6/15/2022 CRYPTOGRAPHY

UNIT # 23 ASSIGNMENT

MUHAMMAD AZLAN KHAN KHALIL

SEMESTER 3
 ~1~

CONTENTS
Table of Figures.........................................................................................................................................................4
P1: Examine mathematic algorithms and their use in cryptography......................................................................5
Cryptography.............................................................................................................................................................5
Crypt-Analysis...........................................................................................................................................................5
Mathematical Algorithms in Cryptography...............................................................................................................5
1. Asymmetric Encryption............................................................................................................................5
2. Symmetric Encryption..............................................................................................................................5
3. Hash Functions..........................................................................................................................................6
P2: Explain, with the use of examples, the operation of stream cipher and block cipher.....................................7
Block Cipher..............................................................................................................................................................7
Block Cipher Examples.........................................................................................................................................7
Stream Cipher............................................................................................................................................................8
Stream Cipher Examples.......................................................................................................................................9
M1: Compare the operational differences between stream cipher and block cipher...........................................10
Stream Cipher..........................................................................................................................................................10
Types of Stream Ciphers:....................................................................................................................................10
Block Cipher............................................................................................................................................................10
Difference.................................................................................................................................................................11
M2: Analyze issues with symmetric key distribution and how they are solved by hash functions and message
authentication codes....................................................................................................................................................12
The Key Exchange Problem:...................................................................................................................................12
The Trust Issue:........................................................................................................................................................12
Hash Functions.........................................................................................................................................................12
Properties of Cryptographic hash functions........................................................................................................13
Message Authentication Code (MAC):....................................................................................................................13
P3: Discuss common public key cryptographic methods and their uses...............................................................14
RSA Algorithm........................................................................................................................................................14
Advantages..........................................................................................................................................................14
Disadvantages......................................................................................................................................................14
Uses.....................................................................................................................................................................14
Diffie-Hellman Algorithm.......................................................................................................................................14
Advantages..........................................................................................................................................................15
Disadvantages......................................................................................................................................................15

Cryptography TMUC AZLAN KHAN

 ~2~

Uses.....................................................................................................................................................................15
Elliptical Wave Theory Algorithm...........................................................................................................................15
Advantages..........................................................................................................................................................15
Disadvantages......................................................................................................................................................15
Uses.....................................................................................................................................................................16
P4: Explain by the use of examples public key exchange and digital signatures, and their implementation
issues.............................................................................................................................................................................17
Public Key Exchange...............................................................................................................................................17
Example...............................................................................................................................................................17
Digital Signature......................................................................................................................................................18
Example...............................................................................................................................................................18
Implementation Issues..............................................................................................................................................19
M3: Analyze, with examples, the Public Key Infrastructure (PKI).......................................................................19
PKI (Public Key Infrastructure)...............................................................................................................................19
D1: Evaluate the improvement introduced by AES compared to DES and 3DES encryption standards and
public key and private key encryption......................................................................................................................20
DES (Data Encryption Standard).............................................................................................................................20
3DES (Triple Data Encryption Standard)................................................................................................................20
AES (Advanced Encryption Standard)....................................................................................................................21
Improvements in AES compared to DES and 3DES...............................................................................................21
Public and Private Key Encryption..........................................................................................................................23
P5: Discuss the common attacks on public key encryption schemes......................................................................24
WIENER'S Attack on RSA......................................................................................................................................24
Lattice-based Attacks on RSA.................................................................................................................................25
Partial Key Exposure Attacks..................................................................................................................................26
Meet-in-the-Middle attack.......................................................................................................................................26
Brute-Force Attack...................................................................................................................................................27
Fault Analysis..........................................................................................................................................................27
P6: Explain, with examples, provable security in signature schemes and encryption schemes..........................28
Signature Schemes & Encryption Schemes.............................................................................................................28
M4: Critically analyze the security of hybrid ciphers and the construction of Key Encapsulation Mechanisms
(KEMs).........................................................................................................................................................................29
Hybrid Ciphers.........................................................................................................................................................29
Key Encapsulation Mechanism (KEMS).................................................................................................................30
D2: Evaluate different definitions of provable security..........................................................................................32
Provable Security.....................................................................................................................................................32

Cryptography TMUC AZLAN KHAN

 ~3~

P7: Examine, by the use of examples, secret sharing schemes................................................................................34

Secret Sharing Schemes...........................................................................................................................................34
General Secret Sharing........................................................................................................................................34
Reed-Solomon Codes..........................................................................................................................................34
Shamir Secret Sharing Scheme...........................................................................................................................35
P8: Evaluate secure multi-party computation using the two-party and multi-party cases.................................36
Multi-party Computation.........................................................................................................................................36
M5: Analyze the implementation of public key cryptography in electronic voting systems...............................37
Public Key Cryptography in Electronic Voting System..........................................................................................37
1. System Access Control Process..............................................................................................................37
2. Voting Process........................................................................................................................................39
3. Collecting Data Process..........................................................................................................................40
D3: Critically evaluate the access structures for secret sharing schemes..............................................................42
References.....................................................................................................................................................................43

Cryptography TMUC AZLAN KHAN

 ~4~

TABLE OF FIGURES

Figure 1 Block Cipher.....................................................................................................................................................8

Figure 2 Stream Cipher...................................................................................................................................................9
Figure 3 Public Key Encryption...................................................................................................................................17
Figure 4 Digital Signature.............................................................................................................................................18
Figure 5 Difference between AES, DES, 3DES...........................................................................................................22
Figure 6 Private Key & Public Key..............................................................................................................................23
Figure 7 Wiener's theorem............................................................................................................................................25
Figure 8 Hybrid Cipher 1..............................................................................................................................................29
Figure 9 Hybrid Cipher 2..............................................................................................................................................30
Figure 10 KEM.............................................................................................................................................................31
Figure 11 Provable Security..........................................................................................................................................33
Figure 12 Identification Phase......................................................................................................................................38
Figure 13 Voting Process..............................................................................................................................................39
Figure 14 Authentication Phase....................................................................................................................................39
Figure 15 Collecting Data Process................................................................................................................................40

Cryptography TMUC AZLAN KHAN

 ~5~

P1: EXAMINE MATHEMATIC ALGORITHMS AND THEIR USE IN

CRYPTOGRAPHY.

CRYPTOGRAPHY

Cryptography is a subfield of computer science that deals with the skill of creating and deciphering secret codes.
Today, cryptography is a mechanism for sending secret information in an encoded format to an authorized receiver.
Cryptography's basic goal is to send and receive messages that are both vital and confidential. The main goal of
cryptography is to ensure secure communication between remote systems by incorporating protocols and algorithms.

CRYPT-ANALYSIS

The study of ciphertext, ciphers, and cryptosystems with the goal of better understanding how they operate and
developing strategies to attack or weaken them is called Crypt-Analysis.

MATHEMATICAL ALGORITHMS IN CRYPTOGRAPHY

The mathematics of an algorithm varies based on its type. It's simpler than ever to design a cryptographic algorithm
with digital cryptography, but not all of them are as secure as others. There are even more sophisticated approaches
with their own specific mathematical inputs inside these algorithm groups.

