ICS_Unit-I_Foundations of Information Security
TY BTech Semester-V (AY 2023-24)
Computer Science and Engineering
Disclaimer:
a. Information included in these slides came from multiple sources. We have tried our best to cite the sources. Please refer to the references to learn about the sources,
when applicable.
b. The slides should be used only for preparing notes, academic purposes (e.g. in teaching a class), and should not be used for commercial purposes.
Information and Cyber Security (CET3004B) Examination Scheme: Credit: 3+1 
Class Continuous Assessment: 30 Marks
Lab Continuous Assessment: 30 Marks
End Semester Examination: 40 Marks
Information and Cyber Security: Unit - I 2
Information and Cyber Security Course Objectives: 
1. Knowledge:
(i) To focus on the models, tools, and techniques for enforcement of security with some emphasis on the use of cryptography. Students will learn security from multiple perspectives
(ii) To educate students on the fundamental principles and techniques of computer and network security
2. Skills:
(i) Acquire background on hash functions, authentication, firewalls, intrusion detection techniques (ii) Gain hands-on experience with programming and simulation techniques for security protocols
3. Attitude:
(i) Understand the tradeoffs and criteria/concerns for security countermeasure development (ii) Learn to apply methods for authentication, access control, intrusion detection and prevention
Information and Cyber Security: Unit - I 3
Course Outcomes:
• Analyze and resolve security issues in networks and computer systems to secure an IT infrastructure.
• Apply methods for authentication, access control, intrusion detection and prevention. • Develop policies and procedures to manage enterprise security risks.
• Evaluate and communicate the human role in security systems with an emphasis on ethics, social engineering vulnerabilities and training.
• Identify software security vulnerabilities, summarize and mitigate security risks associated with integrating systems.
4
Pre-requisites • Operating Systems and Computer Networks 
Information and Cyber Security: Unit - I 5
Syllabus
Unit: I | Foundations of Information Security: Information Security fundamentals, it’s need, Confidentiality, Integrity, Availability (CIA triad), Security Policies, Procedures, Guidelines, Standards Administrative Measures and Technical Measures, Attacks, Vulnerability, Security Goals, Security Services and Defense mechanisms Cryptographic Techniques: Conventional substitution and transposition ciphers, One-time Pad, Block cipher and Stream Cipher, Cipher modes of operations, Steganography. Symmetric Cryptographic Techniques: DES, AES | 9 Hrs |
|---|---|---|
Unit: II | Mathematical Foundations and Public Key Cryptography: Mathematics for Security: Modular Arithmetic, Euler’s theorem, Fermat Theorem, Euclidean Algorithm, Miller-Rabin Algorithm, Primality Test, Chinese Remainder Theorem, Discrete Logarithm, Asymmetric Key Cryptography: RSA algorithms. Hash algorithms: MD5, SHA1 | 9 Hrs |
Information and Cyber Security: Unit - I
6
Unit: III 
Unit: IV
Syllabus (Continue)
Authentication and Digital Signatures:
Use of Cryptography for authentication, Secure Hash function, Key Management and Distribution: Symmetric Key Distribution, Using Symmetric Encryption, Symmetric Key Distribution Using Asymmetric Encryption, Distribution of Public Keys
Cryptographic Key Infrastructures, Diffie-Hellman Key Exchange, Digital Certificates x509. Authentication Protocols: Remote, Mutual Authentication, Authentication Methods: Password, Two way methods, Biometric Authentications, Kerberos Security
Network and Cyber Security:
Networks Security Fundamentals, Layer-wise Security concerns, Firewalls: Packet filtering, Stateless and Stateful, Intrusion detection systems: host based, network based IDS, Secured Socket Layer Security, IP level IPSEC security, Email Security: PGP, S/MIME.
Cyber Security: Definition and origin, Cyber Crime and information security, Types of Cyber Crime, Classification of Cyber Criminals, Tools used in Cyber Crime, Challenges, Strategies, The Legal Perspective-Indian/Global Perspective, Types of Attack, Social Engineering, Cyber stalking, Ransomware.
9 Hrs
9 Hrs 7
Syllabus (Continue)
Unit: V | Cybersecurity Techniques, Tools and Laws: Introduction, Proxy servers and Anonymizers, Phishing, Password Cracking tools, Key-loggers and Spywares, DoS and DDoS, Viruses, Worms, Trapdoors, Salami attack, Man-in-the- middle attacks, Covert channels, SQL injection, Cyber Security Safeguards- Overview, Access control, Audit, Authentication, Biometrics. Cybercrime and Legal perspectives, Cyber laws Indian context, The Indian IT Act-Challenges, Amendments, Challenges to Indian Law and cybercrime Scenario in India, Indian IT Act and Digital Signatures. | 9 Hrs |
|---|
Information and Cyber Security: Unit - I 8
Syllabus (Continue)
1. Michael E. Whitman and Herbert J. Mattord, “Principles of Information Security”, Cengage Learning; ISBN: 1285448367 2. Christof Paa and Jan Pelzl, “Understanding Cryptography: A Textbook for Students and Practitioners”, Springer; ISBN: 3642041000 3. William Stallings and Lawrie Brown, “Computer Security: Principles and Practice”, Prentice Hall. Books:- (Reference) Swiderski, Frank and Syndex, “Threat Modeling”, Microsoft Press. 4. Ohn W. Rittinghouse, William M. Hancock, “Cyber Security Operations Handbook”, Elsevier Pub. 5. Deborah G Johnson, “Computer Ethics”, 4th Edition, Pearson Education Publication. 6. Earnest A. Kallman, J.P Grillo, “Ethical Decision making and IT: An Introduction with Cases”, McGraw Hill Publication. Supplementary Reading: Web Resources: 1. https://www.newhorizons.com/promotions/cybersecurity-ebooks MOOCs and Weblinks: COURSERA, NPTEL, etc. • https://nptel.ac.in/courses/106106129 • https://www.udemy.com/course/hands-on-penetration-testing-labs-30/ 9Information and Cyber Security: Unit - I |
|---|
Assign No. List of Assignments
1. Write a program using JAVA or Python or C++ to implement any classical cryptographic technique 2. Write a program using JAVA or Python or C++ to implement Feistal Cipher structure
3. Write a program using JAVA or Python or C++ to implement S-AES symmetric key algorithm 4. Write a program using JAVA or Python or C++ to implement RSA asymmetric key algorithm 5. Write a program using JAVA or Python or C++ to implement integrity of message using MD5 or SHA 6. Write a program using JAVA or Python or C++ to implement Diffie Hellman Key Exchange Algorithm 7. Write a program using JAVA or Python or C++ to implement Digital signature using DSA 8. Demonstrate Email Security using - PGP or S/MIME for Confidentiality, Authenticity and Integrity 9.Demonstration of secured web applications system using SSL certificates and its deployment in Apache tomcat server
10. Configuration and demonstration of Intrusion Detection System using Snort
10
11. Configuration and demonstration of NESSUS tool for vulnerability assessment
Guidelines for CCA and LCA
| ||
|---|---|---|
Examination Scheme | Marks | |
Class Continuous Assessment (CCA) | Mid-Term Theory Exam | 15 |
Component 1 (Active Learning) | 10 | |
Component 2 (Theory Assignment) | 05 | |
Laboratory Continuous Assessment (LCA) | Practical Performance | 10 |
Active Learning/Additional implementation/ Mini Project/On paper design | 10 | |
End term practical/Oral Examination | 10 | |
End Term | End Term Theory Examination | 40 |
Total Information and Cyber Security: Unit - I | 100 | |
11
Unit-I 
Foundations of Information Security & Cryptographic Techniques
Information and Cyber Security: Unit - I
12
Foundations of Information Security ❖ Cyber security or information security are the techniques of protecting computers, networks, programs and data from unauthorized access or attacks that are aimed for exploitation. 
Benjamin Franklin once said
Three people can keep a secret…....
…………. if two of them are dead!
Security is Not Easy to Achieve:
• Human tendency
• Problems of storage and communication
• Trust in all the parties
Information and Cyber Security: Unit - I
13
❑ Elements of Information Security
Key Security Concepts
❖ Confidentiality: protection of data from unauthorized user 
❖ Integrity: validity of data
❖ Availability
Information and Cyber Security: Unit - I
14
Don’t forget these roots !! Attacks -- Services -- Defense 
? 
