Cryptography And Security In World Wide Web Computer Science Essay

Published: Last Edited:

This essay has been submitted by a student. This is not an example of the work written by our professional essay writers.

This review paper contains cryptography and security related details. Basically this provides understanding about need of cryptography over World Wide Web. Although this will gives an idea about how the cryptography make its way to current state from its classical age. This review pare would not provide technical details related to cryptographic algorithms but ability to gain basic knowledge of cryptographic security.

1. Introduction

Cryptography is the science of encrypting and decrypting written communication. It comes from the Greek word "kryptos," meaning hidden, and "graphia," meaning writing. Cryptography involves developing, testing, and studying the science of encryption methods.

1.1 History of Cryptography

History of Cryptography is old as writing itself and goes back to the origins the civilization. Long ago this technique was called as method of secret communication and the Mesopotamians, Egyptians, Indians and lots of eastern countries were the pioneers to use it. The Spartans most warlike of the Greeks Invented a device called 'scytale' (Figure 1.1). This device used to keep information synchronized among bunch of commanders. Basically it is parchment or leather wrapped a spirally around a baton. Then write the message on it and send only the parchment or leather tape, it can be correctly read only with the same size baton.

Figure 1.1 - The Device called scytale

There was another method used by Julius Caser, it was a simple substitution method. For example considering English alphabet letter A replaced by D accordingly B by E and so on. Finally for English word COLD can be written as FROG. This cipher was called the Caesar cipher

Most of the classical substitution-ciphers can be easily break down. For example Caesar cipher can be easily broken by trying one by one. Generally these types of ciphers are called mono-alphabetic ciphers which can break down with frequency analysis proposed by polymath from Baghdad, Al-Kindi (800-873 A.D.).

1.2 Modern Era

Concerning last ten years it can be clearly identified that the number of internet users increasing rapidly. As example most of the people use internet for common tasks which can do in few seconds for example check balance in the bank account, on line money transfers and similar activities. All these communications are done through secure manner. Because humans like to keep privacy

With the increasing number of internet users, the vulnerabilities they faced have also increased. According to the Symantec's reports number of threats in the internet has gone up to millions. Though when a person connect to the World Wide Web to perform daily activities like e-banking and online credit card money exchanges it has to be considered the word security []. Normally in the role of network communication two types of attacks can be clearly identified Passive Attacks and Active attacks. To avoid this it has been identified a model of network security []. It describes both sender and receiver use encrypted data where third party cannot identify.

2. Overview of Cryptography

2.1 Overview of Encryption and Decryption

As afore mentioned cryptography use in secret communication. Considering network security model this technology exists in between both sender and receiver. The process of encryption and decryption happens as follows.

Figure2.1-Process of encryption and decryption

When in a network based communication cipher text will be propagate through the common medium which might be visible to external world. But the cipher text cannot be understood by anyone who does not have the key. This key prefers to both encryption and decryption. Usually this key is a long string of bits.

Scientifically a system which provides both encryption and decryption is called a cryptosystem. Basically these cryptosystems uses complex mathematical algorithms to achieve maximum security.

2.2 Strength of a Cryptosystem

Strength of a cryptosystem is determined by trying to break the cipher text into normal text without using the key. This is called a cryptanalysis. When new algorithm being introduced to the system it will be done cryptanalysis. For example in Caesar's cipher or same mono alphabetic ciphers can be break down with frequency analysis. Substituted letter has the same characteristics of original one. Considering English language the letter E is the most common letter, accounting for 12.7% of all letters, followed by T (9.0%), then A (8.2%) and so on. This means that if E is replaced by a symbol X, then X will account for roughly 13% of symbols in the concealed message. Step by step it can be easily break down by going through cryptanalysis.

Figure 2.2-Letter distributions

Hence designing most complex algorithms the strength is the critical factor. Basically number of Depending on the algorithm and length of the key, this can be a very easy task or almost impossible. If a key can be broken with a Pentium I processor in less than an hour, the cipher is not strong at all. If the key can only be broken with the use of a thousand multicore processors system, and it takes 1.2 million years, then it is a strong cipher in Cryptosystem.

2.3 Types of cryptography

2.3.1 Secret Key Cryptography

Secret key encryption is far better than any other regarding its performance in speed of encryption and decryption. This is better known as a single key encryption. Two or more parties who are willing to exchange data in secured manner shares a key consist of long string of bits. Both encryption and decryption will be done through this one and only key. As its name implies the security exist till the parties keep the secret. Once the key has been compromised security may no longer exist. Concerning network communication there was another issue, when exchange the key also done through the same network. Then eavesdropper can trace the key.

2.3.2 Public Key Cryptography

Public key cryptography is more modern technology than the secret key Cryptography. This is totally different from the secret key scenario.

Using this type of cryptography, any party can use any other party's public key to send an encrypted message; however, only the party with the corresponding private key can decrypt, and thus read, the message. For example, it can be used to send an encrypted confidential message between Person A and Person B. Each person has two keys, one public and one private. Person A can encrypt a message to Person B. To do this, he uses Person B's Public key. Only Person B can decrypt the message, which requires use of his private key. This ensures that only Person B can read the message, thus providing data confidentiality.

Public key cryptography can also be used for other purposes. For example, consider again Person A sending a message to Person B.

In this case, however, Person A not only wants to keep the message confidential but also for Person B to know that the message really came from Person A. In this case, Person A can encrypt the data with both Person A's private key and Person B's public key. When the message is received, Person B decrypts the message using both Person A's public key and Person B's private key. Like the other example, Person B is the only one who can decrypt the message, thus providing data confidentiality. However, in this case only Person A could have sent it, since it was encrypted with Person A's private key.

2.3.3 Hybrid Cryptographic Systems