Contents

P1 Examine mathematic algorithms and their use in cryptography......................................................1

P2 Explain, with the use of examples, the operation of stream cipher and block cipher......................1
What Is a Block Cipher?.............................................................................................................1
What Is a Stream Cipher?..........................................................................................................5
P3 Discuss common public key cryptographic methods and their uses.................................................6
Public Key Cryptography............................................................................................................6
RSA Cryptosystem.......................................................................................................................8
Generation of RSA Key Pair...................................................................................................8
Example......................................................................................................................................8
P4 Explain by the use of examples public key exchange and digital signatures, and their
implementation issues..........................................................................................................................9
P5 Discuss the common attacks on public key encryption schemes......................................................9
P6 Explain, with examples, provable security in signature schemes and encryption schemes............10
P7 Examine, by the use of examples, secret sharing schemes.............................................................11

P1 Examine mathematic algorithms and their use in

cryptography.
There are a number of key Mathematical Algorithms that serve as the
crux for Asymmetric Cryptography, and of course, use widely differing
Mathematical Algorithms than the ones used with Symmetric
Cryptography. The Mathematical Algorithms used in Asymmetric
Cryptography include the following:

1. The RSA Algorithm

2. The Diffie-Hellman Algorithm
3. The Elliptical Wave Theory Algorithm
P2 Explain, with the use of examples, the operation of stream
cipher and block cipher.
What Is a Block Cipher?
As the name would imply, a block cipher is one that allows you to use a key to encrypt
data in big ol’ groups (blocks) of a pre-determined size (such as 128 bits, 256 bits, etc.).
So, what this does is allow you to encrypt all the data in a block as a single unit. For
example, let’s say you have the message: “For the Alliance.” (Don’t hate, Horde fans.
Your time will come.)

If you want to encrypt that using a block cipher, the plaintext message would be broken
down into smaller blocks of binary. So, “For the Alliance” would look something like this:

0100011001101111011100100010000001110100011010000110010100100000010000
010110110001101100011010010110000101101110011000110110010100101110

Now, if we break these 136 binary digits into blocks of, say, 4 digits, it divides nicely
because 4 goes into 136 a total of 32 times. The blocks would look something like this:

But what do you do if the there isn’t enough data to form a complete block? Like, say, if
you had 138 binary digits instead of 136 (meaning you’d have an incomplete last data
block)? Then what you can do is add padding (this could be a set number of 0s) to the
end of the block to ensure the block is that fixed size.
 A basic
diagram that showcases how a block cipher works.

Block cipher example: This simplified version of a block cipher illustrates how block
ciphers work overall. It’s similar in design to how the ECB mode of operation works,
which you’ll learn more about a little later in this article.

Depending on the mode of operation you use (we’ll explain that more shortly), the blocks
are then “chained” together, which enables the blocks to be connected sequentially. In
some cases, block ciphers can operate as stream ciphers based on their modes of
operation. This is because they take on certain properties due to those modes, which
we’ll discuss later in the article.  
A basic block cipher that uses a chaining operation (illustrated with the orange
connecting arrows). In this case, this is akin to a simplified example of a CBC block
cipher mode of operation. Yes, I know, this illustration is lacking the initialization vector
and XORing. But, again, this is supposed to be a simplified version that just intends to
showcase the chaining of one data block to the next.

But what are the advantages of using block encryption algorithms?

 Block ciphers are difficult to mess with  in terms of inserting symbols.
 They’re highly analyzed and studied by cryptographers, which means that people
smarter than you and me have attempted to break them.

So, what are some examples of some common block ciphers?

Examples of Block Ciphers

 Data Encryption Standard (DES),
 Triple DES (3DES or TDEA),
 Advanced Encryption Standard (AES),
 International Data Encryption Algorithm (IDEA),
 Blowfish,
 Twofish, and
 RC5

If AES sounds familiar, there’s a good reason. It’s actually the most commonly used type
of block cipher. You’ll find AES encryption used in everything from securing SSL/TLS
internet connections to government data. For example, the National Security Agency
(NSA) relies on AES encryption to secure its data that’s categorized as up to top secret.
Because block ciphers are the most commonly used and studied ciphers, they’re our
main focus for this article. But let’s take some time to explore stream ciphers as well to
help you familiarize yourself with what they are, how they work, and how they differ from
block ciphers.

Manage Digital Certificates like a Boss

14 Certificate Management Best Practices to keep your organization running, secure
and fully-compliant.

Download the Checklist

What Is a Stream Cipher?

A stream cipher is a cipher that encrypts (and decrypts) with the flow — the data flow,
that is. Unlike block ciphers, which require the formation of blocks prior to encryption,
stream ciphers encrypt data in long, pseudorandom streams. Basically, this means you
can process one bit of data at a time instead of waiting for a data block to form.

