Cryptography Concept

Cryptography Terminology

Until modern times cryptography referred almost exclusively to encryption, which is the process of converting ordinary information (plaintext) into unintelligible gibberish (i.e., ciphertext). Decryption is the reverse, in other words, moving from the unintelligible ciphertext back to plaintext.

A cipher (or cypher) is a pair of algorithms which create the encryption and the reversing decryption. The detailed operation of a cipher is controlled both by the algorithm and in each instance by a key. This is a secret parameter (ideally known only to the communicants) for a specific message exchange context. Keys are important, as ciphers without variable keys are trivially breakable and therefore less than useful for most purposes. Historically, ciphers were often used directly for encryption or decryption without additional procedures such as authentication or integrity checks. In colloquial use, the term "code" is often used to mean any method of encryption or concealment of meaning. However, in cryptography, code has a more specific meaning. It means the replacement of a unit of plaintext (i.e., a meaningful word or phrase) with a code word (for example, apple pie replaces attack at dawn). Codes are no longer used in serious cryptography except incidentally for such things as unit designations (e.g., Bronco Flight or Operation Overlord)- since properly chosen ciphers are both more practical and more secure than even the best codes and also are better adapted to computers as well.

plaintext - original message
ciphertext - coded message
cipher - algorithm for transforming plaintext to ciphertext
key - info used in cipher known only to sender/receiver
encipher (encrypt) - converting plaintext to ciphertext
decipher (decrypt) - recovering ciphertext from plaintext
cryptography - study of encryption principles/methods
cryptanalysis (codebreaking) - study of principles/ methods of deciphering ciphertext without knowing key
cryptology - field of both cryptography and cryptanalysis

Cryptography Algorithms

Classified along three independent dimensions:
The type of operations used for transforming plaintext to ciphertext
The number of keys used
symmetric (single key, or private-key encryption)
asymmetric (two-keys, or public-key encryption)
The way in which the plaintext is processed

Symmetric algorithms P=D(K,E(K,P))

Asymmetric algorithms P=D(Kd, E(Ke, P))


Symmetric vs. Asymmetric

If the system issymmetric, then there may be a need to distribute a secret key value before secret messages can be exchanged. ¤One of the most difficult aspects of obtaining a secure system.

If the system is asymmetric, then it may be possible to avoid this particular problem by distributing only the encryption keys, which do not need to be secret. ¤However it is then replaced by the problem of guaranteeing the authenticity of each participant’s encryption key.

Methods use in Cryptography Algorithm

¨Substitution ¤monoalphabetic substitution nFormed by shifting the letters of the original alphabet ¤polyalphabetic substitution nExtension of monoalphabetic substitution system nUsing Vigenere Tableau ¨Transposition ¤unkeyed transposition nRearrange letters by using matrix ¤keyed transposition nRearrange letters by using matrix where the size of matrix is determined by the length of the key used.

Data encryption


Data encryption refers to the process of transforming electronic information into a scrambled form that can only be read by someone who knows how to translate the code. Encryption is important in the business world because it is the easiest and most practical method of protecting data that is stored, processed, or transmitted electronically. It is vital to electronic commerce, for example, because it allows merchants to protect customers' credit card numbers and personal information from computer hackers or competitors. It is also commonly used to protect legal contracts, sensitive documents, and personal messages that are sent over the Internet. Without encryption, this information could be intercepted and altered or misused by outsiders. In addition, encryption is used to scramble sensitive information that is stored on business computer networks, and to create digital signatures to authenticate e-mail and other types of messages sent between businesses.

Encryption comes from the science of cryptography, which involves the coding and decoding of messages in order to protect their contents. Modern computer technology has vastly increased the complexity of encryption—which is usually accomplished using complicated mathematical principles—as well as the ability of people to break codes. A wide variety of data encryption programs are available on the Internet. In fact, encryption programs are already incorporated in many Web browsers, e-mail systems, and operating systems. Computer security experts stress that small businesses should take advantage of the availability of encryption programs to protect their data, particularly when it is transmitted over the Internet. Some business owners make the mistake of believing that their information will be lost in the huge sea of data flowing through the Internet, or of assuming that no one would be interested in their messages. But it is very easy for outsiders to gain access to unprotected data, and it only takes one unscrupulous individual to create tremendous problems for a company. The most popular use of encryption is in electronic commerce. The majority of retailers who do business online use data encryption programs to protect their customers' private financial data. Despite the occasional story of hackers stealing credit card numbers, online retailers claim that making purchases over the Internet is as safe as handing a credit card to a waiter at a restaurant. "The types of encryption methods in place today are practically unbreakable by any reasonable means," said John Browne of Microsoft in Chain Store Age Executive. "Retailers need to understand that consumers will want to shop on the Internet and that it is an excellent place for merchandising." When a customer makes a purchase online, their financial data is automatically encrypted by a program built into their Web browser. Then the encrypted data is transmitted safely to the merchant, who is able to decrypt it using a key. In general, this entire process is accomplished with the click of a mouse button and is transparent to both the consumer and the merchant.

Types of Encryption Programs

There are two main types of data encryption systems. In the first which is variously known as private key, single key, secret key, or symmetric encryption both the sender and the recipient of the data hold the same key for translation. This single key is used both to code and decode information that is exchanged between the two parties. Since the same key is used to encrypt and decrypt messages, the parties involved must exchange the key secretly and keep it secure from outsiders. Private key encryption systems are usually faster than other types, but they can be cumbersome when more than two parties need to exchange information. The second, and more commonly used, type of data encryption system is known as a public key system. This type of system involves two separate keys: a public key for encoding information; and a private key for decoding information. The public key can be held and used by any number of individuals and businesses, whereas only one party holds the private key. This system is particularly useful in electronic commerce, where the merchant holds the private key and all customers have access to the public key. The public key can be posted on a Web page or stored in an easily accessible key repository. Public key encryption systems are widely available on the Internet and are heavily utilized by large companies like Lotus and Microsoft.

The best-known data encryption program is called RSA. It was developed in the late 1970s by three graduates of the Massachusetts Institute of Technology—Ronald Rivest, Adi Shamir, and Leonard Adleman. As of 2000, there were 300 million copies of the RSA encryption program installed on computer systems worldwide. RSA scrambles data based on the product of two prime numbers, each of which are 100 digits long. RSA is as a public key encryption system, meaning that many people can use it to encode information, but only the person who holds the key (or knows the value of the two prime numbers) can decode it again. RSA is embedded in hundreds of popular software products, including Windows, Netscape Navigator, Quicken, and Lotus Notes. It is also available as a free download from the World Wide Web.