DEFENCE ENGINEERING UNIVERSITY College of Engineering Bishoftu, Ethiopia
Department of Computer and Information Technology
LAB MANUAL for Cryptography and Network Security
2
CT-4120 Cryptography and Network Security
TABLE OF CONTENTS Introduction
Page 3
Lab 1: Implementation of Caesar Cipher technique
4
Lab 2: Implement the Playfair Cipher
5
Lab 3: Implement the Pure Transposition Cipher
6
Lab 4: Implement DES Encryption and Decryption
8
Lab 5: Implement the AES Encryption and decryption
10
Lab 6: Implement RSA Encryption Algorithm
11
Lab 7: Implementation of Hash Functions
12
Resources/Tools
14
Department of Computer and Information Technology
CT-4120 Cryptography and Network Security
3
INTRODUCTION 1.1 About this Lab Manual This lab manual is written to accompany the Cryptography & Network Security course (CT-4120) for the Department of Computer and Information Technology of Defence Engineering University. Lab sessions are 3 hours a week. The lab topics complemented the material covered during lecture sessions and in accordance to the course syllabus. This lab manual is divided into a number of lab topics. Each lab contains a topic background followed by activities. Activities are categorized into three activities: Pre Lab activity, which can be an introductory exercise or sample demo program; Lab Activity, these are the activities evaluated by the instructors. A lab topic includes one or more lab activity. It is not expected that all these activities will be given; the instructors can choose which activity can be given; Post Lab activity, these are assignments provided as an activity outside the lab sessions. 1.2 Assessment Criteria Lab activity Post Lab Activity 1.3 Expectations
Student are expected to have their own copy of the lab manual Use of Internet during class is not allowed. Required assignments should be submitted on time. Students are not allowed to collaborate during lab activity.
Department of Computer and Information Technology
CT-4120 Cryptography and Network Security
4
LAB 1: Implementation of Caesar Cipher Technique Learning Outcomes: After performing this lab, the student should be able to: Use Caesar algorithm to encrypt the given text. Perform decryption of the cipher text using Caesar algorithm. Background The Caesar cipher is one of the earliest known and simplest ciphers. It is a type of substitution cipher in which each letter in the plaintext is 'shifted' a certain number of places down the alphabet. For example, with a shift of 1, A would be replaced by B, B would become C, and so on. The method is named after Julius Caesar, who apparently used it to communicate with his generals. More complex encryption schemes such as the Vigenère cipher employ the Caesar cipher as one element of the encryption process. The widely known ROT13 'encryption' is simply a Caesar cipher with an offset of 13. The Caesar cipher offers essentially no communication security, and it will be shown that it can be easily broken even by hand. To pass an
encrypted message from one person to another, it is first necessary that both parties have the 'key' for the cipher, so that the sender may encrypt it and the receiver may decrypt it. For the Caesar cipher, the key is the number of characters to shift the cipher alphabet. Mathematical Description First we translate all of our characters to numbers, 'a'=0, 'b'=1, 'c'=2, ... , 'z'=25. We can now represent the Caesar cipher encryption function, e(x), where x is the character we are encrypting, as:
Where k is the key (the shift) applied to each letter. After applying this function the result is a number which must then be translated back into a letter. The decryption function is:
Pre Lab Activity Take out a piece of paper and write the algorithm of Caesar technique to encrypt and decrypt the given plain text. Lab Activity Write the C++ program for the implementation of Caesar algorithm. Post Lab Activity You are given the following text “We all are surrounded retreat to the bush”. Write the encrypted output of the above text.
CT-4120 Cryptography and Network Security
5
LAB 2: Implement the Playfair Cipher Learning Outcomes: After performing this lab, the student should be able to: Use Playfair cipher technique to encrypt the given text. Perform decryption of the cipher text using play fair algorithm. Background The Playfair cipher was the first practical digraph substitution cipher. The scheme was invented in 1854 by Charles Wheatstone, but was named after Lord Playfair who promoted the use of the cipher. The technique encrypts pairs of letters (digraphs), instead of single letters as in the simple substitution cipher. The Playfair is significantly harder to break since the frequency analysis used for simple substitution ciphers does not work with it. Frequency analysis can still be undertaken, but on the ~600 possible digraphs rather than the 26 possible monographs. Frequency analysis thus requires much more cipher text in order to work. It was used for tactical purposes by British forces in the Second Boer War and in World War I and for the same purpose by the Australians during World War II. This was because Playfair is reasonably fast to use and requires no special equipment. A typical scenario for Playfair use would be to protect important but non-critical secrets during actual combat. By the time the enemy cryptanalysts could break the message the information was useless to them. The 'key' for a Playfair cipher is generally a word. Example we will choose 'monarchy'. Pre Lab Activity Take out a piece of paper and write the algorithm of play fair technique to encrypt and decrypt the given plain text. Lab Activity Write the C++ program for the implementation of play fair algorithm. Post Lab Activity You are given the following text “We all are surrounded retreat to the bush”. Write the encrypted output of the above text using the technique you implemented.
