Cryptographic Algorithms CST 393 KTU Honours Semester V -Dr Binu V P

Computer and network security are essential for several reasons, driven by the increasing reliance on digital systems and the growing sophistication of cyber threats. Here are some key needs for computer and network security: Protection of Data : To safeguard sensitive information such as personal data, financial records, intellectual property, and confidential business information from unauthorized access and breaches. Prevention of Cyber Attacks : To defend against various forms of cyber attacks including malware, ransomware, phishing, and denial-of-service attacks that can disrupt operations and cause significant damage. Integrity of Information : To ensure that data remains accurate and unaltered during transmission or storage, protecting it from tampering or corruption. Confidentiality : To ensure that information is accessible only to those authorized to have access, protecting it from unauthorized disclosure. Availability of Services : To ensure that computer systems and network

A processing or communication service that is provided by a system to give a specific kind of protection to system resources; security services implement security policies and are implemented by security mechanisms.  X.800 divides these services into five categories and fourteen specific services 1.Authentication The assurance that the communicating entity is the one that it claims to be. The authentication service is concerned with assuring that a communication is authentic. In the case of a single message, such as a warning or alarm signal, the function of the authentication service is to assure the recipient that the message is from the source that it claims to be from.  In the case of an ongoing interaction, such as the connection of a terminal to a host, two aspects are involved. First, at the time of connection initiation, the service assures that the two entities are authentic, that is, that each is the entity that it claims to be. Second, the service must assure that the conne

A useful means of classifying security attacks is in terms of passive attacks and active attacks.   A passive attack attempts to learn or make use of information from the system but does not affect system resources. An active attack attempts to alter system resources or affect their operation. Passive Attacks Passive attacks are in the nature of eavesdropping on, or monitoring of, transmissions. The goal of the opponent is to obtain information that is being transmitted. Two types of passive attacks are the release of message contents and traffic analysis.   The release of message contents is easily understood.A telephone conversation, an electronic mail message, and a transferred file may contain sensitive or confidential information. We would like to prevent an opponent from learning the contents of these transmissions. A second type of passive attack, traffic analysis.Suppose that we had a way of masking the contents of messages or other information traffic so that opponents, even i

 The following figure shows the Model for Network Security A message is to be transferred from one party to another across some sort of Internet service. The two parties, who are the principals in this transaction, must cooperate for the exchange to take place. A logical information channel is established by defining a route through the Internet from source to destination and by the cooperative use of communication protocols (e.g., TCP/IP) by the two principals. Security aspects come into play when it is necessary or desirable to protect the information transmission from an opponent who may present a threat to confidentiality, authenticity, and so on. All the techniques for providing security have two components: A security-related transformation on the information to be sent. Examples include the encryption of the message, which scrambles the message so that it is unreadable by the opponent, and the addition of a code based on the contents of the message, which can be used to verify t

Table  lists the security mechanisms defined in X.800. The mechanisms are divided into those that are implemented in a specific protocol layer, such as TCP or an application-layer protocol, and those that are not specific to any particular protocol layer or security service. X.800 distinguishes between reversible encipherment mechanisms and irreversible encipherment mechanisms.A reversible encipherment mechanism is simply an encryption algorithm that allows data to be encrypted and subsequently decrypted. Irreversible encipherment mechanisms include hash algorithms and message authentication codes, which are used in digital signature and message authentication applications. Table below, indicates the relationship between security services and security mechanisms.

A symmetric encryption scheme has five ingredients (Figure below): Plaintext: This is the original intelligible message or data that is fed into the algorithm as input. Encryption algorithm: The encryption algorithm performs various substitutions and transformations on the plaintext.   Secret key: The secret key is also input to the encryption algorithm. The key is a value independent of the plaintext and of the algorithm. The algorithm will produce a different output depending on the specific key being used at the time. The exact substitutions and transformations performed by the algorithm depend on the key. Ciphertext: This is the scrambled message produced as output. It depends on the plaintext and the secret key. For a given message, two different keys will produce two different ciphertexts. The ciphertext is an apparently random stream of data and, as it stands, is unintelligible. Decryption algorithm: This is essentially the encryption algorithm run in reverse. It takes the

Before beginning, we define some terms. An original message is known as the  plaintext , while the coded message is called the ciphertext .The process of converting from plaintext to ciphertext is known as enciphering or encryption ; restoring the plaintext from the ciphertext is deciphering or decryption . The many schemes used for encryption constitute the area of study known as cryptography . Such a scheme is known as a cryptographic system or a cipher. Techniques used for deciphering a  message without any knowledge of the enciphering details fall into the area of cryptanalysis . Cryptanalysis is what the layperson calls “breaking the code.”The areas of cryptography and cryptanalysis together are called cryptology. Cryptographic systems are characterized along three independent dimensions: 1. The type of operations used for transforming plaintext to ciphertext. All encryption algorithms are based on two general principles: substitution, in which each element in the plaintext (bit