Is 2001 70107102
Is 2001 70107102
Is 2001 70107102
IS 2001 70107102
Information Security
(3170720)
B.E. Semester 7
(Computer
Engineering)
Enrolment No
Name
Branch
Academic Term
Institute Name
Certificate
7th from Computer Engineering Department of this Institute (GTU Code: 017) has
satisfactorily completed the Practical / Tutorial work for the subject Information Security
Place:
Date:
Preface
Main motto of any laboratory/practical/field work is for enhancing required skills as well as
creating ability amongst students to solve real time problem by developing relevant
competencies in psychomotor domain. By keeping in view, GTU has designed competency
focused outcome-based curriculum for engineering degree programs where sufficient
weightage is given to practical work. It shows importance of enhancement of skills amongst
the students and it pays attention to utilize every second of time allotted for practical amongst
students, instructors and faculty members to achieve relevant outcomes by performing the
experiments rather than having merely study type experiments. It is must for effective
implementation of competency focused outcome-based curriculum that every practical is
keenly designed to serve as a tool to develop and enhance relevant competency required by
the various industry among every student. These psychomotor skills are very difficult to
develop through traditional chalk and board content delivery method in the classroom.
Accordingly, this lab manual is designed to focus on the industry defined relevant outcomes,
rather than old practice of conducting practical to prove concept and theory.
By using this lab manual students can go through the relevant theory and procedure in
advance before the actual performance which creates an interest and students can have basic
idea prior to performance. This in turn enhances pre-determined outcomes amongst students.
Each experiment in this manual begins with competency, industry relevant skills, course
outcomes as well as practical outcomes (objectives). The students will also achieve safety and
necessary precautions to be taken while performing practical.
This manual also provides guidelines to faculty members to facilitate student centric lab
activities through each experiment by arranging and managing necessary resources in order
that the students follow the procedures with required safety and necessary precautions to
achieve the outcomes. It also gives an idea that how students will be assessed by providing
rubrics.
Information security is the subject that helps students to understand various aspects of data
security. It provides a way to know various kinds of breaches that happen with data and how
to eliminate them using various techniques. The student is also able to learn various
methodologies which used by current used by developers to achieve the security of
information.
DTE’s Vision
Institute’s Vision
Institute’s Mission
Department’s Vision
Department’s Mission
2. Case study: List 10 recent cyber attacks/data breaches and explain any one in detail.
1. Handle equipment with care: Students should handle equipment and peripherals with
care when working in the lab. This includes gently using the mouse and keyboard,
avoiding pulling or twisting network cables, and carefully handling any hardware
devices.
2. Avoid water and liquids: Students should avoid using wet hands or having fluids near the
computer equipment. This will help prevent damage to the devices and avoid any safety
hazards.
3. Shut down the PC properly: Students should shut down the computer properly at the end
of the lab session. This includes closing all programs and applications, saving any work,
and following the correct shutdown procedure for the operating system.
4. Obtain permission for laptops: If students wish to use their laptops in the lab, they
should first obtain permission from the Lab Faculty or Lab Assistant. They should
follow all lab rules and guidelines and ensure their laptop is configured correctly for the
lab environment.
Index
(Progressive Assessment Sheet)
Total
Experiment No: 1
Implement Caesar cipher encryption-decryption and perform
cryptanalysis using a brute-force approach.
Date:
Relevant CO: Explore the basic principles of the symmetric cryptography and techniques with their
strengths and weaknesses from perspective of cryptanalysis
Example:
Algorithm:
Program:
import java.util.Scanner;
public class Main {
public static void main(String[] args) {
Scanner scanner = new
Scanner(System.in);
System.out.println("Caesar Cipher Encryption and Decryption");
System.out.print("Enter the plaintext: ");
String plaintext = scanner.nextLine();
System.out.print("Enter the key (a number between 1 and 25): ");
int key = scanner.nextInt();
// Encryption
String ciphertext = encrypt(plaintext, key);
System.out.println("Encrypted text: " +
ciphertext);
// Decryption
String decryptedText = decrypt(ciphertext, key);
System.out.println("Decrypted text: " + decryptedText);
// Cryptanalysis (Brute Force)
System.out.println("Cryptanalysis (Brute Force):");
bruteForceCryptanalysis(ciphertext);
scanner.close();
}
// Encrypts the plaintext using the Caesar cipher
public static String encrypt(String plaintext, int key) {
StringBuilder encryptedText = new StringBuilder();
for (char c : plaintext.toCharArray()) {
if (Character.isLetter(c)) {
char base = Character.isLowerCase(c) ? 'a' : 'A';
encryptedText.append((char) (((c - base + key) % 26) + base));
} else {
encryptedText.append(c);
}
}
return encryptedText.toString();
}
// Decrypts the ciphertext using the Caesar cipher
public static String decrypt(String ciphertext, int key) {
return encrypt(ciphertext, 26 - key);
}
// Perform cryptanalysis using brute-force approach
public static void bruteForceCryptanalysis(String ciphertext) {
for (int key = 1; key <= 25; key++) {
System.out.println("Key " + key + ": " + decrypt(ciphertext, key));
}
}
Downloaded by pranav yadav ([email protected])
lOMoARcPSD|31013873
Output:
Conclusion:
In conclusion, this Java program provides a practical implementation of the Caesar cipher for both
encryption and decryption. It also demonstrates the vulnerability of the Caesar cipher to brute-force
cryptanalysis, emphasizing the importance of using more secure encryption methods for sensitive
data.
