This article provides a general introduction to the subject of Cryptology, Crytography and Crytoanalysis and explains the terminology and the practical application of security techniques… In recorded History , technological innovations have revolutionized societies. The printing press is an often-cited example of the great impact one humble person’s invention can have on ruling dynasties, world religions, and personal life.. Quantum encryption could rival Guttenberg’s printing press in its impact. Cryptology has a fascinating History., In Warfare Cryptography is a broad, sticky, and mathematically complex, but interesting subject and an integral part of the evolution of warfare. So let’s get some definitions out of the way first. Cryptology is the study of codes, both creating and solving them. Cryptography is the art of creating codes. Cryptanalysis is the art of surreptitiously revealing the contents of coded messages, breaking codes, that were not intended for you as a recipient.. Secondly, there are nomenclators and enciphers. Nomenclators are letters or numbers that represent words or phrases, like 103A means “meet me at 4PM”. Ciphers are alphabetical letters or numbers that are encrypted using some sequential coding process and a key. For this essay, we will refer to both as codes. Also, enciphered, encrypted and encoded mean the same thing….Additionally, there is plain text. This is the original message that is readable and understandable, uncoded or unencrypted. Once it goes through the coding process and is encrypted, the output is readable but not understandable. There are a bunch of other terms like steganography, homophones, polyphones, digraphs, bigrams, and polygrams, but they are just variations of coding and decoding techniques.
This document provides an in-depth overview of steganography techniques. It begins with definitions and a brief history of steganography. It then discusses steganography concepts like different types (pure, secret key, public key), encoding secret messages in text and images. Specific techniques are covered like line-shift encoding in text and least significant bit encoding in images. The document closes by discussing steganalysis, the detection of hidden messages. Overall, the document serves as a comprehensive introduction to steganography.
This document is a project report submitted by Gaurav Shukla for his internship at IIT Kanpur under the guidance of Mr. B.M. Shukla. The report compares secured message delivery using SSL and GPG. It provides background on cryptography, describes how SSL and GPG work to securely transmit messages, and analyzes parts of the GPG source code to observe cryptographic flaws. The document contains sections on certificate, acknowledgements, introduction to cryptography concepts, descriptions of SSL and GPG, results and analysis of comparing the two methods, conclusions, and bibliography.
This technical seminar presentation provides an overview of steganography techniques. It discusses how steganography can be used to hide copyright information and serial numbers in audio and video data. The presentation covers various steganography methods including least significant bit substitution and transformations in the frequency domain. It also compares steganography to watermarking and cryptography, explaining how the goals and security requirements differ for each technique. Historical steganography methods and applications of modern steganography are also summarized.
Cryptography is the practice of protecting information by converting it into an unreadable format. Only using a secret key can the information be converted back to a readable format. Throughout history, different encryption techniques have been developed including the Caesar cipher, the Vigenere cipher, and public key cryptography developed by Diffie and Hellman. Modern cryptography is used for purposes such as authentication, electronic money, secure network communication, anonymous remailers, and disk encryption. However, widespread use of unbreakable encryption could enable criminal activity and threaten national security and business interests.
Cryptography is the practice and study of hiding information. It has its origins as far back as 2000 BC in Egypt with hieroglyphics. Throughout history, different cultures developed ciphers and codes for encryption, including the ancient Chinese, Mesopotamians, Spartans, and during wars. Modern cryptography involves encryption, decryption using keys, and can be symmetric (same key) or asymmetric (public/private keys) like RSA encryption. Cryptography has many applications including online security, digital signatures, and encryption on devices like smart cards.
Cryptographic Algorithms For Secure Data CommunicationCSCJournals
Personal privacy is of utmost importance in the global networked world. One of the best tools to help people safeguard their personal information is the use of cryptography. In this paper we present new cryptographic algorithms that employ the use of asymmetric keys. The proposed algorithms encipher message into nonlinear equations using public key and decipher by the intended party using private key. If a third party intercepted the message, it will be difficult to decipher it due to the multilevel ciphers of the proposed application.
1. The document provides an overview of cryptography and discusses key concepts like encryption, digital signatures, hash functions, and symmetric and asymmetric encryption algorithms.
2. It explains that cryptography transforms data into secret code to provide confidentiality, integrity, authentication and non-repudiation. The main cryptographic tools are encryption, digital signatures, and hash functions.
3. Symmetric encryption uses the same key for encryption and decryption while asymmetric encryption uses separate public and private keys, allowing data to be encrypted by a public key and decrypted by a corresponding private key.
BEGINS FROM SCRATCH TO FUTURE METHODS OF CRYPTOGRAPHY. PROVIDES A DEEP INSIGHT INTO HISTORY,USES,APPLICATION,DIFFERENT TYPES AND METHODS OF CRYPTOGRAPHY. THANK YOU
This document provides an in-depth overview of steganography techniques. It begins with definitions and a brief history of steganography. It then discusses steganography concepts like different types (pure, secret key, public key), encoding secret messages in text and images. Specific techniques are covered like line-shift encoding in text and least significant bit encoding in images. The document closes by discussing steganalysis, the detection of hidden messages. Overall, the document serves as a comprehensive introduction to steganography.
This document is a project report submitted by Gaurav Shukla for his internship at IIT Kanpur under the guidance of Mr. B.M. Shukla. The report compares secured message delivery using SSL and GPG. It provides background on cryptography, describes how SSL and GPG work to securely transmit messages, and analyzes parts of the GPG source code to observe cryptographic flaws. The document contains sections on certificate, acknowledgements, introduction to cryptography concepts, descriptions of SSL and GPG, results and analysis of comparing the two methods, conclusions, and bibliography.
This technical seminar presentation provides an overview of steganography techniques. It discusses how steganography can be used to hide copyright information and serial numbers in audio and video data. The presentation covers various steganography methods including least significant bit substitution and transformations in the frequency domain. It also compares steganography to watermarking and cryptography, explaining how the goals and security requirements differ for each technique. Historical steganography methods and applications of modern steganography are also summarized.
Cryptography is the practice of protecting information by converting it into an unreadable format. Only using a secret key can the information be converted back to a readable format. Throughout history, different encryption techniques have been developed including the Caesar cipher, the Vigenere cipher, and public key cryptography developed by Diffie and Hellman. Modern cryptography is used for purposes such as authentication, electronic money, secure network communication, anonymous remailers, and disk encryption. However, widespread use of unbreakable encryption could enable criminal activity and threaten national security and business interests.
Cryptography is the practice and study of hiding information. It has its origins as far back as 2000 BC in Egypt with hieroglyphics. Throughout history, different cultures developed ciphers and codes for encryption, including the ancient Chinese, Mesopotamians, Spartans, and during wars. Modern cryptography involves encryption, decryption using keys, and can be symmetric (same key) or asymmetric (public/private keys) like RSA encryption. Cryptography has many applications including online security, digital signatures, and encryption on devices like smart cards.
Cryptographic Algorithms For Secure Data CommunicationCSCJournals
Personal privacy is of utmost importance in the global networked world. One of the best tools to help people safeguard their personal information is the use of cryptography. In this paper we present new cryptographic algorithms that employ the use of asymmetric keys. The proposed algorithms encipher message into nonlinear equations using public key and decipher by the intended party using private key. If a third party intercepted the message, it will be difficult to decipher it due to the multilevel ciphers of the proposed application.
1. The document provides an overview of cryptography and discusses key concepts like encryption, digital signatures, hash functions, and symmetric and asymmetric encryption algorithms.
2. It explains that cryptography transforms data into secret code to provide confidentiality, integrity, authentication and non-repudiation. The main cryptographic tools are encryption, digital signatures, and hash functions.
3. Symmetric encryption uses the same key for encryption and decryption while asymmetric encryption uses separate public and private keys, allowing data to be encrypted by a public key and decrypted by a corresponding private key.
BEGINS FROM SCRATCH TO FUTURE METHODS OF CRYPTOGRAPHY. PROVIDES A DEEP INSIGHT INTO HISTORY,USES,APPLICATION,DIFFERENT TYPES AND METHODS OF CRYPTOGRAPHY. THANK YOU
The document provides information about the members of a group - Abdullah Rashid Baig, Adnan Haider, Muhammad Zakria, and Muhammad Zeeshan Khan. It then provides definitions and explanations of cryptography, cryptographic algorithms, encryption, decryption, plaintext, ciphertext, keys, secret key cryptography, public key cryptography, hashing, digital signatures, and security goals like confidentiality, authentication, integrity, availability, non-repudiation, and access control. It also discusses potential attacks on cryptography like viruses, traffic analysis, electromagnetic detection, and dictionary attacks.
This document summarizes Sabiha Batool's presentation on cryptography in information security. The presentation covered the history and basic concepts of cryptography, including definitions of encryption, decryption, plaintext and ciphertext. It discussed symmetric and asymmetric key cryptography as well as hash functions and the RSA algorithm. The presentation explained how cryptography helps achieve the goals of information security - data integrity, authentication, confidentiality and non-repudiation. It reviewed literature on the topic and concluded by discussing the advantages and limitations of cryptography as well as its applications.
Modified honey encryption scheme for encoding natural language messageIJECEIAES
Conventional encryption schemes are susceptible to brute-force attacks. This is because bytes encode utf8 (or ASCII) characters. Consequently, an adversary that intercepts a ciphertext and tries to decrypt the message by brute-forcing with an incorrect key can filter out some of the combinations of the decrypted message by observing that some of the sequences are a combination of characters which are distributed non-uniformly and form no plausible meaning. Honey encryption (HE) scheme was proposed to curtail this vulnerability of conventional encryption by producing ciphertexts yielding valid-looking, uniformly distributed but fake plaintexts upon decryption with incorrect keys. However, the scheme works for only passwords and PINS. Its adaptation to support encoding natural language messages (e-mails, human-generated documents) has remained an open problem. Existing proposals to extend the scheme to support encoding natural language messages reveals fragments of the plaintext in the ciphertext, hence, its susceptibility to chosen ciphertext attacks (CCA). In this paper, we modify the HE schemes to support the encoding of natural language messages using Natural Language Processing techniques. Our main contribution was creating a structure that allowed a message to be encoded entirely in binary. As a result of this strategy, most binary string produces syntactically correct messages which will be generated to deceive an attacker who attempts to decrypt a ciphertext using incorrect keys. We evaluate the security of our proposed scheme.
Cryptography is the science of securing information and communication through encryption. It has a long history dating back to ancient civilizations, but modern cryptography emerged in the early 20th century with the invention of encryption machines like the Enigma and Lorenz ciphers used in World War II. Cryptography serves purposes like authentication, confidentiality, integrity, and non-repudiation. It uses techniques like symmetric encryption with a shared key, asymmetric encryption with public/private key pairs, and hash functions. Cryptography has many applications in digital signatures, smart cards, e-commerce, passwords, and ATMs. While technology has improved security, perfection has not been achieved.
The document discusses the history and concepts of cryptography, especially in the context of e-commerce. It explains how cryptography evolved from ancient times to modern applications. Symmetric and asymmetric encryption methods are described, including how public/private key pairs work. Digital signatures are introduced as a way to provide authentication, integrity, and non-repudiation for electronic transactions.
This document provides an introduction to cryptography. It defines cryptography as the practice of hiding information and discusses its importance for secure communication. The document outlines the basic components of cryptography including plaintext, encryption, ciphertext, decryption, and keys. It also describes different types of cryptographic algorithms like the Caesar cipher and symmetric and asymmetric key cryptography. The document concludes by emphasizing the importance of implementing cryptography for network security.
