Scribd
Upload
4 views25 pages

crypto (1)

The document provides an introduction to cryptography, covering its components, types, and key concepts such as symmetric and asymmetric encryption, hashing, and cryptanalysis. It explains the roles of cryptographers and cryptanalysts, the importance of key management, and introduces tools like GNU Privacy Guard (GPG). Additionally, it discusses various hashing algorithms and the significance of digital signatures in ensuring message integrity and authenticity.

Uploaded by

imanailham543
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
4 views25 pages

crypto (1)

The document provides an introduction to cryptography, covering its components, types, and key concepts such as symmetric and asymmetric encryption, hashing, and cryptanalysis. It explains the roles of cryptographers and cryptanalysts, the importance of key management, and introduces tools like GNU Privacy Guard (GPG). Additionally, it discusses various hashing algorithms and the significance of digital signatures in ensuring message integrity and authenticity.

Uploaded by

imanailham543
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 25

Introduction to Cryptography

Mohamed Hassan
Outline


Understanding cryptography components

Symmetric Encryption

Asymmetric (Public) Encryption

Block cipher and stream cipher

Hashing

GNU Privacy Guard (GPG)
Cryptography I
Cryptography is the art (and sometimes science)
of secret (crypto) writing (graphy).

Cryptography considered to be a toolkit for providing


confidentiality.

It is very important to recognize that encryption algorithms


are just one of the many components of cryptographic
toolkit, albeit important one.
Cryptography II
Cryptography lies at the heart of most technical
information security mechanisms.

Cryptographers: Create ciphers - Cryptography


Cryptanalyst: Break ciphers – Cryptanalysis
Cryptosystem: (E, D, M, K,C)
E is an encryption algorithm
D is an decryption algorithm
M is the set of plaintexts (Messages)
K is the set of keys
C is the set of ciphertexts
Cryptography
Cipher:
An algorithm for transforming an intelligible message into
unintelligible.
Keys:
A random input “string” of bits used by cipher for or scrambling
and unscrambling data.
Encipher (encrypt):
The process of converting plaintext to ciphertext
Decipher (decrypt):
The process of converting ciphertext back into plaintext
Types of Cryptography


Hash functions: No key (fixed length)

Secret key cryptography (Symmetric): One key

Public key cryptography (Asymmetric): Pair of keys –
public, private
Cryptography
plaintext ciphertext plaintext
Encryption Decryption

Encryption algorithm also called a cipher


- You can openly publish the Cryptographic algorithms.
- Always keep the key secret.

plaintext ciphertext plaintext


Encryption Decryption

Key KA Key KB
Example
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
G O K E A N Q U Y C P T L F H W B M V X Z R I D S J

- Every A will be replaced by a G, every B by an


O, ...
- Lord of the rings
> Thme hn xua myfqv
• To decrypt, reverse the transliteration
Example 2
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25

• Key = 15
• C = M+Key (mod 26)
• M = HELLO
- H [7+15 (mod26) ≈ 22] >> W
- e [4+15 (mod26) ≈ 19] >> T
-l [11+15 (mod26) ≈ 0] >> A
-l [11+15 (mod26) ≈ 0] >> A
- o [14+15 (mod26) ≈ 3] >> D
• C = WTAAD
• M = C-Key (mod 26)
Symmetric-Key Cryptography
plaintext ciphertext plaintext
Encryption Decryption

Key KA Key KB=KA

Secure Key Distribution

• Both sender and receiver keys are the same: K =K


A B
• The keys must be kept secret and securely distributed
• Thus, also called “Secret Key Cryptography”
• Data Encryption Standard (DES)
Cryptanalysis I
• Brute force: try every key
• Ciphertext-only attack:
• Attacker knows ciphertext of several messages encrypted
with same key (but doesn’t know plaintext).
• Possible to recover plaintext (also possible to deduce key)
by looking at frequency of ciphertext letters
• Known-plaintext attack:
• Attackers observes pairs of plaintext/ciphertext encrypted
with same key.
• Possible to deduce key and/or devise algorithm to decrypt
ciphertext.
Cryptanalysis II
•Chosen-plaintext attack:
• Attacker has more control than known-plaintext attack and may be
able to gain more info about key
• Adaptive Chosen-Plaintext attack:
• Attacker chooses a series of plaintexts, basing the next plaintext on the
result of previous encryption
• Examples
Differential cryptanalysis - tracing differences through the network of
transformations (observe input/output behavior differences)
Linear cryptanalysis - finding approximations to the action of a cipher
Confusion and Diffusion
plaintext ciphertext plaintext
Encryption Decryption

Key KA Key KB

• “Confusion” = Substitution
• a -> b
• Caesar cipher
• “Diffusion” = Transposition or Permutation (Rearrange)
• abcd -> dacb
• DES
Confusion and Diffusion (2)
• “Confusion” : a classical Substitution Cipher

• Modern substitution ciphers take in N bits and substitute


N bits using lookup table: called S-Boxes
Block Cipher
• Divide input bit stream into n-bit sections, encrypt only that section, no
dependency/history between sections

• In a good block cipher, each output bit is a function of all n input bits
and all k key bits
Stream Cipher
• Stream ciphers

• Rather than divide bit stream into discrete blocks, as block ciphers
do, XOR each bit of your plaintext continuous stream with a bit
from a pseudo-random sequence
• At receiver, use same symmetric key, XOR again to extract
plaintext
Public Key Cryptography
In symmetric cryptosystem the same key is used
to encrypt and decrypt.
The idea behind public key cryptography arose
from the attempt to overcome:
1. Symmetric trust: sender and receiver
2. Key establishment/distribution: sender and
receiver need to know and agree on symmetric
key in advance.
Public Key Cryptography
Alice Bob
Encrypt M using B
e
>> Decrypt M using Bs
Storage: secret key should be kept in a safe place!
Key exchange: share and trust
Authentication:
Secret keys: need secret key for every person to
communicate with.
Hashing

• Take n length message and produce a fixed-


length value called a message digest
• A hash value is equivalent to a fingerprint
of the message
• If the message is changed later, the hash value
changes
Hashing Algorithms

MD2: Written for 8-bit machines, no longer secure


MD4: No longer in use (not secure any more)
MD5: Not secure, but still used
SHA-1: The successor to MD5, Used in: TLS, SSL, PGP,
SSH, S/MIME, Ipsec (No longer completely secure)
SHA-2: Not yet broken
SHA-3: Very secure
Collisions
If two different messages produce the
same hash value, it results in a collision
• A good hashing algorithm must be collision-
free
• MD5 has known collisions
SHA
• SHA-1 (Secure Hash Algorithm) is one of
the most popular hashing algorithms
• Replaced MD5 for decades, however SHA-1
collision found on 23 Feb 2017
Digital Signatures
• A hash value ensures that the message
was not altered in transit (integrity)
• Asymmetric encryption assures authenticity
and non-repudiation
GNU Privacy Guard (GPG)

OpenPGP encryption and signing tool
- It is a tool to provide digital encryption and
signing services using the OpenPGP
standard.

It can be use for:
- Authentication (digital signature),
Confidentiality, Compression, Email
compatibility.
References
Keith M. Martin, Everyday Cryptography,
Oxford University Press, 2012
Lynn Margaret Batten, Public Key
Cryptography, Wiley, 2013

You might also like