Welcome to the deep Dive. Today, we're jumping straight into the really crucial world of cryptography and network security. That's right, We've got a whole bunch of information here, and our goal is really to give you the essential understanding, you know, how our digital lives are protected without getting bogged down in complexity. We'll explore everything from the basic mac behind encryption to the measure securing modern networks and well the cloud.
Yeah, and to really get under the hood, we've been looking at a pretty comprehensive textbook. It's actually aligned with the ACMIE Computer Science standards.
Oh interesting, and.
It really highlights how fundamental information security is today. So we're trying to pull out those key concepts relevant whether you're say a tech professional or just curious about how this all works exactly.
So if you've ever wondered about the you know, the secret math keeping your data private online or the different ways your information is shielded, then yeah, this deep dive is for you.
We want to make these complex topics clear, maybe even share a few surprising facts so you walk away with some real aha moments.
Hopefully.
Okay, let's dive in right at the beginning. Number theory Okay, So at.
The heart of well, a lot of modern cryptography is number theory. We can kick things off with divisibility and the Euclidean algorithm. Right, This gives us a really efficient way to find the greatest common divisor of two numbers.
Okay, finding the GCD seems mathematical, but how does it apply.
Well, it might sound purely academic, but it's actually surprisingly important in various crypto techniques. Think key generation and calculations in modular arithmetic.
Ah. Right, And speaking of modular arithmetic, that's all about remainders, isn't it exactly?
It's where you focus on the remainder after division. Like a clock, you know, after twelve you wrap around back to one. Okay, numbers wrap around after hitting a certain value the modulus. So like if you calculate eleven to the power of seven and then divide by thirteen, the remainder you get is two one seventeen mod thirteen is two.
Right. Wrapping around is key, it really is. It seems simple, but it's what makes certain operations easy one way but incredibly hard to reverse. And that asymmetry that's a core principle for secure communication and crypto, got it, And this whole idea sets the stage for prime numbers.
Which everyone knows are important right now, number is only divisible by one, and.
Themselves fundamental, absolutely fundamentally crypto. Their unique properties make them perfect building blocks for keys and algorithms.
Okay, now here's where it gets maybe a bit more complex, fermats and Euler's theorems.
Right, powerful stuff. Euler's theorem uses something called Eiler's totient function, often written five N or fn.
And what does that function do?
It basically counts how many positive integers up to a given number and don't share any common factors with n apart from one. Okay, and the kind of interesting property is that fn is always even if n is bigger than two. Sounds abstract, I know, yeah, a bit, but it actually has real implications for how cryptosystems are designed and analyzed.
Interesting.
Okay, these theorems, they lead us towards discrete logarithms.
Discrete logarithms. What's the core idea there?
Okay? Imagine an equation hy equal g to the power of x, all done modulo p, where p is a prime. If you know g x and P, finding why is easy, straightforward calculation. But the reverse problem finding x exactly if you know YG and P, trying to figure out that original exponent X is generally incredibly difficult, computationally hard.
Ah, and that difficulty is the security that's the bedrock for many modern systems.
It's a hard problem, much like factoring very large numbers, which, as we'll get to, is key for RSA.
Okay, so those are the mathematical foundations. Let's move into symmetric ciphers now, starting with maybe the classical.
Techniques sounds good.
So first off, what makes us cipher symmetric? In simple terms, the key.
Thing that defining characteristic is that you use the same secret key for both encryption scrambling the message and decryption unscrambling.
Okay, one key does both jobs like a safe.
Key, precisely, lock and unlock with the same key.
Makes sense. So what were some of the early ways people use this single key.
Well, classical methods mostly fall into two buckets, substitution and transposition.
Substitution that like replacing letters.
Yeah, basically replacing parts of the plaintext letters maybe groups of letters with other symbols or letters. The classic Caesar cipher is a simple example, just shift every letter a fixed number of places.
Right A becomes D, B becomes etc.
Exactly. More complex ones like the Visioneer cipher use a keyword. That keyword tells you how much to shift each letter, making it harder to crack than a simple caesar.
Okay, and transposition sounds like just shuffling things around, That's exactly it.
Transposition ciphers just rearrange the order of the letters or other units in the plaintext. They don't change the letters themselves.
Like making an anagram.
Pretty much, yeah, shuffling the deck basically.
Now, when we talk about how strong these are, unconditional security versus computational security, what's the difference?
Right? Unconditional security is the gold standard. Theoretically, it means even an attacker with infinite computing power infinite time still couldn't figure out the original message just from the ciphertext. Why not because the ciphertext simply doesn't contain enough information. The only cipher known to achieve this is the one time pad.
Ah, the famous one time pad.
Yeah, but it needs a truly random key that's as long as the message itself, and you can only use it.
Once, which is impractical.
Very impractical. Generating and securely sharing those long keys is a nightmare. So most modern encryption aims for computational security instead, which means it means that, yeah, theoretically it might be possible to break the cipher, but the amount of computing power and time needed is just astronomical, so enormous that it's practically impossible in the real world, you know, within any reasonable timeframe.
Okay, So the security relies on it being too hard to compute the answer.
Exactly, the key length, the complexity of the algorithm, that's what provides the barrier.
So that leads us to modern symmetric ciphers. Let's start with block ciphers and the famous data encryption standard DES OKAYDES.
