Welcome Guest.
No account yet? Register
Who's Online
We have 41 guests and 1 member online

You are here: Home Resources Tutorials Cryptography Tutorial
 EH-Net
May 21, 2013, 06:24:30 AM
 News: Go back to The Ethical Hacker Network Online Magazine Home Page
 Pages: [1]   Go Down
 Author Topic: Cryptography Tutorial  (Read 4908 times) 0 Members and 1 Guest are viewing this topic.
Equix3n-
Sr. Member

Offline

Posts: 386

 « on: February 05, 2009, 08:06:54 AM »

In simplest terms, cryptography is the science of transforming messages to make them more secure. The transformation is done using mathematical functions

The original message before undergoing transformation is called plaintext and after transformation is called cipher text.

The backbone of cryptography is the key. Simply put, key is a value upon which an algorithm operates.
And what's an algorithm?
I borrow this definition from another source.  The function or the formula of combining data and the key is called an algorithm

Data could be either the plain text or the cipher text.
So an encryption algorithm uses an encryption key and the plain text(data) to convert the plain text to cipher text and the decryption algorithm uses a decryption algorithm and the cipher text(data) to convert cipher text to plain text.

Plain text ----------->Encryption algo. -------------->Cipher text

Cipher text ---------->Decryption algo. -------------->Pain text

Cryptography algorithm can be broadly classified into:-
A: Symmetric or Secret key cryptography algo.
B: Asymmetric or Public key cryptography.

Always remember that symmetric key cryptography uses secret key and asymmetric key cryptography uses public and private keys.

Now let's explain these algorithms

SYMMETRIC KEY CRYPTOGRAPHY

In symmetric key cryptography the same secret key is used by both the sender and receiver.
Thus sender uses the secret key and an encryption algo. to encrypt the data and the receiver uses the same secret key and the decryption algo. to decrypt the data.
The decryption algo. is actually the opposite of encryption algo. in symmetric key cryptography.
The important thing to note here is that due complexity of algorithm there's no harm in making the algo. public(which, it usually is), thing to remain secret is the secret key.
If the attacker(Eve) somehow gets hold of the secret key he can easily decrypt the data sent by the sender.

The advantage of symmetric key cryptography is that it's fast in comparison to asymmetric key cryptography.

Two major disadvantages of this algorithm are:
A: Each pair of users must have a unique secret key.
B: Key management i.e distribution of keys between the parties isn't easy.

Some examples of symmetric key cryptography are:
A: Substitutional algorithm
B: Transpositional algorithm
C: Block algorithm
D: Data Encryption standard i.e DES (Very important)

ASYMMETRIC KEY CRYPTOGRAPHY

In asymmetric key cryptography there are two keys: a private key and a public key.
The public key is available to the public and the private key is kept by receiver.
The public key is used for encryption and the private key is used for decryption.

Suppose S1 wants to send some data to R1 in encrypted form. S1 uses the public key of R1 which is available o the public and encrypts the data and sends it to R1. R1 uses it's private key to decrypt the data send by S1 and converts it to plain text.
Asymmetric key cryptography finds great use in digital signatures.

The advantage of asymmetric key cryptography is that it removes the restriction of a shared secret key between two entities.

The disadvantage of asymmetric key cryptography is that it's slow when compared to symmetric key cryptography.

Examples of asymmetric key cryptography

The most important eg. of asymmetric key cryptography is RSA named after its makers Rivest, Shamir and Adleman
Remember

Now I come to the end of this tutorial. I have tried my best to make it as easy to understand as possible. , it's just a basic tutorial, there's more to cryptography.
 « Last Edit: August 06, 2010, 04:23:32 PM by Equix3n- » Logged
xXxKrisxXx
Hero Member

Offline

Posts: 512

 « Reply #1 on: February 05, 2009, 12:45:00 PM »

Useful information Xen, I bet people can expect to see this subject on the Security+ Exam, that's a definite.
 Logged

eCPPT, GCIH, OSCP, OSWP
don
Editor-In-Chief
Hero Member

Offline

Posts: 4165

Editor-In-Chief

 « Reply #2 on: February 05, 2009, 04:38:26 PM »

And CISSP. That is everything but the "pain" text.

Don
 Logged

CISSP, MCSE, CSTA, Security+ SME
Equix3n-
Sr. Member

Offline

Posts: 386

 « Reply #3 on: February 05, 2009, 10:53:04 PM »

Yes, cryptography is a must know if you are preparing for security+ and I believe it's a part of syllabus for CISSP too.
 Logged
 Pages: [1]   Go Up

Page created in 0.086 seconds with 23 queries.

Exclusive Deal

5% Off w/ Code: EHN_5

SANS Deals 4 EH-Netters
5% OFF Any SANS Course in Any Format!
Coupon Code: EHN_5 Including SANS Rocky Mountain 2013 & SANS Boston 2013
Polls
Compared to this year, 2013 will be:
 Great! Better. About the same. Little worse. FUBAR!

EH-Net News Feeds