L2 91898 Topic

Encryption

Encryption is a method of converting information into a code to prevent unauthorized access. It keeps digital communication and data private and secure.

How it works:

Uses mathematical algorithms and keys to scramble (encrypt) and unscramble (decrypt) messages.
Two main types:
- 1. Symmetric encryption (same key for encryption and decryption)
  2. Asymmetric encryption (public and private keys)
Common algorithms: AES, RSA

Some of the many Applications:

Garage door openers
Health Care Systems
Online banking and shopping (HTTPS)
Messaging apps (WhatsApp, Signal)
Secure login systems
Protecting stored data on devices and in the cloud

Impacts:

Essential for digital security and protecting personal and financial information.
Enables trust in online systems and services.
Helps journalists, activists, and citizens stay safe in oppressive regimes.

Problems or Issues:

Can be used by criminals to hide illegal activity (e.g., ransomware).
Governments may want access for security (backdoors), but this can weaken privacy for everyone.
Quantum computing could break current encryption methods in the future.

RESOURCES FOR L2 ENCRYPTION

Teacher Help

Dr Tim Bell ran a webinar at the start of 2025 to help teachers understand Encryption. The recording of this can be found on Youtube L2 External - Encryption Webinar

This online webinar looks at what the general topic is about, and some specific learning activities that you can use with your students to engage them with the key concepts in the topic.

Task 1 - Understand Encryption

Check out the Computer Science Field Guide: https://www.csfieldguide.org.nz/en/chapters/coding-encryption/

Watch the video and read through the chapters thoroughly.

The encryption exam questions may cover any of the following:

AES (Advanced Encryption Standard)
privacy
remote garage door openers
SHA-256 (Secure Hash Algorithm)
the key exchange problem
uses in healthcare.

Task 2 - Class discussion

Run through the main points, summerising the content on the CS Field Guide

Refer to Dr Tim Bell's Webinar (above under Teacher Help) for some learning activites.

Sending Messages

Foundational understanding to the problem of sending secure information

Man in the Middle Attacks - Explained simply.

The Problem

You want to send a secret message to a neighbour via an untrusted messenger.
Locking the message box helps, but how can your neighbour unlock it without giving the key to the messenger?

The Three-Pass Protocol

Pass 1:
You lock the message in a box and send it (still locked) to your neighbour via the messenger.
Pass 2:
Your neighbour adds their own lock (now double-locked) and sends it back.
Pass 3:
You remove your lock and send the singly locked box (with your neighbour’s lock only) back.

Vulnerability: Man-in-the-Middle Attack

The messenger could fake the protocol:
- Adds their own lock instead of delivering to your neighbour.
- Tricks you into removing your lock.
- Ends up with a box only locked with their lock, which they can now open.

Lesson:
Even clever protocols can be broken if identity or authenticity isn’t verified.

Task 3 - Knowledge Bases Public and Private keys

To understand encryption and secure transfer of information we must fist understand how Public and Private keys work.

How to share Keys

When two computers want to communicate securely, they need a shared secret key. But sending that key directly over a public network risks interception.

Diffie-Hellman solves this by allowing both parties to agree on a shared secret without ever transmitting it directly.

How it works:

Both sides agree on a public base and modulus.
Each chooses a private secret number.
They compute a value using:
modular exponentiation → (base^secret) mod modulus
and exchange those values.
Each party raises the received value to the power of their own secret → resulting in the same shared key.

Even if someone intercepts the public values, they can’t reverse the process easily due to the discrete logarithm problem.

Why it’s secure:

Uses math that’s easy to compute but hard to reverse.
Keeps private keys secret.
Widely used for securing internet traffic (e.g. HTTPS).

Important:

Modulus should be a large prime.
Base should be a primitive root to ensure key diversity.
Without these, brute-force attacks become easier.

Diffie-Hellman Key Exchange – Condensed Summary of Video

0:00 – Introduction to Secure Communication

Shared secret key enables encrypted communication.
Known as symmetric key cryptography.

0:36 – The Key Exchange Problem

Sending a secret key publicly is insecure.
Solution needed: agree on a key without revealing it.

0:53 – Enter Diffie-Hellman Protocol

Allows two parties to establish a shared secret key over a public channel.
Based on mathematics, not secrecy of transfer.

1:08 – Basic Idea Behind Shared Secrets

Each person chooses a secret number.
Goal: combine secrets into a shared value without exposing individual secrets.

