Sunday, July 4, 2010

What is Cryptography?

Cryptography is an important part of preventing private data from being stolen. Even if an attacker were to break into your computer or intercept your messages they still will not be able to read the data if it is protected by cryptography or encrypted. In addition to concealing the meaning of data, cryptography performs other critical security requirements for data including authentication, repudiation, confidentiality, and integrity.

Cryptography can be used to authenticate that the sender of a message is the actual sender and not an imposter. Encryption also provides for repudiation, which is similar to authentication, and is used to prove that someone actually sent a message or performed an action. For, instance it can used to prove a criminal performed a specific financial transaction.

Cryptography ensures confidentiality because only a reader with the correct deciphering algorithm or key can read the encrypted message. Finally, Cryptography can protect the integrity of information by ensuring that messages have not been altered.

Cryptography comes from Greek words meaning “hidden writing”. Cryptography converts readable data or cleartext into encoded data called ciphertext. By definition cyrptography is the science of hiding information so that unauthorized users cannot read it.

Secret writing is an ancient practice that dates back to ancient Egypt but it is still critical to securing data today. In fact, encryption is absolutely necessary when transmitting sensitive data over unsecure mediums like the Internet. The three types of algorithms used for encryption are:

•Symmetric, also called private or secret key
•Asymmetric, also called public key
A hashing algorithm is used to create an irreversible code of a piece of information. This hashed code is called a hash or digest and is unique to the information and can be used as a signature for the data. A hash is used for comparison purposes to make sure data has not been changed; thus it ensures the integrity of a message.

A symmetric cryptographic algorithm can be decrypted, as opposed to being irreversible like hashing. There are several types of symmetric algorithms. Some of the most popular are:

•Data Encryption Standard (DES)
•Advanced Encryption Standard (AES)
•Rivest Cipher (RC)
•International Data Encryption Algorithm (IDEA)
DES was one of the first widely used algorithms however it has been cracked and is no longer considered secure. AES has not been cracked and is used by the US government while IDEA is favored by European nations.

RC stands for “Ron’s Code” and is a family of algorithms written by Ron Rivest in 1987. Blowfish is a strong open-source symmetric algorithm created in 1993.

Asymmetric cryptographic algorithms differ from symmetric algorithms in that it requires two “keys” to encrypt and decrypt data as opposed to the symmetric algorithm’s single key. Asymmetric or public key encryption uses two mathematically related keys: a public key known by everyone to encrypt messages and a private key, known only by the receiver of the message to decrypt the information.

Asymmetric cryptography is widely used and underlies Transport Layer Security (TLS) and PGP (Pretty Good Privacy) protocols. Some common asymmetric algorithms are RSA and Diffie-Hellman.

This entry was posted on Saturday, July 3rd, 2010 at 5:34 pm and is filed under Uncategorized. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.