SOC Blogs
Tutorials
Security Bulletins
Hey, I am Avradeep
Buy Me A Book!
Tutorials
Tutorials/
🧃
Basic Cryptography Tutorials/
🧃
Goals Of Cryptography
Search
🧃

Goals Of Cryptography

 

Goals Of Cryptography

 
  • Confidentiality → Authorised party can access the information
  • Integrity → Correctness and completeness of information
  • Authenticity → Source of information can be verified by the receiving party
  • Non-Repudiation → Source of information can be verified by any third party
 
 
 
 
notion image
 

Tools For Concepts

 
Concept
Tool
Encryption [Confidentiality]
AES | RSA
Cryptographic Hash Functions [Integrity]
SHA-2 | SHA-3
Message Authentication Codes | Authenticated Encryption [Authenticity]
HMAC and GCM block cipher mode of operation
Digital signatures [Non-Repudiation]
RSA-PSS and Ed25519
 
* Many more not mentioned here, this is just an example
 

Cryptography Goal: Confidentiality

 

Symmetric Encryption

 
 
notion image
 
  • Property:
    • Single key K for both Encryption And Decryption
  • Constraint:
    • DEC(ENC(P,K),K)=P
  • In Practice:
    • ENC and DEC are very often the Advanced Encryption Standard (AES) block cipher
    • AES keys can be of length 128, 192, 256 bits
    • Each pair of sender and receiver needs a key and its the same key
  • Doesn’t scale well with the number of participants in the system
  • Can be used to encrypt large amount of data
 
NIST →
 
Advanced Encryption Standard (AES)
The Advanced Encryption Standard (AES) specifies a FIPS-approved cryptographic algorithm that can be used to protect electronic data.
Advanced Encryption Standard (AES)
https://www.nist.gov/publications/advanced-encryption-standard-aes
 

Asymmetric Encryption

 
notion image
  • Properties:
    • Public Key KE to encrypt
    • Private Key KD to derypt
  • Constraint:
    • DEC(ENC(P,KE),KD) = P
  • In Practice:
    • Often RSA with keys ≥ 2048 bits
    • Requires 1 key-pair for each participant
  • Scales well
  • Size of data that can be encrypted is almost equal to the size of the key.
 
WIKI →
 
RSA (cryptosystem)
RSA (Rivest–Shamir–Adleman) is a public-key cryptosystem, one of the oldest that is widely used for secure data transmission. The acronym "RSA" comes from the surnames of Ron Rivest, Adi Shamir and Leonard Adleman, who publicly described the algorithm in 1977. An equivalent system was developed secretly in 1973 at Government Communications Headquarters (GCHQ), the British signals intelligence agency, by the English mathematician Clifford Cocks. That system was declassified in 1997.[2]
RSA (cryptosystem)
https://en.wikipedia.org/wiki/RSA_(cryptosystem)
 

Hybrid Encryption (Using AES and RSA)

 
notion image
  • Sender:
    • Create new random symmetric key K
    • Send data encrypted using key K
    • Send key K encrypted with Receiver’s public key KE
  • Receiver:
    • Obtain symmetric key K by using Decrypting Symmetric Key using Receiver’s Private Key KD
    • Obtain data by decrypting data using Symmetric Key K
  • Main Problem:
    • Once KD is known all symmetric keys K can be obtained and all data can be decrypted
    • Can be prevented by using the ephemeral Diffie-Hellman key exchange EDH or ECDHE
      • Â