Cryptography

Cryptography is the practice and study of techniques for secure

communication in the presence of third parties
called adversaries. More generally, cryptography is about
constructing and analyzing protocols that prevent third parties or the
public from reading private messages various aspects in information
security such as data confidentiality, data integrity, authentication,
and non-repudiation are central to modern cryptography. Modern
cryptography exists at the intersection of the disciplines
of mathematics, computer science, electrical
engineering, communication science, and physics. Applications of
cryptography include electronic commerce, chip-based payment
cards, digital currencies, computer passwords, and military
communications.
Cryptography prior to the modern age was effectively synonymous
with encryption, the conversion of information from a readable state
to apparent nonsense. The originator of an encrypted message
shares the decoding technique only with intended recipients to
preclude access from adversaries. The cryptography literature often
uses the names Alice ("A") for the sender, Bob ("B") for the intended
recipient, and Eve "eavesdropper" for the adversary.[5] Since the
development of rotor cipher machines in World War I and the advent
of computers in World War II, the methods used to carry out
cryptology have become increasingly complex and its application
more widespread.
Modern cryptography is heavily based on mathematical theory and
computer science practice; cryptographic algorithms are designed
around computational hardness assumptions, making such
algorithms hard to break in practice by any adversary. It is
theoretically possible to break such a system, but it is infeasible to do
so by any known practical means. These schemes are therefore
termed computationally secure; theoretical advances, e.g.,
improvements in integer factorization algorithms, and faster
computing technology require these solutions to be continually
adapted. There exist information-theoretically secure schemes that
provably cannot be broken even with unlimited computing power—
an example is the one-time pad—but these schemes are more
difficult to use in practice than the best theoretically breakable but
computationally secure mechanisms.
The growth of cryptographic technology has raised a number of legal
issues in the information age. Cryptography's potential for use as a
tool for espionage and sedition has led many governments to classify
it as a weapon and to limit or even prohibit its use and export. In
some jurisdictions where the use of cryptography is legal, laws
permit investigators to compel the disclosure of encryption keys for
documents relevant to an investigation. Cryptography also plays a
major role in digital rights management and copyright
infringement of digital media.
Modern cryptography

Symmetric-key cryptography

Symmetric-key cryptography, where a single key is used for

encryption and decryption
Symmetric-key cryptography refers to encryption methods in which
both the sender and receiver share the same key (or, less commonly,
in which their keys are different, but related in an easily computable
way). This was the only kind of encryption publicly known until June
1976.

One round (out of 8.5) of the IDEAcipher, used in most versions

of PGPand OpenPGP compatible software for time-efficient
encryption of messages
Symmetric key ciphers are implemented as either block
ciphers or stream ciphers. A block cipher enciphers input in blocks of
plaintext as opposed to individual characters, the input form used by
a stream cipher.
The Data Encryption Standard (DES) and the Advanced Encryption
Standard (AES) are block cipher designs that have been
designated cryptography standards by the US government (though
DES's designation was finally withdrawn after the AES was
adopted). Despite its deprecation as an official standard, DES
(especially its still-approved and much more secure triple-
DES variant) remains quite popular; it is used across a wide range of
applications, from ATM encryption to e-mail privacy and secure
remote access. Many other block ciphers have been designed and
released, with considerable variation in quality. Many, even some
designed by capable practitioners, have been thoroughly broken,
such as FEAL.
Stream ciphers, in contrast to the 'block' type, create an arbitrarily
long stream of key material, which is combined with the plaintext
bit-by-bit or character-by-character, somewhat like the one-time
pad. In a stream cipher, the output stream is created based on a
hidden internal state that changes as the cipher operates. That
internal state is initially set up using the secret key material. RC4 is a
widely used stream cipher; see Category Stream ciphers. Block
ciphers can be used as stream ciphers; see Block cipher modes of
operation.
Cryptographic hash functions are a third type of cryptographic
algorithm. They take a message of any length as input, and output a
short, fixed length hash, which can be used in (for example) a digital
signature. For good hash functions, an attacker cannot find two
messages that produce the same hash. MD4 is a long-used hash
function that is now broken; MD5, a strengthened variant of MD4, is
also widely used but broken in practice. The US National Security
Agency developed the Secure Hash Algorithm series of MD5-like
hash functions: SHA-0 was a flawed algorithm that the agency
withdrew; SHA-1 is widely deployed and more secure than MD5, but
cryptanalysts have identified attacks against it; the SHA-2 family
improves on SHA-1, but is vulnerable to clashes as of 2011; and the
US standards authority thought it "prudent" from a security
perspective to develop a new standard to "significantly improve the
robustness of NIST's overall hash algorithm toolkit."[39]Thus, a hash
function design competition was meant to select a new U.S. national
standard, to be called SHA-3, by 2012. The competition ended on
October 2, 2012 when the NIST announced that Keccak would be the
new SHA-3 hash algorithm.[40] Unlike block and stream ciphers that
are invertible, cryptographic hash functions produce a hashed output
that cannot be used to retrieve the original input data. Cryptographic
hash functions are used to verify the authenticity of data retrieved
from an untrusted source or to add a layer of security.
Message authentication codes (MACs) are much like cryptographic
hash functions, except that a secret key can be used to authenticate
the hash value upon receipt;[4] this additional complication blocks an
attack scheme against bare digest algorithms, and so has been
thought worth the effort.
Public-key cryptography

