You are on page 1of 114

Information security

(Lab Manual)

Information
Technology
Department

V.V.P.
Engineering
College

Information security means protecting information and information systems from unauthorized
access, use, disclosure, disruption, modification, perusal, inspection, recording or destruction.
The art of protecting information by transforming it into an unreadable format, called cipher text.
Only those who possess a secret key can decipher the message into plain text.
Page | 1

Characteristics of Information Security:


Due the importance of the information security, it has many important features that are really
helpful for the protection of the confidential data from leaking and also help to protect from
hacking. Some important characteristics of the information security are as follows
1. Integrity
2. Confidentiality
3. Authentication
4. Management of Risk

Latest Manual Prepared By :-

R.P.Patel

Lab in charge :-

HOD of Information Technology Department


( MS. AVANI.R.VASANT )

LIST OF EXPERIMENTS
Page | 2

Sr.
N Name of Experiment
o.
1.

To study basics of cryptography.

2.

To implement caesar cipher.

3.

To implement transposition cipher.

4.

To implement monoalphabetic cipher.

5.

To implement polyalphabetic cipher.

6.

To implement playfair cipher.

7.

To study basics of DES

8.

To study basics of digital signature and MD-5

9.

To implement RSA algorithm

10.

To search and study any encryption tool on internet

Page | 3

ASSIGNMENT NO: 1
TO STUDY BASIC OF
CRYPTOGRAPHY

Page | 4

Page | 5

Cryptography
The art of protecting information by transforming it (encrypting it) into an
unreadable format, called cipher text. Only those who possess a secret key
can decipher (or decrypt) the message into plain text. Encrypted messages
can sometimes be broken by cryptanalysis, also called codebreaking,
although modern cryptography techniques are virtually unbreakable.
Cryptography systems can be broadly classified into symmetric-key systems
that use a single key that both the sender and recipient have, and public-key
systems that use two keys, a public key known to everyone and a private key
that only the recipient of messages uses.

Symmetric Cipher Model


A symmetric encryption scheme has five ingredients (Figure 2.1):

Plaintext: This is the original intelligible message or data that is fed into the algorithm as
input.

Encryption algorithm: The encryption algorithm performs various substitutions and


transformations on the plaintext.

Secret key: The secret key is also input to the encryption algorithm. The key is a value
independent of the plaintext and of the algorithm. The algorithm will produce a different
output depending on the specific key being used at the time. The exact substitutions and
transformations performed by the algorithm depend on the key.

Ciphertext : This is the scrambled message produced as output. It depends on the


plaintext and the secret key. For a given message, two different keys will produce two
different ciphertexts. The ciphertext is an apparently random stream of data and, as it
stands, is unintelligible.

Decryption algorithm: This is essentially the encryption algorithm run in reverse. It takes
the ciphertext and the secret key and produces the original plaintext.

Page | 6

Figure 2.1. Simplified Model of Conventional Encryption

There are two requirements for secure use of conventional encryption:


1. We need a strong encryption algorithm. At a minimum, we would like the algorithm to be
such that an opponent who knows the algorithm and has access to one or more
ciphertexts would be unable to decipher the ciphertext or figure out the key. This
requirement is usually stated in a stronger form: The opponent should be unable to
decrypt ciphertext or discover the key even if he or she is in possession of a number of
ciphertexts together with the plaintext that produced each ciphertext.
2. Sender and receiver must have obtained copies of the secret key in a secure fashion and
must keep the key secure. If someone can discover the key and knows the algorithm, all
communication using this key is readable.
We assume that it is impractical to decrypt a message on the basis of the ciphertext plus
knowledge of the encryption/decryption algorithm. In other words, we do not need to keep the
algorithm secret; we need to keep only the key secret. This feature of symmetric encryption is
what makes it feasible for widespread use. The fact that the algorithm need not be kept secret
means that manufacturers can and have developed low-cost chip implementations of data
encryption algorithms. These chips are widely available and incorporated into a number of
products. With the use of symmetric encryption, the principal security problem is maintaining the
secrecy of the key.
Let us take a closer look at the essential elements of a symmetric encryption scheme, using
Figure 2.2. A source produces a message in plaintext, X = [ X 1 , X 2 , ..., X M ]. The M elements
of X are letters in some finite alphabet. Traditionally, the alphabet usually consisted of the 26
capital letters . Nowadays, the binary alphabet {0, 1} is typically used. For encryption, a key of
the form K = [ K 1 , K 2 , ..., K J ] is generated. If the key is generated at the message source, then
it must also be provided to the destination by means of some secure channel. Alternatively, a
third party could generate the key and securely deliver it to both source and destination.

Page | 7

Figure 2.2. Model of Conventional Cryptosystem

With the message X and the encryption key K as input, the encryption algorithm forms the
ciphertext Y = [ Y 1 , Y 2 , ..., Y N ]. We can write this as
Y = E( K , X )
This notation indicates that Y is produced by using encryption algorithm E as a function of the
plaintext X , with the specific function determined by the value of the key K .
The intended receiver, in possession of the key, is able to invert the transformation:
X = D( K , Y )
An opponent, observing Y but not having access to K or X , may attempt to recover X or K or
both X and K . It is assumed that the opponent knows the encryption (E) and decryption (D)
algorithms. If the opponent is interested in only this particular message, then the focus of the
effort is to recover X by generating a plaintext estimate
. Often, however, the opponent is
interested in being able to read future messages as well, in which case an attempt is made to
recover K by generating an estimate

Page | 8

ASSIGNMENT NO: 2
CAESAR CIPHER

Page | 9

Page | 10

Caesar cipher
In cryptography, a Caesar cipher, also known as a Caesar's cipher, the shift cipher, Caesar's
code or Caesar shift, is one of the simplest and most widely known encryption techniques. It is
a type of substitution cipher in which each letter in the plaintext is replaced by a letter some fixed
number of positions down the alphabet. For example, with a shift of 3, A would be replaced by D,
B would become E, and so on. The method is named after Julius Caesar, who used it in his
private correspondence.

Example
The transformation can be represented by aligning two alphabets; the cipher alphabet is the plain
alphabet rotated left or right by some number of positions. For instance, here is a Caesar cipher
using a left rotation of three places (the shift parameter, here 3, is used as the key):
Plain: ABCDEFGHIJKLMNOPQRSTUVWXYZ
Cipher: DEFGHIJKLMNOPQRSTUVWXYZABC

When encrypting, a person looks up each letter of the message in the "plain" line and writes
down the corresponding letter in the "cipher" line. Deciphering is done in reverse.
Ciphertext: WKH TXLFN EURZQ IRA MXPSV RYHU WKH ODCB GRJ
Plaintext: the quick brown fox jumps over the lazy dog

The encryption can also be represented using modular arithmetic by first transforming the letters
into numbers, according to the scheme, A = 0, B = 1,..., Z = 25. Encryption of a letter x by a shift
n can be described mathematically as,

Decryption is performed similarly,

(There are different definitions for the modulo operation. In the above, the result is in the range
0...25. I.e., if x+n or x-n are not in the range 0...25, we have to subtract or add 26.)
The replacement remains the same throughout the message, so the cipher is classed as a type of
monoalphabetic substitution, as opposed to polyalphabetic substitution.

Page | 11

Decryption
shift
0
1
2
3
4
5
6
...
23
24
25

Candidate plaintext
exxegoexsrgi
dwwdfndwrqfh
cvvcemcvqpeg
buubdlbupodf
attackatonce
zsszbjzsnmbd
yrryaiyrmlac
haahjrhavujl
gzzgiqgzutik
fyyfhpfytshj

Breaking the cipher


The Caesar cipher can be easily broken even in a ciphertext-only scenario. Two situations can be
considered:
1. an attacker knows (or guesses) that some sort of simple substitution cipher has been used,
but not specifically that it is a Caesar scheme;
2. an attacker knows that a Caesar cipher is in use, but does not know the shift value.
In the first case, the cipher can be broken using the same techniques as for a general simple
substitution cipher, such as frequency analysis or pattern words. While solving, it is likely that an
attacker will quickly notice the regularity in the solution and deduce that a Caesar cipher is the
specific algorithm employed.

Page | 12

The distribution of letters in a typical sample of English language text has a distinctive and
predictable shape. A Caesar shift "rotates" this distribution, and it is possible to determine the
shift by examining the resultant frequency graph.
In the second instance, breaking the scheme is even more straightforward. Since there are only a
limited number of possible shifts (26 in English), they can each be tested in turn in a brute force
attack. One way to do this is to write out a snippet of the ciphertext in a table of all possible
shifts a technique sometimes known as "completing the plain component". The example given
is for the ciphertext "EXXEGOEXSRGI"; the plaintext is instantly recognisable by eye at a shift
of four.

Implementation of Caesar Cipher


#include<stdio.h>
#include<conio.h>
#include<string.h>
void main()
{
int i,j,l,b,no;
char a[100];
clrscr();
printf("Enter the message");
gets(a);
printf("enter key:");
scanf("%d",&no);
l=strlen(a);
printf(Encrypted message:);
for(i=0;i<l;i++)
{
j=a[i];
Page | 13

j+=no;
if(isupper(a[i]))
{
if(j<65)
{
b=65-j;
j=91-b;
}
else if(j>90)
{
b=j-90;
j=64+b;
}
}
else if(islower(a[i]))
{
if(j<97)
{
b=97-j;
j=123-b;
}
else if(j>122)
{
b=j-122;
j=96+b;
}
Page | 14

}
printf("%c",j);
}
getch();
}

Output
Enter the message: HELLO
Enter the key: 3
Encrypted message: KHOOR

ASSIGNMENT NO 3
TRANSPOSITION CIPHER

Page | 15

In cryptography, a transposition cipher is a method of encryption by which the positions held


by units of plaintext (which are commonly characters or groups of characters) are shifted
according to a regular system, so that the ciphertext constitutes a permutation of the plaintext.
That is, the order of the units is changed. Mathematically a bijective function is used on the
characters' positions to encrypt and an inverse function to decrypt.

Rail Fence cipher


The Rail Fence cipher is a form of transposition cipher that gets its name from the way in which
it is encoded. In the rail fence cipher, the plaintext is written downwards on successive "rails" of
an imaginary fence, then moving up when we get to the bottom. The message is then read off in
rows. For example, using three "rails" and a message of 'WE ARE DISCOVERED. FLEE AT
ONCE', the cipherer writes out:
W . . . E . . . C . . . R . . . L . . . T . . . E
. E . R . D . S . O . E . E . F . E . A . O . C .
. . A . . . I . . . V . . . D . . . E . . . N . .

Then reads off:


WECRL TEERD SOEEF EAOCA IVDEN

Route cipher
In a route cipher, the plaintext is first written out in a grid of given dimensions, then read off in a
pattern given in the key. For example, using the same plaintext that we used for rail fence:
W R I O R F E O E
E E S V E L A N J
A D C E D E T C X

The key might specify "spiral inwards, clockwise, starting from the top right". That would give a
cipher text of:
EJXCTEDECDAEWRIORFEONALEVSE

Route ciphers have many more keys than a rail fence. In fact, for messages of reasonable length,
the number of possible keys is potentially too great to be enumerated even by modern machinery.
However, not all keys are equally good. Badly chosen routes will leave excessive chunks of
plaintext, or text simply reversed, and this will give cryptanalysts a clue as to the routes..

Columnar transposition
Page | 16

In a columnar transposition, the message is written out in rows of a fixed length, and then read
out again column by column, and the columns are chosen in some scrambled order. Both the
width of the rows and the permutation of the columns are usually defined by a keyword. For
example, the word ZEBRAS is of length 6 (so the rows are of length 6), and the permutation is
defined by the alphabetical order of the letters in the keyword. In this case, the order would be "6
3 2 4 1 5".
In a regular columnar transposition cipher, any spare spaces are filled with nulls; in an irregular
columnar transposition cipher, the spaces are left blank. Finally, the message is read off in
columns, in the order specified by the keyword. For example, suppose we use the keyword
ZEBRAS and the message WE ARE DISCOVERED. FLEE AT ONCE . In a regular columnar
transposition, we write this into the grid as:
6
W
I
R
E
E

3
E
S
E
A
Q

2
A
C
D
T
K

4
R
O
F
O
J

1
E
V
L
N
E

5
D
E
E
C
U

Providing five nulls (QKJEU) at the end. The ciphertext is then read off as:
EVLNE ACDTK ESEAQ ROFOJ DEECU WIREE

In the irregular case, the columns are not completed by nulls:


6
W
I
R
E
E

3
E
S
E
A

2
A
C
D
T

4
R
O
F
O

1
E
V
L
N

5
D
E
E
C

This results in the following ciphertext:


EVLNA CDTES EAROF ODEEC WIREE

To decipher it, the recipient has to work out the column lengths by dividing the message length
by the key length. Then he can write the message out in columns again, then re-order the
columns by reforming the key word.
Columnar transposition continued to be used for serious purposes as a component of more
complex ciphers at least into the 1950's.

Detection and cryptanalysis


Since transposition does not affect the frequency of individual symbols, simple transposition can
be easily detected by the cryptanalyst by doing a frequency count. If the ciphertext exhibits a
frequency distribution very similar to plaintext, it is most likely a transposition. This can then
often be attacked by anagrammingsliding pieces of ciphertext around, then looking for
sections that look like anagrams of English words, and solving the anagrams. Once such
Page | 17

anagrams have been found, they reveal information about the transposition pattern, and can
consequently be extended.

Implementation of transposition cipher


#include<stdio.h>
#include<conio.h>
#include<string.h>
void main()
{
char in[4][5],out[4][5],p[20],c[20],p1[20];
int i,j,k=0,key[5]={2,4,1,0,3},l=0,count,temp;
clrscr();
printf("Enter the message: ");
gets(p);
for(i=0;i<4;i++)
{
for(j=0;j<5;j++)
{
in[i][j]=p[k];
k++;
}
}
/*for(i=0;i<4;i++)
{
Page | 18

for(j=0;j<5;j++)
{
printf("%c",in[i][j]);
}
printf("\n");

}*/
count=0;
printf("Encrypted message is: ");
for(i=0;i<5;i++)
{
j=0;
while(count!=key[j])
{
j++;
}
count++;
for(k=0;k<4;k++)
{
c[l]=in[k][j];
printf("%c",c[l]);
l++
}
}
c[l]='\0';
printf("\n");
Page | 19

for(i=0;i<5;i++)
{
for(j=0;j<4;j++)
{
out[j][i]=c[(4*key[i])+j];
}
}
/*for(i=0;i<4;i++)
{
for(j=0;j<5;j++)
{
printf("%c",out[i][j]);
}
printf("\n");
}*/
printf("Decrypted message is: ");
l=0;
for(i=0;i<4;i++)
{
for(j=0;j<5;j++)
{
p1[l]=out[i][j];
printf("%c",p1[l]);
l++;
}
}getch();
Page | 20

Output:
Enter the message: meetmeaftertogaparty
Encrypted message is: ttgteformerpmeayeata
Decrypted message is: meetmeaftertogaparty

Page | 21

ASSIGNMENT NO 4
MONOALPHABETIC CIPHER

Mono-alphabetic Cipher
A mono-alphabetic cipher is a simple substitution cipher wherein each letter of the plaintext is
replaced by another letter in the ciphertext. An example of a mono-alphabetic cipher key follows:
ABCDEFGHIJKLMNOPQRSTUVWXYZ
jrsqxzoewndyvpfatbcilhgkmu
This key means that any 'j' in the plaintext will be replaced by an 'A' in the ciphertext, any 'r' in
the plaintext will be replaced by a 'B' in the ciphertext, and so on.

Page | 22

Cryptanalysis
While there are hundreds of different codes and cipher systems in the world, there are some
universal traits and techniques cryptanalysts use to solve them. Patience and perseverance are
two of the most important qualities in a cryptanalyst. Solving a cipher can take a lot of time,
sometimes requiring you to retrace your steps or start over. It is tempting to give up when you
are faced with a particuarly challenging cipher.
Another important skill to have is a strong familiarity with the language in which the plaintext is
written. Trying to solve a coded message written in an unfamiliar language is almost impossible.
strong familiarity with a language includes a grasp of the language's redundancy.
Redundancy means that every language contains more characters or words than are actually
needed to convey information. The rules of the English language create redundancy -- for
example, no English word will begin with the letters "ng." English also relies heavily on a small
number of words. Words like "the," "of," "and," "to," "a," "in," "that," "it," "is," and "I" account
for more than one quarter of the text of an average message written in English.
Knowing the redundant qualities of a language makes a cryptanalyst's task much easier. No
matter how convoluted the cipher is, it follows some language's rules in order for the recipient to
understand the message. Cryptanalysts look for patterns within ciphers to find common words
and letter pairings.
One basic technique in cryptanalysis is frequency analysis. Every language uses certain letters
more often than others. In English, the letter "e" is the most common letter. By counting up the
characters in a text, a cryptanalyst can see very quickly what sort of cipher he has. If the
distribution of cipher frequency is similar to the distribution of the frequency of a normal
alphabet, the cryptanalyst may conclude that he's dealing with a monoalphabetic cipher.

Page | 23

This chart shows the frequency with which


each letter in the English language is used.

Implementation of monoalphabetic cipher


#include<stdio.h>
#include<conio.h>
void main()
{
char key[26]={'c','a','f','x','b','z','s','v','n','h','j','k','d','l','i','o','y','u','p','r','t','w','q','g','e','m'};
char str[100],temp[100];
int i,c,j;
clrscr();
printf("enter your string: ");
gets(str);
strcpy(temp,str);
for(i=0;temp[i]!='\0';i++)
{
if(temp[i]>=97&&temp[i]<=122)
{
c=temp[i]-97;
temp[i]=key[c];
}
else if (temp[i]>=65&&temp[i]<=90)
{
c=temp[i]-65;
temp[i]=key[c];
Page | 24

}
else
{
temp[i]=temp[i];
}
}
printf("\n\n Encrypted String: ");
printf("%s",temp);
printf("\n\n Decrypted string: ");
for(i=0;temp[i]!='\0';i++)
{
for(j=0;j<26;j++)
{
if(temp[i]==key[j])
{
temp[i]=j+97;
break;
}
}
}
printf("%s",temp);
getch();
}

Output:
Page | 25

enter your string: vvp engineering college


Encrypted String: wwo blsnlbbunls fikkbsb
Decrypted string: vvp engineering college

Page | 26

ASSIGNMENT NO: 5
POLYALPHABETIC CIPHER

Page | 27

Polyalphabetic Ciphers
A cipher is polyalphabetic if a given letter of the alphabet will not always enciphered by the
same ciphertext letter, and, as a consequence, cannot be described by a single set of ciphertext
alphabet corresponding to a single set of plaintext alphabet.
The simplest way to produce a polyalphabetic cipher is to combine different monoalphabetic
ciphers.
One of the problems with monoalphabetic ciphers is that the letters occur with certain frequency
in a language. This frequency can be graphed for both plaintext letters and the ciphertext letters
of the enciphered message, and, after some analysis, the cipher is relatively easily broken.
Example of the polyalphabetic ciphers is the Vigenre cipher. The Vigenre cipher was
published in 1586 by the French diplomat Blaise de Vigenre. The basic idea of this cipher is to
use a number of monoalphabetic ciphers in turn. In order to encipher by Vigenre cipher, you
need two things: a keyword and the Vigenre square, below.

Page | 28

Key Word Letters


A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
A

A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

B C D E F G H I J K L M N O P Q R S T U V W X Y Z A

C D E F G H I J K L M N O P Q R S T U V W X Y Z A B

D E F G H I J K L M N O P Q R S T U V W X Y Z A B C

E F G H I J K L M N O P Q R S T U V W X Y Z A B C D

F G H I J K L M N O P Q R S T U V W X Y Z A B C D E

G H I J K L M N O P Q R S T U V W X Y Z A B C D E F

H I J K L M N O P Q R S T U V W X Y Z A B C D E F G

I J K L M N O P Q R S T U V W X Y Z A B C D E F G H

J K L M N O P Q R S T U V W X Y Z A B C D E F G H I

K L M N O P Q R S T U V W X Y Z A B C D E F G H I J

L M N O P Q R S T U V W X Y Z A B C D E F G H I J K

M N O P Q R S T U V W X Y Z A B C D E F G H I J K L

N O P Q R S T U V W X Y Z A B C D E F G H I J K L M

O P Q R S T U V W X Y Z A B C D E F G H I J K L M N

P Q R S T U V W X Y Z A B C D E F G H I J K L M N O

Q R S T U V W X Y Z A B C D E F G H I J K L M N O P

R S T U V W X Y Z A B C D E F G H I J K L M N O P Q

S T U V W X Y Z A B C D E F G H I J K L M N O P Q R

T U V W X Y Z A B C D E F G H I J K L M N O P Q R S

U V W X Y Z A B C D E F G H I J K L M N O P Q R S T

V W X Y Z A B C D E F G H I J K L M N O P Q R S T U

W X Y Z A B C D E F G H I J K L M N O P Q R S T U V

X Y Z A B C D E F G H I J K L M N O P Q R S T U V W

Y Z A B C D E F G H I J K L M N O P Q R S T U V W X

Z A B C D E F G H I J K L M N O P Q R S T U V W X Y

Page | 29

We write the keyword repeatedly over the text of the message until reaching the end. The rule for
enciphering:
The letter of the keyword that is above a plaintext letter determines the alphabet (i.e. the row of
the square) which will be used to encipher this cleartext letter.
For example, if our keyword was "hell" and our message was "I like mathematics", then we
write:
h

Then, to encipher the first i we look it up the hth row of the Vigenre square to find p.

