What is Cryptography - A Comprehensive Guide

What is Cryptography - A Comprehensive Guide

Introduction 

Cryptography is a technique of secure communications that allows a particular sender and intended recipient of a message to view its contents. The term is obtained from the Greek word “Kryptos”, which means “hidden, secret”.

More generally, cryptography is about establishing and analyzing protocols that avert third parties or the public from reading personal messages.  Moreover, it works on the various aspects of information security such as data confidentiality, data integrity, authentication, and non-repudiation.

Advanced cryptography exists in the concurrency of disciplines such as mathematics, computer science, electrical engineering, communication science, and physics.

Application of cryptography includes electronic commerce, chip-based payment cards, digital currencies, computer passwords, and military communications. Cryptography is important and effectively interchangeable with encryption, and converting information from a readable state.

Encrypted messages are shared by the sender with decoding technique only with intended recipients to stop access from adversaries. Modern cryptography is based on mathematical theory and computer science. These algorithms are hard to decrypt in actual practice. Hence, possible to break into an ingenious system.

 

History of Cryptography

The first evidence of cryptography was found in an inscription carved around 1900 BC by the nobleman Khnumhottep II, in Egypt. The writer used weird hieroglyphic symbols in additional ordinary ones. The most purpose isn't to cover the message and maybe to vary its form in a way that will make it appear dignified. The inscription is not a form of secret writing, and it is interconnected with a variety of transformations of the original text and the known text.

Julius Caesar was known to use a form of encryption to convey hidden messages to his army general posted on the war front. In addition, the substitution cipher is also known as the Caesar cipher. Each character of the plain text in a substitution cipher has substituted the form of ciphertext by using another character.

In the 16th century, the first designed cipher is used an encryption key by Vigenere. One of his cipher's encryption keys was repeated multiple times spanning the entire message. Hence the message character of the ciphertext was produced by adding the key character modulo 26. Modulo is the expression of the mathematical calculation to remind of a division when one number is divided by another.

In the 19th century everything became electric, the electro-mechanical contraption was designed by Hebern and it was also called as Hebern rotor machine. It uses a single rotor to embed in a rotating disc with secret keys. German engineer Arthur Scherbius has invented the Engima machine at the end of the First World War. However, it was used by the German forces during the Second World War.

In 1970 “crypto group” form was introduced by Horst-Feistel to use for IBM customer encryption. In 1997, NIST (National Institute of Standards and Technology) requested a proposal for a new block cipher and it received 50 submissions. And in 2000 it was accepted by Rijndael and Christened AES (Advanced Encryption Standard)

 

CCNP® - Cisco Certified Network Professionals Certification Training

 

Primary Key Functions of Cryptography

There are 4 important features of cryptography. They are Privacy/confidentiality, Integrity, Non-repudiation, Authentication, and Key Exchange.

Privacy/confidentiality- Ensuring that the information or the text message can be read-only by the intended receiver.

Integrity- Information is unmodified in storage or transition and the information cannot be detected in any addition of the sender and the intended receiver.

Non-repudiation - It's the mechanism to prove that the sender actually sent a message.

Authentication- It helps to identify the sender and receiver information is confirmed.

Key exchange- Crypto keys are shared between sender and receiver by using the key exchange method.

Cryptography starts with the unencrypted data as plaintext. Plain text is encrypted into ciphertext and that can be decrypted back into usable plaintext. The encryption and decryption are based on the cryptography scheme form of a key.  This process is sometimes written as:

C = Ek(P)

P = Dk(C)

P = plain text, C = cipher text, E = the encryption method, D = the decryption method,

And K = the key.  Cryptography is mostly associated with mathematical algorithms used to encrypt and decrypt messages.

 

Types of Cryptography

There are many ways of classifying cryptographic algorithms. The number of keys is employed for encryption and decryption defined by their application and use. The three types of algorithms are:

 

Cryptography IMG

 

☀ Secret Key Cryptography (SKC)

☀ Public Key Cryptography (PKC)

☀ Hash Functions

Secret Key Cryptography (SKC)

SKC uses a single key exchange for both encryption and decryption algorithms. It is also known as symmetric encryption and is essentially used for privacy and confidentiality.

