Cryptography

Adopted from
Chaminda Hewage (ph.d.),
Cardiff Metropolitan University
Week 8
Part 1
Learning outcomes
• Students should be able to demonstrate an understanding about
• The main uses of cryptography
• Modern cryptography technologies
• Symmetric cryptography
General use
• Bit-locker Driver encryption
• Chip and PIN
• Online bank transfers
• Even and Odd parity
• HASH key
• Digital signatures
• Water marks/video finger printing
• Secure online shopping https://
• Digital certificates
General use
Some examples of applied cryptography are:
• Public key infrastructure (PKI)
• Digital certificates
• Authentication
• E-commerce
• RSA, e.g., Oss, Ethernet cards, Smart cards
• MD-5
• Secure Hash Algorithm (SHA)
• Secure Sockets Layer (SSL)
• Pretty Good Privacy (PGP)
• Secure Shell (SSH)
Goals of cryptography
• Confidentiality is the primary goal that cryptography seeks to achieve
• Integrity Cryptography can help you detect changes in information
and thus determine its integrity.
• Authentication Cryptography allows a person, object, or party to be
identified with a high degree of confidence.
• Nonrepudiation The ability to provide positive identification of the
source or originator of an event is an important part of security.
• E.g., Digital signatures
Cryptography
• All cryptography follows the same basic process:
Cryptography
• All cryptography follows the same basic process:
Cryptography
• All cryptography follows the same basic process:
XOR cypher (vernam cypher)

• E.g., the string "Wiki" (01010111 01101001 01101011 01101001

in 8-bit ASCII) can be encrypted with the repeating key 11110011
as follows:
Week 8
Part 2
Caesar Cipher
Vigenère cipher
Discussion
• Would Support the usage of encryption for assets protection ? Why?
• How you will ensure that message will be read and understood by the
recipient?
Keys
• The key determines how strong the encryption is through several
factors
• The length of the key
• http://calc.opensecurityresearch.com/
• The approach used to generate the key
• The type of key
• Symmetric
• Asymmetric
n… n8
•8 •3 • 11 • 21 • 91
• __ __ • __ __
• 12
• 000 • 011 • 22 • 92
• 001 • 012 • 13
• 23 • 93
• 002 • 013 • 14
• 003 • 003
• 15 •… • 94
• 004 • 004 • 95
• 005 • 005 • 16
• 006 • 006 • 17 • 96
• 007 • 007 • 18 • 97
• 008 • 008
• 009 • 009
• 19 • 98
• 010 • 010 • 20 • 99
Keys
• The key determines how strong the encryption is through several
factors
• The length of the key
• The approach used to generate the key
• The type of key
• Symmetric
• Asymmetric
Symmetric keys
Symmetric keys
• Symmetric keys are those that both encrypt and decrypt the cipher
text
• Think of the vignette cipher (home work)
• In practice, encryption keys are mostly numeric
• The success of symmetric keys is down to how the key is generated
• Random number generation
Symmetric keys
• If we can create truly random numbers, symmetric keys can be a good
approach to encrypting data
• Humans are not good at creating truly random numbers
• We therefore use computers to pick random numbers
• However, random numbers generated by computers are often not random

78, 87, 17, 77, 95 88, 89, 91, 95, 99

How random are they?

83, 56, 26
Random numbers
• Random numbers
• Truly random numbers can only be created from an unknown quantity
• Rate of radioactive decay
• The number of leaves that will fall off a tree today
• The amount of rust that forms on a car in a month
• All of the above are processes derived from entropy
• Entropy creates truly random numbers
• “Entropy is a measure of the disorder or randomness of a system.”
Random numbers
• Entropy based Random Number Generators (RNGs) exist but are very
expensive
• These chips create random numbers based on the amount of thermal noise
given off by the processor (random)
• However, these chips are expensive and hence most computers use
algorithms to simulate entropic randomness
Week 9
Part 1
Pseudo-Random Number Generator (PRNG)
• Algorithms that generate a random number
• It can create the same random number (contradiction)
• If we installed a PRNG on one computer and generated a random
number and then installed it on a second and generated a random
number, both numbers would be the same
PRNG
• To make the encryption stronger, PRNGs use random data from your
machine so that the generation process offers a better random
number
• The number of keystrokes in the last hour or the number of milliseconds on
the system clock
• This data is incorporated into the algorithm and should give a better random
number
PRNG
• If the underlying algorithm is strong, then hopefully this approach will
create strong keys
• This frequently isn’t the case
• The first version of SSL used a symmetric key approach and used
system variables as part of the calculation
• Date, time and year were part of the calculation
• This was quickly realised meaning that SSL keys could be broken by guessing
the date, time and year
• Non Random variables
PRNG
• "Anyone who considers arithmetical methods of producing random
digits is, of course, in a state of sin.“ by John von Neumann
The flaw with symmetric keys
• The major problem with symmetric keys is that in order to encrypt
and decrypt the cipher text, both parties must have the key
• This means that at some point, you must send the key to recipient
• Can you be sure that the key hasn’t been intercepted?
The flaw with symmetric keys
Symmetric algorithm types

