a single shared key (secret key) It uses two different keys for encryption and decryption.
to encrypt and decrypt the message.

Size The size of ciphertext in symmetric The size of ciphertext in asymmetric encryption could
encryption could be the same or smaller be the same or larger than the plain text.
than the plain text.

Efficiency It is efficient as this technique is It is inefficient as this technique is used only for short
recommended for large amounts of messages.
text.

Speed The encryption process of symmetric The encryption process in asymmetric encryption is
encryption is faster as it uses a single slower as it uses two different keys; both keys are
key for encryption and decryption. related to each other through the complicated
mathematical process.

Purpose Symmetric encryption is mainly used to It is mainly used in smaller transactions. It is used for
transmit bulk data. establishing a secure connection channel before
transferring the actual data.

Security It is less secured as there is a use of a It is safer as there are two keys used for encryption and
single key for encryption. decryption.

Algorithms The algorithms used in symmetric RSA, DSA, Diffie-Hellman, ECC, Gamal, and EI.
encryption are 3DES, AES, DES, and RC4.

Existence It is an old technique. It is a new technique.

Advantages of Encryption

1. Protects user privacy: Encryption protects user privacy by ensuring no human or computer can read data .
2. Prevents identity theft and blackmail: Hackers steal your data and attempt to blackmail you into paying a rescue
3. Enables secure file sharing : Remote employees sharing files over unsecured networks makes it easy for
cybercriminals to breach data that they intercept during transmission.
4. Protects lost and/or stolen devices: Smartphones, laptops and tablets are relatively easy to misplace or lose.
Should an adversary or hacker get their dirty hands on these devices, they can easily steal information that lacks
proper protection. Encryption keeps data secured on stolen or lost devices. Hackers cannot gain access to data if
they don’t have the password (encryption key)
 5. Ensures compliance: to encrypt customer personal information when it is stored at rest and when transmitted
across public networks.

Strength of DES

Adoption as a federal standard, there have been lingering concerns about the level of security provided by DES.
These concerns, by and large, fall into two areas: key size and the nature of the algorithm ,

Data encryption standard (DES) is a symmetric key block cipher algorithm. The algorithm is based on Feistel
network. The algorithm uses a 56-bit key to encrypt data in 64-bit blocks.
There are mainly two categories of concerns about the strength of Data encryption standard. They are:
1. Concerns about the particular algorithm used.
2. Concerns about the usage of key of size 56-bit.

Concerns about the usage of key of size 56-bit.

 56 bit key can be frequently used in encryption. There are 256 possible keys. A brute force attack on such number
of keys is impossible.
 A machine implementing one DES encryption per microsecond would take more than thousands of years to divide
the cipher.
 The assumption of one encryption per microsecond is excessively moderate
 It is necessary that there is more to key-search attack than easily running through all possible keys. If the message
is only plaintext in English, thus the result pops out simply, although the task of identifying English would have to
be automated.

Concerns about the particular algorithm used.

o Cryptanalyst can implement cryptanalysis by exploiting the features of DES (Data Encryption Standard)
algorithm.
o It can be exploring the weakness of eight substitution tables or S-boxes that are utilized in each iteration.
o Much of the work has been completed and the number of regularities and unexpected behaviours of the S-
boxes have been found but no one has succeeded in discovering out the weaknesses in the S-box.
o This contention is tantalizing, and over the years a multiple regularities and unexpected behaviour of the S-
boxes have been found.

Block cipher design principle

Block ciphers are built in the Feistel cipher structure. Block cipher has a specific number of rounds and keys
for generating ciphertext.Block cipher is a type of encryption algorithm that processes fixed-size blocks of
data, usually 64 or 128 bits, to produce ciphertext. The design of a block cipher involves several important
principles to ensure the security and efficiency of the algorithm. Some of these principles are:

There are three critical aspects of block cipher design principle:

 1.the number of rounds,
2. design of the function F,
3. key scheduling

1.The number of encryption rounds − the number of encryption rounds that the plain text will go through explains
the decoding difficulty and hence establishes security. For example, the DES block cipher mechanism goes
through 16 rounds while AES goes through 10 rounds. Hence, comparatively, DES is more secure than AES .

