Application Area of Cryptography

May 21, 2018 | Author: Sanjana Jaiswal | Category: Cryptography, Key (Cryptography), Smart Card, Public Key Cryptography, Authentication


Comments



Description

Cryptography is extremely useful; there is a multitude of applications, many of which are currently in use.A typical application of cryptography is a system built out of the basic techniques. Such systems can be of various levels of complexity. Some of the more simple applications are secure communication, identification, authentication, and secret sharing. More complicated applications include systems for electronic commerce, certification, secure electronic mail, key recovery, and secure computer access. In general, the less complex the application, the more quickly it becomes a reality. Identification and authentication schemes exist widely, while electronic commerce systems are just beginning to be established. However, there are exceptions to this rule; namely, the adoption rate may depend on the level of demand. For example, SSL-encapsulated HTTP (see Question 5.1.2) gained a lot more usage much more quickly than simpler link-layer encryption has ever achieved. The adoption rate may depend on the level of demand. Secure Communication Secure communication is the most straightforward use of cryptography. Two people may communicate securely by encrypting the messages sent between them. This can be done in such a way that a third party eavesdropping may never be able to decipher the messages. While secure communication has existed for centuries, the key management problem has prevented it from becoming commonplace. Thanks to the development of public-key cryptography, the tools exist to create a large-scale network of people who can communicate securely with one another even if they had never communicated before. Identification and Authentication Identification and authentication are two widely used applications of cryptography. Identification is the process of verifying someone's or something's identity. For example, when withdrawing money from a bank, a teller asks to see identification (for example, a driver's license) to verify the identity of the owner of the account. This same process can be done electronically using cryptography. Every automatic teller machine (ATM) card is associated with a ``secret'' personal identification number (PIN), which binds the owner to the card and thus to the account. When the card is inserted into the ATM, the machine prompts the cardholder for the PIN. If the correct PIN is entered, the machine identifies that person as the rightful owner and grants access. Another important application of cryptography is authentication. Authentication is similar to identification, in that both allow an entity access to resources (such as an Internet account), but authentication is broader because it does not necessarily involve identifying a person or entity. Authentication merely determines whether that person or entity is authorized for whatever is in question. For more information on authentication and identification, see Question 2.2.5. Secret Sharing Another application of cryptography, called secret sharing, allows the trust of a secret to be distributed among a group of people. For example, in a (k, n)-threshold scheme, information about a secret is distributed in such a way that any k out of the n people (k e n) have enough information to determine the secret, but any set of k-1 people do not. In any secret sharing scheme, there are designated sets of people whose cumulative information suffices to determine the secret. In some implementations of secret sharing schemes, each participant receives the secret after it has been generated. In other implementations, the actual secret is never made visible to the participants, although the purpose for which they sought the secret (for example, access to a building or permission to execute a process) is allowed. See Question 2.1.9 for more information on secret sharing. Electronic Commerce Over the past few years there has been a growing amount of business conducted over the Internet - this form of business is called electronic commerce or e-commerce. E-commerce is comprised of online banking, online brokerage accounts, and Internet shopping, to name a few of the many applications. One can book plane tickets, make hotel reservations, rent a car, transfer money from one account to another, buy compact disks (CDs), clothes, books and so on all while sitting in front of a computer. However, simply entering a credit card number on the Internet leaves one open to fraud. One cryptographic solution to this problem is to encrypt the credit card number (or other private information) when it is entered online, another is to secure the entire session (see Question 5.1.2). When a computer encrypts this information and sends it out on the Internet, it is incomprehensible to a third party viewer. The web server ("Internet shopping center") receives the encrypted information, decrypts it, and proceeds with the sale without fear that the credit card number (or other personal Other Applications Cryptography is not confined to the world of computers. .1. Secondly. key recovery could prevent a disaster.3.10 for more information on certification. theft. if a law enforcement agency wishes to eavesdrop on a suspected criminal without the suspect's knowledge (akin to a wiretap). This prevents people from stealing (``cloning'') cellular phone numbers and access