## Are you sure?

This action might not be possible to undo. Are you sure you want to continue?

BY, Ayesha Farhin

Overview

Introduction Types Advantages

n Disadvantages Future Developments Bibliography

Introduction

Cryptography considered as a branch of both mathematics and computer science. Affiliated closely with information theory, computer security, and engineering.

Definitions:

Cryptography comes from the Greek words Kryptos, meaning hidden, and Graphen, meaning to write. Thus Cryptography is the study of secret (crypto-) writing (-graphy) Cryptography deals with all aspects of secure messaging, authentication, digital signatures, electronic money, and other applications. The practitioner of Cryptography is called Cryptographer

**Cryptography Through History
**

Cryptography has a history of at least 4000 years. Ancient Egyptians enciphered some of their hieroglyphic writing on monuments. Ancient Hebrews enciphered certain words in the scriptures. 2000 years ago Julius Caesar used a simple substitution cipher, now known as the Caesar cipher. Roger Bacon in the middle ages described several methods in 1200s.

**Cryptography Through History
**

Geoffrey

Chaucer included several ciphers in his works (e.g. Canterbury Tales). Leon Alberti devised a cipher wheel, and described the principles of frequency analysis in the 1460s. Blaise de Vigenère published a book on cryptology in 1585, & described the polyalphabetic substitution cipher. Increasing use, especially in diplomacy & war over centuries.

Areas of Study

Computer Security: Cryptanalysis, Cryptology, Cryptography Terminologies: Encryption Decryption Plaintext Cipher Text

Cryptanalaysis

The

study of principles and methods of transforming an unintelligible message back into an intelligible message without knowledge of the key is called Cryptanalysis. Also called “code breaking” sometimes. Practitioners of cryptanalysis are cryptanalysts.

Cryptology

Cryptology

is the branch of mathematics that studies the mathematical foundations of cryptographic methods. Cryptology is actually the study of codes and ciphers. Cryptology = both cryptography and cryptanalysis

Definitions:

In cryptographic terminology, the message is called plaintext or cleartext. Encoding the contents of the message in such a way that hides its contents from outsiders is called encryption. A method of encryption and decryption is called a cipher - The name cipher originates from the Hebrew word "Saphar," meaning "to number.” The encrypted message is called the ciphertext. The process of retrieving the plaintext from the ciphertext is called decryption. Encryption and decryption usually make use of a key, and the coding method is such that decryption can be performed only by knowing the proper key.

The Key

All modern algorithms use a key to control encryption and decryption; a message can be decrypted only if the key matches the encryption key. The key used for decryption can be different from the encryption key, but for most algorithms they are the same.

Why do we need cryptography?

Computers are used by millions of people for many purposes Banking Shopping Tax returns Protesting Military Student records Privacy is a crucial issue in many of these applications Security is to make sure that nosy people cannot read or secretly modify messages intended for other recipients

**Security issues: some practical situations
**

A sends a file to B: E intercepts it and reads it. How to send a file that looks gibberish to all but the intended receiver? A sends a file to B: E intercepts it, modifies it, and then forwards it to B. How to make sure that the document has been received in exactly the form it has been sent? E sends a file to B pretending it is from A. How to make sure your communication partner is really who she claims to be?

Basic situation in cryptography

Types Of Attacks:

Passive

Attack: Carried out by a Passive Attacker who can only read the secret information being exchanged. Active Attack: Carried out by an Active Intruder who can read and modify the secret information

Passive Attacks

Active Attacks

**Ciphertext-only Attack
**

•

•

• •

This is the situation where the attacker does not know anything about the contents of the message, and must work from ciphertext only. In practice it is quite often possible to make guesses about the plaintext, as many types of messages have fixed format headers. Even ordinary letters and documents begin in a very predictable way. It may also be possible to guess that some ciphertext block contains a common word.

**Known-plaintext Attack
**

• • •

The attacker knows or can guess the plaintext for some parts of the ciphertext. The task is to decrypt the rest of the ciphertext blocks using this information. This may be done by determining the key used to encrypt the data, or via some shortcut.

**Chosen-plaintext Attack
**

The attacker is able to have any text he likes encrypted with the unknown key. The task is to determine the key used for encryption. Some encryption methods, particularly RSA, are extremely vulnerable to chosen-plaintext attacks. When such algorithms are used, extreme care must be taken to design the entire system so that an attacker can never have chosen plaintext encrypted.

**Classical Cryptographic Techniques
**

Three

– – –

Eras of Cryptography:

Classical Traditional Modern

We

have two basic components of classical ciphers: substitution and transposition. Substitution: In substitution ciphers letters are replaced by other letters. Transposition: In transposition ciphers the letters are arranged in a different order.

