Unit 1

#Cryptography

Cryptography is the art and science of making a cryptosystem that is capable of providing information
security.
Cryptography deals with the actual securing of digital data. It refers to the design of mechanisms based
on mathematical algorithms that provide fundamental information security services. You can think of
cryptography as the establishment of a large toolkit containing different techniques in security
applications.
#Modern Cryptography
Modern cryptography is the cornerstone of computer and communications security. Its foundation is
based on various concepts of mathematics such as number theory, computational-complexity theory,
and probability theory

Classic Cryptography Modern Cryptography

It manipulates traditional characters, It operates on binary bit sequences.

i.e., letters and digits directly.

It is mainly based on ‘security through It relies on publicly known mathematical algorithms for coding the
obscurity’. The techniques employed information. Secrecy is obtained through a secrete key which is used as the
for coding were kept secret and only seed for the algorithms. The computational difficulty of algorithms, absence
the parties involved in communication of secret key, etc., make it impossible for an attacker to obtain the original
knew about them. information even if he knows the algorithm used for coding.

It requires the entire cryptosystem for Modern cryptography requires parties interested in secure communication
communicating confidentially. to possess the secret key only.

# Setting of private-key encryption

Private-key encryption, also known as symmetric-key encryption, involves the use of a single secret key
for both encryption and decryption of data. The setting of private-key encryption typically involves the
following components:

1.Encryption Algorithm: An encryption algorithm is a mathematical function or set of rules that takes the
secret key and the plain text as inputs and produces the cipher text as output.

2. Secret Key: The secret key is a piece of secret information that is known only to the sender and the
intended recipient. It is a crucial component of private-key encryption.

3. Plain Text: The plain text refers to the original message or data that the sender wants to protect or
transmit securely. It can be any form of digital information
4. Cipher Text: The cipher text is the output of the encryption algorithm, which is the encrypted form of
the original plain text. The cipher text is transmitted over an insecure channel, such as the internet or a
network.

5. Decryption Algorithm: The decryption algorithm is the mathematical inverse of the encryption
algorithm. It takes the secret key and the cipher text as inputs and produces the original plain text as
output.

In a private-key encryption setting, both the sender and the recipient must possess the same secret key
to encrypt and decrypt messages securely. The key should be kept confidential and shared through a
secure channel to prevent unauthorized access. This requirement for key distribution and management
is a crucial aspect of private-key encryption.

# Historical ciphers and their cryptanalysis

1.Historical ciphers refer to encryption methods that were used in the past before modern
cryptographic techniques were developed. Here are a few examples of historical ciphers and their
methods of cryptanalysis:

2.Caesar Cipher: The Caesar cipher is one of the simplest and oldest substitution ciphers. It involves
shifting each letter of the alphabet by a fixed number of positions. For example, with a shift of 3, "A"
would be encrypted as "D," "B" as "E," and so on.

3.Vigenère Cipher: The Vigenère cipher is a polyalphabetic substitution cipher that uses a keyword to
determine the shift applied to each letter. The keyword is repeated until it matches the length of the
plaintext.

4.Playfair Cipher: The Playfair cipher uses a 5x5 matrix containing a keyword to encrypt pairs of letters in
the plaintext. It employs rules for letter substitution based on their positions in the matrix. Cryptanalysis
of the Playfair cipher typically involves trying to determine the keyword and then using frequency
analysis and letter patterns to break the cipher.

5.Enigma Machine: The Enigma machine was a complex electro-mechanical device used by Germany
during World War II. It employed a series of rotors and plugboard connections to encrypt messages.
Cryptanalysis of the Enigma machine was a significant effort led by cryptanalysts such as Alan Turing and
his team

6.Rail Fence Cipher: The Rail Fence cipher is a transposition cipher that rearranges the letters of the
plaintext by writing them diagonally in a zigzag pattern across a set number of "rails" or lines.

