BCY402: ELEMENTS OF CYBER SECURITY

(Effective from the academic year 2022-2023)

Semester: 04 Credits: 04
Number of Contact Hours/Week 3:0:2:0 CIE Marks: 50
Total Number of Hours: 40 Exam Marks: 50

Module - V
Cryptography Concepts and Techniques:
• Introduction
• Plain text and Cipher Text
• Substitution Techniques
• Transposition Techniques
• Encryption and Decryption
• Symmetric and Asymmetric Key Cryptography
• Steganography
• Key Range and Key Size
• Possible types of Attacks

Dept. of CSE (CY), RNSIT Page 1

Module-V BCY402: ECS

Introduction
This is the age of universal electronic connectivity, where the activities like hacking,
viruses, electronic fraud are very common. Unless security measures are taken, a network
conversation or a distributed application can be compromised easily.

Some simple examples are:

1. Online purchases using a credit/debit card.

2. A customer unknowingly being directed to a false website.
3. A hacker sending a message to person pretending to be someone else.

Network Security has been affected by two major developments over the last several decades. First
one is introduction of computers into organizations and the second one being introduction of
distributed systems and the use of networks and communication facilities for carrying data between
users & computers. These two developments lead to ‘computer security’ and ‘network security’,
where the computer security deals with collection of tools designed to protect data and to thwart
hackers. Network security measures are needed to protect data during transmission. But keep in
mind that, it is the information and our ability to access that information that we are really trying to
protect and not the computers and networks.
Why We Need Information Security?
Because there are threats: Threats A threat is an object, person, or other entity that represents a
constant danger to an asset The 2007 CSI survey

• 494 computer security practitioners

• 46% suffered security incidents
• 29% reported to law enforcement
• Average annual loss $350,424
• Most prevalent security problem
• Insider abuse of network access
• Email

Definitions
➢ Cybersecurity -is the protection of information that is stored, transmitted, and processed in
a networked system of computers, other digital devices, and network devices and
transmission lines, including the Internet.
➢ Computer Security - generic name for the collection of tools designed to protect data and
to thwart hackers
➢ Network Security - measures to protect data during their transmission.
➢ Internet Security - measures to protect data during their transmission over a collection of
interconnected networks our focus is on Internet Security which consists of measures to
deter, prevent, detect, and correct security violations that involve the transmission & storage
of information.
Dept. of CSE (CY), RNSIT Page 2
Module-V BCY402: ECS

Security Objectives:
The cybersecurity definition introduces three key objectives that are at the heart of information and
network security:

1. Confidentiality: This term covers two related concepts:

❖ Data confidentiality: Assures that private or confidential information is not made
available or disclosed to unauthorized individuals.
❖ Privacy: Assures that individuals control or influence what information related to them
may be collected and stored and by whom and to whom that information may be
disclosed.
2. Integrity: This term covers two related concepts:
❖ Data integrity: Assures that data (both stored and in transmitted packets) and programs
are changed only in a specified and authorized manner.
❖ System integrity: Assures that a system performs its intended function in an
unimpaired manner, free from deliberate or inadvertent unauthorized manipulation of
the system.
3. Availability: Assures that systems work promptly, and service is not denied to authorized
users
4. Authenticity: The property of being genuine and being able to be verified and trusted; confidence
in the validity of a transmission, a message, or message originator.
5. Accountability: The security goal that generates the requirement for actions of an entity to be
traced uniquely to that entity.

THE OSI SECURITY ARCHITECTURE

The OSI security architecture focuses on security attacks, mechanisms, and services. These can be
defined briefly as:

• Security attack: Any action that compromises the security of information owned by an
organization.
• Security mechanism: A process (or a device incorporating such a process) that is designed
to detect, prevent, or recover from a security attack.
• Security service: A processing or communication service that enhances the security of the
data processing systems and the information transfers of an organization.

Dept. of CSE (CY), RNSIT Page 3

Module-V BCY402: ECS

• Threat: Any circumstance or event which impact organizational operations, assets,

individuals via unauthorized access, destruction, disclosure, modification of information,
and/or denial of service.
• Attack: Any malicious activity attempts to collect, disrupt, deny, degrade, or destroy
information system resources or the information itself.

