is lab manual.docx

7/25/2019 IS lab manual.docx

1/114

Information security(Lab Manual)

Information security means protecting information and information systems from unauthorized

access, use, disclosure, disruption, modification, perusal, inspection, recording or destruction.

The art of protecting information by transforming it into an unreadable format, called cipher text.

Only those who possess a secret keycan decipher the message intoplain text.

Page | 1

Information

Technology

Department

V.V.P.

Engineering

College
http://en.wikipedia.org/wiki/Information_systemhttp://www.webopedia.com/TERM/C/cipher_text.htmhttp://www.webopedia.com/TERM/P/plain_text.htmhttp://www.webopedia.com/TERM/P/plain_text.htmhttp://www.webopedia.com/TERM/C/cipher_text.htmhttp://www.webopedia.com/TERM/P/plain_text.htmhttp://en.wikipedia.org/wiki/Information_system


2/114

Characteristics of Information Security:

ue the importance of the information security, it has many important features that are reallyhelpful for the protection of the confidential data from lea!ing and also help to protect fromhac!ing. "ome important characteristics of the information security are as follows

1. Integrity

#. $onfidentiality

%. &uthentication

'. (anagement of )is!

Latest Manual Prepared By :- ).P.Patel

Lab in charge :-

*O of Information Technology epartment

( MS. !"I.#.!S"$ %

LIST OF EXPERIMENTSPage | #


3/114

Sr.

N

o.

Name of Experiment

1. To study basics of cryptography.

2. To implement caesar cipher.

3. To implement transposition cipher.

4. To implement monoalphabetic cipher.

5. To implement polyalphabetic cipher.

6. To implement playfair cipher.

7. To study basics of D!

". To study basics of digital signature and #D$5

%. To implement &!' algorithm

1(. To search and study any encryption tool on internet

Page | %


4/114

ASSINMENT NO! "

TO ST#$% &ASI' OF

'R%PTORAP%

Page | '


5/114

Page | +


6/114

Cryptography

The art of protecting information by transforming it )encrypting it* into an

unreadable format+ called cipher te,t. -nly those ho possess a secret key

can decipher )or decrypt* the message into plain te,t. ncrypted messages

can sometimes be bro/en by cryptanalysis+ also called codebreaking+although modern cryptography techni0ues are irtually unbrea/able.

ryptography systems can be broadly classied into symmetric$/ey systems

that use a single /ey that both the sender and recipient hae+ and public-key

systems that use to /eys+ a public /ey /non to eeryone and a priate /ey

that only the recipient of messages uses.

Symmetric Cipher Model

& symmetric encryption scheme has fieingredients-igure #.1/0

Plaintext0 This is the original intelligible message or data that is fed into the algorithm as

input.

ncryption algorithm0 The encryption algorithm performs arious substitutions and

transformations on the plaintext.

"ecret !ey0 The secret !ey is also input to the encryption algorithm. The !ey is a alue

independent of the plaintext and of the algorithm. The algorithm will produce a differentoutput depending on the specific !ey being used at the time. The exact substitutions andtransformations performed by the algorithm depend on the !ey.

$iphertext 0 This is the scrambled message produced as output. It depends on the

plaintext and the secret !ey. or a gien message, two different !eys will produce twodifferent ciphertexts. The ciphertext is an apparently random stream of data and, as itstands, is unintelligible.

ecryption algorithm0 This is essentiallythe encryption algorithm run in reerse. It ta!es

the ciphertext and the secret !ey and produces the original plaintext.

Page | 2
http://www.webopedia.com/TERM/E/encryption.htmhttp://www.webopedia.com/TERM/C/cipher_text.htmhttp://www.webopedia.com/TERM/D/decryption.htmhttp://www.webopedia.com/TERM/P/plain_text.htmhttp://www.webopedia.com/TERM/S/symmetric_key_cryptography.htmhttp://www.webopedia.com/TERM/P/public_key_cryptography.htmhttp://flylib.com/books/en/3.189.1.36/1/http://flylib.com/books/en/3.189.1.36/1/http://flylib.com/books/en/4.105.1.148/1/http://flylib.com/books/en/4.195.1.26/1/http://flylib.com/books/en/4.195.1.26/1/http://www.webopedia.com/TERM/E/encryption.htmhttp://www.webopedia.com/TERM/C/cipher_text.htmhttp://www.webopedia.com/TERM/D/decryption.htmhttp://www.webopedia.com/TERM/P/plain_text.htmhttp://www.webopedia.com/TERM/S/symmetric_key_cryptography.htmhttp://www.webopedia.com/TERM/P/public_key_cryptography.htmhttp://flylib.com/books/en/3.189.1.36/1/http://flylib.com/books/en/4.105.1.148/1/http://flylib.com/books/en/4.195.1.26/1/


7/114

&igure '.. Simplified Model of Con)entional *ncryption

There are two re3uirements for secure use of conentional encryption0

1. 4e need a strong encryption algorithm. &t a minimum, we would li!e the algorithm to be

such that an opponent who !nows the algorithm and has access to one or moreciphertexts would be unable to decipher the ciphertext or figure out the !ey. Thisre3uirement is usually stated in a stronger form0 The opponent should be unable todecrypt ciphertext or discoer the !ey een if he or she is in possession of a number ofciphertexts together with the plaintext that produced each ciphertext.

#. "ender and receier must hae obtained copies of the secret !ey in a secure fashion andmust !eep the !ey secure. If someone can discoer the !ey and !nows the algorithm, allcommunication using this !ey is readable.

4e assume that it is impractical to decrypt a message on the basis of the ciphertext plus

!nowledge of the encryption5decryption algorithm. In other words, we do not need to !eep thealgorithm secret6 we need to !eep only the !ey secret. This feature of symmetric encryption iswhat ma!es it feasiblefor widespread use. The fact that the algorithm need not be !ept secretmeans that manufacturers can and hae deeloped low7cost chip implementations of dataencryption algorithms. These chips are widely aailable and incorporated into a number ofproducts. 4ith the use of symmetric encryption, the principal security problem is maintaining thesecrecyof the !ey.

8et us ta!e a closer loo! at the essential elements of a symmetric encryption scheme, usingigure #.#. & source produces a message in plaintext, 9 : ; 9 1 , 9 # , ..., 9 ( ?, 1@ is typically used. or encryption, a !ey ofthe form A : ; A 1 , A # , ..., A B < is generated. If the !ey is generated at the message source, thenit must also be proided to the destination by means of some secure channel. &lternatiely, athird party could generate the !ey and securely delier it to both source and destination.