Quiz:
Symmetric Algorithm
Original: a l p h a b e t
Encrypted: d o s k d e h
w
Suggested Reference:
1. https://www.geeksforgeeks.org/caesar-cipher-in-cryptography/
Rubrics 1 2 3 4 5 Total
Marks
Experiment No: 2
2.1 Implement Playfair cipher encryption-decryption.
Date:
Relevant CO: Explore the basic principles of the symmetric cryptography and techniques with their
strengths and weaknesses from perspective of cryptanalysis
1. If both letters are the same (or only one letter is left), add an "X" after the first letter
2. If the letters appear on the same row of your table, replace them with the letters to
their immediate right respectively
3. If the letters appear on the same column of your table, replace them with the letters
immediately below respectively
If the letters are not on the same row or column, replace them with the letters on the same row
respectively but at the other pair of corners of the rectangle defined by the original pair.
Example:
Algorithm:
Program:
import java.util.ArrayList;
import java.util.List;
if (col == 5) {
col = 0;
row++;
}
}
}
return matrix;
}
private boolean contains(char[][] matrix, char c) {
for (int i = 0; i < 5; i++) {
for (int j = 0; j < 5; j++) {
if (matrix[i][j] == c) {
return true;
}
}
}
return false;
}
private String normalizePlainText(String text) {
String cleanedText = text.replaceAll("[^A-Z]", "").toUpperCase();
StringBuilder normalizedText = new StringBuilder(cleanedText);
for (int i = 1; i < normalizedText.length(); i += 2) {
if (normalizedText.charAt(i) == normalizedText.charAt(i - 1)) {
normalizedText.insert(i, 'X');
}
}
if (normalizedText.length() % 2 != 0) {
normalizedText.append('X');
}
return normalizedText.toString();
}
public String encrypt(String plaintext) {
StringBuilder ciphertext = new
StringBuilder();
String normalizedText = normalizePlainText(plaintext);
for (int i = 0; i < normalizedText.length(); i += 2) {
char a = normalizedText.charAt(i);
char b = normalizedText.charAt(i + 1);
int[] aPos = findPosition(a);
int[] bPos = findPosition(b);
if (aPos[0] == bPos[0]) { // Same row
ciphertext.append(keyMatrix[aPos[0]][(aPos[1] + 1) %
5]);
ciphertext.append(keyMatrix[bPos[0]][(bPos[1] + 1) % 5]);
} else if (aPos[1] == bPos[1]) { // Same column
ciphertext.append(keyMatrix[(aPos[0] + 1) % 5][aPos[1]]);
ciphertext.append(keyMatrix[(bPos[0] + 1) % 5][bPos[1]]);
ciphertext.append(keyMatrix[bPos[0]][aPos[1]]);
}
}
return ciphertext.toString();
}
public String decrypt(String ciphertext) {
StringBuilder plaintext = new StringBuilder();
for (int i = 0; i < ciphertext.length(); i += 2) {
char a = ciphertext.charAt(i);
char b = ciphertext.charAt(i + 1);
int[] aPos = findPosition(a);
int[] bPos = findPosition(b);
if (aPos[0] == bPos[0]) { // Same row plaintext.append(keyMatrix[aPos[0]]
[(aPos[1] + 4) % 5]);
plaintext.append(keyMatrix[bPos[0]][(bPos[1] + 4) % 5]);
} else if (aPos[1] == bPos[1]) { // Same column
plaintext.append(keyMatrix[(aPos[0] + 4) % 5][aPos[1]]);
plaintext.append(keyMatrix[(bPos[0] + 4) % 5][bPos[1]]);
} else { // Different row and column
plaintext.append(keyMatrix[aPos[0]][bPos[1]]);
plaintext.append(keyMatrix[bPos[0]][aPos[1]]);
}
}
return plaintext.toString();
}
private int[] findPosition(char c) {
int[] position = new int[2];
for (int i = 0; i < 5; i++) {
for (int j = 0; j < 5; j++)
{
if (keyMatrix[i][j] == c) {
position[0] = i;
position[1] = j;
return position;
}
}
}
return position;
}
public static void main(String[] args) {
PlayfairCipher cipher = new PlayfairCipher("KEYWORD");
String plaintext = "VGEC";
String encryptedText = cipher.encrypt(plaintext);
String decryptedText = cipher.decrypt(encryptedText);
Output:
Conclusion:
The Playfair cipher encryption algorithm is a historical cryptographic technique that offers a
moderate level of security for text-based communication. It is based on the use of a 5x5 key matrix,
which is generated from a keyword and used to encrypt plaintext by substituting letter pairs
(bigrams) with corresponding ciphertext pairs.