Security Attack
Any action that compromises the security of information owned by an organization information
security is about how to prevent attacks, or failing that, to detect attacks on information-based
systems often threat & attack used to mean same thing have a wide range of attacks can focus of
generic types of attacks

➢ Passive
➢ Active

Active attacks: Modification of the data stream or the creation of a false stream

➢ Masquerade: Takes place when one entity pretends (pose as) to be a different entity.
➢ Replay: The passive capture of a data unit and its subsequent retransmission to produce an
unauthorized effect.
➢ Denial of service: Prevents the normal use of communication facilities.
➢ Data modification: Involve a man-in-the middle attack, in which the attacker selectively
modifies communicated data between a client and server

Dept. of CSE (CY), RNSIT Page 4

Module-V BCY402: ECS

Passive attacks: No modification the data stream.

Security Services (X.800)

It is a processing or communication service that is provided by a system to give a specific
kind of production to system resources. Security services implement security policies and are
implemented by security mechanisms.

Dept. of CSE (CY), RNSIT Page 5

Module-V BCY402: ECS

Confidentiality: Confidentiality is the protection of transmitted data from passive attacks. It is

used to prevent the disclosure of information to unauthorized individuals or systems. It has been
defined as “ensuring that information is accessible only to those authorized to have access”.

The other aspect of confidentiality is the protection of traffic flow from analysis. Ex: A credit card
number has to be secured during online transaction.

Authentication: This service assures that a communication is authentic. For a single message
transmission, its function is to assure the recipient that the message is from intended source. For an
ongoing interaction two aspects are involved. First, during connection initiation the service assures
the authenticity of both parties. Second, the connection between the two hosts is not interfered
allowing a third party to masquerade as one of the two parties. Two specific authentication services
defines in X.800 are

Peer entity authentication: Verifies the identities of the peer entities involved in communication.
Provides use at time of Media connection establishment and during data transmission. Provides
confidence against a masquerade or replay attack

Data origin authentication: Assumes the authenticity of source of data unit, but does not provide
protection against duplication or modification of data units. Supports applications like electronic
mail, where no prior interactions take place between communicating entities.

Integrity: Integrity means that data cannot be modified without authorization. Like
confidentiality, it can be applied to a stream of messages, a single message or selected fields within
a message. Two types of integrity services are available. They are:

Connection-Oriented Integrity Service: This service deals with a stream of messages, assures
that messages are received as sent, with no duplication, insertion, modification, reordering or
replays. Destruction of data is also covered here. Hence, it attends to both message stream
modification and denial of service.

Connectionless-Oriented Integrity Service: It deals with individual messages regardless of larger

context, providing protection against message modification only. An integrity service can be
applied with or without recovery. Because it is related to active attacks, major concern will be
detection rather than prevention.

Non-repudiation: Non-repudiation prevents either sender or receiver from denying a transmitted

message. This capability is crucial to e-commerce. Without it an individual or entity can deny that
he, she or it is responsible for a transaction, therefore not financially liable.

Access Control: This refers to the ability to control the level of access that individuals or entities
have to a network or system and how much information they can receive. It is the ability to limit
and control the access to host systems and applications via communication links.

Availability: It is defined to be the property of a system Media or a system resource being

accessible and usable upon demand by an authorized system entity. The availability can
significantly be affected by a variety of attacks, some amenable to automated counter measures

Dept. of CSE (CY), RNSIT Page 6

Module-V BCY402: ECS

Security Mechanisms
According to X.800, the security mechanisms are divided into those implemented in a specific
protocol layer and those that are not specific to any particular protocol layer or security service.

