# Cryptography in C# ## :one: Introduction - Cryptography is *necessary* for secure communications, and it does not mean that it is *sufficient*. - The two purposes of the paper: - 1. defining terms and concepts behind basic cryptographic methods. Comparing many different crytpographic methods used in nowadays - 2. real examples of cryptography nowadays ## :two: Basic concepts of cryptography - Five primary functions of cryptography: - 1. privacy / confidentiality : No one can read the message other than the intended receiver. - 2. Authentication : Proving one's identity - 3. Integrity : Did the message retain / maintain its original form? - 4. Non-repudiation: proving that the sender has actually sent the message - 5. Key Change: how is the crypto keys shared between sender and receiver? - Plain Text: unencrypted data. - Ciphertext: decrypted data. - Notations $$ C = E_k(P) \\ P=D_k(C)\\ $$ where P = plaintext, C = Ciphertext, E = encryption method, D = Decryption method, K = Key. - Forward Secrecy (Perfect Forward Secrecy): By creating a different key for each session, a program ensures that compromise of a single key does not threaten the entire security. (Analogy: You change the password to your house everytime you exit the house so that even if the password is leaked yesterday, the house is yet kept protected from the intruders.) - Perfect Security: When ciphertext does not give any hint about the plaintext. Some *necessary* properties of the ciphertext that achieves perfect security are 1) at least as long as the plain text. Therefore, the bruteforce attempts are impossible to fix the trouble. (Ex: one time pads) - Deniable Authentication (= Message Repudiation)*: Type of authentication that allows user to claim that they are not the person who authenticated themselves, even if they were. This feature is useful when the user wants to protect their identity or keep their actions private. - real life examples - use of anonymous voting system. Voters are given unique identification code that allows them to vote without revealing about their identity. - Using pseudonym or anonymous accounts on online platform. This allows the user to protect their identity and keep their actions private while still being able to prove their identity private if necessary. - Whats app (encrypted messagine apps) - Note that deniable authentication is different from anonymous authentication, which allows a user to authenticate themselves without revealing about their identity. While deniable authentication allows a user to claim that they are not the person who authenticated themselves (like Duo used in Cal Central), anonymous authentication does not allow a user to prove their identity. - Alice :girl: - Bob :boy:: main communicator - Carol :three:, Dave :four: parties - Eve :ear: eavesdropper - Mallory :ghost: malicious party (:cry: no appropriate emoji for malicious party) - Trent :school: trusted third party ```graphviz digraph dg{ cryptology -> cryptography ; cryptology -> cryptanalysis; cryptography ; } ``` - cryptography studies development and creation of the mathematical algorithms used to encrypt and decrypt messages - cryptanalysis: science of analyzing and breaking encryption schemes. ## :three: Types of Cryptographic Algorithms 3 Types of Algorithms | Type | Description | Uses | | -------- | -------- | -------- | | Secret Key Crytography (SKC) | Uses single key for both encryption & decryption | Privacy & Confidentiality | | Public Key Crytography (PKC) | Uses different keys for both encryption & decryption | Authentication, non-repudiation, and key exchanges | | Hash Functions | Uses a mathematical functions to *irreversely* encrypt information | Message Integrity | **Type 1 Secret Key Cryptography** Biggest difficulty: Distribution of the key (since both the sender and the recipient of the message have to have a copy of the secret key --> therefore, it is unsuit for the parties that have not exchanged keys.) Main Examples of secret key cryptography: - AES (Advanced Encryption Standard) - DES (Data Encryption Standard) - Blowfish Main Usage: Securing sentitive data (such as financial transations, online transactions, data storage) Two main schemes: 1. Stream Cipher : Type of symmetric key cipher that encrypts data by generating a *stream* of pseudo-random bits and combining with the plain text data using the exclusive XOR operations. Stream cipher is generally fater and more efficient than the block cipher but is more vulnerable to certain attacks like replay attacks. - Ex: RC4, Salsa20, ChaCha20 - Subtype of stream Cipher: - Synchronous stream ciphers: encrypting in a way that is synchronizing with the plaintext message. - Self-synchronizing stream ciphers (synchronizing the key stream with the encoding text stream): - Why do you need this? ciphertext stream has errors / losses or when the message is too large to transmit all at once or when the message needs to be transmitted in real time. (this is why even when we are given the same key, the self-synchronizing stream ciphers may not always produce the same encrypted message when given the same key. Since self-synchronizing uses an additional processing to synchronize the keystream with the plaintext message - by using the characteristics of the plaintext message itself like repeating patters or statistical properties - to determine the correct keystream to use for encryption.) Hence, this type is more resilient to the bit-flipping attacks (when the attacker tries to mess with the message by flipping individual bits). However, this means that the entire process will be slower than the synchronous stream ciphers. - How does it achieve its goal: uses feedback mechanisms that allow the cipher to re-synchronize itself with the plain text message when the message seems to be disrupted. - XOR (addition mod 2 ! - vivek :smile: / learn elliptic curve) cipher: performing the XOR operation between the plain text and a (key or pseudorandom bits). Then, the encrypted message is sentto the recipient and decrypted by performing the XOR operation using the (key or a pseudorandom bits). Note that XOR is simple that it itself alone is not the cipher method but then it helps the development of the more complex ones! - Plaintext :pencil: Hello, :key: : Secret. - Using the ASCII encoding scheme, we convert the plaintext and key to a binary form (Plaintext: H E L L O --> 72 69 76 76 79, Key: S E C R E T --> 83 69 67 82 69 84) - Next, we perform the XOR operation between each bit of the plaintext and the corresponding bit of the key, using the truth table for the exclusive OR operation. - - Ciphertext: H XOR S E XOR E L XOR C L XOR R O XOR E : 11011010 11011011 11001101 11001100 11101011 Finally, we convert the ciphertext back to ASCII characters to obtain the final ciphertext message ";*9=9;".  2. Block Cipher: Divides the plaintext message into fixed sized blocks and encrypt each block separately. **Comparison between Block and Stream Cipher** - Advantage 1 of Block: block ciphers are generally more resistant to certain types of attacks. For example, block ciphers are more resistant to known-plaintext attacks, in which an attacker has access to both the plaintext and the corresponding ciphertext, and can try to use this information to reverse engineer the key. This is because block ciphers operate on fixed-size blocks of data, which makes it more difficult for an attacker to obtain information about the key from the ciphertext. - Advantage 2 of Block: block ciphers are generally easier to implement and use in practice than stream ciphers. This is because block ciphers have a fixed block size, which means that they do not require additional processing to synchronize the keystream with the plaintext message, as is required with stream ciphers. - Disadvantage of Block: block ciphers is that they are typically slower than stream ciphers, since they operate on fixed-size blocks of data. This can make them less efficient for certain applications, such as real-time communication or high-speed data transmission.