SRI GURU TEGH BAHADUR INSTITUTE OF

MANAGEMENT AND INFORMATION TECHNOLOGY

COURSE REPORT
ON
Cryptography and Network Security

Submitted by:
Name: Yashika
Enrollment No.: 00590202024
Date: 26th August 2025
Course: Bachelor of Computer Applications (BCA)
 INDEX

Description Page No.

Introduction 1 to 2

Project Details 3 to 7

Unit 1: Introduction to 8 to 16
Cryptography
Unit 2: Hash Functions 17 to 22

Unit 3: Symmetric Encryption 23 to 28

Unit 4: Asymmetric Encryption 29 to 33

Unit 5: Signatures and Certificates 34 to 38

Unit 6: Key Management 39 to 41

Unit 7: Zero-Knowledge Proofs 42 to 44

Unit 8: Quantum Key Distribution 45 to 47

Unit 9: Quantum Algorithms 48 to 50

Conclusion 51 to 52
 Introduction
In today’s digital world, where vast amounts of data are
generated, transmitted, and stored electronically, the security of
information has become a critical concern. Cryptography and
network security form the cornerstone of protecting sensitive
data from unauthorized access, modification, and misuse.
Cryptography is the science of designing techniques to secure
information and communications through codes, enabling only
intended recipients to access the original message. Network
security involves protecting data during transmission across
networks, ensuring the confidentiality, integrity, and availability
of information.

The importance of cryptography and network security has grown

exponentially with the widespread adoption of the internet,
cloud computing, mobile devices, and online transactions. These
technologies increase the risk of threats such as eavesdropping,
data tampering, identity theft, impersonation, and denial of
service attacks. To address these challenges, a variety of security
approaches, mechanisms, and protocols have been developed.

This report covers fundamental concepts and techniques in

cryptography and network security, beginning with the
principles of information security and types of security attacks.

1|Page
It explores various cryptographic methods including symmetric
and asymmetric encryption, hash functions, digital signatures,
and key management strategies. Further, network protection
mechanisms such as SSL/TLS, digital certificates, email
security, and IPsec are discussed. The report also examines
emerging topics including blockchain technology and quantum
cryptography, highlighting their role in strengthening security
frameworks.

The objective of this report is to provide a comprehensive

understanding of the principles, tools, and applications of
cryptography and network security. It aims to equip readers with
the knowledge to recognize security challenges and the means to
mitigate them effectively in modern digital communication
environments.

2|Page
 Project

Introduction
We developed a simple encryption tool using Java language.
This tool uses the Advanced Encryption Standard (AES)
algorithm to encrypt and decrypt text. The tool provides users
with a simple and secure way to protect their data.

Aim and Objective

Aim: To develop a simple encryption tool that provides users
with a secure way to encrypt and decrypt text.
Objectives:
-To provide users with a simple and easy-to-use encryption
tool.
- To use the AES algorithm to ensure secure encryption and
decryption of text.
Methodology
- The encryption tool was developed using Java language.
- The AES algorithm was used to encrypt and decrypt text.
- The tool provides users with a simple and user-friendly
interface to encrypt and decrypt text.

3|Page
Key Code

1. Key Generation
KeyGenerator keyGen = KeyGenerator.getInstance(“AES”);
keyGen.init(128);
SecretKey secretKey = keyGen.generateKey();
- This code generates a secret key for AES encryption.
- ‘KeyGenerator.getInstance(“AES”)’gets an instance of the
AES key generator.
- `keyGen.init(128)` initializes the key generator with a key size
of 128 bits.
- `secretKey = keyGen.generateKey()` generates the secret key.

2. Encryption
Cipher cipher = Cipher.getInstance(“AES”);
Cipher.init(Cipher.ENCRYPT_MODE, secretKey);
Byte[] encryptedBytes =
cipher.doFinal(text.getBytes(StandardCharsets.UTF_8));
- This code encrypts the text using the AES algorithm.
- `Cipher.getInstance(“AES”)` gets an instance of the AES
cipher.

4|Page
- `cipher.init(Cipher.ENCRYPT_MODE, secretKey)` initializes
the cipher for encryption mode with the secret key.
- `cipher.doFinal(text.getBytes(StandardCharsets.UTF_8))`
encrypts the text and returns the encrypted bytes.

3. Decryption
Cipher cipher = Cipher.getInstance(“AES”);
Cipher.init(Cipher.DECRYPT_MODE, secretKey);
Byte[] decryptedBytes =
cipher.doFinal(Base64.getDecoder().decode(encryptedText));
- This code decrypts the encrypted text using the AES algorithm.
- `Cipher.getInstance(“AES”)` gets an instance of the AES
cipher.
- `cipher.init(Cipher.DECRYPT_MODE, secretKey)` initializes
the cipher for decryption mode with the secret key.
- `cipher.doFinal(Base64.getDecoder().decode(encryptedText))`
decrypts the encrypted text and returns the decrypted bytes.

