Cryptography

Cryptography

Name：Joyash Shrestha

Class：11

Section：M13

Registration Number：12721295

Faculty：Science

Shift: Morning
Preface

From sending messages, mails or any other data through

internet to sorting data in a hard drive, cryptography is
used in basic data storing to securing high priority
classified data. The application of it are unlimited and we
use it knowingly an unknowingly in our daily life. The
project contains the topics related to such cryptography
and have been arranged in a systematic manner which can
be taken as an introduction to cryptography. Each topic is
briefly described with some illustrations and real life/
theoretical exampled. In addition, the background of
cryptography is also included here. The project overall
covers the topics such as history of cryptography, features
of cryptography, types of cryptography, uses of
cryptography, etc.
Acknowledgement

I would like to express my deep gratitude to everyone

who have helped me in making this project. Firstly, I
would like to express my special thanks of gratitude to
my computer teacher who gave me the golden
opportunity to do this wonderful project on the topic
"Cryptography", which also helped me in doing a lot of
Research and i came to know about so many new things I
am really thankful to them.
Secondly, I would also like to thank my parents and
friends who helped me a lot in finalizing this project
within the limited time frame.Without their help,
completing this project would have been very difficult. I
would like to thank my parents and friends for helping
me a lot in gathering different information, collecting
data and guiding me from time to time in making this
project , despite of their busy schedules ,they gave me
different ideas in making this project unique.

Thank you!
Contents

Introduction To Cryptography…………………… 1

History Of Cryptography………………………… 2

Modern Cryptography…………………………… 3

Basic Working Of Cryptography……………… 4

Features Of Cryptography……………………… 5-8

Cryptography and Encryption…………………… 9

Types Of Cryptography………………………… 10-15

Uses Of Cryptography…………………………… 16-18

Cryptography Tools……………………………… 19-20

Trends In Cryptography………………………… 21-24

Problems In Cryptography………………………. 25-26

Conclusion……………………………………… 27
Introduction To Cryptography

Cryptography is one of the most essential parts of a

computer which is used everywhere. It is converting
ordinary data into incomprehensible data also most
commonly known as cipher text to protect data. The term
"Cryptography" is derived from the Greek word kryptos,
which means hidden and is composed of "crypt" which
means hidden, and "graphy" which means writing.
Cryptography secures information by use of codes only
understood by the intended users. Cryptography is the
science of using mathematics to encrypt and decrypt data
enabling user to store sensitive information or transmit it
across insecure networks so that it can be read by the
intended recipient but is unreadable to general users.
Cryptography used to be generally as same as encryption
but nowadays is mostly based on mathematical theory
and computer science practice. Cryptography utilizes the
techniques which protect information by use of
mathematical concepts and algorithms to convert data in
ways that make it hard to decode it. The algorithms are
used for cryptographic key generation, digital signing,
verification to secure data privacy, web browsing on the
internet, and to protect confidential transactions like
credit card and debit card transactions. Cryptography can
also be used for user authentication on top of protection
from data theft or data alteration

1
History Of Cryptography

The earliest known ciphers is Ceaser Cipher which was

used by Julius Ceaser in around 58BC. It used the
technique of shifting letters in his letters with a consistent
pattern which made the message meaningless to the
enemy. The inter shift would be known among his
subordinates and could be deciphered. Later, Vigenère
cipher was introduced which used encryption key to
encode messages. These methods were not that secure so
with the technical advancements, electromechanical
devices were used to substitute letter with different
substitution tables by the help of devices like the Hebern
Rotor Machine. This method was considered very secure
and could take a long time to decode without the table.
Cryptography got more complex with the development of
computer but was mostly used by spies and generals for
several more decades. However, that began to change in
the 1960s. The Colossus Mark 1 was the world's first
programmable and electronic computer purpose built of
code breaking. IBM led the way in the late 1960s with an
encryption method known as "Lucifer", which was
eventually codified by the US National Bureau of
Standards as the first Data Encryption Standard
(DES).And with the development of computer technology,
cryptography became more and more essential and today
various techniques are used to encrypt data.

2
Modern Cryptography

IBM led the way in the late 1960s with an encryption

method known as "Lucifer", which was eventually
codified by the US National Bureau of Standards as the
first Data Encryption Standard (DES). As computer
power increased, there was a need for more secure
techniques and so in 2001, the shift was made by NIST
to a new more secure block cipher, which became the
Advanced Encryption Standard (AES) featuring a block
size of 128-bits, and multiple different key lengths of 128,
192 and 256 bits, which is currently still in use. The other
method is asymmetric encryption(public key encryption)
where the code used for encryption is pubic so the name
public key. It uses a second key as well known as private
code required for the decryption. Asymmetric encryption
is applied to many internet protocols, including the RSA
security algorithm, that forms the basis of the SSL/TSL
Protocol, which secures our computer networks. Both
symmetric and asymmetric encryption can also be seen
used combined for digital signature where both public
keys and private keys are utilized for securing the
message and to verify the authenticity of the sender/
receiver.

