Cryptography and

Network Security
COMP4055
Welcome
Course objectives:
 Learn how Cryptography works
 Learn how to use Cryptography correctly to harden network security

My recommendations:
 Take notes
 Patriciate in class discussions
 Free practice
 Read reference materials
Main Topics
 Cryptography Concepts
 Encryption Algorithms
 Cryptography Tools
 Public Key Infrastructure
 Email and Disk Encryption
 Cryptography Attacks
 Cryptanalysis Tools
 Steganography
 Analysis of Network Protocol Security
Cryptography and
Network Security
Module 1
Part 1
Cryptography Concepts
and Use Cases
Key Security Concepts
Why cryptography?
Cryptography is used to protect confidential data such as email
messages, chat sessions, web transactions, personal data, corporate
data, e-commerce applications etc.

It helps the conversion of data into scrambled code that is sent across a
private or public network.
 Confidentiality
 Integrity
 Authentication
 Nonrepudiation
Confidentiality
According to the International Standards Organization (ISO), confidentiality is
"ensuring that the information/data can be accessed only by those authorized."
Confidentiality is the term used to describe the prevention of revealing information
to unauthorized computers or users.
Integrity
Integrity is "ensuring that the information is accurate, complete,
reliable, and is in its original form." Valuable information is stored on
the computer. Any data corruption/modification can reduce the value
of the information. The damage that data corruption/modification can
do to an organization is unfathomable .
Authentication
Authenticity is "the identification and assurance of the origin of
information." It is important to ensure that the information on the
system is authentic and has not been tampered with. It is also
important to ensure that the computer users or those who access
information are who they claim to be.
Nonrepudiation
In digital security, nonrepudiation is the means to ensure that a message
transferred has been sent and received by the persons or parties who actually
intended to. Let us assume that party A is sending a message M with the
signature S to the party B. Then party A cannot deny the authenticity of its
signature S.
It can be obtained through the use of:
 Digital signatures : A digital signature functions as unique identifier for an
individual, like a written signature. It is used to ensure that a message or
document is electronically signed by the person.
 Confirmation services: It is possible to indicate that messages are received
and/or sent by creating digital receipts. These digital receipts are generated by
the message transfer agent.
Cryptography Terminologies
Cryptograph … (1/3)

• Cryptography – the science of secret writing.

• Cryptology – the study of cryptography and cryptanalysis.
• Cryptosystem – hardware and/or software implementation of
cryptography.

• Algorithm – a precise rule (or set of rules) specifying how to solve some
problem or accomplish a specific task.
• Plaintext/Cleartext – data in unscrambled form.
• Ciphertext/Cryptogram – scrambled data.
• Cipher – algorithm for transforming plaintext to ciphertext.

- 14
 Cryptograph … (2/3)

• Encipher/Encrypt/Encode – act of scrambling using key.

• Decipher/Decrypt/Decode – descrambling with key.

• Cryptanalysis – the practice of breaking cryptosystems or obtaining plaintext

from cipher text without a key.
• Work Factor – time, effort, and resources necessary to break a cryptosystem.

- 15
Cryptograph … (3/3)

• Key – For crypto, a secret value in the form of a sequence of characters used to
encrypt and decrypt.
• Key clustering – instance where two keys generate the same ciphertext
from same plaintext.

• Keyspace – All possible values used to construct keys. The larger keyspace
the better.

• Initialization Vector (IV)

• In crypto, IV is a block of bits used as the initializing input algorithm for the
encryption of a plaintext block sequence.
• IV increases security by introducing additional cryptographic variance
and to synchronize cryptographic equipment

- 16
 History of Cryptograph …(1/4)

• 1500 BC: A Mesopotamian tablet contains an enciphered formula for

the making of glazes for pottery.
• 487 BC: The Greek used a device called the scytale/ Mesopotamian Tablet

skytale – a staff around which a long, thin strip of leather was

wrapped and written on.
Scytale Cipher

• 50-60 BC: Julius Caesar used a simple substitution with the

normal alphabet (just shifting the letters a fixed amount) in
government communications.
Caesar Cipher

• 1790: Thomas Jefferson invented wheel cipher. (The order of the disks is the key).
Thomas Jefferson Wheel Cipher

• 1854: Charles Babbage re-invented the wheel cipher.

Charles Babbage’s wheel
cipher

Reference: Secrets and Lies – Digital Security in a Networked World, B. Schneier, Wiley Publishing, 2004
History of Cryptograph …(2/4)

• 1919-1922: Patents issued to Gilbert Vernam for Vernam

cipher.

