BASICS IN CRYPTOGRAPHY AND SECURITY


Definitions:


Cryptography:  Cryptography is the art or science encompassing the principles and methods of transforming message into one that is unintelligible,                                 and retransforming that to its original form.

plaintext:         The original intelligible message.

ciphertext:        The transformed message.

cipher:                 An algorithm for transforming and intelligible message into one that is unintelligible by transposition and/or substitution methods.

Encryption:        The process of converting plaintext to ciphertext using a cipher and a key.

Decryption:        The process of converting ciphertext back to plaintext using a cipher and a key.

Cryptanalysis:   Cryptoanlysis is the practice of analyzing and breaking cryptography. It is important that the cryptographic
                             algorithms one uses be resistant to cryptoanalysis. Also called codebreaking.

Cryptography:    The study of both cryptography and cryptanalysis.

Authentication:  The assurance of identity of originator of data.



Common security threats:



Approaches to security:

       Solution:

                Use a combination of both procedures.

        Other layers at which security can be implemented:


Taxonomy of ciphers:


Cryptanalysis:
The art of breaking ciphers is known as cryptanalysis.

Methods of cryptanalysis:


Types of security:

There are two fundamentally different ways ciphers may be secure.

It may one one of the following:
  1. Given limited computing resources (e.g., time needed for  calculations is greater than time of universe), the cipher cannot be broken.
  2. Provide evidence of computational security by reducing the  security of cryptosystem to some well-studied problem thought to be difficult (e.g, factoring). Such systems are called Provably secure.


To enhance privacy i.e to increase data confidentiality we use encryption techniques.

There are two types of modern cryptographic algorithms: public-key algorithm and secret-key algorithm.

Secret-key algorithms:
In secret-key algorithm, a k-bit ``secret key'' is shared by two users, who use it to transform plaintext inputs to an encoded cipher.By carefully designing transformation algorithms, each bit of output can be made to depend on every bit of the input. With such an arrangement, a key of 128 bits used for encoding results in a key space of two to the 128th (or about ten to the 38th power).
            Example algorithms: DES,TripleDES,AES.

Public-key algorithms:
These algorithms solve the problem of secure key exchange.

            Example algorithms: RSA,Galois Field system.


Problems with secret-key algorithm:




            Approaches to solving key distribution problem:
    One method for solving the key distribution problem is appointing a central key distribution center. Every potential communicating party must register with the server and establish a shared secret key. If party A wishes to establish a secret key with party B this
request is sent to the central server. The server can then inform B that A wishes to communicate, and re-encrypt and re-transmit a
key B has sent. ``The problem with this approach is that key distribution center should be a trusted party agreeable to everyone``.

    A secret key can be agreed upon even without a central server. For example, the Diffie-Hellman key exchange is a protocol for
agreeing on a secret key based on publicly-discussed very large prime numbers. Its security is based on the assumed difficulty of  
taking discrete logarithms modulo very large prime numbers.


Problems with public-key encryption:


Secret key Vs Public key algorithms