- Cryptography is the science and art of transforming messages to make them secure
and immune to attacks. - The plaintext is the original message before transformation; the ciphertext is the
message after transformation. - An encryption algorithm transforms plaintext to ciphertext; a decryption algorithm
transforms ciphertext to plaintext. - A combination of an encryption algorithm and a decryption algorithm is called a
cipher. - The key is a number or a set of numbers on which the cipher operates.
- We can divide all ciphers into two broad categories: symmetric-key ciphers and
asymmetric-key ciphers. - In a symmetric-key cipher, the same key is used by both the sender and receiver. The
key is called the secret key. - In an asymmetric-key cipher, a pair of keys is used. The sender uses the public key;
the receiver uses the private key. - A substitution cipher replaces one character with another character.
- Substitution ciphers can be categorized into two broad categories: monoalphabetic
and polyalphabetic. - The shift cipher is the simplest monoalphabetic cipher. It uses modular arithmetic
with a modulus of 26. The Caesar cipher is a shift cipher that has a key of 3. - The transposition cipher reorders the plaintext characters to create a ciphertext.
- An XOR cipher is the simplest cipher which is self-invertible.
- A rotation cipher is an invertible cipher.
- An S-box is a keyless substitution cipher with N inputs and M outputs that uses a formula to define the relationship between the input stream and the output stream.
- A P-box is a keyless transposition cipher with N inputs and M outputs that uses a table to define the relationship between the input stream and the output stream. A P-box is invertible only if the numbers of inputs and outputs are the same. A P-box can use a straight permutation, a compression peilliutation, or an expansion permutation.
- A modern cipher is usually a round cipher; each round is a complex cipher made of a combination of different simple ciphers.
- DES is a symmetric-key method adopted by the U.S. government. DES has an initial and final permutation block and 16 rounds.
- The heart of DES is the DES function. The DES function has four components: an expansion permutation, an XOR operation, S-boxes, and a straight permutation.
- DES uses a key generator to generate sixteen 48-bit round keys.
- Triple DES was designed to increase the size of the DES key (effectively 56 bits) for better security.
- AES is a round cipher based on the Rijndael algorithm that uses a 128-bit block of data. AES has three different configurations: 10 rounds with a key size of 128 bits, 12 rounds with a key size of 192 bits, and 14 rounds with a key size of 256 bits.
- Mode of operation refers to techniques that deploy the ciphers such as DES or AES. Four common modes of operation are ECB, CBC, CBF, and OFB. ECB and CBC are block ciphers; CBF and OFB are stream ciphers.
- One commonly used public-key cryptography method is the RSA algorithm, invented by Rivest, Shamir, and Adleman.
- RSA chooses n to be the product of two primes p and q.
- The Diffie-Hellman method provides a one-time session key for two parties.
- The man-in-the-middle attack can endanger the security of the Diffie-Hellman method if two parties are not authenticated to each other.
Reference – Data Communications and Networking by Behrouz A. Forouzan (Author)