In their book “Domain Specific High-Level Synthesis for Cryptographic Workloads,”

Ayesha Khalid, Goutam Paul and Anupam Chattopadhyay describe stream ciphers as
finite state machines, or FSMs, and stateful ciphers. The reason for the first description
(FSM) is because these ciphers take in plaintext bits of data one by one and spit out
ciphertext symbols in the same way. The reason they’re also called stateful ciphers is
because they rely on their internal state for their keystream functions.

But did you know there are actually two types of stream ciphers?

1. Synchronous stream ciphers (aka key auto-key, or KAK) — These types of

ciphers generate keystreams independently of any previous plaintext or
ciphertexts.
2. Self-synchronizing stream ciphers (aka asynchronous stream ciphers,
ciphertext autokey or CTAK) — These ciphers, on the other hand, rely on
previous ciphertext bits to generate keystreams.

How Stream Ciphers Work

So, how does a stream cipher actually work in a more technical sense? As mentioned
earlier, a stream cipher encrypts data one bit at a time instead of in blocks. But a key
part of this process is generating a stream of pseudorandom bits based on an encryption
key and a seed, aka a nonce (a unique randomly generated number — “nonce” =
number-only-used-once). Together, they create a keystream (that stream of
pseudorandom bits we just mentioned) that gets XORed with your plaintext input, which
encrypts it and results in your ciphertext output.

This rinse-and-repeat process happens over and over again with each bit of plaintext
data. However, it’s important to not use the same exact key-nonce combination again
because it can result in a duplicate keystream.

Feeling a bit confused? Here’s a visual of the process to provide a little clarity:
 Stream
cipher example: This is a basic illustration to showcase the basic operations of a stream cipher.

To better understand this, let’s walk through an example. Let’s consider an alternative
phrase to the example we used earlier: “For the Horde!” (See? I haven’t forgotten you
guys.) The binary version of this plaintext message would look like this:

0100011001101111011100100010000001110100011010000110010100100000010010
000110111101110010011001000110010100100001

So, if we use a stream cipher to encrypt the message, we’ll do so one bit at a time. So,
the plaintext data would be broken down into individual bits

P3 Discuss common public key cryptographic methods and

their uses.

Public Key Cryptography

Unlike symmetric key cryptography, we do not find historical use of public-key
cryptography. It is a relatively new concept.
Symmetric cryptography was well suited for organizations such as governments,
military, and big financial corporations were involved in the classified
communication.
With the spread of more unsecure computer networks in last few decades, a
genuine need was felt to use cryptography at larger scale. The symmetric key was
found to be non-practical due to challenges it faced for key management. This gave
rise to the public key cryptosystems.
The process of encryption and decryption is depicted in the following illustration −

The most important properties of public key encryption scheme are −

 Different keys are used for encryption and decryption. This is a property
which set this scheme different than symmetric encryption scheme.
 Each receiver possesses a unique decryption key, generally referred to as his
private key.
 Receiver needs to publish an encryption key, referred to as his public key.
 Some assurance of the authenticity of a public key is needed in this scheme
to avoid spoofing by adversary as the receiver. Generally, this type of
cryptosystem involves trusted third party which certifies that a particular
public key belongs to a specific person or entity only.
 Encryption algorithm is complex enough to prohibit attacker from deducing
the plaintext from the ciphertext and the encryption (public) key.
 Though private and public keys are related mathematically, it is not be
feasible to calculate the private key from the public key. In fact, intelligent
part of any public-key cryptosystem is in designing a relationship between
two keys.
There are three types of Public Key Encryption schemes. We discuss them in
following sections −

