Cryptology | Definition, Examples, History, & Facts | Britannica

Because much of the terminology of cryptology dates to a time when written messages were the only things being secured, the source information, even if it is an apparently incomprehensible binary stream of 1s and 0s, as in computer output, is referred to as the plaintext. As noted above, the secret information known only to the legitimate users is the key, and the transformation of the plaintext under the control of the key into a cipher (also called ciphertext) is referred to as encryption. The inverse operation, by which a legitimate receiver recovers the concealed information from the cipher using the key, is known as decryption.

The most frequently confused, and misused, terms in the lexicon of cryptology are code and cipher. Even experts occasionally employ these terms as though they were synonymous.

A code is simply an unvarying rule for replacing a piece of information (e.g., letter, word, or phrase) with another object, but not necessarily of the same sort; Morse code, which replaces alphanumeric characters with patterns of dots and dashes, is a familiar example. Probably the most widely known code in use today is the American Standard Code for Information Interchange (ASCII). Employed in all personal computers and terminals, it represents 128 characters (and operations such as backspace and carriage return) in the form of seven-bit binary numbersi.e., as a string of seven 1s and 0s. In ASCII a lowercase a is always 1100001, an uppercase A always 1000001, and so on. Acronyms are also widely known and used codes, as, for example, Y2K (for Year 2000) and COD (meaning cash on delivery). Occasionally such a code word achieves an independent existence (and meaning) while the original equivalent phrase is forgotten or at least no longer has the precise meaning attributed to the code worde.g., modem (originally standing for modulator-demodulator).

Ciphers, as in the case of codes, also replace a piece of information (an element of the plaintext that may consist of a letter, word, or string of symbols) with another object. The difference is that the replacement is made according to a rule defined by a secret key known only to the transmitter and legitimate receiver in the expectation that an outsider, ignorant of the key, will not be able to invert the replacement to decrypt the cipher. In the past, the blurring of the distinction between codes and ciphers was relatively unimportant. In contemporary communications, however, information is frequently both encoded and encrypted so that it is important to understand the difference. A satellite communications link, for example, may encode information in ASCII characters if it is textual, or pulse-code modulate and digitize it in binary-coded decimal (BCD) form if it is an analog signal such as speech. The resulting coded data is then encrypted into ciphers by using the Data Encryption Standard or the Advanced Encryption Standard (DES or AES; described in the section History of cryptology). Finally, the resulting cipher stream itself is encoded again, using error-correcting codes for transmission from the ground station to the orbiting satellite and thence back to another ground station. These operations are then undone, in reverse order, by the intended receiver to recover the original information.

In the simplest possible example of a true cipher, A wishes to send one of two equally likely messages to B, say, to buy or sell a particular stock. The communication must take place over a wireless telephone on which eavesdroppers may listen in. It is vital to As and Bs interests that others not be privy to the content of their communication. In order to foil any eavesdroppers, A and B agree in advance as to whether A will actually say what he wishes B to do, or the opposite. Because this decision on their part must be unpredictable, they decide by flipping a coin. If heads comes up, A will say Buy when he wants B to buy and Sell when he wants B to sell. If tails comes up, however, he will say Buy when he wants B to sell, and so forth. (The messages communicate only one bit of information and could therefore be 1 and 0, but the example is clearer using Buy and Sell.)

With this encryption/decryption protocol being used, an eavesdropper gains no knowledge about the actual (concealed) instruction A has sent to B as a result of listening to their telephone communication. Such a cryptosystem is defined as perfect. The key in this simple example is the knowledge (shared by A and B) of whether A is saying what he wishes B to do or the opposite. Encryption is the act by A of either saying what he wants done or not as determined by the key, while decryption is the interpretation by B of what A actually meant, not necessarily of what he said.

This example can be extended to illustrate the second basic function of cryptography, providing a means for B to assure himself that an instruction has actually come from A and that it is unalteredi.e., a means of authenticating the message. In the example, if the eavesdropper intercepted As message to B, he couldeven without knowing the prearranged keycause B to act contrary to As intent by passing along to B the opposite of what A sent. Similarly, he could simply impersonate A and tell B to buy or sell without waiting for A to send a message, although he would not know in advance which action B would take as a result. In either event, the eavesdropper would be certain of deceiving B into doing something that A had not requested.

To protect against this sort of deception by outsiders, A and B could use the following encryption/decryption protocol.

They secretly flip a coin twice to choose one of four equally likely keys, labeled HH, HT, TH, and TT, with both of them knowing which key has been chosen. The outcome of the first coin flip determines the encryption rule just as in the previous example. The two coin flips together determine an authentication bit, 0 or 1, to be appended to the ciphers to form four possible messages: Buy-1, Buy-0, Sell-1, and Sell-0. B will only accept a message as authentic if it occurs in the row corresponding to the secret key. The pair of messages not in that row will be rejected by B as non-authentic. B can easily interpret the cipher in an authentic message to recover As instructions using the outcome of the first coin flip as the key. If a third party C impersonates A and sends a message without waiting for A to do so, he will, with probability 1/2, choose a message that does not occur in the row corresponding to the key A and B are using. Hence, the attempted deception will be detected by B, with probability 1/2. If C waits and intercepts a message from A, no matter which message it is, he will be faced with a choice between two equally likely keys that A and B could be using. As in the previous example, the two messages he must choose between convey different instructions to B, but now one of the ciphers has a 1 and the other a 0 appended as the authentication bit, and only one of these will be accepted by B. Consequently, Cs chances of deceiving B into acting contrary to As instructions are still 1/2; namely, eavesdropping on A and Bs conversation has not improved Cs chances of deceiving B.

Clearly, in either example, secrecy or secrecy with authentication, the same key cannot be reused. If C learned the message by eavesdropping and observed Bs response, he could deduce the key and thereafter impersonate A with certainty of success. If, however, A and B chose as many random keys as they had messages to exchange, the security of the information would remain the same for all exchanges. When used in this manner, these examples illustrate the vital concept of a onetime key, which is the basis for the only cryptosystems that can be mathematically proved to be cryptosecure. This may seem like a toy example, but it illustrates the essential features of cryptography. It is worth remarking that the first example shows how even a child can create ciphers, at a cost of making as many flips of a fair coin as he has bits of information to conceal, that cannot be broken by even national cryptologic services with arbitrary computing powerdisabusing the lay notion that the unachieved goal of cryptography is to devise a cipher that cannot be broken.

Follow this link:
Cryptology | Definition, Examples, History, & Facts | Britannica

Cryptography 101: Key Principles, Major Types, Use Cases … – Splunk

Cryptography is fundamental to many information security and privacy mechanisms. Today, a variety of cryptographic algorithms are used in many different applications.

This article explains cryptography: how it works, key principles or operations of cryptography, types of cryptography, use cases and more!

Cryptography can refer to any approach that hides real information, using codes, to prevent reading by unauthorized parties. Cryptography can protect:

Cryptography increasing relies on mathematical concepts a set of encryption algorithms and hashing algorithms to transform information in a way that is difficult to interpret or crack.

For example, suppose communication between two parties is secured using cryptographic principles. The senders message is typically known as the Plaintext. It is transformed into an unreadable format called Ciphertext using the encryption key. When the receiver gets the messages, the Ciphertext is transformed into plaintext using the decryption key.

Lets now turn to the principles that underpin cryptography.

Confidentiality agreements have rules and guidelines to keep the information secure and private. Confidentiality must be protected using techniques like encryption. It ensures that only authorized people can access the information at certain places and it restricts access to other unauthorized parties.

(Confidentiality is one component of the CIA security triad.)

The process of confirming that the person who sent a specific message is the sender of that message. This principle ensures the receiver receives the message from a sender who is permitted to do so. Two common authentication mechanisms are:

Encryption is the process of transforming information into an unreadable format using an encryption algorithm to protect the privacy of the information. Only the receiver can read them using the decryption key.

(Read our end-to-end encryption explainer.)

The data should be consistent and accurate without any alterations while in transit from the sender to the receiver. Data integrity ensures that no manipulation has been done to the data during its lifecycle using techniques like cryptographic hashing.

The non-repudiation principle ensures that the message sender cannot repudiate the authenticity of his signature using techniques like digital signatures.

Key management is the process of maintaining cryptographic keys. It includes tasks like key distribution, generation, rotation, etc. Key management is vital to ensuring the maximum security of a cryptography system as its security heavily relies on cryptographic keys.

There are three major types of cryptography. Lets get to know them in this section.

Symmetric-key cryptography involves encrypting and decrypting using the same cryptographic keys. Here, the sender and all receivers share a common secret key. The plaintext messages are transformed into cipher text using a particular encryption key. The receiver can use the same encryption key to decrypt the message using the shared secret key.

Examples of symmetric-key encryption algorithms include:

The major drawback of this symmetric-key encryption is sharing the secret key. The shared secret must be encrypted to prevent unauthorized access. It can be an additional overhead for cryptographic applications.

This type of cryptography, known as "public-key cryptography," uses different cryptographic keys for the encryption and decryption processes. The sender and the receiver have a private key and a public key:

Though there is a mathematical connection between these private key and public key pairs, the public key cannot generate the private key.

Public key cryptography is commonly used in digital signatures for message authentication. Senders use their private keys to digitally sign their messages to prove their authenticity. Thus, the receiver knows exactly that the sender is a trusted third party.

Of the variety of asymmetric (or public key) cryptography algorithms, here are some examples:

Hash functions compute a fixed-length hash value or a fingerprint on the plain text message. These hashes are unique to each plaintext. Therefore, this type of cryptography does not use a cryptographic key. Hash functions help ensure data integrity between communicating parties. If the hash produces the same output, it indicates that the information has not been altered, compromised or damaged.

Hash functions are used in many cryptographic algorithms and protocols, including MAC algorithms, digital signature algorithms, and authentication protocols. Some of the most common hashing algorithms include:

In addition to the three major cryptography types, hybrid encryption is another type used to secure data and communications.

Hybrid encryption combines public-key cryptography with symmetric encryption for data encryption. This cryptographic type generates a private key and encrypts it using the public key. Then the complete message with the encrypted private key will be encrypted with the original symmetric key. The encoded message can be decrypted only if the recipient knows the original private key.

Hybrid encryption performs randomization for the encryption so that no two messages will have the same ciphertext. It makes the encryption more secure.

With the concepts explained, lets turn to the most common use cases of cryptography what are people actually using cryptography for?

Storing passwords like database passwords in plain text is risky anyone who can access the password storage can read them. Instead, such passwords are encrypted or hashed using a hashing algorithm as a security best practice. Whenever the system refers to it, it will be hashed and compared to the hashed value.

Cryptocurrencies like Bitcoin and Ethereum use cryptographic algorithms such as elliptic-curve cryptography, hash functions and many more to maintain the security and privacy of transactions. Blockchain nodes are secured with cryptography to let users securely trade with other users.

(Whats the state of blockchain today?)

Digital signatures are one of the applications of public key cryptography that provide authenticity and data integrity. The sender generates a unique signature using the private key and attaches it to the document, which needs to be verified using the public key.

Organizations generate significant volumes of data (upwards of 2.5 quintillion bites per day). Storing that can be a risk. Encrypting data in storage makes it more secure and prevents data leakage. Most cloud solutions nowadays provide encryption options along with storage options, including backup drives.

Additionally, automatic encryption can be enabled when data is in transit to the storage and while at rest.

Cryptography has enabled secure communications over the internet by encrypting communication protocols. For example, using HTTPS in the URL indicates connecting to a secure website that encrypts the data. It is particularly useful for payment gateways, where a secure communication channel needs to be created to avoid the leakage of sensitive information.

Another example is the SSH protocol that most people use for tunneling and remote login.

Most organizations use file encryption to protect email communications, including sensitive conversations and attachments. For example, S/MIME encryption and Microsoft 365 message encryption are used to secure Microsoft 365 email messages. Additionally, PGP/MIME (Pretty Good Privacy/Multipurpose Internet Mail Extensions) is another popular type of email encryption supported by Yahoo, AOL and Android devices.

Weve already named these in this article, so lets take a brief look at how some common cryptographic algorithms work.

The Advanced Encryption Standard (AES) is a symmetric encryption algorithm used by many governments worldwide. It was established by the National Institute of Standards and Technology (NIST) in the U.S.

The key sizes of the AES block cipher can be 128, 192, and 256 bits, and encryption happens in blocks of 128 bits each. Considered a strong cryptographic algorithm, more secure than DES and Triple DES, AES is unbreakable by many attacks.

The RSA (Rivest-Shamir-Adleman) algorithm is an asymmetric encryption algorithm invented by Ron Rivest, Adi Shamir and Leonard Adleman in 1978. It is used to encrypt data and communications over the internet and for email encryption.

However, there are still several exploitable vulnerabilities in the RSA. For example, researchers were able to crack a key 768-bit RSA algorithm. It is recommended to use 2048 bits as the key length.

The Triple Data Encryption Standard (DES) provides more security than the standard DES algorithm by using three passes of the DES rather than one. The security of standard DES was found to be less secure than AES. It uses 56-bit length keys.

ECC is a public-key encryption technique that uses the algebraic architecture of elliptic curves with finite fields and uses encryption, signatures, and key exchange. ECC is used in applications like online banking, email encryption, and secure payments.

(Check out our elliptcal curve cryptography explainer.)

Cryptography is the heart of security and privacy mechanisms worldwide. It transforms plain-text data into ciphertext in an unreadable format using encryption algorithms. As technology advances, well see growth in more kinds of cryptography. For example, homomorphic encryption is a fledging technology. And then consider what quantum computing might mean for encryption.

This posting does not necessarily represent Splunk's position, strategies or opinion.

Read more from the original source:
Cryptography 101: Key Principles, Major Types, Use Cases ... - Splunk

What is Cryptography? – Cryptography Explained – AWS

Asymmetric (or public-key)cryptography consists of a broad set of algorithms. These are based on mathematical problems that are relatively easy to perform in one direction, but which cannot be easily reversed.

One famous example of this type of problem is the factoring problem: for carefully chosen prime numbers p and q, we can compute the product N=p*q quickly. However, given only N, it is very hard to recover p and q.

A common public-key cryptographic algorithm based on the factoring problem is the Rivest-Shamir-Adleman (RSA) function. When combined with an appropriate padding scheme, RSA can be used for multiple purposes, including asymmetric encryption.

