- What is Cryptography?
- Purpose Of cryptography
- Architecture of cryptography
- Types of Cryptography
- Attacks of cryptography
What is Cryptography?
Cryptography derived its name from a Greek word called “krypto’s” which means “Hidden Secrets”. Cryptography is the practice and study of hiding information. It is the Art or Science of converting a plain intelligible data into an unintelligible data and again retransforming that message into its original form. It provides Confidentiality, Integrity, and Accuracy.
In other Word Definition:- Cryptography is a field of computer science and mathematics that focusses on techniques for secure communication between two parties (Alice & Bob) while a third-party (Eve1 or Mallory2 ) is present . This is based on methods like encryption, decryption, signing, generating of pseudo-random numbers, etc.
Cryptology consists of two branches:
Cryptography is the area of constructing cryptographic systems.
Cryptanalysis is the area of breaking cryptographic systems.
Within the context of any application-to-application communication, there are some specific security requirements, including:
Authentication: The process of proving one’s identity. (The primary forms of host-to-host authentication on the Internet today are name-based or address-based, both of which are notoriously weak.)
Privacy/confidentiality: Ensuring that no one can read the message except the intended receiver.
Integrity: Assuring the receiver that the received message has not been altered in any way from the original.
“Integrity is doing the right thing, even when no one is watching.”
A cryptographic hash function is a kind of algorithm that can be run on a piece of data, like an individual file or a password, to produce a value called a checksum.
The main use of a cryptographic hash function is to verify the authenticity of a piece of data. Two files can be assured to be identical only if the checksums generated from each file, using the same cryptographic hash function, are identical.
Design of Hashing Algorithms
At the heart of a hashing is a mathematical function that operates on two fixed-size blocks of data to create a hash code. This hash function forms the part of the hashing algorithm.
The size of each data block varies depending on the algorithm. Typically the block sizes are from 128 bits to 512 bits. The following illustration demonstrates hash function −
Hashing algorithm involves rounds of above hash function like a block cipher. Each round takes an input of a fixed size, typically a combination of the most recent message block and the output of the last round.
This process is repeated for as many rounds as are required to hash the entire message. Schematic of hashing algorithm is depicted in the following illustration −
Since, the hash value of first message block becomes an input to the second hash operation, output of which alters the result of the third operation, and so on. This effect, known as an avalanche effect of hashing.
Avalanche effect results in substantially different hash values for two messages that differ by even a single bit of data.
Understand the difference between hash function and algorithm correctly. The hash function generates a hash code by operating on two blocks of fixed-length binary data.
Hashing algorithm is a process for using the hash function, specifying how the message will be broken up and how the results from previous message blocks are chained together.
Popular Hash Functions
Some of popular hash functions −
Message Digest (MD)
MD5 was most popular and widely used hash function for quite some years.
- The MD family comprises of hash functions MD2, MD4, MD5 and MD6. It was adopted as Internet Standard RFC 1321. It is a 128-bit hash function.
- MD5 digests have been widely used in the software world to provide assurance about integrity of transferred file. For example, file servers often provide a pre-computed MD5 checksum for the files, so that a user can compare the checksum of the downloaded file to it.
- In 2004, collisions were found in MD5. An analytical attack was reported to be successful only in an hour by using computer cluster. This collision attack resulted in compromised MD5 and hence it is no longer recommended for use.
MD5 for 12345: 827ccb0eea8a706c4c34a16891f84e7b
MD5 for 12@34$5: a4d3cc004f487b18b2ccd4853053818b
Secure Hash Function (SHA)
Family of SHA comprise of four SHA algorithms; SHA-0, SHA-1, SHA-2, and SHA-3. Though from same family, there are structurally different.
- The original version is SHA-0, a 160-bit hash function, was published by the National Institute of Standards and Technology (NIST) in 1993. It had few weaknesses and did not become very popular. Later in 1995, SHA-1 was designed to correct alleged weaknesses of SHA-0.
- SHA-1 is the most widely used of the existing SHA hash functions. It is employed in several widely used applications and protocols including Secure Socket Layer (SSL) security.
- In 2005, a method was found for uncovering collisions for SHA-1 within practical time frame making long-term employability of SHA-1 doubtful.
- SHA-2 family has four further SHA variants, SHA-224, SHA-256, SHA-384, and SHA-512 depending up on number of bits in their hash value. No successful attacks have yet been reported on SHA-2 hash function.
