CAREERERA

Cryptography

1
MODULE OBJECTIVES
• What is Cryptography?
• Purpose Of cryptography
• Architecture of cryptography
• Types of Cryptography
• Process of cryptography
• Types Of cryptography Algorithms
• Cryptography Tools

2
MODULE OBJECTIVES cont…

• PKI System
• Encryption
• Cryptanalysis
• Hashing algorithm
• Code-breaking methodologies
• Cryptography attacks
• Cryptography attack tools
• Conclusion

3
 What is Cryptography?

• Cryptography derived its name from a Greek word called “krypto’s” which means
“Hidden Secrets”.
• Cryptography is the practice and study of hiding information. It is the Art or
Science of converting a plain intelligible data into an unintelligible data and again
retransforming that message into its original form.
• It provides Confidentiality, Integrity, and Accuracy.

4
 Cryptography terms
• Cipher: an algorithm performing encryption and decryption
• Clear text / plaintext: unencrypted data
• Cipher text: encrypted data
• Key: specifies the transformation of data for encryption /
decryption

5
 Cipher types

• Cipher: algorithm performing encryption and decryption.

• Classical ciphers
• Used historically but no longer used for the most part.
• Substitution cipher
• Every character is substituted with another one
• E.g. Caesar Cipher (100 BC)
• Polyalphabetic cipher
• Based on substitution
• Uses multiple substitution alphabets
• E.g. Vigenère cipher from 1467
• Has cipher has several Caesar ciphers in sequence with different shift values.
• Transposition cipher
• Plain text is repositioned (shifted) to create a ciphertext
• Also called a zigzag cipher

6
 Cipher types cont..

• Modern ciphers

• Computational infeasibility
Modern cryptographic systems are built on problems which are assumed to be computationally infeasible

• Key-based ciphers
• Symmetric encryption
• Asymmetric encryption

• Input-based ciphers
• Block cipher
• Stream cipher
• XOR cipher

7
 PURPOSE OF CRYPTOGRAPHY
• Authentication: The process of proving one's identity. (The primary forms
of host-to-host authentication on the Internet today are name-based or
address-based, both of which are notoriously weak.)
• Privacy/confidentiality: Ensuring that no one can read the message except
the intended receiver.
• Integrity: Assuring the receiver that the received message has not been
altered in any way from the original.
• Non-repudiation: A mechanism to prove that the sender really sent this
message.

8
Architecture of cryptography

9
TYPES OF CRYPTOGRAPHIC ALGORITHMS

10
Digital Certificates
• Certificate - electronic file that is used to verify a user's identity; provides
nonrepudiation

•X.509 - standard used for digital certificates

•Contents of a Digital Certificate:
•
•Version - identifies certificate format
•Serial Number - used to uniquely identify certificate
•Subject - who or what is being identified
•Algorithm ID (Signature Algorithm) - shows the algorithm that was used to
create the certificate
•Issuer - shows the entity that verifies authenticity
•Valid From and Valid To - dates certificate is good for
•Key Usage - what purpose the certificate serves
•Subject's Public Key - copy of the subject's public key
•Optional Fields - Issuer Unique Identifier, Subject Alternative Name, and
Extensions

11
Digital Certificates cont..
• Types of certs…

• Self-Signed Certificates - certificates that are not signed by a CA; generally not used for
public; used for development purposes
• Signed by the same entity it certifies
• Registration Authority
• Verifies user identity
• Certificate Authority
• Third party to the organization; creates and issues digital certificates
• Certificate Revocation List (CRL)
• Used to track which certificates have problems and which have been revoked
• Validation Authority
• Used to validate certificates via Online Certificate Status Protocol (OCSP)

12
Process of cryptography

13
 Using Keys
• Private keys are used for decrypting.
• Public keys are used for encrypting

https://www.careerera.com 14
 Public/Private Key Cryptography

• Asymmetric key cryptography overcomes the key management problem by using

different encryption and decryption key pairs. Having knowledge of one key, say the
encryption key, is not sufficient enough to determine the other key - the decryption
key.

