Sunday, October 27, 2019
Overview of Cryptography and Encryption Techniques
Overview of Cryptography and Encryption Techniques What is cryptography Cryptography is the discipline of cryptography and cryptanalysis and of their interaction. The word Ã¢â¬Å"cryptographyÃ¢â¬ is derived from the Greek words Ã¢â¬Å"KryptosÃ¢â¬ means concealed, and Ã¢â¬Å"graphienÃ¢â¬ means to inscribe. It is the science of keeping secrets secret. One objective of cryptography is protecting a secret from adversaries. Professional cryptography protects not only the plain text, but also the key and more generally tries to protect the whole cryptosystem. Cryptographic primitives can be classified into two classes: keyed primitives and non-keyed primitives as in the figure. The fundamental and classical task of cryptography is to provide confidentiality by encryption methods. Encryption (also called enciphering) is the process of scrambling the contents of a message or file to make it unintelligible to anyone not in possession of key Ã¢â¬Å"keyÃ¢â¬ required to unscramble the file or message. Providing confidentiality is not the only objective o f cryptography. Cryptography is also used to provide solutions for other problems: Data integrity, Authentication, Non-repudiation. Encryption methods can be divided into two categories: substitution ciphers and transposition ciphers. In a substitution cipher the letters of plaintext are replaced by other letters or by symbols or numbers. Replacing plaintext bit pattern with cipher text bit patterns is involved in substitution when plaintext is viewed as a sequence of bits. Substitution ciphers preserve the order of plaintext symbols but disguise them. Transposition ciphers, do not disguise the letters, instead they reorder them. This is achieved by performing some sort of permutation on the plaintext letters. There are two type of encryption :symmetric(private/secert) encryption key and asymmetric(public) key encryption. Conventional encryption model A conventional encryption model can be illustrated as assigning Xp to represent the plaintext message to be transmitted by the originator. The parties involved select an encryption algorithm represented by E. the parties agree upon the secret key represented by K. the secret key is distributed in a secure manner represented by SC. Conventional encryptionÃ¢â¬â¢s effectiveness rests on keeping the secret. Keeping the key secret rests in a large on key distribution methods. When E process Xp and K, Xc is derived. Xc represents the cipher text output, which will be decrypted by the recipient. Upon receipt of Xc, the recipient uses a decryption algorithm represented by D to process Xc and K back to Xp. This is represented in the figure. In conventional encryption, secrecy of the encryption and decryption algorithm is not needed. In fact, the use of an established well known and tested algorithm is desirable over an obscure implementation. This brings us to the topic of key distribution. Cryptanalysis Code making involves the creation of encryption products that provide protection of confidentiality. Defeating this protection by some menÃ¢â¬â¢s other than the standard decryption process used by an intended recipient is involved in code breaking. Five scenarios for which code breaking is used. They are selling cracking product and services, spying on opponents, ensure accessibility, pursuing the intellectual aspects of code breaking and testing whether oneÃ¢â¬â¢s codes are strong enough. Cryptanalysis is the process of attempting to identify either the plaintext Xp or the key K. discovery of the encryption is the most desired one as with its discovery all the subsequent messages can be deciphered. Therefore, the length of encryption key, and the volume of the computational work necessary provides for its length i.e. resistance to breakage. The protection get stronger when key size increases but this requires more brute force. Neither encryption scheme conventional encryption no r public key encryption is more resistant to cryptanalysis than the other. Cryptographic goals However, there are other natural cryptographic problems to be solved and they can be equally if not important depending on who is attacking you and what you are trying to secure against attackers. Privacy, authentication, integrity and non-repudiation are the cryptographic goals covered in this text. These three concepts form what is often referred to as the CIA triad? The three notations represents the basic security objectives for both data and for information and computing services. FIPS PUB 199 provides a useful characterization of these objectives in terms of requirements and the definition of a loss of security in each category: Confidentiality: Preserving authorized restrictions on information access and disclosure, together with means for shielding personal secrecy and copyrighted material. A damage of privacy is the illegal disclosure of information. Integrity: Guarding against improper information modification or destruction, and includes ensuring information non-repudiation and authenticity. A loss of integrity is the unauthorized modification of information. Availability: Ensuring timely and reliable access to and use of information. A loss of availability is the disruption of access to an information system. Although the use of the CIA tried to define security objectives is well established, some in the security field feel that additional concepts are needed to present a complete picture. Two of the most commonly mentioned are: Authenticity: The property of being genuine and being able to be verified and trusted; confidence in the validity of a transmission, a message, or message originator. Accountability: The security goal that generates the requirement for actions of an entity to be traced uniquely to that entity. Generally there are two types key present 1 Symmetric-key 2 Asymmetric-key Symmetric key encryption The universal technique for providing confidentiality for transmitted data is symmetric encryption. Symmetric encryption is also known as conventional encryption or single-key encryption was the only type of encryption in use prior to the introduction of public-key encryption. Countless individuals and groups, from Julius Caesar to the German U-boat force to present-day diplomatic, military and commercial users, use symmetric encryption for secret communication. It remains by far the more widely used of the types of encryption. A symmetric encryption scheme has five ingredients as follows- Plaintext: This is the original data or message that is fed into the algorithm as input. Encryption algorithm: the encryption algorithm performs various transformations and substitutions on the plaintext. Secret key: The secret key is input to the encryption algorithm. The exact transformations and substitutions performed by the algorithm depend on the key. Ciphertext: This is the scrambled message produced as output. It depends on the plaintext and the secret key. For a given message, two different keys will produce two different ciphertexts. Decryption algorithm: This is reserve process of encryption algorithm. It takes the ciphertext and secret key and produces the original plaintext. Symmetric key encryption is shown in fig. There are two necessities for protected use of symmetric encryption: We need a strong encryption algorithm. Sender and receiver must have secured obtained, keep secure, the secret key. Stream Ciphers The stream ciphers encrypt data by generating a key stream from the key and performing the encryption operation on the key stream with the plaintext data. The key stream can be any size that matches the size of the plaintext stream to be encrypted. The ith key stream digit only depends on the secret key and on the (i-1) previous plaintext digits. Then, the iÃ th ciphertext digit is obtained by combining the ith plaintext digit with the ith key stream digit. One desirable property of a stream cipher is that the ciphertext be of the same length as the plaintext. Thus, a ciphertext output of 8 bits should be produced by encrypting each character, if 8-bit characters are being transmitted. Transmission capacity is wasted, if more than 8 bits are produced. However, stream ciphers are vulnerable to attack if the same key is used twice ormore. Block Ciphers A block ciphers fragments the message into blocks of a predetermined size and performs the encryption function on each block with the key stream generated by cipher algorithm. Size of each block should be fixed, and leftover message fragments are padded to the appropriate block size. Block ciphers differ from stream ciphers in that they encrypted and decrypted information in fixed size blocks rather than encrypting and decrypting each letters or word individually. A block ciphers passes a block of data or plaintext through its algorithm to generate a block of ciphertext. Asymmetric Key Cryptosystems In Asymmetric Key Cryptosystems two different keys are used: a secret key and a public key. The secret key is kept undisclosed by the proprietor and public key is openly known. The system is called Ã¢â¬Å"asymmetricÃ¢â¬ since the different keys are used for encryption and decryption, the public key and private key. If data is encrypted with a public key, it can be decrypted only by using the corresponding private key. Public Key Encryption shown in fig. Classical encryption techniques The technique enables us to illustrate the basic approaches to conventional encryption today. The two basic components of classical ciphers are transposition and substitution. Combination of both substitution and transposition is described in others systems. Substitution techniques In this technique letters of plaintext message are placed by symbols and numbers. If plaintext is in the form of a sequences of bits, then substituting plaintext bit patterns with ciphertext bit patterns. Transposition techniques Transposition instantly moves the position around within it but does not alter any of the bits in the plaintext. If the resultant ciphertext is then put through more transpositions, the end result has increasing security.