4. Base64 Encoding and Decoding

String encryptedText =
Base64.getEncoder().encodeToString(encryptedBytes);

5|Page
Byte[] decryptedBytes =
Base64.getDecoder().decode(encryptedText);
- This code uses Base64 encoding and decoding to convert the
encrypted bytes to a string and vice versa.
- `Base64.getEncoder().encodeToString(encryptedBytes)`
encodes the encrypted bytes to a Base64 string.
-
`Base64.getDecoder().decode(encryptedText)` decodes the
Base64 string back to the encrypted bytes.

Screenshot

6|Page
Bibliography
- Java Documentation:
https://docs.oracle.com/javase/8/docs/api/
- AES Algorithm:
https://en.wikipedia.org/wiki/Advanced_Encryption_Standa
rd

7|Page
 Unit 1: Introduction to Cryptography

1.1 Introduction to Encryption and Computational Security

Key Concepts of Cryptography

Cryptography is the study of techniques used to secure
communication and data in the presence of adversaries. Its main
goal is to ensure that sensitive information remains confidential,
authentic, and unchanged during storage or transmission. The
following fundamental principles are central to cryptography:

Confidentiality: Ensures information is accessible only to

authorized individuals. Encryption converts data into unreadable
ciphertext, which can only be decrypted by those with the
correct key.

Integrity: Guarantees that data has not been altered or tampered

with by unauthorized parties during transit or storage.
Cryptographic hash functions produce a fixed-size fingerprint of
data to detect any changes.

8|Page
Authentication: Confirms the identity of the sender and
receiver, ensuring the parties engaging in communication are
genuine. Techniques include digital signatures and cryptographic
certificates.

Non-repudiation: Prevents entities from denying their actions,

such as sending a message. Digital signatures provide proof that
a particular individual performed a certain action.
Key Management: Involves the generation, distribution, and
storage of cryptographic keys. Effective key management is
critical for maintaining the security of cryptographic systems.

How Cryptography Works

Cryptography works by transforming readable information
(plaintext) into an unreadable format (ciphertext) using
mathematical algorithms and keys. This transformation process
is called encryption. Only a recipient with the appropriate key
can reverse the process, known as decryption, to retrieve the
original plaintext.

There are two primary types of cryptographic techniques:

9|Page
 • Symmetric-Key Cryptography: Uses the same secret key
for both encryption and decryption. Both sender and
receiver must share
this key in advance. It
is fast and efficient
for processing large
amounts of data but
poses challenges in
secure key
distribution.

• Asymmetric-Key
Cryptography
(Public-Key
Cryptography):
Uses a pair of
mathematically
related keys—a
public key for
encryption and a private key for decryption. The public key
can be freely distributed, while the private key remains
secret. This method resolves key distribution problems and
enables secure communication even when the parties have
never met.

10 | P a g e
Additionally, cryptographic hash
functions take an input and produce
a fixed-length output (hash) that
uniquely represents the data. They
are used to verify the integrity of
messages and in digital signatures.

Modern cryptography employs sophisticated algorithms such as

AES for symmetric encryption and RSA or ECC for asymmetric
encryption, ensuring strong security against brute-force and
cryptanalytic attacks under current technological capabilities.

Key Terms for Network Security

• Firewall: A security device or software that monitors and
controls incoming and outgoing network traffic based on
predetermined security rules.
• Intrusion Detection System (IDS): Monitors network
traffic for suspicious activity and alerts administrators of
potential threats.
• Virtual Private Network (VPN): Extends a private
network across a public network, allowing users to send
and receive data securely.

11 | P a g e
 • SSL/TLS (Secure Sockets Layer / Transport Layer
Security): Protocols used to establish secure encrypted
connections between web browsers and servers.
• Phishing: A cyberattack technique where attackers
impersonate trustworthy entities to steal sensitive
information.
• Denial of Service (DoS) Attack: An attempt to make a
machine or network resource unavailable to users by
overwhelming it with traffic.
• Public Key Infrastructure (PKI): A framework for
creating, distributing, and managing digital certificates to
secure communications.
• Digital Certificate: An electronic credential that verifies
the identity of entities online, issued by a trusted authority.
• MAC (Message Authentication Code): A short piece of
information used to authenticate a message and confirm its
integrity and authenticity.
• Zero Trust Security: A security model that requires strict
identity verification for every person and device trying to
access resources, regardless of whether they are inside or
outside the network.

