New Post

Introduction to Cryptography

What is Cryptography?

A closer look at the etymology of the word “cypher” reveals that the word originated in ancient Greek. The word Kryptos, which means “hidden” or “secret,” and the code derived from the word “write” literally means writing something secret. Simply put, encryption provides a secure method of communication. Cryptography prevents unauthorized persons, commonly known as attackers or hackers, from accessing secret messages exchanged between authorized parties. The method provided by encryption is called encryption. The idea of encryption is to deliver a private message or information from the sender to the intended recipient without the message being retrieved by a malicious or untrusted party. In the world of encryption, suspicious third parties who try to sneak into private communications to extract sensitive things are called enemies. 

In cryptography, the techniques used to protect information are derived from mathematical concepts and rule-based calculations called algorithms that transform messages to make them harder to decipher.  Learn cyber security to know more about it. These algorithms are used to generate encryption keys, digital signatures, validation to protect privacy, surf the Internet, and protect sensitive transactions such as credit and debit card transactions.

Principles/ Objectives of Cryptography

A trusted cryptosystem must adhere to specific rules and goals. Cryptographic systems that meet the goals listed below are considered secure and used for cryptographic properties. The core principles of modern-day cryptography include:

  • Confidentiality: Due to the confidentiality of the data, the data is limited to those who are authorized to view it. The data should only be visible to those with important information, such as decryption keys. Confidentiality is the first goal of encryption, which has always been the same for centuries. Only the intended recipient can understand the message or information that has been sent.
  • Integrity: Data integrity refers to the system’s accuracy, correctness, and consistency of information. Data integrity ensures that the message is not tampered with or accidentally tampered with, especially if the message is sent over an untrusted medium such as the Internet. The cryptosystem must ensure that the information does not change between the sender and the receiver or during transmission in memory. The changes made will not remain undetected.
  • Authentication: It is important that the sender and receiver can authenticate each other’s identities, as well as the source and destination of the information. There are two types of authentication commonly used in encryption. Consistency authentication, such as MAC or HMAC, ensures that the data is not tampered with.  Source authentication can be used as an SSL certificate to verify the creator’s identity of the information. Each time you connect to a website using HTTPS, your browser verifies that you connect to the site you think you are connected to by checking the SSL certificate.
  • Non- repudiation: Nonrepudiation is a legal term used in cybersecurity to ensure that no one can deny the validity of the data in question. Non-repudiation is usually achieved by using services that can prove the source and integrity of the information. It is almost impossible to deny who and where the message came from.  Nonrepudiation is similar to data integrity, but it has to do with knowing the sender and not whether the information has changed over time. Accessing data to compose or send messages cannot be a compelling denial.

Types of Cryptography

We classify encryption methods into three types, considering the algorithms and key types used to protect the information. So, the following are the types of cryptography:

1) Symmetric- Key Cryptography: Symmetric encryption uses the same key for encryption and decryption. The sender and recipient of a message share a single key for encrypting and decrypting the message. Symmetric key systems are faster and easier, but key sharing is difficult.  The sender must send the key containing the ciphertext to the recipient. Both parties can communicate securely if you know the key and no one else has access to it. Caesar ciphers are a common example of encryption using symmetric or private keys. Common symmetric key algorithms include DES, AES, and IDEA ETC. 

The  Symmetric key system is extremely fast and secure. However, the drawback of this type of communication is a key protection. Secretly giving keys to all intended recipients was a worrying habit. One in three people who know your key is a cruel idea because your secret is no longer a secret. For this reason, public-key cryptography was introduced. 

2) Asymmetric- Key Cryptography: Asymmetric encryption uses different keys for encryption and decryption. The encrypted key pair is used to encrypt and decrypt information. The public key is encryption, and the private key is decryption.  This communication process is as follows: The sender requests a public key to encrypt the message and then forward the encrypted message to the recipient. The recipient receives the ciphertext and uses the private key to decrypt the ciphertext and access the hidden message. In this way, key management becomes much more convenient. 

Without the private key, the ciphertext cannot be accessed and decrypted.  Martin Hellman first introduced this advanced encryption technique in 1975. DDS, RSA, and EIgamal are examples of asymmetric key algorithms.

3) Hash Functions: The third most common type of encryption includes hash functions. No key is used in this algorithm. You cannot get the plain text content because the fixed-length value is calculated from the plain text.  However,  the same plain text always hashes the same output to be used, for example, to compare passwords without saving them. Hash values are sometimes referred to as message digests. This property makes hash functions a great tool for ensuring data integrity. Common hash functions are SHA256, Bcrypt, and Scrypt. 

The hash function also serves to ensure the confidentiality of the password. Saving passwords in clear text is not recommended as it is always vulnerable to users’ theft of information and personal information. However, storing hashes instead can save users from significant losses in the event of a data breach.  

Conclusion: 

With technological advances and the increasing density of networks used for communication, there is an urgent need to maintain confidentiality, accuracy, reliability, and communication channels. Encryption has evolved significantly over time, and modern encryption procedures help protect the communication channel and the transmissions between them. In addition to security, they provide integrity, confidentiality, non-repudiation, and authentication. You can also learn about cryptography through Great Learning’s cyber security training.

Kaladmin

Recent Posts

Kali Linux 2024.4 Released, What’s New?

Kali Linux 2024.4, the final release of 2024, brings a wide range of updates and…

14 hours ago

Lifetime-Amsi-EtwPatch : Disabling PowerShell’s AMSI And ETW Protections

This Go program applies a lifetime patch to PowerShell to disable ETW (Event Tracing for…

14 hours ago

GPOHunter – Active Directory Group Policy Security Analyzer

GPOHunter is a comprehensive tool designed to analyze and identify security misconfigurations in Active Directory…

3 days ago

2024 MITRE ATT&CK Evaluation Results – Cynet Became a Leader With 100% Detection & Protection

Across small-to-medium enterprises (SMEs) and managed service providers (MSPs), the top priority for cybersecurity leaders…

5 days ago

SecHub : Streamlining Security Across Software Development Lifecycles

The free and open-source security platform SecHub, provides a central API to test software with…

1 week ago

Hawker : The Comprehensive OSINT Toolkit For Cybersecurity Professionals

Don't worry if there are any bugs in the tool, we will try to fix…

1 week ago