Cryptography and Cryptographic Algorithms: 4 hr

• Cryptography, Data Encryption Standard,

• Symmetric key Cryptography(Block and stream ciphers)
• Asymmetric key Cryptography
• Public key Cryptography (RSA)
• Message Digest 5, Hash Function, Message Authentication Code
(MAC).
Cryptography
• Cryptography is the technique of converting ordinary plain text
into unintelligible (Encryption) text and vice-versa (Decryption).

• It is a method of storing and transmitting data in a particular

form so that only those for whom it is intended can read and
process it.

• It is the practice and study of techniques for secure

communication, to prevent third parties or the public from
reading private messages.
• Plaintext is what you have before encryption, and cipher
text is the encrypted result.

• Plain text: Plaintext or clear text is unencrypted

information.

• Cipher text: Cipher text is encrypted text.

• Cipher: Method of Encryption (generate cypher text)

• Types of Cipher.
– Transposition (Permutation) cipher
– Substitution Cipher.
Transposition (Permutation) cipher
A transposition cipher rearranges the characters in the plaintext to form
ciphertext. The letters are not changed.

e.g. HELLO EOLOLH The rearrangement of the text is based on the

permutation.

It just rearranges the given information without modifying it.

Substitution cipher:
A substitution cipher changes characters in the plaintext to produce the
ciphertext.
e.g. HELLO AGKKP
Symmetric key Cryptography (Block and stream ciphers)
• Symmetric-key algorithms are the algorithms for cryptography that use
the same cryptographic keys for both encryption of plaintext and
decryption of ciphertext.

• Symmetric-key systems are simpler and faster, but their main drawback is
that the two parties must somehow exchange the key in a secure way.

• Public-key cryptology, which utilizes two keys - a public key to encrypt

messages and a private key to decrypt them
Stream Cipher:
• A stream cipher is a symmetric key cipher where plaintext digits are
combined with a keystream.
• A keystream is a stream of random characters that are combined with a
plaintext message to produce an encrypted message.
• In a stream cipher, each plaintext digit is encrypted one at a time with the
corresponding digit of the keystream, to give a digit of the ciphertext
stream.
Block Cipher
• A block cipher is an encryption method that applies a deterministic
algorithm along with a symmetric key to encrypt a block of text, rather
than encrypting one bit at a time.
• Block cipher is widely used to implement encryption of bulk data.
• Block ciphers take a number of bits and encrypt them as a single unit
• Blocks of 64 or 128 bits are commonly used.
Data Encryption Standard

• The Data Encryption Standard(DES) works by using the same key to

encrypt and decrypt a message, so both the sender and the receiver must
know and use the same private key.

• The Data Encryption Standard is a block cipher, meaning a cryptographic

key and algorithm are applied to a block of data simultaneously rather
than one bit at a time.

• To encrypt a plaintext message, DES groups it into 64-bit blocks. Each

block is enciphered using the secret key into a 64-bit ciphertext by means
transposition and substitution.
• The process involves 16 rounds and encrypting blocks individually or
making each cipher block is dependent on all the previous blocks.

• DES has an effective key length of 56 bits, since 8 of the 64 bits of the key
are not used by the encryption algorithm (function as check bits only).

• The check bits or parity bits are used to check if the key was indeed
correctly retrieved.
• The output text of each round is the input to next round.

• The keys for each round is separate which is just the result of left circular
shift operation of the original key.

• The round key generator is the component which is responsible to

generate 16 sub keys for 16 rounds.

• The round operation is nothing but the XOR operation between the plain
text and the key.

• The final key to the cipher text is the resulting key at the end of 16 rounds.
• Decryption is simply the inverse of encryption, following the same steps
but reversing the order in which the keys are applied.

• It would take a maximum of 2^56, or 72,057,594,037,927,936 attempts to

find the correct key.

• For any cipher, the most basic method of attack is brute force, which
involves trying each key until you find the right one.

• Many security experts felt the 56-bit key length was inadequate even
before DES was adopted as a standard.

• Thus, DES is upgraded to more secure Advanced Encryption Standard

(AES)
Asymmetric key Cryptography
• Asymmetric cryptography, also known as Public key
cryptography, uses public and private keys to encrypt and
decrypt data.
• The keys are simply large numbers that have been paired
together but are not identical (asymmetric).
• One key in the pair can be shared with everyone; it is called
the public key.
• The other key in the pair is kept secret; it is called the
private key.
• “Public key" cryptography has the following property:
“There is no single key but rather a key-pair.
• Doesn't that just add complexity to the problem of key
distribution?
• There is still a need for key distribution. But in this case, we
intend to distribute the public key to anyone.
• One part (the public key) is available to be given away and
the other part (the private key) is intended to be kept
secret
RSA Algorithm

• The RSA algorithm is named after those who invented it in 1978: Ron
Rivest, Adi Shamir, and Leonard Adleman.

• The RSA algorithm is an asymmetric cryptography algorithm; this

means that it uses a public key and a private key (i.e two different,
mathematically linked keys).

• Public key is shared publicly.

• Private key is secret and must not be shared with anyone.

• If a public key of user A is used for encryption we have to use the

private key same user for decryption.

• The RSA scheme is a block cipher in which the plain text and cipher
text are integer between 0 and n-1 for some value n.
• A user of RSA creates and then publishes a public key based on two large
prime numbers, along with an auxiliary value.

• The two prime numbers must be kept secret.

• The RSA algorithm involves four steps:

– key generation,
– key distribution,
– encryption and
– decryption.
Key generation
• Select two large prime numbers, x and y. The prime numbers need to be
large so that they will be difficult for someone to figure out.