Specific Security Mechanisms

Incorporated into the appropriate protocol layer in order to provide some of the OSI security
services, Encipherment: It refers to the process of applying mathematical algorithms for
converting data into a form that is not intelligible. This depends on algorithm used and encryption
keys.
Digital Signature: The appended data or a cryptographic transformation applied to any data unit
allowing to prove the source and integrity of the data unit and protect against forgery.
Access Control: A variety of techniques used for enforcing access permissions to the system
resources.
Data Integrity: A variety of mechanisms used to assure the integrity of a data unit or stream of
data units.
Authentication Exchange: A mechanism intended to ensure the identity of an entity by means of
information exchange.
Traffic Padding: The insertion of bits into gaps in a data stream to frustrate traffic analysis
attempts. Routing Control: Enables selection of particular physically secure routes for certain data
and allows routing changes once a breach of security is suspected.
Notarization: The use of a trusted third party to assure cert in properties of a data exchange

Pervasive Security Mechanisms

These are not specific to any particular OSI security service or protocol layer.
✓ Trusted Functionality: That which is perceived to b correct with respect to some criteria
✓ Security Level: The marking bound to a resource (which may be a data unit) that names or
designates the security attributes of that resource.
✓ Event Detection: It is the process of detecting all the events related to network security.
✓ Security Audit Trail: Data collected and potentially used to facilitate a security audit,
which is an independent review and examination of system records and activities.
✓ Security Recovery: It deals with requests from mechanisms, such as event handling and
management functions, and takes recovery actions.

Dept. of CSE (CY), RNSIT Page 7

Module-V BCY402: ECS

Cryptography
Cryptography, or cryptology, is the practice and study of techniques for secure communication in
the presence of adversarial behavior.

Some basic terminologies used

1. CIPHER TEXT - the coded message

2. CIPHER - algorithm for transforming plaintext to cipher text
3. KEY - info used in cipher known only to sender/receiver
4. ENCIPHER (ENCRYPT) - converting plaintext to cipher text
5. ECIPHER (DECRYPT) - recovering cipher text from plaintext
6. CRYPTOGRAPHY - study of encryption principles/methods
7. CRYPTANALYSIS (CODEBREAKING) - the study of principles/ methods of
deciphering cipher text without knowing key
8. CRYPTOLOGY - the field of both cryptography and cryptanalysis

Symmetric Cipher Model

A symmetric encryption scheme has five ingredients:

▪ Plaintext: This is the original intelligible message or data that is fed into the algorithm as
input.
▪ Encryption algorithm: The encryption algorithm performs various substitutions and
transformations on the plaintext.
▪ Secret key: The secret key is also input to the encryption algorithm. The key is a value
independent of the plaintext and of the algorithm. The algorithm will produce a different
output depending on the specific key being used at the time.

Dept. of CSE (CY), RNSIT Page 8

Module-V BCY402: ECS

▪ Ciphertext: This is the scrambled message produced as output. It depends on the plaintext
and the secret key. For a given message, two different keys will produce two different
ciphertext. The ciphertext is an apparently random stream of data and, as it stands, is
unintelligible.
▪ Decryption algorithm: This is essentially the encryption algorithm run in reverse. It takes
the ciphertext and the secret key and produces the original plaintext.

There are two requirements for secure use of conventional encryption:

1. We need a strong encryption algorithm. At a minimum, we would like the algorithm to be

such that an opponent who knows the algorithm and has access to one or more ciphertext
would be unable to decipher the ciphertext or figure out the key.
2. Sender and receiver must have obtained copies of the secret key in a secure fashion and
must keep the key secure.

Dept. of CSE (CY), RNSIT Page 9

Module-V BCY402: ECS

Classical Encryption Techniques

There are two basic building blocks of all encryption techniques: substitution and transposition.
Substitution Techniques
In which each element in the plaintext is mapped into another element.

1. Caesar Cipher
2. Monoalphabetic cipher
3. Playfair Cipher
4. Hill Cipher
5. Polyalphabetic Cipher
6. One Time Pad

1. Caesar Cipher

The earliest known, and the simplest, use of a substitution cipher was by Julius Caesar.

Dept. of CSE (CY), RNSIT Page 10

Module-V BCY402: ECS

Dept. of CSE (CY), RNSIT Page 11

Module-V BCY402: ECS

Shift Cipher and Pros, Cons

2. Monoalphabetic cipher

With only 25 possible keys, the Caesar cipher is far from secure.