1. ASYMMETRIC ENCRYPTION
Public key cryptography is another name for asymmetric encryption. Asymmetric encryption encrypts plain
text using two keys. Secret keys are shared via a vast network like the Internet. It prevents malicious
individuals from misusing the keys.

USES
Integer factorization and discrete logarithmic issues are two examples of problems where asymmetric key
techniques are employed. For applications like the TLS(Transport Layer Security) protocol, this may
produce digital signatures and set session keys.

2. SYMMETRIC ENCRYPTION
Private key cryptography is another name for symmetric encryption. The key in this encryption algorithm
will be used by the sender to encrypt the message, and the receiver will use the same key to decode it. A
single key will be utilized to complete the encryption and decryption procedure in this method.

USES
 Encryption and decryption are conducted using a single key to achieve secrecy.
 Message Authentication Codes (MAC), which are automatically created and confirmed by the
same key, are used to verify integrity and origins.
 Pseudorandom numbers are generated.

3. HASH FUNCTIONS

Cryptography TMUC AZLAN KHAN

 ~6~

A cryptographic hash function is an algorithm that accepts an arbitrary amount of data as input, such as a
credential, and creates a hash value, which is a fixed-size output of encrypted text. The encrypted text can
then be saved in place of the password and used to validate the user later.

USES
 To create and validate digital signatures.
 Assurance of checksum/message integrity
 Services for ensuring source integrity (via MAC)
 Sub-keys are derived from key-establishment techniques and protocols.
 Pseudorandom numbers are generated.

Cryptography TMUC AZLAN KHAN

 ~7~

P2: EXPLAIN, WITH THE USE OF EXAMPLES, THE OPERATION OF STREAM

CIPHER AND BLOCK CIPHER.

BLOCK CIPHER

A block cipher converts a block of plaintext bits into a block of ciphertext bits of the same size. In the suggested
system, the block size is fixed. The encryption scheme's strength is unaffected by the block size used. The cipher's
strength is determined by the length of the key.

BLOCK CIPHER EXAMPLES

1. DIGITAL ENCRYPTION STANDARD (DES)

The popular block cipher of the 1990s. It is now considered as a ‘broken’ block cipher, due
primarily to its small key size.

2. TRIPLE DES
It is a variant scheme based on repeated DES applications. It is still a respected block ciphers
but inefficient compared to the new faster block ciphers available.

3. ADVANCED ENCRYPTION STANDARD (AES)

It is a relatively new block cipher based on the encryption algorithm Rijndael that won the AES
design competition.

4. IDEA
It is a sufficiently strong block cipher with a block size of 64 and a key size of 128 bits. A
number of applications use IDEA encryption, including early versions of Pretty Good Privacy
(PGP) protocol. The use of IDEA scheme has a restricted adoption due to patent issues.

5. TWOFISH
This scheme of block cipher uses block size of 128 bits and a key of variable length. It was one
of the AES finalists. It is based on the earlier block cipher Blowfish with a block size of 64 bits.

6. SERPENT
A block cipher with a block size of 128 bits and key lengths of 128, 192, or 256 bits, which was
also an AES competition finalist. It is a slower but has more secure design than other block
cipher.

Cryptography TMUC AZLAN KHAN

 ~8~

Figure 1 Block Cipher

STREAM CIPHER

A stream cipher is an encryption technique that encrypts and decrypts a set quantity of data using a symmetric key.
In contrast to an asymmetric cipher key, a symmetric cipher key is an encryption tool that may be used for both
encryption and decryption.

A stream cipher is an encryption technology that uses a symmetric key to encrypt and decode a fixed amount of
data. A symmetric cipher key, unlike an asymmetric cipher key, is an encryption tool that may be used to encode
and decode data.

A one-time pad is a key that is commonly used with stream ciphers. A one-time pad is mathematically unbreakable
since it is always at least the same size as the message it encrypts.

Basic encryption requires three main components:

 a message, document or piece of data

 a key
 an encryption algorithm

STREAM CIPHER EXAMPLES

Cryptography TMUC AZLAN KHAN

 ~9~

1. SALSA20
software and hardware implementations

2. CHACHA20
the modified version of Salsa20; ChaCha20 is supported in TLS 1.3

3. RC4
for wireless networks

4. A5
for GSM cellular networks

Figure 2 Stream Cipher

Cryptography TMUC AZLAN KHAN

 ~ 10 ~

M1: COMPARE THE OPERATIONAL DIFFERENCES BETWEEN STREAM

CIPHER AND BLOCK CIPHER.

STREAM CIPHER

Stream cipher is a parallel key technique (encryption method) in which the digital distribution of pseudorandom
cipher is paired with error numbers. The stream cipher encrypts plain text using the same key and method as the data
stream's binary digits (one and zero). Using digit conversion registers, pseudorandom cipher digits are created from
random seed values. The text is separated into smaller blocks, one bit or one byte in length, in stream cipher, and
each block is coded according to previous blocks.

TYPES OF STREAM CIPHERS:

 Compatible Stream Ciphers

Keystream is generated by a compatible streaming cipher depending on internal constraints that are
unrelated to explicit or cipher text. The matching cipher state must be in the same state for encryption and
encryption to work; otherwise, the message cannot be decrypted.

 Automatic Adapter Ciphers

Cipher streaming utilizing previous N digits to build a keystream utilized for the next characters of N, also
known as asynchronous stream cipher or cipher text auto key (CTAK).

BLOCK CIPHER

Instead of one-click encryption like broadcast ciphers, block ciphers need a decryption algorithm and a
corresponding key encryption key to encrypt a text block. Text is divided into big blocks, generally 64 or 128 bytes
in length, and each block is encoded independently in block cipher. During encryption, plaintext is utilized, while
encrypted material is referred to as cipher text. The block cipher algorithm is similar in that because it encrypts data
with a shared key (encrypted text). It employs the same key to transform the cipher text back to the original text
during encryption. The output is the same length as the input.

Cryptography TMUC AZLAN KHAN

 ~ 11 ~

DIFFERENCE

Stream Cipher Block Cipher

A stream cipher (encryption technique) is a cipher key A block cipher is an encryption method that employs a
cipher (encryption method) that combines precision decryption algorithm and a key encryption key.
numbers with a digital distribution of pseudorandom
cipher.
Each byte is encrypted with a separate key in stream Each block is encrypted with a comparable key in
cipher. block cipher.

The XOR function is used in stream cipher to The block cipher does not employ the XOR function.
transform ordinary text to cipher text, which is why
XORed pieces are so simple to undo.
Stream ciphers encrypt plaintext with confusion. Block ciphers encrypt plaintext with both perplexing
and encrypted text.

Stream ciphers don't need a lot of memory since they Block ciphers need a lot of memory because they work
only operate on little bits at a time. on a huge amount of data.

1 byte (8 bits) is transformed to a streaming cone at the The typical block size in block ciphers might be 64 or
same time, which speeds up the process in stream 128 bits per block cipher, making block cipher slower
cipher than stream cipher.
The CFB (Cipher Feedback) and OFB (Output The ECB (Electronic Code Book) and CBC (Cipher
Feedback) algorithm approaches are used in stream Block Chaining) algorithm approaches are used in
cipher. block cipher.

