[SOUND] Hello, welcome back to the online course on web connectivity and security in cyber physical systems. This lesson starts a module on a cryptographic solutions for cyber physical systems. It is the last module of the course. In this video lecture, we will look into basic concepts and techniques of cryptography. Cryptography is a scientific and engineering field which develops and analyzes mathematical techniques for so many different information, security, and privacy issues such as confidentiality, data integrity, entity authentication and data origin authentication. Cryptography has a long and fascinating history. Egyptians used some kind of encryption in their messages about 4,000 years ago. In the 20th century, during the World War I and II, cryptography was used to protect sensitive war related information. Even though the usage of modern cryptography originally focus on military applications, today it's widely use for protecting our digital information in general, everywhere. This development began in 1960's and has been boosted by the proliferation of computers and communication systems during the last decades. The main goal of cryptography is to hide and protect sensitive information which is called a plaintext, from the adversaries or attackers. You can imagine that you protect your belongings inside a suitcase with a padlock. The idea is that one needs the key of the padlock to get the stuff out of the suitcase. The cyber system essentially works in the same way. The plain text, is encrypted, using a cryptographic algorithm, which corresponds to the padlock. The algorithm takes the plain text and encryption key as input, and as a result, a cipher text is generated. The cipher text is a new form or combination of the plain text. It is not readable by a human or a computer without decrypting it. And therefore, the cipher text can be safely sent to another party. On the receiver side, if the receiver has the right decryption key, he or she will be able to decrypt the cipher text to discover the original message. The secrecy of a cipher system is highly dependent on the secrecy of the key. So, the exchange of the decryption key should be done in a very secured way. From the attackers perspective, the main challenge is to determine the plain text from a cypher text without knowing the key. The decryption key does not have to always be the same as the encryption key. There are two types of cipher systems, a symmetric key cipher system and an asymmetric key or public key cipher system. In a symmetric key cipher system, the decryption key is identical to the encryption key. Or can be easily obtained from the encryption key. In this case, there is a need for a secure channel for key exchange. In an asymmetric key or public key cypher system, the encryption key is not the same as the decryption key. It is computation or in principle and practical to obtain the decryption key from the encryption key. In this case theirs a pair of different keys, one for encryption and the other for decryption. The encryption key is publicly available, so everyone who has the public key can encrypt the message. The decryption key is secret and is referred to as the private key. So only the one who has the private key can decrypt the message. Establishing a public key cipher system is computationally more complex and requires more resources than symmetric encryption. Therefore, it is usually used for shorter messages. In practice, a public key system is used for encrypting and transferring the encryption key of a symmetric key system. Symmetric ciphers are far further divided into stream ciphers and block ciphers. In a stream cipher, the plaintext is encrypted bit by bit or byte by byte. For simplicity, we call this unit of encryption a digit. So instead of one single key, the stream cipher requires a stream of keys to encrypt every digit. In this model, the cipher text stream is calculated as an exclusive or a modular to addition of every digit in the plaintext stream with the corresponding digit in the key stream. The same key stream is then used for decryption on the receiver side in the similar manner. The key streams are generated as random or pseudo-random digits. So, the security of a stream cipher is highly dependent on the key stream generation process. Stream ciphers are small and fast, and that's why they are suitable for embedded resource constrain devices. In contrast to a stream cipher, a block cipher uses a single key to encrypt fixed size block of plain text at a time. Blocks of cipher text are produced as the result. Block ciphers are mostly used for encrypting large data. The most of the well-known and widely used symmetric ciphers are block ciphers. These include, for example, the Data Encryption Standard, or DES, triple tests and the more recent Advanced Encryption Standard or AES. Block ciphers are first as components in designing many cryptographic protocols. The block ciphers can be implemented in different modes of operation, offering different levels of protection and performance. Common examples are The cipher feedback mode or CFB, the cipher block chaining mode or CBC, and the electronic code block mode, ECB. We are not going to cover this mode in this course. However, you can read more about them on the internet if you are interested. Breaking a cryptographic system involves finding the plain text without the decryption key. The attack models of a cyber system depend on the amount of information that is available for the attacker. Based on this the main attack models are classified four categories. It is always assumed that the encryption algorithm is known by the attacker. In a ciphertext-only attack, the attacker has access only to the encrypted content. In a known-plaintext attack, the attacker has access to some plain text ciphertext pairs which correspond to each other. In a chosen plaintext attack, the attacker has access to the encryption process and is able to generate the corresponding cipher text for a chosen plaintext. In a chosen ciphertext attack, the attacker has access to the decryption process and is able to generate the corresponding plaintext for a chosen cipher text. In all of these attack models, the ultimate goal is to find out the secret key. In addition to the mentioned attack models, if there is no such information available, the attacker has to try all possible combinations of keys until the correct one is found. This kind of attack is known as an Exhaustive Key Search attack or a Brute force attack. The Cipher System can not be considered perfect if the exhaustive search is the only way to find the key. When designing cryptographic algorithms, the time that a message needs to be in the encrypted form should be taken into account. This period is called a Cover Period. For example, in a banks transaction a message needs to be in the encrypted form for a few seconds until it reaches the receiver side. While in a database, a file needs to be kept in a encrypted form for a longer period of time. The design of a cyber system should always ensure that any type of attack to successfully find the key, would take longer time Than the given cover period. In this lesson we learned about basic concepts of cryptography. We also got familiar with different types of encryption algorithms, and more specifically, we learned about symmetric key cipher systems. In other video lectures, we will learn more about public key cryptography. And its usage for securing digital communication. [MUSIC]
