Cryptography's aim is to construct schemes or protocols that can still accomplish certain tasks even in the presence of an adversary. A basic task in cryptography is to enable users to communicate securely over an insecure channel in a way that guarantees their transmissions' privacy and authenticity. Providing privacy and authenticity remains a central goal for cryptographic protocols, but the field has expanded to encompass many others, including e-voting, digital coins, and secure auctions. This paper explains what cryptography is about and how we can scientifically justify a cryptographic scheme's security.
In computer science, cryptography refers to secure information and communication techniques derived from mathematical concepts and a set of rule-based calculations called algorithms to transform messages in ways that are hard to decipher. These deterministic algorithms are used for cryptographic key generation and digital signing and verification to protect data privacy, web browsing on the internet and confidential communications such as credit card transactions and email.
Objective of Cryptography:
- Confidentiality: the information cannot be understood by anyone for whom it was unintended
- Integrity: the information cannot be altered in storage or transit between sender and intended receiver without the alteration being detected
- Non-repudiation: the creator/sender of the information cannot deny at a later stage his or her intentions in the creation or transmission of the information
- Authentication: the sender and receiver can confirm each other's identity and the origin/destination of the informatio
It is during and after the European Renaissance, various Italian and Papal states led the rapid proliferation of cryptographic techniques. Various analysis and attack techniques were researched in this era to break the secret codes.
Improved coding techniques such as Vigenere Coding came into existence in the 15th century, which offered moving letters in the message with a number of variable places instead of moving them the same number of places.
Only after the 19th century, cryptography evolved from the ad hoc approaches to encryption to the more sophisticated art and science of information security.
In the early 20th century, the invention of mechanical and electromechanical machines, such as the Enigma rotor machine, provided more advanced and efficient means of coding the information.
During the period of World War II, both cryptography and cryptanalysis became excessively mathematical. With the advances taking place in this field, government organizations, military units, and some corporate houses started adopting the applications of cryptography. They used cryptography to guard their secrets from others. Now, the arrival of computers and the Internet has brought effective cryptography within the reach of common people.
History of cryptography:
The word "cryptography" is derived from the Greek kryptos, meaning hidden. The origin of cryptography is usually dated from about 2000 B.C., with the Egyptian practice of hieroglyphics. These consisted of complex pictograms, the full meaning of which was only known to an elite few. The first known use of a modern cipher, was by Julius Caesar (100 B.C. to 44 B.C.), who did not trust his messengers when communicating with his governors and officers. For this reason, he created a system in which each character in his messages was replaced by a character three positions ahead of it in the Roman alphabet.
In recent times, cryptography has turned into a battleground of some of the world's best mathematicians and computer scientists. The ability to securely store and transfer sensitive information has proved a critical factor in success in war and business.
Because governments do not wish certain entities in and out of their countries to have access to ways to receive and send hidden information that may be a threat to national interests, cryptography has been subject to various restrictions in many countries, ranging from limitations of the usage and export of software to the public dissemination of mathematical concepts that could be used to develop cryptosystems. However, the internet has allowed the spread of powerful programs and, more importantly, the underlying techniques of cryptography, so that today many of the most advanced cryptosystems and ideas are now in the public domain.
Major Concepts of Cryptography.Let’s talk in detail about 3 major concepts:
- Computer Security
- OSI Security Architecture
1. Computer Security
A definition of computer security consists of 3 points. We can name this as the CIA security concept (Confidentiality, Integrity and Availability):
1- Confidentiality: assure that confidential information is not available to unauthorized users.
2- Integrity: assure that information is only changed in a specified and authorized manner.
3- Availability: assure that services are available to authorized users.
2. OSI Security Architecture
OSI is an international standard that offers a systematic way of defining security requirements and characterizing the approaches to achieve these requirements. The OSI security architecture focus on security attacks, security mechanisms security services.
- Security Attack: any action that compromises the security of information. The security attack consists of 2 classes:
- Passive attack: The main goal of this attack is to collect information about the victim without touching the victim’s services or alter the data content, such as monitoring the transmission of data or traffic analysis. Passive attacks are very hard to detect because there’s no real communication with victim’s services or alteration of the data’s content.
- Active attack: This type of attack involves touching the victim’s services or some alteration to the data’s content or creating a false data. Active attacks have a several forms, including:
Masquerades: The attacker pretends to be someone else. For example, the attacker wants to connect to a network with a firewall; the firewall only accepts a list of MAC address. The attacker will masquerade his MAC address (or spoof his MAC) to get access or to be authorized to use it.
