Encryption, Encryption Protocol And Digital Certificate (Copy)

Introduction to Encryption

• Encryption is the process of converting plaintext (original data) into ciphertext (unreadable format).
• Used primarily for security in data transmission and storage.
• Ensures that data intercepted by unauthorized parties remains unintelligible.
• Critical for sensitive data such as:
  • Financial transactions (e.g., banking, credit card details).
  • Personal information (e.g., medical records, legal documents).
  • Business communications.

Core Security Concerns in Encryption

1. Confidentiality
   • Ensures that only the intended recipient can read the data.
2. Authenticity
   • Verifies the sender’s identity to prevent forgery.
3. Integrity
   • Guarantees that the data has not been altered in transit.
4. Non-repudiation
   • Prevents the sender or receiver from denying their role in the transmission.

Encryption Keys, Plaintext, and Ciphertext

• Plaintext: The original, readable data before encryption.
• Ciphertext: The transformed, encrypted version of plaintext.
• Encryption Algorithm: The method used to convert plaintext into ciphertext.
• Decryption Algorithm: The method used to revert ciphertext back to plaintext.
• Encryption Key: A unique string of bits used in the encryption process.
• Decryption Key: The key required to convert ciphertext back to readable text.

Types of Ciphers

1. Block Cipher
   • Encrypts data in fixed-size blocks (e.g., 128-bit blocks).
   • Prevents pattern recognition by using block chaining (each block is XORed with the previous ciphertext block).
2. Stream Cipher
   • Encrypts data one bit or byte at a time.
   • Common in real-time communication like voice or video streaming.

17.1.2 Symmetric Encryption

• Uses a single secret key for both encryption and decryption.
• Fast and efficient but has a key distribution problem:
  • The sender and receiver must securely share the key.
  • If intercepted, the key can be used to decrypt the data.
• Example:
  • A simple shift cipher could use a numeric key to shift letters in a message.
  • More complex systems use 256-bit encryption, creating 22562^{256} possible key combinations.

Steps in Symmetric Encryption

1. The sender encrypts data using a shared secret key.
2. The ciphertext is transmitted over the network.
3. The recipient uses the same secret key to decrypt the data.

Security Issues

• The key must be securely exchanged.
• Modern computers can brute force simple encryption techniques quickly.
• Solution: More complex key exchange mechanisms (e.g., Diffie-Hellman).

17.1.3 Asymmetric Encryption

• Uses two keys:
  • Public Key: Available to everyone.
  • Private Key: Kept secret by the owner.
• Solves the key distribution problem of symmetric encryption.
• Ensures secure communication between parties who have never interacted before.

Steps in Asymmetric Encryption

1. The recipient generates a public-private key pair.
2. The recipient shares the public key with the sender.
3. The sender encrypts the message using the recipient’s public key.
4. The recipient decrypts it using their private key.

Example Scenario

• Tom wants to send a confidential document to Meera:
  • Meera sends her public key to Tom.
  • Tom encrypts the document using Meera’s public key.
  • Meera decrypts it using her private key.

Advantages of Asymmetric Encryption

• Eliminates the need to share secret keys.
• Ensures secure transmission even over unsecured networks.

Disadvantages

• Computationally slower than symmetric encryption.
• Requires more processing power.

Quantum Cryptography & Quantum Key Distribution (QKD)

• Uses the principles of quantum mechanics to secure encryption keys.
• Based on the behavior of photons (light particles).
• If a third party tries to intercept the key, it disturbs the quantum state, alerting the sender and recipient.

Quantum Key Distribution (QKD) Process

1. The sender generates photons with random polarization.
2. The recipient uses beam splitters to measure the photons.
3. The measurement results are compared to determine a shared encryption key.
4. Any interception attempt disturbs the photons, making eavesdropping detectable.

Limitations of Quantum Cryptography

• Requires specialized hardware (e.g., fiber optic cables).
• Currently limited to short distances (~250 km).
• Expensive implementation.

SSL (Secure Sockets Layer) & TLS (Transport Layer Security)

• Protocols used to secure internet communication.
• SSL/TLS Functions:
  • Encrypts data between clients (browsers) and servers.
  • Uses public key cryptography to establish a secure session.
  • Ensures data integrity and confidentiality.

How SSL/TLS Works

1. A client requests a secure page (e.g., HTTPS website).
2. The web server sends a digital certificate (containing a public key).
3. The client verifies the certificate’s authenticity.
4. A temporary session key is generated and encrypted.
5. Both client and server use this key to encrypt the communication.

SSL vs. TLS

Digital Certificates & Digital Signatures

• Digital Certificate:
  • Proves the identity of a website or user.
  • Issued by a Certificate Authority (CA).
• Digital Signature:
  • Ensures authenticity and integrity.
  • Created using a hashing algorithm (e.g., SHA-256).
  • Can be verified using the sender’s public key.

Steps to Create a Digital Signature

1. The sender hashes the message to generate a digest.
2. The digest is encrypted using the private key.
3. The recipient decrypts it using the sender’s public key.
4. The recipient compares the hash values to ensure the message is unchanged.

Summary & Key Takeaways

• Encryption protects data from unauthorized access.
• Symmetric encryption uses a single secret key, but has a key distribution problem.
• Asymmetric encryption solves this with public-private key pairs.
• Quantum cryptography offers nearly unbreakable encryption, but is expensive.
• SSL/TLS secures internet communications.
• Digital certificates & signatures ensure authenticity and integrity.