2. CONTENTS PAGE NO.
Cryptography 1
History of Cryptography 2
Types of Cryptography 5
Secret-key Cryptography 15
Public-key Cryptography 16
Hash function Cryptography 17
Cryptographic key types 18
CRYPTOGRAPHY
3. A cryptographic system that uses two keys --
a public key known to everyone and a private or
secret key known only to the recipient of the
message. When John wants to send a secure
message to Jane, he uses Jane's public key to
encrypt the message. Jane then uses her private key to
decrypt it.
HISTORY OF CRYPTOGRAPHY
Cryptography is a technique used to hide the
meaning of a message and is derived from the Greek
4. word kryptos (hidden). This is different from
steganography techniques in that one is not hiding the
actual message, only the meaning of the message. If
a message were to fall into the hands of the wrong
person, cryptography should ensure that that
message could not be read. Typically the sender and
receiver agree upon a message scrambling protocol
beforehand and agree upon methods for encrypting
and decrypting messages. Cryptography is further
divided into two implementation techniques and those
include transposition and substitution.
Rail Fence Transposition -- Rail
Fence Transposition is a technique where a message is written on
two or more lines with each consecutive letter of the message
being written on the next consecutive line. The text on the second
and third lines are then appended to the first line to create the
scrambled message. A simple 2 line rail fence transposition of the
message "Hello World" is demonstrated below:
Simple 2 Line Rail Fence Transposition
5. Hello World (Original Message)
H l o W r d (Line 1)
el o l (Line 2)
HloWrdelol (Transposed Message)
Substitution -- Substitution is a cryptographic
technique where each letter of the plaintext message is replaced
by a different letter. Each letter retains its original position in the
message text, but the identity of the letter is changed. This type of
technique was documented during Julius Caesar's Gallic Wars.
Simple Substitution Cipher
A B C D E (Plain Alphabet)
D C E G H (Cipher Alphabet)
If one were to send the message 'BAD' to someone using this simple
cipher, the encrypted message text would read 'CDG'.
Caesar Shift Cipher -- A simple
substitution cryptographic technique where the cipher alphabet is
shifted a certain number of spaces relative to the original plain
alphabet. It was named for Julius Caesar who employed the
6. technique to secure military communications. This is generally a
weak encryption method in that there are only 25 distinct variations
of shifts before the original message is revealed. A simple 4 letter
shift example is demonstrated below :
Letter Shift Cipher
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z (Plain
Alphabet)
E F G H I J K L M N O P Q R S T U V W X Y Z A B C D (Cipher
Alphabet)
If one were to encrypt the plain text message "MEET ME AT
MIDNIGHT", the cipher text would read "QIIX QI EX QMHRMKLX".
There are Three types of Cryptography.
7. 1. Secret-key Cryptography.
2. Public-key Cryptography
3. Hash function Cryptography.
There are main Five types of protocol are used in
Cryptography.
8. 1) Internet Key Exchange
2) IPsec
3) Kerberos
4) Point to Point Protocol
5) Transport Layer Security
9. 1. Substitution cipher wheels
-- You could make your cipher text a little tougher to
decode if you threw 26 pieces of paper into a hat, each with
a letter of the alphabet written on it, drew them out one at a
time, and put them side-by-side under a normal alphabet.
The result might look like this (I just used the order of the
keys on my keyboard, so you might call this a "Qwerty"
code):
Plaintext letter ABCDEFGHIJKLMNOPQRSTUVW
XYZ
Cipher text letter Q W E R T Y U I O P A S D F G H J K L Z X C
VBNM
You can construct a secret message from the above table. Every
time you see an "I" you would substitute the "O" beneath and so
on for the other characters. The message "Meet me after school
behind the gym," would read
"DTTZ DT QYZTK LEIGGS WTIOFR ZIT UND."
