CRYPTOGRAPHY AND NETWORK SECURITY

UNIT 1:

Classical Encryption Techniques: Security attacks - Security services and mechanisms - A model for
Network Security — Classical encryption techniques - Symmetric cipher model - Substitution
techniques - Caesar Cipher — Mono alphabetic Cipher - Play fair Cipher - Hill Cipher - Transposition
techniques.

Cryptography:

Cryptography is the practice of securing information through codes and algorithms, while
network security focuses on protecting computer networks and data from unauthorized access or
malicious activity

Essentially, cryptography scrambles information to make it unreadable, and network security

ensures the overall integrity and safety of the network infrastructure.

Cryptography:

• Purpose:

To protect sensitive information by converting it into an unreadable format (ciphertext) using

algorithms and keys.

• Key Concepts:

• Encryption: The process of converting plaintext into ciphertext.

• Decryption: The process of converting ciphertext back into plaintext.

• Algorithms: Mathematical rules used to encrypt and decrypt data.

• Keys: Secret values used with algorithms to encrypt and decrypt information.

Examples:

• Symmetric-key cryptography

• Asymmetric-key cryptography

Network Security:

• Purpose:

To protect computer networks and their resources from threats like unauthorized access, data
breaches, and malware.

• Key Concepts:

• Confidentiality: Protecting information from unauthorized disclosure.

• Integrity: Ensuring that information is not altered or tampered with.

 • Availability: Ensuring that authorized users can access network resources when
needed.

• Authentication: Verifying the identity of users and devices.

• Access Control: Limiting access to network resources based on user roles and
permissions.

Examples:

• Firewalls

• Intrusion Detection and Prevention Systems (IDS/IPS)

• Virtual Private Networks (VPNs)

• Security protocols (e.g., TLS/SSL)

• Antivirus and anti-malware software:

Security attacks:
Security attacks in cryptography are malicious attempts to exploit weaknesses in cryptographic
systems to compromise the confidentiality, integrity, or availability of data.

These attacks can involve various techniques to bypass encryption or gain unauthorized access
to sensitive information. Common attack types include passive attacks (e.g., eavesdropping), active
attacks (e.g., modification of messages)

Types of Attacks:

Passive attacks

Active attacks

Passive Attacks:

Monitoring/Eavesdropping without altering data. These attacks involve observing or

monitoring communication without actively interfering with it. Examples include eavesdropping on
network traffic or intercepting messages

Active Attacks:

Modification, Creation, Prevention of data flow. These attacks involve modifying or interfering
with the data stream, or injecting malicious data. Examples include:

• Masquerade: An attacker impersonates a legitimate user or system.

• Replay Attack: An attacker captures and retransmits valid data to gain unauthorized access or
trigger actions.

• Modification of Messages: An attacker alters the content of a message, potentially changing

its meaning or purpose.
 • Denial of Service (DoS): An attacker disrupts or disables network services, making them
unavailable to legitimate users.

Examples of Attacks:

• Known Plaintext Attack:

The attacker knows both the plaintext and the corresponding ciphertext, and tries to derive the
encryption key.

• Ciphertext-Only Attack:

The attacker only has access to ciphertext and tries to deduce the plaintext or key.

• Chosen Plaintext Attack:

The attacker can choose specific plaintexts and obtain their corresponding ciphertexts to analyze.

• Chosen Ciphertext Attack:

The attacker can choose specific ciphertexts and obtain their corresponding plaintexts to analyze.

• Brute Force Attack:

The attacker tries all possible key combinations to decrypt the ciphertext.

Security services and mechanisms:

Cryptography utilizes security services and mechanisms to protect sensitive data during
storage and transmission. Security services like confidentiality, integrity, authentication, and non-
repudiation are achieved through cryptographic mechanisms such as encryption, hashing, and
digital signatures.

These mechanisms transform data into an unreadable format (encryption), ensure data hasn't
been tampered with (integrity), verify the identity of the sender (authentication), and prevent the
sender from denying they sent the message (non-repudiation).

Security Services:

Security services are the high-level goals or objectives that cryptography helps to achieve. They
are designed to protect data and systems from various threats and ensure secure communication.

• Confidentiality:

Ensures that information is only accessible to authorized parties. Cryptography achieves this through
encryption, which transforms readable data (plaintext) into an unreadable format (ciphertext).

• Integrity:

Ensures that data has not been altered or tampered with during transmission or
storage. Mechanisms like hashing and message authentication codes (MACs) are used to verify data
integrity.

• Authentication:
Verifies the identity of the sender or receiver of information. Digital signatures, which use
asymmetric cryptography, are a common authentication mechanism.

• Non-repudiation:

Prevents a sender from denying that they sent a message. Digital signatures are also crucial for
achieving non-repudiation.

• Access Control:

Restricts access to resources based on established policies.

Security Mechanisms:

Security mechanisms are the concrete techniques and tools used to implement and achieve
the security services.

• Encryption:

The process of converting plaintext into ciphertext using an algorithm and a key. Symmetric key
algorithms (like AES) and asymmetric key algorithms (like RSA) are common encryption methods.

• Hashing:

A one-way function that takes data as input and produces a fixed-size output (hash value). Hash
functions like SHA-256 are used to verify data integrity.

• Digital Signatures:

A cryptographic technique that uses asymmetric cryptography to create a unique identifier for a
digital document or message, ensuring its authenticity and integrity.

• Access Control Mechanisms:

Password protection, firewalls, and other techniques that restrict access to resources.

• Notarization:

Involves a trusted third party to verify certain properties of a data exchange, reducing the risk of
conflict.

• Traffic Padding:

Adding extra data to a network stream to obscure the true content and make it harder to analyze.

• Routing Control:

Specifying secure routes for data transmission and enabling routing changes in response to security
breaches

Model for network security:

 A basic network security model involves a sender and receiver exchanging information securely
through a network.

This is achieved by encrypting the data using a security-related transformation, such

as encryption algorithms, before transmission and decrypting it back upon arrival. A trusted third
party can help manage the secure exchange of keys needed for these transformations.

1. Components of the Model:

• Sender: The party initiating the communication and possessing the original, unencrypted
data (plaintext).

• Receiver: The party intended to receive the encrypted data and decrypt it back into
plaintext.

• Information Channel: The network pathway through which the data travels (e.g., the
internet).

• Security-Related Transformation: The process of converting plaintext into ciphertext

(encrypted data) and vice versa. This involves algorithms and keys.

• Secret Information (Keys): Keys are used in conjunction with algorithms to encrypt and
decrypt data. They must be kept secret between the sender and receiver.

• Opponent/Attacker: A malicious entity attempting to intercept or alter the transmitted data.

• Trusted Third Party: A trusted entity that can help with the secure exchange of keys or other
aspects of security.

2. The Process:

• The sender transforms the plaintext message into ciphertext using a chosen encryption
algorithm and a secret key.

