# CMP 5006 - Information Security 


## Foundations of Cryptography:
### Comprehensive Introduction to Cryptographic Principles


### Alejandro Proano, PhD. 

## What is Cryptography?
- **Definition:** The science of securing communication
- **Root Etymology:**
  * Greek: "kryptos" (hidden)
  * "graphein" (writing)
- **Core Purpose:** 
  * Confidentiality
  * Integrity
  * Authentication
  * Non-repudiation 

## Why Cryptography Matters
- **Protection Against:**
  * Unauthorized Access
  * Data Theft
  * Espionage
- **Critical in:**
  * Financial Transactions
  * Military Communications
  * Personal Privacy
  * Digital Communication
- **Economic Impact**
  * Cybercrime Prevention
  * Data Protection Compliance


## Basic Cryptographic Terminology
### Key Fundamental Concepts
- **Plaintext**: 
  * Original, readable message
  * Unencrypted information

- **Ciphertext**: 
  * Encrypted, unreadable message
  * Transformed from plaintext

- **Encryption**: 
  * Process of converting plaintext to ciphertext
  * Uses cryptographic algorithm
  * Requires encryption key

- **Decryption**: 
  * Reverse process of encryption
  * Converts ciphertext back to plaintext
  * Requires correct decryption key

- **Communication Parties**:
  * Sender
  * Receiver
  * Eavesdropper


## Confidentiality
### What is Confidentiality?
- **Definition**: Ensuring that information is accessible only to authorized parties
- **Key Mechanisms**:
  - Encryption
  - Access Controls
  - Data Masking
### Encryption Techniques
- Symmetric Encryption
- Asymmetric Encryption
- Hybrid Encryption Methods

### Example Scenarios
- Secure email communication
- Protected financial transactions
- Confidential corporate communications



## Integrity
### Understanding Data Integrity
- **Definition**: Maintaining and assuring the accuracy and consistency of data
- **Core Components**:
  - Detecting unauthorized modifications
  - Ensuring data remains unaltered
  
### Integrity Protection Mechanisms
- Cryptographic Hash Functions
- Digital Signatures
- Checksums
- Message Authentication Codes (MACs)

### Practical Examples
- Verifying downloaded software
- Ensuring email content hasn't been tampered with
- Validating system configurations



## Authentication
### What is Authentication?
- **Definition**: Verifying the identity of a user, system, or entity
- **Authentication Methods**:
  - Something you know (passwords)
  - Something you have (security tokens)
  - Something you are (biometrics)
### Authentication Protocols
- Multi-factor Authentication
- Challenge-Response Mechanisms
- Public Key Infrastructure (PKI)

### Real-world Applications
- Login systems
- Network access control
- Secure communication channels

## Non-Repudiation
### Understanding Non-Repudiation
- **Definition**: Preventing an entity from denying previous commitments or actions
- **Key Characteristics**:
  - Providing proof of origin
  - Ensuring accountability
  - Creating irrefutable evidence
### Implementation Techniques
- Digital Signatures
- Timestamping
- Blockchain Technology
- Secure Logging Systems

### Practical Use Cases
- Legal contracts
- Financial transactions
- Electronic voting systems


## Interconnection of Principles
### How These Principles Work Together
- **Holistic Security Approach**
- **Layered Defense Strategy**
- **Complementary Protection Mechanisms**

### Integrated Security Model
```
[Confidentiality] → [Integrity] → [Authentication] → [Non-Repudiation]
```


## Historical Context of Cryptography
- **Ancient Civilizations**
  * Egyptian Hieroglyphs (1900 BCE)
  * Spartan Scytale (5th Century BCE)
- **Military Communications**
  * Caesar Cipher (100 BCE)
  * World War Encryption Techniques
- **Technological Evolution**
  * Mechanical Encryption Machines
  * Enigma (World War II)
  * Modern Digital Encryption


## Classical Encryption Techniques
### What are Classical Ciphers?

- **Definition**: Manual encryption techniques used before computer era
- **Characteristics**:
  - Simple algorithmic approaches
  - Primarily manual encryption/decryption
  - Limited complexity
  - Educational value in understanding cryptographic principles



## Classical Encryption Techniques
### Historical Encryption Methods
1. **Substitution Ciphers**
   * Caesar Cipher
   * Shift letters in alphabet
   * Simple but vulnerable

2. **Transposition Ciphers**
   * Rearrange letters/characters
   * Scytale Technique
   * More complex than substitution

3. **Polyalphabetic Ciphers**
   * Vigenère Cipher
   * Multiple substitution alphabets
   * Increased complexity


## Caesar Cipher Demonstration
### Practical Example
- Shift letters by fixed positions
- Example: Shift 3 positions
  * A → D
  * B → E
  * C → F

### Encryption Process
```
Plaintext:  HELLO
Shift:      3
Ciphertext: KHOOR
```


## Rail Fence Cipher Example
#### Original: ATTACKATDAWN
```
Encryption Process:
A   C   D
 T A K T O N
  T   A   W
```
- **Zigzag Pattern**
- **Read Row by Row**
- **Result**: ACDTAKTONTAW


## Limitations of Classical Techniques
- **Vulnerable to:**
  * Frequency Analysis
  * Pattern Recognition
  * Brute Force Attacks

- **Modern Cryptography Advances:**
  * Complex Mathematical Algorithms
  * Large Key Spaces
  * Computational Complexity