**Caesar Cipher A Monoalphabetic Substitution Cipher
**

Replace each letter of message by a letter a fixed distance away e.g. use the 3rd letter on Reputedly used by Julius Caesar. E.g: – L FDPH L VDZ L FRQTXHUHG – I CAME I SAW I CONQUERED i.e. mapping is ABCDEFGHIJKLMNOPQRSTUVWXYZ | | | | | | | | | | | | | | | | | | | | | | | | | | DEFGHIJKLMNOPQRSTUVWXYZABC Can describe this cipher as: – Encryption Ek : i → i + k mod 26 – Decryption Dk : i → i - k mod 26

**Polyalphabetic Substitution Cipher
**

Polyalphabetic

Substitution - several substitutions are used. Used to hide the statistics of the plain-text.

**Polyalphabetic Substitution Example
**

Suppose that a polyalphabetic cipher of period 3 is being used, with the three monoalphabetic ciphers M1, M2, M3 as defined below. To encrypt a message, the first 3 letters of the plaintext are enciphered according to ciphers M1, M2, M3 respectively, with the process being repeated for each subsequent block of 3 plaintext letters.

M1: M2: M3: a K P J b D A M c N G F d H U Z e P K R f A H N g W J L h X B D i C Y O j Z D W k I S G l M O I m Q E A n J M K o B Q E p Y N S q E W U r T F C s U Z Q t G I V u V T H v R C Y w F V X x O L T y S X P z L R B

**Polyalphabetic Substitution Example
**

Plaintext

- now is the time for every good man Ciphertext - JCQ CZ VXK VCER AQC PCRTX LBQZ QPK Note: The two o’s in good have been enciphered as different letters. Also the three letters “X” in the ciphertext represent different letters in the plaintext.

**Algorithms Of Modern Crytography
**

Algorithms

**are basic building blocks on which Crypto Systems are built. Classes of key-based algorithms:
**

– –

Symmetric or Private-key Systems. Asymmetric or Public-key Systems.

Symmetric Algorithms

Symmetric

algorithms use the same key for encryption and decryption Can be divided into two categories: (1) stream ciphers and (2) block ciphers. Stream ciphers can encrypt a single bit/byte of plaintext at a time. Block ciphers take a number of bits (typically 64 bits in modern ciphers), and encrypt them as a single unit.

**Example Symmetric Encryption Algorithm - DES
**

• • • • •

The most well known symmetric system is the Data Encryption Standard (DES). Data Encrypt Standard (DES) is a private key system adopted by the U.S. government as a standard “very secure” method of encryption. 64-bit plain & cipher text block size 56-bit true key plus 8 parity bits Single chip (hardware) implementation - Most implementations now software 16 rounds of transpositions & substitutions Standard for unclassified government data

Applications of DES

•

Double DES

• •

Effective key length of 112 bits Work factor about the same as single DES Encrypt with first key Decrypt with second key Encrypt with first key Very secure

•

Triple DES

• • • •

used across a wide range of applications, from ATM encryption to e-mail privacy and secure remote access.

**Private Key Problems
**

Keys must be exchanged before transmission with any recipient or potential recipient of your message. So, to exchange keys you need a secure method of transmission, but essentially what you've done is create a need for another secure method of transmission. Secondly the parties are not protected against each other, if one of the parties leaks the keys it could easily blame the other party for the compromise.

Asymmetric Algorithms

Use a different key for encryption and decryption, and the decryption key cannot be derived from the encryption key. Asymmetric ciphers also called public-key algorithms permit the encryption key to be public (it can even be published in a newspaper), allowing anyone to encrypt with the key, whereas only the proper recipient (who knows the decryption key) can decrypt the message. The encryption key is also called the Public Key and the decryption key the Private Key or Secret Key.

**Public Key Encryption
**

Key Pairs (Public and Private). Publish one key, keep the other secret. Anyone who wants to send you a message encrypts it using your public key. To read a message you decrypt it with the private key. Private Key Public Key Ciphertext Original Plaintext

Plaintext

Encryption

Decryption

**Public Key Encryption
**

A

– –

**good public key algorithm:
**

Infeasible to derive one key from the other Keys are interchangeable

Simplifies

(but does not solve) key distribution problem Public key is slower than secret key algorithms

– –

RSA is about 1000-5000 times slower than DES Public key encryption is sometimes used to encrypt a secret key algorithm’s session key

RSA

The

best known public key system is RSA, named after its authors, Rivest, Shamir and Adelman. It has recently been brought to light that an RSA-like algorithm was discovered several years before the RSA guys by some official of the British Military Intelligence Cryptography Wing.