12 | P a g e
1.2 Block Ciphers vs. Stream Ciphers
• Block Cipher:
Think of a block cipher like a safe that locks a fixed-size box of
data at once. It takes a chunk (block) of data, for example, 128
bits, and encrypts it all together using complex math. If the data
doesn’t fit perfectly, it adds extra padding. This approach is very
secure and is often used for things like encrypting files or
messages for storage. Examples include AES and DES.

• Stream Cipher:
A stream cipher is like locking each letter in a message one by
one as it comes. It encrypts data bit-by-bit or byte-by-byte
continuously, which makes it faster and better for real-time data
like live video or audio. There’s no padding needed since it
processes each piece as it arrives. However, it’s more sensitive
to errors and requires careful key management. Examples
include RC4 and Salsa20.

1.3Substitution Cipher
A substitution cipher is a simple encryption method where each
letter or character in the original message (plaintext) is replaced
by another letter, number, or symbol according to a fixed system
or key. The order of characters stays the same, but the characters
themselves are changed to keep the message secret.
13 | P a g e
Key points:
• Each plaintext letter is mapped to a different ciphertext
letter.
• Examples include the Caesar cipher, where letters are
shifted by a certain number in the alphabet (e.g., A becomes
D if shifted by 3).

• There are two main types:

1. Monoalphabetic substitution cipher: One fixed
substitution pattern for the whole message.
2. Polyalphabetic substitution cipher: Uses multiple
substitution patterns to make it more secure.

• To decrypt the message, the receiver reverses the

substitution using the key.
• This method is one of the oldest forms of encryption but
can be broken using techniques like frequency analysis.

Substitution ciphers are still fundamental in understanding

cryptography and serve as building blocks for more complex
encryption systems.

14 | P a g e
Example:
Plaintext: HELLO
With a shift of 3 (Caesar
cipher),
ciphertext: KHOOR

1.4Transposition Ciphers
A transposition cipher is a method of encryption where the
positions of the characters in the plaintext are rearranged (or
shuffled) according to a specific system or key, without
changing the characters themselves. This produces a ciphertext
that is a scrambled version of the original message.

Key points:
• Unlike substitution ciphers, which replace characters,
transposition ciphers only change the order of the
characters.
• It rearranges letters based on a pattern, like writing the
message into rows and then reading it off in columns.

Common types include:

Rail Fence Cipher: Writing letters diagonally in a zigzag
pattern and then reading off row by row.
15 | P a g e
Columnar Transposition Cipher: Writing the message in rows
of fixed width and reading the columns in a scrambled order
defined by a key.
• Padding or null characters may be added if the data doesn’t
fit perfectly in the grid.
• Transposition ciphers can be combined with substitution
ciphers to improve security.
Example:
For the phrase “HELLO WORLD,” using a simple columnar
transposition with a key that rearranges columns, the ciphertext
would be formed by writing the text in rows and then reading
vertically in the order defined by the key.

16 | P a g e
 Unit 2:Hash Functions

2.1What is a Hash Function

A hash function is a special kind of function that takes input
data of any size (like a word, file, or message) and converts it
into a fixed-size string of characters, which is usually a
sequence of numbers and letters. This output is called a hash
value or hash code.

Key points about hash functions:

• The output size is always fixed, no matter how big or
small the input is.
• Even a tiny change in the input (like changing one letter)
produces a very different hash value.
• Hash functions are designed for fast computation.
• They are one-way functions, meaning you can’t easily get
back the original input from the hash value.
• Good hash functions minimize the chance of two
different inputs producing the same hash (called a
collision).

17 | P a g e
Uses:
• Used in data storage and retrieval (like indexing in hash
tables).
• Used in security, for example, to store passwords
securely or verify data integrity.
• Used in digital signatures and message authentication.

Simple analogy:
Think of a hash function like a blender: you put any
ingredients (data) into it, and it produces a smoothie of a
fixed size (hash value). You can’t easily separate the
ingredients from the smoothie, and even changing a tiny
bit of the ingredients changes the smoothie drastically.
Very common cryptographic hash functions include
SHA-256 and SHA-512.

2.2Collision Resistance
Collision resistance is a property of cryptographic hash
functions that makes it very hard to find two different inputs
producing the same hash output.

18 | P a g e
Importance of Collision Resistance:
Protects data integrity: Ensures that data hasn’t been
changed or tampered with.
Secures digital signatures: Prevents someone from creating
a fake message with the same hash as a genuine one.
Prevents fraud in security systems: Like cryptocurrencies
or password storage, collision resistance helps avoid attacks
where two different inputs can trick security checks.
Without collision resistance, attackers could forge data or
impersonate others by exploiting hash collisions.