Page | C
http://flylib.com/books/en/2.670.1.102/1/http://flylib.com/books/en/4.483.1.129/1/http://flylib.com/books/en/4.483.1.129/1/http://flylib.com/books/en/2.847.1.232/1/http://flylib.com/books/en/3.71.1.85/1/http://flylib.com/books/en/3.71.1.85/1/http://flylib.com/books/en/4.178.1.80/1/http://flylib.com/books/en/4.494.1.66/1/http://flylib.com/books/en/4.250.1.110/1/http://flylib.com/books/en/2.670.1.102/1/http://flylib.com/books/en/4.483.1.129/1/http://flylib.com/books/en/2.847.1.232/1/http://flylib.com/books/en/3.71.1.85/1/http://flylib.com/books/en/4.178.1.80/1/http://flylib.com/books/en/4.494.1.66/1/http://flylib.com/books/en/4.250.1.110/1/


8/114

&igure '.'. Model of Con)entional Cryptosystem

4ith the message 9 and the encryption !ey A as input, the encryption algorithm forms theciphertext D : ; D 1 , D # , ..., D =


9/114

ASSINMENT NO!

'AESAR 'IPER

Page | F


10/114

Page | 1?


11/114

Caesar cipher

Incryptography, a Caesar cipher, also !nown as a Caesar+s cipher, the shift cipher, Caesar+scodeor Caesar shift, is one of the simplest and most widely !nown encryptiontechni3ues. It isa type of substitution cipherin which each letter in theplaintextis replaced by a letter some fixednumber of positions down the alphabet. or example, with a shift of %, &would be replaced by ,

Gwould become , and so on. The method is named after Bulius $aesar, who used it in hispriate correspondence.

*,ample

The transformation can be represented by aligning two alphabets6 the cipher alphabet is the plainalphabet rotated left or right by some number of positions. or instance, here is a $aesar cipherusing a left rotation of three places -the shift parameter, here %, is used as the !ey/0

Plain0 &G$H*IBA8(=OP)"TJK49DL$ipher0 H*IBA8(=OP)"TJK49DL&G$

4hen encrypting, a person loo!s up each letter of the message in the MplainM line and writesdown the corresponding letter in the McipherM line. eciphering is done in reerse.

$iphertext0 4A* T98= J)L I)& (9P"K )D*J 4A* O$G H)BPlaintext0 the 3uic! brown fox Numps oer the lazy dog

The encryption can also be represented using modular arithmeticby first transforming the lettersinto numbers, according to the scheme, & : ?, G : 1,..., L : #+. ncryption of a letter x by a shiftn can be described mathematically as,

ecryption is performed similarly,

-There are different definitions for the modulo operation. In the aboe, the result is in the range?...#+. I.e., if xn or x7n are not in the range ?...#+, we hae to subtract or add #2./

The replacement remains the same throughout the message, so the cipher is classed as a type ofmonoalphabetic substitution, as opposed topolyalphabetic substitution.

Page | 11
http://en.wikipedia.org/wiki/Cryptographyhttp://en.wikipedia.org/wiki/Cryptographyhttp://en.wikipedia.org/wiki/Encryptionhttp://en.wikipedia.org/wiki/Substitution_cipherhttp://en.wikipedia.org/wiki/Plaintexthttp://en.wikipedia.org/wiki/Alphabethttp://en.wikipedia.org/wiki/Julius_Caesarhttp://en.wikipedia.org/wiki/Key_(cryptography)http://en.wikipedia.org/wiki/Modular_arithmetichttp://en.wikipedia.org/wiki/Modulo_operationhttp://en.wikipedia.org/wiki/Monoalphabetic_substitutionhttp://en.wikipedia.org/wiki/Polyalphabetic_substitutionhttp://en.wikipedia.org/wiki/Cryptographyhttp://en.wikipedia.org/wiki/Encryptionhttp://en.wikipedia.org/wiki/Substitution_cipherhttp://en.wikipedia.org/wiki/Plaintexthttp://en.wikipedia.org/wiki/Alphabethttp://en.wikipedia.org/wiki/Julius_Caesarhttp://en.wikipedia.org/wiki/Key_(cryptography)http://en.wikipedia.org/wiki/Modular_arithmetichttp://en.wikipedia.org/wiki/Modulo_operationhttp://en.wikipedia.org/wiki/Monoalphabetic_substitutionhttp://en.wikipedia.org/wiki/Polyalphabetic_substitution


12/114

Breaing the cipher

The $aesar cipher can be easily bro!en een in a ciphertext7only scenario. Two situations can beconsidered0

1. an attac!er !nows -or guesses/ that some sort of simple substitution cipher has been used,but not specifically that it is a $aesar scheme6

#. an attac!er !nows that a $aesar cipher is in use, but does not !now the shift alue.

In the first case, the cipher can be bro!en using the same techni3ues as for a general simplesubstitution cipher, such as fre3uency analysisorpattern words. 4hile soling, it is li!ely that anattac!er will 3uic!ly notice the regularity in the solution and deduce that a $aesar cipher is thespecific algorithm employed.

Page | 1#

ecryption

shiftCandidate plainte,t

? exxegoexsrgi

1 dwwdfndwr3fh

# ccemc3peg

% buubdlbupodf

' attac!atonce

+ zsszbNzsnmbd

2 yrryaiyrmlac

...

#% haahNrhauNl

#' gzzgi3gzuti!

#+ fyyfhpfytshN
http://en.wikipedia.org/wiki/Ciphertext-only_attackhttp://en.wikipedia.org/wiki/Frequency_analysishttp://en.wikipedia.org/w/index.php?title=Pattern_word&action=edit&redlink=1http://en.wikipedia.org/wiki/Ciphertext-only_attackhttp://en.wikipedia.org/wiki/Frequency_analysishttp://en.wikipedia.org/w/index.php?title=Pattern_word&action=edit&redlink=1


13/114

The distribution of letters in a typical sample of nglish language text has a distinctie andpredictable shape. & $aesar shift MrotatesM this distribution, and it is possible to determine theshift by examining the resultant fre3uency graph.

In the second instance, brea!ing the scheme is een more straightforward. "ince there are only alimited number of possible shifts -#2 in nglish/, they can each be tested in turn in a brute forceattac!. One way to do this is to write out a snippet of the ciphertext in a table of all possible

shifts a techni3ue sometimes !nown as Mcompleting the plain componentM. The example gienis for the ciphertext M99HO9")HIM6 the plaintext is instantly recognisable by eye at a shiftof four.

Implementation of Caesar Cipher

QincludeRstdio.hS

QincludeRconio.hS

QincludeRstring.hS

oid main-/

>

int i,N,l,b,no6

char a;1??

N:a;i


14/114

N:no6

if-isupper-a;i

if-NR2+/

>

b:2+7N6

N:F17b6

@

else if-NSF?/

>

b:N7F?6

N:2'b6

@

@

else if-islower-a;i

if-NRFC/

>

b:FC7N6

N:1#%7b6

@

else if-NS1##/

>

b:N71##6

N:F2b6

@

Page | 1'


15/114

@

printf-McM,N/6

@

getch-/6

@

/utput

nter the message0 *88O

nter the !ey0 %

ncrypted message0 A*OO)

'!!I#T - 3

T&'!-!ITI- I&

Page | 1+


16/114

In cryptography, a transposition cipheris a method of encryption by which the positions held

by units of plaintext -which are commonly characters or groups of characters/ are shifted

according to a regular system, so that the ciphertextconstitutes apermutationof the plaintext.

