Cryptography is a science that deals with securing information. It mainly deals with securing information that is stored in the system or transferring data over a particular medium. In cryptography, a plain text is converted into cipher text. Cryptography involves securing of messages, authentication and digital signatures. It also includes encryption and decryption. When the message is transmitted over a network, the message is encrypted so that no other person can read it. At the receiving end, the user may require special software to decrypt the message.
Objective of Cryptography
The main of cryptography is to ensure that information is delivered only to its intended recipient. Most of the algorithms can break encrypted code messages. So cryptography ensures that the code breaker is not able to break the information easily. The objectives of cryptography are:
- Message confidentiality: Ensures that the information is secure and confidential. This implies that the only authorized persons are able to view the information. Confidentiality can be enforced using the password authentication. The receiver of the information may require the correct password to access the information that is sent to him.
- Message integrity: Ensures that the data is securely transmitted without any alteration. This also ensures that the receiver will be able to know if the information was altered while in transit.
- Message authentication: Defines a method in which both sender and the receiver of data can confirm their identity. They can also confirm the origin and destination of the message. This process is totally based on identification of sender and receiver of the information.
- Message Non-repudiation: Defines a system in which the sender or receiver of information cannot deny the actions they had performed. It solves the issues related to disputes between the sender and the receiver at a later stage. Information that is send or altered or deleted by the sender or receiver is monitored. A trusted third party is needed to monitor and solve this dispute.
- Entity Authentication: The user is verified prior to providing access to the resources of the system.
Cryptographic systems involve the coding and decoding of messages in order to protect their contents. Cryptographic systems use special keys such as public and private keys to encrypt and decrypt the messages. There are mainly two types of cryptographic systems namely symmetric and Asymmetric.
Symmetric Cryptographic Systems
This system uses the same keys to encrypt and decrypt the message. The advantage of this system is that only users with the knowledge of the keys can be able to access the information. This system is less secure as the key needed to access the information also needs to be sent through the network to the other end which is risky as the hacker may intercept it. The decryption software at the other end uses this key to decrypt the message. Thus, the same key is used for both encryption and decryption.
Asymmetric Cryptographic Systems
To overcome the problems related to the symmetric cryptographic systems, most strong encryption use Asymmetric key methodology. This system uses two keys for securely transmitting the data. It uses two keys one for encryption and other for decryption. One of the key is a public key and the other is a private key. The private key is known only to the receiver of the information. The public key is given to anyone. When a person wants to send any information he sends a text and uses a public key accordingly. The recipient of the information decrypts the message using the private key. This type of transmission is more secure as compared to symmetric cryptography as the private key need not be transmitted over the network.
If you are an organisation looking to secure your data, there are a number of training providers who run courses on cryptography. Paul Brown Training Ltd and QA are both based in London but will deliver onsite training at your own offices anywhere in the UK.