Department of Computer and Information Technology
CT-4120 Cryptography and Network Security
6
LAB 3: Implement the Pure Transposition Cipher Learning Outcomes: After performing this lab, the student should be able to: Use pure transposition cipher technique to encrypt the given text. Perform decryption of the cipher text using pure transposition algorithm. Background In a transposition cipher the letters in a plaintext are rearranged according to a rule. A common technique is to divide the plaintext into blocks and to make the same change to the order of the letters in each block. A keyword can be used to determine the size of the blocks and, in each block, the change that is made to the order of the letters. Transposition ciphers are sometimes called anagram ciphers. Example: Let us encipher the text: On the first of February we intend to begin submarine warfare unrestricted. In spite of this we wish to keep neutral the United States of America. We can use a keyword: TRANSPOSITION We need to remove from the keyword any letter that has already been used. So here it is necessary to remove the second 'S', 'T', 'I', 'O', and 'N': TRANSPOI Now we should divide the plaintext into blocks, where the number of letters in each block is equal to the number of letters in the keyword. 'TRANSPOI' contains eight letters, so there should be eight letters in each block: onthefir stoffebr uarywein tendtobe ginsubma rinewarf areunres trictedi nspiteof thiswewi shtokeep neutralt heunited statesof america If there are not enough letters in the last block, then we should add some letters to the end, in order to complete it. It is common to add the letter 'x'. In this case there are only seven letters in the last block, so we should add an 'x' to the end: onthefir stoffebr uarywein tendtobe ginsubma rinewarf areunres trictedi nspiteof thiswewi shtokeep neutralt heunited statesof americax Now we can change the order of the letters. We should make the same change to the order of the letters in each block. This change should be the one that is needed to put the letters in the keyword into alphabetical order. To put the letters of 'TRANSPOI' into alphabetical order, we need to take the letters in the order 3, 8, 4, 7, 6, 2, 5, 1:
Department of Computer and Information Technology
7
CT-4120 Cryptography and Network Security
TRANSPOI 12 34 567 8 AI NOPRST 3 84 7 6 2 5 1 Hence we should put the letters into the order 3, 8, 4, 7, 6, 2, 5, 1: TRHIFNEO ORFBETFS RNYIEAWU ESUERRNA IICDERTT PFIOESTN UDNETEIH AFTOSTES EXRACMIA
NEDBOETT NASMBIUG IISWEHWT TPOEEHKS
NFERAIWR UTTLAERN
As a final step, let us rewrite the cipher-text with a different number of letters in each block: TRHIF NEOOR FBETF SRNYI EAWUN EDBOE TTNAS MBIUG NFERA IWRES UERRN AIICD ERTTP FIOES TNIIS WEHWT TPOEE HKSUT TLAER NUDNE TEIHA FTOST ESEXR ACMIA This disguises the number of letters in the keyword, making the cryptogram harder to decipher. Pre Lab Activity Take out a piece of paper and write the algorithm of pure transposition technique to encrypt and decrypt the given plain text. Lab Activity Write the C++ program for the implementation of pure transposition algorithm. Post Lab Activity You are given the following text “We all are surrounded retreat to the bush”. Write the encrypted output of the above text using the technique you implemented.
Department of Computer and Information Technology
CT-4120 Cryptography and Network Security
8
LAB 4: Implement DES Encryption and Decryption Learning Outcomes: After performing this lab, the student should be able to: Use DES cipher technique to encrypt the given text. Perform decryption of the cipher text using pure DES algorithm. Background On 15 May 1973, the NBS (National Bureau of Standards, now called NIST National Institute of Standards and Technology) published a request in the Federal Register for an encryption algorithm that would meet the following criteria:
have a high security level related to a small key used for encryption and decryption be easily understood not depend on the algorithm's confidentiality be adaptable and economical be efficient and exportable
In late 1974, IBM proposed "Lucifer", which, thanks to the NSA (National Security Agency), was modified on 23 November 1976 to become the DES (Data Encryption Standard). The DES was approved by the NBS in 1978. The DES was standardized by the ANSI (American National Standard Institute) under the name of ANSI X3.92, better known as DEA (Data Encryption Algorithm). Principle of the DES It is a symmetric encryption system that uses 64-bit blocks, 8 bits (one octet) of which are used for parity checks (to verify the key's integrity). Each of the key's parity bits (1 every 8 bits) is used to check one of the key's octets by odd parity, that is, each of the parity bits is adjusted to have an odd number of '1's in the octet it belongs to. The key therefore has a "useful" length of 56 bits, which means that only 56 bits are actually used in the algorithm. The algorithm involves carrying out combinations, substitutions and permutations between the text to be encrypted and the key, while making sure the operations can be performed in both directions (for decryption). The combination of substitutions and permutations is called a product cipher. The key is ciphered on 64 bits and made of 16 blocks of 4 bits, generally denoted k1 to k16. Given that "only" 56 bits are actually used for encrypting, there can be 256 (or 7.2*1016) different keys! Pre Lab Activity Take out a piece of paper and write the algorithm of DES technique to encrypt and decrypt the given plain text.
