Send the link below via email or IMCopy
Present to your audienceStart remote presentation
- Invited audience members will follow you as you navigate and present
- People invited to a presentation do not need a Prezi account
- This link expires 10 minutes after you close the presentation
- A maximum of 30 users can follow your presentation
- Learn more about this feature in our knowledge base article
Transcript of Cryptography
Cryptography is the study and practice of technical procedures and algorithms for secure and confidential communication amidst adversaries (third parties). This can be accomplished through use of encryption techniques. In this modern age of technology and communications, encryption is essential for all transmission of confidential data.
Unencrypted and understandable data is known as plaintext. To prevent unintended parties from understanding what the data is, one must encrypt it. The data is now transformed to ciphertext. It is now a protected document that appears as nonsense or gibberish to most parties. The intended recipient must decrypt the ciphertext when received, and this will transform it back into understandable plaintext.
Although attempts to intercept and decipher the data can be made by skilled attackers, newer and stronger algorithms continue to be developed to be one step ahead.
Cryptography encompasses portions of both, mathematics and computer science to effectively prevent unauthorized and unintended recipients from accessing or interpreting secure communications.
Cryptography in Action
The following examples describe common cryptographic technologies, and how they are used in the real world to encrypt, transmit, and decrypt data, with efforts to keep eavesdroppers away.
Cryptography can be found all around in daily life. Take for example, the PIN of a bank or credit card. Although the PIN itself is only four numerical digits, it is stored securely and encrypted in a database at the user's bank. When used at a retailer, the point of sale encrypts the PIN, creates a secure connection and transmits it to the bank for verification. A response is returned, and the amount is charged to the user.
Similarly, the encryption on a wireless router is an application of cryptography. If the router is secured using 64 bit WEP, a packet sniffing attack could expose the password. A program can examine the encrypted packets sent on the network, and can determine the password by utilizing frequency analysis on the packets. Use of 256 bit WPA2 and a continually changing key makes packet sniffing virtually impossible.
Finally, transmission of premium services, such as TV, is also an application of cryptography. Through use sophisticated forms of encryption, only those subscribed to the service can obtain it, An example of authentication in this scenario is a chip card.
Cryptanalysis is the opposite of cryptography. Where cryptography is intended to secure data and prevent exposure of it, cryptanalysis is the act of analyzing and deciphering encrypted data. Without knowing the key, cryptanalysis aims to gain access to the secured content in quite sophisticated manners.
As cryptography algorithms became more advanced over time, so did the techniques attackers used to decipher the data. In early times, frequency analysis was used often to crack the code. By using the most commonly recurring letters of the alphabet (like vowels), and the most commonly used words (such as 'the', 'this', 'that', 'and', etc.), most attackers were able to successfully understand once secretive messages.
For as long as cryptography exists, cryptanalysis will be right with it. Modern methods of cryptography are considered secure, although there have been some notable examples of systems once thought secure to have been broken, like WEP encryption, and GSM mobile phone signals, just to name a few.
The earliest forms of cryptography date back to about 4000 years ago in Egypt. Unusual symbols were added to hieroglyphs to alter meanings of inscriptions. It is unknown if this act was performed to intentionally obscure the meaning, or for simple comedic purposes, but nonetheless, a cryptographic message was delivered.
Cryptography was also present in the times of Julius Caesar. Certain important messages were delivered in scrambled order. Often, characters of the Latin alphabet in the message were shifted forward by a key of three. This means, for example, the letter A became the letter D, the letter X would become A, and so on. Although this was a very simple an primitive form of cryptography, it held up well, as many message carriers and unapproved recipients never understood the message.
Such substitution ciphers were often subject to regular analysis from attackers, until 1467 when Leon Battista Alberti most clearly documented the polyalphabetic cipher. This new cipher was a combination of mixed alphabets, and would change based on an uppercase character, denoting the start of a new alphabet.
Tremendous advancements in the twentieth century furthered cryptography to the level it is today.
To date, the only secure form of encryption, provided that certain conditions are met, is the "one-time pad". First documented in 1882, but furthered in 1917 with the advancement of electronics and typewriters, this algorithm proved to be impossible to break if used correctly. The plaintext must be combined with a key, which may never be used again, must be completely random, kept in secret, and be as long as the plaintext message. If these conditions are met, the message can never be deciphered without use of the key. These keys were printed and distributed, often on small papers that could be destroyed easily after a message was decrypted. Some were even printed on flammable paper, another security method to ensure that once used, the key would be destroyed.
