CRYPTOGRAPHY Krunal M. Chavada (09DCE217) INDEX
CONTENTS PAGE NO. Cryptography 1 History of Cryptography 2 Types of Cryptography 5 Secret-key Cryptography 15 Public-key Cryptography 16Hash function Cryptography 17 Cryptographic key types 18 CRYPTOGRAPHY
A cryptographic system that uses two keys --a public key known to everyone and a private orsecret key known only to the recipient of themessage. When John wants to send a securemessage to Jane, he uses Janes public key toencrypt the message. Jane then uses her private key todecrypt it. HISTORY OF CRYPTOGRAPHY Cryptography is a technique used to hide the meaning of a message and is derived from the Greek
word kryptos (hidden). This is different from steganography techniques in that one is not hiding the actual message, only the meaning of the message. If a message were to fall into the hands of the wrong person, cryptography should ensure that that message could not be read. Typically the sender and receiver agree upon a message scrambling protocol beforehand and agree upon methods for encrypting and decrypting messages. Cryptography is further divided into two implementation techniques and those include transposition and substitution. Rail Fence Transposition -- Rail Fence Transposition is a technique where a message is written on two or more lines with each consecutive letter of the message being written on the next consecutive line. The text on the second and third lines are then appended to the first line to create the scrambled message. A simple 2 line rail fence transposition of the message "Hello World" is demonstrated below:Simple 2 Line Rail Fence Transposition
Hello World (Original Message)H l o W r d (Line 1) el o l (Line 2)HloWrdelol (Transposed Message) Substitution -- Substitution is a cryptographic technique where each letter of the plaintext message is replaced by a different letter. Each letter retains its original position in the message text, but the identity of the letter is changed. This type of technique was documented during Julius Caesars Gallic Wars.Simple Substitution CipherA B C D E (Plain Alphabet)D C E G H (Cipher Alphabet)If one were to send the message BAD to someone using this simplecipher, the encrypted message text would read CDG. Caesar Shift Cipher -- A simple substitution cryptographic technique where the cipher alphabet is shifted a certain number of spaces relative to the original plain alphabet. It was named for Julius Caesar who employed the
technique to secure military communications. This is generally a weak encryption method in that there are only 25 distinct variations of shifts before the original message is revealed. A simple 4 letter shift example is demonstrated below :Letter Shift CipherA B C D E F G H I J K L M N O P Q R S T U V W X Y Z (PlainAlphabet)E F G H I J K L M N O P Q R S T U V W X Y Z A B C D (CipherAlphabet)If one were to encrypt the plain text message "MEET ME ATMIDNIGHT", the cipher text would read "QIIX QI EX QMHRMKLX". There are Three types of Cryptography.
1. Secret-key Cryptography. 2. Public-key Cryptography 3. Hash function Cryptography. There are main Five types of protocol are used in Cryptography.
