Crypto The simplest definition available as to, what cryptography is is that it is the science of using mathematics to encrypt and

decrypt information, which means putting into or decoding from a mathematical language. What are the ways to use this technology and learn what are advantages? So, as you can see, this seems as though cryptography would be very difficult. Nevertheless, this is important because everything on your computer is stored in cryptography. Cryptography becomes even more complex though. This is because humans recognize numbers as digits from 0 to 9, but your computer can only recognize 0 and 1 Now there are some other definitions that are important to understand here. First, you should understand that a brute force attack is when all of the possible combinations of numbers are used to either decrypt or encrypt materials. Secondly, a dictionary attack occurs whenever a person tries using all possible known passwords, which is surprisingly a small amount, to form an attack. Of course, there are some people, such as the government, who would profit from knowing cryptography and are thus known as an adversary. On the other hand, those who should not profit from this access are known as a key logger.
Need of crypto

Why do you need cryptosystems, Government, private companies and universities exchange data over Internet with their trusted partners? They want full secure data exchange; no hacker or third party should be able to intercept the important data. To over come privacy, secrecy and importance of data being hacked or stolen, cryptography provides two kinds of cryptosystems. encryption Encryption is also used to protect data in transit, for example data being transferred via networks (e.g. the Internet, e-commerce), mobile telephones, wireless microphones, wireless intercom systems, Bluetooth devices and bank automatic teller machines. Encrypting data in transit also helps to secure it as it is often difficult to physically secure all access to networks. There are many reasons for the use of encryption and decryption, such as securing the sensitive data that is transmitted to complete electronic transactions such as online purchases of merchandise or services and for interaction with government agencies requiring the submission of private information. When a consumer purchases a product or service from a business that conducts electronic commerce, simply known as e-commerce, he or she enters his or her billing address and credit card details into an online form in order to send this data to be processed. Encryption and decryption always should be at work in such situations to protect the purchaser's financial information. Secure transmission of financial information is so important that most web browsers indicate whether a connection is secure by displaying an open padlock for insecure transmissions and a closed one for secure operations. The background color of the address bar might also change, and either way, consumers should never submit data that, if intercepted, could lead to identity theft or financial ruin. The letters "https" should appear in the address bar even if there is no other indication that the data is secure.

Types of crypto First is "Symmetric" system under, which cryptosystems use the same secret key to encrypt or decrypt a message received data packet from trusted partners. The other cryptosystem is asymmetric system under, which two different keys are used to encrypt and decrypt the message or received data packet. On public key is used to encrypt the data or message and the private key on receiving end is used to decrypt the message or data packet.

With symmetric encryption, both parties use the same key for encryption and decryption purposes. Each user must possess the same key to send encrypted messages to each other. The sender uses the key to encrypt their message, and then transmits it to the receiver. The receiver, who is in procession of the same key, uses it to decrypt the message. The security of this encryption model relies on the end users to protect the secret key properly. If an unauthorized user were able to intercept the key, they would be able to read any encrypted messages sent by other users. Its extremely important that the users protect both the keys themselves, as well as any communications in which they transmit the key to another person.

Asymmetric Encryption
The problem with secret keys is exchanging them over the Internet or a large network while preventing them from falling into the wrong hands. Anyone who knows the secret key can decrypt the message. One answer is asymmetric encryption, in which there are two related keys-a key pair. A public key is made freely available to anyone who might want to send you a message. A second, private key is kept secret, so that only you know it. Any message (text, binary files, or documents) that are encrypted by using the public key can only be decrypted by applying the same algorithm, but by using the matching private key. Any message that is encrypted by using the private key can only be decrypted by using the matching public key. This means that you do not have to worry about passing public keys over the Internet (the keys are supposed to be public). A problem with asymmetric encryption, however, is that it is slower

than symmetric encryption. It requires far more processing power to both encrypt and decrypt the content of the message. Digital signature A digital signature (not to be confused with a digital certificate) is an electronic signature that can be used to authenticate the identity of the sender of a message or the signer of a document, and possibly to ensure that the original content of the message or document that has been sent is unchanged. Digital signatures are easily transportable, cannot be imitated by someone else A digital signature can be used with any kind of message, whether it is encrypted or not, simply so that the receiver can be sure of the sender's identity and that the message arrived intact. A digital certificate contains the digital signature of the certificate-issuing authority so that anyone can verify that the certificate is real. A digital code that can be attached to an electronically transmitted message that uniquely identifies the sender. Like a written signature, the purpose of a digital signature is to guarantee that the individual sending the message really is who he or she claims to be. Digital signatures are especially important for electronic commerce and are a key component of most authentication schemes. To be effective, digital signatures must be unforgeable. There are a number of different encryption techniques to guarantee this level of security.

