InfoSec Notes
Foundational guide to cryptography covering core concepts, terminology, classical ciphers, modern algorithms, and the role of cryptography in securing information systems.
What is Cryptography?
Cryptography is the science and art of securing communication and data through mathematical transformations. The word comes from Greek: "kryptos" (hidden) and "graphein" (to write). Modern cryptography provides four fundamental security services:
- Confidentiality — Only authorized parties can read the data
- Integrity — Data has not been modified
- Authentication — Verifying the identity of communicating parties
- Non-repudiation — A party cannot deny their actions
Core Terminology
| Term | Definition |
|---|---|
| Plaintext | Original readable message (also called cleartext) |
| Ciphertext | Encrypted/unreadable message |
| Encryption | Process of converting plaintext to ciphertext |
| Decryption | Process of converting ciphertext back to plaintext |
| Key | Secret value used to control encryption/decryption |
| Cipher | Algorithm used for encryption/decryption |
| Cryptanalysis | Science of breaking cryptographic systems |
| Key Space | Total number of possible keys for a cipher |
The Encryption Process
Basic Encryption/Decryption Flow
====================================
Plaintext ----[Encryption Algorithm]----> Ciphertext
| ^ |
| | |
| [KEY] |
| | |
| v |
Plaintext <---[Decryption Algorithm]---- Ciphertext
Example
"HELLO" --[Caesar, shift=3]--> "KHOOR" --[Caesar, shift=-3]--> "HELLO"
Categories of Cryptographic Systems
By Key Usage
| SYMMETRIC KEY | ASYMMETRIC KEY |
|---|---|
| (Secret Key) | (Public Key) |
| Same key for encrypt | Different keys for |
| and decrypt | encrypt and decrypt |
| Examples: | Examples: |
| - AES | - RSA |
| - DES/3DES | - ECC |
| - ChaCha20 | - Diffie-Hellman |
| Fast, efficient | Slower, key exchange |
| Key distribution issue | No key sharing needed |
By Encryption Method
| Type | Description | Example |
|---|---|---|
| Stream Cipher | Encrypts one bit/byte at a time | RC4, ChaCha20 |
| Block Cipher | Encrypts fixed-size blocks | AES (128-bit blocks), DES (64-bit) |
Classical Ciphers
Substitution Ciphers
Replace each plaintext character with a different character:
class SubstitutionCipher:
"""Demonstrate classical substitution ciphers."""
def caesar_cipher(self, text: str, shift: int, decrypt: bool = False) -> str:
"""Caesar cipher - shifts each letter by a fixed amount."""
if decrypt:
shift = -shift
result = ""
for char in text:
if char.isalpha():
base = ord('A') if char.isupper() else ord('a')
result += chr((ord(char) - base + shift) % 26 + base)
else:
result += char
return result
def atbash_cipher(self, text: str) -> str:
"""Atbash cipher - mirrors the alphabet (A↔Z, B↔Y, etc)."""
result = ""
for char in text:
if char.isalpha():
base = ord('A') if char.isupper() else ord('a')
result += chr(25 - (ord(char) - base) + base)
else:
result += char
return result
def monoalphabetic_cipher(self, text: str, key_alphabet: str,
decrypt: bool = False) -> str:
"""General monoalphabetic substitution."""
plain_alpha = "ABCDEFGHIJKLMNOPQRSTUVWXYZ"
if decrypt:
mapping = str.maketrans(key_alphabet + key_alphabet.lower(),
plain_alpha + plain_alpha.lower())
else:
mapping = str.maketrans(plain_alpha + plain_alpha.lower(),
key_alphabet + key_alphabet.lower())
return text.translate(mapping)
# Demonstrations
cipher = SubstitutionCipher()
# Caesar Cipher
plaintext = "ATTACK AT DAWN"
shift = 3
encrypted = cipher.caesar_cipher(plaintext, shift)
decrypted = cipher.caesar_cipher(encrypted, shift, decrypt=True)
print(f"Caesar Cipher (shift={shift}):")
print(f" Plaintext: {plaintext}")
print(f" Ciphertext: {encrypted}")
print(f" Decrypted: {decrypted}")
print()
# Atbash Cipher
encrypted = cipher.atbash_cipher("HELLO WORLD")
decrypted = cipher.atbash_cipher(encrypted) # Self-inverse
print(f"Atbash Cipher:")
print(f" Plaintext: HELLO WORLD")
print(f" Ciphertext: {encrypted}")
print(f" Decrypted: {decrypted}")Transposition Ciphers
Rearrange the positions of characters without changing them:
Kerckhoffs' Principle
"A cryptosystem should be secure even if everything about the system, except the key, is public knowledge."
