The role of cryptography in information security

During the last few years, cryptanalysis have found some weaknesses in DES when key selected are weak keys. The output of all eight s-boxes is then combined in to 32 bit section. The permutation step at the end of each round swaps the modified L and unmodified R. Therefore, the L for the next round would be R of the current round. And R for the next round be the output L of the current round. The input block to each round is divided into two halves that can be denoted as L and R for the left half and the right half.

It goes without saying that the security of any cryptosystem depends upon how securely its keys are managed. Without secure procedures for the handling of cryptographic keys, the benefits of the use of strong cryptographic schemes are potentially lost. Since digital signature is created by ‘private’ key of signer and no one else can have this key; the signer cannot repudiate signing the data in future. Verifier feeds the digital signature and the verification key into the verification algorithm. Digital signatures are the public-key primitives of message authentication.

The system can use techniques of appending CRC to data for detecting any active modification. These data errors are likely to occur due to noise in a communication channel. Also, the data may get corrupted while the file is stored on a disk. Compute the modular inverse of x modulo p, which is -x , generally referred to as decryption factor.

  • It refers to the design of mechanisms based on mathematical algorithms that provide fundamental information security services.
  • Hash function coverts data of arbitrary length to a fixed length.
  • The Kama-sutra generate a list of 26 alphabets with no duplicate.
  • Vigenere cipher becomes a cryptosystem with perfect secrecy, which is called One-time pad.
  • Hashing algorithm is a process for using the hash function, specifying how the message will be broken up and how the results from previous message blocks are chained together.
  • 1) S can launch a birthday attack to replace m with a fraudulent message.

MD5 digests have been widely used in the software world to provide assurance about integrity of transferred file. For example, file servers often provide a pre-computed MD5 checksum for the files, so that a user can compare the checksum of the downloaded file to it. At higher level of threat, attacker may modify data and try to derive new digest for modified data from exiting digest. This is possible if the digest is computed using simple mechanisms such as CRC. In this type of threats, an attacker can manipulate the data with malicious intent. Let us go through a simple version of ElGamal that works with numbers modulo p.

Cryptography MCQ Quiz – Objective Question with Answer for Cryptography – Download Free PDF

The attacker influences the sender to convert plaintext of his choice and obtains the ciphertext. When Host1 needs to send data to Host2, he obtains the public key of Host2 from repository, encrypts the data, and transmits. There are two restrictive challenges of employing symmetric key cryptography. The encryption process where same keys are used for encrypting and decrypting the information is known as Symmetric Key Encryption.

Cryptography is something that is used in numerous aspects of everyday life, but many people do not know what is cryptography exactly. The cryptography definition is a system of writing or storing information so that it is able to be seen by those who need to see it and is hidden from everyone else. Its goal is to prevent snoopers, hackers, how does cryptography work and anyone unauthorized to see specific information from being able to access it. — The amount of secrecy needed should determine the amount of labor appropriate for encryption and decryption. Cryptography does not guard against the vulnerabilities and threats that emerge from the poor design of systems, protocols, and procedures.

Analysis of ECB Mode

In cryptography, attacks are of two types such as Passive attacks and Active attacks. This course is a part of the Applied Cryptography specialization. The Secure Hash Algorithm is a cryptographic hash function that produces a message digest. The Advanced Encryption Standard-New Modes is a set of new modes for the Advanced Encryption Standard that provides support for authenticated encryption. GnuTLS is an opensource project that provides a cryptography library with a focus on security and portability. NSSCrypto is an opensource project that provides a cryptography library with a focus on security and portability.

Cryptography Objectives

With increasing computing power, it was considered vulnerable against exhaustive key search attack. Triple DES was designed to overcome this drawback but it was found slow. Triple DES systems are significantly more secure than single DES, but these are clearly a much slower process than encryption using single DES. User first decrypt using K3, then encrypt with K2, and finally decrypt with K1.

There is a vast number of block ciphers schemes that are in use. Vigenere Cipher was designed by tweaking the standard Caesar cipher to reduce the effectiveness of cryptanalysis on the ciphertext and make a cryptosystem more robust. Polyalphabetic Cipher is a substitution cipher in which the cipher alphabet for the plain alphabet may be different at different places during the encryption process. The next two examples, playfair and Vigenere Cipher are polyalphabetic ciphers. These earlier cryptographic systems are also referred to as Ciphers. In general, a cipher is simply just a set of steps for performing both an encryption, and the corresponding decryption.

