.

Cryptography Tutorial

<<

Xen

User avatar

Sr. Member
Sr. Member

Posts: 386

Joined: Tue Feb 03, 2009 3:59 am

Post Thu Feb 05, 2009 9:06 am

Cryptography Tutorial

In simplest terms, cryptography is the science of transforming messages to make them more secure. The transformation is done using mathematical functions

The original message before undergoing transformation is called plaintext and after transformation is called cipher text.

The backbone of cryptography is the key. Simply put, key is a value upon which an algorithm operates.
And what's an algorithm?
I borrow this definition from another source.  The function or the formula of combining data and the key is called an algorithm

Data could be either the plain text or the cipher text.
So an encryption algorithm uses an encryption key and the plain text(data) to convert the plain text to cipher text and the decryption algorithm uses a decryption algorithm and the cipher text(data) to convert cipher text to plain text.

Plain text ----------->Encryption algo. -------------->Cipher text

Cipher text ---------->Decryption algo. -------------->Pain text


Cryptography algorithm can be broadly classified into:-
A: Symmetric or Secret key cryptography algo.
B: Asymmetric or Public key cryptography.

Always remember that symmetric key cryptography uses secret key and asymmetric key cryptography uses public and private keys.

Now let's explain these algorithms

SYMMETRIC KEY CRYPTOGRAPHY

In symmetric key cryptography the same secret key is used by both the sender and receiver.
Thus sender uses the secret key and an encryption algo. to encrypt the data and the receiver uses the same secret key and the decryption algo. to decrypt the data.
The decryption algo. is actually the opposite of encryption algo. in symmetric key cryptography.
The important thing to note here is that due complexity of algorithm there's no harm in making the algo. public(which, it usually is), thing to remain secret is the secret key.
If the attacker(Eve) somehow gets hold of the secret key he can easily decrypt the data sent by the sender.

Advantages of symmetric key cryptography.

The advantage of symmetric key cryptography is that it's fast in comparison to asymmetric key cryptography.

Disadvantages of symmetric key cryptography
Two major disadvantages of this algorithm are:
A: Each pair of users must have a unique secret key.
B: Key management i.e distribution of keys between the parties isn't easy.

Some examples of symmetric key cryptography are:
A: Substitutional algorithm
B: Transpositional algorithm
C: Block algorithm
D: Data Encryption standard i.e DES (Very important)

ASYMMETRIC KEY CRYPTOGRAPHY

In asymmetric key cryptography there are two keys: a private key and a public key.
The public key is available to the public and the private key is kept by receiver.
The public key is used for encryption and the private key is used for decryption.

Suppose S1 wants to send some data to R1 in encrypted form. S1 uses the public key of R1 which is available o the public and encrypts the data and sends it to R1. R1 uses it's private key to decrypt the data send by S1 and converts it to plain text.
Asymmetric key cryptography finds great use in digital signatures.

Advantages of asymmetric key cryptography
The advantage of asymmetric key cryptography is that it removes the restriction of a shared secret key between two entities.

Disadvantages of asymmetric key cryptography
The disadvantage of asymmetric key cryptography is that it's slow when compared to symmetric key cryptography.

Examples of asymmetric key cryptography

The most important eg. of asymmetric key cryptography is RSA named after its makers Rivest, Shamir and Adleman
Remember

Now I come to the end of this tutorial. I have tried my best to make it as easy to understand as possible. , it's just a basic tutorial, there's more to cryptography.
Last edited by Xen on Fri Aug 06, 2010 4:23 pm, edited 1 time in total.
<<

KrisTeason

User avatar

Hero Member
Hero Member

Posts: 515

Joined: Sat Sep 08, 2007 7:48 pm

Location: /dev/null

Post Thu Feb 05, 2009 1:45 pm

Re: Cryptography

Useful information Xen, I bet people can expect to see this subject on the Security+ Exam, that's a definite.
eCPPT (Silver/Gold), eWPT, GSEC, GISP, GCIH, OSCP, OSWP
<<

don

User avatar

Administrator
Administrator

Posts: 4226

Joined: Sun Aug 28, 2005 10:47 pm

Location: Chicago

Post Thu Feb 05, 2009 5:38 pm

Re: Cryptography

And CISSP. That is everything but the "pain" text.  :P

;D

Don
CISSP, MCSE, CSTA, Security+ SME
<<

Xen

User avatar

Sr. Member
Sr. Member

Posts: 386

Joined: Tue Feb 03, 2009 3:59 am

Post Thu Feb 05, 2009 11:53 pm

Re: Cryptography

Yes, cryptography is a must know if you are preparing for security+ and I believe it's a part of syllabus for CISSP too.

Return to Tutorials

Who is online

Users browsing this forum: No registered users and 1 guest

cron
.
Powered by phpBB® Forum Software © phpBB Group.
Designed by ST Software