






Study with the several resources on Docsity
Earn points by helping other students or get them with a premium plan
Prepare for your exams
Study with the several resources on Docsity
Earn points to download
Earn points by helping other students or get them with a premium plan
Description This document provides comprehensive study notes on cryptography, compiled through extensive research from academic resources, technical publications, and educational references. The material has been carefully organized and rewritten into a structured learning guide to help students understand both classical and modern cryptographic concepts. Topics covered include: Introduction to Cryptography Security Principles (Confidentiality, Integrity, Authentication, Non-Repudiation) Classical Cryptography Substitution and Transposition Ciphers Enigma Machine and One-Time Pad Symmetric and Asymmetric Cryptography AES, DES, RSA, Diffie–Hellman, and ElGamal Hash Functions and Digital Signatures Modes of Operation Zero-Knowledge Proofs Secret Sharing Post-Quantum Cryptography Practical Security Best Practices
Typology: Study notes
1 / 12
This page cannot be seen from the preview
Don't miss anything!







Cryptography is the science of securing communication and data from unauthorized access. The word itself comes from the Greek words "kryptós" (hidden) and "graphein" (to write). It is used in various fields, including online security, banking, military communications, and digital signatures. Cryptography ensures four key security principles: Confidentiality: Ensuring that information is accessible only to those who have permission. Integrity: Protecting data from being altered or tampered with. Authentication: Verifying the identity of users. Non-repudiation: Ensuring that someone cannot deny their actions, such as sending a message.
Classic Cryptography: Foundations, Limitations, and Early Machines Core idea: Obscure plaintext by simple operations, substitutions, or permutations. Vulnerability: Frequency analysis and statistical patterns in natural languages reveal information about the plaintext. Early machines: Mechanisms like rotor-based devices multiplied the complexity of substitutions, foreshadowing modern cryptographic design. Substitution Ciphers General concept: Replace each unit of plaintext with another symbol or letter according to a fixed scheme.
Shift Cipher (Caesar): Each letter x is replaced by x + k (mod 26). Key idea: 26 possible shifts; trivially breakable by brute force. Monoalphabetic Substitution: A fixed, global permutation of the alphabet. Although the key space is enormous (26! ≈ 4.03 × 10^26), cryptanalysis exploits letter frequencies and common bigrams/trigrams (like THE, AND, ING) to recover the mapping. Vigenère Cipher: A polyalphabetic substitution using a repeating keyword. Each letter is shifted by an amount determined by the corresponding keyword letter. Vulnerable to the Kasiski examination, which uses distances between repeated sequences to estimate the keyword length and ultimately recover the key. Transposition Ciphers Core idea: Do not replace letters but rearrange them according to a permutation. Rail Fence (Zigzag) Cipher: Writes the plaintext in a zigzag across multiple rails and reads it off row by row; still vulnerable to pattern analysis. Scytale Cipher: Wraps a strip around a rod; decryption depends on knowing the rod circumference. Route (Columnar) Cipher: Writes the plaintext in a grid and reads it in a different route. The permutation can be discovered through analysis of the ciphertext structure. Security note: Transpositions hide the letters but do not disguise the identity of letters themselves; they are vulnerable to chosen-plaintext and known-plaintext attacks that reveal the permutation pattern. Mechanical Evolution: Enigma and Lorenz Enigma machine: An electromechanical device that produced a continually changing polyalphabetic substitution via rotors, a plugboard, and stepping mechanisms. Its security relied on multiple, interacting components. Breakthroughs: The Allied cryptanalysts exploited predictable message structure, repetitive headers, and weaknesses in the plugboard/rotor configurations. The Lorenz cipher (a more complex stream cipher) was broken
Block ciphers (stateless) process fixed-size blocks (e.g., 64 or 128 bits). Stream ciphers (stateful) generate a keystream and combine it with the plaintext bit-by-bit or byte-by-byte. Stream Ciphers: Build keystreams from pseudo-random sources. Example: LFSR-based designs (linear feedback shift registers) combined non- linearly to increase complexity and resist certain attacks. Hardware-oriented designs include A5/1 (historical GSM) and similar constructions. Software-focused example: RC4 (byte-oriented, variable-length key); note: RC4 is deprecated due to vulnerabilities. Block Ciphers: Encrypt fixed-length blocks with a key-dependent transformation. DES: A Feistel network with 16 rounds, using S-boxes for nonlinearity and P- boxes for permutation. It’s considered insecure for modern use due to short key length (56 bits). Rijndael (AES): The current standard. It operates on 128-bit blocks and uses a structure of SubBytes, ShiftRows, MixColumns, and AddRoundKey across multiple rounds (10, 12, or 14 rounds depending on key length). It relies on finite field arithmetic over GF(2^8). Modes of Operation: How to securely apply block ciphers to longer messages. CBC (Cipher Block Chaining): Each ciphertext block depends on the previous one, preventing simple block-wise replay or insertion attacks. CTR (Counter): Turns a block cipher into a stream cipher by encrypting counter values; allows parallel processing and random access decryption, with proper nonce/IV management to avoid keystream reuse. Asymmetric Cryptography: Key Exchange and Digital Signatures Public-key foundations: Based on trapdoor one-way functions where operations are easy in one direction but hard to invert without extra information.
