Encryption
IB Syllabus: A2.4.4 – Encryption and digital certificates
Table of Contents
- Key Concepts
- Worked Examples
- Quick Check
- Trace Exercise
- Spot the Error
- Fill in the Blanks
- Predict the Output
- Practice Exercises
- Connections
Key Concepts
What is Encryption?
- Encryption: the process of converting readable data (plaintext) into an unreadable format (ciphertext) using an algorithm and a key
- Decryption: the reverse – converting ciphertext back to plaintext using the appropriate key
- Purpose: protect confidentiality of data in transit (over networks) and at rest (in storage)
Plaintext → [Encryption Algorithm + Key] → Ciphertext
"Hello" → [AES + secret key] → "7g$kL9..."
Ciphertext → [Decryption Algorithm + Key] → Plaintext
"7g$kL9..." → [AES + secret key] → "Hello"
Symmetric Encryption
- Same key is used for both encryption and decryption
- Also called “secret key” or “shared key” encryption
- Fast and efficient for large amounts of data
How it works:
Sender Receiver
| |
| Plaintext → Encrypt(Key) → Ciphertext → Decrypt(Key) → Plaintext
| |
Both parties share the SAME secret key
Examples:
- AES (Advanced Encryption Standard) – 128-bit or 256-bit keys; current industry standard; used for file encryption, disk encryption, VPNs
- DES (Data Encryption Standard) – 56-bit key; historical, now insecure (can be brute-forced in hours); replaced by AES
Key distribution problem: the biggest challenge with symmetric encryption is securely sharing the key. If you encrypt a file with a secret key and want to send it to someone, you need to somehow get the key to them securely. If you send the key over the same insecure channel, an attacker could intercept it. This is why asymmetric encryption was developed.
Advantages and disadvantages:
| Advantages | Disadvantages |
|---|---|
| Fast – efficient for encrypting large volumes of data | Key distribution problem – how to share the key securely? |
| Simple algorithm – less computationally expensive | If the key is compromised, all data encrypted with it is exposed |
| Suitable for encrypting stored data (at rest) | Each pair of communicators needs a unique key (n users need n(n-1)/2 keys) |
Asymmetric Encryption
- Uses a pair of keys: a public key (shared openly) and a private key (kept secret)
- Also called “public key” encryption
- Slower than symmetric but solves the key distribution problem
How it works – Encryption for confidentiality:
Sender Receiver
| |
| Plaintext → Encrypt(Receiver's PUBLIC key) → Ciphertext
| |
| Only Receiver's PRIVATE key can decrypt
| |
| Ciphertext → Decrypt(Receiver's PRIVATE key) → Plaintext
Key principle: What is encrypted with the public key can ONLY be decrypted with the matching private key. What is encrypted with the private key can ONLY be decrypted with the matching public key. The private key must never be shared.
How it works – Digital signatures (proving identity):
Sender Receiver
| |
| Hash of message → Encrypt(Sender's PRIVATE key) → Digital Signature
| |
| Receiver uses Sender's PUBLIC key to decrypt the signature
| and compares with the hash of the received message
| → If they match, message is authentic and unaltered
Advantages and disadvantages:
| Advantages | Disadvantages |
|---|---|
| Solves key distribution problem – public key can be freely shared | Slower than symmetric encryption |
| Enables digital signatures (proving identity) | Computationally expensive for large data |
| No need to exchange secret keys in advance | Key pairs must be managed carefully |
In practice, both are used together: Asymmetric encryption is used to securely exchange a symmetric key, then the symmetric key is used for the actual data encryption (because it is faster). This is exactly what happens in an SSL/TLS handshake.
