Chapter-2:

Cryptographic Protocols, Tools and

Algorithms

12/9/2022 Computer and Network Security 1 By: Mechal T.

 Outline

 Introduction to cryptography  Cryptographic Algorithms

 Goal and services of cryptography  Symmetric Block Cipher Algorithms

 Components of Cryptography  Caesar Cipher Algorithm

 Encryption and Decryption in  DES (Data Encryption Standard)

Cryptography  3DES (Triple DES)

 Types of Cryptography  Digital Signature

 Building blocks of Encryption  AES

Techniques
 DH-Key Exchange Algorithm
 Cryptanalysis andTypes of Attacks
 SHA-1
12/9/2022 Computer and Network Security 2 By: Mechal T.
 Chapter Objectives
 At the end of this chapter, students will be able to understand:
 Basics of cryptography

 Encryption Decryption Techniques

 Different types of attacks

 Different types of cryptographic algorithms

 Basic Components of cryptography

12/9/2022 Computer and Network Security 3 By: Mechal T.

 Introduction to Cryptography

Chapter-1
Part I

12/9/2022 Computer and Network Security 4 By: Mechal T.

 Introduction to Cryptography
 Definition

 Cryptography is the science of using mathematics to encrypt and decrypt

data.

 It is technique of securing information and communications through use

of codes so that only those person for whom the information is intended
can understand it and process it.

 It is the design, analysis, and implementation of mathematical techniques

for securing information, systems, and distributed computations against
adversarial attack.
12/9/2022 Computer and Network Security 5 By: Mechal T.
 Introduction to Cryptography…
 Terminology

 A message is plaintext (sometimes called clear text).

 The process of hiding a message in such a way as to hide its substance is

encryption.

 An encrypted message is called a ciphertext.

 The process of turning ciphertext back into plaintext is called decryption.

 A cipher (or cypher) is an algorithm for performing encryption or

decryption—a series of well-defined steps that can be followed as a
procedure.
12/9/2022 Computer and Network Security 6 By: Mechal T.
 Introduction to Cryptography…
 Terminology…

12/9/2022 Computer and Network Security 7 By: Mechal T.

 Goal and Services of Cryptography

 The primary goal of cryptography is to:

 Secure stored information - regardless if access obtained

 Secure transmitted information - regardless if transmission has

been monitored

12/9/2022 Computer and Network Security 8 By: Mechal T.

 Goal and Services of Cryptography…

 Cryptography can provide the following services:

 Confidentiality (secrecy)

 Integrity (anti-tampering)

 Authentication

 Non-repudiation.

12/9/2022 Computer and Network Security 9 By: Mechal T.

 Goal and Services of Cryptography…
1. Confidentiality (secrecy)

 Ensuring that no one can read the message except the intended receiver

 Data is kept secret from those without the proper credentials, even if
that data travels through an insecure medium.

 The principle of confidentiality specifies that only the sender and

the intended recipient should be able to access the content
of the message.

 Example: Encryption, access control lists, and file permissions

12/9/2022 Computer and Network Security 10 By: Mechal T.

 Goal and Services of Cryptography…
2. Integrity (anti-tampering)

 Assuring the receiver that the received message has not been altered in
any way from the original.

 The information cannot be altered in storage or transit between

sender and intended receiver without the alteration being detected.

 Examples: MD5, digital signature, digital certificates

12/9/2022 Computer and Network Security 11 By: Mechal T.

 Goal and Services of Cryptography…
3.Authentication

 Cryptography can help establish identity for authentication purposes

 The process of proving one's identity. (The primary forms of host-to-host

authentication on the Internet today are name-based or address-based,
both of which are notoriously weak.). Example: Secret Key, Digital
Signature, Digital certificates

4. Non-repudiation

 A mechanism to prove that the sender really sent this message

 Example: Digital Signature

12/9/2022 Computer and Network Security 12 By: Mechal T.
 Components of Cryptography
 Cryptography has five basic components:
1. Plain text: the message that you want to encrypt
2. Cipher text: the encrypted output (transformed message)
3. Encryption algorithm: The sequence of data processing steps that
go into transforming plaintext into ciphertext.
4. Decryption algorithm: The sequence of data processing steps that
go into transforming ciphertext back into plaintext.
5. Secret Key: is used to set some or all of the various parameters
used by the encryption algorithm.
12/9/2022 Computer and Network Security 13 By: Mechal T.
 Components of Cryptography…
 Secret Key…
 A key can be thought of as simply a collection of
0101001110
bits
10111101110
 The more bits, the stronger the key 1100101

 Keys are tied to specific encryption algorithms

 Lengths vary depending on the encryption

algorithm

 Example: 128 bits is long for some

algorithms, but short for others

12/9/2022 Computer and Network Security 14 By: Mechal T.

