Cryptography

What is Cryptography?

Cryptography is a method of protecting information and communications through the use of

codes, so that only those for whom the information is intended can read and process it.

In computer science, cryptography refers to secure information and communication techniques

derived from mathematical concepts and a set of rule-based calculations called algorithms, to
transform messages in ways that are hard to decipher. These deterministic algorithms are used
for cryptographic key generation, digital signing, verification to protect data privacy, web
browsing on the internet and confidential communications such as credit card transactions and
email.

Cryptography Techniques
Cryptography is closely related to the disciplines of cryptology and cryptanalysis. It includes
techniques such as microdots, merging words with images and other ways to hide information
in storage or transit. However, in today's computer-centric world, cryptography is most often
associated with scrambling plaintext (ordinary text, sometimes referred to as cleartext)
into ciphertext (a process called encryption), then back again (known as decryption). Individuals
who practice this field are known as cryptographers.

Modern cryptography concerns itself with the following four objectives:

1. Confidentiality. The information cannot be understood by anyone for whom it was

unintended.
2. Integrity. The information cannot be altered in storage or transit between sender
and intended receiver without the alteration being detected.
3. Non-repudiation. The creator/sender of the information cannot deny at a later
stage their intentions in the creation or transmission of the information.
4. Authentication. The sender and receiver can confirm each other's identity and the
origin/destination of the information.
Procedures and protocols that meet some or all of the above criteria are known as
cryptosystems. Cryptosystems are often thought to refer only to mathematical procedures and
computer programs; however, they also include the regulation of human behavior, such as
choosing hard-to-guess passwords, logging off unused systems and not discussing sensitive
procedures with outsiders.

Cryptographic Algorithms

Cryptosystems use a set of procedures known as cryptographic algorithms, or ciphers, to

encrypt and decrypt messages to secure communications among computer systems, devices
and applications.

A cipher suite uses one algorithm for encryption, another algorithm for message authentication
and another for key exchange. This process, embedded in protocols and written in software
that runs on operating systems (OSes) and networked computer systems, involves:

 public and private key generation for data encryption/decryption

 digital signing and verification for message authentication
 key exchange
Types of Cryptography

Single-key or symmetric-key encryption algorithms create a fixed length of bits known as

a block cipher with a secret key that the creator/sender uses to encipher data (encryption) and
the receiver uses to decipher it. One example of symmetric-key cryptography is the Advanced
Encryption Standard (AES). AES is a specification established in November 2001 by the National
Institute of Standards and Technology (NIST) as a Federal Information Processing Standard (FIPS
197) to protect sensitive information. The standard is mandated by the U.S. government and
widely used in the private sector.

In June 2003, AES was approved by the U.S. government for classified information. It is a
royalty-free specification implemented in software and hardware worldwide. AES is the
successor to the Data Encryption Standard (DES) and DES3. It uses longer key lengths -- 128-bit,
192-bit, 256-bit -- to prevent brute force and other attacks.

It focuses on a similar key for encryption as well as decryption. Most importantly, the
symmetric key encryption method is also applicable to secure website connections or
encryption of data. It is also referred to as secret-key cryptography. The only problem is that
the sender and receiver exchange keys in a secure manner. The popular symmetric-key
cryptography system is Data Encryption System (DES). The cryptographic algorithm utilizes the
key in a cipher to encrypt the data and the data must be accessed. A person entrusted with the
secret key can decrypt the data. Examples: AES, DES, etc.

Features:

 It is also known as Secret Key Cryptography.

 Both parties have the same key to keeping secrets.
 It is suited for bulk encryptions.
 It requires less computational power and faster transfer.
Public-key or asymmetric-key encryption algorithms use a pair of keys, a public key associated
with the creator/sender for encrypting messages and a private key that only the originator
knows (unless it is exposed or they decide to share it) for decrypting that information.

Examples of public-key cryptography include:

 RSA, used widely on the internet

 Elliptic Curve Digital Signature Algorithm (ECDSA) used by Bitcoin
 Digital Signature Algorithm (DSA) adopted as a Federal Information Processing
Standard for digital signatures by NIST in FIPS 186-4
 Diffie-Hellman key exchange

To maintain data integrity in cryptography, hash functions, which return a deterministic output

from an input value, are used to map data to a fixed data size. Types of cryptographic hash
functions include SHA-1 (Secure Hash Algorithm 1), SHA-2 and SHA-3.

This cryptographic method uses different keys for the encryption and decryption process. This
encryption method uses public and private key methods. This public key method helps
completely unknown parties to share information between them like email id. private key helps
to decrypt the messages and it also helps in the verification of the digital signature. The
mathematical relation between the keys is that the private key cannot be derived from the
private key. Example: ECC, DSS, etc.

Features:

 It is also known as Public-key cryptography.

 It is often used for sharing secret keys of symmetric cryptography.
 It requires a long processing time for execution.
 Plays a significant role in website server authenticity.

Cryptography Concerns

Attackers can bypass cryptography, hack into computers that are responsible for data
encryption and decryption, and exploit weak implementations, such as the use of default keys.
However, cryptography makes it harder for attackers to access messages and data protected by
encryption algorithms.
Growing concerns about the processing power of quantum computing to break current
cryptography encryption standards led NIST to put out a call for papers among the
mathematical and science community in 2016 for new public key cryptography standards.

Unlike today's computer systems, quantum computing uses quantum bits (qubits) that can
represent both 0s and 1s, and therefore perform two calculations at once. While a large-scale
quantum computer may not be built in the next decade, the existing infrastructure requires
standardization of publicly known and understood algorithms that offer a secure approach,
according to NIST. The deadline for submissions was in November 2017, analysis of the
proposals is expected to take three to five years.

What problems does Cryptography solve?

A secure system should provide several assurances such as confidentiality, integrity, and
availability of data as well as authenticity and non-repudiation. When used correctly, crypto
helps to provide these assurances. Cryptography can ensure the confidentiality and integrity of
both data in transit as well as data at rest. It can also authenticate senders and recipients to
one another and protect against repudiation.
Software systems often have multiple endpoints, typically multiple clients, and one or more
back-end servers. These client/server communications take place over networks that cannot be
trusted. Communication occurs over open, public networks such as the Internet, or private
networks which may be compromised by external attackers or malicious insiders.
It can protect communications that traverse untrusted networks. There are two main types of
attacks that an adversary may attempt to carry out on a network. Passive attacks involve an
attacker simply listening on a network segment and attempting to read sensitive information as
it travels. Passive attacks may be online (in which an attacker reads traffic in real-time) or offline
(in which an attacker simply captures traffic in real-time and views it later—perhaps after
spending some time decrypting it). Active attacks involve an attacker impersonating a client or
server, intercepting communications in transit, and viewing and/or modifying the contents
before passing them on to their intended destination (or dropping them entirely).
The confidentiality and integrity protections offered by cryptographic protocols such as SSL/TLS
can protect communications from malicious eavesdropping and tampering. Authenticity
protections provide assurance that users are actually communicating with the systems as
intended. For example, are you sending your online banking password to your bank or someone
else?
It can also be used to protect data at rest. Data on a removable disk or in a database can be
encrypted to prevent disclosure of sensitive data should the physical media be lost or stolen. In
addition, it can also provide integrity protection of data at rest to detect malicious tampering.
Benefits of Cryptography

There are a huge number of benefits of cryptography in blockchain some of them are stated
below—

 Encryption: Cryptography uses asymmetric encryption to ensure that the transaction on

their network guards the information and communication against unauthorized
revelation and access to information.
 Immutability: This feature of cryptography makes it important for blockchain and makes
it possible for blocks to get securely linked by other blocks and also to ensure the
reliability of data stored in the blockchain, it also ensures that no attacker can derive a
valid signature for unposed queries from previous queries and their corresponding
signatures.
 Security: Cryptography makes the records of transactions easier using encryption of
data, and accessing of data using public and private keys. Cryptographic hashing
tampering with data is not possible, making blockchain more secure.
 Scalability: Cryptography makes the transaction irreversible giving the assurance that all
users can rely on the accuracy of the digital ledger. It allows limitless transactions to be
recorded securely in the network.
 Non-repudiation: The digital signature provides the non-repudiation service to guard
against any denial of message passed by the sender. This benefit can be associated with
collision resistance i.e.; since every input value has a unique hash function so there is no
clash between the messages that are sent and one message can be easily differentiated
from the other.
 Prevent hackers: The digital signature prevents hackers from altering the data
because if the data changes, the digital signature becomes invalid. With the help
of cryptography, it protects the data from hackers and makes cryptography in
blockchain unstoppable.

Limitations of Cryptography

Below are some of the limitations of cryptography in the blockchain:

 Information difficult to access: Strongly encrypted and digitally signed information can be
difficult to access even for a legitimate user at the most critical time of decision-making. The
network can be attacked and rendered non-functional by an intruder.
 High availability: It is one of the fundamental aspects of information security, and cannot be
ensured through the use of cryptography. Other methods are needed to guard against the
threats such as denial of service or complete breakdown of the information systems.
 No protection against vulnerabilities and threats that emerge from the poor design of
protocols, procedures, and systems. These issues need to be fixed with the proper design of
the defense infrastructure.
 Expensive: Cryptography needs huge time and money investments. Public key cryptography
needs setting up and maintenance of public key infrastructure which requires huge
investment. Addition of cryptographic techniques while sending messages and information
processing adds to the delay.
 Vulnerability: The security of cryptographic techniques depends on the complexity and
difficulty of the mathematical problem. Any breakthrough in solving such mathematical
problems can make cryptographic techniques vulnerable.