Skip to main content

MAKING GOOD ENCRYPTION ALGORITHM

MAKING GOOD ENCRYPTION ALGORITHM

So far, the encryption algorithms we have seen are trivial, intended primarily to demonstrate the concepts of substitution and permutation. At the same time, we have examined several approaches cryptanalysts use to attack encryption algorithms. Now we examine algorithms that are widely used in the commercial world.

For each type of encryption we considered, has the advantages and disadvantages. But there is a broader question: What does it mean for a cipher to be "good"? The meaning of good depends on the intended use of the cipher. A cipher to be used by military personnel in the field has different requirements from one to be used in a secure installation with substantial computer support. In this section, we look more closely at the different characteristics of ciphers.

Shannon's Characteristics of "Good" Ciphers

In 1949, Claude Shannon [SHA49] proposed several characteristics that identify a good cipher.

1. The amount of secrecy needed should determine the amount of labor appropriate for the encryption and decryption.

2. The set of keys and the enciphering algorithm should be free from complexity.

This principle implies that we should restrict neither the choice of keys nor the types of plaintext on which the algorithm can work. For instance, an algorithm that works only on plaintext having an equal number of A's and E's is useless. Similarly, it would be difficult to select keys such that the sum of the values of the letters of the key is a prime number. Restrictions such as these make the use of the encipherment prohibitively complex. If the

process is too complex, it will not be used. Furthermore, the key must be transmitted, stored, and remembered, so it must be short.
3. The implementation of the process should be as simple as possible.

Principle 3 was formulated with hand implementation in mind: A complicated algorithm is prone to error or likely to be forgotten. With the development and popularity of digital computers, algorithms far too complex for hand implementation became feasible. Still, the issue of complexity is important. People will avoid an encryption algorithm whose implementation process severely hinders message transmission, thereby undermining security. And a complex algorithm is more likely to be programmed incorrectly.

4. Errors in ciphering should not propagate and cause corruption of further information in the message.

Principle 4 acknowledges that humans make errors in their use of enciphering algorithms. One error early in the process should not throw off the entire remaining ciphertext. For example, dropping one letter in a columnar transposition throws off the entire remaining encipherment. Unless the receiver can guess where the letter was dropped, the remainder of the message will be unintelligible. By contrast, reading the wrong row or column for a polyalphabetic substitution affects only one character and remaining characters are unaffected.


5. The size of the enciphered text should be no larger than the text of the original
message.
The idea behind principle 5 is that a ciphertext that expands dramatically in size cannotpossibly carry more information than the plaintext, yet it gives the cryptanalyst more datafrom which to infer a pattern. Furthermore, a longer ciphertext implies more space for storage and more time to communicate.

Properties of "Trustworthy" Encryption Systems

Commercial users have several requirements that must be satisfied when they select an encryption algorithm. Thus, when we say that encryption is "commercial grade," or "trustworthy," we mean that it meets these constraints:

· It is based on sound mathematics. Good cryptographic algorithms are not just invented; they are derived from solid principles.

· It has been analyzed by competent experts and found to be sound. Even the best cryptographic experts can think of only so many possible attacks, and the developers may become too convinced of the strength of their own algorithm. Thus, a review by critical outside experts is essential.

· It has stood the atest of time.a As a new algorithm gains popularity, people continue to review both its mathematical foundations and the way it builds on those foundations. Although a long period of successful use and analysis is not a guarantee of a good algorithm, the flaws in many algorithms are discovered relatively soon after their release.

We can divide all the cryptography algorithms (ciphers) into two groups: symmetric key cryptography algorithms and asymmetric cryptography algorithms.
       CRYPTOGRAPHY


SYMMETRIC -KEY

ASYMMETRIC-KEY





Categories of Cryptography

1. Symmetric·Key Cryptography

In symmetric-key cryptography, the same key is used by both parties. The sender uses this key and an encryption algorithm to encrypt data; the receiver uses the same key and the corresponding decryption algorithm to decrypt the data

2. Asymmetric-Key Cryptography:

In asymmetric or public-key cryptography, there are two keys: a private key and a public key. The private key is kept by the receiver. The public key is announced to the public.


Comments

Post a Comment

Popular posts from this blog

Principle security There are five principles of security. They are as follows: ·  Confidentiality: The principle of confidentiality specifies that only the sender and the intended recipient should be able to access the content of the message.               Integrity: The confidential information sent by A to B which is accessed by C without the permission or knowledge of A and B.   ·  Authentication: Authentication mechanism helps in establishing proof of identification. ·  Non-repudiation: ·  Access control: Access control specifies and control who can access what. ·  Availability: It means that assets are accessible to authorized parties at appropriate times. Attacks We want our security system to make sure that no data are disclosed to unauthorized parties. Data should not be modified in illegitimate ways   Legitimate user can access the data ...
Post a Comment
Read more

internet security

Introduction Internet security refers to securing communication over the internet. It includes specific security protocols such as: Internet Security Protocol (IPSec) Secure Socket Layer (SSL) Internet Security Protocol (IPSec) It consists of a set of protocols designed by Internet Engineering Task Force (IETF). It provides security at network level and helps to create authenticated and confidential packets for IP layer. Secure Socket Layer (SSL) It is a security protocol developed by Netscape Communications Corporation. ). It provides security at transport layer. It addresses the following security issues: Privacy Integrity Authentication Threats Internet security threats impact the network, data security and other internet connected systems. Cyber criminals have evolved several techniques to threat privacy and integrity of bank accounts, businesses, and organizations. Following are some of the internet security threats: Mobile worms Malware ...
Post a Comment
Read more

Firewell security

Firewall  is a barrier between Local Area Network (LAN) and the Internet. It allows keeping private resources confidential and minimizes the security risks. It controls network traffic, in both directions. The following diagram depicts a sample firewall between LAN and the internet. The connection between the two is the point of vulnerability. Both hardware and the software can be used at this point to filter network traffic. There are two types of Firewall system: One works by using filters at the network layer and the other works by using proxy servers at the user, application, or network layer. Key Points Firewall management must be addressed by both system managers and the network managers. The amount of filtering a firewall varies. For the same firewall, the amount of filtering may be different in different directions.
Post a Comment
Read more