COLLEGE OF BUSINESS EDUCATION

DODOMA CAMPUS

GROUP ASSINGMENT

PROGRAMME OF STUDY : BACHELOR IN INFORMATION TECHNOLOGY.

YEAR OF STUDY : 2024/2025

MODULE :IT SECURITY

LECTURER NAME : MADAM JANETH GILITU

NAME OF STUDENT REGISTRATION NUMBER

AHMED JUMA 03.8071.01.02.2022
KISANGWA E. MRUMBI 03.0565.01.02.2022
REHEMA S. RUPIA 03.1132.01.02.2022
ANNA TUMUSIME 03.9936.01.02.2022
JOSEPH M SOSPETER 03.5537.01.02.2022
ANSWERS;

1. Data Encryption, Data Decryption, and the Purpose of Data Encryption

What is Data Encryption?
Data encryption is the process of converting readable information (plaintext) into an
unreadable format (ciphertext) using an encryption algorithm and a cryptographic key. This
process ensures that only authorized individuals can access the original information. Encryption
is used widely in applications like secure messaging, online transactions, and data storage.
Example of Data Encryption Process
- Plaintext: `"Hello, this is a confidential message."`
- Encryption Algorithm: AES (Advanced Encryption Standard)
- Key: `128-bit key`
- Ciphertext Output: `"X9f8hJkLmN8qU4zYg5V2bW"` (Unintelligible format, unreadable
without a key)

What is Data Decryption?

Data decryption is the reverse process of encryption. It converts ciphertext back into plaintext
using a decryption algorithm and the appropriate key. Without the correct decryption key, the
data remains unintelligible.
Example of Data Decryption Process
- Ciphertext Input: `"X9f8hJkLmN8qU4zYg5V2bW"`
- Decryption Algorithm: AES
- Key: `128-bit key (same as used in encryption)`
- Output: `"Hello, this is a confidential message."`

Purpose of Data Encryption

Data encryption serves multiple crucial security purposes:
1. Confidentiality – Prevents unauthorized individuals from reading sensitive information.
2. Data Integrity – Ensures that the data has not been altered or tampered with during
transmission or storage.
3. Authentication – Verifies the sender and receiver’s identity, ensuring communication occurs
between trusted entities.
4. Non-Repudiation – Prevents individuals from denying their actions (e.g., a digitally signed
document ensures the sender cannot claim they never sent it).
5. Data Protection – Safeguards personal data, financial information, and corporate secrets from
cyber threats like hacking and data breaches.

2. Public and Private Key Cryptography and Their Principles

Public Key Cryptography (Asymmetric Encryption)
Public key cryptography, also known as asymmetric encryption, uses two different keys:
- Public Key – Used to encrypt data and is openly shared.
- Private Key– Used to decrypt data and must be kept secret.
Since only the private key holder can decrypt the message, asymmetric encryption ensures secure
communication without requiring both parties to exchange secret keys in advance.
Principles of Public Key Cryptography
1. Key Pair Generation – A mathematically linked public-private key pair is generated.
2. Encryption with Public Key– The sender encrypts the message using the recipient’s public
key.
3. Decryption with Private Key– The recipient decrypts the message using their private key.
4. Digital Signatures – The sender can sign a message using their private key, allowing the
receiver to verify authenticity using the sender’s public key.
Example of Public Key Cryptography
- Sender encrypts message: `"Hello"` → Encrypt with **Recipient's Public Key** → `"A34Bf!"`
(Ciphertext)
- Recipient decrypts message: `"A34Bf!"` → Decrypt with **Recipient's Private Key** →
`"Hello"`
Common Public Key Algorithms
- RSA (Rivest-Shamir-Adleman) – Secure but computationally expensive.
- ECC (Elliptic Curve Cryptography) – Strong security with shorter key lengths.
- Diffie-Hellman– Used for secure key exchange.
Private Key Cryptography (Symmetric Encryption)
Private key cryptography, also known as symmetric encryption, uses a single secret key for both
encryption and decryption.
Principles of Private Key Cryptography
1. Single Key Usage – Both sender and receiver use the same key for encryption and decryption.
2. Key Distribution – The key must be securely exchanged before communication.
3. Efficiency– Symmetric encryption is faster than asymmetric encryption, making it ideal for
bulk data encryption.
Example of Private Key Cryptography
- Key: `"MySecretKey123"`
- Plaintext: `"Confidential Data"`
- Ciphertext Output: `"XkLm92!bW"` (Encrypted with the secret key)
- Decryption using the same key→ `"Confidential Data"`
Common Private Key Algorithms
- AES (Advanced Encryption Standard)– Highly secure, used worldwide.
- DES (Data Encryption Standard)– Outdated but historically significant.
- Blowfish – Fast and flexible for encryption.

