Introduction
Cryptography is a technique of secure communications that allows a particular sender and intended recipient of a message to view its contents. The term is obtained from the Greek word “Kryptos”, which means “hidden, secret”.
More generally, cryptography is about establishing and analyzing protocols that avert third parties or the public from reading personal messages. Moreover, it works on the various aspects of information security such as data confidentiality, data integrity, authentication, and non-repudiation.
Advanced cryptography exists in the concurrency of disciplines such as mathematics, computer science, electrical engineering, communication science, and physics.
Application of cryptography includes electronic commerce, chip-based payment cards, digital currencies, computer passwords, and military communications. Cryptography is important and effectively interchangeable with encryption, and converting information from a readable state.
Encrypted messages are shared by the sender with decoding technique only with intended recipients to stop access from adversaries. Modern cryptography is based on mathematical theory and computer science. These algorithms are hard to decrypt in actual practice. Hence, possible to break into an ingenious system.
History of Cryptography
The first evidence of cryptography was found in an inscription carved around 1900 BC by the nobleman Khnumhottep II, in Egypt. The writer used weird hieroglyphic symbols in additional ordinary ones. The most purpose isn't to cover the message and maybe to vary its form in a way that will make it appear dignified. The inscription is not a form of secret writing, and it is interconnected with a variety of transformations of the original text and the known text.
Julius Caesar was known to use a form of encryption to convey hidden messages to his army general posted on the war front. In addition, the substitution cipher is also known as the Caesar cipher. Each character of the plain text in a substitution cipher has substituted the form of ciphertext by using another character.
In the 16th century, the first designed cipher is used an encryption key by Vigenere. One of his cipher's encryption keys was repeated multiple times spanning the entire message. Hence the message character of the ciphertext was produced by adding the key character modulo 26. Modulo is the expression of the mathematical calculation to remind of a division when one number is divided by another.
In the 19th century everything became electric, the electro-mechanical contraption was designed by Hebern and it was also called as Hebern rotor machine. It uses a single rotor to embed in a rotating disc with secret keys. German engineer Arthur Scherbius has invented the Engima machine at the end of the First World War. However, it was used by the German forces during the Second World War.
In 1970 “crypto group” form was introduced by Horst-Feistel to use for IBM customer encryption. In 1997, NIST (National Institute of Standards and Technology) requested a proposal for a new block cipher and it received 50 submissions. And in 2000 it was accepted by Rijndael and Christened AES (Advanced Encryption Standard)
Primary Key Functions of Cryptography
There are 4 important features of cryptography. They are Privacy/confidentiality, Integrity, Non-repudiation, Authentication, and Key Exchange.
Privacy/confidentiality- Ensuring that the information or the text message can be read-only by the intended receiver.
Integrity- Information is unmodified in storage or transition and the information cannot be detected in any addition of the sender and the intended receiver.
Non-repudiation - It's the mechanism to prove that the sender actually sent a message.
Authentication- It helps to identify the sender and receiver information is confirmed.
Key exchange- Crypto keys are shared between sender and receiver by using the key exchange method.
Cryptography starts with the unencrypted data as plaintext. Plain text is encrypted into ciphertext and that can be decrypted back into usable plaintext. The encryption and decryption are based on the cryptography scheme form of a key. This process is sometimes written as:
C = Ek(P)
P = Dk(C)
P = plain text, C = cipher text, E = the encryption method, D = the decryption method,
And K = the key. Cryptography is mostly associated with mathematical algorithms used to encrypt and decrypt messages.
Types of Cryptography
There are many ways of classifying cryptographic algorithms. The number of keys is employed for encryption and decryption defined by their application and use. The three types of algorithms are:
☀ Secret Key Cryptography (SKC)
☀ Public Key Cryptography (PKC)
☀ Hash Functions
Secret Key Cryptography (SKC)
SKC uses a single key exchange for both encryption and decryption algorithms. It is also known as symmetric encryption and is essentially used for privacy and confidentiality.