1) Internet Key Exchange2) IPsec3) Kerberos4) Point to Point Protocol5) Transport Layer Security
1. Substitution cipher wheels -- You could make your cipher text a little tougher to decode if you threw 26 pieces of paper into a hat, each with a letter of the alphabet written on it, drew them out one at a time, and put them side-by-side under a normal alphabet. The result might look like this (I just used the order of the keys on my keyboard, so you might call this a "Qwerty" code):Plaintext letter ABCDEFGHIJKLMNOPQRSTUVWXYZCipher text letter Q W E R T Y U I O P A S D F G H J K L Z X CVBNMYou can construct a secret message from the above table. Everytime you see an "I" you would substitute the "O" beneath and soon for the other characters. The message "Meet me after schoolbehind the gym," would read"DTTZ DT QYZTK LEIGGS WTIOFR ZIT UND."Word lengths - especially the short words - give great clues as tothe nature of the code (see frequency charts). To help conceal
your message, ignore the spaces and break the message up intoequal-sized chunks. Five letters are customary in the spy biz, soyour message comes out like this (Note that an extra "dummy"character "M" is added at the end to make it come out with a 5-letter group. Your recipient should have no trouble with the extracharacter.):DTTZD TQYZT KLEIG GSWTI OFRZI TUNDMAnother popular system called a diagrammatic cipher, used bymany children in school, substitutes’ symbols for letters instead ofother letters. This system is, in essence, the same as the lettersubstitution system, but its easier to remember than 26 randomlypicked letters. It uses the tic-tac-toe boards and two Xs as shownbelow.Even though it looks like undecipherable outer-space alien text,this would take an arm-chair cryptologist only about 10 minutes orless to figure out. Why? Given enough ciphertext, certain patterns
become obvious. Notice how often the empty four-sided boxappears: six times out of a total of 29 characters or about 20% ofthe time. This would immediately indicate that the empty box wasalmost certainly the symbol for "E," the most frequently used letterin English. Other letters can also be determined by their frequencyand by their association with other nearby characters (see"Frequencies"). Almost all substitution ciphers are open to this kindof analysis.Francis Bacon created one of the more interesting substitutionciphers. He used two different type faces slightly differing in weight(boldness). He broke up his cipher text into 5 character groups,each of which would represent one character in his plaintext.Depending on which characters of the group were bold, one coulddetermine the plaintext character using the following table (*stands for a plain character and B for a bold character)A=***** G=**BB* M=*BB** S=B**B* Y=BB***B=****B H=**BBB N=*BB*B T=B**BB Z=BB**BC=***B* I=*B*** O=*BBB* U=B*B**D=***BB J=*B**B P=*BBBB V=B*B*BE=**B** K=*B*B* Q=B**** W=B*BB*F=**B*B L=*B*BB R=B***B X=B*BBBOur same secret message as above would appear thusly (Baconsbold and plain characters were less obvious than those below): To be or not to be that is the question. Whether tis nobler in the mind to
suffer the slings and arrows of outrageous fortune or to take arms against a sea of troubles and by opposing end them?To decipher, we just break the characters into groups of 5 and usethe key above to find the plaintext message. M E E T M E B ETobeo rnott obeth atist heque stion Wheth ertis H I N D T H E Gnoble rinth emind tosuf ferth eslin gsand arrow Y M A F T E R Ssofou trage ousfo rtune ortot akear msaga insta C H O O Lseaof troub lesan dbyop posin gendt hem?Transposition ciphers -- Goingback to your school days, oo-day oo-yay emember-ray ig-pay atin-lay? Pig-latin is a form of transposition cipher where the original
letters are kept intact (albeit with the addition of the suffix "ay"), butrearranged in some way.Going back way before your school days, to the 5th century B.C.,the Spartans used an interesting transposition cipher called ascytale. The scytale utilized a cylinder with a ribbon wrappedhelically around it from one end to the other. The message waswritten across the ribbons, and then unwrapped from the cylinder.Only someone with an identical diameter cylinder could re-wrapand read the message.The scytale depended on a piece of hardware, the cylinder, whichif captured by the enemy, compromised the whole system. Also,the receiver could lose or break the cylinder and therefore lose theability to decipher any message. It would be better if the methodwere completely "intellectual" and could be remembered and usedwithout resorting to a physical device.Since both the sender and receiver of a transposed ciphertextmust agree on and remember this algorithm or method forenciphering and deciphering, something easy would be nice. Sincegeometrical figures are easy to remember, they serve as the basisfor a whole class of transposition ciphers. Lets put our messageinto the shape of a box. Since there are 29 characters, well add adummy ("O") to make 30 and write the message in a six by fivebox.MEETMEAFTERSCHOOLBEHINDT
HEGYMOWe can now transcribe the message by moving down the columnsinstead of across the rows. Once again well break the charactersinto groups of five to give no clues about word sizes. The resultlooks like this :MACEH EFHHE ETOIG TEONY MRLDM ESBTOThe real variety begins when you realize that you dont have towrite your plaintext into the box row by row. Instead, you canfollow a pattern that zigzag’s horizontally, vertically or diagonally,or one that spirals in or spirals out (clockwise or counterclockwise),or many other variations (see diagram below).Once youve put the text in the chosen form using one route, youcan then encipher it by choosing a different route through the text.You and your partner just have to agree on the reading route, thetranscription (enciphering) route, and the starting point to haveyourselves a system. These systems are called routetranscriptions.Heres our message again. The reading route spiralscounterclockwise inward, starting at the lower right corner (left
diagram). The transcription route (right diagram) is zig-zagdiagonal starting at the lower left corner. The ciphertext becomes:EAMTN FTDIE EHOTE RHMEM BYESC GLOHOTo decipher, you fill the in box following the zig-zag route and readthe message using the spiral route.Another type of transposition cipher uses a key word or phrase tomix up the columns. This is called columnar transposition. It workslike this: First, think of a secret key word. Ours will be the wordSECRET. Next, write it above the columns of letters in the square,and number the letters of the key word as they would fall if weplaced them in alphabetical order. (If there are duplicate letters,like the "E", they are numbered from left to right.)521436SECRETMEETMEAFTERSCHOOLBEHINDTHEGYMONow write the columns down in the order indicated by thenumbers. The resulting ciphertext looking like this:ETOIG EFHHE MRLDM TEONY MACEH ESBTO
As you can see, this is just a different arrangement of the previousciphertext, but at least it isnt in some regular pattern. We couldhave easily made it a little more difficult by filling the squarefollowing a more complicated path. We could also use a geometricshape other than a rectangle and combine substitution andtransposition. The only problem that might occur is that thedeciphering may become so complicated that it will remain asecret at the receiving end forever! Come to think of it, she neverdid meet me behind the gym... SECRET-KEY CRYPTOGRAPHY
Uses a single key for both encryption and decryption. Secret-keyencryption uses one key, the secret key, to both encrypt and decryptmessages. This is also called symmetric encryption. The term "private key"is often used inappropriately to refer to the secret key. A private key is oneof the keys in the public/private key pair for asymmetric cryptography. Inthis scheme, a user has two keys, one that is made public and one that isheld privately. Refer to "Public-Key Cryptography." PUBLIC-KEY CRYPTOGRAPHY
Uses one key for encryption and another for decryption. Public-keycryptography refers to a cryptographic system requiring two separate keys,one to lock or encrypt the plaintext, and one to unlock or decrypt the cyphertext. Neither key will do both functions. One of these keys is published orpublic and the other is kept private. If the lock/encryption key is the onepublished then the system enables private communication from the publicto the unlocking keys owner. If the unlock/decryption key is the onepublished then the system serves as a signature verifier of documentslocked by the owner of the private key. This cryptographic approach usesasymmetric key algorithms, hence the more general name of "asymmetrickey cryptography". Some of these algorithms have the public key / privatekey property, that is, neither key is derivable from knowledge of the other;not all asymmetric key algorithms do. Those with this property areparticularly useful and have been widely deployed and are the source ofthe commonly used name. The public key is used to transform a messageinto an unreadable form, decrypt able only by using the (different butmatching) private key. Participants in such a system must create amathematically linked key pair (i.e., a public and a private key). Bypublishing the public key, the key producer empowers anyone who gets acopy of the public key to produce messages only he can read -- becauseonly the key producer has a copy of the private key (required fordecryption). When someone wants to send a secure message to thecreator of those keys, the sender encrypts it (i.e., transforms it into anunreadable form) using the intended recipients public key; to decrypt themessage, the recipient uses the private key. No one else, including thesender can do so. HASH FUNCTION CRYPTOGRAPHY
