Cryptology and Number Theory

Assoc. Prof. Fatty M. Salem

• Course Title : Cryptology and Number Theory

• Course Code: C-MA425

• Credit Hours: 4 credit hours

• Prerequisites : Computational Linear Algebra

• Instructor: Assoc. Prof. Fatty M. Salem

Instructor and TA

• Instructor:
• Assoc. Prof. Fatty M. Salem
• Associate Professor, Faculty of Computing and Information
Sciences, Egypt University of Informatics
• Email: [email protected]
• Office Hours: Sunday 2 pm - 4 pm
• TA:
• Eng. Ahmed Sherif ([email protected])
Course Syllabus
Reference

 William Stallings. Cryptography

and Network Security: Principles
and Practice, Pearson; 8th
edition (June 6, 2022).
 Teaching and Learning Style
• Lectures
• Theoretical aspects will be covered in details
• Examples/problems are solved
• Questions are posed and you need to reflect and answer them
• Your questions are answered
• Tutorials
• More examples and problems are solved
• Your questions are answered
• Labs
• Hands on experiments
 Classroom Policy

7
Course Description and Learning
Outcomes
Course Description
• This course provides an introduction to
• The security services, attacks and tools
• The Symmetric and Asymmetric encryption algorithms.

• Topics covered include:

• The security services, attacks and tools,
• Classical Symmetric Encryption,
• Modern Symmetric Encryption,
• Modes of Operations,
• Asymmetric Encryption,
• and Hash Functions.

9
Learning Objectives
• By the end of this course, students will develop the ability to:
• Analyze the different types of encryption algorithms.
• Evaluate the performance of both symmetric key and public key
techniques.
• Examine the cryptographic strength.
• Design a security system.

10
Course Contents
Contents
 Introduction
 Classical Symmetric Encryption
 Modern Symmetric Encryption
 (Simple DES & DES)
 Double DES and Triple DES
 Advanced Encryption Standard
 Modes of Operations
 Types of Cryptanalytic Attacks
 Numbering Theory
 Public Key Encryption
o RSA
o ElGamal Encryption
 Hash Functions and MAC
 Key Exchange
 Key Management
 Digital Signature Standard
Grading Scheme
Grading Scheme

Item Grade
Quizzes 10%
Tutorial and Lab Exercises 5%
Assignments 5%
Project 5%
Midterm 15%
Final 60%

14
Policies
• Academic Honesty
• Cheating is not tolerated; any cheating case will result in a zero score for
all students involved
• Examples of cheating:
• Copying the work of others
• Obtaining assignment solution from online sources
• Seeking help from, or providing help to other students on course work before it
is due for submission
INTRODUCTION
Definitions
• Plaintext: easy to understand form (original message).
• Ciphertext: difficult to understand form.
• Encryption: encoding (plaintext -> ciphertext).
• Decryption: decoding (ciphertext -> plaintext).
• Cryptology: study of encryption, the art and science of hiding the
meaning of a communication message from unintended recipients.
It encompasses both cryptanalysis and cryptography.
• Cryptography: use of encryption.
• Cryptanalysis: breaking encryption, the difficulty in recovering the
plaintext from the ciphertext as measured by cost or time”.
 Computer Security Concepts

Services Attacks Mechanisms

Services:
• Authentication
• Confidentiality
• Integrity
• Non-repudiation
• Availability
• Access Control
 Security Services

• Authentication: assurance that the communicating

entity is the one claimed.

• Confidentiality: protection of data from unauthorized

disclosure.

• Integrity: assurance that data received is as sent by an

authorized entity
 Security Services

• Non-Repudiation: protection against denial by

one of the parties in a communication.

• Availability: ensuring that authorized parties are

able to access the information when needed.

• Access Control: prevention of the unauthorized

use of a resource.
Attacks
Attacks

• Normal Flow
Attacks
• Interception

• Modification
Attacks
• Fabrication

• Interruption (DoS)
Attacks
• Replay Attack
Attacks
• Traffic Analysis
Attacks

Attacks on Confidentiality Attacks on Integrity

Attacks on Authentication Attacks on Availability

 Security Attacks

• Interception: This is an attack on confidentiality

• Modification: This is an attack on integrity
• Fabrication: This is an attack on authenticity
• Interruption: This is an attack on availability
 Active and Passive Attacks

Security Attacks

Attack:
Active Attack Passive Attack
 Active and Passive Attacks
Passive Attacks
• The main goal of a passive attack is to obtain unauthorized access
to the information. For example, actions such as intercepting and
eavesdropping on the communication channel can be regarded as
passive attack.
• These actions are passive in nature, as they neither affect
information nor disrupt the communication channel. A passive
attack is often seen as stealing information.
 Active and Passive Attacks
Passive Attacks
 Active and Passive Attacks
Active Attacks
- An active attack involves changing the information in some way by
conducting some process on the information. For example,
• Modifying the information in an unauthorized manner.
• Initiating unintended or unauthorized transmission of information.
• Alteration of authentication data such as originator name or
timestamp associated with information
• Unauthorized deletion of data.
• Denial of access to information for legitimate users (denial of
service).
 Active and Passive Attacks
Active Attacks
Passive Attack Active Attack

Active Attack Active Attack

Active Attack Passive Attack

 Active and Passive Attacks

Security Attacks

Active Attacks: Passive Attacks:

-Fabrication -Interception
-Modification -Traffic Analysis
-Interruption
-Replay
Cryptanalysis and Brute-Force Attack

• Cryptanalysis: This type of attack exploits the characteristics of

the algorithm to attempt to deduce a specific plaintext or to
deduce the key being used.

• Brute-Force Attack: The attacker tries every possible key on a

piece of ciphertext until an intelligible translation into plaintext
is obtained
Mechanisms
Mechanisms:

Security Mechanisms

Encryption Hash Digital Key

Function Signature Exchange
Encryption:

• Symmetric Encryption
• Asymmetric Encryption
• Hybrid Encryption
 Encryption Equation
• Mathematically:
C = EK1(P) or C = E(K1, P) Encryption
P = DK2(C) or P = D(K2, C) Decryption
• P = plaintext P Ek C

• C = ciphertext K1
K2
• K1 = encryption key
• K2= decryption key C Dk P

• Symmetric encryption k1 = k2=k=secret key

• Asymmetric encryption k1≠k2 but are mathematically
related, k1 private key, k2 public key
• E = encryption algorithm
• D = decryption algorithm
• Both E and D are known to public
Symmetric Encryption
• Alice uses an encryption algorithm and a shared secret key.
• Bob uses a decryption algorithm and the same secret key.
Authentication

Confidentiality
Symmetric Encryption

Ka,b
A B

Ka,c Kb,c

We Need 3 Different
Keys
Symmetric Encryption

We Need 6 Different
Keys
Symmetric Encryption
• Advantages:
- Low complexity.
- Short processing time.
• Disadvantages:
- Large number of keys are required.
For N nodes, we need N(N-1)/2 different key.
- Hard key management.
- Some security services can’t be achieved.