Running Head: CRYPTOGRAPHY
CRYPTOGRAPHY 2
CRYPTOGRAPHY SECURITY TECHNOLOGY
Kiran Kumar goud, Cikka
569651
Campbellsville
Cryptography
Abstract
Cryptography is a technology security which is aimed at procuring the conversation between various computer devices. It prevents an unauthorized person or system from reading information. It engages the elements of information security like data confidentiality, authentication, data integrity. Cryptography is a concept which enables the users to send encoded messages while the system that consumes the message should decode the information to access it. This paper spots at the different cryptography schemes like the symmetric and a private key cryptography. The technology involves in the conversion of a readable information to a something that cannot be read except by the authorized people. The application of the cryptography uses to various fields like E-commerce, military and the computer passwords are also discussed. Arguments like the lawful restrictions and concerns about the encryption is also studied.
Introduction
These days a secure communication between two systems/people is an big an issue over the world. It raised a concerns about the security of transmitting media. After the rise and spread of the inter-networking between computer devices over the world, the process of securing the information shared over such networks has brought issues with it.
Basically, cryptosystem would be involved in the sender and the recipient who are able to communicate in insecure channel. The process through which a conversation takes place is referred to as encryption. After receiving the cipher text, the recipient has to decrypt for reading original message. Only the sender and the recipient who hold encryption key will be able to read the message and thus be difficult for others who do not have the key to decrypt the message.
There are like set of rules or steps which are followed during the dissemination of the message between the sender and the recipient which is referred to as protocol. Such cryptosystem protocols are implemented so as to ensure every user communicates irrespective of the environmental constraints. Efforts to engineer computers with Encryption programming as well as decryption and with the communicating nodes with the protocols are made to implement the security.
Today’s cryptography depends heavily on computer science and mathematical theory which are developed as a result of computational hardness which makes the algorithms of encryption hard to crack. It’s being claimed that the technology is potentially usable as a sedition and espionage tool which the government would categorize it one of the weapons, hence limiting their use. For jurisdictions which would involve cryptography use, laws are set to enable investigators to have access to encryption keys for investigation purposes.
Types of Cryptography
Systematic –key cryptography
This is the method of encryption which invol.
Running Head CRYPTOGRAPHYCRYPTOGRAPHY2CRYPTOGRAPH.docx
1. Running Head: CRYPTOGRAPHY
CRYPTOGRAPHY 2
CRYPTOGRAPHY SECURITY TECHNOLOGY
Kiran Kumar goud, Cikka
569651
Campbellsville
Cryptography
Abstract
Cryptography is a technology security which is aimed at
procuring the conversation between various computer devices. It
prevents an unauthorized person or system from reading
information. It engages the elements of information security
like data confidentiality, authentication, data integrity.
Cryptography is a concept which enables the users to send
encoded messages while the system that consumes the message
should decode the information to access it. This paper spots at
the different cryptography schemes like the symmetric and a
private key cryptography. The technology involves in the
conversion of a readable information to a something that cannot
be read except by the authorized people. The application of the
cryptography uses to various fields like E-commerce, military
and the computer passwords are also discussed. Arguments like
the lawful restrictions and concerns about the encryption is also
studied.
Introduction
These days a secure communication between two
systems/people is an big an issue over the world. It raised a
2. concerns about the security of transmitting media. After the rise
and spread of the inter-networking between computer devices
over the world, the process of securing the information shared
over such networks has brought issues with it.
Basically, cryptosystem would be involved in the sender and the
recipient who are able to communicate in insecure channel. The
process through which a conversation takes place is referred to
as encryption. After receiving the cipher text, the recipient has
to decrypt for reading original message. Only the sender and the
recipient who hold encryption key will be able to read the
message and thus be difficult for others who do not have the
key to decrypt the message.
There are like set of rules or steps which are followed during
the dissemination of the message between the sender and the
recipient which is referred to as protocol. Such cryptosystem
protocols are implemented so as to ensure every user
communicates irrespective of the environmental constraints.
Efforts to engineer computers with Encryption programming as
well as decryption and with the communicating nodes with the
protocols are made to implement the security.
Today’s cryptography depends heavily on computer science and
mathematical theory which are developed as a result of
computational hardness which makes the algorithms of
encryption hard to crack. It’s being claimed that the technology
is potentially usable as a sedition and espionage tool which the
government would categorize it one of the weapons, hence
limiting their use. For jurisdictions which would involve
cryptography use, laws are set to enable investigators to have
access to encryption keys for investigation purposes.
