1

CTH EDUCATION
Computer Network Security

Unit – 01: Attacks on computers and computer security

 Computer security, need for security, approaches, principles,
 Attacks on computers and types of attacks,
 Operational model of network security,
 Cryptography concepts and techniques,
 substitution transposition,
 encryption and decryption,
 symmetric, Asymmetric key cryptography,
 key range size,

Questions to be discussed:
1. What is computer security?
2. Explain need of information security.
3. Discuss different types of attacks.
4. What is cryptography? Explain types of cryptography.
5. Differentiate between substitution and transposition cipher techniques.

Diploma : CSE (All Paper) By : Alok Sir (Mob. No.: +91-80 84 370 470)
2
CTH EDUCATION
What is Computer Security?
 Computer security is the protection of computer systems and information from harm, theft, and
unauthorized use.
 It is the process of preventing and detecting unauthorized use of your computer system.
 Computer security is also called cyber security, digital security or IT security.
 August Kerckhoffs is known as the father of computer security.

Types of computer security:

Computer security can be classified into four types:
1. Cyber Security
2. Information Security
3. Application Security
4. Network Security

Cyber Security:
 It is defined as protecting computer systems, which communicate over the computer networks
 Cyber attacks are those attacks that happen when our system is connected to the Internet.

Information Security:
 Information security is securing information from unauthorized access, modification & deletion
 It has mainly three objectives: confidentiality, integrity, and availability of information(CIA).

Application Security:
 Application security means securing our applications and data so that they don’t get hacked and also
the databases of the applications remain safe and private to the owner itself so that user’s data
remains confidential.

Network Security:
 Network Security is by securing both the software and hardware technologies.
 Network security means securing a network and protecting the user’s information about who is
connected through that network.

Diploma : CSE (All Paper) By : Alok Sir (Mob. No.: +91-80 84 370 470)
3
CTH EDUCATION
Need of information security:
 It is essential for protecting sensitive and valuable data from unauthorized access.
 The need of information security is essential because:
1. Protecting Confidential Information.
2. Maintaining Business Continuity.
3. Protecting Customer Trust.
4. Preventing Cyber-attacks.
5. Protecting Employee Information.

Types of cyber attack:

1. Denial of service attack or DOS.
2. Backdoor
3. Eavesdropping
4. Phishing
5. Spoofing
6. Malware
7. Social engineering
8. Polymorphic Attacks

Denial of service attack or DOS:

 A denial of service attack is a kind of cyber attack in which the attackers disrupt the services of the
particular network by sending infinite requests.

Backdoor:
 In a backdoor attack, malware, trojan horse or virus gets installed in our system and start affecting
it’s security along with the main file.

Eavesdropping:
 Eavesdropping refers to secretly listening to someone’s talk without their permission or knowledge.
 Attackers try to steal, manipulate, modify, hack information or systems by passively listening to
network communication, knowing passwords etc.

Phishing:
 Similarly, in phishing, a user is tricked by the attacker who gains the trust of the user or acts as if he is
a genuine person and then steals the information by ditching.
 Not only attackers but some certain websites that seem to be genuine, but actually they are fraud
sites.

Diploma : CSE (All Paper) By : Alok Sir (Mob. No.: +91-80 84 370 470)
4
CTH EDUCATION
Spoofing:
 Spoofing is the act of masquerading as a valid entity through falsification of data(such as an IP
address or username), in order to gain access to information or resources that one is otherwise
unauthorized to obtain.
 Spoofing is of several types- email spoofing, IP address spoofing, biometric spoofing etc.

Malware:
 Malware is made up of two terms: Malicious + Software = Malware.
 Malware intrudes into the system and is designed to damage our computers.
 Different types of malware are adware, spyware, ransomware, Trojan horse, etc.

Social engineering:
 Social engineering attack involves manipulating users psychologically and extracting confidential or
sensitive data from them by gaining their trust.

Polymorphic Attacks:
 Poly means “many” and morph means “form”, polymorphic attacks are those in which attacker adopts
multiple forms and changes them so that they are not recognized easily.
 These kinds of attacks are difficult to detect due to their changing forms.

Operational model of network security:

 A Network Security Model exhibits how the security service has been designed over the network.
 It prevent the opponent from causing a threat to the confidentiality of the information that is being
transmitted through the network.
 When we send our data from source side to destination side we have to use some transfer method like
the internet or any other communication channel by which we are able to send our message.

Diploma : CSE (All Paper) By : Alok Sir (Mob. No.: +91-80 84 370 470)
5
CTH EDUCATION
Cryptography:
 It is a technique of sending information from sender to receiver using codes.
 It securing information through use of codes so that only intended person can understand & process it.
 Cryptography is used to preventing unauthorized access of information.
 The prefix “crypt” means “hidden” and suffix “graphy” means “writing”.
 Claude E. Shannon is considered to be the father of mathematical cryptography.

Components used in cryptograph:

There are various components of cryptography:
1. Plaintext and
2. Ciphertext
3. Key

Plaintext and Ciphertext:

 The original message, before being transformed, is called plaintext.
 After the message is transformed, it is called ciphertext.
 The process of conversion of plain text to cipher text this is known as Encryption.
 The process of conversion of cipher text to plain text this is known as decryption.
 The sender uses an encryption algorithm, and the receiver uses a decryption algorithm.

Key:
 In cryptography, a key is a string of characters used within an encryption algorithm for altering data so
that it appears random.
 Like a physical key, it locks (encrypts) data so that only someone with the right key can unlock (decrypt)
it.

Types of Cryptography:
In general there are three types Of cryptography:
1. Symmetric Key Cryptography:
2. Asymmetric Key Cryptography:

Symmetric Key Cryptography:

 It is an encryption system where the sender and receiver of message use a single common key to
encrypt and decrypt messages.
 Symmetric Key Systems are faster and simpler but the problem is that sender and receiver have to
somehow exchange key in a secure manner.
 The most popular symmetric key cryptography system are
1. Data Encryption System(DES) and
2. Advanced Encryption System(AES).

Diploma : CSE (All Paper) By : Alok Sir (Mob. No.: +91-80 84 370 470)
6
CTH EDUCATION
Asymmetric Key Cryptography:
 Under this system a pair of keys is used to encrypt and decrypt information.
 A receiver’s public key is used for encryption and a receiver’s private key is used for decryption.
 Public key and Private Key are different.
 Even if the public key is known by everyone the intended receiver can only decode it because he alone
know his private key.
 The most popular asymmetric key cryptography algorithm is
 RSA algorithm.

