Kalpana Coaching Classess BE-SEM-VII-EXTC-DCE-Notes by Rohit Sinha Ph. Dadar-24330916 Thane-25440393 For Private Circulation Only Syllabus

Kalpana Coaching Classess BE-SEM-VII-EXTC-DCE-Notes by Rohit Sinha Ph. Da a!-"#$$%&'( Thane-")##%$&$ *o! p!i+ate ci!
c,lation only Syllabus Chapter 1: Data compression and encryption Need for data compression, lossy/lossless compression, compression ratio, run length encoding (RLE) for te t and image compression, relati!e encoding and its applications in facsimile data compression and telemetry, scalar "uanti#ation$ Chapter %: &tatistical methods &tatistical modeling of information source, coding redundancy, !aria'le si#e codes, prefi codes, &hannon()ano coding, *uffman coding, adapti!e *uffman coding, arithmetic coding and te t compression using ++, method$ Chapter -: Dictionary methods &tring compression, sliding .indo. compression, L/00, L/01 and L/2 algorithms and applications in te t compression, /ip and 3#ip, 4RC and cyclic redundancy code$ Chapter 5: 6mage compression Lossless techni"ues of image compression, gray codes, t.o dimensional image transforms, discrete cosine transform and its applications in lossy image compression, "uanti#ation, #ig(#ag coding se"uences, 7+E3 and 7+E3(L& compression standards, pulse code modulation and differential pulse code modulation methods of image compression, !ideo compression and ,+E3 industry standard$ Chapter 8: 4udio compression Digital audio, Lossy sound compression, ,(la. and 4(la. companding D+C, and 4D+C, audio compression, ,+E3 audio compression, fre"uency domain coding, format of compressed data$
Chapter 9: Con!entional encryption &ecurity of information, security attac:s, classical techni"ues, Caesar cipher, 'loc: cipher principle, design and modes of operation, &('o design, triple DE& .ith t.o three :eys, introduction to international data encryption algorithm$ Chapter 0: Num'er ;heory and pu'lic encryption ,odular arithmetic, )ermat<s and Euler<s theorems, Chinese remainder theorem, discrete logarithm, principles of pu'lic :ey cryptosystems, R&4 algorithm, :ey management, Diffie(*ellman :ey e change, elliptic cur!e cryptography$ Chapter 1: ,essage authentication 4uthentication re"uirements and functions, message authentication functions (,4C), hash functions and their security, hash and ,4C algorithms, digital signatures and authentication protocols, digital signature standard and algorithms$
Kalpana Coaching Classess BE-SEM-VII-EXTC-DCE-Notes by Rohit Sinha Ph. Da a!-"#$$%&'( Thane-")##%$&$ *o! p!i+ate ci!c,lation only C*4+;ER 1 C=N>EN;6=N4L ENCR?+;6=N
1.1
Cryptography and related terms
Cryptography: Cryptography is the practice of storing and communicating data in such a form that only .hom it is intended for can read and process it$ ;he 'asic purpose of cryptography is to protect the information from unauthori#ed indi!iduals .ho may e ploit it for their o.n 'enefit and cause loss to the organi#ation$ 6n cryptography .e encode the data to 'e transmitted into an unreada'le format using certain algorithms so that it cannot 'e used and modified to produce unauthori#ed effects$ +ractical goal of cryptography +ractically most of the cryptographic algorithms can 'e 'ro:en do.n if the attac:er has enough time and resources$ ;herefore the more realistic goal of cryptography is to ma:e o'taining the information .or: intensi!e for the attac:er$ 6n other .ords the encryption algorithm should 'e strong enough that the time and resources lost 'y the attac:er .hile decoding the code and trac:ing the algorithm should 'e more than actual !alue of information$ ;he encryption algorithm is considered secure e!en if the time ta:en 'y the attac:er to 'rea: the code and o'tain the information e ceeds the useful lifetime of the information$ )ollo.ing figure sho.s the 'asic encryption procedure:
;he sender generates the message containing the information to 'e communicated$ ;his message is in plain te t and therefore cannot 'e transmitted on an insecure channel$ *ence this message is encrypted using the encryption algorithm to generate cipher te t$ 4 secret :ey is used 'y the encryption algorithm to generate cipher te t .hich is :no.n only to the sender and the intended recei!er$ ;his cipher te t can 'e interpreted only 'y those indi!iduals .hose :no. ho. it .as encrypted i$e$ .ho ha!e the decryption algorithm and the secret :ey$ ;he intended recei!ers decrypt the message 'y running the decryption algorithm and o'tain the reada'le copy of the message$ Plain text: original message to 'e transmitted$ Cipher text: encrypted message$ Cipher: algorithm used to con!ert plain te t to cipher te t$ Key: secret data used sender and the recei!er for encryption and decryption purposes$ Cryptography: study of encryption and decryption techni"ues$ Cryptanalysis: practice of decoding the encrypted message .ithout the :no.ledge of the :ey$ Cryptology: study of 'oth cryptography and cryptanalysis$
Kalpana Coaching Classess BE-SEM-VII-EXTC-DCE-Notes by Rohit Sinha Ph. Da a!-"#$$%&'( Thane-")##%$&$ *o! p!i+ate ci!c,lation only Encipher: to encrypt Decipher: to decrypt 1.2 In ormation security ;here are three aspects of information security &ecurity ser!ice &ecurity mechanism &ecurity attac:
Security ser!ice: ;he security ser!ice is something that enhances the security of data processing systems and information transfers of an organi#ation$ 6t is used to counter security attac:s and it uses many security mechanisms to do so$ ;he security standards defined 'y 6;@ A$1BB are: 1$ 4uthentication: 4uthentication refers to the authenticity of the contents of the messages 'eing e changed as .ell as that of the communicating entities$ %$ 4ccess control: 4ccess control is the a'ility to limit and control the access to host systems and applications !ia communication lin:s$ ;o achie!e this control, each entity trying to gain access must first 'e identified, or authenticated, so that access rights can 'e pro!ided to the indi!idual$ -$ Data confidentiality: ;he contents of the message 'eing transferred across the insecure medium should 'e reada'le to only those .hom it is intended for and to no other entity$ 5$ Data integrity: ;he contents of the message should not get modified during transit and e!en if the message is modified, it should 'e detected at the recei!ing end$ 8$ Non repudiation: Repudiation disputes arise .hen one entity denies sending or recei!ing any message$ ;he security mechanism should pro!ide means to resol!e such disputes$ Security mechanism: 4 security mechanism is a mechanism designed to detect, pre!ent and reco!er from a security attac:$ No single mechanism supports all the functions re"uired to pro!ide complete security and therefore many mechanisms .or: together$ Security attac": 4 security attac: is any action .hich compromises the security of information of an organi#ation$ 6t is an assault on the system deri!ed from a threat$
Kalpana Coaching Classess BE-SEM-VII-EXTC-DCE-Notes by Rohit Sinha Ph. Da a!-"#$$%&'( Thane-")##%$&$ *o! p!i+ate ci!c,lation only )ollo.ing figures sho.s different types of security attac:s:
&ecurity threat: 4 threat is potential for !iolation of security .hich e ists .hen there is a circumstance, capa'ility, action or e!ent that could 'reach security$ 6n simple .ords a threat is the !ulnera'ility of the system .hich may 'e e ploited 'y an attac:er$ ;.o types of security attac:s: +assi!e attac:s 4cti!e attac:s +assi!e attac:s: 6n a passi!e attac: the attac: monitors the transmissions to o'tain message content or monitors traffic flo.s, 'ut does not modify the message$ 4cti!e attac:s: 6n an acti!e attac: the attac:er ac"uires the message and modifies the contents of the message to o'tain unauthori#ed effects$ ;ypes of acti!e attac:s( #odi ication o messages in transit: 6n such type of a part of the message is altered or the message is delayed to produce an unauthori#ed effect$ #as$uerade: 6n mas"uerade one entity pretends to 'e another entity to produce an unauthori#ed effect$ %eplay: 6n replay attac: a message se"uence is captured and then retransmitted to produce an unauthori#ed effect$ Denial o ser!ice: Denial of ser!ice attac: pre!ents or inhi'its the normal use and management of communication facilities$
Kalpana Coaching Classess BE-SEM-VII-EXTC-DCE-Notes by Rohit Sinha Ph. Da a!-"#$$%&'( Thane-")##%$&$ *o! p!i+ate ci!c,lation only 1.& Classi ications o cryptographic systems
1) Classification 'ased on type of operations used for transforming plain te t into cipher te t: Substitution cipher: 6n su'stitution cipher each element in the plain te t is mapped into (replaced 'y) another element to generate the cipher te t$ 'ransposition cipher: 6n transposition cipher the elements of the plain te t are rearranged to generate the cipher te t$ Product systems: +roduct systems in!ol!e multiple stages of su'stitution and transposition$ %) Classification 'ased on num'er of :eys used: Symmetric( single "ey( secret "ey or con!entional encryption: 6n this encryption method 'oth the sender and the recei!er use the same single :ey$ ;he :ey is used for 'oth encryption and decryption purposes$ )symmetric( t*o "ey or public "ey encryption: 6n pu'lic :ey encryption the sender and the recei!er use different :eys$ -) Classification on the 'asis of manner in .hich plain te t is processed: +loc" cipher: 4 'loc: cipher processes the input one 'loc: at a time producing an output 'loc: for each input 'loc:$ Stream cipher: &tream cipher processes the input elements continuously producing an output one element at a time as it goes along$ 1., Symmetric cipher
6n symmetric cipher encryption or secret :ey encryption the sender and the recei!er share a secret :ey 'et.een them and all the messages are encrypted and decrypted using the same secret :ey$ )ollo.ing figure sho.s the symmetric encryption process:
*ere a source produces a plain te t message of the form: + C DA1, A%, $$$ , AmE 2here A1, A%, F are characters$ 4 secret :ey is generated 'y the sender .hich is deli!ered to the recei!er securely$ ;he plain te t is encrypted using this secret :ey to generate the cipher te t as: C C EG (+) 2here E is the encryption algorithm$ ;he recei!er decrypts the cipher te t using the same :ey to o'tain the plain te t as: + C DG (C) 2here D is the decryption algorithm$ Re"uirements of symmetric encryption:
Kalpana Coaching Classess BE-SEM-VII-EXTC-DCE-Notes by Rohit Sinha Ph. Da a!-"#$$%&'( Thane-")##%$&$ *o! p!i+ate ci!c,lation only
1$ ;he encryption algorithm should 'e unconditionally secure i$e$ the it should 'e strong enough that the attac:er should not 'e a'le to decrypt the cipher te t or disco!er the :ey e!en if he possesses cipher te t copies along .ith corresponding plain te t copies$ %$ &ender and recei!er should o'tain the copies of secret :ey in a secure fashion and must :eep the :ey secure$ -$ ;he algorithm should 'e computationally secure i$e$ : ( ;he cost of 'rea:ing the cipher e ceeds the !alue of the message$ ( ;he time re"uired for 'rea:ing the cipher should e ceed the useful lifetime of the message$ Dra.'ac:s of symmetric encryption: ( ;here is no method .hich is completely secure for deli!ering the secret :ey and if the attac:er o'tains a copy of the secret :ey then all the communication of the organi#ation .ill 'e compromised$ ( ;his method does not pro!ide any mechanism for authentication of the communicating parties in!ol!ed and therefore is !ulnera'le to mas"uerade attac:s$ 1..iestel cipher