What's the main difference between a block cipher and say, stream cipher? Good question. Stream ciphers encrypted data bit by bit or bite by bite as it comes in. Block ciphers, though, operate on fixed sized chunks of plaintext. These chunks are called blocks.
How big were the blocks for das?
The EES used sixty four bit blocks, and it used a fifty six bit key. Each sixty four bit block is processed as a single unit.
Our sources mentioned an ideal block cipher. What's that concept about? Ah?
Yeah, Feistal's idea. Think of an ideal block cipher as like a perfect scrambler for blocks of a certain size. For an n bit block, there are two to the end possible inputs, right. An ideal cipher could map each of those inputs to any of the two to the m possible outputs in a totally and them looking but reversible way. It gives you the maximum possible number of encryption transformations.
Okay. The theoretical maximum and DS uses something called the Feistyal cipher structure. Not quite ideal, but based on it exactly.
The Fystyal structure is a really clever design used in many block ciphers des included.
How does it work? Basically, you take the.
Plaintext block, split it in half, then you run it through a series of rounds. In each round, a special function is applied to one half using a round key derived from the main key.
Okay.
The result of that function is then combined, usually just exored, with the other half. Then crucially, the two halves are swapped. Repeat for several rounds.
And the clever part, the.
Really neat thing, is the function itself doesn't have to be reversible for the whole encryption process to be reversible because of that swap and XR structure. Decryption just runs the process backward using the round keys in reverse order.
Ah. Okay, So DES sixty four bit block, fifty six bit key, sixteen rounds of this feistyle process plus some shuffling at the start and end.
That's the gist of it. Yeah, initial and final permutations.
What were the main worries about DES security over time?
The big one, really, the killer, was the fifty six big key size. It seemed okay back in the seventies when it was designed.
But computing power caught up massively.
The possibility of a brute force attack just trying every single one of the two hundred and fifty six possible keys became a very real threat. People started designing machines specifically to crack DES.
And eventually they could.
Yep, those concerns were validated. DES just wasn't strong enough anymore, which led to the need for replacement.
Which brings us neatly to the Advanced Encryption Standard AES, the successor. How does AES differ from DES in terms of design? Security?
As is quite different? Internally doesn't use that feistyle structure. It works on larger blocks under twenty eight.
Bits, bigger blocks and bigger keys, much bigger keys.
AES supports key lengths of one hundred and twenty eight, one hundred and ninety two or two hundred and fifty six bits. That makes it vastly more resistant to broot force attacks.
Than des Okay, and internally, how does it process that one hundred and twenty eight It organizes the.
One hundred and twenty eight bits into a four by four grid of bytes. This grid is called the state array. The encryption process involves transforming the state array over multiple rounds.
And what are the main transformations in each as round?
There are four main steps repeated in each round byte sub shift, rows, mixed columns, and ad.
Round key Okay, break those down briefly, BIGHTE.
Sub byte sub is a substitution step. Each byte in the state array is replaced by another byte according to a fixed lookup table called an s box. It provides nonlinearity. This rose shift rows cyclically shifts the bytes in each row of the state array. Row one shifts by one byte, row two by two, and so on. This helps spread changes across columns.
Mixed columns sounds important.
It is. It's a more complex mathematical step that mixes the bytes within each column of the state. Uses operations in a finite field.
Finite field like that modular arithmetic we.
Talked about sort of, Yeah, it's arithmetic with polynomials over GF twenty eight. The key point is that this step ensure is that changes in one byte quickly affect many other bytes in the block. It provides diffusion, okay, strong mixing. And the last step add round key ad ground key is simple. It just xo R is the current statea array with a round specific key that's derived from the main AES key. This is where the secret key actually gets mixed.
Into the data you mentioned. Mixed columns uses finite field math. Can you give a slightly less mathy idea of what it achieves?
Sure? Think of it like really thoroughly blending the ingredients in each column of that four by four grid. Mathematically, it involves treating each column like a polynomial and multiplying it by a fixed polynomial using special rules.
Huh.
The result is that every bite in the output column depends on all the bytes in the input column, great for scrambling things up quickly.
And these round keys for ad round key. They come from the main key, Yes.
Through a process called key expansion. The original one twenty eight, one, nine, two or two hundred and fifty six bit key is expanded into a whole schedule of round keys, one for each round plus an initial one.
Is that expansion important for security too?
Absolutely? It's designed so that every bit of the original key influences many bits of the round keys. This diffusion is vital. Change one bit in the main key and the round keys, and thus the encryption changed drastically.
Okay, AES sounds much more robust. Now, how are block ciphers like AES actually used to encrypt say a large file that gets us into these modes of operation? Right?
Exactly, a block cipher only encrypts one fixed size block at a time. Modes of operation define how you apply that block cipher repeatedly to handle data of any size. Right, and different modes have different characteristics, different security properties, different performance trade offs.
Let's run through the main ones. Electronic Codebook mode ECB sounds basic.
It is the simplest. You just chop the plaintext into blocks and encrypt each block independently using the same key.
What's the problem with that?
The huge weakness is that if you have identical plaintext blocks, they will always encrypt the exact same ciphertext block.
So patterns remain visible totally.