A sender uses the key to encrypt the plaintext and sends the ciphertext to the indent receiver. The receiver uses the same keys to decrypt the message and recover the plaintext. Hence a single key is used for both functions. The form of the cryptography key might be known to both the sender and the receiver. The biggest disadvantage of this approach is the key distribution.

Stream ciphers or block ciphers are generally categorized by the secret key cryptography schemes. The stream ciphers operate on a single byte at the time of implementation. In this forming process, the feedback mechanism changes the key constantly. They come in several flavors and two are worth mentioning.

Each byte in the keystream is calculated in self-synchronizing stream ciphers. It also calculates the function of the previous n bit in the keystream. Hence it's termed “self-synchronizing” of the decryption process which will remain synchronized with the encryption simply.

Synchronous stream ciphers initiate the keystream independent of the message stream and use the same keystream function for a sender and receiver. Stream ciphers are unable to communicate with transmission errors during the process. It is their nature and the keystream would repeat eventually.

A block cipher scheme encrypts with one fixed-size block of data at a time. A plaintext block encrypts the same ciphertext by using the same key, and the same plaintext would encrypt a different ciphertext in a stream cipher.

Block ciphers can operate by using one of several modes, and the followings are;

☀ Electronic Codebook(ECB)

☀ Cipher Block Chaining(CBC)

☀ Cipher Feedback(CFB)

☀ Output Feedback(OFB)

☀ Counter(CTR)

Electronic Codebook (ECB) - ECB is a simple application that uses the secret key to encrypt the plaintext block to cipher block form. Two identical plaintext blocks are the same ciphertext blocks.

Cipher Block Chaining (CBC) - CBC is the mechanism mode to add the encryption scheme. CBC protects against many brute-force, deletion, and insertion attacks. A single-byte error within the ciphertext submits a whole block error within the decrypted plaintext blocks that might encrypt differently.

Cipher Feedback (CFB) - CFB is a mode of block cipher implementation and it works as a self-synchronizing stream cipher. It allows the data to encrypt in the block size in units to become smaller.

Output Feedback (OFB) - OFB is a mode of block implementation and works similarly to a synchronous stream cipher. Output feedback prevents the plaintext by using an internal feedback mechanism and generates the same ciphertext block.

Counter (CTR) - CTR is a modern addition to blocking ciphers. CFB, OFB, and CTR modes operate on the block as in a stream cipher. In addition, ECB and CRT modes operate the block independently. ECB and CTR use different key inputs to different blocks of the plaintext and receive the result in the plaintext.

Public Key Cryptography

Public key cryptography is the most significant development in cryptography in the last 300-400 years. The first modern public-key cryptography was published by Stanford University professors Martin Hellman and Whitefield Diffie in 1976. PKC depends on one-way functions or mathematical functions. They are easy to compute with an inverse function that is relatively difficult to compute.

Two examples of public-key cryptography:

i) Multiplications vs. Factorization: let’s take an example of two prime numbers of 3 and 7 that need to be calculated for a product. It does not take calculation for the value is 21. Instead, a number that is a product of two primes, 21 needs to determine the prime factors for the number. There is a solution to calculate the product that takes a millisecond. If the factor number is longer, the problem becomes harder. If the prime number is 300 then the product would have 600 digits.

ii) Exponentiation vs. logarithms: if the number is 2 to 4th power again it is easy to calculate 36 = 729. If the numbers start with 729 and need to determine the two integers x and y. The logx 729 = y. It would take a longer time to calculate the two values.

To encrypt and decrypt the message, an asymmetric key uses the same key for both. Although a group of messages or a message might have a different key than others. The disadvantage of a symmetric cipher should use the key management securely. Each decided pair of communicating parties might share the various keys and every ciphertext exchange the keys also. Additionally, it requires complex key management schemes to stay consistent and secret.

In public-key cryptography, the “digital signature” scheme is used for implementation. A digital signature is known as the recollect of an ordinary signature. It helps the user produce and use both the characters easily. Digital signatures can be used permanently in the content of the message being signed. The signature cannot be moved from one document to another, for any attempt would be detectable.

There are two important algorithms used in the digital signature scheme.

