Cryptography

What Is Cryptography?
• Cryptography -- from the Greek for “secret
writing” -- is the mathematical
“scrambling” of data so that only someone
with the necessary key can “unscramble” it.
• Cryptography allows secure transmission of
private information over insecure channels
(for example packet-switched networks).
• Cryptography also allows secure storage of
sensitive data on any computer.
 Basic Terminologies
• Cryptography deals with creating documents that can be
shared secretly over public communication channels
• Cryptographic documents are decrypted with the key
associated with encryption, with the knowledge of the
encryptor
• The word cryptography comes from the Greek words:
Krypto (secret) and graphein (write)
• Cryptanalysis deals with finding the encryption key
without the knowledge of the encryptor
• Cryptology deals with cryptography and cryptanalysis
• Cryptosystems are computer systems used to encrypt data
for secure transmission and storage

3
 Basic Terminologies
• Keys are rules used in algorithms to convert
a document into a secret document
• Keys are of two types:
– Symmetric
– Asymmetric
• A key is symmetric if the same key is used
both for encryption and decryption
• A key is asymmetric if different keys are
used for encryption and decryption
4
 Basic Terminologies
• Examples:
– Symmetric key methods
• DES 56-bit
• Triple DES 128-bit
• AES 128-bit and higher
• Blowfish 128-bit and higher
– Asymmetric key methods
• RSA (Rivest-Shamir-Adleman of MIT)
• PGP (Phil Zimmerman of MIT)

5
 Basic Terminologies
• Plaintext is text that is in readable form
• Ciphertext results from plaintext by applying the
encryption key
• Notations:
– M message, C ciphertext, E encryption,
D decryption, k key
– E(M) = C
– E(M, k) = C
• Fact: D(C) = M, D(C, k) = M

6
 Basic Terminologies
• Steganography is the method of hiding
secret messages in an ordinary document
• Steganography does not use encryption
• Steganography does not increase file size
for hidden messages
• Example: select the bit patterns in pixel
colors to hide the message
7
 Basic Terminologies
• Hash functions generate a digest of the message
• Substitution cipher involves replacing an alphabet with
another character of the same alphabet set
• Mono-alphabetic system uses a single alphabetic set for
substitutions
• Poly-alphabetic system uses multiple alphabetic sets for
substitutions
• Caesar cipher is a mono-alphabetic system in which each
character is replaced by the third character in succession.
Julius Caesar used this method of encryption.

8
 PKI
• Public Key Infrastructure (PKI) is a government
initiative to protect computer systems
• Developed in the 1970s but has not been widely
accepted. However, parts of the system are in
extensive use today. These are Digital Certificates
and Digital Signatures.
• Digital Certificates are given by trusted third
parties, known as Certificate Authorities (CAs).
Verisign (an offshoot of RSA) is a CA. Any
organization can be a CA as long as there are people
willing to believe their assessment of authenticity.

9
 Digital Certificates
• Issued by trusted third parties known as Certificate
Authorities (CAs)
• Verisign is a trusted third party
• Used to authenticate an individual or an
organization
• Digital Certificates are usually given for a period
of one year
• They can be revoked
• It is given at various security levels. Higher the
security level, the CA verifies the authenticity of
the certificate seeker more.
10
 Digital Certificates
• Digital Certificates are part of the authentication
mechanism. The other part is Digital Signature.
• When a user uses the digital signature, the user
starts with their private key and encrypts the
message and sends it. The receiver uses the
sender’s public key and decrypts the message
• In traditional encryption, the sender uses the
public key of the receiver and encrypts the
message and sends it and the receiver decrypts the
message with their private key
11
 Public key cryptography
• Provides 256-bit encryption key
• Widely used for encrypting files such as
email
• Message is first compressed
• A private key is created
• The compressed message is encrypted using
the private key
12
 Public key cryptography
• private key alone is encrypted using the
recipient’s public key
• The encrypted message and the encrypted
private key are then sent to the receiver
• Receiver uses the private key to decrypt the
private key of sender first. Then the
message is decrypted in a symmetric key
way.

13
 Classical Cryptography:
Secret-Key or Symmetric Cryptography
sender encryptes plain text into cipher text
using private key
• Then it sends his private key and cipher text
over net to the reciever.
• Reciever decrypts cipher text into plain text te
key
• This method is not secure cause private key is
not encryted by the sender
 Advantages of Classical
Cryptography
• There are some very fast classical encryption
(and decryption) algorithms
• Since the speed of a method varies with the
length of the key, faster algorithms allow one
to use longer key values.
• Larger key values make it harder to guess the
key value -- and break the code -- by brute
force.
 Disadvantages of Classical
Cryptography
• Requires secure transmission of key value
• Requires a separate key for each group of
people that wishes to exchange encrypted
messages (readable by any group member)
– For example, to have a separate key for each
pair of people, 100 people would need 4950
different keys.
The RSA Encryption Algorithm
• Use a random process to select two large
prime numbers P and Q. Compute the
product M = P*Q. This number is called
the modulus, and is made publicly
available.
– RSA currently recommends a modulus that’s at
least 768 bits long.
• Also compute the Euler totient
T = (P-1)*(Q-1). Keep this number (as well
as P and Q) secret.
 RSA (continued)
• Randomly choose a public key E that has no
factors in common with T = (P-1)*(Q-1).
• Compute a private key D so that E*D leaves
a remainder of 1 when divided by T.
– We say E*D is congruent to 1 modulo T
• Note that D is easy to compute only if one
knows the value of T. This is essentially the
same as knowing the values of P and Q.
 RSA (continued)
• If N is any number that is not divisible by
M, then dividing NE*D by M and taking the
remainder yields the original value N.
– This is a relatively deep mathematical theorem,
which we can write as NE*D mod M = N.)
• If N is a numeric encoding of a block of
plaintext, the cyphertext is C = NE mod M.
• Then CD mod M = (NE)D mod M =
NE*D mod M = N. Thus, we can recover
the plaintext N with the private key D.