You often see it demonstrated with images. You can still make out the original image even after ECB encryption, because areas of the same color encrypt to the same pattern. Generally you avoid ECB.
Okay, then there's cipher blockchaining CBC mode. How does that improve things?
CBC introduces dependency between blocks. Before encrypting a plaintext block, you x R it with the ciphertext from.
The previous block, caning them together.
Exactly for the very first block. There's no previous cybertext, so you use a random starting value called an initialization vector or.
Five, and that hides the patterns.
Yes, because now each ciphertext block depends not just on its corresponding plaintext block, but on all the plaintext blocks before it. Repeating plaintext blocks won't produce repeating ciphertext blocks anymore, assuming you use a unique IV.
Okay, what about cipher feedback CFB and output feedback OFB. They sound like they might be used for streaming data.
You're right. They effectively turn a block cipher into a stream cipher. How In CFB, you encrypt the previous ciphertext block, then xor ru the result with the current plaintext block to get the current ciphertext. That ciphertext then feeds into the next step. Okay, ANDFB OFD is similar, but instead of feeding back the ciphertext, it feeds back the output of the block cipher encryption before the xor This generated
the keystream independent of the plaintext. You then xr this keystream with the plaintext.
So OFB generates a stream of key bits.
Essentially, yes, like a stream cipher.
Encounter mode CTR that seems popular.
CTR mode is also like a stream cipher. It works by encrypting a counter value. This counter is unique for each block, usually combination of a nonce which is a number used only once per.
Key, anance number use once got it.
And an incrementing counter value. You encrypt this unique counter value and then xr the result with the plaintext block.
What's the advantage of CTR A big one is parallelization.
Since each block's encryption only depends on the counter, not previous blocks, you can encrypt or decrypt multiple blocks simultaneously speeds things up.
But that nonce is critical.
Absolute critical. You must never reuse the same nons counter value with the same key. If you do, you completely break the security for those blocks. It's like reusing a one time pad key.
Okay, very important. We also saw something called format preserving encryption FPV. What's that about?
FPE is a need idea. It encrypts data in such a way that the ciphertext has the exact same format as the original plaintext. So if you encrypt a sixteen digit credit card number using FPE, the output will also be a sixteen digit number. It won't be the original number, or even a valid card number, but it'll look like one.
Why would you need that?
It's really useful in legacy systems or databases where changing the data format is difficult or impossible. You can encrypt sensitive data like credit card numbers or social security numbers, but they still fit into the existing database fields or application inputs.
How does it work? Generally?
Algorithms like f F one, f F two, f FI three typically involve converting the plaintext to a number using a pseudorandom function, often based on AES and sort of feistle like structure and carefully using modular arithmetic to ensure the output number stays within the required range and format.
Clever okay, Shifting gears now randomness crucial for keys ivs nonsays. We have true random number generators trngs and pseudorandom number generators pr g's big difference.
The fundamental difference is the source. Trngs tap into physical processes that are inherently unpredictable. Think radioicive decay, thermal noise in circuits, atmospheric noise, things that are truly random by nature.
Okay, real physical randomness and PRNGs pr.
And g's are algorithms. They're deterministic. You give them a starting value called a seed, and they produce the sequence of numbers that looks random but is actually completely determined by the seed in the algorithm. If you know the seed, you can predict the entire sequence.
So not truly random, but they aim for properties.
Like randomness exactly. Good PRNGs produce sequences that pass statistical tests for randomness. They should have uniformity zeros and ones roughly equal independence. Knowing part of the sequence doesn't help predict the rest. Scalability generate long sequences.
And for crypto, the key is unpredictability.
Absolutely crucial. A cryptographically secure PRNG or csprng must be unpredictable. Even if an attacker sees a large chunk of the output, they shouldn't be able to figure out the next bit or work backward to find the seed.
Okay, the sources mentioned. Linear congruental generators lcgs.
Lcgs are a common simple type of PRNG. They use a formula like next number a precious number plus c mod m relatively simple yes, with carefully chosen values for AC and M, they can produce sequences with decent statistical properties for some applications like simulations. A famous example uses a one hundred and eight oh seven and m equals to thirty one one.
But probably not good enough for crypto.
Generally, no standard lcgs are too predictable. Their internal state is too simple. An attacker can often figure out the parameters and the seed relatively easily.
So that's where cspr andngs come in. How are they built?
Csprngs are designed specifically to resist prediction. They often use cryptographic primitives like block ciphers or hash functions as part of their mechanism, like the CTRDRBG mentioned exactly. Ctrdrbgs is a block cipher in countermode like ASCTR to generate the output. They also have mechanisms to periodically recede themselves or update their internal state based on new entropy, making them much harder to predict or break.
And how does stream ciphers fit in with PRNGs.
You can think of a stream cipher as essentially a CSPR and G combined with an xrr operation. The stream cipher uses a short secret key to see to CSPR and G. The CSPR and G then generates a long sequence of pseudorandom bits that's the keystream. This keystream is then xord with the plaintext bit by bit or byte by byte to produce the cipher text.
Ah like a pseudorandom one time pad.
That's a great way to put it. The security hinges entirely on the unpredictability of that keystream generated by the CSPRNG. Our sources also briefly mentioned nonlinear feedback shift registers nfsrs as another way to generate complex keystreams.