Function’s designing − in the designing of the Feistal block cipher, the construction of the round function greatly
affects the complexity of the algorithm. The function designed should be non-linear to increase the strength of the
function. It should also be created in a way that no other function can substitute it and can make the same output.

Key scheduling algorithm − the generation of the keys for each of the rounds is defined by this algorithm. For
example, in DES the key of the original length of 56bit is divided into two halves of 28 bit each.

Some other techniques of design principles are

1.Confusion and Diffusion: The cipher should provide confusion and diffusion to make it difficult for an
attacker to determine the relationship between the plaintext and ciphertext.

Confusion  means that the ciphertext should be a complex function of the key and plaintext, making it
difficult to guess the key.
Diffusion  means that a small change in the plaintext should cause a significant change in the ciphertext,
which makes it difficult to analyze the encryption pattern.

3. Key Size: The key size should be large enough to prevent brute-force attacks. A larger key size means that there
are more possible keys, making it harder for an attacker to guess the correct one. A key size of 128 bits is
considered to be secure for most applications.
4. Block Size: The block size should be large enough to prevent attacks that exploit statistical patterns in the
plaintext. A block size of 128 bits is generally considered to be secure for most applications.
5. Avalanche Effect: The cipher should exhibit the avalanche effect, which means that a small change in the
plaintext or key should cause a significant change in the ciphertext. This ensures that any change in the input
results in a complete change in the output.
6. Security Analysis: The cipher should be analyzed for its security against various attacks such as differential
cryptanalysis, linear cryptanalysis, and brute-force attacks. The cipher should also be tested for its resistance to
implementation attacks, such as side-channel attacks.

Advanced Encryption Standard (AES)

The Advanced Encryption Standard (AES) was published by the National Institute of Standards and Technology
(NIST) in 2001. AES is a symmetric block cipher that is intended to replace DES as the approved standard for a
wide range of applications.

 AES is a block cipher.

 The key size can be 128/192/256 bits.
 Encrypts data in blocks of 128 bits each.
That means it takes 128 bits as input and outputs 128 bits of encrypted cipher text as output. AES relies on
substitution-permutation network principle which means it is performed using a series of linked operations which
involves replacing and shuffling of the input data.
Working of the cipher :
AES performs operations on bytes of data rather than in bits. Since the block size is 128 bits, the cipher processes 128
bits (or 16 bytes) of the input data at a time.
0 seconds of 14 secondsVolume 0%

The number of rounds depends on the key length as follows :

 128 bit key – 10 rounds
 192 bit key – 12 rounds
 256 bit key – 14 rounds

Benefits Or Advantages Of AES

➨As it is implemented in both hardware and software, it is most robust security protocol.
➨It uses higher length key sizes such as 128, 192 and 256 bits for encryption. Hence it makes AES algorithm more robust
against hacking.
➨It is most common security protocol used for wide variety of applications such as wireless communication, financial
transactions, e-business, encrypted data storage etc.
➨It is one of the most widely used commercial and open source solutions across the world.
➨No one can hack your personal information.
➨For 128 bit, about 2128 attempts are needed to break. This makes it very difficult to hack it as a result it is very safe
protocol.

Drawbacks Or Disadvantages Of AES

➨It uses too simple algebraic structure.

➨Every block is always encrypted in the same way.
➨Hard to implement with software.
➨AES in counter mode is complex to implement in software taking both performance and security into considerations.

AES Structure
The AES structure are categories into two format of structure
1. General Structure
2. Detailed Structure

The overall structure of the AES encryption process.

 The cipher takes a plaintext block size of 128 bits, or 16 bytes.
 The key length can be 16, 24, or 32 bytes (128, 192, or 256 bits).
 The algorithm is referred to as AES-128, AES-192, or AES-256, depending on the key length.

1.Gentral Structure:
Since a single block is 16 bytes, a 4x4 matrix holds the data in a single block, with each cell holding a single byte
of information.
 Similarly, the key being used initially is expanded into (n+1) keys, with n being the number of rounds to be
followed in the encryption process. So for a 128-bit key, the number of rounds is 16, with no. of keys to be
generated being 10+1, which is a total of 11 keys.(only 10 keys allowed)

The AES encryption process consists of the following steps:

. The plaintext is divided into blocks

.
. SubBytes: implements the byte substitution
. Shift rows: Each row is shifted a specific number of times
. Mix columns: matrix multiplication is performed, where each column is multiplied with a matrix
. Add round keys:
The process is repeated multiple times, where the number of rounds corresponds to the key length. For example, a 128-bit
key requires 10 rounds, while a 256-bit key requires 14 rounds.
Detailed Structure
 Add Round Key: You pass the block data stored in the state array through an XOR function with the first key
generated (K0). It passes the resultant state array on as input to the next step.

 sub-Bytes: In this step, it converts each byte of the state array into hexadecimal, divided into two equal parts.
These parts are the rows and columns, mapped with a substitution box (S-Box) to generate new values for the final
state array.

 Shift Rows: It swaps the row elements among each other. It skips the first row. It shifts the elements in the second
row, one position to the left. It also shifts the elements from the third row two consecutive positions to the left, and
it shifts the last row three positions to the left.

 Mix Columns: It multiplies a constant matrix with each column in the state array to get a new column for the
subsequent state array. Once all the columns are multiplied with the same constant matrix, you get your state array
for the next step. This particular step is not to be done in the last round.

 Add Round Key: The respective key for the round is XOR’d with the state array is obtained in the previous step. If
this is the last round, the resultant state array becomes the ciphertext for the specific block; else, it passes as the
new state array input for the next round.
 AES transformation function

1. Substitute Bytes Transformation

The Substitute Bytes transformation is one of the fundamental operations in the Advanced Encryption Standard
(AES), a widely used symmetric encryption algorithm. AES operates on blocks of data, typically 128 bits (16 bytes)
in size, and consists of several rounds, each of which includes a series of transformations to ensure the security of
the encrypted data. The Substitute Bytes transformation is applied in the first round and in subsequent rounds,
except for the final round.

The Substitute Bytes transformation, also known as the "SubBytes" or "S-Box" operation, is a nonlinear
substitution operation that replaces each byte in the input data with a corresponding byte from a fixed substitution
table called the "S-Box." The S-Box is a predefined, constant table containing 256 entries, each 8 bits in length. The
S-Box is carefully designed to introduce non-linearity and confusion into the data, making it resistant to various
cryptographic attacks, such as differential and linear cryptanalysis

Forward and inverse transformations

The forward substitute byte transformation, called SubBytes,. AES defines a matrix of byte values, called an S-box
that contains a permutation of all possible 256 8-bit values. Each individual byte of State is mapped into a new byte
in the following way: The leftmost 4 bits of the byte are used as a row value and the rightmost 4 bits are used as a
column value. These row and column values serve as indexes into the S-box to select a unique 8-bit output value
 2. ShiftRows Transformation
Forward and Inverse Transformations The forward shift row transformation, called ShiftRows
MixColumns Transformation.
The first row of State is not altered. For the second row, a 1-byte circular left shift is performed. For the
third row, a 2-byte circular left shift is performed. For the fourth row, a 3-byte circular left shift is
performed
Example:

The inverse shift row transformation, called InvShiftRows, performs the circular shifts in the opposite direction for
each of the last three rows, with a one-byte circular right shift for the second row, and so on.

3. MixColumns Transformation
MixColumns Transformation Forward and Inverse Transformations The forward mix column transformation,
called MixColumns, operates on each column individually. Each byte of a column is mapped into a new value that
is a function of all four bytes in that column. The transformation can be defined by the following matrix
multiplication on State

Each element in the product matrix is the sum of products of elements of one row and one column. In this case, the
individual additions and multiplications [6] are performed in GF(2 …..(8-1) Technical collage /Najaf
Communication security By Marwa Al-Musawy -64-transformation on a single column j(0 ≤ j ≤ 3) of State can be
expressed as:
AddRoundKey Transformation

Key Expansion Algorithm The AES key expansion algorithm takes as input a 4-word (16-byte) key and produces a
linear array of 44 words (176 bytes). This is sufficient to provide a 4-word round key for the initial AddRoundKey
stage and each of the 10 rounds of the cipher. Figure 8.3 illustrates the generation of the first eight words of the
expanded key, using the symbol g to represent that complex function.