Digital Signatures
- A digital signature proves:
- Authentication – the message really came from the claimed sender
- Integrity – the message has not been altered in transit
- Non-repudiation – the sender cannot deny having sent the message
How digital signatures work:
- Sender creates a hash (fixed-length fingerprint) of the message
- Sender encrypts the hash with their private key – this is the digital signature
- Sender sends both the message and the digital signature
- Receiver decrypts the signature with the sender’s public key to get the hash
- Receiver independently hashes the received message
- If the two hashes match – message is authentic and unaltered
Digital Certificates
- A digital certificate is an electronic document that verifies the identity of a website, server, or individual
- Issued by a trusted third party called a Certificate Authority (CA) (e.g., Let’s Encrypt, DigiCert, Verisign)
- Contains: the certificate holder’s name, their public key, the CA’s digital signature, expiry date
Purpose:
- When you visit an HTTPS website, the server presents its digital certificate
- Your browser checks: (1) Is the certificate issued by a trusted CA? (2) Has it expired? (3) Does the domain match?
- If valid, the browser trusts the server’s public key and establishes a secure connection
- Think of it as a digital “ID card” – just as a passport is issued by a government to verify identity, a digital certificate is issued by a CA to verify a server’s identity
Without digital certificates, an attacker could impersonate any website by presenting a fake public key. Certificates ensure you are communicating with the genuine server, not an impersonator (preventing MitM attacks).
SSL/TLS Handshake (Simplified)
SSL (Secure Socket Layer) and its successor TLS (Transport Layer Security) establish secure HTTPS connections. Here is a simplified version of the handshake:
Browser Web Server
| |
|--- 1. "Hello" (supported ciphers) -----→ |
| |
|←-- 2. Server certificate + public key --- |
| |
| 3. Browser verifies certificate |
| (checks CA signature, expiry) |
| |
|--- 4. Browser generates a session key, |
| encrypts it with server's |
| public key, sends it ----------→ |
| |
| 5. Server decrypts session key |
| with its private key |
| |
|←→ 6. Both now use the symmetric |
| session key for fast encryption ←→ |
| |
| All data is now encrypted with |
| the shared session key (AES) |
The SSL/TLS handshake uses asymmetric encryption (public/private keys) to securely exchange a symmetric session key. All subsequent data is encrypted with the symmetric key because it is much faster. This combines the security of asymmetric with the speed of symmetric.
Key Management
Why key management matters:
- If a private key is stolen, an attacker can decrypt all data and impersonate the key owner
- If a symmetric key is compromised, all data encrypted with it is exposed
- Keys should be stored securely (hardware security modules, encrypted keystores)
- Keys should be rotated regularly (replaced with new keys periodically)
- Expired or compromised certificates must be revoked immediately
Risks of poor key management:
- Stolen keys – data breaches, identity theft
- Lost keys – permanent loss of encrypted data
- Expired certificates – browser warnings, loss of user trust
- Weak keys – vulnerable to brute-force attacks
Enrichment: Frequency Analysis
This goes beyond the IB syllabus but helps build understanding.
Frequency analysis is a technique for breaking simple substitution ciphers. In English, the most common letter is ‘e’ (~13% of all text). If the most common letter in the ciphertext is ‘x’, the cipher likely maps e–>x. This technique can crack historical ciphers (like Caesar cipher) but is ineffective against modern encryption algorithms like AES, which produce output that appears random.
Enrichment: Authentication Factors
This goes beyond the IB syllabus but helps build understanding.
Authentication factors (used in MFA):
- Something you know – password, PIN, security question (1FA)
- Something you have – phone (SMS code), security token, smart card (2FA)
- Something you are – fingerprint, face recognition, iris scan (3FA/biometric)
MFA combines two or more of these categories. Using two passwords is NOT MFA – both are “something you know.”