Denial of service attack (DOS): The goal of these attacks are to prevent service/s on the victim’s machine by sending or redirecting a massive amount of data stream to the victim. This may block the service/s on this server until this action stops. Active attacks are not hard to detect, but it’s impossible to prevent this attack absolutely because it has a wide range of potential attacks (OSs, SW, HW, Web applications, services… etc).
- Security Mechanism: a process that’s designed to detect, prevent and recover from a security attacks such as:
- Digital Signature: a mechanism that proves the source and the integrity of information.
- Access Control: a mechanism that allows only authorized users with a specific privileges.
- Data Integrity: a mechanism that assure the integrity of data.
- Cryptography: a mechanism that assures the secrecy of information or the secrecy of communication channels.
- Security Services: a processing or communication service that enhances the security of information or information transfers.
Cryptography is characterized by 3 points:
- The type of operations used for transforming plaintext to ciphertext. All encryption algorithms are based on 2 principles:
- Substitution: where the elements in the plaintext are mapped into another elements.
- Transposition: where the elements in the plaintext are rearranged.
- The number of keys used:
- If encryption and decryption algorithms use the same key, this system is symmetric.
- If encryption and decryption algorithms use different keys, this system is asymmetric or public-key encryption.
- The way in which the plaintext is processed:
- Block Cipher: The input is one block at a time and produces one block output for each input.
- Stream Cipher: The input is one element at a time and produces one output for each one input.
A cryptosystem is pair of algorithms that take a key and convert plaintext to ciphertext and back. Plaintext is what you want to protect; ciphertext should appear to be random gibberish. The design and analysis of today’s cryptographic algorithms is highly mathematical. Do not try to design your own algorithms.
Properties of a Good Cryptosystem :
There should be no way short of enumerating all possible keys to find the key from any reasonable amount of ciphertext and plaintext, nor any way to produce plaintext from ciphertext without the key.Enumerating all possible keys must be infeasible. The ciphertext must be indistinguishable from true random values.
Components of a Cryptosystem:
The various components of a basic cryptosystem are as follows −
- Plaintext. It is the data to be protected during transmission.
- Encryption Algorithm. It is a mathematical process that produces a ciphertext for any given plaintext and encryption key. It is a cryptographic algorithm that takes plaintext and an encryption key as input and produces a ciphertext.
- Ciphertext. It is the scrambled version of the plaintext produced by the encryption algorithm using a specific the encryption key. The ciphertext is not guarded. It flows on public channel. It can be intercepted or compromised by anyone who has access to the communication channel.
- Decryption Algorithm, It is a mathematical process, that produces a unique plaintext for any given ciphertext and decryption key. It is a cryptographic algorithm that takes a ciphertext and a decryption key as input, and outputs a plaintext. The decryption algorithm essentially reverses the encryption algorithm and is thus closely related to it.
- Encryption Key. It is a value that is known to the sender. The sender inputs the encryption key into the encryption algorithm along with the plaintext in order to compute the ciphertext.
- Decryption Key. It is a value that is known to the receiver. The decryption key is related to the encryption key, but is not always identical to it. The receiver inputs the decryption key into the decryption algorithm along with the ciphertext in order to compute the plaintext.
Types of Cryptosystems:
Fundamentally, there are two types of cryptosystems based on the manner in which encryption-decryption is carried out in the system −
- Symmetric Key Encryption
- Asymmetric Key Encryption
Symmetric Key Encryption:
The encryption process where same keys are used for encrypting and decrypting the information is known as Symmetric Key Encryption.The study of symmetric cryptosystems is referred to as symmetric cryptography. Symmetric cryptosystems are also sometimes referred to as secret key cryptosystems.
Asymmetric Key Encryption:
The encryption process where different keys are used for encrypting and decrypting the information is known as Asymmetric Key Encryption. Though the keys are different, they are mathematically related and hence, retrieving the plaintext by decrypting ciphertext is feasible.
Uses of Cryptography:
- Modern cryptography uses sophisticated mathematical equations (algorithms) and secret keys to encrypt and decrypt data. Today, cryptography is used to provide secrecy and integrity to our data, and both authentication and anonymity to our communications.
- In data and telecommunications, cryptography is necessary when communicating over any untrusted medium, which includes just about any network, particularly the Internet. Cryptography, then, not only protects data from theft or alteration, but can also be used for user authentication.
- Applications of cryptography include electronic commerce, chip-based payment cards, digital currencies, computer passwords, and military communications. Cryptography prior to the modern age was effectively synonymous with encryption, the conversion of information from a readable state to apparent nonsense.
- In general, cryptography is an important way of achieving data confidentiality, data integrity, user authentication and non-repudiation. Let me explain you Cryptography in a very simple language where a non-technical person can also easily understand.