That is, the order of the units is changed. (athematically a biNectie function is used on the

charactersX positions to encrypt and an inerse functionto decrypt.

&ail 8ence cipher

The )ail encecipher is a form of transposition cipher that gets its name from the way in which

it is encoded. In the rail fence cipher, the plaintext is written downwards on successie MrailsM of

an imaginary fence, then moing up when we get to the bottom. The message is then read off in

rows. or example, using three MrailsM and a message of X4 &) I"$OK). 8 &T

O=$X, the cipherer writes out0

W . . . E . . . C . . . R . . . L . . . T . . . E

. E . R . D . S . O . E . E . F . E . A . O . C .

. . A . . . I . . . V . . . D . . . E . . . N . .

Then reads off0

WECRL TEERD SOEEF EAOCA IVDEN

&oute cipher

In a route cipher, the plaintext is first written out in a grid of gien dimensions, then read off in a

pattern gien in the !ey. or example, using the same plaintext that we used for rail fence0

W R I O R F E O E

E E S V E L A N J

A D C E D E T C X

The !ey might specify Mspiral inwards, cloc!wise, starting from the top rightM. That would gie a

cipher text of0

EJXCTEDECDAEWRIORFEONALEVSE

)oute ciphers hae many more !eys than a rail fence. In fact, for messages of reasonable length,

the number of possible !eys is potentially too great to be enumerated een by modern machinery.

*oweer, not all !eys are e3ually good. Gadly chosen routes will leae excessie chun!s of

plaintext, or text simply reersed, and this will gie cryptanalysts a clue as to the routes..

olumnar transposition

Page | 12
http://en.wikipedia.org/wiki/Cryptographyhttp://en.wikipedia.org/wiki/Plaintexthttp://en.wikipedia.org/wiki/Ciphertexthttp://en.wikipedia.org/wiki/Permutationhttp://en.wikipedia.org/wiki/Bijectivehttp://en.wikipedia.org/wiki/Bijectivehttp://en.wikipedia.org/wiki/Inverse_functionhttp://en.wikipedia.org/wiki/Rail_fencehttp://en.wikipedia.org/wiki/Rail_fencehttp://en.wikipedia.org/wiki/Cryptographyhttp://en.wikipedia.org/wiki/Plaintexthttp://en.wikipedia.org/wiki/Ciphertexthttp://en.wikipedia.org/wiki/Permutationhttp://en.wikipedia.org/wiki/Bijectivehttp://en.wikipedia.org/wiki/Inverse_functionhttp://en.wikipedia.org/wiki/Rail_fencehttp://en.wikipedia.org/wiki/Rail_fence


17/114

In a columnar transposition, the message is written out in rows of a fixed length, and then read

out again column by column, and the columns are chosen in some scrambled order. Goth the

width of the rows and the permutation of the columns are usually defined by a !eyword. or

example, the word ZEBRASis of length 2 -so the rows are of length 2/, and the permutation is

defined by the alphabetical order of the letters in the !eyword. In this case, the order would be M2

% # ' 1 +M.

In a regular columnar transposition cipher, any spare spaces are filled with nulls6 in an irregular

columnar transposition cipher, the spaces are left blan!. inally, the message is read off in

columns, in the order specified by the !eyword. or example, suppose we use the !eyword

ZEBRAS and the message WE ARE DISCOVERED. FLEE AT ONCE. In a regular columnar

transposition, we write this into the grid as0

6 3 2 4 1 5

W E A R E D

I S C O V E

R E D F L E

E A T O N C

E Q K J E U

Proiding fie nulls -QKJEU/ at the end. The ciphertext is then read off as0

EVLNE ACDTK ESEAQ ROFOJ DEECU WIREE

In the irregular case, the columns are not completed by nulls0

6 3 2 4 1 5

W E A R E D

I S C O V E

R E D F L E

E A T O N C

E

This results in the following ciphertext0

EVLNA CDTES EAROF ODEEC WIREE

To decipher it, the recipient has to wor! out the column lengths by diiding the message length

by the !ey length. Then he can write the message out in columns again, then re7order the

columns by reforming the !ey word.

$olumnar transposition continued to be used for serious purposes as a component of more

complex ciphers at least into the 1F+?Xs.

Detection and cryptanalysis

"ince transposition does not affect the fre3uency of indiidual symbols, simple transposition can

be easily detected by the cryptanalystby doing a fre3uency count. If the ciphertext exhibits a

fre3uency distributionery similar to plaintext, it is most li!ely a transposition. This can then

often be attac!ed by anagrammingsliding pieces of ciphertext around, then loo!ing for

sections that loo! li!e anagrams of nglish words, and soling the anagrams. Once such

Page | 1C
http://en.wikipedia.org/wiki/Cryptanalysishttp://en.wikipedia.org/wiki/Frequency_distributionhttp://en.wikipedia.org/wiki/Anagramhttp://en.wikipedia.org/wiki/Cryptanalysishttp://en.wikipedia.org/wiki/Frequency_distributionhttp://en.wikipedia.org/wiki/Anagram


18/114

anagrams hae been found, they reeal information about the transposition pattern, and can

conse3uently be extended.

Implementation of transposition cipher

9include:stdio.h;

9include:conio.h;

9include:string.h;

oid main)*

=5>+out=4>=5>+p=2(>+c=2(>+p1=2(>?

int i+@+/A(+/ey=5>A=@>Ap=/>?

/EE?

B

B

FGfor)iA(?i:4?iEE*

*?

B

printf)CnC*?

BGF

countA(?

printf)Cncrypted message is C*?

for)iA(?i:5?iEE*

*

=@>?

printf)CHcC+c=l>*?

lEE

B

B

c=l>AK(K?

printf)CnC*?

Page | 1F


20/114

for)iA(?i:5?iEE*

Ac=)4G/ey=i>*E@>?

B

B

FGfor)iA(?i:4?iEE*

*?

B

printf)CnC*?

BGF

printf)CDecrypted message is C*?

lA(?

for)iA(?i:4?iEE*

=@>?

printf)CHcC+p1=l>*?

lEE?

B

Bgetch)*?

Page | #?


21/114

B

-utput

nter the messagemeetmeaftertogaparty

ncrypted message is ttgteformerpmeayeata

Decrypted message is meetmeaftertogaparty

Page | #1


22/114

'!!I#T - 4

#--'L'MTI I&

#ono$alphabetic ipher

& mono7alphabetic cipher is a simple substitution cipher wherein each letter of the plaintext is

replaced by another letter in the ciphertext. &n example of a mono7alphabetic cipher !ey follows0

& G $ H * I B A 8 ( = O P ) " T J K 4 9 D LN r s 3 x z o e w n d y p f a t b c i l h g ! m uThis !ey means that any XNX in the plaintext will be replaced by an X&X in the ciphertext, any XrX in

the plaintext will be replaced by a XGX in the ciphertext, and so on.

Page | ##


23/114

ryptanalysis

4hile there are hundreds of different codes and cipher systems in the world, there are some

uniersal traits and techni3ues cryptanalysts use to sole them. Patience and perseerance are

two of the most important 3ualities in a cryptanalyst. "oling a cipher can ta!e a lot of time,

sometimes re3uiring you to retrace your steps or start oer. It is tempting to gie up when you

are faced with a particuarly challenging cipher.