• The mathematical relationship between the public/private key pair permits a

general rule: any message encrypted with one key of the pair can be successfully
decrypted only with that key's counterpart

15
 PKI System

• Public Key Infrastructure (PKI) - structure designed to verify and authenticate the
identity of individuals
• Also refers to the binding of public keys to people or devices
• The certificate authority (CA)
• It's all about trust
• X.509 v3 is current format most widely used. Part of the X.500 family of standards

16
Actors of PKI
• Validation authority (VA)
• 📝 Used to validate certificates, stores certificates with their public keys
• Certificate authority (CA)
• Also known as certification authority
• 📝 Third party to issue and verify digital certificates
• Digital certificates contain public key and the identity of the owner.
• E.g. Comodo, IdentTrust, GoDaddy
• Registration authority (RA)
• 📝 Acts as verifier for the certificate authority
• Certificate Management System
• Generates, distributes, stores, and verifies certificates
• End user
• Requests, manages, and uses certificates

17
PKI process flow

18
 Public Key Cryptography cont..

• One of the keys allocated to each person is called the "public key",
and is published in an open directory somewhere where anyone can
easily look it up, for example by email address.
• Each entity has 2 keys:
• Private Key (a secret)
• Public key (well known).

19
Cryptography Tools

• JCA
• This is the tool used to authorize the encryption process. This tool might be termed
as Java cryptographic libraries. These Java libraries are included with predefined
activities where those need to be imported before implementation

• SignTool.exe
• This is the popular tool mostly used by Microsoft to sign the files. Adding a signature and
time stamp to any kind of file is the prominent feature supported by this tool. With the
timestamp in the file, it holds the ability to authenticate the file

20
 What is encryption?

• Encryption is a way of scrambling data so that only authorized parties can

understand the information. In technical terms, it is the process of
converting human-readable plaintext to incomprehensible text, also known
as ciphertext. In simpler terms, encryption takes readable data and alters
it so that it appears random. Encryption requires the use of a
cryptographic key: a set of mathematical values that both the sender and
the recipient of an encrypted message agree on.

21
 Encrypting communication

• Can happen in different layers on Internet

protocol suite e.g.
• Link layer: • [PPP]
• Internet layer: • IPSec
• Transport layer: • TCP
• Application layer: • SSH • FTP, SFTP, FTPS • SSL / TLS

22
SSL/TLS

• SSL (Secure Sockets Layer)

• Protocol on the application layer
• Created to ensure the security of the message transmission over the network and
Internet.
• ❗ Not secure and has known vulnerabilities, use > TLS 1.2 instead.
• 📝 Uses both asymmetric and symmetric authentication mechanisms
• Asymmetric encryption is used to establish a secure session between a client
and a server
• Utilizing RSA and digital certificates
• Symmetric encryption is used to exchange data within the secured session
• Encrypts data at Transport Layer of TCP/IP stack and above

23
 SSL/TLS Cont..

• TLS (Transport Layer Security)

• 📝 More secure successor of SSL
• Protocol to establish secure client-server connection.
• Ensures the information integrity and privacy during transmission.
• Uses RSA 1024 and 2048 bits
• ❗ Use at least TLS 1.2, lower version has vulnerabilities.
• Most commonly used implementation of SSL/TLS is OpenSSL library.
• Vulnerabilities include • Heartbleed (OpenSSL) • POODLE • CRIME and BREACH •
Renegotiation attack • FREAK • DROWN

24
 Encryption on computers
• Roughly speaking, there are two different broad types of
encryption that are used on computers today
• Symmetric encryption relies on keeping keys totally secret
• Asymmetric encryption actually publicizes one key, but keeps
some information private also
• Neither is really “better” - they just use different principles.
• In reality, both are vulnerable to attacks.

25
 Encryption algorithms and
techniques
• Algorithm: step-by-step method of solving a problem
• Encryption algorithms: mathematical formulas used to encrypt
and decrypt data
• Keys should still change on a regular basis even though they may
be "unhackable"
• 📝 In terms of speed
• Symmetric encryption algorithms are faster than asymmetric
algorithms
• Stream ciphers (including AES in CTR) are usually faster than
hash functions

26
 Encryption algorithms and
techniques cont.
• Symmetric algorithms
• Both ends of the transmission must use the same key.
• Requires to find a secondary secure channel to send the symmetric key to the
recipient to ensure security.
• DES (Data Encryption Standard)
• Block cipher, 56-bit key, 64-bit block size
• Developed in the early 1970s at IBM
• Was a standard set by NSA but was withdrawn, quickly outdated

27
 Disk encryption

• Encryption of all data stored on a disk.