)iestel cipher is a product cipher and uses t.o 'asic ciphers in se"uence in such a .ay that their result is cryptographically stronger$ ;his method uses a cipher that alternates su'stitution and permutation$ +rinciple of operation: )iestel cipher .or:s on the principle of confusion of diffusion and confusion$ Di usion: 6n diffusion, the statistical nature of plain te t is dissipated into long range statistics of cipher te t$ ;his is done 'y ma:ing each 'it of the plain te t affect many 'its of cipher te t$ ;he purpose of diffusion is to ma:e the statistical relationship 'et.een the plain te t and the cipher te t as comple as possi'le to pre!ent the attac:er from deducing the :ey$ Con usion: 6n confusion, the relationship 'et.een statistics of the cipher te t and the encryption :ey is made as comple as possi'le using a comple su'stitution algorithm$ ;his is done so that e!en if the attac:er has understood the statistics of the cipher te t he .ill not 'e a'le to disco!er the :ey due to comple relationship 'et.een the :ey and the cipher te t$ 4lgorithm: ;he inputs to the encryption algorithm are: a plain te t 'loc: of si#e %. 'its and a :ey ha!ing many su':eys G C HG1, G%,F, GnI$ ;he plain te t 'loc: is di!ided into t.o hal!es each of length . 'its denoted 'y RB for . rightmost 'its and LB for . leftmost 'its$ ;hese t.o hal!es pass through n rounds of processing and are then com'ined to produce the cipher te t 'loc:$ Each round i has inputs Li(1 and Ri(1 deri!ed from pre!ious round and a :ey Gi deri!ed from G$
Li is su'Jected to su'stitution 'y first applying a round function on Ri(1 and e (oring the result .ith Li(1$ ;he round function has same structure for each round 'ut is parameteri#ed 'y the round :ey Gi$ )ollo.ing this su'stitution, a permutation is performed that consists of interchange of the t.o hal!es of data$ )ollo.ing fig$ sho.s the )iestel cipher algorithm:
Design principles: 1. +loc" si/e: 6ncreasing the 'loc: si#e increases comple ity and thus impro!es security$ Kut it slo.s the cipher$ ;ypically 'loc: si#e is 95 'its 2. Key si/e: 6ncreasing the :ey si#e impro!es security 'ut slo.s the cipher$ ;ypically :ey si#e is 1%1 'its$ &. %ound unction: Comple functions impro!e security 'ut slo. the cipher$ ,. 0umber o rounds: 6ncreasing the num'er of rounds impro!es comple ity 'ut slo.s do.n the cipher$ ;ypically 19 rounds are used$ -. Complexity o sub"ey generation: Comple ity of su':ey generation impro!es security and ma:es the analysis harder$
Kalpana Coaching Classess BE-SEM-VII-EXTC-DCE-Notes by Rohit Sinha Ph. Da a!-"#$$%&'( Thane-")##%$&$ *o! p!i+ate ci!c,lation only Data encryption standard (DE&) DE& is an encryption techni"ue .hich encrypts the data in 95 'it 'loc:s using 89 'it :eys$ )ollo.ing fig$ sho.s the encryption procedure used 'y DE&:
;he inputs to the encryption function are a 95 'it 'loc: of plain te t and a 89 'it :ey$ 4lthough the actual si#e of the :ey is 95 'its, only 89 'its are used and the remaining 1 'its are ar'itrary$ )ollo.ing processes are in!ol!ed in encryption of a 'loc: of plain te t data using DE&: 1$ 6nitial permutation %$ 19 rounds of comple :ey dependent round function in!ol!ing su'stitution and permutation functions$ -$ -% 'it s.ap 5$ +ermutation .hich is in!erse of the initial permutation$
6nitial permutation: ;he initial permutation is defined 'y the follo.ing ta'le:
;he ta'le has to 'e interpreted in the follo.ing .ay: ( ;he input to the ta'le consists of 95 'its num'ered from 1 to 95$
Kalpana Coaching Classess BE-SEM-VII-EXTC-DCE-Notes by Rohit Sinha Ph. Da a!-"#$$%&'( Thane-")##%$&$ *o! p!i+ate ci!c,lation only ( (
;he 95 entries in the permutation ta'le contain a permutation of the num'ers from 1 to 95$ Each entry in the permutation ta'le indicates the position of a num'ered input 'it in the output, .hich also consists of 95 'its$
6n!erse initial permutation: ;he in!erse initial permutation is defined 'y the follo.ing ta'le:
&ingle round details: )ollo.ing figure sho.s the details of a single round in!ol!ed in data processing:
( (
4 95 'it intermediate !alue is the input to e!ery round$ ;his !alue is di!ided into t.o data 'loc:s each of length -% 'its$ ;he right hand side 'loc: Ri11 is su'Jected to an e pansion/permutation 'loc: .hich con!erts -% 'it 'loc: of data into a 51 'it 'loc:$ ;he e pansion is done according to the follo.ing ta'le:
Kalpana Coaching Classess BE-SEM-VII-EXTC-DCE-Notes by Rohit Sinha Ph. Da a!-"#$$%&'( Thane-")##%$&$ *o! p!i+ate ci!c,lation only -% 'it 'loc: of data is e panded into a 51 'it 'loc: 'y repeating some of the 'its from the original 'loc:$ ;he repetition of 'its is as gi!en in the a'o!e ta'le$ 4fter e pansion the 51 'it data 'loc: is e (ored .ith the 51 'it :ey$ ;he 51 'it e (or output 'loc: is then mapped into -% 'it 'loc: 'y a su'stitution function in!ol!ing eight s('o es$ )ollo.ing figure sho.s s('o design:
10
( (
Each s('o ta:es 9 'its of data as input and maps it into 5 'it data$ s('o design: )ollo.ing figure sho.s the design of an s('o : &1
,apping 9 'its data into 5('its: Consider the 9 'it input as 11B1B1
5 'it num'er C 'inary e"ui!alent of - C BB11 i$ ;he % 'it num'er formed 'y the first and last 'its gi!es the ro. num'er to 'e referred in the ta'le$ ii$ ;he remaining 5 'its gi!e the column num'er$ iii$ ;he num'er at the corresponding ro. and column .hen con!erted into 5 'it 'inary e"ui!alent is the 5 'it mapped output$ ( ;he output of s('o is then su'Jected to a permutation 'loc: .hich rearranges the 'its in order to increase the comple ity of the encryption$ )ollo.ing ta'le defines the permutation operation:
( (
;he permuted output is then e (ored .ith the left hand side input to the round: L i11 to generate the right hand side output 'loc: Ri$ ;he input 'loc: Ri11 is the left hand side output of the round i$e$ Li C Ri11$
Gey generation in DE&: DE& uses a 95 'it :ey as input$ =ut of the 95 'its e!ery 1 th 'it is ignored and only 89 'its are used as gi!en 'y the follo.ing ta'le:
11
;he resultant 89 'it :ey is then su'Jected to a permutation defined 'y the follo.ing permutation choice (1 ta'le:
;he permuted 89 'it :ey is then di!ided into t.o hal!es Co and Do each of si#e %1 'its$ 4t each round Ci11 and Di11 are su'Jected to a circular left shift gi!en 'y the follo.ing ta'le:
;he shifted !alues ser!e as input to the ne t round$ ;hey also ser!e as input to the permuted choice(% ta'le .hich produces the 51 'it :ey for the round function$ +C(% ta'le:
DE& decryption: DE& uses the same algorithm for decryption of the message e cept that the order of application of the :eys is re!ersed$ ;riple DE&: DE& is !ulnera'le to 'rute force attac:s and therefore using DE& for encryption does not ensure complete security$ *ence to impro!e the security of encryption, the plain te t is encrypted multiple times using same DE& algorithm 'ut .ith different :eys$ 6n triple DE& the plain te t is encrypted 'y su'Jecting it to DE& algorithm thrice$
Kalpana Coaching Classess BE-SEM-VII-EXTC-DCE-Notes by Rohit Sinha Ph. Da a!-"#$$%&'( Thane-")##%$&$ *o! p!i+ate ci!c,lation only ;riple DE& using t.o :eys:
12
C C EG1 DDG% HEG1 (+)IE + C DG1 DEG% HEG1 (C)IE ;riple DE& using three :eys:
C C EG- DDG% (EG1 (+))E + C DG- DEG% (DG1(C))E Kloc: cipher principles: 1$ Electronic code'oo: mode:
6n electronic code'oo: (ECK) mode the plain te t is encrypted in 95 'it 'loc:s using the same encryption :ey G$ ;he plain te t message is di!ided into 95 'it 'loc:s and if the si#e of any 'loc: is less than 95 'its then 'its are padded$ Each 95 'it 'loc: is encrypted independent of other 'loc:s$ *ence each 'loc: .ill result in a uni"ue cipher te t 'loc: and therefore the code'oo: is used$ ;his method is useful for small 'loc:s of data$
Kalpana Coaching Classess BE-SEM-VII-EXTC-DCE-Notes by Rohit Sinha Ph. Da a!-"#$$%&'( Thane-")##%$&$ *o! p!i+ate ci!c,lation only ;he dra.'ac: of this method is that if the attac:er disco!ers the encryption algorithm and the :ey entire data 'ecomes !isi'le to him$ %$ Cipher 'loc: chaining mode:
13
( ( (
6n CKC mode the cipher te t output of the pre!ious round is e (ored .ith the current plain te t 'loc: and the e (or output is su'Jected to the encryption 'loc:$ )or the first 'loc: of data no pre!ious cipher te t 'loc: is :no.n and therefore an initial !alue is used to e (or it .ith the plain te t 'loc:$ ;he ad!antage of this method is that e!en if an attac:er finds out the encryption :ey and the encryption algorithm, he .ill not 'e a'le to decrypt the cipher te t 'loc: unless the pre!ious cipher te t 'loc:s are :no.n to him$ 4nother ad!antage of this method is that same 'loc:s of cipher te t .ill produce different 'loc:s of cipher te t and therefore the structural analysis of data is not possi'le$
Kalpana Coaching Classess BE-SEM-VII-EXTC-DCE-Notes by Rohit Sinha Ph. Da a!-"#$$%&'( Thane-")##%$&$ *o! p!i+ate ci!c,lation only -$ Cipher feed'ac: mode:
14
( (
C)K mode con!erts a 'loc: cipher into stream cipher 'y padding .ith appropriate num'er of 'its$ ;his mode is suita'le for real time applications .here s 'its of stream data are to 'e transmitted immediately$
5$ =utput feed'ac: mode:
15
8$ Counter mode:
16
;he ad!antage of this method is that e!en if the attac:er :no.s the encryption algorithm and the secret :ey, he .ill not 'e a'le to decrypt the cipher te t until he :no.s the cipher te t$
Gey management in symmetric encryption:
17
6n this method the :ey distri'ution center .hich is a highly trusted organi#ation generates the secret :eys to 'e used 'y t.o communicating entities$ )ollo.ing steps ta:e place for :ey distri'ution: 1$ ;he initiator 4 has to esta'lish a data transfer session .ith K$ *ence 4 sends a re"uest message to GDC$ 4long .ith the re"uest message a nonce N1 is added .hich can 'e a time stamp or any counter num'er depending on the application$ %$ GDC responds 'y a message encrypted using the secret :ey shared 'et.een GDC and 4 and another message encrypted using the secret :ey shared 'et.een GDC and K$ ;he first message contains a secret :ey Gs to 'e used for communication message along .ith a copy of the re"uest message sent 'y 4 so that 4 can !erify that the message did not get modified during transit$ ;he other message contains the secret :ey Gs along .ith identity of 4 and it is encrypted using the :ey shared 'et.een GDC and K so that once K recei!es this message it trusts the :ey source$ -$ 4 e tracts the second part of the message and sends it to K$ 5$ K deri!es the :ey and sends an encrypted nonce to 4$ 8$ 4 decrypts the nonce N% and sends it to K so that the identity of 4 is authenticated to K$
Kalpana Coaching Classess BE-SEM-VII-EXTC-DCE-Notes by Rohit Sinha Ph. Da a!-"#$$%&'( Thane-")##%$&$ *o! p!i+ate ci!c,lation only C*4+;ER % 2.1 0umber theory N@,KER ;*E=R? 4ND +@KL6C GE? ENCR?+;6=N
18
,odular arithmetic: ,odulus operator: Consider a positi!e integer Ln< and any other integer La<$ 2hen a is di!ided 'y n .e get remainder Lr< and "uotient L"< such that: a C n" M r 2hen the remainder is re"uired and the "uotient is not of much significance, then the operation can 'e represented using modulus operator as: a mod n C r a mod n operation gi!es the remainder .hen a is di!ided 'y n$ )or e ample: 0 mod 8 C % 11 mod 0 C 5 Congruent modulo integers: ;.o integers a and ' are said to 'e congruent modulo n if: a mod n C ' mod n and it is represented as: )or e ample: 10 1- mod 5 -8 8% mod 10 of modular arithmetic: a mod n M ' mod n C (a M ') mod n a mod n ( ' mod n C (a ( ') mod n a mod n ' mod n C (a ') mod n
Rules 1$ %$ -$
Relati!ely prime num'ers: ;.o num'ers are said to 'e relati!ely prime to each other if there is no factor common 'et.een them other than 1 i$e$ if their 3$C$D is 1$ ;hus a and ' are relati!ely prime to each other if gcd (a,') C 1 4ny prime num'er is relati!ely prime to all num'ers other than 1 and its multiples$ )or e ample: %8 and -- are relati!ely prime to each other$ 0 and %1 are not relati!ely prime to each other$ Euler<s totient function: )or any natural num'er n the Euler<s totient function (n) is defined as the total num'er of natural num'ers less than n and relati!ely prime to n$ )or e ample let n C 18 ;he set of natural num'ers less than 18 and relati!ely prime to 18 is: H1, %, 5, 0, 1, 11, 1-, 15I (18) is num'er of elements in this set i$e$ 1 *ence (18) C 1 )or any prime num'er n, all the num'ers less than n are relati!ely prime to n$ *ence for any prime num'er n, (n) C n N 1
19
)ermat<s theorem: )ermat<s theorem states that if Lp< is a prime num'er and La< is a positi!e integer not di!isi'le 'y p, then: +roof: 6f p is a prime num'er and a is a positi!e integer not di!isi'le 'y p, then according to modular arithmetic the set of num'ers: H B mod p, a mod p, %a mod p, $$$$$$ ,(p(1)a mod p I is identical to set H B, 1, %, $$$$$$ , p(1 I$ &ince B mod p C B the first element of the t.o sets are e"ual$ No. multiplying the remaining elements of the t.o sets and ta:ing modulus .e get: D(1a mod p)(%a mod p)$$$$$((p(1)a mod p)E mod p C (1%-$$$$$$$(p(1)) mod p @sing product rule on R*&: (a%a$$$$$(p(1)a) mod p C (1%-$$$$$$$(p(1)) mod p ap(1(p(1)O mod p C (p(1)O mod p Canceling (p(1)O on 'oth sides: ap(1 mod p C 1 mod p or ap(1 1 mod p Euler<s theorem: Euler<s theorem states that for e!ery a and n that are relati!ely prime:
2.2
Principles o public "ey cryptographic systems
Dra.'ac:s of single :ey encryption: &ingle :ey encryption uses one :ey shared 'y 'oth the sender and the recei!er$ 6f this :ey is disclosed, all communication 'et.een the sender and the recei!er 'ecomes transparent to the attac:er$ ;his is symmetric system and therefore it does not pre!ent the parties from forging a message and claiming it to 'e sent 'y the other party$ +u'lic :ey encryption: +u'lic :ey encryption is 'ased on using different :eys for encryption and decryption purposes$ 6n pu'lic :ey encryption each communicating party generates a pair of :eys$ =ne of the :eys is pu'licly a!aila'le and is therefore called the pu'lic :ey G@$ ;he other :ey is :no.n only to the respecti!e party and therefore called as pri!ate :ey GR$ ;he :eys are generated in such a .ay that a message encrypted using the pu'lic :ey can 'e decrypted using the pri!ate :ey only .hile a message encrypted using the pu'lic :ey can 'e decrypted using the pri!ate :ey only$ +u'lic :ey encryption can 'e used for authentication and confidentiality 'oth and it also eliminates the need for a secure medium for distri'ution of secure :eys$ &teps in!ol!ed in pu'lic :ey encryption: 1$ Each communicating entity generates a pair of :eys to 'e used for encryption and decryption of messages$ %$ =ne of the :eys is :ept secret and is :no.n only to the user$ ;his :ey is the pri!ate :ey$ -$ ;he other :ey is placed in the pu'lic register and is accessi'le to e!ery one$ ;his :ey is the pu'lic :ey$
Kalpana Coaching Classess BE-SEM-VII-EXTC-DCE-Notes by Rohit Sinha Ph. Da a!-"#$$%&'( Thane-")##%$&$ *o! p!i+ate ci!c,lation only 5$ Geys are used for encryption and decryption depending on the application$
20
Data confidentiality using pu'lic :ey encryption: Confidentiality refers to the security of the information .hile it is transmitted through an insecure channel$ No other entity e cept the intended recei!er should 'e a'le to !ie. the message$ )ollo.ing figure sho.s ho. data confidentiality is o'tained using pu'lic :ey encryption:
4 source 4 produces messages in plain te t + C D+ 1, +%, $$$$$$E .here the elements +1, +%, +-, $$$$$$ are letters in some finite alpha'et$ ;he recei!er of the message K generates a pair of :ey i$e$ a pri!ate :ey GRK :no.n only to K and a pu'lic :ey G@K :no.n to e!eryone including 4$ )or confidentiality the recei!er<s pu'lic :ey is used for encryption$ 4 message encrypted using the recei!er<s pu'lic :ey can 'e decrypted using the recei!er<s pri!ate :ey only$ &ince the pri!ate :ey is :no.n to no one else, the message .ill 'e secure from e!eryone and confidentiality .ill 'e achie!ed$ ;herefore 4 encrypts the plain te t message using the recei!er<s pu'lic :ey G@K and the cipher te t of the form C C DC1, C%, $$$$$$E$ C C EG@KD+E @pon reception K decrypts this message using the pri!ate :ey and generates the plain te t message as: + C DGRKDCE ( ;his method ensures confidentiality 'ut not authentication as anyone ha!ing the pu'lic :ey of K can forge a message mas"uerading as 4$ 4uthentication using pu'lic :ey encryption: 4uthentication refers to the genuineness of the communicating entities$ )or e ample if 4 and K are communicating, 'oth 4 and K should 'e a.are of each other<s identities$ 4uthentication can 'e implemented using pu'lic :ey encryption in the follo.ing manner:
*ere the sender 4 generates a plain te t message + and encrypts this message using his pri!ate :ey GR4 to generate the cipher te t C as: C C EGR4DAE &ince this message is encrypted using the pri!ate :ey of the sender, it can 'e decrypted only using the pu'lic :ey of the sender$ ;herefore if a communicating party is a'le to decrypt the message using the pu'lic :ey, the identity of the sender .ill 'e authenticated as no one else can encrypt a message using the pri!ate :ey$
Kalpana Coaching Classess BE-SEM-VII-EXTC-DCE-Notes by Rohit Sinha Ph. Da a!-"#$$%&'( Thane-")##%$&$ *o! p!i+ate ci!c,lation only @pon reception the recei!er decrypts the message as: + C D G@4DCE (
21
;his method pro!ides authentication 'ut not confidentiality as the message is encrypted using the sender<s pri!ate :ey and e!eryone ha!ing the pu'lic :ey can decrypt the message and !ie. the contents$
4uthentication and confidentiality using pu'lic :ey encryption: 4uthentication and confidentiality 'oth can ensured using pu'lic :ey encryption 'y su'Jecting the plain te t message to t.o rounds of encryption as sho.n in the figure:
4s sho.n in the figure the message is encrypted t.ice first using the sender<s pri!ate :ey and then using the recei!er<s pu'lic :ey$ ;he pu'lic :ey of the recei!er is used to ensure confidentiality the pri!ate :ey of the sender is used to authenticate the sender$ ;he cipher te t is generated as: C C EG@KDEGR4(+)E ;he cipher te t is decrypted as: + C DGRKDDG@4(C)E ( ;he disad!antage of this method is that the comple encryption algorithm has to 'e e ecuted t.ice at each end .hich increases the processing time$
Re"uirements of pu'lic :ey encryption: 1$ 6t should 'e computationally feasi'le for all the communicating parties to generate a :ey pair (G@, GR) %$ 6t should 'e computationally feasi'le for a sender 4 :no.ing the pu'lic :ey of the recei!er K to generate cipher te t as C C E G@K(+)$ -$ 6t should 'e computationally feasi'le for the recei!er K to decrypt the cipher te t and o'tain the original message as + C DGRK(C)$ 5$ 6t should 'e computationally infeasi'le for an attac:er .ho :no.s G@ to find GR$ 8$ 6t should 'e computationally infeasi'le for an attac:er .ho :no.s C and G@ to find +$ 9$ Encryption and decryption functions can 'e applied in any order: , C EG@KDDGRK(,)E C DG@KDEGRK(,)E C EGRKDDG@K(,)E C DGRKDEG@K(,)E 2.& %S) algorithm: R&4 algorithm is a practical implementation of pu'lic :ey encryption$ 6t is a 'loc: cipher scheme .here the plain te t and cipher te t are integers 'et.een B and n(1$ ;ypically nC1B%5$ *ere the plain te t is encrypted in 'loc:s .here the si#e of each 'loc: is : 'its, such that %: P n Q %:M1$ )or a 'loc: of plain te t ,, the cipher te t C is generated as: C C , e mod n ;he cipher te t is decrypted as + C Cd mod n C ,ed mod n Koth sender and the recei!er :no. the !alue of n and e .hereas only the recei!er :no.s the !alue of d$
22
;hus the pu'lic :ey of the recei!er is G@ C He, nI and the pri!ate :ey of the recei!er is GR C Hd, nI ;he R&4 algorithm consists of follo.ing modules: 6$ Gey generation: 1$ 3enerate t.o large random and distinct prime num'ers p and " .hich are appro imately of same si#e in terms of 'it length$ %$ Compute n C p" and R C (p(1)("(1)$ -$ &elect a random integer e, 1PePR such that gcd(R, e) C 1 5$ Compute uni"ue integer 1PdP R such that ed 1 mod R 66$ Encryption: ;he sender encrypts the message , as: 1$ ='tain the G@ of the intended recei!er$ %$ Represent the message , in integer in the inter!al B to n(1$ -$ Compute C C ,e mod n and send it to the intended recei!er$ 666$ Decryption: ;he recei!er reco!ers the plain te t from the cipher te t as: + C Cd mod n C ,ed mod n ( Note: e!en though .e ha!e to select the !alues of p and " .hich are similar, .e cannot ta:e !ery near'y !alues 'ecause if then $ ;he !alue of n is :no.n to e!eryone and hence anyone can find the !alue of p and 'y trial and error and find the :eys$
2., Key management: ;here are t.o main aspects of :ey management( Distri'ution of pu'lic :eys @se of pu'lic :ey encryption to distri'ute secret :eys Distri'ution of pu'lic :eys: 1$ +u'lic announcement of pu'lic :eys:
6n this method each user distri'utes pu'lic :eys to recipients or 'roadcast them to the entire community$ ;he dra.'ac: of this method is forgery$ &uppose A is an attac:er and he sends follo.ing message to K and C after 'loc:ing the message from 4$ A to K S C : D6D4, G@AE &o here A is sending his pu'lic :ey pretending to 'e 4 and can mas"uerade until disco!ered 'y 4$ *ence in method anyone can create a :ey claiming to 'e someone else and 'roadcast it$
Kalpana Coaching Classess BE-SEM-VII-EXTC-DCE-Notes by Rohit Sinha Ph. Da a!-"#$$%&'( Thane-")##%$&$ *o! p!i+ate ci!c,lation only %$ +u'licly a!aila'le directory:
23
( (
6n this method, the pu'lic :eys are registered .ith a pu'lic directory$ ;his assures greater security to the :eys$ ;he directory must 'e trusted .ith follo.ing properties: 1$ 6t should contain the name and pu'lic :ey entries in the form H6DA, G@AI$ %$ ;he participants should register securely .ith the directory$ -$ ;he directory should 'e periodically pu'lished$ 5$ ;he directory should 'e electronically accessi'le$
-$ +u'lic :ey authority: 6n this method highly trusted pu'lic :ey authority controls the distri'ution of :eys$ ;he pu'lic :ey authority pro!ides all the functionalities of the directory$ 4ll the communicating entities interact .ith the directory to o'tain pu'lic :eys$ ;he only re"uirement of this method is real time access to the directory$ )ollo.ing figure sho.s the :ey distri'ution procedure 'y pu'lic :ey authority:
;he :ey distri'ution ta:es place in the follo.ing steps: 1$ 4 +G4: Re"uest TT ;1 ;he initiator 4 sends a message to pu'lic :ey authority containing a re"uest for current pu'lic :ey of K and a time stamp ;1$ ;ime stamp is used to pre!ent replay attac:s$ %$ +G4 4: EGR4@;* DG@K TT Re"uestTT ;1E ;he authority responds .ith a message that is encrypted using its pri!ate :ey GR4@;*$ ;his message contains the pu'lic of K and the original message that .as sent 'y 4 to pu'lic :ey authority$ ;he original message is sent 'ac: to 4 so that 4 can !erify the message for any modification or replay attac:s$ ;he message is encrypted using the pri!ate :ey of the authority to authenticate the pu'lic :ey authority and pre!ent mas"uerade attac:s$ -$ 4 K: EG@KD6D4 TT N1E
24
5$
8$
9$
0$
4 stores the pu'lic :ey of K and encrypts a message using this :ey and sends it to K$ ;his message contains the identity of 4 and a nonce N1 .hich ser!es as an identifier to the message$ K +G4: Re"uest TT ;% K sends a message to pu'lic :ey authority re"uesting the pu'lic :ey of 4$ ;his message contains the identity of 4 and a time stamp ;%$ +G4 K: EGR4@;*DG@4 TT Re"uest TT ;%E ;he pu'lic :ey authority responds 'y sending a message .ith GR4@;* containing the pu'lic :ey of 4 and the original re"uest message along .ith the time stamp$ K 4: EG@4DN1 TT N%E K sends a message to 4 after encrypting the message .ith the pu'lic :ey of 4 in response to message (-)$ ;his message contains the original nonce N1 along .ith a ne. nonce N%$ ;he original nonce is sent 'ac: to 4 so that 4 is assured of the identity of K$ &ince K is sending the nonce N1 .hich .as encrypted using the pu'lic :ey of K, it is actually K .ith .hom 4 is communicating as no one else can find N1$ 4 K: EG@KDN1 TT N%E 4 sends the nonce N% 'ac: to K to authenticate itself$
5$ +u'lic :ey certificates: +u'lic :ey certificates allo. :ey e change .ithout real time access to pu'lic :ey authority$ )ollo.ing figure sho.s the :ey e change procedure .ith pu'lic :ey certificates:
4 pu'lic :ey certificate 'inds the identity to pu'lic :ey along .ith other information such as period of !alidity, rights of use etc$ 4ll the contents of the certificate are signed 'y the certificate authority and therefore it can 'e !erified 'y anyone .ho :no.s the pu'lic :ey of the certificate authority$ Each communicating party sends its pu'lic :ey to the certificate authority securely$ )or party 4 the certificate authority !erifies the rele!ant details and pro!ides a certificate of the form: C4 C EGR4@;* D6D4, G@4E &imilar certificates are gi!en to all the communicating parties after authentication$ 4ll the communicating parties e change the certificates instead of e changing the pu'lic :eys$ 2hene!er a party recei!es a certificate from another party, it .ill o'tain the pu'lic :ey of the sender 'y decrypting the certificate using the pu'lic :ey of the certificate$ 6f the certificate is successfully decrypted .ith the pu'lic :ey of the certificate authority, the sender of the certificate is authenticated$
