COMPUTER CRYPTOGRAPHY

Cryptology is defined as the science of making communication incomprehensible to all people except those who have a right to read and understand it. It can also be defined as a technique used to hide the meaning of a message and is derived from the Greek word kryptos (hidden). If a message were to fall into the hands of the wrong person, cryptography should ensure that that message could not be read. Typically the sender and receiver agree upon a message scrambling protocol before hand and agree upon methods for encrypting and decrypting messages. The study of cryptology consists of two parts: Cryptography, which concerns itself with the secrecy system itself and its design, and Cryptanalysis, which concerns itself with the breaking of the secrecy system above. Below are some useful terminologies:

Code - a set of information that will allow words to be changed to other words or symbols, For instance, a code for the word rifle may be escargot. That is not the type of cryptography that lends itself to analyze. The only way to decode a message is by having the set of words and their codes. If someone is able to get his hands on the codebook, then every secrecy message can be broken. We are interested in methods of cryptography that lend themselves to explainable techniques that can be performed to change a message into a secret one, and, more importantly, change back by people having the authorization and knowledge to do so.

Plaintext - the message that you wish to put into a secret form. Plaintext is usually written in all lower case letters without spaces. Numbers are written out and punctuation is ignored. So the message I will meet you at 5 PM in the mall is written as: iwillmeetyouatfivepminthemall

Cipher - the method for altering the plaintext.

Ciphertext - the secret version of the plaintext. So the plaintext: iwillmeetyouatfivepminthemall may be changed to: NBNQQRJJYDTZFYKNAJURNSYMJRFQQ

Encipher - changing from plaintext to ciphertext Decipher - changing from ciphertext to plaintext Key - information that will allow someone to encipher the plaintext and also decipher the ciphertext

There are two main types of cryptography: Secret key cryptography Public key cryptography Secret key cryptography is also known as symmetric key cryptography. With this type of cryptography, both the sender and the receiver know the same secret code, called the key. Messages are encrypted by the sender using the key and decrypted by the receiver using the same key. This method works well if you are communicating with only a limited number of people, but it becomes impractical to exchange secret keys with large numbers of people. In addition, there is also the problem of how you communicate the secret key securely. Public key cryptography, also called asymmetric encryption, uses a pair of keys for encryption and decryption. With public key cryptography, keys work in pairs of matched public and private keys. The public key can be freely distributed without compromising the private key, which must be kept secret by its owner. Because these keys work only as a pair, encryption initiated with the public key can be decrypted only with the corresponding private key. The following example illustrates how public key cryptography works:

Ann wants to communicate secretly with Bill. Ann encrypts her message using Bills public key (which Bill made available to everyone) and Ann sends the scrambled message to Bill. When Bill receives the message, he uses his private key to unscramble the message so that he can read it. When Bill sends a reply to Ann, he scrambles the message using Anns public key. When Ann receives Bills reply, she uses her private key to unscramble his message.

Benefits of Using Cryptography

The process of using public key and private key is beneficial only if the secret is refrained from getting copied or impersonated. The public key helps other individuals to convert the data into encrypted form and the secret key of the intended user can only decrypt it. Cryptography is used to conceal or hide crucial information. This mechanism helps in preventing the leakage of important information from the network. The unauthorized users are not allowed to enter into the network. The most common mechanism is Data Encryption standard and RC2/RC4. Public key is preferably used where it is important to demonstrate the connection of the information and the individual. Cryptography provides the authentication of users over electronic data transfer for example what happens in a digital signature. The use of digital signature also helps in identifying the originator of the information and he cannot disclaim the ownership of data. The use of public key mechanism allows a user to tell everyone how to encrypt a public key but he has to keep the secret of decryption to himself. The use of cryptography is beneficial for banks and law firms. It can also help the investigation agencies to keep their data secure.

The Basic Goals of Cryptography

The main goals of using cryptography are authentication, integrity, confidentiality, non repudiation and availability. The purpose of confidentiality is to provide security to the data from the attack of any adversary. It is in this step when there is need to use secret key to encrypt data. The authentication clause is helpful in providing sufficient evidence of the true owner of the data. Hence an individual can neither impersonate him/her as an owner nor deny his ownership. The use of private and public key also makes sure that the original data is reached to the ultimate user and not even a single point is destroyed during conversion. The process of non repudiation is aided as with the digital signature any user or owner can not escape from or denies his/her ownership. The data availability is also a crucial step when the data is being transformed to any other form. However public and private keys are so secure to use that even the most sensitive information is deciphered correctly. Below are some cryptography algorithms that are in use today (SKC secret key cryptography while PKC public key cryptography):

Data Encryption Standard (DES): The most common SKC scheme used today, DES was designed by IBM in the 1970s and adopted by the National Bureau of Standards (NBS)

Advanced Encryption Standard (AES): In 1997, NIST initiated a very public, 4-1/2 year process to develop a new secure cryptosystem for U.S. government applications. The result, the Advanced Encryption Standard, became the official successor to DES in December 2001.

RSA: The first, and still most common, PKC implementation, named for the three MIT mathematicians who developed it Ronald Rivest, Adi Shamir, and Leonard Adleman. RSA today is used in hundreds of software

products and can be used for key exchange, digital signatures, or encryption of small blocks of data.

Digital Signature Algorithm (DSA): The algorithm specified in NIST's Digital Signature Standard (DSS), provides digital signature capability for the authentication of messages.