Module 1 – Introduction to Network Security & Cryptography

- Computer Security

• Definition: Protects a standalone computer’s hardware and software from theft,

damage, and unauthorized access.

• Key Practice: Keep the system updated and patched to prevent vulnerabilities.

• Example: Installing antivirus and OS security updates.

- Network Security

• Definition: Protects data during transmission across a network so it cannot be

intercepted or altered.

• Threats:

o Malware: Viruses, worms, trojans, spyware, adware

o Hackers

o Zero-day attacks

o DoS (Denial of Service)

• Protection Methods:

o Firewalls

o Antivirus software

o Intrusion Detection Systems (IDS)

o Intrusion Prevention Systems (IPS)

o Virtual Private Networks (VPN)

 3. Information Security vs Cybersecurity

Term Definition Focus Example

Information Protects both physical and digital data from Data in any form – Locking a file cabinet with
Security unauthorized access, modification, paper records, sensitive employee records,
destruction, or disclosure. Includes policies, digital files, verbal encrypting a database,
processes, and technologies to safeguard communication. shredding confidential
information in any format. papers.

Cybersecurity A subset of Information Security focused on Digital/online Using firewalls to block

protecting digital assets – including systems – devices, hackers, updating antivirus
computers, networks, servers, and internet- networks, online software, securing cloud
based systems – from cyber threats like services, and cloud storage.
hacking, malware, phishing, etc. data.

4. Security Goals – CIA Triad

1. Confidentiality – Only authorized users can access data.

o Achieved with encryption (AES, DES, RSA).

2. Integrity – Data remains unchanged unless modified by authorized persons.

o Achieved with hash functions (SHA, MD5).

3. Availability – Systems and data are accessible when needed.

o Protected against DoS attacks using firewalls/routers.

5. Security Terms

• Vulnerability – Weak point in design or process (e.g., outdated software).

• Threat – Possible danger that can exploit a vulnerability.

• Risk – Potential damage or loss if a threat uses a vulnerability.

• Attack – Actual attempt to break security.

• Control – Countermeasures to prevent or reduce attacks.

6. OSI Security Architecture (ITU-T X.800)

• Provides a structured approach for defining and implementing security.

• Includes:

o Security Services – Functions like authentication, confidentiality, integrity.

o Security Mechanisms – Tools to achieve services (encryption, access control).

o Security Attacks – Classified as:

▪ Passive: Eavesdropping, traffic analysis (reading without altering data).

▪ Active: Modifying data, impersonation, replay, DoS.

Security Services

• Authentication – Verifying identity.

• Access Control – Restricting who can use resources.

• Data Confidentiality – Keeping data secret.

• Data Integrity – Ensuring data accuracy.

• Non-repudiation – Preventing denial of actions.

• Availability – Ensuring uptime.

Examples of Security Mechanisms

• Encipherment (Encryption)

• Digital Signatures

• Access Control Systems

• Traffic Padding (adding fake data to hide real traffic patterns)

• Routing Control (secure data path selection)

• Notarization (trusted third-party verification)

 Polyalphabetic Ciphers
Concept

• In polyalphabetic substitution, a single plaintext character can be encrypted to different

ciphertext characters depending on its position and key.

• This creates a one-to-many mapping between plaintext and ciphertext characters,

making it harder to break compared to monoalphabetic ciphers.

Types & Examples

A. Autokey Cipher

• Uses an initial key and then appends part of the plaintext itself to form the complete
key.

• Example:

o Initial key: k1 = 12

o Message: "Attack is today"

o Encryption is done character-by-character by shifting letters using the key values.

B. Playfair Cipher

• Uses a 5×5 matrix of letters (secret key table).

• Encrypts digraphs (pairs of letters) instead of single letters.

• Rules:

1. If letters are in the same row → replace each with letter to the right.

2. If letters are in the same column → replace each with letter below.

3. If letters form a rectangle → replace each with the letter in the same row but at
the other corner of the rectangle.

• Example: Encrypt "hello" using the Playfair key matrix.

C. Vigenère Cipher

• Uses a repeating keyword to determine shift values for each letter.