RotWord performs a one-byte circular left shift on a word. This means that an input word [b0,b1, b2, b3] is
transformed into [b1, b2, b3, b0]. 2. SubWord performs a byte substitution on each byte of its input word, using
the S-box (Table 5.4a). 3. The result of steps 1 and 2 is XORed with a round constant, Rcon[j].
AES key expansion
The AES key expansion algorithm takes as input a four-word (16-byte) key and produces a linear array of
44 words (176 bytes).This is sufficient to provide a four-word round key for the initial AddRoundKey stage and
each of the 10 rounds of the cipher. The key is copied into the first four words of the expanded key. The remainder
of the expanded key is filled in four words at a time. Each added word depends on the immediately preceding
word, , and the word four positions back, . In three out of four cases, a simple XOR is used. For a word whose
position in the w array is a multiple of 4, a more complex function is used. Figure 5.9 illustrates the generation of
the expanded key, using the symbol g to represent that complex function. The function g consists of the following
subfunctions

RotWord performs a one-byte circular left shift on a word. This means that an input word is transformed into . 2.
SubWord performs a byte substitution on each byte of its input word, using the S-box (Table 5.2a). 3. The result of
steps 1 and 2 is XORed with a round constant, .
Rationale
The Rijndael developers designed the expansion key algorithm to be resistant to known cryptanalytic
attacks. The inclusion of a round-dependent round constant eliminates the symmetry, or similarity, between the
ways in which round keys are generated in different rounds
Knowledge of a part of the cipher key or round key does not enable calculation of many other round-key bits.
• An invertible transformation [i.e., knowledge of any consecutive words of the expanded key enables regeneration
the entire expanded key ]
. • Speed on a wide range of processors.
• Usage of round constants to eliminate symmetries.
• Diffusion of cipher key differences into the round keys; that is, each key bit affects many round key bits.
• Enough nonlinearity to prohibit the full determination of round key differences from cipher key differences only.
• Simplicity of description

AES implementation
Equivalent Inverse Cipher
An alternative specification of the inverse of CIPHER() with a structure similar to that of CIPHER() and with a
modified key schedule as input.
INTERCHANGING INVSHIFTROWS AND INVSUBBYTES InvShiftRows affects the sequence of bytes in
State but does not alter byte contents and does not depend on byte contents to perform its transformation.
InvSubBytes affects the contents of bytes in State but does not alter byte sequence and does not depend on byte
sequence to perform its transformation. Thus, these two operations commute and can be interchanged. For a given
State , INTERCHANGING ADDROUNDKEY AND INVMIXCOLUMNS The transformations AddRoundKey
and InvMixColumns do not alter the sequence of bytes in State. If we view the key as a sequence of words, then
both AddRoundKey and InvMixColumns operate on State one column at a time. These two operations are linear
with respect to the column input. That is, for a given State and a given round key , InvMixColumns (Si wj ) =
[InvMixColumns (Si )] [InvMixColumns (wj )]
 UNIT-4
Public Key Cryptography and RSA – Principles of Public-key Crypto systems – RSA algorithm - Diffie –
Hellman Key exchange - Elgamal Cryptographic System

Principles of Public-key Crypto systems

Asymmetric encryption is a form of cryptosystem in which encryption and decryption are performed using the different
keys—one a public key and one a private key. It is also known as public-key encryption.

◆ Asymmetric encryption transforms plaintext into ciphertext using a one of two keys and an encryption algorithm.
Using the paired key and a decryption algorithm, the plaintext is recovered from the ciphertext.

◆ Asymmetric encryption can be used for confidentiality, authentication, or both.

◆ The most widely used public-key cryptosystem is RSA. The difficulty of attacking RSA is based on the difficulty of
finding the prime factors of a composite number.

