Cybersecurity Final Exam Notes
Monday, 27 January, 2025 6:34 PM
Topic 9,11,12,13
Topic 9 - Cryptography (Essential Content)
Introduction to Cryptography
Cryptography is the practice of securing communication and information through the use of mathematical algorithms. It
ensures confidentiality, integrity, authenticity and non-repudiation of data.
Encryption Algorithms: 2 Classes - Asymmetric and Symmetric Encryption
Symmetric vs. Asymmetric Encryption
Symmetric Encryption
Definition Uses the same key for both encryption and decryption
Examples AES (Advanced Encryption Standard):
- Key Lengths: 128,192, or 256 bits
- Fast and secure; recommended for bulk data encryption (e.g., VPN traffic)
3DES (Triple DES):
- Applies DES encryption three times
- Known as legacy algorithm, so it is slower and less secured compared to
AES
SEAL:
- Stream cipher with low CPU usage, used as a faster alternative.
Types of Ciphers: - Block Cipher: Encrypts data in fixed blocks (e.g., AES with 128-bit blocks).
- Steam Cipher: Encrypts data one bit or byte at a time (e.g., SEAL)
Asymmetric Encryption: Get back to this part later and learn all the examples
Definition Uses a pair of keys: a public key for encryption and a private key for decryption (vice
versa)
Key Features - Solves the key distribution problem
- Slower than symmetric encryption (due to complexity in algorithms, larger key sizes,
performance overhead, network latency and the way they are implemented in secure
communications)
Examples RSA (Rivest-Shamir-Adleman):
- Key lengths: 512 to 2048 bits
- Commonly used in HTTPS, digital signatures.
- One of the first public key cryptosystems and widely used for secure data
Quick Notes Page 1
, - One of the first public key cryptosystems and widely used for secure data
transmission based on the current difficulty of factoring very large numbers.
Diffie-Hellman:
- Securely exchanges keys over an untrusted network.
- Enable two parties to generate a shared secret without prior communication
- Key length 512 to 4096 bits
Elliptic Curve Cryptography (ECC):
- Smaller key sizes, suitable for resource-constrained environments like IoT
- Has equivalent security compared to RSA
- Widely used in cryptocurrencies and blockchain technologies; increasingly
popular for securing mobile devices and IoT due to efficiency.
*Symmetric is faster but less flexible for secure key exchange, while asymmetric is slower but solves key distribution issues
More notes about asymmetric encryption:
Long definition: Asymmetric encryption is a cryptographic technique that uses a pair of keys for encryption and decryption: a
public key and a private key. Each user generates their own key pair, allowing secure communication without the need to
share a secret key beforehand. This method enhances security by ensuring that even if someone intercepts the public key,
they cannot decrypt the messages without access to the corresponding private key.
Key Properties:
1. Public Key: This key can be shared openly. Anyone can use it to encrypt a message intended for the key holder.
2. Private Key: This key must be kept secret and is used to decrypt messages that were encrypted using the corresponding
public key. Only the key holder has access to this key.
3. Confidentiality: Ensures that only the intended recipient can read the encrypted messages.
4. Non-repudiation: The sender cannot deny having sent the message, as only the sender would have the private key
needed to sign the message.
Advantage:
1. Secure Key Exchange: Enables users to communicate securely without the need to share a secret key, thus preventing
potential eavesdropping during key distribution.
2. Simplified Key Management: Unlike symmetric encryption, where the same key is used for encryption and decryption,
asymmetric encryption streamlines key management since the public key can be shared openly.
Real world applications:
- Used in secure messaging apps (e.g., Whatsapp)
- Digital signatures for blockchain transactions
- Secure authentication for IoT devices
Diffie-Hellman (basic/pioneer example of asymmetric encryption)
Diffie-Hellman (DH) is a widely used cryptographic protocol that allows two parties to securely establish a shared secret key
over an insecure communication channel.
Basic Concept:
Diffie-Hellman is based on the mathematical principles of modular arithmetic and the difficulty of calculating discrete
logarithms. The protocol enables two parties (commonly referred to as Alice and Bob) to agree on a shared secret key that is
used for symmetric encryption, without ever directly exchanging that key.
Key Agreement Process:
1. Select Public Parameters:
- Both parties agree on two large prime numbers:
- A prime number p (the modulus)
- A base g (the generator), which is a primitive root modulo p
1. Generate Private Keys:
- Each party generates a private key:
- Alice chooses a private key a.
- Bob chooses a private key b.
- These private keys are kept secret and are not shared with anyone.
