CRYPTOGRAPHY,

NETWORK SECURITY AND

CYBER LAW

SEMESTER – VI
 Module – 1
<Chapter 1>
 Introduction
• Cyber Attacks,
• Defence Strategies and Techniques,
• Guiding Principles,
 <Chapter 3>
 Mathematical Background for Cryptography –
• Modulo Arithmetic’s,
• The Greatest Comma Divisor,
• Useful Algebraic Structures,
• Chinese Remainder Theorem
 <Chapter 4>
 Basics of Cryptography –
• Preliminaries
• Elementary Substitution Ciphers,
• Elementary Transport Ciphers,
• Other Cipher Properties
 <Chapter 5>
 Secret Key Cryptography –
• Product Ciphers,
• DES Construction,
• Modes of Operation,
• MAC and Other Applications,
• Attacks
• Linear Cryptanalysis.
 Chapter 1: Introduction
• Introduction - Cyber Attacks, Defence
Strategies and Techniques, Guiding Principles,
 What is Security about (in the
technical sense)

• (Goals of the hacker/attacker/adversary)

• Attacks

• Vulnerabilities

• Defence
 Chapter 1: Introduction
• Cyber security is a study of attacks and know about
defense against attacks.
– Motives:
• The main goal of an attackers is thrill of mounting successful cyber
attacking mechanism.
• Most hackers are young programmers, teens- who dropped out schools
but intelligent and focused.
• Most traditional hackers are obsessive programmers
• Script kiddies- who use scripts and attack kits designed by other.
• Company insiders- disgruntled (dissatisfied) employees.
• Cyber terrorists- who adopt extreme religious or political causes.
Main aim is to cripple the information and
communication systems of the financial and
business institutions of their enemies.

The goal of the attackers is to impersonate

victim.
Attackers then can perform unauthorized logins ,
make online purchases, initiating banking
transactions .
 Some Attack Goals
• Theft of sensitive information
– (example: credit card information)
• Disruption of service
– (rendering a service inaccessible or unavailable)
• Information Warfare
– (attacking infrastructure of an “enemy” country)
• Illegal access to or use of resources
– (circumventing controls so as to gain unauthorized
access)
Attacks, Attacks, Attacks!
 Attacks …..
• Phishing is the attempt to obtain sensitive
information such as usernames, passwords,
and credit card details, often for malicious
reasons, by disguising as a trustworthy entity
in an electronic communication
• In computer security, a side-channel attack is
any attack based on information gained from
the physical implementation of a computer
system, rather than weaknesses in the
implemented algorithm itself (e.g.
cryptanalysis and software bugs)
• Skimming can also occur at merchants (such
as gas stations) when a third-party card-
reading device is installed either outside or
inside a fuel dispenser or other card-swiping
terminal. This device allows a thief to capture
a customer's card information, including their
PIN, with each card swipe.
• A dictionary attack is an attack that tries to
guess at the key of a cipher text by attempting
many different common passwords and
possible passwords that are likely to be used
by humans.
• Pharming is a cyber attack intended to
redirect a website's traffic to another, fake
site. Pharming can be conducted either by
changing the hosts file on a victim's computer
or by exploitation of a vulnerability in DNS
server softwarek
• (DNS cache poisoning )
• Vulnerabilities : DNS
 How Pharming works?
• The attacker targets the DNS service
used by the customer and adds/alters
the entry for www.mybank.com –
changing the stored IP address from
150.10.1.21 to the attackers fake site
IP address (200.1.1.10).
• The customer queries the DNS server
– “What is the IP
address of www.mybank.com?”
• The DNS responds to the customer
query with “The IP address of
www.mybank.com is 200.1.1.10” – not
the real IP address.
• The Customer then connects to the
host at 200.1.1.10 – expecting it to be
www.mybank.com, but in fact
reaching the attackers fake site.
• Session hijacking, sometimes also known as
cookie hijacking is the exploitation of a valid
computer session—sometimes also called a
session key—to gain unauthorized access to
information or services in a computer system
• MiM (Man in the Middle attack)
• ARP cache poisoning
• Vulnerabilities : Crypto protocols,ARP
• DNS Cache poisoning (also called DNS cache
poisoning) is the process of corrupting an
Internet server’s domain name system table
by replacing an Internet address with that of a
rogue address.
• Man-in-the-middle (MiM) attacks, where a
malicious actor goes between two parties &
gains access to private information
• A replay attack is a form of network attack in
which a valid data transmission is maliciously
or fraudulently repeated or delayed.
• This is carried out either by the originator or
by an adversary who intercepts the data and
re-transmits it, possibly as part of a
masquerade attack by IP packet substitution
• A privilege escalation attack is a type of
network intrusion that takes advantage of
programming errors or design flaws to grant
the attacker elevated access to the network
and its associated data and applications
• A Distributed Denial ofService (DDoS) attack is
an attempt to make an online service
unavailable by overwhelming it with traffic
from multiple sources
• A SQL injection attack consists of insertion or
"injection" of a SQL query via the input data
from the client to the application. A
successful SQL injection exploit can read
sensitive data from the database, modify
database data (Insert/Update/Delete),
execute administration operations on the
database
• A buffer is a temporary area for data storage.
When more data (than was originally allocated
to be stored) gets placed by a program or
system process, the extra data overflows. It
causes some of that data to leak out into
other buffers, which can corrupt or overwrite
whatever data they were holding.
• Cross-site Scripting (XSS) refers to client-side
code injection attack wherein an attacker can
execute malicious scripts (also commonly
referred to as a malicious payload) into a
legitimate website or web application.
 Nature of cyber /security attacks
• Theft of sensitive information.
– Stealing information new products before its grand release.
• Theft of Military plans by adversaries <opponents>
• Political espionage<spying>-targeting at government ministries
and national intelligence.
• Identity theft : Leakage of personal
information such as PIN, password, personal
spending habits
• Target of security attacks are banks, military,
intelligence and individuals.
• Disruptive of service : leads to servers become unavailable or
inaccessible.
• Illegal access or use of resources-
obtaining free access or service to paid services
• Eavesdropping is the unauthorized real-time
interception of a private communication, such
as a phone call, instant message,
videoconference or fax transmission.
• The term eavesdrop derives from the practice
of actually standing under the eaves of a
house, listening to conversations inside.
• Malware: Worm and viruses
– These replicate themselves.
– Viruses usually infects a file, it spreads from one file
to another.
– Worm is a standalone program that infects a
computer, it spreads from one computer to another.
– These spread via various techniques like BlueTooth,
MMS, web pages, e-mail ,Internet Messages.
Worm
 Vulnerabilities
• Behind every attack there is a
vulnerability!!!.
• Vulnerability is a weakness in a procedure ,
protocol , hardware or software within an
organization
• Few types Vulnerability classes:
– Human vulnerabilities
• These are induced by human behavior or action.
– User click over a link in an e-mail message received from a questionable source. ( Cross site scripting
attack or phishing attack)
– Protocol vulnerabilities
• Networking protocols are used in unanticipated ways
• ARP is used to sniff passwords from a LAN
– Software vulnerabilities
• Vulnerabilities caused by sloppy<disordered> written
software and applications
– Configuration vulnerabilities
• Relate to Vulnerabilities settings on newly installed applications , files,etc.
• Read write permissions on files , Privilege level misuse
 Vulnerability Types