Integrity and authenticity are not protected by stream Certain block ciphers can provide both secrecy and
ciphers. integrity protection.

Stream ciphers are difficult to utilize correctly and are Block ciphers are simpler to employ.
vulnerable to use-based flaws.

Cryptography TMUC AZLAN KHAN

 ~ 12 ~

M2: ANALYZE ISSUES WITH SYMMETRIC KEY DISTRIBUTION AND HOW

THEY ARE SOLVED BY HASH FUNCTIONS AND MESSAGE AUTHENTICATION
CODES.

One big issue with employing symmetric algorithms is the exchange key problem, which can lead to standard-22
capture. Another important issue is the question of trust between the two parties that share the equity secret key.
When encryption is used for authentication and integrity testing, confidence concerns might arise.

Both parties must have a secret key that they must update before employing any encryption when utilizing
cryptography of the matching key. Until recently, the distribution of private keys was a problem since it required
face-to-face interaction, the employment of a trusted messenger, or the transmission of a key via an existing
encryption channel.

THE KEY EXCHANGE PROBLEM:

The key exchange problem originates from the fact that before any secure communication can occur, the
communicating parties must share a private secret in some way, and both sides must assure that the key stays
confidential. Direct key exchanges, of course, are not always feasible due to dangers, interruptions, and costs.
Before any safe connection can be counted, the 22-word capture means to the question of how to securely
communicate a shared key.

THE TRUST ISSUE:

Ensuring the integrity of the data collected and validating the data's source might be critical. These difficulties can
be legally relevant to regular email writing in a variety of ways, because criminal investigations frequently focus on
who knows what and when they know it. The balance key may be used to figure out who initiated a specific
collection of data, although this verification software may run into some difficulties.

HASH FUNCTIONS

Cryptographic hash functions can be created using standard key encryption algorithms. symmetric key encryption
algorithms and hash function cryptography are employed and the qualities they have. A hash function takes a data
block, also known as a message, and produces a thread of a defined size, which is referred to as a hash, value hash,
or digest. The major reason for calculating a message's hash value is that any alteration to it, whether unintentional
or purposeful, will result in an entirely new hash value.

PROPERTIES OF CRYPTOGRAPHIC HASH FUNCTIONS

1. Calculating the hash value in any given message is simple.
2. It is not feasible to receive the given hash message.
3. Without a hash swap, changing the message is impossible.

MESSAGE AUTHENTICATION CODE (MAC):

A crucial measuring procedure for message validation is the MAC algorithm. The sender and receiver share a
balanced key K when the MAC mechanism is established.

A MAC is essentially an encrypted checksum generated from a basic message and transmitted along with a message
verification message.

Cryptography TMUC AZLAN KHAN

 ~ 13 ~

1. The sender creates a MAC value by inserting a message and a secret key K into a well-known MAC algorithm.
The MAC function, like the hash, compresses nonsensical input for extended output. The fundamental
difference between hash and MAC is that MAC compresses with a secret key.
2. The message and MAC are relayed by the sender. We presume that the message being delivered is obvious
since we are only interested in giving confirmation of the communication's origin, not privacy. If confidentiality
is essential, the communication must be encrypted.
3. To recalculate the MAC value after receiving a message with the MAC, the recipient inputs the received
message together with the secret key supplied to K in the MAC algorithm.
4. The receiver now compares the newly calculated MAC's balance to the MAC received from the sender. If they
are the same, the message is received by the receiver, who certifies that it was sent by the sender.
5. If the MAC listed differs from the MAC given by the sender, the receiver has no way of knowing if the message
has been altered or comes from a fake source. The receiver, like the bottom line, safely thinks that the
communication is not genuine, causing trust issues.

Cryptography TMUC AZLAN KHAN

 ~ 14 ~

P3: DISCUSS COMMON PUBLIC KEY CRYPTOGRAPHIC METHODS AND THEIR

USES.

RSA ALGORITHM

• In cryptography, this is the most well-known and commonly used algorithm.

• This method is used as the basis for bio cryptography.
• The RSA algorithm is named after its creators, Ron Rivest, Ali Shamir, and Leonard Adelman, who founded the
RSA data organization.
• This method creates public and private keys by utilizing the power of prime integers.
• This algorithm is mostly used to encrypt or decode data in contemporary computers.

ADVANTAGES
 RSA outperforms all other symmetric key algorithms.
 The weaknesses of symmetric algorithms, such as authenticity and secrecy, have been solved by RSA.

DISADVANTAGES
 RSA contains an excessive amount of computation.

USES
 RSA is widely utilized in digital signatures and hybrid encryption schemes.
 It was used to encrypt and transfer a symmetric key to a third party who had requested it.

RSA is also used in a few fields:

 Banking
o Banks typically employ the RSA algorithm to safeguard sensitive data, such as client information
and transaction records. Credit cards and workplace computers are two examples of
circumstances.
 Telecommunication
o As a privacy concern, the RSA technique is beneficial for encrypting call data.
 Ecommerce
o The RSA algorithm can be used to safeguard a user's identity during a transaction.

DIFFIE-HELLMAN ALGORITHM

• This Algorithm is also called after its creators, White Diffie and Martin Hellman.
• It's also referred to as the DH algorithm.
• This technique is used to safely exchange cryptographic keys over a public network.
• This algorithm was one of the first to use public-key cryptography.
• This algorithm was one of the first demonstrations of public key exchange in practice.

ADVANTAGES

Cryptography TMUC AZLAN KHAN

 ~ 15 ~

 No prior knowledge of the sender or receiver is required.

 After the keys have been exchanged, data may be sent across an unsafe channel.
 The exchange of the secret key is secure.

DISADVANTAGES
 There is no way to use the method for any asymmetric key exchange.
 It can't be used to sign digital signatures.
 The Diffie Hellman key exchange is vulnerable to a man-in-the-middle attack since it does not verify any of the
parties involved in the communication.

USES
DH allows the two parties to encrypt and decode their communication or data using symmetric cryptography
utilizing a public key.

ELLIPTICAL WAVE THEORY ALGORITHM

• This Algorithm is a method of doing public-key encryption.

• This method is based on elliptical curve theory, which may be used to make cryptographic keys that are smaller,
quicker, and more efficient.
• The major focus of this technique is on encryption and decryption using pairs of private and public keys.

ADVANTAGES
 ECC makes use of a relatively small encryption key.
 This short key is quicker and uses less computational power
 The benefits of ECC over RSA are especially essential in wireless devices, which have limited computational
power, memory, and battery life.

DISADVANTAGES
 It greatly increases the size of the encrypted message when compared to RSA encryption.
 More complicated and difficult to implement than RSA, increasing the risk of implementation mistakes and
lowering the technique's security.

USES
 It uses elliptic curve mathematics to create security between key pairs for public key encryption.
 ECC is one of the most widely utilized digital signature implementation approaches in cryptocurrencies. In
order to sign transactions, both Bitcoin and Ethereum use the Elliptic Curve Digital Signature Algorithm
(ECDSA).
 Because of its lower key length and efficiency, it is a standard for encryption that will be adopted by most
online apps in the future.