Asymmetric-key cryptosystems use the same key for encryption and

decryption of a message, although a message or group of messages
can have a different key than others. A significant disadvantage of
symmetric ciphers is the key management necessary to use them
securely. Each distinct pair of communicating parties must, ideally,
share a different key, and perhaps for each ciphertext exchanged as
well. The number of keys required increases as the square of the
number of network members, which very quickly requires complex
key management schemes to keep them all consistent and secret.

In this example the message is only signed and not encrypted. 1)

Alice signs a message with her private key. 2) Bob can verify that
Alice sent the message and that the message has not been modified.
Public-key cryptography is also used for implementing digital
signature schemes. A digital signature is reminiscent of an
ordinary signature; they both have the characteristic of being easy
for a user to produce, but difficult for anyone else to forge. Digital
signatures can also be permanently tied to the content of the
message being signed; they cannot then be 'moved' from one
document to another, for any attempt will be detectable. In digital
signature schemes, there are two algorithms: one for signing, in
which a secret key is used to process the message (or a hash of the
message, or both), and one for verification, in which the matching
public key is used with the message to check the validity of the
signature. RSA and DSA are two of the most popular digital signature
schemes. Digital signatures are central to the operation of public key
infrastructures and many network security schemes (e.g., SSL/TLS,
many VPNs, etc.).
Public-key algorithms are most often based on the computational
complexity of "hard" problems, often from number theory. For
example, the hardness of RSA is related to the integer
factorization problem, while Diffie–Hellman and DSA are related to
the discrete logarithm problem. The security of elliptic curve
cryptography is based on number theoretic problems
involving elliptic curves. Because of the difficulty of the underlying
problems, most public-key algorithms involve operations such
as modular multiplication and exponentiation, which are much more
computationally expensive than the techniques used in most block
ciphers, especially with typical key sizes. As a result, public-key
cryptosystems are commonly hybrid cryptosystems, in which a fast
high-quality symmetric-key encryption algorithm is used for the
message itself, while the relevant symmetric key is sent with the
message, but encrypted using a public-key algorithm. Similarly,
hybrid signature schemes are often used, in which a cryptographic
hash function is computed, and only the resulting hash is digitally
signed.

Side-by-side comparison of symmetric encryption and asymmetric

encryption

Comparison
Symmetric Encryption Asymmetric Encryption
Factor
Number of Asymmetric Encryption
Symmetric encryption
Cryptographic consists of two
incorporates only one
Keys cryptographic keys. These
 key for encryption as keys are regarded
well as decryption. as Public Key and Private
Key.
Symmetric encryption is
Contribution from
a simple technique
separate keys for
compared to asymmetric
Complexity encryption and decryption
encryption as only one
makes it a rather complex
key is employed to carry
process.
out both the operations.
Because of encryption and
Due to its simplistic
decryption by two
nature, both the
Swiftness of separate keys and the
operations can be
Execution process of comparing
carried out pretty
them make it a tad slow
quickly.
procedure.
 RC4  RSA

 AES  Diffie-Hellman
Algorithms
 DES  ECC
Employed
 3DES  El Gamal
 QUAD  DSA
Asymmetric Algorithms
Ed25519 signing

Step1: Generate an Ed25519 private key.

