Cryptography

1. Introduction to Cryptography

  • Cryptography is the art and science of keeping information secure, primarily through encoding.

  • Related terms:

    • Cryptanalysis: Breaking codes.

    • Cryptology: The mathematics behind cryptography and cryptanalysis.

2. Objectives of Cryptography

2.1 Confidentiality

  • Only authorized individuals can decode messages.

2.2 Authentication

  • Allows the receiver to verify the origin of the message, such as a password.

2.3 Integrity

  • Ensures the message hasn’t been altered during transmission.

2.4 Non-repudiation

  • Guarantees that a sender cannot deny having sent a message.

3. Basic Definitions

  • Plaintext: The original readable message.

  • Ciphertext: The encoded or encrypted message.

  • Cipher: Algorithm used to transform plaintext into ciphertext.

  • Key: A piece of information only known by the sender and receiver.

    • Encipher (encrypt): Convert plaintext to ciphertext.

    • Decipher (decrypt): Convert ciphertext back to plaintext.

  • Cryptography: Study of encryption methods.

  • Cryptanalysis: Study of deciphering ciphertext without knowing the key.

  • Cryptology: The field encompassing both cryptography and cryptanalysis.

4. Algorithms in Cryptography

4.1 Cryptographic Algorithms

  • Use mathematical functions for encryption and decryption.

  • Can be classified as:

    • Symmetric Algorithms: Same key for encryption and decryption.

    • Asymmetric Algorithms: Different keys (public for encrypting, private for decrypting).

4.2 Symmetric Encryption

  • Also known as conventional/private-key encryption; both parties have a common key.

  • Requires secure key distribution.

4.3 Asymmetric Encryption

  • Public key can be freely distributed; the private key is kept secret.

  • Works like a padlock: anyone can use the public key to lock (encrypt) a message, but only the owner of the private key can unlock (decrypt) it.

5. Classical Substitution Ciphers

5.1 Monoalphabetic Ciphers

  • Each plaintext letter is substituted for a different letter.

  • Example: In a simple Caesar cipher, each letter is shifted by a fixed number.

  • Problem: They can be broken through frequency analysis.

5.2 Polygram Substitution Ciphers

  • Groups of letters (n-grams) are encrypted instead of single letters to enhance security.

5.3 Playfair Cipher

  • Replaces pairs of letters using a 5x5 matrix formed from a keyword.

  • Improved security over monoalphabetic ciphers, but still vulnerable to specific attacks.

5.4 Vigenere Cipher

  • Each letter in the plaintext is shifted based on a corresponding letter in a repeated key.

  • Provides better security than simple substitution.

6. Transposition Ciphers

  • Involves rearranging the order of the symbols in plaintext without changing the symbols themselves.

  • Combines with substitution ciphers for enhanced security.

6.1 Simple Columnar Transposition Cipher

  • The plaintext is written in rows and encrypted by reading by columns.

6.2 Double Transposition Cipher

  • A second transposition is applied to enhance security.

6.3 Rail Fence Cipher

  • A form of transposition cipher that writes messages diagonally across rows and reads each row.

7. Hash Algorithms

  • Produce a fixed-length digest (message digest) from an arbitrary-length message.

  • Examples: MD4 and MD5.

8. Cryptography Tools

8.1 Digital Signatures

  • Enable verification of the authenticity and integrity of a message.

8.2 Digital Certificates

  • Electronic documents that include the public key and user information and are signed by a Certificate Authority (CA).

8.3 Public Key Infrastructure (PKI)

  • A framework for managing digital certificates and public-key encryption.

9. Steganography

  • Hiding secret messages in ordinary documents without altering their apparent content.

10. Protocols for Secure Communications

10.1 SSL (Secure Sockets Layer)

  • Ensures secure communication over the Internet.

10.2 S/MIME (Secure Multipurpose Internet Mail Extensions)

  • Adds encryption and authentication to email messages.

10.3 Pretty Good Privacy (PGP)

  • Provides encryption for emails and files, using a session key that is encrypted with the recipient's public key.

11. Summary

  • Cryptography is essential for securing information.

  • Techniques explored include classical ciphers, hash functions, digital signatures, and protocols for secure communication.