UNIT-II

CRYPTOGRAPHY

INTRODUCTION

Cryptography is technique of securing information and communications

through use of codes so that only those people for whom the information is
intended can understand it and process it. Thus, preventing unauthorized
access to information. The prefix “crypt” means “hidden” and suffix
“graphy” means “writing”. In Cryptography the techniques which are used
to protect information are obtained from mathematical concepts and a set
of rule-based calculations known as algorithms to convert messages in
ways that make it hard to decode it. These algorithms are used for
cryptographic key generation, digital signing, verification to protect data
privacy, web browsing on internet and to protect confidential transactions
such as credit card and debit card transactions.

Techniques used For Cryptography: In today’s age of computers

cryptography is often associated with the process where an ordinary plain
text is converted to cipher text which is the text made such that intended
receiver of the text can only decode it and hence this process is known as
encryption. The process of conversion of cipher text to plain text this is
known as decryption.

Features Of Cryptography are as follows:

1. Confidentiality: Information can only be accessed by the person for

whom it is intended and no other person except him can access it.

1
 2. Integrity: Information cannot be modified in storage or transition
between sender and intended receiver without any addition to
information being detected.

3. Non-repudiation: The creator/sender of information cannot deny his

intention to send information at later stage.

4. Authentication: The identities of sender and receiver are confirmed.

As well as destination/origin of information is confirmed.

Cryptosystems

A cryptosystem is a structure or scheme consisting of a set of algorithms

that converts plaintext to ciphertext to encode or decode messages
securely. The term “cryptosystem” is shorthand for “cryptographic
system” and refers to a computer system that employs cryptography, a
method of protecting information and communications through the use of
codes so that only those for whom the information is intended can read and
process it.

To help keep data secure, cryptosystems incorporate the algorithms for key
generation, encryption and decryption techniques. At the heart of
cryptographic operations is a cryptographic key, a string of bits used by a
cryptographic algorithm to transform plain text into ciphertext or the
reverse. The key is part of the variable data provided as input to a
cryptographic algorithm to execute this sort of operation. The
cryptographic scheme’s security depends on the security of the keys used.

2
Cryptosystems are used for sending messages in a secure manner over the
internet, such as credit card information and other private data. In another
application of cryptography, a system for secure electronic mail might
include methods for digital signatures, cryptographic hash functions and
key management techniques.

Components of a Cryptosystem

The various components of a basic cryptosystem are as follows −

 Plaintext: It is the data to be protected during transmission.

 Encryption Algorithm: It is a mathematical process that produces a

ciphertext for any given plaintext and encryption key. It is a
cryptographic algorithm that takes plaintext and an encryption key as
input and produces a ciphertext.

 Ciphertext: It is the scrambled version of the plaintext produced by

the encryption algorithm using a specific the encryption key. The
ciphertext is not guarded. It flows on public channel. It can be
intercepted or compromised by anyone who has access to the
communication channel.

 Decryption Algorithm: It is a mathematical process, that produces a

unique plaintext for any given ciphertext and decryption key. It is a
cryptographic algorithm that takes a ciphertext and a decryption key
as input, and outputs a plaintext. The decryption algorithm
essentially reverses the encryption algorithm and is thus closely
related to it.

3
  Encryption Key: It is a value that is known to the sender. The
sender inputs the encryption key into the encryption algorithm along
with the plaintext in order to compute the ciphertext.

 Decryption Key: It is a value that is known to the receiver. The

decryption key is related to the encryption key, but is not always
identical to it. The receiver inputs the decryption key into the
decryption algorithm along with the ciphertext in order to compute
the plaintext.

For a given cryptosystem, a collection of all possible decryption keys is

called a key space.

An interceptor (an attacker) is an unauthorized entity who attempts to

determine the plaintext. He can see the ciphertext and may know the
decryption algorithm. He, however, must never know the decryption key.

Types of Cryptosystems

Fundamentally, there are two types of cryptosystems based on the manner

in which encryption-decryption is carried out in the system −

 Symmetric Key Encryption

 Asymmetric Key Encryption

The main difference between these cryptosystems is the relationship

between the encryption and the decryption key. Logically, in any
cryptosystem, both the keys are closely associated. It is practically
impossible to decrypt the ciphertext with the key that is unrelated to the
encryption key.

4
Symmetric Key Encryption

The encryption process where same keys are used for encrypting and
decrypting the information is known as Symmetric Key Encryption.

The study of symmetric cryptosystems is referred to as symmetric

cryptography. Symmetric cryptosystems are also sometimes referred to
as secret key cryptosystems.

A few well-known examples of symmetric key encryption methods are −

Digital Encryption Standard (DES), Triple-DES (3DES), IDEA, and
BLOWFISH.

Data Encryption Standard (DES)

The Data Encryption Standard was published in 1977 by the US

NationalBureau of Standards. DES uses a 56-bit key and maps a 64-bit
input block of plaintext onto a 64-bit output block of ciphertext. 56 bits is
a rather small key for today's computing power.

5
Triple DES

Triple DES was the answer to many of the shortcomings of DES. Since it
is based on the DES algorithm, it is very easy to modify existing software
to use Triple DES. It also has the advantage of proven reliability and a
longer key length that eliminates many of the shortcut attacks that can be
used to reduce the amount of time it takes to break DES.

Advanced Encryption Standard (AES)

Advanced Encryption Standard (AES) is an encryption standard adopted

by the U.S. government. The standard comprises three block ciphers, AES-
128, AES-192 and AES-256, adopted from a larger collection originally
published as Rijndael.

Each AES cipher has a 128-bit block size, with key sizes of 128, 192 and
256 bits, respectively. The AES ciphers have been analyzed extensively
and are now used worldwide, as was the case with its predecessor, the
Data Encryption Standard (DES).

