Professional Documents
Culture Documents
Cryptography
Cryptography is a means of transforming data in a way that renders it
unreadable by anyone except the intended recipient.
Every modern computer system uses modern cryptographic methods to
secure passwords stored and provides the trusted backbone for e-
commerce.
• Cryptography has evolved so that modern encryption and decryption use secret keys
Key KA Key KB
Encryption: scrambling a message or data using a specialized cryptographic
algorithm.
Plaintext: the message or data before it gets encrypted.
Ciphertext: the encrypted (scrambled) version of the message.
Cipher: the algorithm that does the encryption.
Decryption: the process of converting ciphertext back to the original plaintext.
Cryptanalysis: the science of breaking cryptographic algorithms.
Cryptanalyst: a person who breaks cryptographic codes; also referred to as “the
attacker”.
Symmetric-Key Cryptography
The key:
XOR’d with key
1 1 01 0 0 0 1 0 1 0 0 0 0 0 1 0 1 0 0 0 0 1 0 1 1 0 1 0 0 0 1 0 10 0 0 0
The ciphertext
yields plaintext
1 0 0 1 0 0 1 0 0 0 1 1 1 0 0 0 0 1 1 0 1 0 0 1
0 1 0 0 0 0 1 1 0 1 0 0 0 0 0 1 0 1 0 0 0 0 1 0
Asymmetric (Public key) Cryptography
Public key cryptography is an attempt to circumvent the key distribution
problem completely.
As it turns out, asymmetric algorithms tend to be very inefficient.
Their main use is in solving the key exchange problem for symmetric
cryptography.
In asymmetric cryptography, each user has two keys: a public key and a
private key.
The public key is made public. For example, it may be published on a
Web site.
The private key must be kept secret. It is never shared with anyone.
The security of the private key in asymmetric cryptography is as
important as key security in symmetric crypto.
Example:
Alice Bob
Digital Signature
A digital signature is the electronic signature (Certificate) duly issued by
the Certifying Authority that shows the authenticity of the person signing
the same.
Digital signatures, a form of electronic signatures, are created and
verified using Asymmetric (Public Key) Cryptography that is based on the
concept of a key pair generated by a mathematical algorithm, the public
and private keys.
Three elements of DSC (Digital Signature Certificate)
o Subject Name and Other Certificate Extensions. This is
information about the object being certified.
o Public Key Information. This is the public key of the entity being
certified. The certificate acts to bind the public key to the attribute
information described above.
o Certifying Authority (CA) Signature. The CA signs the first two
elements and thereby adds credibility to the certificate. People who
receive the certificate check the signature and will believe the
information if they trust that certifying authority.
Certifying Authorities
o Controller of Certifying Authorities
(CCA) www.cca.gov.in
o Certifying Authority (CA)
Tata Consultancy Services (TCS)
National Informatics Center (NIC)
IDRBT Certifying Authority
SafeScrypt CA Services, Sify Communications
Ltd. (n) Code Solutions CA
MTNL Trust Line
*Customs & Central
Excise E-MUDHRA