Cryptography

Terminologies
• Plain Text
• Cipher Text
• Cryptology
• Cryptography
• Cryptanalysis
• Encryption
• Decryption
Cryptography is the
science of secret writing
with the intention of
keeping the data secret.
Cryptanalysis is the
science or sometimes the
art of breaking
cryptosystems.
Both terms are a subset of
Cryptology.
 Basic Terms-Cryptography
• Plain Text − The original message that the person wants to connect with
the other is represented as Plain Text. In cryptography the actual
message that has to be send to the other end is provided as a specific
name as Plain Text.

• Cipher Text − The message that cannot be learned by anyone or

meaningless message is what it can call as Cipher Text. In Cryptography
the original message is changed into non-readable message before the
communication of actual message.

• Encryption − A process of transforming Plain Text into Cipher Text is

known as Encryption. Cryptography need the encryption approach to
send confidential messages through an insecure channel.
• Decryption − A reverse process of encryption is known as Decryption.
It is a procedure of transforming Cipher Text into Plain Text.
Cryptography needs the decryption approach at the receiver side to
acquire the original message from non-readable message (Cipher
Text)
• Cryptography is technique of securing information and
communications through use of codes so that only those person for
whom the information is intended can understand it and process it.
Thus preventing unauthorized access to information.
 Substitution Technique
• The substitution technique involves replacing letters with other letters
and symbols. In simple terms, the plaintext characters are substituted,
and additional substitute letters, numerals, and symbols are
implemented in their place.
• The Caesar cipher employs the substitution technique. In this
technique, the alphabet is substituted with the alphabet three
positions forward of the line.
• The substitution cipher technique was invented by Julius Caesar and
named after him as the Caesar Cipher.
Modified Caesar Cipher
• In Modified Caesar Cipher the original plain text alphabets may not
necessarily be three places down the line, but instead can be any
places down the line.
• Mathematical representation:
• The encryption can be represented using modular arithmetic by first
transforming the letters into numbers, according to the scheme, A = 0,
B = 1,…, Z = 25. Encryption of a letter by a shift n can be described
mathematically as
 Transposition Techniques
• Transposition technique is an encryption method which is achieved by
performing permutation over the plain text.
• Rail Fence Cipher:
• The rail fence cipher is the simplest transposition cipher. The steps to
obtain cipher text using this technique are as follow:

• Step 1: The plain text is written as a sequence of diagonals.

• Step 2: Then, to obtain the cipher text the text is read as a sequence of
rows.
 Columnar Transposition Technique

• The steps to obtain cipher text using this technique are as follow:
• Step 1: The plain text is written in the rectangular matrix of the
initially defined size in a row by row pattern.
• Step 2: To obtain the cipher text read the text written in a rectangular
matrix column by column. But you have to permute the order of
column before reading it column by column. The obtained message is
the cipher text message.
 Data Encryption Standard
• Step 1:Discarding every 8th bit of the key produces 56 bit key from
original 64 bit key:
• Before DES process starts ,every eighth bit of 64 bit key is discarded to
produce 56 bit key,i.e. bit positions,8,16,24,32,40,48,56 and 64 are
discarded
1 2 3 4 5 6 7 8
9 10 11 12 13 14 15 16
17 18 19 20 21 22 23 24
25 26 27 28 29 30 31 32
33 34 35 36 37 38 39 40
41 42 43 44 45 46 47 48
49 50 51 52 53 54 55 56
57 58 59 60 61 62 63 64
Steps in DES
• DES is based on two attributes in cryptography: substitution and
transposition.
• DES consists of 16 steps, each of which is called as round.
• Each round performs the steps of substitution and transposition.
1. In the first step, the 64 bit plaintext block is handed over to an
Initial permutation(IP) function
2. The initial permutation is performed on plaintext
3. Next, Initial permutation produces two halves of permuted blocks,
Left Plaintext(LPT) and Right Plaintext(RPT)
4. Each of LPT and RPT goes through 16 rounds of encryption process,
each with its own key
Steps in DES
5.In the end, LPT and RPT are rejoined ,and a final permutation is
performed on the combined block
6.The result of this process produces 64 bit cipher text
 Initial Permutation
• Initial permutation happens only once and it happens before the first
round
• Jugglery of bit positions of the original plain text block
 Rounds
• Step 1:Key transformation
• For each round, from a 56 bit key, a different 48 bit sub-key is
generated, is called as key transformation
• For this,56 bit key is divided into two halves, each of 28 bits.
• These halves are circularly shifted left by one or two positions
depending on the round

