Cryptographic Algorithms

• In general, cryptographic algorithms are often grouped into two broad

categories—symmetric and asymmetric.

• But in practice, today’s popular cryptosystems use a hybrid combination of

symmetric and asymmetric algorithms.
 Symmetric Encryption
• It also referred to as conventional / single-key / secret-key encryption.

• Sender and receiver share common key

• It was the only type of encryption in use prior to the development of public key encryption in
the 1970s.

• A symmetric encryption scheme has five ingredients:

• Plaintext
• Encryption algorithm
• Secret key
• Ciphertext
• Decryption algorithm

• Security depends on the secrecy of the key, not the secrecy of the algorithm
Symmetric Cipher Model
Examples of symmetric encryption cryptosystems
• Data Encryption Standard (DES)
 which was developed by IBM and is based on the company’s Lucifer algorithm
 which uses a key length of 128 bits
 As implemented, DES uses a 64-bit block size and a 56-bit key.

• Triple DES (3DES)

 created to provide a level of security far beyond that of DES.
 3DES was an advanced application of DES

• Advanced Encryption Standard (AES)

 AES is a federal information processing standard (FIPS) that specifies a cryptographic algorithm used
within the U.S. government.
 AES has been developed to replace both DES and 3DES.
 AES implements a block cipher with a variable block length and a key length of 128, 192, or 256 bits.
 Asymmetric Encryption
• It also referred to as Public-key encryption.

• Asymmetric encryption uses two different but related keys

• Each user generates a pair of keys to be used for the encryption and decryption.

• Each user places one of the two keys in a public register or other accessible file. This
is the public key.

• The other key is kept private, which is the private key.

• Either of the two related keys can be used for encryption, with the other
used for decryption.
A public-key(Asymmetric) encryption scheme has six ingredients
 Plaintext - This is the readable message or data that is fed into the algorithm as
input.

 Encryption algorithm - The encryption algorithm performs various

transformations on the plaintext.

 Public key This is a pair of keys that have been selected so

 Private key that if one is used for encryption, the other is
used for decryption.
 Cipher text -This is the scrambled message produced as output. It depends on
the plaintext and the key.

 Decryption algorithm - This algorithm accepts the ciphertext and the matching
key and produces the original plaintext.
Public Key Cryptography

• Public key is distributed to all users and private key is known to

particular user only.

• There are two different scenario of encryption model:

• Public key is used for encryption and private key is used for decryption.
• Private key is used for encryption and public key is used for decryption.
Scenario 1 : Encryption with public key

• If Bob wants to send message to Alice, Bob must have to use public key of Alice.
Message to be transmitted after encryption of message using Alice’s public key.
• Alice has received message, and she can decrypt the message using only her private
key.
• Mathematically, it is represented,
Y = E(PUa, X)
X = D(PRa,Y) where, PUa – Alice’s public key and PRa – Alice’s private key
 Scenario 2 : Encryption with private key

• If Bob wants to send message to Alice, Bob must have to use his own private key.
Message to be transmitted after encryption of message using Bob’s public key.
• Alice has received message, and she can decrypt the message using only Bob’s public
key.
• Mathematically, it is represented,
Y = E(PRb, X)
X = D(PUb,Y) where, PRb – Bob’s private key and PUb – Bob’s public key
Example of public-key cryptosystem
• RSA
Name is derived from Rivest-Shamir-Adleman

 RSA algorithm was the first public key algorithm, developed in 1977
Conventional(Symmetric) and Public-Key (Asymmetric)Encryption
Cryptographic tools
• Public Key Infrastructure(PKI)
• Digital Signatures
• Steganography
Public-key Infrastructure (PKI)
• PKI is an integrated system of software, encryption methodologies, protocols, legal agreements,
and third-party services that enables users to communicate securely.

• PKI systems are based on public-key cryptosystems and include digital certificates and certificate
authorities (CAs).

• Digital certificates are public-key container files that allow computer programs to validate the key
and identify to whom it belongs.

• PKI and the digital certificate registries they contain enable the protection of information assets
by making verifiable digital certificates readily available to business applications.

• For protecting the information, the processes includes Authentication, Integrity, Privacy,
Authorization, and Nonrepudiation
A typical PKI solution protects the transmission and reception of secure information by integrating
the following components:
• A certificate authority (CA), which issues, manages, authenticates, signs, and revokes users’ digital
certificates, which typically contain the user name, public key, and other identifying information.

• A registration authority (RA), which operates under the trusted collaboration of the certificate authority and
can handle day-to-day certification functions, such as verifying registration information, generating end-user
keys, revoking certificates, and validating user certificates.

• Certificate directories, which are central locations for certificate storage that provide a single access point for
administration and distribution.

• Management protocols, which organize and manage the communications among CAs, RAs, and end users.
This includes the functions and procedures for setting up new users, issuing keys, recovering keys, updating
keys, revoking keys, and enabling the transfer of certificates and status information among the parties
involved in the PKI’s area of authority.

• Policies and procedures, which assist an organization in the application and management of certificates, in
the formalization of legal liabilities and limitations, and in actual business use.
Digital signatures
• A digital signature is a mathematical technique which validates the authenticity and integrity of a
message, software or digital documents.

• It allows us to verify the author name, date and time of signatures, and authenticate the message
contents.

• Asymmetric encryption processes are used to create digital signatures.

• When an asymmetric cryptographic process uses the sender’s private key to encrypt a message,
the sender’s public key must be used to decrypt the message.

• When the decryption is successful, the process verifies that the message was sent by the sender
and thus cannot be refuted. This process is known as nonrepudiation.

• In general, digital signatures should be created using processes and products that are based on
the Digital Signature Standard (DSS).
How digital signatures work?
• Digital signatures are created and verified by using public key cryptography,
also known as asymmetric cryptography.
• By the use of a public key algorithm, such as RSA, one can generate two
keys that are mathematically linked- one is a private key, and another is a
public key.
• The user who is creating the digital signature uses their own private key to
encrypt the signature-related document.
• There is only one way to decrypt that document is with the use of signer's
public key.
Steganography

• Steganography is a method of hiding secret data, by

embedding it into an audio, video, image or text file.

• It is different from cryptography but, using both

together can improve security of the protected
data/information and prevent the detection of the
secret communication.
Types of Steganography
• Encoding secret messages in text
• Encoding secret messages in audio
• Encoding secret messages in images
• Encoding secret messages in video
Advantages
• It is used in the way of hiding not the information but
the password to reach that information.

• Difficult to detect.

• Only receiver can detect.

• Can be applied differently in digital image, audio and

video file.
Disadvantages

• Huge number of data, huge file size, so someone can suspect about it.

• If this technique is gone in the wrong hands like hackers, terrorist,

criminals then this can be very much dangerous for all.
 Difference between Cryptography & Steganography
Cryptography Steganography
It is a kind of known communication. It is a kind of hidden communication.

It is a technique to convert the secret It is a technique to hide the existence of

message into an unreadable form. communication.
It alters the overall structures of the data. It does not alters the overall structures of
the data.
Key is necessary. Key is optional, but if used, provides more
security.
The final result obtained is called The final result obtained is called stego
ciphertext. media.
An attack happens, call it as cryptanalysis An attack happens, call it as stegoanalysis

Once, it has been discovered no one can Once, it has been discovered any one can
easily get the secret data. get the secret data.
More popular approach. Less popular approach.