INTRODUCTION

TO
CRYPTOGRAPHY
Cybersecurity

This Photo by Unknown author is licensed under CC BY.

What we'll be covering in this lesson;
• Introduction To Cryptography
• History And Evolution Of Cryptography – Videoscope
• Fundamentals Of Cryptography
• Encryption And Types Of Encryption
• Digital Signature
• Roles Of Cryptography In Securing Communication And Data.
Introduction To Cryptography
• Cryptography is the science and practice of securing communication and information through the
use of mathematical techniques and algorithms.
• It involves the transformation of plaintext (readable data) into ciphertext (unreadable data) using
encryption methods, and the reverse process, decryption, to restore the original information.
• The fundamental aim of cryptography is to provide confidentiality, integrity, authentication, and
non-repudiation to data and communication
History And Evolution Of Cryptography
• Video Here
Fundamentals of cryptography
• Plaintext: refers to the original and human-readable data or message
that is intended to be kept confidential or secure. It's the information
that a sender wants to transmit securely to a recipient.
• Ciphertext: is the result of applying an encryption algorithm to the
plaintext. It is the transformed and unreadable form of the original data.
Ciphertext is what is actually transmitted over insecure channels or
stored in an encrypted form to prevent unauthorized access.
• Key: is a piece of information (a string of bits) used by an encryption
algorithm to transform plaintext into ciphertext (encryption) or to revert
ciphertext back to plaintext (decryption). Keys are essential for the
security of cryptographic systems
Fundamentals of cryptography
• Algorithm: is a step-by-step set of instructions or rules that dictate how
a cryptographic system processes data. It specifies the mathematical
operations used for encryption and decryption. The strength of a
cryptographic system often relies on the complexity and security of its
algorithm

• Hash Function: is a mathematical function that takes an input (or

'message') and produces a fixed-size string of characters, which is
typically a hash value or digest. The output is unique to the input, and
even a small change in the input should result in a significantly different
hash. Hash functions are used for data integrity verification and digital
signatures in various cryptographic applications.
Encryption
Encrption is the process of converting plaintext into ciphertext using an
algorithm and a secret key. The purpose of encryption is to ensure that
even if an unauthorized entity intercepts the data, they cannot
comprehend or make sense of it without the appropriate decryption key.

Process of Encryption:
• Algorithm: Encryption involves the use of a mathematical algorithm that
transforms the plaintext into ciphertext. The algorithm dictates how the
transformation occurs.

• Key: A secret key is used as a parameter for the encryption algorithm.

The key is known only to the entities involved in the communication
Decryption
Decryption: is the reverse process of encryption. It involves converting
ciphertext back into plaintext using a decryption algorithm and the secret
key. The decryption process ensures that the intended recipient can
retrieve and understand the original message.

Process of decryption:
• Algorithm: The decryption algorithm is the mathematical inverse of the
encryption algorithm. It transforms the ciphertext back into plaintext.

• Key: The same secret key used for encryption is used for decryption.
Both the sender and the recipient must possess the key for successful
communication.
Encryption & Decryption Process
Types Of Encryption
• Symmetric encryption is a cryptographic method where the same key is
used for both encryption and decryption of the data.

• The communicating parties share a secret key that must be kept

confidential to maintain the security of the system.

• The primary goal of symmetric encryption is to ensure the

confidentiality and integrity of the transmitted or stored data.
Key Features Of
Symmetric Encryption
• Single Key: Uses a single, shared secret key for both encryption and
decryption.

• Efficiency: Generally faster and computationally more efficient than

asymmetric encryption.

• Use Cases: Commonly employed for securing bulk data, such as file
encryption and secure communication within a closed environment.

• Challenge: Key distribution can be a challenge, especially in large networks

• Common Algorithm: Advanced Encryption Standard (AES), Data Encryption

Standard (DES), Triple DES (3DES).
Process Of Symmetric Encryption
Types Of Encryption : Asymmetric
Encryption (Public-
Key Cryptography)
• Asymmetric encryption, or public-key cryptography, utilizes a pair of
mathematically related keys—a public key and a private key.

• The public key is used for encryption, and the private key is used for
decryption.

• The strength of asymmetric encryption lies in its ability to facilitate

secure communication and key exchange without the need for a pre-
shared secret key.
Key Features Of Assymetric
Encryption
• Key Pairs: Involves a pair of keys – a public key and a private key – that are
mathematically linked.
• Encryption: The public key is used to encrypt data, and only the
corresponding private key can decrypt it.
• Digital Signatures: Enables the creation and verification of digital signatures,
enhancing data integrity and authentication.
• Key Distribution: Solves the challenge of secure key distribution inherent in
symmetric encryption.
• Computational Complexity: Generally, more computationally intensive than
symmetric encryption.
• Use Cases: Commonly used for secure key exchange, digital signatures, and
securing communication over open networks, such as the internet.
• Common algorithm : Elliptic Curve Cryptography (ECC), RSA (Rivest-Shamir-
Adleman), Diffie-Hellman Key Exchange
Process Of
Assymetric
Encryption
Real World Application Of
Encryption
• Messaging Apps: Popular messaging apps like WhatsApp, Signal, and Telegram use end-
to-end encryption to protect user communications from unauthorized access.

