Page 112 - DCAP309_INFORMATION_SECURITY_AND_PRIVACY
P. 112
Information Security and Privacy
Notes 2. ........................... is the reverse process of converting encoded data to its original un-encoded
form, plaintext.
8.2 Applications of Cryptography
8.2.1 Secrecy in Transmission
Many existing secrecy systems for transmission access a private key system for converting
transmitted information since it is the fastest technique that functions with rational guarantee
and low overhead.
If the number of conversing parties is minute, key distribution is performed periodically with
a courier service and key preservation depends on physical security of the keys over the stage of
use and demolition after new keys are disseminated.
If the number of parties is huge, electronic key distribution is generally used. Previously, key
distribution was performed with a special key-distribution-key (also called a master-key)
preserved by all parties in confidentiality over a longer phase of time than the keys used for a
specific transaction. The “session-key” is produced at random either by one of the parties or by
a trusted third party and distributed by means of the master-key.
The difficulty with master-key systems is that if the master-key is effectively attacked, the whole
system disintegrated. Likewise, if any of the parties under a specified master-key decides to
attack the system, they can build or intercept all messages during the whole system. Many
compound private-key systems for reducing some of these difficulties have been projected and
used for numerous applications.
With the arrival of public-key systems, secrecy can be preserved without a general master-key
or a large number of keys. Rather, if Bob wants to interact with Alice, Bob sends Alice a session-
key encrypted with Alice’s public key. Alice decrypts the session-key and accesses that over the
phase of the transaction.
These are instances of cryptographic protocols, techniques for communicating while attaining a
specific cryptographic aim. These protocols are accessed initially to deal with key management
and system mishandling difficulties. Many other protocols are applied to eradicate other attacks
on these systems.
8.2.2 Secrecy in Storage
Secrecy in storage is generally preserved by a one-key system where the user offers the key to
the computer at the commencement of a session, and the system then takes concern of encryption
and decryption during the stage of normal use.
Example: Many hardware devices are obtainable for personal computers to robotically
encrypt all information accumulated on disk. When the computer is turned on, the user must
provide a key to the encryption hardware. The information cannot be read significantly without
this key, so even if the disk is stolen, the information on it will not be accessible.
Secrecy in storage has its difficulties. If the user does not remember a key, all of the information
encrypted with it turns out to be enduringly unusable. The information is only encrypted while
in storage, not when in use by the user. This leaves a major hole for the attacker. If the encryption
and decryption are executed in software, or if the key is accumulated somewhere in the system,
the system may be circumvented by an attacker. Backups of encrypted information are frequently
accumulated in plaintext since the encryption method is only functional to certain devices.
106 LOVELY PROFESSIONAL UNIVERSITY