• The ciphertext is transmitted over the information channel.

• The receiver uses the same or a compatible algorithm and the corresponding secret key to
decrypt the ciphertext back into plaintext.

• The security-related transformation ensures that the message is protected from

unauthorized access or modification during transmission.

• A trusted third party can facilitate the secure exchange of keys between the sender and
receiver.
3. Key Concepts:

• Confidentiality: Ensuring that only authorized parties can access the information.

• Integrity: Ensuring that the information is not altered during transmission.

• Authentication: Verifying the identity of the sender.

• Encryption: A core security mechanism for protecting data during transmission.

• Key Management: Securely generating, distributing, and managing the keys used for
encryption.

Example:
Imagine two individuals, Alice (sender) and Bob (receiver), who want to exchange
a message securely over the internet. They decide to use a symmetric encryption
algorithm like AES and agree on a secret key. Alice encrypts her message using
AES and the shared key, sending the encrypted message to Bob. Bob receives the
message and decrypts it using the same AES algorithm and the shared key,
recovering the original message. If an attacker, Eve, intercepts the message, she
won't be able to understand it without knowing the secret key.

Encryption & Decryption:

Encryption is the process of converting readable information (plaintext) into an unreadable
format (ciphertext), while decryption is the reverse process of converting ciphertext back into
readable plaintext.

Types:

1)Symmetric Encryption & Decryption

2)Asymmetric Encryption & Decryption

1)Symmetric:

Symmetric encryption is a type of encryption where only one key (a secret key) is used to both
encrypt and decrypt electronic information
2)Asymmetric:

Asymmetric Encryption is a form of Encryption where keys come in pairs. What one key
encrypts, only the other can decrypt.

Classical Encryption Techniques:

[Link] Techniques – Replace characters with others.

[Link] Techniques – Rearrange the order of characters.

[Link] Techniques:

Letters are replaced by other letters or symbols.

Abcdefghijklm

Nopqrstuvwxyz

a->M

b->X Plaintext: bag

x->Z Ciphertext: XMA (Here A is replaced with M)

g->A

(Now it’s encrypted. Here we can send XMA send in internet. So no one can understand what it is.
We have use above the key information. This key information know only sender and receiver.

[Link] Techniques:

Applying some sort of permutation on the plaintext letters.

Plaintext: NESO

Ciphertext: ESON,SONE,ONES, ENOS….

Classical Encryption Techniques

1)Substitution Techniques :

Caesar Cipher

Monoalphabetic Cipher

Playfair Cipher

Hill Cipher

Polyalphabetic Cipher

One-Time Pad

2)Transposition
 Rail Fence

Row Column Transposition

Symmetric cipher model:

A symmetric cipher model in cryptography uses the same secret key for both encrypting and
decrypting a message.

The sender encrypts the plaintext (original message) using the key and an encryption
algorithm, producing ciphertext (encrypted message). The receiver then uses the same key and a
corresponding decryption algorithm to convert the ciphertext back into plaintext.

• Plaintext:

The original, readable message that needs to be secured.

• Encryption Algorithm:

A process or function that transforms the plaintext into ciphertext. It uses the secret key to perform
substitutions and transformations on the plaintext.

• Secret Key:

A value, known only to the sender and receiver, that is essential for both encryption and
decryption. Different keys will produce different ciphertexts even with the same plaintext.

• Ciphertext:

The scrambled, unreadable output of the encryption process. It depends on the plaintext and the
secret key.

• Decryption Algorithm:

The reverse of the encryption algorithm. It uses the same secret key to transform the ciphertext back
into the original plaintext.

Essentially, the sender and receiver share a secret key, and this shared key is used to both lock
and unlock the message. This model is fundamental to symmetric encryption, also known as private-
key or single-key encryption, and is characterized by its speed and simplicity.

How it works

1. Key Generation: A secret key is generated, usually through advanced mathematical

equations, and is shared between the sender and the receiver securely.

2. Encryption: The sender uses the encryption algorithm and the shared secret key to transform
the plaintext into ciphertext.

3. Transmission: The ciphertext is transmitted over a potentially insecure channel. Since no key
is transmitted with the data, the chances of the data being decrypted by an unauthorized
party are significantly reduced.

4. Decryption: The recipient uses the same secret key and the decryption algorithm to reverse
the encryption process, converting the ciphertext back to the original plaintext.
Advantages and disadvantages:

• Advantages: Symmetric encryption is known for its speed and efficiency, making it suitable
for encrypting large volumes of data. This method is also computationally less intensive and
has a lower overhead compared to asymmetric encryption.

• Disadvantages: The biggest challenge with symmetric encryption lies in securely sharing and
managing the secret key. If the key is intercepted or falls into the wrong hands, the security
of the entire communication or stored data is compromised. Additionally, symmetric
algorithms typically don't inherently provide features like non-repudiation

Substitution techniques:

Substitution techniques in cryptography involve replacing units of plaintext (like letters or bits)
with ciphertext units according to a predefined rule or key.

This method aims to obscure the original message by changing its components while
preserving its overall structure.

• Replace, Don't Rearrange:

Unlike transposition ciphers that shuffle the order of characters, substitution ciphers change the
identity of the characters themselves.

• Key-Dependent:

The specific replacement rule (the key) determines how the plaintext is transformed into ciphertext.

Types:

Caesar Cipher

Monoalphabetic Cipher

Playfair Cipher

Hill Cipher

Polyalphabetic Cipher
 One-Time Pad

Caesar Cipher:

The Caesar Cipher is one of the simplest and oldest methods of encrypting messages,
named after Julius Caesar, who reportedly used it to protect his military communications. This
technique involves shifting the letters of the alphabet by a fixed number of places. For example, with
a shift of three, the letter 'A' becomes 'D', 'B' becomes 'E', and so on.

The Caesar cipher is a simple encryption technique that was used by Julius Caesar to send
secret messages to his allies. It works by shifting the letters in the plaintext message by a certain
number of positions, known as the "shift" or "key".

Cryptography Algorithm For the Caesar Cipher:

Thus to cipher a given text we need an integer value, known as a shift which indicates the
number of positions each letter of the text has been moved down.
The encryption can be represented using modular arithmetic by first transforming the letters
into numbers, according to the scheme, A = 0, B = 1,..., Z = 25. Encryption of a letter by a shift n can
be described mathematically as.

Example:

If the shift is 3, then the letter A would be replaced by the letter D, B would become E, C
would become F, and so on. The alphabet is wrapped around so that after Z, it starts back at A

Here is an example of how to use the Caesar cipher to encrypt the message "HELLO" with a shift of 3:

1. Write down the plaintext message: HELLO

2. Choose a shift value. In this case, we will use a shift of 3.

3. Replace each letter in the plaintext message with the letter that is three positions to the right
in the alphabet

Example:

H becomes K (shift 3 from H)

E becomes H (shift 3 from E)
L becomes O (shift 3 from L)
L becomes O (shift 3 from L)
O becomes R (shift 3 from O)

The encrypted message is now "KHOOR".