Implementation of Polyalphabetic cipher


#include<stdio.h>
#include<conio.h>
#include<string.h>
void main()
{
int i,j,k,ch,length_plain,length_key,length,l,m,n;
char plain[100],key[100],map[26][26],encr[100],decr[100];
clrscr();
printf("enter the plaintext: ");
gets(plain);
printf("enter the key: ");
gets(key);
k=97;
for(i=0;i<26;i++)
{
ch=k;
Page | 30

for(j=0;j<26;j++)
{
map[i][j]=ch;
if(ch<122)
{
ch++;
}
else
{
ch=97;
}
}
k++;
}
/* for(i=0;i<26;i++)
{
for(j=0;j<26;j++)
{
printf("%c",map[i][j]);
}
printf("\n");
} */
length_plain=strlen(plain);
length_key=strlen(key);
length=length_key;
l=length_plain-length_key;
Page | 31

j=0;
for(i=0;i<l;i++)
{
key[length_key]=key[j];
if(j==length-1)
{
j=0;
}
else
{
j++;
}
length_key++;
}
printf("\nencryption: ");
for(i=0;i<length_plain;i++)
{
n=plain[i]-97;
m=key[i]-97;
encr[i]=map[m][n];
printf("%c",encr[i]);
}
printf("\ndecryption: ");
for(i=0;i<length_plain;i++)
{
m=key[i]-97;
Page | 32

j=0;
while(encr[i]!=map[m][j])
{
j++;
}
decr[i]=97+j;
printf("%c",decr[i]);
}
getch();
}

Output :
enter the plaintext: polyalphabetic
enter the key: cipher
encryption: rwafecrppiikkk
decryption: polyalphabetic

Page | 33

ASSIGNMENT NO: 6
PLAYFAIR CIPHER

Page | 34

The Playfair cipher or Playfair square is a manual symmetric encryption technique and was the
first literal digraph substitution cipher. The scheme was invented in 1854 by Charles Wheatstone,
but bears the name of Lord Playfair who promoted the use of the cipher.
The technique encrypts pairs of letters (digraphs), instead of single letters as in the simple
substitution cipher and rather more complex Vigenre cipher systems then in use. The Playfair is
thus significantly harder to break since the frequency analysis used for simple substitution
ciphers does not work with it. Frequency analysis can still be undertaken, but on the 600 [1]
possible digraphs rather than the 26 possible monographs. The frequency analysis of digraphs is
possible, but considerably more difficult and it generally requires a much larger ciphertext in
order to be useful.

Description
The Playfair cipher uses a 5 by 5 table containing a key word or phrase. Memorization of the
keyword and 4 simple rules was all that was required to create the 5 by 5 table and use the
cipher.
To generate the key table, one would first fill in the spaces in the table with the letters of the
keyword (dropping any duplicate letters), then fill the remaining spaces with the rest of the
letters of the alphabet in order (usually omitting "Q" to reduce the alphabet to fit; other versions
put both "I" and "J" in the same space). The key can be written in the top rows of the table, from
left to right, or in some other pattern, such as a spiral beginning in the upper-left-hand corner and
ending in the center. The keyword together with the conventions for filling in the 5 by 5 table
constitute the cipher key.
To encrypt a message, one would break the message into digraphs (groups of 2 letters) such that,
for example, "HelloWorld" becomes "HE LL OW OR LD", and map them out on the key table. If
needed, append a "Z" to complete the final digraph. The two letters of the digraph are considered
as the opposite corners of a rectangle in the key table. Note the relative position of the corners of
this rectangle. Then apply the following 4 rules, in order, to each pair of letters in the plaintext:
1. If both letters are the same (or only one letter is left), add an "X" after the
first letter. Encrypt the new pair and continue. Some variants of Playfair use
"Q" instead of "X", but any uncommon monograph will do.
2. If the letters appear on the same row of your table, replace them with the
letters to their immediate right respectively (wrapping around to the left side
of the row if a letter in the original pair was on the right side of the row).
3. If the letters appear on the same column of your table, replace them with the
letters immediately below respectively (wrapping around to the top side of
the column if a letter in the original pair was on the bottom side of the
column).

Page | 35

4. If the letters are not on the same row or column, replace them with the
letters on the same row respectively but at the other pair of corners of the
rectangle defined by the original pair. The order is important the first letter
of the encrypted pair is the one that lies on the same row as the first letter of
the plaintext pair.

To decrypt, use the INVERSE (opposite) of the last 3 rules, and the 1st as-is (dropping any extra
"X"s (or "Q"s) that don't make sense in the final message when finished).

Example
Using "playfair example" as the key, (assuming I and J are interchangeable) the table becomes:
P LAYF
IREXM
BCDGH
KNOQS
TUVWZ
Encrypting the message "Hide the gold in the tree stump":
HI DE TH EG OL DI NT HE TR EX ES TU MP
1. The pair HI forms a rectangle, replace it with BM
2. The pair DE is in a column, replace it with OD
3. The pair TH forms a rectangle, replace it with ZB
4. The pair EG forms a rectangle, replace it with XD
5. The pair OL forms a rectangle, replace it with NA
6. The pair DI forms a rectangle, replace it with BE
7. The pair NT forms a rectangle, replace it with KU
8. The pair HE forms a rectangle, replace it with DM
9. The pair TR forms a rectangle, replace it with UI
10. The pair EX (X inserted to split EE) is in a row, replace it with XM
11. The pair ES forms a rectangle, replace it with MO
12. The pair TU is in a row, replace it with UV
13. The pair MP forms a rectangle, replace it with IF
Thus
the
message
"Hide
the
gold
in
the
tree
stump"
"BMODZBXDNABEKUDMUIXMMOUVIF".

becomes

Cryptanalysis
Like most pre-modern era ciphers, the Playfair cipher can be easily cracked if there is enough
text. Obtaining the key is relatively straightforward if both plaintext and ciphertext are known.
When only the ciphertext is known, brute force cryptanalysis of the cipher involves searching
through the key space for matches between the frequency of occurrence of digrams (pairs of
letters) and the known frequency of occurrence of digrams in the assumed language of the
original message.
Page | 36

Cryptanalysis of Playfair is similar to that of four-square and two-square ciphers, though the
relative simplicity of the Playfair system makes identifying candidate plaintext strings easier.
Most notably, a Playfair digraph and its reverse (e.g. AB and BA) will decrypt to the same letter
pattern in the plaintext (e.g. RE and ER). In English, there are many words which contain these
reversed digraphs such as REceivER and DEpartED. Identifying nearby reversed digraphs in the
ciphertext and matching the pattern to a list of known plaintext words containing the pattern is an
easy way to generate possible plaintext strings with which to begin constructing the key.
A different approach to tackling a Playfair cipher is the shotgun hill climbing method. This starts
with a random square of letters. Then minor changes are introduced (i.e. switching letters, rows,
or reflecting the entire square) to see if the candidate plaintext is more like standard plaintext
than before the change (perhaps by comparing the digraphs to a known frequency chart). If the
new square is deemed to be an improvement, then it is adopted and then further mutated to find
an even better candidate. Eventually, the plaintext or something very close is found to achieve a
maximal score by whatever grading method is chosen. This is obviously beyond the range of
typical human patience, but computers can adopt this algorithm to crack Playfair ciphers with a
relatively small amount of text.
Another aspect of Playfair that separates it from four-square and two-square ciphers is the fact
that it will never contain a double-letter digraph, e.g. EE. If there are no double letter digraphs in
the ciphertext and the length of the message is long enough to make this statistically significant,
it is very likely that the method of encryption is Playfair.

Implementation of playfair cipher


#include <stdio.h>
#include <conio.h>
#define siz 5
void encrypt(int *i, int *j)
{
(*i)++,(*j)++;
if((*i)==siz) *i=0;
else if((*j)==siz) *j=0;
}
Page | 37

void playfair(char ch1,char ch2, char mat[siz][siz])


{
int j,m,n,p,q,c,k;
for(j=0,c=0;(c<2)||(j<siz);j++)
{
for(k=0;k<siz;k++)
{
if(mat[j][k] == ch1)
{
m=j,n=k,c++;
}
else if(mat[j][k] == ch2)
{
p=j,q=k,c++;
}
}
}
if(m==p)
{
encrypt(&n,&q);
}
else if(n==q)
{
Page | 38

encrypt(&m,&p);
}
else
{
n+=q,q=n-q,n-=q;
}
printf("%c%c",mat[m][n],mat[p][q]);
}
void main()
{
char mat[siz][siz],key[10],str[25]={0};
int m,n,i,j;
char temp;
printf("Enter Key String:");
gets(key);
m=n=0;
for(i=0;key[i]!='\0';i++)
{
for(j=0;j<i;j++)
{
if(key[j] == key[i])
{
break;
Page | 39

}
}
if(key[i]=='j')
{
key[i]='i';
}
if(j>=i)
{
mat[m][n++] = key[i];
if(n==siz)
{
n=0,m++;
}
}
}
for(i=97;i<=122;i++)
{
for(j=0;key[j]!='\0';j++)
{
if(key[j] == i)
{
break;
}
Page | 40

else if(i=='j')
{
break;
}
}
if(key[j]=='\0')
{
mat[m][n++] = i;
if(n==siz) n=0,m++;
}
}
printf("Enter input String:");
gets(str);
printf("\n\nMatrix :\n");
for(i=0;i<siz;i++)
{
for(j=0;j<siz;j++)
{
printf("%c\t",mat[i][j]);
}
printf("\n");
}
printf("\n\nEntered text :%s\nCipher Text :",str);
Page | 41

for(i=0;str[i]!='\0';i++)
{
temp = str[i++];
if(temp == 'j')
{
temp='i';
}
if(str[i]=='\0')
{
playfair(temp,'x',mat);
}
else
{
if(str[i]=='j') str[i]='i';
if(temp == str[i])
{
playfair(temp,'x',mat);
i--;
}
else
playfair(temp,str[i],mat);
}
}
Page | 42

Output:
Enter Key String:monarchy
Enter input String:balloon
Matrix :
m

Entered text: balloon


Cipher Text: ibsupmna

Page | 43

ASSIGNMENT NO: 7
DATA ENCRYPTION STANDARD

Data Encryption Standard


DES encrypts and decrypts data in 64-bit blocks, using a 64-bit key (although the effective key
strength is only 56 bits, as explained below). It takes a 64-bit block of plaintext as input and
outputs a 64-bit block of ciphertext. Since it always operates on blocks of equal size and it uses
both permutations and substitutions in the algorithm, DES is both a block cipher and a product
cipher.
DES has 16 rounds, meaning the main algorithm is repeated 16 times to produce the ciphertext.
It has been found that the number of rounds is exponentially proportional to the amount of time
required to find a key using a brute-force attack. So as the number of rounds increases, the
security of the algorithm increases exponentially.

Page | 44

Fig-1 General depiction of DES encryption algorithm

Key Scheduling
Although the input key for DES is 64 bits long, the actual key used by DES is only 56 bits in
length. The least significant (right-most) bit in each byte is a parity bit, and should be set so that
there are always an odd number of 1s in every byte. These parity bits are ignored, so only the
seven most significant bits of each byte are used, resulting in a key length of 56 bits.

Page | 45

FIG-2 Key Scheduling


The first step is to pass the 64-bit key through a permutation called Permuted Choice 1, or PC-1
for short. The table for this is given below. Note that in all subsequent descriptions of bit
numbers, 1 is the left-most bit in the number, and n is the rightmost bit.

