Cryptography definition functions Different aspects Types of cryptographic keys
Different aspects of Cryptography
Cryptography
The word, as such, is formed from the Greek term κρυπτός (kryptós), which means ‘hidden’, and -graphy, a suffix that means ‘writing‘. Cryptography definition
The purpose of cryptography is, therefore, to protect the information sent, so that only the recipient or the people who hold the password can read the message correctly . For this, encryption systems are designed that are only known to authorized persons.
Cryptography was born in Antiquity, as a result of wars, due to the need faced by the factions that their messages could not be read or deciphered by their enemies. Hence, then, they will create codes or keys for it.
The discipline that is responsible for the study and investigation of encryption techniques is called cryptology . For their part, it is the cryptographers who deal with the research and development of encryption techniques based on the use of mathematics. While cryptanalysis is dedicated to the study of cryptographic systems in order to violate them.
In modern times, cryptography has evolved considerably when applied to computer science in order to safeguard the security of communications and information shared primarily through the internet.
Cryptography for?
Human beings have always felt the need to hide information, long before the first computer equipment and calculators existed .
Since its creation, the Internet has evolved into an essential communication tool. However, this communication implies an increasing number of strategic problems related to the activities of companies on the web . Transactions made through the network can be intercepted and, above all, because it is currently difficult to establish legislation on the Internet. The security of this information must be guaranteed: this is the role of cryptography. Cryptography definition
The functions of cryptography
Cryptography is traditionally used to hide messages from certain users. At present, this function is even more useful since Internet communications circulate through infrastructure whose reliability and confidentiality cannot be guaranteed. Cryptography is used not only to protect the confidentiality of data, but also to ensure its integrity and authenticity.
What is cryptanalysis?
The cryptanalysis is the reconstruction of an encrypted plain text message using mathematical methods. Therefore, all cryptosystems must be resistant to cryptanalysis methods. When a cryptanalysis method allows to decrypt an encrypted message through the use of a cryptosystem, we say that the encryption algorithm has been decoded.
Generally, four methods of cryptanalysis are distinguished: an attack of only encrypted text , which consists in finding the decryption key using one or more encrypted texts; a known simple text attack , which consists in finding the decryption key using one or more encrypted texts knowing the corresponding text; a Simple text attack chosen , which consists in finding the decryption key using one or more encrypted texts (the attacker has the option of generating them from simple texts); and a chosen encrypted text attack , which consists of finding the decryption key using one or more encrypted texts (the attacker has the option of generating them from simple texts). Cryptography definition
Different aspects of Cryptography
Cryptography and Computer Security
A message encoded by a cryptography method must be private, that is, only the one who sent and the one who receives must have access to the content of the message. In addition to that, a message must be able to be subscribed, that is, the person who received it must be able to verify if the sender is really the person they claim to be and have the ability to identify if a message may have been modified.
Current cryptography methods are safe and efficient and base their use on one or more keys. The key is a sequence of characters, which can contain letters, digits and symbols (such as a password), and which is converted into a number, used by cryptography methods to encode and decode messages.
Cryptography: Symmetric and Asymmetric Keys
Cryptographic keys can be basically of two types:
Symmetric: It is the use of certain algorithms to decrypt and encrypt (hide) documents. They are groups of different algorithms that relate to each other to keep the information connection confidential.
Asymmetric: It is a mathematical formula that uses two keys, one public and the other private. The public key is one to which any person can have access, while the private key is one that only the person who receives it is able to decipher. Cryptography definition
Types of cryptographic keys
Single key cryptography : Single key cryptography uses the same key to encode and decode messages. Although this method is quite efficient in relation to the processing time, that is, the time it takes to encode and decode messages , the main disadvantage is the need to use a secure means so that the key can be shared between people or entities that wish to exchange cryptographic information.
Public and private key cryptography : Public and private key cryptography uses two different keys, one for encoding and one for decoding messages. With this method each person or entity maintains two keys: one public, which can be freely disclosed, and another private, which must be kept secret by its owner . The messages encrypted with the public key can only be decrypted with the corresponding private key.
As an example, José and María want to communicate stealthily. Then, they will have to perform the following procedures: Cryptography definition
-
- José encodes a message using Maria’s public key, which is available for the use of any person.
- After cryptography, José sends the message to Maria, via the Internet.
- Maria receives and decodes the message, using her private key, which is only her knowledge.
- If Maria wanted to reply to the message, she must perform the same procedure, but using José’s public key.
Although this method has a much lower performance in relation to the processing time, compared to the single key cryptography method, it has as its main advantage the free distribution of public keys, not needing a secure means for keys to be combined with in advance
What is digital signature?
The digital signature consists in the creation of a code, through the use of a private key, so that the person or entity that receives a message containing this code can verify if the sender is who they say they are and identify any message that may have been modified
In this way, the public and private key cryptography method is used , but in an inverse process to that presented in the previous example. Cryptography definition
If José wanted to send a subscribed message to Maria, he will encrypt a message with his private key. In this process a digital signature will be generated, which will be added to the message sent to Mary. Upon receiving the message, Maria will use José’s public key to decode the message. In this process a second digital signature will be generated, which will be compared with the first. If the signatures were identical, Maria will be sure that the sender of the message was José and that the message was not modified.
It is important to note that the security of the method is based on the fact that the private key is known only to its owner. It is also important to note that signing a message will not mean a stealthy message. For the previous example, if José wanted to sign the message and be certain that only Maria will have access to its content, it would be necessary to code it with Maria’s public key, after signing it.
Examples of single key and public and private key cryptography
Examples that combine the use of cryptography methods with a single key and public and private keys are the secure connections established between a user’s browser and a web, in commercial or banking transactions via the Web. Cryptography definition
These secure Web connections use the single key cryptography method, implemented by the SSL (Secure Socket Layer) protocol . The user’s browser needs to inform the web which will be the only key used in the secure connection, before starting a transmission of stealth data.
For this, the browser obtains the public key of the certificate of the institution that maintains the web. Then, use this public key to encrypt and send a message to the web, containing the unique key to be used in the secure connection. The website uses your private key to decode the message and identify the unique key that will be used.
From this point on, the user’s browser and the web can transmit information, stealthily and securely, through the use of the single key cryptography method. The unique key can be changed at certain time intervals, through the repetition of procedures described above, thus increasing the level of security of the entire process.
What size cryptographic key should be used?
The cryptography methods currently used, and that have good levels of security, are publicly known and are safe because of the robustness of their algorithms and the size of the keys they use.
For someone to discover a key you need to use some brute force method, that is, try key combinations until the correct one is discovered. Therefore, the greater the encryption key, the greater the number of combinations to be tested, thus making it impossible to discover a key in a normal time. On top of that, the keys can be changed regularly, making cryptography methods even safer. Cryptography definition
Currently, to obtain a good level of security in the use of a single key cryptography method, it is advisable to use keys of a minimum of 128 bits. And for the public and private key cryptography method it is advisable to use 2048 bit keys, the minimum acceptable being 1024 bits.
Depending on the purposes for which the cryptographic methods will be used, the use of major keys should be considered: 256 or 512 bits for single key and 4096 or 8192 bits for public and private keys.