1
UNIT 3: (HTCS-401) Cryptogrphy ………………………..Er. Shubham Kumar Sir
ENGINEERING ADDAA (Online Tutorial Point)
Information-theoretic security refers to a concept in cryptography and information theory where the security of
a cryptographic system is based on principles that ensure the secrecy of information against any possible attack, even in the
presence of unlimited computational power. Unlike computational security, which relies on the assumption that certain
computational problems are hard to solve, information-theoretic security guarantees secrecy using mathematical proofs
that are independent of computational limits.
Key aspects of information-theoretic security include:
1. Perfect Secrecy: A cryptographic system achieves perfect secrecy if the ciphertext provides no information about the
plaintext without knowledge of the encryption key. The one-time pad is an example of a system that achieves perfect
secrecy.
2. Unconditional Security: This implies that the security of the system is guaranteed regardless of the computational
resources available to an attacker. It ensures that the ciphertext does not leak any information about the plaintext,
making decryption impossible even with unlimited computing power.
3. Entropy: Information-theoretic security often involves concepts of entropy, which measures the uncertainty or
randomness in a system. High entropy in a key or ciphertext ensures greater security against cryptographic attacks.
4. Key Distribution: Secure key distribution is crucial in information-theoretic security. If an attacker cannot gain any
information about the key, even through intercepting communication channels, the system remains secure.
Information-theoretic security provides a strong foundation for cryptography, particularly in scenarios where computational
assumptions are uncertain or where high-security standards are required.
Cryptography is the practice and study of techniques for secure communication in the presence of third parties, often
referred to as adversaries. It involves various methods to ensure confidentiality, integrity, and authenticity of information.
Here are some key aspects and types of cryptography:
1. Encryption: The process of transforming plaintext (readable data) into ciphertext (unreadable data) using an
encryption algorithm and a key. The ciphertext is then transmitted over insecure channels.
2. Decryption: The reverse process of encryption, where ciphertext is transformed back into plaintext using a decryption
algorithm and the correct key.
3. Types of Cryptography:
o Symmetric Cryptography: Uses a single key for both encryption and decryption. Examples include AES
(Advanced Encryption Standard) and DES (Data Encryption Standard).
o Asymmetric Cryptography: Uses a pair of keys (public and private keys) for encryption and decryption. Public
keys are widely distributed, while private keys are kept secret. Examples include RSA (Rivest-Shamir-Adleman)
and ECC (Elliptic Curve Cryptography).
4. Cryptographic Hash Functions: These are one-way functions that generate a fixed-size output (hash) from input data
of any size. They are used for data integrity verification, digital signatures, and password hashing. Examples include
SHA-256 and MD5 (though MD5 is now considered weak for cryptographic purposes).
5. Applications:
o Secure Communication: Encrypting emails, messaging apps, VPNs (Virtual Private Networks), etc.
o Data Integrity: Verifying that data has not been tampered with.
o Authentication: Verifying the identity of users or devices.
�2
UNIT 3: (HTCS-401) Cryptogrphy ………………………..Er. Shubham Kumar Sir
ENGINEERING ADDAA (Online Tutorial Point)
o Digital Signatures: Providing proof of origin and integrity of digital messages.
6. Challenges:
o Key Management: Securely generating, storing, and exchanging keys.
o Cryptanalysis: The study of cryptographic techniques to break them and reveal the plaintext without knowing
the key.
o Quantum Computing: Potential threat to current cryptographic algorithms due to their ability to efficiently
solve certain problems, such as factoring large integers used in RSA.
Overall, cryptography plays a crucial role in ensuring the security and privacy of digital communications and transactions in
today's interconnected world.
The Diffie-Hellman key exchange (DH) is a fundamental cryptographic protocol used to securely exchange
cryptographic keys over a public channel. Here's a basic introduction to Diffie-Hellman:
Background:
Diffie-Hellman was developed independently by Whitfield Diffie and Martin Hellman in 1976. It addresses the problem of
key distribution in symmetric encryption systems, where both parties need a shared secret key for secure communication.
Key Concepts:
1. Public Key Cryptography: Diffie-Hellman is one of the earliest practical examples of public-key cryptography. Unlike
symmetric key algorithms where the same key is used for both encryption and decryption, DH uses different keys for
each.
2. Key Exchange: DH enables two parties to agree upon a shared secret key over an insecure communication channel
without sharing the key directly.
3. Modular Arithmetic: The core of DH involves operations in a finite mathematical group. Typically, this group is defined
over integers modulo a prime number.
How Diffie-Hellman Works:
1. Setup:
o Choose a large prime number ppp and a generator ggg, where ggg is a number whose powers modulo ppp
generate all possible values in a subgroup of integers modulo ppp.
2. Key Generation:
o Each party (Alice and Bob) generates a private key:
Alice chooses a private key aaa and computes A=gamod pA = g^a \mod pA=gamodp.
Bob chooses a private key bbb and computes B=gbmod pB = g^b \mod pB=gbmodp.
3. Key Exchange:
o Alice sends AAA to Bob, and Bob sends BBB to Alice over the public channel.
4. Shared Secret Calculation:
o Alice computes s=Bamod ps = B^a \mod ps=Bamodp.
o Bob computes s=Abmod ps = A^b \mod ps=Abmodp.
Both Alice and Bob now have the same shared secret sss, which can be used as a symmetric key for further communication
(e.g., for encrypting messages using a symmetric encryption algorithm like AES).
Security:
�3
UNIT 3: (HTCS-401) Cryptogrphy ………………………..Er. Shubham Kumar Sir
ENGINEERING ADDAA (Online Tutorial Point)
Diffie-Hellman is secure under the Discrete Logarithm Problem (DLP), which states that it's computationally hard to compute
gxmod pg^x \mod pgxmodp given ggg, ppp, and gxmod pg^x \mod pgxmodp. The security of DH relies on the difficulty of
this problem, particularly in large prime fields or elliptic curve groups.
Applications:
Diffie-Hellman is widely used in secure communication protocols like TLS (Transport Layer Security), SSH (Secure Shell), and
IPsec (Internet Protocol Security) to establish secure session keys without needing a pre-existing shared secret.
In summary, Diffie-Hellman key exchange provides a robust method for securely establishing shared secret keys over
untrusted communication channels, leveraging the mathematical properties of modular exponentiation in a finite field.
The Diffie-Hellman key exchange (DH) is a fundamental cryptographic protocol used to securely exchange cryptographic keys
over a public channel. Here's a basic introduction to Diffie-Hellman:
Background:
Diffie-Hellman was developed independently by Whitfield Diffie and Martin Hellman in 1976. It addresses the problem of
key distribution in symmetric encryption systems, where both parties need a shared secret key for secure communication.
Key Concepts:
1. Public Key Cryptography: Diffie-Hellman is one of the earliest practical examples of public-key cryptography. Unlike
symmetric key algorithms where the same key is used for both encryption and decryption, DH uses different keys for
each.
2. Key Exchange: DH enables two parties to agree upon a shared secret key over an insecure communication channel
without sharing the key directly.
3. Modular Arithmetic: The core of DH involves operations in a finite mathematical group. Typically, this group is defined
over integers modulo a prime number.
How Diffie-Hellman Works:
1. Setup:
o Choose a large prime number ppp and a generator ggg, where ggg is a number whose powers modulo ppp
generate all possible values in a subgroup of integers modulo ppp.
2. Key Generation:
o Each party (Alice and Bob) generates a private key:
Alice chooses a private key aaa and computes A=gamod pA = g^a \mod pA=gamodp.
Bob chooses a private key bbb and computes B=gbmod pB = g^b \mod pB=gbmodp.
3. Key Exchange:
o Alice sends AAA to Bob, and Bob sends BBB to Alice over the public channel.
4. Shared Secret Calculation:
o Alice computes s=Bamod ps = B^a \mod ps=Bamodp.
o Bob computes s=Abmod ps = A^b \mod ps=Abmodp.
Both Alice and Bob now have the same shared secret sss, which can be used as a symmetric key for further communication
(e.g., for encrypting messages using a symmetric encryption algorithm like AES).
Security:
�4
UNIT 3: (HTCS-401) Cryptogrphy ………………………..Er. Shubham Kumar Sir
ENGINEERING ADDAA (Online Tutorial Point)
Diffie-Hellman is secure under the Discrete Logarithm Problem (DLP), which states that it's computationally hard to compute
gxmod pg^x \mod pgxmodp given ggg, ppp, and gxmod pg^x \mod pgxmodp. The security of DH relies on the difficulty of
this problem, particularly in large prime fields or elliptic curve groups.
Applications:
Diffie-Hellman is widely used in secure communication protocols like TLS (Transport Layer Security), SSH (Secure Shell), and
IPsec (Internet Protocol Security) to establish secure session keys without needing a pre-existing shared secret.
In summary, Diffie-Hellman key exchange provides a robust method for securely establishing shared secret keys over
untrusted communication channels, leveraging the mathematical properties of modular exponentiation in a finite field.
AES (Advanced Encryption Standard) is a symmetric encryption algorithm widely used for securing
sensitive data. Here’s an introduction to AES:
Background:
AES was established as the successor to the older Data Encryption Standard (DES) by the National Institute of Standards and
Technology (NIST) in 2001. It is a symmetric key algorithm, meaning the same key is used for both encryption and
decryption.
Key Features:
1. Symmetric Encryption: AES operates on blocks of data (128 bits) using a key length of 128, 192, or 256 bits. It uses the
same key for both encryption and decryption, making it efficient for bulk data encryption.
