AC3401 Information Coding Techniques Unit V Cryptography

UNIT V CRYPTOGRAPHY
Overview of encryption techniques - symmetric cryptography - Data Key Characteristics:
Encryption Standard (DES) - International Data Encryption Algorithm  Single shared key for encryption and decryption.
(IDEA) - RC Ciphers - Public-key algorithm - RSA algorithm - Pretty Good  Faster than asymmetric encryption.
Privacy - One-way Hashing  Suitable for bulk data encryption.
 Key distribution is a challenge.
Overview of Encryption Techniques Common Symmetric Encryption Algorithms:
Encryption is the process of converting plaintext into cipher text to protect 1. DES (Data Encryption Standard):
the confidentiality, integrity, and authenticity of data. It is a fundamental o Key size: 56 bits.
aspect of modern cybersecurity and is used in various applications, including o Block size: 64 bits.
secure communication, data storage, and authentication. Encryption o Now considered insecure due to its short key length.
techniques can be broadly categorized into two types: symmetric o Replaced by 3DES (Triple DES), which applies DES three
encryption and asymmetric encryption. Below is a detailed overview of times with different keys.
these techniques, along with their subtypes, algorithms, and use cases. 2. AES (Advanced Encryption Standard):
o Key sizes: 128, 192, or 256 bits.
o Block size: 128 bits.
o Widely used and considered secure.
o Efficient in both hardware and software implementations.

1. Symmetric Encryption
Symmetric encryption uses the same key for both encryption and decryption.
It is fast and efficient, making it suitable for encrypting large amounts of data.
However, the key must be securely shared between the communicating
parties.

3. Blowfish:
o Key size: 32 to 448 bits.
o Block size: 64 bits.

1
AC3401 Information Coding Techniques Unit V Cryptography

o Fast and secure but largely replaced by AES. o Based on the factorization of large prime numbers.
4. Two fish: o Widely used for secure data transmission and digital
o Key size: 128, 192, or 256 bits. signatures.
o Block size: 128 bits. 2. ECC (Elliptic Curve Cryptography):
o A successor to Blowfish, known for its flexibility and security. o Key sizes: 160 to 521 bits.
5. ChaCha20: o Provides equivalent security to RSA with smaller key sizes.
o Stream cipher. o Efficient in resource-constrained environments (e.g., mobile
o Key size: 256 bits. devices).
o Used in modern protocols like TLS (Transport Layer 3. Diffie-Hellman:
Security). o Used for secure key exchange.
Use Cases: o Does not encrypt data directly but enables secure sharing of
 Encrypting files and databases. symmetric keys.
 Secure communication (e.g., VPNs). 4. ElGamal:
 Disk encryption (e.g., BitLocker, FileVault). o Based on the Diffie-Hellman key exchange.
o Used for encryption and digital signatures.
2. Asymmetric Encryption Use Cases:
Asymmetric encryption uses a pair of keys: a public key for encryption and  Secure key exchange (e.g., TLS handshake).
a private key for decryption. It solves the key distribution problem of  Digital signatures (e.g., signing software or documents).
symmetric encryption but is slower and computationally more intensive.  Authentication (e.g., SSH, SSL/TLS).

3. Hybrid Encryption
Hybrid encryption combines the strengths of symmetric and asymmetric
encryption. Typically, asymmetric encryption is used to securely exchange a
symmetric key, which is then used for bulk data encryption.
Example:
 In TLS/SSL, RSA or ECC is used to exchange an AES key, which is
then used to encrypt the session data.

4. Hashing
Key Characteristics: While not an encryption technique, hashing is often used alongside
 Two keys: public key (shared) and private key (kept secret). encryption for data integrity and authentication. A hash function converts
 Slower than symmetric encryption. data into a fixed-size string of characters, which is unique to the input data.
 Used for key exchange, digital signatures, and authentication. Key Characteristics:
 Provides non-repudiation.  One-way function (cannot be reversed).
Common Asymmetric Encryption Algorithms:  Fixed output size (e.g., 256 bits for SHA-256).
1. RSA (Rivest-Shamir-Adleman):  Used for verifying data integrity and storing passwords.
o Key sizes: 1024, 2048, or 4096 bits.

