Cryptography

Cryptography is the art of secret writing. More generally, people think of cryptography as the art
of mangling information into apparent unintelligibility in a manner allowing a secret method of
unmangling. The basic service provided by cryptography is the ability to send information
between participants in a way that prevents others from reading it. In this book we will
concentrate on the kind of cryptography that is based on representing information as numbers and
mathematically manipulating those numbers. This kind of cryptography can provide other ser-
vices, such as
• Integrity checking—reassuring the recipient of a message that the message has not been altered
since it was generated by a legitimate source

• Authentication—verifying someone’s (or something’s) identity

A message in its original form is known as plaintext or cleartext. The mangled information is
known as ciphertext. The process for producing ciphertext from plaintext is known as
encryption. The reverse of encryption is called decryption.

Encryption decryption
Plaintext ciphertext plaintext

While cryptographers invent clever secret codes, cryptanalysts attempt to break these codes.
These two disciplines constantly try to keep ahead of each other.

Cryptographic systems tend to involve both an algorithm and a secret value. The secret value
is known as the key. The reason for having a key in addition to an algorithm is that it is
difficult to keep devising new algorithms that will allow reversible scrambling of
information, and it is difficult to quickly explain a newly devised algorithm to the person with
whom you’d like to start communicating securely. With a good cryptographic scheme it is
perfectly OK to have everyone, including the bad guys (and the cryptanalysts) know the
algorithm because knowledge of the algorithm without the key does not help unmangle the
information.
The concept of a key is analogous to the combination for a combination lock. Although the
concept of a combination lock is well known (you dial in the secret numbers in the correct
sequence and the lock opens), you can’t open a combination lock easily without knowing the
combination.

MODERN CRYPTOGRAPHY
Cryptography is the art and science of making a cryptosystem that is capable of providing
information security.
Cryptography deals with the actual securing of digital data. It refers to the design of
mechanisms based on mathematical algorithms that provide fundamental information security
services. You can think of cryptography as the establishment of a large toolkit containing
different techniques in security applications.

Characteristics of Modern Cryptography

There are three major characteristics that
separate modern cryptography from the
classical approach.
Classic Cryptography Modern Cryptography
 It manipulates traditional  It operates on binary bit
characters, sequences.
i.e., letters and digits directly.
 It relies on publicly known
 It is mainly based on ‘security mathematical algorithms for
through coding
obscurity’. The techniques  the information. Secrecy is
employed for obtained
 coding were kept secret and only  through a secrete key which is
the used
 parties involved in  as the seed for the algorithms.
communication The
 knew about them.  computational difficulty of
algorithms,
 absence of secret key, etc., make it
 impossible for an attacker to obtain
 theoriginal information even if he
 knows the algorithm used for coding.
 It requires the entire cryptosystem  Modern cryptography requires
for parties
 communicating confidentially.  interested in secure
communication
 to possess the secret key only.

Context of Cryptography
Cryptology, the study of cryptosystems, can be subdivided into two branches:
• Cryptography

• Cryptanalysis

Cryptanalysis
The art and science of breaking the cipher text is known as cryptanalysis.
Cryptanalysis is the sister branch of cryptography and they both co-exist. The cryptographic
process results in the cipher text for transmission or storage. It involves the study of
cryptographic mechanism with the intention to break them. Cryptanalysis is also used during
the design of the new cryptographic techniques to test their security strengths.

Note: Cryptography concerns with the design of cryptosystems, while cryptanalysis studies
the breaking of cryptosystems.

Security Services of Cryptography

The primary objective of using cryptography is to provide the following four fundamental
information security services. Let us now see the possible goals intended to be fulfilled by
cryptography.
Confidentiality
Confidentiality is the fundamental security service provided by cryptography. It is a security
service that keeps the information from unauthorized person. It is sometimes referred to as
Privacy or secrecy. Confidentiality can be achieved through numerous means starting from
physical securing to the use of mathematical algorithms for data encryption.

Data Integrity
It is security service that deals with identifying any alteration to the data. The data may get
modified by an unauthorized entity intentionally or accidently. Integrity service confirms that
whether data is intact or not since it was last created, transmitted, or stored by an authorized user.
Data integrity cannot prevent the alteration of data, but provides a means for detecting whether
data has been manipulated in an unauthorized manner.

Authentication
Authentication provides the identification of the originator. It confirms to the receiver that the
data received has been sent only by an identified and verified sender. Authentication service has
two variants:

1. Message authentication identifies the originator of the message without any regard router or
system that has sent the message.

