Cryptography

Submitted to: Mr. Kritish Dhungel

Prepared by: Monika Pokhrel, Grade XII, Law, KMC
Cryptography

While cryptography is necessary for secure communications, it is not by itself sufficient.

Introduction
When we talk about network security, there is an important concept of CIA (Confidentiality.
Integrity and Availability). Here, cryptography is used to maintain the confidentiality of the
user’s data. In Cryptography, a plain text is converted into a cipher text and the cipher text is
converted to the plain text again. It is a method of protecting information and communication
through the use of codes, so that only those for whom the information is intended can read and
process it. The term is derived from the Greek word ‘kryptos’ which means hidden.
Cryptography is the underlying foundation of a lot of things we use online.

Basically, internet is a vulnerable channel for private communication. When a sender sends a
data to a receiver, an authorized person in between can easily gain access to such data with
certain technological knowledge. When the data travels to the receiver as a plain text, an
authorized person can also read and understand it. However, we don’t want this. For this reason,
we use cryptography. What is done is, sender before sending the plain text uses encryption
method. Several algorithms are used for encryption. Most importantly, they use a key and create
a cipher text that no one can understand. The text is then sent to the receiver. Since no one can
understand the cipher text, the receiver now will have to decrypt the text; meaning, they will
have to convert the cipher text to plain text again. This method used for communication is
Cryptography.

Cryptography is extremely popular today while we talk about network security and cyber
security. However, this does not mean that cryptography is being used just in today’s time. For
as long as humans have tried to send secret messages, cryptography has been around to make sure
the messages stay secretive. It started at the time of Ceaser, the then King of Rome. He used a
technique called Ceaser’s Cipher. Through it, while he talked to other kings, he used to encode
the message in such a way that no one on the way could understand it.
Types of cryptography

Today, we use cryptography in two ways; with Symmetric key and with Asymmetric key.

1. Symmetric Key Cryptography

On Symmetric Key Cryptography, the same key is used for both encryption and
decryption. Meaning, it relies on a shared key between the parties. It is also called private
key cryptography. Here, the biggest challenge is of key exchange. For this, various
methods like Deffy-Hellmen are used to exchange keys securely. Symmetric key
cryptography is much faster to run because the keys here are shorter than they are in
Asymmetric key cryptography. Also, the fact that just a single key is used for both
encryption and decryption makes it faster. Therefore, it is used for bulk encryption.
Payment application such as bank purchase is another instance where symmetric key
cryptography is used.

2. Asymmetric Key Cryptography

On the other hand, Asymmetric is when we use two keys; one for encryption and one for
decryption. Asymmetric Key Cryptography is also called Public Key Cryptography. In
this, data is encrypted with the public key of the receiver and sent to the receiver. Then,
the receiver decrypts the data with their private key. RSA(Rivest-Shamir-Adleman) is
one of the momentous algorithms of Asymmetric Key Cryptography. It is more secured
as the private key needs not to be shared. However, it consumes more resources than
symmetric key cryptography. It is mostly used in smaller transactions to authenticate and
create a stable contact channel before data transfer.
In order to get a good mix of performance and security, it is possible to combine public key
cryptography and private key cryptography. For instance, public key encryption can be used for
key exchange and symmetric key can be used to encrypt the communication. The principal here
is that a strong algorithm with a large key should be used to encrypt the key. Once the key is
exchanged, symmetric key encryption can be used that is faster.

Major features of cryptography

1. Confidentiality
The information is transformed into cipher text before sending. So, only the intended users can
understand and gain full access to the information. Even when the transmission or storage
medium has been compromised, the encrypted information is practically useless to unauthorized
persons without the proper keys for decryption.

2. Integrity
The information cannot be modified in storage or transition between the sender and intended
receiver without any addition to information being detected. Between sender and the intended
receiver, the cipher text cannot be modified any unauthorized user, thus upholding the data
integrity to the authorized users.

3. Non-repudiation
The creator/sender of information cannot deny his intention to send information at later stage.
It is the assurance that the sender of information is provided with proof of delivery and the
recipient is provided with proof of the sender's identity, so neither can later deny having
processed the information.

4. Authentication and availability

The identities of sender and receiver are confirmed. As well as destination/origin of
information is confirmed. It identifies a user by proof of possession of the private key
component of a cryptographic credential. It also ensures the data availability as the information
is accessible to authorized users.

With these key features, cryptography is extremely important for data security. Cryptography
constitutes a main pillar for network and information security; cryptographic primitives
(ciphers, hash functions, digital signatures, etc.) are widely used to provide several security
services, such as confidentiality, as well as data and entity authentication. However, despite
the fact that their mathematical properties are well established and strong, implementing a
proper cryptographic primitive into a generic security protocol, does not always suffice—
although it is prerequisite—to ensure the overall security.