IDEA: -The International Data Encryption Algorithm was developed in

1991. It uses a 128-bit key to encrypt a 64-bit block of plaintext into a 64-
bit block of ciphertext. IDEA's general structure is very similar to DES, it
performs 17 rounds, each round taking 64 bits of input to produce a 64-bit
output, using per-round keys generated from the 128-bit key.

Prior to 1970, all cryptosystems employed symmetric key encryption.

Even today, its relevance is very high and it is being used extensively in

6
many cryptosystems. It is very unlikely that this encryption will fade
away, as it has certain advantages over asymmetric key encryption.

The salient features of cryptosystem based on symmetric key encryption

are:

 Persons using symmetric key encryption must share a common key

prior to exchange of information.

 Keys are recommended to be changed regularly to prevent any attack

on the system.

 A robust mechanism needs to exist to exchange the key between the

communicating parties. As keys are required to be changed regularly,
this mechanism becomes expensive and cumbersome.

 In a group of n people, to enable two-party communication between

any two persons, the number of keys required for group is n × (n –
1)/2.

 Length of Key (number of bits) in this encryption is smaller and

hence, process of encryption-decryption is faster than asymmetric
key encryption.

 Processing power of computer system required to run symmetric

algorithm is less.

Challenge of Symmetric Key Cryptosystem

There are two restrictive challenges of employing symmetric key

cryptography.

7
  Key establishment − Before any communication, both the sender
and the receiver need to agree on a secret symmetric key. It requires
a secure key establishment mechanism in place.
 Trust Issue − Since the sender and the receiver use the same
symmetric key, there is an implicit requirement that the sender and
the receiver ‘trust’ each other. For example, it may happen that the
receiver has lost the key to an attacker and the sender is not
informed.

These two challenges are highly restraining for modern day

communication. Today, people need to exchange information with non-
familiar and non-trusted parties. For example, a communication between
online seller and customer. These limitations of symmetric key encryption
gave rise to asymmetric key encryption schemes.

Asymmetric Key Encryption

The encryption process where different keys are used for encrypting
and decrypting the information is known as Asymmetric Key
Encryption. Though the keys are different, they are mathematically related
and hence, retrieving the plaintext by decrypting ciphertext is feasible.

Asymmetric Key Encryption was invented in the 20 th century to come over

the necessity of pre-shared secret key between communicating persons.
The salient features of this encryption scheme are as follows −

 Every user in this system needs to have a pair of dissimilar

keys, private key and public key. These keys are mathematically

8
 related − when one key is used for encryption, the other can decrypt
the ciphertext back to the original plaintext.

 It requires to put the public key in public repository and the private
key as a well-guarded secret. Hence, this scheme of encryption is
also called Public Key Encryption.

 Though public and private keys of the user are related, it is

computationally not feasible to find one from another. This is a
strength of this scheme.

 When Host1 needs to send data to Host2, he obtains the public key
of Host2 from repository, encrypts the data, and transmits.

 Host2 uses his private key to extract the plaintext.

 Length of Keys (number of bits) in this encryption is large and

hence, the process of encryption-decryption is slower than symmetric
key encryption.

 Processing power of computer system required to run asymmetric

algorithm is higher.

Symmetric cryptosystems are a natural concept. In contrast, public-key

cryptosystems are quite difficult to comprehend.

You may think, how can the encryption key and the decryption key are
‘related’, and yet it is impossible to determine the decryption key from the
encryption key? The answer lies in the mathematical concepts. It is
possible to design a cryptosystem whose keys have this property. The

9
concept of public-key cryptography is relatively new. There are fewer
public-key algorithms known than symmetric algorithms.

Challenge of Public Key Cryptosystem

Public-key cryptosystems have one significant challenge − the user needs

to trust that the public key that he is using in communications with a
person really is the public key of that person and has not been spoofed by a
malicious third party.

This is usually accomplished through a Public Key Infrastructure (PKI)

consisting a trusted third party. The third party securely manages and
attests to the authenticity of public keys. When the third party is requested
to provide the public key for any communicating person X, they are
trusted to provide the correct public key.

The third party satisfies itself about user identity by the process of
attestation, notarization, or some other process − that X is the one and
only, or globally unique, X. The most common method of making the
verified public keys available is to embed them in a certificate which is
digitally signed by the trusted third party.

10
Relation between Encryption Schemes

A summary of basic key properties of two types of cryptosystems is given

below –

Symmetric Public Key Cryptosystems

Cryptosystems

Relation between Same Different, but mathematically

Keys related
Encryption Key Symmetric Public
Decryption Key Symmetric Private

Due to the advantages and disadvantage of both the systems, symmetric

key and public-key cryptosystems are often used together in the practical
information security systems.

Kirchhoff’s Principle for Cryptosystem

In the 19th century, a Dutch cryptographer A. Kerckhoff furnished the

requirements of a good cryptosystem. Kerckhoff stated that a
cryptographic system should be secure even if everything about the
system, except the key, is public knowledge. The six design principles
defined by Kerckhoff for cryptosystem are −

 The cryptosystem should be unbreakable practically, if not

mathematically.

 Falling of the cryptosystem in the hands of an intruder should not

lead to any compromise of the system, preventing any inconvenience
to the user.

11
  The key should be easily communicable, memorable, and
changeable.

 The ciphertext should be transmissible by telegraph, an unsecure

channel.

 The encryption apparatus and documents should be portable and

operable by a single person.

 Finally, it is necessary that the system be easy to use, requiring

neither mental strain nor the knowledge of a long series of rules to
observe.

The second rule is currently known as Kirchhoff principle. It is applied in

virtually all the contemporary encryption algorithms such as DES, AES,
etc. These public algorithms are considered to be thoroughly secure. The
security of the encrypted message depends solely on the security of the
secret encryption key.

