Introduction To Cryptography PDF

Summary

This document provides an introduction to cryptography, covering its fundamentals, history, and various applications. It details different aspects of cryptography, along with its classification and types of attacks.

Full Transcript

CSF 3603 Cryptography and Network Security Week #1 Introduction to Cryptography Alignment to CLOs CLO1: Demonstrate an understanding of cryptography fundamentals and encryption techniques Lesson Objectives After completing this lesson and its assoc...

CSF 3603 Cryptography and Network Security Week #1 Introduction to Cryptography Alignment to CLOs CLO1: Demonstrate an understanding of cryptography fundamentals and encryption techniques Lesson Objectives After completing this lesson and its associated activities, you will be able to:  Define the basic terminologies used in cryptography  Describe the History of cryptography  Explain the need of cryptography for protecting data  Discuss the classification of cryptography  Explain the various attacks on encrypted text What is Cryptography Cryptography is the science and art of securing information by transforming it into an unreadable format, only accessible to those who possess a secret key.  Encryption is the principal application of cryptography.  It uses an algorithm called a cipher and a secret value called the key.  If the key is not known, the message can’t be decrypted nor can you learn any information on the encrypted message. Basic Terminology  Plaintext  Cryptography – The original message – Study of encryption  Ciphertext  Cryptanalysis – The coded message – Techniques used for  Cipher deciphering a message – Algorithm for transforming without any knowledge of the plaintext to ciphertext enciphering details  Enciphering or encryption  Key – Process of converting from – A string of numbers or letters, plaintext to ciphertext when processed through a cryptographic algorithm, can  Deciphering or decryption encrypt or decrypt data. – Restoring the plaintext from the ciphertext Brief History of Cryptography Ancient Times: Caesar Cipher: One of the earliest known ciphers used by Julius Caesar, involving simple letter substitution. Middle Ages: Vigenère Cipher: A cipher that uses a keyword to shift letters. Digital Age: Development of computer-based cryptographic algorithms like RSA, DES, and AES. Brief History of Cryptography Classical vs. Modern Ancient/Classical Aspect Modern Cryptography Cryptography Securing war/political Purpose Broad use in secure communications & data protection messages Substitution & transposition Methods Symmetric & asymmetric algorithms, hash functions ciphers Key Management Manually shared single keys Digital key management systems (e.g., PKI) Security Basis Obscurity & simplicity Computational hardness & mathematical rigor Frequency analysis, brute Attacks Side-channel attacks, cryptanalysis, quantum threats force Digital Number or bits (0s and 1s)(internet, wireless Medium Physical (scrolls, letters) networks) Algorithm Complexity Simple, manual Complex, requiring computers Short (e.g., single letter Key Length Long (e.g., 128-bit, 256-bit keys) shifts) Physical security, method Confidentiality Algorithmic strength, secure key distribution secrecy Examples Caesar Cipher, Scytale RSA, AES, TLS/SSL protocols Public Awareness Known to select few Widely known and implemented Data Protection and the Need for Cryptography Importance: 1. Confidentiality: Ensures that information is accessible only to those authorized to have access. 2. Integrity: Ensures that information is not altered in an unauthorized manner. 3. Authentication: Verifies the identity of users and systems. 4. Non-repudiation: Prevents either sender or receiver from denying a transmitted message Applications of Cryptography 1. Secure Communication: Protecting data transmitted over networks (e.g., SSL/TLS, VPNs). 2. Data Storage: Encrypting data at rest (e.g., full-disk encryption, encrypted databases). 3. Authentication Systems: Verifying user identities (e.g., two-factor authentication, biometrics). 4. Financial Transactions: Securing online banking and e-commerce. Classification of Cryptography 1. Symmetric-Key Cryptography: I. Description: Uses the same key for both encryption and decryption. II. Examples: DES, AES. III. Advantages: Faster and efficient for large amounts of data. IV. Disadvantages: Key distribution and management can be challenging. 2. Asymmetric-Key Cryptography: I. Description: Uses a pair of keys – a public key for encryption and a private key for decryption. different keys II. Examples: RSA, ECC. III. Advantages: Enhanced security and solves key distribution problem. IV. Disadvantages: Slower than symmetric-key Classification of Cryptography 3. Hash Functions: I. Description: Produces a fixed-size hash value from input data, used for ensuring data integrity. II. Examples: MD5(Insecure), SHA-256. III. Advantages: Fast and efficient, useful for verifying data integrity. IV. Disadvantages: Not suitable for encryption/decryption. Types of Attacks on Encrypted text 1. Cryptanalysis: Techniques to decipher encrypted data without knowing the decryption key. Types of Attacks on Encrypted 2. Brute-Force Attack: Exhaustive search of all possible keys to decrypt data.  Time-consuming depending on key length and computational power.  Mitigation strategies: Use of longer keys, key strengthening techniques. Types of Attacks on Encrypted 3. Known Plaintext Attack:  Attacker has access to pairs of plaintext and corresponding ciphertext.  Goal is to deduce the encryption key or gain insights into the encryption algorithm.  Mitigation strategies: Ensure encryption algorithms are resistant to known plaintext attacks. Types of Attacks on Encrypted 4. Chosen Plaintext Attack  Attacker can choose plaintext and obtain corresponding ciphertext.  Helps in understanding encryption algorithm behavior or obtaining the encryption key.  Mitigation strategies: Use of randomized padding or secure encryption modes. Types of Attacks on Encrypted 5. Chosen Ciphertext Attack  Attacker can choose ciphertext and obtain corresponding plaintext.  Often used to decrypt specific ciphertexts or gain insights into the encryption process.  Mitigation strategies: Use of authenticated encryption modes, validation checks.

Use Quizgecko on...
Browser
Browser