Cryptography
Cryptography
Cryptography
Introduction
Cryptography: Cryptography is a method of
storing and transmitting data in a particular form
so that only those for whom it is intended can
read and process it.
Cryptography is closely related to the disciplines
of cryptology and cryptanalysis.
Cryptography includes techniques such as
microdots, merging words with images, and other
way to hide information in storage or transit.
Introduction to Cryptography –
Needs and Requirements
Well established needs for secure communication
War time communication
Business transactions
Requirement of secure communication
Secrecy
Only intended receiver understands the message
Authentication
Sender and receiver need to confirm each others identity
Message Integrity
Ensure that their communication has not been altered, either
maliciously or by accident during transmission
Introduction to Cryptography -
Basics
Cryptography is the science of secret, or hidden
writing.
It has following main Components:
Encryption
Practice of hiding messages so that they can not be read
by anyone other than the intended recipient
Authentication for Integrity
Ensuring that users of data/resources are the persons
they claim to be and that a message has not been altered
Introduction to Cryptography -
Terminology
Plaintest (or cleartext)
The message
Denoted by M or P
Encryption (encipher0
Encoding of message
Denoted by E.
Ciphertext
Encrypted message.
Denoted by C.
Decryption (decipher)
Decoding of ciphertext
Denoted by D.
Cryptography Methods
Symmetric Key: With symmetric key
cryptography, a single key is used for both
encryption and decryption.
In the above figure we can see that the sender uses the
key to encrypt the plain text and send the cipher text to
the receiver.
The receiver applies the same key to decrypt the
message and recover the plain text because a single
key is used for both function.
Symmetric key Cryptography is also called secret key
cryptography.
With this from of cryptography, it is obvious that the key
must be known to both the sender and the receiver.
Asymmetric Key
It was first publicly described by martin Hellman and his
student Whitfield Diffie in 1976.
There are two different keys are used for encryption and
decryption.
One key is used to encrypt the plaintext and the other key is
used to decrypt the cipher text, the important point is that it
doesn’t matter which key is applied first but the both key is
required for the work.
Every user has both a public key and a private key.
The private key is kept secret at all times, but the public key
may be freely distributed.
Difference between methods
Symmetric key cryptography Asymmetric key cryptography
1. The same algorithm with the 1. One algorithm is used for
same key is used for encryption encryption and decryption with
and decryption a pair of keys, one for
encryption and one for
decryption.
2. The key must be kept secret. 2. One of the two keys must be
kept secret.
3. It may be impossible or at 3.It may be impossible or at
least impractical to decipher a least impractical to decipher a
message if no other information message if no other information
is available. is available.
Cryptographic Hash Function
• A cryptographic hash function is a hash function that
takes an arbitrary block of data as input and returns a
fixed-size bit string as output. The returned value is
called the cryptographic hash value.
• Cryptographic hash function creates hash value in
such a way that any (accidental or intentional)
change to the data will change the hash value.
Therefore, it is extremely unlikely that some other
text will produce the same hash value.
• The data to be encoded are often called the
message and the hash value is sometimes called the
message digest or simply digest.
Cryptographic Hash Function
• In cryptographic hash function, even a small changes
in the input would cause a large change in the output.
• Figure below shows how the slight changes input (here
in the word “over”) drastically change the resulting
output.
Use of Hash Function
• Cryptographic hash functions have many
information security applications, such as in-
• Digital signatures
• Message authentication codes (MACs)
• Other forms of authentication
• Hash functions are primarily used to generate
fixed-length output data that acts as a shortened
reference to the original data. This is useful
when the output data is too combersome to use
in its entirety.
Cont...
• e.g., consider a list of person’s names. Here, name of each
person is of variable length. Searching for a person’s name in
the list is slow; time required to retrieve each name may also
vary. But if each name could be hashed to a fixed length
integer, then searching and retrieving each name will be
performed in faster with constant time.
• Hash functions are also used to accelerate table
lookup or data comparison tasks such as finding items
in a database, detecting duplicated or similar records in
a large file, finding similar stretches in DNA sequences
and so on.
Hash Functions used in Cryptography
• The two commonly used hash functions are
MD5 and SHA-1.
• MD5:
• MD stands for Message Digest.
• Several MD hash algorithms designed by Ron Rivest are
MD2, MD4 and MD5.
• The last version MD5 is more secured than the previous
versions.
• It divides the message into blocks of 512 bits and creates
a 128-bit digest.
Cont...
• SHA-1:
• SHA stands for Secure Hash Algorithm.
• This standard was developed by NIST (National
Institute of Standards and Technology).
• This standard is mostly based on MD5.
• Several versions of SHA standard were released:
SHA-1, SHA-224, SHA-256, SHA-384 and SHA-512.
• SHA-1 returns a string of 160 bits.
• Both MD5 and SHA-1 hash functions are built with
the Merkle-Damgard construction.
Authentication and key establishment are fundamental
steps in setting up secure communications.
Authentication is concerned with knowing that the
correct parties are communicating; key establishment
is concerned with obtaining good cryptographic keys to
protect the communications, particularly to provide
confidentiality and integrity of the data communicated.
Because the modern world increasingly relies on digital
networks, the security of communications is a critical
element in the functioning of society today, and will
become only more important in the future.