• Data-at-rest protection
• Protect the data stored in the disk and ensure its confidentiality
• 📝 Protects against someone who gains physical access to your device
• ❗ But does not protect from malware or from being attacked by hackers over the internet

• Full Disk Encryption (FDE)

• Encrypting every bit of data stored on a disk or a disk volume
• Working similar to text-message encryption and protects data even OS is not
active
• Protects system folders, files, and MBR until valid credentials are provided at pre-
boot

28
 DES: Data Encryption Standard
• Adopted in 1977 by National Bureau of Standards (now NIST)
• Divides message into blocks of 64 bits, and uses a key of 56 bits
• Key idea for this: XOR the data with the key
• (Remember XOR? How did it work?)

• In July 1998, DES was officially cracked by a machine built by the EFF
• Total cost: under $250,000
• Total time: 6-8 months
• They then published the details of their approach, which essentially was a
brute force attack

29
 Advanced Encryption Standard (AES)

• Designed in response to a call by NIST in 1998, and officially adopted in 2001

• Block length is 128 bits, and keys can be 128, 192, or 256 bits.
• Essentially, proceeds in 4 rounds (which are repeated):
• Substitute bytes
• Permute
• Mix columns
• Add round key

30
 RSA (Rivest–Shamir–Adleman)

• One of the common used encryption standards for data

transmission.
• 📝 Achieving strong encryption through the use of two large
prime numbers
• In 1977, Rivest, Shamir, and Adleman came up with another way to use public
key cryptography
• Rather than secure key exchanges, this one actually lets you encrypt whole
messages
• Today, this is the most commonly used public key cryptosystem on the market

31
Disk encryption tools

Disk encryption tools

•VeraCrypt
•Symantec Drive Encryption
•BitLocker Drive Encryption
•Cryptsetup
• Open-source disk encryption utility tool

32
 Encryption tools cont.
• IBM Security Guardium Data Encryption
• IBM Security Guardium Data Encryption performs encryption and decryption operations with
a minimal performance impact.

• AxCrypt Premium
• AxCrypt Premium may not be as robust as competitors but it is a powerful solution for
smaller organizations that don’t have the resources to support more comprehensive
solutions

• VeraCrypt
• VeraCrypt is a popular option in the enterprise-grade encryption market for Windows,
macOS and Linux operating systems. It automatically encrypts data and creates partitions in
your network based on volume size, location and specified hashing algorithms

33
 Cryptanalysis
• Process of decryption of ciphers and encrypted text
• Identifies vulnerabilities in cryptosystems

Cryptanalytic techniques
• Linear cryptanalysis
• Differential cryptanalysis
• Integral cryptanalysis

34
Cryptanalysis cont…

• Linear cryptanalysis
• Known as plaintext attack
• Applicable to block ciphers and stream ciphers.
• Given enough pairs of plaintext and corresponding ciphertext, key can be obtained
• Discovered by By Matsui and Yamagishi in 1992
• Attacker identifies the linear relation between some bits of the plaintext, some bits of the
ciphertext and some bits of the unknown key.

• Differential cryptanalysis
• Discovered by Israeli researchers Eli Biham and Adi Shamir in the late 1980s.
• Applicable primarily to block ciphers, but also to stream ciphers and cryptographic hash
functions.
• Applicable to symmetric key algorithms
• Comparing differences in the inputs to how each one affects the outcome
• Working with chosen plaintext originally, also works with known plaintext and ciphertext

35
 cryptanalysis tools

• CrypTool
• CrypTool was first launched in 1998. It is an e – learning tool explaining cryptanalysis and
cryptography. CrypTool aims at making people understand network security threats and working
of cryptology. It includes asymmetric ciphers like RSA, elliptic curve cryptography. CrypTool1 (CT1)
experiments with different algorithms and runs on Windows. It was developed in C++ language.

