Monday, 21 September 2015

A brief guide to cryptosystems

Cryptosystem Functions

  • Privacy/confidentiality: Ensuring that no one can read the message except the intended receiver.
  • Authentication: The process of proving one's identity.
  • Integrity: Assuring the receiver that the received message has not been altered in any way from the original.
  • Non-repudiation: A mechanism to prove that the sender really sent this message.
  • Key exchange: The method by which crypto keys are shared between sender and receiver.

Cryptosystem Algorithms

Each cryptosystem defines three algorithms:
  • key(s) generation
    • key size (length)
    • expiration date
  • encryption
  • decryption

Cryptosystem types

  • Symmetric Encryption (Secret Key Cryptography)
    • Uses a single key for both encryption and decryption
    • Sender uses the key to encrypt the plaintext and sends the ciphertext to the receiver. The receiver applies the same key to decrypt the message and recover the plaintext.
    • Key must be known to both the sender and the receiver; that, in fact, is the secret
    • The biggest difficulty with this approach, of course, is the distribution of the key
    • Used for:
      • privacy/confidentiality
    • Types:
      • stream ciphers
      • block ciphers
    • Algorithms:
      • AES (Rijndael)
    • ...
  • Asymmetric Encryption (Public Key Cryptography)
    • Uses one key for encryption and another for decryption
    • Used for:
      • authentication
      • non-repudiation
      • key exchange
    • Algorithms:
      • RSA (Rivest, Shamir and Adleman) (PKCS#1) 
      • Diffie–Hellman key exchange protocol
      • PGP
      • GPG (GnuPG)
      • SSL/TLS
      • SSH
    • ...
  • Hash Functions (Message Digests, One-way Encryption)
    • Use a mathematical transformation to irreversibly "encrypt" information, providing a digital fingerprint
    • Use no key 
    • Fixed-length hash value is computed based upon the plaintext that makes it impossible for either the contents or length of the plaintext to be recovered
    • Used for:
      • message integrity. Examples:
        • ensure the integrity of a file; provide a digital fingerprint of a file's contents, often used to ensure that the file has not been altered by an intruder or virus
        • encrypt passwords
    • Algorithms:
      • Message Digest (MD) algorithms
        • byte-oriented algorithms that produce a 128-bit hash value from an arbitrary-length message
        • Algorithms:
          • MD2
          • MD4
          • MD5
            • weaknesses in the algorithm were demonstrated
      • Secure Hash Algorithm (SHA)
        • SHA-1
          • produces a 160-bit hash value
          • deprecated by NIST
        • SHA-2
          • SHA-1 plus
          • SHA-224
          • SHA-256
            • produces a 256-bit (32-byte) hash value, typically rendered as a hexadecimal number, 64 digits long
          • SHA-384
          • SHA-512
        • SHA-3
          •  Keccak 


1 comment:

micheal pan said...

BE SMART AND BECOME RICH IN LESS THAN 3DAYS....It all depends on how fast 
you can be to get the new PROGRAMMED blank ATM card that is capable of
hacking into any ATM machine,anywhere in the world. I got to know about 
this BLANK ATM CARD when I was searching for job online about a month 
ago..It has really changed my life for good and now I can say I'm rich and 
I can never be poor again. The least money I get in a day with it is about 
$50,000.(fifty thousand USD) Every now and then I keeping pumping money 
into my account. Though is illegal,there is no risk of being caught 
,because it has been programmed in such a way that it is not traceable,it 
also has a technique that makes it impossible for the CCTVs to detect 
you..For details on how to get yours today, email the hackers on : ( ). Tell your 
loved once too, and start to live large. That's the simple testimony of how 
my life changed for good...Love you all ...the email address again is ;