In the mid 1970s, on commission from IBM, employees developed a new 56 bit encryption standard which became government standard encryption called the "Data Encryption Standard". Since its inception, encryption, and in greater, cryptography, has been standard procedure for most electronic communications, and computer security in general. This algorithm is no longer considered secure, as a brute force attack in 1997 had effectively sampled every key, all 72 quadrillion. Shortly thereafter, the US NIST put out requests for a new and more secure cipher code, and in 2001, selected the Rijndael cipher - named after the two founding cryptographers Vincent Rijmen and Joan Daeman. This new encryption standard was named the "Advanced Encryption Standard", and features key lengths of 128, 192, and 256 bits.
Many legal topics have arisen over the subject of cryptography.
Since its inception, strong opposition has been present over Digital Rights Management. DRM prevented those who purchased digital works from copying or using them on other devices. Cryptography techniques allowed content providers to lock files that could only be read by certain devices - like iTunes purchased music only playable in iTunes and on iPod. DRM restrictions still exist today, on certain devices like Amazon Kindle and on DVD discs.
Also, Departments of Security and National Defense of various countries fear that police may be unable to stop those who utilize extreme methods of cryptography. There is some myth and fact to this statement, as some high ranking officials believe this, whereas others do not.
Finally, the requirement to disclose encryption keys on request of law enforcement poses another issue. Some jurisdictions will imprison parties who do not reveal encryption keys on fear of national security.
Symmetric Key Algorithm
The only publicly known encryption method until 1976, this algorithm uses the same key to encrypt and decrypt the data in question. The diagram below demonstrates this practice. Despite the simplistic diagram, this algorithm is currently used with DES and AES encryption. In order for this algorithm to work, the key must be kept in secret between the sender and receiver.
Public Key Algorithm
A public or asymmetric key algorithm works on the basis that two keys are available for data to be secured. The main difference between this system and a symmetric key system, is that only one key (the private key) can encrypt and decrypt messages, whereas the other (the public key) can only encrypt. This prevents the need for key management, and simplifies the scenario in which multiple parties require multiple keys to stay secure, creating logistical issues and susceptibility to social engineering tactics. A widely used and well known cryptosystem employing this setup is known as RSA. The accompanying diagram and video describe how the public key system works.
Mr. C. Chiarelli
January 6 2014
As technology evolves and computers continue to get faster and faster, cryptography will keep up.
Great plans and fears both result from the topic of quantum computing. As fast as the machine will be, larger, stronger algorithms and keys can be created that far exceed the capabilities of machines today. Current encryption standards will be no match to what the future holds regarding quantum. Fears over the same idea result. As new machines will be faster and be able to process more data in less time, brute force attacks may become the preferred way for attackers to break any encryption algorithm. The use of a quantum computer to determine the two prime numbers which make up a composite (in simple terms) also poses concern. The same can be done with technology today, although it would take an exorbitant amount of time.
With modern day technology, it was possible to break 56 bit DES, first in 41 days, then 56 hours, and an all time record of 22 hours and 15 minutes. This is why the US government later switched to AES, a stronger encryption standard. In actuality, AES could potentially be attacked, by brute force or other methods, and the only reason why it cannot is because the technology doesn't exist. An attacker could use a quantum computer to solve the key to an asymmetric algorithm, as its ability to solve mathematical functions is unparalleled to a regular computer.
With these fears in mind, there is no doubt new and evolving security technologies will be invented to stay one step ahead of attackers to keep data secure.
A major utilization of both of these technologies is through any form of secure electronic communication, like SSL, HTTPS, VPN, and others. When a device connects to a server, the server sends the device a certificate. The certificate needs to be valid and digitally signed (such that it is integral) by a party the user trusts (to which all browsers have preconfigured). It also contains a public key, which the device will then use to encrypt data and send it to the server. Only the server can decrypt this information using its private key. To further security, a symmetric key is established, encrypting the entire transfer of data. The diagram below demonstrates this.
Cryptography is a very grand and vast subject that cannot be documented all in one presentation. This is just one of the many uses of cryptography, using symmetric and asymmetric keys.
In the 16th century, Blaise de Vigenère created the Vigenère cipher. It uses a predefined key, with the plaintext message. When the corresponding character number of a letter and the key were added together, and the remainder (modulus) when divided by 26 was found, the new cipher letter was used. Although this system was exposed shortly after creation, it did demonstrate how encryption keys can be used to encode messages.
Throughout the first world war, cryptography was rampant to avoid any disclosure of secretive information. Despite best efforts, with a multitude of trained attackers and poor use of algorithms, some crucial messages were intercepted and deciphered, leading to major shifts in the events of the war. Cryptography continued throughout the second world war, again leading to results which were influenced by many skilled and advanced attackers.
A Short Intro from Khan Academy