A Laboratory Manual for

Information Security(3170720)

B.E. Semester 7
(Computer Engineering)

Directorate of Technical Education,

Gandhinagar, Gujarat
 3170720 INFORMATION SECURITY

Government Engineering College, Bhavnagar

Certificate
This is to certify thatMr./Ms. ___________________________________
________ Enrollment No. _______________ of B.E. Semester
_____Computer Engineering of this Institute (GTU Code: _____ ) has
satisfactorily completed the Practical / Tutorial work for the subject
Information Security (3170720) for the academic year 2023-24.

Place: __________
Date: __________

Name and Sign of Faculty member

Head of the Department

 3170720 INFORMATION SECURITY

Preface

Main motto of any laboratory/practical/field work is for enhancing required skills as well as
creating ability amongst students to solve real time problem by developing relevant
competencies in psychomotor domain. By keeping in view, GTU has designed competency
focused outcome-based curriculum for engineering degree programs where sufficient weightage
is given to practical work. It shows importance of enhancement of skills amongst the students
and it pays attention to utilize every second of time allotted for practical amongst students,
instructors and faculty members to achieve relevant outcomes by performing the experiments
rather than having merely study type experiments. It is must for effective implementation of
competency focused outcome-based curriculum that every practical is keenly designed to serve
as a tool to develop and enhance relevant competency required by the various industry among
every student. These psychomotor skills are very difficult to develop through traditional chalk
and board content delivery method in the classroom. Accordingly, this lab manual is designed to
focus on the industry defined relevant outcomes, rather than old practice of conducting practical
to prove concept and theory.

By using this lab manual students can go through the relevant theory and procedure in advance
before the actual performance which creates an interest and students can have basic idea prior to
performance. This in turn enhances pre-determined outcomes amongst students. Each
experiment in this manual begins with competency, industry relevant skills, course outcomes as
well as practical outcomes (objectives). The students will also achieve safety and necessary
precautions to be taken while performing practical.

This manual also provides guidelines to faculty members to facilitate student centric lab
activities through each experiment by arranging and managing necessary resources in order that
the students follow the procedures with required safety and necessary precautions to achieve the
outcomes. It also gives an idea that how students will be assessed by providing rubrics.

Information security is the subject that helps students to understand various aspects of data
security. It provides a way to know various kinds of breaches that happen with data and how to
eliminate them using various techniques. The student is also able to learn various methodologies
which used by current used by developers to achieve the security of information.

.
 3170720 INFORMATION SECURITY

Practical – Course Outcome matrix

Course Outcomes (COs):

1. Explore the basic principles of the symmetric cryptography and techniques with
their strengths and weaknesses from perspective of cryptanalysis
2. Implement and analyze various symmetric key cryptography algorithms and their
application in different context
3. Compare public key cryptography with private key cryptography and Implement
various asymmetric key cryptography algorithms
4. Explore the concept of hashing and implement various hashing algorithms for
message integrity
5. Explore and use the techniques and standards of digital signature, key management
and authentication
Sr. CO CO CO CO CO
Objective(s) of Experiment
No. 1 2 3 4 5
1. Implement Caesar cipher encryption-decryption. √

2. Implement Playfair cipher encryption-decryption. √

3. Implement Hill cipher encryption-decryption √

4. Implement Vigenere Cipher encryption-decryption √

Implement Rail Fence Transposition cipher

5. √
technique.

6. To implement Simple DES encryption-decryption. √

7. To implement Simple AES encryption-decryption. √

8. Implement RSA encryption-decryption algorithm. √

9. Implement Diffi-Hellman Key exchange Method √

10. Write a program to generate MD-5 hash. √

11. Write a program to generate SHA-1 hash √

12. Implement a digital signature algorithm. √

13. Demonstrate how to work with JCrypTool

 3170720 INFORMATION SECURITY

14. Demonstrate how to work with Wireshark

Industry Relevant Skills

The following industry relevant competency are expected to be developed in the student by
undertaking the practical work of this laboratory.
1. Able to think about information security scenario and make solution
2. Able to develop and algorithms which helps to secure data

Guidelines for Faculty members

1. Teacher should provide the guideline with demonstration of practical to the students
with all features.
2. Teacher shall explain basic concepts/theory related to the experiment to the students before
starting of each practical
3. Involve all the students in performance of each experiment.
4. Teacher is expected to share the skills and competencies to be developed in the students
and ensure that the respective skills and competencies are developed in the students
after the completion of the experimentation.
5. Teachers should give opportunity to students for hands-on experience after the
demonstration.
6. Teacher may provide additional knowledge and skills to the students even though not
covered in the manual but are expected from the students by concerned industry.
7. Give practical assignment and assess the performance of students based on task
assigned to check whether it is as per the instructions or not.
8. Teacher is expected to refer complete curriculum of the course and follow the
guidelines for implementation.

Instructions for Students

1. Students are expected to carefully listen to all the theory classes delivered by the faculty
members and understand the COs, content of the course, teaching and examination
scheme, skill set to be developed etc.
2. Students shall organize the work in the group and make record of all observations.
3. Students shall develop maintenance skill as expected by industries.
4. Student shall attempt to develop related hand-on skills and build confidence.
5. Student shall develop the habits of evolving more ideas, innovations, skills etc. apart
from those included in scope of manual.
6. Student shall refer technical magazines and data books.
7. Student should develop a habit of submitting the experimentation work as per the
schedule and s/he should be well prepared for the same.
 3170720 INFORMATION SECURITY

Index
(Progressive Assessment Sheet)
Sr. Objective(s) of Experiment Page Date of Date of Assessme Sign. of Remar
No. No. perform submiss nt Teacher ks
ance ion Marks with date
Implement Caesar cipher encryption-
1
decryption.
Implement Playfair cipher encryption-
2
decryption.
Implement Hill cipher encryption-
3
decryption
Implement Vigenere Cipher encryption-
4
decryption
Implement Rail Fence Transposition cipher
5
technique.
To implement Simple DES encryption-
6
decryption.
To implement Simple AES encryption-
7
decryption.
Implement RSA encryption-decryption
8
algorithm.
Implement Diffi-Hellman Key exchange
9
Method

10 Write a program to generate MD-5 hash.

11 Write a program to generate SHA-1 hash

12 Implement a digital signature algorithm.

13 Demonstrate how to work with JCrypTool

14 Demonstrate how to work with Wireshark

Total
 3170720 INFORMATION SECURITY

OBJECTIVES:
The student should be made to:

➢ Learn to implement the algorithms DES, RSA,MD5,SHA-1 Etc.