Information and Cyber Security: Unit - I
15
Aspects of Security 
❖ consider 3 aspects of information security:
• security attack: Any action that compromises the security of information owned by an organization. • security mechanism: A process that is designed to detect, prevent, or recover from a security attack. • security service: A processing or communication service that enhances the security of the data processing systems and the information transfers of an organization.
❖ note terms
• threat: a potential for violation of security
• attack: an assault on system security, a deliberate attempt to evade security services
Information and Cyber Security: Unit - I
16
Security Attacks - Security threats Information 
source
a) Normal flow
Information destination
• Interruption – attack on availability • Interception – attack on confidentiality • Modification – attack on integrity • Fabrication – attack on authenticity e.g. Email Spoofing, SQL Injection
b) Interruption 
c) Interception
d) Modification
Information and Cyber Security: Unit - I
e) Fabrication
17
❖ Passive Attack: make use of information from the system but does not affect system resource
Observe pattern 
of messages
Note: in dealing with passive attacks is on prevention rather than detection. i.e. encryption
Information and Cyber Security: Unit - I
18
❖ Active Attack: modification of the data stream or the creation of a false stream 
Information and Cyber Security: Unit - I
19
Attackers 
Information and Cyber Security: Unit - I
20
Security Mechanism • feature designed to detect, prevent, or recover from a security attack 
• no single mechanism that will support all services required
• however one particular element underlies many of the security mechanisms in use: – cryptographic techniques
• specific security mechanisms:
– encipherment, digital signatures, access controls, data integrity, authentication exchange, traffic padding, routing control, notarization
• pervasive security mechanisms:
– trusted functionality, security labels, event detection, security audit trails, security recovery
Information and Cyber Security: Unit - I
21
Security Services/Goals ❖ Confidentiality (privacy) 
❖ Authentication (who created or sent the data)
❖ Integrity (has not been altered)
❖ Non-repudiation (prevents either sender or receiver from denying a transmitted message) ❖ Access control (prevent misuse of resources)
❖ Availability (permanence, non-erasure)
Information and Cyber Security: Unit - I
22
Quiz : Match the Following? 
a)Interruption 1)integrity
b)Interception 2)availability
c)Modification 3)authentication
d)Fabrication 4)confidentiality
Information and Cyber Security: Unit - I
26
Security Policies, Procedures, Guidelines… What is a security policy? 
• A security policy is a document that states in writing how a company plans to protect its physical and information technology (IT) assets.
• Security policies are living documents that are continuously updated and changing as technologies, vulnerabilities and security requirements change.
• A company's security policy may include an acceptable use policy. These describe how the company plans to educate its employees about protecting the company's assets. They also include an explanation of how security measurements will be carried out and enforced, and a procedure for evaluating the effectiveness of the policy to ensure that necessary corrections are made.
Information and Cyber Security: Unit - I
29
Security Policies, Procedures, Guidelines… Why are security policies important? 
• Security policies are important because they protect an organizations' assets, both physical and digital. They identify all company assets and all threats to those assets.
• Physical security policies are aimed at protecting a company's physical assets, such as buildings and equipment, including computers and other IT equipment.
• Data security policies protect intellectual property from costly events, like data breaches and data leaks.
Information and Cyber Security: Unit - I
30
Policy:
Set of detailed rules as to what is allowed on the system and what is not allowed. • User Policy
• System Policy
• Network Policy
• US Law
• Trust
Information and Cyber Security: Unit - I
95752:11-31
User-level Policy • Authentication: Method, Protection, Disclosure • Importing software: Process, Safeguards, Location • File protection: Default, Variations 
• Equipment management: Process, Physical Security • Backups: How, When
• Problem reporting: Who, How, Emergencies Information and Cyber Security: Unit - I
95752:11-32
System-level Policy • Default configuration 
• Installed Software
• Backups
• Logging
• Auditing
• Updates
• Principle servers or clients
Information and Cyber Security: Unit - I
95752:11-33
Network-level Policy • Supported services 
• Exported services: Authentication, Protection, Restriction • Imported services: Authentication, Protection, Privacy • Network security mechanisms
Information and Cyber Security: Unit - I
95752:11-34
US Law 
• General advice - not legal counsel
• Before performing legal actions -- consult a lawyer! • Legal Options
• Legal Hazards
• Being the target of an investigation
• General Tips
• Civil Actions
• Intellectual Property
• Liability
Information and Cyber Security: Unit - I
95752:11-35
Trust • Tools of computer security are resident on computers • Just as mutable as any other information on computers • Can we trust our computer? 
• Can we trust our software?
• Can we trust our suppliers?
• Can we trust our people?
• Trust, but verify
Information and Cyber Security: Unit - I
95752:11-36
The Operational Model of Network Security • Prevention is better than cure 
Information and Cyber Security: Unit - I
37
38
Problem 
Problem 1: Consider an automated teller machine (ATM) in which users provide a personal identification number (PIN) and a card for account access. Give examples of confidentiality, integrity, and availability requirements associated with the system and, in each case, indicate the degree of importance of the requirement.
Solution: The system must keep personal identification number (PIN) confidential, both in the host system and during transmission for a transaction. In addition, for security the personal identification number must encrypted.
It must protect the integrity of account records and of individual transactions. Availability of the host system is important to the economic well being of the bank, but not to its fiduciary responsibility. The availability of individual teller machines is of less concern.
Information and Cyber Security: Unit - I
39
Classical Cryptography 
Basic Terminology
• Plaintext- the original message
• Ciphertext - the coded message
• Key - info used in cipher known only to sender/receiver
• Encipher (encrypt) - converting plaintext to ciphertext
• Decipher (decrypt) - recovering ciphertext from plaintext
• Cryptography - study of encryption principles/methods
• Cryptanalysis (codebreaking) - the study of principles/ methods of deciphering ciphertext without knowing key
• cryptology - the field of both cryptography and cryptanalysis
Information and Cyber Security: Unit - I
40
Encryption Methods 
❖ Symmetric encryption- DES, Triple DES, AES
❖ Asymmetric encryption- RSA, ECC
• The security of encryption algorithm depends upon the key
• Symmetric encryption or conventional / private-key/ 
single-key
• sender and recipient share a common key
• all classical encryption algorithms are private-key
• was only type prior to invention of public-key in
1970’s
Information and Cyber Security: Unit - I
41
Cryptography 
-- Parameters used by cryptographic systems are:
• The type of operations used for transforming plaintext to ciphertext
• e.g. substitution and transposition
• The number of keys used e.g. symmetric, asymmetric
• The way in which the plaintext is processed e.g. block cipher, stream cipher
❑ Substitution Ciphers:
Classical Ciphers:
⚫ Plaintext is viewed as a sequence of elements (e.g., bits or characters)
⚫ Substitution cipher : replacing each element of the plaintext with another element. ⚫ Transposition (or permutation) cipher : rearranging the order of the elements of the plaintext. ⚫ Product cipher : using multiple stages of substitutions and transpositions
Information and Cyber Security: Unit - I
42
Caesar Cipher ⚫ Earliest known substitution cipher. Invented by Julius Caesar ⚫ Each letter is replaced by the letter three positions further down the alphabet. 
Plain: a b c d e f g h i j k l m n o p q r s t u v w x y z
Cipher: D E F G H I J K L M N O P Q R S T U V W X Y Z A B C
⚫ Example: mit pune PLW SXQH ⚫ Mathematically, map letters to numbers:
E.g. break ciphertext using shift 2 “GCUA VQ DTGCM” Answer: easy to break
a 0 | b 1 | c 2 | d 3 | e 4 | f 5 | g 6 | h 7 | i 8 | j 9 | k 10 | l 11 | m 12 |
|---|---|---|---|---|---|---|---|---|---|---|---|---|
n 13 | o 14 | p 15 | q 16 | r 17 | s 18 | t 19 | u 20 | v 21 | w 22 | x 23 | y 24 | z 25 |
❖ Brute-force attack: tries every possible key
Information and Cyber Security: Unit - I
⚫ Then the general Caesar cipher is: c = EK(p) = (p + k) mod 26 p = DK(c) = (c – k) mod 26
43
Monoalphabetic Cipher 
⚫ Shuffle the letters and map each plaintext letter to a different random ciphertext letter: Plain letters: abcdefghijklmnopqrstuvwxyz
Cipher letters: DKVQFIBJWPESCXHTMYAUOLRGZN
Plaintext: ifwewishtoreplaceletters
Ciphertext: WIRFRWAJUHYFTSDVFSFUUFYA
⚫ Now we have a total of 26! = 4 x 1026 keys.
