Cryptography is the art of concealing information from eavesdroppers by means of a secret that is only known to the communicating parties.But even this description does not cover all applications of cryptography satisfactorily as will become evident in this paper.In modern times, cryptography is almost always used to refer to electronic scrambling of data, but in a historical context cryptography refers to using written secret codes.
Cryptographic Principles :
Most cryptographic algorithms and cryptosystems share common principles. I'm Trying to evaluate most of the principles into my note.
Definition Of A Secure Cryptographic Algorithm :
One of the main goals of cryptography is to guarantee the secrecy of data. In order to achieve this, a cryptographic algorithm should be ‘secure’. This raises the question what a secure algorithm is. Claude Shannon, the father of information theory, defined this as follows:
Perfect Secrecy is defined by requiring of a system that after a cryptogram is intercepted by the enemy the a posteriori probabilities of this cryptogram representing various messages be identically the same as the a priori probabilities of the same messages before the interception.
Though this may sound complicated, when paraphrased it is actually rather simple: perfect secrecy means that even if the encrypted message is observed, this should in no way increase the likelihood of uncovering the plain text.
Behind All The Logic, There Is Mathematics :
The First Principle Is All modern cryptographic algorithms rely on mathematical principles. The most important of these is that the maths that the algorithm relies on should be based on a problem that is very hard to solve by brute force (without knowing the secret information).
A second principle, derived from this, is that a good cryptographic algorithm should be efficient in use (not consume excessive CPU time and/or memory) but should be inefficient (requiring excessive or infeasible amounts of CPU time) to break.
Modern cryptographic algorithms depend on random data generation, for instance for key material. It is therefore very important to use a good random number generator.
Most random number generators used on computers today are what are called pseudo random number generators (pseudo RNGs) . A pseudo RNG is based on a mathematical formula that produces output that should approximate truly random data as best as possible. A pseudo RNG always takes some input data as a starting point (called a seed) from which it then starts generating data. All pseudo RNGs are predictable; given a certain seed they will always produce the same output sequence. Furthermore, they have a periodicity (i.e. after a certain number of cycles they will start reproducing the same output data). A special subclass of pseudo RNGs is used in cryptography called cryptographically secure pseudo random number generators. These are pseudo RNGs that have been designedaccording to certain principles that make them suitable for use in cryptographic applications. Examples of these include the pseudo RNG used in Microsoft CryptoAPI (part of the Windows operating system) and the Yarrow algorithm (included in Mac OS X and FreeBSD).Because of their inherent predictability it is of key importance to provide suffi cient seeding material to pseudo RNGs. The seeding data should in turn be ‘as random as possible’. To achieve this, many implementations use physical events, such as the user moving the mouse or typing on the keyboard. In general, the following principle holds: the more truely random data is input into a pseudo RNG, the more secure the output becomes.Hardware random number generators also exist. The problem with these usually is that they are relatively slow (when compared to software pseudo RNGs). It is not uncommon to use the output of a (slower) hardware RNG to seed a software pseudo RNG.
The security of modern cryptographic systems heavily depends on the quality of the random data that is used in their operation.In addition to this, randomness plays another role in cryptography. An important property of a good cryptographic algorithm is that its encrypted output data should – to all intents and purposes – be indistinguishable from random data (i.e. should have no content that can be leveraged to derive any information on the original input data from the encrypted output) 5. If some of the structure of the plain text is preserved in the cipher text then this can provide attackers a foothold that they can use to break the code (recall the letter occurrence counting attack on simple substitution ciphers.
There are 2 types of cryptography. They are :
- Symmetric cryptography
- Asymmetric cryptography