Public-Key Cryptosystems:
A public-key encryption scheme has six ingredients.,
 Plaintext: This is the readable message or data that is fed into the algorithm as input.
 Encryption algorithm: The encryption algorithm performs various transformations on the plaintext.
 Public and private keys: This is a pair of keys that have been selected so that if one is used for
encryption, the other is used for decryption. The exact transformations performed by the algorithm
depend on the public or private key that is provided as input.
 Ciphertext: This is the scrambled message produced as output. It depends on the plaintext and the key.
For a given message, two different keys will produce two different ciphertexts.
 Decryption algorithm: This algorithm accepts the ciphertext and the matching key and produces the
original plaintext.

The essential steps are the following.

1. Each user generates a pair of keys to be used for the encryption and decryption of messages.
2. Each user places one of the two keys in a public register or other accessible file. This is the public key.
The companion key is kept private .As (Figure 9.1) a suggests, each user maintains a collection of public
keys obtained from others.
3. If Bob wishes to send a confidential message to Alice, Bob encrypts the message using Alice’s public
key.
4. When Alice receives the message, she decrypts it using her private key. No other recipient can decrypt
the message because only Alice knows Alice’s private key.
Conventional and Public-Key Encryption
source A that produces a message in plaintext, X = [X1, X2, ...,XM]. The M elements of X are letters in some finite
alphabet. The message is intended for destination B. B generates a related pair of keys: a public key, PUb, and a private
key, PRb. PRb is known only to B, whereas PUb is publicly available and therefore accessible by A. With the message X
and the encryption key PUb as input, A forms the ciphertext Y = [Y1, Y2, ..., YN]:

Y = E(𝑃𝑈𝑏 X)

There is no protection of confidentiality because any observer can decrypt the message by using the sender’s public
key.
It is, however, possible to provide both the authentication function and confidentiality by a double use of the public-
key scheme (Figure 9.4): Z = E(PUb, E(PRa, X)) X = D(PUa, D(PRb, Z))

we can classify the use of public-key cryptosystems into three categories

• Encryption /decryption: The sender encrypts a message with the recipient’s public key.

• Digital signature: The sender “signs” a message with its private key. Signing is achieved by a cryptographic algorithm
applied to the message or to a small block of data that is a function of the message.

• Key exchange: Two sides cooperate to exchange a session key. Several different approaches are possible, involving the
private key(s) of one or both parties.

RSA Algorithm
RSA is the most common public-key algorithm, named after its inventors Rivest, Shamir, and Adelman
(RSA).

RSA algorithm is an asymmetric cryptography algorithm. Asymmetric actually means that it works on two
different keys i.e. Public Key and Private Key. As the name describes that the Public Key is given to
everyone and the Private key is kept private.

An example of asymmetric cryptography:

1. A client (for example browser) sends its public key to the server and requests some data.
2. The server encrypts the data using the client’s public key and sends the encrypted data.
3. The client receives this data and decrypts it.

Advantages of RSA

 The RSA algorithm can be implemented relatively quickly.

 It’s simple to distribute public keys to users.
 Given the complex mathematics involved, breaking the RSA algorithm is extremely challenging.
 The RSA algorithm is secure and reliable for sending private information.
  For mechanisms, RSA is dependable and secure. Therefore, sending sensitive information carries no
danger.
Disadvantages Of RSA

 Because RSA only employs asymmetric encryption and complete encryption requires both symmetric
and asymmetric encryption, it might occasionally fail.
 Sometimes, it’s necessary for a third party to confirm the dependability of public keys.
 Since so many people are engaged, the data transfer rate is slow.

Procedure and example refer class note

Diffie – Hellman Key exchange

Diffie-Hellman key exchange is a method of digital encryption that securely exchanges
cryptographic keys between two parties over a public channel without their conversation being transmitted
over the internet. The two parties use symmetric cryptography to encrypt and decrypt their messages.
Published in 1976 by Whitfield Diffie and Martin Hellman, it was one of the first practical examples of public
key cryptography.