RSA: Relies on the difficulty of factoring large composites N = p q. Public key (N, e); private key d satisfying M ≡ M^e^d (mod N). Security scales with key size and factoring hardness. ElGamal: Based on the discrete logarithm problem (DLP) in finite groups. Security hinges on the hardness of computing logs in that group. Diffie–Hellman: A protocol for secure key exchange over an insecure channel. It enables two parties to establish a shared secret but without authentication it is vulnerable to man-in-the-middle attacks. Hybrid encryption: Practical systems encrypt data with a fast symmetric cipher (the data encryption mechanism, DEM) and protect the symmetric key with a public-key method (the key encapsulation mechanism, KEM). This combines the strengths of both approaches. Integrity, Authentication, and Advanced Protocols Cryptographic hash functions: Create fixed-length digests that are hard to invert, collision-resistant, and preimage-resistant. Modern recommendations favor SHA-256 and related SHA-3 family members. Digital signatures: Provide non-repudiation and authenticity. Common standards include DSA, ECDSA (elliptic curve DSA), and RSA-PSS. Security definitions: Aim for semantic security (ciphertext reveals nothing about the plaintext), and resistance to adaptive chosen-ciphertext attacks (CCA2), where an attacker can obtain decryptions of chosen ciphertexts other than the target. Advanced primitives: Commitment schemes: Allow one party to commit to a value while keeping it hidden, with later reveal to prove the value without altering it. Zero-knowledge proofs: Let a prover convince a verifier that they know a secret without revealing the secret itself. Secret sharing: Divides a secret into shares so that only specific subsets of participants can reconstruct it (e.g., Shamir’s scheme using polynomial interpolation).
Defense: Polyalphabetic or polygraphic ciphers (operate on digrams/trigrams) and, ultimately, moving to mathematically hard problems (modern cryptography) are required for real security. Use and historical relevance Substitution ciphers are foundational historically and useful for teaching cryptanalysis and information-theory concepts (like redundancy and entropy). They illustrate how language statistics leak information and why stronger constructions are necessary. Transposition Ciphers: Detailed view Definition and idea Do not change letters; instead rearrange their order using a permutation or path. They preserve plaintext letter frequencies but obscure word and letter position patterns. Common types, operation, and properties Rail Fence cipher: Operation: Write plaintext in a zigzag across R rails (rows) and then read row- by-row to produce ciphertext. Example (3 rails): “WEAREDISCOVERED” laid out zigzag and read by rows yields a scrambled sequence. Security: Simple to break by trying small rail counts and observing resulting plaintext readability. Scytale: Operation: A strip of paper wrapped around a rod of known circumference; letters align into meaningful words along the rod’s axis. Decryption requires the rod with the correct diameter or trying integer circumferences. Security: Weak-only a small set of practical rod sizes to try; brute-force reveals the plaintext quickly. Route / Columnar transposition:
Non-repudiation: Prevent a sender from denying their action (typically via signatures). Main families and principles Symmetric-key cryptography:
Semantic security (IND-CPA): Ciphertext leaks no partial information about plaintext under chosen-plaintext attacks. IND-CCA (adaptive chosen-ciphertext security): Stronger; resists attackers who can query a decryption oracle except on the challenge ciphertext. AE (Authenticated Encryption) / AEAD: Guarantees both confidentiality and integrity; resists chosen-ciphertext forgery while preserving secrecy. Provable security: Many modern schemes have reductions that show breaking the scheme implies solving a hard mathematical problem.
Diffie–Hellman key exchange: Two parties derive a shared secret from public values; vulnerable to active MITM unless authenticated. Digital signatures: Provide message authentication and non-repudiation. Schemes include RSA-PSS, ECDSA. Security relies on hardness assumptions and proper hashing (hash-and-sign). MACs and authenticated encryption: HMAC, CMAC for integrity; AEAD (e.g., AES-GCM, ChaCha20-Poly1305) combine encryption and integrity efficiently.
Zero-knowledge proofs: Allow proving statements without revealing secrets; used in privacy-preserving authentication and blockchain protocols. Commitment schemes: Bind then hide; used in multi-party protocols and verifiable computation.