Cryptography: The Art of Secret Writing

Cryptography” comes from the Greek words kryptos, meaning “concealed, hidden, veiled, secret, or mysterious”, and graphia, “writing”; thus, cryptography is “the art of secret writing.”

Information plays a vital role in the running of businesses, organizations, military operations, etc. Information in the wrong hands can lead to loss of business or catastrophic results. To secure communication, a business can use cryptology to cipher information. Cryptology involves transforming information into a Non-human readable format and vice versa.

In this article, we will introduce you to the world of cryptology and how you can secure information from falling into the wrong hands.

    Cryptography is the practice of using mathematical algorithms to encode and decode information in order to secure its transmission and storage. The goal of cryptography is to make it difficult for an unauthorized party to access or modify the information, while still allowing an authorized party to do so. 

    Cryptography can be divided into two main categories: 

    1. symmetric-key cryptography, where the same key is used for encryption and decryption, and 
    2. asymmetric-key cryptography, also known as public-key cryptography, where different keys are used for encryption and decryption.

    Cryptographic techniques are used in various applications, including secure communication, digital signatures, and e-commerce.


    Symmetric Encryption

    Symmetric Encryption is also known as conventional encryption which has been introduced in the late 1970s. This technique is used to provide confidentiality for the data transmission or to store data using the symmetric encryption method. There are two well-known symmetric encryption algorithms used they are: Data Encryption Standard(DES) and Advanced Encryption Standard (AES), both algorithms are block cipher encryption algorithms.

    Let us understand each component that is shown in the above symmetric encryption model.

    • Plaintext: Original message or data provided as input into the algorithm.
    • Encryption Algorithm: The encryption algorithm used performs operations on the plaintext.
    • Secret Key: Secret Key is also an input provided to the encryption algorithm. The exact number of substitutions or transformations performed by an algorithm depends on the key.
    • Cipher text: Encrypted message which is produced as output which depends on the plaintext and key used. For the same message, if there are different keys used, cipher text will be different for both keys used.
    • Decryption Algorithm: It is the same encryption algorithm that runs in the reverse manner which takes the cipher text and secret key as the input and generates the original plaintext.

    There are two requirements for the symmetric encryption algorithms to work, the first one is
    strong encryption algorithms are known to both the party sender and receiver and the second one
    is the secret key should be known only to the sender and receiver only.

    Ceaser cipher is a very form of symmetric key encryption. Symmetric cryptography doesn't address the following issue: The attacker can eavesdrop on the shared key between sender and receiver and can steal the key and decrypt the data. This is where the concept of the Public Key Encryption OR Asymmetric key cryptography comes into the picture.


    Example of Symmetric Encryption

    An example of symmetric encryption is the Caesar cipher. It is a simple symmetric encryption algorithm that replaces each letter in the plaintext with a letter shifted a certain number of positions down the alphabet. The key in this case is the number of positions each letter is shifted.

    For example, suppose Bob wants to send the message "HELLO" to Alice, and they have agreed to use a key of 3 for the Caesar cipher. Alice replaces each letter in the plaintext with the letter that is 3 positions down the alphabet. The resulting ciphertext is "KHOOR". Alice then sends the ciphertext to Bob, who uses the same key of 3 to decrypt the ciphertext. Bob replaces each letter in the ciphertext with the letter that is 3 positions up the alphabet, obtaining the original plaintext "HELLO".

    Note

    The security of the Caesar cipher is very weak and can be easily broken by an attacker. In practice, modern symmetric encryption algorithms are much more secure and have been designed to withstand attacks by attackers who have access to the encryption algorithm.

    Asymmetric Encryption

    Asymmetric encryption is also known as Public Key key cryptography. It uses two mathematically related but unique keys: a public key and a private key. Each key has its own unique function. The public key is used to encrypt the data and the private key is used to decrypt the data. It is computationally infeasible to obtain the private key from the public key. Its primarily used for authentication, non-repudiation, and key exchange.

    Anyone with the public key can encrypt the data but cannot decrypt the same. Only the appropriate receiver with the private key can decrypt the data. Even if the attacker knows that the sender is transmitting data to the receiver, also data passes through multiple channels, there is nothing he or she can do. As the data can only be decrypted by the private key All communication that takes part between the sender and receiver includes the public key.

    The private key is never shared; they are simply stored on the software or on the machine used. Some of the examples of the public key cryptosystem are Elgamal(named after its inventor TaherElgamal), and RSA (Ron Rivest, Adi Shamir, Leonard Adleman) which is most widely used even in current times. Diffie-Hellman.


    Example of Asymmetric encryption

    An example of asymmetric encryption is the RSA algorithm. It is one of the most widely used public-key encryption algorithms and is based on the mathematical properties of large prime numbers.

    In RSA, each user has a pair of keys: a public key and a private key. The public key can be freely shared, while the private key must be kept secret. To send an encrypted message, the sender uses the receiver's public key to encrypt the message. The receiver then uses their private key to decrypt the message.