Quiz:
True
Suggested Reference:
1. https://www.geeksforgeeks.org/playfair-cipher-with-examples/
https://chat.openai.com/c/02d539c2-4d78-4c1f-9bdf-2aae31e0db84
https://www.javatpoint.com/playfair-cipher-program-in-java
Rubrics 1 2 3 4 5 Total
Marks
Experiment No: 2
2.2 Implement Hill cipher encryption-decryption.
Date:
Relevant CO: Explore the basic principles of the symmetric cryptography and techniques with their
strengths and weaknesses from perspective of cryptanalysis
Algorithm:
STEP-1: Read the plain text and key from the user.
STEP-2: Split the plain text into groups of length three.
STEP-3: Arrange the keyword in a 3*3 matrix.
STEP-4: Multiply the two matrices to obtain the cipher text of length three.
STEP-5: Combine all these groups to get the complete cipher text.
Program:
import java.util.Scanner;
}
Downloaded by pranav yadav ([email protected])
lOMoARcPSD|31013873
keyMatrix[0][0] = adj11;
keyMatrix[1][1] = adj22;
keyMatrix[0][1] *= -1;
keyMatrix[1][0] *= -1;
return decryptedText.toString();
}
public static String padPlaintext(String plaintext, int blockSize) {
int padding = blockSize - (plaintext.length() % blockSize);
if (padding != blockSize) {
for (int i = 0; i < padding; i++) {
plaintext += 'X';
}
}
return plaintext;
Output:
Conclusion:
Quiz:
Matrix algebra.
Suggested Reference:
1. https://crypto.interactive-maths.com/hill-cipher.html
https://www.javatpoint.com/hill-cipher-program-in-java
Rubrics 1 2 3 4 5 Total
Marks
Experiment No: 3
3.1 Implement Vigenere Cipher encryption-decryption.
Date:
Relevant CO: Explore the basic principles of the symmetric cryptography and techniques with their
strengths and weaknesses from perspective of cryptanalysis
Example:
Algorithm:
Program:
return plaintext.toString();
}
Output:
Conclusion:
The Vigenere Cipher is a classical encryption technique that employs a variable-length key to
encrypt and decrypt messages, adding an extra layer of security compared to simpler substitution
ciphers. This Java implementation provides a practical way to apply the Vigenere Cipher for secure
communication while handling non-alphabetic characters within the text
Quiz:
Encryption in Vigenere cipher is done using a repeating key to shift each character in the plaintext by a
corresponding amount, creating a more complex and secure form of substitution encryption.
Suggested Reference:
1. https://intellipaat.com/blog/vigenere-cipher/
https://www.geeksforgeeks.org/vigenere-cipher/
Rubrics 1 2 3 4 5 Total
Marks
Example:
Algorithm:
STEP-5: Read the characters row wise or column wise in the former order to get thecipher text.
Program:
int rail = 0;
int direction = 1; // 1 for down, -1 for up
for (char c : plaintext.toCharArray()) {
fence[rail].append(c);
if (rail == 0) {
direction = 1;
} else if (rail == rails - 1) {
direction = -1;
}
rail += direction;
}
StringBuilder ciphertext = new StringBuilder();
for (StringBuilder railString : fence) {
ciphertext.append(railString.toString());
}
return ciphertext.toString();
}
// Decrypts a ciphertext using the Rail Fence Transposition cipher
public static String decrypt(String ciphertext, int rails) {
StringBuilder[] fence = new StringBuilder[rails];
for (int i = 0; i < rails; i++) {
fence[i] = new
StringBuilder();
}
int rail = 0;
int direction = 1;
for (char c : ciphertext.toCharArray()) {
fence[rail].append('*'); // Placeholder
character if (rail == 0) {
direction = 1;
} else if (rail == rails - 1) {
direction = -1;
}
rail += direction;
}
int index = 0;
for (int i = 0; i < rails; i++) {
int length =
fence[i].length();
for (int j = 0; j < length; j++) {
fence[i].setCharAt(j, ciphertext.charAt(index++));
}
}
rail = 0;
direction = 1;
StringBuilder plaintext = new StringBuilder();
if (rail == 0) {
direction = 1;
return plaintext.toString();
}
Output:
Conclusion:
The Rail Fence Transposition cipher in Java provides a basic encryption and decryption mechanism,
useful for educational purposes but not suitable for secure data protection due to its vulnerability to
cryptographic attacks. For stronger security, modern encryption methods should be employed.
Quiz:
2. Rail fence cipher is more secure than one time pad cipher? True/False
False
Suggested Reference:
1. https://crypto.interactive-maths.com/rail-fence-cipher.html
Rubrics 1 2 3 4 5 Total
Marks