Cyber Security

Week 05

By: Tahir Sabtain Syed

 Defining Cryptography
• What is cryptography?
– Scrambling information so it appears unreadable to
attackers
– Transforms information into secure form
• Steganography
– Hides the existence of data
– Image, audio, or video files containing hidden
message embedded in the file
– Achieved by dividing data and hiding in unused
portions of the file

2
Data hidden by stenography

3
 What is Cryptography? (cont’d.)
• Origins of cryptography
– Used by Julius Caesar
• Encryption
– Changing original text into a secret message using
cryptography
• Decryption
– Changing secret message back to original form
• Cleartext data
– Data stored or transmitted without encryption

4
 What is Cryptography? (cont’d.)
• Plaintext
– Data to be encrypted
– Input into an encryption algorithm
• Key
– Mathematical value entered into the algorithm to
produce ciphertext (scrambled text)
– Reverse process uses the key to decrypt the
message

5
Cryptography process

6
 Cryptography and Security
• Cryptography can provide five basic information
protections
– Confidentiality
• Insures only authorized parties can view it
– Integrity
• Insures information is correct and unaltered
– Availability
• Authorized users can access it
– Authenticity of the sender
– Nonrepudiation
• Proves that a user performed an action
7
 Cryptographic Algorithms
• Three categories of cryptographic algorithms
– Hash algorithms
– Symmetric encryption algorithms
– Asymmetric encryption algorithms
• Hash algorithms
– Most basic type of cryptographic algorithm
– Process for creating a unique digital fingerprint for a
set of data
– Contents cannot be used to reveal original data set
– Primarily used for comparison purposes
8
 Cryptographic Algorithms (cont’d.)
• Example of hashing (ATMs)
– Bank customer has PIN of 93542
– Number is hashed and result stored on card’s
magnetic stripe
– User inserts card in ATM and enters PIN
– ATM hashes the pin using the same algorithm that
was used to store PIN on the card
– If two values match, user may access ATM

9
Hashing at an ATM

10
 Cryptographic Algorithms (cont’d.)
• Hashing used to determine message integrity
– Can protect against man-in-the-middle attacks
• Hashed Message Authentication Code (HMAC)
– Hash variation providing improved security
– Uses secret key possessed by sender and receiver
– Receiver uses key to decrypt the hash
• Hash values often posted on download sites
– To verify file integrity after download

11
Man-in-the-middle attack defeated by hashing

12
Information protections by hashing cryptography

13
 Cryptographic Algorithms (cont’d.)
• Most common hash algorithms
– Message Digest
– Secure Hash Algorithm
– Whirlpool
– RIPEMD
– Password hashes

14
 Symmetric Cryptographic Algorithms
• Original cryptographic algorithms
• Data Encryption Standard
• Triple Data Encryption Standard
• Advanced Encryption Standard
• Several other algorithms
– Same shared single key used to encrypt and decrypt
document

15
Symmetric (private
key) cryptography

16
 Symmetric Cryptographic Algorithms
(cont’d.)
• Two symmetric algorithm categories
– Based on amount of data processed at a time
• Stream cipher
– Takes a character and replaces it with a character
– Simplest type: substitution cipher
– Easy to break

17
Stream cipher

18
 Symmetric Cryptographic Algorithms
(cont’d.)
• Homoalphabetic substitution cipher
– also known as a monoalphabetic substitution cipher, is a type
of substitution cipher where each letter in the plaintext is
consistently replaced by a single letter in the cipher text

Substitution cipher

19
 Symmetric Cryptographic Algorithms
(cont’d.)
• Transposition cipher
– Rearranges letters without changing them

Transposition cipher

20
 Symmetric Cryptographic Algorithms
(cont’d.)
• Block cipher
– Works on entire block of plaintext at a time
– Separate blocks of 8 to 16 bytes encrypted
independently
– Blocks randomized for additional security

21
 Symmetric Cryptographic Algorithms
(cont’d.)
• Stream cipher advantages
– Fast if plaintext is short
• Stream cipher disadvantages
– Consumes much processing power if plaintext is
long
– More prone to attack
• Block ciphers considered more secure because
output is more random

22
Information protections by symmetric cryptography

23
Asymmetric Cryptographic Algorithms
• Asymmetric cryptographic algorithms
– Also known as public key cryptography
– Uses two mathematically related keys
– Public key available to everyone and freely
distributed
– Private key known only to individual to whom it
belongs

24
Asymmetric
(public key)
cryptography

25
Asymmetric Cryptographic Algorithms
(cont’d.)
• Important principles
– Key pairs
– Public key
– Private key
– Both directions
• Digital signature
– Verifies the sender
– Prevents sender from disowning the message
– Proves message integrity

26
Information protections by asymmetric cryptography

27
AES (Advanced Encryption Standard)
• AES was established as the standard encryption
algorithm by the U.S. National Institute of
Standards and Technology (NIST) in 2001.
• It replaced the Data Encryption Standard (DES),
which was becoming vulnerable to brute-force
attacks
• AES is a symmetric key encryption algorithm,
meaning the same key is used for both encryption
and decryption. This contrasts with asymmetric key
algorithms (like RSA), where separate keys are
used for encryption and decryption.
28
AES (Advanced Encryption Standard)
• Key Sizes: AES supports key sizes of 128, 192,
and 256 bits. The key size directly influences the
strength of the encryption. Larger key sizes
generally provide higher levels of security but may
come with increased computational overhead.
• Block Cipher:
• AES operates as a block cipher, processing fixed-
size blocks of data at a time. The block size is 128
bits. The algorithm divides the input data into
blocks and applies a series of substitution-
permutation operations to each block.
29
AES (Advanced Encryption Standard)
• Rounds:
– AES operates in multiple rounds, with the number of
rounds depending on the key size. For AES-128,
there are 10 rounds; for AES-192, there are 12
rounds; and for AES-256, there are 14 rounds. Each
round involves specific operations to enhance the
security of the encryption.
• Security Features:
– AES is designed to provide a high level of security
against various cryptographic attacks.

30
AES (Advanced Encryption Standard)
• Common Usage:
– AES is widely used in various cybersecurity
applications, including securing data transmitted over
the internet (e.g., HTTPS), encrypting files and
folders, protecting sensitive information in databases,
and ensuring the confidentiality of communications in
VPNs (Virtual Private Networks).
• Implementation:
– AES has been implemented in both hardware and
software, making it versatile for use in a variety of
systems and platforms. Its efficiency and security
have contributed to its widespread adoption.
31