Cryptography

Cryptography
• Cryptography is a technique of securing information and
communications through the use of codes so that only those persons
for whom the information is intended can understand and process it.
Thus, preventing unauthorized access to information.
• The prefix “crypt” means “hidden” and the suffix “graphy” means
“writing”.
Types Of Cryptography
Symmetric Key Cryptography
Asymmetric Key Cryptography
Cryptography - Hash functions
• A hash function in cryptography is like a mathematical function that takes
various inputs, like messages or data, and transforms them into fixed-
length strings of characters.
• Means the input to the hash function is of any length but output is always
of fixed length.
• This is like compressing a large balloon into a compact ball.
• Hash functions play a crucial role in various security applications, including
password storage (hash values instead of passwords), digital signatures,
and data integrity checks.
• Hash values, or message digests, are values that a hash function returns.
Key Points of Hash Functions
• Hash functions are mathematical
operations that "map" or change a
given collection of data into a fixed-
length bit string that is referred to as
the "hash value."
• Hash functions have a variety of
complexity and difficulty levels and
are used in cryptography.
Properties of hash functions
• Pre-Image Resistance - According to this feature, reversing a hash
function should be computationally difficult. This feature defends
against an attacker attempting to locate the input with just the hash
value.
• Collision Resistance - This feature says that it should be difficult to
identify two different inputs of any length that produce the same
hash. This characteristic is also known as a collision-free hash
function.
• Efficiency of Operation - Computation of h(x) for any hash function h
given input x can be an easy process.
Properties of hash functions(Con.)
• Fixed Output Size - Hashing generates an output of a specific length,
regardless of the input size, and helps to make an output of the same
size from different input sizes.
• Deterministic - For a given input, the hash function consistently
produces the same output.
• Fast Computation - Hashing operations occur rapidly, even for large
amounts of data sets.
Birthday Attack
• The Birthday Paradox is a fascinating probability concept. For instance, in a
group of just 23 people, there's a surprising 50% chance that two
individuals share the same birthday. This same principle applies to the
birthday attack in cryptography.
• In cryptography, this paradox predicts the likelihood of two distinct inputs
producing the same hash output.
• Surprisingly, it's more feasible than you might imagine, posing a significant
risk to data integrity.
• Here's how the attack works, multiple different inputs are generated and
their hash values computed. Because of how hash functions and the
Birthday Paradox interact, it becomes statistically likely to find two
different inputs that yield the same hash output, creating a collision. This
collision can then be exploited to trick systems into treating different inputs
as if they were identical.
Message Authentication Code (MAC)
• Message authentication can be provided using the cryptographic
techniques.
• MAC algorithm is a symmetric key cryptographic technique to provide
message authentication. For establishing MAC process, the sender
and receiver share a symmetric key K.
• Essentially, a MAC is an encrypted checksum generated on the
underlying message that is sent along with a message to ensure
message authentication.
Working of MAC
Working of MAC
• The sender uses some publicly known MAC algorithm, inputs the message and the
secret key K and produces a MAC value.
• Similar to hash, MAC function also compresses an arbitrary long input into a fixed
length output. The major difference between hash and MAC is that MAC uses secret
key during the compression.
• The sender forwards the message along with the MAC. Here, we assume that the
message is sent in the clear, as we are concerned of providing message origin
authentication, not confidentiality. If confidentiality is required then the message
needs encryption.
• On receipt of the message and the MAC, the receiver feeds the received message
and the shared secret key K into the MAC algorithm and re-computes the MAC value.
• The receiver now checks equality of freshly computed MAC with the MAC received
from the sender. If they match, then the receiver accepts the message and assures
himself that the message has been sent by the intended sender.
• If the computed MAC does not match the MAC sent by the sender, the receiver
cannot determine whether it is the message that has been altered or it is the origin
that has been falsified. As a bottom-line, a receiver safely assumes that the message
is not the genuine.
HMAC Algorithm
• Keyed-Hash Message Authentication Code
• HMAC is a type of message authentication code that uses a secret key
and a cryptographic hash function to produce a message
authentication code (MAC) for a message. The HMAC algorithm takes
the message to be authenticated, a secret key, and a cryptographic
hash function as input, and produces a fixed-length MAC as output
• HMAC consists of twin benefits of Hashing and MAC and thus is more
secure than any other authentication code.
• The security of HMAC depends on the security of the underlying hash
function and the secrecy of the key used.
Working of HMAC Algorithm
CMAC
• Cipher-Based Message Authentication Code
• CMAC is a type of message authentication code that is based on a
block cipher. It is similar to HMAC, but instead of using a hash
function, it uses a block cipher to produce a MAC for a message.
• CMACs (Cipher-based message authentication codes) create a
message authentication codes (MACs) using a block cipher and a
secret key. They differ from HMACs in that they use a symmetric key
method for the MACs rather than a hashing method. When the
recipient receives the CMAC field, they will also compute the same
CMAC with the message and the secret key. If they are the same, the
recipient knows that the message has not been changed and signed
with the secret key.
Working of CMAC algorithm
• HMAC uses a hashing method, and CMAC uses a symmetric key
method. Overall, HMAC is simplier and faster than CMAC. It is
normally the best choice for varying lengths of messages, and for
different key sizes. CMAC, though, is possibly better in complying with
standards and its integration into a range of protocols.