Cryptography and Its Impact
Cryptography and Its Impact
Cryptography, or the art and science of encrypting sensitive information, was once restricted to
government, academia, and the military. Everything from your smartphone to banking services
relies heavily on encryption to keep your information and life safety. Unfortunately, given the
inherent complexities of crypto, many people assume that this issue is best left to black hat
hackers, multi-billion-dollar conglomerates, and the NSA. With the vast amount of personal data
circulating online, it is now more important than ever to know how to protect yourself from
malicious individuals successfully. In this article, I will provide you with a simple beginner's guide
to coding. My goal is to help you understand what encryption is, how it is made, how it is used,
and how you can apply it to improve your digital security and become hacker-proof.
History Of Encryption
Since the dawn of human civilization, information has been one of our most valuable assets.
Our species' ability (or inability) to keep secrets and conceal information has wiped out political
parties, reversed the course of wars, and toppled entire governments. Let's go back to the
American War of Independence to see a quick example of cryptocurrency in practice. Suppose
local militias intercept valuable information about the British Army's plan to attack an American
camp. Since this is the year 1776, and therefore before the iPhone, General Washington could
not send a quick text message to the field's leaders in question. You will have to send a courier
to pass some written correspondence or keep the letter closed in your head. And this is where
the founding fathers could have gotten into trouble.
The Messenger must now travel miles and miles of enemy territory and risk capture and death
to convey it. The British hijackers could have killed the Messenger just by looking at him and
terminating the connection. They could have "convinced" you to share the message's content,
rendering the information useless. Or, if the Messenger were a friend of Benedict Arnold, they
could bribe the Messenger to spread the false word, killing thousands of American militiamen.
However, with the careful application of encryption, Washington could have implemented an
encryption method known as cryptography (more on this in a second) to keep the content of the
message safe from enemy hands. Assuming you entrust encryption only to your most loyal
officer, this tactic will ensure that even if the message is intercepted, the operator will not be
aware of its content. Therefore, the data will be indestructible and will be of no use to the
enemy.
Understanding Polymorphism
Before continuing, I want to dwell on a more advanced topic known as Polymorphism. While this
topic's intricacies are beyond this article's scope, its increasing prevalence requires a brief
explanation. Polymorphism is a code that changes with every use. This means, every time it is
used, it produces a different set of results. Therefore, if you encode the same data location
twice, each new encryption will be further from the previous one. The first cipher results in a
"chore," with polymorphic encoding applied, the second cipher can result in something like
"gdkkn" (where each letter is offset down a single line of the alphabet). In the beginning,
Polymorphism is confusing, but once you understand its working process, it becomes a lot
easier.
I want to start the rest of this article with a warning. In the rest of this article, I will explain
precisely how encryption works and how it is applied today. In doing so, I will have to use many
technical terms that can bore me at times. But bear with me and pay attention. Understanding
how all the pieces fit together will ensure that you can maximize your security and keep your
information out of the wrong hands. So, before I start to explain symmetric and asymmetric
encoding, AES and MD5, I want to explain, in Lyman terms, why this is important and why you
should care. To begin with, let's discuss the only real alternative to encryption, obfuscation.
Opacity is defined as "the act of doing something unclear, vague, or incomprehensible." This
means that you must retain certain information necessary to understand the message to send a
secure message. This, hypothetically, means that it will take a person familiar with the original
message to release the missing pieces.
Cryptography Algorithms
Fortunately, we have cryptography algorithms in place that effectively protect almost all of our
data. However, this does not mean that you are entirely sure results may vary depending upon
the task's requirement. You don't need to look past the recent attacks on companies like Adult
Friend Finder and Anthem Inc. Keep in mind that large companies don't always have the
systems in place to protect your information. Your safety is your responsibility and not anyone
else's. The sooner you develop a solid understanding of the area's courses, the sooner you can
make informed decisions about how to protect your data.
What Is Cryptography?
Cryptography provides a secure connection in the presence of malicious third parties, known as
liabilities. Liabilities can become a huge problem if not taken care of at the right time.
Cryptography uses an algorithm and key to convert input (i.e., plain text) into encrypted output
(i.e., encrypted text). A specific algorithm will always convert the same plain text to the same
ciphertext if the same key is used. Algorithms are considered safe if an attacker cannot
determine any direct text properties or the access, given the encrypted text. An attacker should
not identify anything related to a key due to the large number of plaintext/ciphertext
combinations that use the key.
A secure system must provide many guarantees, such as confidentiality, integrity, data
availability, reliability, and non-repudiation. When used correctly, encryption helps give these
guarantees. Encryption can ensure the privacy and integrity of both data in transit and unstable
data. You can also authenticate senders and recipients with each other and protect against
repudiation. Software systems have multiple endpoints, typically various clients, and one or
more backend servers. These client/server connections are made over networks that cannot be
trusted. Communication occurs through open public networks such as the Internet or private
networks that can be compromised by external attackers or malicious persons.
