Professional Documents
Culture Documents
UNIT 2-1
UNIT 2-1
CRYPTOGRAPHY
INTRODUCTION
1
2. Integrity: Information cannot be modified in storage or transition
between sender and intended receiver without any addition to
information being detected.
Cryptosystems
To help keep data secure, cryptosystems incorporate the algorithms for key
generation, encryption and decryption techniques. At the heart of
cryptographic operations is a cryptographic key, a string of bits used by a
cryptographic algorithm to transform plain text into ciphertext or the
reverse. The key is part of the variable data provided as input to a
cryptographic algorithm to execute this sort of operation. The
cryptographic scheme’s security depends on the security of the keys used.
2
Cryptosystems are used for sending messages in a secure manner over the
internet, such as credit card information and other private data. In another
application of cryptography, a system for secure electronic mail might
include methods for digital signatures, cryptographic hash functions and
key management techniques.
Components of a Cryptosystem
3
Encryption Key: It is a value that is known to the sender. The
sender inputs the encryption key into the encryption algorithm along
with the plaintext in order to compute the ciphertext.
Types of Cryptosystems
4
Symmetric Key Encryption
The encryption process where same keys are used for encrypting and
decrypting the information is known as Symmetric Key Encryption.
5
Triple DES
Triple DES was the answer to many of the shortcomings of DES. Since it
is based on the DES algorithm, it is very easy to modify existing software
to use Triple DES. It also has the advantage of proven reliability and a
longer key length that eliminates many of the shortcut attacks that can be
used to reduce the amount of time it takes to break DES.
Each AES cipher has a 128-bit block size, with key sizes of 128, 192 and
256 bits, respectively. The AES ciphers have been analyzed extensively
and are now used worldwide, as was the case with its predecessor, the
Data Encryption Standard (DES).
6
many cryptosystems. It is very unlikely that this encryption will fade
away, as it has certain advantages over asymmetric key encryption.
7
Key establishment − Before any communication, both the sender
and the receiver need to agree on a secret symmetric key. It requires
a secure key establishment mechanism in place.
Trust Issue − Since the sender and the receiver use the same
symmetric key, there is an implicit requirement that the sender and
the receiver ‘trust’ each other. For example, it may happen that the
receiver has lost the key to an attacker and the sender is not
informed.
The encryption process where different keys are used for encrypting
and decrypting the information is known as Asymmetric Key
Encryption. Though the keys are different, they are mathematically related
and hence, retrieving the plaintext by decrypting ciphertext is feasible.
8
related − when one key is used for encryption, the other can decrypt
the ciphertext back to the original plaintext.
It requires to put the public key in public repository and the private
key as a well-guarded secret. Hence, this scheme of encryption is
also called Public Key Encryption.
When Host1 needs to send data to Host2, he obtains the public key
of Host2 from repository, encrypts the data, and transmits.
You may think, how can the encryption key and the decryption key are
‘related’, and yet it is impossible to determine the decryption key from the
encryption key? The answer lies in the mathematical concepts. It is
possible to design a cryptosystem whose keys have this property. The
9
concept of public-key cryptography is relatively new. There are fewer
public-key algorithms known than symmetric algorithms.
The third party satisfies itself about user identity by the process of
attestation, notarization, or some other process − that X is the one and
only, or globally unique, X. The most common method of making the
verified public keys available is to embed them in a certificate which is
digitally signed by the trusted third party.
10
Relation between Encryption Schemes
11
The key should be easily communicable, memorable, and
changeable.
12
Secret Key
In asymmetric encryption, two separate keys are used. One is a public key
and the other is a secret key.
When using symmetric encryption, only one key is used for encryption and
decryption. However, in asymmetric cryptography there is both a private
key and a public key involved in the encryption and decryption processes.
The secret key can be kept by one person or exchanged with someone else
when sending encrypted messages. If only one key is available for both
encryption and decryption, both the sender and receiver of a message have
to have a copy of the secret key to be able to read the message.
The most difficult aspect of this type of encryption is how to distribute the
key to a second party without affecting security.
13
secret-key encryption include the Advanced Encryption Standard (AES)
and CAST-128/256.