Word lengths - especially the short words - give great clues as to
the nature of the code (see frequency charts). To help conceal
10. your message, ignore the spaces and break the message up into
equal-sized chunks. Five letters are customary in the spy biz, so
your message comes out like this (Note that an extra "dummy"
character "M" is added at the end to make it come out with a 5-
letter group. Your recipient should have no trouble with the extra
character.):
DTTZD TQYZT KLEIG GSWTI OFRZI TUNDM
Another popular system called a diagrammatic cipher, used by
many children in school, substitutes’ symbols for letters instead of
other letters. This system is, in essence, the same as the letter
substitution system, but it's easier to remember than 26 randomly
picked letters. It uses the tic-tac-toe boards and two X's as shown
below.
Even though it looks like undecipherable outer-space alien text,
this would take an arm-chair cryptologist only about 10 minutes or
less to figure out. Why? Given enough ciphertext, certain patterns
11. become obvious. Notice how often the empty four-sided box
appears: six times out of a total of 29 characters or about 20% of
the time. This would immediately indicate that the empty box was
almost certainly the symbol for "E," the most frequently used letter
in English. Other letters can also be determined by their frequency
and by their association with other nearby characters (see
"Frequencies"). Almost all substitution ciphers are open to this kind
of analysis.
Francis Bacon created one of the more interesting substitution
ciphers. He used two different type faces slightly differing in weight
(boldness). He broke up his cipher text into 5 character groups,
each of which would represent one character in his plaintext.
Depending on which characters of the group were bold, one could
determine the plaintext character using the following table (*
stands for a plain character and B for a bold character)
A=***** G=**BB* M=*BB** S=B**B* Y=BB***
B=****B H=**BBB N=*BB*B T=B**BB Z=BB**B
C=***B* I=*B*** O=*BBB* U=B*B**
D=***BB J=*B**B P=*BBBB V=B*B*B
E=**B** K=*B*B* Q=B**** W=B*BB*
F=**B*B L=*B*BB R=B***B X=B*BBB
Our same secret message as above would appear thusly (Bacon's
bold and plain characters were less obvious than those below):
To be or not to be that is the question.
Whether 'tis nobler in the mind to
12. suffer the slings and arrows of
outrageous fortune or to take arms
against a sea of troubles and by
opposing end them?
To decipher, we just break the characters into groups of 5 and use
the key above to find the plaintext message.
M E E T M E B E
Tobeo rnott obeth atist heque stion Wheth ertis
H I N D T H E G
noble rinth emind tosuf ferth eslin gsand arrow
Y M A F T E R S
sofou trage ousfo rtune ortot akear msaga insta
C H O O L
seaof troub lesan dbyop posin gendt hem?
Transposition ciphers -- Going
back to your school days, oo-day oo-yay emember-ray ig-pay atin-
lay? Pig-latin is a form of transposition cipher where the original
13. letters are kept intact (albeit with the addition of the suffix "ay"), but
rearranged in some way.
Going back way before your school days, to the 5th century B.C.,
the Spartans used an interesting transposition cipher called a
scytale. The scytale utilized a cylinder with a ribbon wrapped
helically around it from one end to the other. The message was
written across the ribbons, and then unwrapped from the cylinder.
Only someone with an identical diameter cylinder could re-wrap
and read the message.
The scytale depended on a piece of hardware, the cylinder, which
if captured by the enemy, compromised the whole system. Also,
the receiver could lose or break the cylinder and therefore lose the
ability to decipher any message. It would be better if the method
were completely "intellectual" and could be remembered and used
without resorting to a physical device.
Since both the sender and receiver of a transposed ciphertext
must agree on and remember this algorithm or method for
enciphering and deciphering, something easy would be nice. Since
geometrical figures are easy to remember, they serve as the basis
for a whole class of transposition ciphers. Let's put our message
into the shape of a box. Since there are 29 characters, we'll add a
dummy ("O") to make 30 and write the message in a six by five
box.
MEETME
AFTERS
CHOOLB
EHINDT
14. HEGYMO
We can now transcribe the message by moving down the columns
instead of across the rows. Once again we'll break the characters
into groups of five to give no clues about word sizes. The result
looks like this :
MACEH EFHHE ETOIG TEONY MRLDM ESBTO
The real variety begins when you realize that you don't have to
write your plaintext into the box row by row. Instead, you can
follow a pattern that zigzag’s horizontally, vertically or diagonally,
or one that spirals in or spirals out (clockwise or counterclockwise),
or many other variations (see diagram below).