This document provides an overview of cryptography including its history, components, terminology, types, and applications. Cryptography is the science of securing communications and ensures confidentiality, integrity, and authentication of messages. It has military and civilian applications and relies on techniques from mathematics, computer science, and electrical engineering. The document discusses symmetric and asymmetric key cryptography, describing how symmetric uses a shared key while asymmetric uses public/private key pairs. Digital signatures and certificates are also covered.
Cryptography is a technique used to send encrypted messages that only the intended recipient can understand using a secret code. Encryption is the process of encoding a message so it is incomprehensible without the code, while decryption is using the pre-established code to understand the encrypted message. Cryptography has been used throughout history for both military purposes and casual uses such as by poets.
Cryptography is the science of using mathematics to encrypt and decrypt data. This presentation explains about the cryptography, its history, types i.e. symmetric and asymmetric cryptography.
Steganography is the practice of hiding secret information within other harmless-looking files like images, audio, or text. It works by making small, undetectable changes to parts of the files that humans cannot perceive but machines can read. Historically, secret messages were hidden between lines of text or by invisible inks, but now computers allow information to be hidden in the binary data of digital files. Popular steganography software makes changes to the least significant bits of image pixel values or audio samples. When implemented correctly, steganography can securely and covertly transmit sensitive information without anyone knowing a hidden message is present.
This document provides information about cryptography and encryption techniques. It discusses that cryptography is the science of information security and includes techniques to hide information. It then describes three main goals of cryptography: confidentiality, integrity, and authentication. It proceeds to define encryption as converting a message into cipher text and decryption as converting cipher text back to the original message. Finally, it explains the differences between symmetric and asymmetric encryption methods.
Steganography is the process of hiding secret information within ordinary media so that the very existence of the message is concealed. It works by embedding messages within images, videos, or audio files. Various techniques exist such as least significant bit insertion and algorithms/transformations. Tools allow hiding data in file formats like JPEG, PNG, and MP4. Detection methods include visual analysis and statistical steganalysis to analyze for subtle changes from hidden data. Steganography has uses for covert communication but also intellectual property and digital rights management.
Introduction to the cryptography behind blockchain (from roots to quantum cry...Marcelo Sávio
The document provides an introduction to cryptography concepts behind blockchain, beginning with symmetric key cryptography like the Data Encryption Standard (DES) developed by Horst Feistel at IBM in the 1970s. It then discusses the development of public key cryptography by Whitfield Diffie, Martin Hellman, Ronald Rivest, Adi Shamir, and Leonard Adleman in the 1970s, which introduced digital signatures and solved the key distribution problem. The document continues discussing the use of hash functions, elliptic curve cryptography, and computational proof-of-work concepts that are fundamental to blockchain technology.
Cryptography is the practice of securing communications through encryption and decryption techniques. It involves algorithms, programming languages, and different types of cryptography like symmetric, asymmetric, and hashing. Modern cryptography relies on keys of varying lengths for encryption and decryption. It has a long history dating back thousands of years and continues to evolve with advances like public key infrastructure and algorithms like RSA and Diffie-Hellman key exchange. Implementation in Java focuses on authentication, authorization, data integrity, and security against attacks.
Advanced cryptography and implementationAkash Jadhav
The document discusses a technical presentation on advanced cryptography and its implementation. It provides an overview of cryptography, including its history and basic concepts such as encryption, decryption, and cryptanalysis. Examples of cryptography applications discussed include ATM cards, credit cards, e-mail, and lottery tickets.
Steganography is the science of hiding information within other carriers or cover files such as text, images, audio, or video to avoid detection. The seminar presentation discussed the history of steganography dating back to 440BC, described common techniques like hiding messages in images or audio files, and compared it to cryptography which focuses on encrypting messages rather than concealing their existence. Applications of steganography include confidential communication, data protection, and alleged use by terrorists or intelligence services.
Data Security on Computer Network and Telecommunication System Using Caesar C...Yekini Nureni
In this era of global communication where online communication through the use of computer network and telecommunication system has dominated the means of communication between people. The goal of privacy is very paramount. The numbers of people being connected to the communication system through their mobile phone, computer or any other e-communication tools are increasing day-by-day. Hence there is need to secure the communication networks from adversaries (third parties) between the sender and receivers. There are many aspects to security approach in data communication environment. One essential aspect for secure communications is that of cryptography, which the focus of this research is. We have developed stand-alone application software that implements cryptography using Caesar algorithms. This program can be implemented with chatting software or E-mail software to encrypt data. The algorithm was coded with Java programming language.
With computers having GHz of processing speed, information / data either stored or in
transmission has become more and more vernalable to hostile eavesdropping, theft,
wiretapping etc. This urges us to devise new data hiding techniques to protect and secure data
of vital significance. Steganography is a method of securing data by obscuring the contents in
another media (called Cover) in which it is saved / transmitted. This doctorial thesis proposal will
present a new Steganographic Technique for hiding data in (ASCII) text files together with its
Software implementation, a research area in Steganography which is considered as
toughest among all, to address.
The document provides information about the members of a group - Abdullah Rashid Baig, Adnan Haider, Muhammad Zakria, and Muhammad Zeeshan Khan. It then provides definitions and explanations of cryptography, cryptographic algorithms, encryption, decryption, plaintext, ciphertext, keys, secret key cryptography, public key cryptography, hashing, digital signatures, and security goals like confidentiality, authentication, integrity, availability, non-repudiation, and access control. It also discusses potential attacks on cryptography like viruses, traffic analysis, electromagnetic detection, and dictionary attacks.
This document summarizes Sabiha Batool's presentation on cryptography in information security. The presentation covered the history and basic concepts of cryptography, including definitions of encryption, decryption, plaintext and ciphertext. It discussed symmetric and asymmetric key cryptography as well as hash functions and the RSA algorithm. The presentation explained how cryptography helps achieve the goals of information security - data integrity, authentication, confidentiality and non-repudiation. It reviewed literature on the topic and concluded by discussing the advantages and limitations of cryptography as well as its applications.
Modified honey encryption scheme for encoding natural language messageIJECEIAES
Conventional encryption schemes are susceptible to brute-force attacks. This is because bytes encode utf8 (or ASCII) characters. Consequently, an adversary that intercepts a ciphertext and tries to decrypt the message by brute-forcing with an incorrect key can filter out some of the combinations of the decrypted message by observing that some of the sequences are a combination of characters which are distributed non-uniformly and form no plausible meaning. Honey encryption (HE) scheme was proposed to curtail this vulnerability of conventional encryption by producing ciphertexts yielding valid-looking, uniformly distributed but fake plaintexts upon decryption with incorrect keys. However, the scheme works for only passwords and PINS. Its adaptation to support encoding natural language messages (e-mails, human-generated documents) has remained an open problem. Existing proposals to extend the scheme to support encoding natural language messages reveals fragments of the plaintext in the ciphertext, hence, its susceptibility to chosen ciphertext attacks (CCA). In this paper, we modify the HE schemes to support the encoding of natural language messages using Natural Language Processing techniques. Our main contribution was creating a structure that allowed a message to be encoded entirely in binary. As a result of this strategy, most binary string produces syntactically correct messages which will be generated to deceive an attacker who attempts to decrypt a ciphertext using incorrect keys. We evaluate the security of our proposed scheme.
Cryptography is the science of securing information and communication through encryption. It has a long history dating back to ancient civilizations, but modern cryptography emerged in the early 20th century with the invention of encryption machines like the Enigma and Lorenz ciphers used in World War II. Cryptography serves purposes like authentication, confidentiality, integrity, and non-repudiation. It uses techniques like symmetric encryption with a shared key, asymmetric encryption with public/private key pairs, and hash functions. Cryptography has many applications in digital signatures, smart cards, e-commerce, passwords, and ATMs. While technology has improved security, perfection has not been achieved.
The document discusses the history and concepts of cryptography, especially in the context of e-commerce. It explains how cryptography evolved from ancient times to modern applications. Symmetric and asymmetric encryption methods are described, including how public/private key pairs work. Digital signatures are introduced as a way to provide authentication, integrity, and non-repudiation for electronic transactions.
This document provides an introduction to cryptography. It defines cryptography as the practice of hiding information and discusses its importance for secure communication. The document outlines the basic components of cryptography including plaintext, encryption, ciphertext, decryption, and keys. It also describes different types of cryptographic algorithms like the Caesar cipher and symmetric and asymmetric key cryptography. The document concludes by emphasizing the importance of implementing cryptography for network security.
This document provides an overview of cryptography including its history, components, terminology, types, and applications. Cryptography is the science of securing communications and ensures confidentiality, integrity, and authentication of messages. It has military and civilian applications and relies on techniques from mathematics, computer science, and electrical engineering. The document discusses symmetric and asymmetric key cryptography, describing how symmetric uses a shared key while asymmetric uses public/private key pairs. Digital signatures and certificates are also covered.
Cryptography is a technique used to send encrypted messages that only the intended recipient can understand using a secret code. Encryption is the process of encoding a message so it is incomprehensible without the code, while decryption is using the pre-established code to understand the encrypted message. Cryptography has been used throughout history for both military purposes and casual uses such as by poets.
Cryptography is the science of using mathematics to encrypt and decrypt data. This presentation explains about the cryptography, its history, types i.e. symmetric and asymmetric cryptography.
Steganography is the practice of hiding secret information within other harmless-looking files like images, audio, or text. It works by making small, undetectable changes to parts of the files that humans cannot perceive but machines can read. Historically, secret messages were hidden between lines of text or by invisible inks, but now computers allow information to be hidden in the binary data of digital files. Popular steganography software makes changes to the least significant bits of image pixel values or audio samples. When implemented correctly, steganography can securely and covertly transmit sensitive information without anyone knowing a hidden message is present.
This document provides information about cryptography and encryption techniques. It discusses that cryptography is the science of information security and includes techniques to hide information. It then describes three main goals of cryptography: confidentiality, integrity, and authentication. It proceeds to define encryption as converting a message into cipher text and decryption as converting cipher text back to the original message. Finally, it explains the differences between symmetric and asymmetric encryption methods.
Steganography is the process of hiding secret information within ordinary media so that the very existence of the message is concealed. It works by embedding messages within images, videos, or audio files. Various techniques exist such as least significant bit insertion and algorithms/transformations. Tools allow hiding data in file formats like JPEG, PNG, and MP4. Detection methods include visual analysis and statistical steganalysis to analyze for subtle changes from hidden data. Steganography has uses for covert communication but also intellectual property and digital rights management.
Introduction to the cryptography behind blockchain (from roots to quantum cry...Marcelo Sávio
The document provides an introduction to cryptography concepts behind blockchain, beginning with symmetric key cryptography like the Data Encryption Standard (DES) developed by Horst Feistel at IBM in the 1970s. It then discusses the development of public key cryptography by Whitfield Diffie, Martin Hellman, Ronald Rivest, Adi Shamir, and Leonard Adleman in the 1970s, which introduced digital signatures and solved the key distribution problem. The document continues discussing the use of hash functions, elliptic curve cryptography, and computational proof-of-work concepts that are fundamental to blockchain technology.
Cryptography is the practice of securing communications through encryption and decryption techniques. It involves algorithms, programming languages, and different types of cryptography like symmetric, asymmetric, and hashing. Modern cryptography relies on keys of varying lengths for encryption and decryption. It has a long history dating back thousands of years and continues to evolve with advances like public key infrastructure and algorithms like RSA and Diffie-Hellman key exchange. Implementation in Java focuses on authentication, authorization, data integrity, and security against attacks.