Dept. of CSE (CY), RNSIT Page 12

Module-V BCY402: ECS

Comparing this breakdown with below figure, it seems likely that cipher letters P and Z are the
equivalents of plain letters e and t, but it is not certain which is which. The letters S, U, O, M, and
H are all of relatively high frequency and probably correspond to plain letters from the set {a, h, i,
n, o, r, s}. The letters with the lowest frequencies (namely, A, B, G, Y, I, J) are likely included in
the set {b, j, k, q, v, x, z}.

Dept. of CSE (CY), RNSIT Page 13

Module-V BCY402: ECS

Example

Dept. of CSE (CY), RNSIT Page 14

Module-V BCY402: ECS

3. Playfair Cipher
➢ In this scheme, pairs of letters are encrypted, instead of single letters as in the case of
simple substitution cipher.
➢ It is also known as square or Wheatstone-Playfair cipher and Invented in 1854 by Charles
Wheatstone ,promoted by Lord Playfair
➢ In Playfair cipher, initially a key table is created. The key table is a 5×5 grid of alphabets
that acts as the key for encrypting the plaintext. Each of the 25 alphabets must be unique
and one letter of the alphabet (usually J) is omitted from the table as we need only 25
alphabets instead of 26. If the plaintext contains J, then it is replaced by I.
➢ 5 X 5 matrix constructed using a keyword/Key (Ex: Monarchy)

Dept. of CSE (CY), RNSIT Page 15

Module-V BCY402: ECS

Dept. of CSE (CY), RNSIT Page 16

Module-V BCY402: ECS

Example:

Dept. of CSE (CY), RNSIT Page 17

Module-V BCY402: ECS

4. Polyaphabetic Cipher

Example:

Dept. of CSE (CY), RNSIT Page 18

Module-V BCY402: ECS

Vernam Cipher

• Introduced by an AT&T engineer named Gilbert Vernam in 1918.

• Uses long key-difficult for attacker

5. One Time Pad (OTP)

Dept. of CSE (CY), RNSIT Page 19

Module-V BCY402: ECS

6. Hill Cipher

Dept. of CSE (CY), RNSIT Page 20

Module-V BCY402: ECS

Dept. of CSE (CY), RNSIT Page 21

Module-V BCY402: ECS

Dept. of CSE (CY), RNSIT Page 22

Module-V BCY402: ECS

Dept. of CSE (CY), RNSIT Page 23

Module-V BCY402: ECS

❖ Transposition Techniques:
➢ All the techniques examined so far involve the substitution of a cipher text symbol for a
plaintext symbol. A very different kind of mapping is achieved by performing some sort
of permutation on the plaintext letters. This technique is referred to as a transposition
cipher.
➢ Types: Rail Fence Technique
Row Column Transposition

Rail Fence Technique

Dept. of CSE (CY), RNSIT Page 24

Module-V BCY402: ECS

Row Column Transposition

Dept. of CSE (CY), RNSIT Page 25

Module-V BCY402: ECS

❖ Steganography
A plaintext message may be hidden in any one of the two ways. The methods of Steganography
conceal the existence of the message, whereas the methods of cryptography render the message
unintelligible to outsiders by various transformations of the text.
A simple form of Steganography, but one that is time consuming to construct is one in which an
arrangement of words or letters within an apparently innocuous text spells out the real message.
e.g., (i) the sequence of first letters of each word of the overall message spells out the real (hidden)
message. (ii) Subset of the words of the overall message is used to convey the hidden message.
Various other techniques have been used historically, some of them are:

➢ Character marking – selected letters of printed or typewritten text are overwritten in pencil.
The marks are ordinarily not visible unless the paper is held to an angle to bright light.
➢ Invisible ink – a number of substances can be used for writing but leave no visible trace until
heat or some chemical is applied to the paper.
➢ Pin punctures – small pin punctures on selected letters are ordinarily not visibleunless the
paper is held in front of the light.
➢ Typewritten correction ribbon – used between the lines typed with a black ribbon, the results
of typing with the correction tape are visible only under a strong light.

