Information Systems Security Essentials (ISS611S)

Chapter 2 - Cryptography

Dr Mercy Chitauro
 Contents
• Encryption
• Types of encryption algorithms
• Encryption Uses
Introduction
What is encryption
Introduction
 Encryption Algorithm
• Y= F(x,k)
• Y = Ciphertext (scrambled information)
• X= Our original data known as plaintext
• K= Additional information used in the
algorithm
 Creating Ciphertext

• Ciphertext can be created using several

methods:
– Transposition - to change the relative position,
order, or sequence of; cause to change places;
interchange
– Substitution - units of the plaintext (generally
single letters or pairs of letters of ordinary text)
are replaced with other symbols or groups of
symbols
– One-time pad - requires the use of a one-time
pre-shared key the same size as, or longer than,
the message being sent
– The one-time pad be cannot be cracked?
 Some Basic Terminology

• Plaintext - original message

• Ciphertext - coded message
• Cipher - algorithm for transforming plaintext to ciphertext
• Key - info used in cipher known only to sender/receiver
• Encipher (encrypt) - converting plaintext to ciphertext
• Decipher (decrypt) - recovering ciphertext from plaintext
• Cryptography - study of encryption principles/methods
• Cryptanalysis (code breaking) - study of principles/methods of
deciphering ciphertext without knowing key
• Cryptology - field of both cryptography and cryptanalysis
• Cryptosystem is a system used for encryption and decryption.
• A cryptosystem involves a set of rules for how to encrypt the plaintext
and decrypt the ciphertext. The encryption and decryption rules, called
algorithms, often use a device called a key
 Plaintext - original message

Ciphertext - coded message

Cipher - algorithm for transforming

Some Basic plaintext to ciphertext

Terminology Key - info used in cipher known only

to sender/receiver
Encipher/encrypt - converting
plaintext to ciphertext
Decipher/Decrypt - recovering
ciphertext from plaintext
 Cryptography - study of encryption
principles/methods

Cryptanalysis (code breaking) - study of

principles/methods of deciphering ciphertext
without knowing key

Some Basic
Cryptology - field of both cryptography and
Terminology cryptanalysis.

Cryptosystem - involves a set of rules for how to

encrypt the plaintext and decrypt the ciphertext.
The encryption and decryption rules, called
algorithms, often use a device called a key
 Cryptography

• The
• The type
type of of operations
operations usedused
for for transforming
transforming plaintext
plaintext to ciphertext
to ciphertext
• Substitution
• Substitution
• Each
• Each element
element in the
in the plaintext
plaintext is mapped
is mapped intointo another
another element
element
• Transposition
• Transposition
• Elements
• Elements in the
in the plaintext
plaintext areare rearranged
rearranged
Cryptosystems • Fundamental
• Fundamental requirement
requirement is that
is that no information
no information be lost
be lost
are generically • Product
• Product systems
systems
• Involve
• Involve multiple
multiple stages
stages of substitutions
of substitutions andand transpositions
transpositions
classified along • The
• The number
number of keys
of keys usedused
three • Referred
• Referred to to
encryption
as as
if
symmetric,
symmetric,
both sender
single-key,
single-key,
and receiver
secret-key,
secret-key,
use the
or conventional
or conventional
same key
encryption if
both sender and receiver use the same key
independent • Referred
• Referred to to
as as asymmetric,
asymmetric, two-key,
two-key, or public-key
or public-key encryption
encryption if theifsender
the
sender andeach
receiver
use aeach use akey different key
dimensions: and
• The
• The
receiver
wayway in which
in which the the
different
plaintext
plaintext is processed
is processed
• Block
• Block cipher
cipher processes
processes thethe
inputinputoneone blockblock of elements
of elements at a at a time,
time, producing
producing an output block
an output block for each input block for each input block
• Stream
• Stream cipher
cipher processes
processes thetheinputinput elements
elements continuously,
continuously, producing
producing output
output one element at a time,
one element at a time, as it goes along as it goes along
Transposition Ciphers
 Substitution Ciphers

xxxx
Types of Encryption
Algorithms
Hash

Symmetric

Asymmetric
Symmetric Encryption
• Also referred to as conventional encryption
or single-key encryption

• Was the only type of encryption in use prior

to the development of public-key encryption
in the 1970s

• Remains by far the most widely used of the

two types of encryption

• Examples: Banking Applications, Data at rest

(i.e., Disk encryption)
Asymmetric
Encryption
• Also referred to as public key
encryption system
• Public-key cryptosystems uses two
different keys. One for encryption
and one for decryption.
• The keys are commonly known as a
private key and a public key.
• The private key must remain
confidential to its respective owner,
while the public key is made available
to everyone via a publicly accessible
repository or directory.
• To decode an encrypted message, a
computer must use the public key,
provided by the originating computer,
and its own private key.
• Used in Digital signatures and
distribution of symmetric keys.
 Symmetric Asymmetric
• DES • RSA
• 3DES
• ElGamal
• AES
• IDEA
• elliptic
• Curves
Types of •
•
RC2/4/5/6
Blowfish • DH
Encryption
algorithms Each of these encryption algorithms
have cryptographic keys that they use
for encryption. The size/length of key
influences it’s level of security.
 Encryption Uses

Confidentiality Authentication

Digital Public key

signatures certificate
 Security Services

Data
Authentication Access Control Data integrity Nonrepudiation
Confidentiality
13 Storch Street T: +264 61 207 2258
Private Bag 13388 F: +264 61 207 9258
Windhoek E: fci@nust.na
NAMIBIA W: www.nust.na
Summary