Scribd
Upload
9 views5 pages

GIF325

Uploaded by

haloimems
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
9 views5 pages

GIF325

Uploaded by

haloimems
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 5

Cryptography and its Types

Definition
What is Cryptography

Cryptography is technique of securing information and communications through use of codes


so that only those person for whom the information is intended can understand it and process
it. Thus preventing unauthorized access to information. The prefix “crypt” means “hidden”
and suffix graphy means “writing”.
In Cryptography the techniques which are used to protect information are obtained from
mathematical concepts and a set of rule based calculations known as algorithms to convert
messages in ways that make it hard to decode it. These algorithms are used for cryptographic
key generation, digital signing, and verification to protect data privacy, web browsing on
internet and to protect confidential transactions such as credit card and debit card transactions.
Techniques used For Cryptography:

In today’s age of computers cryptography is often associated with the process where an
ordinary plain text is converted to cipher text which is the text made such that intended receiver
of the text can only decode it and hence this process is known as encryption. The process of
conversion of cipher text to plain text this is known as decryption

Features of Cryptography are as follows:

1. Confidentiality:

Information can only be accessed by the person for whom it is intended and no other
person except him can access it.

2. Integrity:

Information cannot be modified in storage or transition between sender and intended


receiver without any addition to information being detected.

3. Non-repudiation:

The creator/sender of information cannot deny his or her intention to send information at
later stage.

4. Authentication:

The identities of sender and receiver are confirmed. As well as destination/origin of


information is confirmed.

Types of Cryptography:

In general there are three types of cryptography:

1. Symmetric Key Cryptography:

It is an encryption system where the sender and receiver of message use a single
common key to encrypt and decrypt messages. Symmetric Key Systems are faster and
simpler but the problem is that sender and receiver have to somehow exchange key in a
secure manner. The most popular symmetric key cryptography system is Data
Encryption System (DES).
2. Hash Functions:

There is no usage of any key in this algorithm. A hash value with fixed length is calculated
as per the plain text which makes it impossible for contents of plain text to be recovered.
Many operating systems use hash functions to encrypt passwords.
3. Asymmetric Key Cryptography:

Under this system a pair of keys is used to encrypt and decrypt information. A public key
is used for encryption and a private key is used for decryption. Public key and Private
Key are different. Even if the public key is known by everyone the intended receiver can
only decode it because he alone knows the private key.

TYPES OF ATTACKS OR SECURITY ATTACKS


A useful means of classifying security attacks are classified into two types, passive attack and
active attack. A passive attack attempts to learn or make use of information from the system
but does not affect system resources, whereas active attack attempts to alter system resources
or affect their operation.

PASSIVE ATTACKS
Passive attacks are in the nature of eavesdropping(spy) on, or monitoring of transmissions.
The goal of the opponent is to obtain information that is being transmitted. Two types of passive
attacks are the 'Release of Message Content' and 'Traffic Analysis'.
1. Release of Message
The 'release of message contents' is easily understood. A telephone conversation, an
electronic mail message, and a transferred file may contain sensitive or confidential
information. We would like to prevent an opponent from learning the contents of these
transmissions.

2. Traffic Analysis

Traffic Analysis

Here, suppose we had a way of making the contents of messages or other information
traffic so that opponents, event if they captured the message, could not extract the information
from the message. The common technique for masking contents is encryption. If we had
encryption protection in place, an opponent could determine the location and identity of
communicating hosts and could observe the frequency and length of messages being
exchanged. This information might be useful in guessing the nature of the communication that
was taking place.

ACTIVE ATTACKS
Active attacks involve some modification of the data stream or the creation of a false stream
and can be subdivided into four categories: Masquerade, Replay, Modification of Messages,
and Denial of Service.

1. Masquerade.

A 'masquerade' takes place when one entity pretends to be a different entity. A


masquerade attack usually includes one of the other forms of active attack. For example,
authentication sequence has taken place, thus enabling few privilege to obtain extra privilege
by pretending an entity that has those privileges.

2. Replay.

Replay involve the passive capture of a data unit and its subsequent retransmission to
produce an authorized effect.

3. Modification of messages.
It simply means that some portion of a authorized message is altered, or that messages
are delayed or reordered, to produce an unauthorized effect. For example, a ,message meaning
"Allow Virat to read confidential file accounts" is changed to "Allow Dhoni to read confidential
file accounts".

4. Denial of Service.

It prevents or inhibits the normal use or management of communication facilities. This


attack may have a specific target; for example, an entity may suppress all messages directed to
a particular destination. Another form of service denial is the disruption of an entire network,
either by disabling the network or by overloading it with messages so as to degrade
performance.

You might also like