Page | 46

PC-1: Permuted Choice 1


Bi
t

5
7

4
9

4
1

3
3

2
5

1
7

5
8

5
0

4
2

3
4

2
6

18

15

1
0

5
9

5
1

4
3

3
5

27

22

1
9

1
1

6
0

5
2

4
4

36

29

6
3

5
5

4
7

3
9

3
1

2
3

15

36 7

6
2

5
4

4
6

3
8

3
0

22

43

1
4

6
1

5
3

4
5

3
7

29

50

2
1

1
3

2
8

2
0

1
2

For example, we can use the PC-1 table to figure out how bit 30 of the original 64-bit key
transforms to a bit in the new 56-bit key. Find the number 30 in the table, and notice that it
belongs to the column labeled 5 and the row labeled 36. Add up the value of the row and column
to find the new position of the bit within the key. For bit 30, 36 + 5 = 41, so bit 30 becomes bit
41 of the new 56-bit key. Note that bits 8, 16, 24, 32, 40, 48, 56 and 64 of the original key are not
in the table. These are the unused parity bits that are discarded when the final 56-bit key is
created.
Now that we have the 56-bit key, the next step is to use this key to generate 16 48-bit subkeys,
called K[1]-K[16], which are used in the 16 rounds of DES for encryption and decryption. The
procedure for generating the subkeys - known as key scheduling - is fairly simple:
1. Set the round number R to 1.
Page | 47

2. Split the current 56-bit key, K, up into two 28-bit blocks, L (the left-hand half) and R (the
right-hand half).
3. Rotate L left by the number of bits specified in the table below, and rotate R left by the same
number of bits as well.
4. Join L and R together to get the new K.
5. Apply Permuted Choice 2 (PC-2) to K to get the final K[R], where R is the round number we
are on.
6. Increment R by 1 and repeat the procedure until we have all 16 subkeys K[1]-K[16].
Here are the tables involved in these operations:
Subkey Rotation Table

Round Number

1 2 3 4 5 6 7 8 9

Number of bits to
1
rotate

1
0

1
1

1
2

1
3

1
4

1
5

16

PC-2: Permuted Choice 2


Bit

14

17

11

24

28

15

21

10

13

23

19

12

26

19

16

27

20

13

25

41

52

31

37

47

55

31

30

40

51

45

33

48

37

44

49

39

56

34

53

Page | 48

43

46

42

50

36

29

32

Plaintext Preparation
Once the key scheduling has been performed, the next step is to prepare the plaintext for the
actual encryption. This is done by passing the plaintext through a permutation called the Initial
Permutation, or IP for short. This table also has an inverse, called the Inverse Initial Permutation,
or IP^(-1). Sometimes IP^(-1) is also called the Final Permutation. Both of these tables are
shown below.

FIG-3 The various permutations and transformations in the DES

Page | 49

IP: Initial Permutation

IP^(-1): Inverse Initial Permutation

Bit

Bit

58

50

42

34

26

18

10

40

48

16

56

24

64

32

60

52

44

36

28

20

12

39

47

15

55

23

63

31

17

62

54

46

38

30

22

14

17

38

46

14

54

22

62

30

25

64

56

48

40

32

24

16

25

37

45

13

53

21

61

29

33

57

49

41

33

25

17

33

36

44

12

52

20

60

28

41

59

51

43

35

27

19

11

41

35

43

11

51

19

59

27

49

61

53

45

37

29

21

13

49

34

42

10

50

18

58

26

57

63

55

47

39

31

23

15

57

33

41

49

17

57

25

These tables are used just like PC-1 and PC-2 were for the key scheduling. By looking at the
table is becomes apparent why one permutation is called the inverse of the other. For example,
let's examine how bit 32 is transformed under IP. In the table, bit 32 is located at the intersection
of the column labeled 4 and the row labeled 25. So this bit becomes bit 29 of the 64-bit block
after the permutation. Now let's apply IP^(-1). In IP^(-1), bit 29 is located at the intersection of
the column labeled 7 and the row labeled 25. So this bit becomes bit 32 after the permutation.
And this is the bit position that we started with before the first permutation. So IP^(-1) really is
the inverse of IP. It does the exact opposite of IP. If you run a block of plaintext through IP and
then pass the resulting block through IP^(-1), you'll end up with the original block.

DES Core Function


Once the key scheduling and plaintext preparation have been completed, the actual encryption or
decryption is performed by the main DES algorithm. The 64-bit block of input data is first split
into two halves, L and R. L is the left-most 32 bits, and R is the right-most 32 bits. The following
process is repeated 16 times, making up the 16 rounds of standard DES. We call the 16 sets of
halves L[0]-L[15] and R[0]-R[15].
1. R[I-1] - where I is the round number, starting at 1 - is taken and fed into the E-Bit Selection
Table, which is like a permutation, except that some of the bits are used more than once. This
expands the number R[I-1] from 32 to 48 bits to prepare for the next step.

Page | 50

2. The 48-bit R[I-1] is XORed with K[I] and stored in a temporary buffer so that R[I-1] is not
modified.
3. The result from the previous step is now split into 8 segments of 6 bits each. The left-most 6
bits are B[1], and the right-most 6 bits are B[8]. These blocks form the index into the S-boxes,
which are used in the next step. The Substitution boxes, known as S-boxes, are a set of 8 twodimensional arrays, each with 4 rows and 16 columns. The numbers in the boxes are always 4
bits in length, so their values range from 0-15. The S-boxes are numbered S[1]-S[8].
4. Starting with B[1], the first and last bits of the 6-bit block are taken and used as an index into
the row number of S[1], which can range from 0 to 3, and the middle four bits are used as an
index into the column number, which can range from 0 to 15. The number from this position in
the S-box is retrieved and stored away. This is repeated with B[2] and S[2], B[3] and S[3], and
the others up to B[8] and S[8]. At this point, you now have 8 4-bit numbers, which when strung
together one after the other in the order of retrieval, give a 32-bit result.
5. The result from the previous stage is now passed into the P Permutation.
6. This number is now XORed with L[I-1], and moved into R[I]. R[I-1] is moved into L[I].
7. At this point we have a new L[I] and R[I]. Here, we increment I and repeat the core function
until I = 17, which means that 16 rounds have been executed and keys K[1]-K[16] have all been
used.
When L[16] and R[16] have been obtained, they are joined back together in the same fashion
they were split apart (L[16] is the left-hand half, R[16] is the right-hand half), then the two
halves are swapped, R[16] becomes the left-most 32 bits and L[16] becomes the right-most 32
bits of the pre-output block and the resultant 64-bit number is called the pre-output.

Page | 51

Tables used in the DES Core Function


E-Bit Selection Table

P Permutation

Bit

Bit

32

16

20

21

29

12

28

17

13

10

11

12

13

15

23

26

19

12

13

14

15

16

17

13

18

31

10

25

16

17

18

19

20

21

17

24

14

31

20

21

22

23

24

25

21

32

27

37

24

25

26

27

28

29

25

19

13

30

43

28

29

30

31

32

29

22

11

25

S-Box 1: Substitution Box 1


Row
Column

14 4

15 7

15 12 8

3 4

13 1 2

1
2

1
3

1
4

15

12 5

12 11 9

10 5

15 11 8

10 6

10

14 8 13 6
2 4

1
0

4 14 2

13 1

1
1

11 15

12 9

11 3

14 10 0

13

S-Box 2: Substitution Box 2

Page | 52

Row
Column

1
0

1
1

1
3

1
4

15

15 1

14

11 3

13 12 0

10

13 4

15 2

14 12 0

10 6

11 5

14 7

11

10 4

13 1

13 8

12 0

14 9

1
0

1
1

1
3

1
4

15

11 4

10 1

15 4

11 6

12 6

1
2

15

S-Box 3: Substitution Box 3


Row
Column

4 5

10 0

14 6

13 7

13 6

15 5

13 12 7

15 3

10 13 0

10 2

1
2

14 12 11 15 1

11 1

12 5

15 14 3

10 14 7

11 5

12

Page | 53

S-Box 4: Substitution Box 4


Row
Column

1
0

1
1

1
2

1
4

15

10 1

11 12 4

15

11 5

15 0

12 1

10 14 9

12 11 7

13 15 1

14 5

15 0

10 1

13 8

11 12 7

14

1
4

15

3 4

13 14 3

13 8

10 6

1
3

S-Box 5: Substitution Box 5


Row
Column

1
0

1
1

12 4

10 11 6

15 13 0

14 11 2

12 4

15 10 3

11 10 13 7

12 5

14

11 8

10 4

12 7

13 1

14 2

15 9

13 6

15 0

1
2

1
3

14 9

Page | 54

S-Box 6: Substitution Box 6


Row
Column

12 1

10 15 4

2
3

4 5

10 15 9

1
0

1
1

1
2

1
3

1
4

15

13 3

14 7

11

13 14 0

11 3

10 1

13 11 6

12 9

14 15 5

12 3

12 9

15 10 11 14 1

13

1
0

1
1

1
2

1
3

1
4

15

12 9

10 6

12 2

15 8

15 14 2

12

S-Box 7: Substitution Box 7


Row
Column

11 2

13 0

11 7

11 13 8

5 6

14 15 0

13 3

10 14 3

11 13 12 3

14 10 15 6

10 7

Page | 55

S-Box 8: Substitution Box 8


Row
Column

3 4

13 2

15 11 1

15 13 8

10 3

11 4

12 14 2

14 7

10 8

1
0

1
1

1
2

1
3

1
4

10 9

14 5

12 7

12 5

11 0

14 9

10 13 15 3

13 15 12 9

15

11

How to use the S-Boxes


The purpose of this example is to clarify how the S-boxes work. Suppose we have the following
48-bit binary number:
011101000101110101000111101000011100101101011101
In order to pass this through steps 3 and 4 of the Core Function as outlined above, the number is
split up into 8 6-bit blocks, labeled B[1] to B[8] from left to right:
011101 000101 110101 000111 101000 011100 101101 011101
Now, eight numbers are extracted from the S-boxes - one from each box:
B[1]
=
S[1](01,
1110)
=
B[2]
=
S[2](01,
0010)
=
B[3]
=
S[3](11,
1010)
=
B[4]
=
S[4](01,
0011)
=
B[5]
=
S[5](10,
0100)
=
B[6]
=
S[6](00,
1110)
=
B[7]
=
S[7](11,
0110)
=
B[8] = S[8](01, 1110) = S[8][1][14] = 9 = 1001

S[1][1][14]
S[2][1][2
]
S[3][3][10]
S[4][1][3
]
S[5][2][4
]
S[6][0][14]
S[7][3][6
]

=
=
=
=
=
=
=

3
4
14
5
10
5
10

=
=
=
=
=
=
=

0011
0100
1110
0101
1010
0101
1010

In each case of S[n][row][column], the first and last bits of the current B[n] are used as the row
index, and the middle four bits as the column index.
The results are now joined together to form a 32-bit number which serves as the input to stage 5
of the Core Function (the P Permutation):
Page | 56

00110100111001011010010110101001

Ciphertext Preparation
The final step is to apply the permutation IP^(-1) to the pre-output. The result is the completely
encrypted ciphertext.

Encryption and Decryption


The same algorithm can be used for encryption or decryption. The method
described above will encrypt a block of plaintext and return a block of ciphertext. In
order to decrypt the ciphertext and get the original plaintext again, the procedure is
simply repeated but the subkeys are applied in reverse order, from K[16]-K[1]. That
is, stage 2 of the Core Function as outlined above changes from R[I-1] XOR K[I] to
R[I-1] XOR K[17-I]. Other than that, decryption is performed exactly the same as
encryption.

