This document provides an overview of cryptography. It defines cryptography as the art and science of writing in secret codes, and explains its purpose is to achieve security through encrypting messages. The key topics covered include symmetric and asymmetric encryption algorithms, hash functions, digital signatures, encrypting file systems, and full disk encryption using BitLocker. Application areas like secure communication, authentication, and e-commerce are also discussed.

2. Cryptography
2
⚫Definition
⚫ It is an ancientartand scienceof writing in secret message.
⚫ Cryptographycomes from Greek word “crypto “ means hiding
and “Graphy” meanswriting
⚫ It is theartof achieving security byencoding messages to
make them non readable.

3. Cryptography
3
⚫Purposeof Cryptography
⚫Authentication
⚫Privacy/confidentiality
⚫Integrity
⚫Non-repudiation

4. Cryptography
⚫Stepsof cryptography
4

5. Cryptography
5
⚫Terminologies
⚫ Encryption
⚫ It is the process of transforming information so it is unintelligible to
anyone but the intended recipient.
⚫ Decryption
⚫ It is the process of transforming encrypted information so that it is
intelligible again.
⚫ Plaintext
⚫ the message to be transmitted orstored.
⚫ Ciphertext
⚫ the disguised message orencrypted message
⚫ Algorithm
⚫ The mathematical formula used forencryption and decryption
⚫ Cipher
⚫ Algorithm used forencryption and decryption
⚫ Key
⚫ Value used by algorithm toencryptand decrypt

6. Cryptography
6
⚫Applicationof Cryptography
⚫Securecommunication:
⚫ Topreventeavesdropping-wartimecommunication and business
transactions.
⚫Identification & Authentication:
⚫ Checking the integrity
⚫Secretsharing / data hiding:
⚫ Hide something that has been written.
⚫E-commerce / E-payment:
⚫Certification:
⚫ Certification is a scheme by which trusted agents such as
certifying authoritiesguarantee forunknownagents , such as
users.

7. Cryptography
7
⚫Applicationof Cryptography
⚫Keyrecovery:
⚫ It is a technology thatallows a key to be revealed undercertain
circumstanceswithout theownerof the key revealing it.
⚫Remoteaccess:
⚫ Passwords givesa level of security forsecureaccess.
⚫Cell phone:
⚫ Preventpeople from stealing cell phone nos. , accesscodeor
eavesdropping.
⚫Access control:
⚫ Regulateaccess to satelliteand cableTV

8. Cryptography
8
⚫ Terminologies
⚫ Cryptanalysis
⚫ Cryptanalysis (from the Greek kryptós, "hidden", and analýein,
"to loosen“ ) is the study of analyzing information system in
orderto study the hiddenaspects of thesystems.
⚫ breaking “secretcodes”
⚫ Cryptology
⚫ Cryptology (from Greek kryptós, "hidden, secret“, and logia,
"study“) is thestudyof cryptography and cryptanalysis
⚫ Theartand scienceof making and breaking “secretcodes”

9. Cryptography
9
⚫Characteristics of Cryptographic System:
⚫The typeof operations used fortransforming plaintext
tociphertext.
⚫The numberof keys used
⚫Theway in which the plaintext is processed.

10. Cryptography
10
⚫Typesof Cryptography
⚫ Secret –key Cryptography(Symmetric keycryptography)
⚫ Single key is used for both encryption and decryption.
⚫ Public key Cryptography(Asymmetric keycryptography)
⚫ Uses one key forencryption and anther fordecryption.
⚫ Hash function
⚫ It uses a mathematical transformation to irreversibly “encrypt”
information.

11. Cryptography
11
⚫Classical encryption(symmetric key cryptography)
techniques
⚫Substitution
⚫ Replacing an elementof plain text bycipher text
⚫Transposition
⚫ Rearranging theorderof appearanceof theelementsof the
plaintext.

12. STEGANOGRAPHY
12
⚫Steganography is the science of hiding information by
embedding the hidden(secret) message within a cover
media.
⚫It works by replacing bits of useless or unused data in
regular computer files with bits of different, invisible
information.
⚫Itused sometimewhen encryption is not permitted.
⚫Steganographic process
Stego medium = cover media + hidden data + stego key

13. STEGANOGRAPHY
13
⚫Different techniquesof Steganography:
⚫ Character marking
⚫Invisible ink
⚫Pin punctures
⚫Typewritercorrection ribbon

14. STEGANOGRAPHY
14
⚫Advantagesof Steganography:
⚫ used to transfersensitive data
⚫We can hide secrete messagewith graphic images.
⚫Provides highsecurity

15. CRYPTOGRAPHY
15
⚫Symmetric cipher /secrete keycryptography
⚫Senderand recipient share a same key forencryption
and decryption
⚫Theencryption algorithm is divided into two types
⚫ Block Cipher
⚫ Stream Cipher

16. CRYPTOGRAPHY
16
⚫ Advantagesof Symmetric cipher /secrete key
cryptography
⚫It is faster
⚫While transmission thechances of data being decrypted
is null
⚫Uses password authentication to prove the receivers
identity

17. CRYPTOGRAPHY
17
⚫ Disadvantagesof Symmetric cipher /secrete key
cryptography
⚫Issueof key transportation
⚫Itcannot providedigital signature thatcannot be
repudiated.

