Lecture4 of Computing SecurityI 2018-2019

Lecture 4 Outlines:
• Cryptographic Algorithms and Keys.
• Types of Cryptosystems
• Symmetric Algorithms
• Asymmetric Algorithms

1. Cryptographic Algorithms and Keys.
A Cryptographic Algorithm, also called a Cipher, is the mathematical function used for encryption and decryption. (As mentioned, there are two related functions: one for encryption and the other for decryption.)
If the security of an algorithm is based on keeping the way that algorithm works a secret, it is a Restricted Algorithm. Restricted algorithms have historical interest, but are inadequate by today’s standards. A large or changing group of users cannot use them, because every time a user leaves the group everyone else must switch to a different algorithm. If someone reveals the secret, everyone must change their algorithm.
Modern cryptography solves this problem with a Key, denoted by K. This key might be any one of a large number of values. The range of possible values of the key is called the Key Space. Both the encryption and decryption operations use this key (i.e., they are dependent on the key and this fact is denoted by the k subscript), so the functions now become:
EK(M) = C and DK(C) = M
Those functions have the property that (see Figure 1.2):
DK(EK(M)) = M
Some algorithms use a different encryption key and decryption key (see Figure 9). That is, the encryption key, K1, is different from the corresponding decryption key, K2. In this case:
EK1(M) = C
DK2(C) = M
DK2(EK1 (M)) = M
All of the security in these algorithms is based in the key (or keys); none is based in the details of the algorithm. This means that the algorithm can be published and analyzed. It doesn’t matter if an eavesdropper knows your algorithm; if she doesn’t know your particular key, she can’t read your messages.
A Cryptosystem is an algorithm, plus all possible plaintexts, ciphertexts, and keys.
An Interceptor (an attacker) is an unauthorized entity who attempts to determine the plaintext. He can see the ciphertext and may know the decryption algorithm. He, however, must never know the decryption key.






Figure (9): Basic Model of Cryptosystem.
2. Types of Cryptosystems
Fundamentally, there are two types of cryptosystems based on the manner in which encryption-decryption is carried out in the system:
? Symmetric Key Encryption (Symmetric Algorithms)
? Asymmetric Key Encryption (Asymmetric Algorithms)
2.1 Symmetric Algorithms
Sometimes called Conventional Algorithms, are algorithms where the encryption key can be calculated from the decryption key and vice versa. In most symmetric algorithms, the encryption key and the decryption key are the same. These algorithms, also called Secret Key Algorithms, Single Key Algorithms, or One Key Algorithms, require that the sender and receiver agree on a key before they can communicate securely. The security of a symmetric algorithm rests in the key. As long as the communication needs to remain secret, the key must remain secret. Encryption and decryption with a symmetric algorithm are denoted by:
EK(M) = C and DK(C) = M
Symmetric algorithms can be divided into two categories. Some operate on the plaintext a single bit (or sometimes byte) at a time; these are called Stream Algorithms or Stream Ciphers. Others operate on the plaintext in groups of bits, the groups of bits are called blocks, and the algorithms are called Block Algorithms or Block Ciphers.
Before 1970, all cryptosystems employed symmetric key encryption. Even today, its relevance is very high and it is being used extensively in many cryptosystems.