Kalpana Coaching Classess BE-SEM-VII-EXTC-DCE-Notes by Rohit Sinha Ph. Da a!-"#$$%&'( Thane-")##%$&$ *o! p!i+ate ci!c,lation only +u'lic :ey distri'ution of secret :eys:
25
;his method assumes that the t.o communicating parties 4 and K ha!e already e changed the pu'lic :eys$ ;he secret :ey is e changed in the follo.ing steps: 1$ 4 K: EG@KDN1 TT 6D4E 4 uses the pu'lic :ey of K to encrypt a message to K .hich contains the identity of 4 6D4 and nonce N1, .hich is used to identify this transaction uni"uely$ %$ K 4: EG@4DN1 TT N%E K sends the response to 4 containing the nonce N1 and a ne. nonce N%$ ;his message is encrypted using the pu'lic :ey of 4$ K sends the recei!ed nonce N1 'ac: to 4 to authenticate itself to 4$ -$ 4 K: EG@KDN%E 4 sends the nonce N% 'ac: to K to authenticate itself to K$ 5$ 4 K: EG@KDEGR4(Gs)E 4 selects a secret :ey Gs and sends it to K after encrypting it t.ice$ ;he secret :ey is first encrypted using GR4 and then using G@K$ ;his ensures authentication as .ell as confidentiality$ 8$ )inally K decrypts the recei!ed message and o'tains the secret :ey as: Gs C DGRK DDG@4(Gs)E
Kalpana Coaching Classess BE-SEM-VII-EXTC-DCE-Notes by Rohit Sinha Ph. Da a!-"#$$%&'( Thane-")##%$&$ *o! p!i+ate ci!c,lation only C2)P'E% & &.1 #essage authentication #ESS)3E )4'2E0'IC)'I50
26
+urpose of message authentication: ;here are three main aspects of message authentication( 1$ +rotecting the integrity of the message$ +re!enting the messages from getting modified during transit and in the case of any modification the recei!er should 'e a'le to detect it and discard the message$ %$ >alidating the identity of the originator$ 4uthentication scheme should ensure that the sender of the message is same indi!idual as in indicated 'y the identity in the message$ -$ Non repudiation of origin$ ;he authentication scheme should 'e a'le resol!e the disputes resulting due to sender denying any message .hich has its identity$ Re"uirements of authentication: )or any message to 'e authenticated follo.ing attac:s must 'e pre!ented( 1$ Disclosure %$ ;raffic analysis -$ ,as"uerade 5$ Content modification 8$ &e"uence modification 9$ ;iming modification 0$ &ource repudiation 1$ Destination repudiation &.2 #essage authentication unctions
,essage authentication functions
,essage encryption
,essage authentication code (,4C)
*ash function
I. #essage encryption: *ere the cipher te t of the message ser!es as its authenticator$ 1$ &ymmetric encryption: 6n symmetric encryption a source 4 transmits a message , to a recei!er K after encrypting it .ith a secret :ey G shared 'et.een 4 and K$
27
&ince no other party :no.s the secret :ey G, confidentiality is pro!ided$ 6t also authenticates the t.o parties for each other$ 6f party K recei!es a message encrypted using :ey G and containing the identity of 4, it is assured that it .as generated 'y 4 as no other party :no.s the secret :ey G$ %$ +u'lic :ey encryption: Direct use of pu'lic :ey encryption:
6n pu'lic :ey encryption sender 4 generates a message , and encrypts it using pu'lic :ey G@K of the intended recei!er K$ upon reception party K decrypts the message using its pri!ate :ey GRK$ ;he direct use of pu'lic :ey encryption pro!ides only confidentiality and not authentication 'ecause an attac:er can easily o'tain the pu'lic :ey of party K and forge a message using identity of party 4 as sho.n: 4ttac:er C: EK4+ D,, 6D)E @pon reception of such a message party K .ill not 'e a'le to detect that the message is unauthori#ed$ Encryption using pri!ate :ey:
*ere the sender 4 transmits a message , to the recei!er K after encrypting it using its pri!ate :ey GR4$ @pon reception K decrypts this message using the pu'lic :ey G@4 of 4 and o'tains ,$ ;his method pro!ides authentication 'ecause if K is a'le to decrypt the message using G@4, it .as definitely encrypted using GR4 .hich is :no.n only to 4 and no other party$ =nly 4 can encrypt a message using its pri!ate :ey and therefore it is authenticity is confirmed$ ;he dra.'ac: of this method is that it does not pro!ide confidentiality 'ecause anyone can o'tain the pu'lic :ey G@4 of 4 and decrypt the messages$ 4uthentication using multiple encryption:
6n this method e!ery message is encrypted t.ice 'efore 'eing transmitted to the recei!er$ *ere the sender 4 first encrypts the message using its pri!ate :ey GR4 and then again using the pu'lic :ey G@K of the recei!er$ ;his method pro!ides authentication and confidentiality 'oth 'ut at the cost of e tra processing time for running the comple encryption algorithm t.ice$
28
Dra.'ac:s of using message encryption to pro!ide authentication: ;his method pro!ides partial authentication 'y authenticating only the sender of the message and not the contents of the message$ 4ny attac:er can o'tain a copy of cipher te t and remo!e some 'its from it or rearrange the 'its e!en if he is not a'le to decrypt the message$ &uch types of attac:s cannot 'e pre!ented and only solution is to detect and discard such messages$ ;his method pro!ides no mechanism for detecting such unauthori#ed modifications$ ;o pro!ide 'oth authentication and confidentiality, the comple encryption algorithm has to 'e used t.ice .hich increases the load on the system and the processing time$ II. #essage authentication code 6#)C7: 6n this method an additional data called as cryptographic chec:sum or message authentication code (,4C) is added to the message .hich ser!es as its authenticator$ )ollo.ing figure sho.s the procedure for authentication using ,4C:
;he sender 4 generates a message , to 'e transmitted to recei!er K$ ;he cryptographic chec:sum is calculated 'y su'Jecting , to a function C called as ,4C function using the secret :ey G$ ,4C C CK (,) ;his cryptographic chec:sum or ,4C !alue is then appended to the original message and then transmitted to the intended recei!er$ ;he ,4C function and the secret :ey are :no.n only to the t.o communicating parties in!ol!ed$ @pon reception, the recei!er separates the message and ,4C and then recalculates the ,4C !alue from , using G$ 6f the recei!ed ,4C !alue and the recalculated ,4C !alue are e"ual, the message is authenticated other.ise it is discarded$ ;he message authentication is 'ased on the fact e!en if an attac:er is a'le to modify the message, he cannot modify the ,4C !alue accordingly as he does not :no. the ,4C function or the secret :ey$ 6f an attac:er modifies the message to produce an unauthori#ed effect, the recalculated ,4C !alue and the recei!ed ,4C !alue .ill not match and the message .ill 'e discarded at the recei!ing end$ Re"uirement of ,4C: 1$ 6f an attac:er o'ser!es , and CK (,), it should 'e computationally infeasi'le for him to construct a message ,< such that: CK (,<) C CK (,)$ %$ CK (,) should 'e uniformly distri'uted in the sense that for randomly chosen messages , and ,<, the pro'a'ility that C K (,<) C CK (,) is %1n .here n is the num'er of 'its in ,4C$ -$ ,4C should depend e"ually on all 'its of the message$ III. 2ash unction:
29
*ash function is a pu'lic function that maps a message of any length into a fi ed length hash !alue .hich ser!es as its authenticator$ )ig$ sho.s the 'asic procedure in!ol!ed in authentication using hash function:
;he sender generates the message , and the hash !alue Lh< is calculated 'y su'Jecting , to hash function as: h C * (,) ;his !alue is appended to the message at the source$ ;he recei!er authenticates the message 'y recomputing the hash !alue from the message and then comparing it .ith the recei!ed hash !alue$ 4uthentication is 'ased on the fact that it is not possi'le for an attac:er to modify the message and the hash !alue accordingly$ *ence e!en if an attac:er modifies the message it .ill 'e detected at the recei!ing end as the calculated and recei!ed hash !alues .ill not match$ +ractical implementations of authentication using hash function: 1$ 6mplementation using symmetric encryption:
%$ 6mplementation using pu'lic :ey encryption:
-$ 6mplementation using pu'lic :ey encryption and a secret data:
+roperties of hash function: 1$ ;he hash function produces a fi ed length output for !aria'le length input$ %$ 6t can 'e applied on a 'loc: of data of any si#e$ -$ * ( ) should 'e relati!ely easier to calculate for any , so that hard.are and soft.are implementation is possi'le$ 5$ 5ne *ay property: )or any gi!en !alue h, it is computationally infeasi'le to find such that * ( ) C h$ 8$ 8ea" collision resistance: )or any 'loc: , it is computationally infeasi'le to find y not e"ual to such that *( ) C *(y)$ 9$ Strong collision resistance: 6t is computationally infeasi'le to find any pair ( ,y) such that *( ) C *(y)$
30
Secure hash algorithm ;he secure hash algorithm ta:es as input a message .ith a ma imum length less than % 9, 'its and produces a 19B 'it message digest$ ;he input is produced in 81% 'it 'loc:s and follo.ing steps are in!ol!ed in the processing: 1$ ;he message is padded so that its length is congruent to 551 modulo 81%$ +adding is al.ays added e!en if the message is of desired length$ ;he num'er of padding 'its is in the range of 1 to 81% 'its and the padding consists of a single 1N'it follo.ed 'y the necessary num'er of B 'its$ %$ 4 'loc: of 95 'its is appended to the message$ ;his 'loc: is treated as an unsigned 95('it integer and contains the length of the original message 'efore padding$ -$ 4 19B 'it 'uffer is used to hold intermediate and final results of the hash !alue$ ;he 'uffer is represented 'y fi!e -%('it registers 4, K, C, D and E$;hese 'uffers are initiali#ed to follo.ing he adecimal !alues: 4 C 9058%-B1 K C E)CD4K1U C C U1K4DC)E D C 1B-%8509 E C C-D%E1)B 5$ ;he message is processed in 81% 'it or 19(.ord 'loc:s$ ;he algorithm consists of module ha!ing rounds of processing of %B steps each$ ;here are four rounds ha!ing similar structure 'ut using different primiti!e logical functions$
Each round ta:es as input, the current 81% 'it 'loc: i$e$ ?" and the 19B 'it 'uffer !alue 4KCDE and updates the contents of the 'uffer$ 8$ 4fter all the 81% 'it 'loc:s ha!e 'een processed, the output from the L th stage is the 19B 'it message digest or the hash !alue .here L is the num'er of 'loc:s in the message$
Kalpana Coaching Classess BE-SEM-VII-EXTC-DCE-Notes by Rohit Sinha Ph. Da a!-"#$$%&'( Thane-")##%$&$ *o! p!i+ate ci!c,lation only -.& Digital signatures
31
Need for digital signatures: ,essage encryption and authentication protects t.o communicating parties against any third party 'ut it does not protect the t.o parties against each other$ Disputes arise .hen there is source or destination repudiation$ 6n those situations .here the t.o communicating parties do not ha!e complete trust on each other, digital signatures are re"uired$ +roperties/re"uirements of digital signatures: 1$ 6t must !erify the date and time of the signature along .ith !erifying the author$ %$ 6t must authenticate the contents at the time of the signature$ -$ 6t must 'e !erifia'le 'y the third party to resol!e the disputes$ 5$ ;he digital signature must 'e a 'it pattern that depends on the message 'eing signed$ 8$ ;he signature must use some information uni"ue to the sender to pre!ent forgery and denial$ 9$ 6t should 'e relati!ely easy to produce, recogni#e and !erify the digital signature$ 0$ 6t must 'e infeasi'le to forge a digital signature either 'y constructing a ne. message for an e isting digital signature or 'y constructing a fraudulent digital signature for a gi!en message$ 1$ 6t should 'e practical to retain a copy of the digital signature in storage$ 4r'itrated digital signature techni"ues: 6n ar'itrated digital signature techni"ues, the signed message from the sender A to the recei!er ? goes first to an ar'itrator 4 .ho su'Jects this message and its signature to !arious tests to chec: .hether the origin and contents are genuine or not$ ;he message is then dated and sent to ? .ith an indication that it has 'een !erified 'y the ar'itrator$ ;he presence of an ar'itrator sol!es the pro'lem of source repudiation$ )ollo.ing approaches are used in ar'itrated digital signatures: 1$ Con!entional encryption: a$ 2here ar'itrator can see the message: A 4: , TT EGA4 D6DA TT *(,)E 4 ?: EG4? D6DA TT , TT EGA4 (6DA TT *(,)) TT ;E 6n this method the ar'itrator must share a secret :ey GA4 .ith the sender A and secret :ey G?4 .ith ?$ *ere the ar'itrator can see the message$ ;he ar'itrator calculates *(,) from the message recei!ed and compares it .ith recei!ed *(,)$ 4fter !erifying the origin and contents, the ar'itrator for.ards another message to the recei!er .hich contains a signature$ ;he signature consists of the identity 6DA and the hash !alue *(,)$ ;he timestamp ; ensures that it is not a replay attac:$ ? cannot decrypt the signature 'ut still the message is considered authentic as it has come through 4$ ;his method re"uires 'oth A and ? to ha!e to trust 4 in the follo.ing manner: ( A must trust 4 not to re!eal GA4 and not to generate false signatures of the form EGA4 D6DA TT *(,)E$ ( ? must trust 4 to for.ard a message only after !erifying the hash !alue and the signature$ ( Koth A and ? must trust 4 to resol!e disputes fairly$