**Comparison of Symmetric and Asymmetric Encryption
**

Secret Key Original Plaintext Decryption

Plaintext Encryption

Ciphertext

**Symmetric (Single Key) Cryptography
**

Public Key Private Key Original Plaintext Decryption

Plaintext Encryption

Ciphertext

Asymmetric (Two Key) Cryptography

Other Types:

One

Time Pad Hash Function Digital Signature Certified Authority

**ADVANTAGES AND DISADVANTAGES
**

Advantages: 1. The biggest advantage of public key cryptography is the secure nature of the private key. In fact, it never needs to be transmitted or revealed to anyone. 2. It enables the use of digital certificates and digital timestamps, which is a very secure technique of signature authorization.

Disadvantages:

Transmission time for documents encrypted using public key cryptography are significantly slower then symmetric cryptography. In fact, transmission of very large documents is prohibitive. The key sizes must be significantly larger than symmetric cryptography to achieve the same level of protection. Public key cryptography is susceptible to impersonation attacks.

**Future Developments: Quantum cryptography and DNA cryptography
**

DNA cryptography is a new born cryptographic field emerged with the research of DNA computing, in which DNA is used as information carrier and the modern biological technology is used as implementation tool. The vast parallelism and extraordinary information density inherent in DNA molecules are explored for cryptographic purposes such as encryption, authentication, signature, and so on.

Quantum cryptography

Quantum cryptography attempts to achieve the same security of information as other forms of cryptography but through the use of photons, or packets of light. The process, though still in experimental stages, makes use of the polarization nature of light and is proving to be a very promising defense against eavesdropping

Bibliography

www.cryptography.com www.wikipedia.com www.io.com/~hcexres/power_tools/hyperweb

/website1.PDF www.abo.fi/~ipetre/crypto

- Cryptographyashishkumar777
- Understanding Cryptography SOLUTIONSzumri
- CryptographyBridget Smith
- Cryptographyhaidaroracle
- Cryptographymonika
- Cryptographyimraanm@legae.co.za
- CryptographyPraneeth Akula Sona
- CryptographyVagi Gowda
- Cryptographynooti
- Cryptographys4shaista
- Public Key Cryptographykritagya chandra
- Cryptographyrohandeshmukh
- Cryptographyharsh_cyclone
- Cryptographytbijle
- everything in CryptographyRenjith
- CryptographySachin Talan
- CryptographyAruna Kapoor
- CRYPTOGRAPHY REPORTraunakbajoria
- Operating System FundamentalsGuruKPO
- machine learningSamira Palipana
- Philip N. Klein - A Cryptography Primer [2014][a]Igor Bojceski
- OSI Security Architecture.pptEswin Angel
- cryptographyapi-19799369
- CryptographyDivya Shritha
- CEHv8 Module 19 Cryptography.pdfMehrdad Jingoism
- CEHv8 Module 00.pdfMehrdad Jingoism
- Network Securitydharaninadh

- Blockchain Technology and Applications from a Financial PerspectiveCoinDesk
- Network Security & Cryptography MCQ'SGuruKPO
- Ethereum Paper Executive SummaryCoinDesk
- As 2805.6.1.1-2009 Electronic Funds Transfer - Requirements for Interfaces Key Management - PrinciplesSAI Global - APAC
- The International Legal Dynamics of Encryption, by Ashley DeeksHoover Institution
- As 2805.14.2-2009 Electronic Funds Transfer - Requirements for Interfaces Secure Cryptographic Devices (RetaiSAI Global - APAC
- A Study of Various Information Hiding Techniques and Their ImportanceInternational Journal for Scientific Research and Development
- Surreptitiously Weakening Cryptographic SystemsAndy Greenberg
- Computationally Efficient ID-Based Blind Signature Scheme in E-VotingInternational Journal for Scientific Research and Development
- A Robust Cryptographic System using Neighborhood-Generated KeysWhite Globe Publications (IJORCS)
- Stealing Keys from PCs using a Radio: Cheap Electromagnetic Attacks on Windowed ExponentiationAndy Greenberg
- cMix: Anonymization by High-Performance Scalable MixingAndy Greenberg
- Attribute-Based Encryption for Access of Secured Data in Cloud StorageInternational Journal for Scientific Research and Development
- As 2805.11-2000 Electronic Funds Transfer - Requirements for Interfaces Card Parameter TableSAI Global - APAC
- UT Dallas Syllabus for cs6v81.003.11s taught by Kamil Sarac (kxs028100)UT Dallas Provost's Technology Group
- Hashing Algorithm: MD5International Journal for Scientific Research and Development
- A Novel Image Transmission Technique via MIS using an Advanced AES Algorithm with Chaotic map for Enhanced SecurityInternational Journal for Scientific Research and Development
- UT Dallas Syllabus for cs6377.001.09s taught by Murat Kantarcioglu (mxk055100)UT Dallas Provost's Technology Group
- 60190_1965-1969FRASER: Federal Reserve Archive
- DRAFT NATIONAL ENCRYPTION POLICYFirstpost
- As 2805.6.5.3-2004 Electronic Funds Transfer - Requirements for Interfaces Key Management - TCU InitializatioSAI Global - APAC
- A Survey On Achieving Cloud Data Sharing Using Key Aggregate Searchable EncryptionInternational Journal for Scientific Research and Development
- New approach to online payment systemInternational Journal for Scientific Research and Development
- A Study on Statistical Analysis and Security Evaluation Parameters in Image EncryptionInternational Journal for Scientific Research and Development
- An Efficient Approach for Data Outsourcing using Attribute based EncryptionInternational Journal for Scientific Research and Development
- CCSS Draft ProposalCoinDesk
- Internet Voting System using Visual CryptographyInternational Journal for Scientific Research and Development
- 2003-04-18_SIDToday_-__Profile_Intelligence_Security_Issues.pdfJon Street
- Improving quality of image in Permutation-Only Image Encryption SchemesInternational Journal for Scientific Research and Development
- The Security and Efficiency in Attribute-Based Data SharingInternational Journal for Scientific Research and Development

