Cryptography
The Greek words “krypt ´os” standing for “hidden” and the word “l ´ogos” that means “word”, are in essence the base from where the word cryptology was derived. As these words denote, cryptology can be best explained by the meaning “hidden word”. In this context, the original purpose behind cryptology is hiding the meaning of some specific combination of words which in turn would insure secrecy and confidentiality. This is a very limited viewpoint in today’s perspective and a wide range of security applications and issues now come under the term of cryptology (rest of the portion of this section will clarify this point of view). As field of mathematical science, Cryptology includes the study of both cryptanalysis as well as cryptography. On one hand, cryptography is a very broad term and represents any process used for data protection. On the other hand, the study of security related issues and the probabilities of breaking the cryptographic systems and a technique is known as cryptanalysis. The field cryptanalysis can be best described as the mathematical science that deals with analysis of a cryptographic system in order to gain knowledge needed to break or circumvent the protection that the system is designed to provide. In simple words, cryptanalyst can be regarded as the opponent of the cryptographer i.e. he/she has to get around the security which cryptographer devised on his/her part.
A cryptographic system (or in short a cryptosystem) describes as a set of cryptographic algorithms together with the key management processes that support use of the algorithms in some application context. This is a diverse explanation that includes all sorts of cryptographic algorithms as well as protocols. However, hidden parameters like cryptographic keys may or may not be used by a cryptographic system. Similarly, participants of the undergoing communication may or may not share those secret parameters. Thus, cryptographic can be classified into following three types: a cryptographic system in which no secret parameters are employed (called an un-keyed cryptosystem); a cryptosystem which makes use of secret parameters and at the same time shares the parameters between the participants (known as a secret key cryptographic system); and a system that utilizes the secret parameters, but not sharing them with the participants (called a public key cryptographic system).
Cryptography aims at designing and implementing cryptographic systems and utilizing such systems which are secure effectively. The first a formal definition about the term cryptography dates from relatively past time. Back then, the approach known by the name “security through obscurity” was being used. There are a lot of examples based on this approach by which security of the system was improved by keeping internal working and design secret. Majority of those systems do not serve the purpose and security may well be violated. The Kerckhoffs principle is a very famous cryptographic principle which states that: “Except for parameters clearly defined to be secret, like the cryptographic keys, a cryptosystem must be designed in such a way as to be secure even with the case that the antagonist knows all details about the system”.
However, it might be noted that one important aspect is that a cryptosystem is perfectly securing theoretically grounds, but it may not remain the same when implemented practically. Different possibilities of generating attacks on security of such systems can arise while having the practical implementation. Attacks which make use of exploitation of side channel information are the examples of such attacks. If a cryptosystem is executed, it can result in the retrieval of side channel information with unspecified inputs and outputs. In encryption systems, the input is plaintext message plus the key, while the specific output is the cipher text. Thus, there are chances on information leakage. Power consumption, timing characteristics along with the radiation of all types are some examples in this regard. On the other hand, side channel attacks are the types of network attacks which extract side channel information. Since the mid 1990s there were many different possibilities have been found by the researchers in order to build up side channel attacks. A few examples in this regard are the differential power analysis, and fault analysis as well as the timing attacks. It is a very practical statement that any computation performed on real computer systems represents some physical phenomena which can be examined and analyzed to provide information regarding the keying material being employed. Cryptography does not help to cope with this situation because of the inherent nature of this problem.
Cryptosystem Functions
Other than the usual random bit generators as well as the hash functions, there are no secret parameters that are used in cryptosystem functions. These are the junketed functions that characterize the cryptographic system functions. In cryptographic functions, the elements used are usually one-way and it is difficult or almost impossible to invert them. This follows that it is easy to compute a cryptographic function whereas it is hard to invert the functions and also to compute the results of the relationships. It is difficult to apply any mathematical method for inverting the cryptographic system functions in a way that will be coherent and meaningful. For example, a cryptographic system functions such as F: X †’ Y is easy to comfortably use mathematical knowledge to compute while it is hard to use the same to invert.
There are many examples of one-way functions that we can use to demonstrate the meaning of the cryptosystems. In a situation where one has stored numbers on the cell phone, computation of the same is possible and easy due to the fact that the names are stored in an alphabetical manner. If one inverts the relationship of these functions, it will be impossible to compute because the numbers are not arranged numerically in the storage phonebook. It is notable that a lot of other things that we do in daily life are comparable to cryptosystem function in the sense that you cannot invert or undo them. For example, if one breaks a glass, the process is one way because it is not possible for these pieces to be restored together again. Similarly, when one drops something into water, it is not practically possible to reverse the action of dropping this item. The English corresponding action would be to un-drop the item as opposed to picking it. Cryptosystem functions cannot be demonstrated as purely one-way and this is the branching point between cryptosystem functions and the real world of things and circumstances. The only one-way functions in mathematics can be exemplified by discrete exponentiation, modular power and modular square functions. Public key cryptography uses these functions in its operations but it has not been well documented whether they are really one-way or not. There has been debate in practice whether one-way functions really exist in the first place or not. In the recent day cryptographic discussions a lot of care should be applied when referring to the one-way functions so as not to interfere or make false claims to the functional attributes of these parameters. There is a need to look for extra information and knowledge concerning one-way functions so that efficient and meaningful inversions are possible and mathematically coherent.
Therefore, functions such as F: X †’ Y is considered to be a one-way function. This follows that if F can successfully and coherently inverted, the need for extra information is needed. This will hence bring the notion of the meaning of the other parameters in relation to F. Computer science uses the hash functions in its operations. This is because these functions are computable and generates output dependent on the input that was used.
