# Cryptography Ch-1 prepared by: Diwan.

## Presentation on theme: "Cryptography Ch-1 prepared by: Diwan."— Presentation transcript:

Cryptography Ch-1 prepared by: Diwan

Essential Terms Secret writing Cryptography Encryption Decryption
Plain text  Cipher text Decryption Cipher text  Plain text Cryptanalysis Cryptology Secret writing Source:

Basic Terminologies Cryptography deals with creating documents that can be shared secretly over public communication channels Cryptographic documents are decrypted with the key associated with encryption, with the knowledge of the encryptor The word cryptography comes from the Greek words: Krypto (secret) and graphein (write) Cryptanalysis deals with finding the encryption key without the knowledge of the encryptor Cryptology deals with cryptography and cryptanalysis Cryptosystems are computer systems used to encrypt data for secure transmission and storage

Basic Terminologies Keys are rules used in algorithms to convert a document into a secret document Keys are of two types: Symmetric Asymmetric A key is symmetric if the same key is used both for encryption and decryption A key is asymmetric if different keys are used for encryption and decryption

Basic Terminologies Examples: Symmetric key methods
DES 56-bit Triple DES bit AES bit and higher Blowfish bit and higher Asymmetric key methods RSA PGP

Basic Terminologies Plaintext is text that is in readable form
Ciphertext results from plaintext by applying the encryption key Notations: M message, C ciphertext, E encryption, D decryption, k key E(M) = C E(M, k) = C Fact: D(C) = M, D(C, k) = M

Cryptographic Methods
Symmetric Same key for encryption and decryption Key distribution problem Asymmetric Mathematically related key pairs for encryption and decryption Public and private keys Cryptographic Algorithms generally fall into one of two different categories, or are a combination of both. Symmetric Fast Only provide confidentiality Need secure channel for key distribution Key management headaches from large number of key pairs to maintain N(N-1)/2 That’s over 6.3 million key pairs to let all 3556 Purdue A/P staff members exchange encrypted messages To do the same for all students would require over half a billion key pairs! Examples: DES, AES, Blowfish, RC4, RC5 Asymmetric Large mathematical operations make it slower than symmetric algorithms No need for out of band key distribution (public keys are public!) Scales better since only a single key pair needed per individual Can provide authentication and nonrepudiation Examples: RSA, El Gamal, ECC, Diffie-Hellman

Cryptographic Methods
Hybrid Combines strengths of both methods Asymmetric distributes symmetric key Also known as a session key Symmetric provides bulk encryption Example: SSL negotiates a hybrid method A hybrid cryptosystem is the best of both worlds. In this case, an asymmetric encryption scheme is used to transmit a generated symmetric key to the other party, then that key is used for all further communications. This combines the scalability and key management features of the asymmetric algorithms with the speed of symmetric ones. The Secure Sockets Layer (SSL) protocol negotiates which asymmetric and symmetric algorithms to use in a hybrid system to protect TCP connections, such as an HTTP connection between a web browser and web server.

Types of Secret Writing
Steganography Cryptography

Basic Terminologies Steganography is the method of hiding secret messages in an ordinary document Steganography does not use encryption Steganography does not increase file size for hidden messages Example: select the bit patterns in pixel colors to hide the message

Steganography Hiding a message within another medium, such as an image
No key is required Example Modify color map of JPEG image Invisible ink, hidden tattoos, and microdots are all examples of steganography. By taking a color digital image and slightly altering the color of each pixel, you can hide a message in the image without noticeably altering the appearance. The receiver can then extract the message if they have the original, unaltered image.

Steganography Steganography – covered writing – is an art of hiding information Popular contemporary steganographic technologies hide information in images New York Times, August 3rd, 2001

Hiding information in pictures
Image in which to hide another image Image to hide within the other image

Types of Cryptography Stream-based Ciphers Block Ciphers
One at a time, please Mixes plaintext with key stream Good for real-time services Block Ciphers Amusement Park Ride Substitution and transposition Stream Ciphers are fast and easy to implement in hardware. Block ciphers are stronger, but slower and often implemented in hardware.

Types of Secret Writing
Steganography Cryptography Substitution Transposition Mon alphabetic Polyalphabetic

Encryption Systems Substitution Cipher Transposition Cipher
Convert one letter to another Cryptoquip Transposition Cipher Change position of letter in text Word Jumble Monoalphabetic Cipher Caesar Polyalphabetic Cipher Vigenère Substitution Cipher: Replacing one letter with another Transposition Cipher: World Jumble. Rearranging or reordering the letters within a message Monoalphabetic Cipher: Algorithm that substitutes one letter in the ciphertext alphabet for one in the plaintext alphabet

Public Key Cryptography
Private (symmetric, secret) key – the same key used for encryption/decryption Problem of key distribution Public (asymmetric) key cryptography – a public key used for encryption and private key for decryption Key distribution problem solved

Currently Available Crypto Algorithms (private key)
DES (Data Encryption Standard) and derivatives: double DES and triple DES IDEA (International Data Encryption Standard) Blowfish RC5 (Rivest Cipher #5) AES (Advance Encryption Standard)

Currently Available Crypto Algorithms (public key)
RSA (Rivest, Shamir, Adleman) DH (Diffie-Hellman Key Agreement Algorithm)

Hashing Algorithms MD5 SHA-1 Computes 128-bit hash value
Widely used for file integrity checking SHA-1 Computes 160-bit hash value MD-5 is based on MD-4 and was created to address vulnerabilities found in MD-4. MD5 generates 128-bit hash values over 512-bit blocks in 4 rounds of 16 steps each. SHA-1 also operates on 512-bit blocks, but produces a 160-bit hash value in 4 rounds of 20 steps each.