π Key Terms & Glossary
Week 2 β Important Terminology
This glossary contains the key terminology from this week's material on Cloud Security and Cryptography. It covers the fundamentals of data protection in the cloud, transitioning from the foundational math of classical ciphers (Substitution and Transposition) to the modern inner workings of the Advanced Encryption Standard (AES) and its educational counterpart, Simplified AES (S-AES).
π Key Terms
| Term | Definition | Context / Example |
|---|---|---|
| Server-Side Encryption | A method where the cloud provider encrypts data upon upload and decrypts it upon download. | An option provided by AWS to protect data stored in the cloud. |
| Client-Side Encryption | A method where the user encrypts data locally before uploading it to the cloud. | An AWS option ensuring the cloud provider only stores the ciphertext. |
| Secret Key Encryption Model | A cryptographic model where two communicating parties share a secret key in advance to encrypt and decrypt messages. | Also known as conventional encryption. |
| Cryptosystem | A five-tuple $(P, C, K, E, D)$ mathematical model defining an encryption scheme. | Ensures that applying the decryption rule to the encrypted text yields the original plaintext. |
| Plaintext (P) | The finite set of all possible original, meaningful messages. | Input data prior to being passed through an encryption algorithm. |
| Ciphertext (C) | The finite set of all possible scrambled, unmeaningful messages. | Output data produced by the encryption algorithm. |
| Keyspace (K) | The finite set of all possible keys that can be used in a cryptosystem. | The Shift cipher has a keyspace of 25. |
| Substitution Cipher | A cipher principle where letters of plaintext are replaced by other letters, numbers, or symbols. | Caesar, Shift, and Affine ciphers. |
| Transposition Cipher | A cipher principle that alters the order of the letters of the plaintext, but not their identity. | Keyword Columnar Transposition. |
| Shift Cipher | A substitution cipher that shifts plaintext letters by a fixed key integer $k$ modulo 26. | $C = (P + k) \pmod{26}$. The Caesar cipher is a shift cipher where $k=3$. |
| Affine Cipher | A substitution cipher utilizing two key parameters ($K_1, K_2$) and the equation $C = (K_1 \times P + K_2) \pmod{26}$. | Expands the keyspace beyond the standard Shift cipher. |
| Block Cipher | An encryption method that processes a fixed-size block of bits all at once, rather than bit-by-bit. | AES encrypts in 128-bit blocks; DES uses 64-bit blocks. |
| DES (Data Encryption Standard) | An older standard from the 1970s with a 56-bit key and 64-bit blocks. | Replaced by AES because its small key size became vulnerable to modern computation. |
| AES (Advanced Encryption Standard) | A modern symmetric block cipher with a 128-bit block size and key sizes of 128, 192, or 256 bits. | Based on substitution and permutation principles. |
| S-AES (Simplified AES) | An educational model of AES utilizing a 16-bit block size, a 16-bit key, and 2 encryption rounds. | Designed purely for learning, not actual security. |
| State Matrix | The $2 \times 2$ grid layout used to arrange data blocks during AES/S-AES operations. | In S-AES, 16 bits are arranged into four 4-bit nibbles. |
| Add Round Key | An S-AES transformation applying a bitwise XOR operation between the state matrix and a sub-key. | The first and last step of an S-AES round. |
| SubNib / S-Box | A substitution operation replacing each 4-bit nibble with a new nibble using a predefined Substitution Box. | Based on modular arithmetic with polynomials. |
| Shift Row | A permutation operation in S-AES where the first row is unchanged, and the second row's nibbles swap positions. | Direct application of the transposition principle. |
| Mix Columns | A specialized matrix multiplication transformation in S-AES performed over a Galois Field. | Not used in the final round of S-AES. |
| Galois Field (GF) | A finite mathematical field named after Γvariste Galois, used extensively in advanced cryptography. | S-AES operates in $GF(16)$ or $GF(2^4)$. |
| Modular Arithmetic | A system of arithmetic defining the remainder of division ($x \pmod n$). | $34 \pmod{26} = 8$. Used in classical ciphers. |
| Key Expansion | The schedule that generates necessary sub-keys from the original master key for use in each round. | Splits a 16-bit key into words and applies a $g()$ function to generate Round 1 and Round 2 keys. |
π§ Expanded Key Terms
Cryptosystem
Definition: A formal, five-tuple mathematical model defined as $(P, C, K, E, D)$. Explanation: A cryptosystem lays out the strict mathematical rules of secret key encryption. It explicitly defines the set of plaintexts ($P$), ciphertexts ($C$), and keys ($K$), along with the specific functions used for Encryption ($E$) and Decryption ($D$). The fundamental rule of any cryptosystem is that applying the decryption algorithm to the output of an encryption algorithm must perfectly return the original plaintext ($d_k(e_k(x)) = x$). Example / Context: When implementing a Shift cipher as a cryptosystem, $P$ and $C$ are the integers $Z_{26} {0...25}$, $K$ is the set of integers ${0...25}$, and $E$ is the formula $(p+k) \pmod{26}$. Related Terms:
- Secret Key Encryption Model
- Plaintext
- Keyspace
Advanced Encryption Standard (AES)
Definition: A modern block cipher standard utilizing a 128-bit block size and varying key sizes (128, 192, 256 bits). Explanation: AES was selected in the late 90s/early 2000s to replace the Data Encryption Standard (DES) because DES's 56-bit key was too small and vulnerable to cracking. Like classical ciphers, AES relies entirely on the principles of substitution and permutation (transposition) but applies them via advanced polynomial mathematics to large blocks of binary data. Example / Context: When you select "Server-Side Encryption" on AWS, AES is the underlying engine protecting your data. Related Terms:
- Block Cipher
- DES
- Simplified AES (S-AES)
Simplified Advanced Encryption Standard (S-AES)
Definition: A scaled-down, educational version of AES operating on 16-bit blocks and 16-bit keys. Explanation: Because full AES is difficult to trace by hand, S-AES was invented for teaching purposes. It takes a 16-bit plaintext, arranges it into a $2 \times 2$ State Matrix of 4-bit nibbles, and processes it through an initial key addition and two rounds of transformations. Example / Context: S-AES utilizes four core transformations: Add Round Key (using XOR), Substitute Nibbles (using an S-Box), Shift Rows (swapping nibbles), and Mix Columns (Galois Field matrix multiplication). Related Terms:
- Add Round Key
- SubNib / S-Box
- Key Expansion
Galois Field $GF(16)$ or $GF(2^4)$
Definition: A finite field of 16 elements (integers 0 to 15) utilizing unique rules for addition and multiplication. Explanation: Normal arithmetic operations in computers can result in data overflow (carrying bits). Galois Fields solve this in cryptography. In $GF(16)$, elements are represented as binary polynomials. Addition and subtraction are simply performed via bitwise XOR operations. Multiplication is performed via polynomial multiplication, taking the modulo of an irreducible polynomial ($x^4 + x + 1$ or $10011_2$) to ensure the answer never exceeds 4 bits. Example / Context: The "Mix Columns" matrix multiplication and the "S-Box" generation in S-AES rely exclusively on Galois Field arithmetic to function. Related Terms:
- Mix Columns
- XOR Operation
- Modular Arithmetic
β‘ Quick Revision List
- Server-Side Encryption β Cloud provider handles encryption on upload/download.
- Client-Side Encryption β User encrypts data before sending it to the cloud.
- Cryptosystem Tuple β $(P, C, K, E, D)$ (Plaintext, Ciphertext, Keyspace, Encryption, Decryption).
- Substitution β Replaces characters (e.g., Shift, Affine, Caesar ciphers).
- Transposition/Permutation β Scrambles the order of characters (e.g., Keyword columnar).
- Shift Cipher Formula β $C = (P + K) \pmod{26}$.
- Affine Cipher Formula β $C = (K_1 \times P + K_2) \pmod{26}$.
- Block Cipher β Encrypts data in fixed-size blocks (AES = 128-bit, DES = 64-bit).
- S-AES Specs β 16-bit block, 16-bit key, 2 rounds, 4-bit nibbles.
- Add Round Key β S-AES operation applying bitwise XOR.
- GF(16) Addition/Subtraction β Always performed as a bitwise XOR operation.
- GF(16) Multiplication β Polynomial multiplication modulo $10011_2$.
π Term Categories
Cloud Computing Security
- Server-Side Encryption
- Client-Side Encryption
Cryptography Fundamentals
- Secret Key Encryption Model
- Cryptosystem
- Plaintext (P)
- Ciphertext (C)
- Keyspace (K)
- Block Cipher
Classical Ciphers
- Substitution Cipher
- Transposition Cipher (Permutation)
- Shift Cipher
- Caesar Cipher
- Affine Cipher
- Keyword Columnar Transposition
Modern Encryption (AES/DES)
- Advanced Encryption Standard (AES)
- Data Encryption Standard (DES)
- Simplified AES (S-AES)
- State Matrix
- Nibble
- Add Round Key
- Substitute Nibbles (SubNib) / S-Box
- Shift Rows
- Mix Columns
- Key Expansion (Key Generation)
Mathematical Concepts
- Galois Field ($GF(16)$ or $GF(2^4)$)
- Modular Arithmetic
- XOR Operation
- Polynomial Representation