A sender uses the key to encrypt the plaintext and sends the ciphertext to the indent receiver. The receiver uses the same keys to decrypt the message and recover the plaintext. Hence a single key is used for both functions. The form of the cryptography key might be known to both the sender and the receiver. The biggest disadvantage of this approach is the key distribution.
Stream ciphers or block ciphers are generally categorized by the secret key cryptography schemes. The stream ciphers operate on a single byte at the time of implementation. In this forming process, the feedback mechanism changes the key constantly. They come in several flavors and two are worth mentioning.
Each byte in the keystream is calculated in self-synchronizing stream ciphers. It also calculates the function of the previous n bit in the keystream. Hence it's termed “self-synchronizing” of the decryption process which will remain synchronized with the encryption simply.
Synchronous stream ciphers initiate the keystream independent of the message stream and use the same keystream function for a sender and receiver. Stream ciphers are unable to communicate with transmission errors during the process. It is their nature and the keystream would repeat eventually.
A block cipher scheme encrypts with one fixed-size block of data at a time. A plaintext block encrypts the same ciphertext by using the same key, and the same plaintext would encrypt a different ciphertext in a stream cipher.
Block ciphers can operate by using one of several modes, and the followings are;
☀ Electronic Codebook(ECB)
☀ Cipher Block Chaining(CBC)
☀ Cipher Feedback(CFB)
☀ Output Feedback(OFB)
☀ Counter(CTR)
Electronic Codebook (ECB) - ECB is a simple application that uses the secret key to encrypt the plaintext block to cipher block form. Two identical plaintext blocks are the same ciphertext blocks.
Cipher Block Chaining (CBC) - CBC is the mechanism mode to add the encryption scheme. CBC protects against many brute-force, deletion, and insertion attacks. A single-byte error within the ciphertext submits a whole block error within the decrypted plaintext blocks that might encrypt differently.
Cipher Feedback (CFB) - CFB is a mode of block cipher implementation and it works as a self-synchronizing stream cipher. It allows the data to encrypt in the block size in units to become smaller.
Output Feedback (OFB) - OFB is a mode of block implementation and works similarly to a synchronous stream cipher. Output feedback prevents the plaintext by using an internal feedback mechanism and generates the same ciphertext block.
Counter (CTR) - CTR is a modern addition to blocking ciphers. CFB, OFB, and CTR modes operate on the block as in a stream cipher. In addition, ECB and CRT modes operate the block independently. ECB and CTR use different key inputs to different blocks of the plaintext and receive the result in the plaintext.
Public Key Cryptography
Public key cryptography is the most significant development in cryptography in the last 300-400 years. The first modern public-key cryptography was published by Stanford University professors Martin Hellman and Whitefield Diffie in 1976. PKC depends on one-way functions or mathematical functions. They are easy to compute with an inverse function that is relatively difficult to compute.
Two examples of public-key cryptography:
i) Multiplications vs. Factorization: let’s take an example of two prime numbers of 3 and 7 that need to be calculated for a product. It does not take calculation for the value is 21. Instead, a number that is a product of two primes, 21 needs to determine the prime factors for the number. There is a solution to calculate the product that takes a millisecond. If the factor number is longer, the problem becomes harder. If the prime number is 300 then the product would have 600 digits.
ii) Exponentiation vs. logarithms: if the number is 2 to 4th power again it is easy to calculate 36 = 729. If the numbers start with 729 and need to determine the two integers x and y. The logx 729 = y. It would take a longer time to calculate the two values.
To encrypt and decrypt the message, an asymmetric key uses the same key for both. Although a group of messages or a message might have a different key than others. The disadvantage of a symmetric cipher should use the key management securely. Each decided pair of communicating parties might share the various keys and every ciphertext exchange the keys also. Additionally, it requires complex key management schemes to stay consistent and secret.
In public-key cryptography, the “digital signature” scheme is used for implementation. A digital signature is known as the recollect of an ordinary signature. It helps the user produce and use both the characters easily. Digital signatures can be used permanently in the content of the message being signed. The signature cannot be moved from one document to another, for any attempt would be detectable.
