Wednesday, March 6, 2013

Cryptography and Encryption techniques


Cryptography and Encryption techniques

Introduction
  • Over the Internet various communications such as electronic mail, or the use of world wide web browsers are not secure for sending and receiving information. Information sent by those means may include sensitive personal data which may be intercepted.
  • There is commercial activity going on the Internet and many web sites require the users to fill forms and include sensitive personal information such as telephone numbers, addresses, and credit card information.
  • To be able to do that users would like to have a secure, private communication with the other party.
  • Online users may need private and secure communications for other reasons as well.
  • They may simply not want third parties to browse and read their e-mails or alter their content.


What is Cryptography ?

  • Cryptography is the science of information security. 
  • The word is derived from the Greekkryptos, meaning hidden. 
  • Cryptography is closely related to the disciplines of cryptology and cryptanalysis. Cryptography includes techniques such as microdots, merging words with images, and other ways to hide information in storage or transit. 
  • However, in today's computer-centric world, cryptography is most often associated with scrambling plaintext(ordinary text, sometimes referred to as cleartext) into ciphertext (a process called encryption), then back again (known as decryption). Individuals who practice this field are known as cryptographers.


Modern cryptography concerns itself with the following four objectives:

1) Confidentiality (the information cannot be understood by anyone for whom it was unintended)

2) Integrity (the information cannot be altered in storage or transit between sender and intended receiver without the alteration being detected)

3) Non-repudiation (the creator/sender of the information cannot deny at a later stage his or her intentions in the creation or transmission of the information)

4) Authentication (the sender and receiver can confirm each other?s identity and the origin/destination of the information)

Cryptosystems

  • Procedures and protocols that meet some or all of the above criteria are known as cryptosystems. 
  • Cryptosystems are often thought to refer only to mathematical procedures and computer programs; however, they also include the regulation of human behavior, such as choosing hard-to-guess passwords, logging off unused systems, and not discussing sensitive procedures with outsiders.
  • In recent times, cryptography has turned into a battleground of some of the world's best mathematicians and computer scientists. 
  • The ability to securely store and transfer sensitive information has proved a critical factor in success in war and business.
  • However, the Internet has allowed the spread of powerful programs and, more importantly, the underlying techniques of cryptography, so that today many of the most advanced cryptosystems and ideas are now in the public domain.


Goal Of Cryptography 
  1. The goal of cryptography extends beyond merely making data unreadable; it also extends into user authentication, which is providing the recipient with assurance that the encrypted message originated from a trusted source.
  2. Hash functions are sometimes used in conjunction with private key or public key systems.
  3. This is a type of one-way encryption, which applies an algorithm to a message, such that the message itself cannot be recovered.
  4. Unlike key-based cryptography, the goal of the hash function is not to encrypt data for later decryption, but to create a sort of digital fingerprint of a message.
  5. The value derived from applying the hash function can be re-calculated at the receiving end, to ensure that the message has not been tampered with during transit.
  6. Then, a key-based system is applied to decipher the message.


What is Encryption ?

The process of making data unreadable by other humans or computers for the purpose of preventing others from gaining access to its contents. Encrypted data is generated using an encryption program such as PGP, encryption machine, or a simple encryption key and appears as garbage until it is decrypted. In order to read or use the data, it must be decrypted, and only those who have the correct password or decryption key are able to make the data readable again.

A very basic encryption technique known as simple substitution,substitution cipher, or Caesar cipher (named after Julius Caesar) that shifts the letters of the alphabet over a few characters. For example, as shown below the alphabet has been shifted over four characters.

Encrypt key:
a=e, b=f, c=g, d=h, e=i, f=j, g=k, h=l, i=m, j=n, k=o, l=p, m=q, n=r, o=s, p=t, q=u, r=v, s=w, t=x, u=y, v=z, w=a, x=b, y=c and z=d.

Decrypt key:

a=w, b=x, c=y, d=z, e=a, f=b, g=c, h=d, i=e, j=f, k=g, l=h, m=i, n=j, o=k, p=l, q=m, r=n, s=o, t=p, u=q, v=r, w=s, x=t, y=u and z=v

Using this technique a user could encrypt the message: computer hope free help for everyone to: gsqtyxiv lsti jvii lipt jsv izivcsri. 