Drawbacks of Steganography
➢ Requires a lot of overhead to hide a relatively few bits of information.
➢ Once the system is discovered, it becomes virtually worthless.

❖ Symmetric Key Cryptography

➢ It uses only one key for the process of both the encryption and decryption of data. Thus, it is
also known as Single-Key Encryption.
➢ A few basic terms in Cryptography are as follows:
✓ Plain Text: original message to be communicated between sender and receiver
✓ Cipher Text: encoded format of the original message that cannot be understood by
humans
✓ Encryption (or Enciphering): the conversion of plain text to cipher text
✓ Decryption (or Deciphering): the conversion of cipher text to plain text, i.e., reverse of
encryption

Dept. of CSE (CY), RNSIT Page 26

Module-V BCY402: ECS

1. Plain Text (x): This is the original data/message that is to be communicated to the receiver
by the sender. It is one of the inputs to the encryption algorithm.
2. Secret Key (k): It is a value/string/textfile used by the encryption and decryption algorithm to
encode and decode the plain text to cipher text and vice-versa respectively. It is independent of
the encryption algorithm. It governs all the conversions in plain text. All the substitutions and
transformations done depend on the secret key.
3. Encryption Algorithm (E): It takes the plain text and the secret key as inputs and produces
Cipher Text as output. It implies several techniques such as substitutions and transformations on
the plain text using the secret key.
E(x, k) = y
4. Cipher Text (y): It is the formatted form of the plain text (x) which is unreadable for
humans, hence providing encryption during the transmission. It is completely dependent upon
the secret key provided to the encryption algorithm. Each unique secret key produces a unique
cipher text.
5. Decryption Algorithm (D): It performs reversal of the encryption algorithm at the recipient’s
side. It also takes the secret key as input and decodes the cipher text received from the sender
based on the secret key. It produces plain text as output.
D(y, k) = x

Dept. of CSE (CY), RNSIT Page 27

Module-V BCY402: ECS

Symmetric Key Encryption: Data Encryption Standard

In particular, Feistel proposed the use of a cipher that alternates substitutions and permutations,
where these terms are defined as follows:
▪ ■ Substitution: Each plaintext element or group of elements is uniquely replaced by a
corresponding ciphertext element or group of elements.

Dept. of CSE (CY), RNSIT Page 28

Module-V BCY402: ECS

▪ ■ Permutation: A sequence of plaintext elements is replaced by a permutation of that

sequence. That is, no elements are added or deleted or replaced in the sequence, rather the order
in which the elements appear in the sequence is changed

Asymmetric Key Cryptography

In asymmetric Key cryptography, there are two keys, also known as key pairs: a public key and
a private key. The public key is publicly distributed. Anyone can use this public key to encrypt
messages, but only the recipient, who holds the corresponding private key, can decrypt those
messages.

Dept. of CSE (CY), RNSIT Page 29

Module-V BCY402: ECS

Principles of Public Key Cryptosystem

Dept. of CSE (CY), RNSIT Page 30

Module-V BCY402: ECS

Public Key Cryptosystem: RSA

RSA algorithm is an asymmetric cryptography algorithm. Asymmetric actually means that it
works on two different keys i.e., Public Key and Private Key. As the name describes that the
Public Key is given to everyone and the Private key is kept private.

To make it easy to understand, we'll use very small numbers, but in real-world RSA, these numbers
are enormously large.

Example 1:
A. Key Generation:
1. Choose two prime numbers: Let's say p = 3 and q = 11.
2. Calculate n: n = p * q = 3 * 11 = 33.
3. Calculate φ(n) (phi of n): φ(n) = (p - 1) * (q - 1) = 2 * 10 = 20.
4. Choose a number 'e' (public key exponent) that is less than φ(n) and coprime to it
(meaning they share no common factors other than 1). Let's say e = 7.
5. Calculate 'd' (private key exponent): 'd' is the modular multiplicative inverse of 'e'
modulo φ(n). In simpler terms, (d * e) % φ(n) must equal 1. In our case, d = 3
because (3 * 7) % 20 = 1.
6. Public key: (n, e) = (33, 7)
7. Private key: (n, d) = (33, 3)
B. Encryption:
1. Let's say the message we want to encrypt is 'm' = 2.
2. The encrypted message 'c' is calculated as: c = m^e mod n.
3. So, c = 2^7 mod 33 = 128 mod 33 = 29.
4. The encrypted message is 29.
C. Decryption:
1. To decrypt the message, we use the private key: m = c^d mod n.
2. So, m = 29^3 mod 33 = 24389 mod 33 = 2.
3. We get back our original message, 2.
In essence:
• Someone with the public key (33, 7) can encrypt a message.
• Only someone with the private key (33, 3) can decrypt it.