Cryptography TMUC AZLAN KHAN

 ~ 16 ~

P4: EXPLAIN BY THE USE OF EXAMPLES PUBLIC KEY EXCHANGE AND

DIGITAL SIGNATURES, AND THEIR IMPLEMENTATION ISSUES.

PUBLIC KEY EXCHANGE

A communication is encrypted using the public key of the intended receiver. Messages cannot be decrypted in
practice by anybody who does not have the corresponding private key, who is thus assumed to be the owner of that
key and hence the person linked with the public key, for correctly designed and utilized algorithms. This may be
used to ensure that a communication remains private.

Figure 3 Public Key Encryption

The size of public/private key pairs is usually substantially bigger than that of symmetric key pairs, this is due to the
fact that public key cryptography acts as a gatekeeper. The primary applications of public key cryptography are:

 Authentication
 Key Exchange

EXAMPLE
 Ali wishes to send an encrypted email to Fatima.
 Ali does this by encrypting his message to Fatima using Fatima's public key.
 Then, once Fatima receives the message, she uses her private key, which is only known to her, to decode Ali's
message.
 When Fatima wishes to respond, she simply repeats the procedure, using Ali's public key to encrypt her
message.

Cryptography TMUC AZLAN KHAN

 ~ 17 ~

Attackers may attempt to hack the server and read the message, but they will be unable to do so because they lack
the private key required to decode it. Because Fatima is the only one who has access to the private key, she will be
the only one who can decode the message.

DIGITAL SIGNATURE

When a message is signed using the sender's private key, anybody with access to the sender's public key can verify
it. This verification establishes that the sender had access to the private key and, as a result, is extremely likely to be
the person linked to the public key. This also assures that the message has not been tampered with, because a
signature is mathematically connected to the message from which it was created, and verification will fail for
virtually any other message, no matter how close to the original.

Figure 4 Digital Signature

EXAMPLE
Using her secret key, Mary executes a contract to sell a timeshare. The document is delivered to the buyer. The
document's buyer will also receive a copy of Mary's public key. If the public key cannot decrypt the signature (using
the cipher from which the keys were generated), the signature isn't Mary's or has been modified after she signed it.
As a result, the signature is deemed invalid.

IMPLEMENTATION ISSUES

Computer Costs:

Cryptography TMUC AZLAN KHAN

 ~ 18 ~

Because of their unique character, the keys to the cryptography key for the public key are more expensive for the
computer than those for the secrecy of the private key.

At risk for a Man in the Middle attack:

The public key's cryptography is susceptible to such assaults. In this situation, the at-risk third party distributes the
public key to the parties involved in his or her own unique fashion.

M3: ANALYZE, WITH EXAMPLES, THE PUBLIC KEY INFRASTRUCTURE (PKI).

PKI (PUBLIC KEY INFRASTRUCTURE)

To get access to an unprotected security service, PKI employs two keys. A private key and a public key are
contained in a pair of keys.

The usage of two keys to produce a lower security service is the primary distinguishing characteristic of public key
infrastructure (PKI). A private key and a public key are contained in a pair of keys.

Because public keys are in the public domain, they might be targeted. As a result, some form of dependable
infrastructure to manage these buttons must be established and maintained.

PKI has the following features:

 Digital certificates, commonly known as public key certificates.

 Private key tokens
 Certification authority
 Registration authority
 Management system for certifications

A public-key infrastructure (PKI) is an example of a security infrastructure that employs public and private keys.
Security measures, regulations, and recommendations for the targeted use of unprotected social networks, such as
the Internet, are part of key public infrastructure.

Cryptography TMUC AZLAN KHAN

 ~ 19 ~

D1: EVALUATE THE IMPROVEMENT INTRODUCED BY AES COMPARED TO

DES AND 3DES ENCRYPTION STANDARDS AND PUBLIC KEY AND PRIVATE
KEY ENCRYPTION.

DES (DATA ENCRYPTION STANDARD)

The Data Encryption Standard is a set of virtual data symmetric-key encryption concepts. Despite the fact that its
fifty-six-bit key lifespan makes it unsafe for applications, it has had a considerable effect on cryptography progress.

Following the agency's call to nominate a candidate for the protection of sensitive, unclassified digital authority
data, the set of regulations was submitted to the National Bureau of Standards (NBS). The set of rules was
developed in the early 1970s at IBM and based entirely on an in advance design by Horst Feistel. It was presented to
the NBS in response to the agency's call to nominate a candidate for the security of sensitive, unclassified digital
authority data. In 1976, the NBS adopted a slightly different version (stronger against differential cryptanalysis but
weak against brute-force attacks) after consultation with the National Security Agency (NSA), and it became a
genuine Federal Information Processing Standard (FIPS) for the United States in 1977.

The present understanding of block ciphers and their cryptanalysis is the result of years of exhaustively instructional
study of a set of rules. DES is insecure because to the unusually small key length of 56 bits. In January 1999, the
book was released. The Internet and the Electronic Frontier Foundation collaborated to publicly destroy a DES key
in 22 hours and 15 minutes (see chronology). There are a few analytical consequences that demonstrate the cypher's
theoretical weaknesses but are hard to apply in practice. Despite the possibility of attacks, the set of rules known as
Triple DES is considered to be almost stable.

3DES (TRIPLE DATA ENCRYPTION STANDARD)

The Triple Data Encryption Algorithm (TDEA or Triple DEA), sometimes known as Triple DES (3DES or TDES),
is a symmetric-key block cypher that applies the DES cipher set of rules 3 times to all facts blocks in cryptography.
The Data Encryption Standard's (DES) 56-bit key is not regarded acceptable in the face of cutting-edge cryptanalytic
approaches and supercomputing capabilities. A severe security problem in the DES and 3DES encryption algorithms
was discovered in CVE-2016-2183, a CVE issued in 2016. NIST has deprecated DES and 3DES for new packages
in 2017, and for all applications by 2023, due to this CVE and the inadequate key length of DES and 3DES. It has
been replaced with the more secure and durable AES.

AES (ADVANCED ENCRYPTION STANDARD)

AES is a Rijndael block cipher created with the assistance of Belgian cryptographers Vincent Rijmen and Joan
Daemen, who made a recommendation to NIST during the AES selection process. Each Rijndael encryption has its
own key and block size. NIST picked three Rijndael family members for AES, each having a 128-bit block length
but three distinct key lengths: 128, 192, and 256 bits.

With the aid of US officials, the AES has been tracked. It takes the role of the Data Encryption Standard (DES),
which was first released in 1977. The set of rules created using AES is a symmetric-key set, which means that the
same secrets are used to encrypt and decode the data.

The ISO/IEC 18033-three standard covers AES. AES became a key governmental authority in the United States
after getting authorization from the US Secretary of Commerce on May 26, 2002. When employed in an NSA
authorized cryptographic module, AES became the first (and only) publicly accessible cryptographic algorithm to be
approved by the United States National Security Agency (NSA) for top secret material.

Cryptography TMUC AZLAN KHAN

 ~ 20 ~

IMPROVEMENTS IN AES COMPARED TO DES AND 3DES

A series of tests were established to see how long it would take to decipher a message, in order to demonstrate that
the DES had become inadequate and should no longer be employed in important structures. Two agencies assisted in
the DES breach; The Internet and the Electronic Frontier Foundation (EFF).

