Symmetric Cryptography Summary (Full)

Summary of Symmetric Cryptography (Complete)

These are my complete notes for Symmetric Cryptography, covering such topics as Keystreams, Modular Arithmetic, Integer Rings, Shift Ciphers, Affine Ciphers, Stream Ciphers, Block Ciphers, the Data Encryption Standard (DES), the Advanced Encryption Standard (AES), and more.

I color-coded my notes according to their meaning - for a complete reference for each type of note, see here (also available in the sidebar). All of the knowledge present in these notes has been filtered through my personal explanations for them, the result of my attempts to understand and study them from my classes and online courses. In the unlikely event there are any egregious errors, contact me at jdlacabe@gmail.com.

Table Of Contents

I. Introductions

I.I Classification & Terminology.

I.III Cryptanalysis Basics.

I.II Symmetric Crypto. Basics.

I.IV Generic Analytical Attacks.

II. Historical Ciphers.

II.I Substitution Cipher.

I. Introductions

I.I Classification & Terminology.

Fig. 1. - Cybersecurity Classification Hierarchy:

A Classification Hierarchy of the major components of Cryptology. The work of the mastermind Jonathan Lacabe himself.

A Classification Hierarchy of the major components of Cryptology. For a further classification of Cryptanalysis, see Rule 5. The work of the mastermind Jonathan Lacabe himself.

# Cryptology/Cybersecurity: IT Security; The protection of digital information against misuse, incorporating technical, organizational, and implementation-specific aspects. This is the modern, digital theater of the much greater field of 'Security'.

# Cryptography: A sub-field of Cryptology;

The science of securing communication through encryption, especially against the cryptanalysis efforts of an adversary. Cryptographic algorithms are the bedrock of all cybersecurity systems - if cybersecurity is a car, then cryptography is the engine.

# Cryptanalysis: A sub-field of Cryptology;

The reductive counterpart to Cryptography, the science of 'breaking' encryption and bypassing the cryptographic security. Though it is the medium of hackers and cybercriminals, it is also a serious scientific field for researchers to test the security of cryptosystems, e.g. systems established using Cryptography. This is the only to absolutely ensure the security of the cryptosystem - remember Schneier's Law.

# Symmetric Algorithms: The classic form of Cryptography - two parties hold a secret key, enabling one party to encrypt a message and the other party to decrypt it. Until 1976, this was the only form of cryptography in existence, and describes the basic nature of all historical ciphers (such as the shift/caesar cipher and affine cipher) and Stream Ciphers, Block Ciphers, and DES & AES. Hash functions are somewhat similar to symmetric algorithms, though they can be considered an independent, third type of Cryptographic algorithm.

# Asymmetric/Public-Key Algorithms: The new cryptography, which all modern cryptosystems and what much of the infrastructure of the Internet, is based on. Invented by the Diffie-Hellman team in 1976, Public-Key Cryptography functions by having each party have TWO keys, a private key and a public key.

For more detail on how these functions work, see the "Public-Key Cryptography" section ([[[[[), but know they are used in a variety of fashions: digital signatures, key establishment/management, and more!

# Protocols: Collective cryptographic algorithms that serve a complex security function, like a library of algorithms that work together for a common goal. For example - the Transport Layer Security scheme (TLS) and the Hypertext Transfer Protocol (HTTP) are used in every web browser.

In the words of Edward Snowden, "[The Internet of Things and countless] protocols have given us the means to digitize and put online damn near everything in the world that we don’t eat, drink, wear, or dwell in."

# P. Rule 1. Cryptographic 'Primitives', 'Ciphers', and 'Algorithms' all refer to the same thing in slightly different ways: schemes used to represent data. Primitives are the basic cryptographic functions (building blocks of an algorithm), ciphers are the implementation of an encryption scheme, and algorithms are the combined procedures of primitives and ciphers to create the greater cryptosystem.

# Channel: A transmission medium for data to pass through. Examples include the Internet, airways, and Wi-Fi. Securing transmission from interception is the goal of cryptography.

# Hybrid Schemes: The combined usage of both asymmetric and symmetric algorithms in a cryptosystem, since both type have their own strengths and weaknesses.

I.II Symmetric Crypto. Basics.

# P. Rule 2. Symmetric Cryptography

The ancient problem presents itself: How can two parties communicate over an insecure channel (an 'open channel') without having their communications be intercepted by a third-party?

Say Alice and Bob connect through the internet (which is an open channel due to the potential of package rerouting/interception) and transfer data. An opponent, Oscar, can read their communications by intercepting the data before it reaches Bob.

A diagram showcasing how communications between Alice and Bob, when passing through an insecure channel unencrypted, can be intercepted by the attacker Oscar.

To stop Oscar from reading the message, an encryption algorithm can be established, converting the plaintext message (x) into a ciphertext message (y), and then sending it through the insecure channel. Oscar would only see a stream of random characters/bits as a result of the encryption. Bob, using a decryption function, would convert the ciphertext back into plaintext, thus completing the data transfer without interception.

In order for Bob to not simply decrypt the ciphertext immediately using the decryption function (which should be public for reasons outlined in Rule 3), a Key only known to Alice and Bob (sent through a secure, impenetrable channel) must be used as a parameter in both the encryption and decryption functions.

The key must be inputted into the encryption function to influence the manner in which the plaintext is encrypted into cyphertext. Thus, only with the key will Bob be able to decrypt the Ciphertext. Oscar, who doesn't know the key, will be unable to decrypt the message, even if the decryption algorithm is public.

A diagram showcasing a symmetric cryptosystem, complete with a key sent through a secure channel and encryption/decryption functions.

x = Plaintext message - the unadulterated, original content of the message.

y = Ciphertext, which looks like scrambled characters to an interceptor like Oscar.

e = Encryption function, a mathematical formula that converts x into y.

d = Decryption function, a mathematical formula that converts y into x.

K = The Key fed into the encryption and decryption functions.

|K|, 𝒦 = Keyspace, the total number of possible keys in a cryptosystem. This matters significantly with regard to brute-force Cryptanalysis (see Rule 5). The keyspace corresponds to the key size of the algorithm: If it produces a 168-bit key (see Rule [[[[), then there are 2^168 possible keys.

# P. Rule 3. Keeping the encryption/decryption algorithms 'e' and 'd' secret, preventing their cryptanalysis by the enemy, was standard procedure for the ~4000 year history of Cryptography prior to the discovery of public-key Cryptography. However, the only way of ensuring the security of the algorithms is to make them public so it can be analyzed by cryptanalysts. Schneier's Law, again.

This is the central principle of a foundational law in Cryptography, postulated in 1883 by Auguste Kerckhoffs:

Kerckhoffs' Principle:

"A cryptosystem should be secure even if the attacker (Oscar) knows all the details of the system, with the exception of the secret key."

In Practice: Never use an untested Crypto algorithm! Furthermore, never roll your own crypto!

I.III Cryptanalysis Basics.

# P. Rule 4. There are multitudes of cryptanalysis techniques, and the crucial law is that if just one attack works, then the entire cryptosystem crumbles and fails. While a substitution cipher (Rule [[[[) may be impenetrable to a brute-force attack (with its 2^88 keyspace), it collapses against letter frequency analysis.

In order for a cryptosystem to be considered secure, it must be resistant against every single type of attack.

Fig. 1. - Cybersecurity Classification Hierarchy:

A Classification hierarchy of Cryptanalysis. There are two main branches of Classical Cryptanalysis, Brute-force and Analytical Cryptanalysis.

# Classical Cryptanalysis: The combined usage of both asymmetric and symmetric algorithms in a cryptosystem, since both type have their own strengths and weaknesses.

# Attack Vectors: The many possible ways to attack a cryptosystem.

# P. Rule 5. Classical Attack #1: Brute-Force Attack/Exhaustive Key search:

The testing of all possible keys in a given keyspace with the decryption function, to see if they produce the plaintext. This is akin to thinking of the cryptosystem as a black box, in which the only significant factor to decoding an encrypted message is the number of possible keys the message could have been created with.

As of 2010 (very recent), the largest keyspace that can be searched in a relatively reasonable amount of time is 2^60. Of course, it is possible for a key to produce a false-positive, as seen in the One-Time Pad algorithm (Rule [[[[[[).

Mathematically, a brute-force search (which respect to the key) is defined as follows:

Let (x, y) denote the pair of plaintext and ciphertext, and let K = {k₁ ,..., k_κ } be the key space of all possible keys k_i. A brute-force attack now checks for every k_i ∈ K whether d_{k_i} == x.

If the equality holds, a possible correct key is found; if not, proceed with the next key.

# P. Rule 6. Classical Attack #2: Analytical Attacks:

The intelligent counterpart to 'brute'-force, Analytical Attacks examine the internal characteristics of the encryption function and pick apart weaknesses in the function that could enable reconstruction of the plaintext message, such as Letter Frequency Analysis (for the Substitution Cipher) and Differential Cryptanalysis (for Block and Stream Ciphers).

There is no 'equation' for Analytical Attacks, because they are specific and unique to every cryptosystem (though some common characteristics can emerge between similar cryptosystems).

I.IV Generic Analytical Attacks.

At a minimum, an attacker will always know the ciphertext. There are four generic types of Analytic Attacks that specify what information the attacker possesses in addition (if anything):

# Hybrid Schemes: The combined usage of both asymmetric and symmetric algorithms in a cryptosystem, since both type have their own strengths and weaknesses.

# Hybrid Schemes: The combined usage of both asymmetric and symmetric algorithms in a cryptosystem, since both type have their own strengths and weaknesses.

# Hybrid Schemes: The combined usage of both asymmetric and symmetric algorithms in a cryptosystem, since both type have their own strengths and weaknesses.

# Hybrid Schemes: The combined usage of both asymmetric and symmetric algorithms in a cryptosystem, since both type have their own strengths and weaknesses.

II. Historical Ciphers.

II.I Substitution Cipher.

# Historical Cipher: A cipher that was used before the development of modern cryptography, operating on letters instead of bits/bytes. Every one of these ciphers are easily crackable, from the Enigma Code to the Caesar Cipher.

rule[[[[ Substitution Cipher

A historical cipher, operating purely on letters, in which every plaintext letter is replaced by a fixed ciphertext letter. It is just scrambling the letters, nothing more.

The Keyspace is 26!, or 2^88, as each plaintext letter that maps to a ciphertext letter decreases the remaining number of possible letters. Thus, a brute-force attack would be out of the question for modern computers.

Since the different letters of the English alphabet have different frequencies, Letter Frequency Analysis can be conducted as an attack on the substitution cipher, making it rather simple. This is an example of a situation in which an Analytical Attack is most effective.