 Encryption and Decryption in Cryptography
 Encryption

It is the process of taking some data

and a key and feeding it into a
function and getting encrypted data
out. Encryption
Function
Encrypted data is, in principle,
unreadable unless decrypted.

12/9/2022 Computer and Network Security 15 By: Mechal T.

 Encryption and Decryption in Cryptography…
 Decryption

It is the process of taking

encrypted data and a key and
feeding it into a function and
getting out the original data.
Decryption
Encryption and decryption Function
functions are linked.

12/9/2022 Computer and Network Security 16 By: Mechal T.

 Types of Cryptography

 In general there are three types Of cryptography:

1. Symmetric Key Cryptography

2. Asymmetric Key Cryptography

3. Hash Functions

12/9/2022 Computer and Network Security 17 By: Mechal T.

 Types Of Cryptography…
1. Symmetric Key Cryptography

 It is an encryption system in which the sender and receiver of a

message share a single, common key that is used to encrypt and decrypt
the message.

 Also Known as Private key cryptography.

 A key is a piece of information (a parameter) that is applied using an

algorithm to a string or block of unencrypted text to produce
encrypted text or to decrypt encrypted text.

12/9/2022 Computer and Network Security 18 By: Mechal T.

 Types Of Cryptography…
1. Symmetric Key Cryptography…

 The key for encrypting and decrypting the file had to be known to all

the recipients. Else, the message could not be decrypted.

 Symmetric Key Systems are faster and simpler but the problem

is that sender and receiver have to somehow exchange key in a secure

manner.

12/9/2022 Computer and Network Security 19 By: Mechal T.

 Types Of Cryptography…
1. Symmetric Key Cryptography…

12/9/2022 Computer and Network Security 20 By: Mechal T.

 Types Of Cryptography…

1. Symmetric Key Cryptography…..…Examples

Data Encryption Standard (DES)

 DES uses a 56 bit key and maps a 64 bit input block of plaintext onto a

64 bit output block of ciphertext.

 These 56 bits are now small key for today's computing power.

12/9/2022 Computer and Network Security 21 By: Mechal T.

 Types Of Cryptography…
1. Symmetric Key Cryptography…..…Examples

Triple DES

 The encryption-decryption process is as follows :

 Encrypt the plaintext blocks using single DES with key K1.

 Now decrypt the output of step 1 using single DES with key K2.

 Finally, encrypt the output of step 2 using single DES with key K3.

 The output of step 3 is the ciphertext.

 Decryption of a ciphertext is a reverse process. User first decrypt using

K3, then encrypt with K2, and finally decrypt with K1.
12/9/2022 Computer and Network Security 22 By: Mechal T.
 Types Of Cryptography…
1. Symmetric Key Cryptography…..…Examples

Triple DES…

12/9/2022 Computer and Network Security 23 By: Mechal T.

 Types Of Cryptography…
1. Symmetric Key Cryptography…..…Examples

Triple DES…

 Triple DES was the answer to many of the shortcomings of DES.

 Since it is based on the DES algorithm, it is very easy to modify

existing software to useTriple DES.

 It also has the advantage of proven reliability and a longer key length
that eliminates many of the shortcut attacks that can be used to reduce
the amount of time it takes to break DES. Key size is 168 bit long.

12/9/2022 Computer and Network Security 24 By: Mechal T.

 Types Of Cryptography…
1. Symmetric Key Cryptography…..…Examples

Advanced Encryption Standard (AES)

 The more popular and widely adopted symmetric encryption

algorithm likely to be encountered nowadays is the AES.

 It is found at least six time faster than triple DES.

 A replacement for DES was needed as its key size was too small.

 With increasing computing power, DES was considered vulnerable

against exhaustive key search attack.

12/9/2022 Computer and Network Security 25 By: Mechal T.

 Types Of Cryptography…
1. Symmetric Key Cryptography…..…Examples

Advanced Encryption Standard (AES)…

 The features of AES are as follows :

 Symmetric key symmetric block cipher
 128-bit data, 128/192/256-bit keys
 Stronger and faster than Triple-DES
 Provide full specification and design details
 Software implementable in C and Java

12/9/2022 Computer and Network Security 26 By: Mechal T.

 Types Of Cryptography…
1. Symmetric Key Cryptography…..…Examples

Advanced Encryption Standard (AES)…

12/9/2022 Computer and Network Security 27 By: Mechal T.

 Types Of Cryptography…
ProblemsWith Symmetric Key Cryptography

 Key Management

 Symmetric-key systems are simpler and faster; their main drawback is that
the two parties must somehow exchange the key in a secure way and keep
it secure after that.

 Key Management caused nightmare for the parties using the symmetric
key cryptography .

