COMP1806: Information Security

Lecture 7 – Introduction to Cryptography

Dr Sakshyam Panda
Centre for Sustainable Cyber Security
s.panda@greenwich.ac.uk

15th November 2024

COMP1806: Information Security

Motivation
◉ So far you have learned
➢ Information security, threat actors and attacks
➢ The need and planning for information security
➢ Security and Privacy for Machine Learning
➢ Risk assessment
➢ Designing secure systems
➢ Defences, Controls, Planning, and Investment
◉ Today
➢ How to achieve secure information exchange?
❖ Cryptography

COMP1806: Information Security 2

Overview

COMP1806: Information Security

Cryptography
◉ The main goal of cryptography is to ensure
➢ Data confidentiality (privacy)
➢ Data integrity (it has not been modified on the way)
➢ Data authenticity (it came from where it claims)

COMP1806: Information Security 4

Confidentiality
◉ The meaning of a message is concealed by encoding it
◉ The sender encrypts the message using a cryptographic key
◉ The recipient decrypts the message using a cryptographic key
that may or may not be the same as the one used by the
sender

COMP1806: Information Security 5

Integrity
◉ Integrity ensures that the message received is the same as the
message that was sent
➢ Uses hashing to create a unique message digest from the
message that is sent along with the message
➢ Recipient uses the same technique to create a second
digest from the message to compare to the original one
◉ This technique only protects against unintentional alteration
of the message
◉ A variation is used to create digital signatures to protect
against malicious alteration

COMP1806: Information Security 6

Authenticity
◉ A user or system can prove their identity to another who does
not have personal knowledge of their identity
◉ Accomplished using digital certificates
◉ Kerberos is a common cryptographic authentication system

COMP1806: Information Security 7

 Context

COMP1806: Information Security

Friends and enemies: Alice, Bob, Trudy
◉ Well-known in network security world
◉ Bob, Alice (lovers!) want to communicate “securely”
◉ Eve (or Trudy, intruder) may intercept, delete, add messages

Alice Bob
channel data, control
messages

data secure secure data

sender receiver

Eve
COMP1806: Information Security 9
The language of cryptography

Alice’s Bob’s
K encryption K decryption
A
key B key

plaintext encryption ciphertext decryption plaintext

algorithm algorithm

◉ symmetric key crypto [Focus of this lecture]

➢ sender and receiver keys are same/identical
◉ asymmetric/public-key crypto [Next lecture]
➢ encryption key (public)
➢ decryption key secret (private)

COMP1806: Information Security 10

Computationally secure encryption scheme

◉ Encryption is computationally secure iff

➢ Cost of breaking cipher exceeds value of information
➢ Time required to break cipher exceeds the useful
lifetime of the information
◉ Usually very difficult to estimate the amount of
effort required to break

COMP1806: Information Security 11

Symmetric key cryptography

COMP1806: Information Security

Symmetric encryption
◉ Scenario
➢ Alice wants to send a message (plaintext P) to Bob.
➢ The communication channel is insecure and can be eavesdropped
➢ If Alice and Bob have previously agreed on a symmetric encryption
scheme and a secret key K, the message can be sent encrypted
(ciphertext C)
◉ Issues
➢ What is a good symmetric encryption scheme?
➢ What is the complexity of encrypting/decrypting?
➢ What is the size of the ciphertext, relative to the plaintext?

P encrypt C decrypt P

K K
COMP1806: Information Security 13
Basics
◉ Notation
➢ Secret key K

➢ Encryption function EK(P)

➢ Decryption function DK(C)

➢ Plaintext length typically the same as ciphertext length

➢ Encryption and decryption are one-one mapping functions

on the set of all n-bit arrays

◉ Efficiency
➢ functions EK and DK should have efficient algorithms

◉ Consistency
➢ Decrypting the ciphertext yields the plaintext

➢ DK(EK(P)) = P

COMP1806: Information Security 14

Symmetric encryption elements
◉ Plaintext
◉ Encryption algorithm
◉ Secret key
◉ Ciphertext (encrypted text)
◉ Decryption algorithm

COMP1806: Information Security 15

Symmetric cryptography requirements

◉ Two requirements for secure use of symmetric encryption

1. a strong encryption algorithm
2. a secret key known only to sender / receiver
❖ Y = EK(X)
❖ X = DK(Y)
◉ Assume encryption algorithm is known
◉ Implies a secure channel to distribute key

COMP1806: Information Security 16

 Symmetric protocol workflow
◉ Symmetric Key cryptographic algorithms use a secret known
to the authorized parties called a “key”. Encryption and
Decryption use the same key.
➢ The transformations are simple and fast enough for practical use and
implementation
➢ “Keyspace” large enough to protect against exhaustive search
➢ The encryption algorithm must be efficiently invertible
➢ Two major types: Stream ciphers and Block ciphers
Plaintext (P) Encrypt Ciphertext (C)
Ek(P)
Key (k)
Ciphertext (C) Decrypt Plaintext (P)
Dk(P)
Key (k)

COMP1806: Information Security 17

Key distribution

Key
1. Host sends packet requesting connection. distribution
2. Security service buffers packet; asks center
KDC for session key.
3. KDC distributes session key to both hosts.
4. Buffered packet transmitted.

