Encrypti
on
Presentati
on
P r o f e s s i o n a l
p r a c t i c e s i n C S
( B C S 3 0 6 )
PRESENTER: MAGOIGA MTATIRO (ceo@magotech.net)
www.magotech.net
A n i n t r o d u c t i o n t o e n c r y p t i o n
0 3 M A Y 2 0 2 3
1

Overvi
ew
This presentation provides a comprehensive introduction to
encryption, covering various techniques, algorithms, and best
practices used to secure data and communications. Students
will gain a solid understanding of the principles and
applications of cryptography, enabling them to implement
robust security solutions in real-world scenarios.
Presenter: MagoigaMtatiro
welcome
2

Encryption
Table
of
Overview of
cryptography and its
history.
conte
nt
o
1 Classical
Cryptography and
Encryption.
o
2 Modern Symmetric
Encryption
Algorithms.
0
3
Asymmetric
Encryption
Algorithms and Key
Exchange.
0
4 Cryptographic Hash
Functions and
Digital Signatures.
0
5 Encryption
Applications and
Best Practices.
0
6
3
www.magotech.net

Introduction
to encryption.
0
1
4
www.magotech.net

And its
history
Overview of
cryptograph
y
- Cryptography is the study of techniques for
secure communication in the presence of
adversaries.
- It has been used throughout history, from
ancient civilizations to modern digital systems.
- Examples of early cryptography include
hieroglyphs, Caesar cipher, and the Enigma
machine.
5
www.magotech.net

Concepts
Basic
- Plaintext: The original message or data
that needs to be encrypted.
- Ciphertext: The scrambled message or
data produced after encryption.
- Keys: Secret values used in cryptographic
algorithms for encrypting and decrypting
- Encryption: The process of converting
plaintext into ciphertext using a
and a key.
- Decryption: The process of converting
ciphertext back into plaintext using a
algorithm and a key.
6
www.magotech.net

encryption
Symmetric
- Symmetric encryption:
Uses the same key for
encryption and
faster but requires
exchange.
Examples: Data
Standard (DES), Advanced
Encryption Standard (AES)
7
www.magotech.net

encryption
Asymmetric - Asymmetric encryption: Uses
Uses different keys for
encryption and decryption
(public and private keys). It is
slower but does not require
secure key exchange.
Examples: RSA, Elliptic Curve
Cryptography (ECC)
8
www.magotech.net

encryption
Goals of
- Confidentiality: Ensuring that only
authorized parties can access the
- Integrity: Ensuring that the
information is not altered during
or storage.
- Authentication: Verifying the
identity of the sender or receiver
information.
- Non-repudiation: Ensuring that
the sender cannot deny sending
and the receiver cannot deny
9
www.magotech.net

cryptography
Application
of
- Cryptography is used in various fields,
including finance, military, healthcare,
and communication, to protect sensitive
information from unauthorized access
and tampering.
- Some common applications include
secure email communication, full-disk
encryption, secure file transfer, and
digital signatures.
10
www.magotech.net

Chapte
r
summ
ary
cryptography and encryption are essential tools for
securing data and communications in the digital age.
By understanding the basic concepts and techniques,
one can better protect sensitive information and
ensure the privacy and security of digital
communications.
11
www.magotech.net

Classical
Encryption
Techniques
0
2
12
www.magotech.net

What
is
Classical
encryption
Classical encryption techniques are historical methods
of encrypting messages, such as substitution,
transposition, and polyalphabetic ciphers. Substitution
ciphers replace each letter with a different letter, while
transposition ciphers rearrange the letters in a specific
pattern. Polyalphabetic ciphers use multiple alphabets
or substitution rules. However, these techniques are no
longer secure against modern cryptographic attacks.
13
www.magotech.net

Classical
encryption
Technique
s
- Substitution ciphers involve replacing each character in the
plaintext with a different character, according to a
predetermined method.
- Caesar cipher: Shifts each character in the plaintext by a
plaintext by a fixed number of positions in the alphabet.
- Monoalphabetic substitution: Replaces each character in
character in the plaintext with a unique character from a
randomly mixed alphabet.
- Polyalphabetic substitution: Uses multiple substitution
substitution alphabets to encrypt the plaintext, typically by
changing the substitution alphabet for each character position.
Example: Vigenère cipher
Substitution ciphers
14
www.magotech.net

Classical encrypti
Techniques
- Transposition ciphers involve rearranging the
characters in the plaintext according to a
predetermined pattern or algorithm.
- Rail fence cipher: Writes plaintext characters in
a zigzag pattern across a set number of rows,
and then reads the ciphertext along the rows.
- Columnar transposition: Writes plaintext
characters in a rectangular grid, with each
column representing a character in the
ciphertext. The ciphertext is obtained by
reading the columns in a predetermined order.
- Permutation ciphers: Rearranges the characters
in the plaintext according to a specific
permutation, which can be represented by a
numeric key.
Transposition ciphers
15
www.magotech.net

Classical
encryption
Technique
s
- Steganography is the practice of hiding a
message within another message or
medium, such as an image or audio file, so
that the existence of the hidden message
is concealed.
- Unlike encryption, steganography does
not render the hidden message
unreadable; it merely hides its existence.
- Techniques include least significant bit
(LSB) insertion, frequency domain
transformations, and masking and
filtering.
Steganography
16
www.magotech.net

Chapte
r
summ
ary
classical encryption techniques are the foundations of
modern cryptography. Although they are not
considered secure by today's standards, understanding
these methods provides valuable insight into the
evolution of encryption and the principles that
underlie modern cryptographic algorithms.
17
www.magotech.net

Modern
Symmetric
encryption
algorithms
0
3
18
www.magotech.net

Modern symmetric encryption algorithms use a
secret key to scramble data and keep it secure.
They are commonly used to protect sensitive
information during transmission over the
internet or when stored on a device.
Examples of these algorithms include AES,
Blowfish, and Twofish, and they work by using
mathematical functions to scramble the
plaintext into ciphertext. The same secret key is
used to encrypt and decrypt the data.
understand
ing
Modern
symmetric
encryption
19
www.magotech.net

- Block ciphers encrypt fixed-size blocks of
plaintext (e.g., 64 or 128 bits) using a secret key.
- Data Encryption Standard (DES): An early block
cipher that uses a 56-bit key and a 64-bit block
size. It is now considered insecure due to its
small key size and susceptibility to attacks.
- Triple DES (3DES): An improved version of DES
that applies the DES algorithm three times with
different keys, effectively increasing the key size.
It has a 168-bit key and a 64-bit block size.
- Advanced Encryption Standard (AES): A widely-
used modern block cipher with key sizes of 128,
192, or 256 bits and a block size of 128 bits. It is
considered secure and efficient for various
applications.
1. Block Ciphers
MSE
Algorithms
20
www.magotech.net

- Stream ciphers encrypt plaintext one bit or
byte at a time, generating a keystream based
on a secret key and an initialization vector
(IV).
- RC4: A widely-used stream cipher with
variable key sizes, typically between 40 and
2048 bits. Its simplicity and speed made it
popular, but security vulnerabilities have
been discovered, and its use is now
discouraged.
- Salsa20: A modern stream cipher with a 256-
bit key and a 64-bit nonce (number used
once). It is considered secure and efficient,
providing a good alternative to RC4.
2. Stream
Ciphers
MSE
Algorithms
21
www.magotech.net

- Modes of operation define how block
ciphers and stream ciphers are applied
to encrypt larger amounts of data.
- Electronic Codebook (ECB): Encrypts
each block of plaintext independently,
which can reveal patterns in the
ciphertext. This mode is not
recommended for most applications.
- Cipher Block Chaining (CBC): Encrypts
each block of plaintext after XORing it
with the previous ciphertext block,
providing better security.
3. Modes of
Operation
MSE
Algorithms
22
www.magotech.net