⚫ With so many keys, it is secure against brute-force attacks.
⚫ But not secure against some cryptanalytic attacks.
⚫ Problem is language characteristics.
Information and Cyber Security: Unit - I
44
English Letter Frequencies
• Relative frequency of letters can be determined
• frequency of two-letter combination
Information and Cyber Security: Unit - I
45
• given ciphertext:
UZQSOVUOHXMOPVGPOZPEVSGZWSZOPFPESXUDBMETSXAIZ
VUEPHZHMDZSHZOWSFPAPPDTSVPQUZWYMXUZUHSX
EPYEPOPDZSZUFPOMBZWPFUPZHMDJUDTMOHMQ
• count relative letter frequencies (see text) 
• guess P & Z are e and t
• guess ZW is th and hence ZWP is the
• proceeding with trial and error finally get:
it was disclosed yesterday that several informal but
direct contacts have been made with political
representatives of the Viet cong in Moscow
Information and Cyber Security: Unit - I
46
One-Time Pad 
• The number of possible keys is equal to the number of possible plaintexts • The key is selected at random from the choice of all possible keys • Any key should only be used once
• It is unbreakable since ciphertext bears no statistical relationship to the plaintext 
ci = pi XOR ki
Information and Cyber Security: Unit - I
47
Two fundamental difficulties:
• Problem of making large quantities of random keys
• Problem of key distribution and protection
❖ Because of these difficulties, the one-time pad is of limited utility and is useful primarily for low-bandwidth channels requiring very high security.
Information and Cyber Security: Unit - I
48
Transposition Cipher 
❖ The order of alphabets in the plaintext is rearranged to form a cipher text. ❖ The Rail Fence cipher is a form of transposition cipher
❖ Plaintext is written down as a sequence of diagonals and then read off as a sequence of rows. ❖ The example message is: "meet me after the toga party" with a rail fence of depth 2.
m e m a t r h t g p r y
e t e f e t e o a a tCiphertext:
MEMATRHTGPRYETEFETEOAAT
Information and Cyber Security: Unit - I
Row Transposition Cipher 
❖ Write the message in a rectangle, row by row, and read the message off, column by column, but permute the order of the columns
❖ The order of the columns then becomes the key to the algorithm
❖ Plaintext: attack postponed until two am
❖ Key: 4 3 1 2 5 6 7
Key: 4 3 1 2 5 6 7
Plaintext: a t t a c k p o s t p o n e
d u n t i l t
w o a m x y z
Ciphertext: TTNAAPTMTSUOAODWCOIXKNLYPETZ
50
Transposition Cipher (2) • Plaintext written in a row under the key and then arrange the column as per alphabetical order. 
❖ Single Columnar Transposition
Preparing the Key:
• Numbered each letter of the key as per their appearance in the alphabet
h e a v e n
2 | 1 | 6 | 3 |
|---|
4 5
Preparing the Plaintext: we are the best h e a v e n
2 | 1 | 6 | 3 |
|---|---|---|---|
E | A | R | E |
E | B | E | S |
4 5
W T
H T
Information and Cyber Security: Unit - I
51
Transposition Cipher(3)
Encryption: a e e h n v
2 | 3 | 4 | 5 |
|---|---|---|---|
E | E | W | T |
E | S | H | T |
1 6
A R
B E
Decryption: ABEEESWHTTRE h e a v e n
2 | 1 | 6 | 3 |
|---|---|---|---|
E | A | R | E |
E | B | E | S |
4 5
W T
H T
Problem: Using Transposition cipher encrypt message “WE ARE THE BEST” use key ‘HEAVEN’
Information and Cyber Security: Unit - I
52
Transposition Ciphers(4)❖ Double Columnar Transposition 
h e a v e n
2 | 1 | 6 | 3 |
|---|---|---|---|
E | A | R | E |
E | B | E | S |
4 5
W T
H T
ABEEESWHTTRE
53
a n o t h e r
4 | 5 | 7 | 3 | 2 |
|---|---|---|---|---|
B | E | E | E | S |
T | T | R | E |
1 6 A W H
Information and Cyber Security: Unit - I
Feistel Ciphers 
❖ Most symmetric block ciphers are based on a Feistel Cipher Structure
❖ Block ciphers look like an extremely large substitution would need table of 264 entries for a 64-bit block ❖ Horst Feistel devised the feistel cipher: based on concept of invertible product cipher ❖ partitions input block into two halves
• process through multiple rounds which:
• perform a substitution on left data half
• based on round function of right half & sub key
• then have permutation swapping halves
❖ The plaintext is divided into two halves (L0and R0). Then the two halves pass through n rounds of processing then combine to produce the cipher block.
❖ Each round i has as input L i-1and Ri-1 derived from the previous round as well as a sub-key Ki derived from the overall K.
Information and Cyber Security: Unit - I
54
Information and Cyber Security: Unit - I 55
The design of Feistel cipher depends on following parameter:
❖ Block Size: (larger block means greater security) 64 bits.
❖ Key Size: 56 - 128 bits.
❖ Number of Rounds: a single round offers inadequate security, a typical size is 16 rounds.
❖ Sub-key Generation Algorithms: greater complexity should lead to a greater difficulty of cryptanalysis.
❖ Round function: Again, greater complexity generally means greater resistance to cryptanalysis.
Information and Cyber Security: Unit - I
56
Data Encryption Standard (DES) ❖ IBM developed Lucifer cipher 
◦ by team led by Feistel
◦ used 64-bit data blocks with 128-bit key
• then redeveloped as a commercial cipher with input from NSA and others in 1973 NBS issued request for proposals for a national cipher standard
• IBM submitted their revised Lucifer which was eventually accepted as the DES • encrypts 64-bit data using 56-bit key
• DES has become widely used, especially in financial applications
Information and Cyber Security: Unit - I
57
Conceptual View of DES ❖ Every 8th bit of the key is discarded to produce a 56-bit key
❖ Same algorithm and key are used for encryption and decryption
64-bit
Plain text
64-bit
Plain text
∙∙∙
64-bit
Plain text
56-bit KeyDES
64-bit
Cipher text
Block 1
56-bit KeyDES
64-bit
Cipher text
Block 2
Information and Cyber Security: Unit - I
56-bit KeyDES 
64-bit
Cipher text
Block n
58
Broad Level Steps in DES ❖ DES is based on substitution (called as confusion) and transposition (called as diffusion) ❖ Each round performs the steps of substitution and transposition
Step 1
Step 2 Step 3
Step 4 Step 5 Step 6
Plain text (64 bits) 
Initial Permutation
(IP)
LPT RPT
Key 16 rounds 16 rounds Key
Final Permutation (FP)
Cipher text (64 bits)
Information and Cyber Security: Unit - I
59
❖ Initial Permutation (IP)
⚫ The first bit of the output is taken from the 58th bit of the input; the second bit from the 50th bit, and so on, with the last bit of the output taken from the 7th bit of the input. i.e. transposition
Information and Cyber Security: Unit - I
60
❖ Details of One Round in DES
Key Transformation
Expansion Permutation
S-Box Substitution
P-Box Permutation
XOR and Swap
Information and Cyber Security: Unit - I
61
Step 1: Key Transformation and Compression Permutation
❖ After the parity-bit drop, the key is divided into two 28-bit parts ❖ Each part is circularly shifted left by one or two bit ❖ The two parts are then combined to form a 56-bit part
❖ Choose 48 of the 56 bits
Round | 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 |
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Bits shifts | 1 | 1 | 2 | 2 | 2 | 2 | 2 | 2 | 1 | 2 | 2 | 2 | 2 | 2 | 2 | 1 |
Compression Permutation
14 | 17 | 11 | 24 | 1 | 5 | 3 | 28 | 15 | 6 | 21 | 10 |
|---|---|---|---|---|---|---|---|---|---|---|---|
23 | 19 | 12 | 4 | 26 | 8 | 16 | 7 | 27 | 20 | 13 | 2 |
41 | 52 | 31 | 37 | 47 | 55 | 30 | 40 | 51 | 45 | 33 | 48 |
44 | 49 | 39 | 56 | 34 | 53 | 46 | 42 | 50 | 36 | 29 | 32 |
Information and Cyber Security: Unit - I 62
Step 2: Expansion Permutation
❖ 32-bit RPT is divided into 8 blocks (each block 4-bits)