Private Key Algorithms

The private key or symmetric algorithm is the quickest and simplest encryption algorithm in widespread use today. The term symmetric refers to the fact that the same key is used for encryption and decryption (using a encryption notation this means that K = K-1), hence only one key is required in order to encrypt and decrypt data. We use the following terms when talking about encryption -Plaintext - the initial unencrypted data or the encrypted data after it has been decrypted. Ciphertext - the plaintext after is has been encrypted and is no longer readable. Key - the value applied to the plaintext and encryption algorithm in order to achieve encryption. Conversely the value applied to the ciphertext and decryption algorithm in order to achieve decryption. Encryption - the process of converting the plaintext to ciphertext. Decryption - the process of converting the ciphertext back to plaintext. The different algorithms in use have various means of achieving the encryption and decryption but they all have the same general goals Secure Encryption - It should not be practical to decipher the ciphertext without the key. Key secrecy - It should not be feasible to deduce the key from the ciphertext.

The components that a digital signature comprise of.

1. Your public key: This is the part that any one can get a copy of and is part of the verification system. 2. Your name and e-mail address: This is necessary for contact information purposes and to enable the viewer to identify the details. 3. Expiration date of the public key: This part of the signature is used to set a shelf life and to ensure that in the event of prolonged abuse of a signature eventually the signature is reset. 4. Name of the company: This section identifies the company that the signature belongs too. 5. Serial number of the Digital ID: This part is a unique number that is bundled to the signature for tracking ad extra identification reasons. 6. Digital signature of the CA (certification Authority): This is a signature that is issued by the authority that issues the certificates.

Reasons for using digital security.

It insures by means of verification and validation that the user is whom he/she claims to be. This is done by combine the users credential to the digital certificate and in turn this method uses one point of authentication. Digital certificates insure data Integrity giving the user piece of mind that the message or transaction has not been accidentally or maliciously altered. This is done cryptographically. Digital certificates ensure confidentiality and ensure that messages can only be read by authorized intended recipients. Digital certificates also verify date and time so that senders or recipients can not dispute if the message was actually sent or received.

How It Works Assume you were going to send the draft of a contract to your lawyer in another town. You want to give your lawyer the assurance that it was unchanged from what you sent and that it is really from you. 1. You copy-and-paste the contract (it's a short one!) into an e-mail note. 2. Using special software, you obtain a message hash (mathematical summary) of the contract. 3. You then use a private key that you have previously obtained from a public-private key authority to encrypt the hash. 4. The encrypted hash becomes your digital signature of the message. (Note that it will be different each time you send a message.) At the other end, your lawyer receives the message. 1. To make sure it's intact and from you, your lawyer makes a hash of the received message. 2. Your lawyer then uses your public key to decrypt the message hash or summary. 3. If the hashes match, the received message is valid.

Public key Algorithms

Public key cryptosystems are based upon the following idea. In these systems the encryption and decryption keys (K and K-1) are not equal. So we use a pair of keys, one to perform the encryption and another to perform the decryption. The concept is very simple. We first generate a pair of keys and transmit one of them (the public key) which we will use for encryption to the party with whom we wish to communicate with. They then encrypt data using the key we gave them and we use the key we kept to decrypt that data. The public key cannot be used to decrypt and so no third party can decipher our data. The algorithm should be designed such that it is impossible to deduce the value of our private key from the value of the key we gave to the sender of the data. In practice no-one has ever designed an algorithm where it is actually impossible to deduce one key from the other since they are mathematically related. However, in practice it is possible to design an algorithm where it is so difficult to compute one key from the other that it becomes practically impossible. This is the principle that modern public key cryptosystems work under.