codes. Certification Another application of cryptography is certification. Key recovery techniques are in use in some instances. the use of key recovery as a law enforcement technique is somewhat controversial. The trusted agents issue vouchers called certificates which each have some inherent meaning. Certification technology was developed to make identification and authentication possible on a large scale. This is useful for two main reasons: first of all. the need for protection against fraud. For instance. and corruption of vital information increases. that is. See Question 7. or guessed.12 for more on key recovery. if a user loses or accidentally deletes his or her key. the agency must be able to recover the key. however. Cryptography is also used in cellular (mobile) phones as a means of authentication. Key Recovery Key recovery is a technology that allows a key to be revealed under certain circumstances without the owner of the key revealing it. Many products supply cryptographic methods for remote access with a higher degree of security. forgotten.information) slipped into the wrong hands. such as users. Another application is to protect phone calls from eavesdropping using voice encryption. stolen. passwords can be eavesdropped. See Question4. it can be used to verify that a particular phone has the right to bill to a particular phone number. As more and more business is conducted over the Internet. The basic system of passwords certainly gives a level of security for secure access. Remote Access Secure remote access is another important application of cryptography. certification is a scheme by which trusted agents such as certifying authorities vouch for unknown agents. but it may not be enough in some cases. and it is not possible or desirable to modify existing communications protocols and equipment. For certain applications.Application area of cryptography Quantum cryptographic systems ensure the absolute and everlasting security of communications across a broad spectrum of end uses. link encryption is mandatory. Some of the most common applications include:        Link encryptors Ultrasecure optical fibre networks Wireless Point to point Free Space Optics Microwave Satellite QKD Uploads Handheld devices Link encryption ensures the secure communication of information in transit through an optical network. Link encryption is necessary when the security of a transmission channel cannot be assured. QuintessenceLabs QKD systems are designed to suit numerous applications. including law enforcement and intelligence. QuintessenceLabs QKD provides ultrasecure communications over:      optical fibre metropolitan area networks direct point to point coverage up to 20 km extended range possible using relay stations tactical last mile fibre optical local area networks (LANs) for in-house high performance security . QuintessenceLabs QKD link encryption operates in real time and is transparent to all higher layer communications protocols. Applications Cryptography or cryptology is a Greek word that means 'hidden'.Wireless systems provide the same ultrasecure encryption of a standard QuintessenceLabs QKD system. The hidden numbers that are a part of sensitive information that is also customer specific in . this system supports longer haul metro line-of-sight data encryption but at a reduced data rate than the free space optics system. rather than on the useable life of its hardware. Current communication & military satellites are launched with a pre-defined encryption key sequence that. Our quantum cryptographic system can also be integrated into handheld devices to transfer secure material. but offer a low cost alternative for short range communications between sites where a dedicated fibre link is not essential. but not their existence. There are two types of wireless systems available: Free Space optics: The free space optics package uses line-of-sight laser transmission between rooftop systems. but incorporating microwave communications instead of lasers. The study also contributes to the development of computer science. Microwave: Similar to free-space optics. Contact us to Home | learn more. Cryptography involves the hiding of the specific meaning of messages. once exhausted cannot be refreshed. It plays a very important role within the spheres authentication and access control. Cryptography is also used in ATM cards and computer passwords and even within the world of electronic commerce. Other modes of operation suitable for defence or national security purposes are available. The verb form of the word. interestingly means 'write' and the term eventually stands for the exclusive study of message secrecy. The science of cryptography involves communication in the presence of adversaries. of information technology. cryptography has become a branch of information theory and is used within a mathematical approach to study the transmission of information from place to place. by means of true one-time pad encryption. Today. This defines the effective life of a satellite to be dependent on the quantity of data transmitted. It is crucial in application in the spheres that involve extensive and sensitive levels of access control and information confidentiality. It even enhances the spheres of engineering and pure mathematics. Using a laser uplink and QuintessenceLabs QKD technology the encryption key database of a satellite can be securely re-keyed thus extending its useable life. particularly in the techniques used