❖ Each 4-bit block is expanded to 6-bit block. Two bits -- repeated first and forth bits
Original Right Plain Text (RPT) of 32 bits
∙∙∙
Block 1 (4 bits) Block 2 (4 bits) Block 8 (4 bits)
Information and Cyber Security: Unit - I 63
Input Block 1 (4 bits) Input Block 2 (4 bits) Input Block 3 (4 bits)
1 2 3 4 5 6 7 8 29 30 31 32
1 2 3 4 5 6 7 8 9 10 11 12 43 44 45 46 47 48
Output Block 1 (6 bits) Output Block 2 (6 bits) Output Block 3 (6 bits)
RPT Expansion Permutation Table
32 | 1 | 2 | 3 | 4 | 5 | 4 | 5 | 6 | 7 | 8 | 9 |
|---|---|---|---|---|---|---|---|---|---|---|---|
8 | 9 | 10 | 11 | 12 | 13 | 12 | 13 | 14 | 15 | 16 | 17 |
16 | 17 | 18 | 19 | 20 | 21 | 20 | 21 | 22 | 23 | 24 | 25 |
24 | 25 | 26 | 27 | 28 | 29 | 28 | 29 | 30 | 31 | 32 | 1 |
Information and Cyber Security: Unit - I 64
Step 3: S-box substitution
• Output: 32 bit
Key Transformation
(Compress key from 56 bits to 48 bits)
Expansion Permutation
(Expand RPT from 32 bits to 48 bits)
48-bit Key XOR 48-bit RPT 
S-box Substitution
Information and Cyber Security: Unit - I
65
• Eight S-boxes that accept 6 bit inputs and produce 4 bit outputs
48-bit input block
6-bit sub-block 6-bit sub-block 6-bit sub-block
∙∙∙
S-box 1 S-box 2 S-box 8
4-bit output 4-bit output 4-bit output
32-bit output block
Information and Cyber Security: Unit - I
66
b1 b2 b3 b4 b5 b6 
4-bit column number
2-bit row number
Information and Cyber Security: Unit - I
67
Information and Cyber Security: Unit - I 68
Step 4: P-box permutation
❖ The output of S-box consists of 32 bits 
❖ It is straight permutation. No bits are used twice and no bits are ignored ❖ Replacement of each bit with another bit
16 | 7 | 20 | 21 | 29 | 12 | 28 | 17 | 1 | 15 | 23 | 26 | 5 | 18 | 31 | 10 |
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
2 | 8 | 24 | 14 | 32 | 27 | 3 | 9 | 19 | 13 | 30 | 6 | 22 | 11 | 4 | 25 |
Information and Cyber Security: Unit - I
69
Step 5: XOR and Swap Original 64-bit Plain Text Block 
32-bit Left Plain Text (LPT) Block 32-bit Right Plain Text (RPT) Block
Key Transformation
(not involved directly)
Expansion Permutation
S-box Substitution
P-box Permutation
XOR
32-bit Left Plain Text (LPT) Block 32-bit Right Plain Text (RPT) Block
Next round
Information and Cyber Security: Unit - I 70
❖ Final permutation
Information and Cyber Security: Unit - I
71
DES Decryption 
• Same algorithm and key are used for encryption and decryption
• Key reversal is used i.e. K16, K15, …… K1
Analysis of DES
• Use of S-boxes: The table used for substitution in DES are kept secret by IBM. It takes 17 years come up with internal design of the S-boxes.
• Key Length: There are 256 possible keys i.e. 7.2 x 1016 keys. Thus, it seems that a brute-force attack on DES is impractical. A single computer performing one DES encryption per microsecond would require more than 1000 years to break DES.
Information and Cyber Security: Unit - I
72
Original
Variations of DES: Double DES Cipher
Cipher
• Meet-in-the middle attack
Plain Text Encrypt K1
Text Encrypt K2
Text
Cipher Text
Decrypt K2
Cipher Text
Decrypt K1
Original Plain Text 
EK1(P) EK2(EK1 T = EK1(P) (P)) C = EK2(EK1(P))
P Encrypt K1
Temporary
result (T) Encrypt K2
C
Information and Cyber Security: Unit - I 73
⚫ Secure but more time for encryption
Original
Plain Text Encrypt
Triple DES
Cipher
Text 1
Cipher
Final
Cipher Text
K1
Original
Encrypt
K2
Cipher
Text 2 Encrypt
K3
Final Cipher
Plain Text Encrypt
Text 1
Cipher
Text
K1
Decrypt K2
Text 2 Encrypt K1
Information and Cyber Security: Unit - I 74
DES Weaknesses 
Weaknesses in Cipher Design
S-boxes: At least three weaknesses are mentioned in the literature for S-boxes.
1. In S-box 4, the last three output bits can be derived in the same way as the first output bit by complementing some of the input bits.
2. Two specifically chosen inputs to an S-box array can create the same output.
3. It is possible to obtain the same output in a single round by changing bits in only three neighboring S boxes.
P-boxes: One mystery and one weakness were found in the design of p-boxes:
1. It is not clear why the designers of DES used the initial and final permutations; these have no security benefits.
2. In the expansion permutation (inside the function), the first and fourth bits of every 4-bit series are repeated
Information and Cyber Security: Unit - I
75
Information and Cyber Security: Unit - I 76
Why A New Cipher? 
❖ DES has the 56-bit key size and being too small.
❖ In January 1999, distributed.net and the Electronic Frontier Foundation collaborated to publicly break a DES key in 22 hours and 15 minutes
❖ DES had outlived its usefulness:
• Vulnerabilities were becoming known
• 56-bit key was too small
• Too slow in software implementations
❖ NIST wanted increased trust in cipher:
• Previous processes very closed
• DES suspected of having 'back doors'
Information and Cyber Security: Unit - I
77
Advanced Encryption Standard (AES) ❖ Background
On January 2, 1997, NIST announced the initiation of the AES development. 
The point stipulated that:
The algorithm must be a symmetric block cipher
Key lengths of 128, 192, and 256 bits must be supported
Block length: 128, 192, and 256 bits
Both software and hardware implementations must be possible
Possible implementation on smart-cards
Royalty-free
Information and Cyber Security: Unit - I
78
The finalists and their scores were as follows: 15 Ciphers submitted
Rijndael (from Joan Deamen and Vincent Rijmen, 86 votes).
Serpent (from Ross Anderson, Eli Biham, and Lars Knudsen, 56 votes).
Twofish (from a team headed by Bruce Schneier, 31 votes).
RC6 (from RSA Laboratories, 23 votes).
MARS (from IBM, 13 votes)
In November 2001, Rijndael became a U. S. Government standard published as Federal Information Processing Standard FIPS 197.
It is not a Feistel cipher.
- It works in parallel over the whole input block.
- Mode of operation: ECB
Information and Cyber Security: Unit - I 79
❖ The most powerful supercomputer in the world in 2017 was the Sunway TaihuLight in China. This beast is capable of a peak speed of 93.02 petaflops. This means that the most powerful computer in the world would still take some 885 quadrillion years to brute force a 128-bit AES key.
❖ The number of operations required to brute force a 256-bit cipher is 3.31 x 10^56. This is roughly equal to the number of atoms in the universe!
Information and Cyber Security: Unit - I 80
Rijndael’s Encryption Algorithm • The basic unit for processing in the AES algorithm is a byte. 
• The AES algorithm’s operations are performed on a two-dimensional array of bytes called the State. It is referred as sr,c
• Block = 128 bits = 16 byte = b0 b1 b2……………b15
• Key = 128 bits = 16 byte = k0 k1 k2……………k15
• The four bytes in each column of the State array stand as one word
w0 = s0,0 s1,0 s2,0 s3,0 w2 = s0,2 s1,2 s2,2 s3,2 
w1 = s0,1 s1,1 s2,1 s3,1 w3 = s0,3 s1,3 s2,3 s3,3
Information and Cyber Security: Unit - I
w0 w1 w2 w381
• Implemented as a 4 x 4 matrix, where each element in the matrix is one byte. • Algorithm consists of an initial round, Nr - 1 standard rounds where Nr is 10, 12, 14 depending on the block and key array sizes, and a final round.
• Possible Round Operations 
❖ ByteSub – Substitution of Bytes
❖ Shift Row – Shifts Rows
❖ MixColumn – Multiplies Columns
❖ AddRoundKey – XORs by Key
Information and Cyber Security: Unit - I
82
Encryption Algorithm
Information and Cyber Security: Unit - I 83
Information and Cyber Security: Unit - I 84
❖ SubBytes transformation • 16 x 16 matrix whose entries are all distinct bytes. 