We talked about trng's maybe being slow, Is that still true?
Historically? Yes, generating true randomness from physical sources could be slower than algorithmic PRNGs, but hardware trgs have improved a lot.
Like the Intel one mentioned.
Yeah, the Intel Digital Random Number Generator is built into their processors. It uses onboard physical entropy sources to generate high quality random numbers very quickly. This makes trngs much more practical for things beyond just seating pr.
And G's all right. That covers symmetric crypto and randomness. Now let's step into the other major paradigm, public key cryptography. Totally different approach, you.
Said, completely different mindset. Yeah. Public key or asymmetric cryptography uses two keys, a key.
Pair, two keys. How does that work.
There's a public key which you can share freely with anyone, doesn't matter who sees it, and there's a corresponding private key, which you must keep absolutely secret.
Okay, public and private What do they do?
The public key is typically used for encryption and the private key is used for decryption, or, in the case of digital signatures, the private key is used to sign and the public key is used to verify the signature.
And this solves the key sharing problem of symmetric crypto.
Bingo. You don't need a pre shared secret. If someone wants to send you an encrypted message, they just grab your public key which is public, encrypt the message with it, and send it over. Only you with your secret private key can decrypt it.
That's clever. What are the main applications.
It's revolutionized digital security? Main uses are confidentiality as we just described, secure key distribution helping parties agree on a symmetric key, and crucially, authentication via digital signature is proving who sent a message and that it wasn't tampered with.
RSA is the big name here, right. How does it work? At a high level?
RSA is based on modular exponentiation. Using that public private key pair. To encrypt a message M, you calculate c me mod N. Here E and N together form the public.
Key okay message to the power of E modulo n right to decrypt.
The person with the private key calculates M equal cd mod N. Here D is the private key exponent relating.
To E and N, and the security comes from the.
Security relies on the difficulty of figuring out D if you only know E and N, and that difficulty is directly tied to the difficulty of factoring the large number N into its original prime components H.
Factoring large numbers is hard. How are these keys N, E, and D actually generated?
It starts by choosing two very large distinct prime numbers, key and Q. These are kept secrets, okay, secret primes. Then you calculate N nicols pq. This N is part of the public key. Next you calculate something called Euler's totient function of N, which for primes is f n p one q one.
The totient function again yep.
Then you choose a public exponent such that E is relatively prime to fn. They share no common factors other than one often ease a small number like six, five, five, three, seven.
Okay, ees is chosen.
Then d D is the private exponent. It's calculated as the modular multiplicative inverse of emodulo fn, meaning e D mod fno one. Finding D efficiently typically uses the extended Euclidean algorithm. Got it.
So knowing P and q makes finding D easy, but without them it's hard because factoring N is hard.
Exactly. That's the core idea.
What are the ways attackers try to break RSA besides just guessing keys?
Well? Brute forcing the key is infeasible if the key is large enough. The main line of attack is mathematical. Try to factor N. As computers get faster and factoring algorithms improve RSA key sizes.
Need to increase any other attacks.
Yes, there are side channel attacks, like timing attacks, where an attacker measures precisely how long decryption takes for different cipher attexts. Variations in timing might leak information about the private key. Defenses exist, but it's a concern.
This sounds like those trapdoor one way functions mentioned earlier. What's the trap door here?
Precisely, a trapdoor one way function is easy to compute, one way hard to reverse unless you have the secret trapdoor information.
So in RSA encryption.
Mimod N is the easy forward direction. Reversing it finding M from C without D is hard. The trap door is the knowledge of the prime factors P and Q. If you know P and Q, you can easily calculate FN and then find D, opening the trap door and making decryption easy.
Okay, Beyond RSA, what other public key systems are important?
Diffey Helman key exchange is fundamental. It's not for encryption itself, but it lets two parties agree on a shared secret key over an insecure channel without any prior secrets. Wow. It uses modular exponentiation and the difficulty of the discrete logarithm problem we talked about earlier. Each party mixes their private number with a public base and modulus exchanges the results, and then mixes the received value with their own private
number again. Magically, they both arrive at the same shared secret, but an eavesdropper can't easily.
Compute it clever any others.
Elgamol is another system based on discrete logarithms, used for both encryption and digital signatures. And then there's elliptic curve cryptography ECC.
ECC is a big deal, now huge.
It provides security comparable to RSA, but with much smaller key sizes.
Why is that good.
Smaller keys mean faster computations, less storage, less bandwidth needed. That makes ECC ideal for resource constrained environments like mobile phones, smart cards, IoT devices. It's based on the math of elliptic curves over finite fields, which also leads to a hard discrete logarithm like problem.
Okay, fascinating. Let's move to tryptographic hash functions. We touched on them for signatures. What are their main properties?
Okay, hash functions they take an input of any size, could be tiny, could be huge, and produce a fixed size output. This output is the hash value or digest.
Fixed size output variable size input.
Got it properties? Easy to compute? The hash for any input must be one way. Given just the hash, it's infeasible to find the original input that's pre image resistance, second pre image resistance. Given an input M one, it's infeasible to find a different input M two that has the same hash and collision resistance. It's infeasible to find any two different inputs M one and M two that hash to the same value.
Collision resistance sounds like the hardest property to achieve.