3
Basic Working Of Cryptography

Cryptography fundamentally consists of two steps:

i. Encryption
ii. Decryption
Encryption is use of cipher in order to encrypt plain-text
and turn it into cipher-text. Decryption uses the cipher to
turn the cipher-text back into plain-text. Caesar’s
Cipher(shift cipher) can be taken as an example to
understand the basic workings of cryptography where an
information is substituted with another. In case of
Caesar’s Cipher, if we take Caesar’s key value of 5, we
offset the alphabet so that the 5th letter down (F) begins
the alphabet.
Initially we have:
ABCDEFGHIJKLMNOPQRSTUVWXYZ
After the sliding by 5, we have:
FGHIJKLMNOPQRSTUVWXYZABCDE
where F=A, G=B, H=C, I=D, and so on.

By applying this, the word "CRYPTOGRAPHY"

becomes "HWDUYTLWFUMD" which can be
understood by the people who know the key is 5 but
looks gibberish to the unintended people. This type of
cryptography is very basic and can be easily deciphered
so the current technology uses other advanced techniques
which are had to decrypt.

4
Features Of Cryptography

Cryptography is used from keeping military secrets to

transmitting financial data safely across the internet and
other wide variety of cybersecurity. Cryptography keeps
the contents of data confidential and authenticates the
identity of sender and receiver. It ensures the integrity of
the data by preventing alterations in the data. The features
of cryptography can be generalized as:

i. Authentication

ii. Confidentiality

iii. Integrity

iv. Non-repudiation

5
Features Of Cryptography

I. Authentication

Cryptography verifies the identities of the sender and the

receiver and the destination/origin of information. With
the use of a proper cryptographic system, the identity of a
remote user or system can be established. SSL certificate
of a web server that provides proof to the user that they're
connected to the right server is an example. The identity
is recognized by the cryptographic key of the user so the
identity is more secure with a safer key. Public keys are
related to each other, so the community created a
certificate that contains the issuer's name and the subject
for the one the certificate is issued to. So it can be
determined if a public key is secure by checking if the
certificate issuer has a certificate as well. An example of
this sort of cryptography in action is Pretty Good Privacy,
or PGP, a software package developed by Phil
Zimmerman that provides encryption and authentication
for email and file storage applications.

6
Features Of Cryptography

II. Confidentiality

Cryptography makes it so that information can only be

accessed by the intended person and no one else.
Currently, securing our private information is one of the
biggest concerns with data leaks and other data breaches
which is prevented by cryptographic systems. With the
right encryption tools, users can guard sensitive company
data, personal medical records, or just lock their
computer with a simple password. Cryptographic
Systems were originally developed to prevent any
intruders to access such personal data.

III. Integrity

Cryptography also makes the information unalterable in

the user's storage or while communicating through a
network while sharing data between the sender and
receiver. It ensures that data is not viewed or altered
during transmission or storage. The most common way to
do accomplish data integrity through cryptography is by
using cryptographic hashes to safeguard information with
a secure checksum.

7
Features Of Cryptography

IV. Non-repudiation

The creator/sender of information cannot deny his or her

intention to send information at later stage. This concept
is especially essential for using or developing financial or
e-commerce applications. One of the big problems that e-
commerce pioneers faced was the pervasive nature of
users who would refute transactions once they had
already occurred. Cryptographic tools were created to
ensure that each unique user had indeed made a
transaction request that would be irrefutable at a later
time. People would make several transactions and later
deny the transactions demanding a refund. But if the bank
has taken measures to ensure non-repudiation through
cryptography, they can prove that the transaction was
indeed authorized by the user.

8
Cryptography and Encryption

Cryptography and Encryption may look same at first

sight but cryptography encompasses encryption and many
other techniques. Basically, cryptography is the study of
concepts like encryption, decryption, used to provide
secure communication, whereas encryption is the process
of encoding a message with an algorithm. Cryptography
includes different techniques and technologies, including
algorithms, math, mathematics, information theories,
transmission, encryption and so on. Encryption is one
such technique of Cryptography. Encryption alone can
confidentially give the message, but different techniques
are needed to provide the integrity and authenticity of a
message. Basically, a successful plan should provide data
integrity, authentication, and non-repudiation, which is
what Cryptography provides.