&nother important s!ill to hae is a strong familiarity with the language in which the plaintext is

written. Trying to sole a coded message written in an unfamiliar language is almost impossible.

strong familiarity with a language includes a grasp of the languageXs redundancy.

)edundancy means that eery language contains more characters or words than are actually

needed to coney information. The rules of the nglish language create redundancy 77 for

example, no nglish word will begin with the letters Mng.M nglish also relies heaily on a small

number of words. 4ords li!e Mthe,M Mof,M Mand,M Mto,M Ma,M Min,M Mthat,M Mit,M Mis,M and MIM accountfor more than one 3uarter of the text of an aerage message written in nglish.

Anowing the redundant 3ualities of a language ma!es a cryptanalystXs tas! much easier. =o

matter how conoluted the cipher is, it follows some languageXs rules in order for the recipient to

understand the message. $ryptanalysts loo! for patterns within ciphers to find common words

and letter pairings.

One basic techni3ue in cryptanalysis is fre0uency analysis. ery language uses certain letters

more often than others. In nglish, the letter MeM is the most common letter. Gy counting up the

characters in a text, a cryptanalyst can see ery 3uic!ly what sort of cipher he has. If thedistribution of cipher fre3uency is similar to the distribution of the fre3uency of a normal

alphabet, the cryptanalyst may conclude that heXs dealing with a monoalphabetic cipher.

Page | #%
http://people.howstuffworks.com/time.htmhttp://people.howstuffworks.com/time.htm


24/114

$his chart sho1s the fre0uency 1ith 1hich

each letter in the *nglish language is used.

Implementation of monoalphabetic cipher

QincludeRstdio.hS

QincludeRconio.hS

oid main-/

>

char !ey;#2XcX,XaX,XfX,XxX,XbX,XzX,XsX,XX,XnX,XhX,XNX,X!X,XdX,XlX,XiX,XoX,XyX,XuX,XpX,XrX,XtX,XwX,X3X,XgX,XeX,XmX@6

char str;1??


25/114

@

else

>

temp;i


26/114

enter your string0 p engineering college

ncrypted "tring0 wwo blsnlbbunls fi!!bsb

ecrypted string0 p engineering college

Page | #2


27/114

SSI2"M*"$ "/: 3

P/L4LP5B*$IC CIP5*#

Page | #C


28/114

Polyalphabetic Ciphers

& cipher is polyalphabeticif a gien letter of the alphabet will not always enciphered by thesame ciphertext letter, and, as a conse3uence, cannot be described by a single set of ciphertextalphabet corresponding to a single set of plaintext alphabet.

The simplest way to produce a polyalphabetic cipher is to combine different monoalphabetic

ciphers.

One of the problems with monoalphabetic ciphers is that the letters occur with certain fre3uencyin a language. This fre3uency can be graphed for both plaintext letters and the ciphertext lettersof the enciphered message, and, after some analysis, the cipher is relatiely easily bro!en.

xample of the polyalphabetic ciphers is the !igen6re cipher. The Kigen[re cipher waspublished in 1+E2 by the rench diplomat Glaise de Kigen[re. The basic idea of this cipher is touse a number of monoalphabetic ciphers in turn. In order to encipher by Kigen[re cipher, youneed two things0 a !eyword and the Kigen[re s3uare, below.

Page | #E


29/114

Key Word Letters

A B C D E F G H I J K L M N O P Q R S T U V W ! "

A A B C D E F G H I J K L M N O P Q R S T U V W ! "

B B C D E F G H I J K L M N O P Q R S T U V W ! " A

C C D E F G H I J K L M N O P Q R S T U V W ! " A B

D D E F G H I J K L M N O P Q R S T U V W ! " A B C

E E F G H I J K L M N O P Q R S T U V W ! " A B C D

F F G H I J K L M N O P Q R S T U V W ! " A B C D E

G G H I J K L M N O P Q R S T U V W ! " A B C D E F

H H I J K L M N O P Q R S T U V W ! " A B C D E F G

M I I J K L M N O P Q R S T U V W ! " A B C D E F G H

e J J K L M N O P Q R S T U V W ! " A B C D E F G H I

s K K L M N O P Q R S T U V W ! " A B C D E F G H I J

s L L M N O P Q R S T U V W ! " A B C D E F G H I J K

# M M N O P Q R S T U V W ! " A B C D E F G H I J K L

$ N N O P Q R S T U V W ! " A B C D E F G H I J K L M

e O O P Q R S T U V W ! " A B C D E F G H I J K L M N

P P Q R S T U V W ! " A B C D E F G H I J K L M N O

L Q Q R S T U V W ! " A B C D E F G H I J K L M N O P

e R R S T U V W ! " A B C D E F G H I J K L M N O P Q

t S S T U V W ! " A B C D E F G H I J K L M N O P Q R

t T T U V W ! " A B C D E F G H I J K L M N O P Q R S

e U U V W ! " A B C D E F G H I J K L M N O P Q R S T

r V V W ! " A B C D E F G H I J K L M N O P Q R S T U

s W W ! " A B C D E F G H I J K L M N O P Q R S T U V

! " A B C D E F G H I J K L M N O P Q R S T U V W

! ! " A B C D E F G H I J K L M N O P Q R S T U V W

" " A B C D E F G H I J K L M N O P Q R S T U V W !

Page | #F


30/114

4e write the !eyword repeatedly oer the text of the message until reaching the end. The rule forenciphering0

The letter of the !eyword that is aboe a plaintext letter determines the alphabet -i.e. the row ofthe s3uare/ which will be used to encipher this cleartext letter.

or example, if our !eyword was MhellM and our message was MI li!e mathematicsM, then we

write0

h e l l h e l l h e l l h e l 8

i l i ! e m a t h e m a t I c "

Then, to encipher the first i we loo! it up the hth row of the Kigen[re s3uare to find p.

Implementation of Polyalphabetic cipher

QincludeRstdio.hS

QincludeRconio.hS

QincludeRstring.hS

oid main-/

>

int i,N,!,ch,length\plain,length\!ey,length,l,m,n6

char plain;1??


31/114

for-N:?6NR#26N/

>

map;i

ch:FC6

@

@

!6

@

5] for-i:?6iR#26i/

>

for-N:?6NR#26N/

>

printf-McM,map;i


32/114

N:?6

for-i:?6iRl6i/

>

!ey;length\!ey

N6

@

length\!ey6

@

printf-MZnencryption0 M/6

for-i:?6iRlength\plain6i/

>

n:plain;i


33/114

N:?6

while-encr;i


34/114

ASSINMENT NO! *

PLA%FAIR 'IPER

Page | %'


35/114

The Playfair cipher or Playfair s3uare is a manual symmetricencryptiontechni3ue and was the

first literal digraph substitutioncipher. The scheme was inented in 1E+' by $harles 4heatstone,

but bears the name of 8ord Playfairwho promoted the use of the cipher.

