Information Security

Assurance 1
 OUTCOMES
Upon the completion of this session, the learner will be
able to:

■
Understand the symmetric cipher model.
■
Understand the basic types of cryptography.
■
Know the importance of encryption and decryption.
■
Understand unconditionally secure and
computationally secure encryption schemes.
■
Understand various key terms related to
cryptography.

2
 What is
Cryptography?
 Cryptography
Cryptography derived its name from a Greek word
called “krypto’s” which means “Hidden Secrets”.
Cryptography is the practice and study of hiding
information. It is the Art or Science of converting a
plain intelligible data into an unintelligible data and
again retransforming that message into its original form.
It provides Confidentiality, Integrity, and Accuracy.

4
Cryptography
The art or science of encompassing the
principles and methods of transforming an
intelligible message into one that is
unintelligible, and then retransforming that
message back to its original form.

In simple terms, this is about taking a clear message, making it difficult to understand on
purpose, and then figuring out how to turn it back into the original, clear message. This process
is often used in things like coding, encryption, or secret communication, where the goal is to
protect the message from being easily understood by others.

5
Cryptography
Terminologies

A message is plaintext (sometimes called cleartext). The process of disguising a message in such a

way as to hide its substance is encryption. An encrypted message is ciphertext. The process of

turning ciphertext back into plaintext is decryption.

A cipher (or cypher) is an

algorithm for performing

encryption or decryption-a

series of well-defined steps

encryption decryption
that can be followed as a plaintext Coded Hex Text plaintext

procedure.
Cryptography
Terminology

A cryptosystem is an implementation of cryptographic techniques and their accompanying infrastructure to

provide information security services. A cryptosystem is also referred to as a cipher system. The various

components of a basic cryptosystem are as follows - In simple terms, A cryptosystem is a way of using
special methods to keep information safe and secure.
■ Plaintext It's like a system that helps turn your message into a
■ Encryption Algorithm secret code, so only the person who knows how to
decode it can understand it. This system includes
■ Ciphertext different parts, like tools to hide the message and tools
to unlock it again, so the message stays safe from
■ Decryption Algorithm
others.
Sure! Here's a simple explanation of the parts of a basic cryptosystem:
■ Encryption Key [Link]: This is the original, clear message you want to send. It's the normal, readable text before it's made secret.
[Link] Algorithm: This is the method or set of rules used to turn the plaintext into a secret message (called ciphertext).
■ Decryption Key It’s like a special recipe that changes the message.
[Link]: This is the secret, scrambled version of the plaintext. It's unreadable without the right key.
[Link] Algorithm: This is the method or set of rules used to turn the ciphertext back into the original plaintext. It’s like the
reverse of the encryption algorithm.
[Link] Key: This is a special "password" used to scramble (encrypt) the message. It’s needed to turn the plaintext into
ciphertext.
[Link] Key: This is another special "password" (it might be the same or different from the encryption key) used to
unscramble (decrypt) the ciphertext back into plaintext.
So, in short: you use the encryption key to lock your message (encrypt it), and the decryption key to unlock it (decrypt it).
Cryptography
Terminology
While cryptography is the science of securing data, cryptanalysis is the science of analyzing and

breaking secure communication. Classical cryptanalysis involves an interesting combination of

analytical reasoning, application of mathematical tools, pattern finding, patience, determination,

and luck. Cryptanalysts are also called attackers.

Cryptology embraces both cryptography and cryptanalysis.

Sure! Here's a simple explanation:

•Cryptography is the science of making data secure, so no one can easily
read or steal it. It’s like locking a message in a safe.
•Cryptanalysis is the science of trying to break or figure out how to unlock
that secure data. It’s like trying to crack the code or pick the lock of the safe.
•Classical Cryptanalysis involves using smart thinking, math, looking for
patterns, and sometimes being patient and lucky to figure out how to break
the code.
•The people who try to break the codes are called cryptanalysts or
attackers.
•Cryptology is the big umbrella term that includes both cryptography (making
codes) and cryptanalysis (breaking codes).
 Purpose of
Cryptography
 Authentication: The process of proving one's identity. (The primary forms of host-to-
host authentication on the Internet today are name-based or address-based, both of
which are notoriously weak.)
 Privacy/confidentiality: Ensuring that no one can read the message except the
intended receiver.
 Integrity: Assuring the receiver, that the received message has not been altered in any
way from the original.
 Non-repudiation: A mechanism to prove that the sender really sent this message.
Authentication is the process of proving who you are. It’s like showing your ID to prove your identity.
On the internet, there are two common ways to do this:
1. Name-based authentication: This means proving who you are by using a name (like a username).
2. Address-based authentication: This means proving who you are by using an address (like an IP address).

Privacy or confidentiality means making sure that only the person who is supposed to Integrity means making sure that the message the receiver gets is exactly the same
receive the message can read it. It’s like sending a letter in a sealed envelope, so no one as the one that was sent, without any changes. It’s like sealing a package so the
else can peek inside and see what it says. receiver can tell if it was opened or tampered with during delivery.
Non-repudiation is a way to make sure the sender can't deny sending a message.
It's like having a receipt or proof that shows the sender really sent the message, so
they can't later say, "I didn’t send that."
9
Cryptography

Alice (Sender) Bob (Rexeiver)

C = E (P + k) mod 26 P = D (C - k) mod 26 10
 Types of
Cryptography

[Link] Cryptography ( Private Key

Cryptography)
[Link] Cryptography (Public Key
Asymmetric Cryptography, also known as Public Key Cryptography, uses two
Cryptography)
Symmetric Cryptography, also known as
different keys to secure a message:
1. Public Key: This key is shared openly and can be used by anyone to encrypt
Private Key Cryptography, is a method (lock) a message.
where the same secret key is used to both 2. Private Key: This key is kept secret by the receiver and is used to decrypt
(unlock) the message.
encrypt (lock) and decrypt (unlock) a It’s like having a mailbox:
message. • The public key is the open mailbox anyone can use to drop in a letter (encrypt
the message).
• The private key is the secret key that only the mailbox owner can use to open
and read the letter (decrypt the message).
11
Symmetric Cryptography

12
Asymmetric
Cryptography

13
Using Keys
 Private keys are used for decrypting.
 Public keys are used for encrypting.

14
Application of Cryptography
 Secure online transactions: Cryptography is used to
secure online transactions, such as online banking and e-
commerce, by encrypting sensitive data and protecting it
from unauthorized access.
 Digital signatures: Digital signatures are used to verify the
authenticity and integrity of digital documents and ensure
that they have not been tampered with.
 Password protection: Passwords are often encrypted
using cryptographic algorithms to protect them from being
stolen or intercepted
15
Encryption
Schemes
￮ Unconditionally secure – if the cipher text does not
contain enough information to determine uniquely the
corresponding plain text no matter how much cipher text
is available. An unconditionally secure encryption scheme means that no matter
how much encrypted information (ciphertext) you have, it’s impossible to
figure out the original message (plaintext) unless you have the secret
key.
￮ Computationally secure – the attacker is investing a
lot of time in breaking the cipher text and a lot of effort
but still not successful.
A computationally secure encryption scheme means that, while it’s not impossible to break the
encryption, it would take so much time and effort for an attacker to crack it that it’s not practical.
In simple terms, it’s like a lock that’s so hard to pick that even though someone could technically do it,
they’d need so much time, computer power, or resources that it’s essentially safe for everyday use. 16
Key terms:
￮ Plain text – the message the sender wants to send. The
message can be a simple text, image, animation, audio, video
or just text or numbers.
￮ Cipher text – the converted plain text or the encrypted plain
text. The encryption algorithm will convert the plain text to the
cipher with the help of the keys. The unintelligible message
that no one can understand.
￮ Cipher – also called an encryption algorithm.
￮ Key – is the most vital and critical information as far as
security is concerned.
￮ Cryptology – is the combination of cryptography and
cryptanalysis.
17
Questions
?
18