Perspective Chapter: Cryptography – Recent Advances and Research Perspectives

2.1 Substitution cipher

One of the earliest known methods is the simple substitution cipher, which involves replacing each letter of the alphabet with another letter according to a predetermined pattern. There are two types of substitution cipher:

1. Monoalphabetic substitution: a basic cryptography method where each character of the plaintext is replaced with a corresponding character of cipher text. The same substitute symbol or letter is used every time a particular plaintext letter appears. For example, if “A” is substituted with “D,” every “A” in the plaintext will be replaced with “D” in the cipher text as shown in Figure 1. This makes it vulnerable to frequency analysis attacks as the frequency of each letter in the cipher text will correspond to the frequency of the original letters in the plaintext. Therefore, it is considered a weak encryption method and is no longer used for serious cryptographic applications. However, it can still be used as a simple way to obscure text such as in puzzles or games.

   One of the earliest examples of a monoalphabetic substitution cipher is the Caesar cipher, which was used by Julius Caesar to communicate secretly with his generals. In this cipher, each letter in the plaintext is shifted a certain number of places down the alphabet. For example, if the shift value is three, then the letter A is replaced by D, B is replaced by E, and so on shown in Figure 2. The recipient of the message would need to know the shift value to decrypt the message.

   Another example of a monoalphabetic substitution cipher is the simple substitution cipher in which each plaintext letter is replaced by a corresponding symbol or letter from a fixed substitution pattern. Unlike the Caesar cipher, the substitution pattern for the simple substitution cipher is not based on a fixed shift value. Instead, the substitution pattern is usually chosen randomly or based on a key provided to the recipient.

   Despite being simple to implement, monoalphabetic substitution ciphers are not secure by today’s standards as it makes it easier for an attacker to crack the code.

2. Polyalphabetic substitution: It is made up of multiple monoalphabetic substitutions. In this method, a series of monoalphabetic substitutions are performed on the plaintext, using different substitution alphabets for each letter of the plaintext. This helps to make the ciphertext more difficult to crack as the same plaintext letter can be encrypted in different ways depending on its position in the message.

   Vigenère cipher is the most known polyalphabetic substitution, which was invented in the sixteenth century and used by the French military for several centuries [14]. The Vigenère cipher uses a series of different alphabets, each generated by shifting the previous alphabet by one letter. The cipher is implemented using the Vigenère square (or table), which is made up of twenty-six distinct cipher alphabets as shown in Figure 3. In the header row, the alphabet is written in its normal order. In each subsequent row, the alphabet is shifted one letter to the right until a 26 × 26 block of letters is formed.

Vigenère cipher can be done using the simplest way, which is similar to Caeser cipher or sophisticated way, where keyword is used for the encryption to specify the letter, the keyword is repeated over the length of the plaintext, and each letter of the keyword is used to shift the corresponding letter of the plaintext by a certain number of positions in the alphabet. For example, if you encrypt “security” using the simple way, it will be “TGFYWOAG.” But when using the sophisticated way with “IBRI” as a keyword, the cipher text will be “AFTCZJKG.” To make the cipher more secure, Vigenère suggested using a different keyword for each message rather than reusing the same keyword over and over again. He also suggested using longer keywords to make the cipher even harder to crack. However, if the length of the keyword is known, it can be easily broken using frequency analysis [15]. Figure 4 shows an example of onetime pad encryption/decryption.

The onetime pad cipher is not a type of Vigenère cipher. It is a completely different encryption method that is based on using a long, randomly generated key that is at least as long as the plaintext. The key is made up of a series of random symbols, and each symbol is used only once to encrypt one character of the plaintext. Because the key is truly random and used only once, the onetime pad cipher is considered unbreakable, provided that the key is kept secret and destroyed after use by both the sender and the receiver.

The key must be as long as the plaintext for the onetime pad to be unbreakable. Because onetime pad is based on perfect secrecy, which means that the ciphertext provides no information about the plaintext, even if the attacker has unlimited computational power.

Generating truly random keys that are as long as the plaintext is a challenging task, and transmitting them securely to the recipient is also a difficult problem. This is why the onetime pad is mostly used in special cases such as diplomatic and intelligence traffic. Also, onetime pad only guarantees confidentiality and not integrity. This means that an attacker who intercepts the ciphertext can not recover the plaintext, but they can easily modify the ciphertext to change the meaning of the message. Onetime pad requires a unique key for every message, and the keys should be securely destroyed after use to prevent reuse.

The Playfair cipher is a polygraphic substitution cipher invented in 1854 by Sir Charles Wheatstone [16]. It was the first cipher that allowed for the encryption of pairs of letters instead of single letters. The Playfair cipher uses a 5 × 5 grid of letters, with each letter of the alphabet appearing once. The letters in the grid are usually chosen using a keyword. The keyword is then written into the grid, and the remaining spaces are filled with the letters of the alphabet in order.

To encrypt plaintext using the Playfair cipher, the plaintext is divided into pairs of letters. If there is an odd number of letters, a dummy letter such as “X” is added at the end. Each pair of letters is then encrypted using the following steps and demonstrated in Figure 5:

1. Step 1: Construct the MATRIX

   • Simple way (without keyword)

     • 5 × 5 table

     • Skip letter J

   • Sophisticated way (keyword)

     • Keyword has no repeating letter

     • 5 × 5 table

     • fill in the remaining letters in alphabetic order (skip letter J)

2. Step 2: Preparing your message

   • Message must be split into pairs

   • Repeating plaintext letters that are in the same pair are separated with X

   • If there is an odd letter at the end of the message insert the letter X

3. Step 3: Encoding Rules:

   • Rule 1: If they fall in the same column

     • Move each letter down one position

     • Upon reaching end of table, wrap around

   • Rule 2: If they fall in the same row

     • Move each letter right one position

     • Upon reaching end of table, wrap around

   • Rule 3: If it forms a rectangle

     • Swap the letters with the ones on the end of the rectangle

An electromechanical machine developed in 2017 [17] that used a rotating disc with an embedded key to encode a substitution table that changed with every new character typed. This device was the first example of a rotor machine. The following year, a German engineer, invented the Enigma machine [18], which used multiple rotors instead of one. Initially designed for commercial use, the German military soon recognized the potential of the Enigma machine and began using it to send coded transmissions.

2.2 Transposition cipher

Transposition cipher is an earlier method, where the letters of the message are rearranged according to a certain pattern, but the letters themselves are not changed as shown in Figure 6. Unlike substitution ciphers, which replace plaintext characters with different symbols or letters, transposition ciphers do not change the characters themselves. Instead, they simply reorder the characters to create a new message. The security of a transposition cipher is based on the difficulty of reconstructing the original message from the reordered characters without knowledge of the used transposition algorithm.

The Rail Fence cipher is a type of transposition cipher that was first used during the American Civil War. The technique involves writing the plaintext diagonally on a grid, then reading the letters in a zigzag pattern along the rows of the grid to produce the ciphertext. The number of rows in the grid can be adjusted to increase the complexity of the cipher.

For example, suppose we want to encrypt the message “HELLO WORLD” using a Rail Fence cipher with three rows. Write the letters on a grid as shown in Figure 7.

To decrypt the message, we would write the ciphertext diagonally on a grid, then read the letters in the same zigzag pattern along the rows of the grid to recover the plaintext.

While these ancient methods of cryptography may seem primitive by today’s standards, they laid the foundation for the development of more complex encryption techniques in the future. The principles of substitution and transposition ciphers are still used in modern cryptography, and the need for secure communication continues to drive the evolution of cryptographic algorithms.