18. CRYPTOGRAPHY
18
⚫Asymmetriccipher /secrete key cryptography
⚫A pairof key is used to encrypt and decrypt.
⚫With asymmetric cryptography, the sender encrypts data
with one key, and the recipient uses a different key to
decrypt cipher text.
⚫Encrypt data using public keyand decrypt data using
private key.

19. CRYPTOGRAPHY
19
⚫AdvantagesAsymmetriccipher/secrete key
cryptography
⚫ Eliminating the keydistribution problem
⚫ Increased security
⚫ Itcan providedigital signatures thatcan be repudiated.
⚫Advantages Asymmetriccipher/secrete key
cryptography
⚫ Faster methodsareavailable.

20. Symmetric Encryption
Common Symmetric Encryption Algorithms are widely used in
securing data and communications.
Examples of these algorithms include Advanced Encryption Standard
(AES), Data Encryption Standard (DES), Triple Data Encryption
Standard (3DES), and Blowfish.

21. Public Key Cryptography -
Asymmetric
 One of the keys allocated to each person is called the "public
key", and is published in an open directory somewhere where
anyone can easily look it up, for example by email address.
 Each entity has 2 keys:
 Private Key (a secret)
 Public key (well known).

22. Using Keys
 Private keys are used for decrypting.
 Public keys are used for encrypting.

23. Process

24. Hash functions
 Is a type of one-way function this are fundamental for much of
cryptography.
 A one way function - is a function that is easy to calculate but
hard to invert.
 It is difficult to calculate the input to the function given its
output.
 The precise meanings of "easy" and "hard" can be specified
mathematically. With rare exceptions, almost the entire field of
public key cryptography rests on the existence of one-way
functions.

25. DIGITAL SIGNATURE
25
⚫A digital signature is an electronicsignature thatcan be
used to authenticate the identity of the sender of a
message.
⚫It is a mathematical scheme fordemonstrating the
authenticityof adigital messageordocument.
⚫Each signatory has theirown paired publicand private key

26. DIGITAL SIGNATURE
26
⚫Itconsists threealgorithms:
⚫A digital signaturegeneration algorithm:
⚫ Itconsistsof a (mathematical) digital signaturegeneration
algorithm
⚫ Randomly producesa keypair( public and private)
⚫ A signing algorithm:
⚫ Produces a signature
⚫A digital signatureverification algorithm
⚫ Itconsistsof averification algorithm, along with a method for
recovering data from the message.

27. DIGITAL SIGNATURE
Message
27
Messagedigest
Hash function
Digital Signature
Sendersprivate key
Conceptof digital signature

28. DIGITAL SIGNATURE
⚫Working of digital signature
28

29. DIGITAL SIGNATURE
29
⚫Advantagesof Digital Signature
⚫Imposter prevention
⚫Message integrity
⚫Legal requirement
⚫Disadvantagesof Digital Signature:
⚫Digital signature involves the primaryavenue forany
business is money

30. Encrypting File System
• Protects sensitive data on computers and laptops from
physical theft.
• Encryption at a lower level that all applications can use.
• EFS introduced from Windows 2000
• Tied to the NTFS file system
• Encrypt individual files or folders

31. Encrypting File System
• Data encrypted with
symmetric file encryption
key (FEK)
• DESX, 3DES, AES
• Cipher block chaining
• FEK encrypted with user’s
public key (RSA)
• Recovery Agent in case user
private key lost
Header
Version
Checksum
Data
Decryption
Field
DDF Key Entry 1
…
DDF Key Entry n
Data
Recovery
Field
DRF Key Entry 1
…
DRF Key Entry n
User SID
Container Name
Provider Name
EFS Certificate Hash
Encrypted FEK
Key Entry:

32. Full Volume Encryption
• Encryption at the block driver level underneath
file system.
• Everything in the volume is encrypted.
• BitLocker in windows
• BitLocker takes advantage of Trusted Platform
Module (TPM)
• Top level root key sealed in TPM
• Root key encrypts disk encryption key, which encrypts sector
data

33. BitLocker
• Secure Startup
• Ensures boot integrity of the Windows volume before unsealing root key.
• Verifies none of the boot code or critical system files have been tampered
with offline.
• Taking measurements of critical information at each step of the boot
process.
• Compare hash of measurements to hash of known secure system.
• Recovery mechanism – removable storage or password
• BitLocker and EFS not mutually exclusive
• BitLocker can protect system volume and root keys.
• EFS can provide file granularity and multiple user control.