7.Homophonic Substitution Cipher: The Homophonic substitution cipher assigns multiple cipher symbols
to each plaintext symbol to increase the complexity. It aims to provide more ambiguity by allowing
multiple substitutions for each letter.

#Basic principles of modern cryptography

Cryptographic principles are the fundamental concepts and techniques that are used in the field of
cryptography to secure communication and protect data. These principles include confidentiality,
integrity, authentication, non-repudiation, and key management.

 Confidentiality − Confidentiality refers to the ability to keep information private and secure.
Cryptographic techniques, such as encryption, can be used to protect the confidentiality of
information by making it unreadable to anyone who does not have the proper decryption key.

 Integrity − Integrity refers to the ability to ensure that information has not been altered or
tampered with. Cryptographic techniques, such as hash functions, can be used to ensure the
integrity of information by providing a way to detect any changes to the data.

 Authentication − Authentication refers to the process of verifying the identity of a user or

device. Cryptographic techniques, such as digital signatures, can be used to authenticate the
identity of a user or device in a secure manner.

 Non-repudiation − Non-repudiation refers to the ability to prevent someone from denying that
they performed a particular action. Cryptographic techniques, such as digital signatures, can be
used to provide non-repudiation by allowing the sender of a message to prove that they sent
the message and the receiver to prove that they received the message.

 Key management − Key management refers to the process of generating, distributing, and
managing cryptographic keys. Proper key management is essential for the security of a
cryptographic system, as the security of the system depends on the secrecy of the key.

Overall, these principles are fundamental to the field of cryptography and are important for ensuring the
security and integrity of information.

#Services, Mechanisms and Attacks

In the context of computer security, there are various services, mechanisms, and attacks that are
important to understand. Here's an overview of each:

Services:

1. Confidentiality: This service ensures that information is kept private and protected from unauthorized
access or disclosure. Encryption is a commonly used mechanism to achieve confidentiality.

2. Integrity: Integrity ensures that data remains unaltered and protected against unauthorized
modifications. Techniques such as cryptographic hash functions and digital signatures are used to verify
the integrity of data.

3. Availability: Availability ensures that systems and resources are accessible and operational when
needed. It involves protecting against denial-of-service (DoS) attacks and implementing redundancy and
failover mechanisms to ensure continuous operation.
4. Authentication: Authentication verifies the identity of users, devices, or entities. It ensures that the
parties involved are who they claim to be. Techniques like passwords, biometrics, and digital certificates
are used for authentication.

5. Non-repudiation: Non-repudiation prevents individuals from denying their involvement or actions in a

transaction. It ensures that actions or messages can be proven to have been performed or sent by a
specific entity. Digital signatures and audit logs are commonly used for non-repudiation.

Mechanisms:

1. Access Control: Access control mechanisms restrict and control user access to resources based on
predefined policies. Access control lists (ACLs), role-based access control (RBAC), and attribute-based
access control (ABAC) are commonly used mechanisms.

2. Firewalls: Firewalls are network security devices that monitor and control incoming and outgoing
network traffic based on predetermined security rules. They act as a barrier between trusted and
untrusted networks.

3. Intrusion Detection and Prevention Systems (IDPS): IDPS are security systems that monitor network or
system activities for suspicious behavior or signs of intrusion. They can detect and respond to security
incidents in real-time.

4. Secure Socket Layer/Transport Layer Security (SSL/TLS): SSL/TLS are cryptographic protocols that
provide secure communication over networks, typically used in web browsers to establish encrypted
connections between clients and servers.

5. Public Key Infrastructure (PKI): PKI is a system of digital certificates, Certificate Authorities (CAs), and
other cryptographic mechanisms used to verify the authenticity and integrity of digital communications.
It enables secure communication and authentication using asymmetric key cryptography.

Attacks: A useful means of classifying security attacks is in terms of passive attacks and active attacks. A
passive attack attempts to learn or make use of information from the system but does not affect system
resources. An active attack attempts to alter system resources or affect their operation.

