Page 109 - DCAP309_INFORMATION_SECURITY_AND_PRIVACY
P. 109

Unit 8: Cryptography and Encryption




              Discuss the concept of digital signature                                         Notes
              Understand cryptographic algorithms

          Introduction

          Information security is an issue that is receiving a growing attention in today’s society and one
          of the main reasons for this is attributable to the Internet phenomena. During the design  of
          Internet, great importance was given to its functionality rather  than other aspects, such  as
          information  security, thus  making it  an inadequate  means  for  certain  applications.  The
          unpredictable success of Internet, however, has not been influenced by it’s own downfalls and it
          has by now proved to be a fundamental tool that cannot be discarded in almost all sectors of
          today’s economy. For this reason great  effort has  been invested in the improvement of  the
          services offered by Internet and one of these is obtained using cryptographic techniques that
          render Internet not only a useful means of doing business, but at times even indispensable. In
          fact, through cryptographic techniques, one can obtain:  secure communication  connections,
          identity proof, electronic signatures (arguably safer than hand signing a check or credit card
          receipt) among other benefits.

          8.1 Cryptography and Encryption

          Internet provides essential communication between tens  of millions of people and is being
          increasingly used as a tool for commerce, security becomes a tremendously important issue to
          deal with.
          There are many aspects to security and many applications, ranging from secure commerce and
          payments to private communications and protecting passwords. One essential aspect for secure
          communications is that of cryptography.

          When your computer sends the information out, it scrambles it by using some key. This scrambled
          information would be gibberish to anyone who didn’t have the correct key to unscramble it at
          the other end.

          When the information reaches its destination, it gets unscrambled by using the key. This lets the
          person or website read the information correctly at the other end.
          Websites that use an encrypted connection use something called SSL (Secure Sockets Layer) to
          secure the information going back and forth. This is how websites like Amazon or your bank
          can ensure your  private information like passwords and credit card numbers are safe from
          prying eyes.
          Cryptography can play many different roles in user authentication. Cryptographic authentication
          systems provide authentication capabilities through the use of cryptographic keys known or
          possessed only by authorized entities.
          Cryptography also supports authentication through its widespread use in other authentication
          systems.


                 Example: Password systems often employ cryptography to encrypt stored password
          files, card/token system often employ cryptography to protect sensitive stored information,
          and hand-held password generators often employ cryptography to generate random, dynamic
          passwords.








                                           LOVELY PROFESSIONAL UNIVERSITY                                   103
   104   105   106   107   108   109   110   111   112   113   114