1.
Cyber Octet Pvt. Ltd. Page 1
A White Paper:
Cryptography
By: Dungesh Kumar Malviya, Cyber Octet Pvt. Ltd.
Definition:-
1. Cryptography is derived from the Greek words: kryptós, "hidden", and gráphein, "to
write" - or "hidden writing". People who study and develop cryptography are called
cryptographers.
“Cryptography is the study of information hiding and verification.”
2. Cryptography is the process of converting recognizable data into an encrypted code for
transmitting it over a network (either trusted or untrusted).Data is encrypted at the source,
i.e. sender's end and decrypted at the destination, i.e. receiver’s end.
When information is transformed from a useful form of understanding to an opaque
form of understanding, this is called encryption.
When the information is reverted back into a useful form, it is called decryption.
Plaintext =>Ciphertext=> Plaintext=>Encryption=> Decryption
The information in its useful form is called plaintext.
Its encrypted form it is called Ciphertext.
The algorithm used for encryption and decryption is called a cipher.
The secret knowledge is commonly called the key, though the secret knowledge
may include the entire process or algorithm that is used in the
encryption/decryption.
Types of Cryptography:-
1. Stream-based Ciphers
a. One at a time, please
b. Mixes plaintext with key stream
c. Good for real-time services
2.
Cyber Octet Pvt. Ltd. Page 2
2. Block Ciphers
a. Amusement Park Ride
b. Substitution and transposition
3. Steganography
a. Hiding a message within another medium, such as an image
b. No key is required
c. Example:-Modify color map of JPEG image
The common goals in Cryptography:-
1. Message confidentiality: Only an authorized recipient should be able to extract the
contents of the message from its encrypted form.
2. Message integrity: Assuring the receiver that the received message has not been altered
in any way from the original or the recipient should be able to determine if the message
has been altered.
3. Non-repudiation: A mechanism to prove that the sender really sent this message
4. Sender authentication: The recipient should be able to verify from the message, the
identity of the sender, the origin or the path it traveled (or combinations) so to validate
claims from emitter or to validated the recipient expectations.
5. Message access control: Who are the valid recipients of the message.
6. Message availability: By providing means to limit the validity of the message, channel,
emitter or recipient in time or space.
Cryptographic algorithms:-
Classified into three categories:
1. Secret Key Cryptography: If the sender and recipient must have the same key in order to
encode or decode the protected information, then the cipher is a symmetric key cipher since
everyone uses the same key for the same message.
Plaintext key1 Ciphertext key1 plaintext
2. Public Key Cryptography: If the sender and recipient have different keys respective to the
communication roles they play, then the cipher is an asymmetric key cipher as different
keys exist for encoding and decoding the same message.
Plaintext key 1 Ciphertext key 2 plaintext
3.
Cyber Octet Pvt. Ltd. Page 3
3. Hash Functions: Hash Functions are unkeyed message digests with special properties or
Uses a mathematical transformation to irreversibly "encrypt" information. Hash functions
have no key since the plaintext is not recoverable from the Ciphertext.
Plaintext hash function Ciphertext
1. Secret Key Cryptography:-
In the simpler types of cryptography, the same key is used to encrypt and decrypt
information. This key is sometimes called a symmetric key.
Everybody who is supposed to be able to read the information must have the key.
Secret key cryptography schemes are generally categorized as being either stream
ciphers or block ciphers.
Stream ciphers operate on a single bit (byte or computer word) at a time and implement
some form of feedback mechanism so that the key is constantly changing.
A block cipher is so-called because the scheme encrypts one block of data at a time
using the same key on each block.
Secret key cryptography algorithms:-
1. Data Encryption Standard: This secret key encryption algorithm uses a key
that is 56 bits, or seven characters long, and thus it is now susceptible to
"brute force" attacks.
The Triple-DES variant was developed after it became clear that DES by
itself was too easy to crack. It uses three 56-bit DES keys, giving a total key
length of 168 bits. Encryption using Triple-DES is simply
Encryption using DES with the first 56-bit key
Decryption using DES with the second 56-bit key
Encryption using DES with the third 56-bit key
2. Advanced Encryption Standard: The algorithm can use a variable block
length and key length.
3. International Data Encryption Algorithm
4. Blowfish
5. Rivest Ciphers
Key point of secret key cryptography:-
Also known as private key
Both parties must agree on the key in advance
D_K(E_K(P)) = P
Not very computationally intensive
Key must be securely sent to both parties
4.
Cyber Octet Pvt. Ltd. Page 4
Example:-
k = 4
Turn plaintext SECRET into Ciphertext
S+4=W, E+4=I, C+4=G, R+4=V, E+4=I, T+4=X
1. Public Key Cryptography:-
In November 1976, a paper published in the journal IEEE Transactions on Information
Theory, titled "New Directions in Cryptography," addressed this problem and offered up
a solution: public-key encryption. Also known as asymmetric-key encryption, public-
key encryption uses two different keys at once -- a combination of a private key and a
public key. The private key is known only to your computer, while the public key is
given by your computer to any computer that wants to communicate securely with it.
Although a message sent from one computer to another won't be secure since the public
key used for encryption is published and available to anyone, anyone who picks it up
can't read it without the private key. The key pair is based on prime numbers (numbers
that only have divisors of itself and one, such as 2, 3, 5, 7, 11 and so on) of long length.