What is encryption?
 In cryptography, encryption is the process of encoding information.
 This process converts the original representation of the information, known as plaintext, into an
alternative form known as ciphertext.
 Ideally, only authorized parties can decipher a ciphertext back to plaintext and access the original
information.
 Substitution and transposition ciphers are two common types of symmetric encryption, which means
that the same key is used to encrypt and decrypt the message.
 They are often used in combination to increase the security of the communication.

Diploma : CSE (All Paper) By : Alok Sir (Mob. No.: +91-80 84 370 470)
7
CTH EDUCATION
Substitution cipher:
 A substitution cipher replaces each letter or symbol in the plaintext with another one, according to a
fixed rule or a key.
 The key is the number of shifts, and it can be changed periodically to avoid repetition.
 Substitution ciphers are easy to implement and understand.
 But in this an attacker can guess the key by looking at the most common patterns in the ciphertext.

Transposition cipher:
 A transposition cipher rearranges the order of the letters or symbols in the plaintext, according to a
certain pattern.
 Transposition ciphers are more difficult to break than substitution ciphers, but they can still be
attacked, which means that an attacker can try to find words or phrases that fit the ciphertext.

Difference between Substitution Cipher and Transposition Cipher Technique:

Substitution Cipher Technique Transposition Cipher Technique

In substitution Cipher Technique, plain text In transposition Cipher Technique, plain text
characters are replaced with other characters, characters are rearranged with respect to the
numbers and symbols. position.

Substitution Cipher’s forms are: Mono Transposition Cipher’s forms are: Key-less
alphabetic substitution cipher and poly transposition cipher and keyed transposition
alphabetic substitution cipher. cipher.

In substitution Cipher Technique, character’s While in transposition Cipher Technique, The

identity is changed while its position remains position of the character is changed but
unchanged. character’s identity is not changed.

While in transposition Cipher Technique, The

In substitution Cipher Technique, The letter
Keys which are nearer to correct key can disclose
with low frequency can detect plain text.
plain text.

Diploma : CSE (All Paper) By : Alok Sir (Mob. No.: +91-80 84 370 470)
1
CTH EDUCATION
Unit – 02: Mathematics of cryptography
 DES Block ciphers modes and Feistel ciphers DES.
 working of DES,
 cracking des, problems on des.
 2DES, 3DES, des design,
 Side channel attacks,
 Differential cryptanalysis.

Questions to be discussed:
1. Discuss the term DES. Write the applications of DES Algorithm.
2. Explain different DES Modes of Operation.
3. Differentiate between DES and AES algorithms.
4. Discuss about 2DES and 3DES in brief.
5. What is a side-channel attack?

Diploma : CSE (All Paper) By : Alok Sir (Mob. No.: +91-80 84 370 470)
2
CTH EDUCATION
Mathematics of cryptography:
 Mathematics of cryptography means use of mathematical techniques to encode plain text with hash
functions and perform crypto-analysis to identify the original text from encrypted keys.

Difference between Symmetric and Asymmetric Key Encryption:

Symmetric Key Encryption Asymmetric Key Encryption

It only requires a single key for both encryption It requires two keys, a public key and a private
and decryption. key, one to encrypt and the other one to decrypt.

The size of cipher text is the same or smaller than The size of cipher text is the same or larger than
the original plain text. the original plain text.

The encryption process is very fast. The encryption process is slow.

It is used when a large amount of data is required

It is used to transfer small amounts of data.
to transfer.

It provides confidentiality, authenticity, and

It only provides confidentiality.
non-repudiation.

The length of key used is 128 or 256 bits The length of key used is 2048 or higher

Examples: 3DES, AES, DES and RC4 Examples: Diffie-Hellman, ECC, DSA and RSA

Data Encryption Standard (DES)

 DES stands for Data Encryption Standard.
 DES is a Symmetric Key Encryption technique.
 DES is based on the Feistel block cipher, called LUCIFER.
 It was developed in 1971 by IBM cryptography researcher Horst Feistel.
 The DES algorithm uses a key of 56-bit size.
 Using this key, the DES takes a block of 64-bit plain text as input and generates 64-bit cipher text block.
 The DES process has several steps involved in it, where each step is called a round.
 DES’s dominance came to an end in 2002, when the Advanced Encryption Standard replaced the DES.
 It was adopted in 1977 for government agencies to protect sensitive data & was officially retired in 2005.
 The Triple DES (3DES), remains approved for sensitive government information through 2030.

Diploma : CSE (All Paper) By : Alok Sir (Mob. No.: +91-80 84 370 470)
3
CTH EDUCATION
Applications of DES Algorithm:
Some of the applications of the DES Algorithm.
1. It is used in random number generation
2. It is deployed when not-so-strong encryption is needed
3. It is used to develop a new form of DES, called Triple DES (using a 168-bit key formed using three keys)

Different DES Modes of Operation:

DES have five different modes of operation:
1. Electronic Codebook (ECB).
2. Cipher Block Chaining (CBC).
3. Cipher Feedback (CFB).
4. Output Feedback (OFB).
5. Counter (CTR).

ECB:
 ECB stands for Electronic Codebook.
 Each 64-bit block is encrypted and decrypted independently.

CBC:
 CBC stands for Cipher Block Chaining.
 Each 64-bit block depends on the previous one and uses an Initialization Vector (IV).

CFB:
 CFB stands for Cipher Feedback.
 The preceding ciphertext becomes the input for the encryption algorithm, producing pseudo random
output, which in turn is XORed with plaintext, building the next ciphertext unit

OFB:
 OFB stands for Output Feedback.
 Much like CFB, except that the encryption algorithm input is the output from the preceding DES.

