5 must know Concepts in Cryptography
Cryptography is a key technology to secure your data on the Internet. It is crucial for protecting Personal Identifiable Information (PII), and authentication passwords.
Cryptographic techniques provide key attributes (properties) such as confidentiality, integrity, non-repudiation, and authenticity.
- Confidentiality simply denotes the hiding of data from unauthorized users.
- Integrity ensures the data is in its original form and not be tempered while in transit.
- Non-repudiation is an attribute for proving the identity and ensures a person can't deny the data forwarded by the sender.
- Authenticity proves that the data comes from the intended source and helps in preventing spoofing.
This blog discusses 5 Must Know Key Concepts in Cryptography and list different techniques or algorithms available in cryptography for various purposes.
(1) Symmetric-key encryption
Symmetric-key encryption is a methodology in which data is encrypted and decrypted by using the same secret key. Here, both sender and receiver have the same secret key that is used to secure data. Hence, the secret key must be shared before initiating the communication.
In general, data is scrambled by using the secret key so that it can't be read without using the secret key. The secret key used in symmetric encryption will be a string or generated using a Random Number Generator (RNG). For military-grade symmetric encryption, RNG is certified using industry standards such as FIPS 140-2, ISO/IEC 19790, etc.
Examples of symmetric key encryption algorithms are
- AES (Advanced Encryption Standard)
- DES (Data Encryption Standard)
- RC4 (Rivest Cipher 4)
- RC5 (Rivest Cipher 5)
- RC6 (Rivest Cipher 6)
- IDEA (International Data Encryption Algorithm)
- Blowfish (Drop-in replacement for DES or IDEA)
(2) Public-key encryption
Public-key encryption (also called asymmetric encryption) is a methodology in which data is encrypted and decrypted by using two different keys - one is a secret key (also called a private key) while the other is a public key. Here, there is no need to share secret keys initially and it is expected that the private key is protected by the owner.
Examples of asymmetric key encryption algorithms are
- Rivest Shamir Adleman (RSA)
- Elliptical Curve Cryptography (ECC)
- the Digital Signature Standard (DSS)
- the Diffie-Hellman exchange method
- TLS/SSL protocol
Hashing is a method used to convert any length of data into a fixed output. Hashing is basically used to prove the integrity of data. Remember once data is converted by using hashing technique, it can't be recovered. Hashing is also used for data indexing, data retrieval, and digital signatures.
Examples of hashing algorithms are
(4) Message Authentication Codes (MACs)
MACs use hashing and symmetric encryption techniques for proving the identity and authenticity of individuals. A typical example of a hashing algorithm is HMAC.
(5) Digital Signatures
Similar to MACs, Digital signatures help users for proving the integrity, non-repudiation, and authenticity of individuals. Examples of algorithms used in a digital signature are DSA, ECDSA, and RSA.
Key attributes secure by different cryptography techniques
|Type of Encryption Technique||Security Attribute|
|Symmetric-key encryption algorithms||confidentiality|
|Public-key encryption algorithms||confidentiality|
|Message Authentication Codes (MACs)||integrity, confidentiality|
|Digital Signatures||confidentiality, integrity, non-repudiation|
Subscribe us to receive more such articles updates in your email.
If you have any questions, feel free to ask in the comments section below. Nothing gives me greater joy than helping my readers!
Disclaimer: This tutorial is for educational purpose only. Individual is solely responsible for any illegal act.