Modern Cryptography – Part 2

Venue : BK7, Building FTMK.
Date : 26-8-2009
Time : 9.00 a.m. – 10.50 a.m.

The lecture just now began with a brief re-cap for the topic DES which we have learnt last week. Soon after that, the lecture continued with the topic Message Authentication. Message Authentication can be used to protect against active attacks. The diagram below show how it actually works:

Next, Mr. Zaki taught us about the Hash Function. There are three methods for has function:

• Using conventional encryption


• Using public-key encryption


• Using secret value

The three algorithms used in hashing function are MD5, SHA-1 and SHA-256.Then, we learned about digital signatures. It is the provision of a means of settling disputes between sender and receiver that distinguishes the digital signature mechanism from the MACing process. The diagram below shows how digital signature works:

To create a digital signature using RSA:

The signature can be verified by anyone who knows the corresponding public key. Certification Authority (CA) is the next topic of this chapter. CA’s aim it to guarantee the authenticity of public key by signing a certificate containing user’s identity and public key with its secret key. In order to do so, all users must have an authentic copy of the Certification Authority’s public key. The lectures continued with the topic Key Management, the diagram below depicts the life cycle of a key:

The last two topics for today’s lecture ware RSA which was learnt during the lab session last week and methods of attacks. The four general attacks against encrypted information are:

• Ciphertext-only attack


• Known Plaintext


• Chosen-plaintext


• Chosen-ciphertext attack

Then the attacks that can be launched against encryption systems are:

• Brute-Force attack


• Exhaustive key search - trying every possible combination.


• Replay attacks


• Taking encrypted information and playing it back at a later point in time.


• Man-in-the-middle attacks


• Fault in Cryptosytem