Counter (CTR):
 CTR stands for Counter.
 Each plaintext block is XORed with an encrypted counter.
 The counter is then incremented for each subsequent block

Diploma : CSE (All Paper) By : Alok Sir (Mob. No.: +91-80 84 370 470)
4
CTH EDUCATION
Difference between DES and AES algorithms:

DES AES

Used to encrypt plain text of 64-bit Used to encrypt plain text of 128-bit

The key is of different sizes such as 128-bits, 192-bits,

The key is of 56-bit size.
and so on

Less secure than AES More secure than DES

It can be broken by brute force attacks To date, AES has not been attacked

It is based on Feistel network It is based on permutation and substitution network

Working of DES:
 As we know that DES is a Symmetric Key Encryption technique.
 So, it uses the same key to encrypt and decrypt a message.
 Both the sender and the receiver must know and use the same private key.
 Some key features affecting how DES works include the following:

Block cipher:
 The Data Encryption Standard is a block cipher, meaning a cryptographic key and algorithm are applied
to a block of data simultaneously rather than one bit at a time.
 To encrypt a plaintext message, DES groups it into 64-bit blocks.
 Each block is enciphered using the secret key into a 64-bit cipher text by means of permutation and
substitution.

Several rounds of encryption:

 The DES process involves encrypting 16 times.
 It can run in four different modes, encrypting blocks individually or making each cipher block
dependent on all the previous blocks.
 Decryption is simply the inverse of encryption, following the same steps but reversing the order in
which the keys are applied.

64-bit key:
 DES uses a 64-bit key, but because eight of those bits are used for parity checks, the effective key length
is only 56 bits.
 The encryption algorithm generates 16 different 48-bit sub keys, one for each of the 16 encryption rounds.
 Sub keys are generated by selecting and permuting parts of the key as defined by the DES algorithm.

Diploma : CSE (All Paper) By : Alok Sir (Mob. No.: +91-80 84 370 470)
5
CTH EDUCATION
Replacement and permutation.
 The algorithm defines sequences of replacement and permutation that the cipher text undergoes during
the encryption process.

Backward compatibility.
 DES also provides this capability in some instances.

Cracking DES:
 In cryptography, the DES cracker is a machine built by the Electronic Frontier Foundation in 1998.
 It is used to perform a brute force search to decrypt an encrypted message by trying every possible key.
 The aim in doing this was to prove that the key size of DES was not sufficient to be secure.
 It is also known as EFF DES cracker or "Deep Crack".
 Detailed technical data of this machine, including block diagrams, circuit schematics have all been
published in the book Cracking DES.
 Its public domain license allows everyone to freely copy, use, or modify its design.

What are the drawbacks of DES? Problems on DES?

The drawbacks include the following:
 The 56-bit key size of the DES algorithm is arguably its worst drawback.
 A million DES operations may be encrypted and decrypted by chips in a second.
 For $1 million, you may get a DES cracking machine that will search all the keys in around seven hours.
 What is the main weakness of DES?
 Probably the biggest disadvantage of the DES algorithm is the key size of 56-bit.
 There are chips available that can encrypt and decrypt a million DES operations in a second.
 A DES cracking machine that can search all the keys in about seven hours is available for $1 million.

2DES and 3DES:

 As we know that DES uses 56 bit key to encrypt any plain text which can be easily be cracked by using
modern technologies.
 To prevent this from happening double DES and triple DES were introduced which are much more
secured than the original DES because it uses 112 and 168 bit keys respectively.
 They offer much more security than DES.

Diploma : CSE (All Paper) By : Alok Sir (Mob. No.: +91-80 84 370 470)
6
CTH EDUCATION
Double DES:
 Double DES is an encryption technique which uses two instance of DES on same plain text.
 In both instances it uses different keys to encrypt the plain text.
 Both keys are required at the time of decryption.
 The 64 bit plain text goes into first DES instance which then converted into a 64 bit middle text using
the first key and then it goes to second DES instance which gives 64 bit cipher text by using second key.
 However double DES uses 112 bit key but gives security level of 2^56 not 2^112 and this is because of
meet-in-the middle attack which can be used to break through double DES.

Triple DES:
 Triple DES is an encryption technique which uses three instance of DES on same plain text.
 It uses there different types of key choosing technique in first all used keys are different and in second
two keys are same and one is different and in third all keys are same.
 Triple DES is also vulnerable to meet-in-the middle attack because of which it give total security level
of 2^112 instead of using 168 bit of key.
 The block collision attack can also be done because of short block size and using same key to encrypt
large size of text.
 It is also vulnerable to sweet32 attack.

What is a side-channel attack?

 A side-channel attack does not target a program or its code directly.
 It attempts to gather information of a system by measuring indirect effects of the system.
 SCA is a security exploit that attempts to extract secrets from a chip or a system.
 This can be achieved by measuring or analyzing various physical parameters.
 Examples include supply current, execution time, and electromagnetic emission.

Differential Cryptanalysis:
 It is used to find the “difference” between related plaintexts that are encrypted.
 The plaintexts may differ by a few bits.
 It is usually launched as an adaptive chosen plaintext attack: the attacker chooses the plaintext to be
encrypted (but does not know the key), and then encrypts related plaintexts.
 The cryptanalyst then uses statistical analysis to search for signs of non-randomness in the cipher texts,
zeroing in on areas where the plaintexts differed.
 Every bit of the related cipher texts should have a 50/50 chance of flipping: the cryptanalyst searches
for areas where this is not true.
 Any such underlying order is a clue to recover the key.

Diploma : CSE (All Paper) By : Alok Sir (Mob. No.: +91-80 84 370 470)
1
CTH EDUCATION
Unit – 03: Symmetric-Key Cryptography
 Glosis field theory,
 AES, overview of Rijndael comparison with others.
 Symmetric ciphers,
 Blowfish in practice,
 RC4, RC5, RC6, IDEA, RSA

Questions to be discussed:
1. What do you mean by Glosis field theory explain with example?
2. Write the difference between AES and DES.
3. Differentiate between block cipher and stream cipher.
4. Explain RC4, RC5 and RC6 in brief.
5. Write short notes on:
a. Rijndael algorithm
b. Blowfish
c. IDEA
d. RSA

Diploma : CSE (All Paper) By : Alok Sir (Mob. No.: +91-80 84 370 470)
2
CTH EDUCATION
Symmetric-Key Cryptography:
 In cryptography Symmetric-key algorithms are algorithms that use the same cryptographic keys for
both the encryption of plaintext and the decryption of cipher text.
 The keys may be identical, or there may be a simple transformation to go between the two keys.