The techni3ue encrypts pairs of letters -digraphs/, instead of single letters as in the simple

substitution cipherand rather more complex Kigen[re ciphersystems then in use. The Playfair is

thus significantly harder to brea! since the fre3uency analysis used for simple substitution

ciphers does not wor! with it. re3uency analysis can still be underta!en, but on the 2?? ;1

-]i/,-]N/6

if--]i/::siz/ ]i:?6

else if--]N/::siz/ ]N:?6

@

Page | %C
http://en.wikipedia.org/wiki/Four-square_cipherhttp://en.wikipedia.org/wiki/Two-square_cipherhttp://en.wikipedia.org/wiki/Random-restart_hill_climbinghttp://en.wikipedia.org/wiki/Four-square_cipherhttp://en.wikipedia.org/wiki/Two-square_cipherhttp://en.wikipedia.org/wiki/Random-restart_hill_climbing


38/114

oid playfair-char ch1,char ch#, char mat;siz

for-!:?6!Rsiz6!/

>

if-mat;N

m:N,n:!,c6

@

else if-mat;N

p:N,3:!,c6

@

@

@

if-m::p/

>

encrypt-Un,U3/6

@

else if-n::3/

>

Page | %E


39/114

encrypt-Um,Up/6

@

else

>

n:3,3:n73,n7:36

@

printf-MccM,mat;m


40/114

@

@

if-!ey;i

!ey;i

mat;m

for-N:?6!ey;N

if-!ey;N< :: i/

>

brea!6

@

Page | '?


41/114

else if-i::XNX/

>

brea!6

@

@

if-!ey;N

mat;m


42/114

for-i:?6str;i

temp : str;i

temp:XiX6

@

if-str;i

playfair-temp,XxX,mat/6

@

else

>

if-str;i


43/114

@

/utput:

nter Aey "tring0monarchy

nter input "tring0balloon

(atrix 0

m o n a r

c h y b d

e f g i !

l p 3 s t

u w x z

ntered text0 balloon

$ipher Text0 ibsupmna

Page | '%


44/114

ASSINMENT NO! ,

D'T' &QTI- !T'D'&D

Data ncryption !tandard

" encrypts and decrypts data in 2'7bit bloc!s, using a 2'7bit !ey -although the effectie !ey

strength is only +2 bits, as explained below/. It ta!es a 2'7bit bloc! of plaintext as input and

outputs a 2'7bit bloc! of ciphertext. "ince it always operates on bloc!s of e3ual size and it uses

both permutations and substitutions in the algorithm, " is both a bloc! cipher and a product

cipher.

" has 12 rounds, meaning the main algorithm is repeated 12 times to produce the ciphertext.It has been found that the number of rounds is exponentially proportional to the amount of time

re3uired to find a !ey using a brute7force attac!. "o as the number of rounds increases, the

security of the algorithm increases exponentially.

Page | ''


45/114

ig71 Heneral depiction of " encryption algorithm

Key Scheduling

&lthough the input !ey for " is 2' bits long, the actual !ey used by " is only +2 bits in

length. The least significant -right7most/ bit in each byte is a parity bit, and should be set so that

there are always an odd number of 1s in eery byte. These parity bits are ignored, so only the

seen most significant bits of each byte are used, resulting in a !ey length of +2 bits.

Page | '+


46/114

FIG-2 Key Scheduling

The first step is to pass the 2'7bit !ey through a permutation called Permuted $hoice 1, or P$71

for short. The table for this is gien below. =ote that in all subse3uent descriptions of bit

numbers, 1 is the left7most bit in the number, and n is the rightmost bit.

Page | '2


47/114

P'-"! Permute '/oi0e "

&i

t1 " 2 3 4 *

"5

7

4

%

4

1

3

3

2

5

1

7

%

5 15

"

5

(

4

2

3

4

2

61"

"41

(2

5

%

5

1

4

3

3

527

1

%

1

13

6

(

5

2

4

436

66

3

5

5

4

7

3

%

3

1

2

315

2* 76

2

5

4

4

6

3

"

3

(22

321

46

6

1

5

3

4

5

3

72%

412

1

1

35

2

"

2

(

1

24

or example, we can use the P$71 table to figure out how bit %? of the original 2'7bit !ey

transforms to a bit in the new +27bit !ey. ind the number %? in the table, and notice that it

belongs to the column labeled + and the row labeled %2. &dd up the alue of the row and column

to find the new position of the bit within the !ey. or bit %?, %2 + : '1, so bit %? becomes bit

'1 of the new +27bit !ey. =ote that bits E, 12, #', %#, '?, 'E, +2 and 2' of the original !ey are not

in the table. These are the unused parity bits that are discarded when the final +27bit !ey is

created.

=ow that we hae the +27bit !ey, the next step is to use this !ey to generate 12 'E7bit sub!eys,

called A;1


48/114

#. "plit the current +27bit !ey, A, up into two #E7bit bloc!s, 8 -the left7hand half/ and ) -the

right7hand half/.

%. )otate 8 left by the number of bits specified in the table below, and rotate ) left by the same

number of bits as well.

'. Boin 8 and ) together to get the new A.

+. &pply Permuted $hoice # -P$7#/ to A to get the final A;)


49/114

32 46 42 5( 36 2% 32

Plainte,t Preparation

Once the !ey scheduling has been performed, the next step is to prepare the plaintext for the

actual encryption. This is done by passing the plaintext through a permutation called the Initial

Permutation, or IP for short. This table also has an inerse, called the Inerse Initial Permutation,

or IP_-71/. "ometimes IP_-71/ is also called the inal Permutation. Goth of these tables are

shown below.

IH7% The arious permutations and transformations in the *S

Page | 'F


50/114

IP! Initial Permutation

&it 1 " 2 3 4 * ,

" 5" 5( 42 34 26 1" 1( 2

6 6( 52 44 36 2" 2( 12 4

", 62 54 46 3" 3( 22 14 6

4 64 56 4" 4( 32 24 16 "

22 57 4% 41 33 25 17 % 1

3" 5% 51 43 35 27 1% 11 3

36 61 53 45 37 2% 21 13 5

4, 63 55 47 3% 31 23 15 7

IP:(-")! In;er9e Initial Permutation

&it 1 " 2 3 4 * ,

" 4( " 4" 16 56 24 64 32

6 3% 7 47 15 55 23 63 31

", 3" 6 46 14 54 22 62 3(

4 37 5 45 13 53 21 61 2%

22 36 4 44 12 52 2( 6( 2"

3" 35 3 43 11 51 1% 5% 27

36 34 2 42 1( 5( 1" 5" 26

4, 33 1 41 % 4% 17 57 25

These tables are used Nust li!e P$71 and P$7# were for the !ey scheduling. Gy loo!ing at the

table is becomes apparent why one permutation is called the inerse of the other. or example,

letXs examine how bit %# is transformed under IP. In the table, bit %# is located at the intersection

of the column labeled ' and the row labeled #+. "o this bit becomes bit #F of the 2'7bit bloc!

after the permutation. =ow letXs apply IP_-71/. In IP_-71/, bit #F is located at the intersection of

the column labeled C and the row labeled #+. "o this bit becomes bit %# after the permutation.

&nd this is the bit position that we started with before the first permutation. "o IP_-71/ really is

the inerse of IP. It does the exact opposite of IP. If you run a bloc! of plaintext through IP and

then pass the resulting bloc! through IP_-71/, youXll end up with the original bloc!.

*S Core &unction

Once the !ey scheduling and plaintext preparation hae been completed, the actual encryption or

decryption is performed by the main " algorithm. The 2'7bit bloc! of input data is first split

into two hales, 8 and ). 8 is the left7most %# bits, and ) is the right7most %# bits. The following

process is repeated 12 times, ma!ing up the 12 rounds of standard ". 4e call the 12 sets ofhales 8;?


51/114

#. The 'E7bit );I71< is 9O)ed with A;I< and stored in a temporary buffer so that );I71< is not

modified.

%. The result from the preious step is now split into E segments of 2 bits each. The left7most 2

bits are G;1


52/114

$ables used in the *S Core &unction

E-&it Sele0tion Table

&it 1 " 2 3 4

" 32 1 2 3 4 5

, 4 5 6 7 " %

"2 " % 1( 11 12 13

"6 12 13 14 15 16 17

4 16 17 1" 1% 2( 21

2" 2( 21 22 23 24 25

2, 24 25 26 27 2" 2%

32 2" 2% 3( 31 32 1

P Permutation

&it 1 " 2

" 16 7 2( 21

4 2% 12 2" 17

6 1 15 23 26

"2 5 1" 31 1(

", 2 " 24 14

" 32 27 3 %

4 1% 13 3( 6

6 22 11 4 25

S-&ox "! Sub9titution &ox "

Ro+

temp:sb\permutation;i


93/114

ecrypted output in plaintext0des

SSI2"M*"$ "/: 7

I2I$L SI2"$8#*

'D#D5 '! 8STI-

Page | F%


94/114

Page | F'


95/114

igital Signature

&pplication such as ban!ing, stoc! trading, and the sale and purchase of merchandise areincreasingly emphasizing electronic transactions to minimize operational costs and proideenhanced serices. This has led to phenomenal increases in the amounts of electronic documentsthat are generated, processed, and stored in computers and transmitted oer networ!s.This electronic information handled in these applications is aluable and sensitie and must be

protected against tampering by malicious third parties -who are neither the senders nor therecipients of the information/. "ometimes, there is a need to preent the information or itemsrelated to it -such as date5time it was created, sent, and receied/ from being tampered with bythe sender -originator/ and5or the recipient. Traditionally, paper documents are alidated andcertified by written signatures, which wor! fairly well as a means of proiding authenticity. orelectronic documents, a similar mechanism is necessary. igital signatures, which are nothingbut a string of ones and zeroes generated by using a digital signature algorithm, sere thepurpose of alidation and authentication of electronic documents. Kalidation refers to the processof certifying the contents of the document, while authentication refers to the process of certifyingthe sender of the document. In this article, the terms document and message are usedinterchangeably.

Con)entional and digital signature characteristics

& conentional signature has the following salient characteristics0 relatie ease ofestablishing that the signature is authentic, the difficulty of forging a signature, the non7transferability of the signature, the difficulty of altering the signature, and the non7repudiation ofsignature to ensure that the signer cannot later deny signing. & digital signature should hae allthe aforementioned features of a conentional signature plus a few more as digital signatures arebeing used in practical, but sensitie, applications such as secure e7mail and credit cardtransactions oer the Internet. "ince a digital signature is Nust a se3uence of zeroes and ones, it is

desirable for it to hae the following properties0 the signature must be a bit pattern that dependson the message being signed -thus, for the same originator, the digital signature is different fordifferent documents/6 the signature must use some information that is uni3ue to the sender topreent both forgery and denial6 it must be relatiely easy to produce6 it must be relatiely easyto recognize and erify the authenticity of digital signature6 it must be computationally infeasibleto forge a digital signature either by constructing a new message for an existing digital signatureor constructing a fraudulent digital signature for a gien message6 and it must be practical to retcopies of the digital signatures in storage for arbitrating possible disputes later. To erify that thereceied document is indeed from the claimed sender and that the contents hae not been altered,seeral procedures, called authentication techni3ues, hae been deeloped. *oweer, messageauthentication techni3ues cannot be directly used as digital signatures due to inade3uacies of

authentication techni3ues. or example, although message authentication protects the two partiesexchanging messages from a third party, it does not protect the two parties against each other. Inaddition, elementary authentication schemes produce signatures that are as long as the messagethemseles.

Page | F+


96/114

Basic notions and terminology

igital signatures are computed based on the documents -message5information/ that needto be signed and on some priate information held only by the sender. In practice, instead ofusing the whole message, a hash function is applied to the message

to obtain the message digest. & hash function, in this context, ta!es an arbitrary7 sized messageas input and produces a fixed7size message digest as output. &mong the commonly used hashfunctions in practice are (7+ -message digest +/ and "*& -secure hash algorithm/. Thesealgorithms are fairly sophisticated and ensure that it is highly improbable for two differentmessages to be mapped to the same hash alue. There are two broad techni3ues used in digitalsignature computationsymmetric !ey cryptosystem and public7!ey cryptosystem. In thesymmetric !ey system, a secret !ey !nown only to the sender and the legitimate receier is used.*oweer, there must be a uni3ue !ey between any two pairs of users. Thus, as the number ofuser pairs increases, it becomes extremely difficult to generate, distribute, and !eep trac! of thesecret !eys.

& public !ey cryptosystem, on the other hand, uses a pair of !eys0 a priate !ey, !nown only toits owner, and a public !ey, !nown to eeryone who wishes to communicate with the owner. orconfidentiality of the message to be sent to the owner, it would be encrypted with the owner`spublic !ey, which now could only be decrypted by the owner, the person with the correspondingpriate !ey. or purposes of authentication, a message would be encrypted with the priate !eyof the originator or sender, who we will refer to as &. This message could be decrypted byanyone using the public !ey of &. If this yields the proper message, then it is eident that themessage was indeed encrypted by the priate !ey of &, and thus only & could hae sent it.

Creating and )erifyinga digital signature& simple generic scheme for creating and erifying a digital signature is shown in igs. 1 and #,respectiely. & hash function is applied to the message that yields a fixed7size message digest.The signature function uses the message digest and the sender`s priate !ey to generate thedigital signature. & ery simple form of the digital signature is obtained by encrypting themessage digest using the sender`s priate !ey. The message and the signature can now be sent tothe recipient. The message is unencrypted and can be read by anyone. *oweer, the signatureensures authenticity of the sender -something similar to a circular sent by a proper authority to be

Page | F2


97/114

read by many people, with the signature at testing to the authenticity of the message/. &t thereceier, the inerse signature function is applied to the digital signature to recoer the originalmessage digest. The receied message is subNected to the same hash function to which theoriginal message was subNected. The resulting message digest is compared with theZ oneZrecoered from the signature. If they match, then it ensures that the message has indeed been sentby the -claimed/ sender and that it has not been altered.