in network securities. between handsets without risk of interception. providing true one-time-pad data encryption over a 2km radius. However. or when I raise my eyebrows and tip my head to the door at a party. having broken both wrists. Any of these signings can be flawed through forgery ("The name wasn't written by me"). managerial. If I've labored this. To sign something may usually be to append one's name in holograph. or when I move my hands in particular patterns when conversing with someone who is deaf. not that a particular individual actually signed the item. it's really little better than any o ther form of signature. A related matter is how issues that are not so much technical as social. together with the wider issues of vulnerabilities. Miscellaneous Issues. These are discussed in part 6. Encrypting with an asymmetric key is much slower that using a symmetric key and the usual practice is first to make a message digest and then to encrypt it using one's private key. "Miscellaneous issues." Pretty Good Privacy Invariably known by its initials. fraud ("The seal ring was stolen"). being Whistler. The use of a message digest can be a considerable convenience. although it's important to note that a digital signature verifies that a particular key was used.or. or legal should be handled. depend upon the effective use of cryptography. More contentiously. I might say I sign on occasions when I force a ring into hot sealing wax. The important point is that any signature associates a person with some thing." The essence of the digital signature is encryption using a private key.the application of the various identification codes like the PIN and TIN numbers issued to customers by the credit card companies and the banking institutions. but is not essential. Although a digital signature might seem to provide this. For example. key management. Asymmetric cryptography is vulnerable to misrepresentation. Back to top Combining cryptographic methods Digital signatures Some cryptographers and writers on the subject object to the term "digital signature" for a variety of reasons. misses the point. Transactions often require a guarantee against repudiation. This is the mechanism mentioned in the first article in this series. but the fundamental point is to associate an identifier of some sort with some object or action such that some responsibility is taken by the signer as to the integrity of the relevant thing. both authenticates the document as coming from the holder of that private key and validates the document as being unchanged since it was signed. the matter of authenticating an individual's assertion to be the person claimed and the owner of a particular public key is handled by issuing a certificate. and so on. whether on their own or in combination. and this is also considered in "Miscellaneous issues. misunderstanding ("The woman in front of my friend at the party thought I meant her"). legal aspects." This is perfectly correct but. Matters such as this. use a text sig. such as those considered earlier. it's because it's na? to associate a conventional signature simply with a name in holograph. in my view. this program was developed by Phil Zimmerman to provide secure file storage and e-mail using complementary mechanisms. "The print made later on the blank sheet I signed wasn't mine"). replying to an e-mail. subject to the caveats frequently mentioned.a mechanism involving a third party which ties the signing of a document to a specific time -. misrepresentation (as with Dali. and other related issues are considered in the next article. This one will consider how different kinds of ciphers. This. being illiterate. The original implementation . I put an inky fingerprint on it or. Earlier articles looked at particular cryptographic techniques. including that there are a number of important differences between this process and what is usually understood to be a "signature. That the association might later be shown to be flawed is a quite separate issue.goes a long way towards giving the necessary security. PGP. a digital timestamp -. and the usual way to authenticate the relationship between a given individual and his public key is by issuing what are known as digital certificates. use my foot or mouth to make a suitable mark or. duress ("I was threatened with harm unless I signed"). sketch a butterfly in the corner of a lithograph -. I've just as well signed a document if. have practical application in areas such as digital signing or in popular programs such as PGP. was also open source. addresses the deficiencies.6n. MD5 as the one-way hash function for creating message digests. At the same time. PGP. Optionally. PGP will also create a digital signature using a message digest encrypted with the sender's private key. but it was open to anyone either to modify and compile or to use the published code as a standard against which compatible products could be created. I say this not to encourage paranoia and suspicion. It's quite possible to incorporate some backdoor entry which allows apparently secure messages to be read. for example. which is used to create a session key.509 standard and so.509 and has developed a similar system that. if required. which is functionally equivalent to the algorithms used in PKWare PKZip 2. then they're left alone. Most digital certificates comply with the X. then the hash function employed is SHA. Back to top Covert communication Steganography . it's also potentially