SUBMITTED BY

A.IRFANA CSE-FIRST YEAR

DEEPTHI CSE-
FIRST YEAR
 ABSTRACT

INTRODUCTION:
Cryptography is the science of information
security. The word is derived from the Greek
kryptos, meaning hidden. Cryptography is closely
related to the disciplines of cryptology and
cryptanalysis. Cryptography includes techniques
such as microdots, merging words with images, and
other ways to hide information in storage or
transit. However, in today's computer-centric
world, cryptography is most often associated with
scrambling plaintext (ordinary text, sometimes
referred to as cleartext) into ciphertext (a
process called encryption), then back again (known
as decryption). Individuals who practice this
field are known as cryptographers.

THE PURPOSE OF CRYPTOGRAPHY:

Modern cryptography concerns itself with the following
four objectives:
1) Confidentiality (the information cannot be
understood by anyone for whom it was unintended)
2) Integrity (the information cannot be altered in
storage or transit between sender and intended
receiver without the alteration being detected)
3) Non-repudiation (the creator/sender of the
information cannot deny at a later stage his or
her intentions in the creation or transmission of
the information)
4) Authentication (the sender and receiver can
confirm each other?s identity and the
origin/destination of the information)
Procedures and protocols that meet some or all of
the above criteria are known as cryptosystems.

CRYPTOSYSTEMS:
Cryptosystems are often thought to refer only to
mathematical procedures and computer programs;
however, they also include the regulation of human
behavior, such as choosing hard-to-guess
passwords, logging off unused systems, and not
discussing sensitive procedures with outsiders.
The origin of cryptography is usually dated from
about 2000 BC, with the Egyptian practice of
hieroglyphics. These consisted of complex
pictograms, the full meaning of which was only
known to an elite few. The first known use of a
modern cipher was by Julius Caesar (100 BC to 44
BC), who did not trust his messengers when
communicating with his governors and officers. For
this reason, he created a system in which each
character in his messages was replaced by a
character three positions ahead of it in the Roman
alphabet. In recent times, cryptography has turned into
a battleground of some of the world's
best mathematicians and computer
scientists. The ability to securely
store and transfer sensitive
information has proved a critical factor in
success in war and business. Because governments do
not wish certain entities in and out of their countries to
have access to ways to receive and send hidden
information that may be a threat to
national interests, cryptography has
been subject to various restrictions in
many countries, ranging from
limitations of the usage and export of software to
the public dissemination of mathematical concepts
that could be used to develop cryptosystems.
However, the Internet has allowed the spread of
powerful programs and, more importantly, the
underlying techniques of cryptography, so that
today many of the most advanced cryptosystems and
ideas are now in the public domain.

CRYPTANALYSIS:
Cryptanalysis refers to the study of ciphers,
ciphertext, or cryptosystems (that is, to secret
code systems) with a view to finding weaknesses in
them that will permit retrieval of the plaintext
from the ciphertext, without necessarily knowing
the key or the algorithm. This is known as
breaking the cipher, ciphertext, or cryptosystem.
Breaking is sometimes used interchangeably with
weakening. This refers to finding a property
(fault) in the design or implementation of the
cipher that reduces the number of keys required in
a brute force attack (that is, simply trying every
possible key until the correct one is found). For
example, assume that a symmetric cipher
implementation uses a key length of 2^128 bits (2
to the power of 128): this means that a brute
force attack would need to try up to all 2^128
possible combinations (rounds) to be certain of
finding the correct key (or, on average, 2^127
possible combinations) to convert the cipher text
into plaintext, which is not possible given
present and near future computing abilities.
However, a cryptanalysis of the cipher reveals a
technique that would allow the plaintext to be
found in 2^40 rounds. While not completely broken,
the cipher is now much weaker and the plaintext
can be found with moderate computing resources.
There are numerous techniques for performing
cryptanalysis, depending on what access the
cryptanalyst has to the plaintext, cipher text, or
other aspects of the cryptosystem. Below are some
of the most common types of attacks:
1) Known-plaintext analysis:
2) Chosen-plaintext
3) Cipher text-only analysis
4) Man-in-the-middle attack
5) Timing/differential power analysis

ENCRYPTION AND DECRYPTION:

 Encryption is the process of converting normal
data or plaintext to something incomprehensible or
cipher-text by applying mathematical transformations.
These transformations are known as encryption
algorithms and require an encryption key. Decryption is
the reverse process of getting back the original data
from the cipher-text using a decryption key. The
encryption key and the decryption key could be the
same as in symmetric or secret key cryptography, or
different as in asymmetric or public key cryptography.