The MD5 hash function has several notable vulnerabilities

and weaknesses, mainly related to collision resistance:
Collision Vulnerability: It is possible and computationally
feasible to find two different inputs that produce the exact
same MD5 hash. This means attackers can create fake data
or certificates that appear legitimate because they share the
same MD5 hash.
Practical Collisions Found: Starting in 2004, researchers
demonstrated practical attacks that generate collisions
quickly. These have been exploited to produce forged digital
certificates, malware signing, and other security breaches.

19 | P a g e
Chosen-prefix Collisions: Advanced attacks allow attackers
to produce collisions even when parts of the message are
fixed or predefined, increasing the risk.
Examples of Exploits: The Flame malware in 2012 exploited
MD5 collisions to forge Windows code-signing certificates.

2.3Merkle-Damgard Construction
The Merkle–Damgård construction is a method for building
cryptographic hash functions securely from a smaller, fixed-
size function called a compression function.

How it works:
• The input message is first padded to make its length a
multiple of a fixed block size.
• The padded message is split into blocks of equal size.
• The hash function processes these blocks one-by-one in
a sequence.
• It starts with an initial value (IV).
• Each block is combined (using the compression
function) with the result of the previous block’s
processing.
• This chain continues until all blocks are processed,
producing a fixed-size hash output.
20 | P a g e
 Key properties:
• If the compression function used is collision-resistant,
the whole hash function built this way is also collision-
resistant.
• Many popular hash functions like MD5, SHA-1, and SHA-
2 use this construction.
• The construction includes padding that encodes the
original message length, which helps prevent certain
attacks.

2.4SHA(Secure Hash Algorithm)

SHA stands for Secure Hash Algorithm. It is a family of
cryptographic hash functions designed to securely transform
input data (like a message or file) into a fixed-size string of
characters, called a hash or message digest.

Key points about SHA:

• It produces a unique hash for every unique input.
• Even changing one character in the input drastically
changes the hash (called the avalanche effect).
• SHA is a one-way function, meaning you can’t reverse
the hash to get the original data.

21 | P a g e
 • It is widely used for security purposes like verifying data
integrity, digital signatures, and password protection.

The security of SHA (Secure Hash Algorithm) is based on

several important features:
1. One-way function: Easy to compute the hash from data
but practically impossible to reverse back to original
input.
2. Pre-image resistance: Hard to find an input given a hash
value, preventing attackers from guessing the original
data.
3. Collision resistance: It’s very hard to find two different
inputs that produce the same hash, preventing forgery
and data tampering.
4. Fixed-size output: Produces a fixed-length hash
regardless of input size, providing consistency.
5. Efficiency: Can compute hashes quickly even for large
volumes of data, suitable for real-time use.
6. Widely used: SHA-2 and SHA-3 are standards in digital
signatures, certificates, blockchain, and password
hashing.

22 | P a g e
 Unit3: Symmetric
Encryption

3.1Introduction to Symmetric Cipher

A symmetric cipher is a type of encryption where the same
key is used for both encrypting and decrypting data. This
means the sender and receiver share a single secret key to
keep the communication private.

How it works:
• The original message (called plaintext) is encrypted
using a secret key into an unreadable form (called
ciphertext).
• The receiver uses the same secret key to decrypt the
ciphertext back to the original plaintext.

Key points:
• Also called secret-key encryption or single-key
encryption.
• Examples include AES (Advanced Encryption Standard),
DES (Data Encryption Standard), and Blowfish.

23 | P a g e
 • It Is fast and efficient, suitable for bulk data encryption.
• The biggest challenge is securely sharing the secret key
between sender and receiver.
• Commonly used for encrypting data at rest and for
secure communication channels.
Use cases:
• Securing communications like emails or messages.
• Encrypting files and databases.
• Protecting data in financial transactions.

3.2Feistel Cipher
A Feistel cipher is a symmetric encryption design model
used to create many block ciphers, including the well-known
DES (Data Encryption Standard). It is named after Horst
Feistel, who introduced this structure.

How the Feistel cipher works:

• The input data block is split into two equal halves: left
(L) and right .
• The encryption process consists of multiple rounds.

In each round:

24 | P a g e
 • A round function (usually complex and involving a
subkey) is applied to the right half and combined
(usually XOR) with the left half.
• Then, the halves are swapped.
• This process is repeated for a specified number of
rounds.
• After the last round, the halves are combined to
produce the ciphertext.

