Cryptography: An Introduction

Cryptology
science concerned with data communication and storage in
secure and usually secret form.
The science or study of mathematical, linguistic, and other
coding pattern and histories.
The practice of analyzing encoded messages, in order to
decode them.
Secret or enigmatical (puzzling · incomprehensible,
incomprehensible) languages.
Two branches
Cryptography: the area of constructing cryptographic systems
Cryptanalysis: the area of breaking cryptographic systems

Cryptography
A field of computer science and mathematics that focusses on
techniques for secure communication between two parties
(Alice & Bob) while a third-party (Eve1 orMallory2) is present
(see Figure 1.1).
This is based on methods like encryption, decryption, signing,
generating of pseudo random numbers, etc.

Eavesdropping is the act of secretly or stealthily listening to the

private conversation or communications of others without their
consent. The practice is widely regarded as unethical, and in
many jurisdictions is illegal.
 Four ground principles of cryptography
• Confidentiality:
• Defines a set of rules that limits access or adds restriction on certain
information.
• Data Integrity:
• Takes care of the consistency and accuracy of data during its entire life-cycle.
• Authentication:
• Confirms the truth of an attribute of a datum that is claimed to be true by
some entity.
• Non-Repudiation:
• Ensures the inability of an author of a statement representing a piece of
information to deny it.
Two schemes of cryptography
• symmetric schemes
• where both, sender (Alice) and receive (Bob), need to have the same key in
order to encrypt their communication.
• For this, they have to securely exchange the key initially
• Asymmetric schemes
• where Alice and Bob both have a private and a public key.
• The public key can be shared with anyone, so Bob can use it to encrypt a
message for Alice.
• But only Alice, with the corresponding private key, can decrypt the encrypted
message from Bob
Some well-known cryptographic structures
• RSA (Rivest- Shamir-Adleman cryptosystem),
• DES (Data Encryption Standard),
• AES (Advanced Encryption Standard),
• ECC (Elliptic Curve Cryptography), and
• many more.
• All these structures have two main aspects:
• 1. There is the security of the structure itself, based on mathematics. There is a
standardization process for cryptosystems based on theoretical research in mathematics and
complexity theory. Here our focus will lay in this lecture.
• 2. Then we have the implementation of the structures in devices, e.g. SSL, TLS in your web
browser or GPG for signed resp. encrypted emails. These implementations should not diverge
from the theoretical standards, but must still be very fast and convenient for the user.
• It is often this mismatch between these requirements that leads to practical
attacks of theoretically secure system.
• SSL (Secure Sockets Layer)
• a standard security protocol for establishing encrypted links between a web
server and a browser in an online communication.
• GPG (Gnu Privacy Guard)
• a command line tool that enables you to encrypt and sign your data and
communication and includes a key management system as well as access
modules for all kind of public keydirectories.
• TLS (Transport Layer Security)
• a cryptographic protocol that provides end-to-end communications security
over networks and is widely used for internet communications and online
transactions.
Modes of Ciphers
• Four different categories
• symmetric and asymmetric ciphers
• stream and block ciphers.
• Symmetric ciphers
• the oldest and most used cryptographic ciphers. In a symmetric cipher, the key that deciphers the
ciphertext is the same as (or can be easily derived from) the key enciphers the clear text. This key
is often referred to as the secret key. The most widely used symmetric ciphers are DES and AES.
• Asymmetric encryption.
• also referred to as ciphers with public and private keys. They use two keys, one for encryption of
messages and the other one during decryption.
• Stream cipher
• a symmetric key cipher where plaintext digits are combined with a
pseudorandomcipher digit stream (keystream). In a stream cipher, each plaintext digit is
encrypted one at a time with the corresponding digit of the keystream, to give a digit of the
ciphertext stream
• A block cipher is an encryption method that applies a deterministic algorithm along with
a symmetric key to encrypt a block of text, rather than encrypting one bit at a time as in
streamciphers. For example, a common block cipher, AES, encrypts 128 bit blocks with a
key of predetermined length: 128, 192, or 256 bits.