Study On Cryptography And Cipher Text Computer Science Essay

Published: Last Edited:

This essay has been submitted by a student. This is not an example of the work written by our professional essay writers.

Everyone has secrets; some have more than others. When it becomes necessary to transmit those secrets from one point to another, it is important to protect the information while it is in transit. Cryptography, which is the art of keeping messages secure, presents various methods for taking legible, readable data, and transforming it into unreadable data for the purpose of secure transmission, and then using a key to transform it back into readable data when it reaches its destination.

The best way to prevent the misuse of critical information is to convert into a form that is unintelligible to a person who gains unauthorized access to it. The Egyptians were among the first people to develop a technique that was used to disguise important information. This technique is called cryptography. Cryptography is an art of converting information into a secret code that can be interpreted only by a person who knows how to decode the process of distinguishing information into an unintelligible form is known as encryption. The information that needs to be distinguished is called plain text. The encrypted information is called cipher text. [1]

After the encrypted information reaches its destination it has to be converted into a plaintext so that the information is intelligible. The process of converting cipher text into plaintext is known as decryption. Encryption and decryption require the use of some secret information, usually referred to as a key. Depending on the encryption mechanism used, the same key might be used for both encryption and decryption; in such a case the mechanism is known as secret key cryptography. While for other mechanisms, the keys used for encryption and decryption might be different and that is known as public key cryptography predating computers by thousands of years, cryptography has its roots in basic transposition ciphers, which assigns each letter of the alphabet a particular value. [2]

The goal of cryptography extends beyond merely making data unreadable, it also extends into user authentication that is, providing the recipient with assurance that the encrypted message originated from a trusted source. The study of cryptography is advancing steadily, and scientists are rapidly creating mechanisms that are more difficult to break. The most secure type of cryptography yet may be quantum cryptography, a method that has not yet been perfected, which instead of using a key, relies on the basic laws of physics, and the movement and orientation of photons to establish a connection that is absolutely secure and unbreakable. Cryptography is the art of secret writing. Types of Cryptography, Cryptography has been implemented in many ways.

1. Private (secret) Key Cryptography (SKC)

1.2. Public Key Cryptography (PKC)

Most cryptography techniques are key based. A key is a mathematical value that is attached to plaintext. This key has a formula that encrypts or decrypts the information. With private key cryptography also known as secret key cryptography (SKC), A single key is used for both encryption and decryption, the sender uses the key to encrypt the plaintext and sends the cipher text to the receiver. The receiver applies the same key to decrypt the message and recover the plaintext. Because a single key is used for both functions, secret key cryptography is also called symmetric encryption. With this form of cryptography, it is obvious that the key must be known to both the sender and the receiver that, in fact, is the secret. [3]

The biggest difficulty with this approach, of course, is the distribution of the key. Secret key cryptography schemes are generally categorized as being either stream ciphers or block ciphers. Stream ciphers operate on a single bit at a time and implement some form of feedback mechanism so that the key is constantly changing. A block cipher is so-called because the scheme encrypts one block of data at a time using the same key on each block. In general, the same plaintext block will always encrypt to the same cipher text when using the same key in a block cipher whereas the same plaintext will encrypt to different cipher text in a stream cipher. Stream ciphers come in several flavors but two are worth mentioning here. Self-synchronizing stream ciphers calculate each bit in the key stream as a function of the previous bits in the key stream. It is termed "self-synchronizing" because the decryption process can stay synchronized with the encryption process merely by knowing how far into the n -bit key stream it is. [3]

1.3 Cipher text

One problem is error propagation; a garbled bit in transmission will result in garbled bits at the receiving side. Synchronous stream ciphers generate the key stream in a fashion independent of the message stream but by using the same key stream generation function at sender and receiver. While stream ciphers do not propagate transmission errors, they are, by their nature, periodic so that the key stream will eventually repeat. Block ciphers can operate in one of several modes; the following four are the most important: Electronic Codebook (ECB) mode is the simplest, most obvious application: the secret key is used to encrypt the plaintext block to form a cipher text block. Two identical plaintext blocks, then, will always generate the same cipher text block. Although this is the most common mode of block ciphers, it is susceptible to a variety of brute-force attacks. [4]

Cipher Block Chaining (CBC) mode adds a feedback mechanism to the encryption scheme. In CBC, the plaintext is Exclusively ORed (XORed) with the previous cipher text block prior to encryption. In this mode, two identical blocks of plaintext never encrypt to the same cipher text. Cipher Feedback (CFB) mode is a block cipher implementation as a self- synchronizing stream cipher. CFB mode allows data to be encrypted in units smaller than the block size, which might be useful in some applications such as encrypting interactive terminal input. If we were using 1-byte CFB mode for example, each incoming character is placed into a shift register the same size as the block, encrypted, and the block transmitted.