Galois fields theory:

 Galois field named after Evariste Galois also known as Finite Field.
 It is a set of numbers that consists of a finite number of elements.
 It has two operations, addition and multiplication, that follow specific rules.
 The rules for these operations ensure that the Galois Field remains closed.
 That means the result of any operation performed within the set will also be an element of the set.
 Galois Fields are useful in various fields, such as cryptography, coding theory, and error correction, due
to their unique mathematical properties.
 The size of a Galois Field is represented by a prime number ‘p’, and it is denoted by GF(p), where p is
a prime number.
Example:
 One example of a Galois Field is a field with 2 elements, denoted by GF(2).
 This field has two elements, 0 and 1, and the rules for addition and multiplication operations are
defined as follows:
1. Addition: The addition operation in GF(2) is equivalent to the XOR operation.
For example, 0 + 0 = 0, 0 + 1 = 1, and 1 + 1 = 0.
2. Multiplication: The multiplication operation in GF(2) is equivalent to the AND operation.
For example, 0 * 0 = 0, 0 * 1 = 0, and 1 * 1 = 1.

Advanced Encryption Standard (AES):

 AES stands for Advanced Encryption Standard.
 It is a specification for the encryption of electronic data established by the U.S National Institute of
Standards and Technology (NIST) in 2001.
 AES is widely used today as it is a much stronger than DES and triple DES despite being harder to
implement.
 Points to remember
 AES is a block cipher.
 The key size can be 128/192/256 bits.
 Encrypts data in blocks of 128 bits each.

Diploma : CSE (All Paper) By : Alok Sir (Mob. No.: +91-80 84 370 470)
3
CTH EDUCATION
Difference between AES and DES:

AES DES

AES stands for Advanced Encryption Standard DES stands for Data Encryption Standard

The date of creation is 2001. The date of creation is 1977.

Byte-Oriented. Bit-Oriented.

Key length can be 128-bits, 192-bits, and 256-bits The key length is 56 bits in DES.

Number of rounds depends on key length:

DES involves 16 rounds of identical operations
10(128-bits), 12(192-bits), or 14(256-bits)

AES can encrypt 128 bits of plaintext. DES can encrypt 64 bits of plaintext.

It can generate Ciphertext of 128, 192, 256 bits. It generates Ciphertext of 64 bits.

AES was designed by Vincent Rijmen and Joan

DES was designed by IBM.
Daemen.

It is faster than DES. It is slower than AES.

It is flexible. It is not flexible.

It is efficient with both hardware and software. It is efficient only with hardware.

Rijndael Algorithm:
 It is a symmetric key algorithm.
 Rijndael Algorithm also called Advance Encryption Standard(AES).
 Rijndael is a family of Ciphers having distinctive keys and block sizes.
 The algorithm changed into created by way of the cryptologists, Joan Daemen and Vincent Rijmen.
 The word Rijndael was derived from their surnames.
 It’s a block cipher that works iteratively.
 Block size available in three different bit key versions that are 128-bit size, 192-bit size or 256-bit size.

Diploma : CSE (All Paper) By : Alok Sir (Mob. No.: +91-80 84 370 470)
4
CTH EDUCATION
Symmetric ciphers:
 Symmetric Encryption is the most basic and old method of encryption.
 It uses only one key for the process of both the encryption and decryption of data.
 Thus, it is also known as Single-Key Encryption.
 A few basic terms in Cryptography are as follows:
Plain Text: original message to be communicated between sender and receiver
Cipher Text: encoded format of the original message that cannot be understood by humans
The Symmetric Cipher Model:
A symmetric cipher model is composed of five essential parts:

What is Blowfish?
 Blowfish is a variable-length, symmetric, 64-bit block cipher.
 Designed by Bruce Schneier in 1993 as a "general-purpose algorithm.
 It was intended to provide a fast, free, drop-in alternative to the aging DES & IDEA.
 Blowfish is significantly faster than DES and IDEA and is unpatented and available free for all uses.
 However, it couldn't completely replace DES due to its small block size, which is considered insecure.
 Blowfish features a 64-bit block size and takes a variable-length key, from 32 bits to 448 bits.
 Blowfish uses a single encryption key to both encrypt and decrypt data.

What is cipher?
 Ciphertext is encrypted text.
 It is transformed from plaintext using an encryption algorithm.
 Ciphertext can't be read until it has been converted into plaintext (decrypted) with a key.
 The decryption cipher is an algorithm that transforms the ciphertext back into plaintext.
 The term cipher is sometimes used as a synonym for ciphertext.

Diploma : CSE (All Paper) By : Alok Sir (Mob. No.: +91-80 84 370 470)
5
CTH EDUCATION
Difference between block cipher and stream cipher:

Block Cipher Stream Cipher

Block Cipher is the kind of encryption that converts Stream cipher is the kind of encryption that
plaintext by taking each block individually. converts plaintext by taking one byte of the
plaintext at a time.

It uses both diffusion and confusion principles for the Only the confusion principle is used by Stream
conversion (used later in encryption). Cipher for the conversion.

In Block cipher, decryption is more difficult than In a stream cipher, XOR is used for encryption
stream cipher. that can quickly converted back to plain text.

Block Cipher uses both confusion and diffusion. Stream cipher relies on confusion only.

Simple design Complex comparatively

64 Bits or more 8 Bits

RC4:
 RC4 stands for Rivest Cipher 4 or Ron’s Code 4.
 RC4 is a form of stream cipher.
 It encrypts messages one byte at a time.
 RC4 is a variable key-size stream cipher with byte-oriented operations.
 The RC4 cipher became the most widely used stream cypher due to its speed and simplicity.
 It is used in common protocols such as Wired Equivalent Privacy(WEP), Secure Sockets Layer(SSL) and
Transport Layer Security (TLS).

RC5:
 RC5 stands for "Rivest Cipher 5", or alternatively, "Ron's Code 5".
 RC5 is a form of block cipher.
 In cryptography, RC5 is a symmetric-key block cipher notable for its simplicity.
 RC5 is a 32/64/128-bit block cipher developed in 1994.
 It is notable for being simple, fast and consumes less memory.
 RC5 is known for its fast encryption and decryption speeds.
 It uses simple mathematical operations such as modular arithmetic and bit shifting, which can be
efficiently implemented on modern CPUs and hardware.