Creating and opening a digital en)elope

& digital enelope is the e3uialent of a sealed enelope containing an unsigned letter.The outline of creating a digital enelope is shown in ig. %. The message is encrypted by thesender using a randomly generated symmetric !ey. The symmetric !ey itself is encrypted usingthe intended recipient`s public !ey. The combination of the encrypted message and the encryptedsymmetric !ey is the digital enelope. The process of opening the digital enelope andrecoering the contents is shown in ig. '. irst, the encrypted symmetric !ey is recoered by adecryption using the recipient`s priate !ey. "ubse3uently, the encrypted message is decryptedusing the symmetric !ey.

Creating and opening digital en)elopes carrying signed messages

The process of creating a digital enelope containing a signed message is shown in ig.+. & digital signature is created by the signature function using the message digest of the messageand the sender`s priate !ey. The original message and the digital signature are then encrypted bythe sender using a randomly generated !ey and a symmetric7 !ey algorithm. The symmetric !ey

itself is encrypted using the recipient`s public !ey. The combination of encrypted message andsignature, together with the encrypted symmetric !ey, form the digital enelope containing thesigned message. igure 2 shows the process of opening a digital enelope, recoering themessage, and erifying the signature. irst, the symmetric !ey is recoered using the recipient`spriate !ey. This is then used to decrypt and recoer the message and the digital signature. Thedigital signature is then erified as described earlier.

Page | FC


98/114

irect and arbitrated digital signature

& ariety of modes hae been proposed for digital signatures that fall into two basiccategories0 direct and arbitrated. The direct digital signature inoles only the communicatingparties, sender and receier. This is the simplest type of digital signature. It is assumed that therecipient !nows the public !ey of the sender. In a simple scheme, a digital signature may beformed by encrypting the entire message or the hash code of the message with the sender`s

priate !ey. $onfidentiality can be proided by further encrypting the entire message plussignature with either the receier`s public !ey encryption or the shared secret !ey, which isconentional encryption. & sender may later deny sending a particular message by claiming thatthe priate !ey was lost or stolen and that someone else forged his signature. One way tooercome this is to include a time stamp with eery message and re3uiring notification of loss of!ey to the proper authority. In case of dispute, a trusted third party may iew the message and itssignature to arbitrate the dispute. In the arbitrated signature scheme, there is a trusted third partycalled the arbiter. ery signed message from a sender & to a receier G goes first to an arbiter T,who subNects the message and its signature to a number of tests to chec! its origin and content.The message is then dated and sent to G with an indication that it has been erified to thesatisfaction of the arbiter. The presence of T soles the problem faced by direct signature

schemes, namely that & might deny sending a message. The arbiter plays a sensitie and crucialrole in this scheme, and all parties must trust that the arbitration mechanism is wor!ing properly.There are many ariations of arbitrated digital7signature schemes. "ome schemes allow thearbiter to see the messages, while others don`t. The particular scheme employed depends on theneeds of the applications. Henerally, an arbitrated digital7signature scheme has adantages oer adirect digital7signature scheme such as the trust in communications between the parties proidedby the trusted arbiter and in the arbitration of later disputes, if any

Page | FE


99/114

public )ersus a pri)ate approach to digital signatures

&nother way of classifying digital signature schemes is based on whether a priate7!eysystem or a public7!ey system is used. The public7!ey system based digital signatures haeseeral adantages oer the priate7!ey system based digital signatures. The two most popularand commonly used public7!ey system based digital signature schemes are the )"& -named after)iest, "hamir, and &ldeman, the inentors of the )"& public7!ey encryption scheme/ and thedigital signature algorithm -"&/ approaches. The "& is incorporated into the igital"ignature "tandard -""/, which was published by the =ational Institute of "tandards andTechnology as the ederal Information Processing "tandard. It was first proposed in 1FF1,reised in 1FF%, and further reised with minor changes in 1FF2. )"& is a commonly usedscheme for digital signatures. In a broad outline of the )"& approach, the message to be signedis input to a hash function that produces a secure hash code of fixed length. This hash code is

then encrypted using the sender`s priate !ey to form the signature. Goth the signature and themessage are then concatenated and transmitted. The recipient ta!es the message and produces ahash code. The recipient also decrypts the signature using the sender`s public !ey. If thecalculated hash code matches the decrypted signature, the signature is accepted as alid. This isbecause only the sender !nows the priate !ey, and thus only the sender could hae produced aalid signature. The signature generation and erification using )"& is identical to the schemesshown in igs. 1 and #, respectiely. The signing process in "" -using "&/ is shown in ig. C.The "& approach also ma!es use of a hash function. The hash code is proided as input to a

Page | FF


100/114

signature function together with a random number generated for this particular signature. Thesignature function also uses the sender`s priate !ey and a set of parameters !nown to a group ofcommunicating parties, referred to as global public !ey. The output signature consists of twocomponents. The signature erification process is shown in ig. E. &t the receiing end, the hashcode of the incoming message is generated and input to a erification function, together with thetwo components of the signature. The erification function uses the global public !ey as well assender`s public !ey and recreates -one of the two components of/ the original digital signature.

& match between the recreated and the original signature indicates the authenticity of thesignature. The signature function is such that it assures the recipient that only the sender, with the!nowledge of the priate !ey, could hae produced the alid signature. The basis of the )"&scheme is the difficulty of factoring of large prime numbers. That of the "& scheme is thedifficulty of computing discrete logarithms. The "& proides only the signature function whereas the )"& scheme could additionally proide encryption and !ey exchange. The signatureerification using the )"& scheme is about 1?? times faster than a "& scheme. The signaturegeneration is slightly faster in the "& scheme.

4or! is underway for seeral extensions of the basic digital signature scheme such as enablingsignatures by multiple parties -group digital signatures/, signatures by a hierarchy of signatories,and protocols for simultaneous signing of contracts electronically by two or more signatories,separated by wide distances.

igital signatures in real applications

Increasingly, digital signatures are being used in secure e7mail and credit cardtransactions oer the Internet. The two most common secure e7mail systems using digitalsignatures are Pretty Hood Priacy and "ecure5(ultipurpose Internet (ail xtension. Goth ofthese systems support the )"& as well as the ""7based signatures. The most widely usedsystem for the credit card transactions oer the Internet is "ecure lectronic Transaction -"T/.It consists of a set of security protocols and formats to enable prior existing credit card paymentinfrastructure to wor! on the Internet. The digital signature scheme used in "T is similar to the)"& scheme.

Page | 1??


101/114

M3 5S5 &8"C$I/"

Introduction

ata integrity assurance and data origin authentication are essential security serices in financialtransactions, electronic commerce, electronic mail, software distribution, data storage and so on.The broadest definition of authentication within computing systems encompasses identityerification, message origin authentication and message content authentication. In IP"$, thetechni3ue of cryptographic hash functions is utilized to achiee these security serices.

