# Research Topics Cryptography Part 2

## 1. Math Topics
### Probability Review

1. What is the concept of probability and, conditional probability and joint probability in the context of cybersecurity.

* **Probability**:
    Probability is a measure of the likelihood of an event occurring.

* **Conditional Probability**:
    Conditional probability refers to the probability of an event occurring given that another event has already occurred.

* **Joint Probability**:
    Joint probability deals with the likelihood of two or more events happening simultaneously.


### Entropy

1. What is entropy and how is it relevant to cybersecurity?
    * In the context of passwords, entropy measures the randomness and unpredictability of a password. Passwords with higher entropy are considered stronger


2. How can entropy be used to measure the randomness of data?

$$
H(X)=−∑_{i=1} ^{n} P(x_i)⋅log_2(P(x_i))
$$

3. Discuss the relationship between entropy and the strength of cryptographic algorithms.

    * **Key Generation**: Cryptographic algorithms, especially symmetric encryption algorithms, require secret keys for both encryption and decryption processes. These keys need to be generated with a high degree of randomness and unpredictability
    * **Random Number Generation**: Entropy ensures that the random numbers generated are truly random, making it difficult for adversaries to predict or reproduce the keys
    * **Resistance Against Cryptanalysis**:Cryptanalysis techniques often rely on patterns and predictability within the data


### Spurious Keys and Unicity Distance

1. What are spurious keys and how can they impact the security of cryptographic systems?
    * Spurious keys, also known as weak keys or degenerate keys, are specific keys in a cryptographic algorithm that result in encryption or decryption operations that are not secure
    * might cause encryption algorithms to produce ciphertexts that are highly predictable
    * spurious keys reduce the effective key space. A smaller key space means fewer possible keys to test during a brute-force attack

2. Explain the concept of unicity distance and its significance in cryptography.
    * minimum amount of ciphertext data needed for an attacker to uniquely determine the key used in an encryption scheme
    * the unicity distance should be much larger than the typical message size. If the unicity distance is smaller than the average message length, it implies that the encryption system is not secure because an attacker can recover the key
    * The unicity distance has a direct connection to the security of one-time pads, which are theoretically unbreakable if the key is truly random, used only once, and as long as the message

3. How can the knowledge of spurious keys and unicity distance help in designing more secure cryptographic algorithms?

Understanding spurious keys avoids predictable patterns; knowing unicity distance guides key length, enhancing cryptographic algorithm resistance and security.


## 2. Block Ciphers and Stream Ciphers

### The Advanced Encryption Standard (AES)

1. What is AES and why is it considered a widely used symmetric encryption algorithm?
    * AES is a block cipher.
    * The key size can be 128/192/256 bits.
    * Encrypts data in blocks of 128 bits each.

That means it takes 128 bits as input and outputs 128 bits of encrypted cipher text as output. AES relies on substitution-permutation network principle which means it is performed using a series of linked operations which involves replacing and shuffling of the input data.


2. Discuss the key features and characteristics of AES that contribute to its security.
3. How does AES differ from its predecessor, the Data Encryption Standard (DES), in terms of security and performance?

    1. **Key Length**:
    AES: AES supports key lengths of 128, 192, or 256 bits. Longer key lengths enhance security.
    DES: DES uses a fixed key length of 56 bits. This limited key length makes it vulnerable to brute-force attacks with modern computing power.

    3. **Algorithm Structure**:
    AES: AES employs substitution-permutation network (SPN) structure, which enhances diffusion and confusion, crucial elements in encryption algorithms.
    DES: DES uses a Feistel network structure. While Feistel networks are theoretically secure, DES's short key length compromises its security.


## 3. Hash Functions

### Use of Hash Functions in Data Integrity

1. Explain how hash functions are used to ensure data integrity in cybersecurity.

    **Data Verification:**
    Hash functions generate unique hashes for different inputs. By comparing the hash of received data with the original hash of the data (computed and sent separately), one can verify if the data has been tampered with during transmission
    Digital Signatures:
    **Digital signatures**
    A hash of the message is encrypted with a private key. The recipient, using the sender's public key, can decrypt and obtain the hash. If the hash matches the hash of the received message, it verifies both the origin (because of the private key) and the integrity of the message.

    **Password Storage:**
    Hash functions are used to securely store passwords. Instead of storing the actual password, systems store the hash of the password. During login, the system hashes the entered password and compares it to the stored hash. This way, even if the stored hashes are compromised, attackers don't immediately gain access to user passwords.