• To decrypt the message, you simply need to shift each letter back by the same number of
positions. In this case, you would shift each letter in "KHOOR" back by 3 positions to get the
original message, "HELLO".
 • En(x)=(x+n)mod 26
(Encryption Phase with shift n)

• Dn(x)=(x-n)mod 26
(Decryption Phase with shift n)

Example:

Text : ATTACKATONCE
Shift: 4
Cipher: EXXEGOEXSRGI

Advantages

• Easy to implement and use thus, making suitable for beginners to learn about
encryption.
• Can be physically implemented, such as with a set of rotating disks or a set of
cards, known as a scytale, which can be useful in certain situations.
• Requires only a small set of pre-shared information.
• Can be modified easily to create a more secure variant, such as by using a multiple
shift values or keywords.

Disadvantages

• It is not secure against modern decryption methods.

• Vulnerable to known-plaintext attacks, where an attacker has access to both the

encrypted and unencrypted versions of the same messages.

• The small number of possible keys means that an attacker can easily try all
possible keys until the correct one is found, making it vulnerable to a brute force
attack.

• It is not suitable for long text encryption as it would be easy to crack.

• It is not suitable for secure communication as it is easily broken.

 • Does not provide confidentiality, integrity, and authenticity in a message.

Why it's weak:

• While easy to understand and implement, the Caesar cipher is not very secure. It's
vulnerable to attacks because:
Limited keyspace:
There are only 25 possible shifts (or 26 if you consider a shift of 0), making it
easy to try all possibilities (brute-force attack).
Frequency analysis:
The frequency of letters in the ciphertext can be analyzed to reveal the original
message, as the shift doesn't change the overall distribution of letters.

def encrypt(text,s):
result = ""
for i in range(len(text)):
char = text[i]
if ([Link]()):
result += chr((ord(char) + s-65) % 26 + 65)
else:
result += chr((ord(char) + s - 97) % 26 + 97)
return result
text = "ATTACKATONCE"
s=4
print ("Text : " + text)
print ("Shift : " + str(s))
print ("Cipher: " + encrypt(text,s))

Mono alphabetic Cipher:

A monoalphabetic cipher is a type of substitution cipher where each letter of the
alphabet is consistently replaced by another single letter throughout the entire message.
This means that one letter will always be encrypted to the same other letter. A key,
which can be a simple mapping or a more complex rule, determines which letter replaces
which.
Example:
Let's say the plain text is "hello" and the encryption key maps 'h' to 'q', 'e' to 'w', 'l' to
'r', and 'o' to 't'. Applying this key, the encrypted text (ciphertext) would be "qwrr t".
0 1 2 3 4 5 6 7 8 9 10 11 12

A B C D E F G H I J K L M

13 14 15 16 17 18 19 20 21 22 23 24 25

N O P Q R S T U V W X Y Z

Example Input (Plain-text)- GFG

• Explanation: In Monoalphabetic cipher, the mapping is done randomly and the
difference between the letters is not uniform. Here, the word is mapped to S (G->S),
F is mapped to R(F->R) and G was already mapped to S so we cannot change it (G-
>S).
• Example Output (Cipher-text)- SRS

Play fair Cipher:

The Playfair cipher is a symmetric encryption technique invented in 1854 by Charles
Wheatstone, but named after Lord Playfair.

The Playfair cipher is a manual symmetric encryption technique that encrypts digraphs (pairs of
letters) instead of single letters, making it more robust than simple substitution ciphers. It utilizes a
5x5 key matrix derived from a keyword.

Key Matrix Generation:

• A 5x5 matrix is created using a keyword. Unique letters from the keyword are placed first,
followed by the remaining letters of the alphabet in alphabetical order. The letters 'I' and 'J'
are typically treated as the same letter to fit into the 25-square matrix.

• Example: Keyword "MONARCHY"

MONAR

CHYBD

E F G I/J K

LPQST

UVWXZ

Encryption Rules:
 • Prepare the plaintext:

• Split the plaintext into digraphs.

• If a digraph has identical letters (e.g., "LL"), insert a filler letter (e.g., 'X') between
them (e.g., "LX L").

• If the plaintext has an odd number of letters, append a filler letter to the end to
complete the last digraph.

• Example: "ATTACK" becomes "AT TA CK" (no identical letters or odd length).

• Apply encryption rules based on letter positions in the key matrix:

• Same Row: If both letters of a digraph are in the same row, each letter is replaced by
the letter to its immediate right (wrapping around if at the end of the row).

• Example: Using the "MONARCHY" matrix, "AR" becomes "RC".

• Same Column: If both letters of a digraph are in the same column, each letter is
replaced by the letter immediately below it (wrapping around if at the bottom of the
column).

• Example: Using the "MONARCHY" matrix, "MC" becomes "CH".

• Different Row and Column: If the letters are in different rows and columns, they
form a rectangle. Each letter is replaced by the letter in its own row but in the
column of the other letter.

• Example: Using the "MONARCHY" matrix, "AT" is in different rows and

columns. 'A' is in row 1, column 4; 'T' is in row 4, column 5. The encrypted
pair becomes the letter in 'A's row and 'T's column ('R'), and the letter in 'T's
row and 'A's column ('S'). So, "AT" becomes "RS".

Example Encryption:

• Keyword: "MONARCHY"

• Plaintext: "ATTACK"

• Prepared plaintext digraphs: "AT", "TA", "CK"

• Encryption:
o "AT": 'A' (row 1, col 4), 'T' (row 4, col 5) -> Different rows/cols. 'A' becomes
'R', 'T' becomes 'S'. Encrypted: "RS".

o "TA": 'T' (row 4, col 5), 'A' (row 1, col 4) -> Different rows/cols. 'T' becomes 'S',
'A' becomes 'R'. Encrypted: "SR".

o "CK": 'C' (row 2, col 1), 'K' (row 3, col 5) -> Different rows/cols. 'C' becomes
'D', 'K' becomes 'E'. Encrypted: "DE".
• Ciphertext: "RS SRDE" (combining the digraphs)
Decryption Rules:

The Playfair cipher decrypts ciphertext by following three rules, based on the positions of the two
letters in a digraph within the key matrix.

• Same Row: If both letters are in the same row, they are replaced by the letters to their
immediate left. If a letter is at the beginning of the row, it wraps around to the end of the
same row.

• Same Column: If both letters are in the same column, they are replaced by the letters
immediately above them. If a letter is at the top of the column, it wraps around to the
bottom of the same column.

• Different Row and Column: If the letters are in different rows and columns, they form a
rectangle. Each letter is replaced by the letter on the same row but in the column of the
other letter of the digraph.

Decryption process:

Ciphertext: "rssrde"

• "RS": 'R' is at (0, 4) and 'S' is at (3, 3). Since these are in different rows and columns, form a
rectangle and take the letters at the opposite corners. 'R' becomes 'A' (same row as R, same
column as S). 'S' becomes 'T' (same row as S, same column as R). "RS" decrypts to "AT".

• "SR": 'S' is at (3, 3) and 'R' is at (0, 4). Since these are in different rows and columns, form a
rectangle and take the letters at the opposite corners. 'S' becomes 'T' (same row as S, same
column as R). 'R' becomes 'A' (same row as R, same column as S). "SR" decrypts to "TA".

• "DE": 'D' is at (1, 4) and 'E' is at (2, 0). Since these are in different rows and columns, form a
rectangle and take the letters at the opposite corners. 'D' becomes 'C' (same row as D, same
column as E). 'E' becomes 'K' (same row as E, same column as D). "DE" decrypts to "CK".

Plaintext
• Combining the decrypted digraphs, the plaintext for "rssrde" is "attack".

Advantages and Disadvantages:

Advantages:
• It is significantly harder to break since the frequency analysis technique used to
break simple substitution ciphers is difficult but still can be used on (25*25) = 625 digraphs
rather than 25 monographs which is difficult.
• Frequency analysis thus requires more cipher text to crack the encryption.

Disadvantages:
• An interesting weakness is the fact that a digraph in the ciphertext (AB) and it's
reverse (BA) will have corresponding plaintexts like UR and RU (and also ciphertext UR and
RU will correspond to plaintext AB and BA, i.e. the substitution is self-inverse). That can
easily be exploited with the aid of frequency analysis, if the language of the plaintext is
known.
• Another disadvantage is that playfair cipher is a symmetric cipher thus same key is
used for both encryption and decryption.

Hill Cipher:
The Hill cipher is a polygraphic substitution cipher that utilizes linear algebra, specifically
matrix multiplication, for encryption and decryption. It was developed by Lester S. Hill in 1929.

Encryption Process:

• Assign Numerical Values:

Each letter of the alphabet is assigned a numerical value (e.g., A=0, B=1, ..., Z=25).

• Form Plaintext Vectors:

The plaintext message is divided into blocks of n letters, where n is the dimension of the key
matrix. Each block is then converted into an n-component column vector.

• Choose a Key Matrix:

An n x n invertible matrix, known as the key matrix (K), is chosen. This matrix must have a
determinant that is coprime to 26 (i.e., gcd(det(K), 26) = 1) to ensure invertibility modulo 26.

• Matrix Multiplication:

The plaintext vector (P) is multiplied by the key matrix (K) to produce a ciphertext vector (C). This
operation is performed modulo 26.

Hill cipher the Encryption is done using:

C = K * P (mod 26)

• Convert to Ciphertext Letters: The numerical values in the ciphertext vector are converted
back to letters.

Decryption Process:

• Find Inverse Key Matrix: The inverse of the key matrix (K⁻¹) modulo 26 is calculated.

• Matrix Multiplication: The ciphertext vector (C) is multiplied by the inverse key matrix (K⁻¹)
to recover the plaintext vector (P). This operation is also performed modulo 26.
Hill cipher the Decryption done using:

P = K⁻¹ * C (mod 26)

• Convert to Plaintext Letters: The numerical values in the recovered plaintext vector are
converted back to letters.

Example (2x2 Hill Cipher):

Encryption:

• Plaintext: "HI"

• Numerical values: H=7, I=8

• Plaintext vector: P =

• Key Matrix: K = [[3, 2], [5, 7]] (Determinant = 37 - 25 = 21 - 10 = 11, which is coprime to 26)

multiply.

C = [[3, 2], [5, 7]] * [7, 8] (mod 26)

C = [(3*7 + 2*8), (5*7 + 7*8)] (mod 26)

C = [(21 + 16), (35 + 56)] (mod 26)

C = [37, 91] (mod 26)

C = [11, 13] (mod 26)

• Convert to Ciphertext: 11 = L, 13 = N.

Ciphertext: "LN"

Decryption:

• Ciphertext: "LN"

• Numerical values: L=11, N=13

• Ciphertext vector: C =

• Inverse Key Matrix (K⁻¹ mod 26): For K = [,], K⁻¹ mod 26 is [,] (calculated using modular
inverse and adjugate matrix).

multiply.

P = [[19, 24], [15, 9]] * [11, 13] (mod 26)

P = [(19*11 + 24*13), (15*11 + 9*13)] (mod 26)

P = [(209 + 312), (165 + 117)] (mod 26)

P = [521, 282] (mod 26)

P = [1, 22] (mod 26) -- Error in calculation, should be [7, 8]

Correction for decryption:

P = [(521 mod 26), (282 mod 26)]

P = [1, 22] -- This is not correct. Let's re-evaluate the modular inverse and multiplication.

The correct calculation for K⁻¹ is: det(K) = 11. Modular inverse of 11 mod 26 is 19 (since 11 *
19 = 209 = 8 * 26 + 1).
adj(K) = [[7, -2], [-5, 3]].
K⁻¹ = 19 * [[7, -2], [-5, 3]] (mod 26)
K⁻¹ = [[19*7, 19*(-2)], [19*(-5), 19*3]] (mod 26)
K⁻¹ = [[133, -38], [-95, 57]] (mod 26)
K⁻¹ = [[3, 14], [9, 5]] (mod 26)

Now, decrypt with the correct K⁻¹:

P = [[3, 14], [9, 5]] * [11, 13] (mod 26)

P = [(3*11 + 14*13), (9*11 + 5*13)] (mod 26)

P = [(33 + 182), (99 + 65)] (mod 26)

P = [215, 164] (mod 26)

P = [7, 8] (mod 26)

• Convert to Plaintext: 7 = H, 8 = I.

Plaintext: "HI"

Advantages:

• Security − As the hill cipher works with blocks of letters rather than single letters, it offers
more security than other conventional substitution ciphers. It is thus more vulnerable to
attacks using frequency analysis.

• Flexibility − Messages with capital and lowercase letters, punctuation, and spaces can be
encrypted and decrypted using the Hill Cipher. Because of its adaptability, it can be used to
encrypt a variety of text-based files.

• Mathematical Background − The Hill Cipher is based on the ideas of linear algebra, and
provides a framework for understanding and creating advanced methods for encryption. It
provides a chance to look into the connection between encryption techniques and matrices.

• Key Strength − The size and unpredictability of the encryption key matrix directly affect the
security of the Hill cipher. The encryption strength can be raised by applying a larger key
matrix, which will make it more challenging for unauthorised parties to decrypt the message.

• Complexity − The Hill cipher is more difficult to understand without the encryption key since
it uses matrix operations in its encryption procedure. This improves the algorithm's security
more.
Transposition techniques:
In cryptography, transposition is an encryption technique that rearranges the order of
characters in a message (plaintext) to create a ciphertext, without changing the characters
themselves.

Key Concepts:

• Permutation:

The core of transposition is rearranging the plaintext characters. This rearrangement is often based
on a specific pattern, key, or rule.

• No Character Replacement:

Unlike substitution ciphers, transposition ciphers do not substitute characters. The original letters
remain, just in a different order.

• Keyless or Keyed:

Transposition techniques can be keyless (e.g., Rail Fence cipher) or keyed (e.g., columnar
transposition). Keyed techniques use a key to determine the rearrangement pattern, making them
more complex.

Types:

Rail Fence

Row Column Transposition

Rail fence cipher:

The rail fence cipher is a transposition cipher that encrypts a message by writing it in a zigzag
pattern across imaginary "rails" and then reading off the letters row by row.

This method rearranges the order of the letters in the message, rather than substituting
them with other letters.

Encryption:

1. Key: The number of "rails" (rows) is the key for this cipher.

2. Zigzag Pattern: The plaintext is written diagonally down and up, creating a zigzag pattern
across the specified number of rails.

3. Reading the Ciphertext: The ciphertext is formed by reading the letters in each rail from left
to right, one rail at a time, starting from the top rail.
 Here Key = 3. For encryption we write the message diagonally in zigzag form in a matrix
having total rows = key and total columns = message length. Then read the matrix row wise
horizontally to get encrypted message.

Decryption:

1. Determine the Number of Rails: You need to know the number of rails (the key) used for
encryption.

2. Create the Grid: Construct a grid with the same number of rails and columns as the
ciphertext. The number of columns is determined by the length of the ciphertext.

3. Mark the Zigzag: Mark the zigzag path on the grid based on the number of rails, like you did
during encryption.

4. Fill the Grid: Write the ciphertext into the grid, following the zigzag path.

5. Read the Plaintext: Read the plaintext by traversing the grid row by row, left to right.

Key Points:

• The rail fence cipher is a relatively simple method and easy to understand.

• It's considered a weak form of encryption and is not used as a standalone cipher in modern
cryptography.

• It's often used as a part of a more complex cipher or as a teaching tool to understand
transposition ciphers.

Row Column Transposition:

Row-column transposition is a classical transposition cipher technique in cryptography

used to rearrange the order of plaintext characters to create ciphertext, without substituting any
characters. It relies on a key, often a keyword, to determine the rearrangement pattern.
 • Preparation of the Matrix:

• A rectangular matrix (grid) is created. The number of columns in this matrix is

typically determined by the length of the chosen keyword.

• The plaintext message is written into this matrix, row by row, filling each cell
sequentially.

• If the plaintext does not perfectly fill the matrix, null characters or padding
characters are added to complete the last row.

• Columnar Permutation (Encryption):

• The columns of the matrix are then reordered based on the key. If a keyword is used,
the alphabetical order of the letters in the keyword dictates the new order of the
columns (e.g., if the keyword is "MONEY", the column under 'E' comes first, then 'M',
'N', 'O', 'Y').

• The ciphertext is generated by reading the characters in the reordered columns,

from top to bottom, one column at a time.

• Decryption:

• To decrypt, the receiver uses the same key to reconstruct the original column order.

• The ciphertext is then written back into the matrix, column by column, in the correct,
original order.

• Finally, the plaintext is retrieved by reading the characters from the matrix row by
row.

Determine Grid Dimensions:

• The key sequence 1, 2, 3, 4 indicates 4 columns.

• The plaintext "securitylab" has 11 characters.

• Divide the plaintext length by the number of columns: 11 / 4 = 2 with a remainder of

3.

• The grid will have 3 rows. The last row will be partially filled.

Write Plaintext into Grid: Fill the grid row by row, from left to right. Pad the remaining cells in
the last row with 'X'.

1234

SECU

RITY

LABX

Read Ciphertext: Read the columns according to the key sequence (1, 2, 3, 4).

• Column 1: S R L

• Column 2: E I A
 • Column 3: C T B

• Column 4: U Y X

Resulting Ciphertext: SRLEIACTBUYX

• Decryption: The reverse process is applied, using the key to reconstruct the original
column order and reading row by row.
UNIT-2:

Block Ciphers- Data Encryption Standards and Public Key Cryptography: Simplified DES -
Block Cipher Principles - DES — AES - Block Cipher Design Principles - Block Cipher modes
of Operation - Public Key Cryptography - Principles of Public Key Cryptosystems - The RSA
Algorithm -Diffie Hellman Key Exchange.

Data Encryption Standard:

DES, or Data Encryption Standard, is a symmetric-key block cipher that encrypts 64-
bit data blocks using a 56-bit key and has been largely replaced by stronger algorithms like
AES.

Developed in the 1970s by IBM with NSA assistance, DES uses a Feistel
structure with 16 rounds of operations, combining substitution and transposition to create
ciphertext. Its primary weakness is the 56-bit key, which is now vulnerable to brute-force
attacks, though it was instrumental in advancing the field of cryptography by introducing a
standardized, open algorithm.

Key Characteristics

• Key Size:

The initial 64-bit key has 8 parity bits removed, resulting in a 56-bit effective key length.

• Security Vulnerability:

The 56-bit key is too short by modern standards and is easily crackable by brute-force
attacks.

• Historical Significance:

DES was a crucial development, making cryptography accessible to a wider audience and
fostering research and the development of new, stronger algorithms.
Block Cipher Principles:

Block ciphers in cryptography operate on fixed-size blocks of data, encrypting them

with a key using a deterministic algorithm. Key principles include using large block and key
sizes, diffusion, confusion, and a Feistel structure with rounds and subkeys.

The process involves encrypting each block separately and potentially using
different modes of operation to handle messages longer than a single block.

1. Fixed-Size Blocks: Block ciphers operate on data in fixed-size blocks, typically 64 or 128
bits, but other sizes are possible. The block size is usually a power of 2, like 64, 128, or 256.

2. Encryption Process:

• Substitution:

Replacing input bits with other bits based on a substitution table or S-box.

• Permutation:

Rearranging the order of bits within the block.

• Rounds:

The substitution and permutation steps are repeated multiple times in rounds, increasing
complexity.

• Key Scheduling:

The encryption key is used to generate a series of round keys, which are used in each round
of the encryption process.

3. Feistel Structure: Many block ciphers, like DES, utilize a Feistel network. In this structure,
the input block is divided into two halves, and a round function is applied to one half,
combined with the other half through XOR, and then the halves are swapped.
4. Diffusion and Confusion:

• Diffusion:

Changing one bit of the plaintext should ideally affect multiple bits of the ciphertext, making
it harder to analyze the relationship between the two.

