Learning Objectives / Whāinga Ako

• Define what "encryption" is and its purpose.

• Explain the basic concepts of plaintext, ciphertext, key, encrypt, and decrypt.

• Understand the mechanics of simple substitution ciphers like the Caesar cipher.

• Identify common attack methods against simple ciphers (frequency analysis, known plaintext, brute force).

• Explain why semantic security and large key sizes are important for strong encryption.

• Understand the challenge of secure key exchange for symmetric encryption.

• Explain the core idea of public-key (asymmetric) encryption, including public and private keys.

• Describe the concept of a digital signature and its use for authentication.

• Explain how hashing is used for secure password storage, including the concept of "salting" to prevent rainbow table attacks.

• Identify everyday situations where encryption is used.

• Recognize that encryption can be used for both good and bad purposes.

• Understand the limitations of encryption and the ongoing challenges posed by quantum computing and social engineering.

Getting Started / Whakataki (Prior Knowledge Required)

To get the most out of learning about Encryption, it's essential to have a clear understanding of:

• Digital Devices: Do you know that devices store and transmit information?

• Privacy: Have you explored why controlling your personal information is important?

• Computer Security: Do you understand the goals of confidentiality, integrity, and availability (CIA Triad) in computer systems?

• Binary: Do you understand that all digital information is stored as 0s and 1s?

• Data Transmission: Are you familiar with how data moves between devices?

Quick Check: If you send a secret message to a friend, how might you change the letters so that only your friend can read it? This is similar to how encryption works!

What is Encryption?

Encryption is a method used to keep data secret. In its simplest form, it's a process of transforming ordinary, readable information (called plaintext) into a garbled, unreadable form (called ciphertext). Only authorized people who have a secret value, called a key, can unlock and reverse this process, turning the ciphertext back into the original plaintext.

Think of it like a secret code:

• Plaintext: Your original secret message (e.g., "Meet me at the park").

• Encryption Program: A special tool or rule that scrambles your message.

• Key: A secret word, number, or rule you both agree on (e.g., "Shift every letter forward by 3").

• Ciphertext: The garbled, unreadable message (e.g., "P HHW PH DW WKH SDUN").

• Decryption Program: The tool or rule to unscramble the message.

An encryption system (also called a cryptosystem or cipher) usually involves two computer programs: one to encrypt data (turn plaintext into ciphertext) and a second program to decrypt ciphertext back into plaintext. This transformation is done using clever mathematical processes that combine the plaintext with the chosen key.

Why is Encryption Critical?

If you're using digital devices, you're using systems based on encryption all the time, often without even noticing!

• Online banking: Encrypts your financial details.

• Accessing data through Wi-Fi: Encrypts your internet traffic (like when you see a padlock icon in your browser).

• Paying with a credit card: Encrypts your payment information whether you swipe, insert, or tap.

• Sending messages: Many messaging apps use encryption to keep your conversations private.

Without encryption, your information would be wide open to the world. Anyone could easily read your data going over Wi-Fi, and stolen laptops or phones would give away all sorts of private information. So, encryption is fundamental to make computer systems usable and secure, protecting your Privacy and ensuring Confidentiality.

How It Works / Me Pēhea te Mahi

Encryption plays a vital role in achieving the Confidentiality goal of Computer Security. It operates by making data unintelligible to anyone who doesn't have the correct key. 

The Process (Simplified)

1. Plaintext + Key + Encryption Algorithm = Ciphertext

2. Ciphertext + Key + Decryption Algorithm = Plaintext

The "encryption algorithm" is the set of mathematical rules (often very complex algorithms) used to perform the scrambling.

The Caesar Cipher: An Ancient Example 

The Caesar cipher is a very old and simple substitution cipher, invented by Julius Caesar over 2000 years ago.

• How it works: Each letter in the plaintext is shifted a certain number of places down or up the alphabet to create the ciphertext.

• The Key: In a Caesar cipher, the key is a number between 1 and 25. This number specifies how many places the alphabet should be rotated. (Why not 26? Because a shift of 26 would just bring you back to the original letter!).

  • Encryption: To encrypt, you rotate forwards (add the key) to each letter.

    • Example: Encrypting "HOW ARE YOU" with a key of 7: H becomes O, O becomes V, W becomes D. So "HOW" becomes "OVD".

  • Decryption: To decrypt, you rotate backwards (subtract the key) from each letter.

    • Example: Decrypting "ZNK WAOIQ HXUCT" with a key of 6: Z becomes T, N becomes H, K becomes E. So "ZNK" becomes "THE".

• ROT13: A special Caesar cipher using a key of 13. It has the interesting property that encrypting a message with ROT13 is the same as decrypting it – the same program can be used for both! It's sometimes used to obscure things like joke punchlines or spoilers.

Problems with Simple Ciphers: How to Attack Them 

While simple, substitution ciphers like Caesar cipher are very insecure. There are several ways to "crack" them (decrypt without the key) or "attack" them:

1. Brute Force Attack:

   • What it is: Trying out every single possible key until intelligible text is produced.

   • How it works on Caesar Cipher: Since there are only 25 possible keys, a computer can try all of them in less than a second. This makes Caesar cipher very vulnerable to brute force.

   • Real-World Keys: Modern encryption keys are much longer (e.g., 128 bits or more). The number of possible keys grows exponentially with each bit added. A 128-bit key would take billions of years to brute force with current technology. This concept of problems that take too long to solve is called intractability (Link to Complexity and Tractability page).

2. Frequency Analysis Attack:

   • What it is: Looking at how often each letter appears in the ciphertext.

   • How it works on Substitution Ciphers: In languages like English, some letters (like 'E', 'T', 'A') appear far more frequently than others. By counting the occurrences of each letter in the ciphertext and comparing them to known letter frequencies of the language, you can guess which ciphertext letters correspond to common plaintext letters.

   • Example: If 'J' is the most common letter in a Caesar cipher ciphertext, and 'E' is the most common letter in English, you might guess 'J' stands for 'E', which gives you a key (J is 5 letters after E, so key is 5). This works well for long messages.

3. Known Plaintext Attack:

   • What it is: When an attacker knows a piece of plaintext and its corresponding ciphertext.

   • How it works on Substitution Ciphers: If you know a common phrase (e.g., "HI THERE") is in the message and you have its encrypted version, you can quickly figure out the mapping of letters, which can help decrypt the rest of the message.

   • Chosen Plaintext Attack: Even worse is when an attacker can trick someone into encrypting a message of the attacker's choosing, and then see the resulting ciphertext.

   • Importance: Good cryptosystems must be resistant to these attacks because common phrases or parts of a web page (like headings in online banking) are often known.

Semantic Security: The Goal of Strong Encryption 

Because of these vulnerabilities, a good cryptosystem (encryption method) must be semantically secure. This means there is no known efficient algorithm that can use the ciphertext to get any information about the plaintext (other than the length) without the key. It's vital that encryption systems used today are semantically secure. 

The Vigenere Cipher

The Vigenere cipher is a slightly stronger substitution cipher than Caesar. It uses a key phrase (e.g., "ACB") where each letter in the phrase gives a different offset for each character in the plaintext, repeating the phrase as needed. This uses multiple Caesar ciphers and makes frequency analysis harder because common letters no longer consistently map to the same ciphertext letter. However, methods have been found to crack it quickly once the key length is determined.

Ethical Considerations and Dual Use

Like all technologies, encryption can be used for both good and bad purposes:

• A human rights organization might use encryption to secretly send photographs of human rights abuses to the media, protecting victims and whistleblowers.

• Drug traffickers might use it to avoid having their plans read by investigators.

Understanding how encryption works can help you make informed decisions about issues like freedom of speech, human rights, tracking criminal activity, personal Privacy, identity theft, online banking and payments, and the safety of systems (like aircraft control or traffic lights) that might be taken over if "hacked into" without proper security.