At the receiving side, the cipher text is decrypted and the extra bits in the block (i.e., everything above and beyond the one byte) are discarded. Output Feedback (OFB) mode is a block cipher implementation conceptually similar to a synchronous stream cipher. OFB prevents the same plaintext block from generating the same cipher text block by using an internal feedback mechanism that is independent of both the plaintext and cipher text bit streams. Secret key cryptography algorithms that are in use today include: Data Encryption Standard (DES) The most common SKC scheme used today, DES was designed by IBM in the 1970s and adopted by the National Bureau of Standards (NBS) [now the National Institute for Standards and Technology (NIST)] in 1977 for commercial and unclassified government applications. [4]

1.3.1 DES

DES is a block-cipher employing a 56-bit key that operates on 64-bit blocks. DES has a complex set of rules and transformations that were designed specifically to yield fast hardware implementations and slow software implementations, although this latter point is becoming less significant today since the speed of computer processors is several orders of magnitude faster today than twenty years ago. Advanced Encryption Standard (AES): the Advanced Encryption Standard, became the official successor to DES in December 2001. AES uses an SKC scheme called Rijndael, a block cipher designed by Belgian cryptographers Joan Daemen and Vincent Rijmen. The algorithm can use a variable block length and key length; the latest specification allowed any combination of keys lengths of 128, 192, or 256 bits and blocks of length 128, 192, or 256 bits. NIST initially selected Rijndael in October 2000 and formal adoption as the AES standard came in December 2001. Blowfish: [5]

A symmetric 64-bit block cipher invented by Bruce Schneier; optimized for 32-bit processors with large data caches, it is significantly faster than DES on a Pentium/PowerPC-class machine. Key lengths can vary from 32 to 448 bits in length. Blowfish, available freely and intended as a substitute for DES or IDEA, is in use in over 80 product Private Key cryptography is very efficient in terms of processing speed and using minimal computing resources, but has two limiting security problems:- First, how can two individuals who are interacting for the first time over an insecure network (such as the Internet) exchange a symmetric key securely? If the individuals tried to transmit the symmetric key over the insecure network, intending to encrypt information with it in subsequent communications, an attacker could intercept it key while in transit and use it to intercept and decrypt the later messages that the individuals hoped to keep confidential. Alternatively, an attacker could perform processes of his own with the symmetric key to make it appear as if a message written by the attacker had actually originated from the one of the individuals trying to communicate over the insecure network.

Second, since both the sender and the receiver of a message share the same symmetric key, the authentication and integrity is not provable to a third party who does not also hold the key. Thus, while the authentication and integrity of a message may be sufficient between two trusted individuals, the sender could deny, or repudiate, the message. In general, symmetric cryptography cannot provide the additional security sever called non-repudiation. [3]

1.3.2 Hash functions

Hash function is mathematical algorithm. There is no concept of keys in the hash functions. A hash function accepts information as data attaches a value to this information and sends it. The most important advantage of the hash function is that no one can tamper with the information that is transmitted this technique. This is because the hash function is one-way cryptography technique. A hash function is said to be one-way because even if the output of a hash function is known, it is impossible to determine the input that constitutes the original information. For example, if data X is encrypted using a hash function to generate a value, Y, it is impossible to recover the value of X if Y is known. Hash functions are used to create signatures. These signatures are used to authenticate users. [5]

A hash function is also used to protect passwords; specially UNIX systems apply the hash function to user's password and store the hash value and not the password itself. To authenticate the user a password is requested and the response runs through a hash function to generate the hash value. If the user supplies the correct password and is authenticated, the resulting hash value is the same as the stored value. The hash function is irreversible, which implies that obtaining the hash value doesn't reveal the password to an attacker. Hash functions can be used to generate signatures. Assume that both the sender and the recipient of some data share a public key then by combining the data message with the public key, and running it through hash function, a signature is generated in the form of a hash value. The data message is transmitted with the signature. The recipient combines the received message the public key to generate a hash value. If the hash value is identical with the hash value that was sent with data message, it implies that the data signatures are identical. In this way the authenticity of the message is verified.[5]

1.4 Digital Cryptography Basics

This section introduces a number of basic building blocks of modern digital cryptography, describes what they can do for you, and explains how to compose them to produce useful and practical secure services.