• Human Vulnerabilities
– Induced by careless/unthinking human behavior
– Ex. clicking on a link in an e-mail message from a
questionable source
– Related to phishing and cross-site scripting attacks
 Vulnerability Types (contd.)

• Protocol Vulnerabilities
– Attacks on commonly used networking protocols such as
TCP, IP, ARP, ICMP and DNS
– Ex. Connection hijacking caused by ARP spoofing, etc.
– Denial of Service Attacks (DoS) which exploit the 3-way
TCP handshake
– Pharming attacks exploit vulnerabilities in DNS
 Vulnerability Types (contd.)
• Software Vulnerabilities

– Caused by sloppy software

– Software may perform as expected under normal

conditions but when provided with a specific input, it turns
malicious

– Examples include Buffer Overflow vulnerability, Cross-site

Scripting (XSS) vulnerability and SQL Injection vulnerability
 Vulnerability Types (contd.)
• Configuration Vulnerabilities
– relate to settings on system/application software, on files,
etc.
– Read-write-execute (and other) permissions on files (and
other objects) may be too generous.
– Privilege level assigned to a process may be higher than
what it should be to carry out a task.
– Often lead to “privilege escalation” attacks.
Defense Strategies and techniques
• Access control-Authentication and Authorization
• Data protection
• Prevention and detection
• Response , Recovery and Forensics
 Access control –Authentication
and Authorization
• Use of third parties that mediates access to a
protected system.
• The trusted third party is usually implemented
in software or may be part of OS, application.
• The authentication denies or permits
entry to system. Example: use of
password.
– User first enters login and the system challenges
user to prove identity
– In this case it is a prompts for password.
 Data protection
• Data in transit or storage must be protected.
• It must adopt
– Data confidentiality –the data should
not be readable by an intruder.
– Data integrity- the data in transit should not be
tampered with or modified
– Cryptographic techniques – such as
encryption/decryption mechanism are used
 Examples of Detection

• Integrity checks on messages, files

– Simple CRC-type checksums not effective for security
applications
– Use of the Message Authentication Code (MAC)

• Intrusion detection systems based on

– Anomaly detection
– Signature detection
 Examples of Preventive Strategies

• Code Auditing and Testing (against software flaws)

– Blackbox
– Whitebox

• Access Control (against unauthorized access)

– Authentication
– Authorization

• Encryption (against eavesdropping)

 Advice to a Security Designer

“ You can’t make something secure if you don’t

know how to break it”
- Marc Weber Tobias
Responses, Recovery and Forensics
• Shutting down all or part of system when an
attack or infection detected.
• In case worm epidemic, infected part of the
system should be quarantined and necessary
patches should be applied
• Cyber forensics is a set of tools that help trace
back the perpetrators <culprits> of cyber
crime
• Guiding principles
– Security is as much a human problem than a technological
problem and must be addressed at different levels.
– Security should be factored in at inception, not as an
afterthoughts.
– Security by obscurity (unknown)is often bogus(fake).
– Always consider the Default Deny policy for adoption in access
control.
– An entity should be given least amount of permission/
privilege to accomplish a given task.
– Use “Defence in depth” to enhance security of an architectural
design.
– Identify vulnerabilities and respond appropriately .
– Carefully study the tradeoff involving security before making
 Assignment Questions
Module 1_ Chapter 1
1.What is cyber attack ? Explain different types
of attacks.
2.Explain different defense strategies.
 <Chapter 3>

 Mathematical Background for Cryptography –

• Modulo Arithmetic’s,
• The Greatest Comma Divisor,
• Useful Algebraic Structures,
• Chinese Remainder Theorem
 Modulo arithmetic

• Let d be an integer and n be a positive integer.

Let q and r be the quotient and reminder
obtained from dividing d by n.
• The relationship between d,n,q and r is
 Example: Module Arithmetic

• n=10, r=3, the set of elements with relation

module 10 reminder 3 are
– {…….-37,-27,17,-7,3,13,23,33,43}
 Congruence class
• Any two numbers in the set of modulo n with
reminder r is congruent class, each integer
traverse in spiral.
• Congruence class modulo 5
 Modulo arithmetic -fact
• If two integers are congruent modulo n, then
they differ by an integral multiple of n
• i.e a mod n =r and b mod n =r
• Then a=n*q1+r and b=n*q2=r
• a-b=n(q1-q2)

• Example:
• 10 mod 4 =2 , 14 mod 4=2 10-14=4X(2-3)
 Modulo arithmetic properties
Properties Example
a=7 ,b=9 n=6

