Introduction of Cryptography
- Cryptography has been used for centuries, from ancient civilizations that used secret codes and ciphers to protect their messages, to modern-day applications that rely on advanced mathematical algorithms and techniques.
- With the increasing reliance on digital communication and the rapid growth of the internet, cryptography has become more important than ever.
Definition of Cryptography
- Cryptography is a fundamental tool in information security that provides a powerful means of protecting sensitive information, securing communication, and ensuring the authenticity and integrity of data in the digital age.
- Cryptography is the branch of computer science to makes secure communication between two bodies by converting plain text messages or information into a human-unreadable/coded format (called cipher text, which is a form of encrypted text) using various algorithmic techniques, protocols, and methods for hiding information from unauthorized access or modification.
- Cryptography is an essential tool in the field of information security and plays a critical role in securing communication, protecting sensitive data, and ensuring the privacy and confidentiality of information.
Features of Cryptography
- Cryptography involves the use of encryption and decryption techniques to convert plain text into a coded message that can only be accessed and understood by authorized parties who possess the appropriate decryption key or password.
- The security of the encrypted data depends heavily on the strength of the encryption algorithm and the security of the encryption keys.
Terminology of Cryptography
Plain Text
-
- The original message/text before it is encrypted.
Cipher
-
- A mathematical algorithm is used for encryption and decryption.
Cipher Text:
-
- The coded message that is produced after encryption.
Key
-
- A piece of information used in encryption and decryption algorithms to transform plain text into coded messages and vice-versa.
Steganography
-
- The way of hiding secret information within a non-secret message or file or objects to prevent detection.
Encryption
-
- Encryption is the process of converting plain or readable data into a coded format/secret code or cipher text, that is unreadable without the correct decryption key
- Encryption algorithms use mathematical functions to transform the data in such a way that only authorized parties with the decryption key can read it.
- The purpose of encryption is to protect the confidentiality and privacy of the data being transmitted or stored.
- It is an important tool for encryption i.e. protecting sensitive/confidential information and maintaining the privacy and security of data from unauthorized access or use.
- There are many different types of encryption, but they can generally be divided into two categories: symmetric encryption and asymmetric encryption, which work similarly to cryptography.
- Encryption is widely used in many different areas, including online communications, data storage, online banking, and e-commerce transactions.
Decryption
-
- Decryption is the process of converting encrypted data back into its original form using a secret key or password.
- To decrypt ciphertext, the same key or password that was used to encrypt the data must be used.
- The decryption process reverses the encryption process by using the key to transform the ciphertext back into plain text or original data.
- There are several types of encryption algorithms used for encryption and decryption, including symmetric-key encryption and asymmetric-key encryption.
- Decryption plays a critical role in protecting data from unauthorized access and ensuring the confidentiality and integrity of sensitive information.
CryptoSystem
-
- A collection of cryptographic algorithms and protocols used to secure communications.
Cryptanalysis/Cryptology
-
- Cryptanalysis has a long history, dating back to ancient times when people used simple substitution ciphers to encode messages.
- Cryptanalysis is the study of analyzing and deciphering codes, ciphers, and other encryption methods to break their security and understand their hidden messages without the intended key.
- It involves techniques and methods for deciphering encrypted messages or codes without having access to the key used to encrypt the message.
- Cryptanalysis can be performed on various types of cryptographic systems, including classical ciphers, modern cryptographic algorithms, and cryptographic protocols.
- The goal of cryptanalysis is to discover weaknesses in the cryptographic system that can be exploited to decrypt messages without the key. In other words, it is often used in the field of cryptography to test the strength of encryption algorithms and to develop new methods for securing sensitive information.
- Some common techniques used in cryptanalysis include frequency analysis, brute force attacks, differential cryptanalysis, linear cryptanalysis, and known-plaintext attacks. In frequency analysis, the frequency distribution of letters or other symbols in the ciphertext is analyzed to gain information about the key used to encrypt the message. In a brute-force attack, every possible key is tried until the correct one is found. In a known plaintext attack, the attacker has access to some known plaintext and ciphertext pairs and uses them to deduce information about the key.
- Cryptanalysis plays an important role in modern cryptography as it helps to identify weaknesses in cryptographic systems and improve their security. It is also used by intelligence agencies and law enforcement to decrypt messages and gather intelligence.
Types of Cryptography
There are various types of cryptography techniques, such as symmetric key cryptography, asymmetric key cryptography, hash functions, and digital signatures. Each type of cryptography technique has its strengths and weaknesses, and they are used based on the specific security requirements of a system. These are as follows: –
-
Symmetric Cryptography: [Symmetric-Key Cryptography/Symmetric Encryption]
- Definition
- Symmetric cryptography is a method of encryption in which the same key is used for both encryption and decryption of data/information i.e., both the sender and the receiver/recipient of the message have the same key in order to access the encrypted or to decrypt the information.
- Characteristics
- Definition
-
-
- In this method, the public key is shared between the sender and receiver in advance of communication.
- Both the sender and the recipient use the same key to encrypt and decrypt messages. This key must be kept secret between the parties to ensure security.
- This type of cryptography is known for its speed and efficiency, making it ideal for encrypting large volumes of data in real-time communication systems, i.e. Symmetric encryption algorithms, like AES and DES, are faster than asymmetric algorithms. This makes them suitable for encrypting large amounts of data.
- A primary challenge with symmetric cryptography is secure key distribution. Since the same key is used on both ends, securely sharing it without interception is crucial. In practice, secure channels or additional encryption methods (like asymmetric encryption) are sometimes used to exchange keys safely.
- While symmetric cryptography remains foundational in security, it is often paired with asymmetric cryptography for initial key exchange or authentication to enhance security in applications that require it.
-
-
- Examples
- The most common symmetric encryption algorithms include Advanced Encryption Standard (AES), Data Encryption Standard (DES), Triple Data Encryption Standard (3DES), Blowfish and Twofish etc.
- AES (Advanced Encryption Standard):
- Known for its strength and speed, AES is widely used for secure data encryption, especially in government and industry.
- It supports key sizes of 128, 192, and 256 bits and is known for its speed and security.
- Used in SSL/TLS for internet security, Wi-Fi protection (WPA2), and encrypted file storage.
- DES (Data Encryption Standard):
- Once a standard, DES uses a 56-bit key and operates in 64-bit blocks. It is now considered outdated due to vulnerabilities in its key length.
- DES was widely used in early digital communication and banking but is now replaced by stronger encryption standards.
- While popular in the past, DES is now considered insecure due to its short key length, leading to the development of Triple DES (3DES) for better security.
- Triple DES (3DES):
- Examples
-
-
-
- Developed to address DES’s vulnerabilities, 3DES applies the DES algorithm three times with different keys, offering greater security.
- It is used in legacy financial systems, ATM encryption, and some older applications where DES was previously standard.
- Blowfish and Twofish:
- These are block ciphers known for their flexibility in key size and strong encryption properties.
- A block cipher with variable key sizes (32 to 448 bits), Blowfish is fast and secure for general-purpose encryption but is better suited for smaller data sizes.
- It is commonly found in applications for file and password encryption, VPNs, and network security software.
- RC4 (Rivest Cipher 4):
- RC4 is a stream cipher that was popular for fast encryption. It has since fallen out of favor for security weaknesses but was commonly used in SSL and Wi-Fi WEP.
- It is formerly used in HTTPS for securing websites and in WEP for Wi-Fi encryption.
-
-
Advantages
- Speed: It is faster than asymmetric encryption, making it suitable for real-time data encryption.
- Efficient for Large Data: Due to its low computational overhead, symmetric cryptography can handle large amounts of data efficiently.
- Disadvantages
- Key Distribution: Securely sharing and managing the single key used by both parties is challenging.
- Scalability Issues: In a large network, each pair of users needs a unique key, leading to a high number of keys to manage.
- Use/Applications
-
Symmetric cryptography is widely used in real-life applications for its speed and efficiency in encrypting data, particularly in cases where data needs to be encrypted and decrypted frequently or in real time. Also, Symmetric encryption’s efficiency makes it ideal for applications where large amounts of data need quick, secure processing, making it a backbone of modern digital security. These are:-
1. Securing Online Transactions (e.g., SSL/TLS, IPsec)
-
-
-
- This cryptography protects sensitive data, such as credit card information, during online transactions.
- It works when a user connects to a secure website, symmetric encryption is used to establish a fast, secure connection once an initial connection is set up via asymmetric encryption.
- For example, AES is often used within SSL/TLS protocols to encrypt data between a browser and a web server.
-
-
2. Data Encryption on Storage Devices
-
-
-
- It protects data stored on devices such as hard drives, USBs, and cloud storage to prevent unauthorized access.
- It works as a full-disk encryption software, like BitLocker (using AES), and encrypts all data on a device. Only someone with the encryption key can access the stored information, ensuring security in case of device theft or loss.
-
-
3. Wireless Network Security (Wi-Fi)
-
-
-
- It prevents unauthorized access to wireless networks.
- WPA2 (Wi-Fi Protected Access 2) uses symmetric encryption (AES) to secure wireless communications. This ensures that data transmitted between a device and a wireless router is encrypted, protecting it from interception by third parties.
-
-
4. VPNs (Virtual Private Networks)
-
-
-
- It provides secure remote access to private networks over the Internet.
- VPNs use symmetric encryption algorithms like AES to create an encrypted “tunnel” through which data travels securely, protecting information even on untrusted networks.
-
-
5. Messaging Apps
-
-
-
- It ensures privacy in personal and group conversations.
- Many messaging apps, such as WhatsApp and Signal, use symmetric encryption to secure messages after the initial key exchange. Each message is encrypted with a symmetric key, allowing only the sender and receiver to read it, protecting it from eavesdropping.
-
-
6. Database Encryption
-
-
-
- It protects sensitive information stored in databases from unauthorized access.
- Databases in sectors like finance and healthcare often use symmetric encryption (like AES) to protect sensitive information, such as social security numbers and financial data. Only users with the correct encryption key can access this data, maintaining compliance with privacy regulations.
-
-
7. Payment Processing (Credit Card Transactions)
-
-
-
- It ensures the confidentiality of credit card information during processing.
- Symmetric encryption is used to protect card information as it moves through payment systems. For example, the Payment Card Industry Data Security Standard (PCI DSS) mandates the use of encryption for credit card transactions to protect against fraud.
-
-
-
Asymmetric Cryptography/Public Key Cryptography/Asymmetric Encryption
- Definition
- Asymmetric cryptography is a method of encryption that uses two mathematically related keys: a public key and a private key.
- Characteristics
- In asymmetric cryptography, there are two separate keys, called a public key and a private key, the public key is used to encrypt the data(encryption), while the private key is used to decrypt it(decryption). In other words, the public key is shared openly and can be used by anyone to encrypt a message or verify a signature, but the private key is kept secret by the owner/authorized person only and is used to decrypt messages or create digital signatures.
- In this, the public key can be shared with anyone, while the private key must be kept secret. Here, key exchange protocols are used to securely exchange keys between two parties.
- Here, the encryption process uses complex mathematical operations that make it easy to encrypt with the public key but infeasible to decrypt without the corresponding private key. This is based on hard mathematical problems (e.g., factoring large numbers or calculating discrete logarithms).
- Here, the sender encrypts the message with the recipient’s public key, and the recipient decrypts the message with their private key.
- This concept is used in secure data exchange, authentication, digital signatures, secure email, and secure web browsing.
- Example
- Definition
The most common asymmetric encryption algorithms are RSA, ECC (Elliptic Curve Cryptography), and DSA.
-
-
- RSA: One of the earliest and most widely used asymmetric algorithms, based on the difficulty of factoring large integers.
- Elliptic Curve Cryptography (ECC): Uses elliptic curve mathematics, providing similar security with smaller key sizes, which is beneficial for mobile and IoT devices.
- DSA (Digital Signature Algorithm): Primarily used for digital signatures rather than encryption.
- Advantages
- Key Distribution: Public keys can be distributed openly, simply, and finally simplifying secure communications.
- Authentication and Integrity: Digital signatures confirm the sender’s identity and verify data integrity.
- Disadvantages
- Computational Overhead: It is slower and requires more processing power than symmetric cryptography.
- Key Management Complexity: Managing public and private keys securely is essential but is complex.
- Uses/Applications
-
Asymmetric cryptography is often used in conjunction with symmetric cryptography. For example, in secure connections like SSL/TLS, asymmetric cryptography is used to securely exchange a symmetric session key, which is then used for efficient data encryption during the session. This hybrid approach combines the security benefits of public-key cryptography with the speed of symmetric encryption.
-
-
- Data Encryption:
-
-
-
-
- Asymmetric encryption is often used to securely transmit symmetric keys rather than encrypting large amounts of data due to its computational intensity.
-
-
-
-
- Digital Signatures:
- Asymmetric encryption is often used to verify a sender’s identity by creating a unique signature using the sender’s private key.
- SSL/TLS and HTTPS:
- Public-key cryptography secures communications on the internet by authenticating websites and establishing encrypted connections.
- Digital Signatures:
-
-
Hash Function:
- A hash function is a mathematical function that takes in data of arbitrary size and produces a fixed-size output, typically a sequence of bytes or a hash value.
- The output generated by the hash function is often referred to as a hash code, digest, or checksum.
- Hash functions are used in cryptography, data integrity checks, digital signatures, and many other applications.
-
The main characteristics of a good hash function are:
- Deterministic: For the same input, the hash function should always produce the same output.
- Uniformity: The output should be uniformly distributed across the output space.
- Collision resistance: It should be difficult to find two different inputs that produce the same hash value.
- Avalanche effect: A small change in the input should produce a significant change in the output.
- Efficiency: It should be computationally efficient to compute the hash value for any given input.
- Non-invertibility: It should be computationally infeasible to derive the original input data from its hash value.
- Examples of popular hash functions include MD5, SHA-1, SHA-2, SHA-3, SHA-256 etc. However, some of these functions are vulnerable to attacks, and newer, more secure hash functions are now recommended.
-
Digital Signature:
-
A digital signature is a mathematical technique used to verify the authenticity and integrity of digital documents, messages, or software.
- A digital signature is a cryptographic mechanism used to verify the authenticity, integrity, and non-repudiation of digital messages or documents.
- It is a mathematical scheme for demonstrating the authenticity of a digital message or document and verifying that it has not been tampered with.
-
It is a type of electronic signature that is based on public key cryptography and provides a way to ensure that a message or document has not been tampered with and that it was indeed sent by the claimed sender.
-
To create a digital signature, the sender uses a private key to encrypt a hash or summary of the message. The recipient can then use the sender’s public key to decrypt the hash and verify that it matches the original message. If the hash values match, it proves that the message has not been altered in transit and that it was indeed sent by the claimed sender.
- Digital signatures are commonly used in electronic transactions, such as online banking, e-commerce, and secure email communication. They are also used in software distribution to ensure that the software has not been modified or infected with malware.
-
Benefits of Digital signatures :
- Authenticity: Digital signatures verify the identity of the sender and ensure that the message has not been tampered with.
- Digital signatures are used to ensure the authenticity of messages.
- Integrity: Digital signatures ensure that the message has not been altered in transit.
- Non-repudiation: Digital signatures prevent the sender from denying that they sent the message, as the signature provides proof of the sender’s identity and intent.
- Security: Digital signatures are difficult to forge, making them a secure way to authenticate digital documents and messages.
Working Mechanism of Digital signatures:
-
Digital signatures are created using a combination of a hash function and a private key. The message or document is first hashed, resulting in a fixed-length string of characters that represents the message in a unique and compact form. The private key is then used to encrypt the hash value, resulting in a signature. The signature is appended to the message or document and sent to the recipient along with the signer’s public key.
To verify the signature, the recipient uses the signer’s public key to decrypt the signature and obtain the original hash value. The recipient then computes the hash value of the received message or document and compares it with the decrypted hash value. If the two values match, the recipient can be confident that the message or document has not been altered since it was signed and that it originated from the signer.
Advantages of Cryptography
- Cryptography makes communication secure through the use of mathematical algorithms and techniques to convert plain text into a coded message, which can only be accessed and understood by authorized parties who possess the appropriate decryption key or password.
- The primary goal of cryptography is to ensure confidentiality, integrity, and authenticity of data (authentication), and non-repudiation of data and to prevent unauthorized access, modification, or disclosure of sensitive information. Confidentiality refers to the protection of data from unauthorized access, while integrity is about maintaining the accuracy and consistency of data. Authentication is the process of verifying the identity of the sender, while non-repudiation means that the sender cannot deny sending the message.