- Cipher Feedback (CFB): Converts a block
cipher into a stream cipher by encrypting
the previous ciphertext block and
XORing the output with the plaintext.
- Output Feedback (OFB): Similar to CFB
but uses the encrypted output of the
previous block, avoiding error
propagation.
- Counter (CTR): Generates a keystream by
encrypting a counter value, which is then
XORed with the plaintext. It allows for
parallel encryption and decryption.
3. Modes of
Operation
MSE
Algorithms
23
www.magotech.net

Chapte
r
summ
ary
modern symmetric encryption algorithms are essential
for securing data and communication efficiently. Block
ciphers, such as AES, and stream ciphers, such as
Salsa20, provide strong security when used with
appropriate key sizes and modes of operation.
Understanding these algorithms is crucial for
implementing secure systems and applications.
24
www.magotech.net

But I must explain to you how all this mistaken idea of denouncing pleasure
and praising pain was born and I will give you.
Section four
Designs corporate 2018
0
4
Annual report
2018
Designs corporate 2018
portofolio
Asymmetric
Encryption
Algorithms
0
4
25
www.magotech.net

Introduction to public key
cryptography
- Asymmetric encryption, also known as public key
cryptography, uses different keys for encryption and
decryption (public and private keys).
- The public key is used to encrypt data, and the private
key is used to decrypt it. Public keys can be shared
openly, while private keys must be kept secret.
- Public key cryptography provides secure key exchange
without requiring a secure communication channel, which
is a significant advantage over symmetric encryption.
26
www.magotech.net

Rivest-Shamir-Adleman
algorithm
- RSA is a widely-used asymmetric encryption
algorithm based on the mathematical properties of
large prime numbers.
- Key generation: Two large prime numbers are chosen
and multiplied to form a modulus (n). The public key
(e) and private key (d) are then derived from the
modulus and the totient of the prime numbers.
27
www.magotech.net

Rivest-Shamir-Adleman
algorithm
- Encryption: The plaintext message is raised
to the power of the public key (e) modulo n,
resulting in the ciphertext.
- Decryption: The ciphertext is raised to the
power of the private key (d) modulo n,
recovering the original plaintext.
28
www.magotech.net

Diffie-Hellman key exchange
- The Diffie-Hellman algorithm is a key exchange
protocol that allows two parties to establish a shared
secret key over an insecure communication channel.
- It is based on the mathematical properties of modular
exponentiation and discrete logarithms.
- The shared secret key can then be used for symmetric
encryption to secure further communication.
29
www.magotech.net

Elliptic curve cryptography
(ECC)
- ECC is an asymmetric encryption algorithm based on
the algebraic structure of elliptic curves over finite
fields.
- It provides similar levels of security as RSA but with
significantly smaller key sizes, resulting in faster
computations and reduced storage and bandwidth
requirements.
- ECC can be used for encryption, digital signatures, and
key exchange.
30
www.magotech.net

Chapte
r
summ
ary
Asymmetric encryption algorithms like RSA and ECC offer
secure key exchange and improved security compared to
symmetric encryption. These algorithms are widely used
in modern cryptography and play a crucial role in securing
digital communication and data. Understanding the
principles and applications of asymmetric encryption is
essential for implementing robust security solutions.
31
www.magotech.net

But I must explain to you how all this mistaken idea of denouncing pleasure
and praising pain was born and I will give you.
Section four
Designs corporate 2018
0
4
Annual report
2018
Designs corporate 2018
portofolio
Cryptographic
Hash Functions
and Digital
Signatures
0
5
32
www.magotech.net

- A cryptographic hash function takes an input
(message or data) and produces a fixed-size output,
called a hash or digest, which is a unique
representation of the input data.
- Hash functions have the following properties:
Deterministic: The same input always produces the
same output.
Preimage resistance: Given a hash, it is computationally
infeasible to find the original input.
Collision resistance: It is computationally infeasible to
find two different inputs that produce the same hash.
Avalanche effect: A small change in the input results in a
significant change in the output hash.
Cryptographic
hash
functions
33
www.magotech.net