(a+b) mod n=( (a mod n) +(b mod n)) mod n ((7+9) mod 6= (7 mod 6) +(9 mod 6 ) mod 6
16 mod 6= 4
7 mod 6= 1
9 mod 6=3
4= (1+3 ) mod 6
(a-b) mod n=( (a mod n) -(b mod n)) mod n ((7-9) mod 6= (7 mod 6) -(9 mod 6 ) mod 6
-2 mod 6= 4
7 mod 6= 1
9 mod 6=3
4= (1-3 )mod 6 4
(a*b) mod n=( (a mod n) *(b mod n)) mod n ((7*9) mod 6= (7 mod 6) *(9 mod 6 ) mod 6
63 mod 6= 3
7 mod 6= 1
9 mod 6=3
3= (1*3 ) mod 63
 GCD-Greatest Common Divisor
• Suppose two integers a and b, a divides b i.e a|b, if there exists an
integer x>=1 such that a*x=b, a is said to be divisor of b.
• Example: 6 |66 then 6 is divisor of 66.
• If a|b and a|c, if there exist a’>a such that a’|b and a’|c the a’ is
said to be GCD of b and c
• Example : 2|24 2|78, there exist 3 which is also divisor of 24 and
78 .
• 6 is another divisor which is greatest of these
• So 6 if GCD of 24 ,78
• GCD(24,78)=6
• Properties:
– gcd(a,b)=gcd(a,-b)=gcd(-a,b)=gcd(-a,-b)
 Properties of congruences
Properties Example Verification
a ≡b (mod n) if n |(a-b) 23 ≡ 8 (mod 5) 5| (23-8)  5|15
a ≡b (mod n) implies b ≡ a (mod n) 23 ≡ 8 (mod 5) 23 mod 5 3,
8 ≡ 23 (mod 5) 8 mod 5 3
a ≡ b (mod n) b ≡ c (mod n) 23 ≡ 8 (mod 5), (23-18 )=5
implies a ≡c (mod n) 8 ≡18 (mod 5) multiple of 5
23 ≡ 18 (mod 5
 Example: compute GCD(126,26)
• Compute GCD(b,c) where b>c
• b and c are represented as b=cXq+r
– In each steps new divisor and new remainder are obtained
from old remainder and old divisor of previous steps.
– These steps are repeated till remainder becomes 0
– quotientis GCD(b,c).
b=126,c=26
Step b =c*q+r
1 126 =26*4+22
2 26 =22*1+4
3 22 =4*5+2
4 4 =2*2+0 GCD(126,26)  2
 Greatest Common Divisor(GCD)
• If a|b and a|c then a is referred to as GCD of b and c .
• There exist a’ such that a’>a , a’|b ,a’|c.
• This is expressed as :- a=gcd(b,c)

a b c Remark
5 10 15 5 = GCD(10,15)
7 28 77 7 =GCD(28,77)
 Relatively Prime Numbers
• Two numbers are relatively prime if they have no common
divisors other than 1.
• 10 and 21 are relatively prime, in respect to each other, as
10 has factors of 1, 2, 5, 10 and 21 has factors of 1, 3, 7, 21.
• The Greatest Common Divisor (GCD) of two relatively
prime numbers can be determined by comparing their
prime factorizations and selecting the least powers.
•If the two numbers are relatively prime the GCD will be 1.
•Consider the following: 10(1, 2, 5, 10) and 21(1, 3, 7, 21)
•GCD(10, 21) = 1
Additive and multiplicative modulo 8
 Modular Exponentiation
•Find 119 MOD 13? 112MOD 13=4
114MOD 13=42mod 13=3
118MOD 13=32MOD 13=9
119MOD 13=118MOD13X11MOD 13
=9X11MOD 13=99MOD 13=8
 Prime Numbers

• A prime number is divisible only by 1 and itself

• For example: {2, 3, 5, 7, 11, 13, 17, …}
• 1 could also be considered prime, but it’s not
very useful.
 Extended Euclid’s
Algorithm- Inverse
• Module
Find inverse of c modulo b where b is prime integer.
• This is expressed as c*y≡1 (mod b)
– where y is inverse of c modulo b

• InverseModulo(b,c)
Old1=1,new1=0; Old2=0,new2=1; Set b’=b, c’=c, r=2;
• While r>1{
q=b’/c’ ; r=b’%c’;
t1=old1-new1*q;
Old1=new1 ;
new1=t1;
t2=old2-new2*q;
Old2=new2 ;
new2=t2;
b’=c’
c’=r (At this point, new1*b+new2*c=r)
}
return new2
 Trace: compute 12’Mod 79
Iteration b' c’ q r old1 new1 Old2 New2 Eqn
new1*b+new2*c=r
1 79 12 - 2 1 0 0 1 -
2 12 7 6 7 0 1 1 -6 1X79+-6X12=7
3 7 5 1 5 1 -1 -6 7 -1*79+7*12=5
4 5 2 1 2 -1 2 7 -13 2*79+-13*12
5 2 1 2 1 2 -5 -13 33 -5*79+33*12=1

-5*79+33*12=1
33*12 Mod 79=1+5*79 Mod 79
=33*12 Mod 79=1
=33*12 Mod 79=1
33=12’Mod 79
 Compute 7-1 mod 11(b=11,c=7)
Iteration 0 1 2 3
b' 11 7 4 1
c’ 7 4 3 1
q - 11/7=1 7/4=1 4/3=1
r 2 11%7=4 7%4=3 4%3=1
old1 1 0 1 -1
new1 0 1-0X1=1 0-1*1=-1 1-(-1x1)=2
old2 0 1 -1 2
new2 1 0-1*1=-1 1-(-1)*1=2 -1-(2x1)=-3
Eqn=new1*b+new2*c=r - 1*11+-1*7=4 -1*11+2*7=3 2*11+-3*7=1