    Here's an example of how RSA encryption works:

    Suppose Bob wants to send a secret message to Alice. Alice provides Bob with his public key, which can be freely shared. Bob then uses Alice's public key to encrypt the message. The encrypted message is then sent over an insecure channel, such as the Internet. Alice receives the encrypted message and uses his private key to decrypt it, obtaining the original message from Bob.

    Note that in RSA, it is computationally infeasible to compute the private key from the public key, making RSA an effective method for secure communication over an insecure channel. The security of RSA is based on the mathematical difficulty of factoring large prime numbers, and RSA keys used in practice are typically 1024 bits or longer to provide an adequate level of security.


    Strengths and Weaknesses of Cryptography

     

    Symmetric Encryption

    Asymmetric Encryption

    Strengths

    Faster and easier to implement as the same key is used to encrypt and decrypt data and also requires less processing power. Could be implemented in Application Specific Integrated Chip (ASIC).

    Convenient to use as the distribution of keys to encrypt the messages is not required

    Prevents widespread message security compromise as the different secret key is used to communicate with different party

    Enhanced security as one need not share or transmit private keys to anyone

    The key is not bound to the data being transferred on the link; therefore, even if data is intercepted it is not possible to decrypt it

    Provides digital signatures that can’t be repudiated

    Weaknesses

    Lack of a secure channel to exchange the secret key

    Slow in processing and requires high processing power

    Difficult to manage and secure too many shared keys that are generated to communicate with different parties.

    Widespread message security compromise is possible (i.e., the attacker can read his/her complete messages if the private key is compromised)

    Provides no assurance about the origin and authenticity of a message as the same key is used by both sender and receiver

    Messages received cannot be decrypted if the private key is lost

    Vulnerable to dictionary attacks and brute-force attacks

    Vulnerable to Man-in-the-Middle and brute-force attacks


    Hash Function

    Cryptographic Hash Functions are mathematical algorithm that takes the input of the arbitrary size of data and generates the fixed length hash value or message digest or simply digest and they are also designed to be one-way functions. This means they are not reversible in nature.

    There are a few properties of the HASH Function which are mentioned below due to which they are still widely used in different information security applications.

    • It is deterministic which means it will always give the same hash value for the same input message.
    • Computing the hash value of the message is faster.
    • It is infeasible to generate the same message from the hash value.
    • Even a very small change in the message will change the hash value completely.
    • It is infeasible to find two different messages with the same hash value.

    Due to such properties, they are widely used for digital signatures, Message Authentication codes, Indexing data in the hash table, fingerprinting, finding duplicate data, and Checksums to identify any modification in data.

    Hash Algorithms that are commonly used today:

    • Message Digest(MD) Algorithm: A byte-oriented algorithm that produces a 128-bit hash value from an arbitrary-length message. There are various versions of these algorithms present such as MD2(RFC 1319), MD4(RFC 1320), and MD5(RFC 1321)
      • MD5 is the third message digest algorithm after MD3 and MD4, which process data in 512-bit blocks which is broken down into 16 words composed of 32 bit each. The output from MD5 is a 128-bit message digest value.
    • Secure Hash Algorithm: It is a cryptographic hash function published by the National Institute of Standards and Technology (NIST) as a U.S. Federal Information Processing Standard which takes an input and produces a 160-bit hash value known as a message digest – typically rendered as a hexadecimal number which is 40 digits long. It works by transforming the data using a hash function: an algorithm that consists of bitwise operations, modular additions, and compression functions. There are a series of algorithms exist such as SHA-1, SHA-2, and SHA-3. 

    Apart from this, there other well-known HASH Functions exist which are used such as RIPEMD, and WhirlPool.


    Digital Certificate

    There are several issues that exist with the public key cryptosystems; one of them is the man-in-the-middle attack which is one of the potential threats. In this attack someone tries to fake the key with a user ID and name and tried to pretend the same person, which is not, and resulting in this, the data is encrypted with the attacker's key.

    It is vital to know that the public key to which you are encrypting the data is the actual key of the intended recipient and not a forged one.

    To overcome this, Digital Certificates have been introduced, which will ensure whether a public key truly belongs to the actual owner or not. It acts much like a physical certificate.

    Digital certificates consist of three things:

    • A Public Key.
    • Certificate Information(Identity information about the user).
    • One or more digital signatures.


    Public Key Infrastructure

    A Public Key Infrastructure(PKI) is a combination of policies, roles, and procedures, which are needed to create, manage, distribute, use, store, and revoke digital certificates and manage public-key encryption. It includes components such as Certificate Authority(CA) and the Registration Authority(RA).

    Certificate Authority creates a certificate and digitally signs them using its own private key. As it is the central component of the PKI system. Using the public key of the CA one can verify the authenticity of the digital certificate and can check the integrity of the content of the certificate.

    Registration Authority refers to the people which can include groups, companies, processes, and tools that will help users to enroll in the PKI system. It also checks whether the public key belongs to its owner or not. On the other hand, CA is the software that issues the actual certificates.

    Post a Comment

    0 Comments
    * Please Don't Spam Here. All the Comments are Reviewed by Admin.

    #buttons=(Ok, Go it!) #days=(20)

    Our website uses cookies to enhance your experience. Learn More
    Ok, Go it!