Round 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16

No of 1 1 2 2 2 2 2 2 1 2 2 2 2 2 2 1
key bits
shifted
• After the shift,48 of 56 bits are selected by randomly discarding 8 bits
• Because of this technique ,a different key is used in each DES round.
That makes DES not so easy to crack
Step 2:Expansion Permutation
• After initial permutation, resulting 64 bit permuted text block is
divided into two halves, Left Plain Text(LPT) and Right Plain Text(RPT)
• During expansion permutation.RPT is expanded from 32 bits to 48
bits.
• The 32 bit RPT is divided into 8 blocks with each block consisting of 4
bits
• Next,4 bit block of the above step is then expanded to corresponding
6 bit block. Per 4 bit block,2 bits are added.
• Two bits are the repeated first and fourth bits of 4 bit block
• Now the 48 bit key is XORed with the 48 bit RPT and the resulting
output is given to next step that is S-box substitution
Step 3 S-box Substitution
S-Box substitution is a process that accepts the 48 bit input from the XOR
operation involving the compressed key and expanded RPT and produces a 32 bit
output using substitution technique
Selecting an entry in S box based on the
6 bit input
• Assume the 6 bits of S box is indicated by b1,b2,b3,b4,b5 and b6
• Bits b1 and b6 are combined to form a two bit number(00 to 11),this
specifies row number
• The remaining four bits b2,b3,b4,b5 make up a 4 bit number, this
specifies column number(0000 to 1111)
• Thus the 6 bit input automatically selects the row number and column
number for selection of output
Example:In S-box 2,7 to 12 bits are
101101
Step 5:P-Box permutation
• The outputs of all S-boxes are then combined to form a 32 bit block
which is given to next stage of round P-Box permutation
• These 32 bits are permuted using P –Box
• This mechanism involves simple permutation i.e. replacement of
each bit with another bit as specified in table below:
• E.g.a 16 in first block indicates that bit at position 16 of original input
moves to position 1 in output
Step 6:XOR and Swap
• LPT of initial 64 bit plaintext is XORed with the output produced by P –Box
permutation
• The result is a new RPT.old RPT becomes new LPT in process of swapping
Step 7:Final Permutation
• At the end of 16 rounds, final permutation is performed which is
simple transposition
• The output of final permutation is the 64 bit encrypted block
 Asymmetric Key Cryptography
• Asymmetric encryption, also known as public-key cryptography, is a
type of encryption that uses a pair of keys to encrypt and decrypt
data.
• The pair of keys includes a public key, which can be shared with
anyone, and a private key, which is kept secret by the owner.
• In asymmetric encryption, the sender uses the recipient’s public key
to encrypt the data. The recipient then uses their private key to
decrypt the data.
• This approach allows for secure communication between two parties
without the need for both parties to have the same secret key.
• Asymmetric encryption is commonly used in various applications,
including secure online communication, digital signatures, and secure
data transfer.
• Examples of asymmetric encryption algorithms include RSA, Diffie-
Hellman, and Elliptic Curve Cryptography (ECC).
 Digital Signature

• A digital signature is an authentication mechanism that enables the

creator of a message to attach a code that acts as a signature.
• Typically the signature is formed by taking the hash of the message
and encrypting the message with the creator’s private key.
• The signature guarantees the source and integrity of the message
• Once a message or file is digitally signed, the recipient can be sure
that:
• The message has been sent by the real sender (authentication).
• The message hasn’t been modified (integrity).
• The sender can’t deny he sent the message (non-repudiation).
How to create a digital signature??
• Let’s say you’ve just created a Microsoft Office document and you want to
send it to your boss. To make sure the document reaches your boss
without any tampering by a malicious party, you decide to digitally sign it.
How?
• Hash the file: a unique 256-bit hash value (output) is generated in the
form of a fixed-length string of 64 hexadecimal characters.(using SHA-256)
• Create your digital signature by encrypting the generated hash value:
The hash value is encrypted using your private key. Your PKI digital
signature is created, ensuring the integrity of your file.
• Send the signed document. Now that you’ve signed your file, you can
send it to your boss with a copy of your public key.
• So, what happens when your boss receives the file?
• The received hash value is decrypted. Once your boss downloads the
file, their system uses the public key to decrypt the hashed value.
• The system generates a new hash value of the downloaded file and
compares it with the original hash value.
• If they match, the file is legitimate and hasn’t been modified since it
was signed. If they don’t, your boss will get an error message warning
him that the file has been compromised.
 Ways Digital Signatures Protect You in the
Digital World
1. Email Authentication:
• Business email compromise (BEC)? It’s a type of scam targeting big and small
organizations. Attackers impersonate a CEO or a company executive to trick
employees to share sensitive information or transfer huge amounts of
money to their accounts. Happens Often through emails.
• If you want to protect your organization from it, then add a digital signature
to your emails and attachments. Your recipients will always be sure that what
they receive from you is really coming from you and hasn’t been modified.
• You just have to add an email signing certificate to your email client .Once
done, enable the digital signing feature.
• From now onwards, every time you send a digitally signed email, a
verification logo will appear on the email, confirming that the email has been
signed and sent by you.
 Ways Digital Signatures Protect You in the
Digital World
1. Email Authentication
 Ways Digital Signatures Protect You in the
Digital World
2. Secure Browsing:
When you open an HTTPS-enabled website, the web server sends a
secure socket layer/transport layer security (SSL/TLS) certificate to your
browser. The certificate includes information about the website’s
domain and the digital signature of the CA that issued the certificate.
Once again, your browser verifies the digital signature during
the SSL/TLS handshake process to create a secure and encrypted
connection.
 Ways Digital Signatures Protect You in the
Digital World
2. Secure Browsing
 Ways Digital Signatures Protect You in the
Digital World