Types of Cryptography
Systematic –key cryptography
This is the method of encryption which involves having both the
receiver and sender sharing a common key or a single key is
used. The DES is however used in applications such as email
privacy, ATM encryption as well as remote access encryption.
other standards had been evolving but some like FEAL has been
3. broken.
On the other hand, stream ciphers are used to create arbitrarily
long key material stream that gets combined with plaintext
character-by-character or bit-by-bit. In this form, the cipher
output stream gets developed based on internal state that is
hidden which change while the cipher is operating. A secret key
is used to setup the initial internal state. Example of stream
cipher is RC4.
Figure 1: Symmetric key cryptography
However, there is a problem of symmetric-key cryptography
because it has complexities in key management. In this
cryptosystem, a single key is used for message decryption and
encryption. As the network members increase, these keys would
increase in a square form. i.e if the n represents the number of
keys and t the number of networks, then n=t2. Such a big
increase of the keys results to a complex management of key
while trying to maintain secrecy and consistency
Public Key cryptography
The public key notion which was developed by Martin Hellman
and Diffie in 1976 is also referred to as asymmetric key
cryptography. Both keys get developed or generated secretly but
are interrelated pair.
In this cryptography, the public keys are distributed freely but
this private keys are supposed to be secret. In other words, the
public keys are used to encrypt the message while private keys
are used to decrypt the message. One of the well know
algorithm used in this cryptosystem is the RSA. Other
algorithms include Elliptic curve, ELGamal, Cramer-Shoup
among others.
Figure 2: Public-private key cryptography
The cryptography which is used to implement schemes for
digital signature that prevent the forgery. The digital signature
gets tied to the message and cannot be moved to the another
4. document. The DSA and the RSA are common schemes for
processing digital signatures.
The computational complexity is the basis for the development
and the operation of public-key algorithms. For instance, this
integer factorization is used to create the hardness to RSA and
discrete the logarithm is used harden DSA. Elliptic curves are
as well involved in the theoretic development of the complexity
for this cryptosystem.
Digital signatures are the reverse of how private and public
keys work in encryption. Instead of using the public key of the
receiver to encrypt, the private key of the sender is used to
encrypt the message. However, the dangers come by when the
sender’s computer is attack and its signature used
inappropriately to sign and send documents.
Session Keys and digital envelops
One of the bad things about public key encryption is the slow
speed than the private key, hence there is need for an
improvement because business exchanges would be reduced to
crawling pace with public key usage. Thus the use of envelops
and session keys would maximize the speed by using symmetric
key encryption for bulk documents then a public key is used in
delivering the key
Legal Issues with Cryptography
There are raised concerns about the use of cryptography
technology that resulted in legal issues. In some countries, it is
illegal to use the cryptography. In some other governments like
Iran and Singapore there is a limitation on its use. Some would
require licensure. In US, cryptography is legal for domestic use.
Cryptanalysis
Specialists are involved in the testing and breaking of the
algorithms which are used for the encryption. With
computational effort, some of the ciphers would be be broken in
a process called brute force even though the effort amount is too
big. Cryptologists involved in research for commercial
encryption techniques and systems, ensure that the
vulnerabilities are filled up. The relations between bits and
5. encryption key of cipher text is the main study of encryption
algorithm to identify attacks and weaknesses.
Application of cryptography
Digital currencies
Digital currencies or crypto currencies have been using the
concept of cryptography in order to secure the wallets and
transactions that involve in these digital currencies. Money is a
sensitive thing and without security, it would be a big problem
that would result to a great loss. Digital currencies would hence
need a form of encryption that prevents hacking or interception
of the digital transactions.
Computer passwords
Passwords in a computer are stored in encrypted format. In
Linux operating system, such encryption is done to the
passwords and they are stored in a filed called the shadow file.
In this file, the passwords are hashed making them unreadable
to the user. When the password stored in the file is strong
enough, it would be difficult to crack the password through
brute force.
Military communication
Cryptography is also used in securing of military information.
This is especially an important measure that would ensure the
vital messages and military secrets are protected from
interception by people who are not authorized to gain access to
it. This concept was also used during World war 2.
Electronic commerce
E-commerce is web based and the internet is known as unsecure
channel. Hence, encryption is necessary for its development.