Diploma : CSE (All Paper) By : Alok Sir (Mob. No.: +91-80 84 370 470)
6
CTH EDUCATION
RC6:
 RC6 stands for "Rivest Cipher 6", or alternatively, "Ron's Code 6".
 RC6 is a form of block cipher.
 RC6 is a 128-bit block cipher based on RC5, was developed in 1997.
 Its variable block size and key size make it highly adaptable to different applications or system.
 RC6 encryption is widely used in various industries, including data protection, network security, and
digital rights management.

IDEA:
 IDEA stands for International Data Encryption Algorithm
 It is a symmetric-key block cipher that was first introduced in 1991.
 IDEA is considered to be a good and secure algorithm.
 IDEA uses a block cipher with a block size of 64 bits and a key size of 128 bits.
 The cipher is designed to be highly secure and resistant to various types of attacks.
 It was designed to provide secure encryption for digital data and is used in a variety of applications,
such as secure communications, financial transactions, and electronic voting systems.

RSA:
 RSA is the most common public-key algorithm.
 It was invented in 1978 by scientists Rivest, Shamir and Adleman.
 RSA is a public-key encryption method used in data security.
 This algorithm is safe and reliable for the transfer of data across the internet.
 It takes care of the privacy of the data.
 The process of implementing the RSA algorithm is quite simple.
 RSA is safe and reliable for mechanisms, hence, there is no risk in sending private data.

Diploma : CSE (All Paper) By : Alok Sir (Mob. No.: +91-80 84 370 470)
1
CTH EDUCATION
Unit – 04: Asymmetric-Key Cryptography
 RSA,
 Elliptic curve cryptography ECC,
 Digital certificates and PKI.

Questions to be discussed:
1. What is asymmetric cryptography? Discuss RSA in brief.
2. Discuss Elliptic curve cryptography in details.
3. What do you mean by Digital certificates and PKI.

Diploma : CSE (All Paper)

2
CTH EDUCATION
What is cryptography?
 Cryptography is technique of securing information.
 It is a technique of communications through use of codes.
 So the only intended person can understand the message and process it.
Examples:
 End-to-end encryption in WhatsApp.
 Digital signatures are the next real-time application of cryptography.

Symmetric and asymmetric key:

 Symmetric encryption involves using a single key to encrypt and decrypt data, while asymmetric
encryption uses two keys - one public and one private - to encrypt and decrypt data.
 Each type of encryption has its own strengths and weaknesses, and the choice between the two
depends on the specific needs of the user.

Diploma : CSE (All Paper)

3
CTH EDUCATION
What is asymmetric cryptography?
 Asymmetric cryptography is also known as public-key cryptography.
 It is a process that uses a pair of related keys - one public key and one private key - to encrypt and decrypt
a message to protect it from unauthorized access.
 A public key can be used by any person to encrypt a message so that it can only be decrypted by the
intended recipient with their private key.
 A private key is also known as a secret key - is shared only with key's initiator.
 Asymmetric cryptography is used to authenticate data using digital signatures.
 A digital signature is a mathematical technique used to validate the authenticity and integrity of a
message, software or digital document.
 It is the digital equivalent of a handwritten signature or stamped seal.

Types of Cryptography Algorithm:

 Cryptographic algorithms are primarily of two types, and you can use them for critical tasks, such
as authentication, data encryption, and digital signatures.
1. RSA(Rivest, Shamir, and Adleman)
2. DES(Data Encryption Standard)

What is the RSA algorithm?

 The RSA algorithm is an asymmetric cryptography algorithm.
 It is the most secure encryption method based on the block cipher principle.
 Rivest, Shamir, and Adleman invented it in 1978, hence the name RSA algorithm.
 It converts plain text to ciphertext at the receiver end and vice versa.
 If we use User A’s public key for encryption, we must use the same user’s private key for decryption.
 You may wonder what I mean by saying the RSA algorithm is asymmetric.
 It means it works on two different keys: The Public Key and the Private Key.
 The Public Key is distributed to everyone while the Private Key is kept private.
 The RSA algorithm is based on how difficult it is to factorize a large integer.

Diploma : CSE (All Paper)

4
CTH EDUCATION
Difference Between AES and RSA Encryption:

AES RSA

Symmetric key encryption Asymmetric encryption

128, 192, or 256 bits 1024, 2048, or 4096 bits (common)

Fast and efficient for bulk data Slower, not suited for large data

Secure communications ensuring a secure

Securing file storage AES is preferable due to
channel for data transmission between clients
its faster encryption and decryption speeds
and servers.

Secure file storage and communication Secure email and digital certificates

Elliptic Curve Cryptography(ECC):

 ECC stands for Elliptic Curve Cryptography.
 This method was introduced in 1985 by Neal Koblitz and Victor S. Miller.
 Its high-security makes it the ideal standard for protecting sensitive mobiles and apps.
 ECC uses a fairly difficult mathematical operation based on elliptic curves on a finite field.
 With ECC you have a curve, defined by a math function, a starting point (A), and an ending point
(Z) in the curve.
 The key is that to get to Z, you have done a series of “hops”, or multiplications that resulted in Z.
 This amount of hops is the private key.

Diploma : CSE (All Paper)

5
CTH EDUCATION
Digital certificates and PKI:
 Digital certificates facilitate secure electronic communication and exchange data between people,
systems, and online devices.
 They are issued by Certificate Authorities (CAs) and perform two primary functions:
1. Verifying the identity of the sender/receiver of an electronic message
2. Providing the means to encrypt/decrypt messages between sender and receiver.
 There are three basic types of digital signature certificates:
1. Individual digital signature certificates (signing certificates).
2. Server certificates.
3. Encryption certificates.

Individual digital signature certificates (signing certificates):

 These certificates are used to identify a person and include personal information.
 They can be used to sign electronic documents and emails to implement access control mechanisms for
sensitive or valuable information.

Server certificates:
 These certificates identify a server (computer) and contain the host name or IP address.
 They are used for one- or two-layer SSL to ensure secure communication of data over a network.