3. Block Cipher and How It Works

What is a Block Cipher?
A block cipher encrypts data in fixed-size blocks rather than individual bits. Each block
undergoes a series of cryptographic transformations before becoming ciphertext.
How Block Cipher Works
1. Data Division – The plaintext is divided into fixed-size blocks (e.g., AES uses 128-bit
blocks).
2. Encryption Process – Each block undergoes multiple rounds of encryption using
substitution, permutation, and key mixing operations.
3. Ciphertext Output – The encrypted blocks are combined to form the final ciphertext.
Example Block Cipher Algorithms
- AES (128-bit block size, 10 rounds of encryption)
- DES (64-bit block size, 16 rounds of encryption)
- Blowfish (Variable block size, fast execution)

4. Benefits and Deficiencies of Cryptographic Methods

Block Cipher
Benefits:
- Strong encryption when using secure algorithms like AES.
- Efficient for encrypting large volumes of data.
Deficiencies:
- Requires proper key management.
- Susceptible to padding oracle attacks if improperly implemented.

Public Key Cryptography

Benefits:
- Enables secure key exchange without prior key sharing.
- Supports digital signatures and authentication.
Deficiencies;
- Slower than symmetric encryption.
- Requires more processing power and larger key sizes.

Private Key Cryptography

Benefits:
- Faster than public key cryptography.
- Ideal for encrypting bulk data.
Deficiencies:
- Requires secure key distribution.
- If the key is compromised, all encrypted data is vulnerable.

5. Cryptography Techniques in Securing an Information System

1. Secure Communication (SSL/TLS)
Uses public-key cryptography (e.g., RSA, ECC) for key exchange.
Encrypts web traffic using symmetric encryption (e.g., AES).
Protects data transmitted over the internet.
2. Data Encryption for Storage
Encrypts stored data using AES, Blowfish, or DES.
Protects against unauthorized access and data breaches.
Commonly used in databases, cloud storage, and disk encryption (e.g., BitLocker).
3. Digital Signatures and Authentication
Ensures authenticity and integrity using public key cryptography.
Used in software updates, electronic documents, and emails.
Algorithms: RSA, DSA (Digital Signature Algorithm), ECDSA (Elliptic Curve DSA).
4. Secure Password Storage
Uses cryptographic hashing algorithms (e.g., SHA-256, bcrypt).
Protects user passwords in databases.
Hashing ensures passwords are not stored in plaintext.
5. Blockchain and Cryptocurrency Security
Uses cryptographic hashing (SHA-256, Keccak) for data integrity.
Transactions are signed using public-key cryptography (e.g., ECDSA).
Ensures secure, tamper-proof transactions.
6. Multi-Factor Authentication (MFA)
Combines password authentication with cryptographic tokens or biometrics.
Uses HMAC (Hash-based Message Authentication Code) for OTPs (One-Time Passwords).
Enhances security by requiring multiple authentication factors.
7. Secure Email Communication (PGP and S/MIME)
Pretty Good Privacy (PGP) encrypts emails using public-key cryptography.
S/MIME (Secure/Multipurpose Internet Mail Extensions) ensures email security.
Prevents eavesdropping and ensures message integrity.
8. Zero Trust Security Model
Assumes no network or device is trusted by default.
Uses end-to-end encryption, digital certificates, and access control.
Applies cryptographic techniques to protect sensitive data at all levels.