Cryptography: Concepts and Algorithms - A Comprehensive Guide, Study notes of Cryptography and System Security

Cryptography and Network Security is the most brilliant subject for securing the data that we send online. It enables us to learn how Cryptography works and what are it uses and features.

Typology: Study notes

2021/2022

Available from 02/01/2022

Ping-gaming
Ping-gaming 🇮🇳

2 documents

1 / 227

Toggle sidebar

This page cannot be seen from the preview

Don't miss anything!

bg1
1
UNIT-1
Syllabus: Security Goals, Cryptographic Attacks, Services and Mechanisms, Mathematics of Cryptography
INTRODUCTION TO CRYPTOGRAPHY:
An original message is known as the plaintext, while the coded message is called the ciphertext.
The process of converting from plaintext to ciphertext is known as enciphering or encryption; restoring the
plaintext from the ciphertext is deciphering or decryption.
The many schemes used for encryption constitute the area of study known as cryptography. Such a scheme is
known as a cryptographic system or a cipher.
Techniques used for deciphering a message without any knowledge of the enciphering details fall into the area
of cryptanalysis.
Cryptanalysis is what the layperson calls “breaking the code.”The areas of cryptography and cryptanalysis
together are called cryptology.
A symmetric encryption scheme has five ingredients:
Plaintext: This is the original intelligible message or data that is fed into the algorithm as input.
Encryption algorithm: The encryption algorithm performs various substitutions and transformations on the plaintext.
Secret key: The secret key is also input to the encryption algorithm.The key is a value independent of the plaintext
and of the algorithm. The algorithm will produce a different output depending on the specific key being used at the
time.The exact substitutions and transformations performed by the algorithm depend on the key.
Ciphertext: This is the scrambled message produced as output. It depends on the plaintext and the secret key.
Decryption algorithm: This is essentially the encryption algorithm run in reverse. It takes the ciphertext and the
secret key and produces the original plaintext.
TOPIC 01:
SECURITY GOALS:
let us first discuss three security goals: confidentiality, integrity, and availability
Confidentiality:
It is the most common aspect of information security. we need to protect our confidential information.
pf3
pf4
pf5
pf8
pf9
pfa
pfd
pfe
pff
pf12
pf13
pf14
pf15
pf16
pf17
pf18
pf19
pf1a
pf1b
pf1c
pf1d
pf1e
pf1f
pf20
pf21
pf22
pf23
pf24
pf25
pf26
pf27
pf28
pf29
pf2a
pf2b
pf2c
pf2d
pf2e
pf2f
pf30
pf31
pf32
pf33
pf34
pf35
pf36
pf37
pf38
pf39
pf3a
pf3b
pf3c
pf3d
pf3e
pf3f
pf40
pf41
pf42
pf43
pf44
pf45
pf46
pf47
pf48
pf49
pf4a
pf4b
pf4c
pf4d
pf4e
pf4f
pf50
pf51
pf52
pf53
pf54
pf55
pf56
pf57
pf58
pf59
pf5a
pf5b
pf5c
pf5d
pf5e
pf5f
pf60
pf61
pf62
pf63
pf64

Partial preview of the text

Download Cryptography: Concepts and Algorithms - A Comprehensive Guide and more Study notes Cryptography and System Security in PDF only on Docsity!

UNIT- 1

Syllabus: Security Goals, Cryptographic Attacks, Services and Mechanisms, Mathematics of Cryptography

INTRODUCTION TO CRYPTOGRAPHY:

 An original message is known as the plaintext , while the coded message is called the ciphertext.  The process of converting from plaintext to ciphertext is known as enciphering or encryption; restoring the plaintext from the ciphertext is deciphering or decryption.  The many schemes used for encryption constitute the area of study known as cryptography. Such a scheme is known as a cryptographic system or a cipher.  Techniques used for deciphering a message without any knowledge of the enciphering details fall into the area of cryptanalysis.  Cryptanalysis is what the layperson calls “breaking the code.”The areas of cryptography and cryptanalysis together are called cryptology. A symmetric encryption scheme has five ingredients: Plaintext: This is the original intelligible message or data that is fed into the algorithm as input. Encryption algorithm: The encryption algorithm performs various substitutions and transformations on the plaintext. Secret key : The secret key is also input to the encryption algorithm.The key is a value independent of the plaintext and of the algorithm. The algorithm will produce a different output depending on the specific key being used at the time.The exact substitutions and transformations performed by the algorithm depend on the key. Ciphertext: This is the scrambled message produced as output. It depends on the plaintext and the secret key. Decryption algorithm: This is essentially the encryption algorithm run in reverse. It takes the ciphertext and the secret key and produces the original plaintext. TOPIC 01:SECURITY GOALS: let us first discuss three security goals: confidentiality, integrity, and availability Confidentiality:  It is the most common aspect of information security. we need to protect our confidential information.

