Overview of Cryptography and Its Applications

People have always had a fascination with keeping information away from others. As children, many
of us had magic decoder rings for exchanging coded messages with our friends and possibly keeping
secrets from parents, siblings, or teachers. History is filled with examples where people tried to keep
information secret from adversaries. Kings and generals communicated with their troops using basic
cryptographic methods to prevent the enemy from learning sensitive military information. In fact,
Julius Caesar reportedly used a simple cipher, which has been named after him.
As society has evolved, the need for more sophisticated methods of protecting data has increased.
Now, with the information era at hand, the need is more pronounced than ever. As the world becomes
more connected, the demand for information and electronic services is growing, and with the
increased demand comes increased dependency on electronic systems. Already the exchange of
sensitive information, such as credit card numbers, over the Internet is common practice. Protecting
data and electronic systems is crucial to our way of living.
The techniques needed to protect data belong to the field of cryptography. Actually, the subject has
three names, cryptography, cryptography, cryptography which are often used interchangeably.
Technically, however, cryptology is the all-inclusive term for the study of communication over
nonsecure channels, and related problems. The process of designing systems to do this is called
cryptography. Cryptanalysis deals with breaking such systcms. Of course, it is essentially impossible
to do either cryptography or cryptanalysis without having a good understanding of the methods of
both mens.
Often the term coding theory is used to describe cryptography; howover, this can lead to confusion.
Coding theory deals with representing Input information symbols by output symbols called code
symbols. There are three basic applications that coding theory covers: compression, secrecy, mid
error correction. Over the past few decades, the term coding theory has become associated
predominantly with error correcting codes. Coding theory thus studies communication over noisy
channels and how to ensure that the message received is the correct message, as opposed to
cryptography, which protects communication over nonsecure channels.
Although error correcting codes are only o secondary focus of this book, wo should emphasize that,
in any real-world system, error correcting codes arc used in conjunction with encryption, since the
change of a single bit is enough to destroy the message completely in a well-designed cryptosystem.
Modern cryptography is a field that draws heavily upon mathematics, computer science, and
cleverness. This book provides an introduction to the mathematics and protocols needed to make data
transmission and electronic systems secure, along with techniques such as electronic signatures and
secret sharing.
1.1 Secure Communications
In the basic communication scenario, depicted in Figure 1.1, there are two parties, we’ll call them
Alice and Bob, who want to communicate with each other. A third party, Eve, is a potential
eavesdropper.
When Alice wants to send a message, called the plaintext, to Bob, she encrypts it using a method
prearranged with Bob. Usually, the encryption method is assumed to be known to Eve; what keeps
the message secret is a key. When Bob receives the encrypted message, called the ciphertext, he
changes it back to the plaintext using a decryption key.
Eve could have one of the following goals:
1. Read the message.
2. Find the key and thus read all messages encrypted with that key.
3. Corrupt Alice’s message into another message in such a way that Bob will think Alice sent the
altered message.
4. Masquerade as Alice, and thus communicate with Bob even though Bob believes he is
communicating with Alice.
Encryption Key Decryption Key

Plaintext Ciphertext

Alice Encrypt Decrypt Bob

Eve

Figura 1.1:The Basic Communication Scenario for Cryptography

Communication Scenario for Cryptography. Which case we're in depends on how evil Eve is. Cases
(3) and (4) relate to issues of integrity and authentication, respectively. We’ll discuss these shortly.
A more active and malicious adversary, corresponding to cases(3) and (4), is sometimes called
Mallory in the literature. More passive observers (as in cases (1) and (2)) are sometimes named Oscar.
We'll generally use only Eve, and assume she is as bad as the situation allows.
 1.1.1 Possible Attacks
There are four main types of attack that Eve might be able to use. The differences among these types
of attacks are the amounts of information Eve has available to her when trying to determine the key.
The four attacks are as follows:
1. Ciphertext only: Eve has only a copy of the ciphertext
2. Known Plaintext: Eve has copy a ciphertext and the corresponding plaintext. For example,
suppose Eve intercepts an encrypted press release, then sees the decrypted release the next
day. If she can deduce the decryption key, and if Alice doesn’t change the key, Eve can read
all future messages. Or, if Alice always starts her messages with “Dear Bob,” then Eve has a
small piece of ciphertext and corresponding plaintext. For many weak cryptosystems, this
suffices to find the key. Even for stronger systems such as the German Enigma machine used
in World War II, this amount of information has been useful.
3. Chosen plaintext: Eve gains temporary access to the encryption machine. She cannot open it
to find the key; however, she can encrypt a large number of suitably chosen plaintexts and
try to use the resulting ciphertexts to deduce the key.
4. Chosen ciphertext: Eve obtains temporary access to the decryption machine, uses it to
“decrypt” several strings of symbols, and tries to use the results to deduce the key.
A chosen plaintext attack could happens as follows. You want to identify an aiplane as friend or foe.
Send a random message to the plane, which encrypts the message automatically and sends it back.
Only a friendly airplane is assumed to have the correct key. Compare the message from the plane
with the correctly encrypted message. If the match, the plane is friendly. Ig not, it’s the enemy.
However, the enemy can send a large number of chosen messages to one of your planes and look at
the resulting ciphertexts. If this allows them to deduce the key, the enemy can equip their plane so
they can masquerade as friendly.
An example of a known plaintext attack reportedly happened in World War II In the Sahara Desert.
An isolated German outpost every day sent an identical message saying that there was nothing new
to report, but of course it was encrypted with the key being used that day. So each day the Allies had
a piaintext-ciphertext pair that was extremely useful in determining the key. In fact, during the Sahara
campaign, General Montgomery was carefully directed around the outpost so that the transmissions
would not be stopped.
One of the most im portant assumptions in modern cryptography is Kerckhoff’s principle: In
assessing the security of a cryptosystem, one should always assume the enemy knows the method
being used. This principle was enunciated by Auguste Kerclchoffs in 1883 in his classic treatise La
Cnjptographie Militaire. The enemy can obtain this information in many ways. For example,
encryption/decryption machines can be captured and analyzed. Or people can defect or be captured.
The security of the system should therefore be based on the key and not on the obscurity of the
algorithm used. Consequently, we always asume that Eve has knowledge os the algorithm that is used
to perform encryption