First lecture

Introduction to Cryptography
Since the beginning of the universe, humans have needed two basic things:
communication and sharing information with others and communication in a
transitional manner, which led to the rise of the art of encoding messages in a way that
allows only the intended people to understand these messages without others who are
not authorized to do so, even if these people received these messages.
This led to the emergence of “Cryptography”, which is the science of hiding secret and
important data and keeping it safe. The name “Cryptography” came from merging two
Greek words: Krypto, which means to hide, and graphene, which means to write.
History of encryption.
The emergence of cryptography began with the emergence of the art of writing. With
the development of civilizations and the organization of humans into groups of
kingdoms, countries, tribes, and others, which led to the emergence of competition
between these groups over energy, food, drink, and others, it became necessary to have
a method and style in which each group communicates secretly and securely away from
the other group.
Historians differ on the main source of encryption and its emergence. Some of them
trace it back to the Roman civilization, others to the Phoenician civilization, and others
to the ancient Egyptian civilization. However, what is not disputed is that all of these
civilizations had special methods that they used to communicate securely by encrypting
messages.
What is cryptography?
Cryptography: It is a science that studies how to protect data by modifying and
changing it to a form that cannot be used in the event of an unauthorized third party,
and the only way to benefit from this encrypted data is only through decryption

What are the sections of the encryption process?

▪ Data encryption (Encryption):
It is the first section of the process, where the encryption key is used to convert data
from the normal understandable format (plain text) to the encrypted format (cipher
text).

1
▪Data decryption (Decryption):
It is the second section of the process, where a key is used to decrypt to return the data
to its understandable format (plain text) (usually at the receiving end of the data.
Encryption objectives?
1- Authentication
Proof of identity of the data handler (authorized persons).
2- Non-repudiation
Nonrepudiation prevents either sender or receiver from denying a transmitted
message. Thus, when a message is sent, the receiver can prove that the alleged
sender in fact sent the message. Similarly, when a message is received, the
sender can prove that the alleged receiver in fact received the message
3- Data integrity
To protect information from change (deletion, addition, or modification) by
unauthorized persons.
4- Confidentiality
To protect the content of information from all persons except those who have
been authorized to view it.
5- Availability
assures that the resources that need to be accessed are accessible to authorized
parties in the ways they are needed. Availability is a natural result of the other
two concepts (confidentiality and integrity).
Basic Cryptographic Algorithms
A method of encryption and decryption is called a cipher. Some cryptographic methods
rely on the secrecy of the algorithms; such algorithms are only of historical interest and
are not adequate for real-world needs. All modern algorithms use a key to control
encryption and decryption; a message can be decrypted only if the key matches the
encryption key. The key used for decryption can be different from the encryption key,
but for most algorithms they are the same.

2
There are two classes of key-based algorithms, symmetric (or secret-key) and
asymmetric (or public-key) algorithms. The difference is that symmetric algorithms
use the same key for encryption and decryption (or the decryption key is easily derived
from the encryption key), whereas asymmetric algorithms use a different key for
encryption and decryption, and the decryption key cannot be derived from the
encryption key.

symmetric encryption, also referred to as conventional encryption or single-key

encryption, was the only type of encryption in use before the development of public
key encryption in the 1970s. Before beginning, we define some terms. An original
message is known as the plaintext, while the coded message is called the ciphertext.
The process of converting from plaintext to ciphertext is known as enciphering or
encryption; restoring the plaintext from the ciphertext is deciphering or decryption.
The many schemes used for encryption constitute the area of study known as
cryptography. Such a scheme is known as a cryptographic system or a cipher.
Techniques used for deciphering a message without any knowledge of the enciphering
details fall into the area of cryptanalysis. Cryptanalysis is what the layperson calls
“breaking the code.” The areas of cryptography and cryptanalysis together are called
cryptology.

3
A symmetric encryption scheme has five ingredients:
■ Plaintext: This is the original intelligible message or data that is fed into the
algorithm as input.
■ Encryption algorithm: The encryption algorithm performs various substitutions and
transformations on the plaintext.
■ Secret key: The secret key is also input to the encryption algorithm. The key is a
value independent of the plaintext and of the algorithm. The algorithm will produce a
different output depending on the specific key being used at the time. The exact
substitutions and transformations performed by the algorithm depend on the key.

Simplified Model of Symmetric Encryption

■Ciphertext: This is the scrambled message produced as output. It depends on the
plaintext and the secret key. For a given message, two different keys will produce two
different ciphertexts. The ciphertext is an apparently random stream of data and, as it
stands, is unintelligible.
■ Decryption algorithm: This is essentially the encryption algorithm run in reverse.
It takes the ciphertext and the secret key and produces the original plaintext.

4
There are two requirements for secure use of conventional encryption:
1. We need a strong encryption algorithm. At a minimum, we would like the
algorithm to be such that an opponent who knows the algorithm and has access to one
or more ciphertexts would be unable to decipher the ciphertext or figure out the key.
This requirement is usually stated in a stronger form: The opponent should be unable
to decrypt ciphertext or discover the key even if he or she is in possession of a number
of ciphertexts together with the plaintext that produced each ciphertext.
2. Sender and receiver must have obtained copies of the secret key in a secure
fashion and must keep the key secure. If someone can discover the key and knows
the algorithm, all communication using this key is readable.

Cryptanalysis and Brute-Force Attack

Typically, the objective of attacking an encryption system is to recover the key in use
rather than simply to recover the plaintext of a single ciphertext.

There are two general approaches to attacking a conventional encryption scheme:

■ Cryptanalysis: Cryptanalytic attacks rely on the nature of the algorithm plus perhaps
some knowledge of the general characteristics of the plaintext or even some sample
plaintext–ciphertext pairs. This type of attack exploits the characteristics of the
algorithm to attempt to deduce a specific plaintext or to deduce the key being used.
■ Brute-force attack: The attacker tries every possible key on a piece of ciphertext until
an intelligible translation into plaintext is obtained.

5
Table 1 summarizes the various types of cryptanalytic attacks based on the
amount of information known to the cryptanalyst