9
Types Of Cryptography

Cryptography is generally categorized into three types in

terms of working mechanism and it's unique
property(advantage/disadvantage). The three basic types
are:

i. Symmetric Key Cryptography (Private/Secret Key

Cryptography)

ii. Asymmetric Key Cryptography (Public Key

Cryptography)

iii. Hash Function

10
Types Of Cryptography

I. Symmetric Key Cryptography

Symmetric key cryptography is also known as private key

cryptography or secret key cryptography. Symmetric key
cryptography is a type of cryptography in which the
single common key is used by both sender and receiver
for the purpose of encryption and decryption of a
message. This system is also called private or secret key
cryptography and AES (Advanced Encryption System) is
the most widely uses symmetric key cryptography. This
type of cryptography uses a single key to encrypt a
message and then decrypt that message upon delivery.
The symmetric key system has one major drawback that
the two parties must somehow exchange the key in a
secure way as there is only one single key for encryption
as well as decryption process. Its primary application is
the protection of resting data. Since symmetric
cryptography requires that you have a secure channel for
delivering the crypto key to the recipient, this type of
cryptography is all but useless for transmitting data. AES
(Advanced Encryption Standard), DES, Triple DES, RC2,
RC4, RC5, IDEA, Blowfish, Stream cipher, Block cipher,
etc. all fall under symmetric cryptography. There are two
kinds of symmetric cryptography: Block algorithm and
Stream algorithm.

11
Types Of Cryptography

Types of Symmetric Key Cryptography:

i. Block Algorithm:

The set of bits is encoded with a specific secret key in

electronic data blocks. The system keeps the data in its
memory while it is waiting to get complete blocks when
the data are encrypted. Some important Block cipher
algorithms are DES, Triple DES, AES, etc.

ii. Stream Cipher Algorithm:

In this, Plain text numbers or characters are combined

with pseudo random cipher digit stream. Some important
Stream cipher algorithms are RC4, A5, BLOWFISH, etc.
In symmetric key encryption, the encryption code can be
cracked if someone finds out the symmetric key. But this
problem can be overcome with the Diffie-Hellman
algorithm. In the Diffie-Hellman key exchange or
agreement algorithm, the sender and receiver must agree
on a symmetric key using this technique. This key can
then be used for encryption or decryption purpose.

12
Types Of Cryptography

II. Asymmetric Key Cryptography

Asymmetric key cryptography is also known as public

key cryptography and is more secure than symmetric key.
Asymmetric Key Cryptography is completely different
and a more secure approach than symmetric key
cryptography. Asymmetric cryptography uses two
different keys for encryption and decryption, as opposed
to the single key used in symmetric cryptography. In this
system, every user uses two keys or a pair of keys
(private key and public key) for encryption and
decryption process. Private key is kept as a secret with
every user and public key is distributed over the network
so if anyone wants to send message to any user can use
those public keys. Either of the key can be used to
encrypt the message and the one left is used for
decryption purpose. RSA is the most popular and widely
used asymmetric algorithm. RSA, DSA, PKCs, Elliptic
Curve techniques, etc. fall under asymmetric key
cryptography.

13
Types Of Cryptography

III. Hash Function Cryptography/ Hashing

A Hash function is a cryptography algorithm that takes

input of arbitrary length and gives the output in fixed
length. Hashing is a type of cryptography that changes a
message into an unreadable string of text for the purpose
of verifying the message’s contents, not hiding the
message itself. The hash function is also considered as a
mathematical equation that takes seed (numeric input)
and produce the output that is called hash or message
digest. This system operates in one-way manner and does
not require any key. Also, it is considered as the building
blocks of modern cryptography.This type of cryptography
is most commonly used to protect the transmission of
software and large files where the publisher of the files or
software offers them for download. The reason for this is
that, while it is easy to calculate the hash, it is extremely
difficult to find an initial input that will provide an exact
match for the desired value. MD5 is the most commonly
used hash function to encrypt and protect your passwords
and private data.Message Digest 5 (MD5), SHA (Secure
Hash Algorithm), RIPEMD, and Whirlpool all fall under
hash function.

14
Types Of Cryptography

Difference between Symmetric, Asymmetric

and Hash Function Cryptography

i. Symmetric key uses one key to encrypt and encrypt

message while asymmetric key uses two keys where
one key is used for encryption and other decryption
and hash function does not require encryption key.

ii. The symmetric key is much faster than the

asymmetric and hash function but is less reliable in
security.

iii. Asymmetric key was introduced to overcome the

problem of key exchanges in symmetric key and hash
functions was introduced to provide greater security
than before.

iv. If the key is compromised over the network then there

will loss of both sender and receiver in symmetric key,
only loss of key owner in asymmetric key, and in hash
function, there is no key to compromise.

v. Asymmetric key has higher complexity than hash

function and symmetric key has very less complexity.