2
AC3401 Information Coding Techniques Unit V Cryptography

Common Hashing Algorithms:

1. MD5: 6. Post-Quantum Cryptography
o Output size: 128 bits. With the advent of quantum computing, traditional encryption algorithms
o Considered insecure due to vulnerabilities. (e.g., RSA, ECC) may become vulnerable. Post-quantum cryptography
2. SHA-1: focuses on developing algorithms resistant to quantum attacks.
o Output size: 160 bits. Examples:
o Deprecated due to collision vulnerabilities.  Lattice-based cryptography.
3. SHA-2:  Hash-based cryptography.
o Output sizes: 224, 256, 384, or 512 bits.  Code-based cryptography.
o Widely used and considered secure.
4. SHA-3:
o Output sizes: same as SHA-2. Common
o Based on a different design (Keccak) than SHA-2.
Type Key Features Use Cases
Algorithms
5. bcrypt: Single key, fast, bulk AES, DES, File encryption,
o Designed for password hashing. Symmetric
data encryption ChaCha20 VPNs
o Includes a salt to prevent rainbow table attacks.
Public/private key pair, RSA, ECC, Key exchange,
Use Cases: Asymmetric
slower Diffie-Hellman digital signatures
 Password storage.
Combines symmetric
 Data integrity checks (e.g., file verification). Hybrid RSA + AES TLS/SSL
and asymmetric
 Digital signatures.
Password storage,
Hashing One-way, fixed output SHA-256, bcrypt
5. Modes of Operation data integrity
Encryption algorithms can operate in different modes to enhance security and Post- Resistant to quantum Lattice-based, Future-proofing
functionality. Quantum attacks hash-based encryption
Common Modes:
1. ECB (Electronic Codebook): Symmetric Cryptography
o Encrypts each block independently. Symmetric cryptography, also known as symmetric-key
o Vulnerable to pattern analysis. encryption or secret-key encryption, is a type of encryption where the same
2. CBC (Cipher Block Chaining): key is used for both encrypting and decrypting data. It is one of the oldest and
o Each block is XORed with the previous ciphertext block. most widely used forms of encryption, known for its speed and efficiency,
o Requires an initialization vector (IV). making it ideal for encrypting large volumes of data.
3. CTR (Counter): Key Concepts in Symmetric Cryptography
o Converts a block cipher into a stream cipher. 1. Shared Secret Key:
o Uses a counter for encryption. o A single key is used for both encryption and decryption.
4. GCM (Galois/Counter Mode): o The key must be kept secret and securely shared between the
o Provides both confidentiality and authenticity. communicating parties.
o Widely used in modern protocols (e.g., TLS).

3
AC3401 Information Coding Techniques Unit V Cryptography

Disadvantages of Symmetric Cryptography

1. Key Distribution Problem:
o The secret key must be securely shared between parties, which
can be challenging in large or distributed systems.
2. Scalability Issues:
o In a system with nn users, each user needs a unique key for
every other user, resulting in n(n−1)22n(n−1) total keys.
3. Lack of Non-Repudiation:
o Since the same key is used by both parties, it is impossible to
determine which party encrypted the data.