It generally is yeah, and good hash functions should also make the output look random and spread inputs evenly across the possible outputs.
So the goal isn't secrecy but integrity exactly.
The main purpose is data integrity. A hash acts like a digital fingerprint, or check them for data. If you change the data even slightly, the hash value will change completely, hopefully so you can detect tampering.
How hard is it to brout force. A hash function like finding a collision.
It depends on the output size of the hash. Let's say embits.
Yeah.
Finding a pre image original input from hash takes roughly two and uper on average, but finding a collision due to the birthday paradox. The birthday paradox, yeah, the probability puzzle. It means finding any two inputs that collide is much easier than fighting an input. For a specific hash, it only takes about two and two operations.
So for a two hundred and fifty six bit hash, collisions take around two hundred and one hundred and twenty eight steps.
Right, still astronomically large and infeasible for current computers, which is why we use hashes like Saha two forty six.
Speaking of Saha, we saw SAHA five to twelve mention. How does it work? Internally?
Roughly, Saha five twelve is part of the SAHA two family. It's iterative. It processes the input message in big chunks one hundred and twenty four bit blocks. It pads the message so its length is right, and crucially, it includes the original message link in the final processing steps. This prevents certain attacks and in it uses the compression function.
This function takes the current message block and the result from the previous blocks processing, mixes them up through a series of complex operations eighty rounds for SAHA five to twelve and produces a new intermediate hash value. This repeats for all blocks.
Lots of mixing and churning.
Yeah, designed to ensure that every input bit affects many output bits, making it hard to reverse or re find collisions.
And then there's SAHA three different design.
Very different. Saha three came out of a NIS competition looking for a hash function with a fundamentally different structure than SAHA one and SAHA two, just in case weaknesses were found in that approach.
And it uses the sponge construction.
That's right. Think about like a sponge. It has an internal state. In the absorbing phase, you feed the input message blocks into the state, mixing them in. Then in the squeezing phase, you squeeze out the hash output bits from the state.
Interesting metaphor what does the mixing?
It uses a complex internal permutation function called kec apha. This permutation involves several steps per round, things called theta row, pie Chi and iota. She is the main nonlinear step Pie rearranges bits, IOTA adds constants to break symmetry. It's a very different way of scrambling the data compared to SAHA. Okay.
Now, Message authentication codes mcs. How do they relate to hashes but add authentication?
Right? Both deal with integrity, but a MEMC as authentication by involving a secret key.
A secret key a MA.
Is generated using a secret KEYK that's shared only between the sender and receiver. The sender computes MAAC equals function ok message. They send the message and the MAC and the receiver. The receiver gets the message in the MAAC. They know the secret KEYK, so they recompute the MAC on the received message using K. If they're calculated, MA matches the received MAC. They know two things, which are one,
the message hasn't been altered integrity. Two, the message must have come from someone who knows the secret KEYK authentication.
So the key is the crucial difference from a plane hash exactly.
An attacker without the key can't forge a valid MAC for a modified message, nor can they pretend to be the sender.
We saw HMAC and CMA mention specific type.
Yes, HMAC stands for hash base MAS it's a very popular standard that uses a regular cryptographic hash function like SAHA two five six combined with the secret key in a specific double hashing construction. Its security has proven relative to the underlying hash function. Okay and c CMAC is cipher based MC. It uses a block cipher like AES instead of hash function. It processes the message in blocks using the secret key with special handling for the last block.
And authenticated encryption AE combining things.
Yeah AE or AED Authenticated encryption with associated data aims to provide both confidentiality encryption and integrity authentication simultaneously in one integrated.
Algorithm, more efficient, more secure.
Often both. Doing them together can avoid subtle errors that might arise from combining separate encryption and am mag algorithms incorrectly. GCM Gellois counter mode is a very widely used AAD mode based.
On AES okay now digital signatures building on hashes and public keys.
Digital signatures give us integrity and authentication like MC's, but they use public key crypto. This adds a crucial.
Third property, non repudiation.
Non repudiation meaning.
Meaning the sender cannot later deny having sent the message because creating the signature requires their unique private key, which only they should possess.
How does it work. Defender takes the message, hashes it to get a short digest, then they sign this hash by encrypting it with their private key. This encrypted hash is the digital signature attached to the message and verification. Anyone can verify it using the sender's public key. The receiver decrypts the signature using the sender's public key. This recovers the original hash as computed by the sender. They also independently compute the hash of the message they received.
If the two hashes match.
Then it's verified exactly.
It proves the message hasn't been altered since signing integrity, and it proves it was signed by the owner of that private key. Authentication and non repudiation.
So private key signs public key verifies opposite of public key and encryption correct.
We saw dsa digital signature algorithm mentioned based on discrete logs and RSAPSS. A more modern probabilistic scheme for RSA signatures that adds randomness for better security uses something called a mass generation function MGF. Yeah, hash based signatures like lamport signatures exist too, though less common for general use. They have different properties like being potentially resistant to quantum computers.
Okay, all this crypto realizes on keys. Key management and distribution sounds like a major headache, especially for symmetric keys.
It's a huge challenge. How do you securely get that shared secret key to everyone who needs it without it being intercepted? Physical delivery trusted couriers doesn't scale well if you have a large group managing individual keys between every pair becomes unmanageable and non two keys. Yeah. This leads to ideas like key.
Hierarchies, key hierarchies.
Yeah, you might have a masterp that's protected very carefully. This master key is used only to encrypt other keys, maybe session keys or key encryption keys kyks, which are then used for actual data encryption. Limits the exposure of the most critical key.
How does public key crypto help distribute symmetric keys.
It provides a great solution. If Alice wants to communicate securely with Bob using fast symmetric encryption, she can generate a temporary symmetric session key, Then she encrypts that session key using Bob's public key.
Ah.
She sends this encrypted session key to Bob only Bob with his private key, can decrypt it. Now, Alice and Bob share a symmetric langing key they can use for their conversation.
But you need to trust the public key absolutely.
If Mallory can trick Alice into using Mallory's public key instead of Bob's a man in the middle attack, then Mallory can decrypt the session key. So authenticating the public key.
Is vital, which brings us to distributing public keys. How's that done? Safely?
Several ways? Simplest is just public announcement here's my key, but very vulnerable to forgery. You could use a trusted third party like a key distribution center KDC, but everyone has to trust the KDC. The most common approach now is public key.
Certificates like digital ID cards.
Essentially, yes, a certificate binds a public key to an identity like a person or a website. It contains the public key, information about the owner, validity period, et cetera, and it's all digitally signed by a trusted certification authority or CAA.
So you trust the CAA, therefore you trust the key in the certificate.
That's the idea we saw X point five zero nine mentioned that's the standard format for these certificates. They list key elements like version, serial number, issuer, subject, public key info, validy period, and the CAA signature.
And this whole system of CAAs and certificates is the public key Infrastructure PKI.
Exactly. PKI is a whole ecosystem, the CAAs policies, procedures software for managing these digital certificates throughout their life cycle, creation, distribution, revocation, et cetera. It's how we establish trust in public keys online. Sometimes you see certificate chains where one CAA certifies another leading back to a trusted root CAA okay.
Establishing secure sessions often need specific protocols, like for key exchange. What's important there?
The main goal is for two parties to securely agree on a temporary secret key, a session key for symmetric encryption. We already saw how basic public key encryption of a session key can be vulnerable to man in the middle attacks if the public key isn't authenticated.
So protocols need to prevent that.
Yes, good key establishment protocols often involve challenges nonss. Those numbers use only once to prevent replay attacks, and ways to authenticate the parties involved, perhaps using long term keys or certificates, or involving trusted third parties. They need to be carefully designed to resist various clever attacks.
Okay, let's shift to user authentication verifying identities online.
Basic principles, authentication is confirming someone is who they claim to be. Usually two steps. Identification user says who they are look a username, and verification user proves it like with a password, fingerprint, or a key. Digital authentication uses digital means for that verification step.
How can symmetric encryption be used for remote authentication?
Often through challenge response protocols. The server sends a random challenge like a random number to the client. The client encrypts that challenge using a secret key they share only with the server. Huh. The client sends the encrypted response back. The server, knowing the shared key, decrypts the response if it matches the original challenge. The server knows the client possesses the secret key, thus authenticating them without sending the key itself over the network.
And asymmetric encryption for authentication.
Usually involves digital signatures and certificates. A client might sign a challenge from the server using their private key. The server verifies the signature using the client's public key obtained from their certificate. This can be one way server authenticates client or mutual they both authenticate each other.
Kerberos was mentioned widely used, especially in corporate networks.
Very widely used. Cordero's uses a trusted third party, the Key Distribution Center KDC, and symmetric key crypto. It avoids sending passwords across the network in plaintext.
How does it work?
Roughly, a user logs in authenticates once to the KDC. The KDC gives them a special encrypted ticket called a Ticket Granting Ticket PGT. When the user wants to access a network service like a file server, they present the TGT to the kdc's Ticket Granting Service PGS and request a service ticket for that specific service. The TGS gives them an encrypted service ticket. The user presents this ticket to the actual service, proving they've been authenticated by the KDC.
Versions four and five to find the details. It also supports inter realm authentication connecting different Carbero's domains.
What about federated identity management sounds useful?
It is. It lets users use one set of credentials, like one log in to access services across multiple different organizations or domain that trust each.
Other single sign on across different websites.
Essentially, yes, yes, you authenticate once with your home identity provider and then other service providers in the federation trust that authentication saves users from managing dozens of passwords and improve security if done right.
Okay, let's move down the stack to transport level security TLS SSSL SSH. What security do they provide?
TLS Transport layer security, the successor to SSL, is a foundation for HTTPS. It provides secure communication between two applications over a network, usually TCP key goals confidentiality, encryption, integrity, detecting tampering, and often authentication verifying server identity sometimes client identity.
SSH SSH secure show is mainly for secure remote log in and command execution, plus secure file transfers SFTP and tunneling similar goals confidentiality, integrity, and server authentication.
What's the basic architecture of TLS.
It's layered at the bottom is the TLS Record protocol. It handles fragmentation, optional compression, encryption, and adds a may see for integrity to the application data.
Okay, I above that.
Above that set several protocols. The most important is the TLS handshake protocol. This is where the client and server negotiates security parameters, exchange certificates, and establish the shared secret keys for this session. There's also a change cipherspect protocol to signal when the negotiated parameters become active, and an alert protocol for.