Keeping the algorithms secret may act as a significant barrier to

cryptanalysis. However, keeping the algorithms secret is possible only
when they are used in a strictly limited circle.

In modern era, cryptography needs to cater to users who are connected to

the Internet. In such cases, using a secret algorithm is not feasible, hence
Kirchhoff principles became essential guidelines for designing algorithms
in modern cryptography.

12
Secret Key

A secret key is the piece of information or parameter that is used to

encrypt and decrypt messages in a symmetric, or secret-key, encryption.

In asymmetric encryption, two separate keys are used. One is a public key
and the other is a secret key.

A secret key may also be known as a private key.

When using symmetric encryption, only one key is used for encryption and
decryption. However, in asymmetric cryptography there is both a private
key and a public key involved in the encryption and decryption processes.
The secret key can be kept by one person or exchanged with someone else
when sending encrypted messages. If only one key is available for both
encryption and decryption, both the sender and receiver of a message have
to have a copy of the secret key to be able to read the message.

The most difficult aspect of this type of encryption is how to distribute the
key to a second party without affecting security.

Secret key cryptography systems are often classified to be either stream

ciphers or block ciphers. Stream ciphers work on a single bit at a time and
also use some kind of feedback mechanism so that the key changes
regularly. A block cipher, on the other hand, encrypts one data block at a
time by using precisely the same key on every block.

The most accepted secret key cryptography scheme is Data Encryption

Standard (DES) cryptography. Other cryptography systems used for

13
secret-key encryption include the Advanced Encryption Standard (AES)
and CAST-128/256.

Cryptanalysis

Cryptanalysis is the study of ciphertext, ciphers and cryptosystems with

the aim of understanding how they work and finding and improving
techniques for defeating or weakening them. For example, cryptanalysts
seek to decrypt ciphertexts without knowledge of the plaintext source,
encryption key or the algorithm used to encrypt it; cryptanalysts also target
secure hashing, digital signatures and other cryptographic algorithms.

How does cryptanalysis work?

While the objective of cryptanalysis is to find weaknesses in or otherwise

defeat cryptographic algorithms, cryptanalysts' research results are used by
cryptographers to improve and strengthen or replace flawed algorithms.
Both cryptanalysis, which focuses on deciphering encrypted data, and
cryptography, which focuses on creating and improving encryption ciphers
and other algorithms, are aspects of cryptology, the mathematical study of
codes, ciphers and related algorithms.

Researchers may discover methods of attack that completely break an

encryption algorithm, which means that ciphertext encrypted with that
algorithm can be decrypted trivially without access to the encryption key.
More often, cryptanalytic results uncover weaknesses in the design or
implementation of the algorithm, which can reduce the number of keys
that need to be tried on the target ciphertext.

14
For example, a cipher with a 128 bit encryption key can have 2128 (or
340,282,366,920,938,463,463,374,607,431,768,211,456) unique keys; on
average, a brute force attack against that cipher will succeed only after
trying half of those unique keys. If cryptanalysis of the cipher reveals an
attack that can reduce the number of trials needed to 240 (or just
1,099,511,627,776) different keys, then the algorithm has been weakened
significantly, to the point that a brute-force attack would be practical with
commercial off-the-shelf systems.

Who uses cryptanalysis?

Cryptanalysis is practiced by a broad range of organizations, including

governments aiming to decipher other nations' confidential
communications; companies developing security products that employ
cryptanalysts to test their security features; and hackers, crackers,
independent researchers and academicians who search for weaknesses in
cryptographic protocols and algorithms.

It is this constant battle between cryptographers trying to secure

information and cryptanalysts trying to break cryptosystems that moves
the entire body of cryptology knowledge forward.

Cryptanalysis techniques and attacks

There are many different types of cryptanalysis attacks and techniques,

which vary depending on how much information the analyst has about the
ciphertext being analyzed. Some cryptanalytic methods include:

15
In a ciphertext-only attack, the attacker only has access to one or more
encrypted messages but knows nothing about the plaintext data, the
encryption algorithm being used or any data about the cryptographic key
being used. This is the type of challenge that intelligence agencies often
face when they have intercepted encrypted communications from an
opponent.

In a known plaintext attack, the analyst may have access to some or all
of the plaintext of the ciphertext; the analyst's goal in this case is to
discover the key used to encrypt the message and decrypt the message.
Once the key is discovered, an attacker can decrypt all messages that had
been encrypted using that key. Linear cryptanalysis is a type of known
plaintext attack that uses a linear approximation to describe how a block
cipher Known plaintext attacks depend on the attacker being able to
discover or guess some or all of an encrypted message, or even the format
of the original plaintext. For example, if the attacker is aware that a
particular message is addressed to or about a particular person, that
person's name may be a suitable known plaintext.

In a chosen plaintext attack, the analyst either knows the encryption

algorithm or has access to the device used to do the encryption. The
analyst can encrypt the chosen plaintext with the targeted algorithm to
derive information about the key.

A differential cryptanalysis attack is a type of chosen plaintext attack on

block ciphers that analyzes pairs of plaintexts rather than single plaintexts,

16
so the analyst can determine how the targeted algorithm works when it
encounters different types of data.

Integral cryptanalysis attacks are similar to differential cryptanalysis

attacks, but instead of pairs of plaintexts, it uses sets of plaintexts in which
part of the plaintext is kept constant but the rest of the plaintext is
modified. This attack can be especially useful when applied to block
ciphers that are based on substitution-permutation networks.

A side-channel attack depends on information collected from the physical

system being used to encrypt or decrypt. Successful side-channel attacks
use data that is neither the ciphertext resulting from the encryption process
nor the plaintext to be encrypted, but rather may be related to the amount
of time it takes for a system to respond to specific queries, the amount of
power consumed by the encrypting system, or electromagnetic radiation
emitted by the encrypting system.

