Encryption & Decryption

Encryption


Encryption is the process of transforming information (referred to as plaintext) plaintext) using an algorithm (called cipher) to make it unreadable to anyone cipher) except those possessing special knowledge, usually referred to as a key. key. The result of the process is encrypted information (in cryptography, referred ciphertext). to as ciphertext).

Decryption


Decryption is converting ciphertext back to its original readable form.

Why is it required?
  

Secret communication Data protection Authenticate message

Examples
  

Emails Online transactions Document protection

Cryptography


Cryptography is the science of using mathematics to encrypt and decrypt data. Cryptography enables you to store sensitive information or transmit it across insecure networks so that it cannot be read by anyone except the intended recipient. Cryptography can be strong or weak, as explained above. Cryptographic strength is measured in the time and resources it would require to recover the plaintext. The result of strong cryptography is ciphertext that is very difficult to decipher without possession of the appropriate decoding tool.

Cryptography is used to provide the following:

  

Confidentiality Data integrity Authentication

How does Cryptography work?



A cryptographic algorithm, or cipher, is a mathematical function used in the encryption and decryption process. A cryptographic algorithm works in combination with a key a word, number, or phrase to encrypt the plaintext. The same plaintext encrypts to different ciphertext with different keys. The security of encrypted data is entirely dependent on two things: the strength of the cryptographic algorithm and the secrecy of the key.

Types of Encryption
 

Symmetric Asymmetric

Symmetric Encryption
Symmetric encryption is the oldest and best-known technique. A secret key, bestwhich can be a number, a word, or just a string of random letters, is applied to the text of a message to change the content in a particular way. This might be as simple as shifting each letter by a number of places in the alphabet. As long as both sender and recipient know the secret key, they can encrypt and decrypt all messages that use this key.

Advantage


Faster

Drawback


Anyone who knows the secret key can decrypt the message.

Asymmetric Encryption


There are two related keys--a key pair. A public key is made freely available to keys--a anyone who might want to send you a message. A second, private key is kept secret, so that only you know it. Any message (text, binary files, or documents) that are encrypted by using the public key can only be decrypted by applying the same algorithm, but by using the matching private key. No need to worry about passing the public keys. Slower compared to asymmetric encryption since more computation is required, so the process takes longer.

Advantage


Drawback


Keys
 

 

In computer cryptography, a key is a long sequence of bits used by encryption / decryption algorithms. A given encryption algorithm takes the original message, and a key, and alters the original message mathematically based on the key's bits to create a new encrypted message. Likewise, a decryption algorithm takes an encrypted message and restores it to its original form using one or more keys. Key size is measured in bits. Bigger the key, the more secure the cipher text. The bit strength of the encryption can vary such as 40-bit or 128-bit. To get the 40128number of keys, simply raise 2 to the power of the bit strength. For example, for 128128bit encryption the number of possible keys is 2^128 or 340,282,366,920,938,000,000,000,000,000,000,000,000 keys.

Cryptography in .NET
The System.Security.Cryptography namespace provides cryptographic services, including secure encoding and decoding of data, hashing, random number generation, and message authentication.

Symmetric algorithm support

.NET provides the following implementation classes that provide symmetric, secret key encryption algorithms:
   

DESCryptoServiceProvider RC2CryptoServiceProvider RijndaelManaged TripleDESCryptoServiceProvider

Asymmetric algorithm support

.NET provides following asymmetric (public/private key) encryption algorithms through the abstract base class (System.Security.Crytography.AsymmetricAlgorithm): System.Security.Crytography.AsymmetricAlgorithm):
 

DSACryptoServiceProvider RSACryptoServiceProvider

How does asymmetric cryptography works? Sample application using asymmetric encryption
 

 

On the client generate a key value pair using RSA Call a web method asking for sensitive data and as part of the call send the public key Encrypt the sensitive data to be sent back with the public key asymmetric encryption Send the encrypted sensitive data back to the client On the client decrypt the sensitive data with the private key using asymmetric encryption

How does SSL work?

The Secure Sockets Layer (SSL) is a security protocol used by Web browsers and Web servers to help users protect their data during transfer. An SSL Certificate contains a public and private key pair as well as verified identification information. Secure Sockets Layer uses a cryptographic system that encrypts data with two keys. When a SSL Digital Certificate is installed on a web site, users can see a padlock icon at the bottom area of the navigator. When an Extended Validation Certificates is installed on a web site, users with the latest versions of Firefox, Internet Explorer or Opera will see the green address bar at the URL area of the navigator. When a browser (or client) points to a secured domain, the server shares the public key with the client to establish an encryption method and a unique session key. The client confirms that it recognizes and trusts the issuer of the SSL Certificate. This process is known as the "SSL handshake" and it can begin a secure session that protects message privacy and message integrity.