• Calculate n = X * Y.
• Calculate the totient function;
• ϕ(n)=(x−1)(y−1).// eulers toitent function

• Select an integer e, such that e is coprime to ϕ(n) and 1<e<ϕ(n). The pair
of numbers (n,e) makes up the public key.
– Gcd value of (ϕ(n), e ) = 1
• Calculate d such that e.d ≅ 1 mod ϕ(n).
• e.d mod ϕ(n) = 1;
• d=(1+k*Φ(n))/e
• d can be found using the extended euclidean algorithm. Pair (n,d) makes
up the private key.
Key Distribution:

• Suppose that Bob wants to send information to Alice. If they decide to use
RSA, Bob must know Alice's public key to encrypt the message and Alice
must use her private key to decrypt the message.

• To enable Bob to send his encrypted messages, Alice transmits her public
key (e,n) to Bob via a reliable, but not necessarily secret, route. Alice's
private key (d,n) is never distributed.

Encryption:
• After Bob obtains Alice’s public key(e,n), he can send a message m to
Alice by computing the cipher text c, using Alice’s public key (e,n).
c=m^e (mod n)
Bob then transmits c to Alice.
Decryption:
• Alice can recover the original message m form c using her private key (d,n)
by computing m= c^d (mod n)
• Pick two prime numbers: p=7, q=11
– n=p*q=7*11=77

• Φ(n)=(p-1)(q-1)
=(7-1)(11-1)
=6*10=60
Choose e satisfying 1<e<Φ(n)
Let us choose e=7, which do not share any common factors with 60
rather than 1.

• Compute d satisfying: de{mod Φ(n)} = 1

So, 43*7{mod 60}=1

• Let us choose d=43 which satisfies the relation.

• So public key (e,n) is (7,77) which is released publicly and the persons that
want to send the message use this key to encrypt the message and send it
to the receiver.

• Private key (d,n) is (43,77) which is kept secret by the receiver.

• Let us consider the message be 3 (m).
• So, at encryption process, the sender uses the public key to encrypt
the message. Resulting cipher text will be:
c=m^e(mod n)
=3^7(mod 77)
=31

• At decryption process, the private key is used to decrypt the cipher

text. Plain text is obtained as
m=c^d(mod n)
= 31^43(mod n)
Hence, the original message 3 is obtained at receiver end after
decryption.
Hashing
• A hashing is an algorithm that takes an arbitrary (any length) amount of
data input and produces a fixed-size compress output of called a hash
value, or just “hash.”

• It is also called as compression function or the Digest (because any larger

can be compress to small size).

Major feature of Hash Function

• Non-reversibility, or one-way function. A good hash should make it very
hard to reconstruct the original password from the output or hash.

• Diffusion, or avalanche effect. A change in just one bit of the original

password should result in change to half the bits of its hash. In other
words, when a password is changed slightly, the output of enciphered text
should change significantly and unpredictably.
• Determinism. A given password must always generate the same hash
value or enciphered text.

• Collision resistance. It should be hard to find two different passwords that

hash to the same enciphered text.

• Non-predictable. The hash value should not be predictable from the

password.

• It is one way to enable security during the process of message

transmission when the message is intended for a particular recipient only.
A formula generates the hash, which helps to protect the security of the
transmission against tampering.
• When a user sends a secure message, a hash of the intended message is
generated, and is sent along with the message.

• When the message is received, the receiver decrypts the the message.
Then, the receiver creates another hash from the message.

• If the two hashes are identical when compared, then a secure

transmission has occurred. This hashing process ensures that the message
is not altered by an unauthorized end user.
Message Digest 5

• The MD5 algorithm is a widely used hash function producing a 128-bit hash
value.

• The MD5 hashing algorithm is a one-way cryptographic function that accepts a

message of any length as input and returns as output a fixed-length digest
value to be used for authenticating the original message.

• The MD5 hash function was originally designed for use as a secure
cryptographic hash algorithm for authenticating digital signatures.

• MD5 has been deprecated for uses other than as a non cryptographic
checksum to verify data integrity and detect unintentional data corruption.

• Although originally designed as a cryptographic message authentication code

algorithm for use on the internet, MD5 hashing is no longer considered
reliable for use as a cryptographic checksum because researchers have
demonstrated techniques capable of easily generating MD5 collisions on
commercial off-the-shelf computers
Message Authentication Code(MAC)
• It is similar to MD (Message Digest) except the fact that it contain
symmetric cryptographic Process.

• Message authentication code (MAC), sometimes known as a tag, is a short

piece of information used to authenticate a message.
• The sender uses some publicly known MAC algorithm, inputs the message
and the secret key K and produces a MAC value.

• Similar to hash, MAC function also compresses an arbitrary long input into
a fixed length output. The major difference between hash and MAC is that
MAC uses secret key during the compression.

• On receipt of the message and the MAC, the receiver feeds the received
message and the shared secret key K into the MAC algorithm and re-
computes the MAC value.

• The receiver now checks equality of freshly computed MAC with the MAC
received from the sender. If they match, then the receiver accepts the
message and assures himself that the message has been sent by the
intended sender.
Assignment
What is block cipher.

Define Role Based Access Control.

Encrypt string “Hello World” using any one encryption algorithm.

List the difference between snooping and spoofing

Encipher the plain text “exam” using ceaser cipher.

How does block cipher differ stream cipher.

Define Cryptography. Explain Transposition and substitution cipher with brief example.

Using RSA formula findout message (M) from given set of values. P= 11, q = 3, e= 3 and c =13

Perform encryption and decryption using RSA algorithm for p=5, q=7, e=7 and m=12.

Define public key cryptography. Suppose in a RSA system how private key is generated from a given public key?
Give an example.

In a public key using RSA you intercept the cipher text c= 10, sent a user whose public key is e= 5, n =35, what is
the plain text.