Different Types Of Cryptography Computer Science Essay

Published:

This essay has been submitted by a student. This is not an example of the work written by our professional essay writers.

The word cryptography is derived from Greek word called 'kryptos' which means hidden. It is described as converting or encoding common information (plain text) to unreadable form (cipher text).Unencrypted data initially called as plain text and encrypted information known as cipher text. In other words it can be defined as scrambling (encryption) the information so that no one can understand it, except the authorized user who can decode (decryption) the message. Cryptography is used in the military services for secure communications. There should be secure communication between local-area networks, real-time electronic links, mobile phones and faxes. The major goals of cryptography are to provide privacy for messages, sender and receiver authentication, non-repudiation. Cryptography protects the information from theft or alteration as well as it provides the intended user authentication.

Encryption is the process of converting the plain text into cipher text which unreadable by unauthorized user (private information in a confidential way).

Decryption is the system of decoding the cipher text into plain text or it is the process of reverse encryption which converts encrypted information into original data.

The system for encrypting data called as Cryptosystem and the art of recovering data from the ciphers without the recognition of key known as Cryptanalysis.

Security requirements:

1) Authentication: Means of verifying one's identity.

2) Confidentiality: Assure that message is not read by any other person except the end user.

3) Integrity: Ensuring the receiver about the received message that has been not altered.

4) Non-repudiation: Process of proving that sender surely sent the message.

In general, there are three types of cryptographic systems frequently used to achieve the above goals

Secret key cryptography(symmetric)

Public key cryptography(asymmetric)

Hash functions.

TYPES OF CRYPTOGRAPHY:

a) Secret key cryptography:

single key is used for both encryption and decryption.

Secret key cryptography is also called as symmetric key cryptography.

Sender and receiver will both apply the same key for encryption and decryption.

b) Public key cryptography:

This is a two-key crypto system.

Sender and receiver uses different keys for encryption and decryption.

Public key cryptography is also called as asymmetric cryptography.

c) Hash functions:

It is called as one-way encryption.

Hash algorithms generally provide 'digital fingerprint' of file contents which is helpful in ensuring whether the files are altered by the intruder.

Hash function is helpful in providing integrity of a file.

C:\Documents and Settings\rajesh\Desktop\Types.JPG

Figure 1: Three types of cryptography

NETWORK SEGMENT 1:

Managers' laptop to wireless access point:

C:\Documents and Settings\rajesh\Desktop\ist criteria.JPG

Between the manager's laptop and wireless access point practicable encryption protocols are WPA, WPA2 and WEP.

WEP uses RC4 (RON'S CODE) for encryption.

So, in between this network segment WEP can be used for encryption.

WEP:

WEP is nothing but WIRED EQUIVALENT PRIVACY.

WEP is the first option to defend the intruders against the attacks.

WEP uses the encryption to maintain confidentiality.

For key generation it needs a seed value because RC4 is stream cipher. Seed called as Initialization Vector (IV).IV and WEP key helpful in encrypting and decrypting transferred packets.

To the payload, Integrated Check(IC) Value is calculated and attached. Payload and the encryption key (IV and WEP) are now XORed.

To verify the message integrity WEP uses Cyclic Redundancy Check (CRC).

C:\Documents and Settings\rajesh\Desktop\wep encryption.PNG

Figure 2: WEP Encryption

RC4 ALGORITHM:

Ronald Rivest developed RC4 algorithm (Symmetric key algorithm).

It is also know as ARC4, which means alleged RC4.

RC4 is stream cipher algorithm, where sharing of the key must be done in a secured way.

To initialize a 256-byte state table, algorithm uses a variable length key from 1 to 256 bytes.

Often the key is limited to 40bits, due to some restrictions some times used as 128 bit key.

RC4 has the ability to use the keys between 1 to 2048 bits.

RC4 is also used in software packages like oracle secure SQL and Lotus Notes.

Algorithm can be explained in two stages initialization (key scheduling) and pseudo random generation.

In initialization stage, state table of 256-bit S is populated using K as key.

To generate pseudo-random bits state table is helpful and in order to get cipher text pseudo-random stream is XORed with the plain text.

Key scheduling:

b = 0;

for a = 0 to 255;

S[a] = a;

For a = 0 to 255;

b = (b+ S[a] + S[b]) mod 256;

swap S[a] and S[b];

Pseudo random Generation:

a = b = 0;

a = ( a + 1) mod 256;

b = ( b + S[a] ) mod 256;

swap S[a] and S[b];

Result = S[ S(a) + S(b) ] mod 256;

Where, state table S = {0,1,2,3,…,N-1}

RC4 ALGORITHM STRUCTURE:

C:\Documents and Settings\rajesh\Desktop\STRUCTURE.JPG

Figure 3:RC4 Encryption Algorithm Structure

RC4 Encryption steps:

Get the data for encryption and choose the key.

Initialize two string arrays.

Fill one array with the numbers 0 to 255.

Initiate the second array with the chosen key.

Depending on the array of key randomize the first array.

To generate final key stream, randomize the first array within itself.

To produce cipher text, XOR the final key stream with the data that to be encrypted.

COMPARISION OF RC4 WITH AES AND DES:

Algorithm

Key-Size

Speed

Block Size

Rounds

Speed depends on key size?

RC4

40-1024

Very fast

Variable

Unknown

No

AES

128,192,256

Fast

Variable

10,11,12

respectively

Yes

DES

56

Slow

64 bits

16

-----

NETWORK SEGMENT 2:

Stores PC to Dial-Up Modem:

C:\Documents and Settings\rajesh\Desktop\2.GIF

Between the stores PC and dial-up modem IPSEC framework can be used for security services.

