Hello, everyone. We're going to go ahead and
get started with our cryptography module.
This is one of the most important and fundamental
modules in information security as it introduces
some of the basic concepts underlying secure communication
and secure data storage. We will begin with
introducing some basic terminology that is
used in the cryptoworld ranging from cryptography
to key to plain text, cyphertext and so forth.
Now, before diving into it, I want to spend
a few words on the motivation as to why encryption
and cryptography are very important. As you
know, information is now shared mostly over
the internet and this information is shared
on channels that are insecure because it's
very easy to actually access the information
that is shared across these non-dedicated
and shared medium. Therefore, cryptography
tries to address the most basic problem, that
is to ensure the secure communication over
channels that are insecure. So, there are
two main goals. One is related to privacy
and confidentiality, and this is the most
obvious. But also there are problems related
to authenticity, so how to ensure that a communication
is not altered, tampered with, and so forth.
Cyptography provides - the field of cryptography
- provides a set of tools that allow us to
actually address both of these concerns. Here
you can see a simple example of a simple crypto
protocol. You can see that the idea is very
simple. We have some plain text that we want
to protect, that want to encrypt. We want
to hide and scramble so that it becomes different
from the original content. So, in this example,
you can see that my plain text is FIRE. This
is the word that we want to hide. We want
to make it so that when and if it is intercepted
by some non-authorized user, it's not readable.
So, our plain text is going through the process
of encryption. The encryption algorithm is
essentially a protocol - a set of steps - that
transforms our original plain text into decipher
text. In this case, what we are using is what
is called "simple replacement," or simple substitution.
We are substituting every single letter of
the word using a key of five, which means
that for every letter, let's say the plain
text is FIRE, we have F replaced with the
letter that is five positions right on the
English alphabet. So, the result is KNWI.
If we want to reobtain from deciphered text
the original plain text, we can just move
back and execute our decryption algorithm.
The decryption algorithm will transfer deciphered
text into the plain text. How does it do it?
It basically proceeds by inverting the set
of steps executed during the encryption algorithm.
So instead of shifting right, it will shift
left in the alphabet in this case. And this
is just a simple example of a very simple
crypto protocol. So, in the previous slides,
I've introduced several terminologies, several
new words, so I want to explain some of them
more clearly. First off, we started off with
the word FIRE, which is called or referred
to as plain text. The result of the encryption
process is our cipher text, which is referred
to as cipher text. Cipher text depends on
two important aspects and these are the algorithm
and the key. These two components, which we
will discuss at length, are fundamental for
the transformation process from plain text
to cipher text. Essentially, what we want
to do 
is to transform and make not legible some
plain text, some information that needs to
be protected from unwanted eyes. And unwanted
ears, if you want. Now, the first question
I'd like to ask you is whether or not - and
this is important to understand the basics
of cryptography - is whether or not the encrypted
text is visible using sniffing over a network?
I ask you all to reflect on this question
and see if you can come up with an answer.
So, the answer, in case you are not sure,
is actually yes. Decipher text is visible
over the channel of communication, but its
most important property is that it's not legible.
It's not carrying any useful information for
a user who doesn't have or yes, a user or
any entity who doesn't have knowledge of the
algorithm and the key being used for encryption.
So, again, we have talked about this encryption
algorithm. So, what is the encryption algorithm?
I like this definition reported here because
it is simple but it really gets the main point.
It's a sequence of steps that change the plain
text to cipher text. It is important to mention
that there exists many encryption algorithms.
Some are very simple, and some instead are
extremely complex. Modern cryptography is
based on extremely complex mathematical properties
and operations. And we will see some of the
fundamental steps that are used in almost
all encryption algorithms. The reverse process
is decryption. Decryption consists of going
from the encrypted message to the plain text.
So, the final component that I would like
you guys to take a close look at is the key.
The key is what makes our encryption process
unique. Essentially, your encryption process
depends on, as we mentioned earlier, two components:
the algorithm and the key. The key is a parameter
that is used as part of the algorithm to decrypt
or encrypt a message. It is actually encoded
as a unique bit string, but in these examples
that we will see, we are referring to a natural
language so therefore we're referring to the
English language and we have a number of - we
will use just simple words and so forth, not
in digital form. But they're actually represented
in bit strings. So, remember that in order
to protect secrecy of the plain text, some
properties need to be satisfied, and one of
them is that, of course as we said, the cipher
text is visible, the plain text is secret,
and then we are left with the algorithm and
the key. What about them? Well I can tell
you that, of course, the key is usually considered
secret. And what about the algorithm? The
encryption and decryption algorithms? Are
they public or private? Those algorithms,
as a matter of fact, are public. There is
a class of cryptographic algorithms that are
usually kept secret, but the ones that are
most widely used - standards - are public,
so therefore known to each other. Hence, you
can see that it's very important to protect
our key because the key is the main tie between
cipher text and plain text. If an attacker
wants to launch an attack and wants to try
to decrypt some cipher text it has obtained,
he already has the cipher text, he has the
algorithm because the algorithm is assumed
to be known, so all he misses is the key.
Hence the importance of developing strong
algorithms with strong keys, as we will discuss
at length. And this is it.