  1.  Signing - it is a secret key used to process the message
  2.  Verification - it enables the public key to use the message to check the validity of the signature.

 The most common encryption data method used is the public key.

Advanced Encryption Standard (AES) is a symmetric encryption algorithm that encrypts fixed blocks of data at a time

Rivest-Shamir-Adleman (RSA)

Triple DES (Data Encryption Standard)

Twofish.

These 4 types of encryption are used in public-key encryption.

Hash functions

Hash functions use cryptographic algorithms to generate and utilize a specific key to encrypt data for symmetric or asymmetric encryption. A digital signature has used a message of any length as input, and output of short, that's fixed in hash functions. For any good hash function, an attacker might not find two messages that produce the same hash.

A common algorithm for Hash in today’s use:

Message Digest (MD) algorithm: It is a byte-oriented algorithm that produces a 128-bit value from an arbitrary-length message.

MD2 Algorithms: To contain a limited memory the smart cards are designed and used in historical status.

MD4 algorithms: The message digest is developed by Rivest and is similar to MD2.  It is specifically designed for fast processing in software.

MD5 algorithms: It is also developed by Rivest, after finding the weaknesses in MD4. The MD5 is similar to MD4 and works slower because more manipulation is made to the original data.

 

CISSP Certification

 

Conclusion

Each scheme should be optimized for some specific cryptographic application. For example, secret key cryptography is suited to encrypt the message and provide privacy and confidentiality.

The sender initiates the session key of a message to encrypt the message. Hence, the receiver receives the same key to decrypt the message.

Public-key cryptography is the key application to exchange the key. Asymmetric schemes are used for non-repudiation and user authentication; if the receiver receives the session key encrypted with the sender’s private key. Hash functions are well-suited for data integrity and any changes made to the content of a message.

The result of calculating a different hash value might be placed in the transmission by the sender.

Explore cyber security certification courses from Sprintzeal.

An article which might be useful to you-

LIST OF TOP SECURITY CERTIFICATIONS 2022

 

Subscribe to our Newsletters

Arthi

Arthi

Arthi is a content writer at Sprintzeal. She is fond of creating informative content for readers in the Education Domain. Her work is focused on professionals aiming to upskill in their careers.

Trending Now


Which Certification is best for Cybersecurity?

ebook

Top 5 Compelling Reasons To Get A Cyber Security Certification

ebook

How to Become IT Security Expert with CISSP Certification

ebook

Top 20 Reasons You Should Get a CISSP Certification

ebook

CISM certification cost and career benefits

ebook

What is CISSP? – Everything about CISSP Certification Explained

ebook

Pass CISSP Exam - How to Clear CISSP Exam in First Attempt 2024 (UPDATED)

ebook

CISSP Certification – Top 25 Career Benefits in 2024

ebook

Cybersecurity – Everything You Need to Know About it

ebook

Cybersecurity Strategy: Building a Strong Defense for Business

ebook

Cyber Attack Statistics and Trends to Know in 2024

ebook

Updated Google Certification Training Course list 2024

Article

Which Cybersecurity Certification Should I Get First?

ebook

Cysa+ certification – Should you get it?