• For example, if s1,1 = {53}, the result is {ed}.
Information and Cyber Security: Unit - I 
85
TY BTech Semester-V (AY 2023-24)
Computer Science and Engineering
Disclaimer:
a. Information included in these slides came from multiple sources. We have tried our best to cite the sources. Please refer to the references to learn about the sources,
when applicable.
b. The slides should be used only for preparing notes, academic purposes (e.g. in teaching a class), and should not be used for commercial purposes.
Information and Cyber Security (CET3004B) Examination Scheme: Credit: 3+1
Class Continuous Assessment: 30 Marks
Lab Continuous Assessment: 30 Marks
End Semester Examination: 40 Marks
Information and Cyber Security: Unit - I 2
Information and Cyber Security Course Objectives:
1. Knowledge:
(i) To focus on the models, tools, and techniques for enforcement of security with some emphasis on the use of cryptography. Students will learn security from multiple perspectives
(ii) To educate students on the fundamental principles and techniques of computer and network security
2. Skills:
(i) Acquire background on hash functions, authentication, firewalls, intrusion detection techniques (ii) Gain hands-on experience with programming and simulation techniques for security protocols
3. Attitude:
(i) Understand the tradeoffs and criteria/concerns for security countermeasure development (ii) Learn to apply methods for authentication, access control, intrusion detection and prevention
Information and Cyber Security: Unit - I 3
Course Outcomes:
• Analyze and resolve security issues in networks and computer systems to secure an IT infrastructure.
• Apply methods for authentication, access control, intrusion detection and prevention. • Develop policies and procedures to manage enterprise security risks.
• Evaluate and communicate the human role in security systems with an emphasis on ethics, social engineering vulnerabilities and training.
• Identify software security vulnerabilities, summarize and mitigate security risks associated with integrating systems.
4
Pre-requisites • Operating Systems and Computer Networks
Information and Cyber Security: Unit - I 5
Syllabus
Unit: I | Foundations of Information Security: Information Security fundamentals, it’s need, Confidentiality, Integrity, Availability (CIA triad), Security Policies, Procedures, Guidelines, Standards Administrative Measures and Technical Measures, Attacks, Vulnerability, Security Goals, Security Services and Defense mechanisms Cryptographic Techniques: Conventional substitution and transposition ciphers, One-time Pad, Block cipher and Stream Cipher, Cipher modes of operations, Steganography. Symmetric Cryptographic Techniques: DES, AES | 9 Hrs |
|---|---|---|
Unit: II | Mathematical Foundations and Public Key Cryptography: Mathematics for Security: Modular Arithmetic, Euler’s theorem, Fermat Theorem, Euclidean Algorithm, Miller-Rabin Algorithm, Primality Test, Chinese Remainder Theorem, Discrete Logarithm, Asymmetric Key Cryptography: RSA algorithms. Hash algorithms: MD5, SHA1 | 9 Hrs |
Information and Cyber Security: Unit - I
6
Unit: III
Unit: IV
Syllabus (Continue)
Authentication and Digital Signatures:
Use of Cryptography for authentication, Secure Hash function, Key Management and Distribution: Symmetric Key Distribution, Using Symmetric Encryption, Symmetric Key Distribution Using Asymmetric Encryption, Distribution of Public Keys
Cryptographic Key Infrastructures, Diffie-Hellman Key Exchange, Digital Certificates x509. Authentication Protocols: Remote, Mutual Authentication, Authentication Methods: Password, Two way methods, Biometric Authentications, Kerberos Security
Network and Cyber Security:
Networks Security Fundamentals, Layer-wise Security concerns, Firewalls: Packet filtering, Stateless and Stateful, Intrusion detection systems: host based, network based IDS, Secured Socket Layer Security, IP level IPSEC security, Email Security: PGP, S/MIME.
Cyber Security: Definition and origin, Cyber Crime and information security, Types of Cyber Crime, Classification of Cyber Criminals, Tools used in Cyber Crime, Challenges, Strategies, The Legal Perspective-Indian/Global Perspective, Types of Attack, Social Engineering, Cyber stalking, Ransomware.
9 Hrs
9 Hrs 7
Syllabus (Continue)
Unit: V | Cybersecurity Techniques, Tools and Laws: Introduction, Proxy servers and Anonymizers, Phishing, Password Cracking tools, Key-loggers and Spywares, DoS and DDoS, Viruses, Worms, Trapdoors, Salami attack, Man-in-the- middle attacks, Covert channels, SQL injection, Cyber Security Safeguards- Overview, Access control, Audit, Authentication, Biometrics. Cybercrime and Legal perspectives, Cyber laws Indian context, The Indian IT Act-Challenges, Amendments, Challenges to Indian Law and cybercrime Scenario in India, Indian IT Act and Digital Signatures. | 9 Hrs |
|---|
Information and Cyber Security: Unit - I 8
Syllabus (Continue)
1. Michael E. Whitman and Herbert J. Mattord, “Principles of Information Security”, Cengage Learning; ISBN: 1285448367 2. Christof Paa and Jan Pelzl, “Understanding Cryptography: A Textbook for Students and Practitioners”, Springer; ISBN: 3642041000 3. William Stallings and Lawrie Brown, “Computer Security: Principles and Practice”, Prentice Hall. Books:- (Reference) Swiderski, Frank and Syndex, “Threat Modeling”, Microsoft Press. 4. Ohn W. Rittinghouse, William M. Hancock, “Cyber Security Operations Handbook”, Elsevier Pub. 5. Deborah G Johnson, “Computer Ethics”, 4th Edition, Pearson Education Publication. 6. Earnest A. Kallman, J.P Grillo, “Ethical Decision making and IT: An Introduction with Cases”, McGraw Hill Publication. Supplementary Reading: Web Resources: 1. https://www.newhorizons.com/promotions/cybersecurity-ebooks MOOCs and Weblinks: COURSERA, NPTEL, etc. • https://nptel.ac.in/courses/106106129 • https://www.udemy.com/course/hands-on-penetration-testing-labs-30/ 9Information and Cyber Security: Unit - I |
|---|
Assign No. List of Assignments
1. Write a program using JAVA or Python or C++ to implement any classical cryptographic technique 2. Write a program using JAVA or Python or C++ to implement Feistal Cipher structure
3. Write a program using JAVA or Python or C++ to implement S-AES symmetric key algorithm 4. Write a program using JAVA or Python or C++ to implement RSA asymmetric key algorithm 5. Write a program using JAVA or Python or C++ to implement integrity of message using MD5 or SHA 6. Write a program using JAVA or Python or C++ to implement Diffie Hellman Key Exchange Algorithm 7. Write a program using JAVA or Python or C++ to implement Digital signature using DSA 8. Demonstrate Email Security using - PGP or S/MIME for Confidentiality, Authenticity and Integrity 9.Demonstration of secured web applications system using SSL certificates and its deployment in Apache tomcat server
10. Configuration and demonstration of Intrusion Detection System using Snort
10
11. Configuration and demonstration of NESSUS tool for vulnerability assessment
Guidelines for CCA and LCA
| ||
|---|---|---|
Examination Scheme | Marks | |
Class Continuous Assessment (CCA) | Mid-Term Theory Exam | 15 |
Component 1 (Active Learning) | 10 | |
Component 2 (Theory Assignment) | 05 | |
Laboratory Continuous Assessment (LCA) | Practical Performance | 10 |
Active Learning/Additional implementation/ Mini Project/On paper design | 10 | |
End term practical/Oral Examination | 10 | |
End Term | End Term Theory Examination | 40 |
Total Information and Cyber Security: Unit - I | 100 | |
11
Unit-I
Foundations of Information Security & Cryptographic Techniques
Information and Cyber Security: Unit - I
12
Foundations of Information Security ❖ Cyber security or information security are the techniques of protecting computers, networks, programs and data from unauthorized access or attacks that are aimed for exploitation.
Benjamin Franklin once said
Three people can keep a secret…....
…………. if two of them are dead!
Security is Not Easy to Achieve:
• Human tendency
• Problems of storage and communication
• Trust in all the parties
Information and Cyber Security: Unit - I
13
❑ Elements of Information Security
Key Security Concepts
❖ Confidentiality: protection of data from unauthorized user
❖ Integrity: validity of data
❖ Availability
Information and Cyber Security: Unit - I
14
Don’t forget these roots !! Attacks -- Services -- Defense
?