Implementation of DES Algorithm


#include<stdio.h>
#include<conio.h>
#include<string.h>
#include<malloc.h>
#include<stdlib.h>
#include<math.h>

void hex_to_bin(char *,char *);


char* bin_to_hex(char *);
void permutation(char *,char *);
void make_half(char *,char *,char *);
void single_shift(char *,char *);
void double_shift(char *,char *);
void make_key(char *,char *,char *);
void permutation_32(char *,char *);
void permutation_48(char *,char *);

Page | 57

void permutation_64(char *,char *,char *);

void des_round(char *,char *,char *,char *,char *,char *,char *);


void des_round_decry(char *,char *,char *,char *,char *,char *,char *);
void copy(char *,char *);
void permut_48(char *,char *);
void xor(char *,char *,char *);
void xor_32(char *,char *,char *);
void common_permutation(char *,char *);
void hex_to_plain(char *,char *,int);
int switch_case(char );
char SB[32];

char *bin[]={
"0000",
"0001",
"0010",
"0011",
"0100",
"0101",
"0110",
"0111",
"1000",
"1001",
"1010",
"1011",
"1100",
"1101",

Page | 58

"1110",
"1111"
};

char hex[16]={'0','1','2','3','4','5','6','7','8','9','A','B','C','D','E','F'};

int PC1[8][7]={
57,49,41,33,25,17,9,
1,58,50,42,34,26,18,
10,2,59,51,43,35,27,
19,11,3,60,52,44,36,
63,55,47,39,31,23,15,
7,62,54,46,38,30,22,
14,6,61,53,45,37,29,
21,13,5,28,20,12,4
};

int PC2[8][6]={
14,17,11,24,1,5,
3,28,15,6,21,10,
23,19,12,4,26,8,
16,7,27,20,13,2,
41,52,31,37,47,55,
30,40,51,45,33,48,
44,49,39,56,34,53,
46,42,50,36,29,32
};

Page | 59

int IP[8][8]={
58,50,42,34,26,18,10,2,
60,52,44,36,28,20,12,4,
62,54,46,38,30,22,14,6,
64,56,48,40,32,24,16,8,
57,49,41,33,25,17,9,1,
59,51,43,35,27,19,11,3,
61,53,45,37,29,21,13,5,
63,55,47,39,31,23,15,7};

int E_bit[8][6]={
32,1,2,3,4,5,
4,5,6,7,8,9,
8,9,10,11,12,13,
12,13,14,15,16,17,
16,17,18,19,20,21,
20,21,22,23,24,25,
24,25,26,27,28,29,
28,29,30,31,32,1};

char *look_up[]={
"00",
"01",
"10",
"11"};

int sb_permutation[8][4]={
16,7,20,21,

Page | 60

29,12,28,17,
1,15,23,26,
5,18,31,10,
2,8,24,14,
32,27,3,9,
19,13,30,6,
22,11,4,25};

int s1[4][16]={
14,4,13,1,2,15,11,8,3,10,6,12,5,9,0,7,
0,15,7,4,14,2,13,1,10,6,12,11,9,5,3,8,
4,1,14,8,13,6,2,11,15,12,9,7,3,10,5,0,
15,12,8,2,4,9,1,7,5,11,3,14,10,0,6,13};

int s2[4][16]={
15,1,8,14,6,11,3,4,9,7,2,13,12,0,5,10,
3,13,4,7,15,2,8,14,12,0,1,10,6,9,11,5,
0,14,7,11,10,4,13,1,5,8,12,6,9,3,2,15,
13,8,10,1,3,15,4,2,11,6,7,12,0,5,14,9};

int s3[4][16]={
10,0,9,14,6,3,15,5,1,13,12,7,11,4,2,8,
13,7,0,9,3,4,6,10,2,8,5,14,12,11,15,1,
13,6,4,9,8,15,3,0,11,1,2,12,5,10,14,7,
1,10,13,0,6,9,8,7,4,15,14,3,11,5,2,12};

int s4[4][16]={
7,13,14,3,0,6,9,10,1,2,8,5,11,12,4,15,

Page | 61

13,8,11,5,6,15,0,3,4,7,2,12,1,10,14,9,
10,6,9,0,12,11,7,13,15,1,3,14,5,2,8,4,
3,15,0,6,10,1,13,8,9,4,5,11,12,7,2,14};

int s5[4][16]={
2,12,4,1,7,10,11,6,8,5,3,15,13,0,14,9,
14,11,2,12,4,7,13,1,5,0,15,10,3,9,8,6,
4,2,1,11,10,13,7,8,15,9,12,5,6,3,0,14,
11,8,12,7,1,14,2,13,6,15,0,9,10,4,5,3};

int s6[4][16]={
12,1,10,15,9,2,6,8,0,13,3,4,14,7,5,11,
10,15,4,2,7,12,9,5,6,1,12,14,0,11,3,8,
9,14,15,5,2,8,12,3,7,0,4,10,1,13,11,6,
4,3,2,12,9,5,15,10,11,14,1,7,6,0,8,13};

int s7[4][16]={
4,11,2,14,15,0,8,13,3,12,9,7,5,10,6,1,
13,0,11,7,4,9,1,10,14,3,5,12,2,15,8,6,
1,4,11,13,12,3,7,14,10,15,6,8,0,5,9,2,
6,11,13,8,1,4,10,7,9,5,0,15,14,2,3,12};

int s8[4][16]={
13,2,8,4,6,15,11,1,10,9,3,14,5,0,12,7,
1,15,13,8,10,3,7,4,12,5,6,11,0,14,9,2,
7,11,4,1,9,12,14,2,0,6,10,13,15,3,5,8,
2,1,14,7,4,10,8,13,15,12,9,0,3,5,6,11};

Page | 62

int ip_inverse[8][8]={
40,8,48,16,56,24,64,32,
39,7,47,15,55,23,63,31,
38,6,46,14,54,22,62,30,
37,5,45,13,53,21,61,29,
36,4,44,12,52,20,60,28,
35,3,43,11,51,19,59,27,
34,2,42,10,50,18,58,26,
33,1,41,9,49,17,57,25
};

void main()
{
char input[200],initial_hex[400];
int i,j,k=0,len,r,x,m,temp;
int d,e,f;
char hex_arr[25][16];

char input_hex[16],input_bin[64];
char key_hex[16]={'1','3','3','4','5','7','7','9','9','B','B','C','D','F','F','1'};
char key_bin[64],key_PC1[56];
char
ch,*decryption,*encryption,encryption_final[400],decryption_final_hex[400],decryption_final_plain[200]
;
char encrypted[64],decrypted[64],encry_permut[64],decry_permut[64];
int length,p=-1,q=-1;

char C0[28],D0[28],
C1[28],D1[28],CD1[56],

Page | 63

C2[28],D2[28],CD2[56],
C3[28],D3[28],CD3[56],
C4[28],D4[28],CD4[56],
C5[28],D5[28],CD5[56],
C6[28],D6[28],CD6[56],
C7[28],D7[28],CD7[56],
C8[28],D8[28],CD8[56],
C9[28],D9[28],CD9[56],
C10[28],D10[28],CD10[56],
C11[28],D11[28],CD11[56],
C12[28],D12[28],CD12[56],
C13[28],D13[28],CD13[56],
C14[28],D14[28],CD14[56],
C15[28],D15[28],CD15[56],
C16[28],D16[28],CD16[56];

char L0[32],R0[32],ER0[48];
char K1[48],L1[32],R1[32],ER1[48],F1[48],
K2[48],L2[32],R2[32],ER2[48],F2[48],
K3[48],L3[32],R3[32],ER3[48],F3[48],
K4[48],L4[32],R4[32],ER4[48],F4[48],
K5[48],L5[32],R5[32],ER5[48],F5[48],
K6[48],L6[32],R6[32],ER6[48],F6[48],
K7[48],L7[32],R7[32],ER7[48],F7[48],
K8[48],L8[32],R8[32],ER8[48],F8[48],
K9[48],L9[32],R9[32],ER9[48],F9[48],
K10[48],L10[32],R10[32],ER10[48],F10[48],
K11[48],L11[32],R11[32],ER11[48],F11[48],

Page | 64

K12[48],L12[32],R12[32],ER12[48],F12[48],
K13[48],L13[32],R13[32],ER13[48],F13[48],
K14[48],L14[32],R14[32],ER14[48],F14[48],
K15[48],L15[32],R15[32],ER15[48],F15[48],
K16[48],L16[32],R16[32],ER16[48],F16[48];

clrscr();

/******************* Input Plain Text *********************/


printf(">Enter plain text : ");
gets(input);

len=strlen(input);

for(i=0;i<len;i++)
{
while(input[i]!=0)
{
r=input[i]%16;
input[i]=input[i]/16;
if(r>9)
{
x=r-10;
r=65+x;
initial_hex[k]=r;
}
else
initial_hex[k]=r+48;

Page | 65

k++;
}
}
for(i=0;i<k;i=i+2)
{
temp=initial_hex[i];
initial_hex[i]=initial_hex[i+1];
initial_hex[i+1]=temp;
}
/*for(i=0;i<k;i++)
printf("%c",initial_hex[i]);*/

d=k/16;
e=k%16;
f=0;

for(i=0;i<=d;i++)
{
if(i<d)
{
for(j=0;j<=15;j++)
hex_arr[i][j]=initial_hex[f++];
}
else if(k%16==0)
break;
else
{

Page | 66

for(j=0;j<=15;j++)
{
if(j<e)
hex_arr[i][j]=initial_hex[f++];
else
{
hex_arr[i][j]='2';
hex_arr[i][++j]='0';
}
}
}

}
if(k%16!=0)
d++;

/*printf("\n");
for(i=0;i<d;i++)
{
for(j=0;j<=15;j++)
printf("%c",hex_arr[i][j]);
printf("\n");
}*/

/******************* Key in Binary form*****************/


hex_to_bin(key_hex,key_bin);

printf("\n>Key in Hexadecimal used for encryption : ");

Page | 67

for(i=0;i<16;i++)
printf("%c",key_hex[i]);
/*printf("\n");
for(i=0;i<64;i++)
printf("%c",key_bin[i]);

*/

for(m=0;m<d;m++)
{

for(i=0;i<16;i++)
input_hex[i]=hex_arr[m][i];
/*printf("\n\n");
for(i=0;i<16;i++)
printf("%c",input_hex[i]);
printf("\n");*/
/******************* Plain Text in Binary *****************/
hex_to_bin(input_hex,input_bin);

/*printf("\n");
for(i=0;i<64;i++)
printf("%c",input_bin[i]);*/

/******************* First Round of Permutation *****************/


permutation(key_bin,key_PC1);
/*for(i=0;i<56;i++)
printf("%c",key_PC1[i]); */

make_half(key_PC1,C0,D0);

Page | 68

/*printf("\n\nC0 : ");
for(i=0;i<28;i++)
printf("%c",C0[i]);

printf("\n\nD0 : ");
for(i=0;i<28;i++)
printf("%c",D0[i]);*/

/******************** Shifting Begins *********************/


single_shift(C0,C1);
single_shift(D0,D1);

/*printf("\n\nC1 : ");
for(i=0;i<28;i++)
printf("%c",C1[i]);

printf("\n\nD1 : ");
for(i=0;i<28;i++)
printf("%c",D1[i]); */

single_shift(C1,C2);
single_shift(D1,D2);

double_shift(C2,C3);
double_shift(D2,D3);

double_shift(C3,C4);

Page | 69

double_shift(D3,D4);

double_shift(C4,C5);
double_shift(D4,D5);

double_shift(C5,C6);
double_shift(D5,D6);

double_shift(C6,C7);
double_shift(D6,D7);

double_shift(C7,C8);
double_shift(D7,D8);

single_shift(C8,C9);
single_shift(D8,D9);

double_shift(C9,C10);
double_shift(D9,D10);

double_shift(C10,C11);
double_shift(D10,D11);

double_shift(C11,C12);
double_shift(D11,D12);

double_shift(C12,C13);
double_shift(D12,D13);

Page | 70

double_shift(C13,C14);
double_shift(D13,D14);

double_shift(C14,C15);
double_shift(D14,D15);

single_shift(C15,C16);
single_shift(D15,D16);

/******************** Shifting Ends *********************/

/*************** 16 Keys Generation Begins **************/

make_key(C1,D1,CD1);
permutation_48(CD1,K1);

/*printf("\n\nCD1 : ");
for(i=0;i<56;i++)
printf("%c",CD1[i]);

printf("\n\nK1 : ");
for(i=0;i<48;i++)
printf("%c",K1[i]);*/

make_key(C2,D2,CD2);
permutation_48(CD2,K2);