Kalpana Coaching Classess BE-SEM-VII-EXTC-DCE-Notes by Rohit Sinha Ph. Da a!-"#$$%&'( Thane-")##%$&$ *o! p!i+ate ci!c,lation only '$ 4r'itrator cannot see the message A 4: 6DA TT EGA?D,E TT EGA4 D6DA TT *DEGA?(,)EE 4 ?: EG?4 D6DA TT EGA?(,)E TT EGA4D6DA TT *DEGA?(,)E TT ;1E *ere A and ? must share a secret :ey GA? 'et.een them$ 6n this case the ar'itrator cannot see the message$ Dra.'ac:s of using con!entional encryption: ( 4r'itrator can form an alliance .ith the sender deny a signed message$ ( 4r'itrator can form an alliance .ith the recei!er to forge sender<s signature$ %$ +u'lic :ey encryption: A 4 4: 6DA TT EGRA D6DA TT EG@?(EGRA(,))E ?: EGR4 D6DA TT EG@?DEGRA(,)E TT ;E
32
6n this case A dou'le encrypts a message ,, first .ith its pri!ate :ey GRA and then .ith the recei!er<s pu'lic :ey G@?$ ;his is a signed secret !ersion of the message$ ;his signed !ersion .ith 6DA is encrypted again .ith GRA and is sent to 4 along .ith 6DA$ ;he inner dou'le encrypted message is secure from the ar'itrator$ *o.e!er 4 can decrypt the outer encryption to assure that the message must ha!e come from A$ ;he ar'itrator 4 !erifies the !alidity of the pri!ate(pu'lic :ey pair of A and if the :ey pair is !alidated, 4 !erifies the message$ 4fter !erification, 4 transmits a message a message to ? encrypted .ith GR4$ ;he message includes 6DA, dou'le encrypted message and a timestamp$ *ere the message is secret from 4$ 4nother ad!antage of this method is that no information is shared among the parties 'efore communication .hich pre!ents alliances to defraud$ Digital signature standard: Digital signature is a pu'lic :ey techni"ue .hich uses an algorithm designed to pro!ide the digital signature function$
;he D&& approach ma:es use of a hash function$ ;he hash !alue of the message is gi!en as input to a signature function along .ith a random num'er G generated for that particular signature$ ;he signature also depends on the sender<s pri!ate :ey and a set of parameters .hich constitute a glo'al pu'lic :ey (G@3)$ ;he output of signature function is a signature consisting of t.o components la'eled as Ls< and Lr<$ ;hese t.o components are appended to the message and the entire 'loc: is transmitted$ @pon reception, the hash !alue of the message is calculated$ ;he hash !alue and the message are gi!en to the !erification function .hich re"uires the pu'lic :ey of the sender along .ith G@3$ ;he output of the !erification function is a !alue e"ual to the signature component r if the signature is !alid$
33
Digital signature algorithm: ;he strength of digital signature algorithm is 'ased on the difficulty of computing discrete logarithms$ ;he D&4 consists of follo.ing steps: 1$ Calculating glo'al pu'lic :ey components: 1$ &elect a prime num'er p .ith a length 'et.een 81% and 1B%5 'it$ %L(1 P p Q %L for 81% Q L Q 1B%5 L is a multiple of 95 %$ &elect a 19B 'it prime num'er " such that " is a prime di!isor of (p(1)$ -$ &elect g such that 1 P g and gChVD(p(1)/"E mod p and 1 P h P p(1$ ;he num'ers p,g and " form the glo'al pu'lic :ey G@3 C Hp, g, "I %$ Calculation of pri!ate :ey A of the user: &elect the pri!ate :ey A of the user such that B P A P "$ A should 'e selected randomly or pseudo randomly$ -$ Calculating the pu'lic :ey ? of the user: ;he pu'lic :ey of the user is calculated using his pri!ate :ey as ? C g A mod p$ Gno.ing the !alue of ?, it is computationally infeasi'le to find A, since discrete logarithm is in!ol!ed$ 5$ 3enerating user<s per message secret num'er G: 6t is a random or pseudo random integer G such that B P G P "$ 6t is uni"ue for e!ery signature$ 8$ Creating a signature: Creation of a signature re"uires calculation of t.o "uantities r and s that are functions of the pu'lic :ey components (p, ", g), user<s pri!ate :ey A, hash code of the message *(,) and G$ r is calculated as r C (gG mod p) mod " s is calculated as s C DG(1(*(,)) M ArE mod " ;he signature is (r, s)
9$ >erification: >erification is done 'y follo.ing calculations: 1$ 2 C (s<)(1 mod " %$ u1 C *(,<) 2 mod " -$ u% C (r<) . mod " 5$ ! C D(gu1 gu%) mod pE mod "
Kalpana Coaching Classess BE-SEM-VII-EXTC-DCE-Notes by Rohit Sinha Ph. Da a!-"#$$%&'( Thane-")##%$&$ *o! p!i+ate ci!c,lation only 6f ! C r<, then the message is !alidated$
34
C*4+;ER 5
D4;4 C=,+RE&&6=N
5$1 Data compression ;he process of con!erting an input data stream into another data stream ha!ing reduced si#e is called as data compression$ ;he input stream could 'e from a file or 'uffer in the memory$
&ource file: the input file to the encoder$ Compressed file: the output file produced 'y the encoder .hich has a smaller si#e compared to the source file$ Compressor or encoder: 6t is the program that con!erts the ra. data into the input data stream and then compresses it to create the output stream$ Decoder or decompressor: 6t is the program .hich generates the original data stream from the compressed data stream$ Note: 6n general the term C=DEC is used for coder(decoder$ 3eneral la. of data compression: 3eneral la. of data compression states that for compression short codes should 'e assigned for common e!ents and long codes should 'e assigned for rare e!ents$ ;his la. is 'ased on eliminating the redundancy in the data to achie!e compresssion$ 5$% Classification of compression algorithms
Lossy and lossless compression techni"ues: Lossy compression techni"ues: 6n lossy compression methods, compression is achie!ed 'y losing some part of the information$ 6n such cases the decompressed data is not identical to original data and some information is permanently lost and therefore such methods are irre!ersi'le compression methods$
Kalpana Coaching Classess BE-SEM-VII-EXTC-DCE-Notes by Rohit Sinha Ph. Da a!-"#$$%&'( Thane-")##%$&$ *o! p!i+ate ci!c,lation only Lossy compression methods are generally used for audio !ideo and image compression$ Eg$ 7+E3, ,+E3, E/2 etc$
35
Lossless compression techni"ues: 6n lossless compression methods compression is achie!ed .ithout losing any information and therefore such methods are used in cases .here information cannot 'e lost li:e te t files$ Eg$ *uffman coding, &hannon )ano coding, 4rithmetic coding, L/2 etc$ 4dapti!e and non adapti!e compression techni"ues: Non adapti!e compression techni"ues: Non adapti!e compression is rigid is and does not modify its compression parameters or ta'les in response to the different patterns of the input data 'eing compressed$ &uch methods are 'est suited to compress data of a single type or of a definite pattern$ Eg$ *uffman compression$ 4dapti!e compression techni"ues: 6n adapti!e compression techni"ues the compressor e amines the input data statistics and patterns and modifies its parameters and compression ta'les accordingly$ 6n other .ords the compressor adapts itself to !arying conditions of input data for o'taining efficient compression$ Eg$ adapti!e *uffman coding$ &emi(adapti!e method: 4 semi(adapti!e method uses a t.o part algorithm .here the first part reads the input stream to collect the statistics of data 'eing processed and the second part does the actual compression using the statistical information pro!ided 'y first part$ &ymmetric and asymmetric compression techni"ues: &ymmetric compression techni"ues: 6n symmetric compression techni"ues same algorithm is used 'y compressor and the decompressor 'ut is applied in opposite directions$ 4symmetric compression techni"ues: 6n asymmetric compression techni"ues different compression algorithms are used 'y compressor and decompressor$ 5$Compression parameters
Compression ratio: Compression ratio is defined as the ratio of the output stream si#e to the input stream si#e$
)or compression C$R$ P 1 )or e pansion C$R$ W 1 Compression factor: Compression factor is defined as the ratio of the si#e of the input stream to the si#e of the output stream$
36
)or compression C$)$ W 1 and for e pansion C$)$ P 1$
Compression gain: Compression gain is defined as(
Reference si#e is either si#e of input stream or si#e of the compressed stream produced 'y standard lossless compression method$ 5$5 Runlength encoding (RLE)
Runlength encoding is a lossless compression techni"ue used for compression of te t and images$ RLE is useful for compression of those files .here the characters are repeated many times continuously$ 6n RLE a character string is encoded only if it is repeated more than - times and the compressed data is .ritten in the follo.ing format: ( escape character, data character, runlength ) ;he escape character i$e$ L@< is used to indicate that data has 'een compressed$ ;he data character is the character .hich is repeated$ Runlength gi!es the num'er of times the character is repeated$ )or e ample consider the follo.ing stream of data gi!en as input to the RLE encoder: aa'c fffff....1111111ss. ;he compressed output stream .ill 'e: aa'c Xf8X.5X19ss. Note: )or encoding a character stream the minimum !alue of runlength has to 'e 5 'ecause, the runlength encoding procedure re"uires three 'ytes .hich is same as the num'er of 'ytes occupied 'y three characters$ *ence if a character run of length three or less is encoded, it .ill not result in any compression
RLE image compression: 4 digital image consists of small dots called as pi els$ +i els are arranged in an array called as 'itmap of the image in the form of scan lines$ RLE image compression is 'ased on the fact that there is a high pro'a'ility that a randomly selected pi el .ill ha!e all the neigh'oring pi els of similar color$ Each pi el occupies - 'ytes, one 'yte for each color field in (R, 3, K) color space$ ;he R, 3 and K fields are encoded as three different data streams using RLE$ ;ypically each ro. is encoded separately using runlength encoding$ Compression ratio can 'e further impro!ed 'y ignoring shorter runs$ 5$8 Relati!e encoding (differencing)
Relati!e encoding is used .hen the elements of the data stream to 'e encoded ha!e similar !alues$ 6n such cases instead of sending each element, the difference 'et.een the elements can 'e transmitted to sa!e 'and.idth$
37
Differencing is used for telemetry and facsimile applications$ )or e ample consider the follo.ing data stream generated 'y a temperature measurement telemetry system: ;emperature (BC): -BB, -B1, -B5, -BB, -B1, %UU, %U1, -B% ;he data stream can 'e encoded 'y transmitting the relati!e !alues considering the first !alue as the reference !alue$ ;he encoded stream .ill 'e: -BB, 1, 5, B, (1, (%, % 6f the difference 'et.een the successi!e !alues is transmitted, the stream .ill 'e encoded as: -BB, 1, -, (5, 1, (%, (1, 5 6f the difference 'et.een the reference !alue and the current !alue is large, then actual !alue is transmitted instead of sending the relati!e !alue$ 5$9 &calar "uanti#ation
&calar "uanti#ation is used to compress the data .hich is in the form of large num'ers as "uanti#ed num'ers .ill occupy lesser space$ Kut "uanti#ation leads to permanent loss of information$
C*4+;ER 8
S')S'IC): #E'25DS 5. D)') C5#P%ESSI50
8$1
&tatistical modeling of information source
6n statistical modeling of an information source, the pro'a'ilities of source sym'ols are trac:ed$
38
;he order of the model depends on num'er of pre!iously occurring sym'ols ta:en into account$ 2ith increasing the order, the pro'a'ilities o'tained 'ecome more and more relia'le 'ut the comple ity increases$ ;he o!erall efficiency of any data compression techni"ue depends on indi!idual performances of the modeling processes and the encoding methods$ 4 statistical model used in compression can 'e sho.n as:
*ere the pro'a'ilities of the sym'ols occurring in the input stream are trac:ed and then for.arded to the encoder along .ith sym'ols for encoding$ 8$% 6nformation theory
,easurement of information: ;he information content of any message mK is measured as: p: is the pro'a'ility of occurrence of mK ;he unit of information is 'its$ )rom the a'o!e e pression it can 'e concluded that as the pro'a'ility of occurrence of a sym'ol increases, the information content decreases i$e$ less fre"uently occurring sym'ols con!ey more information as compared to more fre"uently occurring sym'ols$ Note( for calculations use the formula:
Entropy of a source: Consider a source that generates n different sym'ols &1, &%, $$$ , &n .ith pro'a'ilities +1, +%, $$$ , +n respecti!ely$ ;he entropy of the source is defined as the a!erage information content of the source$ 6t gi!es the minimum num'er of 'its re"uired to represent each sym'ol$ 6t is gi!en 'y the follo.ing e pression:
4'o!e e pression can 'e simplified as: * (&) C +161 M +%6% M $$$$$$ M +n6n Entropy is measured in terms of 'its/sym'ol$ 4!erage length of a code: 6t is the a!erage num'er of 'its needed per sym'ol$ 6t is gi!en 'y the follo.ing e pression:
+K is the pro'a'ility of occurrence of Gth sym'ol and LK is its length in terms of 'its$
Kalpana Coaching Classess BE-SEM-VII-EXTC-DCE-Notes by Rohit Sinha Ph. Da a!-"#$$%&'( Thane-")##%$&$ *o! p!i+ate ci!c,lation only Redundancy: Redundancy is defined as the sym'ols largest possi'le entropy and its actual entropy$ 6t is gi!en 'y the follo.ing e pression:
39
)or data to 'e compressed efficiently, R should 'e as small as possi'le i$e$ the num'er of 'its used to represent a sym'ol should 'e !ery close to the actual information content of the sym'ol$ 8$- +refi codes +refi property: +refi property states that .hen a certain 'it pattern has 'een assigned as the code for a sym'ol then no other code can start .ith that pattern$ Consider the e ample .here the sym'ols are assigned codes .ithout follo.ing prefi property: &ym'ol Code &1 B &% B1 &1B &5 B1B 6f the sym'ols transmitted are &% &- &5, the corresponding data stream .ill 'e: B11BB1B ;his data stream can 'e read as: &% &- &5 and also as: &% &- &% &1 ;o a!oid such am'iguities prefi property should 'e used .hile de!eloping the code .ords for the sym'ols$ +refi codes: 4 prefi code is a code .hich satisfies prefi property$ 4 unary code of a non negati!e integer n is defined as (n(1) #eroes follo.ed 'y a single one or (n(1) ones follo.ed 'y a single #ero$ 8$5 &hannon()ano coding: &hannon()ano coding produces !aria'le si#e codes for the sym'ols occurring .ith different pro'a'ilities$ ;he coding depends on the pro'a'ility of occurrence of the sym'ol and the general idea is to assign shorter codes for sym'ols that occur more fre"uently and long codes for the sym'ols occurring less fre"uently$ &hannon()ano algorithm: ;he algorithm used for generating &hannon()ano codes is as follo.s: 1$ )or a gi!en list of sym'ols, de!elop a corresponding list of pro'a'ilities so that each sym'ol<s relati!e pro'a'ility is :no.n$ %$ List the sym'ols in the order of decreasing pro'a'ility$ -$ Di!ide the sym'ols into t.o groups so that each group has e"ual pro'a'ility$ 5$ 4ssign a !alue B to first group and a !alue 1 to second group$ 8$ Repeat steps - and 5, each time partitioning the sets .ith nearly e"ual pro'a'ilities as possi'le until further partitioning is not possi'le$ 8$8 *uffman coding
*uffman coding gi!es a !aria'le si#e code 'ased on sym'ol pro'a'ilities$ ;his method is 'ased on reducing the redundancy in the num'er of 'its used for representation of information$
40
;he general idea is to achie!e compression 'y assigning shorter codes for fre"uently occurring sym'ols and longer codes for sym'ols occurring less fre"uently$ 4lgorithm: ;he encoder starts 'y 'uilding a list of the sym'ols in the descending order of pro'a'ilities$ 6t then constructs a tree .ith a sym'ol at e!ery leaf from 'ottom to top$ ;his is done in steps .here at each step the t.o sym'ols .ith smallest pro'a'ilities are selected, added to the top of partial tree, deleted from the list and replaced another sym'ol representing those t.o sym'ols$ 2hen the list is reduced to Just one sym'ol, then the tree is completed$ ;he tree is then tra!ersed from right to left to determine codes for the sym'ols$ Note: .hen there are more than t.o nodes ha!ing smallest pro'a'ilities, select the nodes .hich are highest and lo.est in the tree and com'ine them$ ;his .ill reduce the total !ariance of the code$ ;he *uffman code ha!ing smallest !ariance is preferred$ ;he !ariance of a code measures 'y ho. much the si#e of the indi!idual codes de!iate from the a!erage si#e$ ;he !ariance of a code is defined as:
+G C pro'a'ility of occurrence of :th sym'ol LG C num'er of 'its used to represent the sym'ol L4 C a!erage length *uffman decoding: ( ;he *uffman ta'le used for coding must 'e transmitted to the decoder as many times as it is updated if the techni"ue is adapti!e$ )or static *uffman coding only one ta'le is sufficient for the decoder$ ( ;he decoder starts at the root of the tree and reads the first 'it from the compressed stream$ 6f the 'it is #ero the 'ottom edge is follo.ed other.ise, top edge of the tree is follo.ed$ 6n the same manner successi!e 'its are read until the decoder reaches a leaf .here it finds a sym'ol$ Dra.'ac:s of *uffman coding: ;he sym'ol pro'a'ilities .hich are the 'asic re"uirements are !ery rarely :no.n in ad!ance$ ;his ma:es the algorithm inefficient$ ;here are t.o possi'le solutions to this pro'lem: ( use adapti!e method ( use semi adapti!e method 8$8 ( 4dapti!e *uffman coding 6n adapti!e *uffman coding 'oth the compressor and the decompressor start .ith an empty *uffman tree$ No sym'ols are assigned codes and e!ery ne. sym'ol is treated as a leaf node .ith the same .eight$ 4s ne. sym'ols are added, the tree is also updated such that the updated tree is also a *uffman tree$ ;he first sym'ol is .ritten on the output stream as it is$ ;his sym'ol is then added to the tree and a code is assigned to it$ ;he ne t time this sym'ol occurs, its current code is .ritten on the output stream and its fre"uency is incremented
41
'y 1$ Each time the sym'ols are processed, it has to 'e chec:ed .hether the tree satisfies the *uffman properties$ ;he *uffman property is that if .e scan the tree, the fre"uency of occurrence of sym'ols should decrease from right to left and from top to 'ottom i$e$ the sym'ol on top right position .ill ha!e the highest fre"uency and the one at the 'ottom left .ill ha!e the lo.est fre"uency$ ;his property is called as si'ling property of *uffman tree$ @pdating the *uffman tree: ;he process of updating the tree starts al.ays at the current node .hich is a leaf L&< .ith Lf< as its fre"uency of occurrence$ E!ery iteration has three steps: 1$ Compare & to its successors in the tree from left to right and 'ottom to top$ 6f the immediate successor has fre"uency (fM1) or more, then the nodes are still in sorted order and s.apping is not re"uired$ =ther.ise some successors of & ha!e identical fre"uency f or smaller fre"uency$ 6n such a case & should 'e s.apped .ith the last node in this group$ %$ 6ncrement the fre"uency from f to fM1$ 4lso increase the fre"uency of all its parents$ -$ 6f & 'ecomes the root, then the process stops other.ise the process repeats .ith the parent of node &$ Dra.'ac:s of adapti!e *uffman coding: 1$ Count o!erflo.: ;he fre"uency counts are accumulated and this field can o!erflo.$ Normally the .idth of this field is 19 'its and can store a count up to 988-8$ ;he count of the root is monitored e!ery time it is incremented$ 2hen the ma imum count limit is reached, all the .eights are rescaled .ith an integer di!ision 'y %$ ;his is actually done 'y performing an integer di!ision only on the leaf nodes and updating the tree again$ &ometimes it leads to !iolation of *uffman property and the tree needs to 'e updated again$ %$ Code o!erflo.: Code o!erflo. .hen many sym'ols are added to the tree and the tree gro.s longer$ ;he compressor has to find out the code for an input sym'ol & in the tree 'y linear search method$ 6f & is found in the tree, the compressor mo!es from node & 'ac: to root thus 'uilding the code 'it 'y 'it$ ;hese 'its ha!e to 'e accumulated as they are transmitted in the re!erse order$ 2hen the tree gets longer, the codes get longer and if the field si#e is e ceeded, the program malfunctions$ -$ 4nother dra.'ac: of the *uffman coding is that the codes generated contain integer num'er of 'its .hich adds redundancy to the data$ 8$9 4rithmetic coding
=ne of the dra.'ac:s of *uffman coding is that it assigns an integer num'er of 'its to indi!idual sym'ols, .hich adds some coding redundancy$ 4rithmetic coding o!ercomes this dra.'ac: 'y assigning one long code to represent the string of sym'ols instead of assigning codes to indi!idual sym'ols$ 4rithmetic coding is also 'ased on the pro'a'ility model of the sym'ols to 'e encoded$ 6nitially the encoding starts .ith a code assigned to the first sym'ol .hich gets modified as other sym'ols are added$ ;he result code .hen the last sym'ol is encoded is the compressed data$
42
Data is encoded in follo.ing steps: 1$ &tart 'y defining the current inter!al as DB, 1)$ %$ Repeat the follo.ing t.o steps for each sym'ol & in the input stream: i$ Di!ide the current inter!al into su'(inter!al .hose si#es are proportional to the sym'ol<s pro'a'ilities$ ii$ &elect the su'(inter!al for & and define it as the ne. current inter!al$ -$ 2hen the entire input stream has 'een processed, the output should 'e any num'er .ithin the current inter!al$ 8$0 Conte t 'ased te t compression (++,)
6n conte t 'ased compression the pro'a'ility model of the sym'ol is generated depending on fre"uency of the sym'ol and the conte t in .hich the sym'ol has occurred so far$ ;he ++, encoder s.itches to a shorter conte t .hen a longer one results in #ero pro'a'ility$ ++, starts .ith an order n conte t and it searches its data structure for a pre!ious occurrence of the current conte t C follo.ed 'y the ne t sym'ol &$ 6f no such occurrence is found the encoder s.itches to order n(1 conte t and then same procedure is follo.ed$ ;he encoder reads the ne t sym'ol & from the input stream, loo:s at the current order n conte t C and 'ased on the input data that has 'een encoded pre!iously, it determines the pro'a'ility (+) that & .ill appear in conte t C$ ;he encoder then uses adapti!e arithmetic encoder to encode the sym'ol & .ith pro'a'ility +$
C*4+;ER 9
D6C;6=N4R? K4&ED ,E;*=D&
9.1
Dictionary based methods
43
Dictionary 'ased methods try to compress !aria'le si#e strings of information into to:ens using a dictionary$ ;he dictionary holds strings of sym'ols and it can 'e static as .ell as adapti!e$ ;he adapti!e dictionary holds the strings pre!iously found in the input stream allo.ing for addition of ne. strings as the input is 'eing read$ ;he encoder tries to match a part of the input stream .ith the .ords (strings) stored in the dictionary$ 6f a match is found, the to:en is .ritten on the output stream .hich contains a pointer to that location of the dictionary .here the matched .ord is stored$ ;his method is also called as string compression$ 6f a .ord is found .hich does not match then it is .ritten as it is on the output stream follo.ed 'y a flag character and si#e of the .ord$ Static and adapti!e dictionary methods 4dapti!e dictionary methods
9.2
&tatic dictionary methods
1$ &tatic dictionary methods are rigid and the dictionary is not modified according to the !arying input data$
1$ 6n adapti!e dictionary methods the unmatched strings are added to the dictionary dynamically and hence the dictionary is dynamically updated$ %$ *ere space is allocated for addition of ne. strings to the dictionary$ -$ +referred .hen the .ords randomly appear in the input data and do not fall under any category$
%$ ;he si#e of the dictionary is fi ed and generally !ery small$ -$ +referred only .hen the strings encountered in the input stream follo. a definite pattern and occur in definite patterns$ 9.&