Cryptanalysis
14
For example, a cipher with a 128 bit encryption key can have 2128 (or
340,282,366,920,938,463,463,374,607,431,768,211,456) unique keys; on
average, a brute force attack against that cipher will succeed only after
trying half of those unique keys. If cryptanalysis of the cipher reveals an
attack that can reduce the number of trials needed to 240 (or just
1,099,511,627,776) different keys, then the algorithm has been weakened
significantly, to the point that a brute-force attack would be practical with
commercial off-the-shelf systems.
15
In a ciphertext-only attack, the attacker only has access to one or more
encrypted messages but knows nothing about the plaintext data, the
encryption algorithm being used or any data about the cryptographic key
being used. This is the type of challenge that intelligence agencies often
face when they have intercepted encrypted communications from an
opponent.
In a known plaintext attack, the analyst may have access to some or all
of the plaintext of the ciphertext; the analyst's goal in this case is to
discover the key used to encrypt the message and decrypt the message.
Once the key is discovered, an attacker can decrypt all messages that had
been encrypted using that key. Linear cryptanalysis is a type of known
plaintext attack that uses a linear approximation to describe how a block
cipher Known plaintext attacks depend on the attacker being able to
discover or guess some or all of an encrypted message, or even the format
of the original plaintext. For example, if the attacker is aware that a
particular message is addressed to or about a particular person, that
person's name may be a suitable known plaintext.
16
so the analyst can determine how the targeted algorithm works when it
encounters different types of data.
17
party, with the original parties believing they are exchanging keys with
each other. The two parties then end up using keys that are known to the
attacker.
18
Cryptol is a domain-specific language originally designed to be used
by the National Security Agency specifying cryptographic
algorithms. Cryptol is published under an open-source license and
available for public use. Cryptol makes it possible for users to
monitor how algorithms operate in software programs written to
specify the algorithms or ciphers. Cryptol can be used to deal with
cryptographic routines rather than with entire cryptographic suites.
19
Encryption
Data can be encrypted "at rest," when it is stored, or "in transit," while it is
being transmitted somewhere else.
20
What is a key in cryptography?
21
random, it can actually be turned back into plaintext by using the key
again. Some commonly used encryption algorithms include Blowfish,
Advanced Encryption Standard (AES), Rivest Cipher 4 (RC4), RC5, RC6,
Data Encryption Standard (DES), and Twofish.
Encryption has evolved over time, from a protocol that was used only by
governments for top-secret operations to an everyday must-have for
organizations to ensure the security and privacy of their data.
Types of Encryption
There are many different types of encryption, each with its own benefit
and use case.
Symmetric Encryption
In this simple encryption method, only one secret key is used to both
cipher and decipher information. While the oldest and best-known
encryption technique, the main drawback is that both parties need to have
the key used to encrypt the data before they can decrypt it. Symmetric
encryption algorithms include AES-128, AES-192, and AES-256. Because
it is less complex and executes faster, symmetric encryption is the
preferred method for transmitting data in bulk.
Asymmetric Encryption
22
versa). Security of the public key is not needed because it is publicly
available and can be shared over the internet.
23
End-to-End Encryption
Encryption Challenges
Attackers will still attack even when they know that data or devices are
encrypted. They figure that with some effort, they might get through. For
many years, weak passwords served as the impetus for attackers to keep
trying, as some sophisticated software could sooner or later figure out
passwords.
24
Privacy and Security
Regulations
Encryption also keeps users safe while browsing the internet. Earlier in the
internet's history, attackers found ways to steal unencrypted information
sent between users and web services over the Hypertext Transfer Protocol
(HTTP). The standard to encrypt web content by running HTTP over the
Secure Socket Layer protocol emerged, soon to be replaced with the
Transport Layer Security protocol, enabling enterprises, publishers, and e-
commerce providers to offer a secure experience for users.
25
With encryption, users feel safer entering personal information into
webpages and carrying out financial or e-commerce transactions.
AES
3-DES
RSA
Elliptic curve cryptography
AES
26
AES is largely considered impervious to all attacks, except for brute force,
which attempts to decipher messages using all possible combinations in
the 128, 192, or 256-bit cipher.
3-DES
Triple DES was designed to replace the original Data Encryption Standard
(DES) algorithm, which hackers eventually learned to defeat with relative
ease. At one time, Triple DES was the recommended standard and the
most widely used symmetric algorithm in the industry.
Triple DES uses three individual keys with 56 bits each. The total key
length adds up to 168 bits, but experts would argue that 112-bits in key
strength is more accurate. Despite slowly being phased out, Triple DES
has, for the most part, been replaced by the Advanced Encryption Standard
(AES).
RSA Security
27
Blowfish
Twofish
28
Brute Force Attack
A brute force attack is a hacking method that uses trial and error to crack
passwords, login credentials, and encryption keys. It is a simple yet
reliable tactic for gaining unauthorized access to individual accounts and
organizations’ systems and networks. The hacker tries multiple usernames
and passwords, often using a computer to test a wide range of
combinations, until they find the correct login information.
The name "brute force" comes from attackers using excessively forceful
attempts to gain access to user accounts. Despite being an old cyberattack
method, brute force attacks are tried and tested and remain a popular tactic
with hackers.
There are various types of brute force attack methods that allow attackers
to gain unauthorized access and steal user data.
These attacks are simple because many people still use weak passwords,
such as "password123" or "1234," or practice poor password etiquette,
such as using the same password for multiple websites. Passwords can also
be guessed by hackers that do minimal reconnaissance work to crack an
29
individual's potential password, such as the name of their favorite sports
team.
2. Dictionary Attacks
The attacker starts with a list of potential words, then experiments with
character, letter, and number combinations to find the correct password.
This approach allows hackers to discover passwords that combine
common or popular words with numbers, years, or random characters,
such as "SanDiego123" or "Rover2020."
30
4. Reverse Brute Force Attacks
A reverse brute force attack sees an attacker begin the process with a
known password, which is typically discovered through a network breach.
They use that password to search for a matching login credential using lists
of millions of usernames. Attackers may also use a commonly used weak
password, such as "Password123," to search through a database of
usernames for a match.
5. Credential Stuffing
31
Placing spam ads on popular websites, which enables the attacker to
earn money every time an ad gets clicked or viewed by a visitor.
Rerouting traffic to a legitimate website to illegal commissioned ad
sites.
Infecting a website and site visitors with malware, such as spyware,
that tracks activity. The data collected is then sold to advertisers
without the user’s consent.
Personal data and login credentials can also be stolen through corporate
data breaches that see attackers gain access to organizations’ sensitive
databases.
Spread Malware
Brute force attacks are often not personal. A hacker may simply want to
create havoc and showcase their malicious skills. They may do this by
spreading malware via email or Short Message Service (SMS) messages,
concealing malware within a spoofed website designed to look like a
legitimate site, or redirecting website visitors to malicious sites.
32
By infecting a user’s computer with malware, the attacker can then work
their way into connected systems and networks and launch wider
cyberattacks against organizations.
Brute force attacks can play a role in malicious actors launching broader
attacks using multiple devices, called a botnet. This is typically a
distributed denial-of-service (DDoS) attack that aims to overpower the
target’s security defences and systems.
Brute force attacks are often launched in an attempt to steal data from an
organization, which not only costs them financially but also causes huge
reputational damage. Websites can also be targeted with attacks that infest
them with obscene or offensive text and images, thereby denigrating their
reputation, which could lead to them being taken down.
33
Aircrack-ng: A suite of tools that assess Wi-Fi network security to monitor
and export data and attack an organization through methods like fake
access points and packet injection.
These types of software can rapidly guess combinations that identify weak
passwords and crack multiple computer protocols, wireless modems, and
encrypted storage devices.
A brute force attack can also demand huge amounts of computing power.
To combat that, hackers have developed hardware solutions that simplify
the process, such as combining a device’s central processing unit (CPU)
and graphics processing unit (GPU). Adding the computing core of the
GPU enables a system to process several tasks simultaneously and the
hackers to crack passwords significantly faster.
Decryption
34
The recipients must have the right decryption or decoding tools to access
the original details. Decryption is performed using the best decryption
software, unique keys, codes, or passwords. The original file can be in the
form of text files, images, e-mail messages, user data, and directories.
35
The person who is responsible for data decryption receives a prompt or
window for a password to be entered to gain access to the encrypted
information.
Types of Decryption
Triple DES
When hackers gradually learned to get past the Data Encryption Standard
(DES) algorithm, Triple DES was introduced to replace it. It utilizes three
single 56-bit keys each. It phased out eventually, but despite that, Triple
36
DES still offers secure encryption and decryption solutions for hardware
across various industries.
RSA
Blowfish
Blowfish was also developed to replace DES. The messages are broken
into 64-bit blocks by this symmetric cipher and encrypted individually.
Blowfish delivers incredible speed and overall undefeated performance.
Vendors have utilized its free availability well in the public domain.
Twofish
Twofish is the successor of Blowfish. The key length used for this
algorithm can be up to 256 bits and only one key can suffice as a
symmetrical technique. Twofish is one of the fastest of its kind that is
suitable for both software and hardware environments. Like Blowfish,
Twofish is also free for use by anyone who wants to use it.
AES
While AES is highly efficient in its 128-bit form, it is also able to utilize
192 and 256-bit keys for the purpose of more heavy-duty data encryption.
It is believed to be resistant to all attacks, excluding brute force that
37
decodes messages using all combinations of 128, 192, or 256-bit
cryptosystems. Cyber security experts claim that it can be a de facto
standard for data encryption.
38
Once information is accessible from the origin side, all the
subsequent data is conveyed back from the destination point. As a
result, information capture can be avoided as the encryption
passwords are not transferred back from the origin point.
While the reason for using decryption may vary, adequate protection is one
of the key advantages and purposes that it serves. The organization can
have smooth management with the help of decryption. Cyber security
professionals use this method to prevent the exfiltration of confidential
information.
39
Parameter Encryption Decryption
Definition The process of converting The process of converting
normal data into an the unreadable/encrypted
unreadable format to avoid data into its original form so
unauthorized access to that authorized users can
sensitive data. read it.
Process Whenever data is The receiver of the data
transferred between two automatically converts the
separate machines, it is encrypted data to its original
automatically encrypted form.
using a secret key.
Location of The user who is sending the The user who receives the
Conversion encrypted data to the encrypted data and converts
destination. it.
Example Sending sensitive Receiving the encrypted
documents to a user. documents from the source
and decrypting it to read it.
Use of The encryption-decryption A single algorithm is used
Algorithm process uses the same for encryption and
algorithm with the same decryption is done with a
key. pair of keys where each of
them is used for encryption
and decryption.
Primary Converting decipherable Converting an obscure
Function messages into an message into a decipherable
40
incomprehensible form so form that is understandable
that it cannot be interpreted by humans
Hard-Drive Encryption?
Data on an encrypted hard drive cannot be read by anyone who does not
have access to the appropriate key or password. This can help prevent
access to data by unauthorized persons and provides a layer of security
against hackers and other online threats.
When a file is read from the drive, the software automatically decrypts it
while leaving all other data on the drive encrypted. The encryption and
decryption processes are transparent to all common applications such as
word processors, databases, spreadsheets or imaging programs. A
computer equipped with hard-drive encryption appears, from the user's
point of view, to function as any other computer would.
41
What is BitLocker?
Other hard drive encryption software tools are available as well. AxCrypt,
is a popular open source tool used to encrypt files. Furthermore, external
USB drives with encryption software are available for purchase.
42
Decryption Techniques
The below diagram clearly shows the decryption technique and also the
encrypted text i.e., the cipher text is converted back to the original
message.
There are some key presents that help in performing the encryption and
decryption technique. Let’s see in more detail about the keys available.
Symmetric Key
43
for performing both the encryption of plaintext from the sender’s side and
the decryption of the ciphertext on the receiver side.
Asymmetric Key
Asymmetric key encryption algorithm uses two pairs of keys, which are
used for encryption. These two different keys are used for encrypting the
data and for decrypting the data. The public key is made available to
anyone whereas the secret key is only made available to the receiver side
of the message. This provides more security as compared to symmetric key
encryption.
Public Key
Public keys are the keys that are basically used to encrypt the message for
the receiver. This cryptography is an encryption system that is based on
two pairs of keys.
Private Key
The private key usually used with the asymmetric encryption algorithm as
one can use the same key for encrypting and decrypting the data. It also
may be a part of the public/private asymmetric key pair.
Pre-Shared Key
It is also known as PSK, is a shared secret key that was earlier shared
between two different organizations or people using a secure channel
before it is used.
44
Let’s focus on some of the important reasons for using encryption. Here
some of them are mentioned.
45