There are two important algorithms used in the digital signature scheme.
The most common encryption data method used is the public key.
Advanced Encryption Standard (AES) is a symmetric encryption algorithm that encrypts fixed blocks of data at a time
Rivest-Shamir-Adleman (RSA)
Triple DES (Data Encryption Standard)
Twofish.
These 4 types of encryption are used in public-key encryption.
Hash functions
Hash functions use cryptographic algorithms to generate and utilize a specific key to encrypt data for symmetric or asymmetric encryption. A digital signature has used a message of any length as input, and output of short, that's fixed in hash functions. For any good hash function, an attacker might not find two messages that produce the same hash.
A common algorithm for Hash in today’s use:
Message Digest (MD) algorithm: It is a byte-oriented algorithm that produces a 128-bit value from an arbitrary-length message.
MD2 Algorithms: To contain a limited memory the smart cards are designed and used in historical status.
MD4 algorithms: The message digest is developed by Rivest and is similar to MD2. It is specifically designed for fast processing in software.
MD5 algorithms: It is also developed by Rivest, after finding the weaknesses in MD4. The MD5 is similar to MD4 and works slower because more manipulation is made to the original data.
Conclusion
Each scheme should be optimized for some specific cryptographic application. For example, secret key cryptography is suited to encrypt the message and provide privacy and confidentiality.
The sender initiates the session key of a message to encrypt the message. Hence, the receiver receives the same key to decrypt the message.
Public-key cryptography is the key application to exchange the key. Asymmetric schemes are used for non-repudiation and user authentication; if the receiver receives the session key encrypted with the sender’s private key. Hash functions are well-suited for data integrity and any changes made to the content of a message.
The result of calculating a different hash value might be placed in the transmission by the sender.
Explore cyber security certification courses from Sprintzeal.
An article which might be useful to you-
LIST OF TOP SECURITY CERTIFICATIONS 2022
Last updated on May 26 2023
Last updated on Aug 10 2023
Last updated on Jun 15 2022
Last updated on Feb 2 2024
Last updated on Apr 30 2024
Last updated on Jul 25 2023
Which Certification is best for Cybersecurity?
ebookTop 5 Compelling Reasons To Get A Cyber Security Certification
ebookHow to Become IT Security Expert with CISSP Certification
ebookTop 20 Reasons You Should Get a CISSP Certification
ebookCISM certification cost and career benefits
ebookWhat is CISSP? – Everything about CISSP Certification Explained
ebookPass CISSP Exam - How to Clear CISSP Exam in First Attempt 2024 (UPDATED)
ebookCISSP Certification – Top 25 Career Benefits in 2024
ebookCybersecurity – Everything You Need to Know About it
ebookCybersecurity Strategy: Building a Strong Defense for Business
ebookCyber Attack Statistics and Trends to Know in 2024
ebookUpdated Google Certification Training Course list 2024
ArticleWhich Cybersecurity Certification Should I Get First?
ebookCysa+ certification – Should you get it?
ebookList of Top Security Certifications
ArticleEasiest Security Certification to Get
ebookCybersecurity Fundamentals Explained
ebookISACA Certifications List 2024
ebookList of Top Information Security Certifications in 2024
ebookCISM certification cost details
ArticleSafeguarding Digital Domain: 10 Most Common Cybercrimes
ebookMitigate the Cyber-Attack Risks with Best Cyber Security Protocols
ebookCybersecurity Interview Questions and Answers 2024
ebookData Leak - What is it, Prevention and Solutions
ebookTop Cybersecurity Software Tools In 2024
ebookInformation Security Analyst - Career, Job Role, and Top Certifications
ebookCyber Security Analyst - How to Become, Job Demand and Top Certifications
ebookIBM Data Breach: Is IBM Really Breach-Proof?