Disadvantages/Drawbacks/Limitations of Cryptography
-
Complexity: Cryptography algorithms can be complex and difficult to implement correctly, which can lead to vulnerabilities if they are not properly configured or used.
-
Key Management: Cryptography relies heavily on key management, which can be challenging to maintain and protect, particularly when dealing with large-scale systems or long-term data storage.
-
Performance Impact: Cryptography algorithms can add significant overhead to computing systems, leading to performance degradation and increased processing time.
-
Dependence on algorithms: Cryptography algorithms are vulnerable to advances in technology and computing power, which can weaken the security of the encryption and decryption processes.
-
Malicious use: Cryptography can also be used for malicious purposes, such as hiding illegal activities or communicating secretly within criminal organizations.
Use/Applications of Cryptography
Cryptography has many real-world applications, such as –
- Securing communication channels
- Protecting confidential information
- Ensuring secure transactions over the internet.
- Used to protect sensitive information such as credit card numbers, passwords, and personal data in online transactions, secure communications in emails and instant messaging.
- Ensure the authenticity and integrity of digital signatures
DES(Data Encryption Standard) Encryption
History
- DES stands for ‘Data Encryption Standard’ and was developed by IBM in the 1970s and later standardized by the National Institute of Standards and Technology (NIST) in 1977.
Definition
- DES is a symmetric-key encryption algorithm that uses a Block cipher mechanism in which it converts a fixed-size block of plaintext data into cipher text.
- DES (Data Encryption Standard) is a symmetric-key block cipher algorithm that encrypts data in 64-bit blocks using a 56-bit key.
Working Mechanism
- DES uses a 56-bit key to encrypt and decrypt data. The key is used to create a set of 16 subkeys, each of which is 48 bits long. The encryption process involves applying a series of mathematical operations to the plaintext using the subkeys in a specific order.
- The plaintext data is divided into blocks of 64 bits, and each block is encrypted separately. The encryption process involves several rounds of substitution and permutation operations on the bits of the plaintext. During each round, a different subkey is used to modify the plaintext.
- The result of each round is then used as input to the next round until all 16 rounds have been completed. The final output is the ciphertext, which is the encrypted form of the plaintext.
Limitations
- Despite its widespread use in the past, DES is no longer considered secure for modern cryptography due to its small key size. Several attacks have been developed over the years that can recover a DES key in a reasonable amount of time, making it vulnerable to brute-force attacks. As a result, it has been replaced by more secure encryption algorithms such as AES (Advanced Encryption Standard).
RSA(Rivest-Shamir-Adleman) Encryption
History
- RSA stands for Rivest-Shamir-Adleman and was first introduced in 1977 by Computer Scientists Rivest(American)-Shamir(Israeli) and Adleman(American).
- Together, Rivest, Shamir, and Adleman published their seminal paper on RSA in 1978, which laid the foundation for modern public-key cryptography.
- They were awarded the Turing Award in 2002, which is considered the highest honor in computer science, for their contributions to cryptography.
Definition
- RSA is a public-key cryptosystem used to secure data transmission and digital signatures.
Working Mechanism
- RSA encryption works by using two keys – a public key and a private key. The public key is used for encryption, while the private key is used for decryption. The two keys are mathematically related but cannot be derived from each other, making it difficult for an attacker to recover the private key even if they know the public key.
- To encrypt a message using RSA, the sender first obtains the recipient’s public key. The sender then converts the message into a numerical value and raises it to the power of the recipient’s public key, modulo a large prime number. This produces the encrypted message, which can only be decrypted by the recipient’s private key.
- To decrypt the message, the recipient raises the encrypted message to the power of their private key, modulo the same large prime number used for encryption. This produces the original message, which can only be obtained with the corresponding private key.
Limitations
- RSA is vulnerable to certain attacks, such as the factorization of large prime numbers, which could compromise the security of the system. Therefore, it is important to use appropriate key sizes and implementation techniques to ensure the security of the RSA cryptosystem.
Use/Application
- RSA is widely used in many applications, such as –
- To make communication protocols secure
- To make digital signatures secure
- To make storage of sensitive data secure
0 Comments