• Confusion:

The relationship between the key and the ciphertext should be complex and non-linear,
making it difficult to deduce the key even if some ciphertext bits are known.

5. Modes of Operation: Block ciphers can be used with different modes of operation to
handle messages longer than a single block. Some common modes include:

• Electronic Codebook (ECB): Each block is encrypted independently.

• Cipher Block Chaining (CBC): Each block is XORed with the previous ciphertext block
before encryption.

• Counter (CTR) mode: Uses a counter to generate a unique keystream for each block.

6. Key Length: The strength of a block cipher depends on the key length. Longer keys
provide more possible combinations and make brute-force attacks more difficult.
7. Example Algorithms: DES, 3DES, AES, and RC2 are examples of block ciphers.

Data Encryption Standard(DES):

DES stands for Data Encryption Standard. It is a symmetric-key block cipher algorithm
that was a widely used encryption standard for many years.

Key characteristics of DES:

• Symmetric-key:

DES uses the same key for both encryption and decryption. This means that both the sender
and receiver must possess the secret key to communicate securely.
 • Block cipher:

DES operates on fixed-size blocks of data. It takes a 64-bit plaintext block as input and
produces a 64-bit ciphertext block as output.

• Key size:

The effective key length of DES is 56 bits. Although the original key is 64 bits, 8 bits are used
for parity checking, leaving 56 bits for cryptographic operations.

• Feistel structure:

The core of the DES algorithm is based on a Feistel cipher structure, which involves multiple
rounds of operations. Each round includes a combination of permutations (rearranging bits)
and substitutions (replacing bits).

• Round function:

In each of the 16 rounds, a 48-bit round key (derived from the original 56-bit key) is used in
conjunction with a complex round function that involves expansion, XOR operations, S-boxes
(substitution boxes), and permutations.

How DES works (simplified):

• Initial Permutation (IP):

The 64-bit plaintext block undergoes an initial permutation, rearranging its bits.

• 16 Rounds:

The permuted block is then divided into two 32-bit halves (left and right). These halves go
through 16 rounds of processing. In each round:

• The right half is expanded to 48 bits and XORed with a 48-bit round key.

• The result is passed through S-boxes for substitution.

• The output of the S-boxes is then permuted.

• This result is XORed with the left half.

• The left and right halves are then swapped.

 • Final Permutation (FP):

After 16 rounds, the two 32-bit halves are combined and subjected to a final permutation
(the inverse of the initial permutation) to produce the 64-bit ciphertext.

Data Encryption Standard (DES) is a symmetric block cipher. By 'symmetric', we

mean that the size of input text and output text (ciphertext) is same (64-bits).

The 'block' here means that it takes group of bits together as input instead of
encrypting the text bit by bit.

Data encryption standard (DES) has been found vulnerable to very powerful
attacks and therefore, it was replaced by Advanced Encryption Standard (AES).

• It is a block cipher that encrypts data in 64 bit blocks.

• It takes a 64-bit plaintext input and generates a corresponding 64-bit ciphertext

output.

• The main key length is 64-bit which is transformed into 56-bits by skipping every 8th
bit in the key.

• It encrypts the text in 16 rounds where each round uses 48-bit subkey.

• This 48-bit subkey is generated from the 56-bit effective key.

• The same algorithm and key are used for both encryption and decryption with minor
changes.

Working of Data Encryption Standard (DES):

DES is based on the two attributes of Feistel cipher i.e. Substitution (also called
confusion) and Transposition (also called diffusion).

DES consists of 16 steps, each of which is called a round. Each round performs
the steps of substitution and transposition along with other operations.
 The encryption starts with a 64-bit plaintext that needs to be encrypted using a 64-bit
key. Plaintext is passed to Initial Permutation function and key is permuted using Permuted
Choice 1 (PC-1).

(In each round input also 64bit and output also 64 bits)
Advanced Encryption Standard (AES):

Advanced Encryption Standard (AES) is a highly trusted encryption algorithm used to

secure data by converting it into an unreadable format without the proper key. It is
developed by the National Institute of Standards and Technology (NIST) in 2001.

It is widely used today as it is much stronger than DES and triple DES despite being
harder to implement.

This data security measure is efficient and widely implemented in securing internet
communication, protecting sensitive data, and encrypting files.

AES, or Advanced Encryption Standard, is a symmetric block cipher widely used for
encrypting digital information.

It encrypts and decrypts data using the same key, and can utilize key lengths of 128,
192, or 256 bits, operating on 128-bit data blocks.

• Symmetric Encryption:

AES is a symmetric cipher, meaning the same key is used for both encrypting and
decrypting data.

• Block Cipher:

AES operates on fixed-size blocks of data. It processes 128 bits of data at a time.

• Key Lengths:

AES supports key lengths of 128, 192, and 256 bits, with longer keys generally
offering more security.

• Security:

AES is considered a highly secure encryption algorithm and is widely adopted for
securing sensitive data.

Working of The Cipher

AES performs operations on bytes of data rather than in bits. Since the block
size is 128 bits, the cipher processes 128 bits (or 16 bytes) of the input data at a
time.
The number of rounds depends on the key length as follows :

N (Number of Rounds) Key Size (in bits)

10 128

12 192

14 256

Creation of Round Keys

A Key Schedule algorithm calculates all the round keys from the key. So the
initial key is used to create many different round keys which will be used in the
corresponding round of the encryption.
AES Encryption and Decryption:
AES considers each block as a 16-byte (4 byte x 4 byte = 128 ) grid in a column-major arrangement.

Each round comprises of 4 steps :

• SubBytes

• ShiftRows

• MixColumns

• Add Round Key

Step1. Sub Bytes

This step implements the substitution.
In this step, each byte is substituted by another byte. It is performed using a
lookup table also called the S-box. This substitution is done in a way that a byte is
never substituted by itself and also not substituted by another byte which is a
compliment of the current byte. The result of this step is a 16-byte (4 x 4 ) matrix
like before.
The next two steps implement the permutation.
Step2. Shift Rows

This step is just as it sounds. Each row is shifted a particular number of times.

• The first row is not shifted

• The second row is shifted once to the left.

• The third row is shifted twice to the left.

• The fourth row is shifted thrice to the left.

(A left circular shift is performed.)

[ b0 | b1 | b2 | b3 ] [ b0 | b1 | b2 | b3 ]
| b4 | b5 | b6 | b7 | -> | b5 | b6 | b7 | b4 |
| b8 | b9 | b10 | b11 | | b10 | b11 | b8 | b9 |
[ b12 | b13 | b14 | b15 ] [ b15 | b12 | b13 | b14 ]

Step 3: Mix Columns

This step is a matrix multiplication. Each column is multiplied with a specific matrix
and thus the position of each byte in the column is changed as a result.
This step is skipped in the last round.
[ c0 ] [ 2 3 1 1 ] [ b0 ]
| c1 | = | 1 2 3 1 | | b1 |
| c2 | | 1 1 2 3 | | b2 |
[ c3 ] [ 3 1 1 2 ] [ b3 ]

Step 4: Add Round Keys

• Now the resultant output of the previous stage is XOR-ed with the corresponding
round key. Here, the 16 bytes are not considered as a grid but just as 128 bits of data.
• After all these rounds 128 bits of encrypted data are given back as output. This
process is repeated until all the data to be encrypted undergoes this process

Decryption:
The stages in the rounds can be easily undone as these stages have an opposite to it which when
performed reverts the changes. Each 128 blocks goes through the 10,12 or 14 rounds depending on
the key size.