A dictionary attack is a technique typically used against password files

and exploits the human tendency to use passwords based on natural words
or easily guessed sequences of letters or numbers. The dictionary attack
works by encrypting all the words in a dictionary and then checking
whether the resulting hash matches an encrypted password stored in the
SAM file format or other password file.

Man-in-the-middle attacks occur when cryptanalysts find ways to insert

themselves into the communication channel between two parties who wish
to exchange their keys for secure communication via asymmetric or public
key infrastructure The attacker then performs a key exchange with each

17
party, with the original parties believing they are exchanging keys with
each other. The two parties then end up using keys that are known to the
attacker.

Other types of cryptanalytic attacks can include techniques for convincing

individuals to reveal their passwords or encryption keys, developing
Trojan horse programs that steal secret keys from victims' computers and
send them back to the cryptanalyst, or tricking a victim into using a
weakened cryptosystem.

Side-channel attacks have also been known as timing or differential power

analysis. These attacks came to wide notice in the late 1990s when
cryptographer Paul Kocher was publishing results of his research into
timing attacks and differential power analysis attacks on Diffie-Hellman,
RSA, Digital Signature Standard (DSS) and other cryptosystems,
especially against implementations on smart cards.

Tools for cryptanalysis

Because cryptanalysis is primarily a mathematical subject, the tools for

doing cryptanalysis are in many cases described in academic research
papers. However, there are many tools and other resources available for
those interested in learning more about doing cryptanalysis. Some of them
include:

 CrypTool is an open-source project that produces e-learning

programs and a web portal for learning about cryptanalysis and
cryptographic algorithms.

18
  Cryptol is a domain-specific language originally designed to be used
by the National Security Agency specifying cryptographic
algorithms. Cryptol is published under an open-source license and
available for public use. Cryptol makes it possible for users to
monitor how algorithms operate in software programs written to
specify the algorithms or ciphers. Cryptol can be used to deal with
cryptographic routines rather than with entire cryptographic suites.

 CryptoBench is a program that can be used to do cryptanalysis of

ciphertext generated with many common algorithms. It can encrypt
or decrypt with 29 different symmetric encryption algorithms;
encrypt, decrypt, sign and verify with six different public key
algorithms; and generate 14 different kinds of cryptographic hashes
as well as two different types of checksums.

 Ganzua (meaning picklock or skeleton key in Spanish) is an open-

source cryptanalysis tool used for classical polyalphabetic and
monoalphabetic ciphers. Ganzua lets users define nearly completely
arbitrary cipher and plain alphabets, allowing for the proper
cryptanalysis of cryptograms obtained from non-English text. A Java
application, Ganzua can run on Windows, Mac OS X or Linux.

Cryptanalysts commonly use many other data security tools including

network sniffers and password cracking software, though it is not unusual
for cryptanalytic researchers to create their own custom tools for specific
tasks and challenges.

19
Encryption

Encryption is a way of scrambling data so that only authorized parties can

understand the information. In technical terms, it is the process of
converting human-readable plaintext to incomprehensible text, also known
as ciphertext. In simpler terms, encryption takes readable data and alters it
so that it appears random. Encryption requires the use of a cryptographic
key: a set of mathematical values that both the sender and the recipient of
an encrypted message agree on.

Although encrypted data appears random, encryption proceeds in a logical,

predictable way, allowing a party that receives the encrypted data and
possesses the right key to decrypt the data, turning it back into plaintext.
Truly secure encryption will use keys complex enough that a third party is
highly unlikely to decrypt or break the ciphertext by brute force — in other
words, by guessing the key.

Data can be encrypted "at rest," when it is stored, or "in transit," while it is
being transmitted somewhere else.

20
What is a key in cryptography?

A cryptographic key is a string of characters used within an encryption

algorithm for altering data so that it appears random. Like a physical key,
it locks (encrypts) data so that only someone with the right key can unlock
(decrypt) it.

How Encryption Works?

Original information, or plain text, might be something as simple as

"Hello, world!" As cipher text, this might appear as something confusing
like 7*#0+gvU2x—something seemingly random or unrelated to the
original plaintext.

Encryption, however, is a logical process, whereby the party receiving the

encrypted data—but also in possession of the key—can simply decrypt the
data and turn it back into plaintext.

For decades, attackers have tried by brute force—essentially, by trying

over and over again—to figure out such keys. Cybercriminals increasingly
have access to stronger computing power such that sometimes, when
vulnerabilities exist, they are able to gain access.

Data needs to be encrypted when it is in two different states: "at rest,"

when it is stored, such as in a database; or "in transit," while it is being
accessed or transmitted between parties.

An encryption algorithm is a mathematical formula used to transform

plaintext (data) into ciphertext. An algorithm will use the key to alter the
data in a predictable way. Even though the encrypted data appears to be

21
random, it can actually be turned back into plaintext by using the key
again. Some commonly used encryption algorithms include Blowfish,
Advanced Encryption Standard (AES), Rivest Cipher 4 (RC4), RC5, RC6,
Data Encryption Standard (DES), and Twofish.

Encryption has evolved over time, from a protocol that was used only by
governments for top-secret operations to an everyday must-have for
organizations to ensure the security and privacy of their data.

Types of Encryption

There are many different types of encryption, each with its own benefit
and use case.

Symmetric Encryption

In this simple encryption method, only one secret key is used to both
cipher and decipher information. While the oldest and best-known
encryption technique, the main drawback is that both parties need to have
the key used to encrypt the data before they can decrypt it. Symmetric
encryption algorithms include AES-128, AES-192, and AES-256. Because
it is less complex and executes faster, symmetric encryption is the
preferred method for transmitting data in bulk.