It is, thus, necessary to establish and maintain some kind of trusted infrastructure to manage these keys. It should be noticed that instead of signing data directly by signing algorithm, usually a hash of data is created. Since the hash of data is a unique representation of data, it is sufficient to sign the hash in place of data. The most important reason of using hash instead of data directly for signing is efficiency of the scheme. The receiver now checks equality of freshly computed MAC with the MAC received from the sender. If they match, then the receiver accepts the message and assures himself that the message has been sent by the intended sender.

The keystream must be provided to both parties in a secure way to prevent its release. Nowadays, the networks have gone global and information has taken the digital form of bits and bytes. Critical information now gets stored, processed and transmitted in digital form on computer systems and open communication channels. Revocation of Certificates − At times, CA revokes the certificate issued due to some reason such as compromise of private key by user or loss of trust in the client.

Key Functions of CA

Like CFB mode, CTR mode does not involve the decryption process of the block cipher. This is because the CTR mode is really using the block cipher to generate a key-stream, which is encrypted using the XOR function. In other words, CTR mode also converts a block cipher to a stream cipher.

Cryptography Objectives

Different cryptographic keys and algorithms are available to suit the needs of different actions. Financial transactions, security-related information, administration, law, and more, wherever electronic communication occurs, cryptography has a major role in the play. Without the detection of any suspicious activity, the data cannot be altered in storage or transit with respect to the sender and the intended receiver.

ElGamal Cryptosystem

The counter update replaces the ciphertext feedback in CFB mode. By converting a block cipher into a stream cipher, CFB mode provides some of the advantageous properties of a stream cipher while retaining the advantageous properties of a block cipher. Encrypt the data value in top register with underlying block cipher with key K. For decryption, IV data is XORed with first ciphertext block decrypted. The first ciphertext block is also fed into to register replacing IV for decrypting next ciphertext block.

Cryptography Objectives

In cryptography, the following three assumptions are made about the security environment and attacker’s capabilities. Note − Cryptographic primitives are intricately related and they are often combined to achieve a set of desired security services from a cryptosystem. Apart from the originator, authentication may also provide assurance about other parameters related to data such as the date and time of creation/transmission. Data integrity cannot prevent the alteration of data, but provides a means for detecting whether data has been manipulated in an unauthorized manner.

Analysis of CBC Mode

The Kama-sutra generate a list of 26 alphabets with no duplicate. Find for each letter of message text in the table and choose the opposite of the letter. High availability, one of the fundamental aspects of information security, cannot be ensured through the use of cryptography. Other methods are needed to guard against the threats such as denial of service or complete breakdown of information system. Confidentiality − Encryption technique can guard the information and communication from unauthorized revelation and access of information. A client whose authenticity is being verified supplies his certificate, generally along with the chain of certificates up to Root CA.

Monoalphabetic and Polyalphabetic Cipher

Data Integrity − The cryptographic hash functions are playing vital role in assuring the users about the data integrity. Data integrity check is a most common application of the hash functions. This application provides assurance to the user about correctness of the data. Interestingly, RSA does not directly operate on strings of bits as in case of symmetric key encryption. Hence, it is necessary to represent the plaintext as a series of numbers less than n.

It can still be used as a checksum to verify data integrity, but only against unintentional corruption. The reason for more advanced cryptography methods is due to the need for data to be protected more and more securely. Most of the ciphers and algorithms used in the early days of cryptography have been deciphered, making them useless for data protection. Today’s algorithms can be deciphered, but it would require years and sometimes decades to decipher the meaning of just one message. Thus, the race to create newer and more advanced cryptography techniques continues.

Occasionally, the encryption key can be determined from this attack. Modern cryptosystems are guarded against ciphertext-only attacks. Every user in this system needs to have a pair of dissimilar keys, private key and public key. These keys are mathematically related − when one key is used for encryption, the other can decrypt the ciphertext back to the original plaintext.

Details of the Encryption Scheme

Public Key Certificate, commonly referred to as ‘digital certificate’. Non-repudiation is the assurance that a message originator cannot deny any previously sent messages and commitments or actions. This requires establishment of shared secret prior to use of MAC. Instead of storing password in clear, mostly all logon processes store the hash values of passwords in the file.