Diffie-Hellman key exchange is commonly found in security protocols, such as Transport Layer Security
(TLS), Secure Shell (SSH) and IP Security (IPsec). Even though Diffie-Hellman key exchange can be used for
establishing both public and private keys, the Rivest-Shamir-Adleman algorithm, or RSA algorithm, can also
be used, since it's able to sign public key certificates.
Applications of Diffie-Hellman Algorithm

Secure Communication − The most common application of the Diffie-Hellman algorithm is to establish a
secure communication channel between two parties.

VPNs − Virtual Private Networks (VPNs) are used to establish a secure connection between a remote user and
a private network.

Online Banking − Online banking is becoming increasingly popular, and with this increased popularity comes
increased security concerns. The Diffie-Hellman algorithm is often used to establish a secure connection
between a user's computer and the online banking system. Once the shared secret key is established, it can be
used to encrypt and decrypt all communication between the user and the online banking system, ensuring that
the communication is secure and private.

Secure Email − Email is one of the most widely used forms of communication, and security is a major concern.
The Diffie-Hellman algorithm is often used to establish a secure connection between a user's email client and
the email server.

Limitations of Diffie-Hellman Algorithm

Man-in-the-middle attacks − The Diffie-Hellman algorithm is vulnerable to man-in-the-middle attacks, where

an attacker intercepts the communication between two parties and establishes their own shared secret key with
each party.

Limited key size − The Diffie-Hellman algorithm is limited by the key size used in the key exchange.

Requires a secure communication channel − The Diffie-Hellman algorithm relies on a secure communication
channel to exchange the public keys.

Not suitable for digital signature − The Diffie-Hellman algorithm is not suitable for digital signature, as it is
vulnerable to replay attacks.

Procedure and example refer class note

Elgamal Cryptographic System

ElGamal encryption is a public-key cryptosystem. It uses asymmetric key encryption for communicating
between two parties and encrypting the message
ElGamal cryptosystem can be defined as the cryptography algorithm that uses the public and private key
concepts to secure communication between two systems. It can be considered the asymmetric algorithm where
the encryption and decryption happen by using public and private keys. In order to encrypt the message, the
public key is used by the client, while the message could be decrypted using the private key on the server end.
This is considered an efficient algorithm to perform encryption and decryption as the keys are extremely
tough to predict.
Procedure and example refer class note
 UNIT-5
Hash functions – Applications – two simple hash functions – Hash functions based on Cipher block chaining -
Secure Hash Algorithm (SHA)

Hash Function
A hash function is a mathematical function that converts a numerical input value into another compressed
numerical value. The input to the hash function is of arbitrary length but output is always of fixed length.

Values returned by a hash function are called message digest or simply hash values. The following picture
illustrated hash function −

Features of Hash Functions

Fixed Length Output(Hash Value)

 Hash function coverts data of arbitrary length to a fixed length. This process is often referred to as hashing
the data.

o Hash function with n bit output is referred to as an n-bit hash function. Popular hash functions
generate values between 160 and 512 bits.

 Efficiency of Operation
o Generally for any hash function h with input x, computation of h(x) is a fast operation.
o Computationally hash functions are much faster than a symmetric encryption.
a). The message plus concatenated hash code is encrypted using symmetric encryption. Because only A and B
share the secret key, the message must have come from A and has not been altered. The hash code provides the
structure or redundancy required to achieve authentication. Because encryption is applied to the entire message
plus hash code, confidentiality is also provided.
b). Only the hash code is encrypted, using symmetric encryption. This reduces the processing burden for those
applications that do not require confidentiality.
c). It is possible to use a hash function but no encryption for message authentication. The technique assumes
that the two communicating parties share a common secret value . A computes the hash value over the
concatenation of M and S and appends the resulting hash value to . Because B possesses , it can recompute the
hash value to verify. Because the secret value itself is not sent, an opponent cannot modify an intercepted
message and cannot generate a false message
d. Confidentiality can be added to the approach of method (c) by encrypting the entire message plus the hash
code.