• Example:

o Message: "She is listening"

o Keyword: "PASCAL" → Numeric key: (15, 0, 18, 2, 0, 11)

o Repeat the key until it matches the message length.

• Can be seen as a combination of multiple additive ciphers.

• Special case: Additive cipher occurs when m = 1.

D. Vigenère Cipher Cryptanalysis

• Kasiski Test:

1. Look for repeated letter sequences in ciphertext.

2. Measure the distance between repetitions.

3. Find the GCD of these distances → probable key length.

• Once the key length is known, each position can be attacked like a Caesar cipher.
E. Hill Cipher

• Uses matrix multiplication for encryption.

• Key is an m × m matrix (must be invertible in mod 26).

• Example:

o Plaintext "code is ready" arranged in blocks.

o Ciphertext produced using matrix multiplication mod 26.

• Cryptanalysis: If enough plaintext–ciphertext pairs are known, the key matrix can be
recovered.
F. One-Time Pad

• Invented by Vernam.

• Uses a random key as long as the plaintext, used only once.

• Offers perfect secrecy (proved by Shannon).

• Each plaintext letter is shifted by the corresponding random key letter.

G. Rotor Ciphers & Enigma

• Rotor Cipher: Uses rotating disks to change substitution after each letter.

• Enigma Machine: Used in WWII, had multiple rotors, plugboard, and reflector for
complex polyalphabetic substitution.

Key Points

• Advantage: Stronger than monoalphabetic ciphers due to variability in substitutions.

• Weakness: Still breakable with statistical methods if the key is short or reused.

• Security Tip: Use long, random keys and avoid repetition.

 Traditional Symmetric-Key Cryptography
1. Introduction

• Definition: A cryptographic system where the same secret key is used for both
encryption (converting plaintext to ciphertext) and decryption (converting ciphertext
back to plaintext).

• How it works:

1. Sender (Alice): Uses an encryption algorithm + shared secret key K → produces

ciphertext.

2. Receiver (Bob): Uses a decryption algorithm + the same key K → retrieves the
original plaintext.

• Key Requirement: Both parties must securely share the key before communication
starts.

• Key Example: If K = 3 in a Caesar cipher, “HELLO” becomes “KHOOR” for encryption and
reverses for decryption.
 2. Kerckhoff’s Principle

• Rule: “The security of a cipher must depend only on the secrecy of the key, not the
secrecy of the algorithm.”

• Meaning:

o Assume the attacker knows how your encryption works.

o Even with that knowledge, without the key, the message should be safe.

3. Cryptanalysis (Attacks on Ciphers)

Cryptanalysis = Science and art of breaking ciphers.

Attack Type What Attacker Has Example

Ciphertext-Only Attack Only ciphertext Hacker intercepts encrypted emails but has no plaintext.
Attack Type What Attacker Has Example

Known-Plaintext Attack Some plaintext and its ciphertext Matching “HELLO” with “KHOOR” to find the key.

Attack Type What Attacker Has Example

Chosen-Plaintext Attack Can choose plaintext and get Sending a known message to see its encrypted form.
ciphertext
Attack Type What Attacker Has Example

Chosen-Ciphertext Attack Can choose ciphertext and get Submitting encrypted data to a system and observing
plaintext the output.

4. Categories of Traditional Ciphers

1. Substitution Ciphers – Replace each symbol with another.

o Monoalphabetic: Fixed one-to-one mapping (e.g., Caesar cipher).

o Polyalphabetic: Uses multiple substitution alphabets (e.g., Vigenère cipher).

2. Transposition Ciphers – Rearrange characters without changing them.

5. Monoalphabetic Cipher

• Definition: Each letter in plaintext always corresponds to the same letter in ciphertext.

• Weakness: Easily broken by letter frequency analysis or brute force.

5.1 Additive Cipher (Shift / Caesar Cipher)

The simplest monoalphabetic cipher is the additive cipher. This cipher is sometimes called a
shift cipher and sometimes a Caesar cipher, but the term additive cipher better reveals its
mathematical nature.

(Shift / Caesar Cipher)

• Idea: Shift each letter by a fixed number of positions in the alphabet.