Encryption certificates:
 These certificates are used to encrypt a message using the public key of the recipient to ensure data
confidentiality during transmission. Different signatures for encryption and digital signatures are
available from different CAs. (adapted from Government of India 2010)
Figure 13. Digital certificates

Diploma : CSE (All Paper)

6
CTH EDUCATION
PKI:
 PKI stands for public-key infrastructure.
 A system including policies, institutions, and technologies—that manages the distribution,
authentication, and revocation of digital certificates is called public-key infrastructure (PKI).
 Because digital certificates are standard in data exchange and security protocols for digital ID systems a
country’s PKI is landscape is a common building block for many ID systems.
 For example, when a smartcard or SIM card that uses PKI for authentication and digital signatures is
personalized, it is issued with a private key and digital certificate signed by a CA that attests to the
authenticity of the credential and provides the public-key necessary for other devices (e.g., card readers,
servers, etc.) to verify the authenticity and integrity of the card.

Diploma : CSE (All Paper)

1
CTH EDUCATION
Unit – 05: Cryptographic Hash Functions
 Hashing schemes SHA- family,
 MAC,
 Digital Signature RSA El Gomel,
 DSS DSA,
 Authentication Protocols,
 applications Kerberos,
 X.509 Directory services

Questions to be discussed:
1. What are Cryptographic Hash Functions?
2. What is digital signature? What are the benefits of digital signatures?
3. Write the difference between RSA algorithm and DSA.
4. Write short notes on:
a. Message Digest(MD)
b. MAC
c. Kerberos.

Diploma : CSE (All Paper)

2
CTH EDUCATION
What are Cryptographic Hash Functions?
 A cryptographic hash function is a mathematical function used in cryptography.
 A hash functions take inputs of variable lengths to return outputs of a fixed length.
 It converts a numerical input value into another compressed numerical value.
 The values returned by a hash function are called message digest(MD) or simply hash values.
 The hash is much smaller than the input data, hence hash functions are called compression functions.

Variable Length Message M

Hash
Function

Hash Value (Fixed Length)

Popular Cryptographic Hash Function:

There are many cryptographic hash algorithms:
1. Message Digest (MD)
2. Secure Hash Algorithm (SHA)

Message Digest (MD):

 MD stands for message digest.
 It is a 128-bit hash function.
 It is a popular cryptographic hash function.
 The MD family comprises of hash functions MD2, MD4, MD5 and MD6.
 MD5 digests have been widely used in the software world to provide assurance about integrity of
transferred file.

Secure Hash Algorithm (SHA):

 The SHA stands for "Secure Hash Algorithm".
 The SHA is a cryptographic hash function.
 Family of SHA comprise of four SHA algorithms; SHA-0, SHA-1, SHA-2, and SHA-3.
 The original version is SHA-0 is a 160-bit hash function.
 It was published by the National Institute of Standards and Technology (NIST) in 1993.
 It had few weaknesses and did not become very popular.
 Later in 1995, SHA-1 was designed to correct alleged weaknesses of SHA-0.

Diploma : CSE (All Paper)

3
CTH EDUCATION
MAC:
 MAC stands for message authentication code.
 A MAC ensures the transmitted message was not modified during transmission.
 A MAC is sometimes referred to as a tag because of the way it is added to the message it is verifying.
 MAC is also referred to as Cryptographic Checksum.
 It is similar to Message Digest (MD) except that it uses the symmetric key cryptography process to
authenticate a message.

MAC = C (K, M), where K is a shared secret key and M is a message to be authenticated.

What is a digital signature?

 A digital signature is an authentication mechanism that allows the sender to attach an electronic code
with the message in order to ensure its authenticity and integrity.
 This electronic code acts as the signature of the sender and, hence, is named digital signature.
 In 1976, Whitfield Diffie and Martin Hellman first described the notion of a digital signature.
 The first instance of digital signature to be implemented In 1977, by RSA(Rivest - Shamir – Adleman).
 It is an electronic, encrypted, stamp of authentication for electronic documents.
 A signature confirms that the information originated from the signer and has not been altered.
 It is a mathematical technique used to validate the authenticity and integrity of a digital document.
 Digital signatures are based on public key cryptography, also known as asymmetric cryptography.

What are the benefits of digital signatures?

Digital signatures offer the following benefits:
 Security
 Timestamping.
 Globally accepted and legally compliant.
 Time savings.
 Cost savings.
 Traceability.

DSS:
 DSS stands for Digital Signature Standard.
 It was introduced by the National Institute of Standards and Technology (NIST) in 1994.
 It was first proposed in 1991 and revised in 1993.
 DSS used SHA to create digital signatures.

Diploma : CSE (All Paper)

4
CTH EDUCATION
DSA:
 DSA stand for Digital Signature Algorithm.
 It is used for digital signature and its verification.
 It is based on mathematical concept of modular exponentiation and discrete logarithm.
 It was developed by National Institute of Standards and Technology (NIST) in 1991.

Difference between RSA algorithm and DSA:

RSA DSA
It is a cryptosystem algorithm. It is digital signature algorithm.
It is used for secure data transmission. It is used for digital signature and its verification.
It was developed in 1977. While it was developed in 1991.
It was developed by Rivest, Shamir & Adleman. It was developed by NIST.
It is faster than DSA in encryption. While it is slower in encryption.
It is slower in decryption. While it is faster in decryption.
It is best suited for verification and encryption. It is best suited for signing in and decryption.

Authentication Protocols in Digital Signature:

Some authentication protocols are:
1. Kerberos.
2. LDAP (Lightweight Directory Access Protocol).
3. SAML (Security Assertion Markup Language)
4. RADIUS (Remote Authentication Dial-In User Service).

Kerberos:
 Kerberos is a protocol that helps in network authentication.
 It provides a centralized authentication server.
 Its main function is to authenticate users to servers and servers to users.
 In Kerberos Authentication server and database is used for client authentication.

Diploma : CSE (All Paper)

5
CTH EDUCATION
Some advantages of Kerberos:
 It supports various operating systems.
 The authentication key is shared much efficiently than public sharing.

Some disadvantages of Kerberos:

 It is used only to authenticate clients and services used by them.
 It shows vulnerability to soft or weak passwords.

X.509 Authentication Service:

 X.509 is a digital certificate.
 It is built by widely trusted standard known as ITU(International Telecommunication Union).
 X.509 digital certificate is a certificate-based authentication security framework that can be used for
providing secure transaction processing and private information.
 These are primarily used for handling the security and identity in computer networking and internet -
based communications.