2. Block Cipher: AES is a block cipher, meaning it encrypts and decrypts data in fixed-size blocks (128 bits in AES). For
data larger than one block, modes of operation like CBC (Cipher Block Chaining) or GCM (Galois/Counter Mode) are
used to handle multiple blocks securely.
3. Key Expansion: AES expands a short key into a larger key schedule internally, which is used for multiple rounds of
encryption and decryption.
4. Rounds: AES operates through a fixed number of rounds (10 rounds for 128-bit keys, 12 rounds for 192-bit keys, and
14 rounds for 256-bit keys), each involving several processing steps (SubBytes, ShiftRows, MixColumns, and
AddRoundKey).
5. Security: AES is considered secure against all known practical attacks when used with appropriate key sizes. Its
security derives from the complexity of its rounds and the strength of the key schedule against differential and linear
cryptanalysis.
Usage:
AES is widely used in various applications where data confidentiality is critical:
Data Encryption: Secure storage and transmission of sensitive information, such as in databases, file systems, and
communications protocols.
Cryptographic Protocols: Used in secure protocols like TLS (Transport Layer Security), IPsec (Internet Protocol
Security), and SSH (Secure Shell) for securing data in transit.
Disk Encryption: Encrypting entire disks or partitions to protect data from unauthorized access.
Digital Rights Management (DRM): Protecting digital content such as movies, music, and software.
Key Strengths:
�5
UNIT 3: (HTCS-401) Cryptogrphy ………………………..Er. Shubham Kumar Sir
ENGINEERING ADDAA (Online Tutorial Point)
Efficiency: AES is highly efficient in terms of speed and memory usage, making it suitable for both hardware and
software implementations.
Standardization: It is an established and widely accepted standard, ensuring interoperability and compatibility across
different systems and platforms.
AES continues to be a cornerstone of modern cryptography, offering strong security and efficiency for protecting sensitive
data across various applications and industries.
Side-channel attacks are a class of attacks that exploit unintended information leakage from a cryptographic system or
any system handling sensitive information. These attacks do not directly target the cryptographic algorithms or keys but
rather focus on exploiting weaknesses in the physical implementation or the operational environment of the system. Here’s
an overview of side-channel attacks:
Types of Side-Channel Attacks:
1. Timing Attacks:
o Description: Timing attacks exploit variations in the time taken by a system to perform cryptographic
operations. By measuring these timings, an attacker can infer information about the cryptographic keys or the
data being processed.
o Example: Differential timing analysis can reveal patterns in how long different encryption or decryption
operations take, potentially leaking information about the key.
2. Power Consumption Attacks:
o Description: Power analysis attacks monitor the power consumption of a device during cryptographic
operations. Variations in power consumption can correlate with specific operations or data values processed
by the device.
o Example: Simple Power Analysis (SPA) and Differential Power Analysis (DPA) can extract information about
cryptographic keys by analyzing power consumption patterns.
3. Electromagnetic Analysis (EMA):
o Description: EMA attacks capture electromagnetic emissions emitted by electronic devices during
cryptographic operations. These emissions can reveal information about the internal state of the device.
o Example: Electromagnetic Fault Injection (EMFI) and Electromagnetic Radiation Analysis (ERA) are techniques
used to extract cryptographic keys by analyzing electromagnetic emissions.
4. Acoustic Cryptanalysis:
o Description: Acoustic attacks use sound or vibration measurements to infer information about cryptographic
operations. Devices can emit sound or vibrations that correlate with internal states or operations.
o Example: Acoustic cryptanalysis has been demonstrated on devices like smartphones and ATMs, where sound
variations can reveal keystrokes or cryptographic keys.
5. Temperature Fluctuations:
o Description: Temperature-based attacks exploit variations in device temperature during cryptographic
operations. Temperature changes can affect the physical properties of electronic components, revealing
information about cryptographic keys.
�6
UNIT 3: (HTCS-401) Cryptogrphy ………………………..Er. Shubham Kumar Sir
ENGINEERING ADDAA (Online Tutorial Point)
o Example: Thermal analysis techniques can be used to recover keys from devices by measuring temperature
variations during cryptographic operations.
Countermeasures:
To mitigate side-channel attacks, several countermeasures can be employed:
Algorithmic Countermeasures: Use algorithms that are resistant to side-channel attacks, such as masking techniques
that introduce randomness or noise into computations.
Physical Security: Implement physical barriers and protections to prevent attackers from directly accessing devices
and monitoring emissions.
Noise Injection: Introduce controlled noise or randomness into cryptographic operations to obscure side-channel
leakage.
Cryptographic Isolation: Ensure that cryptographic operations are isolated from other system processes and
components to minimize leakage.
Hardware and Software Design: Implement secure hardware and software design practices to reduce the
susceptibility to side-channel attacks.
Testing and Evaluation: Conduct thorough testing and evaluation of systems under realistic conditions to identify and
mitigate potential side-channel vulnerabilities.