Public-key Encryption – Digital Signatures
The public-key encryption presents a revolution in the field of cryptography and until its invention the cryptographers had relied completely on common, secret keys in order to achieve confidential communication. On the contrary, the public-key techniques, allow for the parties to communicate privately without the requirement to decide on a secret key in advance. While the concept of private-key cryptography is presented as two parties agree on a secret key which can be used (by either party) for both encryption and decryption; public-key encryption is asymmetric in both these respects. Namely, in public-key encryption:
- One party (the receiver) generates a pair of keys (pk, sk), where pk is called the public key and ps is the private key,
- The public key is used by a sender to encrypt a message for the receiver, and
- The receiver uses the private key to decrypt that message.
There three parts of information form part of public key certificate:
- Some naming information
- A Public key
- Digital signatures (this can be one or more)
Encryptions and digital signatures were introduced to make the web transactions secure and manageable. The use of cryptographic techniques was applied to enhance and provide security layer such that the encrypted information and files would remain secure and confidential. Very frequently, a digital signature is mistaken with the inverse of a public-key encryption, but this is not entirely true. In the history, a digital signature could be obtained by reversing, but today in the majority of the situations this process would be impossible to be performed.
Basically, a digital signature is a form of a mathematical scheme for signifying the genuineness of a digital message. A valid digital signature would provide a proof to the person that receives the message or the document that these information is indeed created by a specified sender. Moreover, it would prove that message or the document was not altered during the transportation. Digital signatures are usually used for software distribution or mainly money transactions, where it is very important to detect the possibility of forgery.
As a part of the field in asymmetric cryptography, it might be noted that a digital signature is somehow equivalent of the traditional handwritten signatures. On the other hand, in order to be effective, a digital signature should be correctly implemented. Another very important concept is the notion of non-repudiation. This means that if somebody signs a document by using a digital signature, they can not say that it was not signed by them, even though their private key remains as a secret. On the other hand, there is a time stamp, so that even if the private key of a sender is compromised in future, the digital signature will remain valid. Examples of such messages are:
- electronic mail
- contracts
- messages sent via some cryptographic protocol
A digital signature usually is comprised of:
- An algorithm for producing a key. This algorithm would find a private key by chance from all the possible private keys available. Then it will output that private key with a matching public key.
- A signing algorithm that, given a message and a private key, produces a signature.
- A signature authenticating algorithm that, given a message, public key and a signature, it will accept or reject the message.
Primary, a signature produced from a fixed message and a private key verifies that the genuineness of that message is ok, by means of the matching public key. Then, it has to be computationally infeasible to make an appropriate signature for a party that doesn’t have the private key
Advantages and Disadvantages of Digital Signatures
The main benefit thing about public-key cryptography can be the increase in security, as well as comfort. This is because the private keys never need to be transported or exposed to any person. In a very secret-key technique as comparison, the secrets recommendations should be carried (both physically and through a conversation station), and there might be a possibility that the opponent could find the secret during their transmitting.
Another significant benefit from public-key programs is that they provide one way functions with regard to digital signatures. Validation by the way of using secret-key systems requires only the expressing associate of the key. But sometimes it needs interaction of a third party as well. Therefore, a new mailer can be easily repudiated by a previously authenticated concept. This is through proclaiming how the discussed solution ended up being for some reason affected by the events revealing the secrets. As an example, the particular Kerberos secret-key authentication method consists of a new central repository that maintains replicates in the solution recommendations of most consumers. This way an attack on the databases will allow widespread forgery. Public-key authentication, conversely, stops this sort of repudiation; every single individual offers single obligation regarding safeguarding his / her individual crucial. This particular residence associated with public-key authentication is frequently named non-repudiation.
A problem with using public-key cryptography pertaining to encryption is actually rate: you’ll find well-liked secret-key encryption techniques which are drastically more quickly as compared to any kind of available today public-key file encryption strategy. On the other hand, public-key cryptography works extremely well using secret-key cryptography for the greatest involving all possible. For encryption, the very best option would be to combine public- and secret-key methods to achieve the two security benefits of public-key programs and the velocity benefits of secret-key systems. Your public-key technique may be used to defend the key which is used to ensure the bulk of personal files or even communication. Such a process is known as digital camera envelope..
Public-key cryptography may be susceptible to impersonation, nevertheless, even though users’ exclusive recommendations usually are not obtainable. A successful invasion with a qualifications specialist enables an adversary in order to impersonate anyone the particular adversary selects to by using a public-key qualification from your jeopardized expert to situation an integral in the adversary’s option to the category of yet another person.
In several conditions, public-key cryptography is not required along with secret-key cryptography on its own is risk. This consists of situations where protected secret-key arrangement may take spot, for example through consumer’s conference within an individual. It also includes conditions in which a one expert understands and also manages all of the recommendations. As an example, a new closed financial program. Since the management knows everybody’s keys already, there’s not a lot advantages for it to get “public”. Furthermore, in public-key cryptography it is normally not needed in single-user surroundings. For instance, if you want to keep the data protected, you can do so with any kind of secret-key file encryption algorithm employing, declare, your individual security password because magic formula essential. Generally, public-key cryptography is best suited with an available multi-user natural environment.
Public-key cryptography just isn’t meant to exchange secret-key cryptography, but instead to be able to dietary supplement the idea, to restore safer. The initial way of using public-key methods ended up being for risk-free crucial exchange, in the otherwise secret-key system, which is nonetheless among its major capabilities. Secret-key cryptography remains vitally important and is also the subject of a lot continuing review as well as investigation. A few secret-key cryptosystems are usually discussed inside the areas about prevent ciphers along with flow ciphers.