The stages of each round of decryption are as follows :

 • Add round key
• Inverse MixColumns
• ShiftRows
• Inverse SubByte
The decryption process is the encryption process done in reverse so I will explain the steps
with notable differences.

Applications of AES:
AES is widely used in many applications which require secure data storage and
transmission. Some common use cases include:
• Wireless security: AES is used in securing wireless networks, such as Wi-Fi networks,
to ensure data confidentiality and prevent unauthorized access.
• Database Encryption: AES can be applied to encrypt sensitive data stored in
databases. This helps protect personal information, financial records, and other
confidential data from unauthorized access in case of a data breach.
• Secure communications: AES is widely used in protocols such as internet
communications, email, instant messaging, and voice/video calls. It ensures that the
data remains confidential.
• Data storage: AES is used to encrypt sensitive data stored on hard drives, USB drives,
and other storage media, protecting it from unauthorized access in case of loss or
theft.
Block Cipher Design Principles:
Block ciphers are built in the Feistel cipher structure. Block cipher has a specific number of
rounds and keys for generating ciphertext. Block cipher is a type of encryption algorithm that
processes fixed-size blocks of data, usually 64 or 128 bits, to produce ciphertext. The design
of a block cipher involves several important principles to ensure the security and efficiency
of the algorithm. Some of these principles are:

1. Number of Rounds - The number of Rounds is regularly considered in design criteria,

it just reflects the number of rounds to be suitable for an algorithm to make it more
complex, in DES we have 16 rounds ensuring it to be more secure while in AES we
have 10 rounds which makes it more secure.
2. Design of function F - The core part of the Feistel Block cipher structure is the Round
Function. The complexity of cryptanalysis can be derived from the Round function i.e.
the increasing level of complexity for the round function would be greatly
contributing to an increase in complexity. To increase the complexity of the round
function, the avalanche effect is also included in the round function, as the change of
a single bit in plain text would produce a mischievous output due to the presence of
avalanche effect.
3. Confusion and Diffusion: The cipher should provide confusion and diffusion to make
it difficult for an attacker to determine the relationship between the plaintext and
ciphertext. Confusion means that the ciphertext should be a complex function of the
key and plaintext, making it difficult to guess the key. Diffusion means that a small
change in the plaintext should cause a significant change in the ciphertext, which
makes it difficult to analyze the encryption pattern.
4. Key Size: The key size should be large enough to prevent brute-force attacks. A larger
key size means that there are more possible keys, making it harder for an attacker to
guess the correct one. A key size of 128 bits is considered to be secure for most
applications.
5. Key Schedule: The key schedule should be designed carefully to ensure that the keys
used for encryption are independent and unpredictable. The key schedule should
also resist attacks that exploit weak keys or key-dependent properties of the cipher.
6. Block Size: The block size should be large enough to prevent attacks that exploit
statistical patterns in the plaintext. A block size of 128 bits is generally considered to
be secure for most applications.
7. Non-linearity: The S-box used in the cipher should be non-linear to provide
confusion. A linear S-box is vulnerable to attacks that exploit the linear properties of
the cipher.
 8. Avalanche Effect: The cipher should exhibit the avalanche effect, which means that a
small change in the plaintext or key should cause a significant change in the
ciphertext. This ensures that any change in the input results in a complete change in
the output.
9. Security Analysis: The cipher should be analyzed for its security against various
attacks such as differential cryptanalysis, linear cryptanalysis, and brute-force attacks.
The cipher should also be tested for its resistance to implementation attacks, such as
side-channel attacks.

Block Cipher modes of Operation:

Encryption algorithms are divided into two categories based on the input type: block
cipher and stream cipher. A block cipher is an encryption algorithm that takes a fixed-size
input (e.g., b bits) and produces a ciphertext of b bits. If the input is larger than b bits, it can
be divided further. There are several modes of operation for a block cipher, each suited for
different applications and uses.

What are Block Cipher Modes of Operation?

Block Cipher Modes of Operation define how to securely encrypt and decrypt large
amounts of data using a block cipher. A block cipher is an encryption algorithm that
processes data in fixed-size blocks (e.g., 128 bits) rather than one bit at a time. However, to
encrypt data larger than a single block, different modes of operation are used to ensure both
security and efficiency. Here are a few common modes.
Here are a few common modes:
Electronic Code Book (ECB)
The electronic codebook is the easiest block cipher mode of functioning. It is easier because
of the direct encryption of each block of input plaintext and output is in the form of blocks
of encrypted ciphertext. Generally, if a message is larger than b bits in size, it can be broken
down into a bunch of blocks and the procedure is repeated.
The procedure of ECB is illustrated below:

Advantages of using ECB

• Parallel encryption of blocks of bits is possible, thus it is a faster way of encryption.
• Simple way of the block cipher.
Disadvantages of using ECB
• Prone to cryptanalysis since there is a direct relationship between plaintext and
ciphertext.
• Identical plaintext blocks produce identical ciphertext blocks, which can reveal
patterns.
Cipher Block Chaining
Cipher block chaining or CBC is an advancement made on ECB since ECB compromises some
security requirements. In CBC, the previous cipher block is given as input to the next
encryption algorithm after XOR with the original plaintext block. In a nutshell here, a cipher
block is produced by encrypting an XOR output of the previous cipher block and present
plaintext block.
Public Key Cryptography:
Public key cryptography, also known as asymmetric cryptography, is a cryptographic system that
uses a pair of mathematically linked keys: a public key and a private key.

Types of Cryptography:

There are two types of cryptography:

1)Symmetric key cryptography

2)Asymmetric key cryptography

Asymmetric key Cryptography:

Asymmetric key cryptography is also called public key cryptography.

Asymmetric cipher model consists of six elements:

• Plain text
• Encryption algorithm
• Private key
• Public key
• Decryption algorithm
• Cipher text

Public & Private keys:

This is a pair of keys that have been selected so that if one is used for encryption, the other is used
for decryption.

Asymmetric key Cryptography:

Public key is distributed to all users and private key is known to particular user only.

There are two different Scenario of encryption model:

1. Public key used for encryption and private key used for decryption.
2. Private key used for encryption and public key used for decryption.

