• No results found

Kryptos+Graphein= Cryptography

N/A
N/A
Info
Download
Protected

Academic year: 2020

Share "Kryptos+Graphein= Cryptography"

Copied!
5
0
0

Loading.... (view fulltext now)

Download now ( 5 Page )

Full text

(1)

Kryptos+Graphein= Cryptography

Shweta Aggarwal Gurgaon, Haryana, India

[email protected]

Utkarsh Jaiswal Gurgaon, Haryana, India [email protected]

Abstract: Cryptography or cryptology comes from Greek word kryptos meaning “hidden secret” and graphein meaning “writing”. Cryptography is the practice and study of hiding information. Cryptography helps provide accountability, fairness, accuracy and confidentiality. It can prevent fraud in electronic commerce and assure the validity of financial transactions. The art or science encompassing the principles and methods of transforming an intelligible message into one that is unintelligible, and then retransforming that message back to its original form. Cryptography can be defined as the conversion of data into a scrambled code that can be deciphered and sent across a public or private network. In short, we can say that cryptography refers to the art of protecting transmitted information from unauthorized interception and tampering.

Keywords:

Cipher, Cryptanalysis, Encipher, Decipher, Key.

I. INTRODUCTION:

From e-mail to cellular communications, from secure Web access to digital cash, cryptography is an essential part of today's information systems. There are many aspects to security and many applications, ranging from secure commerce and payments to private communications and protecting passwords. One essential aspect for secure communications is that of cryptography, which the focus of this chapter is. But it is important to note that while cryptography is necessary for secure communications, it is not by itself sufficient. Cryptography helps provide accountability, fairness, accuracy, and confidentiality. It can prevent fraud in electronic commerce and assure the validity of financial transactions. It can protect your anonymity or prove your identity. It can keep vandals from altering your web page and prevent industrial competitors from reading your confidential documents. And in the future, as commerce and communications continue to move to computer networks, cryptography will become more and more vital.

“The art of war teaches us not on the likelihood of the enemy’s not coming, but on our own readiness to receive him; not on the chance of his not attacking, but rather on the fact that we have made our position unassailable.” --The art of War, Sun Tzu.

These words said by Sun Tzu were meant for the importance of information and that the most important available information should be kept secure. Hence, cryptography is an important aspect related to security of information.

The other side of this, cryptanalysis, is the art of breaking such secret ciphers and reading the information, or perhaps replacing it with different information. Sometimes the term cryptology is used to include both of these aspects. In these notes I will use the term cryptography exclusively. Cryptography is also related to a communication theory, named coding theory. Coding theory is translating any kind of text, pictures, etc into a standard form for transmission, protecting this information against distortion.

A. TERMINOLOGY RELATED TO CRYPTOGRAPHY:

There are some terms used in cryptography. These are: 1. Plain Text.

(2)

3. Cipher. 4. Key. 5. Encipher. 6. Decipher. 7. Cryptanalysis. 8. Code.

1. Plain Text: Plain text is the information that the sender wants to send to the receiver. Plain text is used as an input to the encryption algorithm; wherein the plain text is send as hidden secret message or what we call as cipher text.

2. Cipher Text: Cipher text is the encrypted message obtained after cryptography is applied. Cipher text is also known as encrypted or encoded information because it contains the message of the sender but in hidden words or unreadable by humans.

3. Cipher: Cipher is a series of well defined steps that are used for encryption and decryption. Cipher is also called encipherment. Basically cipher is an algorithm for translating plaintext into cipher text by transposition or substitution.

Fig. 1. Types of Ciphers.

There are many types of ciphers, namely: 1. Classical:

a. Substitution. b. Transposition. 2. Modern:

a. Private Key.

(i) Stream. (ii) Block. b. Public Key.

Fig. 1. shows the classification of the ciphers.

(3)

7. Cryptanalysis: Cryptanalysis comes from two Greek words, krypto meaning hidden and analyein meaning to loosen or to unite. It is the study of principles and methods of transforming a cipher text into plain text without knowing the key. This method is also known as code breaking or cracking down the code. This is also used to circumvent the security of other types of cryptographic algorithms, and not just cryptography.

8. Code: It is an algorithm for converting plain text into cipher text using the code book. In general, code is a rule for converting a piece of information into another form of information.

Fig. 2. General algorithm of cryptography.

B

. IDEA BEHIND CRYPTOGRAPHY:

Before the modern era, cryptography was concerned solely with message confidentiality (i.e., encryption) conversion of messages from a comprehensible form into an incomprehensible one and back again at the other end, rendering it unreadable by interceptors or eavesdroppers without secret knowledge (namely the key needed for decryption of that message).

In 1970’s, Martin Hellman, Whitfield Daffie and Ralph Merkle invented the idea of cryptography. Their basic idea was to solve the key exchange and security problems of symmetric cryptography by replacing the single shared key with a pair of mathematically related key, classifying them into two types. One key was publically available whereas the other key was private key.

The earliest form of ciphers, Classical cipher was transposition ciphers in which the order of letters was rearranged.

Example: If the original message or plain text was: “Hello everyone”

Then using transposition ciphers the cipher text of above would be: “lohle ynoeerve”

The other classical cipher was substitution cipher, in which a letter is replaced by another letter or group of letters.

Example: If plain text was: “Fly at once”

Then using substitution cipher the cipher text can be: “gmz bu podf”.

Another substitution type of cipher; Ceasar cipher in which each letter is replaced by a letter that is some position ahead of it or some position behind it.

(4)

Fig 3. Symmetry key cryptography.

The above fig. 3 shows the how the symmetry key cryptography works.

