BS801E-BSCS. Cryptography

Transcription

1 Jay-Ar Baliguat BS801E-BSCS Ms.Myrlen Maria Antoni Cryptography Cryptography can be defined as the conversion of data into a scrambled code that can be deciphered and sent across a public or private network. Cryptography uses two main styles or forms of encrypting data; symmetrical and asymmetrical. Symmetric encryptions, or algorithms, use the same key for encryption as they do for decryption. Other names for this type of encryption are secret-key, shared-key, and private-key. The encryption key can be loosely related to the decryption key; it does not necessarily need to be an exact copy. o Cipher Text It is the result of encryption performed on plaintext using an algorithm, called a cipher. Cipher text is also known as encrypted or encoded information because it contains a form of the original plaintext that is unreadable by a human or computer without the proper cipher to decrypt it. o Encryption Encryption refers to algorithmic schemes that encode plain text into non-readable form or cipher text, providing privacy. The receiver of the encrypted text uses a "key" to decrypt the message, returning it to its original plain text form. The key is the trigger mechanism to the algorithm.

2 o Decryption The process of decoding data that has been encrypted into a secret format. Decryption requires a secret key or password. Gibberish Is a generic term in English for talking that sounds like speech, but carries no actual meaning? This meaning has also been extended to meaningless text or gobbledygook. The common theme in gibberish statements is a lack of literal sense, which can be described as a presence of nonsense. One etymology asserts it is derived from the root of the Irish word gob or gab (mouth), which the same source asserts is the root of jabber, gibber and gobble. Eaves Dropping Eavesdropping is the act of secretly listening to the private conversation of others without their consent. This is commonly thought to be unethical and there is an old adage that eavesdroppers seldom hear anything good of themselves...eavesdroppers always try to listen to matters that concern them. Hashing and Digital Signatures

3 Hashing is simply a process whereby you calculate a hash code from some data. The generated hash code is mathematically derived and is unique and specific for the data it was derived from. If any byte changes in the data then a completely different hash code is generated. This is what makes hashing extremely useful in checking if data has been modified or damaged since it was either last saved or sent over the network. If, for example, you re sending data to someone then by sending a hash code of the data along with the data itself the receiver can check the data's integrity by generating their own hash from the data and comparing it with the hash code that was sent. If the data has been modified, even by one byte, then the two hash codes won t match and that means the data has been altered. Digital signatures are an adaptation of MAC that provide the same advantages but with the added ability to verify the data s source/sender. MACs only verify that the data never changed but they cannot be used to check that the data actually came from the person who claims to have sent it. The only real difference in MAC and digital signatures is the key used to encrypt the hash. In MACs the key is a shared symmetric session key. In digital signature the keys used are public/private asymmetric keys. Authentication Model There is no single mechanism that is applicable for all authentication events throughout a typical deployment. Instead, each deployment uses some combination of authentication processes, trust relationships, and single sign-on technologies. This helps to balance a range of goals such as these: preserve individual identity minimize security exposures

4 provide a unified user experience minimize set up and maintenance efforts provide access to disparate systems within an environment integrate into a wide variety of general computing environments o Checksum A checksum or hash sum is a fixed-size data computed from an arbitrary block of digital data for the purpose of detecting accidental errors that may have been introduced during its transmission or storage. The integrity of the data can be checked at any later time by recomputing the checksum and comparing it with the stored one. If the checksums match, the data was almost certainly not altered. The procedure that yields the checksum from the data is called a checksum function or checksum algorithm. A good checksum algorithm will yield a different result with high probability when the data is accidentally corrupted; if the checksums match, the data is very likely to be free of accidental errors. Checksum functions are related to hash functions, fingerprints, randomization functions, and cryptographic hash functions. However, each of those concepts has different applications and therefore different design goals. Check digits and parity bits are special cases of checksums, appropriate for small blocks of data. o CRC ( Cyclic Redundancy Checks ) A cyclic redundancy check (CRC) or polynomial code checksum is a hash function designed to detect accidental

5 changes to raw computer data, and is commonly used in digital networks and storage devices such as hard disk drives. A CRC-enabled device calculates a short, fixed-length binary sequence, known as the CRC code or just CRC, for each block of data and sends or stores them both together. When a block is read or received the device repeats the calculation; if the new CRC does not match the one calculated earlier, then the block contains a data error and the device may take corrective action such as rereading or requesting the block be sent again, otherwise the data is assumed to be error free. o One Way Hashing An algorithm that turns messages or text into a fixed string of digits, usually for security or data management purposes. The "one way" means that it's nearly impossible to derive the original text from the string. A one-way hash function is used to create digital signatures, which in turn identify and authenticate the sender and message of a digitally distributed message.