ebook

List of Top Security Certifications

Article

Easiest Security Certification to Get

ebook

Cybersecurity Fundamentals Explained

ebook

ISACA Certifications List 2024

ebook

List of Top Information Security Certifications in 2024

ebook

CISM certification cost details

Article

Safeguarding Digital Domain: 10 Most Common Cybercrimes

ebook

Mitigate the Cyber-Attack Risks with Best Cyber Security Protocols

ebook

Cybersecurity Interview Questions and Answers 2024

ebook

Data Leak - What is it, Prevention and Solutions

ebook

Top Cybersecurity Software Tools In 2024

ebook

Information Security Analyst - Career, Job Role, and Top Certifications

ebook

Cyber Security Analyst - How to Become, Job Demand and Top Certifications

ebook

CompTIA A+ Certification Latest Exam Update 2024

Article

What is the Department of Defense (DoD) Directive 8140

ebook

Information Assurance Model in Cybersecurity

ebook

What is Data Security - Types, Strategy, Compliance and Regulations

ebook

Data loss Prevention in Cyber Security Explained

ebook

Cybersecurity Controls Explained in Detail

ebook

Cybersecurity Framework - A Complete Guide

ebook

Cybersecurity Career Paths Guide

ebook

Future of Cybersecurity - Trends and Scope

ebook

Scope for Cybersecurity in 2024 - Update for 2024

ebook

Cyber Security Careers and Outlook - 2024 Guide

ebook

5 Cybersecurity Predictions in 2024 - Trends and Challenges

ebook

Ethical Hacking Career: A Career Guide for Ethical Hacker

ebook

Application Security: All You Need To Know

ebook

Cybersecurity Roles - Top Roles and Skills to Consider in 2024

ebook

How to Get Cyber Essentials Certified

ebook

Top 10 Cyber Security Threats and How to Prevent Them

ebook

Top 10 Network Scanning Tools of 2024

ebook

Cyber Incident Response Plan: A Comprehensive Guide

ebook

Information Assurance Careers - Exploring Career Paths

ebook

Cybersecurity Mesh Architecture: What It Is and How to Build It

ebook

What is Threat Modeling? Methodologies, Types, and Steps

ebook

What is Digital Forensics? Types, Process & Challenges

ebook

Recent Cyber Attacks & Data Breaches in 2024

ebook

How to Become an Information Security Analyst Salary, Skills, and More

Article

List of Top Department of Defense (DoD) Approved 8570 Certification Courses

ebook

Top 5 Ransomware Attacks to Watch Out for in 2024

ebook

Job Prospects for DoD Certified Professionals: A Pathway to Success in cybersecurity

ebook

10 Biggest Data Breaches of the 21st Century

ebook

What is a Cybersecurity Incident?-Types, Impact, Response Process and More

ebook

Cyber Security Planning - A Detailed Guide for Risk Mitigation

ebook

What is Cybercrime? Exploring Types, Examples, and Prevention

ebook

Cybercrime Impacts On Business: 6 Major Effects

ebook

5 Types of Cyber Attacks You Should Be Aware of in 2024

ebook

Cloud Cyber Attacks: Causes, Types, Prevention and Protection

ebook

Cloud Malware: Types of Attacks and Security Measure

ebook

List Of Top Cybersecurity Threats In 2024

ebook

Risk-based Audit Planning Guide for Beginners

ebook

Demystifying Cloud-Based Cyber Attacks: A Comprehensive Guide

ebook

Prevent Cyber Attacks: Strategies to Protect Your Digital Assets

ebook

List of Top 10 Cybersecurity Careers in 2024

ebook

Top 20 Cybersecurity Trends to Watch Out for in 2024

Article

How to Become Cybersecurity Engineer

Article

Understanding Risk assessment in audit planning

Article

Fundamentals of Risk-Based Auditing: A Strategic Framework

Article

Top 8 Types of Cybersecurity Jobs and Salary Insights

Article

A Comprehensive Guide to Building Risk-Based Internal Audit Plan

Article

Risk-Based Internal Auditing Approaches: 7 Steps to Explore

Article

CompTIA Security+ 601 vs. 701: Understanding Key Differences

Article

Why and How to Perform a Risk-Based Internal Audit

Article

Risk-Based Auditing Techniques Explained

ebook

Trending Posts

What is Threat Modeling? Methodologies, Types, and Steps

What is Threat Modeling? Methodologies, Types, and Steps

Last updated on Jun 2 2023

Cybersecurity Roles - Top Roles and Skills to Consider in 2024

Cybersecurity Roles - Top Roles and Skills to Consider in 2024

Last updated on Mar 6 2023

CISSP Certification – Top 25 Career Benefits in 2024

CISSP Certification – Top 25 Career Benefits in 2024

Last updated on Mar 1 2024

Information Assurance Model in Cybersecurity

Information Assurance Model in Cybersecurity

Last updated on Jun 6 2023

Top 5 Compelling Reasons To Get A Cyber Security Certification

Top 5 Compelling Reasons To Get A Cyber Security Certification

Last updated on Apr 30 2024

List of Top Security Certifications

List of Top Security Certifications

Last updated on Jul 13 2023