#### Introduction of Cryptography

• Cryptography has been used for centuries, from ancient civilizations that used secret codes and ciphers to protect their messages, to modern-day applications that rely on advanced mathematical algorithms and techniques.
• With the increasing reliance on digital communication and the rapid growth of the internet, cryptography has become more important than ever.

#### Definition of Cryptography

• Cryptography is a fundamental tool in information security that provides a powerful means of protecting sensitive information, securing communication, and ensuring the authenticity and integrity of data in the digital age.
• Cryptography is the branch of computer science to makes secure communication between two bodies by converting plain text message or information into a human unreadable/coded format (called cipher text, which is a form of encrypted text) using various algorithmic techniques, protocols, and methods for hiding information from unauthorized access or modification.
• Cryptography is an essential tool in the field of information security and plays a critical role in securing communication, protecting sensitive data, and ensuring the privacy and confidentiality of information.

#### Features of Cryptography

• Cryptography involves the use of encryption and decryption techniques to convert plain text into a coded message that can only be accessed and understood by authorized parties who possess the appropriate decryption key or password.
• The security of the encrypted data depends heavily on the strength of the encryption algorithm and the security of the encryption keys.

#### Terminology of Cryptography

###### Plain Text
• The original message/text before it is encrypted.
###### Cipher
• A mathematical algorithm is used for encryption and decryption.
###### Cipher Text:
• The coded message that is produced after encryption.
###### Key
• A piece of information used in encryption and decryption algorithms to transform plain text into coded messages and vice-versa.
###### Steganography
• The way of hiding secret information within a non-secret message or file or objects to prevent detection
###### Encryption
• Encryption is the process of converting plain or readable data into a coded format/secret code or cipher text, that is unreadable without the correct decryption key
• Encryption algorithms use mathematical functions to transform the data in such a way that only authorized parties with the decryption key can read it.
• The purpose of encryption is to protect the confidentiality and privacy of the data being transmitted or stored.
• It is an important tool for encryption i.e. protecting sensitive/confidential information and maintaining the privacy and security of data from unauthorized access or use.
• There are many different types of encryption, but they can generally be divided into two categories: symmetric encryption and asymmetric encryption, which work similarly to cryptography.
• Encryption is widely used in many different areas, including online communications, data storage, online banking, and e-commerce transactions.
###### Decryption
• Decryption is the process of converting encrypted data back into its original form using a secret key or password.
• To decrypt ciphertext, the same key or password that was used to encrypt the data must be used.
• The decryption process reverses the encryption process by using the key to transform the ciphertext back into plain text or original data.
• There are several types of encryption algorithms used for encryption and decryption, including symmetric-key encryption and asymmetric-key encryption.
• Decryption plays a critical role in protecting data from unauthorized access and ensuring the confidentiality and integrity of sensitive information.
###### CryptoSystem
• A collection of cryptographic algorithms and protocols used to secure communications.
###### Cryptanalysis/Cryptology
• Cryptanalysis has a long history, dating back to ancient times when people used simple substitution ciphers to encode messages.
• Cryptanalysis is the study of analyzing and deciphering codes, ciphers, and other encryption methods to break their security and understand their hidden messages without the intended key.
• It involves techniques and methods for deciphering encrypted messages or codes without having access to the key used to encrypt the message.
• Cryptanalysis can be performed on various types of cryptographic systems, including classical ciphers, modern cryptographic algorithms, and cryptographic protocols.
• The goal of cryptanalysis is to discover weaknesses in the cryptographic system that can be exploited to decrypt messages without the key. In other words, it is often used in the field of cryptography to test the strength of encryption algorithms and to develop new methods for securing sensitive information.
• Some common techniques used in cryptanalysis include frequency analysis, brute force attacks, differential cryptanalysis, linear cryptanalysis, and known-plaintext attacks. In frequency analysis, the frequency distribution of letters or other symbols in the ciphertext is analyzed to gain information about the key used to encrypt the message. In a brute-force attack, every possible key is tried until the correct one is found. In a known plaintext attack, the attacker has access to some known plaintext and ciphertext pairs and uses them to deduce information about the key.
• Cryptanalysis plays an important role in modern cryptography as it helps to identify weaknesses in cryptographic systems and improve their security. It is also used by intelligence agencies and law enforcement to decrypt messages and gather intelligence.

