Cryptography Security: Ecurity Rchitecture
Cryptography Security: Ecurity Rchitecture
Cryptography Security: Ecurity Rchitecture
I. INTRODUCTION
I
nformation Security has continuously been changing and tends
to become more demanding. Information is a strategic
resource, and a significant part of the organizational budgets is
dedicated towards managing it. The growing usage of
computers implies more protection of files and information.
Computers need tools to protect the stored files while
communication links need to protect the information while
being transferred. Network security is thus needed to protect
the information rather data, during transmission.
Security of information may have different objectives such as
confidentiality, integrity and availability. Confidentiality
implies secrecy and in synonymous to the protection of
information value. Integrity is basically ensuring the accuracy
of data and availability is its proper delivery.
Three aspects of such security include attacks, mechanisms
and services. A security service is something that enhances the
security of the data processing systems and the information
transfers of an organization. They are intended to counter
security attacks. In general, they make use of one or more
security mechanisms to provide the service or replicate
functions normally associated with physical documents.
A mechanism that is designed to detect, prevent, or recover
from a security attack. No single mechanism that will support
all functions required however one particular element
underlies many of the security mechanisms in use which is
III. CRYPROGRAPHY
Cryptography literally translates to the study of secret writing.
It can be defined as the art or science encompassing the
principles and methods of transforming an intelligible message
into one that is unintelligible, and then retransforming that
message back to its original form.
The original intelligible message is known as plaintext while
the transformed message is called ciphertext. The algorithm
used for such conversion is called cipher and is associated
with a key which provides critical information only to the
sender and receiver for the same. Conversion from plaintext to
ciphertext is known as enciphering and the reverse process is
known as deciphering.
Two basic methodologies of classic cryptography include
substitution and transposition. Substitution is replacing of say
letters, with other letters while transposition is arranging them
in a different way (if plaintext is viewed as a sequence of bits,
then substitution involves replacing plaintext bit patterns with
ciphertext bit patterns) Combination of both can be used.
Ciphers can further be either monoalphabetic or
polyalphabetic, implying only one substitution/transposition or
more than one substitution/transposition respectively. The
resultant cipher of many ciphers joined together is called the
product cipher.
Considering security of the cipher key from being discovered
(not considering methods such as brute force technique) there
is unconditional security and computational security.
Unconditional security is when no matter how much computer
power is available, the cipher cannot be broken since the
ciphertext provides insufficient information to uniquely
determine the corresponding plaintext. Computational security
is given limited computing resources (time, tools, processing
etc), the cipher cannot be broken.
IV. BLOCK CIPHERS
Block ciphers process messages in into blocks, each of which
is then encrypted or decrypted. It is like a substitution on very
big characters (64-bits or more) It is different from stream
ciphers process messages a bit or byte at a time when
encrypting or decrypting. Majority of the current ciphers are
block ciphers.
A. Claude Shannon and Substitution-Permutation Ciphers
In 1949, Claude Shannon introduced the idea of substitutionpermutation (S-P) networks which form the basis of modern
block ciphers. The substitution and permutation are introduced
in such a way as to provide confusion and diffusion of
message. Diffusion dissipates the statistical structure of
plaintext over bulk of ciphertext while confusion makes
relationship between ciphertext and key as complex as
possible. These together make the original text obscure and
thus provide computational security.
the rest plus security it increased by the fact that along with
key, knowledge of the initial value is necessary to decrypt.
Electronic Code Book uses an opposite process where each
block is encrypted independently. Security is less and thus it is
used only when few blocks are to be transmitted.
V. PUBLIC KEY CRYPTOGRAPHY
Two keys are used for the encryption and decryption of the
data or message. One is public and the other is private.
Though both of them are related to each other mathematically,
the private key cannot be derived from the public key.
Message encrypted by the public key can only be decrypted by
a private key. Usually concepts of number theory and
relatively prime numbers are used. Eulers Function is used to
compute the relatively prime numbers lesser than a given
number. Ron Rivet gave an algorithm to compute the keys as
natural numbers. Two prime numbers p and q are chosen and
their product is N. Eulers function say E(N) is then computed.
A random integer e is selected such that gcd of E and e is 1.
Then d is calculated as mod(E)/e. Where mod() is the modulus
function. The public key is a function of N and e while the
private of N and d. (Something of the sort M^e*mod(N).
where M is the message data).
VI. CONCLUSIONS
Network Security is of critical importance and to provide the
same cryptology with the study of various encryption and
decryption methods is necessary. Various algorithms are
available for this purpose, and selection should be based on
factors and parameters such as fault tolerance, type of data,
amount of data and other system constraints or requirements.
Block ciphers are more favorable for the purpose of
computational ease. Within block ciphers there are various
conceptually diverse methods. Each method has its own
limitations and thus the one should be chosen in which its
advantages weigh out the disadvantages. Public key
cryptology is one method which doesnt have most of the
disadvantages of other methods and thus has been popular
since long.
REFERENCES
[1] Dr. Bill Figg. Data Networks and Cryptography,Dakota
State University, 2000.
[2] William Stallings Cryptography and Internet Security,"
Upper Saddle River,NJ,Prentice Hall, 1999
[3] William Stallings, Network Security Essentials:
Applications and Standards,3e