➢ Learn to use network security tools like crypto, Wireshark

OUTCOMES:
At the end of the course, the student should be able to:

➢ Implement various cipher techniques

➢ Develop various security algorithms
➢ Use different open source tools for network security and analysis

LIST OF HARDWARE REQUIREMENTS & SOFTWARE REQUIREMENTS

SOFTWARE REQUIREMENTS

➢ C/ C++, JDK Etc. (As per requirement)

HARDWARE REQUIREMENTS

➢ Standalone desktops
3170720 INFORMATION SECURITY 210210107017

Experiment No: 1
Implementation of caesar cipher
Date:
Relevant CO: Explore the basic principles of the symmetric cryptography and techniques with their
strengths and weaknesses from perspective of cryptanalysis

Objectives: (a) to understand working fundamental of Caeser Cipher

(b) to carry out Implementation of Caesar cipher encryption-decryption.

Equipment/Instruments: Computer System, Turbo-c/ JDK

Theory:
To encrypt a message with a Caesar cipher, each letter in the message is changed
using a simple rule: shift by three. Each letter is replaced by the letter three letters ahead in
the alphabet. A becomes D, B becomes E, and so on. For the last letters, we can think of the
alphabet as a circle and "wrap around". W becomes Z, X becomes A, Y bec omes B, and Z
becomes C. To change a message back, each letter is replaced by the one three before it.

Example:

Algorithm:

STEP-1: Read the plain text from the user.

STEP-2: Read the key value from the user.
STEP-3: If the key is positive then encrypt the text by adding the key with each
character in the plain text.
STEP-4: Else subtract the key from the plain text.
STEP-5: Display the cipher text obtained above.
3170720 INFORMATION SECURITY 210210107017

Program:

from cryptography.hazmat.backends import default_backend

from cryptography.hazmat.primitives.ciphers import Cipher, algorithms, modes
import os

# Function to encrypt data

def encrypt_aes(key, plaintext):
iv = os.urandom(16) # Generate a random initialization vector
cipher = Cipher(algorithms.AES(key), modes.CFB(iv), backend=default_backend())
encryptor = cipher.encryptor()
ciphertext = encryptor.update(plaintext) + encryptor.finalize()
return iv + ciphertext # Return IV + ciphertext for decryption

# Function to decrypt data

def decrypt_aes(key, ciphertext):
iv = ciphertext[:16] # Extract the IV from the ciphertext
actual_ciphertext = ciphertext[16:]
cipher = Cipher(algorithms.AES(key), modes.CFB(iv), backend=default_backend())
decryptor = cipher.decryptor()
plaintext = decryptor.update(actual_ciphertext) + decryptor.finalize()
return plaintext

# Example usage
key = os.urandom(32) # AES-256 key
plaintext = b'This is a secret message.'
ciphertext = encrypt_aes(key, plaintext)
print("Ciphertext:", ciphertext)

decrypted_text = decrypt_aes(key, ciphertext)

print("Decrypted text:", decrypted_text)

Output:
Ciphertext: b'\xa8\x94\x18\xf1\xe2\xc8N\xe54\xc4\x89\x8dD\x053\xbc\xe2\xfe8\x13\xfd\x13#\xf2\xf8\r\xf8nN\
xff\xd9\xcbo\x8c\xc3|\xb5\xc2\x85\xfe!'
Decrypted text: b'This is a secret message.'

Conclusion:
- Symmetric cryptography is vital for data security, employing a single shared key for both
encryption and decryption, which emphasizes the significance of key management and
processing efficiency. Its strengths include speed and resource efficiency, ease of
implementation, and strong security when using robust algorithms like AES. However, it
faces challenges such as the key distribution problem, making secure key sharing
difficult, and scalability issues that arise as the number of users increases, complicating
key management. Ultimately, the effectiveness of symmetric cryptography hinges on the
strength of the algorithms used and the security of key management practices.
3170720 INFORMATION SECURITY 210210107017

Quiz:

1. Is Ceaser Cipher Symmetric or Asymmetrci algorithm ?

- The Caesar Cipher is a symmetric encryption algorithm because it uses the same key (shift
value) for both encryption and decryption.

2. Encrypt the word alphabet using a Caesar cipher with a shift of 3

- To encrypt the word "alphabet" using a Caesar cipher with a shift of 3, we shift each letter
three positions down the alphabet.
Encryption Steps:
 Plaintext: alphabet
 Shift: 3
Letter Transformations:
 a→d
 l→o
 p→s
 h→k
 a→d
 b→e
 e→h
 t→w
Result:
 Ciphertext: doskdehw
- So, the encrypted word "alphabet" with a shift of 3 is doskdehw.

Suggested Reference:
1. https://www.geeksforgeeks.org/caesar-cipher-in-cryptography/

References used by the students:

1. https://www.geeksforgeeks.org/caesar-cipher-in-cryptography/

Rubric wise marks obtained:

Rubrics 1 2 3 4 5 Total
Marks