CYBR171 Modern cryptography III - Hashing, Digital Security, and Future Technology | Lecture 8 (Week 3) [From Recording]

Comparison of Symmetric and Asymmetric Encryption Systems

Symmetric key encryption is characterized by the use of a single shared key which is utilized for both the encryption and decryption processes. For example, if a user wants to send an encrypted file to a recipient named Bob, the user must pass the key itself to Bob so that he has the means to unlock the data. The primary advantages of symmetric encryption are that it is exceptionally fast and efficient. However, because only one key is used, these systems are particularly open to brute force attacks. If an unauthorized party obtains the key, they can access all protected data. Generally, the complexity of the symmetrical system used is aligned with the value of the information being protected. Higher value information requires more complicated encryption, which in turn demands greater computational power and processing time.

Asymmetric key encryption, in contrast, involves two distinct parts: one key is used for encryption while an alternative key is used for decryption. This system relies on key pairs, which consist of a public access key and a private access key. Asymmetric encryption requires significantly more computational power and processing compared to symmetric systems. While we may only be discussing a difference of milliseconds, these millisecond delays become substantial when an agent is managing five or six different platforms simultaneously. These systems are inherently slower but provide a layered level of protection on top of standard protocols. In asymmetrical ciphers, the logic focuses on AND pairs, meaning specific combinations of keys are required for the information to be decrypted successfully.

Hybrid systems represent a combination of these techniques. In such a setup, a system might grant low-resource access to a user initially but increase the complexity of the security techniques and ciphers once the user has entered the system. This approach is designed to ensure that the most trusted and important data can be safely conveyed over a network. The design of any cybersecurity system must involve a careful analysis of the actors involved, the specific types of information that need protection, and the appropriate selection of ciphers—either twin-pair asymmetric ciphers for high processing security or single-pair symmetric ciphers for speed.

Integrity, Authenticity, and Non-Repudiation in Transmission

Integrity refers to the certainty that a message remained unchanged during its transmission across a network. A critical concept in maintaining integrity is the demarcation point. This is the specific moment or location in a network where a message stops for a millisecond to confirm relevant keys before passing into the next network segment. The demarcation point is considered the point of risk because it is where one entity's responsibility ends and another's begins. Ensuring integrity requires evaluating the boundaries around the data and the specific encryption techniques applied while the data is in transit or at rest.

Authenticity involves verifying that a message actually originates from the party it claims to be from. This process involves validation to prevent issues such as fake news or AI hallucinations where message content is subtly altered. An example of a failure in authenticity would be a fraudulent message appearing to come from one political party to another and being distributed on social media as truth. Non-repudiation provides proof of origin and ensures the integrity of the message, creating what is known as provenance. Provenance acts as the ultimate evidence to prove the identity of the actors and the validity of the data.

Cryptographic Protocols and System Vulnerabilities

A protocol is essentially a set of rules that a computer system abides by. When data moves from one system to another, it travels through multiple layers of protocols. Generally, different organizations utilize different protocols unless they share the same software architecture. If two different companies use the same poorly organized software protection, such as weak symmetric ciphers, the security of both organizations is jeopardized. A historical example of protocol vulnerability is Windows 95; the system was admired for its speed, but once Microsoft stopped protecting and updating the software, it became vulnerable as attackers developed new methods to break into the platform over time.

Cybersecurity experts must frequently review the rules and the architects behind them. Many organizations rely on systems they do not fully understand. For instance, major banks often utilize outdated technologies dating back to the 1960s. These legacy systems cannot be easily unwrapped or replaced, meaning the banks must constantly fix and patch old protocols to keep the system functioning. This highlights the importance of regular reviews of both the security artifacts and the people who created the rules governing them.

Hashing Functions and Digital Fingerprints

Cryptographic hashes serve as digital fingerprints that convert data into fixed-size strings. Unlike the broader concept of a digital footprint, which refers to infrastructure and organizational logic, a fingerprint is a micro-level identifier for a specific piece of text or data. Hashing is a one-way process, often described through the metaphor of a cow being turned into corned beef; once the data is hashed, it cannot be reversed to its original plain text form. This makes hashes ideal for verifying data and storing passwords securely in digital vaults. Depending on the sensitivity of the data, different levels of vaults and transition codes are used.

Deterministic hashing means that the same input will always produce the same output. While this makes the process very fast and linear, linearity can be a weakness in cybersecurity because it follows a predictable logic. SHA-256 is a member of a family of cryptographic hash algorithms that generates a fingerprint of exactly 32 bytes32 \text{ bytes}, which corresponds to a 256 bit256 \text{ bit} length. It is currently the go-to secure function for password verification and blockchain technology. SHA-3 is another advanced algorithm that uses a shake function, which operates similarly to a three-way handshake in networking to provide a multi-step process of verification. SHA-2 is also used, though it is generally not considered as secure as SHA-3 or SHA-256.

Digital Signatures and Real-World Validation Processes

Digital signatures are used to address the human elements of security by implementing computer protocols that verify authenticity and integrity. In an email system, for instance, a message must meet specific conditions to be delivered. If an email is sent to an invalid receiver or contains corrupt data, the integrity check fails, and the system may return a long string of encrypted text indicating a violation. Most modern platforms, such as Gmail, use these checks to filter messages. If a user is new or the message lacks a valid digital signature, the system identifies it as a threat or low-integrity and sends it to a spam folder.

Validation and provenance are increasingly managed through digital certificates. SSL (Secure Sockets Layer) and TLS (Transport Layer Security) certificates are used to credentialize valid users and distinguish between trusted and suspect visitors. In New Zealand, systems like Digital New Zealand (DINS) require students and users to authenticate their identities through passwords and photo verification to establish provenance. Once a user is validated for the first time, they become a known entity in the system, though they can still be tracked digitally based on how often they access the resources. These advanced practices are essential for managing modern security threats like malware and securing login systems across various platforms.

Questions & Discussion

A student inquired about the nature of QR codes in comparison to passwords. The lecturer explained that QR codes are essentially binary representations of data, created like a fingerprint. Similarly, passwords are binary words that are validated by ASCII characters; the binary sequence represents specific ASCII characters to make them human-readable. While humans rely on ASCII, computer-to-computer interactions can occur using non-ASCII values. Another question concerned the relationship between binary numbers and system policy. The lecturer clarified that there is a deep relationship between the binary data structures and the security policies governing them, as the exact sequencing of binary must be met for a specific security action to occur.