Information and Cyber Security: Unit - I
15
Aspects of Security
❖ consider 3 aspects of information security:
• security attack: Any action that compromises the security of information owned by an organization. • security mechanism: A process that is designed to detect, prevent, or recover from a security attack. • security service: A processing or communication service that enhances the security of the data processing systems and the information transfers of an organization.
❖ note terms
• threat: a potential for violation of security
• attack: an assault on system security, a deliberate attempt to evade security services
Information and Cyber Security: Unit - I
16
Security Attacks - Security threats Information
source
a) Normal flow
Information destination
• Interruption – attack on availability • Interception – attack on confidentiality • Modification – attack on integrity • Fabrication – attack on authenticity e.g. Email Spoofing, SQL Injection
b) Interruption
c) Interception
d) Modification
Information and Cyber Security: Unit - I
e) Fabrication
17
❖ Passive Attack: make use of information from the system but does not affect system resource
Observe pattern
of messages
Note: in dealing with passive attacks is on prevention rather than detection. i.e. encryption
Information and Cyber Security: Unit - I
18
❖ Active Attack: modification of the data stream or the creation of a false stream
Information and Cyber Security: Unit - I
19
Attackers
Information and Cyber Security: Unit - I
20
Security Mechanism • feature designed to detect, prevent, or recover from a security attack
• no single mechanism that will support all services required
• however one particular element underlies many of the security mechanisms in use: – cryptographic techniques
• specific security mechanisms:
– encipherment, digital signatures, access controls, data integrity, authentication exchange, traffic padding, routing control, notarization
• pervasive security mechanisms:
– trusted functionality, security labels, event detection, security audit trails, security recovery
Information and Cyber Security: Unit - I
21
Security Services/Goals ❖ Confidentiality (privacy)
❖ Authentication (who created or sent the data)
❖ Integrity (has not been altered)
❖ Non-repudiation (prevents either sender or receiver from denying a transmitted message) ❖ Access control (prevent misuse of resources)
❖ Availability (permanence, non-erasure)
Information and Cyber Security: Unit - I
22
Quiz : Match the Following?
a)Interruption 1)integrity
b)Interception 2)availability
c)Modification 3)authentication
d)Fabrication 4)confidentiality
Information and Cyber Security: Unit - I
26
Security Policies, Procedures, Guidelines… What is a security policy?
• A security policy is a document that states in writing how a company plans to protect its physical and information technology (IT) assets.
• Security policies are living documents that are continuously updated and changing as technologies, vulnerabilities and security requirements change.
• A company's security policy may include an acceptable use policy. These describe how the company plans to educate its employees about protecting the company's assets. They also include an explanation of how security measurements will be carried out and enforced, and a procedure for evaluating the effectiveness of the policy to ensure that necessary corrections are made.
Information and Cyber Security: Unit - I
29
Security Policies, Procedures, Guidelines… Why are security policies important?
• Security policies are important because they protect an organizations' assets, both physical and digital. They identify all company assets and all threats to those assets.
• Physical security policies are aimed at protecting a company's physical assets, such as buildings and equipment, including computers and other IT equipment.
• Data security policies protect intellectual property from costly events, like data breaches and data leaks.
Information and Cyber Security: Unit - I
30
Policy:
Set of detailed rules as to what is allowed on the system and what is not allowed. • User Policy
• System Policy
• Network Policy
• US Law
• Trust
Information and Cyber Security: Unit - I
95752:11-31
User-level Policy • Authentication: Method, Protection, Disclosure • Importing software: Process, Safeguards, Location • File protection: Default, Variations
• Equipment management: Process, Physical Security • Backups: How, When
• Problem reporting: Who, How, Emergencies Information and Cyber Security: Unit - I
95752:11-32
System-level Policy • Default configuration
• Installed Software
• Backups
• Logging
• Auditing
• Updates
• Principle servers or clients
Information and Cyber Security: Unit - I
95752:11-33
Network-level Policy • Supported services
• Exported services: Authentication, Protection, Restriction • Imported services: Authentication, Protection, Privacy • Network security mechanisms
Information and Cyber Security: Unit - I
95752:11-34
US Law
• General advice - not legal counsel
• Before performing legal actions -- consult a lawyer! • Legal Options
• Legal Hazards
• Being the target of an investigation
• General Tips
• Civil Actions
• Intellectual Property
• Liability
Information and Cyber Security: Unit - I
95752:11-35
Trust • Tools of computer security are resident on computers • Just as mutable as any other information on computers • Can we trust our computer?
• Can we trust our software?
• Can we trust our suppliers?
• Can we trust our people?
• Trust, but verify
Information and Cyber Security: Unit - I
95752:11-36
The Operational Model of Network Security • Prevention is better than cure
Information and Cyber Security: Unit - I
37
38
Problem
Problem 1: Consider an automated teller machine (ATM) in which users provide a personal identification number (PIN) and a card for account access. Give examples of confidentiality, integrity, and availability requirements associated with the system and, in each case, indicate the degree of importance of the requirement.
Solution: The system must keep personal identification number (PIN) confidential, both in the host system and during transmission for a transaction. In addition, for security the personal identification number must encrypted.
It must protect the integrity of account records and of individual transactions. Availability of the host system is important to the economic well being of the bank, but not to its fiduciary responsibility. The availability of individual teller machines is of less concern.
Information and Cyber Security: Unit - I
39
Classical Cryptography
Basic Terminology
• Plaintext- the original message
• Ciphertext - the coded message
• Key - info used in cipher known only to sender/receiver
• Encipher (encrypt) - converting plaintext to ciphertext
• Decipher (decrypt) - recovering ciphertext from plaintext
• Cryptography - study of encryption principles/methods
• Cryptanalysis (codebreaking) - the study of principles/ methods of deciphering ciphertext without knowing key
• cryptology - the field of both cryptography and cryptanalysis
Information and Cyber Security: Unit - I
40
Encryption Methods
❖ Symmetric encryption- DES, Triple DES, AES
❖ Asymmetric encryption- RSA, ECC
• The security of encryption algorithm depends upon the key
• Symmetric encryption or conventional / private-key/
single-key
• sender and recipient share a common key
• all classical encryption algorithms are private-key
• was only type prior to invention of public-key in
1970’s
Information and Cyber Security: Unit - I
41
Cryptography
-- Parameters used by cryptographic systems are:
• The type of operations used for transforming plaintext to ciphertext
• e.g. substitution and transposition
• The number of keys used e.g. symmetric, asymmetric
• The way in which the plaintext is processed e.g. block cipher, stream cipher
❑ Substitution Ciphers:
Classical Ciphers:
⚫ Plaintext is viewed as a sequence of elements (e.g., bits or characters)
⚫ Substitution cipher : replacing each element of the plaintext with another element. ⚫ Transposition (or permutation) cipher : rearranging the order of the elements of the plaintext. ⚫ Product cipher : using multiple stages of substitutions and transpositions
Information and Cyber Security: Unit - I
42
Caesar Cipher ⚫ Earliest known substitution cipher. Invented by Julius Caesar ⚫ Each letter is replaced by the letter three positions further down the alphabet.
Plain: a b c d e f g h i j k l m n o p q r s t u v w x y z
Cipher: D E F G H I J K L M N O P Q R S T U V W X Y Z A B C
⚫ Example: mit pune PLW SXQH ⚫ Mathematically, map letters to numbers:
E.g. break ciphertext using shift 2 “GCUA VQ DTGCM” Answer: easy to break
a 0 | b 1 | c 2 | d 3 | e 4 | f 5 | g 6 | h 7 | i 8 | j 9 | k 10 | l 11 | m 12 |
|---|---|---|---|---|---|---|---|---|---|---|---|---|
n 13 | o 14 | p 15 | q 16 | r 17 | s 18 | t 19 | u 20 | v 21 | w 22 | x 23 | y 24 | z 25 |
❖ Brute-force attack: tries every possible key
Information and Cyber Security: Unit - I
⚫ Then the general Caesar cipher is: c = EK(p) = (p + k) mod 26 p = DK(c) = (c – k) mod 26
43
Monoalphabetic Cipher
⚫ Shuffle the letters and map each plaintext letter to a different random ciphertext letter: Plain letters: abcdefghijklmnopqrstuvwxyz
Cipher letters: DKVQFIBJWPESCXHTMYAUOLRGZN
Plaintext: ifwewishtoreplaceletters
Ciphertext: WIRFRWAJUHYFTSDVFSFUUFYA
⚫ Now we have a total of 26! = 4 x 1026 keys.
⚫ With so many keys, it is secure against brute-force attacks.