An encryption scheme is calledasymmetricif it uses one keythe public keyto encrypt data, and a different but mathematically related keythe private keyto decrypt data.

It must be computationally infeasible to determine the private key if the only thing one knows is the public key. Therefore, the public key can be distributed broadly while the private key is kept secret and secure. Together the keys are referred to as akey pair.

One popular asymmetric encryption scheme is RSA-OAEP, which is a combination of the RSA function with the Optimal Asymmetric Encryption Padding (OAEP) padding scheme. RSA-OAEP is typically only used to encrypt small amounts of data because it is slow and has ciphertexts which are much larger than the plaintext.

Continued here:
What is Cryptography? - Cryptography Explained - AWS

What is Cryptography? Definition, Importance, Types | Fortinet

Types of Cryptographic Algorithms

There are many types of cryptographic algorithms available. They vary in complexity and security, depending on the type of communication and the sensitivity of the information being shared.

Secret Key Cryptography

Secret key cryptography, also known as symmetric encryption, uses a single key to encrypt and decrypt a message. The sender encrypts the plaintext message using the key and sends it to the recipient who then uses the same key to decrypt it and unlock the original plaintext message.

Stream Ciphers

Stream ciphers work on a single bit or byte at any time and constantly change the key using feedback mechanisms. A self-synchronizing stream cipherensures the decryption process stays in sync with the encryption process by recognizing where it sits in the bit keystream. A synchronous stream cipher generates the keystream independently of the message stream and generates the same keystream function at both the sender and the receiver.

Block Ciphers

Block ciphers encrypt one block of fixed-size data at a time. It will always encrypt a plaintext data block to the same ciphertext when the same key is used. A good example of this is the Feistel cipher, which uses elements of key expansion, permutation, and substitution to create vast confusion and diffusion in the cipher.

The stages of encryption and decryption are similar if not identical, which means reversing the key reduces the code size and circuitry required for implementing the cipher in a piece of software or hardware.

Public Key Cryptography

Public key cryptography (PKC), or asymmetric cryptography, uses mathematical functions to create codes that are exceptionally difficult to crack. It enables people to communicate securely over a nonsecure communications channel without the need for a secret key. For example, proxy reencryption enables a proxy entity to reencrypt data from one public key to another without requiring access to the plaintext or private keys.

A common PKC type is multiplication vs. factorization, which takes two large prime numbers and multiplies them to create a huge resulting number that makes deciphering difficult. Another form of PKC is exponentiation vs. logarithms such as 256-bit encryption, which increases protection to the point that even a computer capable of searching trillions of combinations per second cannot crack it.

Generic forms of PKC use two keys that are related mathematically but do not enable either to be determined. Put simply, a sender can encrypt their plaintext message using their private key, then the recipient decrypts the ciphertext using the senders public key.

Common PKC algorithms used for digital signatures and key exchanges include:

RSA

RSA was the first and remains the most common PKC implementation. The algorithm is named after its MIT mathematician developers, Ronald Rivest, Adi Shamir, and Leonard Adleman, and is used in data encryption, digital signatures, and key exchanges. It uses a large number that is the result of factoring two selected prime numbers. It is impossible for an attacker to work out the prime factors, which makes RSA especially secure.

Elliptic Curve Cryptography (ECC)

ECC is a PKC algorithm based on the use of elliptic curves in cryptography. It is designed for devices with limited computing power or memory to encrypt internet traffic. A common use of ECC is in embedded computers, smartphones, and cryptocurrency networks like bitcoin, which consumes around 10% of the storage space and bandwidth that RSA requires.

Digital Signature Algorithm (DSA)

DSA is a standard that enables digital signatures to be used in message authentication. It was introduced by the National Institute of Standards and Technology (NIST) in 1991 to ensure a better method for creating digital signatures.

Identity-based Encryption (IBE)

IBE is a PKC system that enables the public key to be calculated from unique information based on the users identity, such as their email address. A trusted third party or private key generator then uses a cryptographic algorithm to calculate a corresponding private key. This enables users to create their own private keys without worrying about distributing public keys.

Public Key Cryptography Standards (PKCS)

All PKC algorithms and usage are governed by a set of standards and guidelines designed by RSA Data Security. These are as follows:

Diffie-Hellman and Key Exchange Algorithm (KEA)

The Diffie-Hellman algorithm was devised in 1976 byStanford University professor Martin Hellman and his graduate student Whitfield Diffie, who are considered to be responsible for introducing PKC as a concept. It is used for secret key exchanges and requires two people to agree on a large prime number.

KEA is a variation of the Diffie-Hellman algorithm and was proposed as a method for key exchange in the NIST/National Security Agencys (NSA) Capstone project, which developed cryptography standards for public and government use.

Hash Function

Hash functions ensure that data integrity is maintained in the encryption and decryption phases of cryptography. It is also used in databases so that items can be retrieved more quickly.