You can protect communications that traverse untrusted networks. There are two main types of
attacks that an opponent can attempt to execute on a system. Passive attacks involve an
attacker merely listening to a part of the network and reading confidential information while
traveling. Passive attacks can be online (where the attacker reads the traffic in real-time) or
offline (where the attacker captures the traffic in real-time and displays it later, perhaps after
spending some time decrypting it). Active attacks include an attacker posing as a client or
server, intercepting in transit, and viewing and modifying content before reaching its intended
destination (or is removed entirely). The confidentiality and integrity protection provided by
encryption protocols like SSL / TLS can protect communications from malicious eavesdropping
and tampering. Authenticity protection assures that users are communicating with systems as
intended. For example, are you sending your internet banking password to your bank or
someone else?
Types Of Cryptography
There are four main types of cryptography currently, and each has its unique advantages and
disadvantages. They are called hashing algorithms, symmetric encryption, asymmetric
encryption, and key exchange. Hashing is a type of encryption that turns a message into an
unreadable text string to verify the message's content, without hiding the message itself. This
type of encryption is most commonly used to protect the transfer of large programs and files as
a file or software publisher offers them for download.
The reason for this is that although the hash is easy to calculate, it is complicated to find an
initial entry that provides an exact match to the desired value. For example, when you download
Windows 10, you download the program that then runs the downloaded file through the same
hashing algorithm. Then the hash will be compared to the soup provided by the editor. If the two
matches, the download is complete. However, suppose there is even the slightest difference in
the downloaded file (either through file corruption or intentional third-party interference).
Symmetric Cryptography
Symmetric encryption, which is perhaps the most traditional form of encryption, is the system
you are probably most familiar with. This type of encryption uses a single key to encrypt a
message and then decrypt that message upon delivery. Since symmetric encryption requires
you to have a secure channel to deliver the encryption key to the recipient, this type of
encryption is almost useless for data transmission (after all, if you have a fast way of providing
the access, why? not give the same way?). Its main application is to protect data at rest (for
example, hard drives and databases).
Asymmetric Cryptography
It was publicly broken in 1999, prompting the National Institute of Standards and Technology to
host a selection process for a more robust and modernized model. After an intense 5-year
competition between 15 different zeros, including IBM's MARS, RSA Security's RC6, Serpent,
Two fish, and Rijndael, NIST chose Rijndael the winning code. Then they were standardized
across the country and named AES or Advanced Encryption Standards. This encryption is still
widespread today and is implemented by the National Security Agency to protect top-secret
information.
The most important principle to keep in mind is that you should never attempt to design your
encoding system. The world's most famous crypto designers (including Phil Zimmerman and
Ron Rivest) systematically create ciphers with serious security flaws. For a cryptographic
system to be considered "secure," it must face intense scrutiny from the security community.
Never trust security by obfuscation or the fact that attackers may not be aware of your system.
Remember, malicious insiders and determined attackers will try to attack your system. The only
thing that should be "secret" when it comes to a secure encryption system is the keys
themselves. Be sure to take the appropriate measures to protect any keys that your system
uses. Never store encryption keys in exact text with the data they protect. It's like closing the
front door and putting the ticket under the windshield wiper. It is the first place the attacker will
look. Here are three common ways to protect your keys from least secure to most secure.
Store Keys
Store keys are files in a system and protect them with full access control lists (ACLs).
Remember to stick to the principle of least privilege. Encrypt the data encryption keys (DEK)
with a second encryption key (KEK). The KEK must be created using password-based
encryption (PBE). A password known to the fewest administrators can generate a key using an
algorithm such as bcrypt, scrypt, or PBKDF2 and start a cryptographic system. It eliminates the
need to store the unencrypted key anywhere. The Hardware Security Module (HSM) is a
tamper-proof device used to store keys securely. Make sure to use algorithms, key strengths,
and operating patterns that align with industry best practices. Advanced Encryption Standard
(AES) (128-, 192-, or 256-bit keys) is the standard for symmetric encryption. Ensure unsafe
operating modes such as AES in Electronic Code Mode (ECB) or RSA without padding.
In symmetric encryption single key is used. The sender and the recipient must have shared
access that they both know. Key distribution is a difficult problem and the impetus for developing
asymmetric cipher. With asymmetric encryption, two different keys are used for encryption and
decryption. Every user in an asymmetric cipher system has a public key and a private key. The
private key is kept secret at all times, but public access can be freely distributed. Data encrypted
with a public key can only be decrypted using the private send key.
So, sending a message to John requires that that message be encrypted with John's public key.
John can decrypt the message since only John has his private access. Data encrypted with a
private key can only be decrypted using a journalists' public key. Likewise, Jane can digitally
sign a message using her private key, and anyone with Jane's public access can decrypt the
signed message and verify that it was Jane who sent it.
Encryption speed matters a lot in the encryption world because it gives the user an edge over
others and makes them unique. In general, symmetric is very fast and ideal for encrypting large
amounts of data (for example, a disk partition or an entire database). Asymmetric is much
slower and will only encode data smaller than the critical size (usually 2048 bits or less).
Therefore, asymmetric encryption is generally used to encrypt symmetric encryption keys, which
are then used to encrypt larger data blocks. For digital signatures, asymmetric cryptography is
usually used to encrypt hashes of messages rather than entire messages.
https://www.synopsys.com/glossary/what-is-cryptography.html
Plagiarism Report
Keyword Research