Cryptography

Cryptography goal is to achieve Confidentiality, Integrity,Identification & Authentication,Non Repudiation

  • Data integrity services address the unauthorized or accidental modification of data.The goal is for the receiver of the data to verify that the data has not been altered.
  • Confidentiality services restrict access to the content of sensitive data to only those individuals who are authorized to view the data. Confidentiality measures prevent the unauthorized disclosure of information to unauthorized individuals or processes.
  • Identification and authentication services establish the validity of a transmission, message, and its originator. The goal is for the receiver of the data to determine its origin.
  • Non-repudiation services prevent an individual from denying that previous actions had been performed. The goal is to ensure that the recipient of the data is assured of the sender’s identity.

These four cryptography services is achieved through

  1. Symmetric key cryptography
  2. Secure Hash
  3. Asymmetric (Public-key) cryptography
  4. Digital Signatures

These terms are often used when we discuss cryptography:

  • Encryption: The process of converting data from plaintext to ciphertext. Also referred to as enciphering.
  • Decryption: The process of converting data from ciphertext to plaintext. Also referred to as deciphering.
  • Key: A parameter that controls the transformation of plaintext into ciphertext or vice versa. Determining the original plaintext data without the key is impossible. Keys can be both public and private. Also referred to as a cryptovariable.
  • Symmetric: An encryption method whereby a single private key both encrypts and decrypts the data. Also referred to as private or secret key encryption.
  • Asymmetric: An encryption method whereby a key pair, one private key and one public key, performs encryption and decryption. One key performs the encryption, whereas the other key performs the decryption. Also referred to as public key encryption.
  • Digital signature: A method of providing sender authentication and message integrity. The message acts as an input to a hash function, and the sender’s private key encrypts the hash value. The receiver can perform a hash computation on the received message to determine the validity of the message.
  • Hash: A one-way function that reduces a message to a hash value. A comparison of the sender’s hash value to the receiver’s hash value determines message integrity. If the resultant hash values are different, then the message has been altered in some way, provided that both the sender and receiver used the same hash function.
  • Digital certificate: An electronic document that identifies the certificate holder.
  • Plaintext: A message in its original format. Also referred to as cleartext.
  • Ciphertext: An altered form of a message that is unreadable without knowing the key and the encryption system used. Also referred to as a cryptogram.
  • Cryptosystem The entire cryptographic process, including the algorithm, key, and key management functions. The security of a cryptosystem is measured by the size of the keyspace and available computational power.
  • Cryptanalysis: The science of decrypting ciphertext without prior knowledge of the key or cryptosystem used. The purpose of cryptanalysis is to forge coded signals or messages that will be accepted as authentic signals or messages.
  • Key clustering: Occurs when different encryption keys generate the same ciphertext from the same plaintext message.
  • Keyspace: All the possible key values when using a particular algorithm or other security measure. A 40-bit key would have 240 possible values, whereas a 128-bit key would have 2128 possible values.
  • Collision: An event that occurs when a hash function produces the same hash value on different messages.
  • Algorithm: A mathematical function that encrypts and decrypts data. Also referred to as a cipher.
  • Cryptology The science that studies encrypted communication and data.
  • Encoding: The process of changing data into another form using code.
  • Decoding: The process of changing an encoded message back into its original format.
  • Transposition: The process of shuffling or reordering the plaintext to hide the original message. Also referred to as permutation. For example, AEEGMSS is a transposed version of MESSAGE.
  • Substitution: The process of exchanging one byte in a message for another. For example, ABCCDEB is a substituted version of MESSAGE.
  • Confusion: The process of changing a key value during each round of encryption. Confusion is often carried out by substitution. Confusion conceals a statistical connection between the plaintext and ciphertext. Claude Shannon first discussed confusion.
  • Diffusion: The process of changing the location of the plaintext within the ciphertext. Diffusion is often carried out using transposition. Claude Shannon first introduced diffusion.
  • Avalanche effect: The condition where any change in the key or plaintext, no matter how minor, will significantly change the ciphertext. Horst Feistel first introduced avalanche effect.
  • Work factor or work function: The amount of time and resources that would be needed to break the encryption.
  • Trapdoor: A secret mechanism that allows the implementation of the reverse function in a one-way function.
  • One-way function: A mathematical function that can be more easily performed in one direction than in the other.

Up next

Symmetric key Cryptography