3.1 Data encryption standard (DES)

One of the most widely used symmetric key encryption algorithms is the data encryption standard (DES), which was developed by IBM in the 1970s and adopted in 1977 by the National Bureau of Standards, now the National Institute of Standards and Technology (NIST), as Federal Information Processing Standard. U.S. Data are encrypted in DES using a block cipher method to encrypt data in 64-bit blocks, with a 56-bit key. The algorithm transforms 64-bit input (plaintext) in a series of steps into a 64-bit output (ciphertext). The same steps, with the same key, are used to reverse the encryption. The encryption process in DES involves three phases:

1. Initial permutation (IP): The 64-bit input plaintext is shuffled (rearranged) according to a fixed permutation table to produce the permuted input. The initial permutation and its inverse are defined by tables that indicate the position of each bit in the input to the output as shown in Figure 8. The permutation tables are used in the encryption and decryption processes to rearrange the bits of the input according to the specified permutation.

2. 16 rounds of a complex key-dependent round function: Each round involves a substitution and a permutation. The 56-bit key is used to generate 16 round subkeys, each consisting of 48 bits, which are used in the round function. The output of the 16th round consists of 64 bits that are a function of the input plaintext and the key. The left and right halves of the output are swapped to produce the pre-output. Figure 9 shows the internal structure of a single round, focusing on the left-hand side of the diagram. The main steps are:

   1. Separation: The left and right halves of each 64-bit intermediate value are treated as separate 32-bit quantities, labeled L (left) and R (right).

   2. Expansion: The input key for each round is 48 bits and the right side (R) is 32 bits. In order to XOR Ki with Ri, we need to expand the length of Ri to 48 bits. The expansion table in Figure 10 is used for this purpose.

   3. Key mixing: The 48-bit result from the expansion step is XORed with a 48-bit subkey derived from the main 56-bit key. The subkey is generated using a combination of permutation and substitution operations on the main key. As shown in Figure 9, the subkey generation in DES involves the following steps:

      • The 64-bit key is permuted using a fixed permutation called the permutation choice 1 (PC-1) as shown in Figure 11. The output of this step is a 56-bit key, where eight of the bits are parity bits and are not used in the encryption process.

      • The 56-bit key is then split into two 28-bit halves, C0 and D0.

      • Each of the halves is subjected to a series of circular shifts or rotations. In particular, for rounds 1, 2, 9, and 16, the shifts are one bit, while for all other rounds, the shifts are two bits.

      • After each shift, the two halves are combined to form a 56-bit value, which is then permuted using a fixed permutation called the permutation choice 2 (PC-2) as shown in Figure 9. The output of this step is a 48-bit subkey.

      • This process is repeated for each round of the encryption process, resulting in a total of 16 subkeys.

      • The subkeys are used in the encryption process as inputs to the round function, which combines them with the plaintext to produce the ciphertext.

   4. Substitution: This 48-bit result passes through a substitution function that produces a 32-bit output. The S-boxes, also known as substitution boxes, are the only nonlinear elements in the DES design. The S-boxes are used to introduce confusion in the ciphertext by replacing each block of 6 bits of the input with a different 4-bit output. There are 8S-boxes in DES as shown in Figure 12, each taking a 6-bit input and producing a 4-bit output. Each row of an S-box defines a substitution for a specific 4-bit input value, while the column of the S-box defines the output value for that input value based on the remaining 2 bits of the input. This allows for a total of 16 x 4 = 64 possible substitutions in each S-box.

   5. Permutation: The 32-bit outputs from the S-boxes are then concatenated and subjected to a fixed permutation using the P-box permutation.

3. Final permutation (IP-1): The pre-output is shuffled according to another fixed permutation table, which is the inverse of the initial permutation, to produce the 64-bit cipher text. The figure shows the internal structure of a single round.

The main steps summarized in Figure 13. The DES key generates 48 bits long 16 round keys from the initial 56 bit key. These keys are used in each round of the encryption process to modify the plaintext. The key involves applying a series of operations, including a permutation, a compression function, and left shifts, to the 56-bit key. The resulting subkeys are used one at a time in each round of the encryption process.

However, due to its small key size, DES is now considered insecure [19] and has been replaced by the advanced encryption s (AES).

To be more precise, 3DES (also known as Triple DES or TDEA) is a symmetric key cipher that uses the DES algorithm three times in succession to increase its security [1, 20]. The standard 3DES encryption process can be described as follows:

1. The plaintext is encrypted using the first 56-bit key (K1) with the DES algorithm to produce a ciphertext.

2. The ciphertext from step 1 is decrypted using the second 56-bit key (K2) with the DES algorithm to produce an intermediate value.

