Cryptography and digital signatures: covering history up to PKCS11

Daniel Araya, Javier Espinoza and Miguel Taylor

Abstract This electronic document is a live template.

The various components of your paper [title, text, heads, etc.]
are already defined on the style sheet, as illustrated by the
portions given in this document.

At the figure 1, the figures represent an example of many

hieroglyphs made by the Egyptians.

I. INTRODUCTION
Since ancient times, the human being has created different
kinds of methods in order to preserve the privacy of the
information of some communications ensuring that only the
recipient of the message is able to decode it; so by this way,
an unauthorized receptor (a person, a machine, etc.) will not
be able to read the message.
The cryptography (this concept comes from the Greek
words "kryptos" and "graphein", which each means hidden or
secret and writing, respectively) initially was the science of
writing and solving those encrypted messages but at modern
times (after the 80s), this definition is a little bit short because nowadays the field of cryptography encompasses much
more than secret communication. The modern cryptography
deals with the problems of message authentication, digital
signatures, or digital cash (due to money transactions, for
example) and much more.
A more accurate definition of the concept "cryptography"
is provided by Jonathan Katz, who defines it as the study
of techniques for securing digital information, transactions,
and distributed computations [2]. This new definition is made
because at the present, ordinary people use it all around the
world and not only military or intelligence organizations like
it used to be before.
This document presents a brief history of cryptography describing some ancient, middle and modern technologies and
how encryption-related technologies have evolved through
time and will continue evolving as well as the measures
Internet users should consider when implementing modern
encryptions.

At the II century B.C., the historian greek Polybios

created the first encryption by replacing a character for
the number or letter of a column or a row. For example,
the table I shows and example of the a replacement of a
character by another. For example, the encryption of the
word "Polybios" is shown below:
POLYBIOS
CE CD CA ED AB BD CD DC

II. HISTORY OF CRYPTOGRAPHY

TABLE I: Example of Polybios method.

Fig. 1: Example of Egyptians Hieroglyphs.

The example takes for the letter "P" the third row and the
fifth column, in other words, the C row and the E column to
translate "P" into "CE"; for the letter "O" just have to match
the C row and the D column to create a "CD", and so on.

A
B
C
D
E

A
F
L
Q
V

B
G
M
R
W

C
H
N
S
X

D
I/J
O
T
Y

E
K
P
U
Z

A. Classic Cryptography
The early begin of cryptography was made by a simple
writing of a message, and was only concerned about converting messages into an unreadable group of characters;
and there were found registers of the earliest forms of
cryptography took place in the cradle of civilization like
Egypt, Rome and Greece. At this section some of the method
used before are described.
First, at 1900 B.C. Egyptians used hieroglyphs (pictograms) in a stele and this method was not considered
impossible to read until at 19th century the discovery and
study of the Rosetta Stone provide background to read them.

At the V century B.C., the Spartans implement a different

method, called the scytale cipher, consists to wrap a tape
around a stick and then write the message on the wound tape,
by this way, there was a rearrange of the order of letters in
a message replacing letters or groups of letters with other
letters or groups of letters. When the tape was unwound,
the writing was unreadable, because it was meaningless. An
important issue was that if the receiver didnt had a stick
of the same diameter, it would be difficult to decipher the
message. The figure 2 shows an example of the scytale
cipher; the disadvantage of this method is that once was

known, it was a simple matter of trying out sticks of different

diameters until the message became readable.

Fig. 2: Example of Spartans Scytale Cipher.

The Roman method was known as "Caesar Shift Cipher",
which use the idea of shifting letters by an agreed upon
number (normally three) and then writing the message using
this method. The recipient of the message just has to shift
back the letters the same amount of numbers to decode it
(the figure 3 shows and example of the shifted letters). This
method was used by Julius Caesar to communicate with his
generals.

Fig. 3: Example of Caesar Shift Cipher with a shift of 3.

Fig. 4: Example of Vigenere Cipher Table.

There were several ways to encode and decode important
and private information, the few historical methods of cryptography presented illustrate the different kinds of ciphers
implemented to give some lessons of the cryptographic
design:
1) Have a key space that promote a secure encryption
scheme which cannot be searched exhaustively in a
reasonable amount of time.
2) Design secure ciphers is hard, and complexity of a
method does not mean high security.
B. Modern Cryptography

The Caesar Shift Cipher was easy to break by two ways:

1) first, just have to go down the alphabet, juxtapositioning
the start of the alphabet to each succeeding letter with each
iteration, the message is decrypted to see if it makes sense
and 2) by frequency analysis which utilizes the idea that
certain letters, in English the letter "e" for example, are
repeated more often than others so a person just look for
the repeated use, or frequency of use, of a particular letter
and try to substitute known frequently used letters.
Until the Middle Age the cryptography did not show major
advancements. At this time of History, Leon Battista Alberti
notably developed the "polyalphabetic substitution", which
used two copper disks (each with the alphabet inscribed on)
that fit together. After every few words the encryption was
changed by rotating the disks limiting the use of frequency
analysis. This invention passed through many modifications
until, in 1586, Blaise de Vigenre improved it.
The Vigenre Cipher use a key word which controls the
letter substitution. The figure 4 shows the table created by
Vigenre in order to encrypt messages. For example if the
message is "GOLDMEDALIST", with the key "OLYMPICOLYMP"; the letters in the original message refer to the
characters listed across the top of the table and the letters in
the key refer to the characters on the left side of the table,
so the encrypted message is "UZJPBMFOWGEI".

The advancement of the communication technology

through time permits that the cryptography had a crucial
role especially World War II, which use the Navajos (a
Native American people of the Southwestern United States)
language as a basis for encrypting message; this code was
never broken.
During this time, the cryptanalytic (cryptanalysis is the
science and study of methods of breaking ciphers) efforts
developed the first fully electronic, digital and programmable
machine called "Colossus", which assisted with the decryption of ciphers used by the German Armys Lorenz
SZ40/42 machine. Here, there was introduce a new era for
the cryptography using computers and codes in order to
protect information.
Later on, the art of cryptography transforms itself into a
firmer and scientific foundations, some differences between
classic and modern cryptography is describe below through
three main principles:
1) Formulation of Exact Definitions of Security: a scheme
is secure if no adversary can not achieved a specific
break:
2) Reliance on Precise Assumptions: this is the assumption gave by many tests and examinations without
being successfully refuted to known that a scheme hard
to break.

3) Rigorous Proofs of Security: to prevent potential damage to the system.

The modern cryptography also has many methods developed in different ways but here, there was described
above the citation of two schemes used at WWII and some
principles that differentiate the classic from the modern
cryptography. After this point, with the advancements of
the computers and the internet, modern ciphers have been
developed as a new era for the encryption and decryption
called "the Computer Era".
III. COMPUTER ERA
In modern times the cryptography protects data transmitted over high-speed electronic lines or stored in computer
systems[1]. This information is vulnerable due to two kinds
of attacks:
1) Passive wiretapping (eavesdropping): interception of
messages, usually without detection.
2) Active wiretapping (tampering): modifications made to
the message or replacing its data.

Other huge problems (treats) cannot be restored or protected, for example, the accidental destruction or overwriting of data is an issue that cryptography. Also, another
problem is the masquerading, it occurs when an intruder
gain accesses to data files or other information to a system
by using another users credentials o account.
In order to protect data in the computer and through
communications systems, the data security is the science
and study of this methods. There are two basic techniques
for encrypting information: symmetric encryption and asymmetric encryption.
A. Symmetric Encryption (Secret Key Encryption)
It is an old and best-known technique (described by the
examples of the classical techniques of cryptography) that
used a secret key (a number, a word, string of characters,
etc.) which was applied to the content of the information that
wanted to be protected. It consists on changing or shifting
a letter or a group of letters by a number of places in the
alphabet. As said before, both sender and receiver knew the
secret key and they used to encrypt and decrypt the message.
The figure 6 shows the method.

Fig. 6: Example Symmetric Encryption.

This method had some limitations, it requires shared
secret keys between the two sides of the communication.
To distribute this kind of key, it could be done by a secure
channel using a trusted service or by organizing a meeting
between sender and receiver, but in neither of both ways the
method was not secure. Also, this private key can be difficult
to deploy and maintain because requires the management and
secure storage of a significant number of keys.
B. Asymmetric Encryption (Public Key)
Fig. 5: Example of the threats to data store in computer
systems. [1]

Some of the threats which a computer can be affect are

shown at figure 5; browsing is possible if the user has
access to the system and to unauthorized regions of memory,
leakage is produced when the data transmission is sent to
unauthorized users by processes with legitimate access to the
data and interference is the deduction of confidential data
about a particular by correlating released statistics about
groups of individuals[1].

In systems like internet the limitations of the private key

provides many problems to secure data, so there was an idea
of move the cryptography from the private domain into the
public one. The concept of two related key systems was
introduced by Diffie ad Hellman in 1976.
It was, in terms of cryptography, the greatest and the only
true revolution. By changing the systems of permutation and
substitution, the asymmetric encryption (based on mathematical functions) provides to sender and receiver both a
public and a private key, and the two users can communicate
knowing only each other public key. This method have a
great impact in areas like confidentiality, key distribution,
authentication, etc.

(SHA). An adversary, who does not know the private key

of the signatory, cannot generate the correct signature of
the signatory. By using the public key, anyone can verify
a correctly signed message.
B. RSA Algorithm

Fig. 7: Example Asymmetric Encryption.

Asymmetric algorithms use one key for encryption and a
different key for decryption; to send a message from A to
B, first, A encrypts the message using Bs public key and
when B received it the decryption is made by using its own
private key. This way of use prevents that no other recipient
can decrypt the information contained.
Williams Stallings affirm that with this approach, all
participants have access to public keys, and private keys
are generated locally by each participant and therefore need
never be distributed. As long as a users private key remains
protected and secret, incoming communication is secure. At
any time, a system can change its private key and publish
the companion public key to replace its old public key [1].
Some applications for Public-Key Cryptosystems are described and classified in three categories:
Encryption/Decryption: Encryption is made by the
recipients public key and the decryption is made by
the recipients private key.
Digital Signature: Is a signature made by the sender
using its own private key. The sign is achieved by a
cryptographic algorithm applied to the information. In
establishes sender authenticity.
Key Exchange: Promotes the cooperation of two sides
to exchange a session key.
It is also important to know that asymmetric encryption
is vulnerable to a brute-force attack, so by using large
keys make the attack impractical because is too slow for
general-purpose use. Another kind of attack is to find a way
to compute the private key given the public key, but it has
not been mathematically proven that this form of attack is
infeasible.
IV. CRYPTOGRAPHIC HASH FUNCTIONS
V. PUBLIC-KEY CRYPTOGRAPHY STANDARD
VI. DATA SIGNATURE
A. DSA
The Digital Signature Algorithm is one of the most popular
digital signature schemes. This method can be used by the
recipient to verify that the message has not been altered
during the route used and also verifies the identity of the
originator.
It used a public (used in the signature verification process)
and private key (used in the signature generation process).
For both signature generation and verification, the data
(message) is reduced by means of the Secure Hash Algorithm

Although Diffie and Hellman proposed the new idea,

the implementation of an algorithm that accomplish the
requirements for the public-key systems was not developed
until Ron Rivest, Adi Shamir, and Len Adleman in 1977
(a year later from the public-key proposal) create the RSA
algorithm.
It is a slow algorithm, so it is used commonly by encrypting shared keys with a higher speed rather that directly
encrypt user data.
This algorithm is based on the practical difficulty of factoring the product of two large prime numbers, the factoring
problem. In other words, it makes a use of an expression
with exponentials. The plaintext (the message) is encrypted
in blocks (are integers between 0 and n - 1 for some n. A
typical size for n is 1024 bits, or 309 decimal digits. That is,
n is less than 21024 ) with a size less than or equal to log2 (n)
+ 1 where n is some number.
C = M e modn

(1)

M = C d modn = (M e )d modn = M de modn

(2)

The equations 1 and 2 shows the encryption and decryption made for some plaintext block M and ciphertext
(encoded message) block C. The letters e and d are a value
known by the sender and a value known only by the receiver,
respectively. A public key es denoted by PU = {e, n} and a
private key of PR = {d, n} Both sender and receiver must
know the n value.

Fig. 8: Example of RSA algorithm.[1]

At figure 8 there is shown a key generation; the n value
is equals to 187, both sender and receiver knows about this
value; the value e es 7 which is only knew by the sender and
it creates the public key PU = {7, 187}. The receiver only
knows the value of d creating its private key PR = {23, 187}.
With a value of the plaintext equals to 88 by the encryption
process the result (ciphertext) has a value of 11 and then the
decryption process reestablish the original code.
It is important to describe the requirements that should be
used to encrypt the public-key:
1) It is possible to find values of e, d, n such that M ed
mod n = M for all M < n.

2) It is relatively easy to calculate M e mod n and C d mod

n for all values of M < n.
3) It is infeasible to determine d given e and n.
Some possible approaches to attack the RSA algorithm
are:
Brute force: try all possible private keys. Can be solve
by providing a large key space.
Mathematical attacks: by factoring the product of two
prime numbers. Solve by a large number of n, but it is
not as hard as it used to be.
Timing attacks: depends of the running time of the
decryption.
Chosen ciphertext attacks: this exploits the properties
of RSA algorithm.
VII. TOOLS
A. Openssl
B. Opensc
VIII. CONCLUSIONS
A conclusion section is not required. Although a conclusion may review the main points of the paper, do not replicate
the abstract as the conclusion. A conclusion might elaborate
on the importance of the work or suggest applications and
extensions.
R EFERENCES
[1] W. Stallings, Cryptography and Network Security: Principles and
Practice, 5th ed. Prentice Hall, 2011.
[2] J. Katz and Y. Lindell, Introduction to Modern Cryptography. Florida:
Chapman & Hall/CRC, 2008.
[3] D. Robling, Cryptography and Data Security, 3rd ed. California:
Addison-Wesley Publishing Company, Inc., 1982.
[4] T. Damico, "A Brief History of Cryptography", Inquiries Journal, vol.
1, no. 11, 2009.
[5] "History
of
Cryptography",
2013.
[Online].
Available:
http://book.itep.ru/depository/crypto/Cryptography_history.pdf.
[Accessed: 21- Oct- 2016].