#### Types of Cryptography

There are various types of cryptography techniques, such as symmetric key cryptography, asymmetric key cryptography, hash functions, and digital signatures. Each type of cryptography technique has its strengths and weaknesses, and they are used based on the specific security requirements of a system. These are as follows: –

• ##### Symmetric Cryptography: [Symmetric Encryption]
• In symmetric cryptography, the same key is used for both encryption and decryption purposes i.e., both the sender and the receiver/recipient of the message have the same key in order to access the encrypted information.
• The public key is shared between the sender and receiver in advance of communication.
• The most common symmetric encryption algorithms include Advanced Encryption Standard (AES), Data Encryption Standard (DES), and Triple Data Encryption Standard (3DES).
• ##### Asymmetric Cryptography/Public Key Cryptography: [Asymmetric Encryption]
• In asymmetric cryptography, there are two separate keys, called a public key and a private key, the public key is used to encrypt the data(encryption), while the private key is used to decrypt it(decryption). In other words, anyone can encrypt data using the public key, but only the authorized person with the private key can decrypt it.
• In this, the public key can be shared with anyone, while the private key must be kept secret. Here, key exchange protocols are used to securely exchange keys between two parties.
• Here, the sender encrypts the message with the recipient’s public key, and the recipient decrypts the message with their private key.
• This concept is used in digital signatures, secure email, and secure web browsing.
• The most common asymmetric encryption algorithm is RSA and ECC (Elliptic Curve Cryptography).
• ##### Hash Function:
• A hash function is a mathematical function that takes in data of arbitrary size and produces a fixed-size output, typically a sequence of bytes or a hash value.
• The output generated by the hash function is often referred to as a hash code, digest, or checksum.
• Hash functions are used in cryptography, data integrity checks, digital signatures, and many other applications.
• The main characteristics of a good hash function are:
1. Deterministic: For the same input, the hash function should always produce the same output.
2. Uniformity: The output should be uniformly distributed across the output space.
3. Collision resistance: It should be difficult to find two different inputs that produce the same hash value.
4. Avalanche effect: A small change in the input should produce a significant change in the output.
5. Efficiency: It should be computationally efficient to compute the hash value for any given input.
6. Non-invertibility: It should be computationally infeasible to derive the original input data from its hash value.
• Examples of popular hash functions include MD5, SHA-1, SHA-2, SHA-3, SHA-256 etc. However, some of these functions are vulnerable to attacks, and newer, more secure hash functions are now recommended.
• ##### Digital Signature:
• A digital signature is a mathematical technique used to verify the authenticity and integrity of digital documents, messages, or software.
• A digital signature is a cryptographic mechanism used to verify the authenticity, integrity, and non-repudiation of digital messages or documents.
• It is a mathematical scheme for demonstrating the authenticity of a digital message or document and verifying that it has not been tampered with.
• It is a type of electronic signature that is based on public key cryptography and provides a way to ensure that a message or document has not been tampered with and that it was indeed sent by the claimed sender.
• To create a digital signature, the sender uses a private key to encrypt a hash or summary of the message. The recipient can then use the sender’s public key to decrypt the hash and verify that it matches the original message. If the hash values match, it proves that the message has not been altered in transit and that it was indeed sent by the claimed sender.
• Digital signatures are commonly used in electronic transactions, such as online banking, e-commerce, and secure email communication. They are also used in software distribution to ensure that the software has not been modified or infected with malware.
• Benefits of Digital signatures :

1. Authenticity: Digital signatures verify the identity of the sender and ensure that the message has not been tampered with.
2. Digital signatures are used to ensure the authenticity of messages.
3. Integrity: Digital signatures assure that the message has not been altered in transit.
4. Non-repudiation: Digital signatures prevent the sender from denying that they sent the message, as the signature provides proof of the sender’s identity and intent.
5. Security: Digital signatures are difficult to forge, making them a secure way to authenticate digital documents and messages.

Working Mechanism :

Digital signatures are created using a combination of a hash function and a private key. The message or document is first hashed, resulting in a fixed-length string of characters that represents the message in a unique and compact form. The private key is then used to encrypt the hash value, resulting in a signature. The signature is appended to the message or document and sent to the recipient along with the signer’s public key.

To verify the signature, the recipient uses the signer’s public key to decrypt the signature and obtain the original hash value. The recipient then computes the hash value of the received message or document and compares it with the decrypted hash value. If the two values match, the recipient can be confident that the message or document has not been altered since it was signed and that it originated from the signer.