Using a brute pressure assault, the DES I contest (1997) required eighty-four days to interrupt the encrypted
communication.

There were DES II challenging scenarios issued in 1998. The first assignment took little over a month, and the
encrypted text became "The mysterious message is: Many arms make light labor." The second assignment, with the
plaintext phrase "It's time for the ones 128-, 192-, and 256-bit keys," took substantially less than three days.

Most effective DES III work took 22 hours and 15 minutes in early 1999. The Electronic Frontier Foundation
released the Deep Crack computer. The Internet computer community decoded the message and won the challenge
by finding the 56-bit DES key. The encrypted message, which read "See you in Rome (Second AES Candidate
Conference, March 22-23, 1999)," was discovered after scanning around 30% of the critical item space, suggesting
that DES was no longer in use.

When it came to brute-force attacks, Triple DES was proven to be ineffective (similarly to slowing down the
technique substantially).

According to NIST drafted rules issued on July 19, 2018, TDEA/3DES is formally being retired. According to the
points, Triple DES will be deprecated in all new applications and will be disallowed after 2023.

The overall performance of the algorithms was assessed using Java and C reference implementations. AES was
chosen in an open competition with 15 bids to as many research groups as possible from around the world, and it
received a massive amount of funding. Finally, in October 2000, the National Institute of Standards and Technology
(NIST) announced Rijndael as the proposed Advanced Encryption Standard (AES).

Figure 5 Difference between AES, DES, 3DES

PUBLIC AND PRIVATE KEY ENCRYPTION

Cryptography TMUC AZLAN KHAN

 ~ 21 ~

Figure 6 Private Key & Public Key

In Private-key, the same key (secret key) is used for encryption / decryption. Because the sole key is repeated or
multiplied by each other celebration to decrypt the cipher textual information, this key is symmetric. It takes a lot
less time than public-key encryption

In a Public-key system, one key is used for encryption and every other key is utilized for decryption. The recipient
uses the non-public key to decode the cypher text and analyze the message, while the recipient uses the public-key
to encrypt the plain text and convert it to cypher text.

Cryptography TMUC AZLAN KHAN

 ~ 22 ~

P5: DISCUSS THE COMMON ATTACKS ON PUBLIC KEY ENCRYPTION

SCHEMES.

WIENER'S ATTACK ON RSA

Wiener's attack is a polynomial-time attack on an RSA cryptosystem with a tiny secret decryption exponent d that
works if d < n^0.25, where n = pq is the cryptosystem's modulus. Because d is the denominator of some convergent
pm /qm of the continuous fraction expansion of e/n in that instance, d may be effectively determined using the
public key (n, e).

When d is a few bits longer than n^0.25, there are numerous modifications of Wiener's attack that can break the
RSA cryptosystem. They're all O(D^2) at runtime, with d = Dn^0.25. We offer a novel variation of Wiener's assault
that employs results on Diophantine approximations of the form |α − p/q| < c/q2, as well as a "meet-in-the-middle"
variant for checking the secret exponent candidates (of the type rqm+1 + sqm). This reduces the attack's run-time
complexity to O(D log(D)) (with a space complexity of O(D)).

1. Keep a list of the convergent’ s of the continuing fraction of e/n.

2. Iterate through the list's elements.
3. Assign the denominator of the convergent as d for each iteration.
4. Decrypt the ciphertext using the decryption key exponent value discovered.
5. Break the loop and display the message if the ciphertext decrypts to a meaningful value.

LATTICE-BASED ATTACKS ON RSA

The cryptanalysis of the RSA encryption scheme has benefited greatly from lattice basis reduction methods. These
methods use Coppersmith's theory of polynomials to look for weak examples of number-theoretic encryption,
namely RSA.

Lowering the lattice is a great way to solve a wide range of issues, including point lattices. Number theory, linear
algebra, and cryptology have all benefited from lattice reduction. It is not only unsafe to use lattice cryptosystems in
the environment, but it is also risky to use lattice reduction methods. Small independent Wiener attacks, which are
regarded strong attacks, are expanded to target several RSA circumstances when they contain comparable
independent advertisements in this study.

The lattices are organized in a regular pattern for different points. In addition to their ubiquitous usage in pure
mathematics, lattices have applications in cryptography / cryptanalysis, numerical geometry, integer polynomial
integration, subset sum set and knapsack problems, integer relationships, and Diophantine. The acquisition of
enhanced lattice presentations using techniques such as LLL reduction (Lenstra, Lenstra, Loy 'asz) is referred to as
lattice reduction.

PARTIAL KEY EXPOSURE ATTACKS

Partial key exposure attacks, a unique implementation of Coppersmith's approach, were presented by Durfee and

Frankel to recover an RSA private key given only a percentage of its bits. In the context of side-channel assaults,
this form of attack is very interesting. The secret exponent is randomized at each execution when the exponent
blindness technique is used as a countermeasure for side-channel attacks. As a result, the attacker can only depend

Cryptography TMUC AZLAN KHAN

 ~ 23 ~

on a single trace, considerably increasing the noise and making the recovery of exponent bits less effective. This
countermeasure has the unintended consequence of altering the RSA equation utilized by partial key disclosure
attacks, as Joye and Lepoint discovered in 2012. We enhance their results by offering a more straightforward
approach for known least significant bits and a better bound for known most significant bits. We also employ partial
key exposure attacks against CRT-RSA when exponent blinding is applied, a condition that has yet to be studied in
the literature. Our discoveries, which include both theoretical and experimental results, aim to lower the amount of
bits required to factor an RSA modulus via side-channel attacks while the implementation is protected by exponent
blindness.

MEET-IN-THE-MIDDLE ATTACK

A Meet-in-the-Middle (MitM) Assault is a type of cryptanalytic attack in which the attacker aids the attack by using
a space or time tradeoff.

MitMs, in particular, aim to lessen the amount of difficulty necessary to carry out the assault in its original form.
MitMs may be as simple as separating the target message into two pieces and addressing each one separately. It
might imply converting an assault that takes X amount of time into one that takes Y time and Z space. The goal is to
drastically minimize the amount of time and effort required to undertake a brute-force assault.

Meet-in-the- Middle adversaries attempt to balance the difficulties of a big cryptanalytic assault by' meeting in the
middle,' or half the percentage of the data they are studying in order to make the effort viable or reasonable in their
opinion.

BRUTE-FORCE ATTACK

Application programs utilize a trial-and-error approach to decode login credentials and encryption keys in order to
use them to gain unauthorized access to systems. Rather than applying cerebral techniques, using sheer force is an
exhausting task.

A brute-force attack on applications tries all conceivable combinations of legal characters in a sequence, similar to
how a burglar may break into and open a safe by attempting many different combinations. Brute-force attacks are
commonly used by cybercriminals to gain access to a website, account, or network. They may then use malware to
infect computers, shut down websites, or steal personal information.

Automated programs are widely used in basic brute-force attacks to guess all potential passwords until the correct
input is detected. For breaking popular passwords, this is an old but still efficient attack technique.

FAULT ANALYSIS

In the realm of cryptography, especially cryptanalysis, differential fault analysis (DFA) is a sort of active side-
channel attack. The idea is to introduce flaws—unexpected environmental conditions—into cryptographic systems
so that their internal states can be revealed.

