Introduction to Cryptography

Cryptography is the art and science of secret writing, integral to

protecting information in digital communication. Its primary goals are
ensuring Confidentiality, Integrity, Authentication, and Non-
Repudiation—often abbreviated as CIAN. Historically, cryptographic
techniques have evolved from simple methods like the Caesar cipher
used by Julius Caesar to complex machines such as the Enigma used in
World War II.

Understanding these foundational concepts sets the stage for exploring

how cryptography secures modern network communications, ensuring
data stays private and genuine.

AM
Eng. Abdikani Mohamoud
Basic Terminology in
Cryptography
Plaintext & Ciphertext Key & Encryption
Plaintext is the original A key is a secret value used to
readable message, while convert plaintext into
ciphertext is the encrypted ciphertext through encryption,
form that hides information making the data unreadable
from unauthorized users. without the proper key for
decryption.

Decryption & Cryptanalysis

Decryption reverses encryption to recover the original message.
Cryptanalysis involves techniques to break encryption and reveal
plaintext without the key.
Types of Cryptography
Symmetric-Key Asymmetric-Key Hashing
Cryptography Cryptography
Hashing generates a fixed-size
This method uses a single key shared Here, a pair of keys is used—a public message digest from data using a
by sender and receiver for both key for encryption and a private key one-way function. It is essential for
encryption and decryption. It is fast for decryption. This solves key data integrity and password storage
but faces challenges in secure key distribution but is computationally but is not reversible.
distribution. slower.
Symmetric-Key
Cryptography Explained
Same Key Usage Advantages
Both encryption and Fast algorithms like AES and
decryption require the DES enable quick data
same secret key, making it protection, suitable for real-
efficient for encrypting time communication and
large volumes of data bulk data encryption.
rapidly.

Disadvantages
Distributing and managing the secret keys securely among
multiple parties is complex, posing security risks if keys are
intercepted.
Data Encryption
Standard (DES)
Legacy Block Cipher Security Concerns
DES uses a 56-bit key and Advancements in
was widely adopted during computing power made DES
the 1970s for secure vulnerable to brute-force
communication, marking a attacks, with keys becoming
milestone in modern too short to ensure long-
cryptography. term security.

Current Usage
Today, DES is mostly obsolete, replaced by stronger algorithms
like AES, though it still serves educational and legacy system
purposes.
Advanced Encryption Standard (AES)
Modern Block Cipher Highly Secure Widely Adopted

AES supports key sizes of 128, 192, Considered secure against all known Used in protocols like TLS, VPNs, and
and 256 bits, offering scalable security practical attacks, AES is a cornerstone disk encryption, AES has been
suitable for a variety of applications. of modern cryptography. standardized by NIST to replace DES.
Symmetric Key Modes of Operation
ECB CBC CTR & GCM
Encrypts each block Introduces chaining where each CTR transforms block cipher into
independently but leaks block depends on the previous, a stream cipher; GCM adds
patterns, limiting security in enhancing security against authentication, providing data
many scenarios. pattern attacks. integrity alongside
confidentiality.
Asymmetric-Key
Cryptography
Public and Private Benefits
Keys
Resolves the key distribution
A key pair consisting of a problem and supports digital
public key for encryption and a signatures for authentication
private key for decryption and non-repudiation.
enables secure
communication without prior
secret exchange.

Limitations
Asymmetric operations are computationally intensive and slower
compared to symmetric algorithms.
RSA Algorithm
Based on Large Number Key Generation Encryption & Decryption
Factoring
Involves creating a public key and a Encryption uses the recipient’s
RSA’s strength relies on the difficulty private key linked mathematically to public key, while decryption requires
of factoring the product of two large each other but computationally the private key, ensuring
prime numbers, foundational for its infeasible to derive from one another. confidentiality and authenticity.
security.
Elliptic Curve
Cryptography (ECC)
Modern Advantages
Asymmetric
Smaller keys mean faster
Method
computation, reduced
ECC uses algebraic power consumption, and
structure of elliptic curves efficiency ideal for mobile
over finite fields, providing and IoT devices.
robust security with smaller
key sizes than RSA.

