Skip to main content

What is Cryptography? An Introduction to Secure Communication

Cryptography

In the modern era where most of the data is transferred digitally, secure communication has come more critical than ever as there is increased frequency of security breaches around the data. Securing the information against unauthorized access is not only required by law but also crucial in maintaining customer trust for any organization. 

Cryptography comes to the rescue here and play an important role in securing the data. Cryptography is a practice of secure communication with the use of algorithms to encrypt the data and maintain data confidentiality, integrity, and authenticity. This encrypted data would only be accessible to the authorized participants. 

As mentioned above, Below are the three primary objectives of cryptography. 
  1. Confidentiality - Making sure that the data is not accessible to any third parties who are not authorized. 
  2. Integrity - Preventing the data from any unauthorized modifications. 
  3. Authenticity - Validating if the data is received from the authorized sender. 

Types of Cryptography

Primarily cryptographic techniques can be classified into two different categories. 
  1. Symmetric Cryptography
  2. Asymmetric Cryptography

Symmetric Cryptography

Symmetric cryptography is also known as secret-key cryptography. This is because of the use of a single key for encryption and decryption of the message. The secret key used for encryption and decryption is shared between the sender and the recipient. This key must be kept confidential to prevent unauthorized access.

Below is the brief about the encryption process, key distribution and examples of symmetric cryptography.
  • Encryption Process: In symmetric cryptography, the plaintext message is transformed into ciphertext using an encryption algorithm and the shared secret key. The ciphertext can only be converted back to plaintext using the same secret key.
  • Key Distribution: One of the significant challenges in symmetric cryptography is securely distributing the secret key to all parties involved. If the key is compromised or falls into the wrong hands, the security of the communication is compromised.
  • Examples of Symmetric Algorithms: Some popular symmetric encryption algorithms include Advanced Encryption Standard (AES), Data Encryption Standard (DES), and Triple DES (3DES).

Asymmetric Cryptography

Asymmetric cryptography is also known as public-key cryptography. This utilizes a pair of related keys: a public key and a private key. The public key is widely distributed and accessible to anyone, while the private key is kept confidential.

Below is the brief about the encryption process, key distribution and examples of asymmetric cryptography.

  • Encryption Process: In asymmetric cryptography, the sender uses the recipient's public key to encrypt the message. The encrypted message, or ciphertext, can only be decrypted using the corresponding private key, which is known only to the recipient.
  • Key Distribution: Asymmetric cryptography eliminates the need for secure key distribution. Each user has their own unique key pair, and the public keys can be freely shared with others. This enables secure communication with any user possessing the corresponding private key.
  • Examples of Asymmetric Algorithms: Popular asymmetric encryption algorithms include RSA (Rivest-Shamir-Adleman), Diffie-Hellman, and Elliptic Curve Cryptography (ECC).

Use cases of Cryptography

There are various use cases of Cryptography, Below are the few use cases to list.
  1. Hash Functions
  2. Message Digests
  3. Digital Signatures
Let's have a look at each of these cases in brief.

Hash Functions

Hash functions are fundamental cryptographic tools that take an input message of any length and produce a fixed-size output, known as the hash value or hash digest.

Hash functions are primarily used for data integrity verification. They ensure that even a minor change in the input message will result in a significantly different hash value.

Below are some of the properties that a hash functions contains.

  • Deterministic: Given the same input, a hash function always produces the same hash value.
  • Quick Computation: Hash functions should be computationally efficient to calculate the hash value.
  • Pre-image Resistance: It should be computationally infeasible to determine the original input message from its hash value.
  • Collision Resistance: It should be unlikely to find two different input messages that result in the same hash value.

Message Digests

Message digests are the resulting hash values generated by hash functions. They serve as unique fingerprints of the original input messages. Let's have a look at the role of message digests in ensuring data integrity.

  • Data Integrity Verification: By comparing the hash digest of a received message with the originally transmitted hash value, one can determine if the message has been tampered with during transmission.

  • Fixed-Size Output: Hash functions produce a fixed-size hash value, regardless of the input message's size. This makes them suitable for verifying the integrity of large files or streams.

  • Commonly Used Hash Functions: Various hash functions are used in practice, including SHA-1 (Secure Hash Algorithm 1), SHA-256, SHA-3, and MD5 (Message Digest Algorithm 5). However, it's important to note that MD5 and SHA-1 are considered to have security vulnerabilities and are no longer recommended for cryptographic purposes.

Digital Signatures

Digital signatures combine asymmetric cryptography and hash functions to provide integrity, authenticity, and non-repudiation of digital documents. Let's have a look at the key aspects of digital signatures.

  • Signing Process: To create a digital signature, the sender uses their private key to sign a hash digest of the message. This creates a unique signature that can only be verified using the sender's public key.

  • Signature Verification: The recipient of the digitally signed message can verify the integrity and authenticity of the message by:

    • Obtaining the sender's public key from a trusted source.
    • Calculating the hash digest of the received message.
    • Verifying the digital signature using the sender's public key.

  • Non-Repudiation: Digital signatures provide non-repudiation, meaning that the sender cannot deny having sent the message, as the signature can be verified using their public key.

Examples of Cryptography

Cryptography plays a vital role in various real-world applications, ensuring secure communication, data privacy, and protection against unauthorized access. Let's take a look at some of the areas where cryptography is applied.

