Introduction to cryptography<\/p>\n
Cryptography is designed to help protect the confidentiality, integrity and authenticity of data. By using an encryption algorithm, it is possible to transform data in a way that makes it impossible to read by anyone lacking knowledge of the secret key. Both hash functions and digital signatures can provide integrity protection, and a digital signature verifies the authenticity of a message as well.<\/p>\n
However, these benefits of cryptographic algorithms only apply if the algorithms are used correctly. Cryptographic algorithms are very delicate, and a single mistake in design or implementation can render their protections meaningless.<\/p>\n
Cryptography can go wrong in a number of different ways. Some of the most common mistakes are trying to use insecure or custom algorithms, using algorithms with known weaknesses and misusing cryptography entirely.<\/p>\n
It seems that using a custom and secret encryption algorithm would protect data confidentiality better than a known one. If no one knows how an algorithm works, then it should be harder for someone to break it.<\/p>\n
The problem with this theory is that most people are not trained cryptographers, and even trained cryptographers make mistakes when developing cryptographic algorithms. For every well-known and trusted encryption algorithm in use today, there are others that seemed like a good idea at the time but carried fatal weaknesses.<\/p>\n
Take the Advanced Encryption Standard (AES), for example. The National Institute of Standards and Technology (NIST) put on a multi-year contest to select the AES. In August 1998, fifteen candidate algorithms were chosen from those submitted. Within a year, major vulnerabilities were discovered within five of the algorithms and another four had less-serious attacks.<\/p>\n
These were algorithms developed by experienced cryptographers with knowledge of common cryptanalytic techniques, yet many were rapidly broken. Dont try to create (Read more...)<\/p>\n
<\/p>\n