2. Entity authentication is assurance that data has been received from a specific entity, say a
particular website.
Apart from the originator, authentication may also provide assurance about other parameters
related to data such as the date and time of creation/transmission.

Non-repudiation
It is a security service that ensures that an entity cannot refuse the ownership of a previous
commitment or an action. It is an assurance that the original creator of the data cannot deny the
creation or transmission of the said data to a recipient or third party.
Non-repudiation is a property that is most desirable in situations where there are chances of a
dispute over the exchange of data. For example, once an order is placed electronically, a
purchaser cannot deny the purchase order, if non-repudiation service was enabled in this
transaction.

Cryptography Primitives
Cryptography primitives are nothing but the tools and techniques in Cryptography that can be
selectively used to provide a set of desired security services:
 Encryption

 Hash functions

 Message Authentication codes (MAC)

 Digital Signatures

The following table shows the primitives that can achieve a particular security service on their
own.

Primitives Encryption Hash MAC Digital

Service Function Signature
Confidentiality Yes No No No
Integrity No Sometimes Yes Yes
Authentication No No Yes Yes
Non No No Sometimes Yes
Reputation

Note: Cryptographic primitives are intricately related and they are often combined to achieve a
set of desired security services from a cryptosystem.

CRYPTOSYSTEM
A cryptosystem is an implementation of cryptographic techniques and their accompanying
infrastructure to provide information security services. A cryptosystem is also referred to as a
cipher system.

Components of a Cryptosystem
The various components of a basic cryptosystem are as follows:
Plaintext. It is the data to be protected during transmission.

Encryption Algorithm. It is a mathematical process that produces a ciphertext for any given
plaintext and encryption key. It is a cryptographic algorithm that takes plaintext and an
encryption key as input and produces a ciphertext.

Ciphertext. It is the scrambled version of the plaintext produced by the encryption algorithm
using a specific the encryption key. The ciphertext is not guarded. It flows on public channel. It
can be intercepted or compromised by anyone who has access to the communication channel.

Decryption Algorithm, It is a mathematical process, that produces a unique plaintext for any
given cipher text and decryption key. It is a cryptographic algorithm that takes a cipher text and a
decryption key as input, and outputs a plaintext. The decryption algorithm essentially reverses the
encryption algorithm and is thus closely related to it.

Encryption Key. It is a value that is known to the sender. The sender inputs the encryption key
into the encryption algorithm along with the plaintext in order to compute the ciphertext.

Decryption Key. It is a value that is known to the receiver. The decryption key is related to the
encryption key, but is not always identical to it. The receiver inputs the decryption key into the
decryption algorithm along with the cipher text in order to compute the plaintext.
For a given cryptosystem, a collection of all possible decryption keys is called a key space.

An interceptor (an attacker) is an unauthorized entity who attempts to determine the plaintext.
He can see the cipher text and may know the decryption algorithm. He, however, must never
know the decryption key.
AUTHENTICATION REQUIREMENTS
In the context of communication across a network, the following attacks can be identified:
1. Disclosure: – releases of message contents to any person or process not possessing the
appropriate cryptographic key.
2. Traffic analysis: – discovery of the pattern of traffic between parties.
3. Masquerade: – insertion of messages into the network fraudulent source.
4. Content modification: – changes to the content of the message, including insertion
deletion, transposition and modification.
5. Sequence modification: – any modification to a sequence of messages between parties,
including insertion, deletion and reordering.
6. Timing modification: – delay or replay of messages.
7. Source repudiation: – denial of transmission of message by source.
8. Destination repudiation: – denial of transmission of message by destination.
easures to deal with first two attacks are in the realm of message confidentiality. Measures to
deal with 3 through 6 are regarded as message authentication. Item 7 comes under digital
signature and dealing with item 8 may require a combination of digital signature and a
protocol to counter this attack.

AUTHENTICATION FUNCTIONS
Any message authentication or digital signature mechanism can be viewed as having
fundamentally two levels. At the lower level, there may be some sort of function that
produces an authenticator: a value to be used to authenticate a message. This lower layer
function is then used as primitive in a higher-layer authentication protocol that enables a
receiver to verify the authenticity of a message.

The different types of functions that may be used to produce an authenticator are as follows:
Message encryption – the cipher text of the entire message serves as its authenticator.
Message authentication code (MAC) – a public function of the message and a secret key
that produces a fixed length value serves as the authenticator.
Hash function – a public function that maps a message of any length into a fixed length hash
value, which serves as the authenticator.
Message encryption -Message encryption by itself can provide a measure of authentication.
The analysis differs from symmetric and public key encryption schemes.