Examples of cryptographic hash functions:
- MD5: Produces a 128-bit hash but is considered
insecure due to vulnerabilities that allow for collisions.
- SHA-1: Produces a 160-bit hash and is more secure
than MD5 but has been deprecated due to potential
vulnerabilities.
- SHA-256: Part of the SHA-2 family, produces a 256-
bit hash and is widely used for its security and
performance.
Cryptographic
hash
functions
34
www.magotech.net

- Digital signatures use public key cryptography to
provide authentication, integrity, and non-repudiation
for messages or documents.
- The sender signs the message using their private key,
and the receiver verifies the signature using the
sender's public key.
- The signature is usually computed by hashing the
message and then encrypting the hash with the
sender's private key.
- Applications of digital signatures include secure email,
document signing, and software distribution.
Digital
signature
s
35
www.magotech.net

- HMAC is a cryptographic method for message
authentication that combines a hash function with a
secret key.
- The sender computes the HMAC using the secret key
and the message, and the receiver verifies the HMAC
using the same secret key and the received message.
- HMAC ensures the integrity and authenticity of the
message, preventing tampering and impersonation
attacks.
- It is commonly used in secure communication
protocols, such as SSL/TLS and IPsec.
Keyed-hash
message
authenticatio
n code
(HMAC)
36
www.magotech.net

Chapte
r
summ
ary
Cryptographic hash functions and digital signatures
are essential tools in ensuring the integrity,
authenticity, and non-repudiation of digital
communication and data. Understanding these
concepts and their applications is crucial for
implementing secure systems and protecting
sensitive information.
37
www.magotech.net

But I must explain to you how all this mistaken idea of denouncing pleasure
and praising pain was born and I will give you.
Section four
Designs corporate 2018
0
4
Annual report
2018
Designs corporate 2018
portofolio
Encryption
Applications
and Best
Practices
0
6
38
www.magotech.net

IntroDuction
Encryption Applications and Best Practices
refer to the various use cases and
recommended guidelines for implementing
encryption in order to secure data and
communications effectively. These practices
are aimed at ensuring the confidentiality,
integrity, and authenticity of digital information
while minimizing the risk of unauthorized
access or data breaches.
39
www.magotech.net

Encryption
APPLICATI
ON
Email encryption: Techniques such as PGP and S/MIME are used to
protect email content and attachments, ensuring the privacy and security
of email communications.
Full-disk encryption and file-level encryption: These methods protect data
stored on computer hard drives or individual files, respectively, preventing
unauthorized access to sensitive information.
Secure messaging and end-to-end encryption: Secure messaging apps
like Signal, WhatsApp, and Telegram use end-to-end encryption to protect
the confidentiality and integrity of messages sent between users.
40
www.magotech.net

Best practices
for
encryption
- Key management: Implement a robust system for generating, distributing, storing, and
rotating encryption keys. Use hardware security modules (HSMs) or key management
services (KMS) to protect keys.
- Key rotation: Regularly update encryption keys to reduce the risk of unauthorized access
due to key compromise.
- Key backup: Store backup copies of encryption keys securely to prevent data loss in case
of key loss or corruption.
- Key revocation: Establish a procedure for revoking and replacing compromised or
outdated keys.
- Key storage: Store encryption keys securely, separate from the data they protect. Use
secure storage solutions like HSMs, KMS, or secure key stores.
41
www.magotech.net

Q&A
42
www.magotech.net

E s t h e r D y s o n , A m e r i c a n - S w i s s
j o u r n a l i s t a n d c o m m e n t a t o r o n
e m e r g i n g d i g i t a l t e c h n o l o g y .
"Encryption...is a powerful defensive weapon for
free people. It offers a technical guarantee of
privacy, regardless of who is running the
government... It's hard to think of a more powerful,
less dangerous tool for liberty." -
q u o t e
43
www.magotech.net