15
Uses Of Cryptography

Cryptography is used in out day to day life to keep our

data secure with or without us noticing it. Taking a real
life example of two friends X and Y, we can view the
working of cryptography. X sends a message to Y
through the internet on a public platform. An external
agent can interfere with the communication channel and
view the secure data or alters it to their wish. But if the
same data is encrypted by X while he sends it to Y over
the same public platform, the external agent cannot view
or alter the message due to it being encrypted. Y with the
decryption key can decode the message into its readable
form. Even if the external agent manages to alter the
message, it will be shown as an error while Y tries to
decode it. This is a basic example of use of cryptography
in our daily life. The basic objective of cryptography is to
secure the authenticity and integrity of a message. In our
daily life, cryptography has many practical applications
like:

i. Authentication/Digital Signatures,
ii. Time Stamping,
iii. Electronic Money,
iv. Sim Card Authentication,
v. Encryption/Decryption in email,
vi. Disk Encryption, etc.

16
Uses Of Cryptography

I. Authentication/Digital Signatures:

Authentication and digital signatures are a very important

application of public-key cryptography which proves the
authenticity of the sender, receiver and the information as
well. For validating the information, the user can verify
the origin of a document, the identity of the sender, the
time and date a document was sent and/or signed, the
identity of a computer or user, and so on. A digital
signature contains such information according to the
user's private key. A certificate contains, the certificate
issuer's name, the name of the subject for whom the
certificate is being issued, the public key of the subject,
and some time stamps. The certificate is the proof of
authenticity of the issuer. A digital signature is generally
created using hash function and a private signing function.

II. Sim Card Authentication:

The SIM card needs to be authenticated for it to access a

network.

17
Uses Of Cryptography

III. Electronic Money:

Electric Money is a comparatively new concept which

includes electronic transactions like transfer of funds by
net. Encryption is used in electronic transactions to
protect the transaction data like account number, amount,
digital signature, etc.

IV. Time Stamping:

Time Stamping is used to record the time when a certain

electronic document or communication existed or was
delivered. Time stamping uses an encryption model
called a blind signature scheme. Blind signature schemes
allow the sender to get a message receipted by another
party without revealing any information about the
message to the other party. Time stamping can verify that
a recipient received the document. Time stamping is a
critical application that will help make the transition to
electronic legal documents possible.

18
Cryptography Tools

The most common cryptography tools are as follows:

I. Security Token/Authentication Token:

The security token or the authentication token is the one
that is considered as the cryptography tool. Using the
security token, one can authenticate the user and provide
statefulness to the HTTP protocol.

II. CertMgr.exe:
CertMgr.exe is the tool that Microsoft defines as
cryptography tools. The file can be installed as it has the
extension. The file allows you to create and manage the
certificate. Cryptography is used extensively in certificate
managing. The purpose of cryptography in certificate
generation is to ensure that the parties’ data is secure.

III. JCA:
The JCA is the other kind of cryptography tool that helps
us to endorse encryption. JCA can be defined as the
cryptographic libraries in Java. The libraries consist of
predefined functions that should be imported before their
features could be leveraged.

19
Cryptography Tools

IV. Docker:
Docker is used to practice encryption. The docker is a
container that allows the user to develop a large
application within it. The data that is kept inside the
docket as kept in encrypted form. The docker is a
container that lets the user hold their critical information
and kept it safe so that the entire focus can be on
application development. It can also be considered as the
cloud storage that lets us handle the data on a shared or
dedicated server.

V. SignTool.exe:
The signing tool is one of the more important
cryptography tools that Microsoft uses to sign the file.
This application works as the authority that can add a
signature with any of the files. Overall, all of the features
provided by this tool is to ensure the integrity of the file.

VI. Authentication using Key:

The data that is encrypted needs the key to decrypt it. The
normal data is something that could be understood by the
normal user, while the encrypted data is different from
the original data. There are two ways of such encryption:
Symmetric Encryption and Asymmetric Encryption.