Once you've put the text in the chosen form using one route, you
can then encipher it by choosing a different route through the text.
You and your partner just have to agree on the reading route, the
transcription (enciphering) route, and the starting point to have
yourselves a system. These systems are called route
transcriptions.
Here's our message again. The reading route spirals
counterclockwise inward, starting at the lower right corner (left
15. diagram). The transcription route (right diagram) is zig-zag
diagonal starting at the lower left corner. The ciphertext becomes:
EAMTN FTDIE EHOTE RHMEM BYESC GLOHO
To decipher, you fill the in box following the zig-zag route and read
the message using the spiral route.
Another type of transposition cipher uses a key word or phrase to
mix up the columns. This is called columnar transposition. It works
like this: First, think of a secret key word. Ours will be the word
SECRET. Next, write it above the columns of letters in the square,
and number the letters of the key word as they would fall if we
placed them in alphabetical order. (If there are duplicate letters,
like the "E", they are numbered from left to right.)
521436
SECRET
MEETME
AFTERS
CHOOLB
EHINDT
HEGYMO
Now write the columns down in the order indicated by the
numbers. The resulting ciphertext looking like this:
ETOIG EFHHE MRLDM TEONY MACEH ESBTO
16. As you can see, this is just a different arrangement of the previous
ciphertext, but at least it isn't in some regular pattern. We could
have easily made it a little more difficult by filling the square
following a more complicated path. We could also use a geometric
shape other than a rectangle and combine substitution and
transposition. The only problem that might occur is that the
deciphering may become so complicated that it will remain a
secret at the receiving end forever! Come to think of it, she never
did meet me behind the gym...
SECRET-KEY CRYPTOGRAPHY
17. Uses a single key for both encryption and decryption. Secret-key
encryption uses one key, the secret key, to both encrypt and decrypt
messages. This is also called symmetric encryption. The term "private key"
is often used inappropriately to refer to the secret key. A private key is one
of the keys in the public/private key pair for asymmetric cryptography. In
this scheme, a user has two keys, one that is made public and one that is
held privately. Refer to "Public-Key Cryptography."
PUBLIC-KEY CRYPTOGRAPHY
18. Uses one key for encryption and another for decryption. Public-key
cryptography refers to a cryptographic system requiring two separate keys,
one to lock or encrypt the plaintext, and one to unlock or decrypt the cypher
text. Neither key will do both functions. One of these keys is published or
public and the other is kept private. If the lock/encryption key is the one
published then the system enables private communication from the public
to the unlocking key's owner. If the unlock/decryption key is the one
published then the system serves as a signature verifier of documents
locked by the owner of the private key. This cryptographic approach uses
asymmetric key algorithms, hence the more general name of "asymmetric
key cryptography". Some of these algorithms have the public key / private
key property, that is, neither key is derivable from knowledge of the other;
not all asymmetric key algorithms do. Those with this property are
particularly useful and have been widely deployed and are the source of
the commonly used name. The public key is used to transform a message
into an unreadable form, decrypt able only by using the (different but
matching) private key. Participants in such a system must create a
mathematically linked key pair (i.e., a public and a private key). By
publishing the public key, the key producer empowers anyone who gets a
copy of the public key to produce messages only he can read -- because
only the key producer has a copy of the private key (required for
decryption). When someone wants to send a secure message to the
creator of those keys, the sender encrypts it (i.e., transforms it into an
unreadable form) using the intended recipient's public key; to decrypt the
message, the recipient uses the private key. No one else, including the
sender can do so.
HASH FUNCTION CRYPTOGRAPHY
19. Uses a mathematical transformation to irreversibly "encrypt"
information. A hash function is any well-defined procedure or mathematical
function that converts a large, possibly variable-sized amount of data into a
small datum, usually a single integer that may serve as an index to an array
(cf. associative array). The values returned by a hash function are called
hash values, hash codes, hash sums, checksums or simply hashes.