Asymmetric Encryption

Also known as public key cryptography, asymmetric encryption is a

relatively new method that uses two different but related keys to encrypt
and decrypt data. One key is secret and one key is public. The public key
is used to encrypt data, and the private key is used to decrypt (and vice

22
versa). Security of the public key is not needed because it is publicly
available and can be shared over the internet.

Asymmetric encryption presents a much stronger option for ensuring the

security of information transmitted over the internet. Websites are secured
using Secure Socket Layer (SSL) or Transport Layer Security (TLS)
certificates. A query to a web server sends back a copy of the digital
certificate, and a public key can be extracted from that certificate, while
the private key stays private.

Encryption in the Cloud

Cloud encryption is a service offered by cloud storage providers in which

data is first encrypted using algorithms before being pushed to a storage
cloud. Customers of a cloud storage provider must be aware of and
comfortable with the level of depth of the provider's policies and
procedures for encryption and encryption key management.

Because encryption consumes more bandwidth, many cloud providers only

offer basic encryption on a few database fields, such as passwords and
account numbers. This is often not enough for some organizations. So they
rely on a Bring Your Own Encryption (BYOE) model in which they use
their own encryption software and manage their own encryption keys to
ensure a level of cloud computing security they are comfortable with.

As an opposite approach, Encryption as a Service (EaaS) has emerged as a

simple, pay-as-you-go service customers can purchase from a cloud
provider, managing encryption themselves in a multi-tenant environment.

23
End-to-End Encryption

End-to-end encryption (E2EE) ensures that only the two users

communicating with one another can read the messages. Even the
intermediary, such as the telecom or internet service provider, cannot
decrypt the messages. E2EE is generally seen as the most secure way to
communicate privately and securely online. Examples of E2EE in use
include the WhatsApp messaging service, which famously asserts that
users' messages are secured with "locks."

Encryption Challenges

Attackers will still attack even when they know that data or devices are
encrypted. They figure that with some effort, they might get through. For
many years, weak passwords served as the impetus for attackers to keep
trying, as some sophisticated software could sooner or later figure out
passwords.

Such brute force attacks have become more sophisticated, as attackers

hope that by making thousands or even millions of guesses, they will
figure out the key for decryption. However, most modern encryption
methods, coupledwith multi-factor authentication (MFA), are helping
organizations to become more resistant to brute force attacks.

The Benefits of Encryption

Encryption has become an enormous asset to organizations, allowing them

to confidently offer a more secure experience for employees, customers,
and other stakeholders.

24
Privacy and Security

Encryption can prevent data breaches. Even if an attacker maliciously

gains access to a network, if a device is encrypted, the device will still be
secure, rendering attempts by the attacker to consume the data useless.
Encryption ensures no one can read communications or data except the
intended recipient or data owner. This prevents attackers from intercepting
and accessing sensitive data.

Regulations

Encrypting data allows organizations to protect data and maintain privacy

in accordance with industry regulations and government policy. Many
industries, especially those in financial services and healthcare, have
explicit rules on data protection. For example, the Gramm-Leach-Bliley
Act requires financial institutions to let customers know how their data is
being shared and also how their data is remaining protected. Encryption
helps financial institutions comply with this act.

Secure Internet Browsing

Encryption also keeps users safe while browsing the internet. Earlier in the
internet's history, attackers found ways to steal unencrypted information
sent between users and web services over the Hypertext Transfer Protocol
(HTTP). The standard to encrypt web content by running HTTP over the
Secure Socket Layer protocol emerged, soon to be replaced with the
Transport Layer Security protocol, enabling enterprises, publishers, and e-
commerce providers to offer a secure experience for users.

25
With encryption, users feel safer entering personal information into
webpages and carrying out financial or e-commerce transactions.

Encryption Keeps Sensitive Data Safe

Encryption will continue to be a core security feature in everything from

video chats to e-commerce to social media. Basically, if it can be shared or
stored, it will be encrypted. Both organizations and individual users would
benefit from keeping on top of encryption standards to ensure that both
their personal and professional data is safe from misuse or compromise.

What are some common encryption algorithms?

Commonly used symmetric encryption algorithms include:

 AES
 3-DES

Commonly used asymmetric encryption algorithms include:

 RSA
 Elliptic curve cryptography

AES

The Advanced Encryption Standard (AES) is the algorithm trusted as the

standard by the U.S. Government and numerous organizations. Although it
is highly efficient in 128-bit form, AES also uses keys of 192 and 256 bits
for heavy-duty encryption purposes.

26
AES is largely considered impervious to all attacks, except for brute force,
which attempts to decipher messages using all possible combinations in
the 128, 192, or 256-bit cipher.

3-DES

Triple DES was designed to replace the original Data Encryption Standard
(DES) algorithm, which hackers eventually learned to defeat with relative
ease. At one time, Triple DES was the recommended standard and the
most widely used symmetric algorithm in the industry.

Triple DES uses three individual keys with 56 bits each. The total key
length adds up to 168 bits, but experts would argue that 112-bits in key
strength is more accurate. Despite slowly being phased out, Triple DES
has, for the most part, been replaced by the Advanced Encryption Standard
(AES).

RSA Security

RSA is a public-key encryption algorithm and the standard for encrypting

data sent over the internet. It also happens to be one of the methods used in
PGP and GPG programs. Unlike Triple DES, RSA is considered an
asymmetric algorithm due to its use of a pair of keys. You've got your
public key to encrypt the message and a private key to decrypt it. The
result of RSA encryption is a huge batch of mumbo jumbo that takes
attackers a lot of time and processing power to break.