Applications
Used in TLS/SSL protocols, secure messaging, digital signatures
(ECDSA), and key exchange methods like ECDH.
Key Exchange Algorithms

Authenticated Key Exchange

Man-in-the-Middle Risks
Uses digital signatures and certificates
Diffie-Hellman Key Exchange
This exchange is vulnerable to to verify identities, preventing
Enables two parties to establish a interception and impersonation unless unauthorized interception during key
shared secret over an insecure channel authentication is added. exchange.
without prior secrets.
Cryptographic Hash
Functions
One-Way Function Key Properties
Transforms input data into Preimage resistance, second
fixed-size hash output, which preimage resistance, and
is computationally infeasible collision resistance ensure
to reverse or reproduce. data integrity and security.

Common Uses
Hashes verify data integrity, store passwords securely, and play a
critical role in digital signatures.
Secure Hash Algorithm (SHA)
SHA-256 SHA-3 Collision Resistance

Part of the SHA-2 family outputs a Uses Keccak sponge algorithm, Though theoretical collisions exist,
256-bit hash, widely used in offering an alternative design practical attacks remain
blockchain technology and security providing similar or enhanced computationally prohibitive,
protocols. security. maintaining confidence in SHA
algorithms.
Digital Signatures
Purpose Signing Process
Ensure both authenticity The sender hashes the
and integrity by allowing message and encrypts the
recipients to verify sender hash with their private key,
identity and confirm creating a signature unique
message was not altered. to the message and sender.

Verification
The recipient decrypts the signature using the sender's public key
and compares the hash to the received message to authenticate
it.
Digital Signature Standard (DSS)
DSA ECDSA Applications

Defines the Digital Signature A variant using elliptic curves offering Widely used for software updates,
Algorithm used in DSS, standardized faster and smaller signature sizes with secure emails, and code signing to
for government and commercial equivalent security. ensure authenticity and non-
applications. repudiation.
Cryptography in Network
Security
Secure Data at Rest and in
Communication Transit
Channels
Encryption safeguards
Cryptography protects data stored data on devices and
transmission against during transfer, preserving
interception and tampering confidentiality from
on public and private unauthorized access.
networks.

Authentication and Access Control

Ensures only legitimate users and devices gain access, preventing
unauthorized use and enhancing network integrity.
Transport Layer Security
(TLS/SSL)
Handshake Protocol
Establishes cryptographic parameters including cipher suite and
authenticates the server with digital certificates.

Record Protocol
Encrypts application data using symmetric keys negotiated
during the handshake for confidentiality and integrity.

Version Evolution
Advances from SSL to TLS 1.2 and now TLS 1.3 improve
security, speed, and resistance to attacks.
Virtual Private Networks
(VPNs)
Secure Data Tunnels Protocols
VPNs create encrypted tunnels Protocols like IPsec and
over public networks, OpenVPN control encryption,
shielding sensitive data from authentication, and data
eavesdropping and integrity during transmission.
interception.

User Authentication
VPNs verify user and device identity to prevent unauthorized access
to protected network resources remotely.
Wireless Security with WPA3
Enhanced Improved Protected Transition Mode
Encryption Authentication Management
Allows coexistence with
Frames
WPA3 provides stronger Features like Simultaneous older devices while
data protection through Authentication of Equals These frames prevent upgrading network
192-bit security and (SAE) replace WPA2’s Pre- eavesdropping and security gradually.
improved encryption Shared Key, mitigating tampering with critical
protocols over previous password guessing attacks. network management
standards. communications.
Conclusion & Future
Trends in Cryptography
Essential Role Strong Algorithms &
Key Management
Cryptography remains a
cornerstone of network Proper selection of secure
security, underpinning algorithms and disciplined
confidentiality, key handling are vital to
authentication, and data resist evolving threats.
integrity.

Emerging Technologies
Quantum cryptography and homomorphic encryption promise
revolutionary advances, enabling new paradigms in secure
communication and computation.