Breaking Encryption (Cryptanalysis)

People who try to decrypt messages without the key are called cryptanalysts (or informally, "hackers" or "crackers" with bad intentions). While ethical cryptanalysts ("Whitehat hackers") help find weaknesses in encryption systems before malicious attackers do, it is possible for someone to find a way to break into widely used systems. This would cause a lot of problems by compromising confidentiality. Some older encryption systems have already been found to be insecure due to successful attacks.

• Hacking Traffic Lights: An interesting example of using encryption outside secret messages is the case of engineers who changed traffic light patterns. Early traffic signals could respond to codes from emergency vehicles (to change to green) but didn't use encryption. People figured out how to trigger them to their own advantage, highlighting the value of encryption even in seemingly simple systems.

Beyond Simple Ciphers 

The simple substitution systems described above do not provide any security for modern digital systems. Real-world encryption systems overcome significant challenges to provide strong security. 

The Key Exchange Problem (for Symmetric Encryption)

When describing an encryption scenario, cryptographers often use the fictitious characters Alice and Bob (A to B) as the sender and receiver of a message. Eve (E) is the fictitious eavesdropper who tries to listen in. If Alice is sending an encrypted message to Bob using a symmetric encryption system (where both Alice and Bob need the exact same secret key), a big problem arises: How can Alice get the secret key to Bob across an "unsafe" network (one where Eve is listening)?

• Alice can't include the key in the encrypted message itself, because Bob wouldn't be able to decrypt the message to get the key.

• Alice can't just send the key as plaintext, because Eve would easily intercept it and then use it to decrypt all their messages!

• Physically distributing keys (like sending them by mail) is very expensive and slow, which was common until the 1970s. Assuming an eavesdropper like Eve can observe all data transmitted (which is often true for wireless connections and data moving across network nodes), a new solution was needed.

Public-Key (Asymmetric) Encryption

One of the most remarkable discoveries in computer science in the 1970s was a method called public-key encryption (or asymmetric encryption). This system solves the key exchange problem by using different keys for encoding and decoding:

• Public Key: This key is designed to be shared widely and can be made completely public (e.g., put on a website, attached to emails). Anyone can use someone's public key to encrypt a message for them.

• Private Key: This key is secret and known only to its owner. It is mathematically linked to the public key, but it cannot be easily figured out from the public key. Only the private key can decrypt messages that were encrypted with its corresponding public key.

Think of it like a padlock system:

• You have a unique padlock. You can give copies of this open padlock (your public key) to everyone. Anyone can put a message in a box, lock it with your padlock, and send it to you.

• Only you have the special key (your private key) that can open your padlock. Once someone locks a box with your padlock, even they can't open it – only you can.

RSA: A very popular public-key cryptography system is RSA. When RSA keys are generated, they involve complex mathematical calculations based on large prime numbers. The actual keys passed around are long strings of binary data, often displayed in hexadecimal or Base64 format for compactness.

• Padding: Modern RSA systems use "padding," which is extra random data added to the plaintext before encryption. This ensures that encrypting the same plaintext with the same public key results in different ciphertext each time. This is a crucial layer of security that stops known plaintext attacks.

The "Trapdoor" Function: Public-key encryption relies on "trapdoor" functions. These are mathematical problems that are easy to compute in one direction, but extremely difficult (intractable) to reverse without a specific piece of secret information.

• Easy Direction (like the public key): It's easy for a computer to multiply two very large prime numbers together to get an even larger number.

• Hard Direction (without the private key): It's incredibly difficult to take that very large number and find the two prime numbers that were originally multiplied to create it (a process called factoring). No one knows a fast algorithm to do this for very large numbers. This is why it acts as a "trapdoor" – easy to go in one way, practically impossible to go back the other way.

Digital Signatures

While encrypting with a public key ensures Confidentiality, public-key encryption can also be used for authentication (proving identity) through digital signatures:

• If you encrypt a message (or part of it, like a hash) using your private key, only you (the private key owner) could have done it.

• Anyone can then use your publicly available public key to try and decrypt that signed message.

• If the public key successfully decrypts the message, it proves that the message must have been encrypted by the corresponding private key. This confirms the message truly came from you and hasn't been tampered with.

This has the same function as a physical signature but is far more reliable because it is virtually impossible to forge. Some email systems use this to assure you that an email genuinely came from the person who sent it.

Storing Passwords Securely

A really interesting puzzle in encryption is storing passwords in a way that even if the database with the passwords gets leaked, the passwords are not in a usable form. This is a crucial part of Computer Security and relies on clever encryption algorithms and techniques.

Conflicting Requirements for Secure Password Storage

When a user logs in, it must be possible to check that they entered the correct password.

Even if the password database is leaked, and an attacker has huge computing power:

• The database should not reveal obvious information about passwords (lengths, common passwords, patterns).

• Users should have time to change their password if it's leaked. Ideally, passwords should never be recoverable by an attacker.

There should be no way for a forgotten password to be recovered; it must be reset. Even system administrators should not have access to a user's actual password.

Application-enforced protections (like login attempt limits, IP address checks) are useless once an attacker has an "offline" copy of the database, allowing them unlimited attempts.

Hashing Passwords

A hashing algorithm (or hash function) is an algorithm that takes a password (or any data) and performs complex, one-way computations on it. It then outputs a seemingly random, fixed-length string of characters called a hash. This process is called hashing.

• Properties of Good Hashing Algorithms:

  • Every time a specific password is hashed, it should always produce the exact same hash.

  • Given a specific hash, it should be mathematically impossible to efficiently compute what the original password was (it's a "one-way function"). This means trying to recover the password can only be done by brute force (trying every possible password until one matches the hash).

• SHA-256: A popular and strong algorithm used for hashing.

• How it protects: Instead of storing plaintext passwords in a database, a secure system stores their hashes. When a user logs in, their entered password is hashed, and if the new hash matches the stored hash, the password is correct. If an attacker steals the database, they only have the hashes, which are useless to them directly.

• Collisions: Mathematically, different inputs can produce the same output hash (a "collision") because the output length is fixed while inputs can be much larger. However, for strong algorithms like SHA-256, finding collisions is incredibly difficult and believed to be practically impossible with current computing power. Old algorithms like MD5 and SHA-1 were found to have collision weaknesses, so their use is now discouraged for sensitive applications. For password storage, collisions are less of an issue, as attackers are more likely to guess the original password than to find a collision.

Hashing Passwords with a Salt: Preventing Rainbow Tables 

While hashing is strong, a significant problem is rainbow tables. These are precomputed lists of hashes for common passwords. If an attacker has a rainbow table, they can quickly look up hashes from a stolen database and find many common passwords without needing to compute them. 

Salting is a clever technique that solves this problem. It means attaching some extra, random data (called the salt) to the end of a user's password before hashing them together.

• How it works:

  • When a user registers, a unique, long, random salt value (e.g., 128 bits) is generated.

  • This salt is added to the user's password (e.g., password + salt).

  • The combined string is then hashed using an algorithm like SHA-256.

  • The plaintext salt is stored next to the hash in the database (it's not a secret, its purpose is just to make each hash unique).

• Benefits:

  • If two users choose the same password, their hashes will be different because they will have different random salts.

  • This makes rainbow tables useless, as an attacker would need a unique rainbow table for every single possible salt, which is computationally impossible to generate and store.

  • Attackers are forced to perform a dictionary attack for each individual hashed password, adding the unique salt to each guess before hashing and comparing. While still possible, it greatly slows them down.

Choosing Strong Passwords (and what not to do)

Even with salting and hashing, good user passwords are the best security against offline brute force attacks.

• Ideally: Passwords should be completely random (no words or patterns), long (e.g., 8 to 16+ characters), and contain a mix of uppercase, lowercase, numbers, and symbols (96 standard characters). Each random character added significantly increases the difficulty of guessing.

