Introduction to Computer Technology

Cryptography

Group Members:
Muhammad Abdullah [FA19-BCS-033]
Abdul Raheem [FA19-BCS-108]
Emaan Asif [FA19-BCS-116]
 Emaan Asif
FA19-BCS-116
Secure Communication
Needs and Requirements
• Well established needs for secure communication
– War time communication
– Business transactions

• Requirements of secure communication

1. Secrecy
– Only intended receiver understands the message
2. Authentication
– Sender and receiver need to confirm each others identity
3. Message Integrity
– Ensure that their communication has not been altered, either
maliciously or by accident during transmission
Cryptography
Basics
• Cryptography is the science of secret, or hidden
writing
• It has two main Components:
1. Encryption
– Practice of hiding messages so that they can not be read by
anyone other than the intended recipient
2. Authentication & Integrity
– Ensuring that users of data/resources are the persons they claim
to be and that a message has not been altered
Encryption
Cipher
• Cipher is a method for encrypting messages

Plain Text Encryption Cipher Text Decryption Plain Text

Algorithm Algorithm

Key A Key B

• Encryption algorithms are standardized & published

• The key which is an input to the algorithm is secret
– Key is a string of numbers or characters
Encryption
Symmetric Algorithms
• Algorithms in which the key for encryption and
decryption are the same are Symmetric
– Example: Caesar Cipher
• Types:
1. Block Ciphers
– Encrypt data one block at a time (typically 64 bits, or 128 bits)
– Used for a single message
2. Stream Ciphers
– Encrypt data one bit or one byte at a time
– Used if data is a constant stream of information
Symmetric Encryption
Key Strength
• Strength of algorithm is determined by the size of the key
– The longer the key the more difficult it is to crack
• Key length is expressed in bits
– Typical key sizes vary between 48 bits and 448 bits
• Set of possible keys for a cipher is called key space
– For 40-bit key there are 240 possible keys
– For 128-bit key there are 2128 possible keys
– Each additional bit added to the key length doubles the security
• To crack the key the hacker has to use brute-force
(i.e. try all the possible keys till a key that works is found)
– Super Computer can crack a 56-bit key in 24 hours
– It will take 272 times longer to crack a 128-bit key
(Longer than the age of the universe)
Substitution Ciphers
Caesar Cipher
• Caesar Cipher is a method in which each letter in the
alphabet is rotated by three letters as shown

ABCDEFGHIJKLMNOPQRSTUVWXYZ

DEFGHIJKLMNOPQRSTUVWXYZABC

• Let us try to encrypt the message

– Attack at Dawn
Substitution Ciphers
Caesar Cipher
Encryption
Plain Text Cipher Text
Cipher:
Message: Caesar Cipher Message:
Attack at Dawn Algorithm Dwwdfn Dw Gdyq

Key (3)
Decryption
Cipher Text Plain Text
Cipher:
Message: Caesar Cipher Message:
Dwwdfn Dw Gdyq Algorithm Attack at Dawn

Key (3)
Muhammad Abdullah
FA19-BCS-033
Substitution Cipher
Monoalphabetic Cipher
• Any letter can be substituted for any other letter
– Each letter has to have a unique substitute

AB CD EFG H I J K LM N OPQRSTUVWXYZ

M NBVC X ZAS D FG HJ KLPO IUYTR EWQ

• There are 26! pairing of letters.

• Brute Force approach would be too time consuming
–
Message: Encrypted
Statistical Analysis would make it feasible to crack the key
Cipher: Message:
Bob, How are you. Monoalphabetic Nkn, s gktc wky.
Alice Cipher mgsbc

Key
 Substitution Cipher
Polyalphabetic Caesar Cipher
• Developed by Blaise de Vigenere
– Also called Vigenere cipher
• Uses a sequence of monoalpabetic ciphers in tandem
– e.g. C1, C2, C2, C1, C2

Plain Text ABCDEFGH I JKLMNOPQRSTUVWXYZ

C1(k=6) F G H I J K L M N O P Q R S T U V W X Y Z A B C D E
C2(k=20) T U V W X Y Z A B C D E F G H I J K L M N O P Q R S

• Example
Message:
Cipher:
Encrypted
Message:
Bob, how are you. Monoalphabetic Gnu, n etox dhz.
Alice Cipher tenvj

Key
 Substitution Cipher
Using a key to shift alphabet
• Obtain a key to for the algorithm and then shift the alphabets
– For instance if the key is word we will shift all the letters by four and
remove the letters w, o, r, & d from the encryption
• We have to ensure that the mapping is one-to-one
– no single letter in plain text can map to two different letters in cipher text
– no single letter in cipher text can map to two different letters in plain text