7-1 mod 11-3 11*-1+8 Answer8

 Compute 15–1 (mod 16)
Iteration 0 1
b' 16 7
c’ 15 4
q - 16/15=1
r 2 16%15=1
old1 1 0
new1 0 1-0X1=1
old2 0 1
new2 1 0-1*1=-1
Eqn=new1*b+new2*c=r - 1*16+-1*15=1

15-1 mod 16-1  16*-1+15 Answer15

 Inverse Modulo (method 2)
• Find 11-1MOD 26
• Steps:
26=11X2+4
11=4X2+3
4=3X1=1
1=4+3(-1)
=4+(11+4(-2))(-1)
= 4(3)+11(-1)
= 26+11(-2)(3)+11(-1)
=26X3+11(-7)
Take mod 26 both side Verification:
1 Mod 26=26X3mod 26+11*-7 mod 26 11 mod 26 X 11-1mod 26=1
1 mod 26=0+11X19 mod 26 11X19 Mod 26209 mod 26= 1
11-1mod 26=19
 Algebraic Structures
• A Group is a pair (G,*) where G is a set and *
is a binary operations such that:
– Closure: If a and b are elements of G the a*b is an
element of G.
– Associativity: If a,b, and c are elements of G the
a*(b*c)=(a*b)* c.
– Identity : There exists an element I in G such
that for all a in G I*a=a*I=a.
– Inverse: For each element b
in G, there exists exactly
one element c in G such that b*c=c*b=I.
• A group may be finite or infinite
– Ex: set of all integers
• A finite group is useful for cryptography
– A set such as {0,1,…..n-1} with addition modulo n where
n is positive modulo n. This is denoted as Zn
– The group is expressed as < Zn,n>
– Z 5+ ={ 1,2,3,4} Φ(5)=4, order the group
• Set of all integers modulo 5 ,that are relatively prime to n
• i.e GCD(5,1)=1 GCD(5,2)=1, GCD(5,3)=1, GCD(5,4)=1
– Z + ={ 1,5} Φ(6)=2, order the group
6
• i.e GCD(1,1)=1 GCD(6,5)=1 , GCD(6,3)<>1, GCD(6,4)<>1
• The order of a group <G ,*> is the number of
elements of G
• Z + ={ 1,2,3,4}
5
– The Euler’s Totient Function: denoted by order of group
and denoted by Φ. Φ(5)=4, order
the group Z5+
 Cyclic Group
• A group <G,*> is a cyclic if there is at least one
element g in it such that <g> is <G,*>, we refer to
such an element of <G,*> as a generator of <G,*>
• Ex: <Z 13,13 *> in this group
• 21 mod 13=2 25 mod 13=6 29 mod 13=5
• 22 mod 13=4 26 mod 13=12 210 mod 13=10
• 23 mod 13=6 27 mod 13=11 211 mod 13=7
• 24 mod 13=3 28 mod 13=9 212 mod 13=1
• Here 2 is generator of <Z 13,13*> but 3 is not a
generator of <Z 13,13*>
 *>
<Z 13,13
Finding generators..
Let p be prime and p1,p2… be distinct prime factors then g is generator.
gpi MOD 13 1 2 3 4 5 6 7 8 9 10 11 12
1 1 1 1 1 1 1 1 1 1 1 1 1
2 2 4 8 3 6 12 11 9 5 10 7 1
3 3 9 1 3 9 1 3 9 1 3 9 1
4 4 3 12 9 10 1 4 3 12 9 10 1
5 5 12 8 1 5 12 8 1 5 12 8 1
6 6 10 8 9 2 12 7 3 5 4 11 1
7 7 10 5 9 11 12 6 3 8 4 2 1
8 8 12 5 1 8 12 5 1 8 12 5 1
9 9 3 1 9 3 1 9 3 1 9 3 1
10 10 9 12 3 4 1 10 9 12 3 4 1
11 11 4 5 3 7 12 2 9 8 10 6 1
12 12 1 12 1 12 12 12 1 12 1 12 1

*> has Φ(12)=4 generators i.e 2,6,11,7.

<Z 13,13
 Number of elements - Φ
*> is a special group –cyclic
• The group <Z p,p
group extensively used in cryptography , here p
is prime.
•The
1) number generators in <Z p,p > has Φ(p-
*
•<Z 13, 13
2,6,11,7. > has Φ(12)=4 generators i.e
*
 Generator test
• Let p be a prime and p1,p2,…pk be the district prime factors
of p-1, then g is a generator of <Zp,p*> if and only if
• g(p-1)/pi <> 1 mod p for all pi 1<=i<=k
• Test 7 and 3 are generators of <Z13,13*>?
• Solution: Distinct prime factors p-1 i.e 12 are 2 and 3.
• p1=2,p2=3
• 712/2mod 13= 76 mod 13= 12
• 712/3mod 13= 74 mod 13= 9
• So 7 is generator
• 312/2mod 13= 36 mod 13= 1 so 3 is not generator
• 312/3mod 13= 34 mod 13= 1
 Euler’s Theorem
– If m and n are relatively prime m Φ(n) mod n =1.
– Or m Φ(n) ≡1 (mod n)

• Φ(16)= Number of integers relatively prime to 16.

– {1,3,5,7,9,11,13,15}=8
– m Φ(n) ≡1 (mod n)
– m=3, n=16 where m and n are relatively prime
– 3 8 mod 16
= (32)X(33)2mod 16
=9X27 2 mod 16
=9X112mod 16
=9X121 mod 16
=1
 Fermat’s Little Theorem
If p is prime and a is an integer not divisible by p, then .
. . ap-1  1 (mod p).
• And for every integer a, ap  a (mod p).
p=5, a=3  35  3 mod 5
=9X9X3 mod 5
=4X4X3 mod 5
=3a
 Polynomial fields
• (Zp,+p,*p) is the set of integers modulo of prime
number p.
• The sub set of Zp is Zp[x] is the set of reducible
polynomials into modulo prime polynomial.
• A prime or irreducible polynomial in Zp[x] is one
which has no factors in Zp[x] other than itself and
1.
• x2+x+1 is irreducible polynomial. Because there
is no way to find two integers b and c such that
their sum and product is 1. i.e we cannot factor
into (x+a)(x+c).
 Examples for polynomial.
Example Factors Remark
X3 x.x.x Reducible polynomial
X3+1 ((x+1)(x2+x+1) Reducible polynomial
X3+x2 x2(x+1) Reducible polynomial
X3+x+1 -- Irreducible polynomial
X3+x2+1 Irreducible polynomial
X3+x2+x+1 (x+1)3 Reducible polynomial
Example : (x+1))(x2+x+1)
= x3+x2
x2+x
x+1
------------------------------------
x3+1 Note: perform XOR for addition
-------------------------------------
We can represent the 8-bit word (10011001) using a polynomials.