• The Reality: Many traditional password advice (e.g., "mix characters, minimum length 8") doesn't work well for users, as they create predictable patterns (e.g., replacing 'S' with '$', 'o' with '0', or adding a digit to a common word). Attackers know these tricks and incorporate them into dictionary attacks.

• Better Advice (e.g., from xkcd comic): Focus on long, memorable phrases that are random combinations of unrelated words (e.g., "correcthorsebatterystaple" – although this specific one is now well-known!) rather than short, complex, but predictable variations of single words.

• Password Managers: These tools are excellent for generating strong, unique, random passwords for every site and securely storing them, making it easy for users to maintain high security.

Limitations of Encryption & Future Challenges

While encryption is incredibly powerful, it doesn't solve all computer security problems. The early encryption methods discussed (like Caesar cipher) are very weak and would never be used commercially or militarily. Even with strong modern encryption, other security aspects are crucial:

• Access Control: Systems like password systems and smart card security are vital to ensure only authorized users can access sensitive information.

• Secure Software Development: Preventing vulnerabilities in software & applications themselves (e.g., preventing a user from typing a database command into a website query that the system accidentally runs, or protecting against "buffer overflows" where a long input could corrupt the program).

• Denial of Service (DoS) Attacks: Protecting against attacks where systems are overloaded with requests (e.g., a DDoS attack), causing them to slow down or fail completely.

Quantum Computing: A Future Threat? 

There's a "dark cloud" hanging over the security of most current encryption methods: Quantum computing. Quantum computing is still in its early stages, but if successful, it has the potential to run very fast algorithms that could rapidly break our most secure encryption systems (for example, by quickly factorizing the large numbers that RSA relies on).

• The quantum algorithms for these attacks have already been invented, but the technology to build quantum computers powerful enough to run them doesn't exist yet.

• Such computers won't appear overnight, and if they do, they will also open up possibilities for new encryption algorithms that are resistant to quantum attacks (quantum-resistant cryptography or post-quantum cryptography).

• This represents a significant, yet uncertain, future challenge for computer science.

On the positive side, protocols exist for quantum information transfer (using specialized equipment to generate quantum bits). These provide what is, in theory, a perfectly secure encryption system that doesn't rely on computational difficulty. However, due to the need for specialized equipment, they are currently used only in high-security environments like banking.

The Persistence of Social Engineering 

Because we have such good encryption systems available today, information thieves often turn to other approaches, especially social engineering. The easiest way to get a user's password is often simply to ask them, or trick them into giving it away.

• Phishing attacks are a prime example of this. Estimates suggest that many computer users have, at some stage, given out secret information this way.

• Other social engineering tactics include bribing or blackmailing individuals with system access, or even low-tech methods like looking for passwords written on sticky notes near a monitor.

• Gaining access to someone's email account is particularly dangerous, as many "lost password" systems send password reset links to email.

Steganography

While cryptography (encryption) is about hiding the content of a message, steganography is about hiding the existence of the message itself. This can be important if an enemy might guess something is being planned just by noticing an increase in messages, even if they can't read them.

• How it works: A secret message is hidden inside another, seemingly innocuous message.

• Examples: Hiding a code in the number of letters in words in a newspaper public notice, or making unnoticeable changes to the pixels in a digital image to store hidden information.

• There are fun activities to try decoding steganography yourself, such as hidden text in films or music.

Formal Assessment / Te Aromatawai

Check your understanding of Encryption.

1. Multiple Choice: What is the main purpose of encryption?

   • a) To make data load faster.

   • b) To convert plaintext into unreadable ciphertext to keep it secret.

   • c) To organize files on a computer.

   • d) To scan for viruses.

2. Short Answer: Explain the role of a "key" in an encryption system.

3. Scenario: You are sending a private message to a friend using an online messaging app. The app states it uses "end-to-end encryption."

   • What does "end-to-end encryption" mean in simple terms for your message's confidentiality?

   • If someone intercepts your message, why would they not be able to read it?

4. Short Answer: What are two significant weaknesses of the Caesar cipher that make it unsuitable for modern secure communication?

5. Scenario: An attacker has obtained a ciphertext. They suspect it is an important company message, and they know that all company messages always start with the phrase "CONFIDENTIAL COMPANY MESSAGE."

   • What type of attack could they use to try to decrypt the ciphertext?

   • Why is this type of attack effective against simple substitution ciphers?

6. Critical Thinking: Why would a Caesar cipher with a key of 26 not be a good idea?

7. Short Answer: Explain the Key Exchange Problem in symmetric encryption.

8. Scenario: You are using online banking. When you log in, your browser shows a padlock icon. This indicates the connection is secured with encryption using a public-key system.

   • What type of key (public or private) does your computer use to encrypt your login details before sending them to the bank?

   • What type of key does the bank's server use to decrypt your login details?

9. Critical Thinking: Why would a digital signature be useful for an email system, even if the email's content is not secret? (Think about the goal of Integrity and Authentication).

10. Short Answer: What is the main benefit of using a hashing algorithm like SHA-256 for password storage, instead of storing the actual passwords?

11. Scenario: A hacker steals a database of hashed passwords that were not salted. They then use a "rainbow table" attack.

    • What is a "rainbow table" in this context?

    • Why is this attack much more effective against unsalted hashes compared to salted hashes?

12. Critical Thinking: How could quantum computing potentially threaten current strong encryption systems like RSA?

13. Short Answer: Explain how social engineering (like a phishing attack) can still be a major security threat even when strong encryption is used.

14. Comparison: What is the main difference between cryptography (encryption) and steganography?

Key Takeaways / Mātauranga

• Encryption transforms readable plaintext into unreadable ciphertext using a key and an encryption algorithm.

• It's fundamental for ensuring Confidentiality and Privacy in Computer Security.

• Substitution ciphers like the Caesar cipher are simple but very insecure, vulnerable to brute force, frequency analysis, and known plaintext attacks.

• Strong encryption requires semantically secure systems with very large key sizes, making brute force attacks intractable.

• Symmetric encryption faces the key exchange problem. Public-key (asymmetric) encryption (e.g., RSA, relying on "trapdoor" functions) solves this by using public and private key pairs.

• Digital signatures use public-key encryption for authentication and integrity (proof of sender and no tampering).

• Hashing algorithms (like SHA-256) are one-way functions used for secure password storage. Salting is crucial to defeat "rainbow table" attacks.

• Computer security involves much more than just encryption, including access control, secure software development, and DoS attack protection.

• Quantum computing poses a future threat to current encryption methods, though new quantum-resistant algorithms are being developed.

• Social engineering remains a major threat, as it targets human vulnerabilities rather than technical encryption.

• Steganography is a distinct technique for hiding the existence of a message, rather than its content.

• Encryption is used everywhere in daily digital life, from banking to Wi-Fi.

• Like all technologies, encryption can be used for both positive and negative purposes.

• Cryptanalysts ethically test encryption to find and fix weaknesses.

• User education is a critical part of overall security, helping individuals understand threats and policies.

What's Next?

Now that you understand how encryption keeps data secret, you're ready to explore other crucial aspects of data integrity and communication within digital systems:

• Error Control: How do we make sure data remains accurate and complete, even when it's being transmitted or stored? (This works alongside encryption for reliable systems).

• Network Communication Protocols: Explore the rules that allow data, often encrypted, to travel across networks safely and efficiently.

• Big Data: Consider the ethical and security implications of encrypting and managing massive amounts of information.

• Artificial Intelligence (AI): Understand how encryption protects data used by AI, and how AI might even be used in new encryption methods.

• Complexity and Tractability: Dive deeper into the mathematical concepts that explain why some problems (like cracking strong encryption) are practically impossible to solve due to the immense time required.

Continue your journey by clicking on the links to these exciting topics!