:;1<< 6sliding *indo* compression7
;he L/(00 compression method is an adapti!e compression method .here the encoder dynamically 'uilds a dictionary from the input data and then uses the pre!iously occurring strings to compare and compress the ne. strings$ ;he amount compression i$e$ the compression ratio depends on: ( Length of the dictionary ( &i#e of the .indo. used ;he encoder maintains a .indo. and shifts the input in that .indo. from right to left as the sym'ols are 'eing encoded and that is .hy this method is called sliding .indo.$ ;he sliding .indo. has t.o parts: ( ;he left part is called the search 'uffer and it contains the current dictionary$ 6t includes the strings that ha!e 'een input and encoded$ ( ;he right part of the .indo. is called the loo: ahead 'uffer and it contains the strings .hich are to 'e encoded$
44
;ypically the si#e of search 'uffer is !ery large as compared to the loo: ahead 'uffer$ )or each encoded string a to:en is .ritten on the output stream$ ;he L/(00 to:en structure is as follo.s:
;his to:en is .ritten on the output stream and the .indo. is shifted to right$ ( ;he first field of the to:en is offset field .hich gi!es the location of the matched string in the dictionary$ ;his field is 'asically a pointer to the dictionary .hich points to the memory location in the dictionary .here the string is stored$ ;he si#e of the offset field is log% (&) ( ;he second field of the to:en is the match length i$e$ the num'er of sym'ols in the string .hich found a match in the dictionary$ ;he si#e of this field is log% (L(1)$ ( ;he third field of the to:en is the ne t unmatched sym'ol .hich stores the ne t sym'ol in the input stream after the matched string$ ;he length of this field is log% (C)$ Dra.'ac:s of L/ (00 compression techni"ue: 1$ ;his method assumes that a match is found around the .indo. .hich is not the case in practical applications$ %$ Compression ratio can 'e impro!ed only 'y increasing the si#e of search .indo. .hich increases the latency$ -$ ;his method is not practically applica'le as there is no definite data structure$ 9., :;1<=
6n L/(01 method a dictionary of pre!iously occurred strings is maintained, the si#e of .hich is limited 'y the a!aila'le memory$ ;his method reduces the to:en si#e 'y ha!ing only t.o fields in the to:en$ ;he to:en structure in L/(01 method is as sho.n:
( ( (
;he L/(01 to:en has only t.o fields as compared to three in L/(00$ ;he pointer field points to the memory location in the dictionary at .hich a match is found for the current input string$ ;he second field in the dictionary stores the !alue of the sym'ol occurring immediately after the string that found a match in the dictionary$ 6n other .ords this field stores the sym'ol ne t to the string 'eing encoded .hich .hen added to the string .ill result in a string ha!ing no match in the e isting dictionary$
45
Encoding: ;he dictionary is empty and starts .ith a null string at location #ero$ 4s the sym'ols are input and encoded, dictionary is 'uilt 'y adding ne. strings at positions starting from 1$ 6f the current input sym'ol L&< does not matches any of the strings in the dictionary, then it is added to the ne t a!aila'le memory location and the !alue of the sym'ol is .ritten in the to:en$ =ther.ise, if the current sym'ol is present in the dictionary then the ne t sym'ol in the stream is added to this sym'ol to form a ne. string and this string is chec:ed for a match in the dictionary$ 6n this manner sym'ols are added to the string until there is no match in the dictionary$ 4t the point .hen there is no match found in the dictionary, the location of the recently matched string in the dictionary is .ritten in the pointer field of the to:en and the recently added sym'ol .hich caused the mismatch is the ne t unmatched sym'ol$ Decoding: ;he L/(01 decoder .or:s 'y 'uilding and maintaining the dictionary in the same .ay as the encoder$ Dra.'ac:s of L/(01 algorithm: ;he dra.'ac: of the L/(01 algorithm is the memory si#e as the fre"uently encountered sym'ols as .ell as the longer matches ha!e to 'e stored as entries in the dictionary$ 6f the dictionary is full, then either the dictionary has to 'e restarted or some of the entries ha!e to 'e deleted$
9.(
:;8 ;he L/2 compression algorithm eliminates the Lunmatched sym'ol< field from the to:en and hence only one field i$e$ the pointer to the dictionary has to 'e transmitted for each encoded data string$ Kut due to this e!ery unmatched sym'ol has to 'e e clusi!ely encoded$ 6n L/2, the dictionary is initiali#ed to store all the sym'ols in alpha'et and other 4&C66 characters and therefore memory locations B(%88 are occupied$ ;he ne. entries in the dictionary are 'ased on the com'inations of e isting sym'ols .hich appear in the data stream$ ;he decoding is done 'y 'uilding the dictionary in the same manner as for encoding$
( ( (
46
Yuestion 'an: Chapter Z1 Data compression
1$ 3i!e the applications of data compression[ (5m) %$ Compare lossy and lossless data compression techni"ues[ (8m) -$ &uggest and e plain a compression method for the compression of data transmitted 'y a remote measurement system .hich monitors the temperature of a furnace[ (5m) 5$ E plain run length encoding$ 2hat are the applications of run length encoding[ (8( 1Bm) 8$ Encode the follo.ing data strings using run length encoding: a) 11a''''ccccca'c ') Xaaaa\88888900000 4lso find the compression ratio and compression factor in each case$ 9$ Compare dictionary 'ased methods and statistical methods of te t compression$ (8( 1Bm) 0$ 2rite a short note on: a) Relati!e encoding ] telemetry compression ') &calar "uanti#ation Chapter Z% &tatistical methods of data compression
1$ 2rite a short note on: a) 6nformation content of a message ') Entropy c) 4!erage length of a code
47
d) Redundancy %$ E plain &hannon )ano coding$ 3enerate the codes for the follo.ing sym'ols using &hannon )ano coding: &ym'ol +ro'a'ility &1 B$-8 &% B$%1 &B$18 &5 B$1U &8 B$1 4lso find the redundancy in coding$ (1Bm) -$ &tate ad!antages and disad!antages of statistical methods for data compression$ 5$ Compare adapti!e and non adapti!e compression methods$ 8$ E plain arithmetic coding techni"ue for data compression$ 9$ E plain *uffman method of data compression$ Consider the follo.ing sym'ols .ith the gi!en pro'a'ilities: &ym'ol +ro'a'ility &1 B$5 &% B$% &B$% &5 B$1 &8 B$1 Dra. the *uffman trees using normal method and using minimum !ariance method$ 4lso find the !ariance and the coding redundancy in each case$ 0$ 4 source emits letters from an alpha'et set & C Hm, n, o, p, "I such that: + (m) C + (n) C B$%, + (o) C B$5 and + (p) C + (") C B$1$ a) )ind the entropy of the source$ ') )ind the *uffman code using the standard procedure and the minimum !ariance method$ c) )ind the a!erage length of the code and the coding redundancy for 'oth the codes$ 1$ 2hat are the dra.'ac:s of *uffman method[ 2hat are the solutions to those dra.'ac:s[ E plain adapti!e *uffman method$ U$ Compare RLE and *uffman coding for an image .here each pi el is represented in 1 'its and 8B^ of the pi els ha!e a grey le!el of 1%0 and remaining 8B^ of the pi els ha!e a grey le!el of 1%1$ 1B$ 4 source emits si discrete sym'ols .ith pro'a'ilities as + (a1) C B$1, + (a%) C B$5, + (a-) C B$B9, + (a5) C B$1, + (a8) C B$B5 and + (a9) C B$1$ @se *uffman coding to encode the source$ 6f the encoded string is B1B1BB1111BB, decode it to find the original string$ 11$ 4 source emits fi!e sym'ols &1, &%, &-, &5 and &8 .ith pro'a'ilities B$%8, B$%8, B$%8, B$1%8 and B$1%8 respecti!ely$ )ind: a) Entropy of the source ') *uffman code using standard procedure$ c) &hannon )ano code$ d) 4!erage length of code and redundancy$ 1%$ Encode the follo.ing data strings using adapti!e *uffman method: a) sir_sid_easily ') she_sells_sea_shells c) # #y# #y# 4lso sho. the decoding$ 1-$ Encode and decode the follo.ing data strings using arithmetic coding:
48
a) s.iss_miss ') assassinimassa 15$ 3i!en - data sym'ols a1, a% and .ith pro'a'ilities B$BB11-1, B$U08 and B$B%-19% respecti!ely$ @se arithmetic coding to encode the data string `a%, a%, a1, a-, a-a$ 18$ Compare arithmetic coding .ith *uffman coding$ 19$ `;he *uffman coding is not uni"uea$ E plain this .ith an e ample$ 10$ E plain conte t 'ased coding$ 2hat are its ad!antages[ 11$ Dra. the trie structure for follo.ing data strings: a) # #y# y# ') a'c'ccac'caa'c' 4lso sho. 'ase and !ine pointers$
Chapter Z-
Dictionary 'ased compression
1$ Compare statistical and dictionary 'ased compression techni"ues$ (8m) %$ &uggest a suita'le compression techni"ue for each of the follo.ing data strings$ 4lso state the reasons$ a) y##yy # ') yyyy#### c) #yy#y##y#### -$ Compare L/(00, L/(01 and L/2 compression techni"ues$ 5$ 2rite a short note on: a) /ip ') 3#ip c) CRC d) 4rc 8$ Encode the follo.ing data strings using L/(00, L/(01 and L/2 algorithms: a) sir_sid_is_easily_teases_sea_sea_sic:_seals ') she_sells_sea_shells_at_the_sea_shore c) alph_eats_alphalpha 9$ E plain the concept of static and adapti!e dictionary$ E plain .ith a suita'le e ample the encoding techni"ue using L/(00$ 0$ Descri'e the situations .hen L/(00 algorithm is 'est and .orst$ E plain the L/(01 algorithm specifying the impro!ements o!er the L/(00 algorithm$ 1$ 4n initial dictionary consists of letters a, ', r, y and #$ Encode the follo.ing message .ith L/2 algorithm: `a#'ar#array#'y#'arrayar#!aya$ U$ 2hat are the ad!antages of L/2 o!er other methods$ Chapter Z5 6mage compression 1$ %$ -$ 5$ 8$ 9$ 0$ 1$ Descri'e different approaches for image compression$ 2rite a short note on gray codes$ E plain the application of DC; in image compression$ E plain 7+E3 compression method used for image compression$ *o. 7+E3(L& standard is different from 7+E3[ 2hat is motion compression .ith respect to image compression[ 3i!e the 'asic structure of ,+E36 !ideo standard$ 2hat is motion compensation[ E plain the .or:ing of ,+E3 in detail$ Dra. the structured layers of ,+E36 !ideo stream$ E plain the !arious techni"ues used in !ideo compression and their underlying principles$
49
U$ 2hat is the effect of "uanti#ation on an image[ 1B$ 2rite a short note on +C, and D+C,$ 11$ E plain the !arious steps in!ol!ed in the compression of !ideo se"uences using ,+E36 !ideo standard$
Chapter Z8
4udio compression
1$ 2rite a short note on lossy sound compression$ %$ Descri'e 4(la. and b(la. companding$ -$ 2rite a short note on 4D+C, and D+C,$ 2hat are the ad!antages of 4D+C, o!er +C,[ 5$ 2hat is linear predicti!e coding[ E plain CEL+ and ,EL+ in details$ 8$ E plain the terms `fre"uency mas:inga and `temporal mas:inga in audio compression$ 9$ 2rite a short note ,+E3 audio standard$ Chapter Z9 Con!entional Encryption
1$ 2rite a short note on: a) 3oals of cryptography ') &ecurity ser!ice and security mechanism c) &ecurity attac:s %$ E plain data encryption standard$ -$ E plain 6DE4[ 5$ 2rite a short note on )iestel Cipher$ E plain the design principles$ 8$ E plain CKC, ECK, =)K, C)K and counter mode of operation of 'loc: ciphers$
Chapter Z0 1$ %$ -$ 5$ 8$ 9$
Num'er theory and pu'lic :ey encryption
E plain CR; .ith an e ample$ E plain the concept of discrete logarithm$ 2hat is the difference 'et.een inde and discrete logarithm[ Compare con!entional and pu'lic :ey encryption$ E plain R&4 .ith an e ample$ Calculate the pri!ate :ey and pu'lic :ey 'ased on R&4 ta:ing 8 and 11 as t.o prime num'ers$ @se these :eys to encrypt and decrypt a plain te t input of ,C10$
Chapter Z1
,essage authentication
1$ Descri'e the !arious authentication re"uirements for communication across a net.or:$ E plain different authentication functions$ %$ 2rite a short note on ,4C$ -$ E plain ,4C 'ased on DE&$ 5$ 2hat is ,4C[ 2here do .e use it[ 8$ 2hat is secure hash algorithm[ 9$ Differentiate 'et.een ,4C and hash codes$ 0$ 2rite a short note on *,4C$ 1$ 2rite a short note on one .ay hash function$ U$ 2hat are the needs and re"uirements of digital signatures[
Kalpana Coaching Classess BE-SEM-VII-EXTC-DCE-Notes by Rohit Sinha Ph. Da a!-"#$$%&'( Thane-")##%$&$ *o! p!i+ate ci!c,lation only 1B$ 2hat are the dra.'ac:s of direct signatures[ 11$ E plain D&4$
50

