Introduction to Cryptography Notes

Cryptography is the practice and study of techniques for secure communication in the presence of adversaries. It uses mathematical algorithms to convert a readable message, known as plaintext, into an unintelligible, coded message, known as ciphertext, and back again. The primary goals of cryptography are to ensure data security through: 

Confidentiality: Ensures that information can only be accessed by authorized parties.

• Integrity: Guarantees that data remains accurate and unaltered during transit or storage.
• Authentication: Verifies the identities of the sender and receiver.
• Non-repudiation: Prevents a sender from denying that they sent a message. 

Basic terminology and processes

Encryption: The process of converting plaintext into ciphertext using an algorithm and a key.

• Decryption: The process of converting ciphertext back into plaintext using a key.
• Key: A piece of critical information (a string of characters or numbers) used by an algorithm to perform encryption and decryption. The security of a system depends heavily on the secrecy of its keys.
• Cipher: The algorithm or mathematical procedure used for encryption and decryption.
• Cryptanalysis: The study of breaking cryptographic systems, also known as code-breaking. It is used to find weaknesses in cryptosystems to make them more robust.
• Cryptology: The field of study that encompasses both cryptography and cryptanalysis. 

Types of cryptography

1. Symmetric-key cryptography

This method uses a single, shared secret key for both encryption and decryption.

How it works: The sender uses the key to encrypt the plaintext into ciphertext. The receiver must have the same key to decrypt the ciphertext back into plaintext.

• Pros: It is generally faster and less computationally intensive, making it suitable for encrypting large amounts of data.
• Cons: Securely distributing the single secret key to all authorized parties can be a challenge.
• Examples: Advanced Encryption Standard (AES) and Data Encryption Standard (DES). 

2. Asymmetric-key cryptography (Public-key cryptography) 

This method uses a pair of mathematically related keys: a public key and a private key. 

• How it works: The public key can be shared openly and is used for encryption. Only the corresponding private key can decrypt the data. The private key is kept secret by its owner.
• Pros: It solves the key distribution problem, as the private key never needs to be transmitted. It also provides authentication and non-repudiation.
• Cons: The process is significantly slower than symmetric encryption.
• Examples: RSA and Elliptic Curve Cryptography (ECC).
• Hybrid approach: Modern systems often combine both symmetric and asymmetric cryptography. Asymmetric encryption is used to securely exchange a symmetric key, and the symmetric key is then used for the high-speed bulk encryption of the data. 

3. Hash functions

A hash function is a one-way mathematical algorithm that takes an input of any size and produces a fixed-size output, known as a hash value or message digest. 

• How it works: Hash functions are one-way, meaning it is computationally infeasible to reverse the process and get the original data from the hash.
• Key features: Hash functions are designed to be collision-resistant, meaning it is difficult to find two different inputs that produce the same hash value.
• Use cases: They are used to verify data integrity and for secure password storage.
• Examples: SHA-256 and MD5. 

Cryptanalytic attacks

Attackers, or cryptanalysts, use different methods to try and break cryptographic systems. 

• Ciphertext-only attack: The attacker only has access to the encrypted message (ciphertext).
• Known-plaintext attack: The attacker has a copy of both the plaintext and its corresponding ciphertext.
• Chosen-plaintext attack: The attacker can choose a plaintext and get the corresponding ciphertext, which helps analyze the encryption system.
• Brute-force attack: The attacker systematically tries every possible key until the correct one is found. The strength of modern cryptography lies in making the keys so long that this is practically impossible.