2. Encryption Process: Common Symmetric Encryption Algorithms

o Plaintext (original data) is converted into ciphertext 1. DES (Data Encryption Standard):
(encrypted data) using the secret key and an encryption o Developed in the 1970s by IBM.
algorithm. o Key size: 56 bits.
3. Decryption Process: o Block size: 64 bits.
o Ciphertext is converted back into plaintext using the same o Vulnerable to brute-force attacks due to its short key length.
secret key and a decryption algorithm. o Largely replaced by 3DES (Triple DES), which applies DES
4. Block Ciphers vs. Stream Ciphers: three times with different keys.
o Block Ciphers: Encrypt data in fixed-size blocks (e.g., 64 or 2. AES (Advanced Encryption Standard):
128 bits). o Adopted by the U.S. government in 2001.
o Stream Ciphers: Encrypt data bit-by-bit or byte-by-byte, o Key sizes: 128, 192, or 256 bits.
typically using a keystream generated from the key. o Block size: 128 bits.
o Highly secure and efficient, widely used in modern
Advantages of Symmetric Cryptography applications.
1. Speed: o Supports multiple modes of operation (e.g., ECB, CBC,
o Symmetric algorithms are computationally faster than GCM).
asymmetric algorithms, making them suitable for encrypting 3. Blowfish:
large amounts of data. o Developed by Bruce Schneier in 1993.
2. Efficiency: o Key size: 32 to 448 bits.
o Requires less computational power and resources compared to o Block size: 64 bits.
asymmetric cryptography. o Fast and secure but largely replaced by AES.
3. Simplicity: 4. Twofish:
o Easier to implement and manage due to the use of a single key. o Successor to Blowfish.
o Key size: 128, 192, or 256 bits.
o Block size: 128 bits.

4
AC3401 Information Coding Techniques Unit V Cryptography

o Known for its flexibility and security. o Used in VPNs, TLS/SSL, and secure messaging apps.
5. ChaCha20: 3. Disk Encryption:
o Stream cipher developed by Daniel J. Bernstein. o Encrypting entire disks or partitions to protect data at rest.
o Key size: 256 bits. 4. Wireless Security:
o Used in modern protocols like TLS and VPNs. o Used in protocols like WPA2 and WPA3 for securing Wi-Fi
o Faster than AES in software implementations. networks.

Modes of Operation in Symmetric Cryptography Key Management in Symmetric Cryptography

Symmetric encryption algorithms can operate in different modes to enhance Key management is a critical aspect of symmetric cryptography. It involves:
security and functionality. These modes define how blocks of data are 1. Key Generation:
processed. o Creating strong, random keys using secure algorithms.
1. ECB (Electronic Codebook): 2. Key Distribution:
o Encrypts each block independently. o Securely sharing keys between parties (e.g., using asymmetric
o Vulnerable to pattern analysis (e.g., identical plaintext blocks encryption or key exchange protocols like Diffie-Hellman).
produce identical ciphertext blocks). 3. Key Storage:
2. CBC (Cipher Block Chaining): o Storing keys securely using hardware security modules
o Each block is XORed with the previous ciphertext block (HSMs) or key management systems.
before encryption. 4. Key Rotation:
o Requires an initialization vector (IV) to ensure uniqueness. o Periodically changing keys to minimize the impact of key
3. CTR (Counter): compromise.
o Converts a block cipher into a stream cipher.
o Uses a counter value for encryption, allowing parallel Comparison with Asymmetric Cryptography
processing. Symmetric
4. GCM (Galois/Counter Mode): Aspect Asymmetric Cryptography
Cryptography
o Combines CTR mode with authentication. Key Usage Single shared key Public/private key pair
o Provides both confidentiality and integrity.
Speed Faster Slower
o Widely used in modern protocols like TLS.
Key Easier (public keys can be
5. OFB (Output Feedback): Challenging
Distribution shared)
o Converts a block cipher into a stream cipher.
o Uses the output of the encryption process as feedback for the Key exchange, digital
Use Case Bulk data encryption
next block. signatures
Scalability Less scalable More scalable
Applications of Symmetric Cryptography
1. Data Encryption: Security Considerations
o Encrypting files, databases, and storage devices (e.g., 1. Key Length:
BitLocker, FileVault). o Longer keys provide stronger security but require more
2. Secure Communication: computational resources.
o AES-256 is considered highly secure for most applications.

