3.

5 SECURITY AHMED THAKUR

3.5.1 ASYMMETRIC KEYS AND ENCRYPTION METHODS

 show understanding of the terms: public key, private key, plain text, cipher text, encryption and
asymmetric key cryptography

Data Encryption and Decryption.

Encryption is the process of translating plain text data (plaintext) into something that appears to be
random and meaningless (ciphertext).

Decryption is the process of converting ciphertext back to plaintext. To encrypt more than a small
amount of data, symmetric encryption is used.

Cryptography
Cryptography or cryptology; from Greek is the practice and study of techniques for secure
communication in the presence of third parties called adversaries.

Adversary
In cryptography, an adversary (rarely opponent, enemy) is a malicious entity whose aim is to prevent
the users of the cryptosystem from achieving their goal (primarily privacy, integrity, and availability
of data). An adversary's efforts might take the form of attempting to discover secret data, corrupting
some of the data in the system, spoofing the identity of a message sender or receiver, or forcing
system downtime

Encryption
In cryptography, encryption is the process of encoding messages or information in such a way that
only authorized parties can read it. Encryption does not of itself prevent interception, but denies the
message content to the interceptor. In an encryption scheme, the intended communication
information or message, referred to as plaintext, is encrypted using an encryption algorithm,
generating ciphertext that can only be read if decrypted. For technical reasons, an encryption
scheme usually uses a pseudo-random encryption key generated by an algorithm.

Decryption
Decryption is the reverse, in other words, moving from the unintelligible ciphertext back to plaintext.
A cipher (or cypher) is a pair of algorithms that create the encryption and the reversing decryption.
The detailed operation of a cipher is controlled both by the algorithm and in each instance by a
"key". The key is a secret (ideally known only to the communicants), usually a short string of
characters, which is needed to decrypt the ciphertext.

Encryption Key
In cryptography, a key is a piece of information (a parameter) that determines the functional output
of a cryptographic algorithm or cipher. Without a key, the algorithm would produce no useful result.
In encryption, a key specifies the particular transformation of plaintext into ciphertext, or vice versa

COMPUTER SCIENCE https://www.facebook.com/groups/OAComputers/

ahmed_thakur@hotmail.com, 0300-8268885 Page 1
9608
 3.5 SECURITY AHMED THAKUR

3.5.1 ASYMMETRIC KEYS AND ENCRYPTION METHODS

during decryption. Keys are also used in other cryptographic algorithms, such as digital signature
schemes and message authentication codes.

Public Key
Public key is known to everyone.

Private Key
Private or secret key known only to the recipient of the message.

ENCRYPTION
Encryption is the most effective way to achieve data security. To read an encrypted file, you must
have access to a secret key or password that enables you to decrypt it.
 Unencrypted data is called plain text ;
 encrypted data is referred to as cipher text.

This is an example of ordinary text:

Humpty Dumpty sat on a wall.

Humpty Dumpty had a big fall.

This is what an encrypted code for the text would look like:

lj86ik,£lj)ay%9w2+m?lsild171724

jkd2f*hkdfh7$171kjfh7d1h4d

You obviously have to keep the "secret keys" safe from prying eyes.

Plain Text - Refers to textual data in ASCII format. Plain text is the most portable format because it is
supported by nearly every application on every machine. It is quite limited, however, because it
cannot contain any formatting commands. In cryptography, plain text refers to any message that is
not encrypted.

Cypher Text - Data that has been encrypted. Cipher text is unreadable until it has been converted
into plain text (decrypted) with a key.

Types of Encryption
 Symmetric Encryption - A type of encryption where the same key is used to encrypt and decrypt
the message. This differs from asymmetric (or public-key) encryption, which uses one key to
encrypt a message and another to decrypt the message.

 Asymmetric Encryption - A cryptographic system that uses two keys -- a public key known to
everyone and a private or secret key known only to the recipient of the message. When John
wants to send a secure message to Jane, he uses Jane's public key to encrypt the message.
Jane then uses her private key to decrypt it.

An important element to the public key system is that the public and private keys are related in
such a way that only the public key can be used to encrypt messages and only the
corresponding private key can be used to decrypt them. Moreover, it is virtually impossible to
deduce the private key if you know the public key.

Encryption Key Length

The number of binary digits, or bits, in an encryption algorithm’s key. Key length is sometimes used to
measure the relative strength of the encryption algorithm (i.e., the longer the key length, the more
difficult the key is to decode.

COMPUTER SCIENCE https://www.facebook.com/groups/OAComputers/

ahmed_thakur@hotmail.com, 0300-8268885 Page 2
9608
 3.5 SECURITY AHMED THAKUR

3.5.1 ASYMMETRIC KEYS AND ENCRYPTION METHODS

The strength of encryption is related to the difficulty of discovering the key, which in turn depends on
both the cipher used and the length of the key. For example, the difficulty of discovering the key for
the RSA cipher most commonly used for public-key encryption depends on the difficulty of factoring
large numbers, a well-known mathematical problem.

Encryption strength is often described in terms of the size of the keys used to perform the encryption:
in general, longer keys provide stronger encryption. Key length is measured in bits. For example, 128-
bit keys for use with the RC4 symmetric-key cipher supported by SSL provide significantly better
cryptographic protection than 40-bit keys for use with the same cipher. Roughly speaking, 128-bit
RC4 encryption is 3 x 1026 times stronger than 40-bit RC4 encryption.

 show understanding of how the keys can be used to send a private message from the public to
an individual/organisation

 show understanding of how the keys can be used to send a verified message to the public

Also known as asymmetric-key encryption, public-key encryption uses two different keys at once --
a combination of a private key and a public key.