ArticleCompTIA A+ Certification Latest Exam Update 2024
ArticleWhat is the Department of Defense (DoD) Directive 8140
ebookInformation Assurance Model in Cybersecurity
ebookWhat is Data Security - Types, Strategy, Compliance and Regulations
ebookData loss Prevention in Cyber Security Explained
ebookCybersecurity Controls Explained in Detail
ebookCybersecurity Framework - A Complete Guide
ebookCybersecurity Career Paths Guide
ebookFuture of Cybersecurity - Trends and Scope
ebookScope for Cybersecurity in 2024 - Update for 2024
ebookCyber Security Careers and Outlook - 2024 Guide
ebook5 Cybersecurity Predictions in 2024 - Trends and Challenges
ebookEthical Hacking Career: A Career Guide for Ethical Hacker
ebookApplication Security: All You Need To Know
ebookCybersecurity Roles - Top Roles and Skills to Consider in 2024
ebookHow to Get Cyber Essentials Certified
ebookTop 10 Cyber Security Threats and How to Prevent Them
ebookTop 10 Network Scanning Tools of 2024
ebookCyber Incident Response Plan: A Comprehensive Guide
ebookInformation Assurance Careers - Exploring Career Paths
ebookCybersecurity Mesh Architecture: What It Is and How to Build It
ebookWhat is Threat Modeling? Methodologies, Types, and Steps
ebookWhat is Digital Forensics? Types, Process & Challenges
ebookRecent Cyber Attacks & Data Breaches in 2024
ebookHow to Become an Information Security Analyst Salary, Skills, and More
ArticleList of Top Department of Defense (DoD) Approved 8570 Certification Courses
ebookTop 5 Ransomware Attacks to Watch Out for in 2024
ebookJob Prospects for DoD Certified Professionals: A Pathway to Success in cybersecurity
ebook10 Biggest Data Breaches of the 21st Century
ebookWhat is a Cybersecurity Incident?-Types, Impact, Response Process and More
ebookCyber Security Planning - A Detailed Guide for Risk Mitigation
ebookWhat is Cybercrime? Exploring Types, Examples, and Prevention
ebookCybercrime Impacts On Business: 6 Major Effects
ebook5 Types of Cyber Attacks You Should Be Aware of in 2024
ebookCloud Cyber Attacks: Causes, Types, Prevention and Protection
ebookCloud Malware: Types of Attacks and Security Measure
ebookList Of Top Cybersecurity Threats In 2024
ebookRisk-based Audit Planning Guide for Beginners
ebookDemystifying Cloud-Based Cyber Attacks: A Comprehensive Guide
ebookPrevent Cyber Attacks: Strategies to Protect Your Digital Assets
ebookList of Top 10 Cybersecurity Careers in 2024
ebookTop 20 Cybersecurity Trends to Watch Out for in 2024
ArticleHow to Become Cybersecurity Engineer
ArticleUnderstanding Risk assessment in audit planning
ArticleFundamentals of Risk-Based Auditing: A Strategic Framework
ArticleTop 8 Types of Cybersecurity Jobs and Salary Insights
ArticleA Comprehensive Guide to Building Risk-Based Internal Audit Plan
ArticleRisk-Based Internal Auditing Approaches: 7 Steps to Explore
ArticleCompTIA Security+ 601 vs. 701: Understanding Key Differences
ArticleWhy and How to Perform a Risk-Based Internal Audit
ArticleRisk-Based Auditing Techniques Explained
ebookEvolving Cyber Threats and Vulnerabilities in Cybersecurity Risk Management
ArticleWhat Is Secure Access Service Edge (SASE)?
ArticleHow to Stay Cyber-Secure in Work and Personal Life (Tips and Practices)
ArticleTarget Cyber Attack: Key Lessons from the 2013 Data Breach
ArticleLinkedIn User Data Protection Explained
ArticleCanva Data Breach: Best Lessons for Users and Businesses
ArticleHow Did Capital One Respond to Their Major Cyber Incident?
ArticleWhat Innovative Measures Did Reddit Take to Protect User Data?
ArticleHow Does Slack Respond to Security Challenges?
Article