SlideShare a Scribd company logo

Cryptography and security

Download as DOCX, PDF
R
research30

I think this is slightly use full to you

TechnologyEducation
1 of 3
Cryptography and security<br />Abstract<br />From e-mail to cellular communications, from secure Web access to digital cash, cryptography is an essential part of today's information systems. Cryptography helps provide accountability, fairness, accuracy, and confidentiality. It can prevent fraud in electronic commerce and assure the validity of financial transactions. It can protect your anonymity or prove your identity. It can keep vandals from altering your Web page and prevent industrial competitors from reading your confidential documents. And in the future, as commerce and communications continue to move to computer networks, cryptography will become more and more vital. This paper has two major purposes. The first is to define some of the terms and concepts behind basic cryptographic methods, and to offer a way to compare the myriad cryptographic schemes in use today. The second is to provide some real examples of cryptography in use today.<br /> I. INTRODUCTION<br />The art of protecting information by transforming it (encrypting it) into an unreadable format, called cipher text. Only those who possess a secret key can decipher (or decrypt) the message into plain text. Encrypted messages can sometimes be broken by cryptanalysis, also called codebreaking, although modern cryptography techniques are virtually unbreakable. <br /> TYPES OF CRYPTOGRAPHIC ALGORITHMS<br />There are several ways of classifying cryptographic algorithms. For purposes of this paper, they will be categorized based on the number of keys that are employed for encryption and decryption, and further defined by their application and use. The three types of algorithms that will be discussed are (Figure 1): <br />Secret Key Cryptography (SKC): Uses a single key for both encryption and decryption <br />Public Key Cryptography (PKC): Uses one key for encryption and another for decryption <br />Hash Functions: Uses a mathematical transformation to irreversibly quot; encryptquot; information <br />Secret Key Cryptography<br />With secret key cryptography, a single key is used for both encryption and decryption. As shown in Figure 1A, the sender uses the key (or some set of rules) to encrypt the plaintext and sends the ciphertext to the receiver. The receiver applies the same key (or ruleset) to decrypt the message and recover the plaintext. Because a single key is used for both functions, secret key cryptography is also called symmetric encryption.<br />With this form of cryptography, it is obvious that the key must be known to both the sender and the receiver; that, in fact, is the secret. The biggest difficulty with this approach, of course, is the distribution of the key.<br />Secret key cryptography schemes are generally categorized as being either stream ciphers or block ciphers. Stream ciphers operate on a single bit (byte or computer word) at a time and implement some form of feedback mechanism so that the key is constantly changing. A block cipher is so-called because the scheme encrypts one block of data at a time using the same key on each block. In general, the same plaintext block will always encrypt to the same ciphertext when using the same key in a block cipher whereas the same plaintext will encrypt to different ciphertext in a stream cipher.<br />Public-Key Cryptography<br />Generic PKC employs two keys that are mathematically related although knowledge of one key does not allow someone to easily determine the other key. One key is used to encrypt the plaintext and the other key is used to decrypt the ciphertext. The important point here is that it does not matter which key is applied first, but that both keys are required for the process to work (Figure 1B). Because a pair of keys are required, this approach is also called asymmetric cryptography.<br />In PKC, one of the keys is designated the public key and may be advertised as widely as the owner wants. The other key is designated the private key and is never revealed to another party. It is straight forward to send messages under this scheme. Suppose Alice wants to send Bob a message. Alice encrypts some information using Bob's public key; Bob decrypts the ciphertext using his private key. This method could be also used to prove who sent a message; Alice, for example, could encrypt some plaintext with her private key; when Bob decrypts using Alice's public key, he knows that Alice sent the message and Alice cannot deny having sent the message (non-repudiation).<br />Hash Functions<br />Hash functions, also called message digests and one-way encryption, are algorithms that, in some sense, use no key (Figure 1C). Instead, a fixed-length hash value is computed based upon the plaintext that makes it impossible for either the contents or length of the plaintext to be recovered. Hash algorithms are typically used to provide a digital fingerprint of a file's contents, often used to ensure that the file has not been altered by an intruder or virus. Hash functions are also commonly employed by many operating systems to encrypt passwords. Hash functions, then, provide a measure of the integrity of a file.<br />Why Three Encryption Techniques?<br />So, why are there so many different types of cryptographic schemes? Why can't we do everything we need with just one?<br />The answer is that each scheme is optimized for some specific application(s). Hash functions, for example, are well-suited for ensuring data integrity because any change made to the contents of a message will result in the receiver calculating a different hash value than the one placed in the transmission by the sender. Since it is highly unlikely that two different messages will yield the same hash value, data integrity is ensured to a high degree of confidence.<br />Secret key cryptography, on the other hand, is ideally suited to encrypting messages, thus providing privacy and confidentiality. The sender can generate a session key on a per-message basis to encrypt the message; the receiver, of course, needs the same session key to decrypt the message.<br />Key exchange, of course, is a key application of public-key cryptography (no pun intended). Asymmetric schemes can also be used for non-repudiation and user authentication; if the receiver can obtain the session key encrypted with the sender's private key, then only this sender could have sent the message. Public-key cryptography could, theoretically, also be used to encrypt messages although this is rarely done because secret-key cryptography operates about 1000 times faster than public-key cryptography.<br />Figure 2 puts all of this together and shows how a hybrid cryptographic scheme combines all of these functions to form a secure transmission comprising digital signature and digital envelope. In this example, the sender of the message is Alice and the receiver is Bob.<br />A digital envelope comprises an encrypted message and an encrypted session key. Alice uses secret key cryptography to encrypt her message using the session key, which she generates at random with each session. Alice then encrypts the session key using Bob's public key. The encrypted message and encrypted session key together form the digital envelope. Upon receipt, Bob recovers the session secret key using his private key and then decrypts the encrypted message.<br />The digital signature is formed in two steps. First, Alice computes the hash value of her message; next, she encrypts the hash value with her private key. Upon receipt of the digital signature, Bob recovers the hash value calculated by Alice by decrypting the digital signature with Alice's public key. Bob can then apply the hash function to Alice's original message, which he has already decrypted (see previous paragraph). If the resultant hash value is not the same as the value supplied by Alice, then Bob knows that the message has been altered; if the hash values are the same, Bob should believe that the message he received is identical to the one that Alice sent.<br />This scheme also provides nonrepudiation since it proves that Alice sent the message; if the hash value recovered by Bob using Alice's public key proves that the message has not been altered, then only Alice could have created the digital signature. Bob also has proof that he is the intended receiver; if he can correctly decrypt the message, then he must have correctly decrypted the session key meaning that his is the correct private key.<br />FIGURE 2: Sample application of the three cryptographic techniques for secure communication.<br />CONCLUSION<br />This paper has briefly described how cryptography works. The reader must beware, however, that there are a number of ways to attack every one of these systems; cryptanalysis and attacks on cryptosystems, however, are well beyond the scope of this paper.<br />Cryptography is a particularly interesting field because of the amount of work that is, by necessity, done in secret. The irony is that today, secrecy is not the key to the goodness of a cryptographic algorithm. Regardless of the mathematical theory behind an algorithm, the best algorithms are those that are well-known and well-documented because they are also well-tested and well-studied! In fact, time is the only true test of good cryptography; any cryptographic scheme that stays in use year after year is most likely a good one. The strength of cryptography lies in the choice (and management) of the keys<br />REFERENCES<br />An Overview of Cryptography Gary C. Kessler<br />
Cryptography and security
Cryptography and security

Recommended

Cryptography Unchained - BeeBryte (White Paper)
Cryptography Unchained - BeeBryte (White Paper) Cryptography Unchained - BeeBryte (White Paper)
Cryptography Unchained - BeeBryte (White Paper) BeeBryte | Energy Intelligence & Automation
 
Cryptography Unchained - BeeBryte (White Paper)
Cryptography Unchained - BeeBryte (White Paper) Cryptography Unchained - BeeBryte (White Paper)
Cryptography Unchained - BeeBryte (White Paper) BeeBryte | Energy Intelligence & Automation
 
Networksecurity1 1
Networksecurity1 1 Networksecurity1 1
Networksecurity1 1 lakshmansoft7
 
Cn ppt
Cn pptCn ppt
Cn pptAshish Agarwal
 
Seminar report on symmetric key
Seminar report on symmetric keySeminar report on symmetric key
Seminar report on symmetric keyRajat Tripathi
 
CGI White Paper - Key Incryption Mechanism
CGI White Paper - Key Incryption MechanismCGI White Paper - Key Incryption Mechanism
CGI White Paper - Key Incryption MechanismAmit Singh
 
SECURE CLOUD STORAGE USING DENIABLE ATTRIBUTE BASED ENCRYPTION
SECURE CLOUD STORAGE USING DENIABLE ATTRIBUTE BASED ENCRYPTIONSECURE CLOUD STORAGE USING DENIABLE ATTRIBUTE BASED ENCRYPTION
SECURE CLOUD STORAGE USING DENIABLE ATTRIBUTE BASED ENCRYPTIONadeij1
 
Criptography
CriptographyCriptography
CriptographySajan Sahu
 

Recommended

Cryptography Unchained - BeeBryte (White Paper)
Cryptography Unchained - BeeBryte (White Paper) Cryptography Unchained - BeeBryte (White Paper)
Cryptography Unchained - BeeBryte (White Paper) BeeBryte | Energy Intelligence & Automation
 
Cryptography Unchained - BeeBryte (White Paper)
Cryptography Unchained - BeeBryte (White Paper) Cryptography Unchained - BeeBryte (White Paper)
Cryptography Unchained - BeeBryte (White Paper) BeeBryte | Energy Intelligence & Automation
 
Networksecurity1 1
Networksecurity1 1 Networksecurity1 1
Networksecurity1 1 lakshmansoft7
 
Cn ppt
Cn pptCn ppt
Cn pptAshish Agarwal
 
Seminar report on symmetric key
Seminar report on symmetric keySeminar report on symmetric key
Seminar report on symmetric keyRajat Tripathi
 
CGI White Paper - Key Incryption Mechanism
CGI White Paper - Key Incryption MechanismCGI White Paper - Key Incryption Mechanism
CGI White Paper - Key Incryption MechanismAmit Singh
 
SECURE CLOUD STORAGE USING DENIABLE ATTRIBUTE BASED ENCRYPTION
SECURE CLOUD STORAGE USING DENIABLE ATTRIBUTE BASED ENCRYPTIONSECURE CLOUD STORAGE USING DENIABLE ATTRIBUTE BASED ENCRYPTION
SECURE CLOUD STORAGE USING DENIABLE ATTRIBUTE BASED ENCRYPTIONadeij1
 
Criptography
CriptographyCriptography
CriptographySajan Sahu
 
A Study of Different Partitioning Clustering Technique
A Study of Different Partitioning Clustering TechniqueA Study of Different Partitioning Clustering Technique
A Study of Different Partitioning Clustering Techniqueijsrd.com
 
Cryptography
CryptographyCryptography
CryptographyMilap Oza
 
Basic concept of pki
Basic concept of pkiBasic concept of pki
Basic concept of pkiPrabhat Goel
 
International Journal of Engineering Research and Development (IJERD)
International Journal of Engineering Research and Development (IJERD)International Journal of Engineering Research and Development (IJERD)
International Journal of Engineering Research and Development (IJERD)IJERD Editor
 
iaetsd Secured multiple keyword ranked search over encrypted databases
iaetsd Secured multiple keyword ranked search over encrypted databasesiaetsd Secured multiple keyword ranked search over encrypted databases
iaetsd Secured multiple keyword ranked search over encrypted databasesIaetsd Iaetsd
 
Ao318992
Ao318992Ao318992
Ao318992IJMER
 
Cryptography by Durlab Kumbhakar
Cryptography by Durlab KumbhakarCryptography by Durlab Kumbhakar
Cryptography by Durlab KumbhakarDurlove Kumbhakar
 
Data Encryption : A Powerful and an Approachable Technology!
Data Encryption : A Powerful and an Approachable Technology! Data Encryption : A Powerful and an Approachable Technology!
Data Encryption : A Powerful and an Approachable Technology! Sai Natkar
 
Encryption technology
Encryption technologyEncryption technology
Encryption technologyNeha Bhambu
 
Deniable Encryption Key
Deniable Encryption KeyDeniable Encryption Key
Deniable Encryption KeyIOSR Journals
 
Analysis of Cryptography Techniques
Analysis of Cryptography TechniquesAnalysis of Cryptography Techniques
Analysis of Cryptography Techniqueseditor1knowledgecuddle
 
Review on variants of Security aware AODV
Review on variants of Security aware AODVReview on variants of Security aware AODV
Review on variants of Security aware AODVijsrd.com
 
Public key Cryptography & RSA
Public key Cryptography & RSAPublic key Cryptography & RSA
Public key Cryptography & RSAAmit Debnath
 
Efficient authentication for mobile and pervasive computing
Efficient authentication for mobile and pervasive computing Efficient authentication for mobile and pervasive computing
Efficient authentication for mobile and pervasive computing Shakas Technologies
 
Analysis of Cryptographic Algorithms for Network Security
Analysis of Cryptographic Algorithms for Network SecurityAnalysis of Cryptographic Algorithms for Network Security
Analysis of Cryptographic Algorithms for Network SecurityEditor IJCATR
 
Introduction to Digital signatures
Introduction to Digital signaturesIntroduction to Digital signatures
Introduction to Digital signaturesRohit Bhat
 
Introduction to Cryptography and the Public Key Infrastructure
Introduction to Cryptography and the Public Key InfrastructureIntroduction to Cryptography and the Public Key Infrastructure
Introduction to Cryptography and the Public Key InfrastructureMike Gates
 
10.11648.j.ijdst.20160204.12
10.11648.j.ijdst.20160204.1210.11648.j.ijdst.20160204.12
10.11648.j.ijdst.20160204.12Arindam Paul
 
Cryptanalysis 101
Cryptanalysis 101Cryptanalysis 101
Cryptanalysis 101rahat ali
 
Data Encryption and Decryption using Hill Cipher
Data Encryption and Decryption using Hill CipherData Encryption and Decryption using Hill Cipher
Data Encryption and Decryption using Hill CipherAashirwad Kashyap
 
Kelebihan autopilot untuk marketing
Kelebihan autopilot untuk marketingKelebihan autopilot untuk marketing
Kelebihan autopilot untuk marketingSte Wart
 
Presentation folga s
Presentation folga sPresentation folga s
Presentation folga sFolga_agency
 

More Related Content

What's hot

A Study of Different Partitioning Clustering Technique
A Study of Different Partitioning Clustering TechniqueA Study of Different Partitioning Clustering Technique
A Study of Different Partitioning Clustering Techniqueijsrd.com
 
Cryptography
CryptographyCryptography
CryptographyMilap Oza
 
Basic concept of pki
Basic concept of pkiBasic concept of pki
Basic concept of pkiPrabhat Goel
 
International Journal of Engineering Research and Development (IJERD)
International Journal of Engineering Research and Development (IJERD)International Journal of Engineering Research and Development (IJERD)
International Journal of Engineering Research and Development (IJERD)IJERD Editor
 
iaetsd Secured multiple keyword ranked search over encrypted databases
iaetsd Secured multiple keyword ranked search over encrypted databasesiaetsd Secured multiple keyword ranked search over encrypted databases
iaetsd Secured multiple keyword ranked search over encrypted databasesIaetsd Iaetsd
 
Ao318992
Ao318992Ao318992
Ao318992IJMER
 
Cryptography by Durlab Kumbhakar
Cryptography by Durlab KumbhakarCryptography by Durlab Kumbhakar
Cryptography by Durlab KumbhakarDurlove Kumbhakar
 
Data Encryption : A Powerful and an Approachable Technology!
Data Encryption : A Powerful and an Approachable Technology! Data Encryption : A Powerful and an Approachable Technology!
Data Encryption : A Powerful and an Approachable Technology! Sai Natkar
 
Encryption technology
Encryption technologyEncryption technology
Encryption technologyNeha Bhambu
 
Deniable Encryption Key
Deniable Encryption KeyDeniable Encryption Key
Deniable Encryption KeyIOSR Journals
 
Review on variants of Security aware AODV
Review on variants of Security aware AODVReview on variants of Security aware AODV
Review on variants of Security aware AODVijsrd.com
 
Public key Cryptography & RSA
Public key Cryptography & RSAPublic key Cryptography & RSA
Public key Cryptography & RSAAmit Debnath
 
Efficient authentication for mobile and pervasive computing
Efficient authentication for mobile and pervasive computing Efficient authentication for mobile and pervasive computing
Efficient authentication for mobile and pervasive computing Shakas Technologies
 
Analysis of Cryptographic Algorithms for Network Security
Analysis of Cryptographic Algorithms for Network SecurityAnalysis of Cryptographic Algorithms for Network Security
Analysis of Cryptographic Algorithms for Network SecurityEditor IJCATR
 
Introduction to Digital signatures
Introduction to Digital signaturesIntroduction to Digital signatures
Introduction to Digital signaturesRohit Bhat
 
Introduction to Cryptography and the Public Key Infrastructure
Introduction to Cryptography and the Public Key InfrastructureIntroduction to Cryptography and the Public Key Infrastructure
Introduction to Cryptography and the Public Key InfrastructureMike Gates
 
10.11648.j.ijdst.20160204.12
10.11648.j.ijdst.20160204.1210.11648.j.ijdst.20160204.12
10.11648.j.ijdst.20160204.12Arindam Paul
 
Cryptanalysis 101
Cryptanalysis 101Cryptanalysis 101
Cryptanalysis 101rahat ali
 
Data Encryption and Decryption using Hill Cipher
Data Encryption and Decryption using Hill CipherData Encryption and Decryption using Hill Cipher
Data Encryption and Decryption using Hill CipherAashirwad Kashyap
 

What's hot (20)

A Study of Different Partitioning Clustering Technique
A Study of Different Partitioning Clustering TechniqueA Study of Different Partitioning Clustering Technique
A Study of Different Partitioning Clustering Technique
 
Cryptography
CryptographyCryptography
Cryptography
 
Basic concept of pki
Basic concept of pkiBasic concept of pki
Basic concept of pki
 
International Journal of Engineering Research and Development (IJERD)
International Journal of Engineering Research and Development (IJERD)International Journal of Engineering Research and Development (IJERD)
International Journal of Engineering Research and Development (IJERD)
 
iaetsd Secured multiple keyword ranked search over encrypted databases
iaetsd Secured multiple keyword ranked search over encrypted databasesiaetsd Secured multiple keyword ranked search over encrypted databases
iaetsd Secured multiple keyword ranked search over encrypted databases
 
Ao318992
Ao318992Ao318992
Ao318992
 
Cryptography by Durlab Kumbhakar
Cryptography by Durlab KumbhakarCryptography by Durlab Kumbhakar
Cryptography by Durlab Kumbhakar
 
Data Encryption : A Powerful and an Approachable Technology!
Data Encryption : A Powerful and an Approachable Technology! Data Encryption : A Powerful and an Approachable Technology!
Data Encryption : A Powerful and an Approachable Technology!
 
Encryption technology
Encryption technologyEncryption technology
Encryption technology
 
Deniable Encryption Key
Deniable Encryption KeyDeniable Encryption Key
Deniable Encryption Key
 
Analysis of Cryptography Techniques
Analysis of Cryptography TechniquesAnalysis of Cryptography Techniques
Analysis of Cryptography Techniques
 
Review on variants of Security aware AODV
Review on variants of Security aware AODVReview on variants of Security aware AODV
Review on variants of Security aware AODV
 
Public key Cryptography & RSA
Public key Cryptography & RSAPublic key Cryptography & RSA
Public key Cryptography & RSA
 
Efficient authentication for mobile and pervasive computing
Efficient authentication for mobile and pervasive computing Efficient authentication for mobile and pervasive computing
Efficient authentication for mobile and pervasive computing
 
Analysis of Cryptographic Algorithms for Network Security
Analysis of Cryptographic Algorithms for Network SecurityAnalysis of Cryptographic Algorithms for Network Security
Analysis of Cryptographic Algorithms for Network Security
 
Introduction to Digital signatures
Introduction to Digital signaturesIntroduction to Digital signatures
Introduction to Digital signatures
 
Introduction to Cryptography and the Public Key Infrastructure
Introduction to Cryptography and the Public Key InfrastructureIntroduction to Cryptography and the Public Key Infrastructure
Introduction to Cryptography and the Public Key Infrastructure
 
10.11648.j.ijdst.20160204.12
10.11648.j.ijdst.20160204.1210.11648.j.ijdst.20160204.12
10.11648.j.ijdst.20160204.12
 
Cryptanalysis 101
Cryptanalysis 101Cryptanalysis 101
Cryptanalysis 101
 
Data Encryption and Decryption using Hill Cipher
Data Encryption and Decryption using Hill CipherData Encryption and Decryption using Hill Cipher
Data Encryption and Decryption using Hill Cipher
 

Viewers also liked

Kelebihan autopilot untuk marketing
Kelebihan autopilot untuk marketingKelebihan autopilot untuk marketing
Kelebihan autopilot untuk marketingSte Wart
 
Presentation folga s
Presentation folga sPresentation folga s
Presentation folga sFolga_agency
 
Stress Applications
Stress ApplicationsStress Applications
Stress Applicationsstresspile
 
We wish you a merry christmas
We wish you a merry christmasWe wish you a merry christmas
We wish you a merry christmasBuga Daniel
 
LLegir i cantar als infants
LLegir i cantar als infantsLLegir i cantar als infants
LLegir i cantar als infantsmvmevinas
 
Team work dalam autopilot
Team work dalam autopilotTeam work dalam autopilot
Team work dalam autopilotSte Wart
 
Statue of liberty & ellis island (a c)
Statue of liberty & ellis island (a c)Statue of liberty & ellis island (a c)
Statue of liberty & ellis island (a c)Buga Daniel
 

Viewers also liked (7)

Kelebihan autopilot untuk marketing
Kelebihan autopilot untuk marketingKelebihan autopilot untuk marketing
Kelebihan autopilot untuk marketing
 
Presentation folga s
Presentation folga sPresentation folga s
Presentation folga s
 
Stress Applications
Stress ApplicationsStress Applications
Stress Applications
 
We wish you a merry christmas
We wish you a merry christmasWe wish you a merry christmas
We wish you a merry christmas
 
LLegir i cantar als infants
LLegir i cantar als infantsLLegir i cantar als infants
LLegir i cantar als infants
 
Team work dalam autopilot
Team work dalam autopilotTeam work dalam autopilot
Team work dalam autopilot
 
Statue of liberty & ellis island (a c)
Statue of liberty & ellis island (a c)Statue of liberty & ellis island (a c)
Statue of liberty & ellis island (a c)
 

Similar to Cryptography and security

Cgi whpr 35_pki_e
Cgi whpr 35_pki_eCgi whpr 35_pki_e
Cgi whpr 35_pki_emadunix
 
Computer Security (Cryptography) Ch01
Computer Security (Cryptography) Ch01Computer Security (Cryptography) Ch01
Computer Security (Cryptography) Ch01Saif Kassim
 
Secret-Key-Cryptography-ppt-by-alljobs.co_.in_.pptx
Secret-Key-Cryptography-ppt-by-alljobs.co_.in_.pptxSecret-Key-Cryptography-ppt-by-alljobs.co_.in_.pptx
Secret-Key-Cryptography-ppt-by-alljobs.co_.in_.pptxukd789555
 
Cryptographic Tunneling and the OSI ModelWrite a paper consisting .docx
Cryptographic Tunneling and the OSI ModelWrite a paper consisting .docxCryptographic Tunneling and the OSI ModelWrite a paper consisting .docx
Cryptographic Tunneling and the OSI ModelWrite a paper consisting .docxmydrynan
 
Secret-Key-Cryptography-ppt-by-alljobs.co_.in_.pptx
Secret-Key-Cryptography-ppt-by-alljobs.co_.in_.pptxSecret-Key-Cryptography-ppt-by-alljobs.co_.in_.pptx
Secret-Key-Cryptography-ppt-by-alljobs.co_.in_.pptxjibonjibon5
 
Cryptography chap#6.pptx
Cryptography chap#6.pptxCryptography chap#6.pptx
Cryptography chap#6.pptxHamnaMalik31
 
Lesson 04 - Symmetric and Asymmetric Key Encryptions (1).pptx
Lesson 04 - Symmetric and Asymmetric Key Encryptions (1).pptxLesson 04 - Symmetric and Asymmetric Key Encryptions (1).pptx
Lesson 04 - Symmetric and Asymmetric Key Encryptions (1).pptxMohamedNowfeek1
 
Cryptography
CryptographyCryptography
CryptographyJasim Jas
 
Basic Cryptography unit 4 CSS
Basic Cryptography unit 4 CSSBasic Cryptography unit 4 CSS
Basic Cryptography unit 4 CSSSURBHI SAROHA
 
Cryptography Methodologies
Cryptography MethodologiesCryptography Methodologies
Cryptography Methodologiesijtsrd
 

Similar to Cryptography and security (20)

Public private key
Public private keyPublic private key
Public private key
 
Cgi whpr 35_pki_e
Cgi whpr 35_pki_eCgi whpr 35_pki_e
Cgi whpr 35_pki_e
 
Computer Security (Cryptography) Ch01
Computer Security (Cryptography) Ch01Computer Security (Cryptography) Ch01
Computer Security (Cryptography) Ch01
 
Data encryption
Data encryptionData encryption
Data encryption
 
Encryption
EncryptionEncryption
Encryption
 
Secret-Key-Cryptography-ppt-by-alljobs.co_.in_.pptx
Secret-Key-Cryptography-ppt-by-alljobs.co_.in_.pptxSecret-Key-Cryptography-ppt-by-alljobs.co_.in_.pptx
Secret-Key-Cryptography-ppt-by-alljobs.co_.in_.pptx
 
Cryptographic Tunneling and the OSI ModelWrite a paper consisting .docx
Cryptographic Tunneling and the OSI ModelWrite a paper consisting .docxCryptographic Tunneling and the OSI ModelWrite a paper consisting .docx
Cryptographic Tunneling and the OSI ModelWrite a paper consisting .docx
 
Fundamentals of cryptography
Fundamentals of cryptographyFundamentals of cryptography
Fundamentals of cryptography
 
Secret-Key-Cryptography-ppt-by-alljobs.co_.in_.pptx
Secret-Key-Cryptography-ppt-by-alljobs.co_.in_.pptxSecret-Key-Cryptography-ppt-by-alljobs.co_.in_.pptx
Secret-Key-Cryptography-ppt-by-alljobs.co_.in_.pptx
 
encrption.PDF
encrption.PDFencrption.PDF
encrption.PDF
 
encrption.PDF
encrption.PDFencrption.PDF
encrption.PDF
 
encrption.PDF
encrption.PDFencrption.PDF
encrption.PDF
 
Cryptography chap#6.pptx
Cryptography chap#6.pptxCryptography chap#6.pptx
Cryptography chap#6.pptx
 
Lesson 04 - Symmetric and Asymmetric Key Encryptions (1).pptx
Lesson 04 - Symmetric and Asymmetric Key Encryptions (1).pptxLesson 04 - Symmetric and Asymmetric Key Encryptions (1).pptx
Lesson 04 - Symmetric and Asymmetric Key Encryptions (1).pptx
 
cryptography
cryptographycryptography
cryptography
 
Asif
AsifAsif
Asif
 
Cryptography
CryptographyCryptography
Cryptography
 
Basic Cryptography unit 4 CSS
Basic Cryptography unit 4 CSSBasic Cryptography unit 4 CSS
Basic Cryptography unit 4 CSS
 
Cryptography Methodologies
Cryptography MethodologiesCryptography Methodologies
Cryptography Methodologies
 
Cryptography ppt
Cryptography pptCryptography ppt
Cryptography ppt
 

Recently uploaded

Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLScyllaDB
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):comworks
 
Artificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxArtificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxhariprasad279825
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek SchlawackFwdays
 
APIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDGAPIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDGMarianaLemus7
 
costume and set research powerpoint presentation
costume and set research powerpoint presentationcostume and set research powerpoint presentation
costume and set research powerpoint presentationphoebematthew05
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...shyamraj55
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitecturePixlogix Infotech
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsRizwan Syed
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machinePadma Pradeep
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Mattias Andersson
 
Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyCommit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyAlfredo García Lavilla
 
Powerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time ClashPowerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time Clashcharlottematthew16
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brandgvaughan
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationSafe Software
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationRidwan Fadjar
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 

Recently uploaded (20)

Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQL
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):
 
DMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special EditionDMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special Edition
 
Artificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxArtificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptx
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
 
APIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDGAPIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDG
 
costume and set research powerpoint presentation
costume and set research powerpoint presentationcostume and set research powerpoint presentation
costume and set research powerpoint presentation
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC Architecture
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL Certs
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machine
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?
 
Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyCommit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easy
 
Powerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time ClashPowerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time Clash
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brand
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
 
Hot Sexy call girls in Panjabi Bagh 🔝 9953056974 🔝 Delhi escort Service
Hot Sexy call girls in Panjabi Bagh 🔝 9953056974 🔝 Delhi escort ServiceHot Sexy call girls in Panjabi Bagh 🔝 9953056974 🔝 Delhi escort Service
Hot Sexy call girls in Panjabi Bagh 🔝 9953056974 🔝 Delhi escort Service
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 

Cryptography and security

  • 1. Cryptography and security<br />Abstract<br />From e-mail to cellular communications, from secure Web access to digital cash, cryptography is an essential part of today's information systems. Cryptography helps provide accountability, fairness, accuracy, and confidentiality. It can prevent fraud in electronic commerce and assure the validity of financial transactions. It can protect your anonymity or prove your identity. It can keep vandals from altering your Web page and prevent industrial competitors from reading your confidential documents. And in the future, as commerce and communications continue to move to computer networks, cryptography will become more and more vital. This paper has two major purposes. The first is to define some of the terms and concepts behind basic cryptographic methods, and to offer a way to compare the myriad cryptographic schemes in use today. The second is to provide some real examples of cryptography in use today.<br /> I. INTRODUCTION<br />The art of protecting information by transforming it (encrypting it) into an unreadable format, called cipher text. Only those who possess a secret key can decipher (or decrypt) the message into plain text. Encrypted messages can sometimes be broken by cryptanalysis, also called codebreaking, although modern cryptography techniques are virtually unbreakable. <br /> TYPES OF CRYPTOGRAPHIC ALGORITHMS<br />There are several ways of classifying cryptographic algorithms. For purposes of this paper, they will be categorized based on the number of keys that are employed for encryption and decryption, and further defined by their application and use. The three types of algorithms that will be discussed are (Figure 1): <br />Secret Key Cryptography (SKC): Uses a single key for both encryption and decryption <br />Public Key Cryptography (PKC): Uses one key for encryption and another for decryption <br />Hash Functions: Uses a mathematical transformation to irreversibly quot; encryptquot; information <br />Secret Key Cryptography<br />With secret key cryptography, a single key is used for both encryption and decryption. As shown in Figure 1A, the sender uses the key (or some set of rules) to encrypt the plaintext and sends the ciphertext to the receiver. The receiver applies the same key (or ruleset) to decrypt the message and recover the plaintext. Because a single key is used for both functions, secret key cryptography is also called symmetric encryption.<br />With this form of cryptography, it is obvious that the key must be known to both the sender and the receiver; that, in fact, is the secret. The biggest difficulty with this approach, of course, is the distribution of the key.<br />Secret key cryptography schemes are generally categorized as being either stream ciphers or block ciphers. Stream ciphers operate on a single bit (byte or computer word) at a time and implement some form of feedback mechanism so that the key is constantly changing. A block cipher is so-called because the scheme encrypts one block of data at a time using the same key on each block. In general, the same plaintext block will always encrypt to the same ciphertext when using the same key in a block cipher whereas the same plaintext will encrypt to different ciphertext in a stream cipher.<br />Public-Key Cryptography<br />Generic PKC employs two keys that are mathematically related although knowledge of one key does not allow someone to easily determine the other key. One key is used to encrypt the plaintext and the other key is used to decrypt the ciphertext. The important point here is that it does not matter which key is applied first, but that both keys are required for the process to work (Figure 1B). Because a pair of keys are required, this approach is also called asymmetric cryptography.<br />In PKC, one of the keys is designated the public key and may be advertised as widely as the owner wants. The other key is designated the private key and is never revealed to another party. It is straight forward to send messages under this scheme. Suppose Alice wants to send Bob a message. Alice encrypts some information using Bob's public key; Bob decrypts the ciphertext using his private key. This method could be also used to prove who sent a message; Alice, for example, could encrypt some plaintext with her private key; when Bob decrypts using Alice's public key, he knows that Alice sent the message and Alice cannot deny having sent the message (non-repudiation).<br />Hash Functions<br />Hash functions, also called message digests and one-way encryption, are algorithms that, in some sense, use no key (Figure 1C). Instead, a fixed-length hash value is computed based upon the plaintext that makes it impossible for either the contents or length of the plaintext to be recovered. Hash algorithms are typically used to provide a digital fingerprint of a file's contents, often used to ensure that the file has not been altered by an intruder or virus. Hash functions are also commonly employed by many operating systems to encrypt passwords. Hash functions, then, provide a measure of the integrity of a file.<br />Why Three Encryption Techniques?<br />So, why are there so many different types of cryptographic schemes? Why can't we do everything we need with just one?<br />The answer is that each scheme is optimized for some specific application(s). Hash functions, for example, are well-suited for ensuring data integrity because any change made to the contents of a message will result in the receiver calculating a different hash value than the one placed in the transmission by the sender. Since it is highly unlikely that two different messages will yield the same hash value, data integrity is ensured to a high degree of confidence.<br />Secret key cryptography, on the other hand, is ideally suited to encrypting messages, thus providing privacy and confidentiality. The sender can generate a session key on a per-message basis to encrypt the message; the receiver, of course, needs the same session key to decrypt the message.<br />Key exchange, of course, is a key application of public-key cryptography (no pun intended). Asymmetric schemes can also be used for non-repudiation and user authentication; if the receiver can obtain the session key encrypted with the sender's private key, then only this sender could have sent the message. Public-key cryptography could, theoretically, also be used to encrypt messages although this is rarely done because secret-key cryptography operates about 1000 times faster than public-key cryptography.<br />Figure 2 puts all of this together and shows how a hybrid cryptographic scheme combines all of these functions to form a secure transmission comprising digital signature and digital envelope. In this example, the sender of the message is Alice and the receiver is Bob.<br />A digital envelope comprises an encrypted message and an encrypted session key. Alice uses secret key cryptography to encrypt her message using the session key, which she generates at random with each session. Alice then encrypts the session key using Bob's public key. The encrypted message and encrypted session key together form the digital envelope. Upon receipt, Bob recovers the session secret key using his private key and then decrypts the encrypted message.<br />The digital signature is formed in two steps. First, Alice computes the hash value of her message; next, she encrypts the hash value with her private key. Upon receipt of the digital signature, Bob recovers the hash value calculated by Alice by decrypting the digital signature with Alice's public key. Bob can then apply the hash function to Alice's original message, which he has already decrypted (see previous paragraph). If the resultant hash value is not the same as the value supplied by Alice, then Bob knows that the message has been altered; if the hash values are the same, Bob should believe that the message he received is identical to the one that Alice sent.<br />This scheme also provides nonrepudiation since it proves that Alice sent the message; if the hash value recovered by Bob using Alice's public key proves that the message has not been altered, then only Alice could have created the digital signature. Bob also has proof that he is the intended receiver; if he can correctly decrypt the message, then he must have correctly decrypted the session key meaning that his is the correct private key.<br />FIGURE 2: Sample application of the three cryptographic techniques for secure communication.<br />CONCLUSION<br />This paper has briefly described how cryptography works. The reader must beware, however, that there are a number of ways to attack every one of these systems; cryptanalysis and attacks on cryptosystems, however, are well beyond the scope of this paper.<br />Cryptography is a particularly interesting field because of the amount of work that is, by necessity, done in secret. The irony is that today, secrecy is not the key to the goodness of a cryptographic algorithm. Regardless of the mathematical theory behind an algorithm, the best algorithms are those that are well-known and well-documented because they are also well-tested and well-studied! In fact, time is the only true test of good cryptography; any cryptographic scheme that stays in use year after year is most likely a good one. The strength of cryptography lies in the choice (and management) of the keys<br />REFERENCES<br />An Overview of Cryptography Gary C. Kessler<br />