1.4.1 Message Digests

Message digest functions convert sequences of bits, possibly quite long, called messages, into fixed-length binary "fingerprints" or message digests of the original sequences. A message digest function has two goals:

It should be computationally infeasible to find another message whose digest is the same as the digest of a given message. It should be computationally infeasible to find two arbitrary messages whose digests are the same. In the common case where an authentication method takes a large amount of computational effort and that effort is proportional to the number of bits being authenticated, you can secure a large document by authenticating its much smaller fixed-size message digest.

A message digest function is not identical to a checksum. A checksum is usually quite simple and is designed to detect transmission errors or accidental changes. An adversary can deliberately circumvent the testing of a checksum by adjusting the message to leave the checksum unchanged. By comparison, a message digest is complex and is designed to defeat attempts by an adversary to change the message. First, consider a checksum calculated by simply adding all octets in a message and discarding the bits of the sum above the least significant eight bits. In most cases, an adversary could easily modify the message to become a different message with the same checksum. For example, inserting an octet with value V.

1.4.2 Message Authentication Codes

A message authentication code (MAC) function computes a MAC from a message and a secret key. If the originator and the receiver share knowledge of that secret key, the receiver can calculate the same function of the message and secret key and see if it matches the MAC accompanying the message. If the MAC matches, then you know, within the strength of the MAC function and key, that some program with possession of the secret produced the MAC. Of course, every program that can verify the MAC needs to know this secret. Thus all of them can create valid MACs even if they should only receive and verify these codes.

1.4.3 Digital Signatures

You can use public key authentication to produce " digital signatures " These signatures have a very desirable characteristic namely, it is computationally infeasible for anyone without the private key to produce a signature that will verify for a given message. Modern digital signatures consist of (1) a message and (2) a message digest of that message asymmetrically transformed under a private key of the signer. A typical implementation of digital signature involves a message-digest, a private key for encrypting the message digest, and a public-key for decrypting the message digest. The digital signature procedure is as follows: The sender. The software used by the sender computes; using a standard algorithm, a message digest from the message. The message digest is unique to the original message in that only the original, unmodified message could have produced the message digest. The sender then encrypts the message digest with his private key, yielding an encrypted message digest.

1.5 Cryptanalysis

Cryptanalysis is the study of methods for obtaining the meaning of encrypted information, without access to the secret information which is normally required to do so. Typically, this involves finding the secret key. In non-technical language, this is the practice of code-breaking or cracking the code, although these phrases also have a specialized technical meaning. Even though the goal has been the same, the methods and techniques of cryptanalysis have changed drastically through the history of cryptography, adapting to increasing cryptographic complexity, ranging from the pen-and-paper methods of the past, through machines like Enigma in World War II, to the computer-based schemes of the present. The results of cryptanalysis have also changed it is no longer possible to have unlimited success in code breaking, and there is a hierarchical classification of what constitutes a rare practical attack. In the mid-1970s, a new class of cryptography was introduced: asymmetric cryptography

1.6 Key Concepts

A key is a value that works with a cryptographic algorithm to produce a specific cipher text. Keys are basically really, really, really big numbers. Key size is measured in bits; the number representing a 1024-bit key is darn huge. In public key cryptography, the bigger the key, the more secure the cipher text. However, public key size and conventional cryptography's secret key size are totally unrelated. A conventional 80-bit key has the equivalent strength of a 1024-bit public key. A conventional 128-bit key is equivalent to a 3000-bit public key. Again, the bigger the key, the more secure, but the algorithms used for each type of cryptography are very different and thus comparison is like that of apples to oranges. While the public and private keys are mathematically related, it's very difficult to derive the private key given only the public key; however, deriving the private key is always possible given enough time and computing power.

This makes it very important to pick keys of the right size; large enough to be secure, but small enough to be applied fairly quickly. Additionally, you need to consider who might be trying to read your files, how determined they are, how much time they have, and what their resources might be. Larger keys will be cryptographically secure for a longer period of time. If what you want to encrypt needs to be hidden for many years, you might want to use a very large key. Of course, who knows how long it will take to determine your key using tomorrow's faster, more efficient computers? There was a time when a 56-bit symmetric key was considered extremely safe. Keys are stored in encrypted form. PGP stores the keys in two files on your hard disk; one for public keys and one for private keys. These files are called key rings. As you use PGP, you will typically add the public keys of your recipients to your public key ring. Your private keys are stored on your private key ring. If you lose your private key ring, you will be unable to decrypt any information encrypted to keys on that ring.