• Secure Email Services: Services such as ProtonMail and Tutanota offer encrypted email
communication, where emails are encrypted on the user's device before transmission,
ensuring privacy.

• Virtual Private Networks (VPNs): VPNs encrypt internet traffic between a user's device
and the VPN server, safeguarding sensitive information from interception. Examples
include ExpressVPN, NordVPN, and CyberGhost.

• Secure Cloud Storage: Cloud storage services like Dropbox, Google Drive, and OneDrive
offer encryption features to protect files stored on their servers, ensuring data
confidentiality.
• File Encryption Software: Tools like VeraCrypt, BitLocker, and GNU Privacy Guard (GPG) allow users to
encrypt individual files or directories, adding an extra layer of security to sensitive data.
Real World Application Of
Encryption
• SSL/TLS for Secure Web Browsing: Secure Socket Layer (SSL) and Transport Layer Security (TLS)
protocols encrypt data exchanged between a web browser and a server, ensuring secure online
transactions and communications.

• Full Disk Encryption: Operating systems like Windows, macOS, and Linux offer built-in encryption
features to encrypt the entire disk or specific partitions, protecting data stored on the device from
unauthorized access.

• Digital Payments: Payment services like Apple Pay, Google Pay, and credit card transactions often use
encryption to secure financial information during transactions, safeguarding sensitive data from
interception.

• Secure Messaging and Collaboration Platforms: Platforms such as Slack, Microsoft Teams, and Zoom
offer encryption features to protect messaging, file sharing, and video conferencing sessions, ensuring
confidentiality.
• Online Banking: Banking websites and mobile apps use encryption to secure user login credentials,
financial transactions, and personal information, preventing unauthorized access and fraud.
Digital Signature
• A digital signature is a cryptographic technique used to verify the
authenticity and integrity of a digital message, document, or transaction.

• It serves as a digital counterpart to a handwritten signature or a stamped

seal but provides a higher level of security and trust in the digital realm.
Digital Signature Process
Key components & breakdown
of how digital signature works
• Key pair: a digital signature involves the use of a pair of cryptographic
keys: a private key and a public key. The private key is known only to the
entity generating the signature, while the public key is shared openly.
• Signing process: to create a digital signature, the sender (signer) uses
their private key to apply a mathematical algorithm to the content they
want to sign. This process generates a unique digital signature specific to
both the content and the private key. This process typically involves
hashing the document content to generate a fixed-size digest, which is
then encrypted using the sender's private key.
• Verification process: anyone with access to the signed content and the
public key of the signer can verify the digital signature. The recipient or
verifier applies a corresponding algorithm using the public key to the
received signature. If the result matches the computed hash of the
original content, it confirms the authenticity and integrity of the
message.
Importance of digital signature
in achieving cybersecurity
• Authentication : The use of digital signatures ensures the authenticity of
the sender or creator of a message or document. As the private key is
known only to the legitimate owner, successfully verifying the digital
signature provides confidence in the origin of the content.
• Non-repudiation : Digital signatures offer non-repudiation, meaning the
signer cannot later deny their involvement or claim that the signature
was forged. The private key is a unique identifier tied to the individual or
entity, and the act of signing is a deliberate and non-repudiable action.
• Integrity: Any alteration to the signed content, even a minor one, will
result in a completely different digital signature. This property ensures
the integrity of the message, as any tampering or modification will be
immediately evident during the verification process
Roles of cryptography in
securing communication & data
• Confidentiality:
• Encryption: Cryptography employs encryption algorithms to encode
sensitive information during transmission or storage. This ensures that
even if unauthorized individuals intercept the data, they cannot
understand or interpret it without the proper decryption key.

• Integrity:
• Hash Functions: Cryptographic hash functions are used to generate
fixed-size hash values (digests) unique to the input data. By comparing
hash values before and after transmission, one can verify the integrity of
the data. Any alteration to the data will result in a different hash value.
Roles of cryptography in
securing communication & data
• Authentication:
• Digital Signatures: Cryptography provides a means of authenticating the origin and
integrity of a message or document. Digital signatures, created using asymmetric key
pairs, allow the recipient to verify that the sender is genuine and that the content has
not been tampered with.

• Non-repudiation:
• Digital Signatures (Continued): In addition to authentication, digital signatures provide
nonrepudiation, meaning that the sender cannot deny sending the message. The
recipient can prove both the origin and the integrity of the received data
• Key Exchange:
• Secure Key Exchange: Cryptography facilitates secure key exchange mechanisms,
allowing parties to establish secret keys for encrypted communication. The exchange is
conducted in such a way that even if intercepted, it would be computationally infeasible
for an attacker to derive the secret key