• Formulas:

o Encryption: C = (P + K) mod 26

o Decryption: P = (C - K) mod 26

o P = Plaintext letter index, C = Ciphertext letter index, K = Key (shift amount).

• Example:

o Key K = 3:

▪ Plaintext: HELLO → Ciphertext: KHOOR

o Key K = 15:

▪ Plaintext: HELLO → Ciphertext: WTAAD

Breaking Monoalphabetic Ciphers

• Brute Force Attack:

o Try all possible keys (only 25 for Caesar cipher).

o Example: Ciphertext "UVACLYFZLJBYL" → Try keys 1…25 until a meaningful

plaintext appears.

• Statistical Attack:

o English letter frequency: E (12.7%), T (9.1%), A (8.2%), etc.

 o Compare ciphertext frequency with known patterns.

EXAMPLE :-

Strengths & Weaknesses :-

Strengths:

• Simple and fast.

• Requires less computational power.

Weaknesses:

• Key distribution problem — needs a secure channel for sharing keys.

• Easily breakable if short keys are used.

• Not secure against modern computational attacks.

Key Takeaways
 • Symmetric-key systems are still widely used today (e.g., AES, DES), but modern versions
are much stronger than historical ones.

• Traditional ciphers like Caesar and simple substitution are useful for learning but not
secure for real-world use.

• Good practice: Combine substitution + transposition and use large, random keys.

Traditional Transposition Ciphers

Concept

• Definition:
Instead of replacing symbols (like substitution ciphers), transposition ciphers change the
order/position of symbols in the plaintext.

• Key idea: The letters remain the same, but their positions are shuffled to hide the
original message.

Types of Transposition Ciphers

A. Keyless Transposition

• No secret key is used — only a fixed rearrangement pattern.

• Example 1 – Rail Fence Cipher:

o Write message in a zigzag pattern with a set number of rows, then read row by
row.

o Message: "Meet me at the park"

→ Zigzag in 2 rows → Ciphertext: "MEMATEAKETETHPR".

• Example 2 – Columnar without key:

o Write text row-by-row in fixed number of columns, read column-by-column.

o "Meet me at the park" in 4 columns → "MMTAEEHREAEKTTP".

B. Keyed Transposition

• Uses a permutation key to decide how to rearrange letters.

• Steps:

1. Break plaintext into blocks of equal size.

2. Rearrange characters in each block using the key order.

• Example:

o Message: "Enemy attacks tonight"

o Key: [3 1 4 2 ...]

o Rearrange columns according to key for encryption, reverse key for decryption.
C. Combining Approaches

• Apply keyless and keyed methods together for stronger encryption.

• Sometimes two keys are used:

o Encryption key (downward reading).

o Decryption key (upward reading).

• Can also use matrix representation to multiply plaintext positions by a permutation

matrix.

D. Double Transposition Cipher

• Perform transposition twice using either:

o The same key twice.

o Two different keys.

• Stronger than a single transposition.

 ❖ Stream and Block Ciphers

A. Stream Cipher
 • Encrypts one symbol (letter/bit) at a time using a stream of keys.

• Key stream can be fixed or variable:

o Monoalphabetic stream: Same mapping regardless of position (e.g., additive

cipher).

o Polyalphabetic stream: Mapping changes based on position (e.g., Vigenère

cipher).

• Examples:

o Additive cipher → monoalphabetic stream.

o Vigenère cipher → polyalphabetic stream.

B. Block Cipher

• Encrypts a group (block) of symbols together using a single key.

• Each character in the block affects every character in the ciphertext.

• Examples:

o Playfair cipher → block size = 2.

o Hill cipher → block size ≥ 2, uses matrix multiplication.

• Note: Every block cipher is polyalphabetic because output letters depend on all letters in
the block.
C. Combination of Stream & Block

• In practice, messages are divided into blocks → each block encrypted with a stream of
keys.

• Viewed individually = block cipher.

• Viewed as a whole = stream cipher (block as a single unit).

Key Takeaways

• Transposition = rearrange positions, letters remain the same.

• Substitution = change letters/symbols.

• Strong ciphers often combine substitution + transposition.

• Stream ciphers are better for continuous data streams (voice, video).

• Block ciphers are better for data stored or sent in fixed-size chunks.