31-10-2012, 11:51 AM
Report Of Seminar On CRYPTOGRAPHY
CRYPTOGRAPHY.docx (Size: 92.02 KB / Downloads: 24)
crypto.ppt.pptx (Size: 315.67 KB / Downloads: 23)
ABSTRACT
Many organizations are working hard to secure themselves from the
growing threats of message hacking through various trends in cryptography. Yet the headlines are dominated with the latest news of message passing disaster more frequently than any time before. This document intends to review this problem and propose several possible solutions. The cryptographic industry has been responding to these threats with ever-quicker responses to the rapid onslaught of malicious techniques, while corporations establish strict cryptographic techniques. Placing an organizations cryptographic technique at the desktop level is like closing all the doors in a house A while leaving windows and other entry points open. The present document discusses various cryptographic techniques of all times such as the three basic algorithms namely private key algorithm, public key algorithm and the hash functions. The need for having three encryption techniques has also been encrypted . These new techniques that has emerged out of various exploitations in the field of cryptography rises a fair amount of hope that we can overcome the problems we are facing in a headlock way.
Introduction to Cryptography:
In the era of information technology, the possibility that the information stored in a person’s computer or the information that are being transferred through network of computers or internet being read by other people is very high. This causes a major concern for privacy, identity theft, electronic payments, corporate security, military communications and many others. We need an efficient and simple way of securing the electronic documents from being read or used by people other than who are authorized to do it. Cryptography is a standard way of securing the electronic documents.
Basic idea of Cryptography:
Basic idea of cryptography is to mumble-jumble the original message into something that is unreadable or to something that is readable but makes no sense of what the original message is. To retrieve the original message again, we have to transform the mumble-jumbled message back into the original message again.
Basic Terminologies used in Cryptography:
Data that can be read and understood without any special measures is called plaintext or cleartext. This is the message or data that has to be secured. The method of disguising plaintext in such a way as to hide its substance is called encryption. Encrypting plaintext results in unreadable gibberish called ciphertext. You use encryption to ensure that information is hidden from anyone for whom it is not intended, even those who can see the encrypted data. The process of reverting ciphertext to its original plaintext is called decryption.
Cryptography is the science of mathematics to “encrypt” and “decrypt” data. Cryptography enables us to store sensitive information or transmit it across insecure networks like Internet so that no one else other the intended recipient can read it. Cryptanalysis is the art of breaking Ciphers that is retrieving the original message without knowing the proper key. Cryptography deals with all aspects of secure messaging, authentication, digital signatures, electronic money, and other applications.
Cryptographic Algorithms:
Cryptographic algorithms are mathematical functions that are used in the encryption and decryption process. A cryptographic algorithms works in combination with a key (a number, word or phrase), to encrypt the plain text. Same plain text encrypts to different cipher texts for different keys. Strength of a cryptosystems depends on the strength of the algorithm and the secrecy of the key.
Two Kinds of Cryptography Systems:
There are two kinds of cryptosystems: symmetric and asymmetric. Symmetric cryptosystems use the same key (the secret key) to encrypt and decrypt a message, and asymmetric cryptosystems use one key (the public key) to encrypt a message and a different key (the private key) to decrypt it. Symmetric cryptosystems are also called as private key cryptosystems and asymmetric cryptosystems are also called as public key cryptosystems.
Cryptography Services
Cryptography is the study of mathematical techniques related to aspects of information Security which aims to provide some or all of the services known as confidentiality, Data Integrity, Authentication and Non-Repudiation, which we now briefly introduce.
Confidentiality
Confidentiality is a service used to keep the content of information from all but those entities authorized to have it. It is synonymous with Secrecy. This is the oldest and most traditional of the services provided by cryptography, and usually operates by encryption - the process of converting plaintext to cipher text - using a cryptographic algorithm and a cryptographic key, i.e. making information unintelligible to all entities who do not possess some secret, cryptographic key. It is covered in greater depth starting with section 3. The use of Encryption in data transmission systems makes debugging software and systems very difficult, and it is frequently the cause of lost information. It is often mistakenly used when it might be more appropriate, and much simpler to use one of the other services.
Data Integrity
Data Integrity is a service which addresses the unauthorized alteration of data. It does this by detecting data manipulation by unauthorized entities. This is a different process from using Cyclic Redundancy Codes - which only protect against accidental errors, not deliberate alteration.
Authentication
This description owes much to [1]. Authentication is a term which is used in a very broad sense. By itself it has little meaning other than to convey the idea that some means has been provided to guarantee that entities are who they claim to be, or that information has not been manipulated by unauthorized parties. Authentication is specific to the security objective which one is trying to achieve.
Authentication is one of the most important of all information security objectives. Until the mid 1970s it was generally believed that secrecy and authentication were intrinsically-connected- this is related to the misconception mentioned earlier that encrypting everything achieves all goals. Later it was realized that secrecy and authentication were truly separate and independent information security objectives. It may at first not seem important to separate the two but there are situations where it is not only useful but essential. For example, if a two-party communication between Alice and Bob is to take place where Alice is in one country and Bob in another, the host countries might not permit secrecy on the channel; one or both countries might want the ability to monitor all communications.
Key management and conventional encryption
Conventional encryption has benefits. It is very fast. It is especially useful for encrypting data that is not going anywhere. However, conventional encryption alone as a means for transmitting secure data can be quite expensive simply due to the difficulty of secure key distribution. Recall a character from your favorite spy movie: the person with a locked briefcase handcuffed to his or her wrist. What is in the briefcase, anyway? It’s probably not the missile launch code/invasion plan itself. It’s the key that will decrypt the secret data. For a sender and recipient to communicate securely using conventional encryption, they must agree upon a key and keep it secret between themselves. If they are in different physical locations, they must trust a courier, the Bat Phone, or some other secure communication medium to prevent the disclosure of the secret key during transmission.