• 1930-1941: German military used Lorenz SZ 40 and SZ 42

cipher machines based on Vernam stream cipher to
encrypt teleprinter messages.
– Stream cipher using pseudorandom bits to be XOR’ed with the
plaintext.

• 1933-1945: German military field units used Enigma

cipher machine to encrypt messages.
– Electro-mechanical rotor cipher machine uses polyalphabetic
substitution

Enigma Cipher
Machine

Reference: Secrets and Lies – Digital Security in a Networked World, B. Schneier, Wiley Publishing, 2004
History of Cryptograph …(3/4)

• 1943-1944: British code breakers designed

Colossus Mark 1 and Colossus Mark 2 to decrypt
Lorenz cipher machine.
– Designed by Max Newman & Tommy Flowers
– Using frequency analysis.

• 1938-1944: British code breakers designed Bombe

to decrypt Enigma cipher machine.
– Designed by Alan Turing
– Using frequency analysis

Reference: Bletchley Park National Codes Center (http://www.bletchleypark.org.uk/) - 11 -

History of Cryptograph …(4/4)

• 1976: NSA chosen IBM’s modified Lucifer cipher to be the Data

Encryption Standard (DES).
• 1976: Whitfield Diffie & Martin Hellman published
New Directions in Cryptography.
• 1978: Ronald L. Rivest, Adi Shamir & Leonard M. Adleman (RSA)
published RSA Algorithm for Public Key System.
• 1984: ROT13 cipher introduced on UNIX systems, it encrypts cleartext message by
shifts letters 13 places.
• 1991: Phil Zimmermann released first version of PGP (Pretty Good
Privacy).
• 2000: Joan Daeman and Vincent Rijman’s Rijndael algorithm was
selected by NIST as the Advanced Encryption Standard (AES).

Reference: Secrets and Lies – Digital Security in a Networked World, B. Schneier, Wiley Publishing, 2004 - 12 -
Encryption Algorithms
Types of Encryption Algorithms
 Symmetric encryption (secret key cryptography)
 Asymmetric encryption (public key cryptography)
Symmetric encryption (secret
key cryptography)

The symmetric encryption method uses

the same key for encryption and
decryption.
Symmetric encryption
The symmetric encryption method uses the same key for encryption
and decryption.
The problem with the secret key is transferring it over the large
network or Internet while preventing it from falling into the wrong
hands. In this process, anyone who knows the secret key can decrypt
the message. This problem can be fixed by asymmetric encryption.
Asymmetric encryption
(PUBLIC KEY CRYPTOGRAPHY)

The symmetric encryption method uses

different key for encryption and
decryption.
Asymmetric encryption
Asymmetric cryptography uses different keys for encryption and
decryption. In this type of cryptography, an end user on a public or
private network has a pair of keys: a public key for encryption and a
private key for decryption. Here, a private key cannot be derived from
the public key.
The asymmetric cryptography method has been proven to be secure
against attackers. In asymmetric cryptography, the sender encodes the
message with the help of a public key and the receiver decodes the
message using a random key generated by the sender's public key.
Recap: ciphers
Cryptography refers to secret writing and a cipher is nothing more than
an algorithm used for both encryption as well as decryption . The
traditional method of encoding and decoding used to be in a different
format, which provided numbering for each letter of the alphabet and
used to encode the given message. If the attacker also knew the
numbering system, he or she could decode it.
In cryptography, the cipher algorithm used for encoding is known as
enciphering and decoding is known as deciphering.
Confusion and Diffusion
 In Shannon's original definitions, confusion refers to making the
relationship between the ciphertext and the symmetric key as
complex and involved as possible; diffusion refers to dissipating the
statistical structure of plaintext over the bulk of ciphertext.
 Bonus
 Can you solve either of these?
 67 111 110 103 114 97 116 117 108 97 116 105 111 110 115 33 32 78 111 119
32 115 101 110 100 32 109 101 32 97 110 32 101 109 97 105 108 32 97 116
32 106 109 105 110 64 103 101 111 114 103 101 98 114 111 119 110 46 99 97

 Q29uZ3JhdHVsYXRpb25zIGFnYWluISBOb3cgc2VuZCBtZSBhbm90aGVyIGVtYWl
sIGF0IGptaW5AZ2VvcmdlYnJvd24uY2EuIA==

 Try not to share answers/solutions with your classmates, let everyone

learn.
More in Part-2