3.3Data Encryption Standard(DES)

The Data Encryption Standard (DES) is a symmetric-key
block cipher designed for encrypting digital data. It was
developed in the early 1970s by IBM and adopted as a
federal standard by the U.S. National Institute of Standards
and Technology (NIST) in 1977. DES played a foundational
role in the field of cryptography.

How DES works:

1. The plaintext is divided into 64-bit blocks.
2. Each block goes through an initial permutation.
3. The block is split into two 32-bit halves.
4. Each half is processed through 16 rounds of the Feistel
function mixing substitution, permutation, and key
mixing.

25 | P a g e
 5. The halves are recombined, and a final permutation
produces the ciphertext.

Key features of DES:

• Block cipher: DES encrypts data in fixed-size blocks of
64 bits.
• Key size: Although the key is nominally 64 bits, only 56
bits are used for encryption (the other 8 bits are used for
parity checks).
• Rounds: DES uses a Feistel cipher structure with 16
rounds of processing in which the data is transformed
through complex operations including substitution and
permutation.
• Encryption and decryption processes: Both use the
same algorithm, but decryption applies the round keys
in reverse order.
• Initial and final permutations: Simple bit
rearrangements applied at the start and end of the
process.
• Security: While strong when introduced, advances in
computing and cryptanalysis have rendered DES
vulnerable to brute-force attacks due to its relatively
short key length.

26 | P a g e
 3.4Advanced Encryption Standard (AES)
The Advanced Encryption Standard (AES) is a widely used
symmetric key encryption algorithm designed to securely
encrypt and decrypt data. It was established by the U.S.
National Institute of Standards and Technology (NIST) in
2001, replacing the older DES algorithm.

How AES Works in Brief:

1. Key Expansion: The encryption key is expanded into
multiple round keys.
2. Initial Round: Plaintext combined with the first round
key.
3. Main Rounds: Each round includes SubBytes (byte
substitution), ShiftRows (row shifting), MixColumns
(column mixing), and AddRoundKey (mixing in round
keys).
4. Final Round: Similar to main rounds but without
MixColumns.
5. Output: Produces ciphertext from plaintext securely.

Key Features of AES:

• Symmetric encryption: The same key is used for both
encryption and decryption.

27 | P a g e
 • Block cipher: AES processes data in fixed-size blocks
of 128 bits (16 bytes).
• Key sizes: Supports three key lengths — 128 bits, 192
bits, and 256 bits, offering different levels of security.
• Number of rounds: AES-128 uses 10 rounds, AES-192
uses 12 rounds, and AES-256 uses 14 rounds of
encryption to strengthen security.
• Strong security: Resistant to all known attacks, making
it suitable for protecting sensitive data.
• Efficiency: Highly efficient in both software and
hardware implementations.
• Substitution-Permutation Network: Uses multiple
rounds of substitution, permutation, and mixing steps
to transform plaintext into ciphertext.

28 | P a g e
 Unit4: Asymmetric Encryption

Asymmetric encryption, also known as public-key

cryptography, is a type of encryption that uses two
separate keys: a public key and a private key.

How it works:
• The public key is shared openly and used to encrypt
data.
• The private key is kept secret and used to decrypt data.
• This mechanism allows secure communication without
the need to share secret keys beforehand.

Key features:
• Two keys: One for encryption (public) and one for
decryption (private).
• Security: Even if the public key is known, data cannot
be decrypted without the private key.
• Digital signatures: The private key can be used to sign
data, and the public key can verify the signature,
ensuring authenticity.
• Secure key exchange: Used to safely exchange
symmetric keys over insecure channels.

29 | P a g e
4.1Introduction to Public Key Cryptography
Public key cryptography, also known as asymmetric
cryptography, is a method of secure communication that uses a
pair of mathematically related keys:
• A public key, which is shared openly and used to encrypt
data.
• A private key, which is kept secret and used to decrypt data.
• These two keys work together such that data encrypted
with the public key can only be decrypted by the matching
private key, ensuring confidentiality.

How it works:
• When someone wants to send you a secure message, they
use your public key to encrypt it.
• Only you, the owner of the private key, can decrypt and
read the message.
• This removes the need to share a secret key in advance,
making communication secure even over untrusted
networks.

30 | P a g e
 4.2The RSA Cryptosystem
RSA is a way to keep messages safe by using two keys: one
public, one private.

Public key: Anyone can see and use this to lock (encrypt) a
message.
Private key: Only the owner has this key to unlock
(decrypt) the message.

Why is it safe?
Multiplying two big primes is easy, but figuring out the
original primes from the product is super hard for
computers.

So, even if someone knows your public key, they can’t

easily figure out your private key or decrypt messages.