Hashing is the process of taking a key and mapping it to a specific value, which is the hash or hash value. A hash function transforms a key or digital signature, then the hash value and signature are sent to the receiver, who uses the hash function to generate the hash value and compare it with the one they received in the message.

A common hash function is folding, which takes a value and divides it into several parts, adds parts, and uses the last four remaining digits as the key or hashed value. Another is digit rearrangement, which takes specific digits in the original value, reverses them, and uses the remaining number as the hash value. Examples of hash function types include Secure Hash Algorithm 1 (SHA-1), SHA-2, and SHA-3.

See the original post here:
What is Cryptography? Definition, Importance, Types | Fortinet

What is Cryptography? Definition from SearchSecurity

What is cryptography?

Cryptography is a method of protecting information and communications through the use of codes, so that only those for whom the information is intended can read and process it.

In computer science, cryptography refers to secure information and communication techniques derived from mathematical concepts and a set of rule-based calculations called algorithms, to transform messages in ways that are hard to decipher. These deterministic algorithms are used for cryptographic key generation, digital signing, verification to protect data privacy, web browsing on the internet and confidential communications such as credit card transactions and email.

Cryptography is closely related to the disciplines of cryptology and cryptanalysis. It includes techniques such as microdots, merging words with images and other ways to hide information in storage or transit. However, in today's computer-centric world, cryptography is most often associated with scrambling plaintext (ordinary text, sometimes referred to as cleartext) into ciphertext (a process called encryption), then back again (known as decryption). Individuals who practice this field are known as cryptographers.

Modern cryptography concerns itself with the following four objectives:

Procedures and protocols that meet some or all of the above criteria are known as cryptosystems. Cryptosystems are often thought to refer only to mathematical procedures and computer programs; however, they also include the regulation of human behavior, such as choosing hard-to-guess passwords, logging off unused systems and not discussing sensitive procedures with outsiders.

Cryptosystems use a set of procedures known as cryptographic algorithms, or ciphers, to encrypt and decrypt messages to secure communications among computer systems, devices and applications.

A cipher suite uses one algorithm for encryption, another algorithm for message authentication and another for key exchange. This process, embedded in protocols and written in software that runs on operating systems (OSes) and networked computer systems, involves:

Single-key or symmetric-key encryption algorithms create a fixed length of bits known as a block cipher with a secret key that the creator/sender uses to encipher data (encryption) and the receiver uses to decipher it. One example of symmetric-key cryptography is the Advanced Encryption Standard (AES). AES is a specification established in November 2001 by the National Institute of Standards and Technology (NIST) as a Federal Information Processing Standard (FIPS 197) to protect sensitive information. The standard is mandated by the U.S. government and widely used in the private sector.

In June 2003, AES was approved by the U.S. government for classified information. It is a royalty-free specification implemented in software and hardware worldwide. AES is the successor to the Data Encryption Standard (DES) and DES3. It uses longer key lengths -- 128-bit, 192-bit, 256-bit -- to prevent brute force and other attacks.

Public-key or asymmetric-key encryption algorithms use a pair of keys, a public key associated with the creator/sender for encrypting messages and a private key that only the originator knows (unless it is exposed or they decide to share it) for decrypting that information.

Examples of public-key cryptography include:

To maintain data integrity in cryptography, hash functions, which return a deterministic output from an input value, are used to map data to a fixed data size. Types of cryptographic hash functions include SHA-1 (Secure Hash Algorithm 1), SHA-2 and SHA-3.

Attackers can bypass cryptography, hack into computers that are responsible for data encryption and decryption, and exploit weak implementations, such as the use of default keys. However, cryptography makes it harder for attackers to access messages and data protected by encryption algorithms.

Growing concerns about the processing power of quantum computing to break current cryptography encryption standards led NIST to put out a call for papers among the mathematical and science community in 2016 for new public key cryptography standards.

Unlike today's computer systems, quantum computing uses quantum bits (qubits) that can represent both 0s and 1s, and therefore perform two calculations at once. While a large-scale quantum computer may not be built in the next decade, the existing infrastructure requires standardization of publicly known and understood algorithms that offer a secure approach, according to NIST. The deadline for submissions was in November 2017, analysis of the proposals is expected to take three to five years.

The word "cryptography" is derived from the Greek kryptos, meaning hidden.

The prefix "crypt-" means "hidden" or "vault," and the suffix "-graphy" stands for "writing."

The origin of cryptography is usually dated from about 2000 B.C., with the Egyptian practice of hieroglyphics. These consisted of complex pictograms, the full meaning of which was only known to an elite few.

The first known use of a modern cipher was by Julius Caesar (100 B.C. to 44 B.C.), who did not trust his messengers when communicating with his governors and officers. For this reason, he created a system in which each character in his messages was replaced by a character three positions ahead of it in the Roman alphabet.

In recent times, cryptography has turned into a battleground of some of the world's best mathematicians and computer scientists. The ability to securely store and transfer sensitive information has proved a critical factor in success in war and business.

Because governments do not want certain entities in and out of their countries to have access to ways to receive and send hidden information that may be a threat to national interests, cryptography has been subject to various restrictions in many countries, ranging from limitations of the usage and export of software to the public dissemination of mathematical concepts that could be used to develop cryptosystems.

However, the internet has allowed the spread of powerful programs and, more importantly, the underlying techniques of cryptography, so that today many of the most advanced cryptosystems and ideas are now in the public domain.

See the original post:
What is Cryptography? Definition from SearchSecurity

What is cryptography? How algorithms keep information secret and … – CSO

Cryptography definition

Cryptography is the art of keeping information secure by transforming it into form that unintended recipients cannot understand. In cryptography, an original human readable message, referred to as plaintext, is changed by means of an algorithm, or series of mathematical operations, into something that to an uninformed observer would look like gibberish; this gibberish is called ciphertext.

Cryptographic systems require some method for the intended recipient to be able to make use of the encrypted messageusually, though not always, by transforming the ciphertext back into plaintext.

Before we move into the meat of this article, let's define a couple terms related to cryptography. The syllable crypt may make you think of tombs, but it comes from a Greek word that means "hidden" or "secret." Cryptography literally means "secret writing." Cryptology, meanwhile, means something like "knowledge of secrecy"; if cryptography is the practice of writing secret messages, then cryptology is the theory, although the two words are often used interchangeably. Encryption"making secret"is what we call the process of turning plaintext into ciphertext Encryption is an important part of cryptography, but doesn't encompass the entire science. Its opposite is decryption.

One important aspect of the encryption process is that it almost always involves both an algorithm and a key. A key is just another piece of information, almost always a number, that specifies how the algorithm is applied to the plaintext in order to encrypt it. In a secure cryptographic system, even if you know the method by which some message is encrypted, it should be difficult or impossible to decrypt without that key. Keep algorithms and keys in your mind, because they'll be important as we move on.

This is all very abstract, and a good way to understand the specifics of what we're talking about is to look at one of the earliest known forms of cryptography. It's known as the Caesar cipher, because Julius Caesar used it for his confidential correspondence; as his biographer Suetonius described it, "if he had anything confidential to say, he wrote it in cipher, that is, by so changing the order of the letters of the alphabet ... If anyone wishes to decipher these, and get at their meaning, he must substitute the fourth letter of the alphabet, namely D, for A, and so with the others."

Suetonius's description can be broken down into the two cryptographic elements we've discussed, the algorithm and the key. The algorithm here is simple: each letter is replaced by another letter from later in the alphabet. The key is how many letters later in the alphabet you need to go to create your ciphertext. It's three in the version of the cipher Suetonius describes, but obviously other variations are possiblewith a key of four, A would become E, for instance.

A few things should be clear from this example. Encryption like this offers a fairly simple way to secretly send any message you like. Contrast that with a system of code phrases where, say, "Let's order pizza" means "I'm going to invade Gaul." To translate that sort of code, people at both ends of the communication chain would need a book of code phrases, and you'd have no way to encode new phrases you hadn't thought of in advance. With the Caesar cipher, you can encrypt any message you can think of. The tricky part is that everyone communicating needs to know the algorithm and the key in advance, though it's much easier to safely pass on and keep that information than it would be with a complex code book.

The Caesar cipher is what's known as a substitution cipher, because each letter is substituted with another one; other variations on this, then, would substitute letter blocks or whole words. For most of history, cryptography consisted of various substitution ciphers deployed to keep government and military communications secure. Medieval Arab mathematicians pushed the science forward, particularly the art of decryptiononce researchers realized that certain letters in a given language are more common than others, it becomes easier to recognize patterns, for instance. But most pre-modern encryption is incredibly simple by modern standards, for the obvious reason that, before the advent of computers, it was difficult to perform mathematical transformations quickly enough to make encryption or decryption worthwhile.

In fact, the development of computers and advances in cryptography went hand in hand. Charles Babbage, whose idea for the Difference Engine presaged modern computers, was also interested in cryptography. During World War II, the Germans used the electromechanical Enigma machine to encrypt messagesand, famously, Alan Turing led a team in Britain that developed a similar machine to break the code, in the process laying some of the groundwork for the first modern computers. Cryptography got radically more complex as computers became available, but it remained the province of spies and generals for several more decades.

Before we move on here to modern cryptography, let's pause to discuss two important principles that underlie it. The first is what's come to be known as Kerckhoffss principle, named after the 19th century Dutch cryptographer Auguste Kerckhoffs. Remember, as we said, any cryptographic system involves both an algorithm and a key. Kerckhoffs believed that "a cryptographic system should be secure even if everything about the system, except the key, is public knowledge."

Now, these were the days when cryptography had almost entirely military applications. The idea here is that, while it would be nice to keep your cryptographic system a secret, your opponent will almost certainly eventually figure it out. Claude Shannon, a World War II cryptographer who would go on to be a pioneer in information theory, put it more succinctly: "The enemy knows the system." What Kerckhoffs and Shannon are getting at is that you want to design an algorithm that doesn't need to be a secret in order to successfully conceal information.