Applications of X.509 Authentication Service Certificate:

Many protocols depend on X.509 and it has many applications, some of them are given below:
 Document signing and Digital signature
 Web server security with the help of TLS/SSL certificates
 Email certificates
 Code signing
 Digital Identities

Diploma : CSE (All Paper)

1
CTH EDUCATION
Unit – 06: Network Security
 Internet security protocols, SSL, TLS TSP WAP security,
 SET Hashing Authentication & Signature Schemes
 E-mail security, Email architecture SSL, PGP, MIME, S/MIME
 Internet Protocol Security (IP Sec) IP Sec architecture, IP Sec verses other layers security Mobile IP Sec,
VPN, Web security SSL, TLS, SET etc.

Questions to be discussed:
1. What do you mean by network security? What are the benefits of network security?
2. What are network security protocol? Discuss any two network security protocol.
3. Discuss about email security. Also explain email architecture.
4. Differentiate between PGP and S/MIME.
5. What is IP Security? Define its architecture in brief.
6. Define Virtual Private Network in brief.

Diploma : CSE (All Paper)

2
CTH EDUCATION
What is Network Security?
 It is the process of securing data or information on the network from various attacks.
 This aims at securing the confidentiality and accessibility of the data and network.
 It protects your network and data from breaches, intrusions and other threats.
 Network security also helps you to protect proprietary information from attack.
 Ultimately it protects your reputation.

Benefits of Network Security:

 Network Security has several benefits, some of which are mentioned below:
1. It helps in protecting clients’ information and data which ensures reliable access and helps in
protecting the data from cyber threats.
2. It protects the organization from heavy losses that may have occurred from data loss or any security
incident.
3. It overall protects the reputation of the organization as it protects the data and confidential items.

What are Network Security Protocols?

 Network security protocols are network protocols that ensure the integrity and security of data
transmitted across network connections.
 The specific network security protocol used depends on the type of protected data & network connection.
 Various security mechanisms exist for specialized internet services like email, electronic commerce,
payment, wireless internet, etc.
 To provide security to the internet, various protocols like:
1. SSL (Secure Socket Layer),
2. TLS (Transport Layer Security),
3. TSP (Tunnel Setup Protocol)
4. WAP (Wireless Application Protocol) etc.

SSL:
 SSL stands for secure socket layer.
 It provides security to the data that is transferred between web browser and server.
 SSL encrypts the link between a web server and a browser which ensures that all data passed between
them remain private and free from attack.
 SSL Record provides two services to SSL connection:
1. Confidentiality
2. Message Integrity

Diploma : CSE (All Paper)

3
CTH EDUCATION
TLS:
 TLS stands for Transport Layer Security.
 TLS are designed to provide security at the transport layer.
 TLS was derived from a security protocol called Secure Socket Layer (SSL).
 TLS ensures that no third party may eavesdrop or tampers with any message.
 It is an IETF standard protocol that provides authentication, privacy and data integrity between two
communicating computer applications.
 IETF stands for Internet Engineering Task Force.

TSP:
 TSP stands for Time Stamp Protocol.
 The TSP is a cryptographic protocol for certifying timestamps using X. 509 certificates and public key.
 The TSP is the signer's assertion that a piece of electronic data existed at or before a particular time.
 The protocol is defined in RFC 3161.

WAP Security:
 WAP stands for Wireless Application Protocol.
 It is a protocol that is introduced in 1999.
 It offers Internet communications over wireless devices, such as mobile phones.
 It offers a way of creating web applications for mobile devices, and it is designed for micro-browsers.

Email security:
 It is the practice of protecting email accounts and communications from unauthorized access or loss.
 Email security refers to the steps where we protect the email messages and the information.
 It involves ensuring the confidentiality, integrity, and availability of email messages.
 Organizations can enhance their email security using tools to protect against malicious threats such as
malware, spam, and phishing attacks.

What is email architecture?

 It is the structure and design of an email system.
 It includes the protocols, servers, and clients involved in the transmission and reception of emails.
 Email architecture consists of three components:
 User Agent (UA)
 Message Transfer Agent (MTA)
 Message Access Agent (MAA)

Diploma : CSE (All Paper)

4
CTH EDUCATION
PGP:
 PGP stands for Pretty Good Privacy.
 PGP is an open source software package that is designed for the purpose of email security.
 Phil Zimmerman developed it.
 It provides the basic or fundamental needs of cryptography.

S/MIME:
 S/MIME stands for Secure/Multipurpose Internet Mail Extension.
 S/MIME is a security-enhanced version of Multipurpose Internet Mail Extension (MIME).
 In this, public key cryptography is used for digital sign, encrypt or decrypt the email.
 User acquires a public-private key pair with a trusted authority and then makes appropriate use of
those keys with email applications.

Difference between PGP and S/MIME:

PGP S/MIME

PGP stands for Pretty Good Privacy.

Secure/Multipurpose Internet Mail Extension.

While it is designed to process email as well as

It is designed for processing the plain texts.
many multimedia files.

PGP is less costly as compared to S/MIME. While S/MIME is comparatively expensive.

PGP is good for personal as well as office use. While it is good for industrial use.

PGP is less efficient than S/MIME. While it is more efficient than PGP.

IP security (IPSec):
 IP Sec stands for Internet Protocol Security.
 It is a standard suite of protocols between two communication points across the IP network.
 It provides data authentication, integrity, and confidentiality.
 It also defines the encrypted, decrypted, and authenticated packets.
 The protocols needed for secure key exchange and key management are defined in it.

IP Security Architecture:
 IP Security architecture uses two protocols to secure the traffic or data flow.
 These protocols are ESP (Encapsulation Security Payload) and AH (Authentication Header).

Diploma : CSE (All Paper)

5
CTH EDUCATION
 IPSec Architecture includes protocols, algorithms, DOI, and Key Management.
 All these components are very important in order to provide the three main services:
1. Confidentiality
2. Authenticity
3. Integrity

Types of Network Security Protections:

 There are multiple components working together to ensure the security of data and networks.
 Based on this, there are several different types of network security:
1. Firewalls
2. Access control
3. Virtual private networks (VPNs) etc.

Virtual Private Networks (VPNs)

 VPN stands for "Virtual Private Network".
 It describes the opportunity to establish a protected network connection when using public networks.
 VPNs encrypt your internet traffic and disguise your online identity.
 This makes it more difficult for third parties to track your activities online and steal data.
 The encryption takes place in real time.