vulnerable in being public code. PGP now also offers Triple-DES and CAST as symmetric ciphers.1 is the most recent NAI version. Highware Inc. It also includes algorithms for analyzing and. In a sense the comments about the algorithms used in PGP are misleading. Lastly. N S. Where files are short. letter frequencies can sometimes be used as aids to identification. properly used and with secure files. The session key is then encrypted using the intended recipient's public key and the bundle is sent out. which samples the user's key stroke timings as part of what's required to generate a seed. are interchangeable between different applications. D. This is used to encrypt the plain text. but could be created externally from the published source code. of which there's far too much about already. compressing text interferes with the patterns found in plain text. in its view. Similarly. apart from being free. O. the significant frequency order of letters is E. PGP. Anyone can generate a copy of what purports to be PGP and then make that available for distribution. T. There has also been a shift from RSA to new forms. The compression utility used is the freeware ZIP program. Earlier versions. but simply to point out that it's prudent to take steps to be confident of the integrity of your copy of PGP whether it comes from an NAI reseller or from some other trusted source. using the symmetric cipher. However. If you're thinking of following that route to develop your own version then you're free to do so without paying a license fee to NAI although you will have to agree license fees with any patent holders whose ciphers you use (such as IDEA and RSA in certain countries). In much English text. or don't have the capability to compress well. passwords and passphrases is effectively unbreakable. however. Compressing text saves disk space and transmission time.used IDEA as the symmetric cipher. Further. H. PGP includes a pseudo-random number generator (PRNG). This is free for private. PGP has criticisms of aspects of X. PGP Inc. These still require a license fee to be paid to NAI for commercial use as do versions created from the standard PGP source code (such as version 5. which now charges license fees for commercial use of PGP. of Belgium offer a Mac product called SafeMail which is a PGP-compatible product created from the OpenPGP specifications. some of which are considered in Miscellaneous Issues. are widely available and preferred by many users suspicious of later involvement by a commercial organization. complying with the NIST Digital Signature Scheme (DSS) -. As with all other cryptographic products. it's vulnerable to a variety of attacks. L. The situation was -. R. to a some extent. It wasn't quite open source in the way that term is currently understood. PGP supports both PGP and X. U (the list used in the Soundex algorithm) this vanishes once the text is compressed. subsequently compressing text.0i and 5. MD5 has been replaced as the hash function except where RSA continues to be used. mostly variation on 2. I. PGP uses the PRNG to generate a seed. These will vary from language to language and within particular languages according to document type. and RSA as the asymmetric cipher. However. issues surrounding PGP have gotten somewhat confused as a result of developments since the program appeared in 1991. A.5i ). are already compressed.5. A wide range of PGP versions exist of which PGP 6. but will almost always be present and can be exploited by a knowledgeable cryptanalyst. was bought in 1997 and is now owned by Network Associates (NAI).509 formats. when DSS is used. non-commercial use. assuming that the resultant cipher text is always smaller than cipher text from uncompressed plain text. This is known as the PGP certificate format and is also considered later.complicated by US regulations on the export of cryptography which meant that US-created versions of PGP could not legally be exported from the US as binaries.and even now. theoretically at least. still is -. However.although RSA is still supported. Pictures and music used for this purpose need to be appropriate. At specified intervals. The user combines this in some way with an agreed-upon secret code and enters this wherever a passcode is needed. Thinkpulse has taken the innovative approach of developing a standard run-time engine that software developers can target for different applications and different card types. These include fingerprint identification. In all cases. an important requirement for smartcard use. they take a finite amount of time to break. subscription readers for TV or video. Examples include French credit cards (now used increasingly in other European countries). the major risks come not in breaking the encryption (although that's often pretty straightforward in the case of steganography) but from human error. although this situation is changing. But if he's working at one firm and regularly bats the same picture back and forth to a colleague at a competitor's. Smartcards require readers in the form of POS terminals. or non-printing characters can be brought into a data stream. being written on a note taped to a desk or monitor).S. then that's asking for trouble. As with all cryptographic techniques. provisionally selected for AES (qv). and more. hand geometry measurement. One benefit of the Rijndael cipher. the token calculates and displays a new code.Steganography is a method of hiding messages in innocent artifacts. Data is also