Chapter-2 Part 1

Chapter-2:
Cryptographic Protocols, Tools and
Algorithms
12/9/2022 Computer and Network Security 1 By: Mechal T.

Outline
 Introduction to cryptography  Cryptographic Algorithms
 Goal and services of cryptography  Symmetric Block Cipher Algorithms
 Components of Cryptography  Caesar Cipher Algorithm
 Encryption and Decryption in  DES (Data Encryption Standard)
Cryptography  3DES (Triple DES)
 Types of Cryptography  Digital Signature
 Building blocks of Encryption  AES

Techniques
 DH-Key Exchange Algorithm
 Cryptanalysis andTypes of Attacks
 SHA-1
Chapter Objectives
 At the end of this chapter, students will be able to understand:
 Basics of cryptography
 Encryption Decryption Techniques
 Different types of attacks
 Different types of cryptographic algorithms
 Basic Components of cryptography

Introduction to Cryptography
Chapter-1
Part I

Introduction to Cryptography
 Definition
 Cryptography is the science of using mathematics to encrypt and decrypt

data.
 It is technique of securing information and communications through use

of codes so that only those person for whom the information is intended
can understand it and process it.
 It is the design, analysis, and implementation of mathematical techniques

for securing information, systems, and distributed computations against
adversarial attack.
Introduction to Cryptography…
 Terminology
 A message is plaintext (sometimes called clear text).
 The process of hiding a message in such a way as to hide its substance is

encryption.
 An encrypted message is called a ciphertext.
 The process of turning ciphertext back into plaintext is called decryption.
 A cipher (or cypher) is an algorithm for performing encryption or

decryption—a series of well-defined steps that can be followed as a
procedure.
Introduction to Cryptography…
 Terminology…

Goal and Services of Cryptography
 The primary goal of cryptography is to:
 Secure stored information - regardless if access obtained
 Secure transmitted information - regardless if transmission has
been monitored

Goal and Services of Cryptography…
 Cryptography can provide the following services:
 Confidentiality (secrecy)
 Integrity (anti-tampering)
 Authentication
 Non-repudiation.

1. Confidentiality (secrecy)
 Ensuring that no one can read the message except the intended receiver
 Data is kept secret from those without the proper credentials, even if
that data travels through an insecure medium.
 The principle of confidentiality specifies that only the sender and

the intended recipient should be able to access the content
of the message.
 Example: Encryption, access control lists, and file permissions

2. Integrity (anti-tampering)
 Assuring the receiver that the received message has not been altered in
any way from the original.
 The information cannot be altered in storage or transit between

sender and intended receiver without the alteration being detected.
 Examples: MD5, digital signature, digital certificates

3.Authentication
 Cryptography can help establish identity for authentication purposes
 The process of proving one's identity. (The primary forms of host-to-host

authentication on the Internet today are name-based or address-based,
both of which are notoriously weak.). Example: Secret Key, Digital
Signature, Digital certificates
4. Non-repudiation
 A mechanism to prove that the sender really sent this message
 Example: Digital Signature

Components of Cryptography
 Cryptography has five basic components:
1. Plain text: the message that you want to encrypt
2. Cipher text: the encrypted output (transformed message)
3. Encryption algorithm: The sequence of data processing steps that
go into transforming plaintext into ciphertext.
4. Decryption algorithm: The sequence of data processing steps that
go into transforming ciphertext back into plaintext.
5. Secret Key: is used to set some or all of the various parameters
used by the encryption algorithm.
Components of Cryptography…
 Secret Key…
 A key can be thought of as simply a collection of
0101001110
bits
10111101110
 The more bits, the stronger the key 1100101
 Keys are tied to specific encryption algorithms
 Lengths vary depending on the encryption

algorithm
 Example: 128 bits is long for some

algorithms, but short for others

Encryption and Decryption in Cryptography
 Encryption
It is the process of taking some data

and a key and feeding it into a
function and getting encrypted data
out. Encryption
Function
Encrypted data is, in principle,
unreadable unless decrypted.

Encryption and Decryption in Cryptography…
 Decryption
It is the process of taking

encrypted data and a key and
feeding it into a function and
getting out the original data.
Decryption
Encryption and decryption Function
functions are linked.