Web Security:
 Web security refers to protecting networks and computer systems from damage to or the theft of software,
hardware, or data.
 It includes protecting computer systems from misdirecting or disrupting the services they are designed
to provide.

Diploma : CSE (All Paper)

1
CTH EDUCATION
Unit – 07: System Security
 Intruders, types of attacks, protecting against Intruders honeypots, scanning and analysis tools,
 Viruses and worms, types of viruses, protection,
 Firewall architecture implementing firewalls, xml firewalls,
 Trusted systems, trusted system applications, multilevel security, trusted products.
 Security implementation, wireless security, securities in Adhoc-networks.

Questions to be discussed:
1. What do you mean by Intruder?
2. What is attack? Describe different types of attacks in network security.
3. Define the term virus. Explain various types of virus in brief.
4. Describe virus and antivirus in details.
5. Write short notes on:
a. Firewall
b. Virtual Private Network(VPN)
c. Honeypot

Diploma : CSE (All Paper)

2
CTH EDUCATION
What do you mean by an Intruder?
 It is an unauthorized person that tries to access a system or network without authorization.
 An intruder is anyone that tries to get access to any part of your computer system.
 An intruder is typically referred to as a hacker.
 They are very smart and know a lot about technology and security.
 They typically try to sell this information to third parties.

What is attacks in network security?

 Network attacks are unauthorized actions on the digital assets within an organizational network.
 Malicious parties usually execute network attacks to alter, destroy, or steal private data.
 There are various types of attack, some of them are given below:
1. Unauthorized access
2. Denial of service attack
3. Man in the middle attack
4. SQL injection attack
5. Insider threats etc.

Unauthorized access
 Unauthorized access refers to attackers accessing a network without receiving permission.

Denial of Service (DoS) attacks

 It is a type of attack that crash a machine or network, making it inaccessible to its intended user.

Man in the middle attacks

 It is a type of attack in which the attacker secretly intercepts and relays messages between two parties
who believe they are communicating directly with each other.
 The attack is a type of eavesdropping in which the attacker intercepts & controls the entire conversation.

Code and SQL injection attacks

 It is a common attack that uses malicious SQL code for backend database manipulation to access
information that was not intended to be displayed.

Insider threats
 Insider threats are cybersecurity threats that originate with authorized users—employees, contractors,
business partners—who intentionally or accidentally misuse their legitimate access, or have their
accounts hijacked by cybercriminals.

Diploma : CSE (All Paper)

3
CTH EDUCATION
What is Honeypot?
 Honeypot is a network-attached system.
 It is used as a trap for cyber-attackers to detect and study the tricks used by hackers.
 Honeypots are mostly used by large companies and organizations involved in cybersecurity.
 It helps cybersecurity researchers to learn about the different type of attacks used by attackers.
 The cost of a honeypot is generally high because it requires specialized skills and resources.

What is Virus? Explain various types of viruses.

 Virus stands for Vital Information Resource Under Seize.
 It is a malicious software loaded onto a user’s computer without the user’s knowledge and performs
malicious actions.
 It is an unwanted software programs that interfere with the functioning of the computer.
 Once it enters your system, it can replicate to produce copies of itself to spread from one program to
another.
 So, we can say that it is a self-replicating computer program that interferes with the functioning of the
computer by infecting files, data, programs, etc.
 There are various types of virus some of them are given below:
 Malware
 Trojan horse
 Worm
 Spyware
 Boot sector etc.

Malware:
 Malware stands for malicious software.
 Malware is the name that is given to any type of software that could harm a computer system.
 It interferes with and gather a user's data, or make the computer perform actions without the owner's
knowledge or permission.

Trojan horse:
 A type of malware that uses malicious code to install software that seems ok, but is hidden to create
back doors into a system.
 This typically causes loss or theft of data from an external source.

Diploma : CSE (All Paper)

4
CTH EDUCATION
Worm:
 Unlike a virus, a worm, is a standalone piece of malicious software that replicates itself in order to
spread to other computers.
 It often uses a computer network to spread itself, relying on security flaws on the target system to allow
access.

Spyware:
 Spyware is software that aids in gathering information about a person or organization without their
knowledge.
 Spyware can monitor and log the activity that is performed on a target system, like log key strokes, or
gather credit card and other information.

Boot sector virus:

 This type of virus can take control when you start — or boot — your computer.
 One way it can spread is by plugging an infected USB drive into your computer.

What is Anti-Virus?
 Antivirus is a kind of software used to prevent, scan, detect and delete viruses from a computer.
 Once installed, most antivirus software runs automatically in the background to provide real-time
protection against virus attacks.
 Antivirus software helps protect your computer against malware and cybercriminals.
 Antivirus software looks at data — web pages, files, software, applications — traveling over the network
to your devices.
 It searches for known threats and monitors the behavior of all programs, flagging suspicious behavior.
 It seeks to block or remove malware as quickly as possible

Explain how Anti-Virus is useful to prevent and detect the viruses.

 Antivirus software provides protection against these types of threats by performing key tasks:
 Pinpointing specific files for the detection of malicious software.
 Scheduling automatic scans.
 Scanning either one file or your entire computer at your discretion

Diploma : CSE (All Paper)

5
CTH EDUCATION
What is Firewalls?
 A firewall is a network security system that manages the network traffic based on some protocols.
 It monitors and control incoming & outgoing traffic based on pre-defined rules.
 A firewall acts like a hardware.
 Firewalls exist as software or hardware both.
 Most personal computers use software-based firewalls to secure data from threats from the internet.
 Firewalls are used in private networks or intranets to prevent unauthorized access from the internet.
 Every message entering or leaving the intranet goes through the firewall to be examined for security
measures.

Virtual Private Networks(VPN):

 A VPN is type of Network security.
 It hides your IP address on the internet.
 It prevents unauthorized people and allows the unauthorized user.
 A VPN is an encrypted connection over the Internet.
 The encrypted connection helps ensure that sensitive data is safely transmitted.
 VPN technology is widely used in corporate environments.
 VPN supports the user in creating a secure private connection between the networks.
 Users working from home usually connect to the company's network via a VPN.

Diploma : CSE (All Paper)