Cryptography

Cryptography is the practice of secure communication in the presence of third parties. It involves the use of mathematical algorithms to transform information into a form that is unintelligible to anyone except those who have the key to decrypt it. Cryptography is used to protect the confidentiality, integrity, and authenticity of information.

There are two main types of cryptography: symmetric-key cryptography and public-key cryptography. In symmetric-key cryptography, the same key is used for both encryption and decryption. In public-key cryptography, there are two different keys: one for encryption and one for decryption. Public-key cryptography is often used for digital signatures and for secure communication over insecure channels.

Cryptography is used in many applications, including secure communication over the Internet, secure storage of data, and digital signatures. It is also used in many areas of science and engineering, such as computer security, quantum computing, and the study of prime numbers.

Symmetric-key cryptography

Symmetric Key Cryptography, or Symmetric Encryption, uses a secret key for encryption and decryption. This approach is the inverse of Asymmetric Encryption, which uses one key to encrypt and another to decrypt. Data is translated into a format that cannot be interpreted or inspected by someone who does not have the secret key used to encrypt it during this phase.

The strength of the random number generator used to generate the secret key determines the effectiveness of this method. Symmetric Key Cryptography, commonly used on the Internet today, comprises two kinds of algorithms: Block and Stream. The Advanced Encryption Standard (AES) and the Data Encryption Standard (DES) are two common encryption algorithms. This type of encryption is typically much faster than Asymmetric Encryption, but it allows the sender and the data receiver to hold the secret key.

Symmetric cryptography is based on a single shared key that all parties know and can use to encrypt and decrypt data.

Secret-key, single-key, shared-key, one-key, and private-key encryption are other words for symmetric-key cryptography. The usage of the last and first words will lead to misunderstanding compared to the related language used in public-key cryptography.

Asymmetric Key Cryptography

Asymmetric cryptography, better known as public-key cryptography, encrypts and decrypts a message using a pair of similar keys. In asymmetric key cryptography, the private key is kept by one public key and one private key — to prevent unauthorized entry or usage. Anybody can use a public key to encrypt a document so that only the expected receiver can decrypt it with their private key. A private key or secret key is only known to the key’s generator.

When anyone tries to submit an encrypted message, they will use a shared directory to retrieve the recipient’s public key and use it to encrypt the message until submitting it. The message will then be decrypted by the receiver using their associated private key.?

However, when the sender encrypts the message using their private key, the message may only be decrypted using the sender’s public key, thus authenticating the sender. These encryption and decryption procedures are automatic; users don’t need to lock and unlock the message manually.

Numerous protocols, including transport layer security (TLS) and safe sockets layer (SSL) protocols that allow HTTPS, depend on asymmetric cryptography. Encryption is often used in browsers that need to create a stable link over an unstable network, such as the Internet, or to verify a digital signature.

The key advantage of asymmetric cryptography is increased data security. Since users are never expected to disclose or exchange their private keys, the risks of cyber activity on a user’s private key during transmission are reduced.

Network Security Principles

In?cryptography, attacks are of two types Passive attacks and Active attacks.?

Passive attacks are those that retrieve information from the system without affecting the system's resources. Active attacks are those that retrieve system information and make changes to the system resources and their operations.?

The Principles of Security can be classified as follows:?

1. Confidentiality: The degree of confidentiality determines the secrecy of the information. The principle specifies that only the sender and receiver will be able to access the information shared between them. Confidentiality compromises if an unauthorized person is able to access a message.?
2. Authentication:?Authentication is the mechanism to identify the user or system or entity. It ensures the identity of the person trying to access the information. Authentication is mostly secured by using a username and password. The authorized person whose identity is preregistered can prove his/her identity and can access sensitive information.?
3. ?Integrity:?Integrity gives the assurance that the information received is exact and accurate. If the content of the message is changed after the sender sends it but before reaching the intended receiver, then it is said that the integrity of the message is lost.?
4. Non-Repudiation:?Non-repudiation is a mechanism that prevents the denial of the message content sent through a network. In some cases, the sender sends the message and later denies it. But the non-repudiation does not allow the sender to refuse the receiver.?
5. Access control:?The principle of access control is determined by role management and rule management. Role management determines who should access the data while rule management determines up to what extent one can access the data. The information displayed is dependent on the person who is accessing it.?
6. Availability: The principle of availability states that the resources will be available to the authorized party at all times.

Cryptography?uses mathematical techniques to transform data and prevent it from being read or tampered with by unauthorized parties.