The other modern era cryptography is asymmetric key cryptography. Asymmetric key cryptography, also called public key cryptography is cryptography in which a pair of keys is used to encrypt and decrypt a message. Initially, a network user receives a public and private key pair from a certified authority. This key is used to encrypt the message and is sent to the recipient. When the recipient gets the message, he/she decrypts it with the key and reads the message.

Fig. 4. Asymmetric key cryptography

C. PURPOSE OF CRYPTOGRAPHY

Cryptography is the science of writing in secret code and it is also an ancient art. The word ancient art is used as in 1900 B.C. when Egyptian scribe used non-standard hieroglyphs for writing dates.

Security often requires that data be kept safe from unauthorized access. But most computers are interconnected with each other, thereby exposing them and the communication channels that they use.

This problem can be broken down into five requirements that must be fulfilled:

a. Privacy/Confidentiality: Assuring that private data remains private. Also, it ensures that no one else can read the message except the intended receiver.

b. Authentication: Assuring the identity of all parties attempting access. Also, it is the process of proving once identity.

c. Authorization: Assuring that a certain party attempting to access the information has the permission to do so.

d. Data Integrity: Assuring that an object is not altered illegally. Or it can stated as, assuring the receiver that the received message is the original one and it has not been altered in any way.

(5)

Authorization is a layer built on top of authentication in the sense that the party is authenticated by presenting the credentials required (passwords, smart cards ... etc.). After the credentials are accepted the authorization process is started to ensure that the requesting party has the permissions to perform the functions needed.

Data integrity and Non-Repudiation are achieved by means of digital signature, a method that includes performing cryptography among other things.

II. FUTURE OF CRYPTOGRAPHY

In the current scenario, cryptography seems to have an upper hand over cryptanalysis. Present-day computer security is a house of cards; it may stand for now, but it can't last. Many insecure products have not yet been broken because they are still in their infancy. But when these products are widely used, they will become tempting targets for criminals. The press will publicize the attacks, undermining public confidence in these systems. Ultimately, products will win or lose in the marketplace depending on the strength of their security. No one can guarantee 100% security. But we can work toward 100% risk acceptance. Fraud exists in current commerce systems: cash can be counterfeited, checks altered, credit card numbers stolen. Yet these systems are still successful because the benefits and conveniences outweigh the losses. Privacy systems -- wall safes, door locks, curtains -- are not perfect, but they're often good enough. The good news about cryptography is that we already have the algorithms and protocols we need to secure our systems. The bad news is that that was the easy part; implementing the protocols successfully requires considerable expertise. The areas of security that interact with people -- key management, human/computer interface security, access control -- often defy analysis. And the disciplines of public-key infrastructure, software security, computer security, network security, and tamper-resistant hardware design are very poorly understood. A good cryptographic system strikes a balance between what is possible and what is acceptable. Current encryption standards appear nearly unbreakable, but only until a new technology called quantum computing is computed. Currently, nobody knows when quantum computing will come into light, but when it does, it will signal end of cryptography.

In the end, its better to assume the worst. Assume your adversaries are better than they are. Assume science and technology will soon be able to do things they cannot yet. Give yourself a margin for error. Give yourself more security than you need today. When the unexpected happens, you'll be glad you did.

II. REFERNCES

[1] Technical Resource and Course Web Site for Cryptography and Network Security, Third Edition, by William Stallings.

[2] Cryptography and network security: principles and practice, by William Stallings.

[3] Cryptography and network security, by Kahate.

[4] Cryptography and network security (Sie), by Forouzan.

[5] Data Communication and networks, Forouzan.

[6] Network Computing: private communication in a public world, by Charlie Kaufman, Radia Perlman, Mike Speciner.

[7] Fundamentals of network security, by Eric Maiwald.

[8] Network security by Fred Simonds.

[9] Cryptography and Information Security, by Pachghare.

Figure

Fig. 1. Types of Ciphers.
Fig. 2. General algorithm of cryptography.
Fig. 4. Asymmetric key cryptography

References

Download now ( PDF - 5 Page - 84.65 KB )

Related documents

A Generalized Design Procedure for a Microwave Amplifier: a Typical Application Example

This consists of using an impedance data modeling technique to design of the two lossless and reciprocal two-ports; (iv) The scattering- parameter formulation of the matching

Candida dubliniensis versus Candida albicans : adhesion and biofilm formation

In order to explain the adhesion phenomenon and biofilm formation, cell surface properties of cells grown in artificial saliva growth medium without and with subMIC concentrations

Wealth Effects of the Gramm-Leach-Bliley Act on Financial Services Industry

Hewitt, 1993, bank holding company mergers with nonbank financial firms: Effects on the risk of failure, Journal of Banking and Finance , vol.. Calem, Paul S., 1994, The Impact

Composable & Modular Anonymous Credentials: Definitions and Practical Constructions

{SGen , Kg , Sign , Verify , Derive} is an un- forgeable, unlinkable, and key extractable redactable signature scheme, if the underlying SPS scheme is unforgeable and randomizable,

Alcohol Consumption among Day workers and Shift workers in Visakhapatnam

The percentage of subjects consuming alcohol remained same in day workers but in shift workers it increased to 61.7 per cent after taking up the job and the quantity of

Universit it C y i ommun t ca i ti & ons Marketing Web Workshop Day 2010

• Search engines use video title and description to find your video so make your title count and include tags your video so make your title count and include tags and a description.

Changing With the Times: Successfully Navigating Social Media Networking and Recruiting

Gone are the days of paper resumes – now, it’s not uncommon to connect with companies and recruiters through social media, sharing quali fi cations and experience on sites

International Journal of Computer Science and Mobile Computing

Fig. A wireless certificate is issued to a mobile terminal, that is, a voter has the certificate before commencing voting. The certificate should be kept in the mobile terminal