1. Calculate public keys
- Each party calculates their corresponding public key using the agreed-upon parameters:
- Alice computes her public key A
Quick Notes Page 2
Monday, 27 January, 2025 6:34 PM
Topic 9,11,12,13
Topic 9 - Cryptography (Essential Content)
Introduction to Cryptography
Cryptography is the practice of securing communication and information through the use of mathematical algorithms. It
ensures confidentiality, integrity, authenticity and non-repudiation of data.
Encryption Algorithms: 2 Classes - Asymmetric and Symmetric Encryption
Symmetric vs. Asymmetric Encryption
Symmetric Encryption
Definition Uses the same key for both encryption and decryption
Examples AES (Advanced Encryption Standard):
- Key Lengths: 128,192, or 256 bits
- Fast and secure; recommended for bulk data encryption (e.g., VPN traffic)
3DES (Triple DES):
- Applies DES encryption three times
- Known as legacy algorithm, so it is slower and less secured compared to
AES
SEAL:
- Stream cipher with low CPU usage, used as a faster alternative.
Types of Ciphers: - Block Cipher: Encrypts data in fixed blocks (e.g., AES with 128-bit blocks).
- Steam Cipher: Encrypts data one bit or byte at a time (e.g., SEAL)
Asymmetric Encryption: Get back to this part later and learn all the examples
Definition Uses a pair of keys: a public key for encryption and a private key for decryption (vice
versa)
Key Features - Solves the key distribution problem
- Slower than symmetric encryption (due to complexity in algorithms, larger key sizes,
performance overhead, network latency and the way they are implemented in secure
communications)
Examples RSA (Rivest-Shamir-Adleman):
- Key lengths: 512 to 2048 bits
- Commonly used in HTTPS, digital signatures.
- One of the first public key cryptosystems and widely used for secure data
Quick Notes Page 1
, - One of the first public key cryptosystems and widely used for secure data
transmission based on the current difficulty of factoring very large numbers.
Diffie-Hellman:
- Securely exchanges keys over an untrusted network.
- Enable two parties to generate a shared secret without prior communication
- Key length 512 to 4096 bits
Elliptic Curve Cryptography (ECC):
- Smaller key sizes, suitable for resource-constrained environments like IoT
- Has equivalent security compared to RSA
- Widely used in cryptocurrencies and blockchain technologies; increasingly
popular for securing mobile devices and IoT due to efficiency.
*Symmetric is faster but less flexible for secure key exchange, while asymmetric is slower but solves key distribution issues
More notes about asymmetric encryption:
Long definition: Asymmetric encryption is a cryptographic technique that uses a pair of keys for encryption and decryption: a
public key and a private key. Each user generates their own key pair, allowing secure communication without the need to
share a secret key beforehand. This method enhances security by ensuring that even if someone intercepts the public key,
they cannot decrypt the messages without access to the corresponding private key.
Key Properties:
1. Public Key: This key can be shared openly. Anyone can use it to encrypt a message intended for the key holder.
2. Private Key: This key must be kept secret and is used to decrypt messages that were encrypted using the corresponding
public key. Only the key holder has access to this key.
3. Confidentiality: Ensures that only the intended recipient can read the encrypted messages.
4. Non-repudiation: The sender cannot deny having sent the message, as only the sender would have the private key
needed to sign the message.
Advantage:
1. Secure Key Exchange: Enables users to communicate securely without the need to share a secret key, thus preventing
potential eavesdropping during key distribution.
2. Simplified Key Management: Unlike symmetric encryption, where the same key is used for encryption and decryption,
asymmetric encryption streamlines key management since the public key can be shared openly.
Real world applications:
- Used in secure messaging apps (e.g., Whatsapp)
- Digital signatures for blockchain transactions
- Secure authentication for IoT devices
Diffie-Hellman (basic/pioneer example of asymmetric encryption)
Diffie-Hellman (DH) is a widely used cryptographic protocol that allows two parties to securely establish a shared secret key
over an insecure communication channel.
Basic Concept:
Diffie-Hellman is based on the mathematical principles of modular arithmetic and the difficulty of calculating discrete
logarithms. The protocol enables two parties (commonly referred to as Alice and Bob) to agree on a shared secret key that is
used for symmetric encryption, without ever directly exchanging that key.
Key Agreement Process:
1. Select Public Parameters:
- Both parties agree on two large prime numbers:
- A prime number p (the modulus)
- A base g (the generator), which is a primitive root modulo p
1. Generate Private Keys:
- Each party generates a private key:
- Alice chooses a private key a.
- Bob chooses a private key b.
- These private keys are kept secret and are not shared with anyone.
1. Calculate public keys
- Each party calculates their corresponding public key using the agreed-upon parameters:
- Alice computes her public key A
Quick Notes Page 2
