Cryptography
Cryptography is the science of protecting data, which provides
means and methods of converting data into unreadable form, so that The data
cannot be accessed for unauthorized use.
- · The content of the data frames is hidden.
- · The authenticity of the data can be established.
- · The undetected modification of the data is avoided.
- · The data cannot be disowned by the originator of the message.
Cryptography is one of the technological means to provide
security to data being transmitted on information and communications systems.
Cryptography is especially useful in the cases of financial and personal data,
irrespective of the fact that the data is being transmitted over a medium or is
stored on a storage device. It provides a powerful means of verifying the
authenticity of data and identifying the culprit, if the confidentiality and
integrity of the data is violated. Because of the development of electronic
commerce, cryptographic techniques are extremely critical to the development
and use of defense information systems and communications networks.
History of Cryptography
The messages were first encrypted in ancient Egypt as a
result of hieroglyphics. The Egyptians encrypted messages by simply replacing
the original picture with another picture. This method of encryption was known
as substitution cipher. In this method, each letter of the cleartext message
was replaced by some other letter, which results in an encrypted message or
ciphertext.
For example, the message
WELCOME TO THE WORLD OF CRYPTOGRAPHY
can be encrypted by using substitution
cipher as
XFMDPNF UP UIF XPSME PG DSZQUPHSBQIZ
In
the preceding example, each letter of the plaintext message has been replaced
with the next letter in the alphabet. This type of substitution is also known
as Caesar cipher. Caesar cipher is an example of shift cipher because it
involves shifting each letter of the plaintext message by some number of spaces
to obtain the ciphertext.
For example, if you shift the letters by
5, you get the following combination of plaintext and ciphertext letters:
Plaintext A B C D E F G H I J K L M N O P
Q R S T U V W X Y Z
Ciphertext F G H I J K L M N O P Q R S T U V W X Y Z A B C D E
cryptography terms
• Plaintext: Is the message that has to
be transmitted to the recipient. It is also commonly referred to as cleartext.
• Encryption: Is the process of changing
the content of a message in a manner such that it hides the actual message.
• Ciphertext: Is the output that is
generated after encrypting the plain text.
• Decryption: Is the reverse of
encryption and is the process of retrievingthe original message from its
encrypted form. This process converts ciphertext to plaintext.
• Hash algorithm: Is an algorithm that
converts text string into a string of fixed length.
• Key: Is a word, number, or phrase that
is used to encrypt the cleartext. In computer– based cryptography, any text,
key word, or phrase is converted to a very large number by applying a hash
algorithm on it. The large number, referred to as a key, is then used for
encryption and decryption.
• Cipher: Is a hash algorithm that
translates plaintext into an intermediate form called ciphertext, in which the
original message is in an unreadable form.
• Cryptanalysis: Is the science of
breaking codes and ciphers.
The two main
cryptography techniques are
• Single key cryptography: This cryptography
technique is based on a single key. It is also known as symmetric key or
private key or secret key encryption.
• Public key cryptography: This cryptography
technique is based on a combination of two keys—secret key and public key. It
is also known as asymmetric encryption.
Single Key Cryptography
The process of
encryption and decryption of information by using a single key is known as
secret key cryptography or symmetric key cryptography. In symmetric key
cryptography, the same key is used to encrypt as well as decrypt the data. The
main problem with symmetric key algorithms is that the sender and the receiver
have to agree on a common key. A secure channel is also required between the
sender and the receiver to exchange the secret key.
Here’s an example that illustrates the process of single
key cryptography. Alice wants to send a “For Your Eyes” message to Bob and
wants to ensure that only Bob is able to read the message. To secure the
transmission, Alice generates a secret key, encrypts the message with this key,
and sends the message to Bob. Now, to read the encrypted message, Bob would
need the secret key that has been generated by Alice. Alice can give the secret
key to Bob in person or send the key to Bob by any other means available. If
Alice sends the key to Bob in person, it could be time-consuming depending on
the physical distance between the two of them or other circumstances such as
Bob’s availability. After Bob receives the secret key, he can decrypt the
message to retrieve the original message. Many secret key algorithms were
developed on the basis of the concept of secret key cryptography. The most
widely used secret key algorithms include Data Encryption Standard (DES)
Ø
Triple-DES (3DES)
Ø
International Data Encryption Algorithm (IDEA)
Ø
RC4
Ø
CAST-128
Ø
Advanced Encryption Standard (AES)
PROBLEMS IN
SYMMETRIC CRYPTOGRAPHY
The major problem
with symmetric cryptography is that the process of transferring keys to the
recipient is prone to security risks. Transferring the secret key over the
Internet either in an e-mail message or through simple IRC services is
insecure. Verbally communicating the key over a phone line runs the risk of
eavesdropping. Similarly, snail mail runs the risk of possible interception.
The security risks that are involved in secret key cryptography have been
overcome to a large extent in another method of cryptography called public key
cryptography. Public key cryptography uses a key pair instead of just one
secret key. Of this key pair, one key, known as the private key, is always kept
secret by the key holder. This private key is not transferred to anyone and is
stored securely by the holder of the key and thus public key cryptography eliminates
the need for transferring the private key.
PUBLIC KEY CRYPTOGRAPHY:
The approach called
asymmetric cryptography evolved to address the security issues posed by
symmetric cryptography. This method solves the problem of secret key
cryptography by using two keys instead of a single key. Asymmetric cryptography
uses a pair of keys. In this process, one key is used for encryption, and the
other key is used for decryption. This process is known as asymmetric
cryptography because both the keys are required to complete the process. These
two keys are collectively known as the key pair. In asymmetric cryptography,
one of the keys is freely distributable. This key is called the public key and
is used for encryption. Hence, this method of encryption is also called public
key encryption. The second key is the secret or private key and is used for
decryption. The private key is not distributable. This key, like its name
suggests, is private for every communicating entity. In public key
cryptography, the data that is encrypted with the public key can only be
decrypted with the corresponding private key.
Combining Techniques: Symmetric and Asymmetric
Encryption
The disadvantage of
using public key encryption is that it is a slow process because key lengths
are large (1024 bits to 4094 bits). When you compare both processes, secret key
encryption is significantly faster as the key length is less (40 bits to 256
bits). On the other hand, there is a problem in transferring the key in secret
key encryption. Both these techniques can be used together to provide a better
method of encryption. This way you can make use of the combined advantages and
overcome the disadvantages. The steps in data transaction in a combined
technique are:
1. Encrypt your
file by using a symmetric encryption.
2. Use asymmetric
encryption to encrypt only this key using the recipient’s public key. Now send
the encrypted key to the recipient. The recipient, at his end, can now decrypt
the key using his/her private key.
3. Next, send the
actual encrypted data. The encrypted data can be decrypted using the key that
was encrypted by using the public key from the asymmetric key pair.
DIGITAL SIGNATURE: -
Any process of authentication protects two
parties against a third party. However, this process does not protect the
parties against each other. This means that in situations where there isn’t
complete trust between the sender and the recipient, something more than
authentication is required. This problem can be solved using a digital signature.
A digital signature is analogous to a handwritten signature and verifies the
author, date, and time of signature. The signature should also be able to
authenticate the content at the time of the signature.
The main
requirements of a digital signature are:
v
It is unique to the sender.
v It should be recognizable and verifiable..