- Privacy Preserving Authentication Scheme for VANET's Using HMAC AlgorithmInternational Journal for Scientific Research and Development
- A Novel Image Transmission Technique via MIS using an Advanced AES Algorithm with Chaotic map for Enhanced SecurityInternational Journal for Scientific Research and Development
- As 2805.5.1-1992 Electronic Funds Transfer - Requirements for Interfaces Ciphers - Data Encipherment AlgorithSAI Global - APAC
- Surreptitiously Weakening Cryptographic SystemsAndy Greenberg
- Computationally Efficient ID-Based Blind Signature Scheme in E-VotingInternational Journal for Scientific Research and Development
- A Survey On Achieving Cloud Data Sharing Using Key Aggregate Searchable EncryptionInternational Journal for Scientific Research and Development
- A Study on Statistical Analysis and Security Evaluation Parameters in Image EncryptionInternational Journal for Scientific Research and Development
- A Robust Cryptographic System using Neighborhood-Generated KeysWhite Globe Publications (IJORCS)
- lavabit-aclu-amicus-13-1024.pdfAndrew Blake
- Review on variants of Security aware AODVInternational Journal for Scientific Research and Development
- Attribute-Based Encryption for Access of Secured Data in Cloud StorageInternational Journal for Scientific Research and Development
- The Security and Efficiency in Attribute-Based Data SharingInternational Journal for Scientific Research and Development
- An Efficient Approach for Securing Broker-Less Publish-Subscribe System Using Identity-Based Encryption SchemeInternational Journal for Scientific Research and Development
- As 2805.6.5.2-2000 Electronic Funds Transfer - Requirements for Interfaces Key Management - TCU InitializatioSAI Global - APAC
- Enhancement of DES Algorithm with Multi State LogicWhite Globe Publications (IJORCS)
- Secure Cryptographic System Using Face BiometricsInternational Journal for Scientific Research and Development
- A Study of SAAS Model for Security SystemInternational Journal for Scientific Research and Development
- An Enhanced Image Cryptographic Method Based On AES Rijndael AlgorithmInternational Journal for Scientific Research and Development
- New Security Primitive Using CAPTCHA as Graphical Password against SpywareInternational Journal for Scientific Research and Development
- Trapdoor Reduction on Sharing Group Data in Cloud using Aggregation Key SchemeInternational Journal for Scientific Research and Development
- DIFFIE-HELLMAN KEY EXCHANGE TECHNIQUE AND VIDEO STEGANOGRAPHY BASED ON LSBInternational Journal for Scientific Research and Development
- A Symmetric Key Generation for File Encryption and Protection using/by USB Storage DeviceInternational Journal for Scientific Research and Development
- As 2805.6.1.4-2009 Electronic Funds Transfer - Requirements for Interfaces Key Management - Asymmetric CryptoSAI Global - APAC
- Development and Analysis of High Data Rate Quality based Secured AODV-RC4 and AODV-RSA WSNsInternational Journal for Scientific Research and Development
- A Survey and Analysis Performance of Generating Key in CryptographyInternational Journal for Scientific Research and Development
- As NZS ISO IEC 11770.3-2008 Information Technology - Security Techniques - Key Management Mechanisms Using AsSAI Global - APAC
- Study of Symmetric Key Network Security AlgorithmsInternational Journal for Scientific Research and Development
- Encryption Policy for the 21st Century: A Future without Government-Prescribed Key Recovery, Cato Policy AnalysisCato Institute
- Development and Analysis of High Data Rate Quality based Secured AODV-RC4 and AODV-RSA WSNsInternational Journal for Scientific Research and Development
- As 2805.4.1-2001 Electronic Funds Transfer - Requirements for Interfaces Message Authentication - MechanismsSAI Global - APAC

Sign up to vote on this title

UsefulNot usefulClose Dialog## Are you sure?

This action might not be possible to undo. Are you sure you want to continue?

Loading