3. Codes and Software Authenticity:

1. Sign your software or code with an organization validation (OV) code
signing certificate.
This will allow you to display your organization’s information on the
Windows Defender SmartScreen and User Access Control installation
warning pop-ups
2. Take it to the next level and use an extended validation (EV) code
signing certificate. Digitally signing your software ensures it’s
automatically trusted by Windows browsers and operating systems. In
this case, no warning will show for EV certificate signed software.
 Ways Digital Signatures Protect You in the
Digital World
3. Codes and Software Authenticity:
 Steganography
• A steganography technique involves hiding sensitive information within an
ordinary, non-secret file or message, so that it will not be detected.
• The sensitive information will then be extracted from the ordinary file or
message at its destination, thus avoiding detection.
• Steganography is an additional step that can be used in conjunction with
encryption in order to conceal or protect data.
• It comes from the Greek words steganos, which means “covered” or
“hidden,” and graph, which means “to write.” Hence, “hidden writing.”
 Different Types of Steganography

1. Text Steganography − There is steganography in text files, which

entails secretly storing information. In this method, the hidden data is
encoded into the letter of each word.
2. Image Steganography − The second type of steganography is image
steganography, which entails concealing data by using an image of a
different object as a cover. Pixel intensities are the key to data
concealment in image steganography.
 Steganography Examples
• Writing with invisible ink
• Embedding text in a picture (like an artist hiding their initials in a
painting they’ve done)
• Backward masking a message in an audio file (remember those stories
of evil messages recorded backward on rock and roll records?)
• Concealing information in either metadata or within a file header
• Hiding an image in a video, viewable only if the video is played at a
particular frame rate
• Embedding a secret message in either the green, blue, or red
channels of an RRB image
 Uses
• Steganography can be used both for constructive and destructive
purposes. For example, education and business institutions,
intelligence agencies, the military, and certified ethical hackers use
steganography to embed confidential messages and information in
plain sight.
• On the other hand, criminal hackers use steganography to corrupt
data files or hide malware in otherwise innocent documents.
• The image on the left is just a picture of some trees.
• The image on the right is also just a picture of some trees.
• Yet one of them is hiding a secret. Trapped in the image is a tar.gz file
of the source code to this repository.
 Historical Ways to Steganography
• Character marking
• Invisible ink
• Pin punctures
• Typewriter color ribbon
 LSB Steganography
• LSB-Least Significant Bit
• 10101001
• RGB Model
• Red: RGB(255,0,0)-RGB(11111111,00000000,00000000)
• Green: RGB(0,255,0)-RGB(00000000,11111111,00000000)
• Blue: RGB(0,0,255)-RGB(00000000,00000000,11111111)
 LSB Steganography
• LSB Steganography is an image steganography technique in which
messages are hidden inside an image by replacing each pixel’s least
significant bit with the bits of the message to be hidden.
Watch a video-Hide any file in an
image
 RSA Algorithm
• Choose two different large random prime numbers
• Calculate n=p*q
• Calculate (p-1)*(q-1)
• Choose e such that 1<e<(p-1)*(q-1)
• e is coprime to (p-1)*(q-1)..[gcd(e,(p-1)*(q-1))=1]
• e-public key d –private key