1
Chapter 1: Introduction to Cryptology
Cryptography is the art of transmitting information in a secret manner.
Some Applications of Cryptography
1. Military and national security.
Picture of the National Security Agency
2. Electronic money transactions, for example, credit cards.
3. Website authentication.
2
Some Important Historical Figures in Cryptography
We next describe some basic terminology and concepts we will use in this textbook
involving cryptography.
Section 1.1: Basic Terminology
In the field of information security, the terms cryptography, cryptanalysis, and cryptology
have subtly different meanings.
Cryptography - The process of developing a system for disguising information so that
ideally it cannot be understood by anyone but the intended recipient of the information. A
method designed to perform this process is called a cryptosystem or a cipher.
Cryptanalysis - the process of an unintended recipient of disguised information
attempting to remove the disguise and understand the information. Successful
cryptanalysis is sometimes called breaking or cracking a cipher.
Cryptology - is an all-inclusive term that includes cryptography, cryptanalysis, and the
interaction between them.
3
Here are a few more important definitions we will use throughout this book.
Plaintext – the undisguised message (usually an English message) that we want to send.
Ciphertext – the secret disguised message that is transmitted.
Encryption (encipherment) – the process of converting plaintext to ciphertext.
Decryption (decipherment) – process of converting ciphertext back to plaintext.
Key for a cipher - is information usually known only to the originator and intended
recipient of a message, which the originator uses to encrypt the plaintext, and the
recipient to decrypt the ciphertext.
Note! In general, a code is not considered the same as cryptography. Unlike with
cryptography, in which the concern is primarily concealing information, with codes the
concern is usually transmitting information reliably and efficiently over a
communications medium. For example, Morse code is not a cipher. However, sometimes
ciphers are referred to as codes (the Navajo code, which we will study in Chapter 4, is an
example).
Section 1.2: Cryptology in Practice
Fact: In practice, it is usually assumed that when a pair of correspondents implements a
cipher to communicate a message confidentially, the type of cipher used is known by any
adversaries wishing to discover the contents of the message.
How well a cryptosystem works in disguising information is dependent on its security.
The security of a cipher, which is simply a measure of how difficult it would be for an
adversary to break the cipher, depends only on how difficult it would be for an adversary
to find the key for the cipher.
Types of Keys for Ciphers
1.
Symmetric-key ciphers - where the originator and intended recipient of a message
must keep the key secret from adversaries. These types of keys are sometimes called
private-key ciphers. These types of ciphers were the only types used in the 1970’s and
were used in what were termed as classical ciphers. Because of their speed in
encrypting and decrypting messages, they have retained their usefulness even in
modern times. We will focus on symmetric key ciphers in Chapters 2-7 and 10 in this
book.
4
2. Public-key ciphers - use a pair of keys, one for encryption and one for decryption.
When using a public-key cipher, the intended recipient of a message creates both the
encryption and decryption keys, publicizes the encryption key so that anyone can
know it, but keeps the decryption key secret. That way, the originator of the message
can know the encryption key, which he or she needs to encrypt the plaintext, but only
the recipient knows the decryption key. It usually is not realistically possible to find
decryption keys from the knowledge of encryption keys. These types of ciphers were
first invented in the 1970’s and are in wide used today. We will study them in
Chapters 8 and 9 and present some ways to overcome some obstacles they have in
Chapter 11.
Cryptanalysis
The goal in cryptanalysis is often to determine the key for a cipher.
Methods for finding a key with cryptanalysis
1. Brute force attack - involves testing every possible key until one is found that works.
However, secure cryptosystems have so many keys to test that this is not realistic.
2. Frequency analysis – uses facts about the language used for the plaintext to relate
highly occurring ciphertext letters to the most highly occurring letters that occur in
the language used.
3. Known plaintext - when adversaries who know a small part of the plaintext, called a
crib, and use it to help determine the key and break the cipher.
Message Authentication
Involves ways of verifying that a ciphertext received electronically was really sent by the
person claiming to have sent it, and that keys identified electronically really belong to the
person claiming to own them.
Two ways to guarantee a message is authentic.
1. Digital Signatures – gives a way of the message sender to electronically the message.
2. Public-key Infrastructures – gives ways of binding public-keys to particular users.
5
1.3 Why Study Cryptology?
Hopefully, if you don’t already, this book will help you realize that cryptography is a
fascinating subject to understand and learn more about.
Reasons for Studying Cryptology
1. Cryptology is used in everyday life.
2. Cryptology is also a multidisciplinary science.
History: Mary Queen of Scots and Babington Plot
History and Culture: Navajo code
6
Linguistics
3. Mathematics plays and integral part in cryptology
Engineering and Supercomputing
7
4. Learning about cryptology can be fun and entertaining.