⚫ But not secure against some cryptanalytic attacks.
⚫ Problem is language characteristics.
Information and Cyber Security: Unit - I
44
English Letter Frequencies
• Relative frequency of letters can be determined
• frequency of two-letter combination
Information and Cyber Security: Unit - I
45
• given ciphertext:
UZQSOVUOHXMOPVGPOZPEVSGZWSZOPFPESXUDBMETSXAIZ
VUEPHZHMDZSHZOWSFPAPPDTSVPQUZWYMXUZUHSX
EPYEPOPDZSZUFPOMBZWPFUPZHMDJUDTMOHMQ
• count relative letter frequencies (see text)
• guess P & Z are e and t
• guess ZW is th and hence ZWP is the
• proceeding with trial and error finally get:
it was disclosed yesterday that several informal but
direct contacts have been made with political
representatives of the Viet cong in Moscow
Information and Cyber Security: Unit - I
46
One-Time Pad
• The number of possible keys is equal to the number of possible plaintexts • The key is selected at random from the choice of all possible keys • Any key should only be used once
• It is unbreakable since ciphertext bears no statistical relationship to the plaintext
ci = pi XOR ki
Information and Cyber Security: Unit - I
47
Two fundamental difficulties:
• Problem of making large quantities of random keys
• Problem of key distribution and protection
❖ Because of these difficulties, the one-time pad is of limited utility and is useful primarily for low-bandwidth channels requiring very high security.
Information and Cyber Security: Unit - I
48
Transposition Cipher
❖ The order of alphabets in the plaintext is rearranged to form a cipher text. ❖ The Rail Fence cipher is a form of transposition cipher
❖ Plaintext is written down as a sequence of diagonals and then read off as a sequence of rows. ❖ The example message is: "meet me after the toga party" with a rail fence of depth 2.
m e m a t r h t g p r y
e t e f e t e o a a tCiphertext:
MEMATRHTGPRYETEFETEOAAT
Information and Cyber Security: Unit - I
Row Transposition Cipher
❖ Write the message in a rectangle, row by row, and read the message off, column by column, but permute the order of the columns
❖ The order of the columns then becomes the key to the algorithm
❖ Plaintext: attack postponed until two am
❖ Key: 4 3 1 2 5 6 7
Key: 4 3 1 2 5 6 7
Plaintext: a t t a c k p o s t p o n e
d u n t i l t
w o a m x y z
Ciphertext: TTNAAPTMTSUOAODWCOIXKNLYPETZ
50
Transposition Cipher (2) • Plaintext written in a row under the key and then arrange the column as per alphabetical order.
❖ Single Columnar Transposition
Preparing the Key:
• Numbered each letter of the key as per their appearance in the alphabet
h e a v e n
2 | 1 | 6 | 3 |
|---|
4 5
Preparing the Plaintext: we are the best h e a v e n
2 | 1 | 6 | 3 |
|---|---|---|---|
E | A | R | E |
E | B | E | S |
4 5
W T
H T
Information and Cyber Security: Unit - I
51
Transposition Cipher(3)
Encryption: a e e h n v
2 | 3 | 4 | 5 |
|---|---|---|---|
E | E | W | T |
E | S | H | T |
1 6
A R
B E
Decryption: ABEEESWHTTRE h e a v e n
2 | 1 | 6 | 3 |
|---|---|---|---|
E | A | R | E |
E | B | E | S |
4 5
W T
H T
Problem: Using Transposition cipher encrypt message “WE ARE THE BEST” use key ‘HEAVEN’
Information and Cyber Security: Unit - I
52
Transposition Ciphers(4)❖ Double Columnar Transposition
h e a v e n
2 | 1 | 6 | 3 |
|---|---|---|---|
E | A | R | E |
E | B | E | S |
4 5
W T
H T
ABEEESWHTTRE
53
a n o t h e r
4 | 5 | 7 | 3 | 2 |
|---|---|---|---|---|
B | E | E | E | S |
T | T | R | E |
1 6 A W H
Information and Cyber Security: Unit - I
Feistel Ciphers
❖ Most symmetric block ciphers are based on a Feistel Cipher Structure
❖ Block ciphers look like an extremely large substitution would need table of 264 entries for a 64-bit block ❖ Horst Feistel devised the feistel cipher: based on concept of invertible product cipher ❖ partitions input block into two halves
• process through multiple rounds which:
• perform a substitution on left data half
• based on round function of right half & sub key
• then have permutation swapping halves
❖ The plaintext is divided into two halves (L0and R0). Then the two halves pass through n rounds of processing then combine to produce the cipher block.
❖ Each round i has as input L i-1and Ri-1 derived from the previous round as well as a sub-key Ki derived from the overall K.
Information and Cyber Security: Unit - I
54
Information and Cyber Security: Unit - I 55
The design of Feistel cipher depends on following parameter:
❖ Block Size: (larger block means greater security) 64 bits.
❖ Key Size: 56 - 128 bits.
❖ Number of Rounds: a single round offers inadequate security, a typical size is 16 rounds.
❖ Sub-key Generation Algorithms: greater complexity should lead to a greater difficulty of cryptanalysis.
❖ Round function: Again, greater complexity generally means greater resistance to cryptanalysis.
Information and Cyber Security: Unit - I
56
Data Encryption Standard (DES) ❖ IBM developed Lucifer cipher
◦ by team led by Feistel
◦ used 64-bit data blocks with 128-bit key
• then redeveloped as a commercial cipher with input from NSA and others in 1973 NBS issued request for proposals for a national cipher standard
• IBM submitted their revised Lucifer which was eventually accepted as the DES • encrypts 64-bit data using 56-bit key
• DES has become widely used, especially in financial applications
Information and Cyber Security: Unit - I
57
Conceptual View of DES ❖ Every 8th bit of the key is discarded to produce a 56-bit key
❖ Same algorithm and key are used for encryption and decryption
64-bit
Plain text
64-bit
Plain text
∙∙∙
64-bit
Plain text
56-bit KeyDES
64-bit
Cipher text
Block 1
56-bit KeyDES
64-bit
Cipher text
Block 2
Information and Cyber Security: Unit - I
56-bit KeyDES
64-bit
Cipher text
Block n
58
Broad Level Steps in DES ❖ DES is based on substitution (called as confusion) and transposition (called as diffusion) ❖ Each round performs the steps of substitution and transposition
Step 1
Step 2 Step 3
Step 4 Step 5 Step 6
Plain text (64 bits)
Initial Permutation
(IP)
LPT RPT
Key 16 rounds 16 rounds Key
Final Permutation (FP)
Cipher text (64 bits)
Information and Cyber Security: Unit - I
59
❖ Initial Permutation (IP)
⚫ The first bit of the output is taken from the 58th bit of the input; the second bit from the 50th bit, and so on, with the last bit of the output taken from the 7th bit of the input. i.e. transposition
Information and Cyber Security: Unit - I
60
❖ Details of One Round in DES
Key Transformation
Expansion Permutation
S-Box Substitution
P-Box Permutation
XOR and Swap
Information and Cyber Security: Unit - I
61
Step 1: Key Transformation and Compression Permutation
❖ After the parity-bit drop, the key is divided into two 28-bit parts ❖ Each part is circularly shifted left by one or two bit ❖ The two parts are then combined to form a 56-bit part
❖ Choose 48 of the 56 bits
Round | 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 |
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Bits shifts | 1 | 1 | 2 | 2 | 2 | 2 | 2 | 2 | 1 | 2 | 2 | 2 | 2 | 2 | 2 | 1 |
Compression Permutation
14 | 17 | 11 | 24 | 1 | 5 | 3 | 28 | 15 | 6 | 21 | 10 |
|---|---|---|---|---|---|---|---|---|---|---|---|
23 | 19 | 12 | 4 | 26 | 8 | 16 | 7 | 27 | 20 | 13 | 2 |
41 | 52 | 31 | 37 | 47 | 55 | 30 | 40 | 51 | 45 | 33 | 48 |
44 | 49 | 39 | 56 | 34 | 53 | 46 | 42 | 50 | 36 | 29 | 32 |
Information and Cyber Security: Unit - I 62
Step 2: Expansion Permutation
❖ 32-bit RPT is divided into 8 blocks (each block 4-bits)
❖ Each 4-bit block is expanded to 6-bit block. Two bits -- repeated first and forth bits
