What is Cryptography?

Cryptography is a term used in computer science to describe secure information and communication techniques that transform messages in difficult-to-decipher ways using mathematical concepts and a set of rule-based calculations known as algorithms.

Cryptography is a branch of science of transforming information into a secure format in order to protect it. This process, known as encryption, has been used for centuries to prevent unintended recipients from reading handwritten messages. The process of converting code to data is known as decryption. Cryptography is now used to protect digital data.

Primary Functions

• Privacy/confidentiality: Assuring that the message can only be read by the intended recipient.
• Authentication : The process of establishing one's identity is known as authentication.
• Integrity: Assuring the receiver that the received message has not been tampered with in any way.
• Non-repudiation: A mechanism for proving that the message was sent by the sender.
• key exchange :The method by which crypto keys are shared between sender and receiver is known as key exchange.

Cryptographic Primitives

Cryptographic primitives are one of the fundamental components of any crypto systemCryptographic primitives are well-known, low-level cryptographic algorithms used in the development of cryptographic protocols for computer security systems. These routines include one-way hash functions and encryption functions.

Cypher

A cypher (or cypher) is a cryptographic algorithm that uses to perform encryption or decryption—a set of well-defined steps that can be repeated as a procedure..

Authentication protocol in Cryptography

To put it simply, an authentication protocol is a type of communication protocol. It can be encrypted or designed to ensure the secure transmission of authenticated data between two or more parties.One of the example is password authentication.

Password authentication protocol- The fact that this protocol transmits data in plain text contributes to its simplicity. As a result, PAP is not very resistant to attacks.

Types of Crptographic Techniques

• Secret Key Cryptography (SKC): This encryption and decryption method employs a single key for both encryption and decryption; it is also known as symmetric encryption. primarily employed to protect one's privacy and confidentiality.
• Public Key Cryptography (PKC): Encryption with one key and decryption with another; also referred to as asymmetric encryption. The most common applications are authentication, non-repudiation, and key exchange.
• Hash Functions: A mathematical transformation is used to "encrypt" information in an irreversible manner, resulting in a digital fingerprint. Primarily used to ensure message integrity.

Secret Key Cryptography (SKC)

A single key is shared by both the sender and the recipient. This key is used by the sender to encrypt plaintext and send it to the receiver as cypher text. The receiver, on the other hand, uses the same key was used to decrypt the message and recover the plain text. Stream cyphers and block cyphers are the two types of secret key cryptography schemes.

Public Key Cryptography (PKC)

Public key cryptography, according to some, is the most significant new development in cryptography in the last 300-400 years. Martin Hellman of Stanford University and graduate student Whitfield Diffie published the first public description of modern PKC in 1976. PKC is based on the presence of one-way functions, or mathematical functions that are easy to compute but have a difficult inverse function.

Hash Functions

Hash functions, also known as message digests and one-way algorithms for encryption use no key at all . Instead, a fixed-length hash value is computed based on the plaintext, making it impossible to recover either the contents or the length of the plaintext.

Hash algorithms are commonly used to generate a digital fingerprint of a file's contents, which is frequently used to ensure that the file has not been altered by an intruder or virus. Hash functions are also commonly used to encrypt passwords by many operating systems.

Digital Signature

A digital signature, which is a type of electronic signature, is a mathematical algorithm that is commonly used to validate the authenticity and integrity of a message (e.g., an email, a credit card transaction, or a digital document). Digital signatures create a virtual fingerprint that is unique to a person or entity and are used to identify users while also protecting data in digital messages or documents. In emails, the email content itself becomes a part of the digital signature. Digital signatures are far more secure than other types of electronic signatures.

Customers, business partners, and vendors can all benefit from digital signatures because they increase transparency and foster trust in online interactions.

To better understand how digital signatures work, become acquainted with the following terms:

• A hash function (also known as a "hash") is a fixed-length string of numbers and letters generated by a mathematical algorithm and a file of any size, such as an email, document, picture, or other type of data. This generated string is special to the hashed file and is a one-way function—a computed hash cannot be reversed to find other files that produce the same hash. Some of the more popular hashing algorithms in use today are Secure Hash Algorithm-1 (SHA-1), the Secure Hashing Algorithm-2 family (SHA-2 and SHA-256), and Message Digest 5. (MD5).
• The key that is available to the public cryptography is a type of cryptography that employs a public key. Cryptography (also known as asymmetric encryption) is a type of cryptography that uses a key pair system. The data is encrypted using only one key, known as the public key. The data is decrypted using the other key, known as the private key.
• Create a digital signature of the message using the sender's private key to ensure its integrity. This is done by hashing the message and encrypting it using their private key. As a result of any changes to the message, the hash value will change.
• To ensure confidentiality, encrypt the entire message with the recipient's public key. This means that the message can only be read by the recipient who has the corresponding private key.
• Check the user's identity against a certificate authority using the public key.
• PKI refers to the policies, standards, people, and systems that enable the distribution of public keys and the identity validation of individuals or entities through the use of digital certificates and a certificate authority.

• Certificate authority (CA) is a trusted third party that validates an individual's identity and either produces a public/private key pair on their behalf or associates that individual with an existing public key provided by that individual. When a CA validates somebody's identity, the CA issues a digital certificate that is digitally signed. After that, the digital certificate can be used to validate a person's identity.
• A digital certificate contains the individual's or organization's public key and is signed digitally by a CA. Other details about the organization, individual, and CA can also be included in the certificate.

Brute Force Attack

A brute-force attack in cryptography consists of an attacker submitting a large number of passwords or passphrases in the hope of correctly guessing a combination. The attacker searches through all potential passwords and passphrases until the correct one is discovered.

Advanced Encryption Standard

The United States government has adopted AES. It is the successor to the Data Encryption Standard (DES), which was published in 1977. The AES algorithm is a symmetric-key algorithm, which means that The same key is employed to encrypt and decrypt data.

Modern Cryptography-Quantum Cryptography

• Quantum cryptography is an attempt to allow two users to communicate using more secure methods than traditional cryptography guarantees. Historically, cryptographic security relied on mathematics and took into account our limited computational capabilities. Quantum cryptography, also known as quantum key distribution (QKD), uses a series of photons to transmit data from one location to another via a fibre optic cable (light particles). By comparing measurements of the properties of a fraction of these photons, the two endpoints can determine what the key is and whether it is safe to use.
• Elliptic Curve Cryptography (ECC) has already been invented, but its benefits and drawbacks are still unknown. ECC enables encryption and decryption to be performed in significantly less time, allowing for a greater amount of data to be transmitted with equal security. Before it is accepted for governmental, commercial, or private use, ECC, like other encryption methods, must be tested and proven secure.

Common Mistakes

• Lack of understanding of algorithms.
• Most security mechanism implementations rely on cryptography; however, there are numerous flaws in cryptography because it is used incorrectly.
• There is too much and not enough prototyping.
• Choosing the appropriate metric.

Context & Applications

• Digital Signatures/Authentication Authentication and digital signatures are critical applications of public-key cryptography.
• Time Stamping.
• Electronic Money.
• Secure Network Communications.
• Anonymous Remailers.
• Disk Encryption.

Related Concepts

• Cipher algorithm.
• Cryptanalysis.
• Data Security
• Randomized Algorithms.