Cryptography

A Comprehensive Overview
Authors: Vinayak Harikumar, Husnain
Khan, Hamdan Muhammad, Aaron
Felick Dsouza, Angana Brahma
Date: April 13, 2025
 What is Cybersecurity?
• Cybersecurity is the practice of protecting
systems, networks, and data from digital
attacks. It includes measures to prevent
unauthorized access, data breaches, and cyber
threats affecting individuals, organizations,
and governments.
 Definition and Importance of
Cryptography
• Cryptography secures information by
transforming readable data into encrypted
formats. It ensures only authorized parties can
access the data. It upholds confidentiality,
integrity, authentication, and non-repudiation
in communication systems.
 Origins of Cryptography
• Derived from the Greek words kryptós
(hidden) and gráphein (to write), cryptography
has evolved from Caesar and Vigenère ciphers
to modern algorithms like RSA and AES. It
plays a foundational role in digital security
today.
 Types of Cryptography
• 1. Symmetric Key Encryption: Uses one key for
both encryption and decryption (e.g., AES).
• 2. Asymmetric Key Encryption: Uses a public-
private key pair (e.g., RSA).
• 3. Hash Functions: One-way algorithms for
data verification (e.g., SHA, MD5).
 Pros and Cons of Each
Cryptography Type
• Symmetric: Fast but vulnerable if the key is
exposed.
• Asymmetric: Secure for key exchange, but
computationally slower.
• Hashing: Great for data integrity but prone to
collisions if weak algorithms are used.
 Article 1: Regev (2024)
• Presents a reduction from hard lattice
problems to Learning with Errors (LWE).
Shows quantum-secure encryption systems.
Achieves efficiency improvements like reduced
public key size (O(n²)) and ciphertext
expansion (O(n)).
 Article 2: Chen (2025)
• Introduces a homomorphic encryption
scheme using LWE/RLWE. Enables
computation on encrypted data, ideal for
cloud, federated learning, and secure AI.
Balances performance with post-quantum
security.
 Article 3: Peet-Pare (2025)
• Evaluates the NTRU encryption scheme.
Identifies it doesn't meet IND-CPA by default,
a key security standard. Suggests padding and
Random Oracle Model assumptions to
enhance NTRU’s security to IND-CCA2.
 Article 4: Gajland et al. (2023)
• Proposes Swoosh: a lattice-based non-
interactive key exchange (NIKE). High
efficiency with small public keys (~220KB) and
fast key generation (<12M CPU cycles). Ideal
for secure messaging and IoT.
 Implementation Overview
• Used OpenSSL on Kali Linux to demonstrate:
• - AES key generation
• - File encryption/decryption using ECB and
CBC modes
• - Base64 encoding
• - Hashing with MD5, SHA-1, SHA2-256
• - Image encryption
• - Forensics via NSRL
 AES Symmetric Key Generation
• Used OpenSSL to generate a 256-bit AES key.
The key is stored and used for subsequent file
encryption/decryption. Demonstrated secure
key handling practices including the use of salt
to defend against rainbow table attacks.
 File Encryption/Decryption: ECB
Mode
• Encrypted a text file using AES in ECB mode.
Pros: simplicity and speed. Cons: patterns in
data are preserved, making it insecure for
sensitive or structured files. Demonstrated
decryption producing original content.
 File Encryption/Decryption: CBC
Mode
• Used AES CBC mode for encryption.
Introduced XOR chaining to previous
ciphertext blocks, removing patterns.
Decryption shown to accurately recover
plaintext only with matching IV and salt.
 Base64 Encoding with AES
• Encrypted file with AES CBC, then encoded
using Base64 for safe email transmission.
Demonstrated reverse process: Base64
decoding followed by AES decryption. Showed
utility for transmitting binary data via text
protocols.
 Hashing Algorithms
• Demonstrated hashing with MD5, SHA1, and
SHA2-256 using OpenSSL.
• MD5: Fast but insecure.
• SHA1: Better but deprecated.
• SHA2-256: Most secure among the three.
• Used for integrity checking and password
storage.
 Digital Forensics with NSRL
• Explained how hash values of files are
compared against NSRL (National Software
Reference Library). Used in forensic
investigations to identify known software and
flag potentially malicious files from seized
digital evidence.
 ECB vs CBC in Image Encryption
• Used bitmap image of Tux Penguin. In ECB
mode, patterns from original image remained
visible. In CBC, encryption introduced
randomness, obscuring patterns completely.
Demonstrated CBC's superiority in security.
 Conclusion
• Cryptography is essential for securing data
across networks. Symmetric and asymmetric
encryption secure transmission and
authentication. Hashing ensures data integrity.
Implementation showed practical strengths
and weaknesses of each approach.