Types of Cryptography
 In general there are three types Of cryptography:
1. Symmetric Key Cryptography
2. Asymmetric Key Cryptography
3. Hash Functions

Types Of Cryptography…
1. Symmetric Key Cryptography
 It is an encryption system in which the sender and receiver of a

message share a single, common key that is used to encrypt and decrypt
the message.
 Also Known as Private key cryptography.
 A key is a piece of information (a parameter) that is applied using an

algorithm to a string or block of unencrypted text to produce
encrypted text or to decrypt encrypted text.

1. Symmetric Key Cryptography…
 The key for encrypting and decrypting the file had to be known to all
the recipients. Else, the message could not be decrypted.
 Symmetric Key Systems are faster and simpler but the problem
is that sender and receiver have to somehow exchange key in a secure
manner.

1. Symmetric Key Cryptography…

1. Symmetric Key Cryptography…..…Examples
Data Encryption Standard (DES)
 DES uses a 56 bit key and maps a 64 bit input block of plaintext onto a
64 bit output block of ciphertext.
 These 56 bits are now small key for today's computing power.

Triple DES
 The encryption-decryption process is as follows :

 Encrypt the plaintext blocks using single DES with key K1.
 Now decrypt the output of step 1 using single DES with key K2.
 Finally, encrypt the output of step 2 using single DES with key K3.
 The output of step 3 is the ciphertext.
 Decryption of a ciphertext is a reverse process. User first decrypt using

K3, then encrypt with K2, and finally decrypt with K1.
Triple DES…

Triple DES…
 Triple DES was the answer to many of the shortcomings of DES.
 Since it is based on the DES algorithm, it is very easy to modify

existing software to useTriple DES.
 It also has the advantage of proven reliability and a longer key length
that eliminates many of the shortcut attacks that can be used to reduce
the amount of time it takes to break DES. Key size is 168 bit long.

Advanced Encryption Standard (AES)
 The more popular and widely adopted symmetric encryption

algorithm likely to be encountered nowadays is the AES.
 It is found at least six time faster than triple DES.
 A replacement for DES was needed as its key size was too small.
 With increasing computing power, DES was considered vulnerable

against exhaustive key search attack.

Advanced Encryption Standard (AES)…
 The features of AES are as follows :

 Symmetric key symmetric block cipher
 128-bit data, 128/192/256-bit keys
 Stronger and faster than Triple-DES
 Provide full specification and design details
 Software implementable in C and Java

Advanced Encryption Standard (AES)…

ProblemsWith Symmetric Key Cryptography
 Key Management
 Symmetric-key systems are simpler and faster; their main drawback is that
the two parties must somehow exchange the key in a secure way and keep
it secure after that.
 Key Management caused nightmare for the parties using the symmetric
key cryptography .
 They were worried about how to get the keys safely and securely across to
all users so that the decryption of the message would be possible.
ProblemsWith Symmetric Key Cryptography…
 Key Management
 This gave the chance for third parties to intercept the keys in transit to
decode the top-secret messages.
 Thus, if the key was compromised, the entire coding system was
compromised and a “Secret” would no longer remain a “Secret”.
 This is why the “Public Key Cryptography” came into existence.

 Asymmetric cryptography refers to a cryptographic algorithm which

requires two separate keys, one of which is private and one of which
is public.
 The public key is used to encrypt the message and the private one is used
to decrypt the message.
 It is also known as Public-key cryptography.
 It is a very advanced form of cryptography
 Its key length varies from 512 to 1024 bits.


Types of Cryptography…
2. Asymmetric Key Cryptography…..Examples
1. A client (for example browser) sends its public key to the server and
requests some data.
2. The server encrypts the data using the client’s public key and sends the
encrypted data.
3. The client receives this data and decrypts it.
 Since this is asymmetric, nobody else except the browser can decrypt the
data even if a third party has the public key of the browser.

2. Asymmetric Key Cryptography…..Examples
 RSA Algorithm
 RSA (Rivest, Shamir and Adleman who first publicly described it in 1977)
is an algorithm for public-key cryptography.
 It is the first algorithm known to be suitable for encryption, and one of

the first great advances in public key cryptography.
 RSA is widely used in electronic commerce protocols, and is

believed to be secure given sufficiently long keys and the use of up-to-date
implementations.
3. Hash Functions
 Refers to performing a calculation on a message and converting it into

a numeric hash value.
 The input to the hash function is of arbitrary length but output is

always of fixed length.
 Values returned by a hash function are called message digest or simply

