6.2 COMPUTER PROTECTION Cryptography What is cryptography? is the study and practice of hiding information so that only those for whom it is intended can read and process it. Cryptography is most often associated with an ordinary text, called or , into through a process called , and then back again through decryption. Therefore, is the process of transforming information using an or to make it unreadable to anyone except those possessing special knowledge, which is usually referred to as a . The result of the process is encrypted data. is the opposite process, which takes place when the same key is used to convert the data back into its original form. The system is secure because the mathematical algorithm is not easily reversible . Cryptography scrambling plaintext cleartext ciphertext encryption encryption algorithm cipher key Decryption 1 Types of cryptography There are two types of cryptography, which are classified according to the type of key used: : A system that uses a pair of related keys: a recipient’s public key, which is widely distributed, and a private or secret key, which is known only to the recipient. Any person can encrypt a message using the public key of the recipient, but only the holder of the paired private key can decrypt the message encrypted with the public key. are an example of public key cryptography: a message signed with the sender’s private key can be verified by anyone who has access to the sender’s public key. Public key or asymmetrical cryptography Digital signatures is a system that uses the same key for both encryption and decryption. The keys may be identical or there may be a simple transformation. However, the fact that both parties have access to the secret key is one of the main of the system. Private/secret key or symmetrical cryptography 2 drawbacks Objectives of cryptography Modern cryptography has four objectives: : The information cannot be understood by people for whom it was not intended. Confidentiality : The information cannot be altered in storage or in transit between the sender and the intended receiver without the alteration being detected. Integrity : The creator or sender of the information cannot deny at a later stage their intentions in the creation or transmission of the information. Non-repudiation : The sender and receiver can confirm each other’s identity and the origin/destination of the information. Authentication MORE Keys are usually made up of 64 binary digits of which 56 are randomly generated and used directly by the algorithm, while the other 8 bits are used for error detection. 1 MORE Symmetric-key encryption can be either stream ciphers, i.e. the bytes of the message one at a time, or block ciphers, i.e. a number of bits are encrypted as a single unit. 2