The private key is known only to your computer, while the public key is given by your computer to
any computer that wants to communicate securely with it. To decode an encrypted message, a
computer must use the public key, provided by the originating computer, and its own private key.
Although a message sent from one computer to another won't be secure since the public key used
for encryption is published and available to anyone, anyone who picks it up can't read it without the
private key. The key pair is based on prime numbers (numbers that only have divisors of itself and
one, such as 2, 3, 5, 7, 11 and so on) of long length. This makes the system extremely secure, because
there is essentially an infinite number of prime numbers available, meaning there are nearly infinite
possibilities for keys. One very popular public-key encryption program is Pretty Good Privacy (PGP),
which allows you to encrypt almost anything.

 The sending computer encrypts the document with a symmetric key,

 The sending computer then encrypts the symmetric key with the public key of the receiving
computer.
 The receiving computer uses its private key to decode the symmetric key.
 It then uses the symmetric key to decode the document.

To implement public-key encryption on a large scale, such as a secure Web server might need,
requires a different approach. This is where digital certificates come in.

A digital certificate is basically a unique piece of code or a large number that says that the Web
server is trusted by an independent source known as a certificate authority. The certificate authority
acts as a middleman that both computers trust. It confirms that each computer is in fact who it says
it is, and then provides the public keys of each computer to the other.

How Encryption works

1. A File is created
2. The file is encrypted using symmetric key encryption
3. The symmetric key is encrypted using the receiving computer’s public key.
4. Both encrypted items (file and symmetric key) are sent to the receiving computer.
5. The receiving computer uses its private key to decode the symmetric key.
6. The receiving computer then uses the included symmetric key to decode the original file.
7. The recipient is able to view the contents of file.

Protocol

COMPUTER SCIENCE https://www.facebook.com/groups/OAComputers/

ahmed_thakur@hotmail.com, 0300-8268885 Page 3
9608
 3.5 SECURITY AHMED THAKUR

3.5.1 ASYMMETRIC KEYS AND ENCRYPTION METHODS

Protocol is an agreed-upon format for transmitting data between two devices. It determines type of
error checking and data compression used.

The TCP/IP Internet protocols, a common example, consist of:

 Transmission Control Protocol (TCP), which uses a set of rules to exchange messages with other
Internet points at the information packet level

 Internet Protocol (IP), which uses a set of rules to send and receive messages at the Internet
address level

 Additional protocols that include the Hypertext Transfer Protocol (HTTP) and File Transfer
Protocol (FTP), each with defined sets of rules to use with corresponding programs elsewhere on
the Internet

There are many other Internet protocols, such as the Border Gateway Protocol (BGP) and the
Dynamic Host Configuration Protocol (DHCP).

The word protocol comes from the Greek protocollon, meaning a leaf of paper glued to a
manuscript volume that describes the contents.

 HTTP
The Hypertext Transfer Protocol (HTTP) is an application protocol for distributed, collaborative,
hypermedia information systems. HTTP is the foundation of data communication for the World
Wide Web. Hypertext is structured text that uses logical links (hyperlinks) between nodes
containing text.

 HTTPS
Hypertext Transfer Protocol Secure (HTTPS) is a combination of the Hypertext Transfer Protocol
with the SSL/TLS protocol to provide encrypted communication and secure identification with a
network web server.

 Secure Socket Layer (SSL)

Secure Sockets Layer (SSL) is a protocol for transmitting private documents via the Internet. SSL
uses a cryptographic system that uses two keys to encrypt data.

Features of SSL
 secure your data transport - – secure tunnel for applications
 provide secured access to protected content (intranet usage) – better authentication
mechanisms
 protect from some types of spoofing attacks – handshake needs interaction
 the key itself is encrypted using strong encryption

 Transport Layer Security (TLS)

Transport Layer Security (TLS) is a protocol that ensures privacy between communicating
applications and their users on the Internet. When a server and client communicate, TLS ensures
that no third party may eavesdrop or tamper with any message. TLS is the successor to the Secure
Sockets Layer (SSL).

Features of TLS
 Message encryption - TLS uses Public Key Infrastructure (PKI) to encrypt messages from mail
server to mail server. This encryption makes it more difficult for hackers to intercept and read
messages.

Authentication - TLS supports the use of digital certificates to authenticate the receiving servers. Any
certificate is supported, included self-signed certificates. Authentication of sending servers is not
always necessary in TLS. This process verifies that the receivers (or senders) are who they say they are,

COMPUTER SCIENCE https://www.facebook.com/groups/OAComputers/

ahmed_thakur@hotmail.com, 0300-8268885 Page 4
9608
 3.5 SECURITY AHMED THAKUR

3.5.1 ASYMMETRIC KEYS AND ENCRYPTION METHODS

which helps to prevent spoofing. Advanced options include the ability to verify proper certificate
form, domain names, and certificate authority.

COMPUTER SCIENCE https://www.facebook.com/groups/OAComputers/

ahmed_thakur@hotmail.com, 0300-8268885 Page 5
9608