Complete Cryptography Study Notes | Classical & Modern Cryptography Guide, Study notes of Computer science

Description This document provides comprehensive study notes on cryptography, compiled through extensive research from academic resources, technical publications, and educational references. The material has been carefully organized and rewritten into a structured learning guide to help students understand both classical and modern cryptographic concepts. Topics covered include: Introduction to Cryptography Security Principles (Confidentiality, Integrity, Authentication, Non-Repudiation) Classical Cryptography Substitution and Transposition Ciphers Enigma Machine and One-Time Pad Symmetric and Asymmetric Cryptography AES, DES, RSA, Diffie–Hellman, and ElGamal Hash Functions and Digital Signatures Modes of Operation Zero-Knowledge Proofs Secret Sharing Post-Quantum Cryptography Practical Security Best Practices

Typology: Study notes

2025/2026

Available from 07/02/2026

kabina-thapa
kabina-thapa 🇳🇵

1 document

1 / 12

Toggle sidebar

This page cannot be seen from the preview

Don't miss anything!

bg1
CRYPTOGRAPHY
Introduction
Cryptography is the science of securing communication and data from unauthorized
access. The word itself comes from the Greek words "kryptós" (hidden) and
"graphein" (to write). It is used in various fields, including online security, banking,
military communications, and digital signatures.
Cryptography ensures four key security principles:
Confidentiality: Ensuring that information is accessible only to those who
have permission.
Integrity: Protecting data from being altered or tampered with.
Authentication: Verifying the identity of users.
Non-repudiation: Ensuring that someone cannot deny their actions, such as
sending a message.
Classic Cryptography: Statistical Foundations and
Early Machines
Classic Cryptography: Foundations, Limitations, and Early Machines
Core idea: Obscure plaintext by simple operations, substitutions, or
permutations.
Vulnerability: Frequency analysis and statistical patterns in natural languages
reveal information about the plaintext.
Early machines: Mechanisms like rotor-based devices multiplied the
complexity of substitutions, foreshadowing modern cryptographic design.
Substitution Ciphers
General concept: Replace each unit of plaintext with another symbol or letter
according to a fixed scheme.
pf3
pf4
pf5
pf8
pf9
pfa

Partial preview of the text

Download Complete Cryptography Study Notes | Classical & Modern Cryptography Guide and more Study notes Computer science in PDF only on Docsity!

CRYPTOGRAPHY

Introduction

Cryptography is the science of securing communication and data from unauthorized access. The word itself comes from the Greek words "kryptós" (hidden) and "graphein" (to write). It is used in various fields, including online security, banking, military communications, and digital signatures. Cryptography ensures four key security principles:  Confidentiality: Ensuring that information is accessible only to those who have permission.  Integrity: Protecting data from being altered or tampered with.  Authentication: Verifying the identity of users.  Non-repudiation: Ensuring that someone cannot deny their actions, such as sending a message.

Classic Cryptography: Statistical Foundations and

Early Machines

Classic Cryptography: Foundations, Limitations, and Early Machines  Core idea: Obscure plaintext by simple operations, substitutions, or permutations.  Vulnerability: Frequency analysis and statistical patterns in natural languages reveal information about the plaintext.  Early machines: Mechanisms like rotor-based devices multiplied the complexity of substitutions, foreshadowing modern cryptographic design. Substitution Ciphers  General concept: Replace each unit of plaintext with another symbol or letter according to a fixed scheme.

 Shift Cipher (Caesar): Each letter x is replaced by x + k (mod 26). Key idea: 26 possible shifts; trivially breakable by brute force.  Monoalphabetic Substitution: A fixed, global permutation of the alphabet. Although the key space is enormous (26! ≈ 4.03 × 10^26), cryptanalysis exploits letter frequencies and common bigrams/trigrams (like THE, AND, ING) to recover the mapping.  Vigenère Cipher: A polyalphabetic substitution using a repeating keyword. Each letter is shifted by an amount determined by the corresponding keyword letter. Vulnerable to the Kasiski examination, which uses distances between repeated sequences to estimate the keyword length and ultimately recover the key. Transposition Ciphers  Core idea: Do not replace letters but rearrange them according to a permutation.  Rail Fence (Zigzag) Cipher: Writes the plaintext in a zigzag across multiple rails and reads it off row by row; still vulnerable to pattern analysis.  Scytale Cipher: Wraps a strip around a rod; decryption depends on knowing the rod circumference.  Route (Columnar) Cipher: Writes the plaintext in a grid and reads it in a different route. The permutation can be discovered through analysis of the ciphertext structure.  Security note: Transpositions hide the letters but do not disguise the identity of letters themselves; they are vulnerable to chosen-plaintext and known-plaintext attacks that reveal the permutation pattern. Mechanical Evolution: Enigma and Lorenz  Enigma machine: An electromechanical device that produced a continually changing polyalphabetic substitution via rotors, a plugboard, and stepping mechanisms. Its security relied on multiple, interacting components.  Breakthroughs: The Allied cryptanalysts exploited predictable message structure, repetitive headers, and weaknesses in the plugboard/rotor configurations. The Lorenz cipher (a more complex stream cipher) was broken

 Block ciphers (stateless) process fixed-size blocks (e.g., 64 or 128 bits).  Stream ciphers (stateful) generate a keystream and combine it with the plaintext bit-by-bit or byte-by-byte.  Stream Ciphers: Build keystreams from pseudo-random sources.  Example: LFSR-based designs (linear feedback shift registers) combined non- linearly to increase complexity and resist certain attacks. Hardware-oriented designs include A5/1 (historical GSM) and similar constructions.  Software-focused example: RC4 (byte-oriented, variable-length key); note: RC4 is deprecated due to vulnerabilities.  Block Ciphers: Encrypt fixed-length blocks with a key-dependent transformation.  DES: A Feistel network with 16 rounds, using S-boxes for nonlinearity and P- boxes for permutation. It’s considered insecure for modern use due to short key length (56 bits).  Rijndael (AES): The current standard. It operates on 128-bit blocks and uses a structure of SubBytes, ShiftRows, MixColumns, and AddRoundKey across multiple rounds (10, 12, or 14 rounds depending on key length). It relies on finite field arithmetic over GF(2^8). Modes of Operation: How to securely apply block ciphers to longer messages.  CBC (Cipher Block Chaining): Each ciphertext block depends on the previous one, preventing simple block-wise replay or insertion attacks.  CTR (Counter): Turns a block cipher into a stream cipher by encrypting counter values; allows parallel processing and random access decryption, with proper nonce/IV management to avoid keystream reuse. Asymmetric Cryptography: Key Exchange and Digital Signatures  Public-key foundations: Based on trapdoor one-way functions where operations are easy in one direction but hard to invert without extra information.

 RSA: Relies on the difficulty of factoring large composites N = p q. Public key (N, e); private key d satisfying M ≡ M^e^d (mod N). Security scales with key size and factoring hardness.  ElGamal: Based on the discrete logarithm problem (DLP) in finite groups. Security hinges on the hardness of computing logs in that group.  Diffie–Hellman: A protocol for secure key exchange over an insecure channel. It enables two parties to establish a shared secret but without authentication it is vulnerable to man-in-the-middle attacks.  Hybrid encryption: Practical systems encrypt data with a fast symmetric cipher (the data encryption mechanism, DEM) and protect the symmetric key with a public-key method (the key encapsulation mechanism, KEM). This combines the strengths of both approaches.  Integrity, Authentication, and Advanced Protocols  Cryptographic hash functions: Create fixed-length digests that are hard to invert, collision-resistant, and preimage-resistant. Modern recommendations favor SHA-256 and related SHA-3 family members.  Digital signatures: Provide non-repudiation and authenticity. Common standards include DSA, ECDSA (elliptic curve DSA), and RSA-PSS.  Security definitions: Aim for semantic security (ciphertext reveals nothing about the plaintext), and resistance to adaptive chosen-ciphertext attacks (CCA2), where an attacker can obtain decryptions of chosen ciphertexts other than the target. Advanced primitives:  Commitment schemes: Allow one party to commit to a value while keeping it hidden, with later reveal to prove the value without altering it.  Zero-knowledge proofs: Let a prover convince a verifier that they know a secret without revealing the secret itself.  Secret sharing: Divides a secret into shares so that only specific subsets of participants can reconstruct it (e.g., Shamir’s scheme using polynomial interpolation).

  1. Operation: A fixed permutation π of the alphabet maps each plaintext letter to a ciphertext letter for the whole message.
  2. Key space: 26! (~4.03×10^26), large in theory.
  3. Practical security: Poor against frequency analysis because natural-language statistics (letter frequencies, digrams, trigrams) leak the mapping. Techniques such as pattern matching, word list attack, and simulated annealing/heuristic search can recover the permutation. Vigenère (polyalphabetic) cipher:
  4. Operation: Uses a keyword; each plaintext letter is shifted by the amount associated with the corresponding keyword letter. Equivalent to using a repeating sequence of Caesar shifts.
  5. Example: Keyword “KEY” (K=10,E=4,Y=24) repeated to cover plaintext; shifts vary cyclically.
  6. Security: Stronger than monoalphabetic substitution because it masks single- letter frequency. Vulnerable to:  Kasiski examination: Find repeated ciphertext substrings and measure distances to deduce keyword length.  Index of coincidence: Statistical measure to estimate key length.  Once key length is known, treat each key-position as a Caesar cipher and break by frequency analysis. Attacks and defenses  Frequency analysis: Count letter/digraph/trigraph frequencies; match to expected language statistics.  Known-plaintext / chosen-plaintext: Recover mapping by observing plaintext- ciphertext pairs.  Automation: Modern computers use n-gram scoring, hill-climbing, simulated annealing, and genetic algorithms to recover keys quickly.