Application Application
2
1

Security Security
service service
4
HOST HOST
Network

Figure 20.10 Automatic Key Distribution for Connection-Oriented Protocol

COMP1806: Information Security 18

Attacks
Attacker may have Plaintext Encryption Ciphertext
◉ Hi, Algorithm
Bob.

collection of ciphertexts
(a) Don’t
a) invite
Eve to key
(ciphertext only attack)
the
party!
Love,
Alice Eve
b) collection of plaintext/ciphertext Plaintext Encryption Ciphertext
Hi, Algorithm
pairs (known plaintext attack) (b)
Bob.
Don’t
invite
key
c) collection of plaintext/ciphertext Eve to
the
party!

pairs for plaintexts selected by Love,

Alice
Eve
Plaintext Ciphertext
the attacker (chosen plaintext ABCD
EFG
Encryption
Algorithm
(c)
attack) HIJKL
MNO
PQRS key
TUV
d) collection of plaintext/ciphertext WXYZ
.

pairs for ciphertexts selected by Plaintext Encryption

Eve Ciphertext
IJCGA Algorithm
the attacker (chosen ciphertext (d)
, CAN
DO
001101
HIFFA 110111
attack) GOT
TIME.
key

Eve
Eve

COMP1806: Information Security 19

Brute-Force Attack
◉ Try all possible keys K and determine if DK(C) is a likely plaintext
➢ Requires some knowledge of the structure of the plaintext (e.g., PDF
file or email message)
◉ Key should be a sufficiently long random value to make exhaustive search
attacks infeasible

COMP1806: Information Security 20

Symmetric key ciphers

COMP1806: Information Security

Classical cryptography
◉ Transposition Cipher
◉ Substitution Cipher
➢ Simple substitution cipher (Caesar cipher)
➢ Vigenere cipher
➢ One-time pad

COMP1806: Information Security 22

Transposition cipher
◉ Write plaintext in two rows
◉ Generate ciphertext in column order

◉ Example: “HELLOWORLD”

HLOOL
ELWRD
ciphertext: HLOOLELWRD

Problem: does not affect the frequency of individual symbols

COMP1806: Information Security 23

Substitution ciphers
◉ Each letter is uniquely
replaced by another.
▪ One popular
substitution “cipher” for
◉ There are 26! possible
substitution ciphers for some Internet posts is
English language. ROT13.

COMP1806: Information Security 24

Simple Substitution cipher
Substituting one thing for another
➢ Simplest one: monoalphabetic cipher:
❖ substitute one letter for another (Caesar Cipher)

ABCDEFGHIJKLMNOPQRSTUVWXYZ

DEF GH IJ KLMNO PQ RSTUVWXYZABC

COMP1806: Information Security 25

Vigenere cipher
◉ Idea: Uses Caesar's cipher with various different shifts, in
order to hide the distribution of the letters.
◉ A key defines the shift used in each letter in the text
◉ A key word is repeated as many times as required to become
the same length

Plain text: I a t t a c k
Key: 2342342 (key is “234”)
Cipher text: K d x v d g m

COMP1806: Information Security 26

Problem of Vigenere cipher
◉ Vigenere is easy to break (Kasiski, 1863):
◉ Assume we know the length of the key. We can organise the
ciphertext in rows with the same length of the key. Then,
every column can be seen as encrypted using Caesar's cipher.

◉ The length of the key can be found using several methods:

➢ 1. If short, try 1, 2, 3, . . . .
➢ 2. Find repeated strings in the ciphertext. Their distance is expected to
be a multiple of the length.

COMP1806: Information Security 27

One-time pads
◉ Extended from Vigenere cipher
➢ Key Length: The key must be at least as long as the message itself.
➢ Key Randomness: The key must be completely random, with each bit
or character having an equal probability of being either value (0 or 1 in
binary, for instance).
➢ Key Uniqueness: The key must be used only once and then discarded.
Reusing the key for multiple messages can lead to vulnerabilities.

◉ There is one type of substitution cipher that is unbreakable.

➢ We use a block of shift keys, (k1, k2, . . . , kn), to encrypt a plaintext, M,
of length n, with each shift key being chosen uniformly at random.

◉ Since each shift is random, every ciphertext is equally likely

for any plaintext.

COMP1806: Information Security 28

Weaknesses of the one-time pad
◉ The key has to be as long as
the plaintext
◉ Keys can never be reused
➢ Repeated use of one-

time pads allowed the

U.S. to break some of the
communications of
Soviet spies during the
Cold War.

COMP1806: Information Security 29

 Block ciphers

◉ In a block cipher:
➢ Plaintext and ciphertext have fixed length b (e.g., 128 bits)
➢ A plaintext of length n is partitioned into a sequence of m
blocks, P[0], …, P[m-1], where n = bm
◉ Each message is divided into a sequence of blocks and
encrypted or decrypted in terms of its blocks.

