Download Cryptography-Information Technology-Lecture Handout and more Exercises Information Technology in PDF only on Docsity!
Lesson 22 CRYPTOGRAPHY
Cryptography is a collection of mathematical techniques used to ensure confidentiality of information. The process of scrambling a message with the help of a key is called Encryption. The process of unscrambling a message using an appropriate key is called decryption (see Fig. 1). Keys are numbers or characters that are randomly generated with the help of some cryptographic algorithm. Pretty Good Privacy (PGP) is the name of a popular cryptographic system which is available for general public use. There are two types of cryptography - Symmetric and Asymmetric cryptography.
Fig. 1
Symmetric Cryptography
In symmetric cryptography same keys are used for encryption and decryption.
Asymmetric or Public Key Cryptography
In this type a pair of public and private keys is used for encryption and decryption (Fig. 2).
Fig. 2
Digital/electronic signature
An electronic signature means any letters, numbers, symbols, images, characters or any combination thereof in electronic form applied to an electronic document which can ensure authenticity, integrity and non- repudiation. It uses public key cryptography (Fig. 3). Authenticity means that the message is from a particular source/individual. Integrity means that the message has not been altered during transmission.
docsity.com
Non-repudiation means that the execution of the digital signatures cannot be denied by the one who is alleged to be the
Fig. 3
Digital certificates
These are the certificates in electronic form which establish whether or not a public key belongs to the purported owner. A digital certificate at least comprises a public key, certification information (name, ID etc.) and electronic signatures of a certification authority. Digital certificates are prepared according to a generally accepted format called X.509 standard format.
Certification authority (CA)
A certification authority is defined to be a trusted public/private body that attests the association of a particular individual with his/her corresponding public key. A CA signs digital certificates with its private key. There are many CAs working in the field but the pioneering or the most reputed CA is Verisign which is based in America.
Certification authorities work in a hierarchical fashion. There is the CA at the top called root CA (the most reputed CA). It can issue certificates to CAs working below it and those CAs’ can further issue certificates to CAs working under them. In this fashion a hierarchy of CAs is developed with each CA confirming the public key of the CA below it through a digital certificate. This concept is elaborated in Fig. 4 below.
Fig. 4
Assume that I want to send an encrypted or a confidential message to Mr. A. For that I need to know his public key. I can access a machine called key server and try to find his public key against his particulars (name, address, id etc). I may discover that a CA, CA1 below in hierarchy has issued a digital certificate to Mr. A against his particulars and has signed it with its private key. If that CA holds a reputation that I can trust it then I would rely upon that public key and use it for encryption. Otherwise, I should go up the hierarchy and see whether there is a certificate issued by CA2 certifying the public key of CA1. If that
certificate is found then ideally I should go further up the hierarchy to check that the CA, above CA2 whichdocsity.com
Lesson 23 HASH FUNCTION AND MESSAGE DIGEST
There are two terms that you should note here – hash function and message digest. Hash function is a one- way mathematical function applied to a message. Result of the hash function is unique to each message called Message Digest. A message digest is a single large number typically between 128 to 256 bits in length. Thus, we can have up to 2^256 different messages each having a unique message digest associated with it. This gives rise to almost an incalculable figure. We can safely assume that each different message that can possibly be typed would have a unique message digest on applying a hash function. A hash function is said to be one way because we cannot go back to the original text on applying the hash function to a message digest. Basically, the concept of hash function and message digest is used to confirm the integrity of a message. Following is the example of a hash function that can be used in a code (no need to prepare it for exam)
“char XORhash( char key, int len) { char hash; int i; for (hash=0, i=0; i<len; ++i) hash=hash^key[i]; return (hash%101); / 101 is prime */ }”
Following example shows how a text message is encrypted and digitally signed using public key cryptography:
First of all, the sender types a text message “Together, we shall make Pakistan strong…”. A hash function is applied on the message to get the message digest. Assume the message digest comes to be “1967…” in this case. The message is encrypted using public key of the receiver, thus it becomes scrambled or confidential. Then the sender adds his private key in the obtained message digest to create his digital signatures. This digitally singed message is received by the receiver, who applies the pubic key of the sender to decrypt the digital signature and reveal the message digest. Then the receiver uses his private key to unscramble the message itself, and applies the same hash function received from the sender to get a message digest. The receiver compares this message digest with the one sent by the sender through digital signature. If both are the same it ensures that the message has not been altered during its transmission. Figures 1-4 given below explain this concept:
Together, we shall make Pakistan strong ….
1967….
Public key receiver
Private key sender
Fig. 1
a7u/b34+…
Block Statement Starts Here 3uk7b/…
Block Statement Ends Here
Confidential message
Digital Signature
Fig.
a7u/b34+…
3uk7b/…
Private Key Receiver
Public Key Sender
Fig. 3
Together, we shall make Pakistan strong ….
1967….
Fig. 4
Process of Sending Messages Using Public Key Cryptography
Fig. 5 below shows the working of the digital signature technology:
Original Message
Scrambled Message
Symmetric Key
Internet Internet (^) Scrambled+Signed Message
Original Message
Symmetric Key
The Process of Sending Messages Using Public Key CryptographyThe Process of Sending Messages Using Public Key Cryptography
How Digital Signature Technology
Works?
Sender (^) Receiver
Message Digest + Private Key of sender Public Key sender to reveal Message Digest
Hash
Hash
Fig. 6
Where only the authenticity is to be ensured and not the integrity, then a name or a piece of text can be chosen to create the digital signatures. In Fig. 7 below, the word “Imran” has been used to create a digital signature which can commonly be used for all different messages.
Note that a digital or electronic signature is believed to be more reliable as compared to paper signatures because it is not ordinarily possible to copy or forge an electronic/digital signature. But, that is very much possible in case of paper signatures.
Original Message
Scrambled Message
Symmetric Key
Internet Internet Scrambled+Signed Message
Symmetric Key
Imran + Private Key of sender Public Key sender to reveal the word Imran
Fig. 7
Public Key Infrastructure (PKI)
A PKI is defines as a structured system that provides key management facilities, storage and management facilities of digital certificates and involves a certification authority. PKI has its application in online contracts, e-banking, electronic payment systems such as electronic checks, credit card based systems, electronic cash, micro payment systems etc.
Key Length
A cryptographic key is represented as a string of binary digits – 0’s & 1’s- inside a computer. If a key is 1 bit in length it means two possible keys, that is, 0 and 1. If a key is 2 bits in length it means four possible key values, 00, 01, 10 and 11. A Key having 3 bits length means 8 possible values - 000,001,010,011,100,101,110,111. From this, one can derive a general formula, that is, Number of keys = 2 (number f bits)
