Scheme CYB312

Lecture Notes_Mr. Clement Keyamo (BSc, MSc)

Key References:
1. Understanding Cryptography_Christof Paar · Jan Pelzl

2. Every Day Dryptography_KEITH M. MARTIN

Week Topics Content

1 Introduction to Introduction to cryptography (Revision).Overview of Cryptology,
cryptography Definition of key terms, Symmetric and asymmetric
(Revision) Cryptography, Simple Symmetric Encryption: The Substitution
Cipher , Cryptanalysis , Classification of symmetric
encryption:Strem vs Block ciphers:Model of a stream
cipher ,Properties of stream ciphers ,Examples of stream
ciphers, Model of a block cipher,Properties of block ciphers ,Block
cipher algorithms
:

2 Classical Substitution Ciphers:Caesar cipher, Payfair cipher, Vigenere

encryption cipher. Security of symm etric encryption
schemes1
3 Classical Transposition Ciphers:Rail Fence Cipher, Row Transposition
encryption Cipher.
schemes2 Product Ciphers: the rotor machine
4 Modern DES
encryption
schemes 1
5 Modern AES
encryption
schemes 2
6 Modern RSA, PGP or ELGAMA?
encryption
schemes 3
7 Key PKI,
Management

8 CA1
9 Cryptographic SSL, and VPN
 protocols
10 Hash Functions
and MACs
11 Digital
Signature
Schemes and
Certificate
Authorities
12 Application of WLAN security requirements
Cryptography1 WEP and Attacks on WEP
WPA and WPA2
Cryptography for secure payment card transactions
Background to payment card services
Magnetic stripe cards EMV cards
Using EMV cards for internet transactions
Using EMV cards for authentication
Using EMV cards for mobile payments
Payment card key management
Payment card security issues Payment card cryptographic
design considerations

13 Application of Cryptography for digital currency

Cryptography2 Bitcoin background , Bitcoin security requirements Bitcoin
transactions ,Bitcoin blockchain
,bBitcoin mining
Bitcoin security issues
Bitcoin design considerations

14 CA 2
15 Revision

16 Revision/ Term Examination

Lecture one: Introduction and Definition of Key Terms and Concepts

1.1 Definition of Key Terms

Cryptology: This is the science that deals with hidden, disguised, or encrypted
communication. It covers the fields of cryptography and crptooanalysis. That is the scientific
study of hidden writing-- design, use and analysis. The diagram below shows an overview of
the field of cryptology.

Cryptography: This is from the Greek word Kryptos, which means hidden. Cryptography can
be defined as the science ( sometimes the art) of hiding information to keep them from being
accessed by unauthorized parties. It can be seen as the study of mathematical techniques for
keeping information secret over a communication channel or when stored in a system.

Cryptanalysis: is the science and sometimes art of breaking cryptosystems. That is, the
study of the different techniques or ways that can be used to defeat or unlock a
cryptographic system. It is the only way to assure that a cryptosystem is secure.

Encryption: This is the process of converting plain-text to cipher text. It can also be viewed
as the changing of a message from a readable format into another format that is not
readable except when decoded beck to its original format, using a function called a cipher.

Decryption: This is also known as deciphering. This is the process of converting a cipher text
back into a plain-text. It is the changing of an encoded message from its non readable format
back to the original readable message using cipher or message decoder.

Plaintext (or clear text): This is a message in its original readable format.
 Cyphertext or cryptogram: this is the altered from of a plain-text that cannot be easily
read except after decryption or decoding.

Key or cryptotovariable: This is the input in the cipher or encoding function that controls
the operation of the cipher or encoder or cryptographic algorithm. It can be viewed as a key
that locks the message so it cannot be read. It is needed at the other end to unlock the
message so it can be read again.

Keyspace: This represents the set of all keys for a given cryptographic system. This is, the
total values of keys in a cryptographic algorithm.
I. e K={k1, k2,k3…}

Work factor: In cryptoanalysis, work factor is concerned with the effort and computer
resources it takes to defeat a Cryptogrophic system. It is a measure of how strong a
cryptographic system is. A system with a high work factor cannot be easily defeated while
one with a low work factor can be easily cracked.

Transposition: This is a process where plain-text is reordered to hide or encode it.

Substitution: This is a process of exchanging one letter or byte of the plain-text or message
with another letter or byte to form the cipher text

Diffusion: This is carried out by mixing up the location of the plain-text throughout the
ciphertext.

Cipher or cryptographic algorithm : This is the code that transforms the plain-text into a
cipher text or cipher text back into a plain text . The cipher can be viewed as a mathematical
function used for encoding and decoding. In most cases two related functions are used at
both ends.

Cryptographic protocol: Cryptographic protocols are protocols designed using

cryptographic algorithms for secure communications purposes. They are concerned with the
application of cryptographic algorithms in the field of secure communications. Symmetric and
asymmetric algorithms are used as building blocks with which applications such as secure
Internet communication can be realized. The Transport Layer Security (TLS) and SSL scheme,
which is used in every Web browser,are examples of a cryptographic protocol.

1.2 Basics of Cryptoanalysis

Cryptaalysis, the art or science of breaking cryptographic systems, is divided into three
classes: Classical analysis, implementation attacks and social engineering. Furthermore,
classical analysis is divided into mathematical analysis and brute-force attacks. The diagram
below illustrate this.

Classical Cryptanalysis: concerned with the scientific recovery of the plain-text x from the
cipher-text y, or, recovering the key k from the ciphertext y. it is divided into analytic and
brute force attacks.

Implementation Attacks: Attacks based on physical access to concerned system. Side-

channel attacks where the electrical power consumption of processors acting on the secret
key can be analyzed to obtain the key are good examples. Other parameters that can be
analyzed include electromagnetic radiations and run time behaviour of the concerned
algorithm that can give away secret key information.