Worked Examples
Example 1: Symmetric vs Asymmetric Scenarios
| # | Scenario | Encryption Type | Explanation |
|---|---|---|---|
| 1 | Encrypting files on your own hard drive | Symmetric | Only you need the key; no distribution problem; speed matters |
| 2 | Sending a confidential email to a colleague | Asymmetric | Encrypt with recipient’s public key; no need to share a secret |
| 3 | Establishing an HTTPS connection | Both | Asymmetric handshake exchanges a symmetric session key |
| 4 | Signing a software update to prove it is genuine | Asymmetric | Developer signs with private key; users verify with public key |
| 5 | VPN tunnel encrypting all traffic | Symmetric (after key exchange) | Asymmetric used for initial key exchange; symmetric for speed |
Example 2: SSL/TLS Handshake Walkthrough
Trace what happens when a student visits https://school.edu:
| Step | Action | Encryption Used | Key |
|---|---|---|---|
| 1 | Browser sends “Hello” to school.edu | None | – |
| 2 | Server sends its digital certificate (including public key) | None | Server’s public key is in the certificate |
| 3 | Browser verifies certificate with CA | None | CA’s public key (pre-installed in browser) |
| 4 | Browser generates random session key | – | New symmetric key |
| 5 | Browser encrypts session key and sends it | Asymmetric | Server’s public key encrypts the session key |
| 6 | Server decrypts session key | Asymmetric | Server’s private key |
| 7 | All subsequent traffic | Symmetric | Shared session key (AES) |
Quick Check
Q1. In symmetric encryption, how many keys are used?
Q2. What is the main advantage of asymmetric encryption over symmetric encryption?
Q3. What does a digital certificate verify?
Q4. During an SSL/TLS handshake, the browser generates a session key and encrypts it with the server's _____ key.
Q5. Why is key management important?
Trace Exercise
Trace the SSL/TLS handshake process. For each step, fill in what is sent or what happens.
Trace: SSL/TLS Handshake
A browser connects to a web server over HTTPS. Fill in the key action at each step of the handshake.
| Step | Actor | Action | What happens |
|---|---|---|---|
| 1 | Browser | Initiates connection | |
| 2 | Server | Responds | |
| 3 | Browser | Validates | |
| 4 | Browser | Key exchange | |
| 5 | Server | Decryption |
Spot the Error
A student wrote revision notes about encryption. One line contains an error. Click the line with the error, then pick the correct fix.
Pick the correct fix for line 1:
Fill in the Blanks
Complete the summary of encryption by filling in the correct term for each blank.
Fill in the blanks to complete this summary of encryption:
ENCRYPTION
==========
encryption uses the same key for both encryption and decryption.
encryption uses a public key and a private key pair.
A is issued by a Certificate Authority to verify a server's identity.
In the SSL/TLS handshake, the browser encrypts a session key using the server's key.
is the current industry standard for symmetric encryption, using 128-bit or 256-bit keys.
Predict the Output
Alice encrypts a message using Bob's public key. Can Alice decrypt the message she just encrypted? (Type Yes or No)
A company uses symmetric encryption with a unique key for each pair of employees. If there are 10 employees, how many unique keys are needed? (Use the formula n(n-1)/2. Type a number)
Practice Exercises
Core
-
Encryption Basics – Explain the difference between symmetric and asymmetric encryption. For each, give one advantage and one disadvantage.
-
Digital Certificates – Describe what a digital certificate is, who issues it, and why it is important for secure web browsing. What would happen if digital certificates did not exist?
-
Key Concepts – Define the following terms: plaintext, ciphertext, encryption key, decryption, Certificate Authority.
Extension
-
SSL/TLS Walkthrough – Describe the steps of the SSL/TLS handshake when a user visits an HTTPS website. Explain why both symmetric and asymmetric encryption are used in this process (rather than just one type).
-
Key Management – Explain why key management is critical for security. Describe three risks of poor key management and for each, suggest a preventive measure.
Challenge
- Encryption System Design – A hospital needs to implement encryption for: (a) patient records stored on servers, (b) emails between doctors discussing patient care, (c) a patient portal accessed via web browsers. For each, recommend the type of encryption and explain your choice. Consider key management, performance, and the sensitivity of the data. Evaluate the trade-offs of your design.
Connections
- Prerequisites: Network Security – encryption is a key countermeasure against data interception and MitM attacks
- Prerequisites: Protocols and Layers – HTTPS uses SSL/TLS encryption; understanding protocols contextualises why encryption is needed
- Related: OS Fundamentals – OS security functions include encryption for stored data and authentication
- Related: Number Systems – binary representation underpins how encryption keys and algorithms work at the bit level