Page | 71

make_key(C3,D3,CD3);
permutation_48(CD3,K3);

make_key(C4,D4,CD4);
permutation_48(CD4,K4);

make_key(C5,D5,CD5);
permutation_48(CD5,K5);

make_key(C6,D6,CD6);
permutation_48(CD6,K6);

make_key(C7,D7,CD7);
permutation_48(CD7,K7);

make_key(C8,D8,CD8);
permutation_48(CD8,K8);

make_key(C9,D9,CD9);
permutation_48(CD9,K9);

make_key(C10,D10,CD10);
permutation_48(CD10,K10);

make_key(C11,D11,CD11);
permutation_48(CD11,K11);

Page | 72

make_key(C12,D12,CD12);
permutation_48(CD12,K12);

make_key(C13,D13,CD13);
permutation_48(CD13,K13);

make_key(C14,D14,CD14);
permutation_48(CD14,K14);

make_key(C15,D15,CD15);
permutation_48(CD15,K15);

make_key(C16,D16,CD16);
permutation_48(CD16,K16);

/*************** 16 Keys Generation Ends **************/

permutation_64(input_bin,L0,R0);

/************ 16 Rounds of Encryption *****************/

des_round(L1,R1,L0,R0,ER0,K1,F1);

/*printf("\n\nL1 : ");
for(i=0;i<32;i++)
printf("%c",L1[i]);
printf("\n\nR1 : ");
for(i=0;i<32;i++)

Page | 73

printf("%c",R1[i]);*/

des_round(L2,R2,L1,R1,ER1,K2,F2);
des_round(L3,R3,L2,R2,ER2,K3,F3);
des_round(L4,R4,L3,R3,ER3,K4,F4);
des_round(L5,R5,L4,R4,ER4,K5,F5);
des_round(L6,R6,L5,R5,ER5,K6,F6);
des_round(L7,R7,L6,R6,ER6,K7,F7);
des_round(L8,R8,L7,R7,ER7,K8,F8);
des_round(L9,R9,L8,R8,ER8,K9,F9);
des_round(L10,R10,L9,R9,ER9,K10,F10);
des_round(L11,R11,L10,R10,ER10,K11,F11);
des_round(L12,R12,L11,R11,ER11,K12,F12);
des_round(L13,R13,L12,R12,ER12,K13,F13);
des_round(L14,R14,L13,R13,ER13,K14,F14);
des_round(L15,R15,L14,R14,ER14,K15,F15);
des_round(L16,R16,L15,R15,ER15,K16,F16);

for(i=0;i<32;i++)
{
encrypted[i]=R16[i];
encrypted[i+32]=L16[i];
}
common_permutation(encrypted,encry_permut);
//encry_permut[64]='\0';
encryption=bin_to_hex(encry_permut);

Page | 74

for(i=0;i<16;i++)
{
encryption_final[++p]=*(encryption+i);
// encryption_final1[i]=*(encryption+i);
// printf("%c ",encryption_final[p]);
}

/****************** 16 Rounds of Decryption ****************/

des_round_decry(L16,R16,L15,R15,ER15,K16,F16);
des_round_decry(L15,R15,L14,R14,ER14,K15,F15);
des_round_decry(L14,R14,L13,R13,ER13,K14,F14);
des_round_decry(L13,R13,L12,R12,ER12,K13,F13);
des_round_decry(L12,R12,L11,R11,ER11,K12,F12);
des_round_decry(L11,R11,L10,R10,ER10,K11,F11);
des_round_decry(L10,R10,L9,R9,ER9,K10,F10);
des_round_decry(L9,R9,L8,R8,ER8,K9,F9);
des_round_decry(L8,R8,L7,R7,ER7,K8,F8);
des_round_decry(L7,R7,L6,R6,ER6,K7,F7);
des_round_decry(L6,R6,L5,R5,ER5,K6,F6);
des_round_decry(L5,R5,L4,R4,ER4,K5,F5);
des_round_decry(L4,R4,L3,R3,ER3,K4,F4);
des_round_decry(L3,R3,L2,R2,ER2,K3,F3);
des_round_decry(L2,R2,L1,R1,ER1,K2,F2);
des_round_decry(L1,R1,L0,R0,ER0,K1,F1);
for(i=0;i<32;i++)
{

Page | 75

decrypted[i]=L0[i];
decrypted[i+32]=R0[i];
}
common_permutation(decrypted,decry_permut);
//decry_permut[64]='\0';

decryption=bin_to_hex(decry_permut);
// printf("%s\n",decryption);

for(i=0;i<16;i++)
{
decryption_final_hex[++q]=*(decryption+i);
}
}

encryption_final[p+1]='\0';
printf("\n\n>Encrypted Output : ");
printf("%s",encryption_final);

decryption_final_hex[q+1]='\0';
printf("\n\n>Decrypted Output in Hexadecimal: ");
printf("%s",decryption_final_hex);

hex_to_plain(decryption_final_hex,decryption_final_plain,q+1);

printf("\n>Decrypted Output in Plain Text: ");


printf("%s\n",decryption_final_plain);
getch();

Page | 76

void hex_to_bin(char *input,char *in)


{
short i,j,k,lim=0;
for(i=0;i<16;i++)
{
for(j=0;j<16;j++)
{
if(*(input+i)==hex[j])
{
for(k=0;k<4;k++)
{
*(in+lim)=bin[j][k];
lim++;
}
}
}
}
}

char* bin_to_hex(char *bit)


{
char tmp[5],*out;
short lim=0,i,j;
out=(char*)malloc(16*sizeof(char));
for(i=0;i<64;i=i+4)
{

Page | 77

tmp[0]=bit[i];
tmp[1]=bit[i+1];
tmp[2]=bit[i+2];
tmp[3]=bit[i+3];
tmp[4]='\0';
for(j=0;j<16;j++)
{
if((strcmp(tmp,bin[j]))==0)
{
out[lim++]=hex[j];
break;
}
}
}
out[lim]='\0';
return out;
}

void hex_to_plain(char *in,char *out,int t)


{
int i,j=0,z,sum;
char temp[3];

for(i=0;i<t;i=i+2)
{
sum=0;
temp[0]=in[i];

Page | 78

if(temp[0]>=65 && temp[0]<=71)


z=switch_case(temp[0]);
else
z=temp[0]-48;
sum=sum+z*16;

temp[1]=in[i+1];
if(temp[1]>=65 && temp[1]<=71)
z=switch_case(temp[1]);
else
z=temp[1]-48;

sum=sum+z*1;
temp[2]='\0';

*(out+j)=sum;
j++;
}
*(out+j)='\0';

int switch_case(char a)
{
switch(a)
{
case 'A':
return(10);

Page | 79

break;

case 'B':
return(11);
break;

case 'C':
return(12);
break;

case 'D':
return(13);
break;

case 'E':
return(14);
break;

case 'F':
return(15);
break;

}
}

void permutation(char *key_bin,char *key_PC1)


{
short i,j,k=0,temp;

Page | 80

for(i=0;i<8;i++)
{
for(j=0;j<7;j++)
{
temp=PC1[i][j]-1;
*(key_PC1+k)=*(key_bin+temp);
k++;
}
}
}

void make_half(char *key_PC1,char *a,char *b)


{
int i,j=0;
for(i=0;i<56;i++)
{
if(i<28)
*(a+i)=*(key_PC1+i);
else
{
*(b+j)=*(key_PC1+i);
j++;
}
}
}

void single_shift(char *p,char *q)

Page | 81

{
int i;
*(q+27)=*(p+0);
for(i=0;i<27;i++)
*(q+i)=*(p+(i+1));
}

void double_shift(char *p,char *q)


{
int i;
*(q+26)=*(p+0);
*(q+27)=*(p+1);
for(i=0;i<26;i++)
*(q+i)=*(p+(i+2));
}

void make_key(char *a,char *b,char *c)


{
int i;
for(i=0;i<28;i++)
*(c+i)=*(a+i);
for(i=28;i<56;i++)
*(c+i)=*(b+(i-28));
}

void permutation_48(char *CD,char *K)


{
short i,j,m=0,temp;

Page | 82

for(i=0;i<8;i++)
{
for(j=0;j<6;j++)
{
temp=PC2[i][j]-1;
*(K+m)=*(CD+temp);
m++;
}
}
}

void permutation_64(char *in,char *L,char *R)


{
int i,j,m=0,temp;
for(i=0;i<4;i++)
{
for(j=0;j<8;j++)
{
temp=IP[i][j]-1;
*(L+m)=*(in+temp);
m++;
}
}
m=0;
for(i=4;i<8;i++)
{
for(j=0;j<8;j++)

Page | 83

{
temp=IP[i][j]-1;
*(R+m)=*(in+temp);
m++;
}
}
}

void des_round(char *L1,char *R1,char *L0,char *R0,char *ER0,char *K1,char *F1)


{
char t[3],tp[5],f[32];
int temp,i,row,column,j,limit=0;
copy(L1,R0);
permut_48(R0,ER0);
/*printf("\nER0 : ");
for(i=0;i<48;i++)
printf("%c",ER0[i]);*/

xor(K1,ER0,F1);

/*printf("\nF1 : ");
for(i=0;i<48;i++)
printf("%c",F1[i]);*/

for(i=0;i<48;i=i+6)
{
t[0]=F1[i];
t[1]=F1[i+5];

Page | 84

t[2]='\0';
for(j=0;j<4;j++)
{
if(strcmp(t,look_up[j])==0)
{
row=j;
/*printf("%d",row);*/
break;
}
}
tp[0]=F1[i+1];
tp[1]=F1[i+2];
tp[2]=F1[i+3];
tp[3]=F1[i+4];
tp[4]='\0';
for(j=0;j<16;j++)
{
if(strcmp(tp,bin[j])==0)
{
column=j;
break;
}
}
switch(i)
{
case 0:
temp=s1[row][column];
break;

Page | 85

case 6:
temp=s2[row][column];
break;
case 12:
temp=s3[row][column];
break;
case 18:
temp=s4[row][column];
break;
case 24:
temp=s5[row][column];
break;
case 30:
temp=s6[row][column];
break;
case 36:
temp=s7[row][column];
break;
case 42:
temp=s8[row][column];
break;
}
for(j=0;j<4;j++)
{
SB[limit]=bin[temp][j];
limit++;
}
}

Page | 86

SB[limit]='\0';
/*printf("\nSB : %s",SB); */
permutation_32(SB,f);
SB[0]='\0';
xor_32(L0,f,R1);
}
void des_round_decry(char *L1,char *R1,char *L0,char *R0,char *ER0,char *K1,char *F1)
{
char tp[5],f[32];
short temp,i,row,column,j,limit=0;
copy(L1,R0);
permut_48(R0,ER0);
xor(K1,ER0,F1);
for(i=0;i<48;i=i+6)
{
tp[0]=F1[i];
tp[1]=F1[i+5];
tp[2]='\0';
for(j=0;j<4;j++)
{
if(strcmp(tp,look_up[j])==0)
{
row=j;
break;
}
}
tp[0]=F1[i+1];
tp[1]=F1[i+2];

Page | 87

tp[2]=F1[i+3];
tp[3]=F1[i+4];
tp[4]='\0';
for(j=0;j<16;j++)
{
if(strcmp(tp,bin[j])==0)
{
column=j;
break;
}
}
switch(i)
{
case 0:
temp=s1[row][column];
break;
case 6:
temp=s2[row][column];
break;
case 12:
temp=s3[row][column];
break;
case 18:
temp=s4[row][column];
break;
case 24:
temp=s5[row][column];
break;