The symmetric cipher (symmetric encryption)

Until we started using computers, these ciphers, with very much better algorithms and much more complex encryption keys were the order of the day. However, the basic approach to this way of creating secret messages has not really changed. So now you understand the basic method used in any symmetric cipher.
Taking our example above, the operation is as follows:
·         take your message (plaintext)
·         take an algorithm (Caesar)
·         take a key (a number between 1 and 25)
·         transform the message according to the algorithm using the key
now you have an encrypted message (ciphertext). The recipient then:
·         takes the encrypted message (ciphertext)
·         takes the algorithm (Caesar)
·         takes the same key (the same number as chosen above)
·         transforms the encrypted message according to the algorithm using the key.
Now they have the original message back (plaintext).   This is called a symmetric cipher because you use the same algorithm and the same key to carry out both encryption and decryption.   There are other types of cipher systems but they are covered in other encryption white papers.

Strength of encryption

The quality of the algorithm and encryption key combination (as we saw with the Caesar cipher, making the key bigger on its own did not actually make the encryption any stronger at all) were the factors that made the strength of the system. However, until there was some automation you could not use really complex methods because it simply took too long to encrypt and decrypt messages.

Cryptographic Keys: Private and Public

There are two general categories of cryptographic keys: Private key and public key systems.

Private Key Cryptography

Private key systems use a single key. The single key is used both to encrypt and decrypt the information. Both sides of the transmission need a separate key and the key must be kept secret from. The security of the transmission will depend on how well the key is protected.

Public Key Cryptography

In the public key system there are two keys: a public and a private key. Each user has both keys and while the private key must be kept secret the public key is publicly known. Both keys are mathematically related. If A encrypts a message with his private key then B, the recipient of the message can decrypt it with A's public key. Similarly anyone who knows A's public key can send him a message by encrypting it with his public key. A will than decrypt it with his private key. This kind of cryptography is more eficient than the private key cryptography because each user has only one key to encrypt and decrypt all the messages that he or she sends or receives.

What are Three Encryption Techniques?

The answer is that each scheme is optimized for some specific application(s). Hash functions, for example, are well-suited for ensuring data integrity because any change made to the contents of a message will result in the receiver calculating a different hash value than the one placed in the transmission by the sender. Since it is highly unlikely that two different messages will yield the same hash value, data integrity is ensured to a high degree of confidence.

Secret key cryptography, on the other hand, is ideally suited to encrypting messages, thus providing privacy and confidentiality. The sender can generate a session key on a per-message basis to encrypt the message; the receiver, of course, needs the same session key to decrypt the message.

Key exchange, of course, is a key application of public-key cryptography (no pun intended). Asymmetric schemes can also be used for non-repudiation and user authentication; if the receiver can obtain the session key encrypted with the sender's private key, then only this sender could have sent the message. Public-key cryptography could, theoretically, also be used to encrypt messages although this is rarely done because secret-key cryptography operates about 1000 times faster than public-key cryptography.




It puts all of this together and shows how a hybrid cryptographic scheme combines all of these functions to form a secure transmission comprising digital signature and digital envelope. In this example, the sender of the message is Alice and the receiver is Bob.

A digital envelope comprises an encrypted message and an encrypted session key. Alice uses secret key cryptography to encrypt her message using the session key, which she generates at random with each session. Alice then encrypts the session key using Bob's public key. The encrypted message and encrypted session key together form the digital envelope. Upon receipt, Bob recovers the session secret key using his private key and then decrypts the encrypted message.

The digital signature is formed in two steps. First, Alice computes the hash value of her message; next, she encrypts the hash value with her private key. Upon receipt of the digital signature, Bob recovers the hash value calculated by Alice by decrypting the digital signature with Alice's public key. Bob can then apply the hash function to Alice's original message, which he has already decrypted (see previous paragraph). If the resultant hash value is not the same as the value supplied by Alice, then Bob knows that the message has been altered; if the hash values are the same, Bob should believe that the message he received is identical to the one that Alice sent.

This scheme also provides nonrepudiation since it proves that Alice sent the message; if the hash value recovered by Bob using Alice's public key proves that the message has not been altered, then only Alice could have created the digital signature. Bob also has proof that he is the intended receiver; if he can correctly decrypt the message, then he must have correctly decrypted the session key meaning that his is the correct private key.

Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)