This fundamental principle states that security should reside in the key, not in the secrecy of the algorithm. This is why:
- AES, RSA, and SHA are published, public algorithms
- Security depends on key length and management
- "Security through obscurity" alone is never sufficient
Modern Cryptography Overview
Modern Cryptographic Primitives
===================================
Symmetric Encryption
Block Ciphers: AES-128/192/256, formerly DES/3DES
Stream Ciphers: ChaCha20, (formerly RC4)
Modes: ECB, CBC, CTR, GCM (authenticated)
Asymmetric Encryption
RSA: Based on factoring large primes
ECC: Based on elliptic curve discrete logarithm
Diffie-Hellman: Key exchange protocol
Hash Functions
SHA-256/384/512 (SHA-2 family)
SHA-3 (Keccak)
BLAKE2/BLAKE3
(Deprecated: MD5, SHA-1)
Digital Signatures
RSA-PSS
ECDSA
EdDSA (Ed25519)
Key Exchange
Diffie-Hellman (DH)
Elliptic Curve DH (ECDH)
X25519
Authenticated Encryption
AES-GCM
ChaCha20-Poly1305
Cryptographic Strength Comparison
Cryptography in Everyday Life
| Application | Cryptographic Technology | Purpose |
|---|---|---|
| HTTPS (Web browsing) | TLS with AES-GCM + ECDHE | Confidentiality + Integrity |
| WhatsApp/Signal | Signal Protocol (X3DH + Double Ratchet) | End-to-end encryption |
| Password storage | bcrypt/Argon2 (key derivation) | Protect stored passwords |
| Bitcoin | ECDSA + SHA-256 | Transaction signing + mining |
| SSH (Remote access) | Ed25519 + ChaCha20-Poly1305 | Secure remote sessions |
| Digital certificates | RSA/ECDSA signatures | Website identity verification |
| VPN | IPSec with AES/IKEv2 | Network tunnel encryption |
Interview Questions
- What is the difference between symmetric and asymmetric cryptography?
- Symmetric uses the same key for encryption and decryption (fast, but requires secure key sharing). Asymmetric uses a key pair — public key for encryption, private key for decryption (solves key distribution but is slower). In practice, hybrid approaches combine both.
- Explain Kerckhoffs' Principle and why it matters.
- The security of a cryptosystem should depend only on the secrecy of the key, not on the algorithm being secret. This matters because algorithms can be reverse-engineered, public scrutiny finds flaws, and relying on obscurity gives false confidence. All modern standards (AES, RSA) follow this principle.
- What is the difference between a stream cipher and a block cipher?
- A stream cipher encrypts data one bit or byte at a time, generating a keystream. A block cipher encrypts fixed-size blocks (e.g., 128 bits for AES). Block ciphers can operate in modes (CBC, CTR, GCM) that effectively make them stream ciphers or add authentication.
- Why is a 256-bit key considered secure against quantum computers while 128-bit may not be?
- Grover's algorithm gives quantum computers a quadratic speedup for brute-force search, effectively halving the key length. A 128-bit key becomes 64-bit equivalent strength against quantum attacks, which is breakable. A 256-bit key becomes 128-bit equivalent, still considered secure.
- What is the difference between encryption and hashing?
- Encryption is reversible (you can decrypt with the key) and provides confidentiality. Hashing is one-way (you cannot recover the original) and provides integrity verification. Encryption requires a key; hashing does not.
Summary
Cryptography is the mathematical foundation upon which modern information security is built. From protecting web traffic to securing cryptocurrencies, cryptographic primitives provide the tools to achieve confidentiality, integrity, authentication, and non-repudiation. Understanding these fundamentals is essential for any security professional.
Exam Focus
Revise definitions, diagrams, examples, and short-answer points for Introduction to Cryptography.
Interview Use
Prepare one clear explanation, one practical example, and one common mistake for this Information Security topic.
Search Terms
information-security, information security, information, security, cryptography, introduction, introduction to cryptography
Related Information Security Topics