View stunning SlideShares in full-screen with the new iOS app!Introducing SlideShare for AndroidExplore all your favorite topics in the SlideShare appGet the SlideShare app to Save for Later — even offline
View stunning SlideShares in full-screen with the new Android app!View stunning SlideShares in full-screen with the new iOS app!
Cryptography (from Greek kryptós, "hidden",
+ gráphein, "to write").
Cryptography is the practice and study of
techniques for secure communication in the
presence of third parties (called adversaries).
It is about constructing and analyzing protocols
that overcome the influence of adversaries.
There are three eras in the history of Cryptography:
The Manual era
The Mechanical era
The Modern era
Manual era refers to Pen and Paper Cryptography and dates
back to 2000 B.C.eg : Scytale, Atbash , Caesar, Vigenere.
Mechanical era refers to the invention of cipher machines. E.g.:
Japanese Red and Purple Machines , German Enigma.
The modern era of cryptography refers to computers.
There are infinite permutations of cryptography available using
computers. E.g.: Lucifer, Rijndael , RSA , ElGamal.
Cipher: the algorithm that does the encryption.
Ciphertext: the encrypted (scrambled) version of
the message. Message altered to be unreadable by
anyone except the intended recipients.
Cryptanalysis: the science of breaking
Cryptanalyst: a person who breaks cryptographic
codes; also referred to as “the attacker”.
Cryptosystem – The combination of
algorithm, key, and key management functions used
to perform cryptographic operations.
Decryption: the process of converting ciphertext
back to the original plaintext.
Encryption: scrambling a message or data using a
specialized cryptographic algorithm.
Initialization Vector – Random values used with
ciphers to ensure no patterns are created during
Key – Sequence that controls the
operation and behavior of the
Keyspace – Total number of possible
values of keys in a crypto algorithm.
Plaintext – A message in its natural
format readable by an attacker.
ensures that whoever supplies or
accesses sensitive data is an authorized
assures that only authorized parties are
able to understand the data.
ensures that when a message is sent over a
network, the message that arrives is the
same as the message that was originally
ensuring that the intended recipient actually
received the message & ensuring that the
sender actually sent the message.
Trying all key values in the keyspace.
Decrypt known ciphertext to discover key.
Find plaintext based on common words.
Guess values based on frequency of
Find keys through prime factorization.
Repeating previous known values.
Side channel attacks
use seemingly incidental information
that can reveal important information
about the key being used.
Chosen plaintext attacks
The cryptanalyst introduces the plaintext into
the system and then watches for how that
plaintext will be encrypted.
The Allies used this approach in WWII by
sending out false messages about allied troop
Often the attacker will try to feed a planned
sequence of messages that would reveal the
most about the way in which the data is being
Known plaintext attack
The attacker has both the ciphertext and the
The attacker knows the algorithm that was
used for the encryption.
This is difficult because there are so many
keys, but the plaintext information may
make experimentation easier than in the
Differential Power Analysis
This is an attack on smart cards.
A DPA attack analyzes the power output
from a processor performing an
encryption algorithm in order to get
information about the key being used by
There are several size of
64 bit encryption
128 bit encryption
256 bit encryption
512 bit encryption
1024 bit encryption
Number indicates the size of the
key used to encrypt the message.
Even if an attacker captures the data, the attacker will not be
able to manipulate it in any meaningful way.
Symmetric algorithms use a single key shared by two
The same key is used for both encryption and decryption.
Mathematically related key pairs for encryption and
o Public and private keys.
Combines strengths of both methods.
o TechKnowXpressdistributes symmetric key.
Types of Symmetric Cryptography:
Mixes plaintext with key stream.
Good for real-time services.
Substitution and transposition.
E.g.: DES, AES.
Public Key Cryptography
In public-key cryptosystems, the
public key may be freely
distributed, while its paired private
key must remain secret and is used
Public-key cryptography can be used
for implementing digital
Quantum cryptography describes the use
of quantum mechanical effects (in
particular quantum communication
and quantum computation) to
perform cryptographic tasks or to break
The advantage of quantum cryptography is
that it allows the completion of various
cryptographic tasks that are proven or
conjectured to be impossible using only
For example, quantum mechanics
guarantees that measuring quantum data
disturbs that data. This can be used to
detect eavesdropping in quantum key
Digital signatures can be
permanently tied to the content of
the message being signed. They
cannot then be 'moved' from one
document to another, for any
attempt will be detectable.
RSA and DSA are two of the most
popular digital signature schemes.
In digital signature schemes, there are two
algorithms: one for signing, in which a secret
key is used to process the message and one for
verification, in which the matching public key is
used with the message to check the validity of
Traditionally, a watermark has been
used to verify the authenticity of a
Driver’s Licenses, diplomas, official
letterhead were the primary
applications of watermarks . More
recently, used to track or prevent
redistribution of TV logos.
Purpose of using:
Ensure authenticity of digital goods.
Prevent unauthorized use/ensures
Adding the watermark to the image
prevents removal by
changing the format.
DRM is the practice of imposing
technological restrictions that control
what users can do with digital media.
DRM is a class of controversial
technologies that are used by
manufacturers, publishers, copyright
holders, and individuals with the
intent to control the use of digital
content and devices after sale.