Uses a mathematical transformation to irreversibly "encrypt"information. A hash function is any well-defined procedure or mathematicalfunction that converts a large, possibly variable-sized amount of data into asmall datum, usually a single integer that may serve as an index to an array(cf. associative array). The values returned by a hash function are calledhash values, hash codes, hash sums, checksums or simply hashes. CRYPTOGRAPHIC KEY TYPES Private signature key -- Private signature keys are the private keys of asymmetric (public)key pairs that are used by public key algorithms to generate digital
signatures with possible long-term implications. When properly handled,private signature keys can be used to provide authentication, integrity andnon-repudiation. Public signature verification key -- A public signature verification key is the public key of anasymmetric (public) key pair that is used by a public key algorithm to verifydigital signatures, either to authenticate a users identity, to determine theintegrity of the data, for non-repudiation, or a combination thereof. Private authentication key -- A private authentication key is the private key of an asymmetric(public) key pair that is used with a public key algorithm to provideassurance as to the integrity of information, and the identity of theoriginating entity or the source of messages, communication sessions, orstored data. Public authentication key -- A public authentication key is the public key of an asymmetric(public) key pair that is used with a public key algorithm to determine theintegrity of information and to authenticate the identity of entities, or thesource of messages, communication sessions, or stored data. Symmetric data encryption key -- These keys are used with symmetric key algorithms to applyconfidentiality protection to information. Symmetric key wrapping key --
Symmetric key wrapping keys are used to encrypt other keysusing symmetric key algorithms. Key wrapping keys are also known as keyencrypting keys. Symmetric master key -- A symmetric master key is used to derive other symmetric keys(e.g., data encryption keys, key wrapping keys, or authentication keys)using symmetric cryptographic methods. Private key transport key -- Private key transport keys are the private keys of asymmetric(public) key pairs that are used to decrypt keys that have been encryptedwith the associated public key using a public key algorithm. Key transportkeys are usually used to establish keys (e.g., key wrapping keys, dataencryption keys or MAC keys) and, optionally, other keying material (e.g.,initialization vectors). Public key transport key -- Public key transport keys are the public keys of asymmetric(public) key pairs that are used to encrypt keys using a public keyalgorithm. These keys are used to establish keys (e.g., key wrapping keys,data encryption keys or MAC keys) and, optionally, other keying material(e.g., Initialization Vectors). Symmetric key agreement key -- These symmetric keys are used to establish keys (e.g., keywrapping keys, data encryption keys, or MAC keys) and, optionally, otherkeying material (e.g., Initialization Vectors) using a symmetric keyagreement algorithm.
Private static key agreement key -- Private static key agreement keys are the private keys ofasymmetric (public) key pairs that are used to establish keys (e.g., keywrapping keys, data encryption keys, or MAC keys) and, optionally, otherkeying material (e.g., Initialization Vectors). Public static key agreement key -- Public static key agreement keys are the public keys ofasymmetric (public) key pairs that are used to establish keys (e.g., keywrapping keys, data encryption keys, or MAC keys) and, optionally, otherkeying material (e.g., Initialization Vectors). Private ephemeral key agreement key -- Private ephemeral key agreement keys are the private keys ofasymmetric (public) key pairs that are used only once to establish one ormore keys (e.g., key wrapping keys, data encryption keys, or MAC keys)and, optionally, other keying material (e.g., Initialization Vectors). Public ephemeral key agreement key -- Public ephemeral key agreement keys are the public keys ofasymmetric key pairs that are used in a single key establishmenttransaction to establish one or more keys (e.g., key wrapping keys, dataencryption keys, or MAC keys) and, optionally, other keying material (e.g.,Initialization Vectors). Symmetric authorization key -- Symmetric authorization keys are used to provide privilegesto an entity using a symmetric cryptographic method. The authorization keyis known by the entity responsible for monitoring and granting access
privileges for authorized entities and by the entity seeking access toresources. Private authorization key -- A private authorization key is the private key of anasymmetric (public) key pair that is used to provide privileges to an entity. Public authorization key -- A public authorization key is the public key of an asymmetric(public) key pair that is used to verify privileges for an entity that knows theassociated private authorization key.