Errors That handshake sounds critical. What are the main steps?
It's a back and forth conversation. Starts with a client Hello, TLS version, supported random number, list of cipher suites.
The client likes cipher suites like combinations of algorithms.
Exactly encryption algorithm, key exchange method MAC algorithm. The server responds with the server Hello, chosen version, chosen cipher suite, its own random number, and crucially, its digital certificate.
Usually so the client can verify the server's identity right right.
The server might also requests the client certificate if client authentication is it then comes the key exchange phase using RSA, Diffie, Hellman or newer methods based on the chosen cyphersuite, where they securely agree on a shared pre master secret okay. This pre master secret is used to derive the actual symmetric encryption keys and MBank keys for the session. Finally, both send encrypted finished messages to confirm the handshake work, and they derive the same keys.
Complex stance and SSH. How does it set up its secure channel?
SSH also has layers. A transport layer protocol handles server authentication, usually via host keys. The client checks, negotiates encryption integrity algorithms, and performs the key exchange, often Diffie Hellman. Once the secure channel is up, a user authentication protocol verifies the client user password, public key, etc. Then the connection protocol multiplexes different logical channels shale session file transfer over that encrypted tunnel.
Let's switch to wireless network security Wi Fi? What makes it inherently risky?
Broadcasting over the air radio waves go everywhere, easily intercepted by anyone nearby, so main risks eavesdropping, message alteration or injection, and denial of service. The client, the access point, the airwaves all potential points of attack.
So how do we protect Wi Fi? WPA two WPA three right.
The IE eighth two point one one I standard defines modern Wi Fi security, implemented as WPA two and the newer stronger WPA three. They provide key capabilities, strong authentication, making sure only authorized devices join confidentiality using robust encryption like AES and integrity preventing data tampering.
How does authentication work?
Often uses ie A two point one X and EAP Extensible Authentication Protocol. This allows different authentication methods, often involving a central authentication server, especially in enterprise networks. For home networks, WPA two WPA three personal uses a pre shared key, the Wi Fi password. WPA three improves on WPA two with stronger key exchange and protection against offline dictionary attacks.
What about simpler things like hiding your network name SSID? Does that help?
It adds a tiny bit of obscurity, maybe deters casual snooping, but it's not real. Security tools can easily discover hidden SSIDs, same with changing the default SSID name or maybe reducing transmitter power. They're minor hurdles, not replacements for strong WPA two WP three encryption with a strong unique password.
Mobile device security, phones, tablets unique challenges there.
Definitely, they're portable, easily lost or stolen. They connect to untrusted networks frequently. They often mix perfonal and work data key threats unauthorized data access, communication interception malware using a compromise device to attack corporate networks. Security policies need to assume devices can be compromised and address both company owned and personal biod devices.
Okay. Electronic mail security SMAAM, SPF, d KIM making email safer.
Yeah. Email was originally designed without much security. Sm provides end to end security for the email content. It uses public key crypto for confidentiality, encryption using enveloped data format and integrity authentication Digital signatures using signed data format needs certificates.
What about preventing email spoofing fake sender addresses?
That's where SPF and d KIM come. In SBFS sender Policy framework, let's domain owners publish a list of servers authorized to send email for their domain. Receiving source can check this list okay and DKEM DKIM doing keys. Identified mail adds a digital signature to outgoing emails tied to the sending domain. Receiving servers can verify the signature using a public key published in the domain's DNS records helps confirm the email originated from that domain and wasn't altered.
And DN using DNSAC.
DAN DNS based authentication of named entities leverages the security of dnssec secure DNS to help validate certificates. It allows domain owners to publish information in DNS about the expected certificates for their services, like TLS for mail servers or seranim certificates. This can help detect man in the middle attacks trying to present fake certificates just quickly.
The basic email architecture MUA's MTS.
MUA's mail user agents are your email clip Alliance Outlook webmail. MTA's message transfer agents are the mail servers that relay messages using SMTP Simple Mail Transfer Protocol. Users retrieve mail from servers using protocols like IMP or POP. DNS is used to find the right MTAs for a domain.
Okay, let's dive into IP security ip SC securing things at the network layer.
Yes, IPsec operates at layer three. It provides a framework for secure IP communication, confidentiality, integrity authentication between hosts or between network gateways.
Like VPNs, use a Security Associations says fundamental concept.
NSA is a one way logical connection defining the security services protocols, algorithms keys between two communicating entities. For two way traffic, you usually need two essays, one in each direction. Each SSAY has a unique identifier called the Security Parameter's Index SPI, and.
The main ip SC protocols are AH and EESP.
Correct AH authentication header provides integrity and authentication for the entire IP pack including parts of the header, but no encryption. It protects against campering and spoofing. ESP encapsulating security payload provides confidentiality by encrypting the IP payload. It can also optionally provide integrity and authentication for the payload, but generally not the outer ipheader. You can use ESP just for encryption, or for both encryption and integrity authentication.
Transport mode versus tunnel.
Mode transport mode secure traffic directly between two end hosts. The IPsec header is inserted between the original ipheader and the payload, good for host to host. Security tunnel mode encapsulates the entire original IP packet inside a new IP packet with IP six protection. The original packet becomes the payload of the new outer packet. This is used typically between gateways like firewalls or routers to create a secure
VPN tunnel across an untrusted network like the Internet. Traffic between networks protected by the gateways goes through the tunnel. You can also combine essays like using both AH and ESP in what's called an SA bundle.
