Unit III
Cryptography and Public key Infrastructure
3a. Identify and describe types of cryptography .
3b. List and describe various Encryption Algoriths.
3.! Introduction to "yetric encryption # Asyetric encryption.
3.$ Encryption algorith % Cifer&Encryption and 'ecryption using(
Caesar)s cipher
playfair cipher
shift cipher
shift cipher
*igenere cipher
one tie pad +verin cipher,
hill cipher +for practice use sall atri- and apply encryption only,.
3c. 'escribe transposition techni.ues and steganography.
3.3 /ransposition techni.ues +rail fence,
3.0 steganography
3d. E-plain 1ashing and "1A2! echanis.
3.0 1ashing function ( "1A! +only,
3e. 'istinguish Asyetric and "yetric Encryption.
3f. 'escribe digital signature and concept of key escro3.
3.4 Asyetric encryption(
3.5 'igital "ignatures
3.6 7ey escro3
3g. List the basics of public key infrastructures.
3h. 'escribe the roles of certificate authorities and certificate repositories.
3i. 'escribe the role of registration authorities.
38. E-plain the relationship bet3een trust and certificate verification.
3k. E-plain use of digital certificates.
3.5 Public key infrastructures (
3.6 basics& digital signatures& digital certificates& certificate authorities& registration
authorities.
3.9 steps for obtaining a digital certificate& steps for verifying authenticity and integrity of
a
certificate.
3l. 'istinguish centrali:ed and decentrali:ed infrastructures.
3.6 Centrali:ed or decentrali:ed infrastructure&
3.9 private key protection
3g. List and describe trust odels.
3.9 /rust ;odels( 1ierarchical& peer to peer& hybrid
Introduction
In a simplest form, encryption is to convert the data in some unreadable form so it
can not be understood by any illegitimate users.
Cryptography is the science of using mathematics to encrypt and decrypt data.
Cryptography enables you to store sensitive information or transmit it across
insecure networks (like the Internet) so that it cannot be read by anyone except
the intended recipient.
Modern cryptography concerns itself with the following four obectives!
1) Confidentiality: "he information cannot be understood by anyone for whom it was
unintended. "hat means ensuring that no one can read the message except the intended
receiver.
2) Integrity: "he information cannot be altered in storage or transit between sender and
intended receiver. "hat means assuring the receiver that the received message has not
been altered in any way from the original.
3) Non-repudiation: "he creator#sender of the information cannot deny (refuse#reect) at
a later stage his or her intentions in the creation or transmission of the information. "hat
means a mechanism to prove that the sender really sent this message not modified by any
other intruder#$acker.
4) Authentication: "he sender and receiver can confirm each other%s identity and the
origin#destination of the information.
&et us first understood some basic terms of a Cryptography.
1. 'lain"ext!( )ata that can be read and understood without any special measures is
called plaintext or cleartext.*riginal Message
2. Cipher"ext!( )ata that is transformed or converted by +ncryption algorithm is
known as Ciphertext.
3. +ncryption!( algorithm for transforming plaintext to ciphertext
4. )ecryption!( algorithm for transforming ciphertext to plaintext
5. key: ( info used in cipher known only to sender#receiver
*riginal message before being transformed is called plaintext. It is in readable and
understandable form. ,fter the message is transformed, the encrypted data is called
ciphertext.
,n encryption algorithm transforms the plaintext into ciphertext and a decryption algorithm
transforms the ciphertext back to plaintext.
-ender uses an encryption algorithm and receiver uses decryption algorithm. "o encrypt a
message, we need a plaintext, an encryption algorithm, and an encryption key.
In above figure C.+/(') shows that, to obtain ciphertext C we need to apply an encryption
algorithm + with key / on plaintext '.
)ecryption is inverse or reverse process of encryption to transform the message back to its
original, readable and understandable form.
"o decrypt a message, we need a ciphertext, decryption algorithm and decryption key. In
above figure '.)/ (C) shows that , to obtain a plaintext ' back again we need to apply a
decryption algorithm ) with key / on ciphertext C.
&et us take one simple +xample0(
*ur plain text may be 1pay more money1
Cipher text would be ! 1-)2 '34$ '35$21.
6ou can easily interpret that 7 is added in plain text character to get cipher text.
-o key will be 7 and ,ddition is our encryption algorithm.
by following subtraction,we can easily get plain text from ciphertext.
3.1 Syetric encryption ! A"yetric encryption
Cryptography systems can be broadly classified into two main types!
2. -ymmetric /ey cryptography (-ecret /ey cryptography or private /ey -ystem)
3. 'ublic /ey cryptography (,symmetric key cryptography)
!. Syetric #ey cryptography
"yetric key "y"te":- It uses a single same key that both the sender and recipient
have for +ncryption and )ecryption.
It is a conventional cryptography, also called secret(key or symmetric(key or
'rivate /ey Cryptography.
In this encryption system, one key is used both for encryption and decryption.
"he )ata +ncryption -tandard ()+-) is an example of a conventional
cryptosystem.
,s shown in below figure, the sender uses the key and encryption algorithm to
encrypt the plaintext and sends the ciphertext to the receiver.
"he receiver applies the same key and decryption algorithm to decrypt the
message and recover the plaintext.
-ymmetric key algorithm is efficient0 it takes less time to encrypt a message
than public key algorithm. 2ecause the key is usually smaller symmetric
cryptography is used to encrypt and decrypt long messages.
A"yetric key "y"te":- It is also known as a public(key systems. It uses two keys, a public
key known to everyone and a private key that only the recipient of messages uses.
3-, ,lgorithm,)-, ,lgorithm and )igital -ignature are the example of 'ublic(
/ey -ystems.