hash values.
 Hash functions are extremely useful and appear in almost all

information security applications.
Building Blocks of Encryption Techniques
 Two building blocks of all classical encryption techniques are
substitution and transposition.
 Substitution means replacing an element of the plaintext with an

element of ciphertext.
 Each element in the plaintext (bit, letter, group of bits or letters) is

mapped into another element.
 Transposition means rearranging the order of appearance of the

elements of the plaintext. Transposition is also referred to as
permutation.
Caesar Cipher
 The Caesar Cipher technique is one of the earliest and simplest
methods of encryption technique.
 It’s simply a type of substitution cipher, i.e., each letter of a given
text is replaced by a letter with a fixed number of positions down
the alphabet.
 For example with a shift of 1, A would be replaced by B, B would
become C, and so on.

Caesar Cipher…
 Thus to cipher a given text we need an integer value, known as a shift
which indicates the number of positions each letter of the text has been
moved down.
 The encryption can be represented using modular arithmetic by first
transforming the letters into numbers, according to the scheme, A = 0,
B = 1,…, Z = 25.

Caesar Cipher…
 Encryption of a letter by a shift n can be described mathematically as:
E_n(x)=(x+n)mod\ 26
(Encryption Phase with shift n)
D_n(x)=(x-n)mod\ 26
(Decryption Phase with shift n)
Note: If any case (Dn) value becomes negative (-ve), in this case, we will
add 26 in the negative value.

Caesar Cipher…
 Use the Caesar cipher to encrypt and decrypt the message "JAVATPOINT,"
and the key (shift) value of this message is 3.

Caesar Cipher…
 Decrypted Message
Ciphertext: M → 12 Dn: (12 - 3) mod 26 Plaintext: 09 → J
Ciphertext: D → 03 Dn: (03 - 3) mod 26 Plaintext: 0 → A
Ciphertext:Y → 24 Dn: (24 - 3) mod 26 Plaintext: 21 → V
Ciphertext: D → 03 Dn: (03 - 3) mod 26 Plaintext: 0 → A
Ciphertext:W → 22 Dn: (22 - 3) mod 26 Ciphertext: 19 → T
Ciphertext: S → 18 Dn: (18 - 3) mod 26 Ciphertext: 15 → P
Ciphertext: R → 17 Dn: (17 - 3) mod 26 Ciphertext: 14 → O
Ciphertext: L→ 11 Dn: (11 - 3) mod 26 Ciphertext: 8 → I
Ciphertext: Q → 16 Dn: (16 - 3) mod 26 Ciphertext: 13 → N
Ciphertext:W→ 22 Dn: (22 - 3) mod 26 Ciphertext: 19 → T

Caesar Cipher…
 Weakness of Caesar Cipher
 The Caesar Cipher is a secret/symmetric key cryptosystem; that is,

revealing the enciphering key makes decryption simple.
 In the Caesar cipher, the shift value is the enciphering key.
 Anyone knowing the shift value can immediately decrypt, so it must be

protected from unauthorized persons.

Caesar Cipher…
 Weakness of Caesar Cipher…
 Exhaustive Key Search. There is yet another method for breaking

the Caesar cipher:
 Simply try all the possible keys!
 After all, there are only 26 viable keys in the ordinary alphabet, and
only 255 useful keys in the ASCII alphabet!
 This kind of attack is called an exhaustive search.

Caesar Cipher…
 Weakness of Ceasar Cipher…
 An exhaustive search is rarely effective against all but the simplest of

cryptosystems.
 Seeing that the Caesar cipher is so vulnerable, we attempt to see

stronger cryptosystems.

Cryptanalysis and Types of Attacks
 Cryptology has two parts namely, Cryptography which focuses on
creating secret codes and Cryptanalysis which is the study of the
cryptographic algorithm and the breaking of those secret codes.
 The person practicing Cryptanalysis is called a Cryptanalyst.
 It helps us to better understand the cryptosystems and also helps us
improve the system by finding any weak point and thus work on the
algorithm to create a more secure secret code.

Cryptanalysis and Types of Attacks…
 For example, a Cryptanalyst might try to decipher a ciphertext to
derive the plaintext.
 It can help us to deduce the plaintext or the encryption key.

 Types of Cryptanalytic Attacks:
1. Known plain text analysis (KPA)
2. Chosen plain text analysis (CPA)
3. Cipher text only analysis (COA)
4. Man in the middle attack (MITM)
5. Adaptive chosen plain text analysis (ACPA)

1. Known-Plaintext Analysis (KPA) :
 In this type of attack, some plaintext-ciphertext pairs are already
known.
 Attacker maps them in order to find the encryption key.
 This attack is easier to use as a lot of information is already available.

