3.1.2 Cryptography

Cryptography Overview

  • Definition: Cryptography is the process of writing or solving messages using a secret code. It contrasts with security through obscurity, which attempts to keep information secret by hiding it.

  • Principle: In cryptography, it is not crucial if third parties know about the existence and location of the secret, as they cannot understand its contents without the means to decode it.

  • Historical Context: Encryption has been employed throughout the ages primarily to safeguard messages from adversaries.

Key Terminology in Cryptography

  • Plaintext (Cleartext): An unencrypted message that can be read without any special means.

  • Ciphertext: An encrypted message that appears unintelligible without the appropriate key.

  • Algorithm: The process used to encrypt and decrypt messages, which defines how the transformation between plaintext and ciphertext occurs.

  • Cryptanalysis: The art of breaking and analyzing cryptographic systems.

Cryptography Goals and Context

  • Objective of IT Security Specialists: The main goal is to ensure data safety against unauthorized access.

  • Challenges: Hackers often find methods to bypass firewalls, Intrusion Prevention Systems (IPS), and other security protocols.

  • Cryptography's Role: Acts as an additional layer of defense against such threats.

The Caesar Cipher

  • Description: One of the most popular forms of encryption.

    • Method: Each letter in the plaintext is shifted a certain number of spaces to the right or left in the alphabet.

    • Example: A shift of three means:

    • A becomes D

    • B becomes E

    • Continues wrapping around the alphabet with X as A, Y as B, and Z as C.

  • Illustration:

    • Original Alphabet: A, B, C, D, E, F, G, H, I, J, K, L, M, N, O, P, Q, R, S, T, U, V, W, X, Y, Z

    • Shifted Alphabet (by 3): D, E, F, G, H, I, J, K, L, M, N, O, P, Q, R, S, T, U, V, W, X, Y, Z, A, B, C

  • Practical Example:

    • To encrypt the word TESTOUT:

    • T -> W, E -> H, S -> V, T -> W, O -> R, U -> X, T -> W

    • Result: TESTOUT becomes WHVWRXW

Encryption Keys in Cryptography

  • Definition: Encryption keys are used to encrypt and decrypt data. They are strings of bits generated randomly using a specific cipher, such as Advanced Encryption Standard (AES).

  • Types of Encryption Methods:

    • Symmetric Encryption: Utilizes the same key for both encryption and decryption processes.

    • Asymmetric Encryption: Employs different keys; a public key for encryption and a private key for decryption.

Hashing in Cryptography

  • Definition: Hashing is converting data into a fixed length using a mathematical algorithm like MD5 or SHA.

  • Characteristics:

    • The output is called the hash.

    • Always generates the same hash for the same input.

    • Changes in the input data (even one character) will produce a different hash, allowing for verification of data integrity.

  • Application: Particularly useful in instances where data does not require decryption, such as password storage.

Password Hashing and Salt

  • Hashing Passwords: Online services often maintain databases containing hashes of common passwords.

  • Salt: A process by which random characters are appended to a password before hashing to enhance security.

    • Example:

    • Password: p@ssw0rd

    • Salt: E1343135E119C253

    • Resulting Hash Input: p@ssw0rdE1343135E119C253

  • Effectiveness: Randomly generated salts make it nearly impossible to create comprehensive databases of all possible salted passwords.

Digital Signatures

  • Definition: A digital signature combines a user’s private encryption key and a hash of the data to create a unique identifier for the message sent.

  • Functions: Verifies the legitimacy of the data and provides non-repudiation, ensuring the sender cannot deny the transmission of the file.

Cryptography Methods

  • Overview: Several cryptographic methods use complex mathematical concepts to generate encryption keys and hashes.

  • Elliptic Curve Cryptography (ECC): A modern cryptographic method generating smaller keys, which can be more secure than traditional methods. Widely adopted for securing connections and data transmissions.

  • Steganography: A technique that conceals data within other media (e.g., images, videos). If intercepted, the hidden data remains undetectable among the non-hidden content.

  • Perfect Forward Secrecy: A method used primarily in messaging applications, where each transmission uses a different unique key, enhancing security against future compromises.