Requires padding
with extra bits.
Plaintext

Blocks of
plaintext

COMP1806: Information Security 30

Padding
◉ Block ciphers require the length n of the plaintext to be a multiple of
the block size b
◉ Padding the last block needs to be unambiguous (cannot just add
zeroes)
◉ Example for b = 128 (16 bytes)
➢ Plaintext: “Roberto” (7 bytes)
➢ Padded plaintext: “Roberto999999999” (16 bytes), where 9
denotes the number and not the character
◉ We need to always pad the last block, which may consist only of
padding

COMP1806: Information Security 31

Cipher modes
Block cipher modes
➢ encrypt data in fixed-size blocks (commonly 64 or 128 bits) where
each block is encrypted independently

Stream cipher modes

➢ encrypt data one bit or byte at a time by combining it with a
pseudorandom keystream, usually generated in sync with the plaintext

COMP1806: Information Security 32

Symmetric key cryptography
techniques

COMP1806: Information Security

Block ciphers in practice
◉ Data Encryption Standard (DES)
➢ Developed by IBM and adopted by NIST in 1977
➢ 64-bit blocks and 56-bit keys
➢ Small key space makes exhaustive search attack feasible since late 90s
◉ Triple DES (3DES)
➢ Nested application of DES with three different keys KA, KB, and KC
➢ Effective key length is 168 bits, making exhaustive search attacks unfeasible
➢ C = EKC(DKB(EKA(P))); P = DKA(EKB(DKC(C)))
➢ Equivalent to DES when KA=KB=KC (backward compatible)
◉ Advanced Encryption Standard (AES)
➢ Selected by NIST in 2001 through open international competition and public
discussion
➢ 128-bit blocks and several possible key lengths: 128, 192 and 256 bits
➢ Exhaustive search attack not currently possible
➢ AES-256 is the symmetric encryption algorithm of choice

COMP1806: Information Security 34

Symmetric key cryptography: DES
◉ encrypts data in blocks of 64 bits
each, meaning it divides the input
data into blocks of 64 bits and
encrypts each block separately.

◉ involves multiple rounds of

permutation and substitution.

COMP1806: Information Security 35

The Advanced Encryption Standard (AES)
◉ In 1997, the U.S. National Institute for Standards and Technology
(NIST) put out a public call for a replacement to DES.

◉ AES is a block cipher that operates on 128-bit blocks. It is designed to

be used with keys that are 128, 192, or 256 bits long, yielding ciphers
known as AES-128, AES-192, and AES-256.

COMP1806: Information Security 36

 AES round structure
Key Sizes: AES can use keys of 128, 192, or 256
bits. Let's consider 128-bit keys.

◉ Block Size: AES encrypts data in 128-bit blocks.

◉ Rounds of Encryption: The number of rounds

depends on the key size. For a 128-bit key,
there are 10 rounds of processing.

◉ Round i (i = 1, …, 10) receives state X i-1 as input

and produces state Xi.

◉ The ciphertext C is the output of the final

round: C = X10.

COMP1806: Information Security 37

Average time required for exhaustive key search
Average time required for key search

Number of Time Required

Key size Alternative Time Required at 109 at 1013
(bits) Cipher Keys decryptions/s decryptions/s
56 DES 256 ≈ 7.2 ´ 1016 255 ns = 1.125 years 1 hour
AES 2127 ns = 5.3 ´ 1021
128 2128 ≈ 3.4 ´ 1038 5.3 ´ 1017 years
years
Triple DES 2168 ≈ 3.7 ´ 1050 2167 ns = 5.8 ´ 1033 5.8 ´ 1029 years
168
years
192 AES 2192 ≈ 6.3 ´ 1057 2191 ns = 9.8 ´ 1040 9.8 ´ 1036 years
years
256 AES 2256 ≈ 1.2 ´ 1077 2255 ns = 1.8 ´ 1060 1.8 ´ 1056 years
years

25

COMP1806: Information Security 38

Summary

Cryptography is classified along

three independent dimensions:
The type of The number of keys The way in which the
operations used for used plaintext is processed
transforming plaintext • Sender and receiver use • Block cipher – processes
to ciphertext same key – symmetric input one block of
• Substitution – each • Sender and receiver each elements at a time
element in the plaintext is use a different key - • Stream cipher –
mapped into another asymmetric processes the input
element elements continuously
• Transposition – elements
in plaintext are rearranged

COMP1806: Information Security 39

References
◉ Whitman, M. E., & Mattord, H. J. (2017). Principles of information security.
Cengage Learning, 6th edition – Chapters 8

A few slides are adapted from the slides copyrighted by

◉ Jim Kurose & Keith Ross. Computer Networking: A Top-Down Approach
Featuring the Internet, 5th edition, Addison-Wesley, Pearson Education
2010.
◉ Stallings, W., & Brown, L. (2018). Computer Security, Principles and
Practice, 4th edition.

COMP1806: Information Security 40

End of Lecture 7

Thank You

COMP1806: Information Security