 They were worried about how to get the keys safely and securely across to
all users so that the decryption of the message would be possible.
12/9/2022 Computer and Network Security 28 By: Mechal T.
 Types Of Cryptography…
ProblemsWith Symmetric Key Cryptography…

 Key Management

 This gave the chance for third parties to intercept the keys in transit to
decode the top-secret messages.

 Thus, if the key was compromised, the entire coding system was
compromised and a “Secret” would no longer remain a “Secret”.

 This is why the “Public Key Cryptography” came into existence.

12/9/2022 Computer and Network Security 29 By: Mechal T.

 Types Of Cryptography…
2. Asymmetric Key Cryptography

 Asymmetric cryptography refers to a cryptographic algorithm which

requires two separate keys, one of which is private and one of which
is public.

 The public key is used to encrypt the message and the private one is used
to decrypt the message.

 It is also known as Public-key cryptography.

 It is a very advanced form of cryptography

 Its key length varies from 512 to 1024 bits.

12/9/2022 Computer and Network Security 30 By: Mechal T.
 Types Of Cryptography…
2. Asymmetric Key Cryptography

12/9/2022 Computer and Network Security 31 By: Mechal T.

 Types of Cryptography…
2. Asymmetric Key Cryptography…..Examples

1. A client (for example browser) sends its public key to the server and
requests some data.

2. The server encrypts the data using the client’s public key and sends the
encrypted data.

3. The client receives this data and decrypts it.

 Since this is asymmetric, nobody else except the browser can decrypt the
data even if a third party has the public key of the browser.

12/9/2022 Computer and Network Security 32 By: Mechal T.

 Types of Cryptography…
2. Asymmetric Key Cryptography…..Examples

 RSA Algorithm

 RSA (Rivest, Shamir and Adleman who first publicly described it in 1977)
is an algorithm for public-key cryptography.

 It is the first algorithm known to be suitable for encryption, and one of

the first great advances in public key cryptography.

 RSA is widely used in electronic commerce protocols, and is

believed to be secure given sufficiently long keys and the use of up-to-date
implementations.
12/9/2022 Computer and Network Security 33 By: Mechal T.
 Types of Cryptography…
3. Hash Functions

 Refers to performing a calculation on a message and converting it into

a numeric hash value.

 The input to the hash function is of arbitrary length but output is

always of fixed length.

 Values returned by a hash function are called message digest or simply

hash values.

 Hash functions are extremely useful and appear in almost all

information security applications.
12/9/2022 Computer and Network Security 34 By: Mechal T.
 Building Blocks of Encryption Techniques
 Two building blocks of all classical encryption techniques are
substitution and transposition.

 Substitution means replacing an element of the plaintext with an

element of ciphertext.

 Each element in the plaintext (bit, letter, group of bits or letters) is

mapped into another element.

 Transposition means rearranging the order of appearance of the

elements of the plaintext. Transposition is also referred to as
permutation.
12/9/2022 Computer and Network Security 35 By: Mechal T.
 Caesar Cipher

 The Caesar Cipher technique is one of the earliest and simplest

methods of encryption technique.

 It’s simply a type of substitution cipher, i.e., each letter of a given

text is replaced by a letter with a fixed number of positions down

the alphabet.

 For example with a shift of 1, A would be replaced by B, B would

become C, and so on.

12/9/2022 Computer and Network Security 36 By: Mechal T.
 Caesar Cipher…

 Thus to cipher a given text we need an integer value, known as a shift

which indicates the number of positions each letter of the text has been

moved down.

 The encryption can be represented using modular arithmetic by first

transforming the letters into numbers, according to the scheme, A = 0,

B = 1,…, Z = 25.

12/9/2022 Computer and Network Security 37 By: Mechal T.

 Caesar Cipher…
 Encryption of a letter by a shift n can be described mathematically as:

E_n(x)=(x+n)mod\ 26

(Encryption Phase with shift n)

D_n(x)=(x-n)mod\ 26

(Decryption Phase with shift n)

Note: If any case (Dn) value becomes negative (-ve), in this case, we will
add 26 in the negative value.

12/9/2022 Computer and Network Security 38 By: Mechal T.

 Caesar Cipher…
 Use the Caesar cipher to encrypt and decrypt the message "JAVATPOINT,"
and the key (shift) value of this message is 3.

12/9/2022 Computer and Network Security 39 By: Mechal T.

