Cryptography

 Cryptography 

Basic Terminology 

  • Encryption: cipher plain text and make it into unreadable message.
    • cf) cipher is done by using encryption algorithm and key (which is unique for every cipher) 
  • Decryption: reverse of encryption.

Symmetric cryptography 

  • Same key is used for encryption and decryption.
  • Encryption algorithms for Symmetric cryptography : DES, RC4, AES 

Asymmetric cryptography 

  • Different keys are used for encryption and decryption. 
  • Utilizes computational difficulty of large numbers. 
  • But how do we know who sent the message ?? Anyone can peek at public key and anyone can argue that the message was from him. This is where digital signature comes into play. 

  • Algorithms used in asymmetric cryptography 

    • RSA(Rivest-Shamir-Adleman) 
      • One of first practical asymmetric cryptography system.
      • RSA system specifies mechanisms for generation and distribution of keys along with encryption and decryption operation using these keys. 
      • Key generation process depends on choosing 2 unique, random, and usually very large prime numbers. 
    • DSA(Digital signature algorithm) 
      • Similar to RSA, DSA covers the key generation process along with signing and verifying data using the key pairs. 
    • DH(Deffie-Hellman)
      • One of popular key exchange algorithm. 
    • ECC(Elliptic Curve Cryptography)
      • A public key encryption system that uses the algebraic structure of elliptic curves over finite fields to generate secure curves. 
      • The benefit of elliptic curve based encryption system is that they are able to achieve security similar to traditional public key systems with smaller key sizes. 

  • Hash functions used in asymmetric cryptography 

    • Hash is a type of function or operation that takes in an arbitrary data input and maps it to an output of fixed size, called a hash or digest.
    • Cryptographic hashing is distinctly different from general hashing because cryptographic hash functions should be one directional and shouldn't allow hash collisions. 
    • MD5 
      • Operates on a 512 bit blocks and generates 128  bit hash digests.
      • A design flaw was discovered in 1996, and cryptographers recommended using the SHA-1 hash, a more secure alternative. 
    • SHA-1(Secure Hash Algorithm) 
      • Operates on 512 bit blocks and generates 160 bit hash digest. 
      • Used in popular protocols like TLS/SSL, PGP SSH, and IPsec. 
      • Used in Git, which uses hashes to identify revisions and ensure data integrity be detecting corruption or tampering. 

Comments

Post a Comment

Popular posts from this blog

Terms in Security

Image
Security Terms  CIA triad  CIA triad is the core aspect when designing security policy. Confidentiality  Measurement to prevent sensitive information from unauthorized access attempts.  Integrity Maintaining the consistency, accuracy and trustworthiness of data over its entire life cycle.  Data must not be changed in transit, and steps must be taken to ensure data cannot be altered by unauthorized people.  Availability  Information should be consistently and readily accessible for authorized parties. Basic terms used in security  Risk  The possibility of suffering a loss in the event of an attack on the system  Vulnerability Flaw in a system that could be exploited to compromise the system  0-day vulnerability is a vulnerability that is not known to the software d
Read more

Various types of security attacks.

Image
 Various types of security attacks  Network attacks  DNS cache poisoning attack  It works by tricking a DNS server into accepting a fake DNS record that will point to a compromised DNS server. It then feeds you fake DNS addresses when you try to access legitimate websites.  Poisoned DNS cache Man in the middle attack  An attack that places the attacker in the middle of 2 hosts that think they're communicating directly with each other.  Session hijacking  Session is taken over by an attacker. A session starts when you log into a service. The attack relies on the attacker's knowledge of your session cookie, so it is also called cookie hijacking. Session hijacking is done by stealing user's session key. This can be
Read more