3. The intermediate value from step 2 is encrypted again using the third 56-bit key (K3) with the DES algorithm to produce the final ciphertext.

Thus, 3DES involves encrypting the plaintext with K1, decrypting the result with K2, and encrypting again with K3. The three keys K1, K2, and K3 are usually independent keys generated randomly, although some variants of 3DES use a “keying option” that allows for fewer keys to be used while still maintaining a higher level of security.

While 3DES is slower than DES due to its triple encryption process, it is still considered a relatively fast algorithm and can be implemented in hardware, as well as software. Also, due to its small key size, DES is now considered insecure [19] and has been replaced by the advanced encryption standard (AES).

3.2 Advanced encryption standard (AES)

The AES (Advanced Encryption Standard) is a symmetric block cipher that operates on fixed-size 128-bit blocks and supports key sizes of 128, 192, and 256 bits. It was standardized by NIST (National Institute of Standards and Technology) in 2001 as a replacement for the aging DES (Data Encryption Standard) cipher.

The AES was selected from a pool of 15 candidate algorithms that were submitted in response to a call for proposals issued by NIST in 1997 [21]. The selection process involved several rounds of analysis and testing, culminating in the selection of Rijndael [22], a cipher developed by Belgian cryptographers Joan Daemen and Vincent Rijmen, as the winner.

The AES encryption and decryption algorithms use a series of rounds, where all operations are performed on 8-bit bytes (one Word) (Figure 14). Each round of processing works on the input state array and produces an output state array. The output state array produced by the last round is rearranged into a 128-bit output block. The state array is a 4 × 4 matrix of bytes that represents the input block. Each round, the state array is modified by a series of operations that include byte substitution, permutation, and arithmetic operations over a finite field as shown in the figure below. After the final round, the state array contains the encrypted or decrypted data, which are then copied to an output matrix to produce the final ciphertext or plaintext block.

Each round can be described in four functions as shown in Figure 14. These four functions are combined in a specific order to form a round, and multiple rounds are performed on the input block to produce the final ciphertext block. The number of rounds depends on the key size and block size, with 10, 12, or 14 rounds used for 128-bit, 192-bit, and 256-bit keys, respectively. The functions are:

1. SubBytes: The substitute bytes stage of AES uses a fixed S-box, which is a 256-byte lookup table, to perform a byte-by-byte substitution of the input block. The S-box is designed so that each input byte is replaced by a unique output byte. The inverse S-box is used in the decryption process, which maps each output byte back to its original input byte. The S-box is a nonlinear component of the AES algorithm, which helps to increase the resistance of the cipher to various attacks. For example, 19 will be mapped to the value crossed between row 1 and column 9, which is equal to D4 in the S-Box as shown in Figure 15.

2. ShiftRows: The shiftRows stage is a permutation step that cyclically shifts the bytes in each row of the state array by a certain number of bytes. This operation is applied to each row independently, with no mixing of the bytes between the rows. The number of bytes shifted is determined by the row number: the first row is not shifted at all, the second row is shifted by one byte to the left, the third row is shifted by two bytes to the left, and the fourth row is shifted by three bytes to the left as shown in Figure 16.

   This operation provides diffusion of the input data, which increases the security of the cipher. The inverse operation, used for decryption, is a cyclic shift to the right instead of the left so that the original byte positions are restored.

3. MixColumns: each column of the state array is treated as a polynomial over the finite field GF(2^8), where each byte is a coefficient of the polynomial. The bytes are then multiplied by a fixed polynomial, and the result is reduced modulo another fixed polynomial. This transformation ensures that each byte in a column is dependent on all four bytes in the same column as demonstrated in Figure 17.

   The multiplication and reduction are done using a pre-computed table of values. The table is constructed in such a way that multiplication is reduced to a simple table lookup and XOR operation.

