Cryptography
1) Secret Key establishment
2) Secure Communication: once secure key has been established , the idea is to use that secure key to do secure communication.
Secure key is established and that is used to do secure communication and that secure communication will maintain both confidentiality so that an attacker can not read it and it will maintain integrity so that an attacker can not tamper the data exchanges.
Applications of Crypto:
- Digital signatures : In real world our signatures are same for everything we sign.But in digital world if digital signature are same for every document we sign,attacker can copy those signatures and may sign the document which we did not want to sign. So it can not be same for all the documents and thats the reason digital signatures are constructed in a way so that they are the function of the content of the document which is getting signed.
- HTTPs secures web communications
- WPA2(802.11i) standard protects WiFi communication.
- Different Cryptography methods are used to protect bluetooth communication.
HTTPs
------------
secure communication in HTTPs is achieved through a protocol called SSL/TLS.
Secure Socket Layer/TLS has 2 parts:
handshake protocol :- This helps in deriving secure key using public key Cryptography.
Record Layer : Transmit data using shared secret key , eases authentication and confidentiality.
2. What is a good cipher?
Cypher text(CT) should not reveal any information about the plain text(PT). before we write the actual definition,I would like add some of the acronyms:
E : Encryption
D : Decryption
m : Message text
C :Cipher text
K : Key
Pr : Probability
Pr : Probability
A cipher is defined over a triple of a set (K,M,C) where K is key space ,M is a message space and C is cipher space. A cipher is defined as pair of efficient algorithms E and D where E stands for encryption and D stands for decryption and only property E and D need to satisfy is that D is a opposite of E. i.e
D(E(m,k),k) = m
- examples of weak ciphers are substitution ciphers and vignette cipher.
- One example of a good cipher is OTP(One Time Pad)
OTP is defined as : M=C=K = pow({0..1},n) where message space M, cipher test space C and key space K are all n bit strings. and encryption is computed by XORing message m with key k.
E(m,k) = m XOR k
A cipher (E,D) over (K,M,C) has a perfect secrecy if for all messages m0, m1 of equal length which belongs to set M and for all c which belongs to cipher text set C:
3. Stream Ciphers
One Time Pad is difficult to use since key needs to be as long as message to have perfect accuracy. So stream ciphers replace long key with pseudo random key. Pseudo random key is generated using Pseudo Random Generators called PRG
Stream ciphers are ciphers which use pseudo random key for encryption. In order to understand stream ciphers, Lets first understand the concept of PRG (Pseudo Random Generator ).
PRG is a function lets call it G which takes a "s" bit seed as an input and maps it to a much larger number say "n" bit seed where n is much much larger the s . i.e. n >> s . Also another requirement is function G should be efficiently computable by a deterministic algorithm.
To build a stream cipher using a PRG : short key would be key k . and then PRG will generate G(k)
k ==> G(k)
We will encrypt a message with G(k) as follows:
c= E(m ,k)= m XOR G(k)
m = D(c,k) = c XOR k
Does stream cipher has perfect secrecy?
No, its not . Since key length < message length.
To build a stream cipher using a PRG : short key would be key k . and then PRG will generate G(k)
k ==> G(k)
We will encrypt a message with G(k) as follows:
c= E(m ,k)= m XOR G(k)
m = D(c,k) = c XOR k
Does stream cipher has perfect secrecy?
No, its not . Since key length < message length.