Plain Text ABCDEFGH I JKLMNOPQRSTUVWXYZ

C1(k=6) WORDABCEFGH I JKLMNPQSTUVXYZ

Message:
Encrypted
Cipher: Message:
Bob, I love you.
??
Alice

WORD
Transposition Cipher
Columnar Transposition
• This involves rearrangement of characters on the plain text into columns
• The following example shows how letters are transformed
– If the letters are not exact multiples of the transposition size there may be a
few short letters in the last column which can be padded with an infrequent
letter such as x or z
Plain Text Cipher Text
T H I S I T S S O H
S A M E S O A N I W
S A G E T H A A S O
O S H O W L R S T O
H O W A C I M G H W
O L U M N U T P I R
A R T R A S E E O A
N S P O S M R O O K
I T I O N I S T W C
W O R K S N A S N S
Symmetric Encryption
Limitations
• Any exposure to the secret key compromises
secrecy of ciphertext
• A key needs to be delivered to the recipient of the
coded message for it to be deciphered
Asymmetric Encryption
Basics
• Uses a pair of keys for encryption
– Public key for encryption
– Private key for decryption
• Messages encoded using public key can only be decoded by
the private key
– Secret transmission of key for decryption is not required
– Every entity can generate a key pair and release its public key

Plain Text Cipher Text Plain Text

Cipher Cipher

Public Key Private Key

Asymmetric Encryption
Types
• Two most popular algorithms are RSA & El Gamal
– RSA
• Developed by Ron Rivest, Adi Shamir, Len Adelman
• Both public and private key are interchangable
• Variable Key Size (512, 1024, or 2048 buts)
• Most popular public key algorithm
– El Gamal
• Developed by Taher ElGamal
• Variable key size (512 or 1024 bits)
• Less common than RSA
 Asymmetric Encryption
Weaknesses
• Efficiency is lower than Symmetric Algorithms
– A 1024-bit asymmetric key is equivalent to 128-bit
symmetric key
• Potential for man-in-the middle attack
• It is problematic to get the key pair generated for the
encryption
Abdul Raheem
FA19-BCS-108
Digital Signature
Technique for Authentication

• A digital signal is equivalent to a handwritten signature.

• It is a verification or kind of authentication process that

enables the sender of the message to attach a code that can
act as a signature.

• It is the electronic verification of the sender, through which

one can verify the integrity of the message that either is
original or has been altered by someone.
Digital Signature
Purpose
• A digital signature is used for the following purposes:

1. Authentication
A digital signature gives the receiver reason to trust that the message was created and
sent by the desired sender. And It is not been altered between the sender and receiver
by any third person.

2. Non_repudaion
With the help of a digital signal, the sender will be unable to deny the fact that he sent
this message. Organizations used it for the transfer of sensitive data.

3. Integrity
A digital signature makes sure that the receiver receives the file in an original format
having a digital signature. It is helpful in software distribution and financial
transactions.
 Digital Signature
Hash Function

Hash Function:

A hash function is a technique or process of converting data of any length to a proper fixed
length. The values that are returned from a hash function are known as hash values, digest
messages or even we can call them hashes. We can use these values to index a fixed-size table
which is also known as Hash Table.

Some commonly used Hash Functions are as follows:

• Message Digest (MD)

• Secure Hash Function (SHA)
• Whirlpool
• RIPEMD

Example:
Full Name: Abdul Raheem

Hash Value(SHA256):
534c6b27548fd6275fdc67b22de3f4bd6449e38c60272dd3a012e661aca17303
Digital Signature
Working
There are two software engineers Bob and Alice living in two different areas and want
to transfer the data with each other.
Bob sends a module having code source to Alice with his digital signature. For digital
signature, Bob used asymmetric cryptography in which Bob generates key pair, public
and private key, and then sent that public key to Alice and kept the private key.
After doing so Bob uses the Hash algorithm to generate the digest of the source code
then he encrypts that digest or hash key with his private key that he generated early and
encrypts the hash key with the private key. This encrypted digest is the digital signature
of the source code that Bob sends to Alice. Then he sends both the source code and
digital signature to Alice. As the source code is not encrypted so Alice does not need to
do anything with the source code rather Alice will focus on digital signature more.
Alice then uses the public key given by Bob to decrypt the digital signature. If she is
able to decrypt that digest, then it means the file is sent by Bob but if she was unable to
decrypt the digital signature with the help of a public key that it clearly tells that the
source code is compromised. 
To check the integrity of the source code Alice will try to Hash the source code at her
end and if the digest or hash code matches with the hash codes of Bob then it means
the file is original and has not been altered.
Digital Signature
Visual Representation
Digital Certificate

A Digital Certificate is usually a file or an electronic "password" that is helpful

to share and receive data securely over the Internet with the help of public key
infrastructure (PKI) or cryptography.
Public key certificate or digital certificate is helpful in the authenticity of
data. It is commonly used by different organizations and individuals for their
security purposes.

Identity
Information

Signature
Sender’s Certificate
Algorithm
Public Key

Certificate
Authority’s
Private Key
Digital Certificate
Purpose

Why we need Digital Certificate?

Digital Signature is very much limited in terms of the size of data and security.
The digital signature is always used in hashed form, and when the receiver
receives it, he performs that same hash algorithm to decrypt the original
message using the public key.

While on the other hand in Digital Certificates the information is checked and
validated by a trusted CA, which gives them a key that gives a chain of trust to
the certificate. As a result, this certificate will help in the authenticity of any
document, for client authentication, or to provide proof of a website’s
credential that all the data stores or transfer through this website are totally
secured and authentic
Thank You
for your
Attention!