5
AC3401 Information Coding Techniques Unit V Cryptography

2. Brute-Force Attacks: Key Features of DES

o Symmetric algorithms with short key lengths (e.g., DES) are 1. Symmetric Encryption:
vulnerable to brute-force attacks. o Uses the same key for both encryption and decryption.
3. Side-Channel Attacks: 2. Block Cipher:
o Attackers may exploit implementation flaws (e.g., timing o Encrypts data in fixed-size blocks of 64 bits.
attacks) to extract keys. 3. Key Length:
4. Quantum Computing Threat: o Uses a 56-bit key (64-bit key with 8 bits used for parity,
o Symmetric algorithms like AES are considered relatively resulting in 56 effective bits).
secure against quantum attacks compared to asymmetric 4. Rounds:
algorithms like RSA. o Applies 16 rounds of encryption using a Feistel network
structure.
Data Encryption Standard (DES) 5. Modes of Operation:
The Data Encryption Standard (DES) is a symmetric-key block cipher o Supports modes like ECB (Electronic Codebook) and CBC
algorithm that was one of the first widely used encryption standards. (Cipher Block Chaining).
Developed by IBM in the early 1970s and adopted by the U.S. National How DES Works?
Institute of Standards and Technology (NIST) in 1977, DES became a 1. Key Generation
foundational technology in cryptography. However, due to its short key  The 56-bit key is expanded into 16 subkeys, each used in one of the
length and vulnerabilities to modern attacks, it has been largely replaced by 16 rounds of encryption.
more secure algorithms like AES (Advanced Encryption Standard). 2. Initial Permutation (IP)
 The 64-bit plaintext block is permuted using a fixed initial
permutation table.
3. Feistel Network
 DES uses a Feistel network structure, which splits the 64-bit block
into two 32-bit halves (left and right).
 In each round:
o The right half is processed using a round function FF.
o The output of FF is XORed with the left half.
o The halves are swapped (except in the final round).
4. Round Function FF
 The round function consists of:
o Expansion: The 32-bit right half is expanded to 48 bits.
o Key Mixing: The expanded data is XORed with the round
subkey.
o Substitution: The result is passed through 8 S-boxes
(substitution boxes), each mapping 6 bits to 4 bits.
o Permutation: The output of the S-boxes is permuted using a
fixed permutation table.

6
AC3401 Information Coding Techniques Unit V Cryptography

5. Final Permutation (FP)  Still considered less efficient than modern algorithms like AES.
 After 16 rounds, the halves are combined and permuted using the Modes of Operation for DES
inverse of the initial permutation. 1. ECB (Electronic Codebook):
Strengths of DES o Encrypts each 64-bit block independently.
1. Historical Significance: o Vulnerable to pattern analysis (identical plaintext blocks
o DES was the first encryption standard to be widely adopted produce identical ciphertext blocks).
and implemented. 2. CBC (Cipher Block Chaining):
2. Efficiency: o Each block is XORed with the previous ciphertext block
o DES is relatively fast and efficient in hardware before encryption.
implementations. o Requires an initialization vector (IV) to ensure uniqueness.
3. Foundation for Modern Cryptography: 3. CFB (Cipher Feedback):
o DES introduced concepts like Feistel networks and o Converts DES into a stream cipher.
substitution-permutation networks, which influenced later o Encrypts small units of data (e.g., bytes).
algorithms. 4. OFB (Output Feedback):
Weaknesses of DES o Converts DES into a stream cipher.
1. Short Key Length: o Uses the output of the encryption process as feedback for the
o The 56-bit key is vulnerable to brute-force attacks. Modern next block.
computers can break DES in hours or even minutes. Applications of DES
2. Vulnerability to Attacks: 1. Historical Use:
o DES is susceptible to attacks like differential cryptanalysis o DES was widely used in financial systems, secure
and linear cryptanalysis. communications, and government applications.
3. Outdated Security: 2. Legacy Systems:
o Advances in computing power have rendered DES insecure o Some legacy systems still use DES or 3DES for backward
for modern applications. compatibility.
Triple DES (3DES) 3. Educational Purposes:
To address DES's weaknesses, Triple DES (3DES) was introduced. It o DES is often studied in cryptography courses to understand
applies the DES algorithm three times with two or three different keys, foundational concepts.
increasing the effective key length to 112 or 168 bits. Security Considerations
3DES Encryption Process: 1. Brute-Force Attacks:
1. Encrypt with Key 1. o DES's 56-bit key can be broken by modern computers using
2. Decrypt with Key 2. brute-force methods.
3. Encrypt with Key 3. 2. Differential and Linear Cryptanalysis:
Advantages of 3DES: o DES is vulnerable to these advanced cryptographic attacks.
 Provides stronger security than DES. 3. Replacement by AES:
 Backward compatible with DES. o AES (Advanced Encryption Standard) has replaced DES as
Disadvantages of 3DES: the standard for secure encryption due to its longer key
 Slower than DES due to triple processing. lengths (128, 192, or 256 bits) and stronger security.