Department of Computer and Information Technology
CT-4120 Cryptography and Network Security
9
Lab Activity Write the C++ program for the implementation of DES encryption and decryption algorithm. Post Lab Activity You are given the following text “We all are surrounded retreat to the bush”. Write the encrypted output of the above text using the technique you implemented and perform decryption process on the encrypted output.
Department of Computer and Information Technology
CT-4120 Cryptography and Network Security
10
LAB 5: Implement AES Encryption and Decryption Learning Outcomes: After performing this lab, the student should be able to: Use AES cipher technique to encrypt the given text. Perform decryption of the cipher text using pure AES algorithm. Background Advanced Encryption Standard (AES) is a specification for the encryption of electronic data. It has been adopted by the U.S. government and is now used worldwide. It supersedes DES. The algorithm described by AES is a symmetric-key algorithm, meaning the same key is used for both encrypting and decrypting the data. In the United States, AES was announced by National Institute of Standards and Technology (NIST) as U.S. FIPS PUB 197 (FIPS 197) on November 26, 2001 after a five-year standardization process in which fifteen competing designs were presented and evaluated before it was selected as the most suitable (see Advanced Encryption Standard process for more details). It became effective as a Federal government standard on May 26, 2002 after approval by the Secretary of Commerce. It is available in many different encryption packages. AES is the first publicly accessible and open cipher approved by the National Security Agency (NSA) for top secret information. Originally called Rijndael, the cipher was developed by two Belgian cryptographers, Joan Daemen and Vincent Rijmen, and submitted by them to the AES selection process. The name Rijndael (Dutch pronunciation: [ r inda l]) is a play on the names of the two inventors. Strictly speaking, AES is the name of the standard, and the algorithm described is a (restricted) variant of Rijndael. However, in practice the algorithm is also referred to as "AES". Pre Lab Activity Take out a piece of paper and write the algorithm of AES technique to encrypt and decrypt the given plain text. Lab Activity Write the C++ program for the implementation of AES encryption and decryption algorithm. Post Lab Activity You are given the following text “We all are surrounded retreat to the bush”. Write the encrypted output of the above text using the technique you implemented and perform decryption process on the encrypted output.
Department of Computer and Information Technology
CT-4120 Cryptography and Network Security
11
LAB 6: Implement RSA Encryption Algorithm Learning Outcomes: After performing this lab, the student should be able to: Use RSA Encryption technique to encrypt the given text. Perform decryption of the cipher text using RSA algorithm. Background The RSA cryptosystem is the most widely-used public key cryptography algorithm in the world. It can be used to encrypt a message without the need to exchange a secret key separately. The RSA algorithm can be used for both public key encryption and digital signatures. Its security is based on the difficulty of factoring large integers. Party A can send an encrypted message to party B without any prior exchange of secret keys. A just uses B's public key to encrypt the message and B decrypts it using the private key, which only he knows. RSA can also be used to sign a message, so A can sign a message using their private key and B can verify it using A's public key. Pre Lab Activity Take out a piece of paper and write the algorithm of AES technique to encrypt the given plain text. Lab Activity Write the C++ program for the implementation of AES encryption and decryption algorithm. Post Lab Activity You are given the following text “We all are surrounded retreat to the bush”. Write the encrypted output of the above text using the technique you implemented. Use private key = world and public key = ethiopia
Department of Computer and Information Technology
CT-4120 Cryptography and Network Security
12
LAB 7: Implementation of Hash Functions Learning Outcomes: After performing this lab, the student should be able to: Use Hashing technique to encrypt the given text. Perform decryption of the cipher text using Hashing technique. Background A "hash" (also called a "digest", and informally a "checksum") is a kind of "signature" for a stream of data that represents the contents. The closest real-life analogy we can think is "a tamper-evident seal on a software package": if you open the box (change the file), it's detected. Hashes are "digests", not "encryption" This is a common confusion, especially because all these words are in the category of "cryptography", but it's important to understand the difference. Encryption transforms data from a cleartext to ciphertext and back (given the right keys), and the two texts should roughly correspond to each other in size: big cleartext yields big ciphertext, and so on. "Encryption" is a two-way operation (see Figure 1). Hashes, on the other hand, compile a stream of data into a small digest (a summarized form: think "Reader's Digest"), and it's strictly a one way operation. All hashes of the same type - this example show the "MD5" variety - have the same size no matter how big the inputs are. (See Figure 2) Pre Lab Activity Take out a piece of paper and write the algorithm of hashing technique to encrypt the given plain text. Lab Activity Write the C++ program for the implementation of Hashing technique. Post Lab Activity You are given the following text “We all are surrounded retreat to the bush”. Write the encrypted output of the above text using the technique you implemented.
Department of Computer and Information Technology
CT-4120 Cryptography and Network Security
Figure 1: Encryption - a two-way operation
13
CT-4120 Cryptography and Network Security
Figure 2: Hashing - a one-way operation
RESOURCES / TOOLS:
Windows Operating System C/C++
14