2:03 – A Flawed Addition-Based Example

Demonstrates why simple operations like addition are insecure.
Easy to reverse with subtraction.

3:52 – Modular Exponentiation to the Rescue

Core operation of Diffie-Hellman:
base^secret mod modulus
Easy to compute, hard to reverse (known as the discrete logarithm problem).

5:55 – How Diffie-Hellman Works (Step-by-Step)

Agree on public base and modulus.
Each party chooses a private secret.
Calculate and exchange modular exponents.
Each raises the received value to their private secret → shared key.

7:17 – Security Requirements

Use a large prime modulus.
Choose a good base (e.g. a primitive root).
Avoid weak bases (like 1 or non-diverse remainders).

8:44 – Real-World Use

Diffie-Hellman secures internet communication (e.g. HTTPS).
Prevents attackers from decrypting messages even on public networks.

Task 4 - Knowledge Bases AES Encryption

To understand encryption and secure transfer of information we must fist understand how Public and Private keys work.

Core Idea of Encryption
Encryption transforms plaintext into ciphertext using a secret key. A simple method like bitwise XOR (exclusive or) offers perfect secrecy only if the key is never reused — a limitation known as the one-time pad.

What Makes a Good Cipher
According to Claude Shannon, strong ciphers should exhibit:

1. Confusion: Complex relationships between the key and ciphertext.
2. Diffusion: A small change in plaintext should cause widespread change in the ciphertext.

Security Through Design

The combination of substitution, shifting, mixing, and key addition in AES introduces both confusion and diffusion. Each transformation increases resistance to attacks, making it computationally infeasible to break with current technology — especially with longer key lengths (AES-128, AES-192, AES-256).

Specific examples of AES usage include

Secure Communication:
AES is used to encrypt data transmitted over the internet, including emails, chat applications, and instant messaging, ensuring privacy and preventing eavesdropping.
File and Disk Encryption:
Many operating systems and file storage solutions use AES to encrypt files and hard drives, protecting sensitive data from unauthorized access.
Wireless Security:
AES is a core component of WPA2 and WPA3 protocols, which secure Wi-Fi networks and protect data transmitted over wireless connections.
Virtual Private Networks (VPNs):
VPNs use AES to encrypt network traffic, securing online activities and communications.
Financial Transactions:
Banks and financial institutions use AES to protect sensitive information like credit card details and transaction data during online transactions.

How AES Encryption Works

Background

In 1997, NIST called for a new encryption standard.
After years of analysis, Rijndael was chosen and became AES.
Now widely used to encrypt data on drives, in HTTPS, and on devices.

Basic Encryption Concept

Plaintext + Secret Key → Ciphertext
Uses bitwise XOR (exclusive OR) for one-time pad encryption (secure only if key is used once).
Repeating keys weakens security due to detectable patterns.

AES Design Principles

Based on block cipher (fixed-size blocks, typically 128 bits).
Built around two key concepts from Claude Shannon:
- Confusion – makes key influence complex.
- Diffusion – spreads plaintext bits across ciphertext.

AES Core Components

1. Key Expansion

Original key is expanded into round keys via byte transformations and constants.
Ensures bits in round keys depend on many parts of original key.

2. SubBytes (Substitution)

- - Each byte is replaced using a non-linear substitution table (S-box).
  - Adds confusion.

3. ShiftRows

Rows in the 4×4 byte grid (the "state") are cyclically shifted.
Spreads byte values across columns → diffusion.

4. MixColumns

Each column’s bytes are mathematically mixed (finite field arithmetic).
Spreads influence of each byte → more diffusion.

5. AddRoundKey

Each round’s key is XORed with the state.
Binds the encryption to the key.

AES Rounds

Initial AddRoundKey.
Then multiple rounds of:
SubBytes → ShiftRows → MixColumns → AddRoundKey
Final round omits MixColumns.
Number of rounds:
- 10 for 128-bit keys (AES-128)
- 12 for 192-bit keys
- 14 for 256-bit keys

Security Notes

Each step contributes to security:
- SubBytes hides structure.
- ShiftRows + MixColumns obscure patterns.
- Multiple rounds increase complexity.
Key size determines resistance to brute-force attacks.

Task 5 - SHA256 Encryption

https://www.simplilearn.com/tutorials/cyber-security-tutorial/sha-256-algorithm

This website covers:

What is Hashing?

What is the SHA-256 Algorithm?

What are the Characteristics of the SHA-256 Algorithm?

Steps in SHA-256 Algorithm

Applications of SHA algorithm

SHA256 Encryption Widget

Crackstation application

crackstation.net/

Task 6 Garage Door Openers

How Does Rolling Code Work? | Baeldung on Computer ScienceExplore the concept of rolling code.

Garage door opener - Wikipedia

Homeowner Alert! How to Prevent Your Garage Opener from Being HackedKeep your home and family safe by protecting your garage door opener from being hacked. Learn the ways hackers gain access and how you you can stay safe.

Task 7 Encryption in Healthcare

Artificial Intelligence (AI) is transforming healthcare through applications like drug development, personalized medicine, and improved diagnostics. It also plays a crucial role in managing health data, supporting clinical decision-making, and enhancing patient services according to Arm. AI-powered tools are also being used for remote patient monitoring, symptom checker chatbots, and even robot-assisted surgery.

Here's a more detailed look at the applications:

1. Diagnostics and Treatment:

Improved Accuracy:
AI algorithms can analyze medical images (like X-rays and MRIs) with greater speed and accuracy, aiding in early disease detection. For example, AI is used in breast cancer screening and detecting skin cancer.
Personalized Treatment Plans:
By analyzing patient data and medical history, AI can help create tailored treatment plans that are more effective and efficient. https://www.arm.com/glossary/ai-in-healthcare#:~:text=Using%20patient%20data%20and%20other,preventive%20care%20recommendations%20for%20patients.
Drug Discovery:
AI can accelerate the drug development process by identifying potential drug candidates and predicting their efficacy.

2. Patient Care and Management:

Remote Patient Monitoring:
AI-powered devices can track vital signs and other health metrics remotely, enabling timely interventions and preventing hospital readmissions.
Chatbots:
Symptom checker chatbots can provide preliminary health information and guidance to patients, potentially reducing the burden on healthcare professionals
Clinical Decision Support:
AI-powered systems can assist healthcare providers in making informed decisions about patient care by analyzing data and providing recommendations.

3. Healthcare Efficiency and Administration:

Resource Optimization:
AI can help optimize the allocation of healthcare resources by predicting patient admissions and streamlining workflows.
Administrative Tasks:
AI can automate tasks like appointment scheduling, billing, and medical record management, freeing up healthcare professionals for patient care.
Data Management:
AI is crucial for managing and analyzing large volumes of healthcare data, improving data security and facilitating research.
Fraud Detection:
AI can be used to identify fraudulent activities in healthcare, helping to reduce costs and maintain the integrity of the system

4. Specific Examples:

Natural Language Processing (NLP):
NLP is used to analyze unstructured medical text, such as patient notes, to extract relevant information for diagnosis and treatment.
Robotics:
Robots are used in surgery and other procedures to enhance precision and minimize invasiveness.
Precision Population Health Management:
AI can be used to identify high-risk patient groups and tailor interventions to improve their health outcomes according to John Snow Labs.

AI in Healthcare: Use Cases, Real-Life Examples, Benefits, and TrendsExplore the use cases of AI in healthcare and related industries, along with benefits, real-life examples, and the latest trends.

Artificial Intelligence in Healthcare: 7 Life-saving Use CasesDiscover how AI is revolutionizing healthcare with these life-saving use cases. Explore the future of artificial intelligence in healthcare.

Artificial Intelligence in healthcareIn the healthcare sector, artificial intelligence refers to computer systems that can perform tasks that typically require human intelligence, learning, problem-solving, and decision-making.

10 Ways Generative AI is Revolutionizing HealthcareIn recent years, the healthcare industry has witnessed a significant transformation due to the emergence of innovative technologies. One such groundbreaking technology that has revolutionized healthcare is Generative Artificial Intelligence (AI). Generative AI applications have introduced a new

DERIVED GRADE EXAM

Teacher Note

DTTA will provide one at the start of Term 3. This will be advertised on the DTTA Mobilse forum.

This the DTTA Derived Grade Exam Resources for 91898 provided in 2024

Task 4 - Sit a Derived Grade Exam

Your teacher will provide this. Do your best and remember to give specific examples!

Good luck for the exam!

Page updated

Google Sites

Report abuse