Simple example:
Public key: Lock box anyone can put messages inside.
Private key: Your unique key to open the lock box.

31 | P a g e
 4.3The RSA (Rivest-Shamir-Adleman) Encryption
System

What is RSA?
RSA is a way to send secret messages securely using two keys—
a public key and a private key. It’s named after its inventors:
Ron Rivest, Adi Shamir, and Leonard Adleman. The system is
based on a math problem that is easy to do one way (multiplying
big prime numbers) but very hard to reverse (factoring those big
numbers).
How RSA Works:
You create two keys:
• The public key (shared openly).
• The private key (kept secret).
Someone who wants to send you a message:
• Uses your public key to lock (encrypt) the message.
• You unlock (decrypt) the message:
• Using your private key, only you can read it.

Simple Analogy:
1. Think of your public key as a locked mailbox anyone can
put letters into.

32 | P a g e
 2. Your private key is the only key that can open that mailbox
and read the letters.
3. Even if others see the mailbox, they cannot open it without
your private key.

33 | P a g e
 Unit5:Signatures and Certificates

5.1Message Integrity
A digital signature is a way to prove that a digital message or
document really comes from the claimed sender and has not
been altered. It provides:
Authentication: Confirms the sender’s identity.
Integrity: Ensures the message hasn’t been changed.
Non-repudiation: The sender cannot deny sending the message.
Confidentiality: Ensures that information is only accessible to
authorized parties.
Availability: Ensuring information and resources are accessible
to authorized users whenever needed.

5.2Message Authentication Code(MAC)

What is a Message Authentication Code (MAC)?
• A Message Authentication Code (MAC) is a short piece of
data attached to a message that ensures:
• The message is really from the stated sender (authenticity).
• The message has not been changed or tampered with during
transmission (integrity).

34 | P a g e
 How a MAC works:
1. The sender and receiver share a secret symmetric key.

2. The sender uses this key, along with the message, in a

MAC algorithm to generate a MAC value (like a
digital fingerprint or tag).

3. The MAC value is sent along with the message.

4. When the receiver gets the message and the MAC,

they use the same secret key and algorithm to compute
the MAC on the received message.

5. If the computed MAC matches the sent MAC, the

receiver knows the message is authentic and hasn’t
been altered.

Purpose and Benefits of MAC:

Authentication: Confirms the sender’s identity using a
shared secret key.

Integrity: Detects whether the message was changed in

transit.

Protection against forgery: Without the secret key, an

attacker cannot generate a valid MAC for fake messages.

35 | P a g e
Use Cases:
• Securing network communications.

• Verifying software updates.

• Protecting financial transactions.

• Safeguarding data transmissions between devices.

5.3keyed Hash Functions

A keyed hash function is a type of cryptographic hash function
that combines a secret key with the input data to produce a
unique hash value. This approach is commonly known as
HMAC (Hash-based Message Authentication Code).

How it works:
• The sender and receiver share a secret key.
• The secret key is combined with the message before
hashing.
• The hashing process is done twice with the key included,
creating a MAC (Message Authentication Code).
• This ensures the hash value depends on both the message
and the key.

36 | P a g e
5.4Digital Signatures and Certificates
Digital Signatures:

• Created by hashing the original message to produce a

fixed-length digest.
• The message digest is encrypted with the sender’s private
key to generate the digital signature.
• The signed message is sent to the receiver along with the
signature.
• The receiver decrypts the signature using the sender’s
public key to get the hash.
• The receiver hashes the received message and compares it
with the decrypted hash.
• If both match, the message is authentic, unchanged, and
signed by the sender.

Popular Algorithms for Digital Signatures:

1. RSA (Rivest-Shamir-Adleman)

2. DSA (Digital Signature Algorithm)

3. ECDSA (Elliptic Curve Digital Signature Algorithm)

37 | P a g e
 Certificates:
• A digital certificate links a public key to an entity’s identity,
issued by a Certificate Authority (CA).
• It contains the public key, the identity information,
expiration date, and CA’s signature.
• Certificates ensure trust in digital communications (e.g.,
SSL/TLS certificates for HTTPS websites).

Example Use Cases:

• Verifying software authenticity (signed binaries).
• Securing email communication.
• Authenticating users and devices.
• Ensuring the integrity of electronic documents.

38 | P a g e
 Unit 6:Key Management

Key management refers

to the processes and
procedures involved in
generating, distributing,
storing, using, and
eventually destroying
cryptographic keys.
Proper key management
ensures the security and
effectiveness of
cryptographic systems by protecting keys from unauthorized
access and loss.
6.1Cyclic Groups
A cyclic group is a mathematical group where all elements can
be generated by repeatedly applying the group operation to a
single element called the generator.
Important Theorems:
Fundamental Theorem of Cyclic Groups:
If G is cyclic of order N, then for each positive divisor D of N,
there is a unique subgroup of order d.

