Cryptography

Cryptology
From Greek κρυπτός, "hidden, secret";

λογία, -logia, "study"or -λογία, -logia, "study"

Deals with
Cryptography Cryptoanalysis
from Greek κρυπτός, "hidden, secret";

γράφειν, graphein, "writing",

Cryptography is the science about ways of information
transformation (encryption and decryption) that you
want to keep secure.

Special terms concerning secure information

- State secret
- Military secret
- Commercial classified information (Commercial secret)
- Confidentiality
- Data integrity
- Authentication
- etc.
• Cypher • Шифр
• gibberish • Непонятный текст
(тарабарщина)
 Associated terms

• Cypher (or cipher) or code is the way of information

transformation to keep it in secret, or it is a pair of algorithms
that create the encryption and the reversing decryption
• Encryption is the process of converting ordinary information
(called plaintext) into unintelligible gibberish (called ciphertext).
• Decryption is the reverse process to the encryption, in other
words, moving from the unintelligible ciphertext back to
plaintext.
• Key is a secret parameter (ideally known only to the
communicants) for a specific message exchange context
• Cryptosystem is the ordered list of elements of finite possible
plaintexts, finite possible cyphertexts, finite possible keys, and
the encryption and decryption algorithms which correspond to
each key
 Associated terms

• Cryptanalysis is the term used for the study of methods for obtaining the
meaning of encrypted information without access to the key that
normally required to do so; or it is the study of how to crack encryption
algorithms or their implementations.

• Cryptolinguistics is the study of characteristics of languages which have

some application in cryptography (or cryptology), i.e. frequency data,
letter combinations, universal patterns, etc.

• In cryptography, code has a more specific meaning. It means the

replacement of a unit of plaintext (i.e., a meaningful word or phrase)
with a code word (for example, rebook replaces attack at dawn). Codes
are no longer used in serious cryptography—except incidentally for such
things as unit designations (e.g., Bronco Flight or Operation Overlord)—
since properly chosen ciphers are both more practical and more secure
than even the best codes and also are better adapted to computers.
• Which security mechanism do you know in
physical world?

Wax seal
signature

…………..
Why Have Cryptography
If the confidentiality or accuracy of your information is of any value at all, it
should be protected to an appropriate level.
If the unauthorized disclosure or alteration of the information could result in
any negative impact, it should be secured.
These are simple and widely accepted facts. However, the means to achieve the
requisite protection are usually far from obvious.

A number of mechanisms are commonly employed:

•Controlling access to the computer system or media. For instance, through

'logon' authentication (eg: via passwords).

•Employing an access control mechanism (such as profiling)

•Restricting physical access (eg: keeping media locked away or preventing

access to the computer itself).
 We use cryptography
• bank cards, 
• mobile phone, 
• WiFi, 
• applications like WhatsApp or iMessage,
• …
 A Brief History Of Cryptography

Caesar's Alphabet

The most widely-known form of cryptography is Caesar's

Alphabet. It's a very simple substitution cipher - a letter shift. Every
letter in the alphabet is shifted a certain number of letters to the
left. The most common key is three. Here is the alphabet as we
know it, followed by Caesar's 'encrypted' alphabet:

ABCDEFGHIJKLMNOPQRSTUVWXYZ

DEFGHIJKLMNOPQRSTUVWXYZABC

the 'clear text' of 'THIS IS AN ENCRYPTED MESSAGE' would become the

'cipher text' of 'WKLV LV DQ HQFUBSWHG PHVVDJH'
Ciphertexts produced by a classical cipher (and some
modern ciphers) always reveal statistical information
about the plaintext, which can often be used to break
them. After the discovery of frequency analysis perhaps
by the Arab mathematicians (known as Alkindus) in the
9th century, nearly all such ciphers became more or less
readily breakable by any informed attacker. Such
classical ciphers still enjoy popularity today, though
mostly as puzzles called cryptogram. Al-Kindi wrote a
book on cryptography entitled Manuscript for the
Deciphering Cryptographic Messages, in which
described the first cryptanalysis techniques
A Brief History Of Cryptography
The Ancient Greek scytale (rhymes with Italy), probably
much like this modern reconstruction, may have been one of
the earliest devices used to implement a cipher. (replacement
cypher example)
The Enigma machine, used, in several variants, by
branches of the German military between the late 1920s and
the end of World War II, implemented a complex electro-
mechanical polyalphabetic cipher to protect sensitive
communications. Breaking the Enigma cipher at the Biuro
Szyfrów, and the subsequent large-scale decryption of Enigma
traffic at Bletchley Park, was an important factor contributing
to the Allied victory in WWII.
A credit card with smart card capabilities. The 3 by 5 mm
chip embedded in the card is shown enlarged in the insert.
Smart cards attempt to combine low cost and portability with
the power to compute modern cryptographic algorithms.
 Basic principles of cryptography
• Modern cryptography is heavily based on
mathematical theory and computer science
practice
• Just as the development of digital computers and
electronics helped in cryptanalysis, it made
possible much more complex ciphers.
Furthermore, computers allowed for the
encryption of any kind of data representable in any
binary format, unlike classical ciphers which only
encrypted written language texts; this was new
and significant.
Extensive open academic research into cryptography is relatively
recent; it began only in the mid-1970s. In recent times, IBM
personnel designed the algorithm that became the Federal (i.e.,
US) Data Encryption Standard (DES) ; Whitfield Diffie and Martin
Hellman published their key agreement algorithm and Martin
Gardner published the RSA algorithm. Since then, cryptography
has become a widely used tool in communications, computer
networks, and computer security.
Some modern cryptographic techniques can only keep their keys
secret if certain mathematical problems are intractable, there
will be deep connections with abstract mathematics.
There are no absolute proofs that a cryptographic technique is
secure but there are proofs that some techniques are secure if
some computational problem is difficult to solve, or this or
that assumption about implementation or practical use is met.
 Modern Cryptography Systems
Substitution Ciphers
Substitution ciphers are the most simple, because they switch one letter for
another, throughout the length of a message. They are easily broken by analyzing the
frequency of letters in the ciphertext and applying the most commonly-used letters in
the appropriate places.

Substitution Ciphers
Substitution ciphers are the most simple, because they switch one letter for
another, throughout the length of a message. They are easily broken by analyzing the
frequency of letters in the ciphertext and applying the most commonly-used letters in
the appropriate places.
 Modern Cryptography Systems
Reciprocal Ciphers
Reciprocal ciphers encompass more cryptography systems, and can make a
system either less secure or more usable. A reciprocal cipher means, just as one
enters the cleartext into the cryptography system to get the ciphertext, one could
enter the ciphertext into the same place in the system to get the clear text. Using
a reciprocal substitution is a form of cryptographic suicide - it makes the cipher
half as difficult to break. However, if Enigma weren't reciprocal, it would have
been significantly more difficult to implement.

Symmetric Ciphers
For a long time, symmetric ciphers were the only form of cryptography available. A
symmetric cipher uses the same key for encryption and decryption. Generally,
symmetric ciphers are no less secure than asymmetric ciphers, since, in most modern
cryptography systems, securing the key is more important than securing the
cryptography system itself.
• Symmetric key ciphers are implemented as either block
ciphers or stream ciphers. A block cipher enciphers input in
blocks of plaintext as opposed to individual characters, the
input form used by a stream cipher.
• The Data Encryption Standard (DES) and the Advanced
Encryption Standard (AES) are block cipher designs which
have been designated cryptography standards by the US
government (though DES's designation was finally
withdrawn after the AES was adopted). Despite its
deprecation as an official standard, DES (especially its still-
approved and much more secure triple-DES variant) remains
quite popular; it is used across a wide range of applications,
from ATM encryption to e-mail privacy and secure remote
access. Many other block ciphers have been designed and
released, with considerable variation in quality.
Stream ciphers, in contrast to the 'block' type,
create an arbitrarily long stream of key
material, which is combined with the plaintext
bit-by-bit or character-by-character.
In a stream cipher, the output stream is created
based on a hidden internal state which
changes as the cipher operates. That internal
state is initially set up using the secret key
material. RCA is a widely used stream cipher.
Cryptographic hash function are a third type of
cryptographic algorithm. They take a message
of any length as input, and output a short,
fixed length hash (which can be used in for
example a digital signature). For good hash
functions, an attacker cannot find two
messages that produce the same hash.
• Symmetric-key cryptosystems use the same key for
encryption and decryption of a message, though a
message or group of messages may have a different
key than others.
• A significant disadvantage of symmetric ciphers is
the key management necessary to use them
securely. Each distinct pair of communicating parties
must, ideally, share a different key, and perhaps
each ciphertext exchanged as well. The number of
keys required increases as the square of the
number of network members, which very quickly
requires complex key management schemes to keep
them all straight and secret.
 Modern Cryptography Systems
Asymmetric Ciphers
In 1976 the notion of public-key (also, more generally, called asymmetric
key) cryptography was proposed in which two different but mathematically
related keys are used—a public key and a private key.

The Keys
The public and private keys have a very special property - they are
complementary to each other. In order to reverse the effects of one key, the other
must be applied to the ciphertext.

The Public Key

The public key is, well, public. It is distributed to anyone and everyone.
Anyone is allowed to see a person's public key.

The Private Key

The private key, as you might expect, is private. It is not distributed at all.
 How They're Used
Securing Message Data
The sender (Alice) of the message has the recipient's (Bob) public key. Alice then
applies that public key to the message and sends it on its way. Anyone receiving the
message will see only garble. Bob, however, has his own private key. He applies this
private key to the ciphertext and voila! the cleartext appears.

Signing a message
Suppose that isn't enough. Suppose Alice wants Bob to be absolutely sure that the
message was sent by her. Merely writing 'Love, Alice' at the bottom of the message
isn't good enough - anyone could write that. How will she guarantee that Bob will
know that she wrote it? By applying her own private key to the message. Anyone
that has her public key will be able to verify that Alice wrote the message. Now, Bob
can rest assured that Alice wrote the message, because it's been encrypted with her
private key. He also knows that only he can read the message, because it's also been
encrypted with his own public key.
 Cryptographic Algorithms
There are of course a wide range of cryptographic algorithms in use. The following
are amongst the most well known:

HASH
A 'hash algorithm' is used for computing a condensed representation of a fixed length
message/file. This is sometimes known as a 'message digest', or a 'fingerprint'..
MD5
MD5 is a hashing algorithm that takes a message of up to 264 bits and reduces it to a digest of 128
bits (16 bytes).
The algorithm is a development of the MD4 algorithm invented by Ronald Rivest and announced
in 1990. Unfortunately, MD4 was flawed, so Rivest made some revisions, and the resulting
algorithm was christened MD5.
Any hashing (or digest) algorithm should be such that, given a digest and the corresponding
message from which it was derived, it should be computationally infeasible to construct a different
message with the same digest.
AES
This is the Advanced Encryption Standard (using the Rijndael block cipher) approved by NIST.