The fault injection attack involves straining the encryption transistors in order to induce a fault that may then be
utilized as DFA input. An electromagnetic pulse can be used as a perturbation element (EM pulse or laser pulse).

For example, a smartcard with an integrated CPU might be exposed to high temperatures, unsupported supply
voltage or current, extremely high overclocking, strong electric or magnetic fields, or even ionizing radiation, all of
which could affect the processor's performance. When a CPU is pressured like this, it may start to produce
inaccurate results owing to physical data corruption, which might assist a cryptanalyst figure out what instructions
are being executed or what the processor's internal data state is.

Cryptography TMUC AZLAN KHAN

 ~ 24 ~

P6: EXPLAIN, WITH EXAMPLES, PROVABLE SECURITY IN SIGNATURE

SCHEMES AND ENCRYPTION SCHEMES.

SIGNATURE SCHEMES & ENCRYPTION SCHEMES

For instance, the signature system and the public key encryption system are both secure. They examine an adversary
opposing the signature scheme who has unrestricted access to the encryption system's translation using the secret
key, and show that in various signing systems, such adversaries are less destructive than "regular" opponents.
Similarly, certain encryption techniques demonstrate that an attacker with unrestricted access to a signature software
signing a contract with a linked secret key will not compromise the encryption system's security. Following that,
efforts centered on global at-attachment systems that could be utilized for signing and encryption without requiring
separate keys.

A digital signature is a cryptographic value derived from data and a secret key only the signature knows about. In
the actual world, a message's recipient must be certain that the message belongs to the sender and that he or she
should not be able to refute the message's beginning.

Example:

RSA (Rivest-Shamir-Adleman) is a popular public cryptosystem for handling data transfers. It's also one of the
earliest.

The "scoring problem," or the perceived difficulty of entering the product into the two-digit number, is critical to the
RSA's security. An RSA issue occurs when RSA encryption is broken. It's unclear if it'll be as problematic as the
problem of file uploading. When a key is big enough, there are no published ways for defeating the system.

RSA is a method that takes a long time to complete. As a result, it's only seldom used to directly insert user-
encrypted data. RSA is frequently used to transfer keys issued to symmetric key cryptography keys, which are
utilized for bulk encryption.

A security algorithm is a mathematical method for encrypting information. The data is encoded, and restoring it to
its original condition necessitates the application of software keys.

Cryptography TMUC AZLAN KHAN

 ~ 25 ~

M4: CRITICALLY ANALYZE THE SECURITY OF HYBRID CIPHERS AND THE

CONSTRUCTION OF KEY ENCAPSULATION MECHANISMS (KEMS).

HYBRID CIPHERS

A hybrid cipher combines the benefits of both symmetric and public-key ciphers. It operates by sharing a key for the
symmetric cipher using a public-key cipher. The key is then used to encrypt the message, which is finally forwarded
to the receiver. Because symmetric key sharing is safe, the symmetric key used for each message transmitted is
distinct. As a result, it's also known as a session key.

Figure 7 Hybrid Cipher 1

Public-key ciphers aren't a silver bullet. From a security aspect, many symmetric ciphers are more secure, and
public-key encryption and decryption are more costly than symmetric processes. Despite this, public-key ciphers are
an excellent tool for disseminating symmetric cipher keys, which is how they are employed in hybrid cipher
systems.

Hybrid ciphers are used by both PGP(Pretty Good Privacy) and GnuPG(GNU Privacy Guard). The session key,
which is encrypted using a public-key cipher, and the message to be delivered, which is encrypted with a symmetric
cipher, are automatically integrated into a single package. The recipient decrypts the session key using his private
key, which is then used to decrypt the message.

A hybrid cipher is only as strong as the public-key or symmetric cipher it employs, whichever is weaker. The public-
key cipher in PGP and GnuPG is very certainly the weaker of the two. Fortunately, if an attacker decrypted a session
key, it would only be usable for reading the one message encrypted with that key. In order to read any other
communication, the attacker would have to start from scratch and decode a new session key.

Cryptography TMUC AZLAN KHAN

 ~ 26 ~

Figure 8 Hybrid Cipher 2

KEY ENCAPSULATION MECHANISM (KEMS)

A key-encapsulation mechanism (KEM) is an encryption technique that allows anybody who has access to a party's
public key to safely provide that party a key. A KEM is a key-exchange protocol in which only one message is sent;
its major purpose is to provide public-key encryption of communications of any length when used in conjunction
with symmetric encryption.

KEM security is typically stated in terms of a game that no effective opponent can win with a significant advantage.
One of the main disadvantages of game-based definitions is that they frequently lack clear semantics, and that the
security of each higher-level protocol that employs KEMs must be demonstrated by demonstrating a tailored
security reduction from breaking the security of the KEM to breaking the security of the combined protocol.

Cryptography TMUC AZLAN KHAN

 ~ 27 ~

Figure 9 KEM

The purpose of a KEM is to create a resource that simulates a shared key that is only accessible to trustworthy
people. The composition theorem assures the security of the combined protocol without the necessity for a specific
reduction; this resource may be utilized in constructing and proving higher-level protocols.

Cryptography TMUC AZLAN KHAN

 ~ 28 ~

D2: EVALUATE DIFFERENT DEFINITIONS OF PROVABLE SECURITY.

PROVABLE SECURITY

Provable security is a concept in modern cryptology. In the history of cryptography there are many examples of
systems that were believed to be secure by their inventors but could still be broken. It is therefore desirable to
convince oneself of the security of a system by proving it in a formal way. To do this, both the cryptographic system
and the security to be achieved must be formalized.

a system is provably secure if it is accompanied by a solid logical explanation demonstrating that if this system's
security is violated, then

 Either a simple logical inconsistency appears

 or a well-researched problem can be handled

Though cryptography appears to have originated with the advent of writing, no provably safe cryptosystem existed
prior to Rabin's cryptosystem. Several cryptosystems developed in the last 30 years, on the other hand, give very
minimal security proofs. In today's secure applications, several of these methods are frequently employed. 

The ideal circumstance in the "provable security" paradigm is to have a tight reduction from a mathematical issue
that is commonly regarded to be intractable to a successful protocol assault. This means that an opponent who can
attack the system must therefore be able to find a solution in roughly the same amount of time and with roughly the
same chance of success.

Any type or stage of computer security that can be proven is referred to as provable security. It is used in unique
ways and in specialized sectors. This usually relates to mathematical proofs, which have a common position in
cryptography. In any such proof, the attacker's talents are depicted in a negative light. The evidence's objective is to
show that the attacker must overcome the underlying challenging problem in order to compromise the modeled
system's security. Side-channel assaults and other implementation-unique attacks are usually impossible to model
without enforcing the system, therefore such evidence usually doesn't really recollect them.

Cryptography TMUC AZLAN KHAN

 ~ 29 ~

Figure 10 Provable Security

The essential principles below provide the answer to the most critical question: why and how can we prove security.

1. By launching an attack on the system to check if one is discovered or not

2. By demonstrating that there is no attack on the system under certain conditions and assumptions.
3. Predicting the attacker's aim
4. Implementing a security model
5. Defining assumptions
6. Providing proof
7. Interpreting proof

The building of mathematical evidences regarding the security of an algorithm is aided by provable security. These
facts contribute to disputes that result in descriptions of scheme security features and hardness views.

