Cryptography

Cryptography is the art of disguising

information (digital or otherwise) so that it
cannot be read or used by outsiders.

1
 Cryptography
Its original and main application is to enable two
parties to communicate in secret, across an
unsecured (public) channel.
•Cipher text: plain text transformed to a
meaningless format to hide actual meaning
•Cryptanalysis: breaking ciphers
• Encryption: transforming plain text to cipher text
• Decryption: recovering plain text from cipher text
•Cryptography = encryption + decryption
2
 Goals of cryptography
Cryptography can be directly used to help ensure
these security properties:
•Confidentiality — preventing open access
•Integrity — preventing unauthorized modification
•Authentication — verification of identity
Authentication is sometimes split into:
•Data origin authentication
•Non-repudiation — preventing denial of actions
We want to ensure these properties, even when
another party may eavesdrop or intercept messages.
3
 PRACTICAL APPLICATION

•Encrypting of email messages

•Encrypting chat sessions
•Protecting web transactions and other E-
Commerce applications
•Digital signatures to enforce non-repudiation

4
 Types of cryptography

1) Traditional
•Both encryption method and encryption key are
secret.
•Most encryption methods are a combination of
substitution ciphers and transposition.

2) Modern
Based on mathematical algorithms of encrypting
data.

5
 1. Classical/Traditional Cryptography
•Most encryption methods are a combination of
substitution ciphers and transposition.

a) Basic Substitution ciphers

i) Circularly shifted alphabets
ii) Mono-alphabetic ciphers
b) Basic Transposition ciphers

6
 a) Substitution ciphers
• Each letter in the plaintext is replaced by a
letter in the substituted alphabet
i) Circularly shifted alphabets – method
• Also known as Caesar Cipher
• The cipher text alphabet is the plain text
alphabet shifted by k (thus k is the key in this
method) which is a number between 1 and 25
• If k=3, then a becomes d, b becomes e, c
becomes f … and z becomes c
• The word “attack” becomes “dwwdfn”
7
 Caesar Cipher
• Earliest known substitution cipher by Julius Caesar
• First used in military affairs
• Replaces each letter by 3rd letter on the alphabet
• Example:
meet me after the party
PHHW PH DIWHU WKH SDUWB

• NB: Caesar cipher refers to any simple letter shift

cipher, not just those with shift of 3.

8
 ii) Mono-alphabetic Cipher
• Each plaintext letter maps to a different random
cipher text letter rather than just shifting the
alphabet
• Shuffle (jumble) the letters arbitrarily
• Each letter of the plain text alphabet is mapped to
another letter in a non-defined manner
• Hence key is a 26 letter string

Plain : abcdefghijklmnopqrstuvwxyz
Cipher : DKVQFIBJWPESCXHTMYAUOLRGZN
Plaintext: ifwewishtoreplaceletters
Ciphertext: WIRFRWAJUHYFTSDVFSFUUFYA
9
 b) Basic Transposition method
• In a transposition cipher, each letter or group of letters
is re-ordered.
• An example is columnar transposition.

Procedure
• Find a key, which is a word with no repeating letters e.g. water
• Create a table using the key
• Number the columns, starting with letters that appear first in
the alphabet
• Write plaintext in rows (horizontally)
• The cipher text is written going through the columns vertically
starting with the lowest column number
10
 Example - Columnar Transposition
Plain text: Breaking ciphers can be easy
Key : WATER.
5 1 4 2 3
W A T E R
B R E A K
I N G C I
P H E R S
C A N B E
E A S Y

Cipher text:
RNHAAACRBYKISEEGENSBIPCE 11
 Exercise
Using the columnar transposition method, encrypt
the messages below:
a) Please charge the suspects heavily.
Key: FARMING

b) The payment will be made into your bank

account.
Key: RESULT

12
 Modern Cryptography
•Based on mathematical algorithms for
cryptography.
•Encryption algorithm is known and implies a
secure channel to distribute key.

13
 Cryptography
•Ways of (transforming) scrambling data using defined data
‘keys’ so that the data is meaningless to an unintended
person / recipient.
• Open source encryption software E.G. 7-Zip, Bit Locker,
Xcrypt, GNU-Privacy, Crypt 7
• Application of cryptography e.g. ATM, web browser,
chat session

14
 Modern Cryptography contd…
•Each cryptographic system consits of a method
of encryption and key
The broad categories are :
a) Asymmetric (Public) uses two different
keys ; one for encryption & one for
decryption e.g. RSA
b) Symmetric (Secret); uses one key for both
encryption and decryption e.g. DES, IDEA

15
 Asymmetric cryptography
•Encryption key public (shared), decryption key
private (not shared).
•Easy way to send secret messages.
•Decryption only by intended recipient.
•A type of “digital signature”.
Method
*Sender encrypts message using receiver`s public
key.
*Receiver decrypts message using his/her private
key.
16
 Public / Shared key Algorithms
•Uses two keys, one shared and one private

17
 Uses of Public key cryptography
Digital signatures- Just like a paper signature
they are used for non-repudiation purposes.

