Cryptography Fundamentals: Encryption, Authentication, and Digital Signatures

Posted on Apr 30, 2024 in Computers

Cryptography Fundamentals

Threats and Attacks

Cryptography helps protect against various threats, including:

  • Eavesdropping: Unauthorized interception of communication
  • Impersonation: Pretending to be someone else
  • Hijacking: Taking control of a communication session
  • Denial of Service: Preventing legitimate users from accessing a service

Breaking Encryption Schemes

Attackers can attempt to break encryption schemes using various methods:

  1. Ciphertext-Only Attack: Analyzing ciphertext without access to plaintext
  2. Known-Plaintext Attack: Analyzing ciphertext with corresponding plaintext
  3. Chosen-Plaintext Attack: Obtaining ciphertext for chosen plaintext

Encryption Techniques

Substitution Ciphers

Substitution ciphers replace one thing with another, such as letters with other letters. Examples include monoalphabetic and polyalphabetic ciphers.

Block Ciphers

Block ciphers operate on fixed-length groups of bits (blocks) using a symmetric key. Examples include DES and AES.

DES (Data Encryption Standard)

DES is a 56-bit symmetric key block cipher that was once a US encryption standard. It has been superseded by more secure algorithms.

AES (Advanced Encryption Standard)

AES is a symmetric-key block cipher that replaced DES. It offers stronger security with 128, 192, or 256-bit keys.

RSA (Rivest-Shamir-Adleman)

RSA is a public-key encryption algorithm that uses a pair of keys (public and private) for secure communication.

Authentication

Authentication verifies the identity of a party involved in communication. Various protocols exist, with increasing levels of security:

  • AP1.0: Simple statement of identity
  • AP2.0: Includes source IP address
  • AP3.0: Sends secret password (insecure)
  • AP3.1: Sends encrypted secret password
  • AP4.0: Uses nonce and shared secret key
  • AP5.0: Uses nonce and public-key cryptography

Digital Signatures

Digital signatures provide authenticity and integrity to documents. They are analogous to handwritten signatures and offer:

  • Verification: Recipient can prove the signer’s identity
  • Non-forgeability: Signature cannot be forged

Hash Functions

Hash functions create fixed-size message digests (fingerprints) from arbitrary-length data. They are used in digital signatures and other cryptographic applications. Examples include MD5 and SHA-1.

Public-Key Certification

Public-key certification binds a public key to a specific entity using a trusted third party called a Certificate Authority (CA). This helps prevent impersonation and ensures trust in public keys.

Secure Email

Secure email combines encryption and digital signatures to provide confidentiality, authentication, and integrity. It typically involves using symmetric and asymmetric cryptography to protect message content and ensure sender identity.