7
AC3401 Information Coding Techniques Unit V Cryptography

Comparison of DES and AES

Feature DES AES Step-by-Step Working of IDEA
Key 56 bits 128, 192, or 256 bits 1. Key Generation
Length  The 128-bit key is divided into 52 subkeys (16 bits each).
Block Size 64 bits 128 bits  Subkeys are used in 8 rounds and the output transformation.
Rounds 16 10, 12, or 14 (depending on  Key schedule generates subkeys by rotating the key and splitting it
key size) into 16-bit blocks.
Security Vulnerable to brute-force Considered highly secure
attacks 2. Encryption Process
Speed Fast in hardware Faster and more efficient in  Input: 64-bit plaintext block divided into 4 sub-blocks (16 bits
software each): X1,X2,X3,X4X1,X2,X3,X4.
 Rounds: Each round performs the following operations:
International Data Encryption Algorithm (IDEA) o Multiplication modulo 2¹⁶ + 1 (denoted as ⊙⊙).
The International Data Encryption Algorithm (IDEA) is a symmetric-key o Addition modulo 2¹⁶ (denoted as ⊞⊞).
block cipher designed to provide strong encryption for data security. It was o XOR (denoted as ⊕⊕).
developed in 1991 by Xuejia Lai and James Massey and is widely used in Round Operations:
applications like Pretty Good Privacy (PGP) for secure communication. 1. Multiply X1X1 with subkey K1K1: X1⊙K1X1⊙K1.
2. Add X2X2 with subkey K2K2: X2⊞K2X2⊞K2.
Key Features of IDEA 3. Add X3X3 with subkey K3K3: X3⊞K3X3⊞K3.
1. Block Size: 64 bits. 4. Multiply X4X4 with subkey K4K4: X4⊙K4X4⊙K4.
2. Key Size: 128 bits. 5. XOR the results of steps 1 and 3: A=(X1⊙K1)⊕(X3⊞K3)A=(X1
3. Rounds: 8.5 (8 full rounds + 1 output transformation). ⊙K1)⊕(X3⊞K3).
4. Structure: Uses a combination of XOR, addition modulo 2¹⁶, 6. XOR the results of steps 2 and 4: B=(X2⊞K2)⊕(X4⊙K4)B=(X2
and multiplication modulo 2¹⁶ + 1. ⊞K2)⊕(X4⊙K4).
5. Security: Resistant to differential and linear cryptanalysis. 7. Multiply AA with subkey K5K5: C=A⊙K5C=A⊙K5.
8. Add BB and CC: D=B⊞CD=B⊞C.
9. Multiply DD with subkey K6K6: E=D⊙K6E=D⊙K6.
10. Add CC and EE: F=C⊞EF=C⊞E.
11. XOR X1X1 with EE: X1′=(X1⊙K1)⊕EX1′=(X1⊙K1)⊕E.
12. XOR X3X3 with EE: X3′=(X3⊞K3)⊕EX3′=(X3⊞K3)⊕E.
13. XOR X2X2 with FF: X2′=(X2⊞K2)⊕FX2′=(X2⊞K2)⊕F.
14. XOR X4X4 with FF: X4′=(X4⊙K4)⊕FX4′=(X4⊙K4)⊕F.
 Swap X2′X2′ and X3′X3′ for the next round.

3. Output Transformation
 After 8 rounds, perform the final transformation:
o Multiply X1X1 with subkey K49K49.

8
AC3401 Information Coding Techniques Unit V Cryptography

o Add X2X2 with subkey K50K50. 2. Security: Based on the difficulty of factoring large integers.
o Add X3X3 with subkey K51K51. 3. Key Sizes: Typically 1024, 2048, or 4096 bits.
o Multiply X4X4 with subkey K52K52. 4. Applications: Secure communication, digital signatures, and key
 The result is the 64-bit ciphertext. exchange.

4. Decryption Process
 Decryption uses the same structure as encryption but with inverse
subkeys.
 Subkeys are derived by:
o Taking the multiplicative inverse for multiplication subkeys.
o Taking the additive inverse for addition subkeys.

Advantages of IDEA
1. Strong Security: Resistant to known cryptographic attacks.
2. Efficiency: Fast in both hardware and software implementations.
3. Flexibility: Can be used in various encryption applications.

Applications of IDEA
1. PGP (Pretty Good Privacy): Used for secure email communication.
2. Secure File Transfer: Encrypts files for secure storage or
transmission. Step-by-Step RSA Algorithm
3. VPNs (Virtual Private Networks): Provides data confidentiality. 1. Key Generation
1. Choose Two Large Prime Numbers:
Example o Select two distinct prime numbers pp and qq.
 Plaintext: 64-bit block (e.g., 0123456789ABCDEF in hex). o Example: p=61p=61, q=53q=53.
 Key: 128-bit key 2. Compute nn (Modulus):
(e.g., 00112233445566778899AABBCCDDEEFF in hex). o n=p×qn=p×q.
 Ciphertext: Encrypted 64-bit block after IDEA processing. o Example: n=61×53=3233n=61×53=3233.
3. Compute Euler's Totient Function ϕ(n)ϕ(n):
RSA Algorithm o ϕ(n)=(p−1)×(q−1)ϕ(n)=(p−1)×(q−1).
The RSA algorithm is a widely used public-key cryptosystem for secure o Example: ϕ(n)=60×52=3120ϕ(n)=60×52=3120.
data transmission. It was invented in 1977 by Ron Rivest, Adi Shamir, 4. Choose Public Key ee:
and Leonard Adleman. RSA relies on the mathematical properties of prime o Select ee such
numbers and modular arithmetic for encryption and decryption. that 1<e<ϕ(n)1<e<ϕ(n) and gcd (e,ϕ(n))=1gcd(e,ϕ(n))=1.
o Example: e=17e=17.
Key Features of RSA 5. Compute Private Key dd:
1. Asymmetric Cryptography: Uses a pair of keys (public and private). o dd is the modular multiplicative inverse
of ee modulo ϕ(n)ϕ(n).
9
AC3401 Information Coding Techniques Unit V Cryptography

