Sunteți pe pagina 1din 11

Cryptography Concepts and Techniques – Unit 1 1

Cryptography Concepts and Techniques – Unit 1

Timothy R. Murphy

Kaplan University
Cryptography Concepts and Techniques – Unit 1 2

Table of Contents

Abstract Page 3

Part One: Purpose of Cryptography Page 4

Part Two: Three Cryptographic Techniques Page 4

Part Three: Where Cryptographic Techniques Cannot Be Used Page 8

Part Four: Mathematics Page 9

Part Five: Conclusion Page 10

References Page 11
Cryptography Concepts and Techniques – Unit 1 3

Abstract

This paper identifies three cryptographic techniques, three threats that cannot utilize

cryptographic techniques, and the importance mathematics plays in cryptographic techniques.


Cryptography Concepts and Techniques – Unit 1 4

Cryptography Concepts and Techniques- Unit 1

Part One: Purpose of Cryptography

Cryptography is the science of writing in secret code and it is an ancient practice.

(Kessler, 1998) The first known use of cryptography in writing dates back to 1900 B.C. when an

Egyptian scribe did not use hieroglyphics in an inscription. (Kessler, 1998) Some people argue

that cryptography appeared right after writing was invented, with writing ranging from

diplomatic documents to war-time battle plans. (Kessler, 1998) Just like writing, cryptography

came right after the development of computer communications. In data and telecommunication

cryptography is an important aspect when communicating over a medium that is not trusted,

especially the Internet and any type of network. (Kessler, 1998)

When it comes to any communication between applications there are particular security

requirements that are necessary, which include 1) authentication, 2) privacy and confidentiality,

3) integrity, and 4) non-repudiation. (Kessler, 1998)

Cryptography is not just for data protection but it can also be used for user authentication.

There are three types of cryptographic techniques that are used to achieve these goals and they

are 1) secret key cryptography, 2) public-key cryptography, and 3) hash functions. (Kessler,

1998) The unencrypted data is called plaintext and when it is encrypted it is called ciphertext,

which will be decrypted once the receiver receives it. (Kessler, 1998)

Part Two: Three Cryptographic Techniques

With secret key cryptography a single key is used for both encryption and decryption.

(Kessler, 1998) The sender uses the key, or some kind of rules, to encrypt the plaintext and sends

the ciphertext to the receiver. (Kessler, 1998) The receiver uses the same key to decrypt the

message and recover the plaintext. (Kessler, 1998) Since a single key is used for both functions,
Cryptography Concepts and Techniques – Unit 1 5

secret key cryptography is called symmetric encryption. (Kessler, 1998) With this type of

cryptography it is understood that both the sender and the receiver must know the key, which is

what the secret is. (Kessler, 1998) This biggest problem with this type of cryptography is the

distribution of the key. (Kessler, 1998)

Secret key cryptography is defined as either being either stream ciphers or block ciphers.

(Kessler, 1998) Stream ciphers operate on a single bit at any given time and have some sort of

feedback mechanism so that the key is always changing. (Kessler, 1998) A block cipher encrypts

one block of data at a time using the same key for each block. (Kessler, 1998) So, the same

plaintext block will always encrypt to the same cipher when it uses the same key in a block

cipher. (Kessler, 1998)

There are two stream ciphers that deserve mentioning. The first one is self-synchronizing

stream ciphers, which calculates each bit in the keystream as a function of the previous n bits in

the keystream. (Kessler, 1998) It is called self-synchronizing because the decryption process

stays synchronized with the encryption process because it knows how far the n-bit keystream is.

(Kessler, 1998) The second stream cipher worth mentioning is synchronous stream ciphers,

which generates the keystream independently of the message stream but using the same

keystream generation function at both the sender and receiver end. (Kessler, 1998)

Block ciphers have different methods in which they can operate. The first one is the

electronic codebook, or ECB, which is the simplest one because the secret key is used to encrypt

the plaintext block to form a ciphertext block. (Kessler, 1998) However, since it is the simplest it

is the most susceptible to attacks. The second block cipher is the cipher block chaining mode, or

CBC, and it adds a feedback mechanism to the encryption scheme. (Kessler, 1998) In this mode

two blocks of plaintext never encrypt to the same ciphertext. The third one is called cipher
Cryptography Concepts and Techniques – Unit 1 6

feedback mode, of CFB, and it is a block cipher implementation as a self-synchronizing stream

cipher. (Kessler, 1998) The CFB mode allows data to be encrypted in units smaller than the

actual block size. (Kessler, 1998) Finally, the fourth mode is called the output feedback mode, or

OFB, and it is a block cipher that is similar to a synchronous stream cipher. (Kessler, 1998) It

stops the same plaintext block from generating the same ciphertext block because it uses an

internal feedback mechanism that stands alone of the plaintext and ciphertext bit-streams.

