Confidentiality:

  • Symmetric: to achieve confidentiality, a symmetric key can be used as long as the key is kept secret.  
  • Asymmetric: can also be used for confidentiality, in which case the sender must use the recipient’s public key.  That way only the private key (which is kept secret by the recipient) can be used to decrypt the message.
  • Hybrid: (SSL, TLS or HTTPS) uses both asymmetric and symmetric → asymmetric cryptography sends a symmetric key, ultimately for the purpose of confidentiality during web sessions, which is what most websites do today. To see how it works, read the definition of “asymmetric” above.   The user’s browser would encrypt a new symmetric key with the recipient’s public key, the recipient decrypts the symmetric key with their private key and confidential communications are established.

Integrity:

Hash or message digest: this is a fixed digital representation of a message, run through a one-way function that typically does not use a key, but in some methods there is a key, such as a message authentication code (MAC).  

  • MAC is the hashing function which uses a symmetric key that must be shared prior to any operation.  It is also known as cryptographic checksum.  This is how it functions: the hash is generated with a secret/symmetric key by the sender to create a small block of data that is appended to the message.  The recipient decrypts the block using the same key and if the hash matches, integrity is achieved.    
  • HMAC, UMAC, CMAC and VMAC would be examples of types of MAC implementations.
  • Hashing is the one-way function that does not use a key, it simply runs the message through the algorithm.  Hashes should have five properties:
    • Uniformly distributed – the output should not be predictable
    • Collision resistant – prevents generating the same output from any given inputs
    • Hard to invert – the function should be designed in such a way that the original message cannot be obtained
    • Use full message – the whole message is used to create the digest/hash
    • Deterministic – given any input it will always generate the same digest
  • Examples of common hashing algorithms:
    • MD5 – 128 bit digest
    • Secure hashing algorithm (SHA) –
      • SHA1 – 160 bit digest
      • SHA other variants – in other bit lengths, up to 512 which are more secure
  • Vulnerabilities include:
    • Brute force attacks to guess the key
    • Cryptanalysis to discover collisions
  • Birthday paradox – there is a 50% chance of any two people having the same birthday in a room of 23 individuals.  Without getting into the math, the intent of a birthday attack is to allow the discovery of collision capabilities in order to change message contents while keeping the same digest, or to incite doubt on the integrity of the original message.  

Non-Repudiation:Digital signatures are a good way to achieve non-repudiation, and can also provide integrity and authenticity of the sender.  The way they work – first, the hash is performed on the message, then the hash is encrypted using the sender’s private key (this is the signature).  The recipient decrypts the hash using the sender’s public key and compares the hash.

Complex” hybrid cryptography adds digital signatures on the sides of the sender and the receiver, with an added timestamp from the receiver.  The digital signature provides integrity and proof of origin from the sender, and it provides proof of delivery from the receiver.

The way it works is essentially taking what we know of the current “hybrid” cryptography and adding the digital signature from the sender, meaning she (our friend Alice) runs the recipe through a hashing algorithm, and then encrypts the hash with her private key and attaches it to the message.  This step provides proof of origin and integrity.  Alice then sends message to Bob, who will decrypt it with the symmetric key from the hybrid model.  Then he’ll use Alice’s public key to unlock the hash.  If the public key works, it proves that the message came from Alice.  Next Bob runs the same hash that Alice used on the recipe, and if the hashes both match, the message has integrity. 

Next, Bob takes his newly generated hash on the message and encrypts it with his private key.  Again, that step is essentially a digital signature.  He sends the encrypted hash along with a timestamp over to Alice, who decrypts the hash using Bob’s public key.  When Alice compares the first hash with the decrypted hash from Bob, provided they match, Alice has proof of delivery.  


This type of cryptography can be seen in, pretty good privacy, and secure multipurpose internet mail extensions (S/MIME).