Professional Documents
Culture Documents
Cryptography:
Cryptography is the study and practice of techniques for secure communication in
the presence of third parties called adversaries. It deals with developing and
analyzing protocols that prevents malicious third parties from retrieving
information being shared between two entities thereby following the various
aspects of information security. Secure Communication refers to the scenario
where the message or data shared between two parties can’t be accessed by an
adversary. In Cryptography, an Adversary is a malicious entity, which aims to
retrieve precious information or data thereby undermining the principles of
information security.
Principles of Cryptography:
Confidentiality refers to certain rules and guidelines usually executed under
confidentiality agreements which ensure that the information is restricted to
certain people or places.
Data integrity refers to maintaining and making sure that the data stays accurate
and consistent over its entire life cycle.
Authentication is the process of making sure that the piece of data being claimed
by the user belongs to it.
Encryption:
Data encryption converts data into a different form (code) that can only be
accessed by people who have a secret key (formally known as a decryption key) or
password. Data that has not been encrypted is referred to as plaintext, and data
that has been encrypted is referred to as ciphertext. Encryption is one of the most
widely used and successful data protection technologies in today’s corporate
world.
Encryption is a critical tool for maintaining data integrity, and its importance
cannot be overstated. Almost everything on the internet has been encrypted at
some point.
Types of Data Encryption:
1)Symmetric Encryption
In Symmetric-key encryption the message is encrypted by using a key and the
same key is used to decrypt the message which makes it easy to use but less
secure. It also requires a safe method to transfer the key from one party to
another.
2)Asymmetric Encryption
Asymmetric Key Encryption: Asymmetric Key Encryption is based on public and
private key encryption techniques. It uses two different key to encrypt and
decrypt the message. It is more secure than the symmetric key encryption
technique but is much slower.
Decryption:
Decryption is the transformation of data that has been encrypted and rendered
unreadable back to its unencrypted form. The garbled data is extracted by the
system and converted and transformed into texts and images that are easily
understandable by the reader as well as the system. Simply put, decryption is
essentially the reverse of encryption, which requires coding data to make it
unreadable, but the matching decryption keys can make it readable.
The recipients must have the right decryption or decoding tools to access the
original details. Decryption is performed using the best decryption software,
unique keys, codes, or passwords. The original file can be in the form of text files,
images, e-mail messages, user data, and directories.
The original format is called plaintext while the unreadable format is referred to
as ciphertext. Parties use an encryption scheme called an algorithm and keys for
encryption and decryption of messages in a private conversation. The decryption
algorithm is also known as a cipher.
Cryptographic keys are a vital part of any security system. They do everything
from data encryption and decryption to user authentication. The compromise of
any cryptographic key could lead to the collapse of an organization’s entire
security infrastructure, allowing the attacker to decrypt sensitive data,
authenticate themselves as privileged users, or give themselves access to other
sources of classified information. Luckily, proper management of keys and their
related components can ensure the safety of confidential information. Key
Management is the process of putting certain standards in place to ensure the
security of cryptographic keys in an organization. Key Management deal with the
creation, exchange, storage, deletion, and refreshing of keys. They also deal with
the members access of the keys.
The generation of a key is the first step in ensuring that key is secure. If the key in
question is generated with a weak encryption algorithm, then any attacker could
easily discover the value of the encryption key. Also, if the key is generated in an
insecure location, the key could be compromised as soon as it is created, resulting
in a key that cannot be safely used for encryption. Key generators, AES encryption
algorithms, or random number generators tend to be used for secure key
generation.
The next step of the key lifecycle is ensuring the safe distribution of the keys. Keys
should be distributed to the required user via a secure TLS or SSL connection, to
maintain the security of the keys being distributed. If an insecure connection is
used to distribute the cryptographic keys, then the security of any data encrypted
by these keys is in question, as an attacker could execute a man-in-the-middle
attack and steal the keys.
Once a key’s cryptoperiod, or time period the key is usable, passes, the key must
be rotated. When the key of an encrypted set of data expires, the key is retired
and replaced with a new key. First the data is decrypted by the old key or key pair
and then encrypted by the new key or key pair. Rotation is necessary because the
longer a key is in rotation, the more chance there is for someone to steal or find
out the key. Rotation of keys can happen before the cryptoperiod expires in cases
where the key is suspected to be compromised.