

Security



Cryptography
CRYPTOGRAPHY (from Gr. Kpinrros, hidden, and ypiL4aI, to write), or writing in cipher, called also steganography (from Gr. crreyvij, a covering), the art of writing in such a way as to be incomprehensible except to those who possess the key to the system employed. The unravelling of the writing is called deciphering. Cryptography having become a distinct art, Bacon (Lord Verulam) classed it (under the name ciphers) as a part of grammar. Secret modes of communication have been in use from the earliest times. The Lacedemonians had a method called the scytale, from the staff (o~KvrfiXfl) employed in constructing and...





A Brief History of Cryptography  compiled by Shireen Hebert
Cryptography, the science of encrypting and decrypting information, dates as far back as 1900 BC when a scribe in Egypt first used a derivation of the standard hieroglyphics of the day to communicate. Carl Ellison, Cryptography Timeline. There are many notable personalities who participated in the evolution of Cryptography. For example, “Julius Caesar (10044 BC) used a simple substitution with the normal alphabet (just shifting the letters a fixed amount) in government communications”, and later, Sir Francis Bacon in 1623, who "described a cipher which now bears his name  a biliteral cipher, known today as a 5bit binary...





Cryptography: History
When one thinks of cryptography, one imagines spies and espionage, yet the art and practice of cryptography is going on about us everyday of our lives. Its art and practice is part of the fabric of society and we have all practiced this science in one way or another. In practice, cryptography is the science of transmitting information from one location to another, with the added requirement that this message cannot be understood by someone other than the sender and the receiver. Most people would accept this as the standard definition of this science. Yet, as you have read this,...





Introduction to Cryptosystems
Cryptology is the hiding of information so that it is unintelligable to those we do not wish to read it and intelligable to those we do. In this section we present the fundamental or basic ideas needed to understand the science. We start with the question, what information are we trying to hide? The answer can range from any number of things; however most importantly it is information that we want to keep private. For instance, bank account numbers and social security numbers are pieces of information that we don't want everyone to be able to obtain. For military purposes,...





Cryptanalysis and Attacks on Cryptosystems
Ciphertextonly attack: This is the situation where the attacker does not know anything about the contents of the message, and must work from ciphertext only. In practice it is quite often possible to make guesses about the plaintext, as many types of messages have fixed format headers. Even ordinary letters and documents begin in a very predictable way. For example, many classical attacks use frequency analysis of the ciphertext, however, this does not work well against modern ciphers. There are many other cryptographic attacks and cryptanalysis techniques. However, these are probably the most important ones for an application designer. Anyone...





Strength of Cryptographic Algorithms
Good cryptographic systems should always be designed so that they are as difficult to break as possible. It is possible to build systems that cannot be broken in practice (though this cannot usually be proved). This does not significantly increase system implementation effort; however, some care and expertise is required. There is no excuse for a system designer to leave the system breakable. Any mechanisms that can be used to circumvent security must be made explicit, documented, and brought into the attention of the end users. Unpublished or secret algorithms should generally be regarded with suspicion. Quite often the designer...





Cryptographic Random Number Generators
Cryptographic random number generators generate random numbers for use in cryptographic applications, such as for keys. Conventional random number generators available in most programming languages or programming environments are not suitable for use in cryptographic applications (they are designed for statistical randomness, not to resist prediction by cryptanalysts). In the optimal case, random numbers are based on true physical sources of randomness that cannot be predicted. Such sources may include the noise from a semiconductor device, the least significant bits of an audio input, or the intervals between device interrupts or user keystrokes. The noise obtained from a physical source...





Cryptographic Hash Functions
Cryptographic hash functions are used in various contexts, for example, to compute the message digest when making a digital signature. A hash function compresses the bits of a message to a fixedsize hash value in a way that distributes the possible messages evenly among the possible hash values. A cryptographic hash function does this in a way that makes it extremely difficult to come up with a message that would hash to a particular hash value. Many good cryptographic hash functions are freely available. The most famous cryptographic hash functions are those of the MD family: MD4, MD5, SHA1, and...





Digital Signatures
Some publickey algorithms can be used to generate digital signatures. A digital signature is a small amount of data that was created using some private key, and there is a public key that can be used to verify that the signature was really generated using the corresponding private key. The algorithm used to generate the signature must be such that without knowing the private key it is not possible to create a signature that would verify as valid. Digital signatures are used to verify that a message really comes from the claimed sender (assuming only the sender knows the private...





Basic Cryptographic Algorithms
The method of encryption and decryption is called a cipher. Some cryptographic methods rely on the secrecy of the encryption algorithms; such algorithms are only of historical interest and are not adequate for realworld needs. Instead of the secrecy of the method itself, all modern algorithms base their security on the usage of a key; a message can be decrypted only if the key used for decryption matches the key used for encryption. There are two classes of keybased encryption algorithms, symmetric (or secretkey) and asymmetric (or publickey) algorithms. The difference is that symmetric algorithms use the same key for...