5ash &unctions*ash functions compress a string of arbitrary length to a string of fixed length. They proide auni3ue relationship between the input and the hash alue and hence replace the authenticity of alarge amount of information -message/ by the authenticity of a much smaller hash alue-authenticator/. In recent yearsthere has been an increased interest in deeloping a (essage &uthentication $ode -(&$/

deried from a hash code. &mong the many reasons behind this are that cryptographic hash

functions such as (+ and "*&71 generally execute faster in software than symmetric bloc!

ciphers such as ". The software for hash functions is widely aailable and there are no export

restrictions from the Jnited "tates or other countries for cryptographic hash functions. *ence,

there are many applications of (+, "*&71 and other hash functions to generate (&$s. The

method to implement the (&$ for IP security has been chosen as hash7based (&$ or *(&$,

which uses an existing hash function in conNunction with a secret !ey. The *(&$ algorithm is

specified for an arbitrary IP"7approed cryptographic hash function. 4ith minor modification,

*(&$ can easily replace one hash function with another

Message igest 3 (M3% lgorithm

Page | 1?1


102/114

(+ is a message digest algorithm deeloped by )on )iest at (IT. It is basically a secureersion of his preious algorithm, (' which is a little faster than (+. This has been the mostwidely used secure hash algorithm particularly in Internet7standard message authentication. Thealgorithm ta!es as input a message of arbitrary length and produces as output a 1#E7bit messagedigest of the input. This is mainly intended for digital signature applications where a large filemust be compressed in a secure manner before being encrypted with a priate -secret/ !ey undera public !ey cryptosystem.

&ssume we hae an arbitrarily large message as input and that we wish to find its messagedigest. The processing inoles the following steps.

-1/ PaddingThe message is padded to ensure that its length in bits plus 2' is diisible by +1#. That is, itslength is congruent to ''E modulo +1#. Padding is always performed een if the length of themessage is already congruent to ''E modulo +1#. Padding consists of a single 17bit followed bythe necessary number of ?7bits.

-#/ &ppending length& 2'7bit binary representation of the original length of the message is concatenated to the resultof step -1/. -8east significant byte first/. The expanded message at this leel will exactly be amultiple of +1#7bits. 8et the expanded message be represented as a se3uence of L+1#7bit bloc!sY0, Y1,..,Yq,..,YL-1as shown in igure 1. =ote that in the figure, IK and $K represent initial alueand chaining ariable respectiely.

-%/ Initialize the ( buffer

Page | 1?#


103/114

The ariables IK and $K are represented by a four^word buffer -&G$/ used to compute themessage digest. *ere each &, G, $, is a %#7bit register and they are initialized as IK to thefollowing alues in hexadecimal. 8ow7order bytes are put first.

4ord &0 ?1 #% '+ 2C4ord G0 EF &G $ 4ord $0 $ G& FE4ord 0 C2 +' %# 1?

-'/ Process message in 127word bloc!sThis is the heart of the algorithm, which includes four VroundsW of processing. It is representedby *(+in igure 1 and its logic is gien in igure #. The four rounds hae similar structure buteach uses different auxiliary functionsF, G, HandI.

4here and represent the logical O), &=, 9O) and =OT operations, respectiely.ach round consists of 12 steps and each step uses a 2'7element table T;1 ... 2'< constructedfrom the sine function. 8et T;i< denote thei7th element of the table, which is e3ual to the integerpart of #%#times abs-sin-i//, where iis in radians. ach round also ta!es as input the current +1#7bit bloc! -Yq/ and the 1#E7bit chaining ariable -$K 3/. &n arrayXof %#7bit words holds thecurrent +1#7bit Yq. or the first round the words are used in their original order. The followingpermutations of the words are defined for rounds # through '0

Page | 1?%


104/114

-+/ Output

&fter allL+1#7bit bloc!s hae been processed, the output from Lthstage is the 1#E7bit messagedigest. igure % shows the operations inoled in a single step. The additions are modulo # %#.our different circular shift amounts -s/ are usedeach round and are different from round to round. ach step is of the following form

Page | 1?'


105/114

Page | 1?+


106/114

ASSINMENT NO! 6 RSA ALORITM

Page | 1?2


107/114

RSA Algorithm

The )"& algorithm is named after )on )iest, &di "hamir and 8en &dleman, who inented it in1FCC. The basic techni3ue was first discoered in 1FC% by $lifford $oc!s of $"H -part of theGritish H$*/ but this was a secret until 1FFC. The patent ta!en out by )"& 8abs has expired.

The )"& cryptosystem is the most widely7used public !ey cryptography algorithm in the world.It can be used to encrypt a message without the need to exchange a secret !ey separately.

The )"& algorithm can be used for both public !ey encryption and digital signatures. Its securityis based on the difficulty of factoring large integers.

Party & can send an encrypted message to party G without any prior exchange of secret !eys. &Nust uses GXs public !ey to encrypt the message and G decrypts it using the priate !ey, whichonly he !nows. )"& can also be used to sign a message, so & can sign a message using theirpriate !ey and G can erify it using &Xs public !ey.

Rey eneration 'lgorithm

This is the original algorithm.

1. enerate to large random primes+pand q+ of appro,imately e0ual sie suchthat their product n A p0 is of the re0uired bit length+ e.g. 1(24 bits.

2. ompute n A p0 and )phi* U A )p$1*)0$1*.

3. hoose an integer e+ 1 : e : phi+ such that gcd)e+ phi* A 1.

4. ompute the secret e,ponent d+ 1 : d : phi+ such that ed 1 )mod phi*.

5. The public /ey is )n+ e* and the priate /ey )d+ p+ 0*. Reep all the alues d+ p+0 and phi secret. =Ve prefer sometimes to rite the priate /ey as )n+ d*because you need the alue of n hen using d.>

n is /non as the modulus.

e is /non as the public exponent or encryption exponent or @ust theexponent.

d is /non as the secret exponentor decryption exponent.

ncryption

"ender & does the following07

1. -btains the recipient MKs public /ey )n+ e*.

Page | 1?C


108/114

2. &epresents the plainte,t message as a positie integer m+ 1 : m : n

3. omputes the cipherte,t c A memod n.

4. !ends the cipherte,t cto M.

Page | 1?E


109/114

Decryption

)ecipient G does the following07

1. Sses his priate /ey )n+ d* to compute m A cdmod n.

2. ,tracts the plainte,t from the message representatie m.

Digital signing

"ender & does the following07

1. reates a message digestof the information to be sent.

2. &epresents this digest as an integer mbeteen 1 and n$1.

3. Sses herprivate/ey )n+ d* to compute the signature s A mdmod n.

4. !ends this signature sto the recipient+ M.

!ignature erication

)ecipient G does the following07

1. Sses sender 'Ks public /ey )n+ e* to compute integer A semod n.

2. ,tracts the message digest from this integer.

3. Independently computes the message digest of the information that has been

signed.

4. If both message digests are identical+ the signature is alid.

Implementation of RSA Al=orit/m

9include: stdio.h;

9include: conio.h;

int phi+#+n+e+d++8L'?

int chec/)*

is lab manual.docx

Documents