 Caesar Cipher…

 Decrypted Message
Ciphertext: M → 12 Dn: (12 - 3) mod 26 Plaintext: 09 → J

Ciphertext: D → 03 Dn: (03 - 3) mod 26 Plaintext: 0 → A

Ciphertext:Y → 24 Dn: (24 - 3) mod 26 Plaintext: 21 → V

Ciphertext: D → 03 Dn: (03 - 3) mod 26 Plaintext: 0 → A

Ciphertext:W → 22 Dn: (22 - 3) mod 26 Ciphertext: 19 → T

Ciphertext: S → 18 Dn: (18 - 3) mod 26 Ciphertext: 15 → P

Ciphertext: R → 17 Dn: (17 - 3) mod 26 Ciphertext: 14 → O

Ciphertext: L→ 11 Dn: (11 - 3) mod 26 Ciphertext: 8 → I

Ciphertext: Q → 16 Dn: (16 - 3) mod 26 Ciphertext: 13 → N

Ciphertext:W→ 22 Dn: (22 - 3) mod 26 Ciphertext: 19 → T

12/9/2022 Computer and Network Security 40 By: Mechal T.

 Caesar Cipher…
 Weakness of Caesar Cipher

 The Caesar Cipher is a secret/symmetric key cryptosystem; that is,

revealing the enciphering key makes decryption simple.

 In the Caesar cipher, the shift value is the enciphering key.

 Anyone knowing the shift value can immediately decrypt, so it must be

protected from unauthorized persons.

12/9/2022 Computer and Network Security 41 By: Mechal T.

 Caesar Cipher…
 Weakness of Caesar Cipher…

 Exhaustive Key Search. There is yet another method for breaking

the Caesar cipher:

 Simply try all the possible keys!

 After all, there are only 26 viable keys in the ordinary alphabet, and
only 255 useful keys in the ASCII alphabet!

 This kind of attack is called an exhaustive search.

12/9/2022 Computer and Network Security 42 By: Mechal T.

 Caesar Cipher…
 Weakness of Ceasar Cipher…

 An exhaustive search is rarely effective against all but the simplest of

cryptosystems.

 Seeing that the Caesar cipher is so vulnerable, we attempt to see

stronger cryptosystems.

12/9/2022 Computer and Network Security 43 By: Mechal T.

 Cryptanalysis and Types of Attacks

 Cryptology has two parts namely, Cryptography which focuses on

creating secret codes and Cryptanalysis which is the study of the

cryptographic algorithm and the breaking of those secret codes.

 The person practicing Cryptanalysis is called a Cryptanalyst.

 It helps us to better understand the cryptosystems and also helps us

improve the system by finding any weak point and thus work on the

algorithm to create a more secure secret code.

12/9/2022 Computer and Network Security 44 By: Mechal T.
 Cryptanalysis and Types of Attacks…

 For example, a Cryptanalyst might try to decipher a ciphertext to

derive the plaintext.

 It can help us to deduce the plaintext or the encryption key.

12/9/2022 Computer and Network Security 45 By: Mechal T.

 Cryptanalysis and Types of Attacks…
 Types of Cryptanalytic Attacks:
1. Known plain text analysis (KPA)

2. Chosen plain text analysis (CPA)

3. Cipher text only analysis (COA)

4. Man in the middle attack (MITM)

5. Adaptive chosen plain text analysis (ACPA)

12/9/2022 Computer and Network Security 46 By: Mechal T.

 Cryptanalysis and Types of Attacks…

 Types of Cryptanalytic Attacks:

1. Known-Plaintext Analysis (KPA) :

 In this type of attack, some plaintext-ciphertext pairs are already

known.

 Attacker maps them in order to find the encryption key.

 This attack is easier to use as a lot of information is already available.

12/9/2022 Computer and Network Security 47 By: Mechal T.

 Cryptanalysis and Types of Attacks…

 Types of Cryptanalytic Attacks:

2. Chosen-Plaintext Analysis (CPA) :

 In this type of attack, the attacker chooses random plaintexts and

obtains the corresponding ciphertexts and tries to find the encryption

key.

 Its very simple to implement like KPA but the success rate is quite low.

12/9/2022 Computer and Network Security 48 By: Mechal T.

 Cryptanalysis and Types of Attacks…

 Types of Cryptanalytic Attacks:

3. Ciphertext-Only Analysis (COA) :

 In this type of attack, only some cipher-text is known and the attacker

tries to find the corresponding encryption key and plaintext.

 It is the hardest to implement but is the most probable attack as only

ciphertext is required.

12/9/2022 Computer and Network Security 49 By: Mechal T.

 Cryptanalysis and Types of Attacks…
 Types of Cryptanalytic Attacks:

4. Man-In-The-Middle (MITM) attack :

 In this type of attack, attacker intercepts the message/key between two

communicating parties through a secured channel.

5.Adaptive Chosen-Plaintext Analysis (ACPA) :

 This attack is similar CPA. Here, the attacker requests the cipher texts

of additional plaintexts after they have ciphertexts for some texts.

12/9/2022 Computer and Network Security 50 By: Mechal T.