Professional Documents
Culture Documents
Mind Mapping:
Definition of 'Cryptography'
Cryptography involves creating written or generated codes that allow
information to be kept secret. Cryptography converts data into a
format that is unreadable for an unauthorized user, allowing it to be
transmitted without unauthorized entities decoding it back into a
readable format, thus compromising the data..
Types of Cryptography
The following are the two types of cryptography:
Symmetric encryption (secret key cryptography)
Asymmetric encryption (public key cryptography)
2.Block Cipher
Stream Cipher: Symmetric or secret-key encryption algorithm that encrypts a
single bit at a time. With a Stream Cipher, the same plaintext bit or byte will
encrypt to a different bit or byte every time it is encrypted.
E-Mail Security
PGP( Pretty Good Privacy):
The encryption and decryption processes
First, a quick word about keys. Public and private keys play a vital role in
PGP to encrypt and decrypt the data. Generally, a public key is used to
encrypt the data and is always shared with the end users. The private
key is used to decrypt the data and it is never shared with anyone.
Encrypt a file
After you've created and installed the key, you use it to encrypt a file, either
with or without a passphrase.
HYBRID ENCYPTION
MESSAGE DIGEST
KEY MANAGEMENT:
Definition: Key management is the set of techniques and procedures supporting the
establishment and maintenance of keying relationships between authorized parties.
Creation or Distribution:
Key distribution is the process of distributing (cryptographic) keys to different parties.
Usually this involves mechanisms which are considered "out-of-band", i.e. mechanisms that
don't use the later communication channel for the transport of keys. Alternatively key
distribution can be done by relying the distribution of new keys upon the safe distribution of
old keys.
Storage or destruction:
Secret keys need to be stored securely:
• inside a tamper-resistant hardware security module
• on a smart card or other token
• encrypted with another key and stored on a database
Storing plaintext keys in software is usually regarded as providing a lower level of
security than storing them in tamperprotected hardware.
Keys may need to be archived for long periods of time (e.g. 7 years in the case of the
London Stock Exchange).
Key esrow:
Key escrow is an arrangement in which the keys needed to decrypt encrypted data are held
in escrow(Being in escrow is a contractual arrangement in which a third party receives
and disburses money or property for the primary transacting parties) so that, under certain
circumstances, an authorized third party may gain access to those keys. These third parties
may include businesses, who may want access to employees' private communications, or
governments, who may wish to be able to view the contents of encrypted communications.
The technical problem is a largely structural one since access to protected information must
be provided only to the intended recipient and at least one third party. The third party should
be permitted access only under carefully controlled conditions, as for instance, a court order.
Thus far, no system design has been shown to meet this requirement fully on a technical basis
alone. All proposed systems also require correct functioning of some social linkage, as for
instance the process of request for access, examination of request for 'legitimacy' (as by a
court), and granting of access by technical personnel charged with access control.