Page | 88

case 30:
temp=s6[row][column];
break;
case 36:
temp=s7[row][column];
break;
case 42:
temp=s8[row][column];
break;
}
for(j=0;j<4;j++)
{
SB[limit]=bin[temp][j];
limit++;
}
}
SB[limit]='\0';
permutation_32(SB,f);
SB[0]='\0';
xor_32(L0,f,R1);
}

void copy(char *L,char *R)


{
int i;
for(i=0;i<32;i++)
*(L+i)=*(R+i);
}

Page | 89

void permut_48(char *R,char *ER)


{
short i,j,m=0,temp;

for(i=0;i<8;i++)
{
for(j=0;j<6;j++)
{
temp=E_bit[i][j]-1;
*(ER+m)=*(R+temp);
m++;
}
}
}

void xor(char *K,char *ER,char *F)


{
int i,m=0;
for(i=0;i<48;i++)
{
if((*(K+i)=='1' && *(ER+i)=='1') || (*(K+i)=='0' && *(ER+i)=='0'))
{
*(F+m)='0';
m++;
}
else
{

Page | 90

*(F+m)='1';
m++;
}
}
}
void xor_32(char *L0,char *f,char *R1)
{
short i,m=0;
for(i=0;i<32;i++)
{
if((*(L0+i)=='1' && *(f+i)=='1') || (*(L0+i)=='0' && *(f+i)=='0'))
{
*(R1+m)='0';
m++;
}
else
{
*(R1+m)='1';
m++;
}
}
}
void permutation_32(char *SB1,char *f)
{
short i,j,m=0,temp;

for(i=0;i<8;i++)
{

Page | 91

for(j=0;j<4;j++)
{
temp=sb_permutation[i][j]-1;
*(f+m)=*(SB1+temp);
m++;
}
}
}

void common_permutation(char *in,char *out)


{
short i,j,temp,m=0;
for(i=0;i<8;i++)
{
for(j=0;j<8;j++)
{
temp=ip_inverse[i][j]-1;
out[m]=in[temp];
m++;
}
}
}

Output:
Enter a plain text: des
Key in hexadecimal used for encryption:133457799BBBCDFF1
Encrypted output:1C7442E5452BF94E
Decrypted output in hexadecimal:6465732020202020
Page | 92

Decrypted output in plaintext:des

ASSIGNMENT NO: 8
DIGITAL SIGNATURE
AND
MD5 HASH FUNCTION

Page | 93

Page | 94

Digital Signature
Application such as banking, stock trading, and the sale and purchase of merchandise are
increasingly emphasizing electronic transactions to minimize operational costs and provide
enhanced services. This has led to phenomenal increases in the amounts of electronic documents
that are generated, processed, and stored in computers and transmitted over networks.
This electronic information handled in these applications is valuable and sensitive and must be
protected against tampering by malicious third parties (who are neither the senders nor the
recipients of the information). Sometimes, there is a need to prevent the information or items
related to it (such as date/time it was created, sent, and received) from being tampered with by
the sender (originator) and/or the recipient. Traditionally, paper documents are validated and
certified by written signatures, which work fairly well as a means of providing authenticity. For
electronic documents, a similar mechanism is necessary. Digital signatures, which are nothing
but a string of ones and zeroes generated by using a digital signature algorithm, serve the
purpose of validation and authentication of electronic documents. Validation refers to the process
of certifying the contents of the document, while authentication refers to the process of certifying
the sender of the document. In this article, the terms document and message are used
interchangeably.

Conventional and digital signature characteristics


A conventional signature has the following salient characteristics: relative ease of
establishing that the signature is authentic, the difficulty of forging a signature, the nontransferability of the signature, the difficulty of altering the signature, and the non-repudiation of
signature to ensure that the signer cannot later deny signing. A digital signature should have all
the aforementioned features of a conventional signature plus a few more as digital signatures are
being used in practical, but sensitive, applications such as secure e-mail and credit card
transactions over the Internet. Since a digital signature is just a sequence of zeroes and ones, it is
desirable for it to have the following properties: the signature must be a bit pattern that depends
on the message being signed (thus, for the same originator, the digital signature is different for
different documents); the signature must use some information that is unique to the sender to
prevent both forgery and denial; it must be relatively easy to produce; it must be relatively easy
to recognize and verify the authenticity of digital signature; it must be computationally infeasible
to forge a digital signature either by constructing a new message for an existing digital signature
or constructing a fraudulent digital signature for a given message; and it must be practical to ret
copies of the digital signatures in storage for arbitrating possible disputes later. To verify that the
received document is indeed from the claimed sender and that the contents have not been altered,
several procedures, called authentication techniques, have been developed. However, message
authentication techniques cannot be directly used as digital signatures due to inadequacies of
authentication techniques. For example, although message authentication protects the two parties
exchanging messages from a third party, it does not protect the two parties against each other. In
addition, elementary authentication schemes produce signatures that are as long as the message
themselves.

Page | 95

Basic notions and terminology


Digital signatures are computed based on the documents (message/information) that need
to be signed and on some private information held only by the sender. In practice, instead of
using the whole message, a hash function is applied to the message
to obtain the message digest. A hash function, in this context, takes an arbitrary- sized message
as input and produces a fixed-size message digest as output. Among the commonly used hash
functions in practice are MD-5 (message digest 5) and SHA (secure hash algorithm). These
algorithms are fairly sophisticated and ensure that it is highly improbable for two different
messages to be mapped to the same hash value. There are two broad techniques used in digital
signature computationsymmetric key cryptosystem and public-key cryptosystem. In the
symmetric key system, a secret key known only to the sender and the legitimate receiver is used.
However, there must be a unique key between any two pairs of users. Thus, as the number of
user pairs increases, it becomes extremely difficult to generate, distribute, and keep track of the
secret keys.

A public key cryptosystem, on the other hand, uses a pair of keys: a private key, known only to
its owner, and a public key, known to everyone who wishes to communicate with the owner. For
confidentiality of the message to be sent to the owner, it would be encrypted with the owners
public key, which now could only be decrypted by the owner, the person with the corresponding
private key. For purposes of authentication, a message would be encrypted with the private key
of the originator or sender, who we will refer to as A. This message could be decrypted by
anyone using the public key of A. If this yields the proper message, then it is evident that the
message was indeed encrypted by the private key of A, and thus only A could have sent it.

Creating and verifying a digital signature


A simple generic scheme for creating and verifying a digital signature is shown in Figs. 1 and 2,
respectively. A hash function is applied to the message that yields a fixed-size message digest.
The signature function uses the message digest and the senders private key to generate the
digital signature. A very simple form of the digital signature is obtained by encrypting the
message digest using the senders private key. The message and the signature can now be sent to
the recipient. The message is unencrypted and can be read by anyone. However, the signature
ensures authenticity of the sender (something similar to a circular sent by a proper authority to be
Page | 96

read by many people, with the signature at testing to the authenticity of the message). At the
receiver, the inverse signature function is applied to the digital signature to recover the original
message digest. The received message is subjected to the same hash function to which the
original message was subjected. The resulting message digest is compared with the\ one\
recovered from the signature. If they match, then it ensures that the message has indeed been sent
by the (claimed) sender and that it has not been altered.

Creating and opening a digital envelope


A digital envelope is the equivalent of a sealed envelope containing an unsigned letter.
The outline of creating a digital envelope is shown in Fig. 3. The message is encrypted by the
sender using a randomly generated symmetric key. The symmetric key itself is encrypted using
the intended recipients public key. The combination of the encrypted message and the encrypted
symmetric key is the digital envelope. The process of opening the digital envelope and
recovering the contents is shown in Fig. 4. First, the encrypted symmetric key is recovered by a
decryption using the recipients private key. Subsequently, the encrypted message is decrypted
using the symmetric key.

Creating and opening digital envelopes carrying signed messages


The process of creating a digital envelope containing a signed message is shown in Fig.
5. A digital signature is created by the signature function using the message digest of the message
and the senders private key. The original message and the digital signature are then encrypted by
the sender using a randomly generated key and a symmetric- key algorithm. The symmetric key
itself is encrypted using the recipients public key. The combination of encrypted message and
signature, together with the encrypted symmetric key, form the digital envelope containing the
signed message. Figure 6 shows the process of opening a digital envelope, recovering the
message, and verifying the signature. First, the symmetric key is recovered using the recipients
private key. This is then used to decrypt and recover the message and the digital signature. The
digital signature is then verified as described earlier.

Page | 97

Direct and arbitrated digital signature


A variety of modes have been proposed for digital signatures that fall into two basic
categories: direct and arbitrated. The direct digital signature involves only the communicating
parties, sender and receiver. This is the simplest type of digital signature. It is assumed that the
recipient knows the public key of the sender. In a simple scheme, a digital signature may be
formed by encrypting the entire message or the hash code of the message with the senders
private key. Confidentiality can be provided by further encrypting the entire message plus
signature with either the receivers public key encryption or the shared secret key, which is
conventional encryption. A sender may later deny sending a particular message by claiming that
the private key was lost or stolen and that someone else forged his signature. One way to
overcome this is to include a time stamp with every message and requiring notification of loss of
key to the proper authority. In case of dispute, a trusted third party may view the message and its
signature to arbitrate the dispute. In the arbitrated signature scheme, there is a trusted third party
called the arbiter. Every signed message from a sender A to a receiver B goes first to an arbiter T,
who subjects the message and its signature to a number of tests to check its origin and content.
The message is then dated and sent to B with an indication that it has been verified to the
satisfaction of the arbiter. The presence of T solves the problem faced by direct signature
schemes, namely that A might deny sending a message. The arbiter plays a sensitive and crucial
role in this scheme, and all parties must trust that the arbitration mechanism is working properly.
There are many variations of arbitrated digital-signature schemes. Some schemes allow the
arbiter to see the messages, while others dont. The particular scheme employed depends on the
needs of the applications. Generally, an arbitrated digital-signature scheme has advantages over a
direct digital-signature scheme such as the trust in communications between the parties provided
by the trusted arbiter and in the arbitration of later disputes, if any

Page | 98

A public versus a private approach to digital signatures


Another way of classifying digital signature schemes is based on whether a private-key
system or a public-key system is used. The public-key system based digital signatures have
several advantages over the private-key system based digital signatures. The two most popular
and commonly used public-key system based digital signature schemes are the RSA (named after
Rivest, Shamir, and Aldeman, the inventors of the RSA public-key encryption scheme) and the
digital signature algorithm (DSA) approaches. The DSA is incorporated into the Digital
Signature Standard (DSS), which was published by the National Institute of Standards and
Technology as the Federal Information Processing Standard. It was first proposed in 1991,
revised in 1993, and further revised with minor changes in 1996. RSA is a commonly used
scheme for digital signatures. In a broad outline of the RSA approach, the message to be signed
is input to a hash function that produces a secure hash code of fixed length. This hash code is
then encrypted using the senders private key to form the signature. Both the signature and the
message are then concatenated and transmitted. The recipient takes the message and produces a
hash code. The recipient also decrypts the signature using the senders public key. If the
calculated hash code matches the decrypted signature, the signature is accepted as valid. This is
because only the sender knows the private key, and thus only the sender could have produced a
valid signature. The signature generation and verification using RSA is identical to the schemes
shown in Figs. 1 and 2, respectively. The signing process in DSS (using DSA) is shown in Fig. 7.
The DSA approach also makes use of a hash function. The hash code is provided as input to a
Page | 99

signature function together with a random number generated for this particular signature. The
signature function also uses the senders private key and a set of parameters known to a group of
communicating parties, referred to as global public key. The output signature consists of two
components. The signature verification process is shown in Fig. 8. At the receiving end, the hash
code of the incoming message is generated and input to a verification function, together with the
two components of the signature. The verification function uses the global public key as well as
senders public key and recreates (one of the two components of) the original digital signature.
A match between the recreated and the original signature indicates the authenticity of the
signature. The signature function is such that it assures the recipient that only the sender, with the
knowledge of the private key, could have produced the valid signature. The basis of the RSA
scheme is the difficulty of factoring of large prime numbers. That of the DSA scheme is the
difficulty of computing discrete logarithms. The DSA provides only the signature function where
as the RSA scheme could additionally provide encryption and key exchange. The signature
verification using the RSA scheme is about 100 times faster than a DSA scheme. The signature
generation is slightly faster in the DSA scheme.