39 | P a g e
The structure of cyclic groups makes them especially important
in number theory and cryptography because they are simple to
analyze and understand.

Examples in Cryptography:
1. Cyclic groups underpin many cryptographic protocols by
providing a foundation for hard problems like the Discrete
Logarithm Problem (DLP).

2. Widely used in algorithms like Diffie-Hellman key

exchange, encryption, and elliptic curve cryptography.

6.2Diffie-Hellman Key Exchange

Diffie-Hellman key exchange is a method for two parties to
securely share a secret key over a public channel, even if an
attacker is listening. This key can then be used for encrypting
further communication using symmetric encryption.
Why is it Secure?
Even if an attacker knows P, G, A, and B, they cannot easily
compute S due to the difficulty of the discrete logarithm
problem.
The private keys A and B never get transmitted, making the
shared secret secure.
40 | P a g e
Usage:
• Used in SSL/TLS, SSH, IPsec.
• Enables forward secrecy, meaning even if long-term keys
are compromised in the future, past communications
remain secure.

Summary:
Diffie-Hellman key exchange allows secure generation of a
shared secret key between two parties over an insecure channel
without actually transmitting the key, relying on complex
mathematical problems to prevent eavesdroppers from
discovering the secret.

41 | P a g e
 Unit7:Zero-Knowledge Proofs
7.1 Introduction to Zero-Knowledge Proofs
A Zero-Knowledge Proof is a cryptographic method where
one party (called the Prover) can prove to another party
(called the Verifier) that they know a secret or that a
statement is true—without revealing any information about
the secret itself.

Key Characteristics of Zero-Knowledge Proofs:

Completeness: If the statement is true and both parties
follow the protocol honestly, the verifier will be convinced.

Soundness: If the statement is false, no dishonest prover

can convince the verifier except with very low probability.

Zero-Knowledge: The verifier learns nothing beyond the

fact that the statement is true—no information about the
secret is revealed.

Why is it Important?
• Enables verification of facts without exposing private
data.

42 | P a g e
 • Used in privacy-enhancing technologies like secure
authentication systems, blockchain privacy, and
confidential transactions.

• Allows proving possession of credentials or

knowledge without revealing underlying sensitive
info.

Intuitive Example:
• Imagine a cave shaped like a loop with a locked door
inside. The prover claims to know the secret passcode
to open the door but doesn’t want to reveal it.
• The prover goes into the cave and chooses one path.
• The verifier calls out which path the prover must come
out from.
• If the prover knows the passcode, they can open the
door and come out as requested.
• Repeating this multiple times convinces the verifier
that the prover knows the secret without telling them
the passcode.

7.2SNARKS

Zk-SNARKs are a special kind of zero-knowledge proof that

lets one party prove they know certain information without
revealing it, and the proof is:

43 | P a g e
Succinct: Very short and fast to verify.

Non-Interactive: Only one message (proof) needed from prover

to verifier, no back-and-forth.

Argument of Knowledge: Guarantees prover actually knows

the secret.

Key Points:
• Zk-SNARKs enable privacy-preserving proofs, especially
in blockchains, allowing transactions to be verified without
revealing sender, receiver, or amount.
• Used widely in privacy-focused cryptocurrencies like
Zcash.
• They require a trusted setup phase to generate the public
parameters; if compromised, it can break security.
• Zk-SNARKs rely on elliptic curve cryptography and are
extremely efficient in terms of proof size and verification
time.

Applications:
• Privacy-preserving transactions.
• Scalable and efficient blockchain systems.
• Secure identity verification without revealing personal data.

44 | P a g e
 Unit8:Quantum Key Distribution

Quantum Key Distribution (QKD) is a cryptographic technique

that uses the principles of quantum mechanics to securely
distribute encryption keys between parties.

How QKD Works:

• Quantum particles (like photons) are used to transmit
encryption keys.

• Any attempt to eavesdrop or intercept changes the quantum

state of these particles, making eavesdropping detectable.

• This ensures a tamper-proof key exchange, offering

theoretically unbreakable security.

8.1Photon Polarization

In Quantum Key Distribution, photon polarization is commonly

used as a way to encode information on single photons, which
serve as quantum bits (qubits).

Basics of Photon Polarization:

45 | P a g e
 • Photons, the particles of light, can be polarized in different
directions (e.g., horizontal, vertical, diagonal).