Example 2:
For this example, the keys were generated as follows.
1. Select two prime numbers, p = 17 and q = 11.
2. Calculate n = pq = 17 * 11 = 187.
3. Calculate f(n) = (p- 1)(q- 1) = 16 * 10 = 160.
4. Select e such that e is relatively prime to f(n) = 160 and less than f(n); we choose e = 7.
5. Determine d such that de K 1 (mod 160) and d 6 160. The correct value is d = 23, because 23 * 7
= 161 = (1 * 160) + 1; d can be calculated using the extended Euclid’s algorithm.
The resulting keys are public key PU = {7, 187} and private key PR = {23, 187}.

Dept. of CSE (CY), RNSIT Page 31

Module-V BCY402: ECS

The example shows the use of these keys for a plaintext input of M = 88. For encryption, we need
to calculate C = 887 mod 187. Exploiting the properties of modular arithmetic, we can do this as
follows:
887 mod 187 = [(884 mod 187) * (882 mod 187)
* (881 mod 187)] mod 187
881 mod 187 = 88
882 mod 187 = 7744 mod 187 = 77
884 mod 187 = 59,969,536 mod 187 = 132
887 mod 187 = (88 * 77 * 132) mod 187 = 894,432 mod 187 = 11

For decryption, we calculate M = 1123 mod 187:

1123 mod 187 = [(111 mod 187) * (112 mod 187) * (114 mod 187)
* (118 mod 187) * (118 mod 187)] mod 187
111 mod 187 = 11
112 mod 187 = 121
114 mod 187 = 14,641 mod 187 = 55
118 mod 187 = 214,358,881 mod 187 = 33
1123 mod 187 = (11 * 121 * 55 * 33 * 33) mod 187
= 79,720,245 mod 187 = 88

❖ Key Range and Key Size:

The cryptanalysis armed with the following information:
• The encryption/decryption algorithm
• The encrypted message
• Knowledge about the key size (e.g. the value of the key is a number between 0 and 100
billion).
For example, consider the brute force attack here, which works on the principle of trying every possible key
in the key range, until you get the right key.

Dept. of CSE (CY), RNSIT Page 32

Module-V BCY402: ECS

With every incremental bit, the attacker has to perform double the number of operations as
compared to the previous key size. It is found that for a 56-bit key, it takes 1 second to search 1
percent of the key range. Taking this argument further, it takes about 1 minute to search about half
of the key range (which is what is required, on an average, to crack a key). Using this as the basis,

Dept. of CSE (CY), RNSIT Page 33

Module-V BCY402: ECS

let us have a look at the similar values (time required for a search of 1 percent and 50 percent of the
key space) for various key sizes. This is shown in Table

We can represent the possible values in the key range using hexadecimal notation and see visually
how an increase in the key size increases the key range and therefore, the complexity for an
attacker
Possible Types of Attack
1. Brute Force Attacks
Mitigation: longer encryption keys and implementing mechanisms that lock out attackers
after multiple failed attempts.
2. Man-in-the-Middle (MITM) Attacks- Use VPN
3. Cryptanalysis Attacks: flaws in the design
4. Phishing And Social Engineering Attacks
5. Side-Channel Attacks: Target data exposed during cryptographic procedures, such as time
or power usage.
6. DNS Spoofing
7. SQL Injection
8. XSS Attack

Dept. of CSE (CY), RNSIT Page 34

Module-V BCY402: ECS

Dept. of CSE (CY), RNSIT Page 35