What is Cryptography? Definition, Importance, Types | Fortinet

Types of Cryptographic Algorithms

There are many types of cryptographic algorithms available. They vary in complexity and security, depending on the type of communication and the sensitivity of the information being shared.

Secret Key Cryptography

Secret key cryptography, also known as symmetric encryption, uses a single key to encrypt and decrypt a message. The sender encrypts the plaintext message using the key and sends it to the recipient who then uses the same key to decrypt it and unlock the original plaintext message.

Stream Ciphers

Stream ciphers work on a single bit or byte at any time and constantly change the key using feedback mechanisms. A self-synchronizing stream cipherensures the decryption process stays in sync with the encryption process by recognizing where it sits in the bit keystream. A synchronous stream cipher generates the keystream independently of the message stream and generates the same keystream function at both the sender and the receiver.

Block Ciphers

Block ciphers encrypt one block of fixed-size data at a time. It will always encrypt a plaintext data block to the same ciphertext when the same key is used. A good example of this is the Feistel cipher, which uses elements of key expansion, permutation, and substitution to create vast confusion and diffusion in the cipher.

The stages of encryption and decryption are similar if not identical, which means reversing the key reduces the code size and circuitry required for implementing the cipher in a piece of software or hardware.

Public Key Cryptography

Public key cryptography (PKC), or asymmetric cryptography, uses mathematical functions to create codes that are exceptionally difficult to crack. It enables people to communicate securely over a nonsecure communications channel without the need for a secret key. For example, proxy reencryption enables a proxy entity to reencrypt data from one public key to another without requiring access to the plaintext or private keys.

A common PKC type is multiplication vs. factorization, which takes two large prime numbers and multiplies them to create a huge resulting number that makes deciphering difficult. Another form of PKC is exponentiation vs. logarithms such as 256-bit encryption, which increases protection to the point that even a computer capable of searching trillions of combinations per second cannot crack it.

Generic forms of PKC use two keys that are related mathematically but do not enable either to be determined. Put simply, a sender can encrypt their plaintext message using their private key, then the recipient decrypts the ciphertext using the senders public key.

Common PKC algorithms used for digital signatures and key exchanges include:

RSA

RSA was the first and remains the most common PKC implementation. The algorithm is named after its MIT mathematician developers, Ronald Rivest, Adi Shamir, and Leonard Adleman, and is used in data encryption, digital signatures, and key exchanges. It uses a large number that is the result of factoring two selected prime numbers. It is impossible for an attacker to work out the prime factors, which makes RSA especially secure.

Elliptic Curve Cryptography (ECC)

ECC is a PKC algorithm based on the use of elliptic curves in cryptography. It is designed for devices with limited computing power or memory to encrypt internet traffic. A common use of ECC is in embedded computers, smartphones, and cryptocurrency networks like bitcoin, which consumes around 10% of the storage space and bandwidth that RSA requires.

Digital Signature Algorithm (DSA)

DSA is a standard that enables digital signatures to be used in message authentication. It was introduced by the National Institute of Standards and Technology (NIST) in 1991 to ensure a better method for creating digital signatures.

Identity-based Encryption (IBE)

IBE is a PKC system that enables the public key to be calculated from unique information based on the users identity, such as their email address. A trusted third party or private key generator then uses a cryptographic algorithm to calculate a corresponding private key. This enables users to create their own private keys without worrying about distributing public keys.

Public Key Cryptography Standards (PKCS)

All PKC algorithms and usage are governed by a set of standards and guidelines designed by RSA Data Security. These are as follows:

Diffie-Hellman and Key Exchange Algorithm (KEA)

The Diffie-Hellman algorithm was devised in 1976 byStanford University professor Martin Hellman and his graduate student Whitfield Diffie, who are considered to be responsible for introducing PKC as a concept. It is used for secret key exchanges and requires two people to agree on a large prime number.

KEA is a variation of the Diffie-Hellman algorithm and was proposed as a method for key exchange in the NIST/National Security Agencys (NSA) Capstone project, which developed cryptography standards for public and government use.

Hash Function

Hash functions ensure that data integrity is maintained in the encryption and decryption phases of cryptography. It is also used in databases so that items can be retrieved more quickly.

Hashing is the process of taking a key and mapping it to a specific value, which is the hash or hash value. A hash function transforms a key or digital signature, then the hash value and signature are sent to the receiver, who uses the hash function to generate the hash value and compare it with the one they received in the message.

A common hash function is folding, which takes a value and divides it into several parts, adds parts, and uses the last four remaining digits as the key or hashed value. Another is digit rearrangement, which takes specific digits in the original value, reverses them, and uses the remaining number as the hash value. Examples of hash function types include Secure Hash Algorithm 1 (SHA-1), SHA-2, and SHA-3.

See the original post here:
What is Cryptography? Definition, Importance, Types | Fortinet