ICT640 – Advanced Information

Security

Cryptography Basics, Methods and

Standards

Master of Science in Information and Communication Technology

Federal Technological Institute University

Presented by: Dr. Patrick D. Cerna

 Course Objectives
• Undestand the concepts of Crytography
• Identify different types of Crytography
Methods
• Differentiate Symmetric vs. Assymmetric
Cryptographics Algorithm
• Distinquish Ciphers and PKI
• Perform Crytographic application using
Crypto Tools
 What is Cryptography?
• Cryptography is the art and science of
concealing the messages to introduce
secrecy in information security.
• The word ‘cryptography’ was coined by
combining two Greek words, ‘Krypto’
meaning hidden and ‘graphene’
meaning writing.
Caesar Shift Cipher

• The earlier Roman method of cryptography,

popularly known as the Caesar Shift
Cipher, relies on shifting the letters of a
message by an agreed number (three was
a common choice).
• The recipient of this message would then
shift the letters back by the same number
and obtain the original message.
Caesar Shift
Cipher
 Steganography
• Steganography is similar but adds another
dimension to Cryptography.
• In this method, people not only want to
protect the secrecy of an information by
concealing it, but they also want to make
sure any unauthorized person gets no
evidence that the information even
exists. For example, invisible
watermarking.
• In steganography, an unintended recipient or
 What is Steganography?
• Steganography comes from the Latin &
Greek roots:
– Steganos (Greek) meaning covered
– Graphy (Latin) meaning writing or
drawing
– Steganography is the science of hiding
information. (Kessler)
– Steganography is the art of concealing the
existence of information within
seemingly innocuous carriers (Johnson)
• The Art & Science of using overt objects
to create and exploit covert
communications. (Trawick)
 Who Uses Steganography?
• Intruders are thought to use
steganography (particularly Web Images)
to transmit messages to communicate and
coordinate criminal activity
• Commercial & Government users use it to
communicate with employees and hide
critical data
• Use as a Dead-Drop so parties don’t know
each other
 Why use Cryptography?

Cryptography is the practice and study of

techniques for securing communication
and data in the presence of adversaries.
 Why use Cryptography?
Mathematical cryptography deals with using mathematical processes on haracters or
messages.
The most common is a function called hashing. Hashing refers to performing a calculation on
a message and converting it into a numeric hash value.

The hash value of the example in Figure 2.1 is computed by multiplying each character by 2,
adding those results together, and then dividing the sum by 10.
Cryptography
• Let’s say there is a smart guy called Eaves who
secretly got access to your communication
channel.
• Since this guy has access to your
communication, he can do much more than
just eavesdropping, for example, he can try to
change the message.
• Now, this is just a small example. What
if Eave gets access to your private
information? The result could be
catastrophic.
 Encryption Algorithm
• Cryptography is broadly classified into
two categories:
A. Symmetric key Cryptography (Classical)
B. Asymmetric key Cryptography
(popularly known as public key
cryptography).
Encryption
Algorithm
 Symmetric Key
Cryptography
• An encryption system in which the sender
and receiver of a message share a single,
common key that is used to encrypt and
decrypt the message.
• The most popular symmetric–key system is the
Data Encryption Standard (DES)
Symmetric Key
Cryptography
 Transposition Ciphers
• In Cryptography, a transposition cipher is a
method of encryption by which the positions
held by units of plaintext (which are
commonly characters or groups of characters)
are shifted according to a regular system
 Subsstitution Cipher
Method of encryption by which units of
plaintext are replaced with ciphertext, according
to a fixed system; the “units” may be single
letters (the most common), pairs of letters,
triplets of letters, mixtures of the above, and so
forth.
 Stream Cipher
Symmetric or secret-key encryption algorithm
that encrypts a single bit at a time.
With a Stream Cipher, the same plaintext
bit or byte will encrypt to a different bit or
byte every time it is encrypted
 Block Cipher
A block cipher takes a block of plaintext
bits and generates a block of ciphertext
bits, generally of same size.
 The size of block is fixed in the given
scheme.
The choice of block size does not directly
affect to the strength of encryption
scheme.
 
Public Key Cryptography
Symmetric Key Crypto Public Key Cryptography
 Requires sender, • Radically different
receiver know shared approach [Diffie-
secret key Hellman76, RSA78]
 Q: How to agree on • Sender, receiver do
key in first place not share secret
(particularly if never key
“met”)? • Public encryption key
known to all
• Private decryption key
known only to
receiver
 
Public Key Cryptography

Bob’s public
K+B
key

- Bob’s private
K B key

plaintext encryption ciphertext decryption plaintext

message, algorithm message
K+B (m) algorithm m = KB- (KB+ (m))
m
Asymmetric Key Encryption
(or Public Key
Infrastructure)
 RSA
Algorithm

Stream
Cipher
Application
 References

Computer Security: Principles and Practice, 3rd Edition,

William Stallings and Lawrence Brown, Pearson, 2014,
ISBN-13: 978-0133773927
GoodRich M.T. and Tamassia R. (2010). Introduction to
Computer Security.
Dulaney, E. (2008). CompTIA Security+ Deluxe Study
Guide: SY0-201. Sybex