   During decryption, the inverse operation of MixColumns is performed. This involves multiplying each column by a different fixed polynomial and reducing the result modulo another fixed polynomial.

4. AddRoundkey: Each byte of the current block is XORed with the corresponding byte of the round key. The round key is derived from the main encryption key using a key schedule algorithm, which generates a set of round keys for each round of encryption. This stage serves to add a layer of confusion to the encryption process, making it more difficult to analyze and break the cipher. Figure 18 describe the AddRoundkey process in AES.

The AES key expansion algorithm takes as input a 128-bit (16-byte) key and generates a sequence of round keys, one for each round of the AES encryption process. The key expansion algorithm uses a key schedule to generate these round keys, which involves performing a series of operations on the input key to generate an expanded key.

The key schedule begins by copying the input key into the first four words of the key schedule. Then, the key expansion algorithm applies a series of operations to the last four words of the current key schedule to generate the next four words. This process is repeated until the key schedule contains the necessary number of round keys for the specified key size. For example, for a 128-bit key, the key schedule will generate 11 round keys, one for each of the 10 rounds of AES encryption plus an initial round key. For a 192-bit key, the key schedule will generate 13 round keys, and for a 256-bit key, the key schedule will generate 15 round keys.

In the key expansion algorithm, the first word in each group of four undergoes a series of operations before being XORed with the word from fourth positions back. These operations include a one-byte circular left shift (RotWord), byte substitution using the S-box (SubWord), and XORing with a round constant (Rcon[j]), the values of Rcon[j] shown in Figure 19. In the 256-bit key/14-round version, an additional step is performed on the middle word. The steps are:

1. RotWord performs a one-byte circular left shift on a word.

2. SubWord performs a byte substitution on each byte of its input word, using the S-box.

3. The result of steps 1 and 2 is XORed with a round constant, Rcon[j].

The AES cipher is widely used in various applications, including secure communications, data storage, and authentication. Its security has been extensively analyzed, and it is considered to be highly secure against various types of attacks.

3.3 More symmetric algorithms

• Blowfish [23]: A symmetric key block cipher that uses variable-length keys (up to 448 bits) and a block size of 64 bits. Blowfish is widely used in cryptographic applications and is known for its fast encryption and decryption speed.

• Twofish [24]: A symmetric key block cipher that is a successor to Blowfish. It uses a block size of 128 bits and supports key sizes up to 256 bits. Twofish is considered a strong and secure encryption algorithm but is slower than some other algorithms.

• Rivest Cipher 4 (RC4) [25]: A symmetric key stream cipher that is widely used in wireless networks, secure socket layer (SSL), and other applications. RC4 uses a variable-length key (up to 2048 bits) to generate a stream of pseudo-random bytes, which are XORed with the plaintext to produce the ciphertext. However, RC4 has been found to be vulnerable to attacks and is now considered insecure for many applications.

3.4 Mode of operation

Since block ciphers operate on fixed-size blocks of data, they cannot be directly used to encrypt or decrypt messages that are larger than the block size. A mode of operation is a technique used to apply a block cipher to encrypt or decrypt data that is larger than the block size of the cipher.

Modes of operation are used to overcome this limitation by allowing the encryption or decryption of data that is larger than the block size of the cipher. These modes provide methods to break up the input message into blocks, and then apply the block cipher to each block. This process is typically performed using feedback mechanisms that generate input for each subsequent block, based on the output of the previous block.

There are several modes of operation defined by NIST, each with its own strengths and weaknesses and suitable for different types of applications. For example, some modes are designed to provide confidentiality, while others also provide message integrity and authentication. The five modes of operation defined by NIST are:

1. Electronic codebook (ECB): This is the simplest mode of operation, where each block of plaintext is encrypted independently with the same key as shown in Figure 20. However, it is not suitable for encrypting large amounts of data or data with a predictable structure. It suffers from the lack of diffusion, which means that identical plaintext blocks will result in identical ciphertext blocks. This makes it vulnerable to attacks as patterns in the plaintext can be easily observed in the ciphertext. For example, an image encrypted with ECB mode will have visible patterns and blocks, making it easy for an attacker to identify certain parts of the image even without decrypting it. Therefore, it is not recommended to use ECB mode for encrypting lengthy messages or sensitive data.

2. Cipher block chaining (CBC): The cipher block chaining (CBC) mode of operation addresses the issue of repetitive plaintext blocks in ECB mode. This mode XORs each plaintext block with the previous ciphertext block before encryption as shown in Figure 21. This helps to provide diffusion and makes the encryption process more secure than ECB. Itis worth noting that the sequential nature of CBC encryption can also be an advantage in some cases as it provides a natural form of authentication. If a ciphertext block is corrupted or modified during transmission, the corresponding plaintext block will be affected, and the error will propagate through the rest of the decryption process, making it easier to detect tampering.

   However, one-bit change in a plaintext or IV affects all following ciphertext blocks can also be a weakness. This can make it difficult to implement certain types of secure communications protocols such as those that require random access to encrypted data. Additionally, CBC requires a secure and unpredictable initialization vector (IV) for each message, which can be challenging to generate and transmit securely in some scenarios. Finally, as with any mode of operation that relies on a shared secret key, CBC is vulnerable to attacks that exploit weaknesses in the underlying block cipher or key management protocols.

3. Cipher feedback (CFB): In this mode, the block cipher is used as a feedback mechanism to create a stream cipher. The plaintext is XORed with the output of the block cipher, and the result is encrypted to produce the ciphertext as shown in Figure 22. This mode allows for variable-length plaintext and provides a self-synchronizing stream cipher. The initial value is called the initialization vector (IV), and it is used to seed the process. The size of the shift registers determines the amount of feedback. For example, if s = 8, the encryption process operates on an 8-bit subset of the plaintext block at a time. If s = n, then the entire plaintext block is used at once.

   One advantage of CFB mode is that it allows for error propagation to be contained. If a bit error occurs during transmission, only the block that contains the error is affected. The other blocks remain unchanged. However, one disadvantage of CFB mode is that it is sequential, which means that it cannot be parallelized.

4. Output feedback (OFB): OFB mode operates on full blocks of plaintext and ciphertext such as other block cipher modes of operation. However, instead of encrypting the plaintext, the block cipher is used to encrypt an IV to generate a keystream. The keystream is then XORed with the plaintext to produce the ciphertext. The key stream is generated independently for each block, so the encryption and decryption can be parallelized as shown in Figure 23. The main difference between OFB and CFB is that OFB generates a key stream that is independent of the plaintext, while CFB uses the ciphertext as feedback to generate the key stream.

5. Counter (CTR): This mode encrypts a counter value with a block cipher to produce a keystream, which is then XORed with the plaintext to produce the ciphertext. This mode is similar to OFB, but it allows for parallel encryption and decryption and can be used for random. The counter is incremented for each block of plaintext, and the resulting keystream is used to encrypt that block, see Figure 24. The advantage of the CTR mode is that it allows for parallel encryption and decryption of blocks since the keystream is generated independently of the plaintext or ciphertext. This can lead to significant speed improvements over other modes, particularly for large messages.

   One potential drawback of CTR mode is the need to ensure that the counter values are never repeated as this could compromise the security of the encryption. This can be achieved by using a unique counter value for each block of plaintext, for example by using a nonce (a number used only once) as part of the counter value.

4.1 RSA

RSA is a widely used public-key cryptosystem. It is been named after its inventors Ron Rivest, Adi Shamir, and Leonard Adleman. Its security is based on the difficulty of factoring large integers, which serves as the foundation for its mathematical operation. RSA has been used for over four decades and is still considered a secure and practical public-key cryptosystem. RSA involves the generation of a public and a private key pair. The public key is distributed to others, while the private key is kept secret. The public key can be used to encrypt messages that only the owner of the private key can decrypt.

The security of RSA is based on the fact that factoring large integers is a difficult problem, and the larger the key size, the more difficult it becomes. RSA keys typically range in size from 1024 to 4096 bits. We can say that RSA is widely accepted and implemented in various applications such as secure communication, digital signatures, and key exchange [30]. RSA encryption and decryption are performed as follows:

• Key generation:

  1. Choose two large prime numbers p and q.

  2. Calculate n = p * q and φ(n) = (p−1) * (q−1).

  3. Choose an integer e such that 1 < e < φ(n) and gcd(e, φ(n)) = 1. This value is called the public exponent.

  4. Compute d, the multiplicative inverse of e modulo φ(n). This value is called the private exponent.

• Encryption:

  1. Represent the plaintext M as a positive integer less than n.

  2. Compute the ciphertext C as C = Me mod n.

• Decryption: Compute the plaintext M as M = Cd mod n.

The security of RSA is based on the difficulty of factoring large composite numbers into their prime factors. Breaking RSA encryption requires factoring the modulus n into its two prime factors p and q, which is a computationally intensive task for large values of n. Therefore, the security of RSA increases as the size of the keys and the modulus increase.

4.2 Diffie-Hellman

Diffie-Hellman (DH) is a key exchange algorithm that allows two parties to establish a shared secret key over an insecure channel. It was developed by Whitfield Diffie and Martin Hellman in 1976 and is based on the discrete logarithm problem in modular arithmetic.

In DH, each party generates a public-private key pair. The public keys are exchanged and used to derive a shared secret key. The derivation of the key involves modular exponentiation and is based on the fact that the discrete logarithm problem is believed to be hard. The DH protocol works as follows:

1. Alice and Bob publicly agree on a large prime number p and a primitive root of p, denoted by g.

2. Alice randomly chooses a secret integer a and calculates A = g^a mod p. She sends A to Bob.

3. Bob randomly chooses a secret integer b and calculates B = g^b mod p. He sends B to Alice.

4. Alice computes the shared secret key as K = B^a mod p.

5. Bob computes the shared secret key as K = A^b mod p.

6. Alice and Bob now have a shared secret key that can be used for symmetric encryption.

The security here relies on the fact that computing the discrete logarithm of g mod p is computationally infeasible. This means that an attacker who intercepts A and B cannot calculate a or b, and therefore cannot compute the shared secret key K.

The DH algorithm can be used for secure communication by combining it with a symmetric encryption algorithm. The shared secret key derived using DH is used as the key for the symmetric encryption algorithm, providing confidentiality for communication. Widely used in many cryptographic protocols such as Secure Socket Layer (SSL)/Transport Layer Security (TLS), Secure Shell Protocol (SSH), and Virtual private networks (VPNs) [31, 32]. However, it does not provide authentication [32], and therefore a man-in-the-middle attack is possible if the channel is not authenticated. To address this issue, DH is often used in combination with digital signatures or other authentication mechanisms [33].

7.1 Quantum cryptography

Quantum computers have the potential to break many of the current cryptographic schemes that rely on the difficulty of certain mathematical problems [35]. Quantum cryptography aims to develop new cryptographic schemes that are resistant to attacks by quantum computers [36]. It makes use of the principles of quantum mechanics to provide a high level of security. Also, uses quantum mechanical properties to protect information in transit.

In traditional cryptography, the security of the system relies on the complexity of mathematical algorithms, while in quantum cryptography, the security relies on the laws of physics. Specifically, quantum cryptography uses the principle of quantum entanglement, which involves the correlation of quantum states between two particles.

The most widely known application of quantum cryptography is quantum key distribution (QKD) [37]. QKD is a protocol that enables two parties to establish a shared secret key that is completely secure against eavesdropping, even by an attacker with unlimited computing power. QKD works by transmitting a series of quantum states, or qubits, between two parties, typically named Alice and Bob. The qubits are generated using a laser and a polarizer. Alice sends a random sequence of polarizations to Bob, who measures the polarizations using his own set of polarizers. By comparing the polarizations, Alice and Bob can detect the presence of an eavesdropper.

There are many challenges to overcome before quantum cryptography can be widely adopted. One of the main challenges is the difficulty of building practical quantum cryptography systems, which require precise control of the quantum states involved. Additionally, there is a need for more research in quantum computing, as well as a need for new protocols that can be used to secure communications in different contexts.

7.2 Homomorphic encryption

Homomorphic encryption is another type of encryption that allows computation to be performed on ciphertext [38], which means that data can be encrypted and manipulated without the need to decrypt it first. In other words, it enables computations to be performed on data without revealing the data itself. This is a significant breakthrough in the field of cryptography as it allows for secure computation and data analysis without compromising privacy [39]. Homomorphic encryption has numerous applications in various fields such as finance, healthcare, and cloud computing [40]. For instance, it can be used to perform secure data analysis on sensitive data [41], such as medical records, without the need to reveal the data to unauthorized parties. It can also be used in cloud computing to protect data privacy while still allowing for secure computation in the cloud.

7.3 Block chain cryptography

Blockchain-based cryptography is a critical component of blockchain technology, which is widely used in various fields such as finance, healthcare, and supply chain management [42]. it is a distributed ledger that records transactions in a secure and transparent manner. Cryptography is used in blockchain to ensure the confidentiality, integrity, and authenticity of data stored in the blockchain network.

One of the essential cryptographic techniques used in blockchain is the digital signature. A digital signature is a mathematical scheme that validates the authenticity and integrity of a message or data. Digital signatures are used to verify transactions in the blockchain network, ensuring that the sender is the actual owner of the assets and preventing any tampering of the data [42].

Another critical cryptographic technique used in the blockchain is hash functions. Hash functions are used to create a unique digital fingerprint of data stored in the blockchain network. This unique digital fingerprint, also known as a hash value, ensures that the data is tamper-proof and cannot be altered without being detected.

Blockchain technology also employs public-key cryptography, which is a cryptographic technique that uses a pair of keys, one public and one private. Public keys are used to encrypt data, while private keys are used to decrypt data. This technique ensures the confidentiality and security of data stored in the blockchain network.

Blockchain-based cryptography plays a vital role in ensuring the security and transparency of data stored in the blockchain network. As blockchain technology continues to evolve, we can expect to see new cryptographic techniques and algorithms that will further enhance the security and efficiency of blockchain-based applications.

7.4 Multiparty computation

Multiparty computation (MPC) is a cryptographic technique that enables a group of parties to jointly compute a function on their private inputs, without revealing those inputs to each other or to any third party. This technique allows parties to collaborate and compute a result without sharing their individual data, which can be particularly useful in scenarios where data privacy is critical, such as in financial transactions or medical research [43].

Each party inputs its private data into the system, which then generates a shared output based on the combined inputs of all parties. The protocol ensures that no individual party can learn anything about the private inputs of any other party, and the final output is only known to those parties who have contributed inputs.

MPC has many practical applications, including secure auctions, electronic voting systems, and privacy-preserving data analysis. However, it can be computationally expensive, especially when the number of parties and the complexity of the function being computed increase. Despite these challenges, MPC is a powerful tool for achieving secure collaboration and computation among multiple parties [44].

7.5 Lightweight cryptography

Lightweight cryptography refers to a subset of cryptographic algorithms that are specifically designed to operate efficiently on low-resource devices such as smart cards, RFID tags, and wireless sensor nodes. These devices often have limited processing power, memory, and energy resources, making it challenging to implement traditional cryptographic algorithms on them. Lightweight cryptography aims to address these challenges by developing cryptographic algorithms that have low computational and memory requirements, while still providing a reasonable level of security.

The development of lightweight cryptography has become increasingly important with the proliferation of the Internet of Things (IoT) and other low-power, low-cost devices. These devices are becoming more prevalent in our daily lives, and many of them require secure communication and authentication. Lightweight cryptography can provide a practical and efficient solution for securing these devices, without sacrificing security. Some examples of lightweight cryptography algorithms include SIMON and SPECK block ciphers, which were designed by the National Security Agency (NSA) for use in constrained environments. Another example is the lightweight version of the advanced encryption standard (AES), known as AES-Lite. These algorithms have been adopted by various standardization bodies and are widely used in industry for securing low-resource devices.