JIGJIGA UNIVERSITY

Chapter Two
Cryptograpghy

1
• What is Cryptography?
Cryptography is technique of securing information and communications
through use of codes so that only those people for whom the information is
intended can understand it and process it.

• It is the study of securing communications from outside observers.

The prefix “crypt” means “hidden” and suffix “graphy” means “writing”.
Which altogether gives the meaning “Hidden Writing”.
 Cryptography algorithms take the original message, or plaintext, and converts it into
ciphertext, which is not understandable. The key allows the user to decrypt the message, thus
ensuring on they can read the message.

Cryptography techniques which are used to protect information are obtained from
mathematical concepts and a set of rule based calculations known as algorithms to convert
messages in ways that make it hard to decode it.

These algorithms are used for cryptographic key generation, digital signing, verification to
protect data privacy, web browsing on internet and to protect confidential transactions such as credit
card and debit card transactions.
 Objectives of Cryptography
•Cryptography focuses on four different objectives:
1. Confidentiality: Confidentiality ensures that only the intended recipient can decrypt the
message and read its contents.
2. Non-repudiation: Non-repudiation means the sender of the message cannot backtrack in
the future and deny their reasons for sending or creating the message.
3. Integrity: Integrity focuses on the ability to be certain that the information contained within
the message cannot be modified while in storage or transit.
4. Authenticity: Authenticity ensures the sender and recipient can verify each other’s
identities and the destination of the message.
•These objectives help ensure a secure and authentic transfer of information.
 Techniques of Cryptography

• In today’s age of computers cryptography is often associated with the process where an

ordinary plain text is converted to cipher text which is the text made such that intended

receiver of the text can only decode it

• Encryption: is a process of converting normal data into an unreadable form.

• is done by the person who is sending the data to the destination.

• Decryption: is a method of converting the unreadable/coded data into its original form.

• is done at the person who is receiving the data.

• What is Cryptanalysis?
Cryptanalysis is the study and process of analyzing and decrypting ciphers,
codes, and encrypted text without using the real key.

Alternately, we can say it’s the technique of accessing a communication’s

plain text content when you don’t have access to the decryption key.

Put simply, cryptanalysis is the practice, science, or art of decrypting

encrypted messages.
 Types of Cryptography

•Cryptography can be broken down into three different types:

 Secret Key Cryptography

 Public Key Cryptography

 Hash Functions
 1. Secret Key Cryptography

Secret Key Cryptography, which is also known as symmetric cryptography,

uses a single key to encrypt data. Both encryption and decryption in symmetric
cryptography use the same key, making this the easiest form of cryptography.

The cryptographic algorithm utilizes the key in a cipher to encrypt the data,
and when the data must be accessed again, a person entrusted with the secret key
can decrypt the data.
 Secret Key Cryptography can be used on both in-transit and at-rest data, but
is commonly only used on at-rest data, as sending the secret to the recipient of the
message can lead to compromise.

Examples:
 AES

 DES

 Caesar Cipher
 2. Public Key Cryptography

Public Key Cryptography, or asymmetric cryptography, uses two keys to encrypt

data. One is used for encryption, while the other key can decrypts the message. Unlike
symmetric cryptography, if one key is used to encrypt, that same key cannot decrypt the
message, rather the other key shall be used.

One key is kept private, and is called the “private key”, while the other is shared
publicly and can be used by anyone, hence it is known as the “public key”.

The mathematical relation of the keys is such that the private key cannot be derived
from the public key, but the public key can be derived from the private.
 The private key should not be distributed and should remain with the owner
only. The public key can be given to any other entity.
Examples:

 ECC

 Diffie-Hellman

 DSS
 3. Hash Function

A hash function is a mathematical function that converts a numerical input

value into another compressed numerical value. The input to the hash function is of
arbitrary length but output is always of fixed length.

Values returned by a hash function are called message digest or simply hash
values.

Hash functions are irreversible, one-way functions which protect the data, at
the cost of not being able to recover the original message.
 Hashing is a way to transform a given string into a fixed length string. A
good hashing algorithm will produce unique outputs for each input given.

The only way to crack a hash is by trying every input possible, until you get
the exact same hash. A hash can be used for hashing data (such as passwords) and in
certificates.
One of the most famous hashing algorithms is:

 MD5
 Advanced Encryption Standard

• The AES algorithm (also known as the Rijndael algorithm) is a symmetrical

block cipher algorithm that takes plain text in blocks of 128 bits and converts
them to ciphertext using keys of 128, 192, and 256 bits.

• It was developed in 2001. As triple-DES was found to be slow, AES was created
and is six times faster than the triple DES. It is one of the most widely used
symmetric block cipher algorithm used nowadays. It works on bytes rather than
bits.
 Data Encryption Standard

• Data Encryption Standard (DES) is a block cipher algorithm that takes plain text in
blocks of 64 bits and converts them to ciphertext using keys of 48 bits. It is a
symmetric key algorithm, which means that the same key is used for encrypting and
decrypting ​data.

• . It is a multi-round cipher that divides the full text into 2 parts and then work on each
part individually.

• It includes various functionality such as Expansion, Permutation, and Substitution,

XOR operation with a round key.
 Key Management and Exchange
• key Management
• is the process of putting certain standards in place to ensure the security of
cryptographic keys in an organization. Key Management deal with the creation,
exchange, storage, deletion, and refreshing of keys. They also deal with the
members access of the keys.
• Key management forms the basis of all data security. Data is encrypted and
decrypted via the use of encryption keys, which means the loss or compromise
of any encryption key would invalidate the data security measures put into place.
 Keys also ensure the safe transmission of data across an Internet connection.
With authentication methods, like code signing attackers could pretend to be a
trusted service like Microsoft, while giving victim’s computers malware, if they
steal a poorly protected key. Keys provide compliance with certain standards and
regulations to ensure companies are using best practices when protecting
cryptographic keys. Well protected keys are only accessible by users who need
them.
• Diffie-Hellman key exchange

Also known as exponential key exchange is a method of digital encryption that

securely exchanges cryptographic keys between two parties over a public channel

without their conversation being transmitted over the internet.

It is one of the first practical implementations of asymmetric encryption or public-

key cryptography (PKC). It was published in 1976 by Whitfield Diffie and Martin

Hellman. Other contributors who are credited with developing DH include Ralph Merkle

and researchers within the United Kingdom’s intelligence services (c. 1969).
Thank
Thank You
You ...
...