Scribd
Upload
24 views

Cryptography

Uploaded by

Haile Melaku
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
24 views

Cryptography

Uploaded by

Haile Melaku
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 7

What is Cryptography?

 Cryptography is a scientific mix of mathematical theory and computational application


which allows the confidential transfer of information.

Example:

 Alice and Bob wish to perform some form of communication while Eve is an eavesdropper
who wishes to spy on or tamper with the communications between Alice and Bob.

 Cryptography is concerned with four facets of data transfer

Confidentiality
A message sent from Alice to Bob cannot be read by anyone else.
Authenticity
Bob knows that only Alice could have sent the message he has just received.
Integrity
Bob knows that the message from Alice has not been tampered with in transit.
Non-Repudiation
It is impossible for Alice to turn around later and say she did not send the message.

Model of Cryptography
Plaintext : Cleartext or original message
Ciphertext : Message in encrypted form
Cipher - Algorithm for transforming plaintext to ciphertext
Key - Info used in cipher known only to sender/receiver
Encryption : Process of converting Plaintext to ciphered text
Decryption : Process of converting ciphered to Plaintext text
Cryptosystem : System for encryption and decryption of information
Symmetric Cryptography : If the key is same for both encryption and decryption
Asymmetric Cryptography : If the key is not same for both encryption and decryption

Requirements
There are two requirements for secure use of conventional encryption that
mean we assume that it is impractical to decrypt a message on the basis of
the cipher- text plus knowledge of the encryption/decryption algorithm, and
hence do not need to keep the algorithm secret; rather we only need to keep
the key secret. This feature of symmetric encryption is what makes it feasible
for widespread use. It allows easy distribution of s/w and h/w implementations.

Mathematically have:

Y = E(K, X)

X = D(K, Y)

Where Xplaintext

Y ciphertext

Kkey

E encryption algorithm

D decryption algorithm

Cryptographic systems are generically classified along three independent dimensions:


The type of operations used for transforming plaintext to ciphertext
Substitution
Each element in the plaintext is mapped into another element
Transposition
Elements in the plaintext are rearranged
Fundamental requirement is that no information be lost
Product systems
Involve multiple stages of substitutions and transpositions

The number of keys used


Referred to as symmetric, single-key, secret-key, or conventional encryption if both sender and receiver use the
same key
Referred to as asymmetric, two-key, or public-key encryption if the sender and receiver each use a different key

The way in which the plaintext is processed


Block cipher processes the input one block of elements at a time, producing an output block for each input block
Stream cipher processes the input elements continuously, producing output one element at a time, as it goes
along

Symmetric Encryptionpri

Symmetric encryption, also referred to as conventional encryption or single-key encryption, was


the only type of encryption in use prior to the development of public-key encryption in the 1970s.

It remains by far the most widely used of the two types of encryption.

All traditional schemes are symmetric / single key / private-key encryption algorithms, with a
single key, used for both encryption and decryption. Since both sender and receiver are
equivalent, either can encrypt or decrypt messages using that common key.

Symmetric Cipher Model


Detail the five ingredients of the symmetric cipher model, shown in Figure :

Plaintext - original message

Encryption Algorithm – performs substitutions/transformations on plaintext

Secret Key – control exact substitutions/transformations used in encryption


algorithm

Cipher text - scrambled message

Decryption Algorithm – inverse of encryption algorithm


Cryptanalysis

Process of attempting to discover plaintext or key


Typically objective is to recover the key in use rather then simply to recover the plaintext of a
single ciphertext. There are two general approaches:

 Cryptanalytic attack (knowledge): Relies on the nature of the algorithm plus perhaps
some knowledge of the general characteristics of the plaintext or even some sample plaintext-
ciphertext pairs. This type of attack exploits the characteristics of the algorithm to attempt to
deduce a specific plaintext or to deduce the key being used.
 Brute-force attack (every possible key) : Try every possible key on a piece of
ciphertext until an intelligible translation into plaintext is obtained. On average, half of all
possible keys must be tried to achieve success.

If either type of attack succeeds in deducing the key, the effect is catastrophic: All future and past
messages encrypted with that key are compromised.

Cryptanalysis and Attacks


According to Diffie and Hellman Skill in the production of cryptanalysis has always been heavily on
the side of the professionals, but innovation, particularly in the design of new types of
cryptographic systems, has come primarily from amateurs.

Among the types of attacks are

1. Ciphertext only attacks


A ciphertext only attack (COA) is a case in which only the encrypted message is available for
attack, but because the language is known a frequency analysis could be attempted. In this
situation the attacker does not know anything about the contents of the message, and must work
from ciphertext only.
2. Known plaintext attacks
In a known plaintext attack (KPA) both the plaintext and matching ciphertext are available for use
in discovering the key.
The attacker knows or can guess the plaintext for some parts of the ciphertext. For example,
maybe all secure login sessions begin with the characters LOGIN, and the next transmission may
be PASSWORD. The task is to decrypt the rest of the ciphertext blocks using this information.
This may be done by determining the key used to encrypt the data, or via some shortcut.

3. Chosen plaintext attacks


A chosen plaintext attack (CPA) occurs when the attacker gains access to the target encryption
device - if, for example, it is left unattended. The attacker then runs various pieces of plaintext
though the device for encryption. This is compared to the plaintext to attempt to derive the key.
In an adaptive chosen plaintext attack (ACPA), the attacker not only has access to the plaintext
and its encryption, but can adapt or modify the chosen plaintext as needed based on results of the
previous encryptions.
4. Chosen ciphertext attacks
In a chosen ciphertext attack (CCA), the cryptanalyst can choose different ciphertexts to be
decrypted and has access to the decrypted plaintext.
This type of attack is generally applicable to attacks against public key cryptosystems. An
adaptive chosen ciphertext attack involves the attacker selecting certain ciphertexts to be
decrypted, then using the results of these decryptions to select subsequent ciphertexts. The
modifications in the ciphertext help in deciphering the key from the decryptions.

5. Man-in-the-middle attacks
Cryptographic communications and key exchange protocols are susceptible to an attack in which
the attacker is able to place himself on the communication line between two parties.

In this "man-in-the-middle attack" the attacker is able to position himself to intercept the key
exchange between two parties. He performs his own key exchange with each. Then, with both
parties thinking they have set up a secure channel, the attacker decrypts any communications
with the proper key, and encrypts them with the other key for sending to the other party. The
parties think that they are communicating securely, but in fact the adversary is reading everything.

Preventing a man-in-the-middle attacks is possible if both sides compute a cryptographic hash


function of the key exchange, sign it using a digital signature algorithm, and send the signature to
the other side. The recipient then verifies that the hash matches the locally computed hash and
the signature came from the desired other party.

TYPES OF CRYPTOGRAPHIC ALGORITHMS


There are several ways of classifying cryptographic algorithms. They will be categorized
based on the number of keys that are employed for encryption and decryption, and further
defined by their application and use. The three types of algorithms

Secret Key Cryptography (SKC): Uses a single key for both encryption and decryption;
also called symmetric encryption. Primarily used for privacy and confidentiality.

Public Key Cryptography (PKC): Uses one key for encryption and another for decryption;
also called asymmetric encryption. Primarily used for authentication, non-repudiation, and
key exchange.

Hash Functions: Uses a mathematical transformation to irreversibly "encrypt" information,


providing a digital fingerprint. Primarily used for message integrity.

You might also like

pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy