CYt100

Cryptography

Internal School of Information & Communications Technology Kamyar Ghaderi ([Link]@[Link])

 CYT-100 Cybersecurity Principles & Standards
Week Date (Week) CYT100NDD-6167 Reading Content Weight
Week 1 2024-01-08 Introduction to Cybersecurity Principles Notes (PPT.)
Week 2 2024-01-15 Social Engineering Notes (PPT.) Assignment#1 5%
Week 3 2024-01-22 Cryptography Notes (PPT.) Assignment#2 5%
Week 4 2024-01-29 Security Assessment Notes (PPT.) Assignment#3 5%
Week 5 2024-02-05 Access Control Notes (PPT.)
Week 6 2024-02-12 Network and Wireless Security Notes (PPT.) Assignment#4 5%
Week 7 2024-02-19 Data Privacy and Protection Concepts Notes (PPT.)
Week 8 2024-02-26 Study Week
Week 9 2024-03-04 TEST#1 Weeks 1-6 Test#1 20%
Week 10 2024-03-11 Risk Mitigation Notes (PPT.)
Week 11 2024-03-18 Incident Response & Business Continuity/ Disaster Recovery Notes (PPT.) Assignment#5 5%
Week 12 2024-03-25 End Point Security Notes (PPT.) Assignment#6 5%
Week 13 2024-04-01 Physical Security Notes (PPT.)
Week 14 2024-04-08 TEST#2 Weeks 8-13 Test#2 20%
Week 15 2024-04-15 Final Project-Presentation Weeks 1-13 Project 10%
Week 15 2024-04-19 Final Project-Report Weeks 1-13 Project 20%

Internal
 What is Social Engineering
• Social Engineering is an attack on
mind
• It’s the attack performed to trick
the human being in doing
something
• Its “Hacking the Human”

Internal
 Social Engineering: What and How
• Reconnaissance and drawing
information
• Intrusion and gaining unauthorized Investigation

access
• It is carried out with scenarios like
below Hook

• Persuade a user to download and

execute malicious file
• Contacting front line workers, Play
helpdesk to gather information
• Gaining access to unauthorised
information
• Installation of spywares, monitoring Exit

devices

Internal
 Baiting
Scareware
Pretexting
Social Phishing

Engineering Vishing

Techniques Dumpster diving

Tailgating
Piggybacking
Shoulder surfing

Internal
 Introduction to Cryptography
• Method of protecting Information and communications through the
use of codes
• Intention behind this is to restrict unauthorized sniffing of the
information
• Crypt means to hide and graphy means writing

Internal
 Security Principles & Cryptography

Internal
 Terminology

Internal
 Terminology

Internal
 Importance of cryptography
• Primary goal of cryptography is to keep plain text secret from
eavesdroppers trying to catch the information about it
• How it is achieved ?
• Using Encryption
• Message is converted to the format using the mathematical algorithms so
intruder can’t decode them
• How it is decoded by the receiver
• Through the usage of keys, same way we access our lockers

Internal
 Data transfer without cryptography

Intercepted by hacker
/unauthorized person

Message Transfer

Internal
 Objectives of cryptography
• Providing Confidentiality is one of the main objectives of
cryptography
• It also provides solutions to the problems like
• Data Integrity – Here, receiver can verify if the message is modified either
accidentally or deliberately
• Authentication – Receiver should be able to verify the origin of the message
(sender)
• Non-repudiation – Sender can’t deny that he/she has sent a message

Internal
 Components of Cryptography
Cryptography

Symmetric Asymmetric
Ciphers Ciphers

Stream Block Factoring Logarithms Knapsaek

Stream Mode Block Mode

CFB OFB CTR ECB CBC

Internal
 Cryptography-Hybrid

Hybrid

Symmetric:
Asymmetric:
Bulk Data
Key Exchange
Encryption

Internal
 Types of Cryptography
• Single Key / Symmetric key encryption

• Creates a fixed length of bits known as block cipher

• Secret key is used to encipher and decipher data which is shared amongst
sender and receiver
• It consists of public and private information
• Public information – algorithm used
• Private information – Key
• Types – DES, AES

Internal
 Types of Cryptography contd..
• Asymmetric key cryptography

• Usage of Public key and Private key

• Public key is used for encryption
• Private key is used for decryption
• Advantage is exchange of secret keys is eliminated
• Public key can’t decrypt the message
• Similarly, private key can’t encrypt the message
• Algorithms – RSA, Elliptic curve, Diffie-Hellman

Internal
 Data Encryption Standard (DES)
• DES is a symmetric key cryptosystem that was devised in 1972 as a
derivation of the Lucifer algorithm developed by Horst Feistel at IBM
• Uses 64-bit block size and 56-bit key
• It is 16 round cryptosystem means 16 rounds of transposition and
substitution
• Operates in four modes
• Cipher Block Chaining (CBC)
• Electronic Code Book (ECB)
• Cipher Feedback (CFB)
• Output Feedback (OFB)

Internal
 Triple DES
• Triple DES encrypts a message three times.
• It can be achieved using several ways
• Message can be encrypted with key1, decrypted with key2 and
encrypted again with key1 represented as [E{D[E(M,K1)],K2},K1]
• Here, E – Encryption , D – Decryption , M – Message , K1 / K2 – keys

Internal
 Advanced Encryption Standard
• AES is a block cipher that is implemented as a replacement for DES,
but triple DES is still mostly used by the governments
• Based on Rijndael Block Cipher
• AES / advanced key Encryption Standard is a type of symmetric key
encryption
• It uses longer key lengths (128, 256 bits etc.) to prevent brute force
and other attacks

Internal
 Illustration

Encryption Decryption

Plain Text Cipher Text Plain Text

Internal
 Asymmetric Key Cryptography
• It is a process that uses a pair of related keys -- one public key and
one private key -- to encrypt and decrypt a message and protect it
from unauthorized access or use
• Asymmetric encryption uses a mathematically related pair of keys for
encryption and decryption: a public key and a private key. If the public
key is used for encryption, then the related private key is used for
decryption
• Usage - Asymmetric cryptography is typically used to authenticate
data using digital signatures.

Internal
 Asymmetric key Illustration

Sender PlainText Data Ciphered Data Decrypted Data Receiver

Public Key Private Key

Internal
 RSA Algorithm
• RSA is derived from the last names of its inventors, Rivest, Shamir,
and Addleman (R.L. Rivest, A. Shamir, and L. M. Addleman)
• This algorithm is based on the difficulty of factoring a number, N,
which is the product of two large prime numbers
• the difficulty in obtaining the private key from the public key is a hard,
one-way function that is equivalent to the difficulty of finding the
prime factors of N.

Internal
 Diffie-Hellman Key exchange
• The Diffie—Hellman Key Exchange is a method where subjects
exchange secret keys over a nonsecure medium without exposing the
keys
• The method enables two users to exchange a secret key over an
insecure medium without an additional session key

Internal
 Key length comparisons

Asymmetric Key Size Symmetric Key size

512 bits 64 bits

1792 bits 112 bits

2304 bits 128 bits

Internal
 Hash Functions
/Message

• A Hash function takes data of arbitrary

size and returns a value in fixed range.
• If you compute the hash of the same
data at different times, you should get
the same answer-if not then the data
has been modified.
• Used in digital signatures and message
authentication codes.

Internal
 Digital Signatures
• Purpose of Digital signature is same as normal signature i.e. to
authenticate identity of the signatories
• In addition to it digital signatures are way to detect unauthorized
modifications of data and non-repudiation
• The digital signal program passes the file to be sent through a one-
way hash function. This hash function produces a fixed size output
from a variable size input. The output of the hash function is called a
message digest

Internal
 SSL and TLS
• SSL stands for Secure Socket Layer, it was developed to secure
Internet client server transactions
• Authenticates server to the client using public key cryptography and
digital certificate (e.g: Web pages using SSL protocol starts with
HTTPs)
• TLS stands for Transaction Layer Security
• It implements confidentiality, authentication and integrity above
Transport Layer and resides between application and TCP layer

Internal
 Signed and Self signed certificate
• A self-signed SSL Certificate is an SSL Certificate that is issued by the
individual using it. It’s issued with software that the user has and
controls.
• Trusted CA Signed SSL Certificate (CA Certificate) is, it’s an SSL
Certificate that’s been authenticated by one of the trusted Certificate
Authorities that are authorized to issue them

Internal
 Public Key Infrastructure
• The integration of digital signatures and certificates, and the other
services required for E-commerce is called the Public Key
Infrastructure (PKI).
• These services provide integrity, access control, confidentiality,
authentication, and non-repudiation for electronic transactions.

Internal
 PKI Elements

• Digital certificates
• Certificate Authority (CA)
• Registration authorities
• Policies and procedures
• Certificate revocation
• Non-repudiation support
• Timestamping
• Lightweight Directory Access Protocol (LDAP)
• Security-enabled applications
• Cross certification

Internal
 Disk Encryption
• Disk encryption is a technology
which protects information by
converting it into unreadable code
that cannot be deciphered easily
by unauthorized people.
• Disk encryption uses disk
encryption software or hardware
to encrypt every bit of data that
goes on a disk or disk volume. It is
used to prevent unauthorized
access to data storage

Internal
 Crypt Analysis
• Cryptanalysis is the act of obtaining the plaintext or key from the
ciphertext that is used to obtain valuable information to pass on
altered or fake messages in order to deceive the original intended
recipient
• It is breaking the ciphertext.
• Types:
• Ciphertext only
• Known Plaintext
• Chosen Plaintext
• Differential

Internal
 Symmetric vs. Asymmetric Key

Internal
 Symmetric vs. Asymmetric Key Size

Internal
 Cryptography Algorithms

Internal
 What are cryptography attacks?
• What: A cryptographic attack is a method used by hackers to target
cryptographic solutions like ciphertext, encryption keys, etc.
• Objective: These attacks aim to retrieve the plaintext from the
ciphertext or decode the encrypted data.
• How: Hackers may attempt to bypass the security of a cryptographic
system by discovering weaknesses and flaws in cryptography
techniques, cryptographic protocol, encryption algorithms, or key
management strategy.

Internal
 What are cryptography attacks?
• Active Attacks:
• Involve modification of the data or communication. In this case, the attacker
not only gains access to the data but also tampers with it.
• Passive Attacks:
• Intend to obtain unauthorized access to sensitive data or information by
intercepting or eavesdropping on general communication. In this situation,
the data and the communication remain intact and are not tampered with.
The attacker only gains access to the data.

Internal
 Brute force attack

• Public and private keys play a significant role in encrypting and

decrypting the data in a cryptographic system.
• In a brute force attack, the cybercriminal tries various private keys to
decipher an encrypted message or data.
• If the key size is 8-bit, the possible keys will be 256 (i.e., 28).
• The cybercriminal must know the algorithm (usually found as open-
source programs) to try all the 256 possible keys in this attack
technique.

Internal
 Ciphertext-only attack
• In this attack vector, the attacker gains access to a collection of
ciphertext.
• Although the attacker cannot access the plaintext, they can
successfully determine the ciphertext from the collection.
• Through this attack technique, the attacker can occasionally
determine the key.

Internal
 Chosen plaintext attack
• In this attack model, the cybercriminal can choose arbitrary plaintext
data to obtain the ciphertext.
• It simplifies the attacker's task of resolving the encryption key.
• One well-known example of this type of attack is the differential
cryptanalysis performed on block ciphers.

Internal
 Chosen ciphertext attack
• In this attack model, the cybercriminal analyzes a chosen ciphertext
corresponding to its plaintext.
• The attacker tries to obtain a secret key or the details about the
system.
• By analyzing the chosen ciphertext and relating it to the plaintext, the
attacker attempts to guess the key.
• Older versions of RSA encryption were prone to this attack.

Internal
 Known plaintext attack
• In this attack technique, the cybercriminal finds or knows the
plaintext of some portions of the ciphertext using information
gathering techniques.
• Linear cryptanalysis in block cipher is one such example.

Internal
 Key and algorithm attack
• The attacker tries to recover the key used to encrypt or decrypt the
data by analyzing the cryptographic algorithm.

Internal
 Preventing Cryptography Attacks
• Regularly update the cryptographic algorithms and protocols to
ensure they are not obsolete.
• Ensure that the data is appropriately encrypted so that even if it falls
into the wrong hands, it will be unreadable.
• Use strong and unique keys for encryption.
• Store the keys in a secure location.
• Ensure that the cryptographic system is implemented correctly.
• Regularly test the system for vulnerabilities.
• Educate employees about cryptography attacks and how to prevent
them.

Internal
 Summary
• Cryptography is an vital tool for protecting information in computer systems.

• Cryptography is the study of secure communications techniques that allow only the sender and
intended recipient of a message to view its contents. The term is derived from the Greek word
kryptos, which means hidden. Cryptography provides for secure communication in the presence
of malicious third-parties—known as adversaries. Encryption uses an algorithm and a key to
transform an input (i.e., plaintext) into an encrypted output (i.e., ciphertext). A given algorithm
will always transform the same plaintext into the same ciphertext if the same key is used. This
topic provides overall understanding of cryptography and various algorithms involved in
cryptography

References:

1. Applied Cryptography – Bruce Schneier

2. CISSP Book

Internal 3. Packetlabs