Comprehensive Study Guide on Cryptography and Encryption Systems

Fundamental Concepts and Definitions of Cryptography

Etymology: The word "Cryptography" originates from the Greek words kripto (hidden) and grafos (writing).
Definition: Cryptography refers to hidden writing with the clear objective of protecting information and preventing third-party access.
Cryptographic Systems: These are disciplines within mathematics and informatics that study methods for data encryption and the recovery of that cipher (decryption).
Objective: The primary goal is to ensure information security against unwanted persons—those who do not have the right to view or modify data.

Principal Components of Cryptographic Systems

Key (Raktas): Information, a method, a system, or a way that allows for the encryption or decryption of a message. It can involve replacing letters with other letters or specific symbols, various schemes, or complex procedures based on mathematical methods.
Encryption Algorithm (Šifravimo algoritmas): An algorithm used to transform the initial message into an encrypted form using a specific key.
Decryption Algorithm (Iššifravimo algoritmas): An algorithm used to restore the original message from its encrypted form using a key.

Distinguishing Coding from Encryption

Coding (Kodavimas): * Definition: Changing characters of one alphabet into characters of another alphabet. * Goal: To convert information into a different format so it is easily transmitted or understood by systems. * Direction: Used for data management, not for protection. * Purpose: Efficiency and standardization. * Key: Coding does not require any secret key.
Encryption (Šifravimas): * Definition: Encoding information with the specific goal of keeping it secret. * Processes: Involves both encryption (hiding the meaning of information) and decryption (returning data to its original form). * Goal: To ensure data security by turning it into an unintelligible form. * Key: Highly dependent on a key; information can only be decrypted if the key is known. * Purpose: Security and confidentiality.

Security Challenges and Vulnerabilities

Encryption Issues: * Key Management: If the encryption key is lost or stolen, data cannot be decrypted or becomes compromised. Poor key storage is a major security threat. * Low Security Level: Using old or weak algorithms like $MD5$ or $SHA1$ makes data easy to crack. * Resource Consumption: Modern algorithms like $RSA$ (Rivest–Shamir–Adleman) require significant computational power. * Man-in-the-Middle (MITM) Attack: If an attacker intervenes between two communicating parties, they can steal keys or impersonate a legitimate party. * Incorrect Implementation: Using wrong parameters, such as an insufficient key length, compromises security.
Coding Issues: * System Incompatibility: Different systems may use different standards. For example, $UTF-8$ encoding is not always recognized by older software. * Data Loss during Compression: Techniques like $JPEG$ or $MP3$ reduce file size but lose quality. * Format Knowledge Gap: If the encoding method is unknown, decoding becomes difficult.
General Problems: * Learning Difficulty: Complex encryption algorithms require specific expertise to apply correctly. * Human Error: Users may accidentally share keys or use easily guessable passwords. * Lack of Updates: Older systems become insecure over time; for instance, the $DES$ (Data Encryption Standard) cipher is obsolete and easily cracked.

Types of Cryptography

Symmetric Cryptography: This type uses the same keys for both encryption and decryption. Both the sender and the receiver must possess the exact same key to read the message.
Asymmetric Cryptography: This type uses different keys for encryption and decryption. Typically, there is a Public Key available to everyone (used for encryption/verification) and a Private Key (kept secret, used for decryption/signing).

Symmetric Cryptography: Methods and Applications

Classification: * Manual (Non-computerized): Historic methods such as the Caesar cipher or Book cipher. * Computerized: Modern standards such as $AES$ (Advanced Encryption Standard), which is currently one of the most popular symmetric algorithms.
Common Applications: * Data Storage: Encrypted hard drives and cloud storage services where files are encrypted before upload. * Communication: Encrypted messaging (apps), photos, and secure $VoIP$ (Voice over IP) for voice and video. * Network Security: $Wi-Fi$ security protocols like $WPA$ and $WPA2$ (using $AES$ ), and $VPN$ (Virtual Private Networks). * Finance: Electronic payments and $ATM$ transactions. * Industrial Systems: $SCADA$ (Supervisory Control and Data Acquisition) and $ICS$ (Industrial Control Systems) communication. * Media: Encrypted $IPTV$ and broadcasting protocols to prevent unauthorized access. * Automotive: Secure remote control communication between a key fob and a car. * Medical: Protection of sensitive patient data in medical devices.
Pros and Cons: * Pros: Much faster than asymmetric encryption; efficient for large volumes of data; easier to implement. * Cons: Requires a secure way to exchange keys; vulnerable if the secret key is compromised; does not provide authentication or non-repudiation.

Asymmetric Cryptography and Digital Certificates

Mechanism: Uses two mathematically related but distinct keys. Information encrypted with the Public Key can only be decrypted by the corresponding Private Key. It is computationally difficult to derive the private key from the public key.
Digital Certificates: An electronic document confirming the link between a public key and an identifier (e.g., name or organization). These are issued by a trusted third party called a Certificate Authority (CA) and are used to verify identities online.
Common Applications: * Internet Security: $TLS/SSL$ protocols for browser-server communication. * Network Technology: $SSH$ (Secure Shell) for remote server access and $VPN$ . * Email: $PGP$ (Pretty Good Privacy) and $GPG$ (GNU Privacy Guard). * Digital Signatures: Confirming electronic documents and contracts. * Identity: Electronic ID cards and driver's licenses.
Pros and Cons: * Pros: More secure than symmetric methods; public keys can be shared safely; supports authentication via digital signatures. * Cons: Much slower than symmetric encryption; complex implementation and management; requires significantly more processing power.

Historical Facts and Classical Cryptosystems

Ancient Cryptography: The earliest known method is the Caesar cipher, used by Julius Caesar to protect logs/letters.
World War II: The Enigma machine used by the German military was a famous encryption device. It was eventually decrypted with the help of Alan Turing.
Modern Basis: Contemporary algorithms rely on solving difficult mathematical problems, such as prime number factorization or elliptic curves.
Classical Types: * Transposition Ciphers (Perstatų šifras): Characters are rearranged in a new order but not changed. * Substitution Ciphers (Keitinių šifras): Characters are replaced with other characters or symbols.

Detailed Examples of Classical (Manual) Symmetric Ciphers

Backward Writing: The simplest method. Example: "MAŽASIS PRINCAS" (The Little Prince by Antoine de Saint-Exupéry) becomes "SISAŽAM SACNIRP".
Scytale (Skytalė): A ribbon is wound around a wooden rod of a specific diameter. Text is written line-by-line across the ribbon. When unwound, the letters appear scattered. Decryption requires a rod of identical diameter.
Columnar Transposition: Text is written in rows under a numeric key. Example with key " $3124$ " and text "ŠIS TEKSTAS YRA SLAPTAS": * The text is arranged into columns based on the key. * Moving columns according to the numerical order ( $1, 2, 3, 4$ ) creates the cipher: "ISŠTKSETSYARSLAATAPS".
Book Cipher (Knyginis šifras): A specific book/text serves as the key. Participants use page, line, and word/letter numbers to encode messages. * Example: " $21-7-5$ " might mean page $21$ , line $7$ , word $5$ . * Example: To encode "ALGIS IŠVYKO", "A" could be " $27:7:18$ " (Page $27$ , Line $7$ , Position $18$ ).
Grille Cipher (Kvadratų šifras): Uses a square grid (e.g., $16$ squares). A template with $4$ cut-out holes is placed over a square. Four letters are written, then the template is rotated 90^\regular{^\text{o}} to write the next four, until all squares are filled.
Rail Fence Cipher (Geležinkelio tvorelės šifras): Also known as the Zigzag cipher. Words are written diagonally in rows. Example: "LIETUVOS SOSTINĖ VILNIUS" with a diagonal length of $3$ results in the cipher "LUT NITVSSSIEVLISEOONIU".
Rectangle Cipher (Stačiakampis šifras): Text (e.g., Carlo Sandburg's quote "Niekas nevyksta, kol neatsiranda svajonė") is written in equal-length rows, and the cipher is formed by reading the columns as separate words.
Number Substitution: Replacing alphabet letters with consecutive numbers based on their position in the standard Lithuanian alphabet ( $32$ letters).
Grid (Table) Cipher: A $5 \times 9$ grid where the first row is numbered $1-8$ and the first column contains letters $A, B, C, D$ . Lithuanian letters are filled into the remaining cells. A letter is encoded by its coordinates (e.g., $C6, A1$ ). Example: "PAVASARIO BALSAI" encoded as "C6A1D6A1C8A1C7B5C5 A3A1C2A1B5".
Caesar Cipher: Shifts every letter by $3$ positions. * Standard: "susitikime po paskaitos" becomes "VXVLWLNLPH SR SDVNDLWRV". * Lithuanian variation: "LIETUVA" shifted by $3$ results in "OJFŪVAC". * Can be visualized using alphabetical wheels where the inner wheel is rotated.
Vigenère Cipher: Uses a keyword as the key for shifting. Each letter of the key determines the Caesar shift for the corresponding message letter. * Example: Message "AUTOSTEREOGRAMA" with key "KODAS". * Math logic: For "A" ( $0$ ) with key "K" ( $16$ ), result is $0 + 16 = 16$ ("K"). For "U" with key "O" ( $20$ ), the calculation is $(26 + 20) \text{ mod } 32 = 14$ (resulting in "Y").

The Box Metaphor for Asymmetric Encryption

Tools: $3$ boxes, each with two locks ("Public" and "Private"). Each box has $1$ Private key and $3$ Public keys.
Key Exchange: Group A gives its Public keys to Groups B and C. Group A keeps its Private key secret. Groups B and C do the same.
Encryption: If Group A wants to send a secret to Group B, they use Group B's Public key to open B's box, put the message inside, and lock it.
Decryption: Group B uses its unique Private key to unlock its own box and read the secret sent by Group A.
Summary: One key (Public) is used to lock (encrypt) while the other key (Private) is used to unlock (decrypt).