 An organization needs to guard against those malicious actions that endanger the confidentiality of its information.  In the miltrary, concealment of sensitive information is the major concern.  In industry, hiding some information from competitors is crucial to the operation of the organization.  In banking, customers accounts need to be kept secret.  Confidentiality not only applies to the storage of the information, is also applies to the transmission of information. Integrity:  Information needs to be changed constantly. In a bank, when a customer deposits or withdraws money, the balance of her account needs to be changed.  Integrity means that changes need to be done only by authorized entities and through authorized mechanisms.  Integrity violation is not necessarily the result of a malicious act. Availability:  The third component of information security is availability.  The information created and stored by an organization needs to be available to authorized entities. Information is useless, if it is not available.  The unavailability of information is just as harmful for an organization as the lack of confidentiality or integrity. TOPIC 02:Cryptographic attacks: Cryptographic attacks can be broadly categorized into two distinct types: 1.Cryptanalytic and 2.Non-cryptanalytic.  Cryptanalytic attacks: These attacks are combination of statistical and algebraic techniques aimed at ascertaining the secret key of a cipher.  These methods inspect the mathematical properties of the cryptographic algorithms and aims at finding distinguishers of the output distribution of cryptographic algorithms form uniform distributions.  The objective of cryptanalysis is to find properties of the cipher which does not exist in a random function.  Here distinguishers means that all attacks are fundamentally distinguishers.The attacker thus guesses the key and looks for the distinguishing property.If the property is detected,the guess is correct otherwise the next guess is tried.  The guessing complexity is lesser than the brute force search complexity.  Non-cryptanalytic attacks:

 For example, a user tries to contact a bank, but another site pretends that it is the bank and obtains some information from the user. Replaying:  The attacker obtains a copy of a message sent by a user and later tries to replay it.  For example , a person sends a request to her bank to ask for payment to the attacker, who has done a job for her. The attacker intercepts the message and sends it again to receive another payment from the bank. Repudiation:  This type of attack is different from others because it is performed by one of the two parties in the communication:sender and the receiver.  The sender of the message might later deny that she has sent the message; the receiver of the message might later deny that she has received the message.  Attacks threatening Availability: Only one this attack is denial of service. Denial of service:  It is very common attack.It may slow down or totally interrupt the service of a system.  The sender sends so many bogus requests to a server that the server crashes because of heavy load.  Passive versus active attacks: Passive attacks:  The attackers goal is just to obtain information.This means that the attack does not modify data or harm the system.  The system continues with its normal operation.The attack may harm the sender or the receiver of the message.  Attacks that threaten confidentiality--snooping and traffic analysis ---are passive attacks. Active atacks:  An active attack may change the data or harm the system.  Attacks that threaten the integrity and availability are active attacks.

 These attacks are normally easier to detect than to prevent because an attacker can launch them in a variety of ways. TOPIC 03:Security services and mechanisms: ITU-T (International Telecommunication Union-Telecommunication Standardization Sector) provides some security services and some mechanisms to implement those services.Security services and mechanisms are closely related because a mechanism or combination of mechanisms are used to provide a

service.

Security services:Authentication: In connection oriented communication,it provides authentication of the sender and receiver during the connection establishment.In connection-less communication, it authenticates the source of the data.  Access Control: It provides protection against unauthorized access to data.  Data Confidentiality: information is not made available to unauthorized individual.It is designed to prevent snooping and traffic analysis attack.  Data Integrity : It is designed to protect data from modification,insertion,deletion,and replaying by an adversary, It may protect the whole message or part of the message.  Non-Repudiation: protection against denial of sending or receiving in the communication.  Security mechanisms:

 This means inserting some bogus data into the data traffic to the adversary's attempt to use the traffic analysis. Routing control:  It means selecting and continuously changing different available routes between sender and receiver to prevent the opponent from eavesdropping on a particular route. Notarization:  It means selecting a third trusted party to control the communication between two entities.  This can be done, for example,to prevent repudiation. Access control:  It uses methods to prove that a user has access right to the data or resources owned by a system.  Examples of proofs are passwords and PINs  Relation between Services and Mechanisms:Mathematics of Cryptography: Cryptography is based on some specific areas of mathematics, including number theory, linear algebra and algebraic structures. Integer arithmetic: In integer arithmetic, we use a set and few operations. Set of Integers: The set of integers, denoted by Z, contains all integral numbers(with no fraction)from negative infinity to positive infinity. z={.......,-2,-1,0,1,2.....} Binary operations: In cryptography , we are interested in three basic operations applied to the set of integers. A binary operation takes two inputs and creates one output.  Three basic operations are addition, subtraction and multiplication. Each of these operations takes 2 inputs and creates 1 output.  The two inputs come from the set of integers; the output goes into the set of integers.

fig: Three binary operations for the set of integers  Integer Division : In integer arithmetic, if we divide a by n, we get q and r. The relationship between these four integers can be shown as a=q×n+r In this relation , a is called the dividend; q, the quotient; the divisor; and r, the remainder. Two Restrictions: For our purpose,we impose two restrictions.First,we require that the divisor be a positive integer(n>0). Second,we require that the remainder be a non-negative integer(r ≥ 0).  Divisibility: If a is not zero and we let r=0 in the division relation, we get a=q×n we say that n divides a.we can also say that a is divisible by n.when we are not interested in the value of q,we can write the above relationship as a|n.If the remainder is not zero,then n does not divide a and we can write the relationship as a×n. Properties:

  • If a|1, then a = ±1.
    • If a|b and b|a, then a = ±b.
  • If a | b and b | c, then a | c
    • If a|b and a|c, then a|(m×b + n×c) where m and n are arbitrary integers. Example: a. Since 3|15 and 15|45,according to third property, 3|

 The steps are continued until r2 becomes 0.At this moment,we stop. The gcd(a,b) is r1. when gcd(a,b) = 1, we say that a and b are relatively prime Example : Find the greatest common divisor of 2740, sol:The Extended Euclidean Algorithm: Given two integers a and b,we often need to find other two integers, s and t, such that s×a+t×b=gcd(a,b) The Extended euclidean algorithm can calculate the gcd(a,b) and at the same time calculate the value of s and t. The algorithm and the process is shown below diagram.  The extended euclidean algorithm uses the same number of steps as the Euclidean algorithm. However in each step , we use three sets of calculations and exchange instead of one.  The algorithm uses three sets of variables, r's, s's and t's.  In each step r 1 ,r 2 and r have the same values in the Euclidean algorithm.  The variables r 1 and r 2 are initialized to the values of a and b respectively.  The variables s 1 and s 2 are initialized to 1 and 0 respectively.  The variables t 1 and t 2 are initialized to 1 and 0 respectively.  The calculations of r, s and t are similar, with one warning. Although r is the remainder of dividing r 1 and r 2 , there is no such relationship between the other two sets. There is only one quotient, q, which is calculated r 1 |r 2 and used for the other two calculations.

b.Algorithm r=r 1 - q×r 2 s=s 1 - q × s 2 t=t 1 - q × t 2  Linear Diophantine Equations: Although we will see a very important application of the extended Euclidean algorithm. One immediate applications is to find the solutions to the linear Diophantine equations of two variables, an equation of type ax+by+c.we need to find integer values for x and y that satisfy the equation.This type of equation has either no solution or an infinite number of solutions. Let d= gcd(a,b) , If d+c, then the equation has no solution. If d|c , then we have an infinite number of solutions. one of them is called the particular; the rest, general A linear Diophantine equation of two variables is ax+by=c.  MODULAR ARITHMETIC:

Congruence:  In Cryptography, we often used the concept of congruence instead of equality.  Mapping from Z to Zn is not one-to-one.  For example, the result of 2 mod 10 = 2,12 mod 10 = 2,22 mod 2= 2,and so on.  In Modular arithmetic , integers like 2,12, and 22 are called congruent mod 10.  To show that two integers congruent, we use the congruence operator (≡).  We add the phrase (mod n) to the right side of the congruence to define the value of modulus that makes the relationship valid. For example ,we write: we need to explain several points.  The congruence operator looks like the equality operator, but there are differences. First, an equality operator maps a member of Z to itself; the congruence operator maps a member from Z to member of Zn. Second, the equality operator is one-to-one ; the congruence operator is many-to-one.  The phrase (mod n) that we insert at the right-hand-side of the congruence operator is just an indication of the destination set (Zn).

Residue classes:  A residue calss [a] or [a]n is the set of integers congruent modulo n. In other words, it is the set of all integers such that x = a (mod n). For example, if n=5, we have five sets [0],[1],[2],[3], and [4] as shown below:  The integers in the set [0] are all reduced to 0 when we apply the modulo 5 operation on them. The integers in the set [1] are all reduced to a when we apply the modulo 5 operation, and so on.  In each set, there is one element called the least(non negative) residue.  In the set [0], this element is 0; in the set [1], this element is 1; and so on.  The set of all of these least residues is what we have shown as Z 5 = {0,1,2,3,4}.  In other words , the set Zn is the set of all least residue modulo n. Circular Notation:  The concept of congruence can be better understood with the use of a circle.  we can use a circle to show the distribution of integers in Zn.  The below figure shows the comparison between the two. Integers 0 to n-1are spaced evenly around a circle.  All congruent integers modulo n occupy the same point on the circle.  Positive and negative integers from Z are mapped to the circle in such a way that there is a symmetry between them. Operations in Zn:  The three binary operations(addition, subtraction and multiplication ) that we discussed for the set Z can also be defined for the set Zn.  The result may need to be mapped to Zn using the mod operator as shown

fig: Properties of mod operator  The above figure shows the process before and after applying the above properties.  Although the figure shows that the process is longer if we apply the above properties,we should remember that in cryptography we are dealing with very large integers.  For example,if we multiply a very large integer by another very large integer , we have an integer that is too large to be stored in computer.  The properties allow us to work with small numbers. Inverses:  when we are working in modular arithmetic, we often need to find the inverse of a number relative to an operation.  we are normally looking for an additive inverse or a multiplicative inverse.

Additive inverse:  In Zn, two numbers a and b are additive inverses of each other if a+b ≡ 0(mod n)  In Zn, the additive inverse of a can be calculated as b=n-a. For example , the additive inverse of 4 in Z 10 is 10-4=6. In modular arithmetic, each integer has an additive inverse. The sum of an integer and its additive inverse is congruent to 0 modulo n. Note that in modular arithmetic, each number has an additive inverse and the inverse is unique; each number has one and only one additive inverse. However the inverse of the number may be the number itself. Multiplicative Inverse:  In Zn, two numbers a and b are multiplicative inverses of each other if a×b ≡ 1(mod n)  For example, if the modulus is 10,then the multiplicative inverse of 3 is 7.In other words,we have (3 × 7) mod 10 = 1. In modular arithmetic, an integer may or may not have a multiplicative inverse. when it does, the product of the integer and its multiplicative inverse is congruent to 1 modulo n. It Can be proved that a has a multiplicative inverse in Zn if and only if gc(n,a)=1.In this case, a and n are said to be relatively prime.

Example: The gcd(26,11) is 1, which means that the multiplicative inverse of 11 exists. The extended Euclidean algorithm gives t 1 = - 7. The multiplicative inverse is (-7)mod 26=19.In other words, 11 and 19 are multiplicative inverse in Z 26 .we can see that (11 × 19)mod 26=209 mod 26=1. Addition And Multiplication Tables:  In addition table, each integer has an additive inverse. The inverse pairs can be found when the result of addition is zero.  In multiplication table, we have only three multiplicative pairs(1,1),(3,7),(9,9).The pairs can be found whenever the result of multiplication is 1.  Both tables are symmetric with respect to the diagonal of elements that moves from the top left to bottom right, revealing the commutative property for addition and multiplication (a+b=b+a and a × b =b × a).  The addition table also shows that each row or column is a permutation of another row or column.This is not true for the multiplication table.

Addition and multiplication tables for Z 10 Different Sets For Addition And Multipliation:  In cryptography, we often work with inverses.  If the sender uses an integer, the receiver uses the inverse of that integer.  If the operation is addition, Zn can be used as the set of possible keys because each integer in this set has an additive inverse.  If the operation is multiplication, Zn cannot be the set of possible keys because only some members of this set have a multiplicative inverse. We need to use Zn when additive inverses are needed; we need to use Zn*when multiplicative inverses are needed.

fig: some Zn and Zn

sets

Two more sets: