SlideShare a Scribd company logo

6G7V0033 Cryptography And Applications.docx

Download as DOCX, PDF
S
sdfghj21

course material

Education
1 of 4
6G7V0033 Cryptography And Applications Answer: Introduction There are many ways which can implemented to achieve the goal of encryption and decryption to keep information confidential. It is also worth noting that the science of cryptography has evolved especially in the last ten years. Evidence of cryptography can be traced about four thousand years ago starting from the use of hieroglyph. This was a technique used by Egyptians to communicate. Here the code was secret and was used only by scribes who were sent by kings to transmit messages. Later it moved to what was known mono-alphabetic solution. This involved the art of replacing alphabets of the message with other alphabets. It then came the Caesar shift cipher. In the 15th century came what was known as vigenere coding which offered moving of alphabets in a message. In 19th century experienced the ad hoc approaches. In the 20th century was the invention of the electromechanical machines like enigma rotor machine. In the current 21st century we have experience the use of symmetric and asymmetric algorithms. One of the widely used in cryptography is the RSA algorithm developed by adi Shamir and Ronald Rivest. The algorithms use two different keys that is the private and public key i.e. also known as public-key cryptography. This means that the algorithm uses both private and public lets. Here public key is known to everyone, i.e. it is made public. The key is used to encrypt the message. Nevertheless, the message cannot be decrypted without the private the key. As compared to other types of algorithm RSA is more dependable and secure. Example of companies which have implemented RSA type of algorithm are Asus, Lenovo, HP and Acer (Zhou, 2020, p. 7). As highlighted in the previous section, symmetric type of cryptography has been used in this case. This is a type of encryption where only one key known as secret key which has been used for both decryption and encryption. Cryptographic Application Application Design As highlighted in the previous section the application design has implemented symmetric type of algorithms. One of the major feature of the application design is the use of one key known as secret key to encrypt and decrypt the file or the folder (Mahajan, 2019, p. 24). The systems or those entities communicating symmetrically must exchange the key so that they
can be used in the decryption process. By using symmetric algorithm, data needs to be converted to a form in which it can’t be understood by anyone who doesn’t possess the secret key. In this case the type of algorithm implemented is what is known as block algorithm i.e. as data is processes the system holds the data in its memory as it waits for complete block. Application Implementation The first process is to import the cryptography package as shown in the figure below. This is one of the python libraries. Figure 1: Importing the cryptography python library The second step is to create a key. In the code show above this project implemented symmetric equation that is It is important to note that fernet is specifically authenticated cryptography that does not allow neither read or write/modify the file of the folder without the key. The third step is to create the key and the save it in the same folder in our data. This is as shown by the figure shown below. By running the code up to this part a key will be generated and stored as mykey.key file. As shown by the figures shown below (the highlighted in blue is the key generated) After generating key one can the proceed to encrypt the file. In this case, the project has implemented a file known as grades excel file. The code for encryption is as shown below. The last step performed is decrypting the file. In this case the process performed follows a reverse process for encryption. This is as shown by the code shown below Critical Security Analysis Threat Model As noted from the previous section, the application is designed to implement cryptography library. One of the major classes which have been used in this library is the Fernet class. As noted by other computer scientist fernet class have several failure nodes. First is integer overflow specifically in the OpenSSL. Second as noted fernet implements symmetric type of encryption. One might be of the view that of the use if this type of encryption is fast; however, if one gets their hand on the key; it means that they can decrypt everything with that key. Another issue is with what is known as key transportation. As noted from the code the key is to generated or be transmitted first to the receiving system before the actual file is transmitted or encrypted. This means the communication is somehow insecure as it
impossible to guarantee that no one will tap the communication or the key. Example here one can inject a code to print the key as in our code; this means that they will have access to the key before the file is transmitted or encrypted. Third issue with fernet is that it can’t provide digital signatures which cannot be repudiated (Goshwe, 2019, p. 76) . Potential Attacks It is important to note that Fernet class implemented in this case makes use of various general functions. In addition, anyone can intercept a certain object in a program that utilizes general functions by just sending sequence of events to the program. This means that the application developed here is prone to attacks such as injection attacks. It is also important to note another major concern with symmetric cryptographic application is on cloud computing. Over the cloud, the application is prone to cycling type and short message attack. Here it is assumed that an attacker knows some blocks of the secret key and they then proceed to decode the rest of the secret key (Burnett, 2021, p. 134) Possible Improvements As one can note from figure the program uses simple python Fernet class to generate keys. Even though the program is able to produce secret keys, it is important to use the available secure python libraries. Example is using one of the best python encryption libraries known as pycryptodome. This is a self-contained python package with basic cryptographic primitives. The package supports python 3.5 and python 2.7. By using the package, it will bring with it several enhancements to the program. Example the library comes with authenticated encryption modes like SIV, OCB, CCM, and GCM. Second the package accelerates AES especially on Intel platforms. Third as compared to the use of functions the library provides cleaner RSA key generation that is based on FIPS 186-4. Forth the package comes with it SHA-3 and BLACKE2 algorithms which can be used together with RSA algorithm. Other major features of the package are password-protected PKCS#8 key containers, deterministic algorithms, and generation of random numbers which are sourced directly from the Operating System that one is using. Also the package comes with it a Shamir Secret Sharing scheme which better supports Windows operating system. In this case, if the package was to be used to generate secret keys it would generate secret keys with RSA feature which are in form of bits i.e. (1024-bit). It would then print the keys on the console as hex decimals. The keys generated are more secure that the use of functions to generate keys. Lastly, using any type of symmetric algorithm in cloud requires the use of a unique authentication identity which first checked by a server to determine the validity of a user. The server checks a user identify and the corresponding MAC address for a specific device (Al Hasib, 2018, p. 176). Conclusion As indicated in this paper, symmetric algorithm was used to showcase cryptography. The
main application contained 29 lines of codes and seventy-one in the test output. As noted from the implementation various Fernet class was used from cryptography python library to perform both encryption and decryption. However, as indicated by the paper there are various loopholes that exists in the application. One is lack of a secured form of encryption; it is not secure to first generate a secret key before encrypting the file. This brought by the fact that symmetric type of encryption is prone to key transportation issue. Second, the application comes down functional type of programming which is coupled with various terminologies issues like referential transparency. The paper recommends the use of python built in libraries to implement RSA algorithm such as pycryptodome. References Al Hasib, A. &. H., 2018. A comparative study of the performance and security issues of AES and RSA cryptography.. In 2018 Third International Conference on Convergence and Hybrid Information Technology, V(3), pp. 124-198. Burnett, S. a. S. P., 2021. RSA Security's official guide to cryptography. 1 ed. Sydeny : 3rd. Goshwe, N., 2019. Data encryption and decryption using RSA algorithm in a network environment. International Journal of Computer Science and Network Security, IV(4), pp. 23-97. Mahajan, P. a. A. S., 2019. A study of encryption algorithms AES, DES and RSA for security. Global Journal of Computer Science and Technology, IV(10), pp. 13-90. Zhou, X. a. X. T., 2020. Research and implementation of RSA algorithm for encryption and decryption. Proceedings of 2011 6th international forum on strategic technology, III(2), pp. 1-15.

Recommended

International Journal of Engineering Research and Development (IJERD)
International Journal of Engineering Research and Development (IJERD)International Journal of Engineering Research and Development (IJERD)
International Journal of Engineering Research and Development (IJERD)
IJERD Editor
 
H42063743
H42063743H42063743
H42063743
IJERA Editor
 
Comparison of Various Encryption Algorithms and Techniques for improving secu...
Comparison of Various Encryption Algorithms and Techniques for improving secu...Comparison of Various Encryption Algorithms and Techniques for improving secu...
Comparison of Various Encryption Algorithms and Techniques for improving secu...
IOSR Journals
 
L017136269
L017136269L017136269
L017136269
IOSR Journals
 
Image Cryptography using RSA Algorithm
Image Cryptography using RSA AlgorithmImage Cryptography using RSA Algorithm
Image Cryptography using RSA Algorithm
ijtsrd
 
A Survey on Generation and Evolution of Various Cryptographic Techniques
A Survey on Generation and Evolution of Various Cryptographic TechniquesA Survey on Generation and Evolution of Various Cryptographic Techniques
A Survey on Generation and Evolution of Various Cryptographic Techniques
IRJET Journal
 
Improving Cloud Security Using Multi Level Encryption and Authentication
Improving Cloud Security Using Multi Level Encryption and AuthenticationImproving Cloud Security Using Multi Level Encryption and Authentication
Improving Cloud Security Using Multi Level Encryption and Authentication
AM Publications,India
 
Caesar Cipher Method Design and Implementation Based on Java, C++, and Python...
Caesar Cipher Method Design and Implementation Based on Java, C++, and Python...Caesar Cipher Method Design and Implementation Based on Java, C++, and Python...
Caesar Cipher Method Design and Implementation Based on Java, C++, and Python...
IJCSIS Research Publications
 

Recommended

International Journal of Engineering Research and Development (IJERD)
International Journal of Engineering Research and Development (IJERD)International Journal of Engineering Research and Development (IJERD)
International Journal of Engineering Research and Development (IJERD)
IJERD Editor
 
H42063743
H42063743H42063743
H42063743
IJERA Editor
 
Comparison of Various Encryption Algorithms and Techniques for improving secu...
Comparison of Various Encryption Algorithms and Techniques for improving secu...Comparison of Various Encryption Algorithms and Techniques for improving secu...
Comparison of Various Encryption Algorithms and Techniques for improving secu...
IOSR Journals
 
L017136269
L017136269L017136269
L017136269
IOSR Journals
 
Image Cryptography using RSA Algorithm
Image Cryptography using RSA AlgorithmImage Cryptography using RSA Algorithm
Image Cryptography using RSA Algorithm
ijtsrd
 
A Survey on Generation and Evolution of Various Cryptographic Techniques
A Survey on Generation and Evolution of Various Cryptographic TechniquesA Survey on Generation and Evolution of Various Cryptographic Techniques
A Survey on Generation and Evolution of Various Cryptographic Techniques
IRJET Journal
 
Improving Cloud Security Using Multi Level Encryption and Authentication
Improving Cloud Security Using Multi Level Encryption and AuthenticationImproving Cloud Security Using Multi Level Encryption and Authentication
Improving Cloud Security Using Multi Level Encryption and Authentication
AM Publications,India
 
Caesar Cipher Method Design and Implementation Based on Java, C++, and Python...
Caesar Cipher Method Design and Implementation Based on Java, C++, and Python...Caesar Cipher Method Design and Implementation Based on Java, C++, and Python...
Caesar Cipher Method Design and Implementation Based on Java, C++, and Python...
IJCSIS Research Publications
 
IRJET- Storage Security in Cloud Computing
IRJET- Storage Security in Cloud ComputingIRJET- Storage Security in Cloud Computing
IRJET- Storage Security in Cloud Computing
IRJET Journal
 
Implement a novel symmetric block
Implement a novel symmetric blockImplement a novel symmetric block
Implement a novel symmetric block
ijcisjournal
 
IMPLEMENT A NOVEL SYMMETRIC BLOCK CIPHER ALGORITHM
IMPLEMENT A NOVEL SYMMETRIC BLOCK CIPHER ALGORITHMIMPLEMENT A NOVEL SYMMETRIC BLOCK CIPHER ALGORITHM
IMPLEMENT A NOVEL SYMMETRIC BLOCK CIPHER ALGORITHM
ijcisjournal
 
Ch34508510
Ch34508510Ch34508510
Ch34508510
IJERA Editor
 
Design and Implementation of New Encryption algorithm to Enhance Performance...
Design and Implementation of New Encryption algorithm to Enhance Performance...Design and Implementation of New Encryption algorithm to Enhance Performance...
Design and Implementation of New Encryption algorithm to Enhance Performance...
IOSR Journals
 
Ijtra150171
Ijtra150171Ijtra150171
Ijtra150171
International Journal of Technical Research & Application
 
10.11648.j.ijdst.20160204.12
10.11648.j.ijdst.20160204.1210.11648.j.ijdst.20160204.12
10.11648.j.ijdst.20160204.12
Arindam Paul
 
Hybrid Cryptography security in public cloud using TwoFish and ECC algorithm
Hybrid Cryptography security in public cloud using TwoFish and ECC algorithmHybrid Cryptography security in public cloud using TwoFish and ECC algorithm
Hybrid Cryptography security in public cloud using TwoFish and ECC algorithm
IJECEIAES
 
Encryption Data Measurement and Data Security of Hybrid AES and RSA Algorithm
Encryption Data Measurement and Data Security of Hybrid AES and RSA AlgorithmEncryption Data Measurement and Data Security of Hybrid AES and RSA Algorithm
Encryption Data Measurement and Data Security of Hybrid AES and RSA Algorithm
ijtsrd
 
N45028390
N45028390N45028390
N45028390
IJERA Editor
 
State of the art realistic cryptographic
State of the art realistic cryptographicState of the art realistic cryptographic
State of the art realistic cryptographic
ijcsa
 
A new algorithm for implementing message authentication and integrity in soft...
A new algorithm for implementing message authentication and integrity in soft...A new algorithm for implementing message authentication and integrity in soft...
A new algorithm for implementing message authentication and integrity in soft...
TELKOMNIKA JOURNAL
 
Design of Hybrid Cryptography Algorithm for Secure Communication
Design of Hybrid Cryptography Algorithm for Secure CommunicationDesign of Hybrid Cryptography Algorithm for Secure Communication
Design of Hybrid Cryptography Algorithm for Secure Communication
IRJET Journal
 
A Survey on Cryptographic Techniques for Network Security.pdf
A Survey on Cryptographic Techniques for Network Security.pdfA Survey on Cryptographic Techniques for Network Security.pdf
A Survey on Cryptographic Techniques for Network Security.pdf
Yasmine Anino
 
Rsa Encryption in java
Rsa Encryption in java Rsa Encryption in java
Rsa Encryption in java
PiyushPatil73
 
final_Paper_springer_final
final_Paper_springer_finalfinal_Paper_springer_final
final_Paper_springer_final
Joseph Emmanuel
 
FPGA and ASIC Implementation of Speech Encryption and Decryption using AES Al...
FPGA and ASIC Implementation of Speech Encryption and Decryption using AES Al...FPGA and ASIC Implementation of Speech Encryption and Decryption using AES Al...
FPGA and ASIC Implementation of Speech Encryption and Decryption using AES Al...
IJCSIS Research Publications
 
Encrypted Negative Password using for Authentication
Encrypted Negative Password using for AuthenticationEncrypted Negative Password using for Authentication
Encrypted Negative Password using for Authentication
ijtsrd
 
A New Method for Encrypting Digital Data Using Symmetric Key in Information E...
A New Method for Encrypting Digital Data Using Symmetric Key in Information E...A New Method for Encrypting Digital Data Using Symmetric Key in Information E...
A New Method for Encrypting Digital Data Using Symmetric Key in Information E...
Editor IJCATR
 
Secure Medical Data Computation using Virtual_ID Authentication and File Swap...
Secure Medical Data Computation using Virtual_ID Authentication and File Swap...Secure Medical Data Computation using Virtual_ID Authentication and File Swap...
Secure Medical Data Computation using Virtual_ID Authentication and File Swap...
IJASRD Journal
 
you interviewed the CEO and evaluated the organization to gain.docx
you interviewed the CEO and evaluated the organization to gain.docxyou interviewed the CEO and evaluated the organization to gain.docx
you interviewed the CEO and evaluated the organization to gain.docx
sdfghj21
 
Write a to paper about genetically vigorous.docx
Write a to paper about genetically vigorous.docxWrite a to paper about genetically vigorous.docx
Write a to paper about genetically vigorous.docx
sdfghj21
 

More Related Content

Similar to 6G7V0033 Cryptography And Applications.docx

Implement a novel symmetric block
Implement a novel symmetric blockImplement a novel symmetric block
Implement a novel symmetric block
ijcisjournal
 
IMPLEMENT A NOVEL SYMMETRIC BLOCK CIPHER ALGORITHM
IMPLEMENT A NOVEL SYMMETRIC BLOCK CIPHER ALGORITHMIMPLEMENT A NOVEL SYMMETRIC BLOCK CIPHER ALGORITHM
IMPLEMENT A NOVEL SYMMETRIC BLOCK CIPHER ALGORITHM
ijcisjournal
 
10.11648.j.ijdst.20160204.12
10.11648.j.ijdst.20160204.1210.11648.j.ijdst.20160204.12
10.11648.j.ijdst.20160204.12
Arindam Paul
 
Hybrid Cryptography security in public cloud using TwoFish and ECC algorithm
Hybrid Cryptography security in public cloud using TwoFish and ECC algorithmHybrid Cryptography security in public cloud using TwoFish and ECC algorithm
Hybrid Cryptography security in public cloud using TwoFish and ECC algorithm
IJECEIAES
 
Encryption Data Measurement and Data Security of Hybrid AES and RSA Algorithm
Encryption Data Measurement and Data Security of Hybrid AES and RSA AlgorithmEncryption Data Measurement and Data Security of Hybrid AES and RSA Algorithm
Encryption Data Measurement and Data Security of Hybrid AES and RSA Algorithm
ijtsrd
 
State of the art realistic cryptographic
State of the art realistic cryptographicState of the art realistic cryptographic
State of the art realistic cryptographic
ijcsa
 
A new algorithm for implementing message authentication and integrity in soft...
A new algorithm for implementing message authentication and integrity in soft...A new algorithm for implementing message authentication and integrity in soft...
A new algorithm for implementing message authentication and integrity in soft...
TELKOMNIKA JOURNAL
 
final_Paper_springer_final
final_Paper_springer_finalfinal_Paper_springer_final
final_Paper_springer_final
Joseph Emmanuel
 
FPGA and ASIC Implementation of Speech Encryption and Decryption using AES Al...
FPGA and ASIC Implementation of Speech Encryption and Decryption using AES Al...FPGA and ASIC Implementation of Speech Encryption and Decryption using AES Al...
FPGA and ASIC Implementation of Speech Encryption and Decryption using AES Al...
IJCSIS Research Publications
 
Encrypted Negative Password using for Authentication
Encrypted Negative Password using for AuthenticationEncrypted Negative Password using for Authentication
Encrypted Negative Password using for Authentication
ijtsrd
 
A New Method for Encrypting Digital Data Using Symmetric Key in Information E...
A New Method for Encrypting Digital Data Using Symmetric Key in Information E...A New Method for Encrypting Digital Data Using Symmetric Key in Information E...
A New Method for Encrypting Digital Data Using Symmetric Key in Information E...
Editor IJCATR
 
Secure Medical Data Computation using Virtual_ID Authentication and File Swap...
Secure Medical Data Computation using Virtual_ID Authentication and File Swap...Secure Medical Data Computation using Virtual_ID Authentication and File Swap...
Secure Medical Data Computation using Virtual_ID Authentication and File Swap...
IJASRD Journal
 

Similar to 6G7V0033 Cryptography And Applications.docx (20)

IRJET- Storage Security in Cloud Computing
IRJET- Storage Security in Cloud ComputingIRJET- Storage Security in Cloud Computing
IRJET- Storage Security in Cloud Computing
 
Implement a novel symmetric block
Implement a novel symmetric blockImplement a novel symmetric block
Implement a novel symmetric block
 
IMPLEMENT A NOVEL SYMMETRIC BLOCK CIPHER ALGORITHM
IMPLEMENT A NOVEL SYMMETRIC BLOCK CIPHER ALGORITHMIMPLEMENT A NOVEL SYMMETRIC BLOCK CIPHER ALGORITHM
IMPLEMENT A NOVEL SYMMETRIC BLOCK CIPHER ALGORITHM
 
Ch34508510
Ch34508510Ch34508510
Ch34508510
 
Design and Implementation of New Encryption algorithm to Enhance Performance...
Design and Implementation of New Encryption algorithm to Enhance Performance...Design and Implementation of New Encryption algorithm to Enhance Performance...
Design and Implementation of New Encryption algorithm to Enhance Performance...
 
Ijtra150171
Ijtra150171Ijtra150171
Ijtra150171
 
10.11648.j.ijdst.20160204.12
10.11648.j.ijdst.20160204.1210.11648.j.ijdst.20160204.12
10.11648.j.ijdst.20160204.12
 
Hybrid Cryptography security in public cloud using TwoFish and ECC algorithm
Hybrid Cryptography security in public cloud using TwoFish and ECC algorithmHybrid Cryptography security in public cloud using TwoFish and ECC algorithm
Hybrid Cryptography security in public cloud using TwoFish and ECC algorithm
 
Encryption Data Measurement and Data Security of Hybrid AES and RSA Algorithm
Encryption Data Measurement and Data Security of Hybrid AES and RSA AlgorithmEncryption Data Measurement and Data Security of Hybrid AES and RSA Algorithm
Encryption Data Measurement and Data Security of Hybrid AES and RSA Algorithm
 
N45028390
N45028390N45028390
N45028390
 
State of the art realistic cryptographic
State of the art realistic cryptographicState of the art realistic cryptographic
State of the art realistic cryptographic
 
A new algorithm for implementing message authentication and integrity in soft...
A new algorithm for implementing message authentication and integrity in soft...A new algorithm for implementing message authentication and integrity in soft...
A new algorithm for implementing message authentication and integrity in soft...
 
Design of Hybrid Cryptography Algorithm for Secure Communication
Design of Hybrid Cryptography Algorithm for Secure CommunicationDesign of Hybrid Cryptography Algorithm for Secure Communication
Design of Hybrid Cryptography Algorithm for Secure Communication
 
A Survey on Cryptographic Techniques for Network Security.pdf
A Survey on Cryptographic Techniques for Network Security.pdfA Survey on Cryptographic Techniques for Network Security.pdf
A Survey on Cryptographic Techniques for Network Security.pdf
 
Rsa Encryption in java
Rsa Encryption in java Rsa Encryption in java
Rsa Encryption in java
 
final_Paper_springer_final
final_Paper_springer_finalfinal_Paper_springer_final
final_Paper_springer_final
 
FPGA and ASIC Implementation of Speech Encryption and Decryption using AES Al...
FPGA and ASIC Implementation of Speech Encryption and Decryption using AES Al...FPGA and ASIC Implementation of Speech Encryption and Decryption using AES Al...
FPGA and ASIC Implementation of Speech Encryption and Decryption using AES Al...
 
Encrypted Negative Password using for Authentication
Encrypted Negative Password using for AuthenticationEncrypted Negative Password using for Authentication
Encrypted Negative Password using for Authentication
 
A New Method for Encrypting Digital Data Using Symmetric Key in Information E...
A New Method for Encrypting Digital Data Using Symmetric Key in Information E...A New Method for Encrypting Digital Data Using Symmetric Key in Information E...
A New Method for Encrypting Digital Data Using Symmetric Key in Information E...
 
Secure Medical Data Computation using Virtual_ID Authentication and File Swap...
Secure Medical Data Computation using Virtual_ID Authentication and File Swap...Secure Medical Data Computation using Virtual_ID Authentication and File Swap...
Secure Medical Data Computation using Virtual_ID Authentication and File Swap...
 

More from sdfghj21

you interviewed the CEO and evaluated the organization to gain.docx
you interviewed the CEO and evaluated the organization to gain.docxyou interviewed the CEO and evaluated the organization to gain.docx
you interviewed the CEO and evaluated the organization to gain.docx
sdfghj21
 
Write a to paper about genetically vigorous.docx
Write a to paper about genetically vigorous.docxWrite a to paper about genetically vigorous.docx
Write a to paper about genetically vigorous.docx
sdfghj21
 
When you talk about the meaning of which sense.docx
When you talk about the meaning of which sense.docxWhen you talk about the meaning of which sense.docx
When you talk about the meaning of which sense.docx
sdfghj21
 
Virtualization and cloud services continue to gain momentum as more.docx
Virtualization and cloud services continue to gain momentum as more.docxVirtualization and cloud services continue to gain momentum as more.docx
Virtualization and cloud services continue to gain momentum as more.docx
sdfghj21
 
Your name Brief background Your profession What you hope to.docx
Your name Brief background Your profession What you hope to.docxYour name Brief background Your profession What you hope to.docx
Your name Brief background Your profession What you hope to.docx
sdfghj21
 
The ways in which views related to race seem.docx
The ways in which views related to race seem.docxThe ways in which views related to race seem.docx
The ways in which views related to race seem.docx
sdfghj21
 
This project provides you an opportunity to apply the marketing.docx
This project provides you an opportunity to apply the marketing.docxThis project provides you an opportunity to apply the marketing.docx
This project provides you an opportunity to apply the marketing.docx
sdfghj21
 
The assignment must be submitted on a Microsoft word.docx
The assignment must be submitted on a Microsoft word.docxThe assignment must be submitted on a Microsoft word.docx
The assignment must be submitted on a Microsoft word.docx
sdfghj21
 
Using online or library research articles explain the.docx
Using online or library research articles explain the.docxUsing online or library research articles explain the.docx
Using online or library research articles explain the.docx
sdfghj21
 
Standards are designed to ensure Without no structure.docx
Standards are designed to ensure Without no structure.docxStandards are designed to ensure Without no structure.docx
Standards are designed to ensure Without no structure.docx
sdfghj21
 
think of a leader or presenter whose communication has.docx
think of a leader or presenter whose communication has.docxthink of a leader or presenter whose communication has.docx
think of a leader or presenter whose communication has.docx
sdfghj21
 
The Community of Inquiry frameworkLinks to an external is.docx
The Community of Inquiry frameworkLinks to an external is.docxThe Community of Inquiry frameworkLinks to an external is.docx
The Community of Inquiry frameworkLinks to an external is.docx
sdfghj21
 
we focus on notion of the in addition.docx
we focus on notion of the in addition.docxwe focus on notion of the in addition.docx
we focus on notion of the in addition.docx
sdfghj21
 
When and how did you become aware of people being.docx
When and how did you become aware of people being.docxWhen and how did you become aware of people being.docx
When and how did you become aware of people being.docx
sdfghj21
 
To Working with your field identify a social.docx
To Working with your field identify a social.docxTo Working with your field identify a social.docx
To Working with your field identify a social.docx
sdfghj21
 
Write Cornell notes after reading Cornell Notes are.docx
Write Cornell notes after reading Cornell Notes are.docxWrite Cornell notes after reading Cornell Notes are.docx
Write Cornell notes after reading Cornell Notes are.docx
sdfghj21
 
What are some current challenges your chosen groups.docx
What are some current challenges your chosen groups.docxWhat are some current challenges your chosen groups.docx
What are some current challenges your chosen groups.docx
sdfghj21
 
To complete this review the Learning Resources for this.docx
To complete this review the Learning Resources for this.docxTo complete this review the Learning Resources for this.docx
To complete this review the Learning Resources for this.docx
sdfghj21
 
summarize Jacob and inspirations in a.docx
summarize Jacob and inspirations in a.docxsummarize Jacob and inspirations in a.docx
summarize Jacob and inspirations in a.docx
sdfghj21
 
Strong leaders do not only focus on building their own.docx
Strong leaders do not only focus on building their own.docxStrong leaders do not only focus on building their own.docx
Strong leaders do not only focus on building their own.docx
sdfghj21
 

More from sdfghj21 (20)

you interviewed the CEO and evaluated the organization to gain.docx
you interviewed the CEO and evaluated the organization to gain.docxyou interviewed the CEO and evaluated the organization to gain.docx
you interviewed the CEO and evaluated the organization to gain.docx
 
Write a to paper about genetically vigorous.docx
Write a to paper about genetically vigorous.docxWrite a to paper about genetically vigorous.docx
Write a to paper about genetically vigorous.docx
 
When you talk about the meaning of which sense.docx
When you talk about the meaning of which sense.docxWhen you talk about the meaning of which sense.docx
When you talk about the meaning of which sense.docx
 
Virtualization and cloud services continue to gain momentum as more.docx
Virtualization and cloud services continue to gain momentum as more.docxVirtualization and cloud services continue to gain momentum as more.docx
Virtualization and cloud services continue to gain momentum as more.docx
 
Your name Brief background Your profession What you hope to.docx
Your name Brief background Your profession What you hope to.docxYour name Brief background Your profession What you hope to.docx
Your name Brief background Your profession What you hope to.docx
 
The ways in which views related to race seem.docx
The ways in which views related to race seem.docxThe ways in which views related to race seem.docx
The ways in which views related to race seem.docx
 
This project provides you an opportunity to apply the marketing.docx
This project provides you an opportunity to apply the marketing.docxThis project provides you an opportunity to apply the marketing.docx
This project provides you an opportunity to apply the marketing.docx
 
The assignment must be submitted on a Microsoft word.docx
The assignment must be submitted on a Microsoft word.docxThe assignment must be submitted on a Microsoft word.docx
The assignment must be submitted on a Microsoft word.docx
 
Using online or library research articles explain the.docx
Using online or library research articles explain the.docxUsing online or library research articles explain the.docx
Using online or library research articles explain the.docx
 
Standards are designed to ensure Without no structure.docx
Standards are designed to ensure Without no structure.docxStandards are designed to ensure Without no structure.docx
Standards are designed to ensure Without no structure.docx
 
think of a leader or presenter whose communication has.docx
think of a leader or presenter whose communication has.docxthink of a leader or presenter whose communication has.docx
think of a leader or presenter whose communication has.docx
 
The Community of Inquiry frameworkLinks to an external is.docx
The Community of Inquiry frameworkLinks to an external is.docxThe Community of Inquiry frameworkLinks to an external is.docx
The Community of Inquiry frameworkLinks to an external is.docx
 
we focus on notion of the in addition.docx
we focus on notion of the in addition.docxwe focus on notion of the in addition.docx
we focus on notion of the in addition.docx
 
When and how did you become aware of people being.docx
When and how did you become aware of people being.docxWhen and how did you become aware of people being.docx
When and how did you become aware of people being.docx
 
To Working with your field identify a social.docx
To Working with your field identify a social.docxTo Working with your field identify a social.docx
To Working with your field identify a social.docx
 
Write Cornell notes after reading Cornell Notes are.docx
Write Cornell notes after reading Cornell Notes are.docxWrite Cornell notes after reading Cornell Notes are.docx
Write Cornell notes after reading Cornell Notes are.docx
 
What are some current challenges your chosen groups.docx
What are some current challenges your chosen groups.docxWhat are some current challenges your chosen groups.docx
What are some current challenges your chosen groups.docx
 
To complete this review the Learning Resources for this.docx
To complete this review the Learning Resources for this.docxTo complete this review the Learning Resources for this.docx
To complete this review the Learning Resources for this.docx
 
summarize Jacob and inspirations in a.docx
summarize Jacob and inspirations in a.docxsummarize Jacob and inspirations in a.docx
summarize Jacob and inspirations in a.docx
 
Strong leaders do not only focus on building their own.docx
Strong leaders do not only focus on building their own.docxStrong leaders do not only focus on building their own.docx
Strong leaders do not only focus on building their own.docx
 

Recently uploaded

Sternal Fractures & Dislocations - EMGuidewire Radiology Reading Room
Sternal Fractures & Dislocations - EMGuidewire Radiology Reading RoomSternal Fractures & Dislocations - EMGuidewire Radiology Reading Room
Sternal Fractures & Dislocations - EMGuidewire Radiology Reading Room
Sean M. Fox
 
SPLICE Working Group: Reusable Code Examples
SPLICE Working Group: Reusable Code ExamplesSPLICE Working Group: Reusable Code Examples
SPLICE Working Group: Reusable Code Examples
Peter Brusilovsky
 
會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽
會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽
會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽
中 央社
 

Recently uploaded (20)

male presentation...pdf.................
male presentation...pdf.................male presentation...pdf.................
male presentation...pdf.................
 
Sternal Fractures & Dislocations - EMGuidewire Radiology Reading Room
Sternal Fractures & Dislocations - EMGuidewire Radiology Reading RoomSternal Fractures & Dislocations - EMGuidewire Radiology Reading Room
Sternal Fractures & Dislocations - EMGuidewire Radiology Reading Room
 
Improved Approval Flow in Odoo 17 Studio App
Improved Approval Flow in Odoo 17 Studio AppImproved Approval Flow in Odoo 17 Studio App
Improved Approval Flow in Odoo 17 Studio App
 
SPLICE Working Group: Reusable Code Examples
SPLICE Working Group: Reusable Code ExamplesSPLICE Working Group: Reusable Code Examples
SPLICE Working Group: Reusable Code Examples
 
Analyzing and resolving a communication crisis in Dhaka textiles LTD.pptx
Analyzing and resolving a communication crisis in Dhaka textiles LTD.pptxAnalyzing and resolving a communication crisis in Dhaka textiles LTD.pptx
Analyzing and resolving a communication crisis in Dhaka textiles LTD.pptx
 
How To Create Editable Tree View in Odoo 17
How To Create Editable Tree View in Odoo 17How To Create Editable Tree View in Odoo 17
How To Create Editable Tree View in Odoo 17
 
MOOD STABLIZERS DRUGS.pptx
MOOD STABLIZERS DRUGS.pptxMOOD STABLIZERS DRUGS.pptx
MOOD STABLIZERS DRUGS.pptx
 
Trauma-Informed Leadership - Five Practical Principles
Trauma-Informed Leadership - Five Practical PrinciplesTrauma-Informed Leadership - Five Practical Principles
Trauma-Informed Leadership - Five Practical Principles
 
UChicago CMSC 23320 - The Best Commit Messages of 2024
UChicago CMSC 23320 - The Best Commit Messages of 2024UChicago CMSC 23320 - The Best Commit Messages of 2024
UChicago CMSC 23320 - The Best Commit Messages of 2024
 
會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽
會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽
會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽
 
OS-operating systems- ch05 (CPU Scheduling) ...
OS-operating systems- ch05 (CPU Scheduling) ...OS-operating systems- ch05 (CPU Scheduling) ...
OS-operating systems- ch05 (CPU Scheduling) ...
 
When Quality Assurance Meets Innovation in Higher Education - Report launch w...
When Quality Assurance Meets Innovation in Higher Education - Report launch w...When Quality Assurance Meets Innovation in Higher Education - Report launch w...
When Quality Assurance Meets Innovation in Higher Education - Report launch w...
 
How to Manage Website in Odoo 17 Studio App.pptx
How to Manage Website in Odoo 17 Studio App.pptxHow to Manage Website in Odoo 17 Studio App.pptx
How to Manage Website in Odoo 17 Studio App.pptx
 
Basic Civil Engineering notes on Transportation Engineering & Modes of Transport
Basic Civil Engineering notes on Transportation Engineering & Modes of TransportBasic Civil Engineering notes on Transportation Engineering & Modes of Transport
Basic Civil Engineering notes on Transportation Engineering & Modes of Transport
 
Graduate Outcomes Presentation Slides - English (v3).pptx
Graduate Outcomes Presentation Slides - English (v3).pptxGraduate Outcomes Presentation Slides - English (v3).pptx
Graduate Outcomes Presentation Slides - English (v3).pptx
 
AIM of Education-Teachers Training-2024.ppt
AIM of Education-Teachers Training-2024.pptAIM of Education-Teachers Training-2024.ppt
AIM of Education-Teachers Training-2024.ppt
 
TỔNG HỢP HƠN 100 ĐỀ THI THỬ TỐT NGHIỆP THPT TOÁN 2024 - TỪ CÁC TRƯỜNG, TRƯỜNG...
TỔNG HỢP HƠN 100 ĐỀ THI THỬ TỐT NGHIỆP THPT TOÁN 2024 - TỪ CÁC TRƯỜNG, TRƯỜNG...TỔNG HỢP HƠN 100 ĐỀ THI THỬ TỐT NGHIỆP THPT TOÁN 2024 - TỪ CÁC TRƯỜNG, TRƯỜNG...
TỔNG HỢP HƠN 100 ĐỀ THI THỬ TỐT NGHIỆP THPT TOÁN 2024 - TỪ CÁC TRƯỜNG, TRƯỜNG...
 
Book Review of Run For Your Life Powerpoint
Book Review of Run For Your Life PowerpointBook Review of Run For Your Life Powerpoint
Book Review of Run For Your Life Powerpoint
 
ĐỀ THAM KHẢO KÌ THI TUYỂN SINH VÀO LỚP 10 MÔN TIẾNG ANH FORM 50 CÂU TRẮC NGHI...
ĐỀ THAM KHẢO KÌ THI TUYỂN SINH VÀO LỚP 10 MÔN TIẾNG ANH FORM 50 CÂU TRẮC NGHI...ĐỀ THAM KHẢO KÌ THI TUYỂN SINH VÀO LỚP 10 MÔN TIẾNG ANH FORM 50 CÂU TRẮC NGHI...
ĐỀ THAM KHẢO KÌ THI TUYỂN SINH VÀO LỚP 10 MÔN TIẾNG ANH FORM 50 CÂU TRẮC NGHI...
 
e-Sealing at EADTU by Kamakshi Rajagopal
e-Sealing at EADTU by Kamakshi Rajagopale-Sealing at EADTU by Kamakshi Rajagopal
e-Sealing at EADTU by Kamakshi Rajagopal
 