Representation of an 8-bit word by a polynomial

To find the 8-bit word related to the polynomial x5 + x2 + x, Since n = 8, it means the
polynomial is of degree 7. The expanded polynomial is

This is related to the 8-bit word 00100110.

 GF(p) Galois Field

• GF stands for Galois Field is named in honor of

Mathematician.
• GF(p) is the set of Zp of intgers {0,1..p-1)
• GF(8)  {0,1,2,3,4,5,6,7}
• GF(4)  {0,1,2,3}
• GF(2)  {0,1}
 GF(7)

Find additive and multiplicative module of GF(8)

Find the GCD (a(x),b(x))
GF(2n): x3+x+1 (in binary)
 3 2
Addition table for GF(23) x +x +1

4.38
 Find additive and multiplicative
GF(23) using irreducible polynomial
GF(2n): x3+x2+1
 Chinese Remainder Theorem

• The following is a general construction to find

a solution to a system of congruences using
the Chinese remainder theorem:
• Given x1,x2,,xk
• 1. Compute N=n1.n2.n3..nk
• 2. For each i=1…k, compute ai=N/ni
• 3. For each i=1…k, compute αi= ai-1(mod ni)
• 4. Now compute x= Σx1XaiX αi for i=1…k
 Problems
• Given N=210 ,n1=5,n2=6 and n3=7
• Compute f-1(3,5,2) i.e compute x?
• Solution:
• a1=N/n1=210/5=42,
• a2=N/n2=210/6=35
• a3=N/n3=210/7=30
• Compute α1, α2, α3
α1= 42-1(mod 5) =3,
α2= 35-1(mod 6) =5,
α3= 30-1(mod 7) =4
x= (x1.a1. α1+x2.a1. α2+x3.a3. α3) mod N)
=(3X42X3+5X35*5+2*30*4)mod 210
=23
Verification 23 MOD 5= 3, 23 MOD 6=5, 23 MOD 7=2
 Solve this..
2. compute n such that 0<=n<210, n mod 5=4, n
mod 6=3, n mod 7 =2 find n
– 5,6,7 are Relatively pairwise prime
– N=5X6X7=210
•a1=N/n1=210/5=42,
•a2=N/n2=210/6=35
•a3=N/n3=210/7=30
•Compute α1, α2, α3 α1= 42 (mod 5) =3, α2= 35 (mod 6)
-1 -1

=5, α3= 30-1(mod 7) =4

x= (x1.a1. α1+x2.a1. α2+x3.a3. α3) mod N)

• Solve the simultaneous congruences x ≡ 6
(mod 11), x ≡ 13 (mod 16), x ≡ 9 (mod 21), x ≡
19 (mod 25).
• Since 11, 16, 21, and 25 are
relatively
pairwiseprime, the Chinese Remainder
Theorem tells us that there is a unique
solution modulo n, where n = 11⋅16⋅21⋅25 =
92400.
 Assignment Question 3

• Find integer x which leave a remainder of 1, 2,

3, and 4 when divided by 5, 7, 9, and 11
respectively. Use CRT.
• x ≡ 1 (mod 5)
• x ≡ 2 (mod 7)
• x ≡ 3 (mod 9)
• x ≡ 4 (mod 11).
 Assignment Question 4

• Suppose
• 2x ≡ 5 (mod 7); 3x ≡ 4 (mod 8)
• is equivalent to the simpler system
• 2.x.2-1≡ 5. 2-1 (mod 7)
• 3x.3-1≡ 4. 3-1 (mod 8)
• Find x using CRT
 <Chapter 4>
Basics of Cryptography - Preliminaries,
Elementary Substitution Ciphers, Elementary
Transport Ciphers, Other Cipher Properties,

NH/SIT/2017- 10
18/6CS/CBCS/15CS61 5
Basics of Cryptography
• Cryptography is the science of disguising
<hiding>messages so that only the
intended recipient can
decipher the received message.
• It is lynchpin <essential> of data security, it
provides confidentiality, integrity,
authentication, and digital signatures.

NH/SIT/2017- 10
18/6CS/CBCS/15CS61 6
Conventional Block diagram

NH/SIT/2017- 10
18/6CS/CBCS/15CS61 7
 Key points
• The original message or document to be transferred is called plain text
• The hidden message is called cipher text
• Usually these message will be in binary form
• The process of hiding message is called encryption.
• The processor of recovering original message is called decryption.
• The encryption involves the use of an encryption function or algorithm
denoted by E and encryption key.
• Similarly , the decryption involves the use of an decryption function or
algorithm denoted by D and decryption key.
• c=Ee(p) and p=Dd(c).
– Where p denotes a block of plain text.
– This encrypted by sender to produce cipher text c.
– The second operation is performed by receiver on the cipher text to recover plain
text.