- Though SHA-2 is a strong hash function. Though significantly different, its basic design is still follows design of SHA-1. Hence, NIST called for new competitive hash function designs.
- In October 2012, the NIST chose the Keccak algorithm as the new SHA-3 standard. Keccak offers many benefits, such as efficient performance and good resistance for attacks.
SHA-1 cryptographic hash function:
The RIPEND is an acronym for RACE Integrity Primitives Evaluation Message Digest. This set of hash functions was designed by open research community and generally known as a family of European hash functions.
- The set includes RIPEND, RIPEMD-128, and RIPEMD-160. There also exist 256, and 320-bit versions of this algorithm.
- Original RIPEMD (128 bit) is based upon the design principles used in MD4 and found to provide questionable security. RIPEMD 128-bit version came as a quick fix replacement to overcome vulnerabilities on the original RIPEMD.
- RIPEMD-160 is an improved version and the most widely used version in the family. The 256 and 320-bit versions reduce the chance of accidental collision, but do not have higher levels of security as compared to RIPEMD-128 and RIPEMD-160 respectively.
This is a 512-bit hash function.
- It is derived from the modified version of Advanced Encryption Standard (AES). One of the designer was Vincent Rijmen, a co-creator of the AES.
- Three versions of Whirlpool have been released; namely WHIRLPOOL-0, WHIRLPOOL-T, and WHIRLPOOL.
The Problem of Collisions:-
A collision is when two different blobs of data produce the exact same hash. It’s extremely rare for this to happen, but they have been reported. As a result, some older hashing functions have been deemed unworthy to be used for secure applications.
Solution:- For instance, a function that creates a 256-bit hash (like SHA) will have fewer collisions than one that produces a 128-bit hash (like MD5) because there are more possible hash values when you have more bits.
Applications of Hash Functions
There are two direct applications of hash function based on its cryptographic properties.
Hash functions provide protection to password storage.
- Instead of storing password in clear, mostly all logon processes store the hash values of passwords in the file.
- The Password file consists of a table of pairs which are in the form (user id, h(P)).
- The process of logon is depicted in the following illustration −
- An intruder can only see the hashes of passwords, even if he accessed the password. He can neither logon using hash nor can he derive the password from hash value since hash function possesses the property of pre-image resistance.
Data Integrity Check
Data integrity check is a most common application of the hash functions. It is used to generate the checksums on data files. This application provides assurance to the user about the correctness of the data.
The process is depicted in the following illustration −
The integrity check helps the user to detect any changes made to original file. It however, does not provide any assurance about originality. The attacker, instead of modifying file data, can change the entire file and compute all together new hash and send to the receiver. This integrity check application is useful only if the user is sure about the originality of file.
Non-repudiation: A mechanism to prove that the sender really sent this message.
Nonrepudiation is a way to guarantee that the sender of a message cannot later deny having sent the message and that the recipient cannot deny having received the message.
Nonrepudiation can be obtained through the use of:
- digital signatures— function as a unique identifier for an individual, much like a written signature.
The creation of a digital signature is a complex mathematical process that can only be created by a computer.
Consider a scenario where Alice has to digitally sign a file or an email and send it to Bob.
- Alice selects the file to be digitally signed or clicks on ‘sign’ in her email application
- The hash value of the file content or the message is calculated by Alice’s computer
- This hash value is encrypted with Alice’s Signing Key (which is a Private Key) to create the Digital Signature.
- Now, the original file or email message along with its Digital Signature are sent to Bob.
- After Bob receives the signed message, the associated application (such as email application) identifies that the message has been signed. Bob’s computer then proceeds to:
- Decrypt the Digital Signature using Alice’s Public Key
- Calculate the hash of the original message
- Compare the (a) hash it has computed from the received message with the (b) decrypted hash received with Alice’s message.
- Any difference in the hash values would reveal tampering of the message.
- confirmation services — the message transfer agent can create digital receipts to indicated that messages were sent and/or received.
- timestamps — timestamps contain the date and time a document was composed and proves that a document existed at a certain time.
ISO/IEC 20008-2:2013 specifies anonymous digital signature mechanisms, in which a verifier makes use of a group public key to verify a digital signature.
- a general description of an anonymous digital signature mechanism using a group public key;
- a variety of mechanisms that provide such anonymous digital signatures.
For each mechanism, ISO/IEC 20008-2:2013 specifies
- the process for generating group member signature keys and a group public key;
- the process for producing signatures;
- the process for verifying signatures;
- the process for opening signatures (if the mechanism supports opening);
- the process for linking signatures (if the mechanism supports linking);
- the process for revoking group members.
Architecture of cryptography
Types of Cryptography
Secret Key Cryptography • Single key used to encrypt and decrypt. • Key must be known by both parties. • Assuming we live in a hostile environment (otherwise – why the need for cryptography?), it may be hard to share a secret key.
Public Key Cryptography One of the keys allocated to each person is called the “public key”, and is published in an open directory somewhere where anyone can easily look it up, for example by email address. • Each entity has 2 keys: – Private Key (A secret) – Public key (well known).
Using Keys • Private keys are used for decrypting. • Public keys are used for encrypting.
The basic intention of an attacker is to break a cryptosystem and to find the plaintext from the ciphertext. To obtain the plaintext, the attacker only needs to find out the secret decryption key, as the algorithm is already in public domain.
Hence, he applies maximum effort towards finding out the secret key used in the cryptosystem. Once the attacker is able to determine the key, the attacked system is considered as broken or compromised.
Based on the methodology used, attacks on cryptosystems are categorized as follows −
- Ciphertext Only Attacks (COA) − In this method, the attacker has access to a set of ciphertext(s). He does not have access to corresponding plaintext. COA is said to be successful when the corresponding plaintext can be determined from a given set of ciphertext. Occasionally, the encryption key can be determined from this attack. Modern cryptosystems are guarded against ciphertext-only attacks.
- Known Plaintext Attack (KPA) − In this method, the attacker knows the plaintext for some parts of the ciphertext. The task is to decrypt the rest of the ciphertext using this information. This may be done by determining the key or via some other method. The best example of this attack is linear cryptanalysis against block ciphers.
- Chosen Plaintext Attack (CPA) − In this method, the attacker has the text of his choice encrypted. So he has the ciphertext-plaintext pair of his choice. This simplifies his task of determining the encryption key. An example of this attack is differential cryptanalysis applied against block ciphers as well as hash functions. A popular public key cryptosystem, RSA is also vulnerable to chosen-plaintext attacks.
- Dictionary Attack − This attack has many variants, all of which involve compiling a ‘dictionary’. In simplest method of this attack, attacker builds a dictionary of ciphertexts and corresponding plaintexts that he has learnt over a period of time. In future, when an attacker gets the ciphertext, he refers the dictionary to find the corresponding plaintext.
- Brute Force Attack (BFA) − In this method, the attacker tries to determine the key by attempting all possible keys. If the key is 8 bits long, then the number of possible keys is 28 = 256. The attacker knows the ciphertext and the algorithm, now he attempts all the 256 keys one by one for decryption. The time to complete the attack would be very high if the key is long.
- Birthday Attack − This attack is a variant of brute-force technique. It is used against the cryptographic hash function. When students in a class are asked about their birthdays, the answer is one of the possible 365 dates. Let us assume the first student’s birthdate is 3rd Aug. Then to find the next student whose birthdate is 3rd Aug, we need to enquire 1.25*√365 ≈ 25 students.Similarly, if the hash function produces 64 bit hash values, the possible hash values are 1.8×1019. By repeatedly evaluating the function for different inputs, the same output is expected to be obtained after about 5.1×109 random inputs.If the attacker is able to find two different inputs that give the same hash value, it is a collision and that hash function is said to be broken.
- Man in Middle Attack (MIM) − The targets of this attack are mostly public key cryptosystems where key exchange is involved before communication takes place.
- Host A wants to communicate to host B, hence requests public key of B.
- An attacker intercepts this request and sends his public key instead.
- Thus, whatever host A sends to host B, the attacker is able to read.
- In order to maintain communication, the attacker re-encrypts the data after reading with his public key and sends to B.
- The attacker sends his public key as A’s public key so that Btakes it as if it is taking it from A.
- Side Channel Attack (SCA) − This type of attack is not against any particular type of cryptosystem or algorithm. Instead, it is launched to exploit the weakness in physical implementation of the cryptosystem.
- Timing Attacks − They exploit the fact that different computations take different times to compute on processor. By measuring such timings, it is be possible to know about a particular computation the processor is carrying out. For example, if the encryption takes a longer time, it indicates that the secret key is long.
- Power Analysis Attacks − These attacks are similar to timing attacks except that the amount of power consumption is used to obtain information about the nature of the underlying computations.
- Fault analysis Attacks − In these attacks, errors are induced in the cryptosystem and the attacker studies the resulting output for useful information.
Source /Refrence :-