Original Right Plain Text (RPT) of 32 bits
∙∙∙
Block 1 (4 bits) Block 2 (4 bits) Block 8 (4 bits)
Information and Cyber Security: Unit - I 63
Input Block 1 (4 bits) Input Block 2 (4 bits) Input Block 3 (4 bits)
1 2 3 4 5 6 7 8 29 30 31 32
1 2 3 4 5 6 7 8 9 10 11 12 43 44 45 46 47 48
Output Block 1 (6 bits) Output Block 2 (6 bits) Output Block 3 (6 bits)
RPT Expansion Permutation Table
32 | 1 | 2 | 3 | 4 | 5 | 4 | 5 | 6 | 7 | 8 | 9 |
|---|---|---|---|---|---|---|---|---|---|---|---|
8 | 9 | 10 | 11 | 12 | 13 | 12 | 13 | 14 | 15 | 16 | 17 |
16 | 17 | 18 | 19 | 20 | 21 | 20 | 21 | 22 | 23 | 24 | 25 |
24 | 25 | 26 | 27 | 28 | 29 | 28 | 29 | 30 | 31 | 32 | 1 |
Information and Cyber Security: Unit - I 64
Step 3: S-box substitution
• Output: 32 bit
Key Transformation
(Compress key from 56 bits to 48 bits)
Expansion Permutation
(Expand RPT from 32 bits to 48 bits)
48-bit Key XOR 48-bit RPT
S-box Substitution
Information and Cyber Security: Unit - I
65
• Eight S-boxes that accept 6 bit inputs and produce 4 bit outputs
48-bit input block
6-bit sub-block 6-bit sub-block 6-bit sub-block
∙∙∙
S-box 1 S-box 2 S-box 8
4-bit output 4-bit output 4-bit output
32-bit output block
Information and Cyber Security: Unit - I
66
b1 b2 b3 b4 b5 b6
4-bit column number
2-bit row number
Information and Cyber Security: Unit - I
67
Information and Cyber Security: Unit - I 68
Step 4: P-box permutation
❖ The output of S-box consists of 32 bits
❖ It is straight permutation. No bits are used twice and no bits are ignored ❖ Replacement of each bit with another bit
16 | 7 | 20 | 21 | 29 | 12 | 28 | 17 | 1 | 15 | 23 | 26 | 5 | 18 | 31 | 10 |
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
2 | 8 | 24 | 14 | 32 | 27 | 3 | 9 | 19 | 13 | 30 | 6 | 22 | 11 | 4 | 25 |
Information and Cyber Security: Unit - I
69
Step 5: XOR and Swap Original 64-bit Plain Text Block
32-bit Left Plain Text (LPT) Block 32-bit Right Plain Text (RPT) Block
Key Transformation
(not involved directly)
Expansion Permutation
S-box Substitution
P-box Permutation
XOR
32-bit Left Plain Text (LPT) Block 32-bit Right Plain Text (RPT) Block
Next round
Information and Cyber Security: Unit - I 70
❖ Final permutation
Information and Cyber Security: Unit - I
71
DES Decryption
• Same algorithm and key are used for encryption and decryption
• Key reversal is used i.e. K16, K15, …… K1
Analysis of DES
• Use of S-boxes: The table used for substitution in DES are kept secret by IBM. It takes 17 years come up with internal design of the S-boxes.
• Key Length: There are 256 possible keys i.e. 7.2 x 1016 keys. Thus, it seems that a brute-force attack on DES is impractical. A single computer performing one DES encryption per microsecond would require more than 1000 years to break DES.
Information and Cyber Security: Unit - I
72
Original
Variations of DES: Double DES Cipher
Cipher
• Meet-in-the middle attack
Plain Text Encrypt K1
Text Encrypt K2
Text
Cipher Text
Decrypt K2
Cipher Text
Decrypt K1
Original Plain Text
EK1(P) EK2(EK1 T = EK1(P) (P)) C = EK2(EK1(P))
P Encrypt K1
Temporary
result (T) Encrypt K2
C
Information and Cyber Security: Unit - I 73
⚫ Secure but more time for encryption
Original
Plain Text Encrypt
Triple DES
Cipher
Text 1
Cipher
Final
Cipher Text
K1
Original
Encrypt
K2
Cipher
Text 2 Encrypt
K3
Final Cipher
Plain Text Encrypt
Text 1
Cipher
Text
K1
Decrypt K2
Text 2 Encrypt K1
Information and Cyber Security: Unit - I 74
DES Weaknesses
Weaknesses in Cipher Design
S-boxes: At least three weaknesses are mentioned in the literature for S-boxes.
1. In S-box 4, the last three output bits can be derived in the same way as the first output bit by complementing some of the input bits.
2. Two specifically chosen inputs to an S-box array can create the same output.
3. It is possible to obtain the same output in a single round by changing bits in only three neighboring S boxes.
P-boxes: One mystery and one weakness were found in the design of p-boxes:
1. It is not clear why the designers of DES used the initial and final permutations; these have no security benefits.
2. In the expansion permutation (inside the function), the first and fourth bits of every 4-bit series are repeated
Information and Cyber Security: Unit - I
75
Information and Cyber Security: Unit - I 76
Why A New Cipher?
❖ DES has the 56-bit key size and being too small.
❖ In January 1999, distributed.net and the Electronic Frontier Foundation collaborated to publicly break a DES key in 22 hours and 15 minutes
❖ DES had outlived its usefulness:
• Vulnerabilities were becoming known
• 56-bit key was too small
• Too slow in software implementations
❖ NIST wanted increased trust in cipher:
• Previous processes very closed
• DES suspected of having 'back doors'
Information and Cyber Security: Unit - I
77
Advanced Encryption Standard (AES) ❖ Background
On January 2, 1997, NIST announced the initiation of the AES development.
The point stipulated that:
The algorithm must be a symmetric block cipher
Key lengths of 128, 192, and 256 bits must be supported
Block length: 128, 192, and 256 bits
Both software and hardware implementations must be possible
Possible implementation on smart-cards
Royalty-free
Information and Cyber Security: Unit - I
78
The finalists and their scores were as follows: 15 Ciphers submitted
Rijndael (from Joan Deamen and Vincent Rijmen, 86 votes).
Serpent (from Ross Anderson, Eli Biham, and Lars Knudsen, 56 votes).
Twofish (from a team headed by Bruce Schneier, 31 votes).
RC6 (from RSA Laboratories, 23 votes).
MARS (from IBM, 13 votes)
In November 2001, Rijndael became a U. S. Government standard published as Federal Information Processing Standard FIPS 197.
It is not a Feistel cipher.
- It works in parallel over the whole input block.
- Mode of operation: ECB
Information and Cyber Security: Unit - I 79
❖ The most powerful supercomputer in the world in 2017 was the Sunway TaihuLight in China. This beast is capable of a peak speed of 93.02 petaflops. This means that the most powerful computer in the world would still take some 885 quadrillion years to brute force a 128-bit AES key.
❖ The number of operations required to brute force a 256-bit cipher is 3.31 x 10^56. This is roughly equal to the number of atoms in the universe!
Information and Cyber Security: Unit - I 80
Rijndael’s Encryption Algorithm • The basic unit for processing in the AES algorithm is a byte.
• The AES algorithm’s operations are performed on a two-dimensional array of bytes called the State. It is referred as sr,c
• Block = 128 bits = 16 byte = b0 b1 b2……………b15
• Key = 128 bits = 16 byte = k0 k1 k2……………k15
• The four bytes in each column of the State array stand as one word
w0 = s0,0 s1,0 s2,0 s3,0 w2 = s0,2 s1,2 s2,2 s3,2
w1 = s0,1 s1,1 s2,1 s3,1 w3 = s0,3 s1,3 s2,3 s3,3
Information and Cyber Security: Unit - I
w0 w1 w2 w381
• Implemented as a 4 x 4 matrix, where each element in the matrix is one byte. • Algorithm consists of an initial round, Nr - 1 standard rounds where Nr is 10, 12, 14 depending on the block and key array sizes, and a final round.
• Possible Round Operations
❖ ByteSub – Substitution of Bytes
❖ Shift Row – Shifts Rows
❖ MixColumn – Multiplies Columns
❖ AddRoundKey – XORs by Key
Information and Cyber Security: Unit - I
82
Encryption Algorithm
Information and Cyber Security: Unit - I 83
Information and Cyber Security: Unit - I 84
❖ SubBytes transformation • 16 x 16 matrix whose entries are all distinct bytes.
• For example, if s1,1 = {53}, the result is {ed}.
Information and Cyber Security: Unit - I
85
CCA and LCA Marks Distribution