#### Advantages of Cryptography

• Cryptography makes communication secure through the use of mathematical algorithms and techniques to convert plain text into a coded message, which can only be accessed and understood by authorized parties who possess the appropriate decryption key or password.
• The primary goal of cryptography is to ensure confidentiality, integrity, and authenticity of data (authentication), and non-repudiation of data and to prevent unauthorized access, modification, or disclosure of sensitive information. Confidentiality refers to the protection of data from unauthorized access, while integrity is about maintaining the accuracy and consistency of data. Authentication is the process of verifying the identity of the sender, while non-repudiation means that the sender cannot deny sending the message.

#### Disadvantages/Drawbacks/Limitations of Cryptography

While cryptography provides numerous benefits in securing communication and protecting data, there are also some potential disadvantages which are as follows:-
1. Complexity: Cryptography algorithms can be complex and difficult to implement correctly, which can lead to vulnerabilities if they are not properly configured or used.
2. Key Management: Cryptography relies heavily on key management, which can be challenging to maintain and protect, particularly when dealing with large-scale systems or long-term data storage.
3. Performance Impact: Cryptography algorithms can add significant overhead to computing systems, leading to performance degradation and increased processing time.
4. Dependence on algorithms: Cryptography algorithms are vulnerable to advances in technology and computing power, which can weaken the security of the encryption and decryption processes.
5. Malicious use: Cryptography can also be used for malicious purposes, such as hiding illegal activities or communicating secretly within criminal organizations.

#### Use/Applications of Cryptography

Cryptography has many real-world applications, such as –

• Securing communication channels
• Protecting confidential information
• Ensuring secure transactions over the internet.
• Used to protect sensitive information such as credit card numbers, passwords, and personal data in online transactions, secure communications in emails and instant messaging.
• Ensure the authenticity and integrity of digital signatures

#### DES(Data Encryption Standard) Encryption

##### History
• DES stands for ‘Data Encryption Standard’ and was developed by IBM in the 1970s and later standardized by the National Institute of Standards and Technology (NIST) in 1977.
##### Definition
• DES is a symmetric-key encryption algorithm that uses a Block cipher mechanism in which it converts a fixed-size block of plaintext data into cipher text.
• DES (Data Encryption Standard) is a symmetric-key block cipher algorithm that encrypts data in 64-bit blocks using a 56-bit key.
##### Working Mechanism
• DES uses a 56-bit key to encrypt and decrypt data. The key is used to create a set of 16 subkeys, each of which is 48 bits long. The encryption process involves applying a series of mathematical operations to the plaintext using the subkeys in a specific order.
• The plaintext data is divided into blocks of 64 bits, and each block is encrypted separately. The encryption process involves several rounds of substitution and permutation operations on the bits of the plaintext. During each round, a different subkey is used to modify the plaintext.
• The result of each round is then used as input to the next round until all 16 rounds have been completed. The final output is the ciphertext, which is the encrypted form of the plaintext.
##### Limitations
• Despite its widespread use in the past, DES is no longer considered secure for modern cryptography due to its small key size. Several attacks have been developed over the years that can recover a DES key in a reasonable amount of time, making it vulnerable to brute-force attacks. As a result, it has been replaced by more secure encryption algorithms such as AES (Advanced Encryption Standard).

##### History
• RSA stands for Rivest-Shamir-Adleman and was first introduced in 1977 by Computer Scientists Rivest(American)-Shamir(Israeli) and Adleman(American).
• Together, Rivest, Shamir, and Adleman published their seminal paper on RSA in 1978, which laid the foundation for modern public-key cryptography.
• They were awarded the Turing Award in 2002, which is considered the highest honor in computer science, for their contributions to cryptography.
##### Definition
• RSA is a public-key cryptosystem used to secure data transmission and digital signatures.
##### Working Mechanism
• RSA encryption works by using two keys – a public key and a private key. The public key is used for encryption, while the private key is used for decryption. The two keys are mathematically related but cannot be derived from each other, making it difficult for an attacker to recover the private key even if they know the public key.
• To encrypt a message using RSA, the sender first obtains the recipient’s public key. The sender then converts the message into a numerical value and raises it to the power of the recipient’s public key, modulo a large prime number. This produces the encrypted message, which can only be decrypted by the recipient’s private key.
• To decrypt the message, the recipient raises the encrypted message to the power of their private key, modulo the same large prime number used for encryption. This produces the original message, which can only be obtained with the corresponding private key.
##### Limitations
• RSA is vulnerable to certain attacks, such as the factorization of large prime numbers, which could compromise the security of the system. Therefore, it is important to use appropriate key sizes and implementation techniques to ensure the security of the RSA cryptosystem.
##### Use/Application
• RSA is widely used in many applications, such as –
• To make communication protocols secure
• To make digital signatures secure
• To make storage of sensitive data secure

Categories: Cyber Security