Work is underway for several extensions of the basic digital signature scheme such as enabling
signatures by multiple parties (group digital signatures), signatures by a hierarchy of signatories,
and protocols for simultaneous signing of contracts electronically by two or more signatories,
separated by wide distances.

Digital signatures in real applications


Increasingly, digital signatures are being used in secure e-mail and credit card
transactions over the Internet. The two most common secure e-mail systems using digital
signatures are Pretty Good Privacy and Secure/Multipurpose Internet Mail Extension. Both of
these systems support the RSA as well as the DSS-based signatures. The most widely used
system for the credit card transactions over the Internet is Secure Electronic Transaction (SET).
It consists of a set of security protocols and formats to enable prior existing credit card payment
infrastructure to work on the Internet. The digital signature scheme used in SET is similar to the
RSA scheme.

Page | 100

MD5 HASH FUNCTION


Introduction
Data integrity assurance and data origin authentication are essential security services in financial
transactions, electronic commerce, electronic mail, software distribution, data storage and so on.
The broadest definition of authentication within computing systems encompasses identity
verification, message origin authentication and message content authentication. In IPSEC, the
technique of cryptographic hash functions is utilized to achieve these security services.

Hash Functions
Hash functions compress a string of arbitrary length to a string of fixed length. They provide a
unique relationship between the input and the hash value and hence replace the authenticity of a
large amount of information (message) by the authenticity of a much smaller hash value
(authenticator). In recent years
there has been an increased interest in developing a Message Authentication Code (MAC)
derived from a hash code. Among the many reasons behind this are that cryptographic hash
functions such as MD5 and SHA-1 generally execute faster in software than symmetric block
ciphers such as DES. The software for hash functions is widely available and there are no export
restrictions from the United States or other countries for cryptographic hash functions. Hence,
there are many applications of MD5, SHA-1 and other hash functions to generate MACs. The
method to implement the MAC for IP security has been chosen as hash-based MAC or HMAC,
which uses an existing hash function in conjunction with a secret key. The HMAC algorithm is
specified for an arbitrary FIPS-approved cryptographic hash function. With minor modification,
HMAC can easily replace one hash function with another

Message Digest 5 (MD5) Algorithm


Page | 101

MD5 is a message digest algorithm developed by Ron Rivest at MIT. It is basically a secure
version of his previous algorithm, MD4 which is a little faster than MD5. This has been the most
widely used secure hash algorithm particularly in Internet-standard message authentication. The
algorithm takes as input a message of arbitrary length and produces as output a 128-bit message
digest of the input. This is mainly intended for digital signature applications where a large file
must be compressed in a secure manner before being encrypted with a private (secret) key under
a public key cryptosystem.
Assume we have an arbitrarily large message as input and that we wish to find its message
digest. The processing involves the following steps.
(1) Padding
The message is padded to ensure that its length in bits plus 64 is divisible by 512. That is, its
length is congruent to 448 modulo 512. Padding is always performed even if the length of the
message is already congruent to 448 modulo 512. Padding consists of a single 1-bit followed by
the necessary number of 0-bits.
(2) Appending length
A 64-bit binary representation of the original length of the message is concatenated to the result
of step (1). (Least significant byte first). The expanded message at this level will exactly be a
multiple of 512-bits. Let the expanded message be represented as a sequence of L 512-bit blocks
Y0, Y1,..,Yq,..,YL-1 as shown in Figure 1. Note that in the figure, IV and CV represent initial value
and chaining variable respectively.

(3) Initialize the MD buffer


Page | 102

The variables IV and CV are represented by a fourword buffer (ABCD) used to compute the
message digest. Here each A, B, C, D is a 32-bit register and they are initialized as IV to the
following values in hexadecimal. Low-order bytes are put first.
Word A:
Word B:
Word C:
Word D:

01 23 45 67
89 AB CD EF
FE DC BA 98
76 54 32 10

(4) Process message in 16-word blocks


This is the heart of the algorithm, which includes four rounds of processing. It is represented
by HMD5 in Figure 1 and its logic is given in Figure 2. The four rounds have similar structure but
each uses different auxiliary functions F, G, H and I.

Where
and represent the logical OR, AND, XOR and NOT operations, respectively.
Each round consists of 16 steps and each step uses a 64-element table T [1 ... 64] constructed
from the sine function. Let T[i] denote the i-th element of the table, which is equal to the integer
part of 232 times abs(sin(i)), where i is in radians. Each round also takes as input the current 512bit block (Yq) and the 128-bit chaining variable (CV q). An array X of 32-bit words holds the
current 512-bit Yq. For the first round the words are used in their original order. The following
permutations of the words are defined for rounds 2 through 4:

Page | 103

(5) Output
After all L 512-bit blocks have been processed, the output from Lth stage is the 128-bit message
digest. Figure 3 shows the operations involved in a single step. The additions are modulo 2 32.
Four different circular shift amounts (s) are used
each round and are different from round to round. Each step is of the following form

Page | 104

Page | 105

ASSIGNMENT NO: 9
RSA ALGORITHM

Page | 106

RSA Algorithm
The RSA algorithm is named after Ron Rivest, Adi Shamir and Len Adleman, who invented it in
1977. The basic technique was first discovered in 1973 by Clifford Cocks of CESG (part of the
British GCHQ) but this was a secret until 1997. The patent taken out by RSA Labs has expired.
The RSA cryptosystem is the most widely-used public key cryptography algorithm in the world.
It can be used to encrypt a message without the need to exchange a secret key separately.
The RSA algorithm can be used for both public key encryption and digital signatures. Its security
is based on the difficulty of factoring large integers.
Party A can send an encrypted message to party B without any prior exchange of secret keys. A
just uses B's public key to encrypt the message and B decrypts it using the private key, which
only he knows. RSA can also be used to sign a message, so A can sign a message using their
private key and B can verify it using A's public key.

Key Generation Algorithm


This is the original algorithm.
1. Generate two large random primes, p and q, of approximately equal size such
that their product n = pq is of the required bit length, e.g. 1024 bits.
2. Compute n = pq and (phi) = (p-1)(q-1).
3. Choose an integer e, 1 < e < phi, such that gcd(e, phi) = 1.
4. Compute the secret exponent d, 1 < d < phi, such that ed 1 (mod phi).
5. The public key is (n, e) and the private key (d, p, q). Keep all the values d, p,
q and phi secret. [We prefer sometimes to write the private key as (n, d)
because you need the value of n when using d.]

n is known as the modulus.

e is known as the public exponent or encryption exponent or just the


exponent.

d is known as the secret exponent or decryption exponent.

Encryption
Sender A does the following:1. Obtains the recipient B's public key (n, e).

Page | 107

2. Represents the plaintext message as a positive integer m, 1 < m < n


3. Computes the ciphertext c = me mod n.
4. Sends the ciphertext c to B.

Page | 108

Decryption
Recipient B does the following:1. Uses his private key (n, d) to compute m = cd mod n.
2. Extracts the plaintext from the message representative m.

Digital signing
Sender A does the following:1. Creates a message digest of the information to be sent.
2. Represents this digest as an integer m between 1 and n-1.
3. Uses her private key (n, d) to compute the signature s = md mod n.
4. Sends this signature s to the recipient, B.

Signature verification
Recipient B does the following:1. Uses sender A's public key (n, e) to compute integer v = se mod n.
2. Extracts the message digest from this integer.
3. Independently computes the message digest of the information that has been
signed.
4. If both message digests are identical, the signature is valid.

Implementation of RSA Algorithm


#include< stdio.h>
#include< conio.h>
int phi,M,n,e,d,C,FLAG;
int check()
{
int i;
for(i=3;e%i==0 && phi%i==0;i+2)
Page | 109

{
FLAG = 1;
return;
}
FLAG = 0;
}
void encrypt()
{
int i;
C = 1;
for(i=0;i< e;i++)
C=C*M%n;
C = C%n;
printf("\n\tEncrypted keyword : %d",C);
}
void decrypt()
{
int i;
M = 1;
for(i=0;i< d;i++)
M=M*C%n;
M = M%n;
printf("\n\tDecrypted keyword : %d",M);
}
void main()
{
int p,q,s;
clrscr();
printf("Enter Two Relatively Prime Numbers\t: ");
scanf("%d%d",&p,&q);
n = p*q;
phi=(p-1)*(q-1);
printf("\n\tF(n)\t= %d",phi);
do
{
printf("\n\nEnter e\t: ");
scanf("%d",&e);
check();
}while(FLAG==1);
Page | 110

d = 1;
do
{
s = (d*e)%phi;
d++;
}while(s!=1);
d = d-1;
printf("\n\tPublic Key\t: {%d,%d}",e,n);
printf("\n\tPrivate Key\t: {%d,%d}",d,n);
printf("\n\nEnter The Plain Text\t: ");
scanf("%d",&M);
encrypt();
printf("\n\nEnter the Cipher text\t: ");
scanf("%d",&C);
decrypt();
getch();
}

Output:
Enter Two Relatively Prime Numbers : 7 17
F(n) = 96
Enter e : 5
Public Key : {5,119}
Private Key : {77,119}
Enter The Plain Text : 19
Encrypted keyword : 66
Enter the Cipher text : 66
Decrypted keyword : 19

Page | 111

ASSIGNMENT NO: 10
ENCRYPTION TOOL-ABACRE

Page | 112

Introduction
With Abacre File Encryptor you may encrypt any files or folders by using 39 advanced
encryption algorithms (CAST, Blowfish, Twofish, Rijndael and others). Files maybe encrypted
into either one single file either individually. It's also possible to compress files during
encryption so the resulting file size will be even smaller to hold on your disk or transfer via
Internet. The program has built-in Secure Password Generator suggesting strong and reliable
passwords. Using Text Pad you may encrypt any text and then copy/paste it into your favorite
email client (Outlook, Outlook Express, Lotus Notes), instant messenger (ICQ, MSN Messenger,
Yahoo Messenger, AOL Instant Messenger) or simply send the text as email using Send by Email
command. Anytime you may decrypt files and even use Show Riddle button in order to show the
question reminding the encryption password. With Wipe Files command you may permanently
remove files during several passes from your computer so it would not be possible to recover
these files using file recovery software. The program has rich set of command line parameters
therefore it might be easily used in any batch automation process. With Windows shell
integration you may anytime encrypt, decrypt or wipe by right-clicking on the files in Windows
Explorer. Optionally the program may reside in system tray and be called from the system tray
by one click of mouse. It's highly recommended for all types of users: home or business.

Page | 113

Page | 114