Cryptography Fundamentals: Encryption, Authentication, and Digital Signatures
Cryptography Fundamentals
Threats and Attacks
Cryptography helps protect against various threats, including:
- Eavesdropping: Unauthorized interception of communication
- Impersonation: Pretending to be someone else
- Hijacking: Taking control of a communication session
- Denial of Service: Preventing legitimate users from accessing a service
Breaking Encryption Schemes
Attackers can attempt to break encryption schemes using various methods:
- Ciphertext-Only Attack: Analyzing ciphertext without access to plaintext
- Known-Plaintext Attack: Analyzing ciphertext with corresponding plaintext
- Chosen-Plaintext Attack: Obtaining ciphertext for chosen plaintext
Encryption Techniques
Substitution Ciphers
Substitution ciphers replace one thing with another, such as letters with other letters. Examples include monoalphabetic and polyalphabetic ciphers.
Block Ciphers
Block ciphers operate on fixed-length groups of bits (blocks) using a symmetric key. Examples include DES and AES.
DES (Data Encryption Standard)
DES is a 56-bit symmetric key block cipher that was once a US encryption standard. It has been superseded by more secure algorithms.
AES (Advanced Encryption Standard)
AES is a symmetric-key block cipher that replaced DES. It offers stronger security with 128, 192, or 256-bit keys.
RSA (Rivest-Shamir-Adleman)
RSA is a public-key encryption algorithm that uses a pair of keys (public and private) for secure communication.
Authentication
Authentication verifies the identity of a party involved in communication. Various protocols exist, with increasing levels of security:
- AP1.0: Simple statement of identity
- AP2.0: Includes source IP address
- AP3.0: Sends secret password (insecure)
- AP3.1: Sends encrypted secret password
- AP4.0: Uses nonce and shared secret key
- AP5.0: Uses nonce and public-key cryptography
Digital Signatures
Digital signatures provide authenticity and integrity to documents. They are analogous to handwritten signatures and offer:
- Verification: Recipient can prove the signer’s identity
- Non-forgeability: Signature cannot be forged
Hash Functions
Hash functions create fixed-size message digests (fingerprints) from arbitrary-length data. They are used in digital signatures and other cryptographic applications. Examples include MD5 and SHA-1.
Public-Key Certification
Public-key certification binds a public key to a specific entity using a trusted third party called a Certificate Authority (CA). This helps prevent impersonation and ensures trust in public keys.
Secure Email
Secure email combines encryption and digital signatures to provide confidentiality, authentication, and integrity. It typically involves using symmetric and asymmetric cryptography to protect message content and ensure sender identity.