27
Blowfish

Blowfish is yet another algorithm designed to replace DES. This

symmetric cipher splits messages into blocks of 64 bits and encrypts them
individually. Blowfish is known for its tremendous speed and overall
effectiveness. Meanwhile, vendors have taken full advantage of its free
availability in the public domain. You'll find Blowfish in software
categories ranging from e-commerce platforms for securing payments to
password management tools, where it protects passwords. It's one of the
more flexible encryption methods available.

Twofish

Computer security expert Bruce Schneier is the mastermind behind

Blowfish and its successor Twofish. Keys used in this algorithm may be
up to 256 bits in length, and as a symmetric technique, you only need one
key. Twofish is one of the fastest of its kind and ideal for use in hardware
and software environments. Like Blowfish, Twofish is freely available to
anyone who wants to use it.

Elliptic Curve Cryptography

Elliptic Curve Cryptography (ECC) is a key-based technique for

encrypting data. ECC focuses on pairs of public and private keys for
decryption and encryption of web traffic.

ECC is frequently discussed in the context of the Rivest–Shamir–Adleman

(RSA) cryptographic algorithm. RSA achieves one-way encryption of
things like emails, data, and software using prime factorization.

28
Brute Force Attack

A brute force attack is a hacking method that uses trial and error to crack
passwords, login credentials, and encryption keys. It is a simple yet
reliable tactic for gaining unauthorized access to individual accounts and
organizations’ systems and networks. The hacker tries multiple usernames
and passwords, often using a computer to test a wide range of
combinations, until they find the correct login information.

The name "brute force" comes from attackers using excessively forceful
attempts to gain access to user accounts. Despite being an old cyberattack
method, brute force attacks are tried and tested and remain a popular tactic
with hackers.

Types of Brute Force Attacks

There are various types of brute force attack methods that allow attackers
to gain unauthorized access and steal user data.

1. Simple Brute Force Attacks

A simple brute force attack occurs when a hacker attempts to guess a

user’s login credentials manually without using any software. This is
typically through standard password combinations or personal
identification number (PIN) codes.

These attacks are simple because many people still use weak passwords,
such as "password123" or "1234," or practice poor password etiquette,
such as using the same password for multiple websites. Passwords can also
be guessed by hackers that do minimal reconnaissance work to crack an

29
individual's potential password, such as the name of their favorite sports
team.

2. Dictionary Attacks

A dictionary attack is a basic form of brute force hacking in which the

attacker selects a target, then tests possible passwords against that
individual’s username. The attack method itself is not technically
considered a brute force attack, but it can play an important role in a bad
actor’s password-cracking process.

The name "dictionary attack" comes from hackers running through

dictionaries and amending words with special characters and numbers.
This type of attack is typically time-consuming and has a low chance of
success compared to newer, more effective attack methods.

3. Hybrid Brute Force Attacks

A hybrid brute force attack is when a hacker combines a dictionary attack

method with a simple brute force attack. It begins with the hacker knowing
a username, then carrying out a dictionary attack and simple brute force
methods to discover an account login combination.

The attacker starts with a list of potential words, then experiments with
character, letter, and number combinations to find the correct password.
This approach allows hackers to discover passwords that combine
common or popular words with numbers, years, or random characters,
such as "SanDiego123" or "Rover2020."

30
4. Reverse Brute Force Attacks

A reverse brute force attack sees an attacker begin the process with a
known password, which is typically discovered through a network breach.
They use that password to search for a matching login credential using lists
of millions of usernames. Attackers may also use a commonly used weak
password, such as "Password123," to search through a database of
usernames for a match.

5. Credential Stuffing

Credential stuffing preys on users’ weak password etiquettes. Attackers

collect username and password combinations they have stolen, which they
then test on other websites to see if they can gain access to additional user
accounts. This approach is successful if people use the same username and
password combination or reuse passwords for various accounts and social
media profiles.

What is the Motive behind Brute Force Attacks?

Brute force hacking requires plenty of patience because it may take

months or even years for an attacker to successfully crack a password or
encryption key. However, the potential rewards are huge.

Exploit Ads or Activity Data

A hacker may launch a brute force attack on a website or multiple websites

to earn financial profit from advertising commission. Common methods
include:

31
  Placing spam ads on popular websites, which enables the attacker to
earn money every time an ad gets clicked or viewed by a visitor.
 Rerouting traffic to a legitimate website to illegal commissioned ad
sites.
 Infecting a website and site visitors with malware, such as spyware,
that tracks activity. The data collected is then sold to advertisers
without the user’s consent.

Steal Personal Data

Hacking into a user’s personal accounts can provide a treasure trove of

data, from financial details and bank accounts to confidential medical
information. Access to an account enables an attacker to spoof a person’s
identity, steal their money, sell their credentials to third parties, or use the
information to launch wider attacks.

Personal data and login credentials can also be stolen through corporate
data breaches that see attackers gain access to organizations’ sensitive
databases.

Spread Malware

Brute force attacks are often not personal. A hacker may simply want to
create havoc and showcase their malicious skills. They may do this by
spreading malware via email or Short Message Service (SMS) messages,
concealing malware within a spoofed website designed to look like a
legitimate site, or redirecting website visitors to malicious sites.

32
By infecting a user’s computer with malware, the attacker can then work
their way into connected systems and networks and launch wider
cyberattacks against organizations.

Hijack Systems for Malicious Activity

Brute force attacks can play a role in malicious actors launching broader
attacks using multiple devices, called a botnet. This is typically a
distributed denial-of-service (DDoS) attack that aims to overpower the
target’s security defences and systems.

Ruin a Company or Website’s Reputation

Brute force attacks are often launched in an attempt to steal data from an
organization, which not only costs them financially but also causes huge
reputational damage. Websites can also be targeted with attacks that infest
them with obscene or offensive text and images, thereby denigrating their
reputation, which could lead to them being taken down.