Applications of Hash Functions:

The most versatile cryptographic algorithm is the cryptographic hash function. It is used in a wide variety of
security applications and Internet protocols. The following are various applications where it is employed.
1.Message Authentication:
 Message authentication is a mechanism or service used to verify the integrity of a message.
  Message authentication assures that data received are exactly as sent (i.e., there is no modification, insertion,
deletion, or replay).
 When a hash function is used to provide message authentication, the hash function value is often referred to as
a message digest.
More commonly, message authentication is achieved using a message authentication code (MAC), also known
as a keyed hash function.
 Typically, MACs are used between two parties that share a secret key to authenticate information exchanged
between those parties.

 A MAC function takes as input a secret key and a data block and produces a hash value, referred to as the
MAC, which is associated with the protected message.
 If the integrity of the message needs to be checked, the MAC function can be applied to the message and the
result compared with the associated MAC value.

 An attacker who alters the message will be unable to alter the associated MAC value without knowledge of
the secret key
2. Digital Signatures
 Another important application, which is similar to the message authentication application, is the digital
signature.
 The operation of the digital signature is similar to that of the MAC.
 In the case of the digital signature, the hash value of a message is encrypted with a user’s private key.

 Anyone who knows the user’s public key can verify the integrity of the message that is associated with the
digital signature.
 In this case, an attacker who wishes to alter the message would need to know the user’s private key

a. The hash code is encrypted, using public-key encryption with the sender’s private key. As with Figure b,
this provides authentication. It also provides a digital signature, because only the sender could have
produced the encrypted hash code. In fact, this is the essence of the digital signature technique.
b. b. If confidentiality as well as a digital signature is desired, then the message plus the private-key
encrypted hash code can be encrypted using a symmetric secret key. This is a common technique.
Other Applications:
 Hash functions are commonly used to create a one-way password file.
 Hash functions can be used for intrusion detection and virus detection.
 A cryptographic hash function can be used to construct a pseudorandom function (PRF) or a pseudorandom
number generator (PRNG).

Two-Simple Hash Functions

All hash functions operate using the following general principles.
The input (message, file, etc.) is viewed as a sequence of n -bit blocks.
o The input is processed one block at a time in an iterative fashion to produce an n-bit hash function.

 One of the simplest hash functions is the bit-by-bit exclusive-OR (XOR) of every block.
This can be expressed as:
Ci = bi1 ⊕bi2 ⊕ … ⊕bim
Where
Ci = i th bit of the hash code, 1 … i … n
m = number of n-bit blocks in the input
bij = i th bit in j th block
⊕ = XOR operation
This operation produces a simple parity bit for each bit position and is known as a longitudinal redundancy
check.

 It is reasonably effective for random data as a data integrity check. Each n-bit hash value is equally likely.
 Thus, the probability that a data error will result in an unchanged hash value is 2-n.

 With more predictably formatted data, the function is less effective.

 For example, in most normal text files, the high-order bit of each octet is always zero.

 So if a 128-bit hash value is used, instead of an effectiveness of 2-128, the hash function on this type of data
has an effectiveness of 2-112.
 A simple way to improve matters is to perform a one-bit circular shift, or rotation, on the hash value after
each block is processed.
The procedure can be summarized as follows.
1. Initially set the n-bit hash value to zero.
2. Process each successive n-bit block of data as follows:
a. Rotate the current hash value to the left by one bit.
b. XOR the block into the hash value.
 This has the effect of “randomizing” the input more completely and overcoming any regularities that appear
in the input.
 Although the second procedure provides a good measure of data integrity, it is virtually useless for data
security when an encrypted hash code is used with a plaintext message.
 Although a simple XOR or rotated XOR (RXOR) is insufficient if only the hash code is encrypted, you may
still feel that such a simple function could be useful when the message together with the hash code is encrypted.
Hash functions based on Cipher block chaining
A number of proposals have been made for hash functions based on using a cipher block chaining technique,
but without using the secret key. One of the first such proposals was that of Rabin . Divide a message into
fixed-size blocks and use a symmetric encryption system such as DES to compute the hash code as This is
similar to the CBC technique, but in this case, there is no secret key. As with any hash code, this scheme is
subject to the birthday attack, and if the encryption algorithm is DES and only a 64-bit hash code is produced,
then the system is vulnerable.

Hi = E(Mi , Hi-1) Hi-1

Another variation, proposed in ,
Hi = E(Hi-1, Mi ) Mi

Secure Hash Algorithm (SHA)

Introduction to SHA

1. SHA stands for secure hashing algorithm.

2. SHA is a modified version of MD5 and used for hashing data and certificates.
3. A hashing algorithm shortens the input data into a smaller form that cannot be understood by using bitwise
operations, modular additions, and compression functions. You may be wondering, can hashing be cracked or
decrypted

Hashing is similar to encryption, the only difference between hashing and encryption is that hashing is one-
way, meaning once the data is hashed, the resulting hash digest cannot be cracked, unless a brute force attack is
used. See the image below for the working of SHA algorithm. SHA works in such a way even if a single character
of the message changed, then it will generate a different hash. For example, hashing of two similar, but different
messages i.e., Heaven and heaven is different. However, there is only a difference of a capital and small letter.

Different SHA Forms

When learning about SHA forms, several different types of SHA are referenced. Examples of SHA names
used are SHA-1, SHA-2, SHA-256, SHA-512, SHA-224, and SHA-384, but in actuality there are only two types:
SHA-1 and SHA-2. The other larger numbers, like SHA-256, are just versions of SHA-2 that note the bit lengths
of the SHA-2. SHA-1 was the original secure hashing algorithm, returning a 160-bit hash digest after hashing.

SHA-2 can produce a variety of bit-lengths, from 256 to 512 bit, allowing it to assign completely unique values
to every hash digest created.

Features of the SHA algorithm are as follows:

 Message Length: The length of the cleartext should be less than 264 bits. The size needs to be in the
comparison area to keep the digest as random as possible.

 Digest Length: The length of the hash digest should be 256 bits in SHA 256 algorithm, 512 bits in
SHA-512, and so on. Bigger digests usually suggest significantly more calculations at the cost of
speed and space.

 Irreversible: By design, all hash functions such as the SHA 256 are irreversible. You should neither
get a plaintext when you have the digest beforehand nor should the digest provide its original value
when you pass it through the hash function again.

Applications of SHA algorithm

The processing of SHA works as follows −

Step 1 − Append padding bits − The original message is padded and its duration is congruent to 448 modulo
512. Padding is continually inserted although the message already has the desired length. Padding includes a
single 1 followed by the essential number of 0 bits.

Step 2 − Append length − A 64-bit block considered as an unsigned 64-bit integer (most essential byte first),
and defining the length of the original message (before padding in step 1), is added to the message. The complete
message's length is a multiple of 512.

Step 3 −Initialize the buffer − The buffer includes five (5) registers of 32 bits each indicated by A, B, C, D, and
E. This 160-bit buffer can be used to influence temporary and final outcomes of the compression function. These
five registers are initialized to the following 32-bit integers (in hexadecimal notation).

A = 67 45 23 01

B = ef cd ab 89
 C = 98 ba dc fe

D = 10 32 54 76

E = c3 d2 e1 f0

The registers A, B, C, and D are actually the same as the four registers used in MD5 algorithm. But in SHA-1,
these values are saved in big-endian format, which define that the most essential byte of the word is located in
the low-address byte position. Therefore the initialization values (in hexadecimal notation) occurs as follows −

word A = 67 45 23 01

word B = ef cd ab 89

word C = 98 ba dc fe

word D = 10 32 54 76

word E = c3 d2 e1 f0

Step 4 − Process message in 512-bit blocks − The compression function is divided into 20 sequential steps
includes four rounds of processing where each round is made up of 20 steps.

The four rounds are structurally same as one another with the only difference that each round need a different
Boolean function, which it can define as f1, f2, f3, f4 and one of four multiple additive constants Kt (0 ≤t ≤79)
which is based on the step under consideration.

Step 5 − Output − After processing the final 512-bit message block t (considering that the message is divided
into t 512-bit blocks), and it can obtain a 160-bit message digest.