NH/SIT/2017- 10
18/6CS/CBCS/15CS61 8
 Role of ethical hackers
• Reverse- engineered code
• Discover bugs.
• If decryption algorithm placed in public
domain then bugs can be identified

NH/SIT/2017- 10
18/6CS/CBCS/15CS61 9
 The secrecy should be in the
key used for decryption, not in
the decryption or encryption
algorithm

NH/SIT/2017- 11
18/6CS/CBCS/15CS61 0
 Secret key cryptography Vs Public
key cryptography
Secret key cryptography Public key cryptography
Sender and receiver share common Sender and receiver share key pair
secret key
Same key is used for encryption and One of the key is used for encryption and
decryption process other key is used for decryption process
e=d <e,d>
Known as symmetric key cryptography Known as asymmetric key cryptography
c=Ek(p), p=Dk(c) c=Epu(p), p=Dpr(c) for confidentiality
c=Epr(p), p=Dpu(c) for authentication
Best known algorithms: RSA ECC
Data Encryption standard (DES) Advanced
Encryption Standard (AES)

NH/SIT/2017- 11
18/6CS/CBCS/15CS61 1
 Requirements for secure use of
conventional encryption
• Strong encryption algorithm.
• Sender and receiver must have obtained
copies of the secret key in a secure fashion
and must keep the key secure

NH/SIT/2017- 11
18/6CS/CBCS/15CS61 2
• Cryptographic systems are characterized along
three independent dimensions:
– The type of operations used for transforming
plaintext to cipher text.
– The number of keys used.
– The way in which the plaintext is processed

NH/SIT/2017- 11
18/6CS/CBCS/15CS61 3
Model of Symmetric Cryptosystem

NH/SIT/2017- 11
18/6CS/CBCS/15CS61 4
 Types of Attacks
• If cryptographic algorithm is secure , then for
cryptanalyst is unable to
– Obtain the corresponding plaintext from a given cipher
text
– Deduce the key <secret key or private key>

NH/SIT/2017- 11
18/6CS/CBCS/15CS61 5
NH/SIT/2017- 11
18/6CS/CBCS/15CS61 6
 How attacker realize key, scheme,
plain text?
• 1. Attacker could accumulate set of cipher text. Then
attacker would then look for patterns in the cipher text to
recognize some plain text or key. This attack is called known
cipher text attack
• 2. Sometime plain text is predictable or guessed , crypt
analyst then build repertoire <catalog> of corresponding
plain text, cipher text pair with invention of key . This
attack is called plain text attack.
• If Attacker uses piece of plain text and induce <tempt>
sender to encrypt such plain text to get the knowledge of
algorithm or cryptographic scheme . This attack is called
chosen plain text attack.

NH/SIT/2017- 11
18/6CS/CBCS/15CS61 7
 Substitution ciphers
• Mono alphabetic ciphers
– For 26 alphabetic , key k is used as substitution
– i.e D=P+k
– Example CYBER k=3
Plain text CYBER
Cipher text FBEHU
K 3
Alphabet is shifted right circularly by k

NH/SIT/2017- 11
18/6CS/CBCS/15CS61 8
 Caesar Cipher
• The Caesar cipher replaces each alphabet in a
text by the alphabet k positions away (in the
modulo 26 sense). For k = 3, the substitutions
are
D for A, E for B, . . . A for X,
B for Y, etc.
So, W H A T I S Y O U R N A M E becomes
ZKDW LV BRXU QDPH
NH/SIT/2017- 11
18/6CS/CBCS/15CS61 9
 Attack on the Caesar Cipher
• By observing “large” amounts of cipher text, we may
be able to guess the plaintext. Why?

• Because text in human languages typically have

certain statistical properties, for example the most
common alphabets used in English are ‘e’ followed
by ‘t’, ‘a’, ‘o’, ‘i’ and ‘n’.

• Deducing plaintext from only knowledge of the

corresponding ciphertext is referred to as a “known
ciphertext” attack

NH/SIT/2017- 12
18/6CS/CBCS/15CS61 0
 Vigenere Cipher
• Poly alphabetic cipher – works on an entire block
(bunch of consecutive characters)

• Multi digit key, ex. 04 19 03 22 07 12 05

11 Replace first character by character 4
positions away,
replace second character by character 19 positions
away,
replace third character by character 3 positions away,
etc.. . . In this case, the block size is 8.
NH/SIT/2017- 12
18/6CS/CBCS/15CS61 1
 Vigenere Cipher (example)
Plaintext: W i s h i n g Y o u
M u ch S u c c e s s
+
Key: 04 19 03 22 07 12 05 11 04 19
03 22 07 12 05 11 04 19 03 22 07
=
Ciphertext: AB V D P
YL J SN
PQJ NH/SIT/2017-
TX F G V 12
18/6CS/CBCS/15CS61 2
 Hill cipher
• Poly alphabetic cipher
• Proposed by Lester Hill
• Uses mXn matrix of integers form 0-25
• Each cipher text is a function of all the
characters of the block.
• Cipher text is represented as C=pK and P=cK-1

NH/SIT/2017- 12
18/6CS/CBCS/15CS61 3
 Hill Cipher
• The relationship between a block of plaintext and its
ciphertext is expressed by

c1 = p1 k11 + p2 k21 + . . . + pm km1 mod 26

c2 = p1 k12 + p2 k22 + . . . + pm km2 mod 26
. . .
. . .
cm = p1 k1m + p2 k2m + . . . + pm kmm mod 26

• The above can be conveniently written as

c = pK
P can be recovered as P=c.K-1

NH/SIT/2017- 12
18/6CS/CBCS/15CS61 4
• Step 1: Matrix of minor
– Minor of an element aij is the determinant obtained from
|K| by deleting the ith row and jth column
• Step 2: Matrix of Cofactors
– The cofactor of an element Kij is (-1) i+j. the minor of Kij and
it is denoted by Kij
• Step 3:Adjugate or Adjoint matrix
– "Transpose" all elements of the Matrix of Cofactors
• Step 4: Multiply by 1/Determinant

• Use mod 26 for cryptography

NH/SIT/2017- 12
18/6CS/CBCS/15CS61 5
 Hill cipher example
• Given plain text HELP and K= 3 7
15 12
HE ( 7 4)
C= P.K  7 4 3 7  7*3+4*15 7*7+ 4*12 MOD 26
15 12
 21+60 49+48 mod 2681 97 MOD 26 3 19 D T

