Page 41 - DCAP516_COMPUTER_SECURITY
P. 41

Unit 4: Cryptography




          While modern cryptography is growing increasingly diverse, cryptography is fundamentally  Notes
          based on problems that are difficult to solve. A problem may be difficult because its solution
          requires some secret knowledge, such as decrypting an encrypted message or signing some
          digital document. The problem may also be hard because it is intrinsically difficult to complete,
          such as finding a message that produces a given hash value.
          Computer encryption is based on the science of cryptography, which has been used throughout
          history. Before the digital age, the biggest users of cryptography were governments, particularly
          for military purposes.
          Encryption is the transformation of data into a form that is as close to impossible as possible to
          read without the appropriate knowledge. Its purpose is to ensure privacy by keeping information
          hidden from anyone for whom it is not intended, even those who have access to the encrypted
          data. Decryption is the reverse of encryption; it is the transformation of encrypted data back into
          an intelligible form.
          Encryption and decryption generally require the use of some secret information, referred to as
          a key. For some encryption mechanisms, the same key is used for both encryption and decryption;
          for other mechanisms, the keys used for encryption and decryption are different.

          The existence of coded messages has been verified as far back as the Roman Empire. But most
          forms of cryptography in use these days rely on computers, simply because a human-based code
          is too easy for a computer to crack.
          There are several tools of cryptography such as hashing, Pretty good privacy (PGP), Kerberos,
          digital signature, etc.

          Encryption methods have historically been divided into two categories:
          1.   Substitution ciphers and
          2.   Transposition ciphers.
          From the cryptanalyst’s point of view, the cryptanalysis problem has three variations:

               The cipher text only problem: the cryptanalyst has a quantity of cipher text and no plaintext.
               The known plaintext problem: the cryptanalyst has some matched cipher text and plaintext.
               The chosen plaintext problem: the cryptanalyst has the ability to encrypt pieces of plaintext
               of his own choosing.
          To achieve security, the cryptographer should make sure that the system is unbreakable even if
          his opponent can encrypt arbitrary amounts of chosen plaintext.

          4.1.1 Substitution Ciphers

          In a substitution cipher each letter or group of letters is replaced by another letter or group of
          letters. Each symbol in the plaintext, maps onto some other letter. For example, 26 letters are –
          plaintext: a b c d e f g h i j k l m n o p q r s t u v w x y z
          ciphertext: X W E R T Y U I O P A S D F G H J K L Z X C V B N M

          This general system is called monoalphabetic substitution. For the key above, ‘attack’ would be
          encrypted as QZZQEA. This cipher can be broken easily taking the advantage of the statistical
          properties of natural language. For example, e is the most common letter followed by t, o, a, n,
          i, etc. In English the most common two letters combinations or diagrams are th, in, er, re, an and
          most common three letter combination trigrams are the, ing and ion.





                                           LOVELY PROFESSIONAL UNIVERSITY                                   35
   36   37   38   39   40   41   42   43   44   45   46