20
Trends In Cryptography

There have been many trends in cryptography over the

years and it has been developing rapidly in the current
years. Cryptography tools constantly evolve as
cryptographers and hackers leapfrog each other in
building defenses and overcoming them. Several trends
have decided the future of cryptography over the years.
Some major current trends in cryptography are:

I. Quantum Computers:

Many researchers, industrial labs, and governments are

actively working on developing a quantum computer
which can handle large-scale computation. While
classical computers like phones, tablets, laptops, servers,
and so on store and process information in the form of
bits (strings of zeros and ones), quantum computers
process quantum bits, a two-state quantum-mechanical
system, called qubits. Compared to a ‘regular’ bit, a qubit
can hold a value of one and zero simultaneously. The
theoretical advantage to this is that each qubit can
perform copious processes simultaneously which
dramatically shortens computation times, and permits
calculation of significantly more complex processes. This
is said to be the only proven method for transmitting a
secret key or password over a distance. It functions by

21
Trends In Cryptography

using photons of light to physically move a shared file

between two parties. These photons might be intercepted
by another technology, however they can’t be cloned or
copied. In 2017, the National Institute of Standards and
Technology in the U.S. launched an international multi-
year Post-Quantum Cryptography (PQC) competition to
select cryptographic systems for the future. A post-
quantum cryptosystem is one which is not known to be
breakable in polynomial time (described above) by a full-
scale quantum computer.

22
Trends In Cryptography

II. Blockchain:

Blockchain is a shared, immutable ledger that facilitates

the process of recording transactions and tracking assets
in a business network. Virtually anything of value can be
tracked and traded on a blockchain network, reducing risk
and cutting costs for all involved. Blockchain is a series
of data or transactions (the blocks) connected by
cryptographic signatures stored in shared ledgers and
supported by nodes, which form a network of processes.
Nodes maintain a copy of the entire chain and are
continually updated and kept in sync. It is the same
technology used to secure cryptocurrencies. All network
participants have access to the distributed ledger and its
immutable record of transactions but no participant can
change or tamper with a transaction after it’s been
recorded to the shared ledger. Blockchain shares many
benefits of greater trust, greater security, higher
efficiency, and so on.

23
Trends In Cryptography

III. Homomorphic encryption:

In process of cryptography, we require to encrypt data as

it travels through the internet or while storing in a storage
device and decrypt data to then use it. This creates
security vulnerability. Homomorphic encryption allows
the user to encrypt data and produce encrypted results.
We can process data without decrypting it. Homomorphic
Encryption (HE) refers to a special type of encryption
technique that allows for computations to be done on
encrypted data, without requiring access to a secret
(decryption) key. The results of the computations are
encrypted, and can be revealed only by the owner of the
secret key.Homomorphic encryption differentiates itself
by preserving the structure of the data. It encodes data in
a mathematical object, and then encrypts it in a way that
doesn’t affect the contained information. Homomorphic
encryption can be used to make our searches more private
on search engines. Homomorphic encryption can be used
by highly regulated industries to securely outsource data
to cloud environments or data-sharing partners for
research and analytics since it makes it possible for data
to be analyzed without jeopardising privacy. This can
impact many industries, including financial services,
information technology, healthcare, and more.

24
Problems In Cryptography

Cryptography ensures better security but it is not

impenetrable. With the vast amount of security breaches
and data theft, we can never be completely sure of
security as the cryptographic algorithms are not perfect as
well and may be broken down someday. On top of that,
cryptography also has limited applicability and there can
be many problems in cryptography. Some of the
problems are:

i. Slow commutation over ciphertext. This makes

speeding up the computation an important task.

ii. Limited number of levels (sequentially executed

operations). Hence, increasing the number of
operations that are performed over cyphertext is a
major problem. Every operation performed over
cyphertext adds a small amount of noise, this noise
eventually builds up and becomes intolerable so that
the isomorphism breaks (i.e. the result obtained over
ciphertext does not anymore match the result of the
corresponding operations over plaintext).

iii. Limited number of basic operations. Currently, most

of HE libraries and HE schemes, support only
operations of multiplication and addition. This in turn

25
Problems In Cryptography

limits the number of nonlinear functions that could be

computed over cipthertext. In this stage only
polynomials with a limited number of terms are
implementable. One of the consequences is the
inability to represent efficiently the sign function.

26
Conclusion

Encryption of data is much needed in our modern time

and the latest schemes may necessarily be the best fit.
There are the latest algorithms and techniques being
developed as hackers and eavesdroppers have made it
tough to secure data to the best possible way. Everything
from your smartphone to your banking relies heavily on
cryptography to keep your information safe and your
livelihood secure. By developing a greater understanding
of the common encryption methods and cryptography
algorithms in circulation today, you will be better
equipped to protect yourself from potential cyber attacks
and breaches in data security. Cryptography is going to
enhance more methods in the coming years to make
personal data more secure and it’s standards more reliable.
Although cryptography isn’t perfect, it is necessary to
ensure the continued security of your personal
information. And with the rapidly evolving landscape of
modern data, this topic is more important now than ever
before.

27