Returns: Ed25519PrivateKey
Step2:
Parameter: data (bytes-like) – 32 byte private key

Returns: Ed25519PrivateKey
>>> from cryptography.hazmat.primitives import serialization
>>> from cryptography.hazmat.primitives.asymmetric import
ed25519
>>> private_key = ed25519.Ed25519PrivateKey.generate()
>>> private_bytes = private_key.private_bytes(
... encoding=serialization.Encoding.Raw,
... format=serialization.PrivateFormat.Raw,
... encryption_algorithm=serialization.NoEncryption()
... )
>>> loaded_private_key =
ed25519.Ed25519PrivateKey.from_private_bytes(private_bytes)
Step3: public_key()

Returns: Ed25519PublicKey
Step4: sign(data)
Parameters: data (bytes) – The data to sign.
Returns bytes: The 64 byte signature.
Step5:

Returns: Ed25519PublicKey
>>> from cryptography.hazmat.primitives import serialization
>>> from cryptography.hazmat.primitives.asymmetric import
ed25519
>>> private_key = ed25519.Ed25519PrivateKey.generate()
>>> public_key = private_key.public_key()
>>> public_bytes = public_key.public_bytes(
... encoding=serialization.Encoding.Raw,
... format=serialization.PublicFormat.Raw
... )
>>> loaded_public_key =
ed25519.Ed25519PublicKey.from_public_bytes(public_bytes)
Step6: verify(signature, data)
 signature (bytes) – The signature to verify.
Parameters:  data (bytes) – The data to verify.

Raises:

Diffie-Hellman key exchange

>>> from cryptography.hazmat.backends import default_backend

>>> from cryptography.hazmat.primitives import hashes
>>> from cryptography.hazmat.primitives.asymmetric import dh
>>> from cryptography.hazmat.primitives.kdf.hkdf import HKDF
>>> # Generate some parameters. These can be reused.
>>> parameters = dh.generate_parameters(generator=2,
key_size=2048,
... backend=default_backend())
>>> # Generate a private key for use in the exchange.
>>> server_private_key = parameters.generate_private_key()
>>> # In a real handshake the peer is a remote client. For this
>>> # example we'll generate another local private key though. Note
that in
>>> # a DH handshake both peers must agree on a common set of
parameters.
>>> peer_private_key = parameters.generate_private_key()
>>> shared_key =
server_private_key.exchange(peer_private_key.public_key())
>>> # Perform key derivation.
>>> derived_key = HKDF(
... algorithm=hashes.SHA256(),
... length=32,
... salt=None,
... info=b'handshake data',
... backend=default_backend()
... ).derive(shared_key)
>>> # And now we can demonstrate that the handshake performed in
the
>>> # opposite direction gives the same final value
>>> same_shared_key = peer_private_key.exchange(
... server_private_key.public_key()
... )
>>> same_derived_key = HKDF(
... algorithm=hashes.SHA256(),
... length=32,
... salt=None,
... info=b'handshake data',
... backend=default_backend()
... ).derive(same_shared_key)
>>> derived_key == same_derived_key
DHE (or EDH), the ephemeral form of this exchange, is strongly
preferred over simple DH and provides forward secrecy when used.
You must generate a new private key
using generate_private_key() for each exchange() when
performing an DHE key exchange. An example of the ephemeral
form:
>>> from cryptography.hazmat.backends import default_backend
>>> from cryptography.hazmat.primitives import hashes
>>> from cryptography.hazmat.primitives.asymmetric import dh
>>> from cryptography.hazmat.primitives.kdf.hkdf import HKDF
>>> # Generate some parameters. These can be reused.
>>> parameters = dh.generate_parameters(generator=2,
key_size=2048,
... backend=default_backend())
>>> # Generate a private key for use in the exchange.
>>> private_key = parameters.generate_private_key()
>>> # In a real handshake the peer_public_key will be received from
the
>>> # other party. For this example we'll generate another private
key and
>>> # get a public key from that. Note that in a DH handshake both
peers
>>> # must agree on a common set of parameters.
>>> peer_public_key =
parameters.generate_private_key().public_key()
>>> shared_key = private_key.exchange(peer_public_key)
>>> # Perform key derivation.
>>> derived_key = HKDF(
... algorithm=hashes.SHA256(),
... length=32,
... salt=None,
... info=b'handshake data',
... backend=default_backend()
... ).derive(shared_key)
>>> # For the next handshake we MUST generate another private
key, but
>>> # we can reuse the parameters.
>>> private_key_2 = parameters.generate_private_key()
>>> peer_public_key_2 =
parameters.generate_private_key().public_key()
>>> shared_key_2 = private_key_2.exchange(peer_public_key_2)
>>> derived_key_2 = HKDF(
... algorithm=hashes.SHA256(),
... length=32,
... salt=None,
... info=b'handshake data',
... backend=default_backend()
... ).derive(shared_key_2)