    **Checksums in Network Communication:**
    Checksums, which are hash values, are often used in network communication to ensure the integrity of transmitted data packets. Receivers calculate the hash of received packets and compare them with the transmitted checksums. If they match, the data is assumed to be intact.

    **File Integrity Checking:**
    Hash functions are used to create checksums (or hash values) of files. Users can later recompute the hash of the downloaded file and compare it to the provided hash to ensure the file's integrity. This is often used in software downloads to confirm that files have not been corrupted or tampered with.

    **Blockchain Technology:**
    In blockchain systems, each block contains a hash of the previous block. This creates a chain of blocks, and changing the data inside any block would require changing the hash of that block and all subsequent blocks. This makes the blockchain resistant to tampering and ensures data integrity.

    
2. Discuss the role of hash functions in detecting data tampering and unauthorized modifications.
3. How can hash functions be employed to verify the integrity of digital signatures?

### Security of Hash Functions

1. What are the potential vulnerabilities and attacks that can compromise the security of hash functions?


    **Collision Attacks**:
    Definition: A collision occurs when two different inputs produce the same hash value.
    Impact: Attackers can substitute malicious data for legitimate data without detection, compromising integrity and authentication.

    **Preimage Attacks:**
    Definition: Given a hash value, finding any input that produces that specific hash.
    Impact: Attackers can reverse-engineer hashed passwords or other sensitive data, leading to unauthorized access

    **Second Preimage Attacks:**
    Definition: Given an input and its hash value, finding a different input that produces the same hash.
    Impact: Attackers can alter data (e.g., malware) to have the same hash as legitimate files, leading to undetected changes.

    **Length Extension Attacks:**
    Definition: Extending the hash value without knowing the original input.
    Impact: Attackers can append data to a hashed message without knowing the message content, leading to false authentication.

    **Side-Channel Attacks:**
    Definition: Exploiting physical implementation aspects (e.g., timing, power consumption) to gain information about the hash function.
    Impact: Allows attackers to deduce sensitive information, potentially leading to the compromise of hashed data.

    **Algebraic Attacks:**
    Definition: Utilizing mathematical properties of the hash function to find collisions or other vulnerabilities.
    Impact: Can lead to efficient methods of finding collisions, violating the integrity and authenticity of hashed data.

2. Describe the properties that a secure hash function should possess.

    CRUSH properties, which stand for Collision-Resistance, Uniqueness, Second Preimage Resistance, and Hide the Original Data
    - Computationally infeasible to find two different inputs that produce the same hash value.
    - Given a hash value, it should be computationally infeasible to find any input that produces that specific hash
    - Given an input and its hash value, it should be computationally infeasible to find a different input that produces the same hash
    - A small change in the input data should result in a significantly different hash value.
    - The hash function should not leak information about its internal state, preventing attackers from extending the hash value without knowing the original input.
    - The hash function should be computationally efficient to compute the hash value for any input.
    - The hash function should not leak information through physical implementation aspects, such as timing or power consumption.

3. Discuss the importance of collision resistance in hash functions and its impact on cybersecurity.

### Message Authentication Codes (MAC)

1. What is a Message Authentication Code (MAC) and how does it provide data integrity and authentication?
    Short piece of information that can be added to a message.

    technique used to verify the integrity and authenticity of a message 
    It is generated using a secret key and the message's content

    $$
    key (MAC = Hash(Message + Secret Key)).
    $$

    If the recalculated MAC matches the received MAC, the message hasn't been tampered with during transmission.


2. Explain the process of generating and verifying MACs using hash functions.


 ![alt text](https://upload.wikimedia.org/wikipedia/commons/thumb/0/08/MAC.svg/661px-MAC.svg.png)


3. Discuss the advantages and limitations of MACs compared to digital signatures in cybersecurity.

Note: The questions provided above are meant to guide students in their research and learning process. They can be used as a starting point for further exploration of the respective topics.

```python

```

In [2]:
from cryptography.hazmat.primitives import hashes, hmac
key = b'test key. Beware! A real key should use os.urandom or TRNG to generate'
h = hmac.HMAC(key, hashes.SHA256())
h.update(b"message to hash")
signature = h.finalize()
signature

b'k\xd9\xb29\xefS\xf8\xcf\xec\xed\xbf\x95\xe6\x97X\x18\x9e%\x11DU1\x9fq}\x9a\x9c\xe0)y`='

In [3]:

# d = 0
# while ((d * 135) % (16*22) != 1):
#     d = d+1
# print(d)

(279 * 135) % (16*22)

1