MESSAGE AUTHENTICATION CODE (MAC)

An alternative authentication technique involves the use of secret key to generate a small
fixed size block of data, known as cryptographic checksum or MAC that is appended to the
message.
This technique assumes that two communication parties say A and B, share a common secret
key ‘k’. When A has to send a message to B, it calculates the MAC as a function of the
message and the key.

MAC = C K(M) Where M – input message

C – MAC function
K – Shared secret key
+MAC - Message Authentication Code
The message plus MAC are transmitted to the intended recipient. The recipient performs the
same calculation on the received message, using the shared secret key, to generate a new
MAC. The received MAC is compared to the calculated MAC. If it is equal, then the message
is considered authentic.
A MAC function is similar to encryption. One difference is that MAC algorithm need not be
reversible, as it must for decryption. In general, the MAC function is a many- to-one
function.

H A S H FUNCTIONS
A variation on the message authentication code is the one way hash function. As with MAC,
a hash function accepts a variable size message M as input and produces a fixed-size output,
referred to as hash code H(M). Unlike a MAC, a hash code does not use a key but is a
function only of the input message. The hash code is also referred to as a message digest or
hash value. There are varieties of ways in which a hash code can be used to provide message
authentication, as follows:
a) The message plus the hash code is encrypted using symmetric encryption. This is
identical to that of internal error control strategy. Because encryption is applied to the
entire message plus the hash code, confidentiality is also provided.
b) Only the hash code is encrypted, using symmetric encryption. This reduces the
processing burden for those applications that do not require confidentiality.
c) This technique uses a hash function, but no encryption for message authentication.
This technique assumes that the two communicating parties share a common secret
value ‘S’. The source computes the hash value over the concatenation of M and S and
appends the resulting hash value to M.

d) Confidentiality can be added to the previous approach by encrypting the entire

message plus the hash code.

A hash value h is generated by a function H of the form h = H(M)

Where M is a variable-length message and H(M) is the fixed-length hash value. The hash
value is appended to the message at the source at a time when the message is assumed or
known to be correct. The receiver authenticates that message by re-computing the hash value.

Requirements for a Hash Function

1. H can be applied to a block of data of any size.
2. H produces a fixed-length output.
3. H(x) is relatively easy to compute for any given x, making both hardware and software
implementations practical.
4. For any given value h, it is computationally infeasible to find x such that H(x) =h. This is
sometimes referred to in the literature as the one-way property.
5. For any given block x, it is computationally infeasible to find y x such that H(y) = H(x).
This is sometimes referred to as weak collision resistance.
6. It is computationally infeasible to find any pair (x, y) such that H(x) = H(y). This is
sometimes referred to as strong collision resistance.
NOTE
 The first three properties are requirements for the practical application of a hash
function to message authentication.
 The fourth property, the one-way property, states that it is easy to generate a code
given a message but virtually impossible to generate a message given a code.
 The fifth property guarantees that an alternative message hashing to the same value as
a given message cannot be found. This prevents forgery when an encrypted hash code
is used.
 The sixth property refers to the resistant of the hash function.

Cryptographic Attacks
Passive Attacks
Passive attacks are in the nature of eavesdropping on, or monitoring of, transmissions. The
goal of the opponent is to obtain information that is being transmitted. Passive attacks are of
two types:

Release of message contents: A telephone conversation, an e-mail message and a transferred

file may contain sensitive or confidential information. We would like to prevent the opponent
from learning the contents of these transmissions.

Traffic analysis: If we had encryption protection in place, an opponent might still be able to
observe the pattern of the message. The opponent could determine the location and identity of
communication hosts and could observe the frequency and length of messages being
exchanged. This information might be useful in guessing the nature of communication that
was taking place.

Passive attacks are very difficult to detect because they do not involve any alteration of data.
However, it is feasible to prevent the success of these attacks.

Active attacks
These attacks involve some modification of the data stream or the creation of a false stream.
These attacks can be classified in to four categories:

Masquerade – One entity pretends to be a different entity.

Replay – involves passive capture of a data unit and its subsequent transmission to produce
an unauthorized effect.
Modification of messages – Some portion of message is altered or the messages are delayed
or recorded, to produce an unauthorized effect.
Denial of service – Prevents or inhibits the normal use or management of communication
facilities. Another form of service denial is the disruption of an entire network, either by
disabling the network or overloading it with messages so as to degrade performance.

It is quite difficult to prevent active attacks absolutely, because to do so would require

physical protection of all communication facilities and paths at all times. Instead, the goal is
to detect them and to recover from any disruption or delays caused by them.