CRYPTOGRAPHY IN SECURITY:

Some encryption schemes can be proven secure

based on the presumed hardness of a
mathematical problem like factoring the product of
two large primes or computing discrete logarithms.
Note that "secure" here has a precise
mathematical meaning, and there are multiple
different (meaningful) definitions of what it means
for an encryption scheme to be secure. The "right"
definition depends on the context in which the
scheme will be deployed.
In contrast to the one-time pad, no public-key
encryption scheme has been shown to be secure
against eavesdroppers with unlimited
computational power. Proofs of security for
asymmetric key cryptography therefore hold only
with respect to computationally-limited
adversaries, and can give guarantees (relative to
particular mathematical assumptions) of the form
"the scheme cannot be broken using a desktop
computer in 1000 years", or "this algorithm is
secure if no improved method of (for instance,
integer factoring) is found".
The most obvious application of a public key
encryption system is confidentiality; a message
which a sender encrypts using the recipient's
public key can be decrypted only by the recipient's
paired private key (assuming, of course that no
flaw is discovered in the basic algorithm used).
 Another type of applications in public-key
cryptography are digital signature schemes. Digital
signature schemes can be used for sender
authentication and non-repudiation. In such a
scheme a user who wants to send a message
computes a digital signature of this message and
then sends this digital signature together with the
message to the intended receiver. Digital signature
schemes have the property that signatures can
only be computed with the knowledge of a private
key. To verify that a message has been signed by a
user and has not been modified the receiver only
needs to know the corresponding public key. In
some cases (e.g. RSA) there exist digital signature
schemes with many similarities to an encryption
schemes. In other cases (e.g. DSA) the algorithm
does not resemble any encryption scheme.
To achieve authentication, and confidentiality, the
sender could first sign the message using his
private key, then encrypt the message and
signature using the recipient's public key.
These characteristics can be used to construct
many other, sometimes surprising, cryptographic
protocols and applications, like digital cash,
password-authenticated key agreement, multi-
party key agreement, time stamping service, non-
repudiation protocols, etc.
KEY SYSTEMS IN CRYPTOGRAPHY:
 Public-key cryptography is a
method for secret communication between two
parties without requiring an initial exchange of
secret keys. It can also be used to create digital
signatures. Public key cryptography is a
fundamental and widely used technology around
the world, and enables secure transmission of
information on the Internet.
It is also known as asymmetric key
cryptography because the key used to encrypt a
message differs from the key used to decrypt it. In
public key cryptography, a user has a pair of
cryptographic keys — a public key and a private
key. The private key is kept secret, while the public
key may be widely distributed. Messages are
encrypted with the recipient's public key and can
only be decrypted with the corresponding private
key. The keys are related mathematically, but the
private key cannot be feasibly (ie, in actual or
projected practice) derived from the public key.
Symmetric cryptography uses a single secret key
for both encryption and decryption. To use a
symmetric encryption scheme, the sender and
receiver must share a key in advance. Because
symmetric encryption is less computationally
intensive and requires less bandwidth, it is
common to exchange a key using a key-exchange
algorithm and transmit data using an enciphering
scheme.
SECURITY PITFALLS:
A cryptographic system can only be as strong as
the encryption algorithms, digital signature algorithms, one-
way hash functions, and message authentication codes it
relies on. Break any of them, and you've broken the system.
And just as it's possible to build a weak structure using
strong materials, it's possible to build a weak cryptographic
system using strong algorithms and protocols.

CONCLUSION:
In recent times, cryptography has turned
into a
Battleground of some of the world's best
mathematicians and computer scientists. The
ability to securely store and transfer sensitive
information has proved a critical factor in
success in war and business. However, the Internet
has allowed the spread of powerful programs and,
more importantly, the underlying techniques of
cryptography, so that today many of the most
advanced cryptosystems and ideas are now in the
public domain.