Scenario-1: Encryption with public key

If Bob wants to send message to Alice, Bob must have to use public key of Alice. Message to be
transmitted after encryption of message using Alice’s public key.

Alice has received message and she can decrypt the message using only her private key’s.

Mathematically, if is represented,

Y=E(Pu(A),X)

X=D(Pr(A),Y)
 -where, Pu(A)=Alice public key and Pr(A)=Alice private key.

Scenario-2: Encryption with private key

If Bob wants to send message to Alice, Bob must have to use his own private key. Message to be
transmitted after encryption of message using Bob’s public key.

Alice has received message and she can decrypt the message using Bob’s public key.

Mathematically, if is represented,

Y=E(Pr(B),X)

X=D(Pu(B),Y)

-where Pr(B)=Bob’s private key and Pu(B)=Bob’s public key.

Example:

Rivesh Shamir Adlman(RSA) and Diffie Hellman Key.

Advantages:

1. If data is transmitting on insecure channel, but key cannot distributing among sender and
receiver.
2. Separate key is used for encryption and decryption, even if encrypted message is stolen by
attacker he/she cannot decrypt the message
3. Easy to use for user.

Disadvantages:

1. Asymmetric key use more resource in compare to symmetric key cryptography.

2. More mathematical calculation required.
3. Slower in compare to symmetric key cryptography.

Confidentiality in public key cryptography:

Cryptosystem Authentication and security

Key Applications:

• Data Confidentiality (Encryption):

A sender uses the recipient's public key to encrypt a message, making it unreadable to anyone except
the recipient, who can then decrypt it using their corresponding private key.

• Digital Signatures:

This process uses the sender's private key to "sign" a message, providing authentication and non-
repudiation. The recipient can then use the sender's public key to verify that the message came from
the legitimate sender and hasn't been tampered with.

• Secure Communication:

Over insecure channels like the internet, public key cryptography allows for the secure establishment
of a shared secret key between two parties. This shared secret key (a "session key") can then be used
for fast symmetric encryption of the data during a communication session.

• Key Management:

Public-key systems provide a way to manage and distribute keys securely, as the private keys are
never shared.

RSA Algorithm in Cryptography:

RSA(Rivest-Shamir-Adleman) Algorithm is an asymmetric or public-key cryptography algorithm

which means it works on two different keys: Public Key and Private Key. The Public Key is used
for encryption and is known to everyone, while the Private Key is used for decryption and must be
kept secret by the receiver.

It relies on the computational difficulty of factoring large prime numbers.

Key Generation:

• Choose two large prime numbers, p and q. These numbers are kept secret.

• Calculate n = p * q. This value n is part of both the public and private keys.

• Calculate Euler's totient function, φ(n) = (p - 1) * (q - 1).

• Choose an integer e (public exponent) such that 1 < e < φ(n) and e is coprime
to φ(n) (i.e., gcd(e, φ(n)) = 1).

• Calculate d (private exponent) such that (d * e) mod φ(n) = 1. This d is the modular
multiplicative inverse of e modulo φ(n). The Extended Euclidean Algorithm is typically used
to find d.

• Public Key: (e, n)

• Private Key: (d, n)

Encryption:

To encrypt a plaintext message m using the recipient's public key (e, n):

Ciphertext (c) = m^e mod n

Decryption:

To decrypt a ciphertext c using the recipient's private key (d, n):

Plaintext (m) = c^d mod n

Example:

• Key Generation:

o Choose p = 11, q = 13.

o n = p * q = 11 * 13 = 143.

o φ(n) = (p - 1) * (q - 1) = 10 * 12 = 120.

o Choose e = 7 (since gcd(7, 120) = 1).

o Calculate d such that (7 * d) mod 120 = 1. In this case, d = 103.

o Public Key: (7, 143)

o Private Key: (103, 143)

• Encryption:
o Suppose the message m=9.
o c = 9^7 mod 143 = 48.
• Decryption:
o The received ciphertext is c=48.
 o m = 48^103 mod 143 = 9

Advantages
• Security: RSA algorithm is considered to be very secure and is widely used
for secure data transmission.
• Public-key cryptography: RSA algorithm is a public-key cryptography
algorithm, which means that it uses two different keys for encryption and
decryption. The public key is used to encrypt the data, while the private key is
used to decrypt the data.
• Key exchange: RSA algorithm can be used for secure key exchange, which
means that two parties can exchange a secret key without actually sending
the key over the network.
• Digital signatures: RSA algorithm can be used for digital signatures, which
means that a sender can sign a message using their private key, and the
receiver can verify the signature using the sender's public key.
• Widely used: Online banking, e-commerce, and secure communications are
just a few fields and applications where the RSA algorithm is extensively
developed.

Disadvantages
• Slow processing speed: RSA algorithm is slower than other encryption
algorithms, especially when dealing with large amounts of data.
• Large key size: RSA algorithm requires large key sizes to be secure, which
means that it requires more computational resources and storage space.
• Vulnerability to side-channel attacks: RSA algorithm is vulnerable to side-
channel attacks, which means an attacker can use information leaked through
side channels such as power consumption, electromagnetic radiation, and
timing analysis to extract the private key.
• Limited use in some applications: RSA algorithm is not suitable for some
applications, such as those that require constant encryption and decryption of
large amounts of data, due to its slow processing speed.
• Complexity: The RSA algorithm is a sophisticated mathematical technique
that some individuals may find challenging to comprehend and use.
• Key Management: The secure administration of the private key is necessary
for the RSA algorithm, although in some cases this can be difficult.
DIFFIE HELLMAN KEY EXCHANGE:
Diffie-Hellman key agreement protocol is an exponential key agreement
protocol that allows two users to exchange a secret key.
The Diffie-Hellman key exchange algorithm allows two parties to establish a
shared secret key over an insecure communication channel, without the key ever
being directly transmitted. This shared secret can then be used for symmetric
encryption to secure subsequent communications.
It is not an encryption or decryption algorithm, but an asymmetric key
cryptography technique used for exchanging keys between the sender and the
receiver.

Algorithm:
Example:

α = 7 and q = 23.
The steps are as follows:
1. Alice chooses XA = 3 and calculates YA = 73 mod 23 = 21.
2. Alice sends the number 21 to Bob.
3. Bob chooses XB = 6 and calculates YB = 76 mod 23 = 4.
4. Bob sends the number 4 to Alice.
5. Alice calculates the symmetric key KA = 43 mod 23 = 18.
6. Bob calculates the symmetric key KB = 216 mod 23 = 18.
The value of K is the same for both Alice and Bob;
G xy mod N = 718 mod 23 = 18.

Applications:
o Diffie-Hellman is currently used in many protocols, namely:
o Secure Sockets Layer (SSL)/Transport Layer Security (TLS)
o Secure Shell (SSH)
o Internet Protocol Security (IPSec)
o Public Key Infrastructure (PKI)