2. Chosen-Plaintext Analysis (CPA) :
 In this type of attack, the attacker chooses random plaintexts and
obtains the corresponding ciphertexts and tries to find the encryption
key.
 Its very simple to implement like KPA but the success rate is quite low.

3. Ciphertext-Only Analysis (COA) :
 In this type of attack, only some cipher-text is known and the attacker
tries to find the corresponding encryption key and plaintext.
 It is the hardest to implement but is the most probable attack as only
ciphertext is required.

4. Man-In-The-Middle (MITM) attack :
 In this type of attack, attacker intercepts the message/key between two

communicating parties through a secured channel.
5.Adaptive Chosen-Plaintext Analysis (ACPA) :
 This attack is similar CPA. Here, the attacker requests the cipher texts
of additional plaintexts after they have ciphertexts for some texts.

Chapter-2 Part 1

Uploaded by

Document Information

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Chapter-2 Part 1

Uploaded by

Copyright:

Available Formats

Chapter-2:

Cryptographic Protocols, Tools and

12/9/2022 Computer and Network Security 1 By: Mechal T.

 Introduction to cryptography  Cryptographic Algorithms

 Goal and services of cryptography  Symmetric Block Cipher Algorithms

 Components of Cryptography  Caesar Cipher Algorithm

 Encryption and Decryption in  DES (Data Encryption Standard)

Cryptography  3DES (Triple DES)

 Types of Cryptography  Digital Signature

 Building blocks of Encryption  AES

 Encryption Decryption Techniques

 Different types of attacks

 Different types of cryptographic algorithms

 Basic Components of cryptography

12/9/2022 Computer and Network Security 3 By: Mechal T.

12/9/2022 Computer and Network Security 4 By: Mechal T.

 Cryptography is the science of using mathematics to encrypt and decrypt

 It is technique of securing information and communications through use

 It is the design, analysis, and implementation of mathematical techniques

 A message is plaintext (sometimes called clear text).

 The process of hiding a message in such a way as to hide its substance is

 An encrypted message is called a ciphertext.

 The process of turning ciphertext back into plaintext is called decryption.

 A cipher (or cypher) is an algorithm for performing encryption or

12/9/2022 Computer and Network Security 7 By: Mechal T.

 The primary goal of cryptography is to:

 Secure stored information - regardless if access obtained

 Secure transmitted information - regardless if transmission has

12/9/2022 Computer and Network Security 8 By: Mechal T.

 Cryptography can provide the following services:

12/9/2022 Computer and Network Security 9 By: Mechal T.

 The principle of confidentiality specifies that only the sender and

 Example: Encryption, access control lists, and file permissions

12/9/2022 Computer and Network Security 10 By: Mechal T.

 The information cannot be altered in storage or transit between

 Examples: MD5, digital signature, digital certificates

12/9/2022 Computer and Network Security 11 By: Mechal T.

 Cryptography can help establish identity for authentication purposes

 The process of proving one's identity. (The primary forms of host-to-host

 A mechanism to prove that the sender really sent this message

 Example: Digital Signature

 Keys are tied to specific encryption algorithms

 Lengths vary depending on the encryption

 Example: 128 bits is long for some

12/9/2022 Computer and Network Security 14 By: Mechal T.

It is the process of taking some data

12/9/2022 Computer and Network Security 15 By: Mechal T.

It is the process of taking

12/9/2022 Computer and Network Security 16 By: Mechal T.

 In general there are three types Of cryptography:

1. Symmetric Key Cryptography

2. Asymmetric Key Cryptography

12/9/2022 Computer and Network Security 17 By: Mechal T.

 It is an encryption system in which the sender and receiver of a

 Also Known as Private key cryptography.

 A key is a piece of information (a parameter) that is applied using an

12/9/2022 Computer and Network Security 18 By: Mechal T.

the recipients. Else, the message could not be decrypted.

is that sender and receiver have to somehow exchange key in a secure

12/9/2022 Computer and Network Security 19 By: Mechal T.

12/9/2022 Computer and Network Security 20 By: Mechal T.

1. Symmetric Key Cryptography…..…Examples

Data Encryption Standard (DES)

64 bit output block of ciphertext.