Since IPSEC provides data integrity, authentication, confidentiality and network level peer authentication it can be implemented in the above criteria.

It provides secure communications across LAN, over the internet and private/public WAN.

By using the dial up modem we can connect the computer to internet service.

Dial up networking is group of protocols and the software used to connect internet service for the computer.

IPSEC:

IPSEC is nothing but an extension for IP protocol which is capable of providing security.

IPSEC has two different protocols i.e. Authentication Header (AH) and Encapsulating Security Payload (ESP).

ESP header attached to the packet is helpful in providing integrity protection for communication, authentication and confidentiality.

AH header attached to the packet ensures whether the authentication and integrity of data is protected or not.

ESP header has the information like data for encrypting and authentication of data.

For authenticating the protected data AH header has necessary information.

IPSec has two modes i.e. Tunnel mode and Transport mode.

Transport mode does not encrypt entire packet and it uses only original IP address.

Tunnel mode including IP header (ESP) it encrypts entire packet and create new header.

Tunnel mode is slower and transport mode is faster.

C:\Documents and Settings\rajesh\Desktop\ip.bmp

Figure 4: IP Tunnel and Transport mode

Authentication Header:

C:\Documents and Settings\rajesh\Desktop\ScreenHunter_02 May. 21 03.58.gif

AH provide authentication of IP packets and data integrity.

It ensures whether there are any changes in the contents of a packet

Helpful in filtering the traffic accordingly.

It authenticates the user or any application by enabling the network device.

Protects against replay attacks.

Encapsulating Security Payload Packet Format:

C:\Documents and Settings\rajesh\Desktop\ScreenHunter_03 May. 21 03.59.gif

Encapsulating Security Payload:

It is one of the members of IPSec protocol suite.

ESP has an optional feature which provides authentication services like AH.

It provides message privacy and limited traffic flow.

In order to encrypt the data, padding must be appeared at the end.

RSA ALGORITHM:

RSA is the authentication system which uses an algorithm developed by Ron Rivest, Adi Shamir and Leonard Adleman in 1977.RSA algorithm is most generally used encryption and authentication algorithm is included as a part of web browser from Netscape and Microsoft.

Algorithm:

Key Generation:

1) Choose two random prime numbers p,q and make sure that p not equal to q(p!=q).

2) Compute n=pq.

3) Calculate value of phi = (P-1)(Q-1)

4) Choose a value e, 1<e<phi such that gcd (e, phi)=1.

5) Choose secret exponent d, 1<d<phi such that ed=1 mod (phi).

6) Public key(n,e), private key d.

Encryption:

C:\Documents and Settings\rajesh\Desktop\enc.bmp

Decryption:

C:\Documents and Settings\rajesh\Desktop\de.bmp

Digital signature:

C:\Documents and Settings\rajesh\Desktop\sig.bmp

Verification:

C:\Documents and Settings\rajesh\Desktop\ver.bmp

COMPARISION OF IPSec and SSL:

Algorithm Authentication:

IPSec undergo both the usage of Digital Signature and secret key algorithm whereas SSL uses only Digital Signature

SSL cannot be implemented in absence of Digital Signature but IPSec can be implemented by using the secret key.

Authentication method:

IPSec supports mutual authentication algorithms such as PSK, RSA public key, KINK and RSA/DSA digital signature.

SSL supports server and client authentications algorithms like DSA digital signature, RSA/DSA digital signature and RSA (Challenge/response).

Connection mode:

IPSec has two connection modes

Tunnel Mode (Host-Host, Gateway-Gateway and Host-Gateway).

Transport Mode (Host-Host connection).

SSL has only one connection per one independent session type.

Cipher list proposal:

IPSec has a unique function called bi-directional because it is a two phase protocol.

SSL is one directional protocol.

NAT Traversing:

Existence of NAT in middle of the network will not effect the communication because SSL clients are not bound to one specific port.

IPSec clients bound to specific ports, which having NAT or NAPT in middle of network causes communication problem.

Others:

Acts as independent IP address.

Can encrypt any protocol.

Including the IP header, it encrypts entire packet

CONCLUSION:

Writing Services

Essay Writing
Service

Find out how the very best essay writing service can help you accomplish more and achieve higher marks today.

Assignment Writing Service

From complicated assignments to tricky tasks, our experts can tackle virtually any question thrown at them.

Dissertation Writing Service

A dissertation (also known as a thesis or research project) is probably the most important piece of work for any student! From full dissertations to individual chapters, we’re on hand to support you.

Coursework Writing Service

Our expert qualified writers can help you get your coursework right first time, every time.

Dissertation Proposal Service

The first step to completing a dissertation is to create a proposal that talks about what you wish to do. Our experts can design suitable methodologies - perfect to help you get started with a dissertation.

Report Writing
Service

Reports for any audience. Perfectly structured, professionally written, and tailored to suit your exact requirements.

Essay Skeleton Answer Service

If you’re just looking for some help to get started on an essay, our outline service provides you with a perfect essay plan.

Marking & Proofreading Service

Not sure if your work is hitting the mark? Struggling to get feedback from your lecturer? Our premium marking service was created just for you - get the feedback you deserve now.

Exam Revision
Service

Exams can be one of the most stressful experiences you’ll ever have! Revision is key, and we’re here to help. With custom created revision notes and exam answers, you’ll never feel underprepared again.