1. Passive attacks are in the nature of eavesdropping on, or monitoring of, transmissions. The goal of
the opponent is to obtain information that is being transmitted. Two types of passive attacks are the
release of message contents and traffic analysis. The release of message contents is easily understood. A
telephone conversation, an electronic mail message, and a transferred file may contain sensitive or
confidential information. We would like to prevent an opponent from learning the contents of these
transmissions.

A second type of passive attack, traffic analysis, is subtler. Suppose that we had a way of
masking the contents of messages or other information traffic so that opponents, even if they captured
the message, could not extract the information from the message. The common technique for masking
contents is encryption. If we had encryption protection in place, an opponent might still be able to
observe the pattern of these messages. The opponent could determine the location and identity of
communicating hosts and could observe the frequency and length of messages being exchanged. This
information might be useful in guessing the nature of the communication that was taking place.

2. Active attacks involve some modification of the data stream or the creation of a false stream and can
be subdivided into four categories: masquerade, replay, modification of messages, and denial of service.

-A masquerade takes place when one entity pretends to be a different entity. A masquerade attack
usually includes one of the other forms of active attack. For example, authentication sequences can be
captured and replayed after a valid authentication sequence has taken place, thus enabling an
authorized entity with few privileges to obtain extra privileges by impersonating an entity that has those
privileges.

-Replay involves the passive capture of a data unit and its subsequent retransmission to produce an
unauthorized effect

- Modification of messages simply means that some portion of a legitimate message is altered, or that
messages are delayed or reordered, to produce an unauthorized effect.

-The denial of service prevents or inhibits the normal use or management of communications facilities.
This attack may have a specific target; for example, an entity may suppress all messages directed to a
particular destination (e.g., the security audit service). Another form of service denial is the disruption of
an entire network, either by disabling the network or by overloading it with messages so as to degrade
performance.

#OSI security architecture

The OSI (Open Systems Interconnection) Security Architecture defines a systematic approach to
providing security at each layer. It defines security services and security mechanisms that can be used at
each of the seven layers of the OSI model to provide security for data transmitted over a network.

OSI Security Architecture is categorized into three broad categories namely Security Attacks, Security
mechanisms, and Security Services. We will discuss each in detail:

1. Security Attacks: A security attack is an attempt by a person or entity to gain unauthorized access to
disrupt or compromise the security of a system, network, or device. These are defined as the actions
that put at risk an organization’s safety. They are further classified into 2 sub-categories:

 Passive Attack: Attacks in which a third-party intruder tries to access the message/ content/
data being shared by the sender and receiver by keeping a close watch on the transmission or
eave-dropping the transmission is called Passive Attacks.
  Active Attacks: Active attacks refer to types of attacks that involve the attacker actively
disrupting or altering system, network, or device activity. Active attacks are typically focused on
causing damage or disruption, rather than gathering information or intelligence.

2. Security Mechanism: The mechanism that is built to identify any breach of security or attack on the
organization, is called a security mechanism. Security Mechanisms are also responsible for protecting a
system, network, or device against unauthorized access, tampering, or other security threats. Security
mechanisms can be implemented at various levels within a system or network and can be used to
provide different types of security, such as confidentiality, integrity, or availability.

3. Security Services:

Security services refer to the different services available for maintaining the security and safety of an
organization. They help in preventing any potential risks to security. Security services are divided into 5
types:

 Authentication is the process of verifying the identity of a user or device in order to grant or
deny access to a system or device.

 Access control involves the use of policies and procedures to determine who is allowed to
access specific resources within a system.

 Data Confidentiality is responsible for the protection of information from being accessed or
disclosed to unauthorized parties.

 Data integrity is a security mechanism that involves the use of techniques to ensure that data
has not been tampered with or altered in any way during transmission or storage.

 Non- repudiation involves the use of techniques to create a verifiable record of the origin and
transmission of a message, which can be used to prevent the sender from denying that they
sent the message.