eneller/lec-crypto
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
da28170d0a5a92dcaf268918f5ce937f88a95314
lec-crypto/crypto.tex
eneller da28170d0a update
2026-02-03 02:53:09 +01:00

104 lines
5.3 KiB
TeX
Raw Blame History

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
\documentclass{article}
\usepackage[utf8x]{inputenc}
\usepackage[margin=1in]{geometry} % Adjust margins
\usepackage{caption}
\usepackage{wrapfig}
\usepackage{subcaption}
\usepackage{parskip} % dont indent after paragraphs, figures
\usepackage{xcolor}
%\usepackage{csquotes} % Recommended for biblatex
\usepackage{tikz}
\usepackage{pgfplots}
\usetikzlibrary{positioning}
\usepackage{float}
\usepackage{amsmath}
\PassOptionsToPackage{hyphens}{url}
\usepackage{hyperref} % allows urls to follow line breaks of text
\usepackage[style=ieee, backend=biber, maxnames=1, minnames=1]{biblatex}
\addbibresource{crypto.bib}
\usepackage{glossaries}
\makeglossaries
\newacronym{DES}{DES}{Data Encryption Standard}
\newacronym{AES}{AES}{Advanced Encryption Standard}
\newacronym{RSA}{RSA}{RivestShamirAdleman Encryption}
\title{Cryptography}
\author{Erik Neller}
\date{\today}
\begin{document}
\maketitle
\section{Introduction}
Cryptography is ubiquitous in our modern world.
While the origins of cryptography date back thousands of years, evidence of its use in ancient is sparse.
\cite{luenberger}
Most of its use seemed to be reserved for political and military leaders, e.g. notably Mary Queen of Scots,
who while in prison, plotted to kill Queen Elizabeth using encrypted letters \cite{enwiki:maryofscots}.
With the widespread adoption of the internet, the need for several cryptographical functions arose.
Due to its intended original use as a trusted research network (ARPANET),
almost none of the original protocols were 'secure' in any sense of the word.
Most notably still today is SMTP, the \textit{Simple Mail Transfer Protocol}, used to send email to servers.
In its original implementation, it allowed attackers to intercept emails in transit to read and modify them
and even spoof the sender address to impersonate others.
SMTP today is secured using a combination of mitigations for these attacks, such as STARTTLS, SPF, DKIM and DMARC,
emphasizing the need for securely designed protocols.
\subsection{Security}
Common goals associated with security include the \textit{CIA triad}, consisting of
\begin{itemize}
\item Confidentiality: Prevent unauthorized reading
\item Integrity: Prevent unauthorized modification
\item Availability: Prevent denial of service
\end{itemize}
With further goals including Authenticity and Non-repudiation. Cryptography can help with all of the aforementioned goals
except availability.
This can be achieved using several different applications of cryptography:
\begin{itemize}
\item Encryption provides confidentiality by only saving / transmitting an encrypted message.
\item Hash functions ensure data has not been altered.
\item Digital signatures confirm a message was indeed sent by who we expect it to be, preventing man-in-the-middle attacks
where the message is simply swapped out before reaching its destination, as well as providing proof a message was sent (Non-repudiation).
\item Certificates confirm the sender's identity.
\end{itemize}
Importantly, Kerckhoff's principle \cite{enwiki:kerckhoff} is what allows us to go into detail on the following algorithms.
Embraced by researchers today, it holds that the security of a cryptosystem should only rely on the secrecy of the key,
allowing and encouraging the publication of cryptographic algorithms. \newline
It is closely related to Shannon's maxim, stating that
"one ought to design systems under the assumption that the enemy will immediately gain full familiarity with them".
This is opposed to \textit{security through obscurity}, which doesnt allow for verification of the cryptographic
algorithm through a scientific process in the public domain.
\subsection{Hash Functions}
A general hash function $h(m)$ is a function that takes a message $m$ of arbitrary and produces an output $h$ called \textit{hash}
of fixed length. However, not every mathematical function can be considered a hash function.
The main applications of hash functions include integrity checking and hash maps for efficient data retrieval.
Depending on the applications, different properties determine the usefulness of a function.
An obvious desired property is efficiency - every application benefits from faster computing times.
Also central to all applications of hash functions is a property called \textit{collision resistance}, where there should be no
efficient way, i.e. no better way than brute force to find $m_1 \neq m_2$ so that $h(m_1) = h(m_2)$.
Again, for encryption the importance is clear. If a password is stored in hashed form to obfuscate the clear text,
no security is gained if it is easy for an attacker to find a password that produces the same hash and thus passes the challenge.
A similar notion holds true for data retrieval. If it is too easy to find collisions, e.g. similar inputs produce similar outputs,
there will be an uneven distribution in the target domain and thus little to no efficiency gain.
Another desired property, specifically for encryption is what is usually used synonymously with a hash function: a \textit{one-way function}.
Given $h(m)$, there should be no method more efficient than brute force to find a matching $m$.
\subsection{Encryption}
\section{DES}
The \acrfull{DES} is a symmetric cipher developed in the 1970s at IBM
\section{AES}
\section{RSA}
\clearpage
%\printglossary[type=\acronymtype]
%\printglossary
\printbibliography
\end{document}
Reference in New Issue View Git Blame Copy Permalink