6G7V0033 Cryptography And Applications.docx

  • 1. 6G7V0033 Cryptography And Applications Answer: Introduction There are many ways which can implemented to achieve the goal of encryption and decryption to keep information confidential. It is also worth noting that the science of cryptography has evolved especially in the last ten years. Evidence of cryptography can be traced about four thousand years ago starting from the use of hieroglyph. This was a technique used by Egyptians to communicate. Here the code was secret and was used only by scribes who were sent by kings to transmit messages. Later it moved to what was known mono-alphabetic solution. This involved the art of replacing alphabets of the message with other alphabets. It then came the Caesar shift cipher. In the 15th century came what was known as vigenere coding which offered moving of alphabets in a message. In 19th century experienced the ad hoc approaches. In the 20th century was the invention of the electromechanical machines like enigma rotor machine. In the current 21st century we have experience the use of symmetric and asymmetric algorithms. One of the widely used in cryptography is the RSA algorithm developed by adi Shamir and Ronald Rivest. The algorithms use two different keys that is the private and public key i.e. also known as public-key cryptography. This means that the algorithm uses both private and public lets. Here public key is known to everyone, i.e. it is made public. The key is used to encrypt the message. Nevertheless, the message cannot be decrypted without the private the key. As compared to other types of algorithm RSA is more dependable and secure. Example of companies which have implemented RSA type of algorithm are Asus, Lenovo, HP and Acer (Zhou, 2020, p. 7). As highlighted in the previous section, symmetric type of cryptography has been used in this case. This is a type of encryption where only one key known as secret key which has been used for both decryption and encryption. Cryptographic Application Application Design As highlighted in the previous section the application design has implemented symmetric type of algorithms. One of the major feature of the application design is the use of one key known as secret key to encrypt and decrypt the file or the folder (Mahajan, 2019, p. 24). The systems or those entities communicating symmetrically must exchange the key so that they
  • 2. can be used in the decryption process. By using symmetric algorithm, data needs to be converted to a form in which it can’t be understood by anyone who doesn’t possess the secret key. In this case the type of algorithm implemented is what is known as block algorithm i.e. as data is processes the system holds the data in its memory as it waits for complete block. Application Implementation The first process is to import the cryptography package as shown in the figure below. This is one of the python libraries. Figure 1: Importing the cryptography python library The second step is to create a key. In the code show above this project implemented symmetric equation that is It is important to note that fernet is specifically authenticated cryptography that does not allow neither read or write/modify the file of the folder without the key. The third step is to create the key and the save it in the same folder in our data. This is as shown by the figure shown below. By running the code up to this part a key will be generated and stored as mykey.key file. As shown by the figures shown below (the highlighted in blue is the key generated) After generating key one can the proceed to encrypt the file. In this case, the project has implemented a file known as grades excel file. The code for encryption is as shown below. The last step performed is decrypting the file. In this case the process performed follows a reverse process for encryption. This is as shown by the code shown below Critical Security Analysis Threat Model As noted from the previous section, the application is designed to implement cryptography library. One of the major classes which have been used in this library is the Fernet class. As noted by other computer scientist fernet class have several failure nodes. First is integer overflow specifically in the OpenSSL. Second as noted fernet implements symmetric type of encryption. One might be of the view that of the use if this type of encryption is fast; however, if one gets their hand on the key; it means that they can decrypt everything with that key. Another issue is with what is known as key transportation. As noted from the code the key is to generated or be transmitted first to the receiving system before the actual file is transmitted or encrypted. This means the communication is somehow insecure as it
  • 3. impossible to guarantee that no one will tap the communication or the key. Example here one can inject a code to print the key as in our code; this means that they will have access to the key before the file is transmitted or encrypted. Third issue with fernet is that it can’t provide digital signatures which cannot be repudiated (Goshwe, 2019, p. 76) . Potential Attacks It is important to note that Fernet class implemented in this case makes use of various general functions. In addition, anyone can intercept a certain object in a program that utilizes general functions by just sending sequence of events to the program. This means that the application developed here is prone to attacks such as injection attacks. It is also important to note another major concern with symmetric cryptographic application is on cloud computing. Over the cloud, the application is prone to cycling type and short message attack. Here it is assumed that an attacker knows some blocks of the secret key and they then proceed to decode the rest of the secret key (Burnett, 2021, p. 134) Possible Improvements As one can note from figure the program uses simple python Fernet class to generate keys. Even though the program is able to produce secret keys, it is important to use the available secure python libraries. Example is using one of the best python encryption libraries known as pycryptodome. This is a self-contained python package with basic cryptographic primitives. The package supports python 3.5 and python 2.7. By using the package, it will bring with it several enhancements to the program. Example the library comes with authenticated encryption modes like SIV, OCB, CCM, and GCM. Second the package accelerates AES especially on Intel platforms. Third as compared to the use of functions the library provides cleaner RSA key generation that is based on FIPS 186-4. Forth the package comes with it SHA-3 and BLACKE2 algorithms which can be used together with RSA algorithm. Other major features of the package are password-protected PKCS#8 key containers, deterministic algorithms, and generation of random numbers which are sourced directly from the Operating System that one is using. Also the package comes with it a Shamir Secret Sharing scheme which better supports Windows operating system. In this case, if the package was to be used to generate secret keys it would generate secret keys with RSA feature which are in form of bits i.e. (1024-bit). It would then print the keys on the console as hex decimals. The keys generated are more secure that the use of functions to generate keys. Lastly, using any type of symmetric algorithm in cloud requires the use of a unique authentication identity which first checked by a server to determine the validity of a user. The server checks a user identify and the corresponding MAC address for a specific device (Al Hasib, 2018, p. 176). Conclusion As indicated in this paper, symmetric algorithm was used to showcase cryptography. The
  • 4. main application contained 29 lines of codes and seventy-one in the test output. As noted from the implementation various Fernet class was used from cryptography python library to perform both encryption and decryption. However, as indicated by the paper there are various loopholes that exists in the application. One is lack of a secured form of encryption; it is not secure to first generate a secret key before encrypting the file. This brought by the fact that symmetric type of encryption is prone to key transportation issue. Second, the application comes down functional type of programming which is coupled with various terminologies issues like referential transparency. The paper recommends the use of python built in libraries to implement RSA algorithm such as pycryptodome. References Al Hasib, A. &. H., 2018. A comparative study of the performance and security issues of AES and RSA cryptography.. In 2018 Third International Conference on Convergence and Hybrid Information Technology, V(3), pp. 124-198. Burnett, S. a. S. P., 2021. RSA Security's official guide to cryptography. 1 ed. Sydeny : 3rd. Goshwe, N., 2019. Data encryption and decryption using RSA algorithm in a network environment. International Journal of Computer Science and Network Security, IV(4), pp. 23-97. Mahajan, P. a. A. S., 2019. A study of encryption algorithms AES, DES and RSA for security. Global Journal of Computer Science and Technology, IV(10), pp. 13-90. Zhou, X. a. X. T., 2020. Research and implementation of RSA algorithm for encryption and decryption. Proceedings of 2011 6th international forum on strategic technology, III(2), pp. 1-15.