(Kessler, 1998)

Public-key cryptography has been deemed as the most significant new development in

cryptography within the last three to four hundred years. Two different people can converse in a

secure communication over a channel that is not secure without having to share the same secret

key. (Kessler, 1998)

It relies on the existence of one-way functions, or mathematical functions that are easy to

compute. (Kessler, 1998) However, the other direction is usually very difficult to compute.

(Kessler, 1998) For instance, if someone has two numbers, like 8 and 23, and they want to

calculate the two, which will take no time at all because 8 times 23 is 184. However, if someone

has the number, 184, and they need to figure out the pair of numbers that the other person

multiplied together to get that number, they eventually will figure it out but calculating the

product barely took a second. Now, say if someone needs to figure out the number 3 to the 6th

power, which is easy to calculate because 3 to the 6th power is 729. (Kessler, 1998) However,

what if someone has the number 729 and has to figure out the two integers that were used, x and

y so that log (x) 729 is y? (Kessler, 1998) This will take the person a longer to compute all of the

possible answers to select the pair that was used.

Public key cryptography uses two keys that are mathematically related to each other,
Cryptography Concepts and Techniques – Unit 1 7

which if someone knows the one key it does not mean they will be able to easily figure out the

second key. (Kessler, 1998) One key is used to encrypt the plaintext and the other key is used to

decrypt the ciphertext. (Kessler, 1998) It does not matter which key is used first but it is

important both keys are used in order for the process to work. (Kessler, 1998) Since a pair of

keys is necessary this approach is also referred to as asymmetric cryptography. (Kessler, 1998)

In public key cryptography one key is referred to as the public key and the other key is referred

to as the private key, which is never revealed to another party. (Kessler, 1998) This is a pretty

straightforward process and it is easy to know who sent the message. (Kessler, 1998)

Hash functions are also called message digests and one-way encryption. (Kessler, 1998)

They are algorithms that use no keys. They used a fixed-length hash value that is computed

based on the plaintext that makes it impossible for the contents or the length of the plaintext to be

recovered. (Kessler, 1998) Hash algorithms provide a digital fingerprint of content that is within

a file, which makes sure that the file, has not been altered by an attacker or a virus. (Kessler,

1998) Hash functions are usually used by many operating systems to encrypt passwords, which

then provide a degree of the integrity of the file. (Kessler, 1998)

Most people believe that no two files can have the same hash value, which is not true.

(Kessler, 1998) For instance, if a hash function has a 128-bit hash value there are 2^128 possible

hash values and there way more than 2^128 possible files. (Kessler, 1998) So, there is definitely

more than one file that can have the same 128-bit hash value. (Kessler, 1998) However, The

problem is finding the two files with the same hash. (Kessler, 1998)

There are extensions of hash functions that are used for various information security and

digital forensics applications. (Kessler, 1998) One such extension are called hash libraries and

are sets of hash values that relate to known files. (Kessler, 1998) The known files might be apart
Cryptography Concepts and Techniques – Unit 1 8

of an operating system. (Kessler, 1998) Rolling hashes are computed based on a fixed-length

sliding window through the input. (Kessler, 1998) For instance, a hash value might be computed

on bytes one through ten or two through eleven, etc… (Kessler, 1998) Fuzzy hashes have two

inputs that are the same. (Kessler, 1998) They are used to detect somewhat similar documents,

images, or other files. (Kessler, 1998)

Part Three: Where Cryptographic Techniques Cannot Be Used

Phone conversations have been digital for a while now and the change to digital saw little

problems. (Schmeh, 2003) On the other hand, the lines that are between the local exchanges and

the end users, the “last mile,” are not so lucky because new improvements at his end are slow.

(Schmeh, 2003) It is expensive to change millions of households with new lines and that is why

an analog connection is still used between most end user connection boxes and local exchanges,

copper cable is still even used. (Schmeh, 2003)

A step in closer to the future is the Integrated Services Digital Network, or ISDN. This

network provides the last mile to be digitalized while still using the existing copper cable.