CRYPTOGRAPHIC KEY TYPES
Private signature key --
Private signature keys are the private keys of asymmetric (public)
key pairs that are used by public key algorithms to generate digital
20. signatures with possible long-term implications. When properly handled,
private signature keys can be used to provide authentication, integrity and
non-repudiation.
Public signature verification key --
A public signature verification key is the public key of an
asymmetric (public) key pair that is used by a public key algorithm to verify
digital signatures, either to authenticate a user's identity, to determine the
integrity of the data, for non-repudiation, or a combination thereof.
Private authentication key --
A private authentication key is the private key of an asymmetric
(public) key pair that is used with a public key algorithm to provide
assurance as to the integrity of information, and the identity of the
originating entity or the source of messages, communication sessions, or
stored data.
Public authentication key --
A public authentication key is the public key of an asymmetric
(public) key pair that is used with a public key algorithm to determine the
integrity of information and to authenticate the identity of entities, or the
source of messages, communication sessions, or stored data.
Symmetric data encryption key --
These keys are used with symmetric key algorithms to apply
confidentiality protection to information.
Symmetric key wrapping key --
21. Symmetric key wrapping keys are used to encrypt other keys
using symmetric key algorithms. Key wrapping keys are also known as key
encrypting keys.
Symmetric master key --
A symmetric master key is used to derive other symmetric keys
(e.g., data encryption keys, key wrapping keys, or authentication keys)
using symmetric cryptographic methods.
Private key transport key --
Private key transport keys are the private keys of asymmetric
(public) key pairs that are used to decrypt keys that have been encrypted
with the associated public key using a public key algorithm. Key transport
keys are usually used to establish keys (e.g., key wrapping keys, data
encryption keys or MAC keys) and, optionally, other keying material (e.g.,
initialization vectors).
Public key transport key --
Public key transport keys are the public keys of asymmetric
(public) key pairs that are used to encrypt keys using a public key
algorithm. These keys are used to establish keys (e.g., key wrapping keys,
data encryption keys or MAC keys) and, optionally, other keying material
(e.g., Initialization Vectors).
Symmetric key agreement key --
These symmetric keys are used to establish keys (e.g., key
wrapping keys, data encryption keys, or MAC keys) and, optionally, other
keying material (e.g., Initialization Vectors) using a symmetric key
agreement algorithm.
22. Private static key agreement key --
Private static key agreement keys are the private keys of
asymmetric (public) key pairs that are used to establish keys (e.g., key
wrapping keys, data encryption keys, or MAC keys) and, optionally, other
keying material (e.g., Initialization Vectors).
Public static key agreement key --
Public static key agreement keys are the public keys of
asymmetric (public) key pairs that are used to establish keys (e.g., key
wrapping keys, data encryption keys, or MAC keys) and, optionally, other
keying material (e.g., Initialization Vectors).
Private ephemeral key agreement key --
Private ephemeral key agreement keys are the private keys of
asymmetric (public) key pairs that are used only once to establish one or
more keys (e.g., key wrapping keys, data encryption keys, or MAC keys)
and, optionally, other keying material (e.g., Initialization Vectors).
Public ephemeral key agreement key --
Public ephemeral key agreement keys are the public keys of
asymmetric key pairs that are used in a single key establishment
transaction to establish one or more keys (e.g., key wrapping keys, data
encryption keys, or MAC keys) and, optionally, other keying material (e.g.,
Initialization Vectors).
Symmetric authorization key --
Symmetric authorization keys are used to provide privileges
to an entity using a symmetric cryptographic method. The authorization key
is known by the entity responsible for monitoring and granting access
23. privileges for authorized entities and by the entity seeking access to
resources.
Private authorization key --
A private authorization key is the private key of an
asymmetric (public) key pair that is used to provide privileges to an entity.
Public authorization key --
A public authorization key is the public key of an asymmetric
(public) key pair that is used to verify privileges for an entity that knows the
associated private authorization key.