Monday, May 22, 2017

Report: Cryptography

Introduction

Many people these days are using computers. Some use computers for personal use like browsing the web or saving their pictures on the hard drive, and some others for educational purposes or for business. In each case, people mostly care about one thing: keeping their data protected and one technique to do that is cryptography. In this report I will firstly define cryptography and provide a brief history. Next I will talk about the importance of cryptography in the modern world with some technologies that are currently used to crypt data. Finally, I will talk about future of cryptography.

Encryption
Encryption is an essential part of web security (Picture taken by Ibrahim)

Background


What is Encryption?

Encryption is a technique that is used to transform data to a form in which an unauthorized person cannot understand (Bright). More generally, it is about protecting sensitive data such as passwords and account numbers. It enables secure communication, online business and the protection of secret data.

History of Cryptography

The word “cryptography” is actually two Greek words that are merged together: “kryptos” which means “covered” and “grapheni” which means “handwriting” (Damico). In the early days of cryptography, it was only about hiding information that was written on a message while it was carried from one place to another. Cryptography was initially founded by some of the great civilizations that are comprised of Egypt, Greece and Rome. Egyptian writers used hieroglyphs in a non-standard way, apparently to protect the contents of the message. Greeks used then a different way, a stick that was wrapped by a tap. When the tap was removed the words would become meaningless. The one who received the letter would have a stick that had the same diameter as the one that’s used to hide the letter to decrypt the message. Romans used Caesar Cipher. The idea of Caesar Cipher is to shift the letters of the message by a specific number. By using the same number, the receiver of the message has to shift the letters back in order to decrypt it.

Importance of Cryptography

By storing personal data on a computer, web or sending it by email it becomes risky to lose it, and if it falls in the wrong hands it might be used to harm the one who owns that data. According to Rice, people have to provide such data to specific organizations in order to provide appropriate service. These organizations must keep data secure. 

In order to do so, organizations must take some actions to lower the risk of improper disclosure. By using a suitable encryption technique, personal data can be kept secure and thus, no one can access it without permission.

Techniques of Encryption

There are many ways to encrypt data. Usually the use of any technique depends on what type of data will be encrypted, sensitivity of data and where data will be stored (Rice). Here are the three common used techniques to encrypt data.

Full data Encryption

This process is mostly used when encrypting desktop computers, laptops and mobile devices. This technique encrypts the whole data on the hard drive from normal information to personal data. After encryption, a key is generated. This key is the only way that can be used to decrypt data and read it.

BitLocker is commonly used tool on windows to encrypt flash drivers and hard-disks

File Encryption

This technique involves encrypting standalone file or creating encrypted container that files can be added to. When the container is locked, content inside it cannot be reached. When the container is moved from one device to another, contents inside the container will stay safe. But when files are moved from the container, they will no longer be protected.

Transportable Data Encryption

Usually people share sensitive data between each other by using email. Data is encrypted before it can be transferred. The process of encrypting data is done by using an encrypted data transfer protocol. There are two types of protocols that are used to encrypt data in transit: Secure Socked Layer (SSL) and Transport Layer Security (TLS). When a web site uses encrypted data transfer protocol, the web browser displays a small lock on the adders bar. The lock indicates that it is safe to transfer sensitive data to the web site.

When the connection to a website is secure (Encrypted), a small lock will appear on the browser's address bar

Current Algorithms on Encrypting and Decrypting Data

Encrypting and decrypting data can be done in many different ways. Each way depends on the sender and receiver of data.

Symmetric key Algorithms

The algorithms that are using this approach mainly depend on mixing the plain text in complicated ways and repeating the same process more than one time (Bright). The key that is used to mix the plaintext is the thing that will specify the mixing pattern.

Asymmetric Key Algorithms

Also known as public key encryption, RSA algorithm was the first algorithm to use asymmetric keys. It was developed in secret by two British agencies: SIGINT and GCHQ in 1973 (Bright). Public-key encryption mainly depends on the existence of mathematical problems. The solution to theses mathematical problems is the key that is used to encrypt data. There are two keys to decrypt data in this approach, the public key and the private key. Public key is used to encrypt data, while the other one is used to decrypt data.

Future of Cryptography

As time goes on, new algorithms for encryption are developed to satisfy the rise of security and performance needs (McGrew). The next generation of algorithms to replace algorithms such as RSA is called Elliptic Curve Cryptography (ECC).One use of Next Generation Encryption (NGE) technologies will be used to protect IPsec Private Virtual Networks. It can provide 128 bits of security level or more. The use of NGE lets to achieve the requirements of security of the next decade. 

The algorithm that is used in NEG is a new, one suite of algorithms called Suite B. This suite provides algorithms that are designed to meet the needs of future security. For network security, Suite B sets a good direction and thus, the algorithms have been incorporated into many standards.

Conclusion

In conclusion, cryptography is an essential thing to consider in this developing world since almost everything must be done using computers. Many companies try to get the latest technologies on encryption to protect their customers’ personal data. The most important thing to be careful about is keeping the key secure, and therefore the data (Rice). The new technologies on cryptography aim to make all data secure in the most efficient way.

List of References








No comments:

Post a Comment

Feel free to write any thing in your mind here 😉