Skip to main content

PRIVATE KEY CRYPTO SYSTEM

PRIVATE KEY CRYPTO SYSTEM


Symmetric encryption (also called private-key encryption or secret-key encryption) involves using the same key for encryption and decryption.



Encryption involves applying an operation (an algorithm) to the data to be encrypted using the private key to make them unintelligible. The slightest algorithm (such as an exclusive OR) can make the system nearly tamper proof (there being so such thing as absolute security).

However, in the 1940s, Claude Shannon proved that to be completely secure, private-key systems need to use keys that are at least as long as the message to be encrypted. Moreover, symmetric encryption requires that a secure channel be used to exchange the key, which seriously diminishes the usefulness of this kind of encryption system.

The main disadvantage of a secret-key cryptosystem is related to the exchange of keys. Symmetric encryption is based on the exchange of a secret (keys). The problem of key distribution therefore arises:

Moreover, a user wanting to communicate with several people while ensuring separate confidentiality levels has to use as many private keys as there are people. For a group of N people using a secret-key cryptosystem, it is necessary to distribute a number of keys equal to N * (N-1) / 2.

In the 1920s, Gilbert Vernam and Joseph Mauborgne developed the One-Time Pad method (sometimes called "One-Time Password" and abbreviated OTP), based on a randomly generated private key that is used only once and is then destroyed. During the same period, the Kremlin and the White House were connected by the famous red telephone, that is, a



telephone where calls were encrypted thanks to a private key according tothe one-time pad method. The private key was exchanged thanks to the diplomatic bag (playing the role ofsecure channel).



An important distinction in symmetric cryptographic algorithms is between stream and block ciphers.

Stream cipher: Stream ciphers convert one symbol of plaintext directly into a symbol of ciphertext.

Advantages:

· Speed of transformation: algorithms are linear in time and constant in space.

· Low error propogation: an error in encrypting one symbol likely will not affect subsequent symbols.

Disadvantages:

· Low diffusion: all information of a plaintext symbol is contained in a single ciphertext symbol.

· Susceptibility to insertions/ modifications: an active interceptor who breaks the algorithm might insert spurious text that looks authentic.

Block ciphers: It encrypt a group of plaintext symbols as one block.

Advantages:

· High diffusion: information from one plaintext symbol is diffused into several ciphertext symbols.

· Immunity to tampering: difficult to insert symbols without detection.

Disadvantages:

· Slowness of encryption: an entire block must be accumulated before encryption / decryption can begin.

· Error propagation: An error in one symbol may corrupt the entire block.

Simple substitution is an example of a stream cipher. Columnar transposition is a block cipher.

Comments

Post a Comment

Popular posts from this blog

Principle security There are five principles of security. They are as follows: ·  Confidentiality: The principle of confidentiality specifies that only the sender and the intended recipient should be able to access the content of the message.               Integrity: The confidential information sent by A to B which is accessed by C without the permission or knowledge of A and B.   ·  Authentication: Authentication mechanism helps in establishing proof of identification. ·  Non-repudiation: ·  Access control: Access control specifies and control who can access what. ·  Availability: It means that assets are accessible to authorized parties at appropriate times. Attacks We want our security system to make sure that no data are disclosed to unauthorized parties. Data should not be modified in illegitimate ways   Legitimate user can access the data ...
Post a Comment
Read more

internet security

Introduction Internet security refers to securing communication over the internet. It includes specific security protocols such as: Internet Security Protocol (IPSec) Secure Socket Layer (SSL) Internet Security Protocol (IPSec) It consists of a set of protocols designed by Internet Engineering Task Force (IETF). It provides security at network level and helps to create authenticated and confidential packets for IP layer. Secure Socket Layer (SSL) It is a security protocol developed by Netscape Communications Corporation. ). It provides security at transport layer. It addresses the following security issues: Privacy Integrity Authentication Threats Internet security threats impact the network, data security and other internet connected systems. Cyber criminals have evolved several techniques to threat privacy and integrity of bank accounts, businesses, and organizations. Following are some of the internet security threats: Mobile worms Malware ...
Post a Comment
Read more

Firewell security

Firewall  is a barrier between Local Area Network (LAN) and the Internet. It allows keeping private resources confidential and minimizes the security risks. It controls network traffic, in both directions. The following diagram depicts a sample firewall between LAN and the internet. The connection between the two is the point of vulnerability. Both hardware and the software can be used at this point to filter network traffic. There are two types of Firewall system: One works by using filters at the network layer and the other works by using proxy servers at the user, application, or network layer. Key Points Firewall management must be addressed by both system managers and the network managers. The amount of filtering a firewall varies. For the same firewall, the amount of filtering may be different in different directions.
Post a Comment
Read more