The things with which we operate, such as plans and protocols, must be defined first. We must describe the inputs
and outputs of these algorithms since they are algorithms. An encryption method, for example, consists of three
calculations: Keygen, Enc, and Dec. Keygen takes a few parameters as input and generates a key. Encryption
calculation Enc then calculates a cipher text using this key, a message, and maybe some arbitrariness. Finally, the
Dec decoding calculation takes a cipher text and a key and produces plaintext.

P7: EXAMINE, BY THE USE OF EXAMPLES, SECRET SHARING SCHEMES.

SECRET SHARING SCHEMES

Secret Sharing Schemes are a method by which traders divide shares to multiple groups and subgroups of those
groups that have been given permission to adjust privacy. They are the most significant tools in cryptography, and
they are employed as a building block in a variety of secret protocols. We'll go through the fundamentals of secret
sharing schemes, monotone formulas, and monotone span programs in this section. Then go over the primary
disadvantages of private sharing systems, including a big size component that accurately represents the number of

Cryptography TMUC AZLAN KHAN

 ~ 30 ~

organizations involved in the schemes. Knowing that lower stock size limitations will inevitably be implemented, it
is apparent that there will be a significant disparity between the lower and higher limits. General secret sharing,
Reed-Solomon codes, Shamir's sharing scheme, and other instances are discussed in the groups.

GENERAL SECRET SHARING

Secret sharing techniques and the standard and common monotone access architecture have received a lot of
attention, however non-monotone structures may be more useful in some instances. As a result, we need redefine the
secret sharing strategies, which are frequently included in the analysis of full sharing schemes with a monotone
access structure, as we go from the model of private sharing schemes to the general access framework. Following
that, we must give two secret sharing scheme structures and standard access frameworks for the first time. Only the
first construction is considered a democratic system since the shares are created by the parties themselves, whereas
the second construction increases the system's efficiency by distributing the shares by a trustworthy institution.

REED-SOLOMON CODES
It is vulnerable to BCH non-duplicate cyclic error codes to repair codes utilizing polynomials over data blocks, and
it is one of the earliest error correction codes. When the decoder finds the data and alters it to repair faults by going
to the code symbols indicated by the word RS (n, k) when n block length and n = 2m-1 and k message size shown in
bits, this encoder recognizes the data block and adds unnecessary bits before accessing the audio channels. It's
frequently used for CDs, DVDs, QR Codes, and modems, among other things.

SHAMIR SECRET SHARING SCHEME

Shamir's secret sharing scheme method is vital in the planning algorithm designed by Adi Shamir, and the objective
of the algorithm is to partition the secret into multiple sections in encrypted format. 

Shamir's Secret Sharing (SSS) is a distributed secret security system that is most commonly used to safeguard other
encryption keys. The secret is divided into several portions, known as shares. The original secret is reconstructed
using these shares.

A minimum number of shares is required to uncover the secret using Shamir's secret sharing. This is referred to as
the threshold, and it indicates the minimum amount of shares required to reveal the secret. Perfect secrecy means
that an enemy who learns any number of shares less than the threshold will have no more knowledge about the
guarded secret. SSS is a generalization of the one-time pad in this sense (which is effectively SSS with a two-share
threshold and two shares in total).

For example, Company XYZ must protect the password to its vault. They could use a conventional algorithm like
AES, but what if the key holder is unavailable or dies? What if the key is hacked by a malevolent hacker, or if the
key holder goes rogue and abuses their influence over the vault?

This is when SSS enters the picture. It may be used to encrypt the vault's password and construct a set of shares,
with a set of shares distributed to each executive at Company XYZ. They can only open the vault now if they pool
their shares. The barrier may be adjusted suitably for the number of executives, ensuring that the vault is always
accessible to those who are permitted. They couldn't unlock the password unless the other executives cooperated if a
share or two fell into the wrong hands.

Cryptography TMUC AZLAN KHAN

 ~ 31 ~

P8: EVALUATE SECURE MULTI-PARTY COMPUTATION USING THE TWO-

PARTY AND MULTI-PARTY CASES.

MULTI-PARTY COMPUTATION

Secure multi-party computation (MPC) allows a group of n participants to calculate a joint function of their inputs
while maintaining the privacy of their inputs. The early MPC procedures were inefficient because they employed
highly general approaches. As a result, now that the majority of the problems about secure computation's practicality
have been answered, many subsequent studies have concentrated on enhancing the efficiency of these protocols.

Secure Multi-group computation is a cryptographic agreement that distributes the multi-group accounting process
such that no one group has access to the data of others. In other words, MPC enables shared data analysis without
requiring the data to be shared. For a hidden enemy model, we build a multi-group computation rule. The majority
of our pro-videos protection technique is predicated on the fact that a variety of organizations are meeting wrongly.
To transition from honest-but-curious to malicious security, our strategies rely on effective and selective strategies
while avoiding costly zero-knowledge proofs. o(n3tsIcI) BITS of communication are required by the protocols.

Multi-party Computation Against Covert Adversaries In the covert adversary paradigm, we develop a protocol for
multi-party computing. If a large number of participants conspire maliciously, our protocol gives a conventional
simulation-based security guarantee. To transition from honest-but-curious to malevolent security, we use fast cut-
and-choose strategies and avoid expensive zero-knowledge proofs. We exclusively employ efficiently
implementable cryptographic primitives in a black-box fashion.

Two-party Computation Against Covert Adversaries Any efforts to cheat by an opponent are discovered by honest
parties with a probability of at least ∈, where ∈, is the deterrence probability, in a protocol safe against covert
adversaries. As a result, in order to make the concept of covert enemies a practical/realistic model for real-world
applications, it must have a high deterrent probability. In this study, we propose a two-sided protocol secured by
concealing opponents, in which the chance of blocking ∈=1−1/t, for any polynomial value in the security
parameter, is almost free, dependent on the protocol communication complexity. We illustrate how our tactics
defend both side-counting systems from absolutely savage opponents, while focusing mostly on concealed rivals.

Cryptography TMUC AZLAN KHAN

 ~ 32 ~

M5: ANALYZE THE IMPLEMENTATION OF PUBLIC KEY CRYPTOGRAPHY IN

ELECTRONIC VOTING SYSTEMS.

PUBLIC KEY CRYPTOGRAPHY IN ELECTRONIC VOTING SYSTEM

Many earlier research on the E-Voting method have been conducted, with the goal of making the method easier to
use. These techniques have a number of flaws, including voter fatigue, the high cost of essential gear, and the
requirement of polling stations.

The proposed protocol uses the RSA public-key encryption technique as its foundation. The RSA is used to ensure
that information is only available to authorized entities and is inaccessible to everyone else. RSA is also used to
ensure that information is not modified in transit from the source to the destination.

Here are the steps or process for an electronic voting system using public key cryptography:

1. SYSTEM ACCESS CONTROL PROCESS

One of the cryptographic services used to authenticate voters in the government election server is the
system access control procedure. This is the initial phase in the planned E-Voting system, and it prepares
voters to participate in the advanced E-Voting process. As a result, the system access control process
includes two phases: identification and authentication.