• Polarization states represent binary values (0 or 1)

depending on the chosen basis.

• In QKD protocols like BB84, the sender (Alice) encodes

bits using randomly chosen polarization bases.

• The receiver (Bob) measures the polarizations using

randomly chosen bases as well.

• Due to quantum mechanics, any eavesdropping attempt

changes the polarization state and can be detected.

8.2Current Technology
Quantum Key Distribution (QKD) technology is rapidly
advancing and moving from experimental stages toward
commercial applications as of 2025. Here are key
highlights of the latest developments:

Key Innovations:
• Multiplexing Technology: Toshiba and KDDI Research
demonstrated the world’s first multiplexing system that
allows QKD secret keys and high-capacity data signals to
share a single optical fiber. This breakthrough supports data

46 | P a g e
 transmission speeds of 33.4 Tbps over 80 km, lowering
deployment costs by eliminating dedicated fibers for key
exchange.

• Continuous-Variable QKD (CV-QKD): LuxQuanta

released a next-gen plug-and-play CV-QKD system,
extending communication range beyond 100 km and
doubling previous signal tolerance. CV-QKD uses light
properties to encode quantum information, making it easier
to integrate with existing infrastructure.

• Satellite-based Quantum Communications: The

European Space Agency is advancing Quantum
Communication Infrastructure via satellites for expanded,
long-distance QKD networks, enabling global quantum-
safe communication.

• Quantum Machine Learning (QML) in QKD: Emerging

research integrates QML to optimize key generation
efficiency, eavesdropping detection, and security analysis,
promising enhanced performance of quantum
cryptographic networks.

47 | P a g e
 Unit9:Quantum Algorithms

9.1Quantum Operators
Quantum operators are the mathematical tools used to
describe and manipulate quantum states during quantum
key distribution. They characterize how quantum states
(qubits or photons) evolve, are measured, or interact in
QKD protocols.

Role of Quantum Operators in QKD:

State Preparation: Operators prepare different quantum
states such as polarized photons to encode key bits. For
example, polarization operators initialize photons in
horizontal, vertical, or diagonal states.

Measurement: Measurement operators describe how the

receiver measures the incoming quantum states, collapsing
the superposition into definite classical bits.

Unitary Operators: Represent transformations applied to

quantum states during communication, ensuring the
integrity and coherence of quantum information.

Projection Operators: Model the measurement process

extracting bit values from quantum states while changing
their state.
48 | P a g e
 9.2Quantum Search Problems
Quantum search problems involve using quantum
algorithms to solve search and optimization tasks more
efficiently than classical methods. The breakthrough here is
leveraging quantum superposition and interference to
explore multiple possibilities simultaneously.

Key Quantum Search Algorithms:

Grover’s Algorithm: Provides a quadratic speedup for
unstructured search problems, searching an unsorted
database of N items in roughly √N Steps, compared to N
classically.

Applications include searching solutions to cryptographic

problems, optimization tasks, and database retrieval.

Relation to Quantum Key Distribution (QKD):

• While QKD focuses on the secure distribution of
cryptographic keys using quantum mechanics, quantum
search algorithms aid in analyzing and attacking
cryptographic systems.

• Quantum computers powered by search algorithms like

Grover’s pose threats to classical cryptography by speeding
up brute-force key searches.

49 | P a g e
 • This motivates transitioning to quantum-resistant
algorithms and integrating quantum methods like QKD for
secure communications.

50 | P a g e
 Conclusion
The study of Cryptography and Network Security has
shown how essential these fields are in protecting data and
communication in the modern digital world. Cryptography
provides the mathematical foundations and techniques for
securing information through encryption, hashing, digital
signatures, and key management, ensuring confidentiality,
integrity, and authenticity of data. On the other hand,
network security focuses on safeguarding the transmission
of data across networks by implementing secure protocols,
firewalls, intrusion detection systems, and preventive
mechanisms against cyberattacks.

Together, cryptography and network security create a

robust defense system that protects individuals,
organizations, and governments against threats such as data
breaches, identity theft, malware, and cyber warfare. The
concepts learned in this course — from classical encryption
methods to modern symmetric and asymmetric algorithms,
and from secure communication protocols to emerging
areas like quantum cryptography — provide a
comprehensive understanding of how secure systems are
designed and maintained.

51 | P a g e
 This project and vocational course have not only enhanced
my theoretical knowledge but also provided practical
exposure to real-world applications of information security.
The skills and insights gained will be highly valuable in
addressing current and future challenges in cybersecurity.
In conclusion, cryptography and network security are the
backbone of trust in the digital era, making them
indispensable in every aspect of technology and
communication.

52 | P a g e