RSA Cryptosystem
This cryptosystem is one the initial system. It remains most employed cryptosystem
even today. The system was invented by three scholars Ron Rivest, Adi
Shamir, and Len Adleman and hence, it is termed as RSA cryptosystem.
We will see two aspects of the RSA cryptosystem, firstly generation of key pair and
secondly encryption-decryption algorithms.
Generation of RSA Key Pair
Each person or a party who desires to participate in communication using
encryption needs to generate a pair of keys, namely public key and private key. The
process followed in the generation of keys is described below −
 Generate the RSA modulus (n)
o Select two large primes, p and q.
o Calculate n=p*q. For strong unbreakable encryption, let n be a large
number, typically a minimum of 512 bits.
 Find Derived Number (e)
o Number e must be greater than 1 and less than (p − 1)(q − 1).
o There must be no common factor for e and (p − 1)(q − 1) except for 1.
In other words two numbers e and (p – 1)(q – 1) are coprime.
 Form the public key
o The pair of numbers (n, e) form the RSA public key and is made
public.
o Interestingly, though n is part of the public key, difficulty in factorizing a
large prime number ensures that attacker cannot find in finite time the
two primes (p & q) used to obtain n. This is strength of RSA.
 Generate the private key
o Private Key d is calculated from p, q, and e. For given n and e, there is
unique number d.
o Number d is the inverse of e modulo (p - 1)(q – 1). This means that d is
the number less than (p - 1)(q - 1) such that when multiplied by e, it is
equal to 1 modulo (p - 1)(q - 1).
o This relationship is written mathematically as follows −
ed = 1 mod (p − 1)(q − 1)
The Extended Euclidean Algorithm takes p, q, and e as input and gives d as output.
Example
An example of generating RSA Key pair is given below. (For ease of understanding,
the primes p & q taken here are small values. Practically, these values are very
high).
  Let two primes be p = 7 and q = 13. Thus, modulus n = pq = 7 x 13 = 91.
 Select e = 5, which is a valid choice since there is no number that is common
factor of 5 and (p − 1)(q − 1) = 6 × 12 = 72, except for 1.
 The pair of numbers (n, e) = (91, 5) forms the public key and can be made
available to anyone whom we wish to be able to send us encrypted
messages.
 Input p = 7, q = 13, and e = 5 to the Extended Euclidean Algorithm. The
output will be d = 29.

P4 Explain by the use of examples public key exchange and

digital signatures, and their implementation issues.

Digital signatures:
Simply, digital signatures are a way to validate the
authenticity and integrity of any data. To create a digital
signature, the signing software creates a one-way hash of the
data to be signed. The private key is then used to encrypt the
hash. This encrypted hash, plus other information like the
hashing algorithm used, is the digital signature.

Public key cryptography with digital signatures:

A digital signature with public-key cryptography securing a
message is created in the following way. First, the message is
digitally signed like explained above. Then, this bundle is
encrypted with the sender’s private key, and again with the
receiver’s public key
P5 Discuss the common attacks on public key encryption
schemes.

The biggest obstacle in successfully deploying a symmetric-key algorithm is the necessity for

a proper exchange of private keys. This transaction must be completed in a secure manner. In

the past, this would often have to be done through some type of faceto-face meeting, which

proves quite impractical in many circumstances when taking distance and time into account.

If one assumes that security is a risk to begin with due to the desire for a secret exchange of

data in the first place, the exchange of keys becomes further complicated [5]. Another

problem concerns the compromise of a private key. [5] In symmetrickey cryptography, every

participant has an identical private key. As the number of participants in a transaction

increases, both the risk of compromise and the consequences of such a compromise increase

dramatically. Each additional user adds another potential point of weakness that an attacker

could take advantage of. If such an attacker succeeds in gaining control of just one of the

private keys in this world, every user, whether there are hundreds of users or only a few, is

completely compromised.

P6 Explain, with examples, provable security in signature

schemes and encryption schemes.

Proofs of Security The last step in the provable security paradigm is to prove that the concrete

construction we are analyzing meets the security definition. As an example, we give a proof

that a simple Page 10 CS 2950-v (F’16) Encrypted Search Seny Kamara Let F : {0, 1} k × {0,

1} ` → {0, 1} ` be a pseudo-random function. Consider the secret-key encryption scheme

SKE = (Gen, Enc, Dec) defined as follows: • Gen(1k ): sample and output K $← {0, 1} k ; •

Enc(K, m): sample r $← {0, 1} k and output ct := hr, FK(r) ⊕ mi; • Dec(K, ct): parse ct as

hct1, ct2i and output m := FK(ct1) ⊕ ct2.

P7 Examine, by the use of examples, secret sharing schemes.

Secret sharing schemes should be designed as follows: The first step is to consider a secret
space to construct a secret sharing scheme. A secret space consists of the set of participants
and a dealer. The dealer has a secret and distributes shares of the secret to each participant.
Because if some of the shares of the secret are lost or stolen invalidated, the remaining shares
can be modified in a way that the invalid shares cannot be used [3]. In [6] presented two
practical secret sharing schemes based on group presentations and the word problem. Their
schemes are designed as follows: The dealer and participants initially are able to
communicate over secure channels, but afterwards they communicate over open channels.
They first consider the special case where t = n. They propose a scheme in which all
participants are needed to recover the secret. Then they propose a hybrid scheme that
combines Shamir’s Scheme and the idea of the (n,n)-threshold scheme. The theory of rings is
a branch of modern algebra [7]. In this work, we mention the rings, polynomials and residue
class ring. Then, we construct a secret sharing scheme based on residue class ring using the
structures of this ring.