Cybersecurity Cryptography Hashing and RSA Notes CST4957
Cybersecurity Cryptography Hashing and RSA Notes CST4957
## 1. **Introduction to Cryptography**
Cryptography is the practice of securing information by transforming it into an
unreadable format, which can only be reverted to its original form by those who
possess the correct key. It is a fundamental component of cybersecurity and is used
to protect the confidentiality, integrity, and authenticity of data during storage
and transmission.
---
### b. **Key**
A **key** is a piece of information used by cryptographic algorithms to encrypt and
decrypt data. Keys must be kept secret to maintain the security of the encrypted
data.
---
## 3. **Types of Cryptography**
**Advantages**:
- Faster than asymmetric encryption.
- Less computational overhead.
**Disadvantages**:
- Key distribution: Both the sender and receiver must securely share the same
key.
**Common Algorithms**:
- **RSA (Rivest-Shamir-Adleman)**: A widely used asymmetric algorithm for secure
data transmission and digital signatures.
- **ECC (Elliptic Curve Cryptography)**: Provides similar security to RSA but
with shorter key lengths, making it faster and more efficient.
- **DSA (Digital Signature Algorithm)**: Used for digital signatures.
**Advantages**:
- Solves the key distribution problem.
- Supports digital signatures and authentication.
**Disadvantages**:
- Slower than symmetric encryption due to complex mathematical operations.
---
### a. **Hashing**
- **Definition**: A hash function takes an input (or "message") and returns a
fixed-size string of characters, which is typically a digest that represents the
original data.
- **Purpose**: Hashing is used for data integrity checks, ensuring that data has
not been altered.
- **Properties of Hash Functions**:
- **Deterministic**: The same input always produces the same hash.
- **Pre-image resistance**: It is computationally infeasible to reverse the hash
to retrieve the original input.
- **Collision resistance**: It is hard to find two different inputs that produce
the same hash.
---
**Use Cases**:
- **Email signing**: Verifying the sender’s identity and message integrity.
- **Software distribution**: Ensuring the authenticity of downloaded software.
### b. **Authentication**
- **Definition**: Authentication is the process of verifying the identity of a
user, system, or entity.
- **Common Techniques**:
- **Passwords**: The most basic form of authentication, but weak without
additional security mechanisms.
- **Multi-factor Authentication (MFA)**: Combining something you know (password),
something you have (token or phone), and something you are (biometrics) for
stronger security.
- **Public Key Infrastructure (PKI)**: A framework using public and private keys
to authenticate users, systems, and services.
---
---
## 7. **Cryptography in Practice**
---
## 9. **Conclusion**
Cryptography plays a crucial role in protecting the confidentiality, integrity, and
authenticity of data in today's digital world. It encompasses a wide range of
techniques and algorithms, including symmetric and asymmetric encryption, hashing,
digital signatures, and public key infrastructure. Understanding and implementing
cryptography correctly is essential for securing sensitive information and
communications across networks and systems.