Cryptography would help to ensure secure e-commerce where
the customers who share sensitive information like credit card
details are satisfied when making purchases online. In e-
commerce, encryption would help to hamper the associated
threats like misappropriation, unauthorized access, and
destruction and alteration of systems and the data. Many users
of the e-commerce need confidence that they can conduct the
6. commercial and financial transactions safely with the assurance
that their information is secure and uninterrupted from
untrusted connections.
Public Key infrastructure
There are a set of implementations that would ensure the
maintenance of cryptographic components and the protocols
especially when cryptography is used in public domains. Such
infrastructure enables individuals and the businesses to have
trust when sending over information in a public network. The
following are components of PKI;
Trusted and authorized third parties
These are licensed parties especially the law enforcement
agencies which are authorized to decrypt and intercept
information. Also, this consists of those groups or parties that
are given license to offer encryption services.
Certification Authorities
These are organizations entrusted with the certification of users
using encryption and would establish credentials for
transactions over the web. Such CA certificates issued contain
information about the users like serial number, username,
digital signature and a copy of the public key of the holder
Secure Sockets Layer (SSL)
This is a protocol that Netscape developed to secure internet
communication. The infrastructure uses public-key
cryptography and the digital certificates which enable
authentication of the web server when transacting and would
protect private messages which would pass between receiver
and sender.
Figure 3: SSL infrastructure design
Secure Electronic Transactions or SET
This infrastructure was developed by MasterCard, Visa and
Netscape which is aimed at securing credit-card transactions as
a customer transacts with the merchant. This mechanism uses
digital signatures, encryption and message digests. For each
party to have their identity established – bank, merchant and
7. card holder- private and public key pairs are used as well as the
signed certificates.
Conclusion
This paper has taken into analysis of the technology of
cryptography. Study has been made on the forms of modern
cryptosystems which include symmetric and private-public keys
encryption. Although symmetric cryptology is faster, its main
challenge is encryption key management. The challenges of
symmetric cryptography are solved by use of public keys where
the sender would produce a public key and a private key.
However, this cryptography has a challenge of speed. Hence, a
mixture of both encryption methods is necessary to maximize on
their advantages and reduce their disadvantages. For instance,
with the help of session keys and digital envelops, one would be
able to encrypt bulk message with symmetric encryption and
only encrypt the key with public key cryptography hence
maximizing on speed while managing the keys securely.
The paper also states the importance of the encryption in
various applications like e-commerce, computer passwords, and
military. Encryption is done to ensure that the security of the
customers making purchases online are assured of security of
their information.
References
Ellison C. & Schneier B. (2000) Risks of PKI, 116.
Communications of the ACM, (42),12.
Davis, V. M., Cutino, S. C., Berg, M. J., Conklin, F. S., &
Pringle, S. J. (2001). U.S. Patent No. 6,282,522. Washington,
DC: U.S. Patent and Trademark Office.
Koops, B. J. (2013). Overview per country. Cryptolaw. org.
Cowie, B., & Irwin, B. (2012, July). Literature Survey: An
investigation into the eld of cryptography and cryptographic
protocols. In 2014 International Conference on Electronics,
8. Communication and Computational Engineering (ICECCE).
Miyan, M. (2017). Analysis on the Algorithm for Cryptography
Based MSLDIP Watermarking. International Journal of
Advanced Research in Computer Science, 8(3).
Torrubia, A., Francisco, J. M., & Marti, L. (2001).
Cryptography Regulations for E-commerce and Digital Rights
Management. Computers & Security, 20(8), 724-738.
Al-Vahed, A., & Sahhavi, H. (2011). An overview of modern
cryptography. World Applied Programming, 1(1), 55-61.
Ranger, S. (2016). The undercover war on your internet secrets:
How online surveillance cracked our trust in the web. Retrieved
July 3, 2018 from
https://web.archive.org/web/20160612190952/http://www.techre
public.com/article/the-undercover-war-on-your-internet-secrets-
how-online-surveillance-cracked-our-trust-in-the-web/
Schneier, B. (1996). Applied Cryptography, 2nd edn, John
Wiley and Sons.
Deitel H., Deitel P. & Nieto T. (2001) e-Business & e-
Commerce: How to Program. Prentice Hall NJ.
Deshmukh, M. B., Jadhav, M. D., & Sakarkar, M. G.
Cryptography Algorithm Using Neither EX-NOR Operation in
Mobility.