Advanced cryptography and implementationAkash Jadhav
The document discusses a technical presentation on advanced cryptography and its implementation. It provides an overview of cryptography, including its history and basic concepts such as encryption, decryption, and cryptanalysis. Examples of cryptography applications discussed include ATM cards, credit cards, e-mail, and lottery tickets.
Steganography is the science of hiding information within other carriers or cover files such as text, images, audio, or video to avoid detection. The seminar presentation discussed the history of steganography dating back to 440BC, described common techniques like hiding messages in images or audio files, and compared it to cryptography which focuses on encrypting messages rather than concealing their existence. Applications of steganography include confidential communication, data protection, and alleged use by terrorists or intelligence services.
Data Security on Computer Network and Telecommunication System Using Caesar C...Yekini Nureni
In this era of global communication where online communication through the use of computer network and telecommunication system has dominated the means of communication between people. The goal of privacy is very paramount. The numbers of people being connected to the communication system through their mobile phone, computer or any other e-communication tools are increasing day-by-day. Hence there is need to secure the communication networks from adversaries (third parties) between the sender and receivers. There are many aspects to security approach in data communication environment. One essential aspect for secure communications is that of cryptography, which the focus of this research is. We have developed stand-alone application software that implements cryptography using Caesar algorithms. This program can be implemented with chatting software or E-mail software to encrypt data. The algorithm was coded with Java programming language.
With computers having GHz of processing speed, information / data either stored or in
transmission has become more and more vernalable to hostile eavesdropping, theft,
wiretapping etc. This urges us to devise new data hiding techniques to protect and secure data
of vital significance. Steganography is a method of securing data by obscuring the contents in
another media (called Cover) in which it is saved / transmitted. This doctorial thesis proposal will
present a new Steganographic Technique for hiding data in (ASCII) text files together with its
Software implementation, a research area in Steganography which is considered as
toughest among all, to address.
Encryption works by using keys to scramble data before transmitting it, then using the same key to unscramble it upon receipt. There are two main types: symmetric key encryption which uses the same key by both parties, and public key encryption which uses different keys but relates them through hashing. Public key encryption addressed weaknesses in symmetric key encryption by allowing secure communication without pre-sharing a key. Hashing algorithms are used to generate hash values from data in public key encryption in a way that makes deriving the original data nearly impossible without the hash value.
Evolution of Cryptography and Cryptographic techniquesMona Rajput
1) Cryptography originated from the inherent human needs to communicate selectively and share information privately.
2) Early forms of cryptography included hieroglyphs and cipher techniques used by ancient Egyptian and Roman civilizations.
3) Modern cryptography is based on mathematical concepts from fields like number theory and uses algorithms like symmetric encryption, asymmetric encryption, hashing, and steganography to provide security services like confidentiality, integrity, authentication, and non-repudiation.
Encryption encodes information so that only those with the key can access it. There are two main types: symmetric key encryption which uses the same key to encrypt and decrypt but must be installed on both computers beforehand, and public key encryption which addresses issues with symmetric key and uses different keys but allows anyone to encrypt messages. One popular public key encryption program is PGP.
Encryption is used to encode information so that only those with the key can decode it, providing security for computers and information sent over the internet. There are two main types of encryption - symmetric key encryption where both sides use the same key, requiring the key to be installed on both computers beforehand, and public key encryption which addresses issues with symmetric key using a two-key system that allows encryption and decryption with different keys. A 1976 paper introduced public key encryption as an improvement over symmetric key encryption.
Steganography and Its Applications in SecurityIJMER
ABSTRACT: Steganography is the dark cousin of cryptography, the use of codes. While cryptography provides privacy,
steganography is intended to provide secrecy. Steganography is a method of covertly communicating. Steganography is a
process that involves hiding a message in an appropriate carrier for example an image or an audio file. The carrier can then
be sent to a receiver without anyone else knowing that it contains a hidden message. This is a process, which can be used for
example by civil rights organizations in repressive states to communicate their message to the outside world without their
own government being aware of it. In this article we have tried to elucidate the different approaches towards implementation
of Steganography using ‘multimedia’ file (text, static image, audio and video). Steganalysis is a newly emerging branch of
data processing that seeks the identification of steganographic covers, and if possible message extraction. It is similar to
cryptanalysis in cryptography. The technique is ancient emerging monster that have gained immutable notice as it have
newly penetrated the world of digital communication security. Objective is not only to prevent the message being read but
also to hide its existence.
Keywords: Carrier, Privacy, Secrecy, Steganalysis, Steganography
This document provides an overview of cryptography and encryption techniques. It discusses the basic cryptographic terms and historical background of cryptography. It then describes different cipher techniques including transposition cipher and substitution cipher. It also discusses conventional encryption algorithms such as DES, AES, and RSA. Symmetric key cryptography and public key cryptography are explained. The document also covers digital signatures, cryptanalysis, and cryptographic systems in general.
Cryptography is the practice of securing communication and information by converting plaintext into ciphertext. The document provides an introduction to cryptography including its history from ancient times to the present. It discusses terminology like plaintext, encryption, ciphertext, decryption, and keys. Symmetric key cryptography uses a single key for encryption and decryption while asymmetric key cryptography uses two different keys. Examples of symmetric methods are DES, 3DES, AES, and RC4, while RSA is a common asymmetric method. Applications of cryptography include ATMs, email passwords, e-payments, e-commerce, electronic voting, defense services, securing data, and access control.
Claude Shannon made significant contributions to the field of cryptography through his work on information theory and communication systems. He published a paper in 1949 that laid the foundations for modern cryptography. In the paper, he applied mathematical theory to break German and Japanese codes during World War II and demonstrated that effective encryption requires a key at least as long as the message being encrypted. He also introduced the concept of perfect secrecy and proved it can only be achieved using a one-time pad. Shannon's work established cryptography as a serious academic discipline and helped shift its focus from mechanical encryption devices to mathematical ciphers and keys. His ideas remain fundamental to modern cryptography and information security.
This document provides an introduction and table of contents to cryptography. It discusses the main goals of cryptography which are confidentiality, data integrity, authentication, and non-repudiation. It then defines key vocabulary terms used in cryptography such as plaintext, ciphertext, encryption, decryption, stream ciphers, block ciphers, and cryptosystems. Finally, it provides a brief high-level history of cryptography mentioning examples from 400 BC Spartan sky tale cipher to Julius Caesar's substitution cipher.
This document contains a question bank with answers related to cyber security. It discusses topics like the CIA triad of confidentiality, integrity and availability, authentication and authorization. It also defines terms like availability, integrity, non-repudiation and confidentiality. Examples are provided for different authentication factors like something you know, something you have and something you are. The document also discusses symmetric and asymmetric encryption, firewalls and the fundamentals of the domain name system.
cryptography presentation this about how cryptography worksvimalguptaofficial
Cryptography is the process of encrypting information to hide its meaning and involves techniques like cipher systems that scramble letters and numbers. Different encryption methods have been used throughout history from simple substitution ciphers like the Caesar cipher used by Julius Caesar to modern techniques relying on complex mathematics. Alan Turing helped crack the German Enigma code during World War II by designing the bombe machine to determine the settings of the Enigma rotors and help decrypt messages.
This document provides an overview and comparison of cryptography and steganography. Cryptography scrambles a message to make it unreadable, while steganography hides the message to make its very presence undetectable. Both techniques can be combined to enhance security. Cryptography has a long history dating back thousands of years, while steganography originated in ancient Greece. Modern techniques include public/private key cryptography, digital signatures, hash functions, and hiding messages in digital files like images, audio and video. The key difference is that cryptography fails if an enemy detects an encrypted message, while steganography fails if they detect the hidden message. Combining the two provides multiple layers of security.
Cryptography is the study of hidden messages and secret communications through encryption techniques such as letter substitutions, symbols, algorithms, and mathematical models. Throughout history, cryptography has evolved from early Egyptian rulers to modern times along with developing technologies, while cryptanalysis aims to decipher encrypted codes. Today, advanced encryption is needed to secure the vast amounts of data communicated over the internet and through ubiquitous technologies like the internet of things, as protection of communications has become essential in the dynamic information age.
Sri Hari Uppalapati gave a presentation on the One Time Pad (OTP) encryption method. OTP uses a randomly generated key that is as long as the plaintext message. The key is used to encrypt the message one time and then discarded, making it impossible to decrypt the ciphertext without the key. OTP is information theoretically secure if implemented correctly, but it is not practical for most uses due to the key management issues. The presentation received average to good peer reviews, with comments noting the clear explanations but room for improvement. Reviewers suggested providing more examples or comparisons to other methods.
Steganography is a technology used since years for the communication of messages secretly. These secret messages are put inside honest carriers. Carriers can be digital images, audio files, video files and so on. The limitation in sending concealed longer messages has been overcoming by the inclusion of video files as carriers. Popular internet services such as Skype, BitTorrent, Google Suggest, and
WLANs are targets of information hiding techniques. Nowadays, plotters are not only using the carriers but also the protocols for communication that regulate the path of the carrier through the Internet. This technique is named Network Steganography.
This document summarizes text steganography methods. It begins with a brief history of steganography from ancient times to modern uses. It then discusses text steganography specifically, including format-based, linguistic, and random/statistical generation methods. Examples of text steganography techniques are provided, such as selective hiding, hiding using whitespace, and semantic hiding using synonyms. The basic mechanism of text steganography is outlined as concealing a secret message in cover text using an embedding algorithm, transmitting the stego-text, and extracting the secret message using a recovery algorithm and stego-key at the receiving end.
This document discusses various cryptographic techniques used for secure communication. It begins by introducing cryptography and its basic concepts like encryption, decryption, keys etc. It then describes the two main cryptographic techniques - symmetric encryption which uses a single shared key for encryption and decryption, and examples like DES, AES, Blowfish are discussed. Asymmetric encryption which uses public-private key pairs is also explained along with examples like RSA and Diffie-Hellman key exchange algorithm. The document provides detailed information about the algorithms, their working principles and security aspects in concise manner.
Similar to CRYPTOLOGY AND INFORMATION SECURITY - PAST, PRESENT, AND FUTURE ROLE IN SOCIETY (20)
Electric vehicle and photovoltaic advanced roles in enhancing the financial p...IJECEIAES
Climate change's impact on the planet forced the United Nations and governments to promote green energies and electric transportation. The deployments of photovoltaic (PV) and electric vehicle (EV) systems gained stronger momentum due to their numerous advantages over fossil fuel types. The advantages go beyond sustainability to reach financial support and stability. The work in this paper introduces the hybrid system between PV and EV to support industrial and commercial plants. This paper covers the theoretical framework of the proposed hybrid system including the required equation to complete the cost analysis when PV and EV are present. In addition, the proposed design diagram which sets the priorities and requirements of the system is presented. The proposed approach allows setup to advance their power stability, especially during power outages. The presented information supports researchers and plant owners to complete the necessary analysis while promoting the deployment of clean energy. The result of a case study that represents a dairy milk farmer supports the theoretical works and highlights its advanced benefits to existing plants. The short return on investment of the proposed approach supports the paper's novelty approach for the sustainable electrical system. In addition, the proposed system allows for an isolated power setup without the need for a transmission line which enhances the safety of the electrical network
Embedded machine learning-based road conditions and driving behavior monitoringIJECEIAES
Car accident rates have increased in recent years, resulting in losses in human lives, properties, and other financial costs. An embedded machine learning-based system is developed to address this critical issue. The system can monitor road conditions, detect driving patterns, and identify aggressive driving behaviors. The system is based on neural networks trained on a comprehensive dataset of driving events, driving styles, and road conditions. The system effectively detects potential risks and helps mitigate the frequency and impact of accidents. The primary goal is to ensure the safety of drivers and vehicles. Collecting data involved gathering information on three key road events: normal street and normal drive, speed bumps, circular yellow speed bumps, and three aggressive driving actions: sudden start, sudden stop, and sudden entry. The gathered data is processed and analyzed using a machine learning system designed for limited power and memory devices. The developed system resulted in 91.9% accuracy, 93.6% precision, and 92% recall. The achieved inference time on an Arduino Nano 33 BLE Sense with a 32-bit CPU running at 64 MHz is 34 ms and requires 2.6 kB peak RAM and 139.9 kB program flash memory, making it suitable for resource-constrained embedded systems.
Introduction- e - waste – definition - sources of e-waste– hazardous substances in e-waste - effects of e-waste on environment and human health- need for e-waste management– e-waste handling rules - waste minimization techniques for managing e-waste – recycling of e-waste - disposal treatment methods of e- waste – mechanism of extraction of precious metal from leaching solution-global Scenario of E-waste – E-waste in India- case studies.
Discover the latest insights on Data Driven Maintenance with our comprehensive webinar presentation. Learn about traditional maintenance challenges, the right approach to utilizing data, and the benefits of adopting a Data Driven Maintenance strategy. Explore real-world examples, industry best practices, and innovative solutions like FMECA and the D3M model. This presentation, led by expert Jules Oudmans, is essential for asset owners looking to optimize their maintenance processes and leverage digital technologies for improved efficiency and performance. Download now to stay ahead in the evolving maintenance landscape.
LLM Fine Tuning with QLoRA Cassandra Lunch 4, presented by Anant
CRYPTOLOGY AND INFORMATION SECURITY - PAST, PRESENT, AND FUTURE ROLE IN SOCIETY
1. International Journal on Cryptography and Information Security (IJCIS), Vol. 9, No.1/2, June 2019
DOI:10.5121/ijcis.2019.9202 13
CRYPTOLOGY AND INFORMATION SECURITY - PAST,
PRESENT, AND FUTURE ROLE IN SOCIETY
Soumitra Bhattacharya
Life Member ISTAM-(IIT-Kharagpur), & CRSI-Kolkata, India
ABSTRACT
This article provides a general introduction to the subject of Cryptology, Crytography and Crytoanalysis
and explains the terminology and the practical application of security techniques… In recorded History ,
technological innovations have revolutionized societies. The printing press is an often-cited example of the
great impact one humble person’s invention can have on ruling dynasties, world religions, and personal
life.. Quantum encryption could rival Guttenberg’s printing press in its impact. Cryptology has a
fascinating History., In Warfare Cryptography is a broad, sticky, and mathematically complex, but
interesting subject and an integral part of the evolution of warfare. So let’s get some definitions out of the
way first. Cryptology is the study of codes, both creating and solving them. Cryptography is the art of
creating codes. Cryptanalysis is the art of surreptitiously revealing the contents of coded messages,
breaking codes, that were not intended for you as a recipient.. Secondly, there are nomenclators and
enciphers. Nomenclators are letters or numbers that represent words or phrases, like 103A means “meet
me at 4PM”. Ciphers are alphabetical letters or numbers that are encrypted using some sequential coding
process and a key. For this essay, we will refer to both as codes. Also, enciphered, encrypted and encoded
mean the same thing….Additionally, there is plain text. This is the original message that is readable and
understandable, uncoded or unencrypted. Once it goes through the coding process and is encrypted, the
output is readable but not understandable. There are a bunch of other terms like steganography,
homophones, polyphones, digraphs, bigrams, and polygrams, but they are just variations of coding and
decoding techniques.
KEYWORDS
Network Protocols, Mathematical Cryptology, encryption, decription
1. CRYPTOLOGY
The study of cryptography and cryptanalysis. Cryptology is the mathematics, such as number
theory, and the application of formulas and algorithms, that underpin cryptography and
cryptanalysis. Since the cryptanalysis concepts are highly specialized and complex, we
concentrate here only on some of the key mathematical concepts behind cryptography. cryptology
is made up of cryptography and cryptanalysis.
1) Crytography- The art and science of making ciphers. Which concerns with the design of the
cryptosystems and cryptography, is the actual securing, control, and identification of digital data.
2) Crytoanalysis— The art and science of breaking ciphers. In other words, the extraction
of mm given cc, EE, DD, and possibly keke. which aims at studies relating to breaking of
cryptosystems. cryptanalysis, is made up of all the attempts one might develop to undermine,
circumvent, and/or break what the first part, cryptography, is attempting to accomplish.
3) Cryptosystems:-A particular suite of algorithms and protocols for encryption, decryption, and
key generation. Examples: Cramer-Shoup cryptosystem, Rabin cryptosystem, Benaloh
cryptosystem, RSA cryptosystem.
2. International Journal on Cryptography and Information Security (IJCIS), Vol. 9, No.1/2, June 2019
14
4) Cryptographic System:- Any system that uses cryptography.
5) Cipher:-An algorithm used in a cryptosystem.
6) Confusion:-The property of having the relationship between the plaintext, ciphertext, and key
so complicated as to be useless to the cryptanalyst.
7) Diffusion:-The property of having statistical patterns in the plaintext spread widely throughout
the ciphertext.
8) Frequency Analysis
Known plaintext attack
Known ciphertext attack
Chosen plaintext attack
Chosen key attack
Linear cryptanalysis
Differential cryptanalysis
Theft
Bribery Blackmail
What tools use cryptography? Some form of cryptography can be found nearly everywhere in
computer technology. Popular standalone programs, like PGP and GPG, aid in securing
communications. Web browsers and other programs implement cryptographic layers in their
channels. Drivers and programs exist to secure files on disk and control access thereto. Some
commercial programs use cryptographic mechanisms to limit where their installation and use may
occur. Basically, every time you find a need to control the access and usage of computer
programs or digital data, you'll find that cryptographic algorithms constitute important parts of
the protocol for use of these programs/data.
2. A LITTLE HISTORY
Cryptology, the study of coded messages, dates back to Egypt about 1,900 BC, when a scribe
carved some hieroglyphic symbols into a rock at the tomb of Khnumhotep II. Cryptology wasn’t
that hard back then, since most of the people were illiterate and only the elite could read any
written language. Pharaohs and potentates, kings and queens, presidents and dictators, and
military commanders have used cryptology to hide their communications from their enemies ever
since. An interesting example is Mary, Queen of Scotts. In 1577, Don Juan, ruler of Austria, had
worked out a plan to invade England, dethrone and kill Queen Elizabeth, put Mary on the throne,
and marry her. But, Elizabeth’s minister, Francis Walsingham, smelled a rat and had Mary
confined to castles away from Elizabeth Mary’s page, Antony Babington, began plotting to have
Elizabeth assassinated 1586, with the help of Don Juan and Phillip, the king of the Netherlands.
Babington employed Gilbert Gifford to smuggle encrypted communications between him and
Mary out of the castle in beer barrels. As it turns out, Gifford was an agent working for
Walsingham, so those messages got delivered to him immediately. He employed Thomas
Phelippes to decrypt those messages which thoroughly incriminated Mary of plotting to kill
Elizabeth, and she was convicted of high treason. So, at 8AM on the morning of 8 February 1587,
the executioner chopped off Mary’s head with an axe. Such is the importance of insuring your
code is hard to break. Thomas Philippes became England’s first cryptanalyst, establishing the role
of code breakers in the future.
3. International Journal on Cryptography and Information Security (IJCIS), Vol. 9, No.1/2, June 2019
15
3. CODE TYPES
There are various types of codes in history: mono-alphabetic, poly-alphabetic, columnar
transposition, S-boxes and P-boxes, Polybius squares, etc. Many primitive machines were made
to encrypt/decrypt messages. One of the first used a wooden dowel about an inch in diameter and
two feet long. A 1/4 inch-wide piece of parchment, about 3 feet long, was wrapped around the
dowel, edge to edge like a barber pole. The plaintext message was then written vertically on the
dowel in columns. When unraveled from the pole and laid out flat, it would look like a series of
letters on a strip of paper that made no sense. Only when the intended recipient wrapped the 1/4
inch strip of parchment around his 1-inch wooden dowel could the characters be read in the
proper order, vertically. Other early mechanisms used were identical cipher wheels and cipher
drums held by both the sender and receiver. Other codes used simple key words shared by two
people, and an agreement on how the code would be structured. That could be worked out
mentally on paper, without the use of a mechanical mechanism. As you can see, many early codes
and code machines were cumbersome and it took a lot of time to encrypt or decrypt a
message…Although the early codes were unsophisticated and primitive, they taught many
lessons. The first is that the only people with the knowledge to create secure codes are the
cryptanalysts: they know the weaknesses of the codes they have already broken. The second
lesson is that the most important element of a code is the key: it does not matter if your enemy
knows how your code is structured if you have complex keys. Third, the longer your key, the
more difficult your code is to break. If your key is the same length as your message, your
message is basically unbreakable. But, as early cryptographers have stated, no code is
unbreakable. Fourth, the longer your message, the easier it is to break. And finally, always send
the message in five-letter groups, to hide the number and length of words.
3.1 Externals and internals
There are two parts to any encrypted message: the externals, and the
internals. Cryptanalysis should discover the internals, the process by which the encrypted
message was created, by using the external characteristics of the message. The first technique is
character frequency analysis. The National Security Agency (NSA) has run millions of pages of
newspapers, books, periodicals, and magazines through their computers, establishing the letter
frequency charts of the English language: these are the percentages of each letter in a page of
text: a= 8.167 percent, e= 12.702 percent, i=6.966 percent, o=7.507 percent, u=2.758percent, and
so on. With an encrypted message using a simple substitution code where x=e, z=a, etc, it’s
child’s play to decrypt it just using the character frequency tables. Our intelligence people have
such tables for all the significant languages on the planet.
4. NSA EFFORTS
In 1969, there were 96,000 people working for the NSA, including the old Army Security Agency
(ASA) unit, that were intercepting enemy messages, running the frequency/proximity/symmetry
charts against those messages, decrypting them, analyzing them, cataloging them, and
disseminating the intelligence to our military commanders. Today, that process is done with acres
of NSA supercomputers discussed in the previous installment of this warfare series. Now you
know why NSA has the most computing power on the planet. With massive amounts of computer
power, relatively sophisticated codes can be broken in a short time with these brute-force
methods. Today’s advanced codes, like Logarithmic and Elliptical coding schemes, are very
secure but not unbreakable. It takes millions of years for our computers to discover the two prime
numbers multiplied together to create a 200-digit key used for encrypting a message. A quantum
4. International Journal on Cryptography and Information Security (IJCIS), Vol. 9, No.1/2, June 2019
16
computer can do it in an hour, according to cryptanalysts, which is why NSA has been funding
quantum computer research and development since the 90’s. Turn that decryption concept
around, and quantum computers could create massive keys, as long as the message itself, that
make them invulnerable to cryptanalysis techniques and decoding by our enemies. Auguste
Kerckhoffs, the author of La Cryptographie militaire, once said, “…secrecy must reside solely in
the keys.” As you can see from the examples of frequency analysis above, all encrypting
techniques and their resulting coded messages, have certain idiosyncrasies or patterns that offer a
good cryptanalyst a crack to get his fingers into. With a bit of work, by him or computers, he can
widen that crack and get inside, recover the keys and the coding scheme, and break it.
4.1 Time shifting
The scientists at Purdue University have figured out how hide data in a light beam. They take two
beams and modulate them slightly out of phase with each other on an optical fiber. That creates
“holes in time”, between the two beam phases. Into that hole, they drop the plaintext data. If you
look at the modulated beam, you see a flat line, no light, where the data is now located. The
receiver, knowing the modulation patterns, can simply demodulate the beam and recover the data.
The modulation patterns are the key to the encoding scheme. For many years, computers have
been doing the in-stream encryption and decryption for our military and government
communications. That makes the process fast and secure. When the Pueblo was captured by the
North Koreans in January 1968, the President of the United States knew about it within a few
minutes via secure encrypted communications from ASA intelligence people in the Pacific to
NSA at Fort Meade…. The Pueblo had top secret crypto machines onboard, the same models
used by NSA and ASA, and the North Koreans grabbed them intact (they shared them with the
Russians too). Did the U.S. intelligence groups have to throw away all the crypto machines and
replace them with new ones? No. All we had to do was change the keys and the captured
machines were basically worthless to the North Koreans and the Russians. So, Kerckhoffs was
correct: the keys are the key.If you want to dig deeper into this topic, the best book on the history
of cryptology is “The Codebreakers” by David Kahn (if you can find a copy). It’s over 1,000
pages long but worth a read. The chapters about breaking the German Enigma machines and the
Japanese Purple code in WWII are astonishingly detailed. If you want to understand basic
encryption techniques and more history, read “The Code Book” by Simon Singh. If you are not
mathematically challenged, read “Cryptanalysis” by Helen Fouche Gaines. Same goes for
“Decrypted Secrets” by F. L. Bauer, very heavy on formulas. And finally, there’s the ever-
popular “Modern Cryptanalysis” by Christopher Swenson (this is a text book with exam
questions, problems to solve, and software examples in Python, so you can program your analysis
techniques into your computer). I’ll warn you now: these books are not light reading.For our next
installment, we will take a look at the military capabilities of our closest enemies, through the
eyes of our intelligence folks. That will give you an informed idea of where we stand in a war
with any of them.
5. International Journal on Cryptography and Information Security (IJCIS), Vol. 9, No.1/2, June 2019
17
5. BACKGROUND
Goals:
Confidentiality: It should cost Eve more to recover mm than mm is worth.
Authentication: Bob should be able to verify that it was Alice that sent mm.
Integrity: Bob should be able to verify that mm was not tampered with.
Nonrepudiation: Alice should not be able to deny sending mm.
The best cryptosystems assume that Eve and Mallory know EE, DD, cc, and, if ke≠kdke≠kd,
then keke as well. Most cryptosystems do not rely on their algorithms being kept secret, because:
If your secret algorithm is compromised (someone could leave your group), you have to change
it, and that is way harder than just changing a key!
Public algorithms can be subjected to thousands of experts looking for flaws, so you have some
degree of confidence in those that withstand scrutiny.
The study of cryptology includes the design of various ciphers, cryptanalysis methods (attacks),
key exchange, key authentication, cryptographic hashing, digital signing, and social issues (legal,
political, etc.).
Protocols and algorithms
When considering cryptology, it is important to make the distinction between protocols and
algorithms. This is especially important in light of the misleading claims sometimes made by
companies that produce cryptographic products (either out of carelessness or misrepresentation).
For example, a company might claim: "If you use our product, your data is secure because it
would take a million years for the fastest computers to break our encryption!" The claim can be
true, but still not make for a very good product. A true claim about the strength of an algorithm
by itself does not necessarily mean that a whole protocol that uses that algorithm as one of its
steps does not have other weaknesses.
6. International Journal on Cryptography and Information Security (IJCIS), Vol. 9, No.1/2, June 2019
18
A protocol is a specification of the complete set of steps involved in carrying out a cryptographic
activity, including explicit specification of how to proceed in every contingency. An algorithm is
the much more narrow procedure involved in transforming some digital data into some other
digital data. Cryptographic protocols inevitably involve using one or more cryptographic
algorithms, but security (and other cryptographic goals) is the product of a total protocol.
6. TECHNOLOGICAL BACKGROUND
There are two basic types of encryption commonly used today, symmetric key and asymmetric
key encryption. Although the two methods are very different in theory and application, similar
terminology is used to describe the processes:
Plaintext: The data or message to be sent, in a clear form anyone can read.
Cipher text: The data in encrypted form.
Bit: Binary digit, the basic unit of information stored by a computer. Any letter or
number can be encoded as a string of 8 bits.
Algorithm: The method used to encrypt and decrypt data, also called a “Cipher.”
Key: A crucial parameter in the algorithm.
Hash: A fingerprint for a digital file.
Alice and Bob: Alice is trying to send Bob a message over an insecure channel. Eve wants to
eavesdrop.
Attack: A method that can decrypt the message for an interceptor.
Shannon’s Maxim: The enemy knows the system! A secure algorithm must assume the enemy
knows everything about the system except the key.
The goal of this section is to provide a brief overview of how ciphers work and the history of
cryptography. The scope includes everything from World War I and excludes the field of
classical cryptography.
Symmetric Key Encryption:- Symmetric key encryption is the older and better-known technique.
At its most primitive, the algorithm could be “shift each letter alphabetically” and the key could
be “+2.” Therefore, the Alice will simply shift each letter by 2 spaces to convert plaintext to
cipher text, and Bob will simply shift back 2 spaces to decrypt the message.
For example: Plaintext: MARK IS A SPY
Alice shifts each letter +2: OCTM KU C URA
Bob shifts each letter -2: MARK IS A SPY
There are three characteristics of this simple exercise that also hold true for even the most
complex symmetric key algorithms:
Alice and Bob use the same key to both encrypt and decry.
7. International Journal on Cryptography and Information Security (IJCIS), Vol. 9, No.1/2, June 2019
19
The method is useless if they key is not kept privately between Alice and Bob, which is why this
method is sometimes referred to as private key encryption.
Alice must first securely notify Bob of her key
The last characteristic is the method’s greatest limitation. The key, which must be sent in
plaintext, can be intercepted. Overcoming or exploiting this weakness is a reoccurring theme in
this report and also a focus of cryptographic research.
Examples of Symmetric Key I present four examples to illustrate symmetric key cryptography:
Enigma: Historical yet fascinating example
. One-time Pad: Unbreakable but hard to implement
. Stream Cipher: Vulnerable yet still foolishly used.
Block Cipher: The current industry standard in security.
7. ENIGMA
The Enigma machines are a series of electro-mechanical rotor cipher machines, mainly
developed and used in the early- to mid-20th century to protect commercial, diplomatic and
military communication. Enigma was invented by the German engineer Arthur Scherbius at the
end of World War I. . Early models were used commercially from the early 1920s, and adopted
by military and government services of several countries, most notably Nazi Germany before and
during World War II Several different Enigma models were produced, but the German
military models, having a plugboard, were the most complex. Japanese and Italian models were in
use:
Kinds of Ciphers
Here are some useful categories of ciphers. Note that a particular cipher may belong to
more than one of these categories.
Classical (a.k.a. manual): A cipher easy enough to be performed by hand, usually
character-based
Modern: Pretty much any cipher that isn’t classical
Substitution: Each character of the plaintext is replaced with one or more characters to
make the ciphertext
8. International Journal on Cryptography and Information Security (IJCIS), Vol. 9, No.1/2, June 2019
20
Transposition: Characters in the plaintext are rearranged to form the ciphertext
Monoalphabetic: A substitution cipher in which a character of the plaintext is always
replaced by the same character
Polyalphabetic: A substitution cipher that essentially uses multiple monoalphabetic
substitution mappings
Homophonic: A substitution in which one character can map to one of a set of characters
Polygraphic: A substitution of blocks of characters for blocks of characters
Periodic: A polyalphabetic cipher in which the replacement scheme repeats
Non-periodic: (Self-explanatory if you understand periodic)
Block: Encryption takes place not per character but per blocks of characters.
Stream: A cipher operating on a data stream of unknown length, usually incorporating
feedback.
Secret Key: A cipher in which keke and kdkd are the same or trivially derivable from one
another; requires the parties to meet in secret to exchange the keys they’ll be using. Also
called symmetric.
Public Key: A scheme in which everyone’s encryption key is publicly known but their
decryption key is kept secret. Also called asymmetric.
NOTE: In the character-based examples below, we’ll assume (without any loss of generality) a
26 symbol alphabet (A..Z).
Homophonic Substitution: - Each plaintext letter maps to one or more symbols in the ciphertext.
The number of targets should be proportional to its frequency (to defeat frequency analysis).
Example:
A 12 15 36 50 56 70 81 95
B 51 84
C 16 44 65
D 04 06 48 82
E 01 17 19 34 47 49 58 60 67 77 85 90
F 13 27
G 09 28
H 26 42 53 59 68 71
I 35 73 76 86 91 96
J 18
K 07
L 29 40 54 87
M 25 30
N 21 61 62 69 74 94
O 02 03 08 10 57 75 93
P 41 98
Q 97
R 32 38 43 45 80 83
S 14 22 39 79 89 99
T 00 20 23 33 46 52 72 78 88
U 11 64 66
V 37
W 63 92
X 31
Y 24 55
Z 05
9. International Journal on Cryptography and Information Security (IJCIS), Vol. 9, No.1/2, June 2019
21
To encrypt, choose randomly among possibilities. Example, one possible encryption
of ATTACKATDAWN is
56 78 20 95 65 07 12 72 06 50 92 61
Secret Key Cryptography
Secret key (a.k.a. symmetric key) ciphers are much faster than public key ciphers, but key
management can be a huge problem.
If n people in a group need to communicate, they need n(n−1) /2 keys.
Keys must be distributed securely (in secret).
Keys must be kept safe.
Keys should be changed frequently, which feeds back into the distribution headache.
8. MODERN CRYPTOGRAPHIC METHODS
Now that we have Shannon’s information theory, very powerful computers, and centuries of
theory and practice behind us, most modern techniques operate on bit strings, not character
strings are careful to completely mask patterns and redundancies in the plaintext use random keys
(that can be reused, too) ensure that very slight changes in the plaintext affect a large portion of
the ciphertext (and vice versa). This is called the Avalanche Effect. In addition, it’s nice if the
cipher is
efficientfault-
tolerant
Most ciphers are either block ciphers or stream ciphers. Block ciphers require padding
and can operate in different modes (See Schnier’s book or the Wikipedia article:
ECB — Electronic Codebook
CBC — Cipher Block Chaining
CFB — Cipher Feedback
OFB — Output Feedback
CTR — Counter
BC — Block Chaining
PCBC — Propagating Cipher Block Chaining
CBCC — Cipher Block Chaining with Checksum
DES
IDEA
RC4
RC6
Blowfish
Twofish
AES
AES is the new standard, replacing DES. It was the winner of the competition (in 2001), where is
was submitted under the name Rijndael, beating out RC6, Serpent, MARS, and Twofish.
Key Exchange
10. International Journal on Cryptography and Information Security (IJCIS), Vol. 9, No.1/2, June 2019
22
Diffie and Hellman (the 2015 Turing Award Winners) and their friend Merkle showed in 1976
that it was possible for two people to exchange a secret key without having to actually meet in
secret:
Alice picks a prime nn and sends this in the clear to Bob
Alice picks a primitive root mod nn (how to find), called g, and sends this in the clear to
Bob
Alice picks a secret integer a, and sends ga modn in the clear to Bob
Bob picks a secret integer bb, and sends gb mod n in the clear to Alice
Alice computes (g b
modn)a
and Bob computes (g a
mod n). This is the key! (It’s g ab
mod
n )
This is probably secure, provided nn is very large and n−12n−12 is also prime, because although
Eve knows gg, nn, gamodngamodn, and gbmodngbmodn, there’s no known efficient way to
get aa or bb from these. That’s the discrete logarithm problem, remember?
Example with small nn:
Alice picks n=208799n and g=13 and sends these to Bob
Alice picks a=152335 and Bob picks b=98113
Alice sends Bob 13^152335 mod 208799 =73033
Bob sends Alice 13^98133 mod 208799=147540
Alice computes 147540 ^ 152335 mod208799= 8435
Bob computes 73033^ 98133 mod208799=8435
The secret key is 84358435.
Public key cryptography is a cryptographic technique that enables entities to securely
communicate on an insecure public network, and reliably verify the identity of an entity via
digital signatures…Public key ciphers solve the key management nightmare of secret key ciphers,
at the cost of speed. In a group of n people one needs only n public keys and n private
keys…The Public key infrastructure (PKI) is the set of hardware, software, policies, processes,
and procedures required to create, manage, distribute, use, store, and revoke digital certificates
and public-keys. The PKI is the foundation that enables the use of technologies, such as digital
signatures and encryption, across large user populations. PKIs deliver the elements essential for a
secure and trusted business environment for e-commerce and the growing Internet of Things
(IoT)… PKIs help establish the identity of people, devices, and services – enabling controlled
access to systems and resources, protection of data, and accountability in transactions. Next
generation business applications are becoming more reliant on public key infrastructure (PKI)
technology to guarantee high assurance as evolving business models are becoming more
dependent on electronic interaction requiring online authentication and compliance with stricter
data security regulations..
9.CRYPTOGRAPHIC SECURITY
Using the principles of asymmetric and symmetric cryptography, PKIs facilitate the establishment
of a secure exchange of data between users and devices – ensuring authenticity, confidentiality,
and integrity of transactions. Users (also known as “Subscribers” in PKI parlance) can be
individual end users, web servers, embedded systems, connected devices, or
programs/applications that are executing business processes. Asymmetric cryptography provides
the users, devices or services within an ecosystem with a key pair composed of a public and a
private key component. A public key is available to anyone in the group for encryption or for
11. International Journal on Cryptography and Information Security (IJCIS), Vol. 9, No.1/2, June 2019
23
verification of a digital signature. The private key on the other hand, must be kept secret and is
only used by the entity to which it belongs, typically for tasks such as decryption or for the
creation of digital signatures.
The Increasing Importance of PKIs
With evolving business models becoming more dependent on electronic transactions and digital
documents, and with more Internet-aware devices connected to corporate networks, the role of a
public key infrastructure is no longer limited to isolated systems such as secure email, smart cards
for physical access or encrypted web traffic. PKIs today are expected to support larger numbers
of applications, users and devices across complex ecosystems. And with stricter government and
industry data security regulations, mainstream operating systems and business applications are
becoming more reliant than ever on an organizational PKI to guarantee trust.
RSA Cryptosystem
Diffie-Hellman doesn’t do encryption; it just exchanges a key. RSA can encrypt and decrypt.
Here’s how. ..
Each personGenerates two large primes, p and q.
Publishes his or her public key (N,e) where N=pq.
Computes d = modular inverse of e relative to (p−1)(q−1), keeping it secret.
Destroys p and q.
Now check this out:
For Alice to send a message m to Bob, she sends c=me mod N.
Bob decodes this easily because m=cd mod N.
RSA algorithm is asymmetric cryptography algorithm. Asymmetric actually means that it works
on two different keys i.e. Public Key and Private Key. As the name describes that the Public Key
is given to everyone and Private key is kept private.Let us learn the mechanism behind RSA
algorithm :
Generating Public Key :
Select two prime no's. Suppose P = 53 and Q = 59.
Now First part of the Public key :n = P*Q = 3127.
We also need a small exponent say e :
But Must be
An integer.
Not be a factor of n.
Generating Private Key: We need to calculate Φ(n) :
Such that Φ(n) = (P-1)(Q-1)
so, Φ(n) = 3016
Now calculate Private Key, d :
d = (k*Φ(n) + 1) / e for some integer k
For k = 2, value of d is 2011.
Now we are ready with our – Public Key ( n = 3127 and e = 3) and Private
Key(d = 2011)
Now we will encrypt “HI” :
Convert letters to numbers : H = 8 and I = 9
ThusEncrypted Data c = 89e mod n.
12. International Journal on Cryptography and Information Security (IJCIS), Vol. 9, No.1/2, June 2019
24
Thus our Encrypted Data comes out to be 1394
Now we will decrypt 1394 :
Decrypted Data = cd mod n.
Thus our Encrypted Data comes out to be 89
8 = H and I = 9 i.e. "HI".
10. CRYPTOGRAPHIC HASHING
Cryptography hash functions play a fundamental role inmodern cryptography. Hash function
takes a message as input and produce an output referred to as a hash code, hash-result, hash-value
or a simple hash..A hash, a.k.a.fingerprint, checksum, message digest is a bit pattern (usually
around 160 bits or so), generated from a message by a cryptographic hash function. For the hash
to be secure, or cryptographic, it must be computationally infeasbile to find a message that hashes
to a given value (one wayness) be computationally infeasible to find two messages that hash tothe
same value. Usually the change of just a single bit in the message will cause the digest to look
completely and totally different.
11. BASIC MATHEMATICAL CRYPTOLOGY
An original plain message is called plaintext and an encrypted one is called cryptotext.
Encryption is the process of encoding a message or an information in such a way that only
authorized recipient can access it and any other unauthorized cannot.. . Encryption is the key
concept of cryptography – It is the process where a message is encoded in such a format that
cannot be read or understood by an eavesdropper... An algorithm is basically a procedure or a
formula for solving a data snooping problem. An encryption algorithm is a set of mathematical
procedure for performing encryption on data when encrypting you need to have a so-called key,
a usually quite complicated parameter that you can use to change the encryption.
13. International Journal on Cryptography and Information Security (IJCIS), Vol. 9, No.1/2, June 2019
25
The authorized receiver of the message decrypts it. Decryption is the process of converting the
encrypted message / text back to its original (readable) format / Plain Text..An authorized
recipient can easily decrypt the message for which he/she needs to have his/her own key. An
encrypting procedure can encrypt a continuous stream of symbols (stream encryption) or divide it
into blocks (block encryption). Sometimes in the block encryption the sizes of blocks can vary,
but a certain maximum size of block should not be exceeded. However, blocks are usually of the
same size. In what follows block encryption, where it’s sufficient to consider encrypting and
decrypting of an arbitrary message block, and one arbitrary message block may be considered as
the plaintext and its encrypted version as the cryptotext.
An encryption procedure is symmetric, if the encrypting and decrypting keys are the same, or
Symmetric encryption is a type of encryption where only one key (a secret key) is used to
both encrypt and decrypt the information /message.. .It’s easy to derive one from the other. In
nonsymmetric encryption or Asymmetric Encryption also known as public key cryptography,the
decrypting key can’t be derived from the encrypting key with any small amount of work. In that
case the encrypting key can be public while the decrypting key stays classified. This kind of
encryption procedure is known as public-key cryptography, correspondingly symmetric
encrypting is called secretkey cryptography. The problem with symmetric encrypting is the secret
key distribution to all parties, as keys must also be updated every now and then, Symmetric
encryption can be characterized as a so called cryptosystem which is an ordered quintet (P, C, K,
E, D), where
• P is the finite message space (plaintexts).
• C is the finite cryptotext space (cryptotexts).
• K is the finite key space for every key k ∈ K there is an encrypting function ek ∈ E and a
decrypting function
dk ∈ D. E is called the encrypting function space which includes every possible encrypting
function and D is
called the decrypting function space which includes every possible decrypting function.
• dk(ek(w)) = w holds for every message (block) w and key k.
It would seem that an encrypting function must be injective, so that it won’t encrypt two different
plaintexts to the same cryptotext. Encryption can still be random, and an encrypting function can
encrypt the same plaintext to several different cryptotexts, so an encrypting function is not
actually a mathematical function. On the other hand, encrypting functions don’t always have to be
injective functions, if there’s a limited amount of plaintexts which correspond to the same
cryptotext and it’s easy to find the right one of them.
14. International Journal on Cryptography and Information Security (IJCIS), Vol. 9, No.1/2, June 2019
26
12. NUMBER THEORY.
Divisibility. Factors. Primes
Certain concepts and results of number theory1 come up often in cryptology, even though the
procedure itself doesn’t have anything to do with number theory. The set of all integers is denoted
by Z. The set of nonnegative integers {0, 1, 2, . . . } is called the set of natural numbers and it’s
denoted by N.
Addition and multiplication of integers are familiar commutative and associative operations, with
identity elements 0 and 1 respectively. Also recall the distributive law x(y + z) = xy + xz and the
definitions of opposite number −x = (−1)x and subtraction x − y = x + (−1)y. Division of integers
means the following operation: When dividing an integer x (dividend) by an integer y 6= 0
(divisor), x is to be given in the form
x = qy + r , where the integer r is called remainder and fulfills the condition 0 ≤ r < |y|. The
integer q is called quotient. Adding repeatedly −y or y to x we see that it’s possible to write x in
the desired form. If it’s possible to give x in the form x = qy, where q is an integer then it’s
said that x is divisible by y or that y divides x or that y is a factor of x or that x is a multiple of y,
and this is denoted by y | x. The so-called trivial factors of an integer x are ±1 and ±x. Possible
other factors are nontrivial.
The following properties of divisibility are quite obvious:
(1) 0 is divisible by any integer, but divides only itself.
(2) 1 and −1 divide all integers, but are divisible only by themselves and by one another.
(3) If y | x and x≠ 0 then |y| ≤ |x|. (4) If x | y and y | z then also x | z (in other words, divisibility
is transitive).
(4) If x | y and y | z then also x | z (in other words, divisibility is transitive)
(5) If x | y and x | z then also x | y ± z.
(6) If x | y and z is an integer then x | yz.
The result of division is unique since, if x = q1x + r1 = q2y + r2, where q1, q2,r1,r2 are
integers and 0 ≤ r1, r2 < |y|, then y divides r1 − r2. From the fact that |r1 − r2| < |y| it then follows
that r1 = r2 and further that q1 = q2.
An integer that has only trivial factors is called indivisible. An indivisible integer is a prime
number or just a prime2 , if it is ≥ 2. The first few primes are 2, 3, 5, 7, 11, 13, 17, 19, 23, 29, 31,
37, 41, 43, 47, 53, . . .2 is the only even prime. One basic task is to test whether or not a natural
number is a prime. An integer, which is ≥ 2 and is not a prime, is called composite.
Representations of Integers in Different Bases:- The most common way to represent an
integer is to use the familiar decimal representation or in other words base-10 representation.
Base-2 representation, called the binary representation, is also often used and so is base-8 octal
representation and base-16 hexadecimal representation. The general base representation is given
by
Theorem-1 :- . If k ≥ 2 then every positive integer x can be represented uniquely in the form
x = ankn
n + an-1kn-1
+ · · · + a1k + a0 where 0 ≤ a0, a1, . . . , an ≤ k − 1 and an > 0. This is called
base-k representation of x, where k is the base (number) or radix and n + 1 is the length of the
representation.
15. International Journal on Cryptography and Information Security (IJCIS), Vol. 9, No.1/2, June 2019
27
Proof. The representation, i.e. the sequence an, an-1, . . . , a0, is obtained by the following
algorithm:
1. Set K ← NULL (the empty sequence).
2. Divide x by the radix K
: x = qk + r (quotient q, remainder r).
Set K ← r, K and x ← q.
3. If x = 0 then return K and quit. Else repeat #2. x gets smaller and smaller in #2 with each
iteration and so the procedure stops eventually in #3.
The base-k representation is unique because if
x = ankn
+ an-1kn-1
+ · · · +a1k + a0 = bmkm
+ bm-1km-1
+ · · · + b1k + b0,
where 0 ≤ a0, a1, . . . ,an, bn, b1, . . . , bm ≤ k − 1 and an, bm > 0 and n ≥ m, then we first
conclude that n = m. Indeed, if n > m then we also have
bmkm
+ bm-1km-1
+ · · · + b1k + b0 ≤ (k − 1)km
+ (k − 1)km-1
+ · · · + (k − 1)k + k − 1 = km-1
– 1.
< km-1
≤ km
≤ ankn
+an-1kn-1
+ · ..· · + a1k + a0, which is a contradiction. So n = m, that is, the
length of the representation must be unique. Similarly we can conclude that an = bn, because if
an > bn then
bnkn
+ bn-1kn-1
+ · · · + b1k + b0 ≤ (an-1)kn
+ (k − 1)kn-1
+ · · · + (k − 1)k + k − 1 = ankn-1
< ankn
+ an-1kn-1
+ · · · + a1k + a0,
Which is also a contradiction. Again in the same way we can conclude that an-1 = bn-1 and so on.
Representation of the number 0 is basically an empty sequence in every base. This of course
creates problems and so we agree on the convention that the representation of 0 is 0. Conversion
between base representations, the so-called change of base or radix transformation, is a basic task
concerning integers.
Theorem 2:- The length of the base-k representation of a positive integer x is
⌊logk x⌋ + 1 = ⌈logk (x + 1)⌉ where logk is the base-k logarithm3
Proof:- If the base-k representation of x is x = ankn
+an-1kn-1
+· · ·+a1k +a0 then its length is s =
n + 1.
It is apparent that x ≥ kn
, and on the other hand that
x ≤ (k − 1)kn
+ (k − 1)kn-1
+ · · · + (k − 1)k + k − 1 = kn-1
− 1 < kn-1
.
Since kn-1
≤ x < ks
, then s − 1 ≤ logk x < s , and so s = ⌊logK x⌋ + 1.
Then again ks-1
< x + 1 ≤ ks
, whence s − 1 < logk (x + 1) ≤ s and so
s = ⌈logk (x + 1)⌉.
13. GREATEST COMMON DIVISOR AND LEAST COMMON MULTIPLE
The greatest common divisor(g.c.d.) of the integers x and y is the largest integer d which divides
both integers, denoted d = gcd(x, y). The g.c.d. exists if at least one of the integers x and y is 6=
0. Note that the g.c.d. is positive. (It’s often agreed, however, that gcd(0, 0) = 0.) If gcd(x, y) = 1
then we say that x and y have no common divisors or that they are coprime.
Theorem-3:- (Bézout’s theorem) - The g.c.d. d of the integers x and y, at least one of which is
6= 0, can be written in the form d = c1x + c2y (the so-called Bézout form) where c1 and c2 are
integers, the so-called Bézout coefficients. Also, if x, y 6= 0, then we may assume that |c1| ≤ |y|
and |c2| ≤ |x|.
Proof.:- Bézout’s form and the g.c.d. d are produced by the following so-called (Generalized)
Euclidean algorithm. Here we may assume that 0 ≤ x ≤ y, without loss of generality.
Denote GCD(x, y) = (d, c1, c2).
16. International Journal on Cryptography and Information Security (IJCIS), Vol. 9, No.1/2, June 2019
28
(Generalized) Euclidean algorithm.
1. If x = 0 then we come out of the algorithm with GCD(x, y) = (y, 0, 1) and quit.
2. If x > 0 then first we divide y with x: y = qx + r, where 0 ≤ r < x. Next we find GCD(r, x) =(d,
e1, e2). Now d = e1r + e2x = e1(y − qx) + e2x = (e2 − e1q)x + e1y. We end the algorithm by
returning GCD(x, y) = (d, e2 − e1q, e1) and quit. Since r = y − qx, gcd(x, y) divides r and hence
gcd(x, y) ≤ gcd(x, r). Similarly gcd(x, r) divides y and thus gcd(x, r) ≤ gcd(x, y), so gcd(x, r) =
gcd(x, y). Hence #2 produces the correct result. The recursion ends after a finite number of
iterations because min(r, x) < min(x, y), and so every time we call GCD (iterate) the minimum
value gets smaller and is eventually = 0. If x, y 6= 0 then apparently right before stopping in #1 in
the recursion we have y = qx and r = 0 and d = x, whence at that point c1 = 1 ≤ y and c2 = 0 ≤ x.
On the other hand, every time when in #2 we have y = qx + r and d = e1r + e2x, where |e1| ≤ x
and |e2| ≤ r, then e1 and e2 have opposite signs and thus |e2 − e1q| = |e2| + |e1|q ≤ r + xq = y. So,
the new coefficients c1 = e2 − e2q and c2 = e1 will then also satisfy the claimed conditions…..
Theorem-4:- Factorization of an integer x ≠ 0 is unique.
Proof :- Assume the contrary: There exists an integer x, which has (at least) two different
factorizations. We may assume that x is positive and that x is the smallest positive integer that has
this property. Thus x ≥ 2, since the only factorization of 1 is the empty product. Now we can
write x as a product of primes with respect to two different factorizations:
x = p1
i1
p2
i2
· · · pn
in
= q1
j1
q2
j2
· · · ……qm
jm
where p1, . . . , pn are different primes and likewise q1, . . . , qm are different primes and i1, …… in, as
well as j1, . . . , jm are positive integers. In fact, we also know that the primes p1, . . . , pn differ
from the primes q1, . . . , qm. If, for example, p1 = q1, then the integer x/p1 would have two
different factorizations and x/p1 < x, a contradiction. So we know that gcd(p1, q1) = 1, in
Bézout’s form
1 = c1p1 +c2q2.
But it follows from this that q1
j1-1q
2
j2
· · · qm
jm
= ( c1p1 + c2q1)q1
j1-1
q2
j2
· · · qm
jm
= c1p1q1
j1-1
q2
j2
· · ·
qm
jm
+ c2x,… from which we see further that p1 divides the product q1
j1-1
q2
j2
· · · qm
jm
, in other
words,
q1
j1-1
q2
j2
· · · qm
jm
= p1z, Because z and q1
j1-1
q2
j2
· · · qm
jm
have unique factorizations (they are
both smaller than x), it follows from this that p1 is one of the primes q1, . . . , qm which is a
contradiction. So the contrary is false and factorization is unique. When giving a rational number
in the form x/y, it is usually assumed that gcd(x, y) = 1, in other words, that the number is with
the smallest terms. This is very important when calculating with large numbers, to prevent
numerators and denominators from growing too large. Such reduced form is naturally obtained by
dividing x and y by gcd(x, y), so in long calculations the g.c.d. must be determined repeatedly.
It’s important to notice that the bounds of the coefficients mentioned in Bézout’s theorem, i.e. |c1|
≤ |y| and |c2| ≤ |x|, are valid in every step of the Euclidean algorithm. This way intermediate
results won’t get too large. On the other hand, the Euclidean algorithm does not even take too
many steps:
Theorem-5:- When computing gcd (x, y), where 0 ≤ x ≤ y, the Euclidean algorithm needs no
more than ⌊2 log2 y + 1⌋ divisions.
17. International Journal on Cryptography and Information Security (IJCIS), Vol. 9, No.1/2, June 2019
29
Proof :- If x = 0 (no divisions) or x = y (one division) there’s nothing to prove, so we can
concentrate on the case 0 < x < y. The proof is based on the following simple observation
concerning division: Every time we divide integers a and b, where 0 < a < b, and write b = qa + r
(quotient q, remainder r), we have
b = qa + r ≥ a + r > 2r
When computing gcd(x, y) using the Euclidean algorithm we get a sequence
y = q1x + r1 (0 < r1 < x),
x = q2r1 + r2 (0 < r2 < r1),
r1 = q3r2 + r3 (0 < r3 < r2),
.
rl-2 = q1rl-1 + r1 (0 < rl < rl−1),
rl-1 = ql+1rl
with l + 1 divisions. .. If l = 2k + 1 is odd then by our observation above 1 ≤ rl < 2-1 rl-2 <
2-2l-4 < · · · < 2-i
rl-2i < · · · < 2-kr1 < 2-k-1 y = 2-(l=1/2) y < 2-(1/2) y, and if l = 2k is even then
1 ≤ r1 < 2-1rl-2 < 2-2 rl-4 < · · · < 2-k+1r2 < 2-kx < 2-(1/2). So, in any case y > 2(1/2),,
which means that (taking base-2 logarithms) 2 log2 y > l, and the result follows. Thus we see that
applying the Euclidean algorithm is not very laborious, ⌊2 log2 y + 1⌋ is proportional to the length
of the binary representation of y (Theorem 2). If you want to know more about the computational
efficiency of the Euclidean algorithm, see e.g. KNUTH. The greatest common divisor of more
than two integers x1, x2, . . . , xN
d = gcd(x1, x2, . . . , xn ) is defined in same way as for two integers, so it’s the largest integer
which divides all the numbers in the sequence x1, x2, . . . , xN . Again we require that at least one
of the numbers is ≠ 0. We may agree that xN ≠ 0. This kind of g.c.d. can be computed by
applying the Euclidean algorithm N − 1 times, since…
RSA Cryptosystem
Diffie-Hellman doesn’t do encryption; it just exchanges a key. RSA can encrypt and decrypt.
Here’s how. ..Each personGenerates two large primes, p and q.
Publishes his or her public key (N,e) where N=pq.
Computes d = modular inverse of e relative to (p−1)(q−1), keeping it secret.
Destroys p and q.
Now check this out:
For Alice to send a message m to Bob, she sends c=me
mod N.
Bob decodes this easily because m=cd
mod N.
RSA algorithm is asymmetric cryptography algorithm. Asymmetric actually means that it works
on two different keys i.e. Public Key and Private Key. As the name describes that the Public
Key is given to everyone and Private key is kept private. Let us learn the mechanism behind
18. International Journal on Cryptography and Information Security (IJCIS), Vol. 9, No.1/2, June 2019
30
RSA algorithm
Generating Public Key :
Select two prime no's. Suppose P = 53 and Q = 59.
Now First part of the Public key : n = P*Q = 3127.
We also need a small exponent say e :
But e Must be
An integer.
Not be a factor of n.
Generating Private Key : We need to calculate Φ(n) :
Such that Φ(n) = (P-1)(Q-1)
so, Φ(n) = 3016
Now calculate Private Key, d :
d = (k*Φ(n) + 1) / e for some integer k
For k = 2, value of d is 2011.
Now we are ready with our – Public Key ( n = 3127 and e = 3) and Private Key(d = 2011)
Now we will encrypt “HI” :
Convert letters to numbers : H = 8 and I = 9
Thus Encrypted Data c = 89e
mod n.
Thus our Encrypted Data comes out to be 1394
Now we will decrypt 1394 :
Decrypted Data = cd
mod n.
Thus our Encrypted Data comes out to be 89
8 = H and I = 9 i.e. "HI".
14. DIGITAL SIGNATURES
A digital certificate is an electronic document issued by a Certificate Authority (CA). It contains
the public key for a digital signature and specifies the identity associated with the key, such as the
name of an organization. Digital signatures are the public-key primitives of message
authentication. In the physical world, it is common to use handwritten signatures on handwritten
or typed messages. They are used to bind signatory to the message…Similarly, a digital signature
is a technique that binds a person/entity to the digital data. This binding can be independently
verified by receiver as well as any third party.