o Solve: d×e≡1mod ϕ(n)d×e≡1modϕ(n). Limitations of RSA

o Example: d=2753d=2753 (since 17×2753mod 3120=117×27 1. Computationally Expensive: Slower than symmetric-key
53mod3120=1). algorithms.
6. Public Key: (e,n)=(17,3233)(e,n)=(17,3233). 2. Key Size: Requires large keys for security (e.g., 2048 bits).
7. Private Key: (d,n)=(2753,3233)(d,n)=(2753,3233). 3. Vulnerable to Quantum Attacks: Shor's algorithm can break RSA
on quantum computers.
2. Encryption
 Plaintext: Convert the message into an integer MM such Applications of RSA
that 0≤M<n0≤M<n. 1. Secure Communication: Encrypts emails, messages, and files.
 Ciphertext: Compute C=Memod nC=Memodn. 2. Digital Signatures: Ensures message integrity and authenticity.
 Example: 3. Key Exchange: Used in protocols like SSL/TLS.
o M=123M=123.
o C=12317mod 3233=855C=12317mod3233=855. Example
 Plaintext: M=123M=123.
3. Decryption  Public Key: (e,n)=(17,3233)(e,n)=(17,3233).
 Ciphertext: C=855C=855.  Private Key: (d,n)=(2753,3233)(d,n)=(2753,3233).
 Plaintext: Compute M=Cdmod nM=Cdmodn.  Encryption: C=12317mod 3233=855C=12317mod3233=855.
 Example:  Decryption: M=8552753mod 3233=123M=8552753mod3233=123.
o M=8552753mod 3233=123M=8552753mod3233=123.
1. Pretty Good Privacy (PGP)
Mathematical Foundations  Overview:
1. Modular Exponentiation: o PGP is a data encryption and decryption program that
o Efficiently compute abmod nabmodn using algorithms provides cryptographic privacy and authentication for data
like Exponentiation by Squaring. communication.
2. Euler's Theorem: o It is widely used for securing emails, files, and other forms of
o If gcd (a,n)=1gcd(a,n)=1, data.
then aϕ(n)≡1mod naϕ(n)≡1modn. o PGP combines symmetric-key encryption and public-key
3. Prime Factorization: encryption to provide a high level of security.
o The security of RSA relies on the difficulty of
factoring nn into pp and qq.  Key Components:
o Symmetric-Key Encryption: Uses a single key for both
Advantages of RSA encryption and decryption. PGP typically uses algorithms like
1. Secure Key Exchange: Enables secure sharing of symmetric keys. AES (Advanced Encryption Standard) for this purpose.
2. Digital Signatures: Verifies the authenticity of messages. o Public-Key Encryption: Uses a pair of keys – a public key
3. Widely Used: Standard in SSL/TLS, PGP, and SSH. for encryption and a private key for decryption. PGP
commonly uses RSA (Rivest-Shamir-Adleman) or ECC
(Elliptic Curve Cryptography) for public-key encryption.

10
AC3401 Information Coding Techniques Unit V Cryptography

2. Decryption:
 The recipient uses their private key to decrypt the
session key.
 The session key is then used to decrypt the message.
 The message is decompressed to retrieve the original
plaintext.
3. Digital Signature:
 The sender creates a hash of the message and encrypts
it with their private key to create a digital signature.
 The recipient decrypts the signature using the sender's
public key and compares the hash with a newly
computed hash of the received message to verify
authenticity and integrity.
 Advantages:
o Confidentiality: Ensures that only the intended recipient can
read the message.
o Authentication: Verifies the identity of the sender.
o Integrity: Ensures that the message has not been altered
during transmission.
o Non-repudiation: Prevents the sender from denying that they
oDigital Signatures: Used for authentication and integrity
verification. PGP uses a hash function to create a message sent the message.
 Disadvantages:
digest, which is then encrypted with the sender's private key
o Complexity: Requires users to manage public and private
to create the digital signature.
o Compression: PGP compresses the data before encryption to
keys.
o Key Management: Losing the private key can result in loss
save space and improve security.
o Radix-64 Encoding: Converts binary data to ASCII text
of access to encrypted data.
format for easy transmission over email or other text-based o Performance: Encryption and decryption can be
systems. computationally intensive, especially for large files.
 How PGP Works: 2. One-Way Hashing
 Overview:
1. Encryption:
o One-way hashing is a cryptographic process that takes an
 The sender compresses the plaintext message.
 A random symmetric key (session key) is generated
input (or message) and produces a fixed-size string of bytes,
and used to encrypt the compressed message. typically a hash value.
o The process is "one-way" in the sense that it is
 The session key is then encrypted using the recipient's
public key. computationally infeasible to reverse the process and obtain
 The encrypted session key and the encrypted message
the original input from the hash value.
are sent to the recipient.