And setting up these s is done by IKE. Internet Key Exchange.
Yes. IKE versions one and two is the protocol used to negotiate the IPS essays. It handles authentication of the peers, negotiation of cryptographic algorithms, and generation and exchange of the secret keys used by AH and ESP. It's quite complex, involving multiple phases and message exchanges.
Okay, Moving up network Perimeter security firewalls, intrusion detection systems IDs. What's the firewall's main job?
A firewall is like a gatekeeper for your network. It sits at the perimeter and inspects incoming and outgoing traffic, blocking anything that doesn't meet the configured security rules. Controls access different types.
Packet filtering Yes.
Basic packet filters look at packet headers source to destination IP ports and make simple allowed made decisions based on rules. Stateful firewalls are smarter. They track the state of connections so they can allow return traffic for connections initiated from inside. For example, application level gateways proxies understand specific application protocols like HTTP, FTP and can force much more granular policies.
We saw an example rule and its weakness.
Yeah, simple packet filters might just allow traffic to say port eighty standard web without really knowing if it's legitimate Web traffic. Stateful and application gateways provide better security. Often networks use a DMZ demilitarized zone a DMZ a separate network segment between the internal network and the Internet. You
put public facing servers web email in the DMZ. They're accessible from the Internet, but traffic from the DMZ to the internal network is heavily restricted by another firewall layer protects the internal network. If a DMZ server gets compromised.
How do IDs fit in with firewalls?
Firewalls prevent IDs is detect an IDs monitors network traffic or host activity, looking for signs of malicious behavior or policy violations that might have gotten past the firewall or originated internally.
How did they detect things?
Signatures that's a common method. Signature based detection looks for known patterns, specific byte sequences and packets, screen signatures, connections to known malicious ports, ports signatures, weird header combinations, header conditioned signatures that match known attacks.
Network based versus host based.
NIDS network IDs watches traffic on a network segment. HIDS host IDs runs on individual computers, monitoring system calls, logs, file changes. IDs can also use anomaly detection, looking for deviations from normal behavior, though that can have more false positives. They might try to detect things like d DOS attacks by looking for unusual traffic volumes.
Cloud computing security new challenges.
There definitely different models public private, hybrid and services sauce pause IAS means shared responsibility and less direct control for the customer. Key concerns, data breaches, often due to misconfiguration by the customer. Weak identity and access management insecure APIs system vulnerabilities in the cloud platform itself, DOS attacks, malicious insiders at the provider. Trusting your provider and understanding their security practices is crucial.
Cloud security as a service is also a thing.
Yeah, outsourceing security functions like identity management, SIME, security, information at event management, et cetera to specialized cloud security providers.
And finally IoT security. Lots of small connected devices problems big problems.
Devices are often resource constrained. Low power memory CPU makes running traditional security difficult. Huge diversity devices long life cycles often in frequent updates, and many IoT devices interact with the physical world, so security failures can have physical consequences.
So what are the goals and how to achieve them?
Goals are protecting the device itself, protecting the data, maintaining functionality. Lightweight cryptography is key crypto algorithms designed specifically for these constrained environments, like sci fash for ms mentioned in the sources. Secure communication needs to handle things like broadcast traffic and replay attacks efficiently. Protocols like MINISECU and minisec B were mentioned, using techniques like time based nonzs or bloom filters for lightweight security.
One last thing the appendix mentioned perfect secrecy.
What's that Perfect secrecy is a theoretical ideal. It means that ciphertext reveals absolutely zero information about the plaintext. Knowing the cyphertext doesn't change the probabilities of what the plaintext might have been.
Achievable only by.
The one time pad, which, as we said, is impractical. It requires a truly random key as long as a message used only once. Most crypto aims for computational security, not perfect secrecy. Information theory gives formal ways to measure information and secrecy. Other metrics like forward unpredictability are important for things like prng's knowing past output doesn't help predict future output.
Wow, we have definitely covered a massive amount of ground today. Cryptography, network security. It's a huge field.
It really is, and constantly changing too. It's what keeps our digital interactions well somewhat trustworthy.
Yeah, and what strikes me is how these seemingly abstract mathematical ideas like factoring being hard or discrete logarithms directly translate into protecting everyday things like online banking or secure messaging.
Absolutely or even things like that format preserving encryption, the cleverness needed to make encrypted data still fit old systems. It's quite a genius.
Definitely. Hopefully this deep dive has maybe sparked some more questions for you listening, like how are quantum computers going to affect all this?
That's a big one, a huge one. Research into post quantum cryptography is incredibly active right now, trying to find algorithms resistant to quantum.
Attacks, or maybe you're thinking more practically, how can you or your organization actually implement these things better?
Right if you want to go deeper exploring the standards, we mentioned from nist iee IETF is a great start. Or pick one algorithm like AES or RSSA, or one protocol like TLS or ip sec and really dig into how it works.
Yeah, lots to explore.
Well, thank you for joining us on this deep dive. We really hope it's given you a solid foundation and maybe a new appreciation for the intricate and vital world of security that holds our digital society together.