That said, in today's world, the public nature of cryptographic algorithms is seen as something good in and of itself, rather than an unavoidable evil. Standard cryptographic algorithms have been widely studied and stress-tested, and trying to come up with your own private algorithms is doomed to failure as security through obscurity usually is.

What you do need to keep secret is your cryptographic key. We'll get to the mathematics of how that works in a moment, but for now, we'll touch on another cryptographic principle that makes that math possible: a reliance on one-way functions, mathematical operations that are very difficult to reverse. The classic example of a one-way function is the multiplication of two very large prime numbers together. While that calculation is simple to do, if you only had the end result, it would be very difficult, verging on impossible, to figure out the original two prime numbers. The question of whether any function can truly be one-way is debated by mathematicians, but many are irreversible in practice at the limits of our current computing power, so we'll leave that question aside as we move on.

It was the formation of the first computer networks that started civilians thinking about the importance of cryptography. Computers were talking to each other over the open network, not just via direct connections to one another; that sort of networking was transformative in many great ways, but also made it trivially easy to snoop on data traveling across the network. And with financial services being an early use case for computer communication, it was necessary to find a way to keep information secret.

IBM led the way in the late 1960s with an encryption method known as "Lucifer", which was eventually codified by the US National Bureau of Standards as the first Data Encryption Standard (DES). As the internet began to grow in importance, more and better encryption was needed, and today a significant portion of data flying around the world is encrypted using varying techniques that we'll discuss in more detail in a moment.

We've already discussed some of the specific applications of cryptography, from keeping military secrets to transmitting financial data safely across the internet. In the bigger picture, though, there are some broad cybersecurity goals that we use cryptography to help us achieve, as cybersecurity consultant Gary Kessler explains. Using cryptographic techniques, security pros can:

You may recognize some of these principles from variations of the CIA triad. The first of these uses is the obvious oneyou can keep data secret by encrypting it. The others take a bit of explanation, which we'll get into as we describe the different types of cryptography.

There are numerous cryptographic algorithms in use, but in general they can be broken into three categories: symmetric cryptography, asymmetric cryptography, and hash functions. Each has its own role to play within the cryptographic landscape.

Symmetric cryptography. The Caesar cipher we discussed above is a great example of symmetric cryptography. In the example we used, if encrypted messages were being exchanged between Caesar and one of his centurions, both parties would have to know the keyin this case, how many letters forward or backwards in the alphabet you need to move to transform plaintext to ciphertext or vice versa. That's what makes it symmetrical. But the key needs to stay a secret between the two of them, which is why this is sometimes also called secret key cryptography. You couldn't send the key along with the message, for instance, because if both fell into enemy hands the message would be easy for them to decipher, defeating the whole purpose of encrypting it in the first place. Caesar and his centurion would presumably have to discuss the key when they saw each other in person, though obviously this is less than ideal when wars are being fought over long distances.

Symmetric cryptography is widely used to keep data confidential. It can be very useful for keeping a local hard drive private, for instance; since the same user is generally encrypting and decrypting the protected data, sharing the secret key is not an issue. Symmetric cryptography can also be used to keep messages transmitted across the internet confidential; however, to successfully make this happen, you need to deploy our next form of cryptography in tandem with it.

Asymmetric cryptography. Caesar may have been able to confer with his centurions in person, but you don't want to go into your bank and talk to the teller just to learn what the private key is for encrypting your electronic communication with the bankthat would defeat the purpose of online banking. In general, in order to function securely, the internet needs a way for communicating parties to establish a secure communications channel while only talking to each other across an inherently insecure network. The way this works is via asymmetric cryptography, which is sometimes called public key cryptography.

In asymmetric cryptography, each participant has two keys. One is public and is sent to anyone the party wishes to communicate with. That's the key used to encrypt messages. But the other key is private, shared with nobody, and it's necessary to decrypt those messages. To use a metaphor: think of the public key as opening a slot on a mailbox just wide enough to drop a letter in. You give that key to anyone who you think might send you a letter so they can open the slot and deliver the envelope. The private key is what you use to open the mailbox so you can get the letters out.

The mathematics of how you can use one key to encrypt a message and another to decrypt it are where the idea of one-way functions that we discussed above come into play: the two keys should be related to each other mathematically such that it's easy to derive the public key from the private key but not vice versa. For instance, the private key might be those two very large prime numbers, which you'd multiply together to get the public key. The Infosec Institute has a deep dive if you're interested.

The computations needed for asymmetric cryptography are much more complex and resource intensive that those behind symmetric infrastructure. Fortunately, you don't need to use it to protect every message you send online. Instead, what usually happens is that one party will use symmetric cryptography to encrypt a message containing yet another cryptographic key. This key, having been safely transmitted across the insecure internet, will then become the private key that encodes a much longer communications session encrypted via symmetric encryption.