(Schmeh, 2003) This provides closing the gap without having too many costs with replacing the

copper cables. (Schmeh, 2003) However, with this step there are some disadvantages. Anyone

can easily intercept someone’s phone calls without any problems. (Schmeh, 2003) So, in this

case it is clear that cryptography is not the answer. (Schmeh, 2003) The reprogramming to fix

security problems needs to be done at the root. (Schmeh, 2003)

If someone is connecting to the Internet through their mobile phone they do so through a

mobile network, which are used for both telephone conversations and data transmissions.

(Schmeh, 2003) The problem lies when any data makes it way from the mobile phone to the

fixed transmitter network because the scenario occurs as if someone was making a phone call
Cryptography Concepts and Techniques – Unit 1 9

from home. (Schmeh, 2003) Two different attacks can occur at this point. One is between the

end device and the base transceiver station and the other is between the base transceiver station

and the base station controller. (Schmeh, 2003) The second place of attack is where the problem

lies. (Schmeh, 2003) If an attacker can actually do something with the signal it is up to the

attacker’s expertise and the actual network. (Schmeh, 2003) Older networks are analog, which

will make the attack simple. (Schmeh, 2003) However, most networks are digital, which will

make an attack difficult. (Schmeh, 2003) If it is a Global System for Mobile Communications

standard there will be a continuous change of frequency, but someone can still eavesdrop if they

have the complex equipment to do so. (Schmeh, 2003) With this standard came encryption and it

made sure that it was difficult to understand the intercepted messages. (Schmeh, 2003) However,

it is not secure enough, especially, if someone was wealthy they probably could by the

equipment to make an attack. (Schmeh, 2003) Also, there have reports about International

Mobile Subscriber Identity catchers. (Schmeh, 2003)

Satellites are becoming more popular with the Internet because they their main advantage

is large bandwidth and they are independently located. (Schmeh, 2003) So, if someone puts up a

satellite then an attacker can as well. (Schmeh, 2003) However, an attacker can only view the

page that someone is looking at and not the important data they are entering within the web page

but satellites can be used to transfer information that is in fact sensitive. (Schmeh, 2003) So,

someone should consider the threat of eavesdroppers because satellites transmit vast amounts of

data. (Schmeh, 2003)

Part Four: Mathematics

It is impossible to understand cryptography techniques without mathematics because it

relies on mathematics properties of numbers. Number theory plays an important part in the
Cryptography Concepts and Techniques – Unit 1 10

design of cryptographic techniques. (“The science of,” 2011) Number theory is the study of

properties of integers, such as 1, 2, and 3. (“The science of,” 2011) Factorization, which is the

breaking down of a number into its prime factors, is considered to be a very difficult process.

(“The science of,” 2011) Sometimes problems are not solved for a while even though they look

simple to the average person. (“The science of,” 2011) For instance, “is there an even number

greater than two that is not the sum of two primes?” (“The science of,” 2011)

Number theory was thought of as the “purest” for of mathematics, which they thought it

had no relevant value. (“The science of,” 2011) Number theory had no relevance to anything in

the world or no practical purpose. (“The science of,” 2011) Today, number theory is the

foundation of modern cryptography. (“The science of,” 2011)

As mentioned before, cryptographic techniques make it possible to convert plaintext into

ciphertext using algorithms, which can be reversed back to its original state. (“The science of,”

2011) Mathematically, it takes an input value and produces an output value. (“The science of,”

2011) This one-way function is almost correct for encryption because a particular secret has to

be known, which is the key. (“The science of,” 2011)

Part Five: Conclusion

Cryptology has become the latest weapon in guarding sensitive traffic that gets

transmitted. It enforces rules, verifies identities, and online transactions are becoming less of a

security concern. The use and impact of cryptography on everyday life is expected to boom and

has potential do a lot more.

References:

1) K e s s l e r , G . ( 1 9 9 8 , M a y ) . A n o v e r v i e w o f c r y p t o g r a p h y . R e t r i e v e d f r o m
http://www.garykessler.net/library/crypto.html#s
Cryptography Concepts and Techniques – Unit 1 11

2) S c h m e h , K . ( 2 0 0 3 ) . C r y p t o g r a p h y a n d p u b l i c k e y
infrastructure on the internet. West Sussex: John Wiley & Sons
Inc.

3) T h e s c i e n c e o f s e c r e t s . ( 2 0 1 1 ) . R e t r i e v e d f r o m
http://cactus.eas.asu.edu/partha/Columns/03-05-crypto-05.htm

S-ar putea să vă placă și