CRYPTOGRAPHY Defi > Cryptography is the science of using mathematics to encrypt and decrypt data. > Cryptography is the art and science of keeping messages secure. > The art and science of concealing the messages to introduce secrecy in information security is recognized as cryptography. In Cryptography there are some Significant Terms: 1, Plain Text: Secrete message or information which is readable and will be encrypted. 2. Cipher Text or Encrypted Text: Data obtain after encrypting the information with the help of a key is known as cipher text. 3. Key: It is a word or value that is used for encryption of plaintext and decryption of cipher text. 4. Encryption: It is the technique of converting the data into encrypted form i.e. In non-understandable format with the help of key is called encryption 5. Decryption: It is the technique of converting the encrypted data in plain text ie. In understandable format with the help of key is called decryption. 6. Crypto Analyst: Crypto Analyst is the person who is expert in breaking cipher text, cipher and cryptosystem. Eneryption Decryption Plain Text Rey Cipher Text k Data Figure 1: A simple block diagram to understand Cryptography 1 Scanned with CamScanner Scanned with CamScannerObjective of cryptography > Authentication: This mechanism facilitates to establish proof of identities. This method assures the origin of the message is properly known. > Access Control: This principle states that who have the control over the access of data. > Availability: The principle of availability states that resources ought to be out there to approve users. > Confidentiality: This Principle states that only sender and receiver can process the content of message or information. Integrity: This mechanism assures the data or information reaches to receiver v will remain the same. > Nonrepudiation: This mechanism refers to the ability to ensure that a user cannot deny the sending of data or message that they originate. CRYTOGRAPHY ALGORITHM On the basis of key, Cryptography algorithm divided into 3 sub categories: 1. Private key Cryptography: Use only one key for encryption and decryption, also known as Secret key Cryptography or Symmetric key cryptography Mostly used for: > Privacy » Confidentiality 2. Public key cryptography: Use different key for encryption and decryption, also known as asymmetric key cryptography Scanned with CamScanner Scanned with CamScannerMostly used for: > Authentication > Non-repudiation > Key exchange 3. Hash function: A function that converts a numerical value into another compressed numerical value. ‘The input is of erratic length but output is always of fixed length. Mostly used for: > Message integrity. Symmetric (Secret) key Cryptography: Both encrypted and decrypted keys are same or if decrypted key can easily be computed from encrypted key. Example: - Caesar cipher, DES, AES. Secure key exchange is a major problem. We must kept encrypted key secret since anybody who knows it can easily determine decrypted key resulting in leakage of information. Scanned with CamScanner Scanned with CamScannerSecret key Encryption Decryption Original text Plain text Cipherteat Figure 2: Block diagram of secret key cryptography Algorithm Used: DES DES stands for Data Encryption standard, developed in the early 1970 and uses the Fiestel function for encryption and decryption data. Encryption and decryption key are same in DES. It is block cipher which has 64 bit block size out of which 56 bit for key length and rest 8 bit for error detection. It uses 16 round of permutation for encrypting data. Decryption process is same exactly as of encryption with the difference that decryption is done in reverse order. AES AES stands for Advanced Encryption standard, published in early 1977 to overcome the drawback of DES. It is a symmetric block cipher which means encryption and 4 Scanned with CamScanner Scanned with CamScannerdecryption key are exactly same. It has a 128 bit block size with variable key length of 128, 192 or 256 bits. It encrypts 128 bits data block into 10(128 bits), 12(192 bits) and 14(256 bits) round respectively according to the key size, mostly 256 bit key length is used. AES permutation has four stages of substitute bytes, shift rows, mix columns and add round key. IDEA IDEA stands for international Data Encryption Algorithm, first described in 1991 by James Massey and Xuejia Lai. Encryption and decryption key are same .It is a block cipher which has 64 bit block size with 128 bit key length. IDEA algorithm use 3 different algebraic function i.e., XOR, Addition modulo 216, Multiplication modulo 216 + 1, which uses 16 bit sub block to operate. IDEA is based on the perception of substitution permutation structure with 8 rounds. Same algorithm is used in reversed for decryption. BLOWFISH Designed in early 1993 as a substitute or replacement for IDEA algorithm. It is a symmetric block cipher which means encryption and decryption key are same. It works on 64 bit block size with variable key length ranging from 32 bit to 448 bit. It has 16 rounds or less depending upon key length .It is one of the most secure cipher, Ivis free from copyright and patents for encryption and decryption your data. No attack till now is a hit towards Blowfish, even though it suffers from susceptible problem, Scanned with CamScanner Scanned with CamScannerTWOFISH First published in 1998, as a successor of Blowfish Algorithm. It is a symmetric block cipher based on feistel structure having block size of 128 bit with 16 round of permutation and key size of 128 , 192 ,256 bit. It uses 4 S-Packing containers (relying on keys) and same set of rule is used in reversed for decryption. Designed to be distinctly comfortable and notably flexible, nicely-suitable for big microprocessors, 8 bit smart card. as Asymmetric (Public) key cryptography: Both encrypted and decrypted keys are different and the computation of decrypted key from encrypted key is non-feasible. Example: - RSA, Elgamal, DHA. Receivers public key Receivers private key Encryption Decryption Plaintext Ciphertext ve’ Original text Figure 3: Block diagram of public key cryptography Encrypted key is made public and decrypted key is kept secret which solve the problem of secret key sharing, Scanned with CamScanner Scanned with CamScannerAlgorithm Used RSA (Divery Shamir Ardleman) RSA is named after the mathematicians Ron Rivest, Adi Shamir and leonard Adleman. First published in 1977, it is an asymmetric block cipher, which means both encryption and decryption key are different .It is also known as public key algorithm as one of the key is known to everyone. RSA uses a variable size encryption block and a variable size key. For encryption purpose the RSA user published the product of prime number and one of the prime number which is of the order of 1028 bit or 309 decimal digits. No one can determine the prime factor of the product from one auxiliary value, which makes it very difficult for attacker to decrypt data or information except user who knows the secret key. RSA algorithm ensures the safety of data, Diffie-Hellman After the success of RSA algorithm, Diffle and Hellman came up to a method for securely exchange key over a public channels. This is the first ever algorithm for practically implementing public key exchange. The algorithm was published shortly after RSA in 1977. It is a block asymmetric cipher which means both keys are different. The Diftie — Hellman algorithm allocates users to establish a shared secret key and to communicate. This algorithm helps in one way authentication. DSA DSA stands for digital signature algorithm. The digital Signature set of rules can be utilized by the recipient of a message to confirm that the message has no longer been altered at some stage in transit in addition to ascertain the originator’s identification, A digital signature is a digital model of a written signature in that the virtual 7 Scanned with CamScanner Scanned with CamScannerSignature can be utilized in proving to the recipient or a 3rd party that the message became, in fact, signed by the originator. Digital or Virtual signatures may also be generated for stored facts and applications in order that the integrity of the facts and packages can be validated at any later time. ECC ECC stands for Elliptic curve cryptography. First published in 1985, it is based on public key cryptography. ECC algorithm is an alternative for RSA as it works more efficiently than RSA algorithm. RSA algorithm is very difficult to break but ECC algorithm on the other hand is infeasible to break. To make RSA algorithm more secure, user increment the key size to 3072 bit RSA public key which work as efficiently as 256 bit ECC public key. ECC algorithm works on the mathematical problem i.e. it is impossible for anyone to find the logarithm of a random elliptic curve element with respect to a publicly known base point (which works as public key). ECC reduces the storage problem as it works too efficiently on smaller key size. Hash Function Itisa function which takes an input and return a fixed-size alpha numeric string. Ideal hash must have these 3 properties ¥v Hash can be easily computed for any data, Vv Very difficult for user to calculate alpha numeric text of a given input. X Same hash should not be produced for slightky different input Scanned with CamScanner Scanned with CamScannerData Block Hash Value Mathematical Hash Function Data Block Figure 4: Block diagram on working of hash function. A hash function takes a string of any length as input and produces a string of fixed length that acts as a form of "signature" for the info provided. In this way any individual knowing the "hash value" is unable to understand the input, however solely the one that is aware of the input will prove the "hash value" is made from that input. Algorithm Used MDS5 Stands for message-digest algorithm, derived from MD-4. Designed in 1995 as a replacement for MD-4 hash function. This hash function produces 128 bit hash value, typically expressed in text format as a 32 digit Hexadecimal number. MDS hashing algorithm is a one way cryptography function that accepts a message of any length as input and returns output as a fixed-length digest value which will be used for authenticating the original message. MDS has been utilized in a wide variety of cryptographic applications, commonly used to verify data integrity. Scanned with CamScanner Scanned with CamScannerTIGER This algorithm was first published in 1995 by Ross Anderson and Eli Biham for efficiency on 64-bit platforms. Hash value size for tiger is 192 bit. Tiger hash function is a one way hash function operates on 64 bit words, maintaining 3 words of state and processing 8 words of data. It has 24 round, which has combination of different operation, mixing with XOR addition and subtraction, rotates, and s-box lookups and a very efficient key scheduling algorithm for deriving 24 round keys from the 8 input word. Tiger hash function has no usage restriction or patent. SHA 1 SHA stands for secure hash algorithm, first published in 1995 as a successor of SHA- 0. This hash function produces 160 bit hash value, which can be expressed in text format as a 40 digit Hexadecimal number. SHA-I uses 80 rounds of different of different cryptographic operations to encrypt data. SHA-1 is commonly used in different applications and environments where the need for data integrity is very high. It is also used to identify data corruption and checksum errors. WHIRLPOOL Iisa cryptography hash function, designed in early 2000. Ittakes input ofany length less than 24256 bits and returns a $12-bit output. The Whirlpool hash function is based on block cipher for the compression function. The process of encryption consists of updating the state with four round functions over 10 rounds. The four round functions are as follows Sub Bytes, Shift Columns, Mix Rows and Add Round Key. The 512-bit Whirlpool hashes are typically represented as 128-digit hexadecimal numbers, The encryption key input for each iteration is the intermediate hash value from the previous iteration; the plaintext is the current message block and 10 Scanned with CamScanner Scanned with CamScannerthe feed forward value is the bitwise XOR of the current message block and the intermediate hash value from the previous iteration. Scanned with CamScanner Scanned with CamScanner