Kalpana Coaching Classess BE-SEM-VII-EXTC-DCE-Notes by Rohit Sinha Ph. Dadar-24330916 Thane-25440393 For Private Circulation Only Syllabus

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Kalpana Coaching Classess BE-SEM-VII-EXTC-DCE-Notes by Rohit Sinha Ph. Dadar-24330916 Thane-25440393 For Private Circulation Only Syllabus

Uploaded by

Copyright:

Available Formats

Kalpana Coaching Classess BE-SEM-VII-EXTC-DCE-Notes by Rohit Sinha Ph. Da a!-"#$$%&'( Thane-")##%$&$ *o! p!i+ate ci!

Cryptography and related terms

5$ =utput feed'ac: mode:

Gey management in symmetric encryption:

Principles o public "ey cryptographic systems

,essage authentication code (,4C)

%$ 6mplementation using pu'lic :ey encryption:

-$ 6mplementation using pu'lic :ey encryption and a secret data:

)or compression C$)$ W 1 and for e pansion C$)$ P 1$

Compression gain: Compression gain is defined as(

S')S'IC): #E'25DS 5. D)') C5#P%ESSI50

&tatistical modeling of information source

D6C;6=N4R? K4&ED ,E;*=D&

Dictionary based methods

&tatic dictionary methods

:;1<< 6sliding indo compression7

Yuestion 'an: Chapter Z1 Data compression

Dictionary 'ased compression

Num'er theory and pu'lic :ey encryption

You might also like