CRYPTOGRAPHY - TABA

MSc in Cybersecurity

Jaganath Kaliyamoorthy

Student ID: 19198868

School of Computing
National College of Ireland

Lecturer: Dr. Muhammad Iqbal

 JAGANATH KALIYAMOORTHY (x19198868)

M.SC IN CYBERSECURITY

CRYPTOGRAPHY - TABA

1) Student ID: 19198868

Middle digit: 191-98-868

Sum = A+B = 9+8 = 17

Random number between 10 to 40 =13

R = 13

N = R + Sum

N= 13 + 17 = 30

N=30

2) Plaintext with N number of characters:

Hellothisisfinalsubmissiontbaa = 30 characters

3) The aim of the above question is to provide confidentiality, integrity and non-
repudiation of the data which is been transferred. There is no single way to achieve
this, so we have taken number of methods and approach to achieve them.

Method 1: Asymmetric Encryption and Digital Signature:

Method 1: RSA encryption and RSA digital signature

With reference to the above illustration, we can see that the plain text is encrypted
using receivers public key using RSA encryption scheme, this ensures the
confidentiality of the communication. On the other hand, the plain text has been
encrypted using the sender’s private key and using RSA digital signature the message
has been signed and embedded with the cipher text. Now at the receivers end, the
cipher text has been decrypted using the receivers private key, thus ensuring the
message was confidential, to verify where the integrity and non-repudiation of the
message is unhalted, we decrypt the message using the sender’s public key and verify
the signature and the decrypted message is similar, if it is then the message received
is the message send by the sender. Thus, the confidentiality, data integrity and non-
repudiation of the message has been ensured.

Limitations:

• The key generation of RSA Digital key is very slow

• RSA cryptography itself is slow compared to symmetric key cryptography.
• The reliability of public key is verified using third parties.
• The private key needs to be safer, loss of key could result in loss of data.

Method 2: Block/Stream Cipher, Hash and Digital Signature:

Method 2: Vigenere, Hash, and RSA Digital Signature

In this method, we have used Vigenere cipher along with Hash and Digital signature.
Here the plain text has been encrypted using the shared secret key. On the other
hand, the hash of the plain text has been calculated and encrypted using the sender’s
Private key. Now this serves as the digital signature and it has been embedded along
with the cipher text. Now it has been sent to the receiver. The Receiver decrypts the
message using the shared secret key and obtains the plain text. Now the hash of this
text has been calculated and on the other hand the digital signature has been
encrypted using the senders public key. Now the hash of that is calculated and then it
has been compared and checked, if the value is same then the plain text is not
modified.
Limitation:

• The key will be repeated in vigenere cipher which results in leakage of

information.
• RSA digital signature is very slow.
• Since using hash function, encryption process and RSA digital signature, the
process is so complex, and it takes so much time for ensuring the process.

Method 3: Vigenere Cipher and Digital Signature:

In the final method, we can use the Vigenere cipher and RSA digital signature. The
plain text has been encrypted using the shared private key and on the other hand the
message has been encrypted using sender’s private key. Then both are embedded
and provided to the receiver, then the receiver decrypts the cipher text using the
shared secret key and then the Signature has been decrypted using the sender’s
public key. Then the value has been compared and verified. If it is changed then the
text has been altered. Thus, we have ensured the confidentiality, integrity, and non-
repudiation has been ensured.

Method 3: Vigenere Cipher and RSA Digital Signature

Limitations:

• The key will be repeated in vigenere cipher which results in leakage of

information.
• RSA digital signature is very slow.
• Vigenere cipher is breakable and can not a strong algorithm for modern
computation power.
4) Symmetric key cryptography has been performed between peter and mark, and the
communication can be made in a secure way through using a strong encryption
algorithm, by exchanging the key securely, and keeping the key secure and perfectly
secret. For this approach, we have taken one-time pad and Diffie Hellman method.
The plain text message has been encrypted using the shared private key. This key
has been exchanged through Diffie Hellman method. Once both the sender and
receiver in this case Peter and Mark has exchanged the key, the encryption has been
initiated. Here for the plain text and the key length should be the same. In order to
make the key perfectly secret. Here Peter uses the key length same as the message
and encrypt them using one-time pad and at the receiver end mark decrypts them
using the same key and obtains the plaintext. The block diagram of the illustrated
method is provided in the below figure.

One-time pad Symmetric Encryption

Since one-time pad is highly strong encryption algorithm, breaking the algorithm is
nearly impossible. The Diffie Hellman is used to exchange the key securely. Finally,
by using the key length which is similar to the key allows the key to be perfectly secure
and makes it highly difficult to the attacker to brute force the key or guess the key.

Proposed requirements:

• Using Secure key exchange method,

• Using strong encryption algorithm,
• Keeping the key perfectly secret (perfect secrecy).
 Limitations of Symmetric Cryptography:

• Exhaustion of key:

One of the major limitations is key exhaustion, as the key can leak information and
due to this the one time pad is used and the key length has to be same of the
message and the same key will not be used again, this leads to key exhaustion.

• Key management:

For small scale, the key can be managed however, for each communication if the
key needs to maintain then it becomes a chaos. So key management is one of the
major limitations of Symmetric key encryption.

• Attribution Data:

Unlike public key cryptography the symmetric key cryptography doesn’t provide
embedded attributes like expiry and access control for encrypting and decrypting
the file.

• Key Distribution:

Since Diffie Hellman method doesn’t come with authentication, the key can be
altered and man in the middle attack is possible, so key distribution in a secure
channel is one of the major concerns in symmetric cryptography.

To overcome these limitations, we can choose Asymmetric encryption over

symmetric encryption.

5) For this question, we can consider the method 3, and the whole process of encryption,
decryption, digital signature, and the calculations have been provided below,

Chosen Plain Text is “hellothisisfinalsubmissiontbaa”

 a b c d e f g h i j k l m
1 2 3 4 5 6 7 8 9 10 11 12 13
n o p q r s t u v w x y z
14 15 16 17 18 19 20 21 22 23 24 25 26

Let us assume the secret key has been shared between the sender and the receiver
in before hand and then the process of encryption is happening. For instance, the key
could have been exchanged using a Diffie-Hellman method securely. Then both the
parties are using the Vigenere table encrypting and decrypting the message.

Vigenere Table

Let us assume the key as “cryptography” for the encryption and decryption process,
Using the vigenere table we have calculated the cipher text and reversed the
ciphertext to plain text using the same key.
 Plai
ntex
t h e l l o t h i s i s f i n a l s u b m i s s i o n t b a a
Enc
rypt
Key c r y p t o g r a p h y c r y p t o g r a p h y c r y p t o
ion
Cip
hert
ext j v j a h h n z s x z d k e y a l i h d i h z g q e r q t o

Cipher Text = jvjahhnzsxzdkeyalihdihzgqerqto

Cip
hert
Dec ext j v j a h h n z s x z d k e y a l i h d i h z g q e r q t o
rypt Key c r y p t o g r a p h y c r y p t o g r a p h y c r y p t o
ion Plai
ntex
t h e l l o t h i s i s f i n a l s u b m i s s i o n t b a a
So, one part of the process been completed, next we need to verify the digital signature
of the message, for that we are considering RSA Digital signature.

Signing and verification of the digital signature:

So, the message sends and received are verified using the RSA signature as well.
Thus, the communication is protected for Confidentiality, Integrity and Non-
repudiation using the proposed method.