• EverCrack
• An open source GPL software, EverCrack deals chiefly with mono – alphabetic
substitution and transposition ciphers. It is a cryptanalysis engine with a multi –
language support for English, German, French, Spanish, Italian, Swedish, Dutch and
Portuguese. It was initially developed in C language.It is currently concentrating on
online web – based applications. Now, the programming is kernel based i.e.
deciphering complex ciphers for the kernel.

36
 Hash functions

• Is a type of one-way function this are fundamental for much of cryptography.

• A one way function - is a function that is easy to calculate but hard to invert.
• It is difficult to calculate the input to the function given its output.
• The precise meanings of "easy" and "hard" can be specified mathematically. With
rare exceptions, almost the entire field of public key cryptography rests on the
existence of one-way functions.

37
Hash function cont..

• Also known as one-way functions, hash functions or message-digest-

functions
• Calculates unique fixed-size representation of a block of information.
• Cannot be reversed.
• 📝 Used for
• integrity e.g. when downloading a file in internet, you can compare
downloaded files hash with hash given on the website to ensure the
right file is downloaded
• storing passwords in a database by e.g. operating systems
• Checksum
• Number created by a message digest.

38
Hashing algorithm cont…
• MD5

• 📝 Most popular message digest algorithm.

• Takes any length of input and produces a 128-bit hash

• SHA

• Secure Hashing Algorithms

• 📝 Generates a cryptographically secure message digest.

• SHA-0
• Withdrawn shortly after publication due to a flaw and replaced with revised SHA-1
• 📝 SHA-1
• Produces 160-bit digests
• Designated by NSA
• SHA-2
• Primarily SHA-256 (32-bit block words), SHA-512 (64-bit block words)
• Truncated versions: SHA-224, SHA-384, SHA-512/224 and SHA-512/256
• Designated by NSA
• SHA-3 39
Code-breaking methodologies
• Frequency analysis
• Study of the frequency of letters or groups of letters in a ciphertext
• E.g. checking cipher chunks against in languages some letters or
combination of letters are used more often
• Can be used to crack a substitution cipher, like rotation cipher ROT13
• Trickery and deceit
• Requires a high level of mathematical and cryptographic skills
• Using social engineering techniques to trick someone to encrypt and
send a known message
• One-time pad
• A shared random key that has to be the same length or longer than
the cipher text
• Each individual bit or character of plaintext is encrypted by combining
it with the corresponding bit or character from the pad using modular
addition
• Assuming to be unbreakable

40
 Attacks of cryptography
•

• Cryptographic attacks approaches that seek to exploit one or more vulnerabilities in a

cryptosystem to break it; Note: Patterns Kill! and it's all about the key!

• Frequency Analysis & the Ciphertext Only Attack

• Examine frequency of letters appearing in the ciphertext
• Attempt to figure out what letters they correspond to plaintext
• Known Plain-text attack
• Has both plain text and cipher-text; plain-text scanned for repeatable sequences
which is compared to cipher text
• Chosen Cipher-text Attack
• Chooses a particular cipher-text message
• Attempts to discern the key through comparative analysis
• RSA is particularly vulnerable to this

41
 Attacks of cryptography cont..
• Chosen Plain-text attack
• Attacker encrypts multiple plain-text copies in order to gain
the key
• Adaptive chosen plain-text attack
• Attacker makes a series of interactive queries choosing
subsequent plaintexts based on the information from the
previous encryptions; idea is to glean more and more
information about the full target cipher text and key
• Cipher-text-only attack
• Gains copies of several encrypted messages with the same
algorithm; statistical analysis is then used to reveal
eventually repeating code

42
Cryptography attack tools
• Carnivore and Magic Lantern - used by law enforcement for
cracking codes
• L0phtcrack - used mainly against Windows SAM files
• John the Ripper - UNIX/Linux tool for the same purpose
• PGPcrack - designed to go after PGP-encrypted systems
• CrypTool
• Cryptobench
• Jipher
• Keys should still change on a regular basis even though they may
be "unhackable"
• Per U.S. government, an algorithm using at least a 256-bit key
cannot be cracked
43
 CONCLUSION

• We use different types of algorithms to establish security

services in different service mechanisms.
• We use either private key cryptography or public key
cryptography according to requirement.
• If we want to send message quickly we use private key
algorithm and if we want to send messages secretly we use
public key algorithm.

44