Digital signature is a cryptographic value that is calculated from the data and a secret key known
only by the signer….In real world, the receiver of message needs assurance that the message
belongs to the sender and he should not be able to repudiate the origination of that message. This
requirement is very crucial in business applications, since likelihood of a dispute over exchanged
data is very high.
15. MODEL OF DIGITAL SIGNATURE
As mentioned earlier, the digital signature scheme is based on public key cryptography. The
model of digital signature scheme is depicted in the following illustration
19. International Journal on Cryptography and Information Security (IJCIS), Vol. 9, No.1/2, June 2019
31
The following points explain the entire process in detail – Each person adopting this scheme has a
public-private key pair…Generally, the key pairs used for encryption/decryption and
signing/verifying are different. The private key used for signing is referred to as the signature key
and the public key as the verification key
Signer feeds data to the hash function and generates hash of data.
Hash value and signature key are then fed to the signature algorithm which produces the
digital signature on given hash. Signature is appended to the data and then both are sent
to the verifier.
Verifier feeds the digital signature and the verification key into the verification algorithm.
The verification algorithm gives some value as output.
Verifier also runs same hash function on received data to generate hash value.
For verification, this hash value and output of verification algorithm are compared. Based
on the comparison result, verifier decides whether the digital signature is valid.
Since digital signature is created by ‘private’ key of signer and no one else can have this key; the
signer cannot repudiate signing the data in future..It should be noticed that instead of signing data
directly by signing algorithm usually a hash of data is created. Since the hash of data is a unique
representation of data, it is sufficient to sign the hash in place of data. The most important reason
of using hash instead of data directly for signing is efficiency of the scheme.Let us assume RSA
is used as the signing algorithm. As discussed in public key encryption chapter, the
encryption/signing process using RSA involves modular exponentiation..Signing large data
through modular exponentiation is computationally expensive and time consuming. The hash of
the data is a relatively small digest of the data, hence signing a hash is more efficient than
signing the entire data.
15.1ImportanceofDigitalSignature
Out of all cryptographic primitives, the digital signature using public key cryptography is
considered as very important and useful tool to achieve information security..Apart from ability to
provide non-repudiation of message, the digital signature also provides message authentication
and data integrity. Let us briefly see how this is achieved by the digital signature –
20. International Journal on Cryptography and Information Security (IJCIS), Vol. 9, No.1/2, June 2019
32
Message authentication
When the verifier validates the digital signature using public key of a sender, he is assured that
signature has been created only by sender who possess the corresponding secret private key and
no one else.
Data Integrity
In case an attacker has access to the data and modifies it, the digital signature verification at
receiver end fails. The hash of modified data and the output provided by the verification
algorithm will not match. Hence, receiver can safely deny the message assuming th at data
integrity has been breached.
Non-repudiation
Since it is assumed that only the signer has the knowledge of the signature key, he can only
create unique signature on a given data. Thus the receiver can present data and the digital
signature to a third party as evidence if any dispute arises in the future. By adding public-key
encryption to digital signature scheme, we can create a cryptosystem that can provide the four
essential elements of security namely- Privacy, Authentication, Integrity, and Non-repudiation.
16.ENCRYPTIONWITHDIGITALSIGNATURE
In many digital communications, it is desirable to exchange an encrypted messages than plaintext
to achieve confidentiality. In public key encryption scheme, a public (encryption) key of sender is
available in open domain, and hence anyone can spoof his identity and send any encrypted
message to the receiver….This makes it essential for users employing PKC for encryption to seek
digital signatures along with encrypted data to be assured of message authentication and non-
repudiation.This can archived by combining digital signatures with encryption scheme. Let us
briefly discuss how to achieve this requirement. There are two possibilities, sign-then-
encrypt and encrypt-then-sign….However, the crypto system based on sign-then-encrypt can be
exploited by receiver to spoof identity of sender and sent that data to third party. Hence, this
method is not preferred. The process of encrypt-then-sign is more reliable and widely adopted.
This is depicted in the following illustrations:-
21. International Journal on Cryptography and Information Security (IJCIS), Vol. 9, No.1/2, June 2019
33
The receiver after receiving the encrypted data and signature on it, first verifies the signature
using sender’s public key. After ensuring the validity of the signature, he then retrieves the data
through decryption using his private key.
RSA for Digital Signatures
For Alice to send a message to Bob,
Alice encrypts m with her private key
Alice encrypts with Bob’s public key
Bob decrypts with his private key
Bob decrypts with Alice’s public key
m=A(B′(B(A′(m)))
Cryptography | One Time Password (OTP) algorithm
Authentication, :-the process of identifying and validating an individual is the rudimentary step
before granting access to any protected service (such as a personal account). Authentication has
been built into the cyber security standards and offers to prevent unauthorized access to
safeguarded resources. Authentication mechanisms today create a double layer gateway prior to
unlocking any protected information. This double layer of security, termed as two factor
authentication, creates a pathway that requires validation of credentials (username/email and
password) followed by creation and validation of the One Time Password (OTP). The OTP is a
numeric code that is randomly and uniquely generated during each authentication event. This
adds an additional layer of security, as the password generated is fresh set of digits each time an
authentication is attempted and it offers the quality of being unpredictable for the next created
session.
The two main methods for delivery of the OTP is
1.SMS-Based:
This is quite straightforward. It is the standard procedure for delivering the OTP via a text
messageafter regular authentication is successful. Here, the OTP is generated on the server side
and delivered to the authenticator via text message. It is the most common method of OTP
delivery that isencountered across services.
2.Application-Based: This method of OTP generation is done on the user side using a specific
smartphone application that scans a QR code on the screen. The application is responsible for the
unique OTP digits. This reduces wait time for the OTP as well as reduces security risk as
compared to the SMS based delivery.The most common way for the generation of OTP defined
by The Initiative For Open Authentication (OATH) is the Time Based One Time Passwords
(TOTP), which is a Time Synchronized OTP. In these OTP systems, time is the cardinal factor to
generate the unique password.The password generated is created using the current time and it also
factors in a secret key. An example of this OTP generation is the Time Based OTP Algorithm
(TOTP) described as follows:
Backend server generates the secret key. The server shares secret key with the service generating
the OTP
22. International Journal on Cryptography and Information Security (IJCIS), Vol. 9, No.1/2, June 2019
34
A hash based message authentication code (HMAC) is generated using the obtained secret key
and time. This is done using the cryptographic SHA-1 algorithm.Since both the server and the
device requesting the OTP, have access to time, which is obviously dynamic, it is taken as a
parameter in the algorithm. Here, the Unix timestamp is considered which is independent of time
zone i.e. time is calculated in seconds starting from January First 1970. Let us
consider“0215a7d8c15b492e21116482b6d34fc4e1a9f6ba” as the generated string from the
HMAC-SHA 1 algorithm. The code generated is 20 bytes long and is thus truncated to the
desired length suitable for the user to enter. Here dynamic truncation is used. For the 20-byte
code “0215a7d8c15b492e21116482b6d34fc4e1a9f6ba”, each character occupies 4 bits.
The entire string is taken as 20 individual one byte sting.
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 1
7
1
8
1
9
12 15 a7 d8 c1 5b 49 2e 21 11 64 82 b6 d3 4f c4 e1 a
9
f
6
b
a
We look at the last character, here a. The decimal value of which is taken to determine the offset
from which to begin truncation. Starting from the offset value, 10 the next 31 bits are read to
obtain the string “6482b6d3″. The last thing left to do, is to take our hexadecimal numerical
value, and convert it to decimal, which gives 1686288083.
All we need now are the last desired length of OTP digits of the obtained decimal string, zero-
padded if necessary. This is easily accomplished by taking the decimal string, modulo 10 ^
number of digits required in OTP. We end up with “288083” as our TOTP code… A counter is
used to keep track of the time elapsed and generate a new code after a set interval of time..Then
OTP generated is delivered to user by the methods described above.Apart from the time-based
method described above, there also exist certain mathematical algorithms for OTP generation for
example a one-way function that creates a subsequent OTP from the previously created OTP.The
two factor authentication system is an effective strategy that exploits the authentication principles
of “something that you know” and “something that you have”.The dynamic nature of the latter
principle implemented by the One Time Password Algorithm is crucial to security and offers an
effective layer of protection against malicious attackers. The unpredictability of the OTP presents
a hindrance in peeling off the layers that this method of cryptography has to offer.
Computer Network | Password authentication protocol (PAP)
There are simply two methods to authenticate PPP links namely Password Authentication
Protocol (PAP) and Challenge Handshake Authentication Protocol (CHAP).
From these two authentication protocols, PAP is less secured as the password is sent in clear text
and is performed only at the initial link establishment.Password-Authentication-Protocol-(PAP) –
PAP is a password Authentication Protocol used by PPP links to validate users. PAP
authentication requires the calling device to enter the username and password. If the credentials
match with the local database of the called device or in the remote AAA database then it is
allowed to access otherwise denied.
23. International Journal on Cryptography and Information Security (IJCIS), Vol. 9, No.1/2, June 2019
35
Features
Some of the features of PAP are:
The password is sent in clear text.
All network operating system support PAP.
It uses two-way Handshake Protocol.
It is non-interactive.
PAP supports both one-way authentication (unidirectional) and two-way authentication
(bidirectional).
Configuration
There is a small topology in which there are 2 routers namely R1 and R2. R1 having ip address
10.1.1.1/30 on s0/0 and R2 have ip address 10.1.1.2/30 on s0/0.
1)First, we will create local database on R1 by providing username and password:
R1(config)#username Router1 password GeeksforGeeks
2) Configuring local database on R2:
R2(config)#username Router2 password GeeksforGeeks
3) Remember, by default HDLC is configured on Cisco routers therefore first we have to change
the encapsulation to PPP and enable PAP.
R2(config)# int s0/0
R2(config-if)#encapsulation ppp
R2(config-if)#ppp authentication pap
R2(config-if)#ppp pap sent-username Router1 password GeeksforGeeks
4) Enabling PAP on R2:
R2(config)# int s0/0
R2(config-if)#encapsulation ppp
R2(config-if)#ppp authentication pap
R2(config-if)#ppp pap sent-username Router1 password GeeksforGeeks
Here, notice that username and password are case-sensitive. Also, on router R1 we have to give a
username and password.
When to use PAP – PAP is usually used in following scenarios:
When the application doesn’t support CHAP.
Circumstances where it is necessary to sent a plain text password to stimulate a login at
the called device (remote host).
When there is occurrence of incompatibilities between different vendors of CHAP.
24. International Journal on Cryptography and Information Security (IJCIS), Vol. 9, No.1/2, June 2019
36
Advantage of CHAP over PAP
Some of the advantages are:
CHAP is more secured than PAP.
CHAP can provide authentication periodically to recognise that the user accessing the
PPP link is same or not.
In CHAP, the real passwords are never shared on the link instead a hash value of it is
calculated and transferred.
Advantage of PAP over CHAP
The only advantage PAP holds over CHAP is that it is supported by the all the network operating
system vendors therefore it can be said that PAP is used where CHAP is not supported. But if
CHAP is supported then it is recommended to use CHAP as it is more secured…..
REFERENCES
[1] Applied Cryptography– By Alfred J Menezes, Paul C.Van Oorscot, Scott A Vanstone
[2] Fundamentals of Cryptology – By- Henk C.A.van Tilborg…
[3] Cryptography’s Past, Present, and Future Role in Society – By-Franck Lin
[4] GeeksforGeeks- Coputer Science Portal…
[5] Mathematical Cryptology By Keijo Ruohonen