11
AC3401 Information Coding Techniques Unit V Cryptography

o Hashing is commonly used for data integrity verification, o SHA-1 (Secure Hash Algorithm 1): Produces a 160-bit hash
password storage, and digital signatures. value. It is also considered insecure and deprecated for most
cryptographic purposes.
o SHA-2 (Secure Hash Algorithm 2): A family of hash
functions that includes SHA-224, SHA-256, SHA-384, and
SHA-512. SHA-256 and SHA-512 are widely used and
considered secure.
o SHA-3 (Secure Hash Algorithm 3): The latest member of the
Secure Hash Algorithm family, designed as an alternative to
SHA-2.
 Applications of One-Way Hashing:
o Data Integrity: Hashing is used to verify that data has not
been altered. For example, file checksums are used to ensure
that a file has not been corrupted during transmission.
o Password Storage: Instead of storing plaintext passwords,
systems store the hash of the password. When a user logs in,
the system hashes the entered password and compares it to the
stored hash.
o Digital Signatures: Hashing is used in the creation of digital
 Key Properties:
signatures to ensure the integrity and authenticity of a
o Deterministic: The same input will always produce the same
message.
hash value.
o Blockchain: Hashing is a fundamental component of
o Fast Computation: The hash function should quickly
blockchain technology, used to link blocks together and
compute the hash value for any given input.
ensure the integrity of the blockchain.
o Pre-image Resistance: It should be computationally
 Advantages:
infeasible to reverse the hash function and obtain the original
o Security: Provides a secure way to verify data integrity and
input.
authenticity.
o Small Changes in Input: A small change in the input should
o Efficiency: Hashing is computationally efficient, making it
produce a significantly different hash value (avalanche
suitable for large volumes of data.
effect).
o Non-reversibility: The one-way nature of hashing ensures
o Collision Resistance: It should be computationally infeasible
that the original data cannot be easily retrieved from the hash
to find two different inputs that produce the same hash value.
value.
 Common Hash Algorithms:
 Disadvantages:
o MD5 (Message Digest Algorithm 5): Produces a 128-bit
o Collision Vulnerability: Although rare, collisions (two
hash value. However, it is considered insecure due to
different inputs producing the same hash) can occur,
vulnerabilities to collision attacks.
especially with weaker hash algorithms.

12
AC3401 Information Coding Techniques Unit V Cryptography

o Rainbow Table Attacks: Precomputed tables of hash values

can be used to reverse-engineer hashed passwords, though this
can be mitigated with techniques like salting.
3. PGP and One-Way Hashing Together Integration:
o In PGP, one-way hashing is used in the creation of digital
signatures. The sender creates a hash of the message, which is
then encrypted with the sender's private key to create the
signature.
o The recipient can verify the signature by decrypting it with the
sender's public key and comparing the resulting hash with a
newly computed hash of the received message.
o This ensures that the message has not been tampered with and
that it was indeed sent by the claimed sender.
 Security Implications:
o The combination of PGP's encryption and one-way hashing
provides a robust mechanism for securing communications.
o The use of hashing ensures data integrity, while PGP's
encryption ensures confidentiality and authentication.
o Together, they provide a comprehensive solution for secure
communication over potentially insecure channels.
4. Conclusion
 PGP and One-Way Hashing are fundamental technologies in the
field of cryptography.
 PGP provides a comprehensive solution for secure communication,
combining encryption, digital signatures, and compression.
 One-way hashing is essential for ensuring data integrity, password
security, and the creation of digital signatures.
 When used together, they provide a powerful toolkit for securing
digital communications and data.
These notes should provide a detailed understanding of Pretty Good Privacy
(PGP) and One-Way Hashing, their components, how they work, and their
applications in the field of cryptography.

13