RSA

Generation

Generates a new RSA private key using the

provided backend . key_size describes how many bits long the key
should be. Larger keys provide more security; currently 1024 and
below are considered breakable while 2048 or 4096 are reasonable
default key sizes for new keys. The public_exponent indicates what
one mathematical property of the key generation will be. Unless you
have a specific reason to do otherwise, you should always use 65537.

>>> from cryptography.hazmat.backends import default_backend

>>> from cryptography.hazmat.primitives.asymmetric import rsa
>>> private_key = rsa.generate_private_key(
... public_exponent=65537,
... key_size=2048,
... backend=default_backend()
... )

Key loading

If you already have an on-disk key in the PEM format (which are
recognizable by the distinctive -----BEGIN {format}----- and -----
END {format}----- markers), you can load it:

>>> from cryptography.hazmat.backends import default_backend

>>> from cryptography.hazmat.primitives import serialization

>>> with open("path/to/key.pem", "rb") as key_file:

... private_key = serialization.load_pem_private_key(
... key_file.read(),
... password=None,
... backend=default_backend()
... )
Serialized keys may optionally be encrypted on disk using a
password. In this example we loaded an unencrypted key, and
therefore we did not provide a password. If the key is encrypted we
can pass a bytes object as the password argument.

There is also support for loading public keys in the SSH format

Key serialization

If you have a private key that you’ve loaded or generated which

implements the RSAPrivateKeyWithSerialization interface you can
use private_bytes() to serialize the key.

>>> from cryptography.hazmat.primitives import serialization

>>> pem = private_key.private_bytes(
... encoding=serialization.Encoding.PEM,
... format=serialization.PrivateFormat.PKCS8,
...
encryption_algorithm=serialization.BestAvailableEncryption(b'mypas
sword')
... )
>>> pem.splitlines()[0]
b'-----BEGIN ENCRYPTED PRIVATE KEY-----'
It is also possible to serialize without encryption
using NoEncryption .

>>> pem = private_key.private_bytes(

... encoding=serialization.Encoding.PEM,
... format=serialization.PrivateFormat.TraditionalOpenSSL,
... encryption_algorithm=serialization.NoEncryption()
... )
>>> pem.splitlines()[0]
b'-----BEGIN RSA PRIVATE KEY-----'
For public keys you can use public_bytes() to serialize the key.

>>> from cryptography.hazmat.primitives import serialization

>>> public_key = private_key.public_key()
>>> pem = public_key.public_bytes(
... encoding=serialization.Encoding.PEM,
... format=serialization.PublicFormat.SubjectPublicKeyInfo
... )
>>> pem.splitlines()[0]
b'-----BEGIN PUBLIC KEY-----'

Signing

A private key can be used to sign a message. This allows anyone with
the public key to verify that the message was created by someone
who possesses the corresponding private key. RSA signatures require
a specific hash function, and padding to be used. Here is an example
of signing message using RSA, with a secure hash function and
padding:

>>> from cryptography.hazmat.primitives import hashes

>>> from cryptography.hazmat.primitives.asymmetric import
padding
>>> message = b"A message I want to sign"
>>> signature = private_key.sign(
... message,
... padding.PSS(
... mgf=padding.MGF1(hashes.SHA256()),
... salt_length=padding.PSS.MAX_LENGTH
... ),
... hashes.SHA256()
... )
Valid paddings for signatures are PSS and PKCS1v15 . PSS is the
recommended choice for any new protocols or
applications, PKCS1v15 should only be used to support legacy
protocols.

