Page 110 - DCAP309_INFORMATION_SECURITY_AND_PRIVACY
P. 110
Information Security and Privacy
Notes Cryptography is frequently used in distributed applications to convey identification and
authentication information from one system to another over a network. Cryptographic
authentication systems authenticate a user based on the knowledge or possession of a
cryptographic key. Cryptographic authentication systems can be based on either private key
cryptosystems or public key cryptosystems.
Private key cryptosystems use the same key for the functions of both encryption and decryption.
Cryptographic authentication systems based upon private key cryptosystems rely upon a shared
key between the user attempting access and the authentication system.
Public key cryptosystems separate the functions of encryption and decryption, typically using a
separate key to control each function. Cryptographic authentication systems based upon public
key cryptosystems rely upon a key known only to the user attempting access.
Today’s cryptography is more than encryption and decryption. Authentication is as fundamentally
a part of our lives as privacy. We use authentication throughout our everyday lives – when we
sign our name to some document for instance – and, as we move to a world where our decisions
and agreements are communicated electronically, we need to have electronic techniques for
providing authentication.
Cryptography provides mechanisms for such procedures. A digital signature binds a document
to the possessor of a particular key, while a digital timestamp binds a document to its creation
at a particular time. These cryptographic mechanisms can be used to control access to a shared
disk drive, a high security installation, or a pay-per-view TV channel.
The field of cryptography encompasses other uses as well. With just a few basic cryptographic
tools, it is possible to build elaborate schemes and protocols that allow us to pay using electronic
money, to prove we know certain information without revealing the information itself and to
share a secret quantity in such a way that a subset of the shares can reconstruct the secret.
While modern cryptography is growing increasingly diverse, cryptography is fundamentally
based on problems that are difficult to solve. A problem may be difficult because its solution
requires some secret knowledge, such as decrypting an encrypted message or signing some
digital document. The problem may also be hard because it is intrinsically difficult to complete,
such as finding a message that produces a given hash value.
Computer encryption is based on the science of cryptography, which has been used throughout
history. Before the digital age, the biggest users of cryptography were governments, particularly
for military purposes.
Encryption is the transformation of data into a form that is as close to impossible as possible to
read without the appropriate knowledge. Its purpose is to ensure privacy by keeping information
hidden from anyone for whom it is not intended, even those who have access to the encrypted
data. Decryption is the reverse of encryption; it is the transformation of encrypted data back into
an intelligible form.
Encryption and decryption generally require the use of some secret information, referred to as
a key. For some encryption mechanisms, the same key is used for both encryption and decryption;
for other mechanisms, the keys used for encryption and decryption are different.
The existence of coded messages has been verified as far back as the Roman Empire. But most
forms of cryptography in use these days rely on computers, simply because a human-based code
is too easy for a computer to crack.
Encryption is a process of coding information which could either be a file or mail message in
into cipher text a form unreadable without a decoding key in order to prevent anyone except the
intended recipient from reading that data. Decryption is the reverse process of converting
encoded data to its original un-encoded form, plaintext.
104 LOVELY PROFESSIONAL UNIVERSITY