See the rest here:
What is cryptography? How algorithms keep information secret and ... - CSO

System.Security.Cryptography.CryptographicException: The payload was …

When you are using your .Net Core application to decrypt a string from a different machine than it was encrypted, you may run into the following exception:

Exception:

System.Security.Cryptography.CryptographicException: The payload was invalid.

at Microsoft.AspNetCore.DataProtection.Cng.CbcAuthenticatedEncryptor.DecryptImpl(Byte* pbCiphertext, UInt32 cbCiphertext, Byte* pbAdditionalAuthenticatedData, UInt32 cbAdditionalAuthenticatedData)

at Microsoft.AspNetCore.DataProtection.Cng.Internal.CngAuthenticatedEncryptorBase.Decrypt(ArraySegment`1 ciphertext, ArraySegment`1 additionalAuthenticatedData)

at Microsoft.AspNetCore.DataProtection.KeyManagement.KeyRingBasedDataProtector.UnprotectCore(Byte[] protectedData, Boolean allowOperationsOnRevokedKeys, UnprotectStatus& status)

at Microsoft.AspNetCore.DataProtection.KeyManagement.KeyRingBasedDataProtector.DangerousUnprotect(Byte[] protectedData, Boolean ignoreRevocationErrors, Boolean& requiresMigration, Boolean& wasRevoked)

at Microsoft.AspNetCore.DataProtection.KeyManagement.KeyRingBasedDataProtector.Unprotect(Byte[] protectedData)

at Microsoft.AspNetCore.DataProtection.DataProtectionCommonExtensions.Unprotect(IDataProtector protector, String protectedData)

Two things you will need to check:

1. Is the encryption key persists to a local path? - The key needs to bepersisted to a shared location

2. SetApplicationName must be used to set an explicit application name. - If ApplicationName is not set, it will be generated a guid at runtime for different machines, and that will lead to the error above.

Code Example below:

services.AddDataProtection()

.ProtectKeysWithCertificate(x509Cert)

.UseCryptographicAlgorithms(

new AuthenticatedEncryptorConfiguration()

{

EncryptionAlgorithm = EncryptionAlgorithm.AES_256_CBC,

ValidationAlgorithm = ValidationAlgorithm.HMACSHA256

}

)

.PersistKeysToFileSystem(new System.IO.DirectoryInfo(Configuration.GetValue("KeyLocation"))) //shared network folder for key location

.SetApplicationName("MyApplicationName")

.SetDefaultKeyLifetime(TimeSpan.FromDays(600));

Visit link:
System.Security.Cryptography.CryptographicException: The payload was ...

NIST Action Will Heat Up Post-Quantum Cryptography Market: Report – TechNewsWorld

  1. NIST Action Will Heat Up Post-Quantum Cryptography Market: Report  TechNewsWorld
  2. Preparing Cryptography for the Risks of a Post-Quantum Computing World  Electronic Design
  3. Transitioning to Quantum-Safe Encryption  Security Intelligence
  4. Can the World Avoid a 'Quantum Encryption Apocalypse'?  Slashdot
  5. View Full Coverage on Google News

Visit link:
NIST Action Will Heat Up Post-Quantum Cryptography Market: Report - TechNewsWorld

Global Encryption Day: Why quantum-safe cryptography is the future of cybersecurity – World Economic Forum

  1. Global Encryption Day: Why quantum-safe cryptography is the future of cybersecurity  World Economic Forum
  2. Commonwealth Cyber Initiative researchers hone cryptographic algorithms to stand against powerful quantum threat  Virginia Tech Daily
  3. Why quantum mechanics will be key to digital security  rea corporativa Banco Santander
  4. The quantum computing threat is real. Now we need to act.  CyberScoop
  5. View Full Coverage on Google News

See the original post:
Global Encryption Day: Why quantum-safe cryptography is the future of cybersecurity - World Economic Forum

Post-Quantum Cryptography: Anticipating Threats and Preparing the Future – ENISA

  1. Post-Quantum Cryptography: Anticipating Threats and Preparing the Future  ENISA
  2. Global Quantum Cryptography Market Size And Forecast |Quintessencelabs, Crypta Labs, Qasky, Qubitekk, Isara and Post-Quantum. Sioux City Catholic Globe  Sioux City Catholic Globe
  3. Quantum Cryptography Professional Market Analysis, Status and Global Outlook 202  Leave The Hall
  4. Quantum Cryptography and Encryption Market Key Players, Volumes, and Investment Opportunities 2022-2028  Alpenhorn News
  5. Rising Adoption of Quantum Cryptography Market To Fuel Revenue Growth Through 2022 - 2032 : Fact.MR  Newstrail
  6. View Full Coverage on Google News

Read the original:
Post-Quantum Cryptography: Anticipating Threats and Preparing the Future - ENISA