1Basics of cryptography

Cryptography is a strong mathematical tool for protecting information in computer systems. Many security applications are, in fact, based on the use of cryptography to encrypt and decrypt data. Thanks to cryptography, sensitive data can be safely transmitted through telecommunication networks without the threat of the information being intercepted and, subsequently, compromised. Encryption can be defined as the process of making information indecipherable and useless to all except those who are the intended recipients of such information. Decryption is converting data back to its original form.

This technique is used in everyday actions, such as making or receiving a call from a mobile phone, paying with a credit or debit card, withdrawing money from an ATM, logging on to a computer with a password, ... Cryptography enables to store sensitive information or transmit it across insecure networks (like the Internet) so that it cannot be read by anyone except the intended recipient. Cryptography has now become an industry standard for providing information security, trust, controlling access to resources, and electronic transactions. However, it is important to point out that cryptography by itself is not sufficient to deal with all threats to information security.

A cryptographic algorithm, or cipher, is simply just some sequences of processes for performing both an encryption, and the corresponding decryption. is a mathematical formula designed specifically to obscure the value and content of data. Most valuable cipher algorithms work in combination with one or several keys as part of the process. The same plaintext can be encrypted to different ciphertext when different keys are used. There must be no way to find the plaintext (clear data) if the key is unknown, except brute force, i.e. by trying all possible keys until the right one is found. The security of encrypted data is entirely dependent on two things: the strength of the cryptographic algorithm and the secrecy of the key

The number of possible keys must be so large that it is computationally infeasible to actually stage a successful brute force attack a reasonable length of time. Many cipher algorithms increase their protection by increasing the size of the keys they use. However, the larger the key, the more computing time is needed to encrypt and decrypt data. So it is important to choose a cipher algorithm that strikes a balance between your protection needs and the computational cost of protecting the data.

Modern Cryptographic algorithms can be divided by two criteria: by type of key used, and by the manner they operate on the data.

Regarding the type of key used, ciphers can be classified into:

  1. Symmetric key or secret key algorithms. Symmetric-key cryptography refers to encryption methods in which both the sender and receiver share the same key (or, less commonly, in which their keys are different, but related in an easily computable way). The Advanced Encryption Standard (AES) is an example of a conventional cryptosystem widely employed.
  2. Public key cryptography or asymmetric key cryptography is a scheme that uses a pair of keys for encryption: a public key, which encrypts data, and a corresponding private, or secret, key for decryption. Obviously, the two keys of the same pair are mathematically linked; nevertheless it is computationally infeasible to derive the private key from the public key. A user or entity publishes their public key while keeping their private key secret. Anyone who has a public key can encrypt information but cannot decrypt it. Only the person who has the corresponding private key can decrypt the information.

The primary benefit of public key cryptography is that it allows people who have no preexisting security arrangement to exchange messages securely. The sender and the receiver do not need to share any secret keys via secure channels; all communications involve only public keys, and no private key is ever transmitted or shared.

Regarding the manner in which the algorithms operate on the data, ciphers can also be classified into,

  1. Block Ciphers operate on fixed-length groups of bits, called blocks, with a keyed unvarying transformation. They divide the message into blocks and encrypt one block at a time. When the block cipher is considered secure then the resulting ciphertext of a single block is of course also secure - when analyzed independently. Nevertheless, when multiple messages are encrypted with the same key, then ECB is not secure, since identical message blocks will result in identical ciphertext block. Therefore an attacker could easily detect block repetitions in the message, so direct use of a block cipher is inadvisable. Different operations modes are used in order to avoid this problem.
  2. Stream ciphers convert one symbol of plaintext directly into a symbol of ciphertext, They work by producing a keyed pseudorandom sequence that operates as a cryptographic keystream. This keystream is basically a stream of bits that is combined with plaintext to encrypt one bit or byte at a time, producing the ciphertext.

During the module, the following terminology will be used: