1. Cryptography
Fundamental
Nguyen Ngo, Ninh Dang

2. Agenda
Introduction
 Background
• What ‘s Cryptography?
• Purpose of Cryptography
Methodology
• Key Definition
• Cryptography Methods
• Symmetric Encryption
• Stream Cipher
• Block Cipher
• Mod of Operator
• Padding Scheme
• Code Example
• Asymmetric Encryption
• Hashing
Practical
 Key Exchange
 Digital Signature

3. INTRODUCTION

4. Background

5. What ‘s Cryptography?
Cryptography is the science
of using mathematics to
encrypt and decrypt data.
Cryptography enables you to
store sensitive information or
transmit it across insecure
networks (like the Internet) so
that it cannot be read by
anyone except the intended
recipient.

6. The Purpose of Cryptography
• Authentication: this process to prove the identity of an entity can be
based on something you know, such as a password; something you
have, such as an encryption key or card; something you are, such as
biometric measurements
• Privacy/Confidentiality: information is NOT made available or
disclosed to unauthorized individuals, entities, or processes
• Integrity: This property refers to data that has NOT been changed,
destroyed, or lost in an unauthorized or accidental manner.
• Non-repudiation: Repudiation is the denial by one of the entities
involved in a communication of having participated in all or part of the
communication  Non-repudiation
Authentication : Xác thực người dùng
Confidentiality : Bảo mật thông tin
Integrity : Toàn vẹn dữ liệu
Non-Repudiation : Chống lại sự thoái thác trách nhiệm

7. Key Definition
•Plaintext. •Encryption. •Key.
•Ciphertext •Decryption. •Key space.

8. METHODOLOGY

9. Cryptography Methods
• Symmetric
 Same key for encryption and decryption
 Key distribution problem
• Asymmetric
 Mathematically related key pairs for
encryption and decryption
Public and private keys
Symmetric: Mã hóa đối xứng
Asymetric : Mã hóa bất đối xứng

10. Symmetric Encryption



11. Asymmetric Encryption



12. Symmetric Algorithm
1. Block Ciphers
• Encrypt data one block at a time (typically 64 bits, or 128 bits)
• Used for a single message
2. Stream Ciphers
• Encrypt data one bit or one byte at a time
• Used if data is a constant stream of information
Block Cipher: Mã hóa khối dữ liệu
Stream Cipher: Mã hóa dòng dữ liệu

13. Block Cipher
• Divide input bit stream into n-bit sections, encrypt only that section, no
dependency/history between sections

14. Stream Cipher
Stream Cipher

15. Mod of Operation
Modes of operation is the procedure of enabling the repeated
and secure use of a block cipher under a single key
Mod of Operation Type:
• CBC (Cipher Block Chaining).
• ECB (Electronic Code Book).
• Propagating cipher-block chaining (PCBC)
• Cipher feedback (CFB)
• Output feedback (OFB)
• Counter (CTR)

16. ECB – Electronic Code Book
Disadvantage

17. CBC-Cipher Block Chaining


18. Padding
Each TDES encrypts one block of 64 bits of data.
What ‘s happen if PIN size have 30 bits data length ???
Padding Scheme: fill additional data to consist data block size.
Padding Type:
• Bit padding: Byte padding:
M 1 0…0 M L…L
m bit 1 bit (L – 1) bit m byte L byte

19. Padding PKCS7
Padding is in whole bytes. The value of each added byte is the
number of bytes that are added.

20. Code Example
TDES ENCRYPTION:
public string SimpleTripleDes(string Data)
{
byte[] key = Encoding.ASCII.GetBytes("passwordDR0wSS@P6660juht");
byte[] iv = Encoding.ASCII.GetBytes("password");
byte[] data = Encoding.ASCII.GetBytes(Data);
byte[] enc = new byte[0];
TripleDES tdes = TripleDES.Create();
tdes.IV = iv;
tdes.Key = key;
tdes.Mode = CipherMode.CBC;
tdes.Padding = PaddingMode.PKCS7;
ICryptoTransform ict = tdes.CreateEncryptor();
enc = ict.TransformFinalBlock(data, 0, data.Length);
return ByteArrayToString(enc);
}

21. Code Example
AES ENCRYPTION:
public static string EncryptData( byte[] plainText , byte[] keyBytes )
{
RijndaelManaged rijndaelCipher = new RijndaelManaged();
rijndaelCipher.Mode = CipherMode.CBC;
rijndaelCipher.Padding = PaddingMode.PKCS7;
rijndaelCipher.KeySize = 128;
rijndaelCipher.BlockSize = 128;
rijndaelCipher.Key = keyBytes;
rijndaelCipher.IV = keyBytes;
ICryptoTransform transform = rijndaelCipher.CreateEncryptor();
byte[] cipherBytes = transform.TransformFinalBlock(plainText, 0, plainText.Length);
return Convert.ToBase64String(cipherBytes);
}

22. Asymmetric Algorithm
• A user has two keys: a public key and a private
key.
• A message can be encrypted with the public key
and decrypted with the private key to provide
security.

23. RSA
In RSA, e and n are announced to the
public; d and Φ are kept secret.

24. Strengths of RSA

25. Example RSA
Source Code

26. Hashing
• Hashing is an irreversible process with
no keys, the clear message is the only
input for the hashing process
• Its role is to
ensure the integrity
of a message

27. Hashing

28. Code Example
MD5 ENCRYPTION:
public string CalculateMD5Hash(string input) {
// step 1, calculate MD5 hash from input
MD5 md5 = System.Security.Cryptography.MD5.Create();
byte[] inputBytes = System.Text.Encoding.ASCII.GetBytes(input);
byte[] hash = md5.ComputeHash(inputBytes);
// step 2, convert byte array to hex string
StringBuilder sb = new StringBuilder();
for (int i = 0; i < hash.Length; i++) {
sb.Append(hash[i].ToString("X2"));
}
return sb.ToString();
}

29. PRACTICAL

30. Key Exchange

31. Digital Signature
Creation of
Digitally signature
document
(sender)
Verifying the
digital signature
Digital Signature: Chữ ký điện tử

32. THANK YOU