frequently hidden in complex files. Information may need to be exchanged without its being obvious that this is happening. If an artist or photographer sends and receives images with one advertising agency. iris and retina scanning. building entry systems. with some systems being far more accurate than others. combines it in the specified way with its copy of the user's secret code and allows access if the two passcodes match. They vary greatly in reliability and in how intrusive and acceptable they are in use. The great advantage of biometric systems is that the identification token is unique (even if the interpretation might be faulty) and always present. and so on. many building access cards. that have limited processing power in the form of a specialized computer chip. RSA Security's SecurID uses a battery-powered hand-held device known as a token. Biometrics Biometrics denotes a wide range of techniques for authenticating an individual by reference to personal physical characteristics. some kind of encryption is used to authenticate the holder or to allow access to particular areas or for particular periods of time. These systems are increasingly used in conjunction with . This stores the current time and holds a 64-bit value unique to that token. typically every minute. Smartcards Smartcards are devices. computer access readers. or exchanging printed books where the message is picked out according to a particular formula. An authentication server independently computes the token code for that particular time interval. inking on to a messenger's shaved scalp something later hidden by the regrown hair. Several companies are now developing toolkits and APIs that allow developers to produce applications for specific smartcard use. GSM SIM cards. Invariably there's a trade-off between false acceptance and false refusal. Back to top Security mechanisms SecurID Passwords and codes are used to secure important data. One recent report suggested that there were 420 million smartcards in use worldwide at the beginning of 2000. which is based in the US but formed by a group of French origin. voice or face recognition. In non-computer terms this can mean writing messages in invisible ink for later retrieval. Smartcards are far more widely deployed in Europe than they are in the U. that's fine. Assuming they are not compromised (by. is that it's very small. If it's a techno clip it's unlikely anyone would notice anyway.. locations. and so on. Various products use this as a partial defense by linking a passcode to a physical device and changing the key at short intervals. In computer data streams. typically in credit card form. for example. One such company is Thinkpulse. and the like against unauthorized access. ATMs. the high-orders bit can variously be set or cleared. and that number is expected to grow to some four billion by 2005. perhaps those of pictures or music where there's usually a considerable amount of redundancy such that including other material typically will have very little obvious effect. Applications such as PGP and its various clones can now be used by private individuals and businesses alike to ensure that the same objectives are met. familiar.K. In addition. in the form of electronic cash. the common factor with all such systems is the importance of cryptographically secure mechanisms for confirming the integrity of the amounts stored or transferred. and sometimes of the authentication of one or both parties. as is the case with physical cash. or work in conjunction with conventional cryptosystems. Prepaid phone cards are another form of stored value cards. often to authenticate the identity of a given person as an individual or as someone with authority to do something or be somewhere. making this an area of increasing importance. They're also used to hide data from public view or to ensure that the integrity of the data has not been compromised. however. Back to top Conclusion Cryptosystems are becoming vital in practical applications. money is a store of value. with very mixed results in Swindon. Back to top Electronic transfer of value Among other things. Small-value payments are likely to grow. perhaps in conjunction with short range wireless connectivity. needs to be capable of being spent only once by whoever at that point has the authority to spend it. Subject to the risks of counterfeiting. and secure means of exchange. theft. electronic money tokens need to be anonymous. or loss. which I then exchange for something I want. Once things become electronic. U. . and these are widely used in Japan. It was tested. SET was mentioned earlier as being a secure bank card information transfer system. Again. Mondex is the name given to a system where currency is stored in smartcards periodically topped up from some other store. I do something that gains me more of this store. one problem here was apparently caused later when the bank consortium decided to charge users for the use for the use of the cards. currency is a useful.. and where the card can be used to make small purchases. such as a bank account. as no tangible evidence exists and all parties need to be assured that the integrity of the transactions hasn't been compromised. Money. and thus diminish the stored value.smartcard systems and can often replace password-based authentication. it's very different. so using mobile phones or PDAs. and this introduces new difficulties in authentication schemes.
Copyright © 2024 DOKUMEN.SITE Inc.