Secure Messaging and Email Communication

  • End-to-End Encryption: Cryptography is employed to secure messaging platforms and email services, enabling end-to-end encryption. This ensures that only the intended recipients can read the messages, protecting the privacy and confidentiality of communications.
  • Forward Secrecy: Cryptographic protocols like Perfect Forward Secrecy (PFS) are used to provide additional security by generating unique session keys for each communication session. This prevents the compromise of a single encryption key from affecting past or future communications.

E-Commerce and Online Banking

  • Secure Transactions: Cryptography ensures secure online transactions, protecting sensitive financial information such as credit card details, account numbers, and passwords. Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols utilize cryptographic algorithms to encrypt data during online transactions.
  • Payment Systems: Cryptocurrencies, such as Bitcoin, rely on cryptographic techniques to secure digital transactions, validate ownership, and prevent double-spending.

Virtual Private Networks (VPNs) and Secure Communication

  • VPN Encryption: Virtual Private Networks use cryptography to create secure tunnels for transmitting data over public networks. Encryption protocols like IPsec (Internet Protocol Security) and OpenVPN ensure the confidentiality and integrity of network communication.
  • Secure Remote Access: Cryptographic techniques enable secure remote access to networks, protecting sensitive corporate data and ensuring that only authorized individuals can access network resources.

Digital Rights Management (DRM)

  • Content Protection: Cryptography is used to protect digital content, such as movies, music, and e-books, from unauthorized copying or distribution. Digital Rights Management (DRM) systems employ encryption and access control mechanisms to safeguard copyrighted material.

Blockchain and Cryptocurrencies

  • Blockchain Security: Cryptography is at the core of blockchain technology, ensuring the integrity and immutability of distributed ledgers. Hash functions, digital signatures, and consensus algorithms work together to secure transactions and prevent tampering.
  • Cryptocurrencies: Cryptocurrencies rely on cryptographic algorithms to secure transactions, maintain anonymity, and enable secure ownership and transfer of digital assets.

These are just a few examples of how cryptography is applied in real-world scenarios. From secure messaging to online transactions and blockchain technology, cryptography provides the foundation for secure and trusted communication and transactions in the digital realm.

I hope this post has provided a good insight on Cryptography.


If you have any Suggestions or Feedback, Please leave a comment below or use Contact Form.
Labels:

Comments

Post a Comment

Popular posts from this blog

All about READ in RPGLE & Why we use it with SETLL/SETGT?

READ READ is one of the most used Opcodes in RPGLE. As the name suggests main purpose of this Opcode is to read a record from Database file. What are the different READ Opcodes? To list, Below are the five Opcodes.  READ - Read a Record READC - Read Next Changed Record READE - Read Equal Key Record READP - Read Prior Record READPE - Read Prior Equal Record We will see more about each of these later in this article. Before that, We will see a bit about SETLL/SETGT .  SETLL (Set Lower Limit) SETLL accepts Key Fields or Relative Record Number (RRN) as Search Arguments and positions the file at the Corresponding Record (or Next Record if exact match isn't found).  SETGT (Set Greater Than) SETGT accepts Key Fields or Relative Record Number (RRN) as Search Arguments and positions the file at the Next Record (Greater Than the Key value). Syntax: SETLL SEARCH-ARGUMENTS/KEYFIELDS FILENAME SETGT  SEARCH-ARGUMENTS/KEYFIELDS FILENAME One of the below can be passed as Search Arguments. Key Fiel
4 comments
Read more

What we need to know about CHAIN (RPGLE) & How is it different from READ?

CHAIN READ & CHAIN, These are one of the most used (& useful) Opcodes by any RPG developer. These Opcodes are used to read a record from file. So, What's the difference between CHAIN & READ?   CHAIN operation retrieves a record based on the Key specified. It's more like Retrieving Random record from a Database file based on the Key fields.  READ operation reads the record currently pointed to from a Database file. There are multiple Opcodes that start with READ and all are used to read a record but with slight difference. We will see more about different Opcodes and How they are different from each other (and CHAIN) in another article. Few differences to note.  CHAIN requires Key fields to read a record where as READ would read the record currently pointed to (SETLL or SETGT are used to point a Record).  If there are multiple records with the same Key data, CHAIN would return the same record every time. READE can be used to read all the records with the specified Ke
Post a Comment
Read more

Extract a portion of a Date/Time/Timestamp in RPGLE - IBM i

%SUBDT Extracting Year, Month, Day, Hour, Minutes, Seconds or Milli seconds of a given Date/Time/Timestamp is required most of the times.  This can be extracted easily by using %SUBDT. BIF name looks more similar to %SUBST which is used to extract a portion of string by passing from and two positions of the original string. Instead, We would need to pass a value (i.e., Date, Time or Timestamp ) and Unit (i.e., *YEARS, *MONTHS, *DAYS, *HOURS, *MINUTES, *SECONDS or *MSECONDS) to %SUBDT.  Valid unit should be passed for the type of the value passed. Below are the valid values for each type. Date - *DAYS, *MONTHS, *YEARS Time - *HOURS, *MINUTES, *SECONDS Timestamp - *DAYS, *MONTHS, *YEARS, *HOURS, *MINUTES, *SECONDS, *MSECONDS Syntax: %SUBDT(value : unit { : digits { : decpos} }) Value and Unit are the mandatory arguments.  Digits and Decimal positions are optional and can only be used with *SECONDS for Timestamp. We can either pass the full form for the unit or use the short form. Below i
2 comments
Read more