Social Engineering Attacks: involves humans and societal systems were bribing,
blackmailing, tricking or classical espionage is used to obtain the secret key.

Kerckhoffs’ Principle :Sound systems should adhere to this principle. It states that a
cryptosystem should be secure even if the attacker knows all details about the system, with
the exception of the secret key. That is, the system should be secure though the attacker
knows the encryption and decryption algorithms.

Relevance of key length in cryptoanalysis: In the security of cryptographic systems, the

length of the key plays an important role to the security of the system. The longer the key, the
more difficult it should be to normally crack or break the system. However, this is relevant
when brute force attack is the best known attack. If analytical, social engineering and
implementation attacks can work, the key length is irrelevant. The table below gives estimated
time for successful brute-force attacks on symmetric algorithms with different key lengths.
Key point to note here is that large keyspace is not enough to guarantee security of system.
The system must also be strong against other attack patterns outside brute force.

1.3 TYPES OF CRYPTOGRAPHIC SYSTEM

Fundamentally, there are two types of cryptographic systems: Symmetric and the
Asymmetric systems. A third system involves the combination of the two basic systems. This
system is called the Hybrid system. The figure below depicts the two types/classes.

Source: Semantic Scholar

SYMMETRIC CRYPTOGRAPHIC SYSTEM:

This system is also known as the private key cryptographic system. This system operates with
a single key that is used to both encrypt messages and decrypt encoded messages.
The diagram below illustrates a basic symmetric cryptographic system
Source:https://aboutssl.org/

From the diagram, the plain-text ( PT) is passed or inputted into a cipher. The key is added to
the PT and both are transformed into the coded message or cipher text (CT). The
communication channel transmits the CT to the receiving end where a related function
decodes the CT back into the original message using the same key.
An important feature of the symmetric system is that single key is used for the encoding and
decoding process. The key is transmitted in a secondary channel called an out- of- bound
channel. This can be by post or any secret means. One weakness of this system is with the
key. Once the key is discovered by a third party, the system is exposed. Examples of
symmetric is the Caesar cipher and Data encryption standard (DES)

2. ASYMMETRIC CRYPTOGRAPHIC SYSTEM

This is a cryptographic system that uses two keys, instead of the one key used by the
symmetric system. One key is secret and is known only to a user of the system or users privy
to that key, while the other key is a public key that is available to all that use the computer
based system.
The diagram below depicts a basic Asymmetric cryptographic system
Source:https://www.researchgate.net/publication/321123382/

From the diagram, the PT is inputted into the cipher or encoder, and the public key of the
planned receiver of the message is added to the message and encoded to create the CT. At
the other end of the cryptographic system of the transmission channel, the decoder
transforms the CT Back to the original message using the receiver’s private key as input to
the decoder.
One important problem with this system is that it is very slow. However its advantage over
the symmetric system is that key management is affective.

Comparison of symmetric with Asymmetric system.

Symmetric Asymmetric
Uses a single private key Uses two keys. Private and public

Very fast Very slow system

Not suitable for confidential Suitable for confidential information
Suitable for large volume data Not suitable for large volume
massage

Hybrid Cryptographic System

 This system combines the symmetric and Asymmetric cryptographic systems, making use
of their best aspects to create a better system or a more enhanced system. The block
diagram below shows a typical Hybrid basic system.

The system, as above, can be considered as two fused systems. The symmetric system
basically is used to send the required message. The process for symmetric transfer and
encoding holds, except in this case, the out -of -bound channel is replaced by the asymmetric
system which is used to safely distribute the secret key for the symmetric system. Notice
that the secret key in the symmetric system is used as the message in the asymmetric part
of the Hybrid system, while the public key of the Asymmetric is used to encode it. At the other
end, the secret key (SK) is first decoded using the private key in the asymmetry half of the
system, and then the decoded SK can be used to unlock the main message PT, in the
symmetric half of the Hybrid system.

Encryption and Decryption modes /methods: there are basically two modes for encrypting
and decrypting messages. We have the stream-based and the block- based encoding and
decoding modes.
Stream-based Encrypting /Decryption modes
This is when a cryptographic system performs its encryption one bit at a time. A bit (short for
binary digit) is the smallest representation of data or information in a computer system and
it has a binary value of either o or I. The stream-based encryption is achieved by adding a bit
from a key stream to a bit from the plain-text.
The diagram below illustrates the above cryptographic mode of operation

Note that most practical stream ciphers are symmetric ciphers.

The mixing up of the stream of keys with the plain-text bits is usually an exclusive OR (XOR)
operation.
That is : cipher text = Plain-text (XOR) key stream

Mathematically we can write :

y1 =esi (x1 ) = x1 + k1 mod 2 (encryption)

x1 =dsi (yi ) = yi + ki mod 2 (decryption)

Example: given the truth table of the XOR operation below.

X K Y
0 0 0
0 1 1
1 0 1
1 1 0

And given that letter A in binary = 010000012 and the key stream to a stream –based cipher is
ks =k1.…kn = 001011002
Find the output of cipher when the letter A is passed through it.
Solution
A=x1…xn = 01000001
+
K1 = (K0…Kn) = 00101100
01101101
y1 = 01101101

Block- based Encryption Mode: in this encryption mode, the cipher text is encrypted in
blocks of bytes. The block length can be 128bits or 16 bytes, 64bits or 8bytes. Examples of
block ciphers are DES, AES etc

Stream Vs Block in Application

Due to the fact that stream ciphers are small and fast, they are used in cases were little
computational power is required e.g cell phones and embedded devices, whereas block
ciphers are useful for encrypting computer communications on the internet .