Cryptography Overview

Introduction to Cryptography

Cybersecurity:
Cybersecurity is the practice of protecting systems, networks, and digital data from
unauthorized access, cyberattacks, and damage. It is vital for individuals, organizations, and
governments to prevent breaches and threats.

Cryptography:
Cryptography is the science of encoding and decoding information to keep it secure. It
transforms readable data (plaintext) into unreadable ciphertext using encryption
algorithms and keys. Only authorized users with the correct key can decrypt the data.

Importance of Cryptography:
Cryptography achieves four key security goals:
1. Confidentiality – Prevents unauthorized access to information.
2. Integrity – Ensures information is not altered in transit.
3. Authentication – Verifies the identity of users and devices.
4. Non-repudiation – Ensures actions cannot be denied by the involved parties.

Origins:
From ancient methods like Caesar and Vigenère ciphers to modern algorithms like RSA,
AES, and Diffie-Hellman, cryptography has evolved into a cornerstone of digital security.

Overview of Related Works

All referenced papers focus on lattice-based cryptography, which is designed to resist

quantum computer attacks. Here’s a summary of each:

1. Regev (2024)
- Introduces the Learning With Errors (LWE) problem.
- Links it to hard lattice problems (e.g., GapSVP, SIVP).
- Develops a quantum-secure public-key cryptosystem with improved efficiency and smaller
key sizes.

2. Chen (2025)
- Proposes a homomorphic encryption (HE) scheme using LWE/RLWE.
- Enables computations on encrypted data—ideal for AI, cloud, and privacy-preserving
applications.
- Balances efficiency and post-quantum security.

3. Peet-Pare (2025)
- Reviews the security of the NTRU cryptosystem.
- Finds that it lacks IND-CPA security in its base form.
- Recommends using padding and the Random Oracle Model to achieve IND-CCA2.

4. Gajland et al. (2023)

- Presents Swoosh, a non-interactive key exchange (NIKE) protocol.
- Efficient, quantum-safe, and easy to deploy in real-world settings like IoT and secure
messaging.
- Achieves low computational cost and strong security guarantees.

Proposed Scheme

This section demonstrates real-world implementation of cryptographic techniques using

OpenSSL on Kali Linux.

1. AES Symmetric Key Generation

- Used OpenSSL to generate a 256-bit AES key.
- Included a salt value to protect against rainbow table attacks.

2. File Encryption & Decryption

- ECB Mode: Fast and simple but insecure—reveals patterns in the data.
- CBC Mode: Introduces randomness through XOR chaining, ensuring secure encryption
even for repetitive data.

3. Base64 Encoding
- Encrypted files were further encoded using Base64.
- This step ensures encrypted binary data can be safely transferred over protocols that
support only text (e.g., email).

4. Hashing Algorithms
- Demonstrated hashing using MD5, SHA-1, and SHA2-256.
- MD5: Fast, but weak security.
- SHA-1: Better, but largely deprecated.
- SHA-2: Strongest and widely used today for ensuring data integrity.

5. Digital Forensics using NSRL

- Showed how the National Software Reference Library (NSRL) is used in investigations.
- Forensic experts hash disk contents and match them with NSRL’s database to identify
known software or detect anomalies.

6. Image Encryption: ECB vs CBC

- Encrypted a bitmap image using both ECB and CBC modes.
- ECB: Revealed original image patterns—visually insecure.
- CBC: Obscured patterns completely—demonstrated superior security.

Conclusion

Cryptography is essential in ensuring secure communication, data integrity, and

authentication in modern digital systems.

Key Takeaways:
- Both symmetric and asymmetric encryption techniques have important roles.
- Hashing provides verification and prevents tampering.
- CBC mode proved significantly more secure than ECB in practice.
- Real-world demonstrations using OpenSSL enhanced understanding of algorithm
strengths and weaknesses.

Ultimately, choosing the right cryptographic method depends on the context, data
sensitivity, and performance requirements of the system.