• Block and stream

• Hash Algorithms
• DES Algorithms, 56 bits
• Triple DES (3DES), 168 bits
• Advanced Encryption Standard (AES)
• Blowfish Blowfish, 448 bits Key, supports both 32-bits and 64-bit processors
• International Data Encryption Algorithm (IDEA), e.g. Pretty Good Privacy (PGP) system
• MARS This AES finalist was developed by IBM and supports key lengths of 128–256 bits.
Symmetric algorithm types

• RC2 algorithm crept into the public space in 1996. The algorithm allows keys
between 1 and 2,048 bits.
• RC4 Another : allows keys between 1 and 2,048 bits.
• RC5 Similar to RC2 and RC4, RC5 allows users to define a key length.
• RC6 supports key lengths of 128–256 bits.
• Rijndael or Advanced Encryption Standard (AES): very compact and fast and
can use keys that are 128, 192, or 256 bits long
• Serpent supports key lengths of 128–256 bits.
• Twofish supports key lengths of 128–256 bits.
Symmetric algorithm types
Block and stream
• Stream ciphers convert one symbol of plaintext directly into a symbol
of cipher text (Simple substitution is an example of a stream cipher)
• Block ciphers encrypt a group of plaintext symbols as one block
(Columnar transposition is a block cipher)

Most modern symmetric encryption algorithms are block ciphers. Block

sizes vary (64 bits for DES, 128 bits for AES, etc.).
Symmetric algorithm types
Columnar transposition

Meet me at next mid night

Cipher-text = eatitnihmexnetmgmedt
Symmetric algorithm types

Stream Cyphers
Advantages:
• Speed of transformation: algorithms are linear in time and constant in space.
• Low error propagation: an error in encrypting one symbol likely will not affect
subsequent symbols.
Disadvantages: Low diffusion:
• all information of a plaintext symbol is contained in a single cipher text symbol.
• Susceptibility to insertions/ modifications: an active interceptor who breaks the
algorithm might insert spurious text that looks authentic.
Week 9
Part 2
Symmetric algorithm types

Block Cyphers
Advantages:
• High diffusion: information from one plaintext symbol is diffused into several cipher
text symbols.
• Immunity to tampering: difficult to insert symbols without detection.
Disadvantages:
• Slowness of encryption: an entire block must be accumulated before encryption /
decryption can begin.
• Error propagation: An error in one symbol may corrupt the entire block.
• Padding
Digital Encryption Standard (DES)
• 1975 National Security Agency
• Became an accepted standard
• 56 bit key used to create a key table (64 bit block length)
• Block cipher approach
• Each block is compared with the table and cipher text produced
• One the cipher text is set, DES cycles through 16 different changes to
mix up the cipher text
• 56 quadrillion different key combinations
DES
• Broken in 1999
• Now considered a
weak encryption
standard
• Cracking software
designed to break DES
available online
• As mentioned before,
all hacking exploits
weakness in software
• Triple DES
AES
• Developed by Joan Daemen and Vincent Rijmen in 1999
• the block size 128 bits;
• offer variable key lengths of 128, 192, and 256 bits
• Applications RFIDs
Hash algorithms (Integrity testing)
• Hash algorithms are one-way algorithms that are not supposed to be
decrypted.
• The hash algorithm will always produce the same result on the same data
• I.e. if we hashed a particular string then it would always come out the same
• Hashes are used as protection mechanisms.
• Hash functions do not have a key
• Hash functions are publicly computable
• For instance if we download some software from bit torrent and we want to
be sure it doesn’t contain a virus, we can compare the hash provided by the
vendor and the hash we generate
• They should be identical if nothing has been added
• http://www.miraclesalad.com/webtools/md5.php
Usage of HASH Functions
Hash algorithms (Integrity testing)

• Message Digest 2 (MD2), MD4, MD5 (128 bit), MD6, (MD family)
• Secure Hash Algorithm-0 (SHA-0) Used prior to SHA-1 and has
since been replaced by SHA-1.
• Secure Hash Algorithm-1 (SHA-1) One of the other more
commonly used hashing algorithms, 160 bits. (applications:
SSL/TSL)
• Secure Hash Algorithm-2 (SHA-2) Designed to be an upgrade to
SHA-1 (SHA 224, SHA256, SHA384, SHA512).
• PRIMED, 128 bit and 160 bit
• Whirlpool, 512 bit based on AES
Message authentication codes (MAC)
• Origin authentication
Key length
• By far the most decisive factor in symmetric key strength is the length
of the key used to encrypt the data
• The longer the key, the longer it takes to break
• If we had a machine capable of cracking a 56bit key in one second (256
operations per second) it would take 149,745,258,842,898 years to
break 128bit encryption
• This suggests we are fairly safe but and explosion in computer power
could render 128bit encryption obsolete
• Quantum computing???
Symmetric Key Review
• Reference
• Martin, K.M., 2012. Everyday cryptography. The Australian
Mathematical Society, 231(6).
• Comparative study of Watermarking and Encryption Schemes for
JPEG2000 Images” in International Journal of Engineering and Applied
sciences, vol. 9, no. 26. pp. 9369-9372
Your Guide to Knowledge