Brute Force Attack Tools

Guessing a user’s email or social media website password can be a time-

consuming process, especially if the accounts have strong passwords. To
simplify the process, hackers have developed software and tools to help
them crack passwords.

Brute force attack tools include password-cracking applications, which

crack username and password combinations that would be extremely
difficult for a person to crack on their own. Commonly used brute force
attack tools include:

33
Aircrack-ng: A suite of tools that assess Wi-Fi network security to monitor
and export data and attack an organization through methods like fake
access points and packet injection.

John the Ripper: An open-source password recovery tool that supports

hundreds of cipher and hash types, including user passwords for macOS,
Unix, and Windows, database servers, web applications, network traffic,
encrypted private keys, and document files.

These types of software can rapidly guess combinations that identify weak
passwords and crack multiple computer protocols, wireless modems, and
encrypted storage devices.

A brute force attack can also demand huge amounts of computing power.
To combat that, hackers have developed hardware solutions that simplify
the process, such as combining a device’s central processing unit (CPU)
and graphics processing unit (GPU). Adding the computing core of the
GPU enables a system to process several tasks simultaneously and the
hackers to crack passwords significantly faster.

Decryption

Decryption is the transformation of data that has been encrypted and

rendered unreadable back to its unencrypted form. The garbled data is
extracted by the system and converted and transformed into texts and
images that are easily understandable by the reader as well as the system.
Simply put, decryption is essentially the reverse of encryption, which
requires coding data to make it unreadable, but the matching decryption
keys can make it readable.

34
The recipients must have the right decryption or decoding tools to access
the original details. Decryption is performed using the best decryption
software, unique keys, codes, or passwords. The original file can be in the
form of text files, images, e-mail messages, user data, and directories.

The original format is called plaintext while the unreadable format is

referred to as ciphertext. Parties use an encryption scheme called an
algorithm and keys for encryption and decryption of messages in a private
conversation. The decryption algorithm is also known as a cipher.

Why is Decryption necessary?

One of the primary reasons for having an encryption-decryption system in

place is privacy. Information over the World Wide Web is subject to
scrutiny and access from unauthorized users. Therefore, the data is
encrypted to prevent data theft.

Here are some significant reasons why decryption is used:

 It helps secure sensitive information like login credentials like

usernames and passwords.
 Provides confidentiality to private data.
 It helps ensure that the record or file remains unchanged.
 It avoids plagiarism and protects IP.
 It is beneficial for network communications like the internet where a
hacker can gain access to unencrypted data.
 It lets one protect their data safely without the fear of someone else
accessing it.

35
The person who is responsible for data decryption receives a prompt or
window for a password to be entered to gain access to the encrypted
information.

Primarily, the continuous development of algorithms for substantial

encryption is for the intelligence and law enforcement specialists. It is an
arms race in computation. Furthermore, organizations that need to deal
with digital security examinations or recover lost passwords have a similar
requirement.

Additionally, the use of the most advanced forms of decryption makes

extensive computation requirements inevitable, which will result in further
need for decryption.

The federal agencies and ISVs employ in-house decryption or

steganographic algorithms to provide turnkey networks that can offer
decryption on multiple computers across an entire company.

Types of Decryption

A single algorithm is used to encrypt and decrypt a pair of keys. Each of

these keys gets used for encryption and decryption. Let’s take a look at
some of the common types of decryption algorithms that are used.

Triple DES

When hackers gradually learned to get past the Data Encryption Standard
(DES) algorithm, Triple DES was introduced to replace it. It utilizes three
single 56-bit keys each. It phased out eventually, but despite that, Triple

36
DES still offers secure encryption and decryption solutions for hardware
across various industries.

RSA

RSA is a public-key encryption-decryption algorithm. It is a standard for

data encryption and is also one of the approaches that are used in PGP and
GPG programs. RSA decryption is considered to have an asymmetric
algorithm because it uses a pair of keys, unlike Triple DES. The public key
is used to encrypt the message, while the private key is used to decrypt it.

Blowfish

Blowfish was also developed to replace DES. The messages are broken
into 64-bit blocks by this symmetric cipher and encrypted individually.
Blowfish delivers incredible speed and overall undefeated performance.
Vendors have utilized its free availability well in the public domain.

Twofish

Twofish is the successor of Blowfish. The key length used for this
algorithm can be up to 256 bits and only one key can suffice as a
symmetrical technique. Twofish is one of the fastest of its kind that is
suitable for both software and hardware environments. Like Blowfish,
Twofish is also free for use by anyone who wants to use it.

AES

While AES is highly efficient in its 128-bit form, it is also able to utilize
192 and 256-bit keys for the purpose of more heavy-duty data encryption.
It is believed to be resistant to all attacks, excluding brute force that

37
decodes messages using all combinations of 128, 192, or 256-bit
cryptosystems. Cyber security experts claim that it can be a de facto
standard for data encryption.

How does Decryption work?

To understand how decryption typically works, let’s consider the case of a

Veeam backup. When trying to recover information from a Veeam backup,
an encrypted backup file and Replication will perform decryption
automatically in the backdrop or will require a key.

In case an encryption password is required to gain access to the backup

file, if the Replication configuration database and Veeam backup is
accessible, the key is no longer necessary. The passwords from the
database are required to open the backup file. The information is
accessible in the backdrop, and data recovery is not much different from
that of the unencrypted data.

Automated information is can be accessed if the following requirements

are met:

 The backup file should be encrypted on a similar backup server that

uses the similar Replication configuration database & Veeam
backup.
 The backup file should not be excluded from the Replication console
& Veeam backup.
 If encryption passwords are not accessible from the Replication
configuration database & Veeam backup, a key is required to gain
access to the encrypted file.

38
  Once information is accessible from the origin side, all the
subsequent data is conveyed back from the destination point. As a
result, information capture can be avoided as the encryption
passwords are not transferred back from the origin point.