If your data is too large to be passed in a single call, you can hash it
separately and pass that value using Prehashed .

>>> from cryptography.hazmat.primitives.asymmetric import utils

>>> chosen_hash = hashes.SHA256()
>>> hasher = hashes.Hash(chosen_hash, default_backend())
>>> hasher.update(b"data & ")
>>> hasher.update(b"more data")
>>> digest = hasher.finalize()
>>> sig = private_key.sign(
... digest,
... padding.PSS(
... mgf=padding.MGF1(hashes.SHA256()),
... salt_length=padding.PSS.MAX_LENGTH
... ),
... utils.Prehashed(chosen_hash)
... )

Verification

The previous section describes what to do if you have a private key

and want to sign something. If you have a public key, a message, a
signature, and the signing algorithm that was used you can check
that the private key associated with a given public key was used to
sign that specific message. You can obtain a public key to use in
verification
using load_pem_public_key() , load_der_public_key() , public_key(
) , or public_key() .

>>> public_key = private_key.public_key()

>>> public_key.verify(
... signature,
... message,
... padding.PSS(
... mgf=padding.MGF1(hashes.SHA256()),
... salt_length=padding.PSS.MAX_LENGTH
... ),
... hashes.SHA256()
... )
If the signature does not match, verify() will raise
an InvalidSignature exception.

If your data is too large to be passed in a single call, you can hash it
separately and pass that value using Prehashed .
>>> chosen_hash = hashes.SHA256()
>>> hasher = hashes.Hash(chosen_hash, default_backend())
>>> hasher.update(b"data & ")
>>> hasher.update(b"more data")
>>> digest = hasher.finalize()
>>> public_key.verify(
... sig,
... digest,
... padding.PSS(
... mgf=padding.MGF1(hashes.SHA256()),
... salt_length=padding.PSS.MAX_LENGTH
... ),
... utils.Prehashed(chosen_hash)
... )

Encryption

RSA encryption is interesting because encryption is performed using

the public key, meaning anyone can encrypt data. The data is then
decrypted using the private key.

Like signatures, RSA supports encryption with several different

padding options. Here’s an example using a secure padding and hash
function:

>>> message = b"encrypted data"

>>> ciphertext = public_key.encrypt(
... message,
... padding.OAEP(
... mgf=padding.MGF1(algorithm=hashes.SHA256()),
... algorithm=hashes.SHA256(),
... label=None
... )
... )
Valid paddings for encryption are OAEP and PKCS1v15 . OAEP is
the recommended choice for any new protocols or
applications, PKCS1v15 should only be used to support legacy
protocols.

Decryption

Once you have an encrypted message, it can be decrypted using the

private key:

>>> plaintext = private_key.decrypt(

... ciphertext,
... padding.OAEP(
... mgf=padding.MGF1(algorithm=hashes.SHA256()),
... algorithm=hashes.SHA256(),
... label=None
... )
... )
>>> plaintext == message
True

Conclusion
As we toward a society where automated information resources are
increased and cryptography will continue to increase in importance
as a security mechanism. Electronic networks for banking, shopping,
inventory control, benefit and service delivery, information storage
and retrieval, distributed processing, and government applications
will need improved methods for access control and data security.
The information security can be easily achieved by using
Cryptography technique. DES is now considered to be insecure for
some applications like banking system. there are also some analytical
results which demonstrate theoretical weaknesses in the cipher. So it
becomes very important to augment this algorithm by adding new
levels of security to make it applicable. By adding additional key,
modified S-Box design, modifies function implementation and
replacing the old XOR by a new operation as proposed by this thesis
to give more robustness to DES algorithm and make it stronger
against any kind of intruding. DES Encryption with two keys instead
of one key already will increase the efficiency of cryptography.