Cryptography refers to the process of hiding information by converting the readable text into unreadable text using some sort of a key or encryption algorithm.
Information protected using cryptography includes emails, files, and other sensitive data.
The objective of cryptography is to ensure the encrypted information retains its confidentiality, integrity, authentication, and non-repudiation.
Encryption has two types:
- Symmetric encryption uses one key to encrypt and decrypt the information that is sent/received.
- Asymmetric encryption uses different keys to encrypt and decrypt the information that is sent/received.
Cipher refers to an algorithm which is used for encryption and decryption.
Cipher types are:
- Substitution cipher is a cipher in which the plain text is substituted with ciphertext.
- Transposition cipher is a cipher in which the plain text is rearranged to create a ciphertext.
- Symmetric key algorithm is an algorithm which uses one key for encryption and decryption
- Asymmetric key algorithm is an algorithm which uses two keys for encryption and decryption
- Block cipher is a cipher which operates on fixed-size blocks of data using a symmetric key
- Stream cipher is a cipher which operates on one bit at a time using a symmetric key
DES is a data encryption standard that uses symmetric encryption. The secret key that is used for encryption and decryption has 64 bits, out of which 56 bits are randomly generated and the remaining 8 bits are used in error checking.
AES is a symmetric-key algorithm which performs the same operation multiple times. It uses a fixed size block of 128 bits and keys of three sizes: 128, 192, and 256 bits.
RC4, RC5, RC6
RC4 is a variable length key algorithm which operates on one bit a time and uses random permutations. It belongs to the group of symmetric-key stream ciphers.
RC5 is a parameterized algorithm which has a variable block size, variable key size, and a variable number of rounds. Block size can be one of the three: 32, 64, and 128 bits. Key size can be between 0 and 2,040 bits. The number of rounds can be between 0 and 255.
RC6 is derived from RC5 and has two additional features: it uses integer multiplication and 4-bit registers (RC5 uses 2-bit registers).
Twofish algorithm is a block cipher which uses 128-bit blocks and one key for encryption and decryption. The size of the key can range from 0 to 256 bits.
DSA is an asymmetric algorithm which uses both private and public keys. The private key tells who signed the message, and the public key verifies the digital signature. In the message exchange between two entities, each entity creates a public and private key.
RSA uses modular arithmetic and elementary number theories for performing computations using two large prime numbers. It is considered to be encryption standard and as such is used in various applications. RSA uses both private and public keys in the process of encryption and decryption.
Diffie-Hellman algorithm is used for generating a shared key between two entities over an insecure channel. It allows two parties to create an encryption key and then encrypt their traffic with that key.
Message digest functions, or one-way functions, are used to calculate unique fixed-size string representation of a block of information. They cannot be reversed and are used to check the file integrity.
MD5 is a message digest algorithm which takes an arbitrary length input and produces a 128-bit message digest of the input. This algorithm is used in digital signature applications, file integrity checking, and password storage.
Secure Hashing Algorithm or SHA is an algorithm that generates a cryptographically secure message digest. There are three generations of SHA algorithms: SHA-1, SHA-2, and SHA-3. SHA-1 produces 160-bit digests, whereas SHA-2 and SHA-3 produce 256, 384, and 512-bit digests.
Hash based Message Authentication Code or HMAC is a type of message authentication code. It uses a combination of a cryptographic key and hash function such as SHA-1 or MD5. It is used for authentication and integrity checks.
PKI stands for Public Key Infrastructure and refers to hardware, software, people, policies, and procedures that are required to manage digital certificates. It is a security architecture which was developed to increase the confidentiality of information that is being exchanged.
Signed certificate is a certificate issued by Certification Authorities (CA). It contains a public key and the owner’s identity.
Self-signed certificate is a certificate issued and signed by oneself. It is usually used for testing purposes and otherwise is not to be trusted.
Email and Disk Encryption
Digital signature is created using asymmetric cryptography. It is attached to the transmitted data and represents a cryptographic way of authentication.
SSL stands for Secure Sockets Layer and refers to a protocol on the application layer tasked with ensuring the security of the message transmission over the network and Internet.
TLS stands for Transport Layer Security and refers to a protocol that establishes a secure client-server connection and ensures the information integrity and privacy during transmission.
PGP stands for Pretty Good Protection and refers to a protocol used for encryption and decryption of authentication and cryptographic data. PGP is used for compressing data, digital signatures, email encryption/decryption, and other sensitive information.
Disk encryption refers to the encryption of all data stored on a disk. The objective is to protect the data stored in the disk and ensure its confidentiality.
Cryptanalysis refers to the process of decryption of ciphers and encrypted text. It can identify vulnerabilities in cryptosystems and thus extract plain text from the encrypted one.
Methods used in cryptanalysis are:
- Linear cryptanalysis is used on block ciphers
- Differential cryptanalysis is used on symmetric key algorithms
- Integral cryptanalysis is used on block ciphers
Techniques used for measuring the strength of the encryption algorithm by breaking the encryption include:
- Brute force technique tries every possible combination of characters to break the encryption
- Frequency analysis technique analyzes the frequency at which certain symbols occur and based on that breaks the encryption
- Trickery and deceit technique requires using social engineering techniques to extract the keys and break the encryption
- One-time pad technique refers to the unbreakable encryption in which the plain text is combined with a key that consists of non-repeating set of characters, is generated randomly, and has the same length as the message being sent.
Ciphertext-only attack is an attack in which the attacker has a collection of cipher texts which need to be analyzed to find the key and encrypt the text.
Known-plaintext attack is an attack in which the attacker has part of the plaintext based on which they derive the key.
Chosen plaintext attack is an attack in which the attacker derives the key by analyzing the plain text and the corresponding ciphertext generated by the attacker.
Chosen ciphertext attack is an attack in which the attacker obtains the plain text for a set of chosen ciphertexts and attempts to derive the key.
Brute force attack is an attack in which every possible key combination is tried against the ciphertext until the right key is found. This attack requires a lot of time and processing power.
Dictionary attacks is an attack in which the attacker creates a dictionary of plaintext and its ciphertext and then uses that dictionary to break the encryption.