 Defense: Polyalphabetic or polygraphic ciphers (operate on digrams/trigrams) and, ultimately, moving to mathematically hard problems (modern cryptography) are required for real security. Use and historical relevance  Substitution ciphers are foundational historically and useful for teaching cryptanalysis and information-theory concepts (like redundancy and entropy). They illustrate how language statistics leak information and why stronger constructions are necessary. Transposition Ciphers: Detailed view Definition and idea  Do not change letters; instead rearrange their order using a permutation or path. They preserve plaintext letter frequencies but obscure word and letter position patterns. Common types, operation, and properties Rail Fence cipher:  Operation: Write plaintext in a zigzag across R rails (rows) and then read row- by-row to produce ciphertext.  Example (3 rails): “WEAREDISCOVERED” laid out zigzag and read by rows yields a scrambled sequence.  Security: Simple to break by trying small rail counts and observing resulting plaintext readability. Scytale:  Operation: A strip of paper wrapped around a rod of known circumference; letters align into meaningful words along the rod’s axis. Decryption requires the rod with the correct diameter or trying integer circumferences.  Security: Weak-only a small set of practical rod sizes to try; brute-force reveals the plaintext quickly. Route / Columnar transposition:

 Non-repudiation: Prevent a sender from denying their action (typically via signatures). Main families and principles Symmetric-key cryptography:

  1. Definition: Single shared secret key used for both encryption and decryption.
  2. Primitives: Block ciphers (AES), stream ciphers (ChaCha20), MACs (HMAC).
  3. Properties: Fast, suitable for bulk encryption; requires secure key exchange and key management.
  4. Modes: Use block cipher modes like CBC, CTR, GCM. Each mode has different guarantees: CBC provides confidentiality (with IV management); GCM and other AEAD modes provide confidentiality plus integrity/authentication in one primitive. Asymmetric (public-key) cryptography:
  5. Definition: Key pairs (public, private). Public key used to encrypt/verify; private key to decrypt/sign.
  6. Hard problems: Integer factorization (RSA), discrete logarithm (DLP) in multiplicative groups (ElGamal, DSA), elliptic-curve discrete logarithm (ECDSA, ECIES).
  7. Use cases: Key exchange, digital signatures, certificate-based authentication.
  8. Practical approach: Hybrid cryptosystems: use public-key to securely transport symmetric keys (KEM), then symmetric cipher for data (DEM). Cryptographic hash functions:
  9. Purpose: Fixed-size digest that represents arbitrary-length input, used for integrity, fingerprinting, and building other primitives.
  10. Security properties: Preimage resistance, second-preimage resistance, collision resistance.
  1. Examples: SHA-256, SHA-3. Deprecated examples: MD5, SHA-1 (collision weaknesses.

Security models and formal definitions

 Semantic security (IND-CPA): Ciphertext leaks no partial information about plaintext under chosen-plaintext attacks.  IND-CCA (adaptive chosen-ciphertext security): Stronger; resists attackers who can query a decryption oracle except on the challenge ciphertext.  AE (Authenticated Encryption) / AEAD: Guarantees both confidentiality and integrity; resists chosen-ciphertext forgery while preserving secrecy.  Provable security: Many modern schemes have reductions that show breaking the scheme implies solving a hard mathematical problem.

Key protocols and constructs

 Diffie–Hellman key exchange: Two parties derive a shared secret from public values; vulnerable to active MITM unless authenticated.  Digital signatures: Provide message authentication and non-repudiation. Schemes include RSA-PSS, ECDSA. Security relies on hardness assumptions and proper hashing (hash-and-sign).  MACs and authenticated encryption: HMAC, CMAC for integrity; AEAD (e.g., AES-GCM, ChaCha20-Poly1305) combine encryption and integrity efficiently.

Advanced primitives and modern directions

 Zero-knowledge proofs: Allow proving statements without revealing secrets; used in privacy-preserving authentication and blockchain protocols.  Commitment schemes: Bind then hide; used in multi-party protocols and verifiable computation.