1. IDENTIFICATION PHASE
To ensure that the election is conducted correctly, the individual should visit the Dept to verify his
or her details. After the citizen has been registered, the next three stages should be completed. The
voter information will be saved on the election server and then forwarded to the mobile phone
company for further processing.

Figure 11 Identification Phase

Cryptography TMUC AZLAN KHAN

 ~ 33 ~

2. AUTHENTICATION PHASE
During this stage, the voter can use his or her personal computer to participate in the voting
process. The voter logs on to the E-Voting website with the ID and PIN numbers that he or she
used to register. The election server will produce a calculated RSA public-key after the voter has
registered up for the election website. The public key would then be sent to the voter as a short
text message (SMS) by the mobile phone company. It's worth noting that acquiring the public key
shows that the voters are ready to vote right now.

Figure 12 Authentication Phase

2. VOTING PROCESS

Cryptography TMUC AZLAN KHAN

 ~ 34 ~

Because the voter cannot logout after getting the public key, the voting procedure is usually quite
important,  on the other hand, now the voter can choose his or her candidates directly from the election site.
In order to speed up the voting process, the election site will only show the names of candidates as the voter
specific department.

The voter should click the submit button to communicate his or her choices to the election server after
selecting the candidates and inputting the received public-key through the election website. As a result, the
RSA encryption technique is used to encrypt voter data, which is subsequently transferred to the
government election server as ciphertext (encrypted text). As well, after the end of the voting period, the
data collection procedure will be initiated in order to count votes and certify the final results.

3. COLLECTING DATA PROCESS

The receiver (server Administrator) decrypts the encrypted data using the computed RSA private key in this
technique. Finally, the Administrator will make the results of the voting public.

Figure 14 Collecting Data Process

The suggested protocol outperforms previous E-Voting protocols in terms of efficiency. It enables voters to vote
from their PC at no additional expense or effort. This protocol is intended to replace the faulty prior voting system as
a new technology for electronic voting protocol, because voters have a reasonable expectation that their ballots
would be tallied.

Cryptography TMUC AZLAN KHAN

 ~ 35 ~

D3: CRITICALLY EVALUATE THE ACCESS STRUCTURES FOR SECRET

SHARING SCHEMES.
A secret sharing scheme theme is a method of distributing shares of a secret price k ∈ K among a group of
participants P in such a way that only qualifying subsets of P are capable of reconstructing the value of k from their
shares. A secret sharing theme is said to be good if no information about the value of the key can be gleaned from all
of the participants' shares in a highly unqualified set.

The first works on secret sharing focused solely on schemes with a (t, n)-threshold access structure, whose
foundation is created by all subsets with precisely t participants from a collection of n participants. Finding a perfect
secret sharing theme for a given access structure Γ is normally insufferable. As a result, we might try to find a secret
sharing theme for Γ with the highest data throughput possible. P*(Γ) = sup (p (∑, Γ, K)) denotes the best data rate of
an associate access structure, where the supremum is among all attainable sets of secrets K with IKI ≥ two and each
secret sharing scheme ∑ with access structure Γ and set of secrets K. Of course, a flawless access structure's
optimum data rate is sufficient.

A secret-sharing theme might be a method by which a dealer distributes shares to parties in such a way that only
licensed subsets of those parties can reassemble the key. Secret-sharing schemes are a crucial tool in cryptography,
and they're used to enclose a variety of secure protocols, including the general protocol for multi-party computation,
Byzantine agreement, threshold cryptography, access management, attribute-based cryptography, and generalized
oblivious transfer. We cover the most important secret-sharing scheme constructions in this review, and we establish
a case for the linkages between secret-sharing schemes and monotone formulas and monotone span programs.

The most serious disadvantage of well-known secret-sharing techniques is the large share size, which is exponential
throughout the range of parties. We tend to believe that this is frequently unavoidable. We frequently present the
well-known lower restrictions on share size. The bottom bounds are feeble, and the lower and upper bounds are
separated by a large gap. For linear secret-sharing schemes, this might be a category of schemes with algebraic
support that includes the most well-known schemes, as well as super-polynomial lower limits on the share size area
unit. The proofs of such lower boundaries are usually described. We also provide two solutions that link secret-
sharing strategies for a Hamiltonian access structure to the NP vs. coNP problem and a major unresolved problem in
cryptography, namely, creating oblivious-transfer protocols from unidirectional functions.

Cryptography TMUC AZLAN KHAN

 ~ 36 ~

REFERENCES
Anon., n.d. Public-key cryptography. [Online]
Available at: https://en.wikipedia.org/wiki/Public-key_cryptography

avinetworks, n.d. Elliptic Curve Cryptography. [Online]

Available at: https://avinetworks.com/glossary/elliptic-curve-cryptography/

Baign`eres, T., 2007. Provable Security in Cryptography, s.l.: s.n.

Cheap SSL Security, n.d. What is Public Key and Private Key Cryptography, and How Does It Work?. [Online]
Available at: https://cheapsslsecurity.com/p/what-is-public-key-and-private-key-cryptography-and-how-does-it-
work/

Docusign, n.d. Understanding digital signatures. [Online]

Available at: https://www.docusign.com/how-it-works/electronic-signature/digital-signature/digital-signature-faq

Dujella, A., n.d. A variant of Wiener’s attack on RSA, s.l.: s.n.

gnu, n.d. Hybrid ciphers. [Online]

Available at: https://www.gnupg.org/gph/en/manual/x209.html

Hayam K. Al-Anie, M. A. A. a. A. A. H., n.d. E-VOTING PROTOCOL BASED ON PUBLIC-KEY

CRYPTOGRAPHY, s.l.: Faculty of Science and Information Technology – Al Zaytoonah University of Jordan.

hypr, n.d. Meet-in-the-Middle (MitM) Attack. [Online]

Available at: https://www.hypr.com/meet-in-the-middle-mitm-attack/

Pedamkar, P., n.d. Diffie Hellman Key Exchange Algorithm. [Online]

Available at: https://www.educba.com/diffie-hellman-key-exchange-algorithm/

Sandro Coretti, U. M. a. B. T., n.d. A Constructive Perspective on Key Encapsulation, s.l.: Department of Computer
Science, ETH Z¨urich, Switzerland.

Tawde, S., n.d. RSA Algorithm. [Online]

Available at: https://www.educba.com/rsa-algorithm/?source=leftnav

techwalla, n.d. What Are the Advantages & Disadvantages of Elliptic Curve Cryptography for Wireless Security?.
[Online]
Available at: https://www.techwalla.com/articles/what-are-the-advantages-disadvantages-of-elliptic-curve-
cryptography-for-wireless-security

The SSLStore, 2021. Block Cipher vs Stream Cipher: What They Are & How They Work. [Online]
Available at: https://www.thesslstore.com/blog/block-cipher-vs-stream-cipher/

Vipul Goyal, P. M. A. S., n.d. Efficient Two Party and Multi Party Computation against Covert Adversaries, s.l.:
s.n.

Cryptography TMUC AZLAN KHAN

 ~ 37 ~

Cryptography TMUC AZLAN KHAN