Public-key cryptography algorithms:-
1. RSA: RSA is one of the first practicable public-key cryptosystems and is
widely used for secure data transmission. In such a cryptosystem,
the encryption key is public and differs from the decryption key which is kept
secret.
RSA involves a public key and a private key. The public key can be known by
everyone and is used for encrypting messages.
• Two keys: public k, private k’
• Private key not required for both parties
5.
Cyber Octet Pvt. Ltd. Page 5
The keys for the RSA algorithm are generated the following way:
Step1. Choose two distinct prime numbers p and q.
For example p=61 and q=53
Step2. Compute n = pq giving
For example n=61*53=3233
Where n= is used as the modulus for both the public and private keys.
Step3. Compute φ(n) = φ(p)φ(q) = (p − 1)(q − 1) = n - (p + q -1), where φ is
Euler's totient function.
φ(3233)=(61-1)(53-1)=3120
Step4. Choose an integer e such that 1 < e < φ (n) and gcd(e, φ(n)) = 1; i.e., e and
φ(n) are coprime
Choose any number 1 < e < 3120 that is coprime to 3120. Choosing a
prime number for e leaves us only to check that e is not a divisor of 3120.
Let e=17
Step5. Determine d as d ≡ e−1
(mod φ (n)); i.e., d is the multiplicative inverse
of e (modulo φ(n)).
d=2753
The public key is (n = 3233, e = 17). For a padded plaintext message m, the
Encryption function is
C (M) =M^17 mod 3233
The private key is (n = 3233, d = 2753). For an encrypted ciphertext c, the
Decryption function is
M (C) =C^2753 mod 3233
For instance, in order to encrypt m = 65, we calculate
C=65^17 mod 3233
To decrypt c = 2790, we calculate
M=2790^2753 mod 3233
2. Hash Functions:-
A cryptographic hash function is a hash function which is considered practically
impossible to invert, that is, to recreate the input data from its hash value alone. The input
data is often called the message, and the hash value is often called the message digest or
simply the digest.
6.
Cyber Octet Pvt. Ltd. Page 6
The ideal cryptographic hash function has four main properties:
it is easy to compute the hash value for any given message
it is infeasible to generate a message that has a given hash
it is infeasible to modify a message without changing the hash
it is infeasible to find two different messages with the same hash.
This function can be used to map data of arbitrary size to data of fixed size, with slight
differences in input data producing very big differences in output data. The values
returned by a hash function are called hash values, hash codes, hash sums, or
simply hashes.
A cryptographic hash function is a kind of algorithm that can be run on a piece of data,
often an individual file, producing a value called a checksum. Two files can be assured to
be identical only if the checksums generated from each file, using the same cryptographic
hash function, are identical.
Some commonly used cryptographic hash functions include MD5 and SHA-1, though
many others also exist.
Checksum: A checksum is the outcome of running an algorithm, called a cryptographic
hash function, on a piece of data, usually a single file.
MD5: MD5, technically called MD5 Message-Digest Algorithm, is a cryptographic hash
function.
The MD5 cryptographic hash function is most often used to verify that a file has been
unaltered by comparing the checksums created after running the algorithm on two
seemingly identical files.
MD5 has certain flaws and so it isn't useful for advanced encryption applications but it's
perfectly acceptable to use for standard file verifications.
SHA-1 is another commonly used cryptographic hash function.
MD5 for files: you can easily create a function to calculate the MD5 hash for a given file.
All you need is included in two units: IdHashMessageDigest and idHash.
Uses IdHashMessageDigest, idHash;
//returns MD5 has for a file
Function MD5 (const filename: string): string;
Var
idmd5: TIdHashMessageDigest5;
7.
Cyber Octet Pvt. Ltd. Page 7
Fs: TFileStream;
Hash: T4x4LongWordRecord;
Begin
idmd5:= TIdHashMessageDigest5.Create;
Fs: = TFileStream. Create(filename, fmOpenRead OR fmShareDenyWrite) ;
Try
Result: = idmd5.AsHex (idmd5.HashValue (fs));
Finally
Fs. Free;
idmd5.Free;
End;
End;
Applications
1. Verifying the integrity of files or messages: An important application of secure
hashes is verification of message integrity. Determining whether any changes have
been made to a message (or a file), for example, can be accomplished by comparing
message digests calculated before, and after, transmission (or any other event).
MD5, SHA1, or SHA2 hashes are sometimes posted along with files on websites or
forums to allow verification of integrity.
2. Password verification: Storing all user passwords as clear text can result in a
massive security breach if the password file is compromised. One way to reduce this
danger is to only store the hash digest of each password. To authenticate a user, the
password presented by the user is hashed and compared with the stored hash.
3. File or data identifier: Hashes are used to identify files on peer-to-peer file
sharing networks.
One of the main applications of a hash function is to allow the fast look-up of a data
in a hash table.
Hash table: the hash function is used to map the search key (the headword) to an
index; the index gives the place in the hash table where the corresponding record
should be stored. Hash tables, in turn, are used to implement associative and dynamic
sets.
4. Pseudorandom generation and key derivation: Hash functions can also be used in
the generation of pseudorandom bits, or to derive new keys or passwords from a
single, secure key or password.
Be the first to comment