NH/SIT/2017- 12
18/6CS/CBCS/15CS61 6
 Hill cipher decryption
Decryption
Minor of K 12 15 Cofactor of K 12 -15 Adjoint 12 -7
7 3 -7 3 -15 3
|K|= (3*12- 15.7) (36-105) = -69 mod 26 26*-3+9 9
1/|k| 9 -1 mod 26 9.y mod 26 = 1 MOD 26 9.3 MOD 26 27 MOD 26=1

K-1= 3 12 19 = 36 57 mod 26 10 5

11 3 33 09 7 9

P= C.K-1 == (3 19) 10 5 = 3.10+19.7 3.5+ 19.9

7 9
= 30+133 15+171 = (163 186) MOD 26
(7 4) ( H E)

NH/SIT/2017- 12
18/6CS/CBCS/15CS61 7
Hill Cipher (example)

NH/SIT/2017- 12
18/6CS/CBCS/15CS61 8
NH/SIT/2017- 12
18/6CS/CBCS/15CS61 9
 One time pad
• Both sender and receiver agree for arbitrary
long, random, non replacing sequence of
characters.

NH/SIT/2017- 13
18/6CS/CBCS/15CS61 0
 Elementary Transposition cipher
• Given plain text is represented as matrix of
characters
• As per row key row is interchanged<shuffled >
then as per column key columns are
shuffled.
• The resultant matrix is rearranged to get
cipher text.
• Reverse process is used to recover plain text.

NH/SIT/2017- 13
18/6CS/CBCS/15CS61 1
 * Elementary Transposition Cipher

• Basically a rearrangement of characters or

bits.

• Example:
– Arrange characters of text in a matrix
– Then shuffle the rows and columns

NH/SIT/2017- 13
18/6CS/CBCS/15CS61 2
 Elementary Transposition Cipher
• Plaintext: Begin Operation at Noon
• We represent text in a 5 X 4 matrix in row-major form:
• Rearrange the rows as follows
• Row 1  3, Row 2  5, Row 3 2, Row 4  1 Row 5  4.

b e g i o n a t
   
n o p e r a t i
r a t i b e g i 
   
o n a t n o o n
n o o n  n  
  e 
o p
NH/SIT/2017- 13
18/6CS/CBCS/15CS61 3
 * Elementary Transposition
Cipher (example
• Rearrange the columns as follows contd.)
• Column 1  4 , Column 2  3, Column 3  1, Column 4  2

o n a t a t n o
   
r a t i t i a r
b e g i  g i e b 
 
n o o n o n o n
n p e  p e o n 
 o 
• Resulting cipher text is
A T N O T I A R G I E B O N O N P E ON

NH/SIT/2017- 13
18/6CS/CBCS/15CS61 4
 Confusion and diffusion.
• Confusion is the property of cipher whereby it
provides no clue regarding the relationship
between cipher text and the key.
• If a single bit of key changes and produces
k’ , it roughly produces half the bits of
cipher text
i.e Ek(p) and Ek’(p) are entirely different.

NH/SIT/2017- 13
18/6CS/CBCS/15CS61 5
 Confusion and diffusion
• Diffusion is concerned with the relationship
between the plaintext and corresponding
cipher text.
•A change in plain text , will
have the effect
a on block of bit
single cipher text
in

NH/SIT/2017- 13
18/6CS/CBCS/15CS61 6
 Assignment Questions
• 1. Explain different ingredients of typical
Crypto system.

• 2. Refer slide (Plain text LP)

NH/SIT/2017- 13
18/6CS/CBCS/15CS61 7
 <Chapter 5>

 Secret Key Cryptography-

 Product Ciphers,
 DES Construction
 Secret Key Cryptography

• Two types of secret key ciphers are:

– Stream ciphers
– Block ciphers
• DES is the one of the most widely used
Standard Block cipher method
• AES is modern block cipher method.
 Product ciphers

• Modern secret key ciphers uses

– Substitution Box (S-Box)
– Permutation Box (P-Box)
• Alternating stages of
– S Boxes
– P Boxes
– boxes that perform a simple operation involving
the round key
 S-Box
• An S-box or SUBSTITUTION box is
a device that takes as input a Sample S-BOX
binary string of length m and INPUT OUTPUT
000  000
returns a binary string of length n.
001  010
•In some case m=n , but need not 010  001
be always. 011  100
•It is implemented using a table 100  111
m 101  101
(or array) of 2 rows with each row 110  110
containing an n-bit value. 111  011
•The input to the S-box is used to
index the table which returns the
n-bit output of the S-Box.
 P-Box

• A P-Box performs a Permutation or re-

arrangement of the bits in the input.
Example Permutation:
• Left Circular shift by two positions
Let the input string be i4i3i2i1i0 the
output string be o4o3o2o1o0 So,
o0=i3, o1=i4, o2=i0 , o3=i1, o4=i2.
 Round Key

• Each stage or round involves a round key

operation

• The round key is obtained as a function of the

original key
3-Round SPN Network
 Fiestel Structure
• Advancement over Lucifer-designed at IBM in
1960, first published in 1975.
• DES size : 64Bits
• Key size: 56 or 128 bits
• Plain text blocks: 1
• Stages used
– Initial permutations (IP)
– 32-bit left right swap
– Final permutations
 Fiestel Structure: parameters and design features
• Block size:
– Larger the block sizes greater security but reduced encryption/decryption speed
for a given algorithm.
– Typical block size: DES uses64-bits and AES uses 128 bits
• Key size:
– Larger the key size greater security but may decrease encryption/decryption
speed.
– Typical Key sizes of 64 bits or less but commonly used key size 128 bits
• Number of rounds:
– The essence of the Feistel cipher is that a single round offers inadequate security
but that multiple rounds offer increasing security.
– A typical size is 16 rounds.
• Sub key generation algorithm:
– Greater complexity in this algorithm should lead to greater difficulty of
cryptanalysis.
• Round function F:
– Greater complexity generally means greater resistance to cryptanalysis.
• Each 16 rounds are functionally identical
• Left and Right half of input is expressed as:
 Round function

• Involves
– Expansion
– XOR with round key
– Substitution
– Permutation
• Input to round function is 32 bit binary
• First this 32-bit quantity is expanded to 48 bits
• This 48-bit is then xored with round key Ki
• The result of xor is divided into 6 bit chunks
• Each chunk is substituted with 4-bit chunk
• For this 8 different S-box is used
 S-box using table lookup

I5 I4 I3 I2 I1 I0

Row
O3 O2 O1 O0

Column
 Modes of Operation

• DES and other block oriented secret key

schemes can be operated in different modes
– Electronic Code Book Mode (ECB)
– Cipher Block Chaining (CBC)
– Cipher Feedback Mode (CFB)
– Counter mode
 ECB Mode
• The message is split into fixed-length consecutive chunks called blocks.
• Each block is independently encrypted into its corresponding block of
ciphertext using the same key

• Drawback:
– Identical blocks of plain text is encrypted into identical block of cipher text.
– Attacker can easily deduce plain text.
– Reordering of blocks by an attacker- this will not be detected by receiver.
 * CBC Mode of Operation
This mode combines the previous block of ciphertext with
the current block of plaintext before performing the
encryption.
Ci-1 is XORed with Pi and then encrypted to produce Ci.
 CBC advantages and Drawbacks
• This has the effect of “randomizing” the input to the
encryption box so that two identical blocks of
plaintext will, with high probability, map to different
ciphertext values.

• In some real-time applications, it may be desirable to

encrypt and transmit only part of a block.
• For example, a sender might produce bytes
intermittently. It may be unacceptable to wait for an
entire block of plaintext to be produced and only then
encrypted and sent.
 CFB (Cipher Feedback) Mode
• The CFB mode encrypts and transmits the sub-blocks
of size, s.
 Operation of CFB Mode
• The shift register is initially loaded with the initialization vector ( IV ).
• The contents of the shift register are encrypted with the cipher key.
• The most significant s bits of the b-bit output are then XORed with s bits
of plaintext to create the next s-bit chunk of ciphertext. The remaining b
– s bits of the output are discarded.
• The shift register is shifted left by s bits. In the process, the leftmost s
bits are lost.
• Then, the s bits of ciphertext are inserted into the vacated (rightmost s
bits of the shift register).
 * Counter Mode

In the Counter Mode, a b-bit counter is initialized to a random value. This

value is encrypted with the secret key and then XORed with the first block of
plaintext
The counter is then incremented, the incremented value is encrypted and
XORed with the next block of plaintext to create the next block of ciphertext
and so on
Blocks of plaintext can be encrypted in any order unlike CBC and CFB modes.
Also, multiple plaintext blocks can be processed in parallel thereby speeding
up encryption.
 * Advantages of the Counter Mode
• Blocks of plaintext can be encrypted in any
order unlike CBC and CFB modes.

• Also, multiple plaintext blocks can be

processed in parallel thereby speeding up
encryption.
 * Application to Authentication

• Secret key cryptography is also used for, both,

entity authentication and message
authentication.
• Entity authentication involves making sure
that the party you are establishing connection
with is indeed the party you intend to
communicate with.
 * Message Authentication
• Message authentication involves making sure
that each message received is indeed from
the party that has participated in the
establishment of that connection/session. It
is handled on a per-message basis.
• Message authentication and message
integrity can both be provided by a keyed
checksum called a MAC or Message
Authentication Code.
 * Message Authentication Code
• A MAC is a fixed length, one-way function of
both, a message and a secret shared by
sender and receiver. For each message to be
sent, the sender computes a MAC which is
appended to the message.

• On receipt of the message and MAC, the

recipient computes the same function on the
message and secret shared with the sender
and checks for a match with the received
 * Properties of a MAC
• If even a single bit of the message is corrupted, the MAC
for the new message should be quite different from the
MAC computed on the original message.

• Knowing one or more <message, MAC> pairs, it should

be
– computationally infeasible to deduce the secret
– computationally infeasible to generate a MAC for any fresh
message without knowledge of the secret
 * MAC Construction
• Imagine encrypting each message block using DES in
CBC mode with the encryption key being the secret
shared by sender and receiver.

• All blocks of the ciphertext except for the last are

discarded. The last block is used as the MAC for that
message.

• The IV should be known to both sender and receiver

 MAC Properties
• If even a single bit of the message is corrupted, the
MAC for the new message should be different from
the MAC computed on the original
message.<integrity check>
• It should be computationally infeasible to deduce the
secret knowing one or more <message , MAC > pair.
• It should be computationally infeasible to generate a
MAC for any new message with knowledge of secret
key even if an attacker has knowledge of one or more
<message, MAC> pairs
– Authentication check>
 DES Attacks

• Plain text attack

– Attacker gathers few <plain text , cipher text> pairs
obtained from same key
– With 56-bit DES ,each of the 256 possible key is
applied to block of plain text to determine which key
creates the correct cipher text.
 2-DES, 3-DES
• Cipher text is obtained by applying double encryption
– Ci= Ek1(Ek2(Pi)) for i=1,2,..
– Number of key combination 256X256
– Brute force attack is time proportional
• Known plain text cipher text attack
• I,.e Dk1(Ci)=Ek2(Pi) for i=1,2,3..
• For attacker would create a table consisting all pairs k’, Dk’(C1) for
all possible 256 values of k’
• Known plain text cipher text attack requires to scan the table for
matching entry . (if table is sorted, it requires O(n logn) time. Here
log n is ignored as it grows slowly . Time still proportional all
possible keys i.e 256 as that of single DES.
• To over come this, Triple DES is adopted
• Cipher text is obtained as
– C=Ek1(DK2(EK1(P)
– Three successive encryptions are used with only two keys in practice.
 Assignment Questions

1. Explain the strength of DES

2. Explain different design parameters of Fiestel
structure
3. Explain with a neat diagram the
encryption and decryption process.
4. Explain round function