18
 Using Public Keys

Nonsense

Encryption Ciphertext Decryption

Plaintext Plaintext

19
 Applications of Public Key Encryption
1) Encryption/Decryption
•The sender encrypts the message using the receiver’s
public key
Q: Why not use the sender’s secret key?
2) Digital signature
•The sender signs a message by encrypting the
message or transforming the message using their own
private key
3) Key exchange
•Two sides cooperate to exchange a session key,
typically for conventional encryption
20
 RSA algorithm
R. Rivest, A. Shamir, L. Adleman (1977)

Algorithm:
•Encryption: C=Me mod n
•Decryption: M=Cd mod n

21
 Encryption procedure
1) Generate two keys (d & e) as follows:
a) Choose two large prime numbers p & q (which
must be kept secret and be of equal length)
b) n = p*q
c) Compute z = (p-1)*(q-1)
d) Choose encryption key e such that :
1<e<z and e and n are co-prime i.e. e must
have no factors in common with n
d) Compute decryption key d
e) d : de mod (p-1)*(q-1) = 1
22
 Encryption procedure
•To encrypt a message m , the cipher text c
becomes : c = me mod n
•For convenience, break m into blocks m1 to mk of
equal size, to get c1 to ck cipher text blocks.
Concatenating these gives encrypted message.

23
Decryption procedure

Use m = cd mod n

24
 Example – generating keys
1) Select prime numbers: E.G. p=17 & q=11
2) Compute n = p*q =17×11=187
3) Compute z = (p-1)*(q-1)
4) Choose encryption key, e such that :
1<e< z and e and n are co-prime i.e. e must have no
factors in common with n . Choose e = 7
5) Compute decryption key d
d : de mod z = 1
7d mod 160 = 1 therefore d = 23 since
7*23 mod 160 =1 i.e (161 mod 160 = 1)
Thus d = 23 and e = 7
25
 Key distribution
•Publish / Share public key
Public key = (e,n)

•Keep secret key

Secret key = (d,n)

26
 Example – encryption & decryption
Given message M = 88 (N.B. 88<187)
Encryption:
c = me mod n
C = 887 mod 187 = 11

Decryption:
m = cd mod n
M = 1123 mod 187 = 88

27
 Security of the RSA algorithm
Strength
It is difficult to guess the two prime numbers (p
& q) since they are at least 100 digits long each.

Weakness
The relationship between prime numbers can be
exploited to determine the original plaintext from
cipher-text

28
 Digital signatures

Digital signatures are like electronic “fingerprints.” In

the form of a coded message, the digital signature
securely associates a signer with a document in a
recorded transaction. Digital signatures use a standard,
accepted format, called Public Key Infrastructure (PKI),
to provide the highest levels of security and universal
acceptance. They are a specific signature technology
implementation of electronic signature (eSignature).

29
 What’s the difference between a
digital signature and an electronic
signature?
The broad category of electronic signatures (eSignatures) encompasses many types of
electronic signatures. The category includes digital signatures, which are a specific
technology implementation of electronic signatures. Both digital signatures and other
eSignature solutions allow you to sign documents and authenticate the signer. However,
there are differences in purpose, technical implementation, geographical use, and legal
and cultural acceptance of digital signatures versus other types of eSignatures.

In particular, the use of digital signature technology for eSignatures varies significantly
between countries that follow open, technology-neutral eSignature laws, including the
United States, United Kingdom, Canada, and Australia, and those that follow tiered
eSignature models that prefer locally defined standards that are based on digital
signature technology, including many countries in the European Union, South America,
and Asia. In addition, some industries also support specific standards that are based on
digital signature technology.

30
 EXERCISE
1) Given that p=3 and q=11, use the RSA
algorithm to :
a) Determine the encryption and decryption
keys
b) If m=2, show the encryption procedure
c) Decrypt the cipher text in b) above

31
 Digital signatures

A digital signature (not to be confused with a

digital certificate) is a mathematical technique
used to validate the authenticity and integrity of a
message, software or digital document.

32
 Summary
• Symmetric encryption
• Public encryption
• Digital Signature
• Key distribution

33