🔐 Cryptography Unit 3

🎯 Unit 3 Overview

Unit 3 covers security mechanisms used to verify message authenticity, integrity and identity. It includes message authentication, digital signature, key management, hash functions, DSS, cryptanalysis techniques and Kerberos authentication system.

📩 Message Authentication

Message authentication is a security mechanism used to verify that a message is received from the correct sender and has not been changed during transmission.

Goals of Message Authentication

• Verify sender identity.
• Check message integrity.
• Detect unauthorized modification.
• Prevent replay and forgery attacks.

✍️ Digital Signature

Digital signature is an electronic signature used to verify the authenticity and integrity of a digital message or document.

Working

1. Sender creates hash of the message.
2. Sender encrypts hash using private key.
3. The encrypted hash becomes digital signature.
4. Receiver decrypts signature using sender's public key.
5. Receiver compares hash values to verify message.

🔑 Key Management

Key management means generation, distribution, storage, usage and destruction of cryptographic keys. Proper key management is necessary for secure communication.

Functions of Key Management

• Key generation
• Key distribution
• Key storage
• Key renewal
• Key revocation
• Key destruction

🤝 Key Exchange

Key exchange is the process of securely sharing cryptographic keys between communicating parties.

Examples

• Diffie-Hellman Key Exchange
• RSA based key exchange
• Public Key Infrastructure based exchange

🔐 Hash Function

A hash function converts a message of any length into a fixed length hash value or message digest.

Properties of Secure Hash Function

• Fixed length output
• Fast computation
• Pre-image resistance
• Second pre-image resistance
• Collision resistance
• Avalanche effect

🌐 Universal Hashing

Universal hashing is a hashing method in which a hash function is selected randomly from a family of hash functions. It is used to reduce the chances of collision.

Advantages

• Reduces collision probability.
• Improves security.
• Useful in authentication schemes.

🧾 Cryptographic Hash Function

A cryptographic hash function is a special hash function used in security applications. It is designed to be one-way and collision resistant.

Applications

• Password storage
• Digital signatures
• Message authentication
• File integrity checking
• Blockchain systems

📌 MD Algorithm

MD stands for Message Digest. MD algorithms are used to generate message digest from input data. MD5 is a popular message digest algorithm, but it is now considered weak for secure applications.

Features

• Produces fixed length digest.
• Used for integrity checking.
• Fast computation.
• Older MD versions are vulnerable to collision attacks.

🛡️ Secure Hash Algorithm (SHA)

SHA is a family of cryptographic hash functions designed for secure hashing. SHA is stronger than MD5 and widely used in digital signatures and certificates.

📝 Digital Signature Standard (DSS)

Digital Signature Standard is a standard used for generating and verifying digital signatures. It uses Digital Signature Algorithm.

Steps

1. Generate hash of message.
2. Create digital signature using private key.
3. Send message with signature.
4. Receiver verifies signature using public key.

🕵️ Cryptanalysis

Cryptanalysis is the study of breaking cryptographic systems without knowing the secret key. Its aim is to find weaknesses in cryptographic algorithms.

Types of Attacks

• Ciphertext-only attack
• Known-plaintext attack
• Chosen-plaintext attack
• Chosen-ciphertext attack

⏱️ Time-Memory Trade-Off Attack

Time-memory trade-off attack reduces computation time by using precomputed data stored in memory. It is commonly used in password cracking techniques.

Idea

• More memory can reduce attack time.
• Precomputed tables help recover keys or passwords faster.
• Rainbow tables are a common example.

📊 Differential Cryptanalysis

Differential cryptanalysis studies how differences in plaintext affect differences in ciphertext. It is mostly used to attack block ciphers.

Purpose

• Analyze weakness of block ciphers.
• Find relation between input difference and output difference.
• Recover secret key information.

🔒 Secure Channel

A secure channel provides safe communication between two parties using encryption, authentication and integrity checking.

Requirements

• Confidentiality
• Integrity
• Authentication
• Replay protection

🎟️ Kerberos Authentication System

Kerberos is a network authentication protocol that uses tickets to allow secure authentication over an insecure network.

Main Components

• Client
• Authentication Server
• Ticket Granting Server
• Service Server
• Key Distribution Center

Working

1. Client requests authentication from Authentication Server.
2. Authentication Server provides Ticket Granting Ticket.
3. Client sends ticket to Ticket Granting Server.
4. Ticket Granting Server issues service ticket.
5. Client uses service ticket to access the service server.

⚖️ Hash Function vs Digital Signature

⭐ Important Questions

1. Explain message authentication and its goals.
2. Explain digital signature with working.
3. Explain key management and key exchange.
4. What is hash function? Explain its properties.
5. Explain cryptographic hash function and its applications.
6. Write short note on MD and SHA.
7. Explain Digital Signature Standard.
8. Explain cryptanalysis and its types.
9. Explain differential cryptanalysis.
10. Explain Kerberos authentication system.

🔥 Last Minute Revision

• Message authentication verifies sender and message integrity.
• Digital signature uses sender private key.
• Hash function gives fixed length message digest.
• SHA is stronger than MD5.
• DSS is used for digital signatures.
• Cryptanalysis means breaking cryptosystems.
• Differential cryptanalysis attacks block ciphers.
• Kerberos uses tickets for authentication.

🔗 Related Links