Advantages and Disadvantages of Decryption

While the reason for using decryption may vary, adequate protection is one
of the key advantages and purposes that it serves. The organization can
have smooth management with the help of decryption. Cyber security
professionals use this method to prevent the exfiltration of confidential
information.

The primary concern with decryption, however, is the matter of data

privacy. Decryption operates on the risk of separating an essential part of
the workforce. Take the example of an employee who by chance logged
into their email or bank account. This might, at any time, trigger a firewall
incident if keywords are inadequately selected.

Hence, privacy for end consumers is renounced when decryption is

underway. An innocent employee with no intention of exposing sensitive
organizational data might find their network traffic observed as a result of
triggering the firewall involuntarily.

Encryption and Decryption

Let’s quickly take a look at the difference between encrypted and

decryption from the following comparison table.

39
Parameter Encryption Decryption
Definition The process of converting The process of converting
normal data into an the unreadable/encrypted
unreadable format to avoid data into its original form so
unauthorized access to that authorized users can
sensitive data. read it.
Process Whenever data is The receiver of the data
transferred between two automatically converts the
separate machines, it is encrypted data to its original
automatically encrypted form.
using a secret key.
Location of The user who is sending the The user who receives the
Conversion encrypted data to the encrypted data and converts
destination. it.
Example Sending sensitive Receiving the encrypted
documents to a user. documents from the source
and decrypting it to read it.
Use of The encryption-decryption A single algorithm is used
Algorithm process uses the same for encryption and
algorithm with the same decryption is done with a
key. pair of keys where each of
them is used for encryption
and decryption.
Primary Converting decipherable Converting an obscure
Function messages into an message into a decipherable

40
 incomprehensible form so form that is understandable
that it cannot be interpreted by humans

Hard-Drive Encryption?

Hard-drive encryption is a technology that encrypts the data stored on a

hard drive using sophisticated mathematical functions.

Data on an encrypted hard drive cannot be read by anyone who does not
have access to the appropriate key or password. This can help prevent
access to data by unauthorized persons and provides a layer of security
against hackers and other online threats.

The concept of hard-drive encryption is simple: when a file is written to

the drive, it is automatically encrypted by specialized software. Though it
sounds similar to hardware-based encryption, it does not rely on the use of
any hardware to encrypt the hard drive.

When a file is read from the drive, the software automatically decrypts it
while leaving all other data on the drive encrypted. The encryption and
decryption processes are transparent to all common applications such as
word processors, databases, spreadsheets or imaging programs. A
computer equipped with hard-drive encryption appears, from the user's
point of view, to function as any other computer would.

41
What is BitLocker?

Windows OSes offer a hard-drive encryption software program called

BitLocker. BitLocker allows recovery keys to be saved and employs two-
factor authentication.

Bit Locker is supported on:

 Windows 11 -- Enterprise and Pro

 Windows 10 -- Enterprise and Pro
 Windows 8 and 8.1 -- Professional and Enterprise
 Windows 7 -- Ultimate and Enterprise
 Windows Server 2008 and later

Other hard drive encryption software tools are available as well. AxCrypt,
is a popular open source tool used to encrypt files. Furthermore, external
USB drives with encryption software are available for purchase.

How does hard drive encryption work?

Hard drive encryption systems use the Advanced Encryption Standard

(AES), which is a block cipher. The encryption process works through
using an encryption key, according to an encryption algorithm. Hard drive
data is encrypted through translation into unreadable code called cipher
text. Cipher lengths for hard drive encryption are typically either 128-bit or
256-bit. The 256-bit encryption is recommended, as it provides stronger
security.

42
Decryption Techniques

Decryption is the process in which the encrypted code or data is converted

back to a form that is easily understandable and readable by a human or
machine. This is basically known as decoding encrypted data. It takes
place at the receiver end. The message can be decrypted either with the
secret key or the private key.

The below diagram clearly shows the decryption technique and also the
encrypted text i.e., the cipher text is converted back to the original
message.

What are the types of Keys available?

There are some key presents that help in performing the encryption and
decryption technique. Let’s see in more detail about the keys available.

Symmetric Key

This key helps in performing Symmetric Encryption also known as the

Symmetric-key encryption algorithm. It uses the same cryptographic keys

43
for performing both the encryption of plaintext from the sender’s side and
the decryption of the ciphertext on the receiver side.

Asymmetric Key

Asymmetric key encryption algorithm uses two pairs of keys, which are
used for encryption. These two different keys are used for encrypting the
data and for decrypting the data. The public key is made available to
anyone whereas the secret key is only made available to the receiver side
of the message. This provides more security as compared to symmetric key
encryption.

Public Key

Public keys are the keys that are basically used to encrypt the message for
the receiver. This cryptography is an encryption system that is based on
two pairs of keys.

Private Key

The private key usually used with the asymmetric encryption algorithm as
one can use the same key for encrypting and decrypting the data. It also
may be a part of the public/private asymmetric key pair.

Pre-Shared Key

It is also known as PSK, is a shared secret key that was earlier shared
between two different organizations or people using a secure channel
before it is used.

Why use encryption and decryption Techniques?

44
Let’s focus on some of the important reasons for using encryption. Here
some of them are mentioned.

 It provides confidentiality to our private data and information and for

particular organizations.
 It helps in protecting or preventing plagiarism and thus protects the
IP.
 It helps in protecting our important data such as our user ID,
password, login ID, which are very confidential.
 It is a very essential and useful method for the organization or
company as it helps to protect the data from outsiders and no one can
able access the data. It provides security.
 It also helps you to ensure that no one can able to modify or alter the
data or file.

It is very helpful over the internet as most of us working on the internet,

and where an attacker can easily access your data, so in order to prevent
this, we use the encryption technique.

45