## General concepts of cryptography

### What is cryptography?

**is the science of using mathematics to encrypt and decrypt data. Cryptography enables you to**

*Cryptography**store sensitive information or transmit it across insecure networks*(like the Internet)

*so that it cannot be read by anyone except the intended recipient*.

**is the science of analyzing and breaking secure communication. Classical cryptanalysis involves an interesting combination of analytical reasoning, application of mathematical tools, pattern finding, patience, determination, and luck. Cryptanalysts are also called attackers.**

*cryptanalysis***embraces both cryptography and cryptanalysis.**

*Cryptology*### Encryption and decryption

Data that can be read and understood without any special measures is called a

**(sometimes also***message**or cleartext). The***plaintext***method of disguising plaintext in such a way as to hide its substance*is called*. Encrypting plaintext results in unreadable gibberish called***encryption****. You use encryption to ensure that information is hidden from anyone for whom it is not intended, even those who can see the encrypted data. The process of***ciphertext**reverting ciphertext to its original plaintext*is called**.***decryption*### How does cryptography work?

A cryptographic algorithm, or

*, is a mathematical function used in the encryption and decryption process. A cryptographic algorithm works in combination with a*

**cipher****—a word, number, or phrase—to encrypt the plaintext. The same plaintext encrypts to different ciphertext with different keys. The security of encrypted data is entirely dependent on two things:**

*key**the strength of the cryptographic algorithm*and

*the secrecy of the key*.

A cryptographic algorithm, plus all possible keys and all the protocols that make it work comprise a

**.**

*cryptosystem*####
**Encrypting**: ciphertext = cipher(key, plaintext)

**Decrypting**: plaintext = cipher(key, ciphertext)

### The basic goal of cryptography is to address the following five areas:

**Privacy/Confidentiality:**

Providing secrecy is one of the goals of cryptography. It means, keeping the content of information from all but those authorized to have it. Simply, it is a process of ensuring that no one can read the message or information except the intended receiver.

**Availability**

This means that the computing systems used to store and process the information, the

*security controls*used to protect it, and the communication channels used to access it must be functioning correctly.

**Data Integrity:**

Assuring the receiver that the received message has not been altered in any way either intentionally or otherwise from the original; addresses the unauthorized alteration of data.

**Authentication:**

The process of proving one’s identity. This applies to both entities and information itself. So, this aspect of cryptography is usually subdivided into two major classes: entity authentication and data origin authentication.

**Non-repudiation:**

It is a mechanism to prove that the sender really sent this message. It prevents an entity from denying previous commitments or actions performed.

### Key

A key in cryptology is similar to a key we use for locking and unlocking things in everyday life. In cryptography,

*keys are the bits and bytes used in the process of encryption and decryption*. In this case, a

**is a very large number that has special mathematical properties. Breaking into an encryption scheme depends on knowledge of the key or the ability to discover the key. The larger the key, the more difficult it is to discover.**

*key*Low-grade encryption uses 56 bits-this means 256 possible keys. The following might help provide a sense of scale:

- 232 is equal to 4,294,967,296 (more than 4 billion).
- 248 is equal to 281,474,976,710,656.
- 256 is equal to 72,057,594,037,927,936 (more than 72,057 trillion).

While this seems like a significant number of possibilities, present-day computers have enough processing power to make discovery a possibility and a cause for real concern-especially when low-grade encryption is in use.

### Algorithms

An

**is a**

*algorithm**traditional computational approach for solving a problem in a predictable number of steps that are easily duplicable in the same manner given the same set of parameters*. Technically, the algorithm must generate a result after a finite number of steps. In the world of cryptography, there are currently two classes of algorithms: symmetric and asymmetric algorithms.

### Symmetric Encryption Algorithms

**often use**

*Symmetric algorithms*__. In symmetric encrypted algorithms, the key size is directly correlated with the strength of the encryption, so a large key size used with a good algorithm will be more difficult to break than a small key size. Symmetric algorithms are best suited for providing confidentiality requirements of a security system.__

**the same key for encryption and decryption**This type of algorithm is also referred to as a “

**secret key-based algorithm**” because its mode of operation depends on a secret-the “key”-that is shared between the entities that need to communicate securely. It is therefore important that the secret, or key, is well protected at all times. The sharing of this key is also one of the main weaknesses of symmetric encryption algorithms. The other weakness of the symmetric algorithms is in the logistics of how the key is distributed to the parties that need it.

Any cryptosystem based on a

**(also called a**

*symmetric key cipher**secret-key cipher*, or a

*one-key cipher*, or a

*private-key cipher*, or a

*shared-key cipher*) conforms to the following definition:

- M : message to be enciphered
- K : a secret key
- E : enciphering function
- D : deciphering function
- C : enciphered message. C := E(M, K)
- For all M, C, and K, M = D(C,K) = D(E(M,K),K)

#### Block Ciphers

An encryption structure that “the clear text is broken up into blocks of fixed length, and encrypted one block at a time”. The block determines how much data can be encrypted at one time. See this simple explanation.#### Stream Ciphers

This type of cipher encrypts plaintext one bit at a time. The Vigenere cipher is an example of a stream cipher. Look at some of the examples “Swapping Cipher Alphabets”, and the Vigenere Square.### Asymmetric Encryption Algorithms

**use a**

*Asymmetric algorithms*__. The decryption key cannot be derived from the encryption key. This type of algorithm is also referred to as a “__

**different key for encryption and decryption****public-private key-based algorithm**.” The public portion of the name stems from the fact that the public key can be known by anybody (it’s not a secret), but the private key portion should be a secret. The public and private keys are, however, mathematically related.

Algorithms that use asymmetric encryption are computationally more demanding than symmetric algorithms and as such are much slower in execution. The ease of distribution and management of the keys used for encryption and decryption are better than symmetric-based solutions.