This lecture teaches how modern systems protect data, assuming that there are loop holes in the system architecture and leakages.
I will start with what new you can know from here:
Before that if you think you want to brush up your concepts quick: Refer this : Topic-wise explanation:
So after brushing up we have our Ceasar code which decrypts the things:
import string
ENGLISH_FREQ = {
'e': 12.0, 't': 9.1, 'a': 8.1, 'o': 7.5,
'i': 7.0, 'n': 6.7, 's': 6.3, 'h': 6.1,
'r': 6.0, 'd': 4.3, 'l': 4.0,
'c': 2.8, 'u': 2.8, 'm': 2.4,
'w': 2.4, 'f': 2.2, 'g': 2.0,
'y': 2.0, 'p': 1.9, 'b': 1.5,
'v': 1.0, 'k': 0.8, 'j': 0.15,
'x': 0.15, 'q': 0.10, 'z': 0.07
}
def caesar_decrypt(cipher, shift):
result = ''
for char in cipher:
if char.isalpha():
offset = 65 if char.isupper() else 97
result += chr((ord(char) - offset - shift) % 26 + offset)
else:
result += char
return result
def score_text(text):
score = 0
for char in text.lower():
if char in ENGLISH_FREQ:
score += ENGLISH_FREQ[char]
return score
cipher = input("Enter your Cipher: ")
res = []
for shift in range(1, 26):
decrypted = caesar_decrypt(cipher, shift)
score = score_text(decrypted)
res.append((score, shift, decrypted))
res.sort(reverse=True)
for score, shift, text in res[:]:
print(f"Shift {shift} | Score {score:.2f} | {text}")
Topic-wise explanation:
| S.No. | Topic | Definition / Explanation | Key Points / Examples |
|---|---|---|---|
| 1 | Data Is Always at Risk | Data can be attacked in three main states | - In transit (moving over networks)- At rest (stored on disks or servers)- In use (processed by systems) |
| 2 | Encryption | Transforms readable data (plaintext) into unreadable data (ciphertext) using an algorithm and a key | Encryption: Plaintext → mathematical model → Ciphertext |
| 3 | Keys | A key is a secret piece of information controlling encryption/decryption; algorithms are public, keys are private | Essential for both symmetric and asymmetric encryption |
| 4 | Codes vs Ciphers | Ciphers are encrypted text; codes are older, symbolic transformations | - Ciphers reversible, codes may not be- Modern systems use ciphers- Example: Enigma machines |
| 5 | Symmetric Encryption | Same key used to encrypt and decrypt data | - Sender and recipient share same key- Types: AES, Triple DES |
| 6 | Asymmetric Encryption | Uses two keys: public (shared openly) and private (kept secret) | - What encrypted with one key can only be decrypted with the other |
| 7 | Why This Matters | Enables secure communication and solves key-sharing problem | - Foundation of HTTPS, secure email, cloud security- Example: RSA |
| 8 | Digital Signatures | Ensure message integrity & sender authenticity | How:1. Hash message2. Encrypt hash with sender’s private key3. Receiver verifies with sender’s public keyUsed in: Software updates, secure communications, certificates |
| 9 | Plaintext Password Storage | Storing passwords as-is is insecure | - Database leak = total compromise- Attackers gain immediate access- Design failure, not user failure |
| 10 | Hashing | Converts data into fixed-length output; one-way | - Same input → same output- Fast to compute- Store hash(password), not password |
| 11 | Hashing Limitations | Alone, it can be attacked | Attackers can: guess common passwords, hash them, compare with stolen hashes → offline attacks |
| 12 | Rainbow Table Attacks | Precomputed tables mapping passwords to hashes | - Hashing is deterministic- Users pick predictable passwords- Breaks unsalted hashes at scale |
| 13 | Salting | Random data added to password before hashing | hash(salt + password) |
| 14 | Why Salting Works | Prevents precomputed attacks | - Same password ≠ same hash- Rainbow tables useless- Each account attacked individually |
| 15 | Online vs Offline Attacks | Attack methods for password cracking | Online: via login page, mitigated with rate limitingOffline: attacker has database, unlimited guessing; protected by hashing + salting |
| 16 | Rate Limiting | Restricts login attempts per user/IP/time | - Stops brute force- Slows automation- Protects authentication endpoints |
| 17 | Encryption in Transit | Protects data while moving over networks | Without: anyone can readWith: data unreadable even if intercepted |
| 18 | End-to-End Encryption | Only sender & receiver can read data | - Service providers cannot see contents- Used in secure messaging, privacy-focused systems |
| 19 | Cloud Computing & Security | Data/applications on remote servers | - Encryption is mandatory: data travels over public networks, providers may be compromised |
| 20 | Full Disk Encryption | Encrypts all data on device/server | - Stolen hardware reveals nothing- Losing key = losing data |
| 21 | Secure Deletion | Removes data references instead of actual data | - Overwrites data- Prevents recovery |
| 22 | Quantum Computing | Future threat to current encryption | - Could break encryption faster due to exponential computational speed (2^N)- Reduces brute-force time |